When the process starts, we will now load all static hosts and leases
and reload Unbound to have a defined state to start with.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from version 11.0.6 to 13.0.4
- Update of rootfile
- Version 13.x has now been released for 12 months so updating the File Daemon to 13.x
should be good.
- Version 11.x was released 40 months ago.
- Changelog
The changes are all related to the Director and the Storage Daemon. The changelog states
that older file daemons "should" be compatible with 13.x DIR & SD. This change ensures
IPfire "is" compatible with the 13.x DIR & SD.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
- I realised that the previous patch for update.sh related to the ipblocklist removal
of ALIENVAULT and SPAMHAUS_EDROP only removed the SPAMHAUS_EDROP setting. It makes sense
to add SPAMHAUS_DROP to the settings file if SPAMHAUS_EDROP was previously used and
SPAMHAUS_DROP was not selected.
- This patch adds the above change.
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Suricata will complain if it cannot read its own configuration file,
hence read-only access to /etc/suricata must be allowed. Since the list
applies to directories, rather than files, restricting read access to
only /usr/share/misc/magic.mgc is not possible; reading /usr/share/misc
must be allowed instead.
Fixes: #13645
Tested-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
This patch catches any errors if the file did not previously exist and
therefore skips the comparison.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
This patches changes that leases will always be written in
alphanumerical order so that we can later compare the newly generated
file with the previous version. If it has not changed, we skip reload
Unbound.
Suggested-by: Nick Howitt <nick@howitts.co.uk>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
This change no longer renames the file, but removes the old link and
creates a new link for the temporary file. That helps us to jump out of
the code at any point without worrying about cleaning up the temporary
file.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Changelog according to the tarball's NEWS file:
- Improvements
- Use any hash algo known by kernel/openssl instead of keep needing
to update the mapping
- Teach kmod to load modprobe.d/depmod.d configuration from ${prefix}/lib
and allow it to be overriden during build with --with-distconfdir=DIR
- Make kernel modules directory configurable. This allows distro to
make kmod use only files from /usr regardless of having a compat
symlink in place.
- Install kmod.pc containing the features selected at build time.
- Install all tools and symlinks by default. Previously kmod relied on
distro packaging to set up the symlinks in place like modprobe,
depmod, lsmod, etc. Now those symlinks are created by kmod itself
and they are always placed in $bindir.
- Bug Fixes
- Fix warnings due to -Walloc-size
- Others
- Drop python bindings. Those were not update in ages and not compatible
with latest python releases.
- Cleanup test infra, dropping what was not used anymore
- Drop experimental tools `kmod insert` / `kmod remove`. Building those
was protected by a configure option never set by distros. They also
didn't gain enough traction to replace the older interfaces via
modprobe/insmod/rmmod.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Reviewed-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
The web UI is rather slow and one of the reasons for that is that we are
reading the same files over and over again...
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Since we no longer support other themes, the web UI should load quicker
if not importing too many other files.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
