musl 1.2.0 switched to use 64-bit time_t everywhere, including 32-bit
architectures, causing garbage values to be printed from ppswatch and
ppstest.
Use the correct format string for the affected printf statements and
explicitly cast to long long to avoid potential compatibility issues
with 32-bit glibc.
Signed-off-by: Matt Merhar <mattmerhar@protonmail.com>
Dysk is a command-line tool designed for efficient file and directory management in Unix-like environments
Signed-off-by: Facundo Acevedo <facevedo@disroot.org>
Introduce local syntax highlighting support for ucode scripts, like
it is done already for uci configuration files.
Ref: https://github.com/jow-/ucode/issues/178
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
This renames the package to mpremote and moves it into utils, as this is
a command-line utility and not a Python/MicroPython library.
This also adds a test.sh script for the packages feed CI.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
In order to build additional acpi tables during the build process, this
package needs to be build for the host.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
contaiNERD CTL - Docker-compatible CLI for containerd,
with support for Compose, Rootless, eStargz, OCIcrypt, IPFS, ...
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
no functional changes from catatonit 0.1.7, but license change
from GPL-3.0-or-later to GPL-2.0-or-later.
Switch package source to release version from git commit version.
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
Bugfixes
- Fixed a bug involving non-English locales of Windows where machine installs using user-mode networking were rejected due to erroneous version detection (#20209).
- Fixed a regression in --env-file handling (#19565).
- Fixed a bug where podman inspect would fail when stat'ing a device failed.
API
- The network list compat API endpoint is now much faster (#20035).
Openwrt updates: added patch to allow building with musl-1.2.4
Patch source is from gentoo c4c349f11a/app-containers/podman/files/podman-4.5.0-fix-build-with-musl-1.2.4.patch
Issue was discussed by @jefferyto at mattn/go-sqlite3#1177
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
This allows cargo to use make's jobserver when building packages, by
marking the cargo command as recursive (with the + prefix[1]) and
setting MAKEFLAGS.
This also:
* Give cargo/x.py the build directory instead of having to change the
current directory (and opening subshells)
* Set PKG_BUILD_PARALLEL/HOST_BUILD_PARALLEL for Rust packages to enable
the use of make's jobserver
[1]: https://www.gnu.org/software/make/manual/html_node/POSIX-Jobserver.html
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Refreshed 001-disable-extra-stressors.patch
Dropped 002-disable-compiler-test.patch
- no longer needed since commit a24c7f2048
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
Backport PCRE2 patches from upstream and move package to PCRE2 library
as PCRE is EOL and won't receive any security update anymore.
Patch are backported with minimal change, only the Changelog change is
commented out as it would conflict and makes no sense to adapt for the
purpose of backport patches.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
This tool allows for acquiring the current time from
the cellular network for configuring the local clock.
Compared to NTP, this has the advantage of nut using up
mobile traffic.
It takes advantage of the AT+QLTS command found on Quectel
modems. This functionality depends on support of the mobile
network.
Compile-tested: ath79-nand
Run-tested: ath79-nand (GL.iNET GL-XE300)
Signed-off-by: David Bauer <mail@david-bauer.net>
This program can be used to obtain information stored on the bdinfo
parition found on routers from Shenzhen Cudy Technology.
While this tool is not necessary for operation with OpenWrt, it can be
helpful to decrypt information generated by the stock firmware as well
as to obtain additional device-specific information.
Signed-off-by: David Bauer <mail@david-bauer.net>
In preparation to PCRE2 fixup, use autoreconf PKG_FIXUP as a better
configure system instead of configure script. This is needed to reduce
upcoming patch to migrate to PCRE2 library.
To correctly use autoreconf it's needed to declare empty
PKG_REMOVE_FILES.
zsh include custom macro in the default aclocal.m4
When autoreconf PKG_FIXUP is used, if PKG_REMOVE_FILES is not defined,
it's set to remove the file aclocal.m4 by default resulting in problem
with the custom macro AC_PROG_LN.
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
[ split to 2 commit, add PKG_REMOVE_FILES, reword commit description ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
This also requires updating our patch for fortify-ing.
We now also pass the version as define during compilation.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
In the OpenWrt routing feed, package bmx6 and luci-app-bmx6 were removed because the LuCI app was vulnerable to several CVEs, as found by dependabot. It has been reporting it for a few months and has even created an issue. These two packages are not maintained in OpenWrt as well in upstream.
Users should switch to the bmx7 package.
Fixes: 9fb9d9343ea27d6dbb5008ece10c0c843dd2c781 ("bmx6: drop package") in the routing feed
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
changelog 1.9.2:
- cgroup: reset the inherited cpu affinity after moving to cgroup. Old kernels do that automatically, but new kernels remember the affinity that was set before the cgroup move, so we need to reset it in order to honor the cpuset configuration.
changelog 1.9.1:
- utils: ignore ENOTSUP when chmod a symlink. It fixes a problem on Linux 6.6 that always refuses chmod on a symlink.
- build: fix build on CentOS 7
- linux: add new fallback when mount fails with EBUSY, so that there is not an additional tmpfs mount if not needed.
- utils: improve error message when a directory cannot be created as a component of the path is already existing as a non directory.
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
v1.2.2 changes:
- Enabled reproducible builds
v1.2.1 changes:
- sandbox: Add support for escaping resolv.conf symlinks. This fixes usage in WSL environments which symlinks /etc/resolv.conf under a shared location under /mnt.
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
We currently have more package architectures supporting
CPU frequency scaling than earlier, and the package architecture
vs. CPU target SDK matching does not fully reflect that.
(E.g. aarch64_cortex-a53 is currently using bcm27xx/bcm2710)
Simplify things by removing the target dependency and let the plugin
be built for all architectures.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
build hosts with busybox fail with long options on rm
command. Short versions are supported by all, so this
makes it script compatible with busybox hosts as well.
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
podman still seems to use catatonit with
rootless containers. It seems that it is
possible to use alternatives, such as tini,
but maybe go the same way they went on mainstream.
This PR just adds catatonit to depends.
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
patch refreshed.
Changelog:
- Fixed a performance issue when calculating diff sizes in overlay. The podman system df command should see a significant performance improvement.
- Fixed a bug where containers in a pod would use the pod restart policy over the set container restart policy.
- Fixed a bug in the Compat Build endpoint where the pull query parameter did not parse 0/1 as a boolean.
- Updated the containers/storage library to v1.48.1
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
Changes:
- support arbitrary idmapped mounts. Now it is possible to specify a mapping for any type of mount, not only bind mounts.
- add support for "ridmap" mount option to support recursive idmapped mounts.
- fix check for oom_score_adj. Write the oom_score_adj file even when the new value is 0.
- features: Support mountExtensions.
- correctly handle unknown signal string when it doesn't start with a digit.
- do not attempt to join again already joined namespace.
- wasmer: use latest wasix API.
- refresh libocispec
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
Since it seems that this nobody wants to be the maintainer of dbus,
I can take the responsibility.
I am no dbus expert, but can runtime test it and see if change seems
sane.
Signed-off-by: Robert Marko <robimarko@gmail.com>
Current stable branch for dbus is 1.14 and that is recommended to be used.
1.13 was a development branch and not meant for production use.
1.14.10 is the latest stable, so lets move to it.
Signed-off-by: Robert Marko <robimarko@gmail.com>
CMake is not being used to build dbus as it does not respect endinaness
under CMake and 1.14 branch.
So, lets drop the patches as they will not apply to future 1.14 update.
Signed-off-by: Robert Marko <robimarko@gmail.com>
This fix dnsmasq failing to startup once configured since the
cache-domains config files are not included in the jail that dnsmasq
runs inside.
Signed-off-by: Gerard Ryan <G.M0N3Y.2503@gmail.com>
Since February 2023, I decided to no longer work with Turris, I mean CZ.NIC company
due to some reasons how the development goes and since that day my work address is not
available and not sure if there is some redirect to someone else, but if anyone wants to
reach me, use my email address, where they can find me.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Both of us were working for Turris and using these devices on daily basis.
A few of these packages are still required and used by Turris. It would be great if
Turris people will take maintainership of these packages, but if they decide not to,
I can step in and take them.
Since Karel switched from using OpenWrt to NixOS and hopefully, I didn't reveal some
secret here, let's take maintainership of his packages.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
It seems that the Makefile has both CC and CFLAGS hardcoded and does not
allow overriding them by ones being passed by the buildsystem.
This works fine until CONFIG_PKG_ASLR_PIE_ALL is selected, then building
will fail with:
arm-openwrt-linux-muslgnueabi/bin/ld.bfd: mhz.o: relocation R_ARM_MOVW_ABS_NC against `a local symbol' can not be used when making a shared object; recompile with -fPIC
arm-openwrt-linux-muslgnueabi/bin/ld.bfd: mhz.o(.text+0x75c): unresolvable R_ARM_CALL relocation against symbol `__aeabi_l2d@@GCC_3.5
So, lets add a patch pending upstream that allows both CC and CFLAGS to be
overriden so that ones passed by the buildsystem are actually respected.
Fixes: 89123b308f ("mhz: add new package")
Signed-off-by: Robert Marko <robimarko@gmail.com>
The rpcd wireguard plugin provides essential functions similar to the `wg`
tool.
It uses the embeddable-wg-library [0], which describes itself as:
"This is a mini single-file library, meant to be embedded directly into the
source code of your program. Copy wireguard.c and wireguard.h into your
project. They should build with any C89 compiler. There are no dependencies
except libc"
The plugin does exactly that and therefor inherits the LGPL license.
At this point it provides the following functions:
'wireguard'
"status":{}
"genkey":{}
"genpsk":{}
"pubkey":{"private":"String"}
Examples:
$ ubus call wireguard status
{
"wg0": {
"ifindex": 12,
"public_key": "<base64 encoded public key>",
"listen_port": 1234,
"peers": {
"<base64 encoded public peer key>": {
"allowed_ips": [
"192.168.1.123/32"
],
"last_handshake": 0,
"rx_bytes": 0,
"tx_bytes": 0
},
"<another base64 encoded public peer key>": {
"endpoint": "<ip:port>",
"allowed_ips": [
"192.168.1.124/32"
],
"last_handshake": 1676287619,
"rx_bytes": 8731604,
"tx_bytes": 88333652
}
}
}
}
$ ubus call wireguard genpsk
{
"preshared": "EKQJ3XI/6xLoifAoGb5bNA39De1tiwZ3x7h8OS2zKkE="
}
$ ubus call wireguard genkey
{
"private": "IFyGkfXlO+WO8DMO3cqhaDZ8rBfioP5pVnAoQlEpXnI=",
"public": "uF2O6/ZXZjKnUnxBnldElBYIXfpyvvtUnZfKP+BSBSI="
}
$ ubus call wireguard pubkey '{"private":"IFyGkfXlO+WO8DMO3cqhaDZ8rBfioP5pVnAoQlEpXnI="}'
{
"public": "uF2O6/ZXZjKnUnxBnldElBYIXfpyvvtUnZfKP+BSBSI="
}
Size comparison:
52436 /usr/bin/wg
18544 /usr/lib/rpcd/wireguard.so
[0] https://git.zx2c4.com/wireguard-tools/tree/contrib/embeddable-wg-library
Signed-off-by: Andre Heider <a.heider@gmail.com>
As of OpenWrt main branch commit e505873e65f72 ("armsr: armv8:
enable KVM host") [merged 2023-08-15], armsr/armv8 has
KVM host support. We can now enable QEMU host for this
target.
For example, you can run OpenWrt armsr/armv8 as a guest
like so:
qemu-system-aarch64 -nographic -M virt -cpu host --enable-kvm \
-bios u-boot.bin -smp 1 -m 1024 \
-drive file=openwrt-armsr-armv8-generic-ext4-combined.img,format=raw,index=0,media=disk
A compatible u-boot.bin can be obtained from u-boot-qemu_armv8/u-boot.bin
that is built with the armsr target and available from
downloads.openwrt.org.
Signed-off-by: Mathew McBride <matt@traverse.com.au>
* 0.10.0 (Jun 04, 2023)
- Add arm7 and aarch64 support for FreeBSD
* 0.9.0 (Jun 12, 2022)
- Add RISCV64 support on Linux
- Fix tty-stealing on PowerPC
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Fix missing dependencies for 'collectd-mod-disk' to 'libudev' if
collectd-mod-smart is not enabled.
Package collectd-mod-disk is missing dependencies for the following
libraries:
libudev.so.1
The package 'collect-mod-disk' is now build always with 'libudev' support,
independent of the enable/disable build state of 'collectd-mod-smart'.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
The package is terribly outdated and bundling it with the web UI is a
task I don't find myself willing to take. Dropping it.
FIX: #16008
Signed-off-by: Paul Spooren <paul.spooren@rhebo.com>
Fixed by defining TARGET=linux, as suggested in the README.
By default TARGET is derived from the host using uname -s,
which produces build errors on a non-linux hosts:
TARGET is not set; trying to determine target based on host OS....
Detected OS is Darwin
Build target is macos
...
x86_64-openwrt-linux-musl-g++: error: unrecognized command-line option '-arch'
Helped-by: Tianling Shen <cnsztl@immortalwrt.org>
Signed-off-by: Georgi Valkov <gvalkov@gmail.com>
Notably, the meson args for programmers changed from a series of
individual 'config_$foo>, config_$bar' to a list of
'programmer=$foo,$bar'
The patches were all either already merged upstream (or similar ones, at
least), or aren't useful (bitbang_spi is no longer a separated
programmer; it's included in the defaults).
Signed-off-by: Brian Norris <computersforpeace@gmail.com>
Cryptsetup 2.6.1 Release Notes
==============================
Stable bug-fix release with minor extensions.
All users of cryptsetup 2.6.0 should upgrade to this version.
Changes since version 2.6.0
~~~~~~~~~~~~~~~~~~~~~~~~~~~
* bitlk: Fixes for BitLocker-compatible on-disk metadata parser
(found by new cryptsetup OSS-Fuzz fuzzers).
- Fix a possible memory leak if the metadata contains more than
one description field.
- Harden parsing of metadata entries for key and description entries.
- Fix broken metadata parsing that can cause a crash or out of memory.
* Fix possible iteration overflow in OpenSSL2 PBKDF2 crypto backend.
OpenSSL2 uses a signed integer for PBKDF2 iteration count.
As cryptsetup uses an unsigned value, this can lead to overflow and
a decrease in the actual iteration count.
This situation can happen only if the user specifies
--pbkdf-force-iterations option.
OpenSSL3 (and other supported crypto backends) are not affected.
* Fix compilation for new ISO C standards (gcc with -std=c11 and higher).
* fvault2: Fix compilation with very old uuid.h.
* verity: Fix possible hash offset setting overflow.
* bitlk: Fix use of startup BEK key on big-endian platforms.
* Fix compilation with latest musl library.
Recent musl no longer implements lseek64() in some configurations.
Use lseek() as 64-bit offset is mandatory for cryptsetup.
* Do not initiate encryption (reencryption command) when the header and
data devices are the same.
If data device reduction is not requsted, this leads to data corruption
since LUKS metadata was written over the data device.
* Fix possible memory leak if crypt_load() fails.
* Always use passphrases with a minimal 8 chars length for benchmarking.
Some enterprise distributions decided to set an unconditional check
for PBKDF2 password length when running in FIPS mode.
This questionable change led to unexpected failures during LUKS format
and keyslot operations, where short passwords were used for
benchmarking PBKDF2 speed.
PBKDF2 benchmark calculations should not be affected by this change.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Remove downstream patch 004-missing-includes.patch which was merged
upstream in version 2.03.19
LVM2 changelog since version 2.03.17
version 2.03.22 - 02nd August 2023
==================================
Fix pv_major/pv_minor report field types so they are integers, not strings.
Add lvmdevices --delnotfound to delete entries for missing devices.
Always use cachepool name for metadata backup LV for lvconvert --repair.
Make metadata backup LVs read-only after pool's lvconvert --repair.
Improve VDO and Thin support with lvmlockd.
Handle 'lvextend --usepolicies' for pools for all activation variants.
Fix memleak in vgchange autoactivation setup.
Update py-compile building script.
Support conversion from thick to fully provisioned thin LV.
Cache/Thin-pool can use error and zero volumes for testing.
Individual thin volume can be cached, but cannot take snapshot.
Better internal support for handling error and zero target (for testing).
Resize COW above trimmed maximal size is does not return error.
Support parsing of vdo geometry format version 4.
Add lvm.conf thin_restore and cache_restore settings.
Handle multiple mounts while resizing volume with a FS.
Handle leading/trailing spaces in sys_wwid and sys_serial used by deivce_id.
Enhance lvm_import_vdo and use snapshot when converting VDO volume.
Fix parsing of VDO metadata.
Fix failing -S|--select for non-reporting cmds if using LV info/status fields.
Allow snapshots of raid+integrity LV.
Fix multisegment RAID1 allocator to prevent using single disk for more legs.
version 2.03.21 - 21st April 2023
=================================
Fix activation of vdo-pool for with 0 length headers (converted pools).
Avoid printing internal init messages when creation integration devices.
Allow (write)cache over raid+integrity LV.
version 2.03.20 - 21st March 2023
=================================
Fix segfault if using -S|--select with log/report_command_log=1 setting.
Configure now fails when requested lvmlockd dependencies are missing.
Add some configure Gentoo enhancements for static builds.
version 2.03.19 - 21st February 2023
====================================
Configure supports --with-systemd-run executed from udev rules.
Enhancement for build with MuslC systemd and non-bash system shells (dash).
Do not reset SYSTEMD_READY variable in udev for PVs on MD and loop devices.
Ensure udev is processing origin LV before its thick snapshots LVs.
Fix and improve runtime memory size detection for VDO volumes.
version 2.03.18 - 22nd December 2022
====================================
Fix issues reported by coverity scan.
Fix warning for thin pool overprovisioning on lvextend (2.03.17).
Add support for writecache metadata_only and pause_writeback settings.
Fix missing error messages in lvmdbusd.
DM changelog since version 1.02.187:
Version 1.02.196 - 02nd August 2023
===================================
Version 1.02.195 - 21st April 2023
==================================
Version 1.02.193 - 21st March 2023
==================================
Version 1.02.191 - 21st February 2023
=====================================
Improve parallel creation of /dev/mapper/control device node.
Import previous ID_FS_* udev records in 13-dm-disk.rules for suspended DM dev.
Remove NAME="mapper/control" rule from 10-dm.rules to avoid udev warnings.
Version 1.02.189 - 22nd December 2022
=====================================
Improve 'dmsetup create' without given table line with new kernels.
(Version 1.02.188 is missing)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
