Try to fix license according to SPDX.
Add PKG_LICENSE_FILES.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit f8e36f9fd6)
[use pypi.mk for Python package]
Currently, we called `/usr/libexec/login.sh` as login command, but unfortunately the auth
is disabled by default in it[1], and this is really serious as it could be a free "backdoor"
for any spoiler who has conntectd to the router via LAN or wireless.
In my option, it shouldn't be exposed to anyone without auth, so I set the default login
command to `/bin/login`. And for those who really want that, they can do it themselves.
1. `login.sh` adjusts whether use authentication or not from system config named ttylogin,
which is set to disabled by default. See package/base-files/files/bin/config_generate#L243.
Signed-off-by: Tianling Shen <cnsztl@project-openwrt.eu.org>
Backported from f45bb2981d
Openwrt is a single user system. So keepalived is runnig as root.
If we add the config options `script_user root` and
`enabled_script_security' the following warnings are gone.
> local1.info Keepalived_vrrp[5382]: SECURITY VIOLATION - scripts are
being executed but script_security not enabled.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry picked from commit 1b1ba71063)
This fixes a runtime startup error on system which does not have a
toplevel runtime directory for the pid file. On openwrt the pid is
located at /var/run and not on /run. To fix that add a configure option to
move the pid location to /var/run.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry picked from commit bc98aaa3f7)
* Patch adapted for the branch so that it can be applied correctly
* fix for possible exploit #13758
* sanetize all external template/config inputs
* fix some shellcheck warnings
Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
This reverts commit d8f0ebaa3d.
Versions 1.7.2 and above mandate CMake 3.1.7, making this unsuitable
for backporting.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
musl doesn't support fts. But with the extra package musl-fts installed,
libzip picks up the fts header and fails at the linking stage:
zipcmp.c:(.text.startup+0x130): undefined reference to `fts_open'
/home/sk/tmp/openwrt/staging_dir/toolchain-mips_24kc_gcc-8.3.0_musl/lib/gcc/mips-openwrt-linux-musl/8.3.0/../../../../mips-openwrt-linux-musl/bin/ld: zipcmp.c:(.text.startup+0x172): undefined reference to `fts_read'
So with musl-fts we need to link in libfts. To address that this commits
patches the cmake setup to check if fts is available in libc itself or
in any external libfts.
So when musl-fts is installed on the system the setup will be the
following:
musl: use libfts
uclibc: use fts from libc
glibc: like uclibc
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
(cherry picked from commit 0c381f7c7a)
This introduces libzip which is e.g. a dependency for upcoming upgrade
of PHP to version 7.4.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
(cherry picked from commit a4a98d5efe)
Switched to upstream tarballs as they are now available
Removed autoreconf as a result.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 18f3410ac4)
Removed autoreconf as a result.
Unfortunately, the two versions are not identical. Bumped PKG_RELEASE
to deal with it.
Disable static libraries as they're fairly useless.
Adjusted filepaths.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 4e203a1949)
