This commit adds support for starting and running jool through init
scripts, with default config files as examples.
Signed-off-by: Tiago Gaspar <tiagogaspar8@gmail.com>
Add checks not to overwrite defaultnotify options in the nut-sendmail-notify fashion.
Use lists for defaultnotify instead of option.
Add check not to overwrite notifycmd if already defined.
upssched-cmd script must not be called directly, it is called by the upssched binary with needed arguments.
Signed-off-by: Pascal Coudurier <coudu@wanadoo.fr>
Convert notifyflags options to lists as supported by the init script, so multiple options can be chosen.
Add SYSLOG default option to individuals notifyflags instead of deprecated flag 1|0.
Add comment for defaultnotify and individuals notifyflags about possible values.
Signed-off-by: Pascal Coudurier <coudu@wanadoo.fr>
lynx uses host C-compiler to build internal utility that is used to
generate files required for target build. On MacOS it uses internal
clang with MacOS system headers so host build fails due to MacOS is
not Linux
Forced to use OpenWrt host C compiler using --with-build-*
./configure flags
Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
This backports a patch from upstream radsecproxy to fix compilation with glibc 2.34.
It fixes the following build problem:
radsecproxy.h:35:5: error: missing binary operator before token "("
35 | #if PTHREAD_STACK_MIN > PTHREAD_STACK_SIZE
| ^~~~~~~~~~~~~~~~~
make[5]: *** [Makefile:623: dtls.o] Error 1
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Although undocumented, there's a way to explicitly disable static linking in
Stubby, setting the CMake build option ENABLE_GETDNS_STATIC_LINK to OFF (ON by
default). Make it so.
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
Drop the tftpd binary, which is no longer provided upstream. Users
should switch to the atftp server as a replacement.
Avoid executing runtime tests, which are not supported in cross-build
environments.
Signed-off-by: Noah Meyerhans <frodo@morgul.net>
When zone id is explicitly provided, there is no need for the API token to have read permission. Inspired by acme.sh's cloudflare logic.
Signed-off-by: Glen Huang <heyhgl@gmail.com>
Update crowdsec-firewall-bouncer to latest upstream release version 0.0.21
Makefile rework
- use tagged version for download
Fixes
- set API_KEY in firewall bouncer config file
Signed-off-by: Kerma Gérald <gandalf@gk2.net>
backport of upstream commit
3c66c1fec7
Original author: Nikhil Benesch <nikhil.benesch@gmail.com>
Remove unnecessary flag in macOS build
The configuration logic for adding the `-search_paths_first` linker
flag on Darwin does not correctly handle cross compilation. It should
check the value of $krb5_cv_host rather than `uname -s` to detect when
the compilation target is Darwin, rather than the build machine.
It turns out `-search_paths_first` has been the default behavior of ld
on macOS since XCode 4. So just remove that bit of logic entirely.
(The flag was added in commit acd27af0e845f8b93de2e226cc2ec9ac8af52077
in 2004; XCode 4 was released in 2010.)
Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
With procd-ujail enabled, it is not possible to use HTTPS URLs, for
example when either for downloading torrent files or blocklists. The
followig example occurs when downloading a URL from the "Upload Torrent
Files" dialogue box:
Error adding
"https://releases.ubuntu.com/21.10/ubuntu-21.10-desktop-amd64.iso.torrent":
gotMetadataFromURL: http error 0: No Response
syslog will also hint that no CA_BUNDLE is being used:
transmission-daemon[6683]: [2021-12-30 20:01:30.990] web will verify
tracker certs using envvar CURL_CA_BUNDLE: none (web.c:455)
This patch rectifies this issue by adding a ca_bundle configurable,
enabled by default. This explicitly fixes the ca_bundle file location
to /etc/ssl/certs/ca-certificates.crt and adds this file to the procd
jail. On subsequent testing, HTTPS URL download functionality is
restored.
Signed-off-by: Matthew Hagan <mnhagan88@gmail.com>
The delete variable was misspelled leading to devices always being
removed although they had connected neighbors.
Signed-off-by: Nick Hainke <vincent@systemli.org>
Update crowdsec to latest upstream release version 1.2.2
Makefile rework
- use tagged version for download
Signed-off-by: Kerma Gérald <gandalf@gk2.net>
Issue: 2to3 support has been removed in setuptools since version 58.0.0.
Fix: openwrt/packages#17311
Requirements: 2to3/host openwrt/packages#17429
Add upstream patch: 196c55e931
To install/build for python3 from source, it is necessary to convert to py3
codebase before setup (invoke 2to3 or ./fail2ban-2to3 firstly).
> ./fail2ban-2to3
> python3 setup.py build
Signed-off-by: Kerma Gérald <gandalf@gk2.net>
The next OpenWrt stable release aims to use firewall4 by default. As
this uses nftables as backend, miniupnpd will no longer work. Create an
iptables and nftables variant of the miniupnpd package so that miniupnpd
can be used with either firewall variant.
See #16818 for more info.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Since version 2.2.3, miniupnpd will detect MS clients and force IGDv1.
This reverts commit 7f5534ac7a.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Removed patches:
001-fix-stime-glibc-remove.patch - it is included in upstream
003-Fix-compilation-with-gcc11.patch - no longer necessary
Updated patches:
002-Avoid-problems-with-64-bit-time_t.patch
Refreshed patches:
004-Comment-out-librt-testing.patch
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
