Now that runc builds according to available kernel features and there
is no longer a sub-menu to select them manually, also drop the MENU:=1
statement from the package Makefile.
Fixes: 3a06ce559 ("runc: Updated to v1.0.0-rc92 for dockerd")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* adds the canon_lide70 backend
* avision: adds support for the KODAK i1120, fixes thread cancellation issues,
disables exposure option for non-filmscanners
* canon_dr: improves error reporting
* dmc: fixes compiler warnings on the scan area options
* epsonds: rewrites the network I/O following changes made to the
* epson2 backend in 1.0.30 to fix security issues. Network support is still
unsupported.
* fujitsu: adds support for the fi-800R and a card scanning slot, fixes a bug
when reading hardware sensors on the first invocation. Adds USB IDs for
fi-7800 and fi-7900.
* genesys: adds support for the Canon 5600F, Canon LiDE 90, Plustek OpticFilm
7200 and 7200 (v2), 7400, 7600i, 8100 and 8200i. Fixes several issues with the
Canon 8600F. Adds 4800dpi support for the Canon LiDE 210 and fixes 3200dpi
flatbed support on the Canon 8400F. Adds an option to fill dark calibration
with a constant. Adds transparency support for gl847 chipset based devices.
Fixes CIS scanner support for gl842 chipset based devices. Removes lineart and
image enhancement emulation support.
* gphoto: supports the PLANon DocuPen RC800 (with a recent enough version of
gphoto2)
* gt68xx: modifies scan cancellation behaviour
* hp5400: adds button support, fixes a scan cancellation crash issue
* pixma: add supports for the i-SENSYS MF440 Series and untested support for the
PIXMMA G7000 Series and GM4000 Series as well as the i-SENSYS MF720 Series.
* plustek: fixes a potential buffer overrun
* test: adds gamma options
Patches:
- ADD: 102-pixma_Restore_old_behaviour_in_case_XML_support_is_missing.patch:
pixma was failing to detect libxml2, even when it exists
(https://gitlab.com/sane-project/backends/-/issues/345)
- DROP: 100-fix-bigendian.patch: fix in release
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
It's nice to have seccomp support which is enabled in OpenWrt on
supported platforms on targets which are not marked as SMALL_FLASH.
(and it's kinda obvious that you wouldn't want to install runc on a
SMALL_FLASH target to begin with)
So let's enable seccomp by default.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Better a separate package than enabling it via busybox.
Special thanks to @neheb for the Makefile patches.
Signed-off-by: Paul Spooren <mail@aparcar.org>
Installing the 'xz' package currently leads to file collisions:
Collected errors:
* check_data_file_clashes: Package xz wants to install file /usr/bin/unxz
But that file is already provided by package * busybox
* check_data_file_clashes: Package xz wants to install file /usr/bin/xz
But that file is already provided by package * busybox
* opkg_install_cmd: Cannot install package debootstrap.
Fix that by switching to use ALTERNATIVES for all multicall commands
instead of copying the symlinks into the package.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
dirmngr is needed to download keys from keyservers.
That being a useful thing, let's package dirmngr.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Ship podman with defaults more coherent with user expectations and
more likely to work out-of-the-box.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Deleting rules that docker has created is error-prone, because with
every update docker we have to check if anything has changed.
Cleaning up the firewall rules is part of the docker and should and must be
cleaned up and handeled by them when the service is terminated.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
If docker-ce handles the firewall and fw3 is not envolved because the
rules get not proceed, then not only docker0 should be handled but also
other interfaces and therefore other docker networks.
This commit extends the handling and introduces a new uci option
`device` in the docker config firewall section. This can be used to specify
which device is allowed to access the container. Up to now only docker0
is covert.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
As the protocol is set to none, this makes no sense here, as it cannot
be controlled and thus processed by the netifd.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Openwrt has a own firewall service called fw3, that supports firewall zones.
Docker can bypass the handling of the zone rules in openwrt via custom
tables. These are "always" processed before the openwrt firewall.
Which is prone to errors!
Since not everyone is aware that the firewall of openwrt will
not be passed. And this is a security problem because a mapped port is
visible on all interfaces and so also on the WAN side.
If the firewall handling in docker is switched off, then the port in
fw3 must be explicitly released and it cannot happen that the
port is accidentally exported to the outside world via the interfaces on
the WAN zone.
So all rules for the containers should and so must be made in fw3.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Up to now only the docker0 interface and bridge is created by default.
In order to create other interfaces and to integrate them into the
openwrt these functions can now be called with arguments.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
nopingtime UCI option rationale:
I want relatively fast reaction(i.e. 1m or 2m) for 'no internet' condition,
but i don't want my router to reboot every 1 minute if there is still no
internet after reboot.
initd_watchcat:
* add: nopingtime uci option support
* add: defaults to all non-critical options
* add: log warnings for non-critical errors(when option is missed and
default is applyed)
* fix: error handling and config_get defaults are somtimes in conflict
because of config_get defaults. They are gone now, error handling improved.
* fix: calling watchcat.sh with 'period' mode instead of 'ping'. Typo?
* fix: pingperiod default changed from period/20 to more reasonable period/5
watchcat.sh:
* add: nopingtime uci option support( sleep if uptime < nopingtime )
* remove: [ "$mode" = "allways" ] && mode="always" - not needed, already
done by initd_watchcat in load_watchcat() func
* add: echo 1 > /proc/sys/kernel/sysrq before sysrq-trigger
* refactor: eliminated once used not needed variables, code size reduced.
* PKG_RELEASE bumped up
Signed-off-by: Vasily Trotzky <trotzky.vas@gmail.com>
* blocked_interfaces blocks all packets to docker0 from the given
interface. This is needed because all the iptables commands dockerd
adds operate before any of the fw3 generated rules.
Signed-off-by: Gerard Ryan <G.M0N3Y.2503@gmail.com>
Use ALTERNATIVES for /usr/bin/gpg and /usr/bin/gpgv, so upcoming gnupg2
variants can be selected instead.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Added Fedora patch to fix compilation.
Added python3 dependency as it seems it's needed now.
Replaced custom boost 1.73 patch with upstream one. Removed CFLAG that
was supposed to fix this but didn't do anything.
Removed nls.mk. telldus-core was fixed to not require iconv.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Fix "hostapd_ubus_stations.lua". The bit-lib that is imported and the
one specified as the dependency do not match. Use luabitop.
Signed-off-by: Nick Hainke <vincent@systemli.org>
it makes no sense to show docker-compose sit in Languages -> Python
submenu in menuconfig, it is a tool and not a library.
Move it to Utilities section like docker-ce also is.
Signed-off-by: Alberto Bursi <bobafetthotmail@gmail.com>
This reverts commit 1f5f599d0e
that bumped the zoneinfo version from 2020a to 2020b.
Apparently some libc are incompatible with the data format in 2020b.
At least our default libc, musl, fails to parse timezones from the
compiled 2020b zoneinfo files.
Release notes mention that deprecated "posixrules" feature is now
omitted from the default build. Possibly musl uses it?
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
As announced in the 2.21.0 release notes, the experimental gRPC API v2
has been removed.
[CHANGE] web: Remove APIv2. #7935
[ENHANCEMENT] React UI: Implement missing TSDB head stats section. #7876
[ENHANCEMENT] UI: Add Collapse all button to targets page. #6957
[ENHANCEMENT] UI: Clarify alert state toggle via checkbox icon. #7936
[ENHANCEMENT] Add rule_group_last_evaluation_samples and
prometheus_tsdb_data_replay_duration_seconds metrics. #7737#7977
[ENHANCEMENT] Gracefully handle unknown WAL record types. #8004
[ENHANCEMENT] Issue a warning for 64 bit systems running 32 bit
binaries. #8012
[BUGFIX] Adjust scrape timestamps to align them to the intended
schedule, effectively reducing block size. Workaround for a regression
in go1.14+. #7976
[BUGFIX] promtool: Ensure alert rules are marked as restored in unit
tests. #7661
[BUGFIX] Eureka: Fix service discovery when compiled in 32-bit. #7964
[BUGFIX] Don't do literal regex matching optimisation when case
insensitive. #8013
[BUGFIX] Fix classic UI sometimes running queries for instant query when
in range query mode. #7984
Signed-off-by: Paul Spooren <mail@aparcar.org>
Remove few no longer needed bits - like checking that datadir is defined
or mysqld_safe from server package and bumping revision after all the
init script cleanups.
Signed-off-by: Michal Hrusecky <michal.hrusecky@turris.com>
Rewrite init script as mysqladmin requires access to the MySQL which is
hard to guarantee. Use standard signals instead.
Signed-off-by: Michal Hrusecky <michal.hrusecky@turris.com>
Use /srv/mysql as default datadir as /var/lib/mysql is in tmpfs. This
doesn't affect any existing setup as up till now it had to be always
specified in configuration. That is addressed in the second part of this
commit - init script now uses even defaults as compiled in MariaDB so
not everything has to be specified in configuration file.
Signed-off-by: Michal Hrusecky <michal.hrusecky@turris.com>
There is already the hostapd_stations exporter, which uses
hostapd-utils (more precisely hostapd-cli) to get client statistics.
However, the ubus interface is permanently integrated under hostapd
in OpenWrt. So this exporter needs one dependency less.
For now it exports mainly the rrm statistics. Many people are
interested in what your device supports. The exporter provides
information about the radio-resource-managment extensions.
Signed-off-by: Nick Hainke <vincent@systemli.org>
Previously the test.sh script would also run for the `vim-help` package
which isn't a binary package but just a tar archive.
Signed-off-by: Paul Spooren <mail@aparcar.org>
Refreshed patches. Reworked several of them as musl has changed.
Removed several upstreamed ones.
Added musl 1.2.0 patch which uses 64-bit time_t.
Removed -Werror as there's a redefinition warning caused by nls.mk.
Replaced glib2/host dependency with rpcsvc-proto.
Fixed compilation with full NLS.
Fixed compilation with musl 1.2.0
Signed-off-by: Rosen Penev <rosenp@gmail.com>
This also adds a config option GOLANG_BUILD_CACHE_DIR to customize the
location of the build cache directory.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Beep is a target-independent software that can handle buzzers controlled by kmod-gpio-beeper.
This change is useful for some non-x86 enterprise APs and development boards
that have a buzzer connected to GPIO.
Compile-tested: ath79, ELECOM WAB-I1750-PS, 3fab4ac + device support patch
Run-tested: ath79, ELECOM WAB-I1750-PS, 3fab4ac + device support patch
Signed-off-by: Yanase Yuki <dev@zpc.sakura.ne.jp>
On few places, shellcheck gets confused by how some OpenWrt functions
work - especially load ones. Also on few places there are $options
variables that need not to be globbed. Could be rewritten better not to
need them, but I'll do major rewrites later in separate pull request.
Signed-off-by: Michal Hrusecky <michal.hrusecky@turris.com>
Just to make sure, add double quotes around strings and various
variables. In some cases it could prevent some issues, in other cases it
is just a good practice.
Signed-off-by: Michal Hrusecky <michal.hrusecky@turris.com>
policycoreutils was reworked in master.
Added PKG_BUILD_PARALLEL for faster compilation.
Reorganized some stuff for consistency.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
According to https://bugs.gentoo.org/301782 coreutils does not respect
--without-selinux correctly when libselinux.so is present on the target
system (in the staging dir).
This solves a weird issue of some coreutils programs not building (for
example stdbuf), because the configure script uses -Werror to determine
whether __attribute__((constructor)) is respected, but -Werror causes
compilation to fail because of a warning about redefinition of
HAVE_SELINUX_SELINUX_H macro.
Signed-off-by: Marek Behún <kabel@blackhole.sk>
Run trivial check if the compiled binary works on the architecture. Do
so by comparing the printed version by the binary with the Makefile
version. The release is OpenWrt specific, so cut it off.
Signed-off-by: Paul Spooren <mail@aparcar.org>
This release is built with Go 1.15, which deprecates X.509 CommonName
in TLS certificates validation.
In the unlikely case that you use the gRPC API v2 (which is limited to TSDB
admin commands), please note that we will remove this experimental API in the
next minor release 2.22.
[CHANGE] Disable HTTP/2 because of concerns with the Go HTTP/2 client. #7588#7701
[CHANGE] PromQL: query_log_file path is now relative to the config file. #7701
[CHANGE] Promtool: Replace the tsdb command line tool by a promtool tsdb subcommand. #6088
[CHANGE] Rules: Label rule_group_iterations metric with group name. #7823
[FEATURE] Eureka SD: New service discovery. #3369
[FEATURE] Hetzner SD: New service discovery. #7822
[FEATURE] Kubernetes SD: Support Kubernetes EndpointSlices. #6838
[FEATURE] Scrape: Add per scrape-config targets limit. #7554
[ENHANCEMENT] Support composite durations in PromQL, config and UI, e.g. 1h30m. #7713#7833
[ENHANCEMENT] DNS SD: Add SRV record target and port meta labels. #7678
[ENHANCEMENT] Docker Swarm SD: Support tasks and service without published ports. #7686
[ENHANCEMENT] PromQL: Reduce the amount of data queried by remote read when a subquery has an offset. #7667
[ENHANCEMENT] Promtool: Add --time option to query instant command. #7829
[ENHANCEMENT] UI: Respect the --web.page-title parameter in the React UI. #7607
[ENHANCEMENT] UI: Add duration, labels, annotations to alerts page in the React UI. #7605
[ENHANCEMENT] UI: Add duration on the React UI rules page, hide annotation and labels if empty. #7606
[BUGFIX] API: Deduplicate series in /api/v1/series. #7862
[BUGFIX] PromQL: Drop metric name in bool comparison between two instant vectors. #7819
[BUGFIX] PromQL: Exit with an error when time parameters can't be parsed. #7505
[BUGFIX] Remote read: Re-add accidentally removed tracing for remote-read requests. #7916
[BUGFIX] Rules: Detect extra fields in rule files. #7767
[BUGFIX] Rules: Disallow overwriting the metric name in the labels section of recording rules. #7787
[BUGFIX] Rules: Keep evaluation timestamp across reloads. #7775
[BUGFIX] Scrape: Do not stop scrapes in progress during reload. #7752
[BUGFIX] TSDB: Fix chunks.HeadReadWriter: maxt of the files are not set error. #7856
[BUGFIX] TSDB: Delete blocks atomically to prevent corruption when there is a panic/crash during deletion. #7772
[BUGFIX] Triton SD: Fix a panic when triton_sd_config is nil. #7671
[BUGFIX] UI: Fix react UI bug with series going on and off. #7804
[BUGFIX] UI: Fix styling bug for target labels with special names in React UI. #7902
[BUGFIX] Web: Stop CMUX and GRPC servers even with stale connections, preventing the server to stop on SIGTERM. #7810
Signed-off-by: Paul Spooren <mail@aparcar.org>
Auditd seems to build its own libev if the library is not already present;
otherwise it uses the system-installed library. This adds libev as a
dependency to ensure a consistent build.
Signed-off-by: W. Michael Petullo <mike@flyn.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[update to 3.1, make use of Python 3, and update dependencies]
Signed-off-by: W. Michael Petullo <mike@flyn.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[strip library after adding it to openwrt repository]
Signed-off-by: W. Michael Petullo <mike@flyn.org>
Similar to `syncthing` also `prometheus` build environment sets
variables later shown in the `--version` string. Set those varialbes.
Signed-off-by: Paul Spooren <mail@aparcar.org>
* The upstream script changed to use `.hosts` files from `.conf` files,
so changes were required to make dnsmasq use the new file format.
* Added a default wolfssl variant.
Signed-off-by: Gerard Ryan <G.M0N3Y.2503@gmail.com>
This release adds the advanced folder option caseSensitiveFS
(https://docs.syncthing.net/advanced/folder-caseSensitiveFS.html) to
disable the new safe handling of case insensitive filesystems.
Bugfixes:
#1787: Case-only renames break stuff
#5708: Properly handle upper-/lowercase-only file name collisions
#6613: TestWatchRename test fails on FreeBSD.
#6793: Error status should take precedence over Local Additions
#6850: Global state incorrect when ignoring local change
#6864: Folder incorrectly marked “Up to Date” after switching from “Receive Only” to “Send & Receive”
#6867: Certificate error when built with Go 1.15
#6886: chmod permission after editing .stignore via WebUI not preserved
#6889: test failures with Go 1.15
#6892: Syncthing 1.8.0 trying to connect via wrong network route
#6898: tests in TestCopyRange fail on ppc64le with "inappropriate ioctl for device"
#6908: NAT service fails to terminate during Shutdown
#6910: Local Additions when deleting file after changing folder type from SR to RO
#6922: Auto accepted folders not saved
#6938: Modifying config during first scan corrupts folder state
Enhancements:
#2739: Syncthing should be case insensitive by default
#5579: Avoid anti-aliasing artifacts for svg device icons
#6873: Don't fail dirs in receive-only folders that were removed elsewhere but exist locally
Signed-off-by: Paul Spooren <mail@aparcar.org>
Changes:
- Pass compiler flags through PORT_CFLAGS (previously, it was always compiled with -O2 -lrt)
- Add option to override toolchain and use -O3
- Disable MIPS16 (highly decreases results)
- Enable LTO
Signed-off-by: Aleksander Jan Bajkowski <A.Bajkowski@stud.elka.pw.edu.pl>
Update collectd to version 5.12.0.
* Refresh patches
* Remove upstreamed patch 920-fix-ubi-data-source-type.patch
* Backport a patch from upstream to fix a missing define
(920-backport-netlink-reg-noerror.patch)
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
The rb532 target has finally been removed in master, so drop the
dependencies in this package.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
The ar71xx target has finally been removed in master, so drop the
dependencies in this package.
Don't remove the patch for the TEW673GRU driver, as it may come
back with ath79.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Description: uhubctl is a utility that allows you to control USB power
on USB hubs that implement per-port or ganged power switching.
Signed-off-by: Steven Honson <steven@honson.id.au>
Cleaned up Makefile for consistency between packages.
Fixed license information.
Added PKG_BUILD_PARALLEL for faster compilation.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Maintainer: @blogic me
Compile tested: head r14241-ba2ddba, x86_64
Run tested: x86_64 (VirtualBox)
Description:
Addressed the build failure with node.js version 12.
https://github.com/openwrt/packages/pull/12225
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
Add license information.
Add PKG_INSTALL and PKG_BUILD_PARALLEL for consistency between packages.
Minor cleanups.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
There are intermittent build failures on the buildbots because of this.
I see the same build failures locally as well.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
usleep is deprecated.
Modernized the Makefile to modern standards.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
5969273ff4 mistakenly got rid of the
install section for canutils, causing errors when trying to install.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
command-count.h generated by makefile was wrong
when using default shell in mac,
set shell to bash to fix it.
Signed-off-by: Liangbin Lian <jjm2473@gmail.com>
LVM2 uses libselinux if found at buildtime and then requires it to
be present on run-time.
As LVM2 is usually not installed on space-constraint systems just
always build with libselinux as apart from the extra space usage it
doesn't hurt.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This was caused by upstream project commit db5adeaa ("build-sys: clean
up flags included in the linker command line")
Reported-by: W. Michael Petullo <mike@flyn.org>
Link: https://github.com/openwrt/packages/issues/13081
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Fix shellcheck SC2230
> which is non-standard. Use builtin 'command -v' instead.
Once applied to everything concerning OpenWrt we can disable the busybox
feature `which` and save 3.8kB.
Signed-off-by: Paul Spooren <mail@aparcar.org>
