Commit Graph

624 Commits

Author SHA1 Message Date
Hannu Nyman
c1f3c52564 busybox: backport fixes for 1.33.0
Backport two fixes for 1.33.0
* history file storing
* traceroute command option parsing

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2021-03-13 21:18:02 +01:00
Dominick Grift
49edc4d17f checkpolicy: update to version 3.2
521e6a2f libsepol/cil: fix signed overflow caused by using (1 << 31) - 1
42ae834a libsepol,checkpolicy: optimize storage of filename transitions

Signed-off-by: Dominick Grift <dominick.grift@defensec.nl>
2021-03-08 21:27:35 +00:00
Dominick Grift
0b58ebcfe2 secilc: update to version 3.2
49ff851c secilc: fixes cil_role_statements.md example
03881703 secilc/docs: add custom color theme
4c8d6094 secilc/docs: add syntax highlighting for secil
057d72af secilc/docs: use fenced code blocks for cil examples
e8bcdb84 cil_network_labeling_statements: fixes nodecon examples
eefa5511 cil_access_vector_rules: allowx, auditallowx and dontauditx fixes
9e9b8103 secilc/docs: document expandtypeattribute
fbe1e526 Update the cil docs to match the current behaviour.

Signed-off-by: Dominick Grift <dominick.grift@defensec.nl>
2021-03-08 21:27:35 +00:00
Dominick Grift
68934a5704 policycoreutils: update to version 3.2
d464187c policycoreutils: sestatus belongs to bin not sbin
d59932a7 policycoreutils: Resolve path in restorecon_xattr
5682c0d5 policycoreutils/fixfiles.8: add missing file systems and merge check and verify
57dd1f65 policycoreutils/setfiles: Drop unused nerr variable
be7f54cb setfiles: drop ABORT_ON_ERRORS and related code
9207823c setfiles: Do not abort on labeling error
c064d214 selinux_config(5): add a note that runtime disable is deprecated
8bc865e1 newrole: support cross-compilation with PAM and audit
ba2d6c10 fixfiles: correctly restore context of mountpoints

Signed-off-by: Dominick Grift <dominick.grift@defensec.nl>
2021-03-08 21:27:35 +00:00
Alexey Dobrovolsky
e12fcf0fe5 busybox: sysntpd: option to bind server to iface
NTPD in busybox has option -I to bind server to IFACE.
However, capabilities of the busybox are limited, the -I option cannot be
repeated and only one interface can be effectively specified in it.
This option is currently not configurable via UCI.
The patch adds an interface option to the system config, ntp section.
Also sort options for uci_load_validate alphabetically.

Signed-off-by: Alexey Dobrovolsky <dobrovolskiy.alexey@gmail.com>
2021-03-01 00:34:22 +01:00
Álvaro Fernández Rojas
1d3a9b1c00 bcm27xx-userland: update to latest version
Adds some fixes and removes upstreamed patch.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2021-02-18 23:42:46 +01:00
Felix Fietkau
d02088762a build: reorder more BuildPackages lines to deal with ABI_VERSION
After the ABI version rework, packages need to be declared in the order of
their dependencies, so that dependent packages will use the right ABI version

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2021-02-16 11:29:38 +01:00
Felix Fietkau
46b6ee7ffc util-linux: move libuuid BuildPackage line further up to fix ABI versioning
After the ABI version rework, packages need to be declared in the order of
their dependencies, so that dependent packages will use the right ABI version

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2021-02-16 00:00:14 +01:00
Rosen Penev
91aa8e5546 f2fs-tools: update to 1.14.0
Fix license information.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2021-02-14 19:38:15 +01:00
Rosen Penev
ce4cb8e51d busybox: remove useless busybox patches
The first two are useless as /bin/sh can execute those scripts just
fine. Shellcheck reports no problems.

Telnetd patch is useless as telnet is no longer used in OpenWrt.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2021-02-14 15:36:09 +01:00
Rosen Penev
0275ee5dde busybox: update to 1.33
Remove stime backport.

Remove static libgcc patch as upstream fixed it with
BUSYBOX_DEFAULT_STATIC_LIBGCC which defauls to off.

Remove date -k patch as it no longer applies. It's also pointless as
busybox' hwclock utility can do the same thing.

Remove ntpd patch as that seems to have been applied upstream.

Add smalll patch fixing compilation with SELinux. Upstream commit
2496616b0a8d1c80cd1416b73a4847b59b9f969a renamed the variable without
renaming it in the SELinux path.

Refresh config and patches.

Config refresh:

Refresh commands, run after busybox is first built once:

  cd package/utils/busybox/config/
  ../convert_menuconfig.pl ../../../../build_dir/target-mips_24kc_musl/busybox-default/busybox-1.33.0
  cd ..
  ./convert_defaults.pl < ../../../build_dir/target-mips_24kc_musl/busybox-default/busybox-1.33.0/.config > Config-defaults.in

Manual edits needed afterward:

* Config-defaults.in:  OpenWrt config symbol IPV6 logic applied to
  BUSYBOX_DEFAULT_FEATURE_IPV6
* Config-defaults.in:  OpenWrt configTARGET_bcm53xx logic applied to
  BUSYBOX_DEFAULT_TRUNCATE (commit 547f1ec)
* editors/Config.in: Add USE_GLIBC dependency to
  BUSYBOX_CONFIG_FEATURE_VI_REGEX_SEARCH (commit f141090)
* shell/Config.in : change at "Options common to all shells"  the symbol
  SHELL_ASH  -->  BUSYBOX_CONFIG_SHELL_ASH
   (discussion in http://lists.openwrt.org/pipermail/openwrt-devel/2021-January/033140.html
     Apparently our script does not see the hidden option while
     prepending config options with "BUSYBOX_CONFIG_" which leads to a
     missed dependency when the options are later evaluated.)
* Edit Config.in files by adding quotes to sourced items in
  config/Config.in, networking/Config.in and util-linux/Config.in (commit 1da014f)

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
[Added comments from Hannu Nyman to commit message]
Signed-off-by: Rosen Penev <rosenp@gmail.com>
2021-02-14 15:15:32 +01:00
Daniel Golle
29a6a71d52 busybox: sysntpd: make use of new ubus hotplug.ntp object
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-02-08 00:57:14 +00:00
Rosen Penev
cbedb5de75 util-linux: remove custom pkgconfig patch
Replace with sed as done elsewhere.

Fixes error with at least btrfs-progs:

Package '@LIBSELINUX@', required by 'mount', not found
Package '@LIBCRYPTSETUP@', required by 'mount', not foun

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2021-01-31 16:25:08 +01:00
Jeffrey Elms
ff2087d9a9 px5g-wolfssl: Fix certificate signature
Certificate signature algorithm was being set after call to
`wc_MakeCert`, resulting in a mismatch between specified signature in
certificate and the actual signature type.

Signed-off-by: Jeffrey Elms <jeff@wolfssl.com>
[fix commit subject, use COMMITCOUNT]
Signed-off-by: Paul Spooren <mail@aparcar.org>
2021-01-26 16:59:53 -10:00
Rosen Penev
980dca6b7f lua: add -ldl for glibc builds
For glibc, lua needs an explicit link to libdl as glibc has it separate

Fixes the following error in at least collectd:

ld: usr/lib/liblua.so: undefined reference to `dlopen'
ld: usr/lib/liblua.so: undefined reference to `dlclose'
ld: usr/lib/liblua.so: undefined reference to `dlerror'
ld: usr/lib/liblua.so: undefined reference to `dlsym'

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2021-01-06 15:38:57 -10:00
Rosen Penev
7937c1f7d7 usbutils: remove
This package is not needed in base. It will be imported in the packages
feed.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Acked-by: Paul Spooren <mail@aparcar.org>
2021-01-03 13:02:13 -10:00
Paul Spooren
6cda954319 usbreset: remove redundant package
The package `usbutils` already offers an USB reset function, this
package is therefore not really required standalone.

CC: Jo-Philipp Wich <jo@mein.io>

Signed-off-by: Paul Spooren <mail@aparcar.org>
2021-01-03 13:00:34 -10:00
Maxim Storchak
f17c300983 busybox: define BUSYBOX_SYM before the first use
Since PKG_FILE_MODES relies on BUSYBOX_SYM, it should be defined early enough

Signed-off-by: Maxim Storchak <m.storchak@gmail.com>
2020-12-29 12:19:39 -10:00
Rosen Penev
47f30a566e util-linux: update to 2.36.1
Removed upstream patch.

Refreshed other ones.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2020-12-16 22:11:19 +01:00
Hauke Mehrtens
c9c7cdbbb7 e2fsprogs: Add TARGET_LDFLAGS to e4crypt
The TARGET_LDFLAGS were dropped in the linking of e4crypt.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-12-16 22:11:19 +01:00
Rosen Penev
0afc629c83 mtd-utils: remove lzo build dependency
The build option `--withouth-lzo` is added in the Makefile which makes
the existence of lzo obsolete. To remove the lzo package from
openwrt.git entirely, remove the legacy dependency.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
[improved commit message]
Signed-off-by: Paul Spooren <mail@aparcar.org>
2020-12-06 11:21:37 -10:00
Daniel Golle
aa6fe00a48 busybox: add check for capabilities file
Similar to the previous commit adding a check to the init script of
umdns, do a similar change for sysntpd, just to be on the safe side.

Inspired-by: 520403cd49 ("umdns: add check for seccomp list")

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-11-30 10:39:01 +00:00
Lukas Tribus
1b493aabb9 busybox: enable find -mmin support by default
Enable busybox's find -mmin time support, which is extremely small,
however also very useful in scripts:

72d1a2357d

Comparing package sizes...
Change 	Local	Remote 	Package
+7	229009	229002	busybox

Signed-off-by: Lukas Tribus <lukas@ltri.eu>
[fix commit message long line and missing size change]
Signed-off-by: Paul Spooren <mail@aparcar.org>
2020-11-25 08:13:14 -10:00
Bruno Randolf
7185c5ec7d busybox: Let procd respawn cron
On some systems I see the issue that crond dies after a few days.
Simply letting procd respawn the process is a simple safety-net.

Signed-off-by: Bruno Randolf <br1@einfach.org>
2020-11-12 18:19:44 +01:00
Daniel Golle
2e746b4d29 busybox: make username consistent
ntpd in packages feed had already a user 'ntp' with UID 123 declared.
Rename the username of busybox-ntpd to be 'ntp' instead of 'ntpd' so
it doesn't clash.

Reported-by: Etienne Champetier <champetier.etienne@gmail.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-10-25 17:26:30 +00:00
Daniel Golle
2d34355e16 busybox: allow ntpd to run as non-root ntpd user
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-10-25 13:01:35 +00:00
Daniel Golle
1923669413 policycoreutils: 'restorecon' is a 'setfiles' applet
Instead of duplicating the '/sbin/setfiles' binary, have
'/sbin/restorecon' as yet another alias for
'/sbin/policycoreutils-setfiles'.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-10-16 00:38:06 +01:00
Daniel Golle
486faa0036 seclic: depends on libsepol
Add missing dependency for target build of seclic which requires
libsepol (just like the host build requires libsepol/host).

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-10-09 19:00:35 +01:00
Dominick Grift
9ee7c1ec60 secilc: adds new package
Signed-off-by: Dominick Grift <dominick.grift@defensec.nl>
2020-10-09 02:10:05 +01:00
Paul Spooren
624298dc27 policycoreutils: add missing gettext dependency
Add missing build dependency to both host and target build. The `msgfmt`
is required which is missing without gettext-full.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2020-10-01 04:14:50 +01:00
Paul Spooren
96d1dc5ebf policycoreutils: install to host/bin not hostpkg
By installing policycoreutils to host/bin it is also available within
the ImageBuilder and SDK, allowing to correctly label both filesystems
and packages.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2020-09-29 00:06:32 +01:00
Daniel Golle
e8b34880f9 policycoreutils: fix host utils rpath and bin directory
'setfiles' and others should be installed to $(STAGING_DIR_HOSTPKG)/bin
rather than $(...)/sbin which isn't in PATH.
Also using -Wl,-rpath to set library search location instead of setting
LD_LIBRARY_PATH when calling setfiles in image.mk.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-09-27 17:22:01 +01:00
Daniel Golle
236e79abb7 policycoreutils: fix ALTERNATIVES install location
Fixes: 7817c831ef ("policycoreutils: break into smaller packages")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-09-21 18:58:14 +01:00
Daniel Golle
7817c831ef policycoreutils: break into smaller packages
Instead of vaguely describing dependencies in the package description
actually split-up into individual packages, each with their
dependencies expressed accurately.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-09-21 18:40:38 +01:00
David Bauer
520074e57e usbutils: update USB IDs to the latest version
Update from 0.321 to 0.339

Signed-off-by: David Bauer <mail@david-bauer.net>
2020-09-17 18:10:41 +02:00
Rosen Penev
83e946d718 util-linux: Fix build when libmagic is present
When the libmagic from the file package in the packages feed was also
compiled and provided its libmagic.so file, util-linux tried to link
against it. Avoid this by explicitly disable libmagic support.

This fixes the following build error:
Package more is missing dependencies for the following libraries:
libmagic.so.1

Fixes: 36d9ed360a ("util-linux: update to 2.36")
Acked-by: Sebastian Kemper <sebastian_ml@gmx.net>
Signed-off-by: Rosen Penev <rosenp@gmail.com>
[Add commit description]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-09-06 23:19:12 +02:00
Rosen Penev
7a5e4f5f00 policycoreutils: add nls.mk
Fixes compilation under uClibc-ng.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2020-09-03 00:33:20 +01:00
Hauke Mehrtens
413fdc6676 ugps: update to the latest version
511a5b3 ugps: fix 64-bit time_t

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-09-01 13:04:44 +02:00
Paul Spooren
18b1cc2838 px5g-wolfssl: cleanup Makefile and SPDX license
Minor cosmetic cleanups of the Makefile and add a SPDX compatible
license headers.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2020-08-31 22:29:37 +01:00
Daniel Golle
efdf619f21 audit: build only libaudit
Turns out auditd depends on libev. Lets have that in packages.git.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-08-31 21:51:45 +01:00
Rosen Penev
36d9ed360a util-linux: update to 2.36
hwclock was fixed to work with musl.

Unfortunately, the fix breaks under musl 1.2.x. Backported patch to fix
that.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2020-08-31 22:11:23 +02:00
Daniel Golle
86307bc908 checkpolicy: build-depend on libselinux
Static libraries and headers of libselinux and libsepol are required
for checkpolicy to build.
Fixes error:
policy_parse.y:45:10: fatal error: sepol/policydb/expand.h: No such file or directory
 #include <sepol/policydb/expand.h>
          ^~~~~~~~~~~~~~~~~~~~~~~~~
compilation terminated.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-08-31 20:45:14 +01:00
Daniel Golle
c2996ee267 policycoreutils: fix i18n depends
Fixes build error:
load_policy.c:11:10: fatal error: libintl.h: No such file or directory
 #include <libintl.h>  /* for gettext() */
          ^~~~~~~~~~~
 compilation terminated.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-08-31 20:45:14 +01:00
Thomas Petazzoni
73912b850b audit: new package
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[fix build with GCC 10 and disable MIPS16 as build emits sync instruction]
Signed-off-by: W. Michael Petullo <mike@flyn.org>
2020-08-31 13:38:12 +01:00
Paul Spooren
7d26f294cd busybox: Use PKG_FILE_MODES for SUID
Instead of using INSTALL_SUID use the more flexible PKG_FILE_MODES
variable withn the Makefile to set the SUID bit.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2020-08-31 11:15:17 +01:00
Paul Spooren
976d3e2234 px5g: rename to px5g-mbedtls
Two versions of `px5g` exists without sharing code. For clarification
rename the previously existing MbedTLS based version to `px5g-mbedtls`
to exists next to `px5g-wolfssl`.

Rename code file of MbedTLS from `px5g.c` to `px5g-mbedtls.c`.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2020-08-31 10:19:31 +01:00
Paul Spooren
7078294b59 px5g-wolfssl: add package
This package creates certificates and private keys, just like `px5g`
does. Hower it uses WolfSSL rather than MbedTLS.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2020-08-31 10:19:31 +01:00
Thomas Petazzoni
21992303fa checkpolicy: new package
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[update to 3.1, make use of Python 3, and move to openwrt.git]
Signed-off-by: W. Michael Petullo <mike@flyn.org>
2020-08-31 01:15:41 +01:00
Thomas Petazzoni
d28adeb37d policycoreutils: new package
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[update to 3.1, make use of Python 3, use ALTERNATIVES, and move to openwrt.git]
Signed-off-by: W. Michael Petullo <mike@flyn.org>
2020-08-31 01:15:41 +01:00
Adrian Schmutzler
4e4ee46495 ar71xx: drop target
This target has been mostly replaced by ath79 and won't be included
in the upcoming release anymore. Finally put it to rest.

This also removes all references in packages, tools, etc. as well as
the uboot-ar71xx and vsc73x5-ucode packages.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-08-30 22:18:35 +02:00