Menu
▾
▴
astlinux-commits — Commits to the AstLinux SVN repository
You can subscribe to this list here.
| 2006 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
(6) |
Jul
(14) |
Aug
(156) |
Sep
(35) |
Oct
(48) |
Nov
(55) |
Dec
(16) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2007 |
Jan
(24) |
Feb
(154) |
Mar
(139) |
Apr
(175) |
May
(87) |
Jun
(34) |
Jul
(42) |
Aug
(68) |
Sep
(41) |
Oct
(76) |
Nov
(77) |
Dec
(50) |
| 2008 |
Jan
(98) |
Feb
(43) |
Mar
(102) |
Apr
(27) |
May
(55) |
Jun
(13) |
Jul
(58) |
Aug
(62) |
Sep
(61) |
Oct
(43) |
Nov
(87) |
Dec
(134) |
| 2009 |
Jan
(175) |
Feb
(106) |
Mar
(58) |
Apr
(41) |
May
(74) |
Jun
(123) |
Jul
(252) |
Aug
(192) |
Sep
(69) |
Oct
(38) |
Nov
(117) |
Dec
(95) |
| 2010 |
Jan
(146) |
Feb
(76) |
Mar
(90) |
Apr
(60) |
May
(23) |
Jun
(19) |
Jul
(208) |
Aug
(140) |
Sep
(103) |
Oct
(114) |
Nov
(50) |
Dec
(47) |
| 2011 |
Jan
(59) |
Feb
(47) |
Mar
(61) |
Apr
(58) |
May
(41) |
Jun
(11) |
Jul
(17) |
Aug
(49) |
Sep
(34) |
Oct
(166) |
Nov
(38) |
Dec
(70) |
| 2012 |
Jan
(87) |
Feb
(37) |
Mar
(28) |
Apr
(25) |
May
(29) |
Jun
(30) |
Jul
(43) |
Aug
(27) |
Sep
(46) |
Oct
(27) |
Nov
(51) |
Dec
(70) |
| 2013 |
Jan
(92) |
Feb
(34) |
Mar
(58) |
Apr
(37) |
May
(46) |
Jun
(9) |
Jul
(38) |
Aug
(22) |
Sep
(28) |
Oct
(42) |
Nov
(44) |
Dec
(34) |
| 2014 |
Jan
(63) |
Feb
(39) |
Mar
(48) |
Apr
(31) |
May
(21) |
Jun
(43) |
Jul
(36) |
Aug
(69) |
Sep
(53) |
Oct
(56) |
Nov
(46) |
Dec
(49) |
| 2015 |
Jan
(63) |
Feb
(35) |
Mar
(30) |
Apr
(38) |
May
(27) |
Jun
(42) |
Jul
(42) |
Aug
(63) |
Sep
(18) |
Oct
(45) |
Nov
(65) |
Dec
(71) |
| 2016 |
Jan
(54) |
Feb
(79) |
Mar
(59) |
Apr
(38) |
May
(32) |
Jun
(46) |
Jul
(42) |
Aug
(30) |
Sep
(58) |
Oct
(33) |
Nov
(98) |
Dec
(59) |
| 2017 |
Jan
(79) |
Feb
(12) |
Mar
(43) |
Apr
(32) |
May
(76) |
Jun
(59) |
Jul
(44) |
Aug
(14) |
Sep
|
Oct
|
Nov
|
Dec
|
|
From: <abe...@us...> - 2016-11-28 15:04:20
|
Revision: 7995
http://sourceforge.net/p/astlinux/code/7995
Author: abelbeck
Date: 2016-11-28 15:04:18 +0000 (Mon, 28 Nov 2016)
Log Message:
-----------
makedevs, revert cherry-picked upstream Buildroot fix, a part of r7935
Ref: https://git.buildroot.net/buildroot/commit/package?id=4c6d5e33ae1bdfc85c9734897c357a804bfd7435
Ref: http://lists.busybox.net/pipermail/buildroot/2016-November/177861.html
Revision Links:
--------------
http://sourceforge.net/p/astlinux/code/7935
Modified Paths:
--------------
branches/1.0/package/makedevs/makedevs.c
Modified: branches/1.0/package/makedevs/makedevs.c
===================================================================
--- branches/1.0/package/makedevs/makedevs.c 2016-11-28 14:09:47 UTC (rev 7994)
+++ branches/1.0/package/makedevs/makedevs.c 2016-11-28 15:04:18 UTC (rev 7995)
@@ -502,7 +502,6 @@
dev_t rdev;
unsigned i;
char *full_name_inc;
- struct stat st;
if (type == 'p') {
mode |= S_IFIFO;
@@ -524,24 +523,10 @@
for (i = start; i <= start + count; i++) {
sprintf(full_name_inc, count ? "%s%u" : "%s", full_name, i);
rdev = makedev(major, minor + (i - start) * increment);
- mknod(full_name_inc, mode, rdev); /* mknod required if using fakeroot */
- if (stat(full_name_inc, &st) == 0) {
- if ((mode & S_IFMT) != (st.st_mode & S_IFMT)) {
- bb_error_msg("line %d: node %s exists but is of wrong file type", linenum, full_name_inc);
- ret = EXIT_FAILURE;
- continue;
- }
- if (st.st_rdev != rdev) {
- bb_error_msg("line %d: node %s exists but is wrong device number", linenum, full_name_inc);
- ret = EXIT_FAILURE;
- continue;
- }
- } else if (mknod(full_name_inc, mode, rdev) < 0) {
+ if (mknod(full_name_inc, mode, rdev) < 0) {
bb_perror_msg("line %d: can't create node %s", linenum, full_name_inc);
ret = EXIT_FAILURE;
- continue;
- }
- if (chown(full_name_inc, uid, gid) < 0) {
+ } else if (chown(full_name_inc, uid, gid) < 0) {
bb_perror_msg("line %d: can't chown %s", linenum, full_name_inc);
ret = EXIT_FAILURE;
} else if (chmod(full_name_inc, mode) < 0) {
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-11-28 14:09:49
|
Revision: 7994
http://sourceforge.net/p/astlinux/code/7994
Author: abelbeck
Date: 2016-11-28 14:09:47 +0000 (Mon, 28 Nov 2016)
Log Message:
-----------
ntp, ntpd: move the PIDFILE out of the config file since we depend on it being /var/run/ntpd.pid
Modified Paths:
--------------
branches/1.0/package/ntp/ntpd.init
Modified: branches/1.0/package/ntp/ntpd.init
===================================================================
--- branches/1.0/package/ntp/ntpd.init 2016-11-27 00:58:52 UTC (rev 7993)
+++ branches/1.0/package/ntp/ntpd.init 2016-11-28 14:09:47 UTC (rev 7994)
@@ -2,6 +2,8 @@
. /etc/rc.conf
+PIDFILE="/var/run/ntpd.pid"
+
init () {
# So sntp doesn't complain
@@ -20,7 +22,6 @@
fi
echo "# Autogenerated. Do not edit.
-pidfile /var/run/ntpd.pid
driftfile /var/lib/ntp/ntpd.drift
restrict default noquery nopeer notrap nomodify
@@ -74,12 +75,12 @@
fi
sleep 1
# Maintain the clock (small changes)
- ntpd $NTPAF -u ntp:ntp -g -c /etc/ntpd.conf
+ ntpd $NTPAF -p $PIDFILE -u ntp:ntp -g -c /etc/ntpd.conf
elif ( set -o noclobber; echo "$$" > /var/lock/ntpd-delayed.lock ) 2>/dev/null; then
echo "ntpd: server unreachable, will automatically retry in 2 minutes"
(
sleep 120
- while [ ! -f /var/run/ntpd.pid ]; do
+ while [ ! -f $PIDFILE ]; do
service ntpd start
sleep 300
done
@@ -92,10 +93,10 @@
stop () {
- if [ -f /var/run/ntpd.pid ]; then
+ if [ -f $PIDFILE ]; then
echo "Stopping ntpd..."
- kill $(cat /var/run/ntpd.pid) >/dev/null 2>&1
- rm -f /var/run/ntpd.pid
+ kill $(cat $PIDFILE) >/dev/null 2>&1
+ rm -f $PIDFILE
fi
}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-11-27 00:58:54
|
Revision: 7993
http://sourceforge.net/p/astlinux/code/7993
Author: abelbeck
Date: 2016-11-27 00:58:52 +0000 (Sun, 27 Nov 2016)
Log Message:
-----------
update ChangeLog
Modified Paths:
--------------
branches/1.0/docs/ChangeLog.txt
Modified: branches/1.0/docs/ChangeLog.txt
===================================================================
--- branches/1.0/docs/ChangeLog.txt 2016-11-27 00:16:09 UTC (rev 7992)
+++ branches/1.0/docs/ChangeLog.txt 2016-11-27 00:58:52 UTC (rev 7993)
@@ -70,6 +70,15 @@
-- ntpd/sntp, version bump to 4.2.8p9, security fixes: 2 medium-, 2 medium-/low-, and 5 low-severity
+-- ntpd, now runs with 'ntp' user/group permissions using the new libcap support, for added security.
+ Note: If you use a custom /mnt/kd/ntpd.conf and a persistent driftfile, you must create a directory with ntp:ntp permissions.
+ The new default, non-persistent driftfile location is: /var/lib/ntp/ntpd.drift
+ Example: "driftfile /mnt/kd/ntp/ntpd.drift" is defined in /mnt/kd/ntpd.conf
+ # mkdir /mnt/kd/ntp
+ # chown ntp:ntp /mnt/kd/ntp
+
+-- avahi, now runs with 'avahi' user/group permissions using the new libcap support, for added security.
+
-- msmtp, version bump to 1.6.6
-- iproute2 (ip, tc, bridge, etc.) version bump to version 3.16.0, now including the 'bridge' utility.
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-11-27 00:16:11
|
Revision: 7992
http://sourceforge.net/p/astlinux/code/7992
Author: abelbeck
Date: 2016-11-27 00:16:09 +0000 (Sun, 27 Nov 2016)
Log Message:
-----------
avahi, use the new 'avahi' user/group, re-enable chroot since the 'rlimit-nproc' now is correct with a unique UID
Modified Paths:
--------------
branches/1.0/package/avahi/avahi.mk
Modified: branches/1.0/package/avahi/avahi.mk
===================================================================
--- branches/1.0/package/avahi/avahi.mk 2016-11-26 23:45:28 UTC (rev 7991)
+++ branches/1.0/package/avahi/avahi.mk 2016-11-27 00:16:09 UTC (rev 7992)
@@ -10,7 +10,6 @@
AVAHI_INSTALL_STAGING = YES
AVAHI_CONF_ENV = \
- ac_cv_func_chroot=no \
ac_cv_func_strtod=yes \
ac_fsusage_space=yes \
fu_cv_sys_stat_statfs2_bsize=yes \
@@ -76,10 +75,10 @@
--with-distro=none \
--disable-manpages \
$(if $(BR2_PACKAGE_AVAHI_AUTOIPD),--enable,--disable)-autoipd \
- --with-avahi-user=nobody \
- --with-avahi-group=nobody \
- --with-autoipd-user=nobody \
- --with-autoipd-group=nobody
+ --with-avahi-user=avahi \
+ --with-avahi-group=avahi \
+ --with-autoipd-user=avahi \
+ --with-autoipd-group=avahi
AVAHI_DEPENDENCIES = \
$(if $(BR2_NEEDS_GETTEXT_IF_LOCALE),gettext) host-pkg-config
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-11-26 23:45:31
|
Revision: 7991
http://sourceforge.net/p/astlinux/code/7991
Author: abelbeck
Date: 2016-11-26 23:45:28 +0000 (Sat, 26 Nov 2016)
Log Message:
-----------
ntp, now require libcap support so ntpd can be run as user 'ntp' as a security measure. The standard drift file is now /var/lib/ntp/ntpd.drift
Modified Paths:
--------------
branches/1.0/package/ntp/Config.in
branches/1.0/package/ntp/ntp.mk
branches/1.0/package/ntp/ntpd.init
Modified: branches/1.0/package/ntp/Config.in
===================================================================
--- branches/1.0/package/ntp/Config.in 2016-11-26 22:50:11 UTC (rev 7990)
+++ branches/1.0/package/ntp/Config.in 2016-11-26 23:45:28 UTC (rev 7991)
@@ -1,5 +1,6 @@
config BR2_PACKAGE_NTP
bool "ntp"
+ select BR2_PACKAGE_LIBCAP
help
Network Time Protocol suite/programs.
Provides things like ntpd, ntpdate, ntpq, etc...
Modified: branches/1.0/package/ntp/ntp.mk
===================================================================
--- branches/1.0/package/ntp/ntp.mk 2016-11-26 22:50:11 UTC (rev 7990)
+++ branches/1.0/package/ntp/ntp.mk 2016-11-26 23:45:28 UTC (rev 7991)
@@ -6,12 +6,13 @@
NTP_VERSION = 4.2.8p9
NTP_SOURCE = ntp-$(NTP_VERSION).tar.gz
NTP_SITE = https://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2
-NTP_DEPENDENCIES = host-bison host-flex host-pkg-config
+NTP_DEPENDENCIES = host-bison host-flex host-pkg-config libcap
NTP_CONF_OPT = \
--with-shared \
--program-transform-name=s,,, \
--with-yielding-select=yes \
+ --enable-linuxcaps \
--disable-debugging \
--disable-ipv6 \
--without-ntpsnmpd
@@ -29,11 +30,6 @@
NTP_CONF_OPT += --without-crypto
endif
-ifeq ($(BR2_PACKAGE_LIBCAP),y)
-NTP_CONF_OPT += --enable-linuxcaps
-NTP_DEPENDENCIES += libcap
-endif
-
NTP_INSTALL_FILES_$(BR2_PACKAGE_NTP_NTP_KEYGEN) += util/ntp-keygen
NTP_INSTALL_FILES_$(BR2_PACKAGE_NTP_NTP_WAIT) += scripts/ntp-wait/ntp-wait
NTP_INSTALL_FILES_$(BR2_PACKAGE_NTP_NTPDATE) += ntpdate/ntpdate
Modified: branches/1.0/package/ntp/ntpd.init
===================================================================
--- branches/1.0/package/ntp/ntpd.init 2016-11-26 22:50:11 UTC (rev 7990)
+++ branches/1.0/package/ntp/ntpd.init 2016-11-26 23:45:28 UTC (rev 7991)
@@ -7,6 +7,11 @@
# So sntp doesn't complain
touch /var/db/ntp-kod
+ if [ ! -d /var/lib/ntp ]; then
+ mkdir -m 0700 -p /var/lib/ntp
+ chown ntp:ntp /var/lib/ntp
+ fi
+
if [ -f /mnt/kd/ntpd.conf ]; then
ln -sf /mnt/kd/ntpd.conf /tmp/etc/ntpd.conf
else
@@ -16,7 +21,7 @@
echo "# Autogenerated. Do not edit.
pidfile /var/run/ntpd.pid
-driftfile /var/db/ntpd.drift
+driftfile /var/lib/ntp/ntpd.drift
restrict default noquery nopeer notrap nomodify
restrict 127.0.0.1" > /tmp/etc/ntpd.conf
@@ -69,7 +74,7 @@
fi
sleep 1
# Maintain the clock (small changes)
- ntpd $NTPAF -g -c /etc/ntpd.conf
+ ntpd $NTPAF -u ntp:ntp -g -c /etc/ntpd.conf
elif ( set -o noclobber; echo "$$" > /var/lock/ntpd-delayed.lock ) 2>/dev/null; then
echo "ntpd: server unreachable, will automatically retry in 2 minutes"
(
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-11-26 22:50:13
|
Revision: 7990
http://sourceforge.net/p/astlinux/code/7990
Author: abelbeck
Date: 2016-11-26 22:50:11 +0000 (Sat, 26 Nov 2016)
Log Message:
-----------
Add user/group for 'ntp' and 'avahi'
Modified Paths:
--------------
branches/1.0/project/astlinux/target_skeleton/etc/group
branches/1.0/project/astlinux/target_skeleton/etc/init.d/FIRSTRUN
branches/1.0/project/astlinux/target_skeleton/etc/passwd
branches/1.0/project/astlinux/target_skeleton/etc/shadow
branches/1.0/project/astlinux/target_skeleton/etc/shadow-
Modified: branches/1.0/project/astlinux/target_skeleton/etc/group
===================================================================
--- branches/1.0/project/astlinux/target_skeleton/etc/group 2016-11-26 22:16:48 UTC (rev 7989)
+++ branches/1.0/project/astlinux/target_skeleton/etc/group 2016-11-26 22:50:11 UTC (rev 7990)
@@ -10,7 +10,9 @@
floppy:x:25:
tape:x:26:
audio:x:29:
+ntp:x:38:
video:x:44:
+avahi:x:70:
users:x:100:
prosody:x:130:
ldap:x:439:
Modified: branches/1.0/project/astlinux/target_skeleton/etc/init.d/FIRSTRUN
===================================================================
--- branches/1.0/project/astlinux/target_skeleton/etc/init.d/FIRSTRUN 2016-11-26 22:16:48 UTC (rev 7989)
+++ branches/1.0/project/astlinux/target_skeleton/etc/init.d/FIRSTRUN 2016-11-26 22:50:11 UTC (rev 7990)
@@ -10,7 +10,7 @@
local base="$1" user file IFS
unset IFS
- for user in zabbix prosody ldap kamailio; do
+ for user in zabbix prosody ldap kamailio ntp avahi; do
for file in passwd shadow group; do
if ! grep -q "^${user}:" "/etc/${file}"; then
grep "^${user}:" "${base}/etc/${file}" >> "/etc/${file}"
Modified: branches/1.0/project/astlinux/target_skeleton/etc/passwd
===================================================================
--- branches/1.0/project/astlinux/target_skeleton/etc/passwd 2016-11-26 22:16:48 UTC (rev 7989)
+++ branches/1.0/project/astlinux/target_skeleton/etc/passwd 2016-11-26 22:50:11 UTC (rev 7990)
@@ -1,6 +1,8 @@
root:x:0:0:root:/root:/bin/bash
sshd:x:22:22:sshd:/dev/null:/bin/false
ftp:x:21:21:ftp user:/home/ftp:/bin/false
+ntp:x:38:38:NTP-server:/var/lib/ntp:/bin/false
+avahi:x:70:70:Avahi mDNS/DNS-SD Stack:/var/run/avahi-daemon:/bin/false
prosody:x:130:130:XMPP-server:/etc/prosody/data:/bin/false
ldap:x:439:439:LDAP-server:/var/lib/ldap:/bin/false
zabbix:x:906:906:Zabbix User:/dev/null:/bin/false
Modified: branches/1.0/project/astlinux/target_skeleton/etc/shadow
===================================================================
--- branches/1.0/project/astlinux/target_skeleton/etc/shadow 2016-11-26 22:16:48 UTC (rev 7989)
+++ branches/1.0/project/astlinux/target_skeleton/etc/shadow 2016-11-26 22:50:11 UTC (rev 7990)
@@ -1,6 +1,8 @@
root:$1$$axJeFIpwicqOTwFpuoUAs1:12215:0:99999:7:::
sshd:!:0:0:99999:7:::
ftp:!:0:0:99999:7:::
+ntp:!:0:0:99999:7:::
+avahi:!:0:0:99999:7:::
prosody:!:0:0:99999:7:::
ldap:!:0:0:99999:7:::
zabbix:!:0:0:99999:7:::
Modified: branches/1.0/project/astlinux/target_skeleton/etc/shadow-
===================================================================
--- branches/1.0/project/astlinux/target_skeleton/etc/shadow- 2016-11-26 22:16:48 UTC (rev 7989)
+++ branches/1.0/project/astlinux/target_skeleton/etc/shadow- 2016-11-26 22:50:11 UTC (rev 7990)
@@ -1,6 +1,8 @@
root:$1$$axJeFIpwicqOTwFpuoUAs1:12215:0:99999:7:::
sshd:!:0:0:99999:7:::
ftp:!:0:0:99999:7:::
+ntp:!:0:0:99999:7:::
+avahi:!:0:0:99999:7:::
prosody:!:0:0:99999:7:::
ldap:!:0:0:99999:7:::
zabbix:!:0:0:99999:7:::
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-11-26 22:16:51
|
Revision: 7989
http://sourceforge.net/p/astlinux/code/7989
Author: abelbeck
Date: 2016-11-26 22:16:48 +0000 (Sat, 26 Nov 2016)
Log Message:
-----------
/etc/rc, remove stale code from old NFS support, related to r5771
Revision Links:
--------------
http://sourceforge.net/p/astlinux/code/5771
Modified Paths:
--------------
branches/1.0/project/astlinux/target_skeleton/etc/rc
Modified: branches/1.0/project/astlinux/target_skeleton/etc/rc
===================================================================
--- branches/1.0/project/astlinux/target_skeleton/etc/rc 2016-11-26 01:04:50 UTC (rev 7988)
+++ branches/1.0/project/astlinux/target_skeleton/etc/rc 2016-11-26 22:16:48 UTC (rev 7989)
@@ -167,8 +167,7 @@
$fstab_var
" > /tmp/etc/fstab
- mkdir /var/spool /var/lib /var/lib/nfs
- touch /var/lib/nfs/etab /var/lib/nfs/xtab /var/lib/nfs/rmtab
+ mkdir /var/spool /var/lib
mkdir /var/empty /var/lock /var/db /var/run /var/racoon
touch /var/run/utmp
mkdir /var/run/screen /var/state /var/tmp /tmp/bin
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-11-26 01:04:53
|
Revision: 7988
http://sourceforge.net/p/astlinux/code/7988
Author: abelbeck
Date: 2016-11-26 01:04:50 +0000 (Sat, 26 Nov 2016)
Log Message:
-----------
asterisk, don't build with libcap support since we run as root, if we were to change to running asterisk as say user/group 'asterisk' then revert this change so asterisk can set the network packet TOS bits and such
Modified Paths:
--------------
branches/1.0/package/asterisk/asterisk.mk
Modified: branches/1.0/package/asterisk/asterisk.mk
===================================================================
--- branches/1.0/package/asterisk/asterisk.mk 2016-11-25 22:14:13 UTC (rev 7987)
+++ branches/1.0/package/asterisk/asterisk.mk 2016-11-26 01:04:50 UTC (rev 7988)
@@ -49,11 +49,8 @@
ASTERISK_CONFIGURE_ARGS+= \
--without-sdl
-ifeq ($(strip $(BR2_PACKAGE_LIBCAP)),y)
-ASTERISK_EXTRAS+=libcap
ASTERISK_CONFIGURE_ARGS+= \
- --with-cap="$(STAGING_DIR)/usr"
-endif
+ --without-cap
ifeq ($(strip $(BR2_PACKAGE_LIBXML2)),y)
ASTERISK_EXTRAS+=libxml2
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-11-25 22:14:16
|
Revision: 7987
http://sourceforge.net/p/astlinux/code/7987
Author: abelbeck
Date: 2016-11-25 22:14:13 +0000 (Fri, 25 Nov 2016)
Log Message:
-----------
libcap, add patch to build with < 3.0 kernels, since host-libcap is needed for libcap, this is required to support < 3.0 kernel build systems
Added Paths:
-----------
branches/1.0/package/libcap/libcap-0003-libcap-cap_file.c-fix-build-with-old-kernel-headers.patch
Added: branches/1.0/package/libcap/libcap-0003-libcap-cap_file.c-fix-build-with-old-kernel-headers.patch
===================================================================
--- branches/1.0/package/libcap/libcap-0003-libcap-cap_file.c-fix-build-with-old-kernel-headers.patch (rev 0)
+++ branches/1.0/package/libcap/libcap-0003-libcap-cap_file.c-fix-build-with-old-kernel-headers.patch 2016-11-25 22:14:13 UTC (rev 7987)
@@ -0,0 +1,51 @@
+From ace694e9574eb38e07cfe0db235434eb40003f47 Mon Sep 17 00:00:00 2001
+From: Thomas Petazzoni <tho...@fr...>
+Date: Mon, 14 Mar 2016 22:39:15 +0100
+Subject: [PATCH] libcap/cap_file.c: fix build with old kernel headers
+
+Signed-off-by: Thomas Petazzoni <tho...@fr...>
+---
+ libcap/cap_file.c | 27 +++++++++++++++++++++++++++
+ 1 file changed, 27 insertions(+)
+
+diff --git a/libcap/cap_file.c b/libcap/cap_file.c
+index 40756ea..e3d54dd 100644
+--- a/libcap/cap_file.c
++++ b/libcap/cap_file.c
+@@ -23,6 +23,33 @@ extern int fsetxattr(int, const char *, const void *, size_t, int);
+ extern int removexattr(const char *, const char *);
+ extern int fremovexattr(int, const char *);
+
++
++/*
++ * Old kernels (before 2.6.36) were defining XATTR_NAME_CAPS in
++ * <linux/capability.h>, but using XATTR_SECURITY_PREFIX and
++ * XATTR_CAPS_SUFFIX which were defined in the kernel-only part of
++ * <linux/xattr.h>.
++ *
++ * In kernel 2.6.36 (commit af4f136056c984b0aa67feed7d3170b958370b2f),
++ * the XATTR_NAME_CAPS definition was moved to the kernel-only part of
++ * <linux/xattr.h>. It's only in kernel 3.0 (commit
++ * 1dbe39424a43e56a6c9aed12661192af51dcdb9f) that <linux/xattr.h> was
++ * fixed to expose XATTR_NAME_CAPS and the related definitions to
++ * userspace.
++ *
++ * In order to cope with kernels < 3.0, we define here the appropriate
++ * values, which we assume haven't changed over history.
++ */
++#ifndef XATTR_CAPS_SUFFIX
++#define XATTR_CAPS_SUFFIX "capability"
++#endif
++#ifndef XATTR_SECURITY_PREFIX
++#define XATTR_SECURITY_PREFIX "security."
++#endif
++#ifndef XATTR_NAME_CAPS
++#define XATTR_NAME_CAPS XATTR_SECURITY_PREFIX XATTR_CAPS_SUFFIX
++#endif
++
+ #include "libcap.h"
+
+ #ifdef VFS_CAP_U32
+--
+2.6.4
+
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-11-25 21:56:30
|
Revision: 7986
http://sourceforge.net/p/astlinux/code/7986
Author: abelbeck
Date: 2016-11-25 21:56:28 +0000 (Fri, 25 Nov 2016)
Log Message:
-----------
update ChangeLog
Modified Paths:
--------------
branches/1.0/docs/ChangeLog.txt
Modified: branches/1.0/docs/ChangeLog.txt
===================================================================
--- branches/1.0/docs/ChangeLog.txt 2016-11-25 21:37:20 UTC (rev 7985)
+++ branches/1.0/docs/ChangeLog.txt 2016-11-25 21:56:28 UTC (rev 7986)
@@ -31,6 +31,8 @@
-- libusb, version bump to 1.0.21
+-- libcap, version 2.25, new package, user-space library for POSIX 1003.1e capabilities available in Linux kernels.
+
-- tiff, version bump to 4.0.7, security fixes: 11 CVE's
-- nano, version bump to 2.7.1
@@ -39,7 +41,7 @@
-- ca-certificates, update trusted root certificates 2016-11-02
--- Time Zone Database update, tzdata2016i and php-timezonedb-2016.9
+-- Time Zone Database update, tzdata2016j and php-timezonedb-2016.10
** Networking
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-11-25 21:37:22
|
Revision: 7985
http://sourceforge.net/p/astlinux/code/7985
Author: abelbeck
Date: 2016-11-25 21:37:20 +0000 (Fri, 25 Nov 2016)
Log Message:
-----------
zoneinfo, version bump to 2016j and PHP_TIMEZONEDB 2016.10
Modified Paths:
--------------
branches/1.0/package/php/php.mk
branches/1.0/package/zoneinfo/zoneinfo.mk
Modified: branches/1.0/package/php/php.mk
===================================================================
--- branches/1.0/package/php/php.mk 2016-11-25 21:18:59 UTC (rev 7984)
+++ branches/1.0/package/php/php.mk 2016-11-25 21:37:20 UTC (rev 7985)
@@ -13,7 +13,7 @@
PHP_DEPENDENCIES = host-pkg-config
ifeq ($(BR2_PACKAGE_PHP_EXT_TIMEZONEDB),y)
-PHP_TIMEZONEDB_VERSION = 2016.9
+PHP_TIMEZONEDB_VERSION = 2016.10
PHP_TIMEZONEDB_SITE = http://files.astlinux-project.org
PHP_TIMEZONEDB_SOURCE = timezonedb-$(PHP_TIMEZONEDB_VERSION).tar.gz
Modified: branches/1.0/package/zoneinfo/zoneinfo.mk
===================================================================
--- branches/1.0/package/zoneinfo/zoneinfo.mk 2016-11-25 21:18:59 UTC (rev 7984)
+++ branches/1.0/package/zoneinfo/zoneinfo.mk 2016-11-25 21:37:20 UTC (rev 7985)
@@ -3,7 +3,7 @@
# zoneinfo
#
##############################################################
-ZONEINFO_VERSION := 2016i
+ZONEINFO_VERSION := 2016j
ZONEINFO_DATA := tzdata$(ZONEINFO_VERSION).tar.gz
ZONEINFO_SOURCE := tzcode$(ZONEINFO_VERSION).tar.gz
ZONEINFO_SITE := http://www.iana.org/time-zones/repository/releases
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-11-25 21:19:01
|
Revision: 7984
http://sourceforge.net/p/astlinux/code/7984
Author: abelbeck
Date: 2016-11-25 21:18:59 +0000 (Fri, 25 Nov 2016)
Log Message:
-----------
Enable libcap for standard builds
Modified Paths:
--------------
branches/1.0/astlinux-ast11.config
branches/1.0/astlinux-ast13.config
branches/1.0/x86_64-configs/astlinux-ast11.config
branches/1.0/x86_64-configs/astlinux-ast13.config
Modified: branches/1.0/astlinux-ast11.config
===================================================================
--- branches/1.0/astlinux-ast11.config 2016-11-25 19:01:06 UTC (rev 7983)
+++ branches/1.0/astlinux-ast11.config 2016-11-25 21:18:59 UTC (rev 7984)
@@ -622,7 +622,7 @@
# BR2_PACKAGE_LIBARGTABLE2 is not set
# BR2_PACKAGE_ARGP_STANDALONE is not set
# BR2_PACKAGE_LIBATOMIC_OPS is not set
-# BR2_PACKAGE_LIBCAP is not set
+BR2_PACKAGE_LIBCAP=y
BR2_PACKAGE_LIBDAEMON=y
BR2_PACKAGE_LIBELF=y
# BR2_PACKAGE_LIBEVENT is not set
Modified: branches/1.0/astlinux-ast13.config
===================================================================
--- branches/1.0/astlinux-ast13.config 2016-11-25 19:01:06 UTC (rev 7983)
+++ branches/1.0/astlinux-ast13.config 2016-11-25 21:18:59 UTC (rev 7984)
@@ -622,7 +622,7 @@
# BR2_PACKAGE_LIBARGTABLE2 is not set
# BR2_PACKAGE_ARGP_STANDALONE is not set
# BR2_PACKAGE_LIBATOMIC_OPS is not set
-# BR2_PACKAGE_LIBCAP is not set
+BR2_PACKAGE_LIBCAP=y
BR2_PACKAGE_LIBDAEMON=y
BR2_PACKAGE_LIBELF=y
# BR2_PACKAGE_LIBEVENT is not set
Modified: branches/1.0/x86_64-configs/astlinux-ast11.config
===================================================================
--- branches/1.0/x86_64-configs/astlinux-ast11.config 2016-11-25 19:01:06 UTC (rev 7983)
+++ branches/1.0/x86_64-configs/astlinux-ast11.config 2016-11-25 21:18:59 UTC (rev 7984)
@@ -603,7 +603,7 @@
# BR2_PACKAGE_LIBARGTABLE2 is not set
# BR2_PACKAGE_ARGP_STANDALONE is not set
# BR2_PACKAGE_LIBATOMIC_OPS is not set
-# BR2_PACKAGE_LIBCAP is not set
+BR2_PACKAGE_LIBCAP=y
BR2_PACKAGE_LIBDAEMON=y
BR2_PACKAGE_LIBELF=y
# BR2_PACKAGE_LIBEVENT is not set
Modified: branches/1.0/x86_64-configs/astlinux-ast13.config
===================================================================
--- branches/1.0/x86_64-configs/astlinux-ast13.config 2016-11-25 19:01:06 UTC (rev 7983)
+++ branches/1.0/x86_64-configs/astlinux-ast13.config 2016-11-25 21:18:59 UTC (rev 7984)
@@ -603,7 +603,7 @@
# BR2_PACKAGE_LIBARGTABLE2 is not set
# BR2_PACKAGE_ARGP_STANDALONE is not set
# BR2_PACKAGE_LIBATOMIC_OPS is not set
-# BR2_PACKAGE_LIBCAP is not set
+BR2_PACKAGE_LIBCAP=y
BR2_PACKAGE_LIBDAEMON=y
BR2_PACKAGE_LIBELF=y
# BR2_PACKAGE_LIBEVENT is not set
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-11-25 19:01:08
|
Revision: 7983
http://sourceforge.net/p/astlinux/code/7983
Author: abelbeck
Date: 2016-11-25 19:01:06 +0000 (Fri, 25 Nov 2016)
Log Message:
-----------
Build system tweaks for BR2_PACKAGE_LIBCAP enabled, avahi needs 'ac_cv_func_chroot=no' else with libcap enabled it starts a chroot helper, which works but the default 'rlimit-nproc=3' is exceeded since we share the 'nobody' user with other processes, resulting in 'avahi-daemon' not starting without a --no-rlimits option or commented out 'rlimit-nproc=3'
Modified Paths:
--------------
branches/1.0/package/asterisk/asterisk.mk
branches/1.0/package/avahi/avahi.mk
branches/1.0/package/ntp/ntp.mk
Modified: branches/1.0/package/asterisk/asterisk.mk
===================================================================
--- branches/1.0/package/asterisk/asterisk.mk 2016-11-25 15:03:04 UTC (rev 7982)
+++ branches/1.0/package/asterisk/asterisk.mk 2016-11-25 19:01:06 UTC (rev 7983)
@@ -49,6 +49,12 @@
ASTERISK_CONFIGURE_ARGS+= \
--without-sdl
+ifeq ($(strip $(BR2_PACKAGE_LIBCAP)),y)
+ASTERISK_EXTRAS+=libcap
+ASTERISK_CONFIGURE_ARGS+= \
+ --with-cap="$(STAGING_DIR)/usr"
+endif
+
ifeq ($(strip $(BR2_PACKAGE_LIBXML2)),y)
ASTERISK_EXTRAS+=libxml2
ASTERISK_CONFIGURE_ARGS+= \
Modified: branches/1.0/package/avahi/avahi.mk
===================================================================
--- branches/1.0/package/avahi/avahi.mk 2016-11-25 15:03:04 UTC (rev 7982)
+++ branches/1.0/package/avahi/avahi.mk 2016-11-25 19:01:06 UTC (rev 7983)
@@ -10,6 +10,7 @@
AVAHI_INSTALL_STAGING = YES
AVAHI_CONF_ENV = \
+ ac_cv_func_chroot=no \
ac_cv_func_strtod=yes \
ac_fsusage_space=yes \
fu_cv_sys_stat_statfs2_bsize=yes \
Modified: branches/1.0/package/ntp/ntp.mk
===================================================================
--- branches/1.0/package/ntp/ntp.mk 2016-11-25 15:03:04 UTC (rev 7982)
+++ branches/1.0/package/ntp/ntp.mk 2016-11-25 19:01:06 UTC (rev 7983)
@@ -29,6 +29,11 @@
NTP_CONF_OPT += --without-crypto
endif
+ifeq ($(BR2_PACKAGE_LIBCAP),y)
+NTP_CONF_OPT += --enable-linuxcaps
+NTP_DEPENDENCIES += libcap
+endif
+
NTP_INSTALL_FILES_$(BR2_PACKAGE_NTP_NTP_KEYGEN) += util/ntp-keygen
NTP_INSTALL_FILES_$(BR2_PACKAGE_NTP_NTP_WAIT) += scripts/ntp-wait/ntp-wait
NTP_INSTALL_FILES_$(BR2_PACKAGE_NTP_NTPDATE) += ntpdate/ntpdate
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-11-25 15:03:07
|
Revision: 7982
http://sourceforge.net/p/astlinux/code/7982
Author: abelbeck
Date: 2016-11-25 15:03:04 +0000 (Fri, 25 Nov 2016)
Log Message:
-----------
libcap, version bump to 2.25
Modified Paths:
--------------
branches/1.0/package/libcap/libcap.mk
Added Paths:
-----------
branches/1.0/package/libcap/libcap-0001-build-system-fixes-for-cross-compilation.patch
Removed Paths:
-------------
branches/1.0/package/libcap/libcap-2.20-build-system.patch
Added: branches/1.0/package/libcap/libcap-0001-build-system-fixes-for-cross-compilation.patch
===================================================================
--- branches/1.0/package/libcap/libcap-0001-build-system-fixes-for-cross-compilation.patch (rev 0)
+++ branches/1.0/package/libcap/libcap-0001-build-system-fixes-for-cross-compilation.patch 2016-11-25 15:03:04 UTC (rev 7982)
@@ -0,0 +1,53 @@
+From d8d70559a279706c206761dfaf665d2197934123 Mon Sep 17 00:00:00 2001
+From: Gustavo Zacarias <gu...@za...>
+Date: Sun, 6 Mar 2016 22:52:02 +0100
+Subject: [PATCH] build-system: fixes for cross-compilation
+
+Avoid the libcap buildsys forcing CC/CFLAGS/LDFLAGS/AR/RANLIB
+
+Signed-off-by: Gustavo Zacarias <gu...@za...>
+[yan...@fr...: dont chmod +x the shared lib]
+Signed-off-by: "Yann E. MORIN" <yan...@fr...>
+
+diff --git a/Make.Rules b/Make.Rules
+index 8347b26..8a07a3f 100644
+--- a/Make.Rules
++++ b/Make.Rules
+@@ -48,26 +48,26 @@ MINOR=25
+ KERNEL_HEADERS := $(topdir)/libcap/include/uapi
+ IPATH += -fPIC -I$(KERNEL_HEADERS) -I$(topdir)/libcap/include
+
+-CC := gcc
+-CFLAGS := -O2 -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64
+-BUILD_CC := $(CC)
+-BUILD_CFLAGS := $(CFLAGS) $(IPATH)
+-AR := ar
+-RANLIB := ranlib
++CC ?= gcc
++CFLAGS ?= -O2 -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64
++BUILD_CC ?= $(CC)
++BUILD_CFLAGS ?= $(CFLAGS) $(IPATH)
++AR ?= ar
++RANLIB ?= ranlib
+ DEBUG = -g #-DDEBUG
+ WARNINGS=-Wall -Wwrite-strings \
+ -Wpointer-arith -Wcast-qual -Wcast-align \
+ -Wstrict-prototypes -Wmissing-prototypes \
+ -Wnested-externs -Winline -Wshadow
+ LD=$(CC) -Wl,-x -shared
+-LDFLAGS := #-g
++LDFLAGS ?= #-g
+ BUILD_GPERF := $(shell which gperf >/dev/null 2>/dev/null && echo yes)
+
+ SYSTEM_HEADERS = /usr/include
+ INCS=$(topdir)/libcap/include/sys/capability.h
+ LDFLAGS += -L$(topdir)/libcap
+ CFLAGS += -Dlinux $(WARNINGS) $(DEBUG)
+-PAM_CAP := $(shell if [ -f /usr/include/security/pam_modules.h ]; then echo yes ; else echo no ; fi)
++PAM_CAP = no
+ INDENT := $(shell if [ -n "$$(which indent 2>/dev/null)" ]; then echo "| indent -kr" ; fi)
+ DYNAMIC := $(shell if [ ! -d "$(topdir)/.git" ]; then echo yes; fi)
+
+--
+1.9.1
+
Deleted: branches/1.0/package/libcap/libcap-2.20-build-system.patch
===================================================================
--- branches/1.0/package/libcap/libcap-2.20-build-system.patch 2016-11-24 17:17:04 UTC (rev 7981)
+++ branches/1.0/package/libcap/libcap-2.20-build-system.patch 2016-11-25 15:03:04 UTC (rev 7982)
@@ -1,54 +0,0 @@
-Avoid the libcap buildsys forcing CC/CFLAGS/LDFLAGS/AR/RANLIB
-Also install the shared lib +x
-
-Signed-off-by: Gustavo Zacarias <gu...@za...>
-
-diff -Nura libcap-2.20/Make.Rules libcap-2.20-build/Make.Rules
---- libcap-2.20/Make.Rules 2011-01-19 02:06:44.000000000 -0300
-+++ libcap-2.20-build/Make.Rules 2011-04-19 14:07:53.544903094 -0300
-@@ -47,25 +47,25 @@
- KERNEL_HEADERS := $(topdir)/libcap/include
- IPATH += -fPIC -I$(topdir)/libcap/include -I$(KERNEL_HEADERS)
-
--CC := gcc
--CFLAGS := -O2
--BUILD_CC := $(CC)
--BUILD_CFLAGS := $(CFLAGS) $(IPATH)
--AR := ar
--RANLIB := ranlib
-+CC ?= gcc
-+CFLAGS ?= -O2
-+BUILD_CC ?= $(CC)
-+BUILD_CFLAGS ?= $(CFLAGS) $(IPATH)
-+AR ?= ar
-+RANLIB ?= ranlib
- DEBUG = -g #-DDEBUG
- WARNINGS=-Wall -Wwrite-strings \
- -Wpointer-arith -Wcast-qual -Wcast-align \
- -Wstrict-prototypes -Wmissing-prototypes \
- -Wnested-externs -Winline -Wshadow
- LD=$(CC) -Wl,-x -shared
--LDFLAGS := #-g
-+LDFLAGS ?= #-g
-
- SYSTEM_HEADERS = /usr/include
- INCS=$(topdir)/libcap/include/sys/capability.h
- LDFLAGS += -L$(topdir)/libcap
- CFLAGS += -Dlinux $(WARNINGS) $(DEBUG)
--PAM_CAP := $(shell if [ -f /usr/include/security/pam_modules.h ]; then echo yes ; else echo no ; fi)
-+PAM_CAP = no
- INDENT := $(shell if [ -n "$(which indent 2>/dev/null)" ]; then echo "| indent -kr" ; fi)
- DYNAMIC := $(shell if [ ! -d "$(topdir)/.git" ]; then echo yes; fi)
- LIBATTR := yes
-diff -Nura libcap-2.20/libcap/Makefile libcap-2.20-build/libcap/Makefile
---- libcap-2.20/libcap/Makefile 2010-08-08 19:26:04.000000000 -0300
-+++ libcap-2.20-build/libcap/Makefile 2011-04-19 14:08:29.377146094 -0300
-@@ -65,7 +65,7 @@
- install -m 0644 include/sys/capability.h $(INCDIR)/sys
- mkdir -p -m 0755 $(LIBDIR)
- install -m 0644 $(STALIBNAME) $(LIBDIR)/$(STALIBNAME)
-- install -m 0644 $(MINLIBNAME) $(LIBDIR)/$(MINLIBNAME)
-+ install -m 0755 $(MINLIBNAME) $(LIBDIR)/$(MINLIBNAME)
- ln -sf $(MINLIBNAME) $(LIBDIR)/$(MAJLIBNAME)
- ln -sf $(MAJLIBNAME) $(LIBDIR)/$(LIBNAME)
- ifeq ($(FAKEROOT),)
Modified: branches/1.0/package/libcap/libcap.mk
===================================================================
--- branches/1.0/package/libcap/libcap.mk 2016-11-24 17:17:04 UTC (rev 7981)
+++ branches/1.0/package/libcap/libcap.mk 2016-11-25 15:03:04 UTC (rev 7982)
@@ -4,34 +4,47 @@
#
#############################################################
-LIBCAP_VERSION = 2.20
-LIBCAP_SITE = $(BR2_KERNEL_MIRROR)/linux/libs/security/linux-privs/libcap2
+LIBCAP_VERSION = 2.25
+LIBCAP_SITE = https://www.kernel.org/pub/linux/libs/security/linux-privs/libcap2
+LIBCAP_SOURCE = libcap-$(LIBCAP_VERSION).tar.xz
LIBCAP_DEPENDENCIES = host-libcap
+
+LIBCAP_DEPENDENCIES = host-libcap host-gperf
LIBCAP_INSTALL_STAGING = YES
+HOST_LIBCAP_DEPENDENCIES = host-gperf
+
+LIBCAP_MAKE_TARGET = all
+LIBCAP_MAKE_INSTALL_TARGET = install
+
+LIBCAP_MAKE_FLAGS = \
+ BUILD_CC="$(HOSTCC)" \
+ BUILD_CFLAGS="$(HOST_CFLAGS)"
+
+
define LIBCAP_BUILD_CMDS
- $(TARGET_MAKE_ENV) $(TARGET_CONFIGURE_OPTS) $(MAKE) -C $(@D) \
- LIBATTR=no BUILD_CC="$(HOSTCC)" BUILD_CFLAGS="$(HOST_CFLAGS)"
+ $(TARGET_MAKE_ENV) $(TARGET_CONFIGURE_OPTS) $(MAKE) -C $(@D)/libcap \
+ $(LIBCAP_MAKE_FLAGS) $(LIBCAP_MAKE_TARGET)
endef
define LIBCAP_INSTALL_STAGING_CMDS
- $(TARGET_MAKE_ENV) $(MAKE) -C $(@D) LIBATTR=no DESTDIR=$(STAGING_DIR) \
- prefix=/usr lib=lib install
+ $(TARGET_MAKE_ENV) $(MAKE) -C $(@D)/libcap $(LIBCAP_MAKE_FLAGS) \
+ DESTDIR=$(STAGING_DIR) prefix=/usr lib=lib $(LIBCAP_MAKE_INSTALL_TARGET)
endef
define LIBCAP_INSTALL_TARGET_CMDS
- $(TARGET_MAKE_ENV) $(MAKE) -C $(@D) LIBATTR=no DESTDIR=$(TARGET_DIR) \
- prefix=/usr lib=lib install
- rm -f $(addprefix $(TARGET_DIR)/usr/sbin/,capsh getpcaps)
+ $(TARGET_MAKE_ENV) $(MAKE) -C $(@D)/libcap $(LIBCAP_MAKE_FLAGS) \
+ DESTDIR=$(TARGET_DIR) prefix=/usr lib=lib $(LIBCAP_MAKE_INSTALL_TARGET)
endef
define HOST_LIBCAP_BUILD_CMDS
- $(HOST_MAKE_ENV) $(HOST_CONFIGURE_OPTS) $(MAKE) -C $(@D) LIBATTR=no
+ $(HOST_MAKE_ENV) $(HOST_CONFIGURE_OPTS) $(MAKE) -C $(@D)\
+ RAISE_SETFCAP=no
endef
define HOST_LIBCAP_INSTALL_CMDS
- $(HOST_MAKE_ENV) $(MAKE) -C $(@D) LIBATTR=no DESTDIR=$(HOST_DIR) \
- prefix=/usr lib=lib install
+ $(HOST_MAKE_ENV) $(MAKE) -C $(@D) DESTDIR=$(HOST_DIR) \
+ RAISE_SETFCAP=no prefix=/usr lib=lib install
endef
$(eval $(call GENTARGETS,package,libcap))
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-11-24 17:17:07
|
Revision: 7981
http://sourceforge.net/p/astlinux/code/7981
Author: abelbeck
Date: 2016-11-24 17:17:04 +0000 (Thu, 24 Nov 2016)
Log Message:
-----------
update ChangeLog
Modified Paths:
--------------
branches/1.0/docs/ChangeLog.txt
Modified: branches/1.0/docs/ChangeLog.txt
===================================================================
--- branches/1.0/docs/ChangeLog.txt 2016-11-24 17:15:05 UTC (rev 7980)
+++ branches/1.0/docs/ChangeLog.txt 2016-11-24 17:17:04 UTC (rev 7981)
@@ -80,7 +80,7 @@
** Asterisk
--- Asterisk 11.24.1 (version bump) and 13.12.2 (version bump)
+-- Asterisk 11.25.0 (version bump) and 13.13.0 (version bump)
-- DAHDI, dahdi-linux 2.8.0.1 (no change) and dahdi-tools 2.8.0 (no change)
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-11-24 17:15:07
|
Revision: 7980
http://sourceforge.net/p/astlinux/code/7980
Author: abelbeck
Date: 2016-11-24 17:15:05 +0000 (Thu, 24 Nov 2016)
Log Message:
-----------
asterisk, version bump to 11.25.0 and 13.13.0
Modified Paths:
--------------
branches/1.0/package/asterisk/asterisk-13-configure-menuselect-cross-fix.patch
branches/1.0/package/asterisk/asterisk.mk
branches/1.0/package/pjsip/asterisk-config_site.h
Modified: branches/1.0/package/asterisk/asterisk-13-configure-menuselect-cross-fix.patch
===================================================================
--- branches/1.0/package/asterisk/asterisk-13-configure-menuselect-cross-fix.patch 2016-11-23 21:53:22 UTC (rev 7979)
+++ branches/1.0/package/asterisk/asterisk-13-configure-menuselect-cross-fix.patch 2016-11-24 17:15:05 UTC (rev 7980)
@@ -1,6 +1,6 @@
--- asterisk-13/configure.ac.orig 2014-01-24 16:52:23.000000000 -0600
+++ asterisk-13/configure.ac 2014-01-24 16:55:14.000000000 -0600
-@@ -2652,11 +2652,13 @@
+@@ -2662,11 +2662,13 @@
AC_OUTPUT
${ac_cv_path_EGREP} 'CURSES|GTK2|OSARCH|NEWT' makeopts > makeopts.acbak2
Modified: branches/1.0/package/asterisk/asterisk.mk
===================================================================
--- branches/1.0/package/asterisk/asterisk.mk 2016-11-23 21:53:22 UTC (rev 7979)
+++ branches/1.0/package/asterisk/asterisk.mk 2016-11-24 17:15:05 UTC (rev 7980)
@@ -4,10 +4,10 @@
#
##############################################################
ifeq ($(BR2_PACKAGE_ASTERISK_v11),y)
-ASTERISK_VERSION := 11.24.1
+ASTERISK_VERSION := 11.25.0
else
ifeq ($(BR2_PACKAGE_ASTERISK_v13),y)
-ASTERISK_VERSION := 13.12.2
+ASTERISK_VERSION := 13.13.0
else
ASTERISK_VERSION := 15.0.0
endif
Modified: branches/1.0/package/pjsip/asterisk-config_site.h
===================================================================
--- branches/1.0/package/pjsip/asterisk-config_site.h 2016-11-23 21:53:22 UTC (rev 7979)
+++ branches/1.0/package/pjsip/asterisk-config_site.h 2016-11-24 17:15:05 UTC (rev 7980)
@@ -48,7 +48,7 @@
/* Defaults too low for WebRTC */
#define PJ_ICE_MAX_CAND 32
-#define PJ_ICE_MAX_CHECKS (PJ_ICE_MAX_CAND * 2)
+#define PJ_ICE_MAX_CHECKS (PJ_ICE_MAX_CAND * PJ_ICE_MAX_CAND)
/* Increase limits to allow more formats */
#define PJMEDIA_MAX_SDP_FMT 64
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-11-23 21:53:24
|
Revision: 7979
http://sourceforge.net/p/astlinux/code/7979
Author: abelbeck
Date: 2016-11-23 21:53:22 +0000 (Wed, 23 Nov 2016)
Log Message:
-----------
update ChangeLog
Modified Paths:
--------------
branches/1.0/docs/ChangeLog.txt
Modified: branches/1.0/docs/ChangeLog.txt
===================================================================
--- branches/1.0/docs/ChangeLog.txt 2016-11-23 21:46:57 UTC (rev 7978)
+++ branches/1.0/docs/ChangeLog.txt 2016-11-23 21:53:22 UTC (rev 7979)
@@ -75,6 +75,9 @@
-- whois, version 5.2.13, new package to perform Whois lookups for domains and IP's.
+-- arnofw (AIF), "adaptive-ban" plugin, asterisk filter, add chan_sip 'Not a local domain' regex and
+ chan_pjsip 'No matching endpoint found' regex.
+
** Asterisk
-- Asterisk 11.24.1 (version bump) and 13.12.2 (version bump)
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-11-23 21:46:59
|
Revision: 7978
http://sourceforge.net/p/astlinux/code/7978
Author: abelbeck
Date: 2016-11-23 21:46:57 +0000 (Wed, 23 Nov 2016)
Log Message:
-----------
arnofw, adaptive-ban plugin, asterisk filter, add chan_sip 'Not a local domain' entry and chan_pjsip 'No matching endpoint found'. Thanks to Armin T?\195?\188ting.
Sample logs:
Nov 23 09:28:15 pbx4 local0.notice asterisk[15375]: NOTICE[10202]: res_pjsip/pjsip_distributor.c:246 log_unidentified_request: Request from '"Ilya" <sip:502@192.168.1.1>' failed for '192.168.1.1:5060' (callid: ZTNhYjU4ZjU5ZmUxNjM5M2FlYjBlYTE3YzgwZTU4MGY.) - No matching endpoint found
Nov 23 09:28:15 pbx4 local0.notice asterisk[15375]: NOTICE[3008]: chan_sip.c: Registration from '"Leigh" <sip:101@192.168.0.2>' failed for '192.168.0.6' - Not a local domain
Modified Paths:
--------------
branches/1.0/package/arnofw/adaptive-ban/adaptive-ban-helper.sh
Modified: branches/1.0/package/arnofw/adaptive-ban/adaptive-ban-helper.sh
===================================================================
--- branches/1.0/package/arnofw/adaptive-ban/adaptive-ban-helper.sh 2016-11-21 23:11:10 UTC (rev 7977)
+++ branches/1.0/package/arnofw/adaptive-ban/adaptive-ban-helper.sh 2016-11-23 21:46:57 UTC (rev 7978)
@@ -172,7 +172,9 @@
-e "s/^${PREFIX}NOTICE.* .*: Registration from '.*' failed for '${HOST}' - No matching peer found$/\1/p" \
-e "s/^${PREFIX}NOTICE.* .*: Registration from '.*' failed for '${HOST}' - Username\/auth name mismatch$/\1/p" \
-e "s/^${PREFIX}NOTICE.* .*: Registration from '.*' failed for '${HOST}' - Device does not match ACL$/\1/p" \
+ -e "s/^${PREFIX}NOTICE.* .*: Registration from '.*' failed for '${HOST}' - Not a local domain$/\1/p" \
-e "s/^${PREFIX}NOTICE.* .*: Rejecting '${HOST}' due to a failure to pass ACL '.*'$/\1/p" \
+ -e "s/^${PREFIX}NOTICE.* .*: Request from '.*' failed for '${HOST}' \(.*\) - No matching endpoint found$/\1/p" \
-e "s/^${PREFIX}NOTICE.* '${HOST}' - Dialplan Noted Suspicious IP Address$/\1/p" \
-e "s/^${PREFIX}NOTICE.* ${HOST} failed to authenticate as '.*'$/\1/p" \
-e "s/^${PREFIX}NOTICE.* .*: No registration for peer '.*' \(from ${HOST}\)$/\1/p" \
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-11-21 23:11:12
|
Revision: 7977
http://sourceforge.net/p/astlinux/code/7977
Author: abelbeck
Date: 2016-11-21 23:11:10 +0000 (Mon, 21 Nov 2016)
Log Message:
-----------
update ChangeLog
Modified Paths:
--------------
branches/1.0/docs/ChangeLog.txt
Modified: branches/1.0/docs/ChangeLog.txt
===================================================================
--- branches/1.0/docs/ChangeLog.txt 2016-11-21 23:06:25 UTC (rev 7976)
+++ branches/1.0/docs/ChangeLog.txt 2016-11-21 23:11:10 UTC (rev 7977)
@@ -31,6 +31,8 @@
-- libusb, version bump to 1.0.21
+-- tiff, version bump to 4.0.7, security fixes: 11 CVE's
+
-- nano, version bump to 2.7.1
-- reload-blocklist-netset (optional CRON script), add 'firehol_webclient' blocklist support.
@@ -64,6 +66,8 @@
-- shellinabox, version bump to 2.20
+-- ntpd/sntp, version bump to 4.2.8p9, security fixes: 2 medium-, 2 medium-/low-, and 5 low-severity
+
-- msmtp, version bump to 1.6.6
-- iproute2 (ip, tc, bridge, etc.) version bump to version 3.16.0, now including the 'bridge' utility.
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-11-21 23:06:28
|
Revision: 7976
http://sourceforge.net/p/astlinux/code/7976
Author: abelbeck
Date: 2016-11-21 23:06:25 +0000 (Mon, 21 Nov 2016)
Log Message:
-----------
tiff, version bump to 4.0.7, security fixes, 11 CVE's
Modified Paths:
--------------
branches/1.0/package/tiff/tiff.mk
Modified: branches/1.0/package/tiff/tiff.mk
===================================================================
--- branches/1.0/package/tiff/tiff.mk 2016-11-21 22:45:37 UTC (rev 7975)
+++ branches/1.0/package/tiff/tiff.mk 2016-11-21 23:06:25 UTC (rev 7976)
@@ -3,7 +3,7 @@
# tiff
#
#############################################################
-TIFF_VERSION = 4.0.6
+TIFF_VERSION = 4.0.7
TIFF_SITE = http://download.osgeo.org/libtiff
TIFF_SOURCE = tiff-$(TIFF_VERSION).tar.gz
TIFF_INSTALL_STAGING = YES
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-11-21 22:45:39
|
Revision: 7975
http://sourceforge.net/p/astlinux/code/7975
Author: abelbeck
Date: 2016-11-21 22:45:37 +0000 (Mon, 21 Nov 2016)
Log Message:
-----------
ntp, version bump to 4.2.8p9, addresses 2 medium-, 2 medium-/low-, and 5 low-severity security issues, 28 bugfixes
Modified Paths:
--------------
branches/1.0/package/ntp/ntp.mk
Modified: branches/1.0/package/ntp/ntp.mk
===================================================================
--- branches/1.0/package/ntp/ntp.mk 2016-11-20 23:00:11 UTC (rev 7974)
+++ branches/1.0/package/ntp/ntp.mk 2016-11-21 22:45:37 UTC (rev 7975)
@@ -3,7 +3,7 @@
# ntp
#
#############################################################
-NTP_VERSION = 4.2.8p8
+NTP_VERSION = 4.2.8p9
NTP_SOURCE = ntp-$(NTP_VERSION).tar.gz
NTP_SITE = https://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2
NTP_DEPENDENCIES = host-bison host-flex host-pkg-config
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-11-20 23:00:13
|
Revision: 7974
http://sourceforge.net/p/astlinux/code/7974
Author: abelbeck
Date: 2016-11-20 23:00:11 +0000 (Sun, 20 Nov 2016)
Log Message:
-----------
update ChangeLog
Modified Paths:
--------------
branches/1.0/docs/ChangeLog.txt
Modified: branches/1.0/docs/ChangeLog.txt
===================================================================
--- branches/1.0/docs/ChangeLog.txt 2016-11-20 22:56:52 UTC (rev 7973)
+++ branches/1.0/docs/ChangeLog.txt 2016-11-20 23:00:11 UTC (rev 7974)
@@ -17,6 +17,10 @@
** System
+-- Linux Kernel 3.2.84 (minor bump)
+
+-- RUNNIX, version bump to runnix-0.4-7972, with Linux Kernel 3.2.84, dropbear 2016.74
+
-- php, version bump to 5.6.28
-- sqlite, version bump to 3.15.1
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-11-20 22:56:55
|
Revision: 7973
http://sourceforge.net/p/astlinux/code/7973
Author: abelbeck
Date: 2016-11-20 22:56:52 +0000 (Sun, 20 Nov 2016)
Log Message:
-----------
runnix, version bump to runnix-0.4-7972, Linux version bump to 3.2.84, dropbear version bump to 2016.74
Modified Paths:
--------------
branches/1.0/boot/runnix/runnix.mk
Modified: branches/1.0/boot/runnix/runnix.mk
===================================================================
--- branches/1.0/boot/runnix/runnix.mk 2016-11-20 20:51:07 UTC (rev 7972)
+++ branches/1.0/boot/runnix/runnix.mk 2016-11-20 22:56:52 UTC (rev 7973)
@@ -3,7 +3,7 @@
# runnix
#
#############################################################
-RUNNIX_VER:=0.4-7671
+RUNNIX_VER:=0.4-7972
RUNNIX_SOURCE:=runnix-$(RUNNIX_VER).tar.gz
RUNNIX_SITE:=http://mirror.astlinux-project.org/runnix4
RUNNIX_DIR:=$(BUILD_DIR)/runnix-$(RUNNIX_VER)
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-11-20 20:51:10
|
Revision: 7972
http://sourceforge.net/p/astlinux/code/7972
Author: abelbeck
Date: 2016-11-20 20:51:07 +0000 (Sun, 20 Nov 2016)
Log Message:
-----------
dropbear, version bump to 2016.74
Modified Paths:
--------------
branches/1.0/package/dropbear/dropbear.mk
Modified: branches/1.0/package/dropbear/dropbear.mk
===================================================================
--- branches/1.0/package/dropbear/dropbear.mk 2016-11-20 18:13:08 UTC (rev 7971)
+++ branches/1.0/package/dropbear/dropbear.mk 2016-11-20 20:51:07 UTC (rev 7972)
@@ -4,7 +4,7 @@
#
#############################################################
-DROPBEAR_VERSION = 2016.72
+DROPBEAR_VERSION = 2016.74
DROPBEAR_SITE = http://matt.ucc.asn.au/dropbear/releases
DROPBEAR_SOURCE = dropbear-$(DROPBEAR_VERSION).tar.bz2
DROPBEAR_TARGET_BINS = dbclient dropbearkey dropbearconvert scp ssh
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-11-20 18:13:10
|
Revision: 7971
http://sourceforge.net/p/astlinux/code/7971
Author: abelbeck
Date: 2016-11-20 18:13:08 +0000 (Sun, 20 Nov 2016)
Log Message:
-----------
Linux version bump from linux-3.2.80 to linux-3.2.84
fix unionfs patch for kernel change, setattr_prepare (which used to be inode_change_ok)
Ref: https://git.kernel.org/cgit/linux/kernel/git/bwh/linux-stable-queue.git/diff/queue-3.2/fs-give-dentry-to-inode_change_ok-instead-of-inode.patch?id=67c8b46da7f623488620e589a8cb35e095cbfd97
add upstream Buildroot fix: linux, uboot, mxs-bootlets, barebox: avoid double slash in CUSTOM_TARBALL
Ref: https://git.buildroot.net/buildroot/commit/linux/linux.mk?id=579fea227394db02916d7487762c79a8e76e8748
Modified Paths:
--------------
branches/1.0/astlinux-ast11.config
branches/1.0/astlinux-ast13.config
branches/1.0/crosstool-ng-src/ct-ng-1.20.0-3.2-x86_64.config
branches/1.0/crosstool-ng-src/ct-ng-1.20.0-3.2.config
branches/1.0/crosstool-ng-src/get-files.sh
branches/1.0/linux/linux.mk
branches/1.0/project/astlinux/geni586/linux-smp.config
branches/1.0/project/astlinux/geni586/linux.config
branches/1.0/project/astlinux/genx86_64/linux-smp-vm.config
branches/1.0/project/astlinux/genx86_64/linux-smp.config
branches/1.0/project/astlinux/kernel-patches/linux-100-unionfs-2.6_for_3.2.62.patch
branches/1.0/project/runnix/geni586/linux.config
branches/1.0/project/runnix-iso/geni586/linux.config
branches/1.0/runnix-iso.config
branches/1.0/runnix.config
branches/1.0/x86_64-configs/astlinux-ast11.config
branches/1.0/x86_64-configs/astlinux-ast13.config
Removed Paths:
-------------
branches/1.0/project/astlinux/kernel-patches/linux-800-tcp-make-challenge-acks-less-predictable.patch
branches/1.0/project/astlinux/kernel-patches/linux-810-fix-CVE-2016-5195.patch
Modified: branches/1.0/astlinux-ast11.config
===================================================================
--- branches/1.0/astlinux-ast11.config 2016-11-19 21:51:06 UTC (rev 7970)
+++ branches/1.0/astlinux-ast11.config 2016-11-20 18:13:08 UTC (rev 7971)
@@ -923,7 +923,7 @@
# BR2_LINUX_KERNEL_CUSTOM_VERSION is not set
BR2_LINUX_KERNEL_CUSTOM_TARBALL=y
# BR2_LINUX_KERNEL_CUSTOM_GIT is not set
-BR2_LINUX_KERNEL_CUSTOM_TARBALL_LOCATION="https://www.kernel.org/pub/linux/kernel/v3.x/linux-3.2.80.tar.gz"
+BR2_LINUX_KERNEL_CUSTOM_TARBALL_LOCATION="https://www.kernel.org/pub/linux/kernel/v3.x/linux-3.2.84.tar.gz"
BR2_LINUX_KERNEL_VERSION="custom"
BR2_LINUX_KERNEL_PATCH="project/astlinux/kernel-patches"
# BR2_LINUX_KERNEL_USE_DEFCONFIG is not set
Modified: branches/1.0/astlinux-ast13.config
===================================================================
--- branches/1.0/astlinux-ast13.config 2016-11-19 21:51:06 UTC (rev 7970)
+++ branches/1.0/astlinux-ast13.config 2016-11-20 18:13:08 UTC (rev 7971)
@@ -923,7 +923,7 @@
# BR2_LINUX_KERNEL_CUSTOM_VERSION is not set
BR2_LINUX_KERNEL_CUSTOM_TARBALL=y
# BR2_LINUX_KERNEL_CUSTOM_GIT is not set
-BR2_LINUX_KERNEL_CUSTOM_TARBALL_LOCATION="https://www.kernel.org/pub/linux/kernel/v3.x/linux-3.2.80.tar.gz"
+BR2_LINUX_KERNEL_CUSTOM_TARBALL_LOCATION="https://www.kernel.org/pub/linux/kernel/v3.x/linux-3.2.84.tar.gz"
BR2_LINUX_KERNEL_VERSION="custom"
BR2_LINUX_KERNEL_PATCH="project/astlinux/kernel-patches"
# BR2_LINUX_KERNEL_USE_DEFCONFIG is not set
Modified: branches/1.0/crosstool-ng-src/ct-ng-1.20.0-3.2-x86_64.config
===================================================================
--- branches/1.0/crosstool-ng-src/ct-ng-1.20.0-3.2-x86_64.config 2016-11-19 21:51:06 UTC (rev 7970)
+++ branches/1.0/crosstool-ng-src/ct-ng-1.20.0-3.2-x86_64.config 2016-11-20 18:13:08 UTC (rev 7971)
@@ -219,7 +219,7 @@
# CT_KERNEL_V_2_6_31 is not set
# CT_KERNEL_V_2_6_27 is not set
CT_KERNEL_LINUX_CUSTOM=y
-CT_KERNEL_LINUX_CUSTOM_LOCATION="${CT_TOP_DIR}/linux-3.2.80.tar.gz"
+CT_KERNEL_LINUX_CUSTOM_LOCATION="${CT_TOP_DIR}/linux-3.2.84.tar.gz"
CT_KERNEL_windows_AVAILABLE=y
#
Modified: branches/1.0/crosstool-ng-src/ct-ng-1.20.0-3.2.config
===================================================================
--- branches/1.0/crosstool-ng-src/ct-ng-1.20.0-3.2.config 2016-11-19 21:51:06 UTC (rev 7970)
+++ branches/1.0/crosstool-ng-src/ct-ng-1.20.0-3.2.config 2016-11-20 18:13:08 UTC (rev 7971)
@@ -219,7 +219,7 @@
# CT_KERNEL_V_2_6_31 is not set
# CT_KERNEL_V_2_6_27 is not set
CT_KERNEL_LINUX_CUSTOM=y
-CT_KERNEL_LINUX_CUSTOM_LOCATION="${CT_TOP_DIR}/linux-3.2.80.tar.gz"
+CT_KERNEL_LINUX_CUSTOM_LOCATION="${CT_TOP_DIR}/linux-3.2.84.tar.gz"
CT_KERNEL_windows_AVAILABLE=y
#
Modified: branches/1.0/crosstool-ng-src/get-files.sh
===================================================================
--- branches/1.0/crosstool-ng-src/get-files.sh 2016-11-19 21:51:06 UTC (rev 7970)
+++ branches/1.0/crosstool-ng-src/get-files.sh 2016-11-20 18:13:08 UTC (rev 7971)
@@ -4,7 +4,7 @@
TARBALLS=".build/tarballs"
-LINUX_KERNEL="linux-3.2.80.tar.gz"
+LINUX_KERNEL="linux-3.2.84.tar.gz"
EGLIBC="eglibc-2_18.tar.bz2"
Modified: branches/1.0/linux/linux.mk
===================================================================
--- branches/1.0/linux/linux.mk 2016-11-19 21:51:06 UTC (rev 7970)
+++ branches/1.0/linux/linux.mk 2016-11-20 18:13:08 UTC (rev 7971)
@@ -8,7 +8,7 @@
# Compute LINUX_SOURCE and LINUX_SITE from the configuration
ifeq ($(LINUX_VERSION),custom)
LINUX_TARBALL = $(call qstrip,$(BR2_LINUX_KERNEL_CUSTOM_TARBALL_LOCATION))
-LINUX_SITE = $(dir $(LINUX_TARBALL))
+LINUX_SITE = $(patsubst %/,%,$(dir $(LINUX_TARBALL)))
LINUX_SOURCE = $(notdir $(LINUX_TARBALL))
else ifeq ($(BR2_LINUX_KERNEL_CUSTOM_GIT),y)
LINUX_SITE = $(call qstrip,$(BR2_LINUX_KERNEL_CUSTOM_GIT_REPO_URL))
Modified: branches/1.0/project/astlinux/geni586/linux-smp.config
===================================================================
--- branches/1.0/project/astlinux/geni586/linux-smp.config 2016-11-19 21:51:06 UTC (rev 7970)
+++ branches/1.0/project/astlinux/geni586/linux-smp.config 2016-11-20 18:13:08 UTC (rev 7971)
@@ -1,6 +1,6 @@
#
# Automatically generated file; DO NOT EDIT.
-# Linux/i386 3.2.80 Kernel Configuration
+# Linux/i386 3.2.84 Kernel Configuration
#
# CONFIG_64BIT is not set
CONFIG_X86_32=y
Modified: branches/1.0/project/astlinux/geni586/linux.config
===================================================================
--- branches/1.0/project/astlinux/geni586/linux.config 2016-11-19 21:51:06 UTC (rev 7970)
+++ branches/1.0/project/astlinux/geni586/linux.config 2016-11-20 18:13:08 UTC (rev 7971)
@@ -1,6 +1,6 @@
#
# Automatically generated file; DO NOT EDIT.
-# Linux/i386 3.2.80 Kernel Configuration
+# Linux/i386 3.2.84 Kernel Configuration
#
# CONFIG_64BIT is not set
CONFIG_X86_32=y
Modified: branches/1.0/project/astlinux/genx86_64/linux-smp-vm.config
===================================================================
--- branches/1.0/project/astlinux/genx86_64/linux-smp-vm.config 2016-11-19 21:51:06 UTC (rev 7970)
+++ branches/1.0/project/astlinux/genx86_64/linux-smp-vm.config 2016-11-20 18:13:08 UTC (rev 7971)
@@ -1,6 +1,6 @@
#
# Automatically generated file; DO NOT EDIT.
-# Linux/x86_64 3.2.80 Kernel Configuration
+# Linux/x86_64 3.2.84 Kernel Configuration
#
CONFIG_64BIT=y
# CONFIG_X86_32 is not set
Modified: branches/1.0/project/astlinux/genx86_64/linux-smp.config
===================================================================
--- branches/1.0/project/astlinux/genx86_64/linux-smp.config 2016-11-19 21:51:06 UTC (rev 7970)
+++ branches/1.0/project/astlinux/genx86_64/linux-smp.config 2016-11-20 18:13:08 UTC (rev 7971)
@@ -1,6 +1,6 @@
#
# Automatically generated file; DO NOT EDIT.
-# Linux/x86_64 3.2.80 Kernel Configuration
+# Linux/x86_64 3.2.84 Kernel Configuration
#
CONFIG_64BIT=y
# CONFIG_X86_32 is not set
Modified: branches/1.0/project/astlinux/kernel-patches/linux-100-unionfs-2.6_for_3.2.62.patch
===================================================================
--- branches/1.0/project/astlinux/kernel-patches/linux-100-unionfs-2.6_for_3.2.62.patch 2016-11-19 21:51:06 UTC (rev 7970)
+++ branches/1.0/project/astlinux/kernel-patches/linux-100-unionfs-2.6_for_3.2.62.patch 2016-11-20 18:13:08 UTC (rev 7971)
@@ -777,7 +777,7 @@
--- /dev/null
+++ b/fs/unionfs/Makefile
@@ -0,0 +1,17 @@
-+UNIONFS_VERSION="2.6 (for 3.2.62)"
++UNIONFS_VERSION="2.6 (for 3.2.84)"
+
+EXTRA_CFLAGS += -DUNIONFS_VERSION=\"$(UNIONFS_VERSION)\"
+
@@ -5852,7 +5852,7 @@
+ struct iattr lower_ia;
+
+ /* check if user has permission to change inode */
-+ err = inode_change_ok(dentry->d_inode, ia);
++ err = setattr_prepare(dentry, ia);
+ if (err)
+ goto out_err;
+
@@ -5889,7 +5889,7 @@
+ lower_inode = lower_dentry->d_inode;
+
+ /* check if user has permission to change lower inode */
-+ err = inode_change_ok(lower_inode, ia);
++ err = setattr_prepare(lower_dentry, ia);
+ if (err)
+ goto out;
+
Deleted: branches/1.0/project/astlinux/kernel-patches/linux-800-tcp-make-challenge-acks-less-predictable.patch
===================================================================
--- branches/1.0/project/astlinux/kernel-patches/linux-800-tcp-make-challenge-acks-less-predictable.patch 2016-11-19 21:51:06 UTC (rev 7970)
+++ branches/1.0/project/astlinux/kernel-patches/linux-800-tcp-make-challenge-acks-less-predictable.patch 2016-11-20 18:13:08 UTC (rev 7971)
@@ -1,76 +0,0 @@
-From: Eric Dumazet <edu...@go...>
-Date: Sun, 10 Jul 2016 10:04:02 +0200
-Subject: tcp: make challenge acks less predictable
-
-commit 75ff39ccc1bd5d3c455b6822ab09e533c551f758 upstream.
-
-Yue Cao claims that current host rate limiting of challenge ACKS
-(RFC 5961) could leak enough information to allow a patient attacker
-to hijack TCP sessions. He will soon provide details in an academic
-paper.
-
-This patch increases the default limit from 100 to 1000, and adds
-some randomization so that the attacker can no longer hijack
-sessions without spending a considerable amount of probes.
-
-Based on initial analysis and patch from Linus.
-
-Note that we also have per socket rate limiting, so it is tempting
-to remove the host limit in the future.
-
-v2: randomize the count of challenge acks per second, not the period.
-
-Fixes: 282f23c6ee34 ("tcp: implement RFC 5961 3.2")
-Reported-by: Yue Cao <yc...@uc...>
-Signed-off-by: Eric Dumazet <edu...@go...>
-Suggested-by: Linus Torvalds <tor...@li...>
-Cc: Yuchung Cheng <yc...@go...>
-Cc: Neal Cardwell <nca...@go...>
-Acked-by: Neal Cardwell <nca...@go...>
-Acked-by: Yuchung Cheng <yc...@go...>
-Signed-off-by: David S. Miller <da...@da...>
-[bwh: Backported to 3.2:
- - Adjust context
- - Use ACCESS_ONCE() instead of {READ,WRITE}_ONCE()
- - Open-code prandom_u32_max()]
-Signed-off-by: Ben Hutchings <be...@de...>
----
- net/ipv4/tcp_input.c | 17 ++++++++++++-----
- 1 file changed, 12 insertions(+), 5 deletions(-)
-
---- a/net/ipv4/tcp_input.c
-+++ b/net/ipv4/tcp_input.c
-@@ -87,7 +87,7 @@ int sysctl_tcp_adv_win_scale __read_most
- EXPORT_SYMBOL(sysctl_tcp_adv_win_scale);
-
- /* rfc5961 challenge ack rate limiting */
--int sysctl_tcp_challenge_ack_limit = 100;
-+int sysctl_tcp_challenge_ack_limit = 1000;
-
- int sysctl_tcp_stdurg __read_mostly;
- int sysctl_tcp_rfc1337 __read_mostly;
-@@ -3715,13 +3715,20 @@ static void tcp_send_challenge_ack(struc
- /* unprotected vars, we dont care of overwrites */
- static u32 challenge_timestamp;
- static unsigned int challenge_count;
-- u32 now = jiffies / HZ;
-+ u32 count, now = jiffies / HZ;
-
- if (now != challenge_timestamp) {
-+ u32 half = (sysctl_tcp_challenge_ack_limit + 1) >> 1;
-+
- challenge_timestamp = now;
-- challenge_count = 0;
-- }
-- if (++challenge_count <= sysctl_tcp_challenge_ack_limit) {
-+ ACCESS_ONCE(challenge_count) =
-+ half + (u32)(
-+ ((u64) random32() * sysctl_tcp_challenge_ack_limit)
-+ >> 32);
-+ }
-+ count = ACCESS_ONCE(challenge_count);
-+ if (count > 0) {
-+ ACCESS_ONCE(challenge_count) = count - 1;
- NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPCHALLENGEACK);
- tcp_send_ack(sk);
- }
Deleted: branches/1.0/project/astlinux/kernel-patches/linux-810-fix-CVE-2016-5195.patch
===================================================================
--- branches/1.0/project/astlinux/kernel-patches/linux-810-fix-CVE-2016-5195.patch 2016-11-19 21:51:06 UTC (rev 7970)
+++ branches/1.0/project/astlinux/kernel-patches/linux-810-fix-CVE-2016-5195.patch 2016-11-20 18:13:08 UTC (rev 7971)
@@ -1,146 +0,0 @@
-From 243f858d7045b710a31c377112578387ead4dde1 Mon Sep 17 00:00:00 2001
-From: Michal Hocko <mh...@su...>
-Date: Sun, 16 Oct 2016 11:55:00 +0200
-Subject: mm, gup: close FOLL MAP_PRIVATE race
-
-commit 19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619 upstream.
-
-faultin_page drops FOLL_WRITE after the page fault handler did the CoW
-and then we retry follow_page_mask to get our CoWed page. This is racy,
-however because the page might have been unmapped by that time and so
-we would have to do a page fault again, this time without CoW. This
-would cause the page cache corruption for FOLL_FORCE on MAP_PRIVATE
-read only mappings with obvious consequences.
-
-This is an ancient bug that was actually already fixed once by Linus
-eleven years ago in commit 4ceb5db9757a ("Fix get_user_pages() race
-for write access") but that was then undone due to problems on s390
-by commit f33ea7f404e5 ("fix get_user_pages bug") because s390 didn't
-have proper dirty pte tracking until abf09bed3cce ("s390/mm: implement
-software dirty bits"). This wasn't a problem at the time as pointed out
-by Hugh Dickins because madvise relied on mmap_sem for write up until
-0a27a14a6292 ("mm: madvise avoid exclusive mmap_sem") but since then we
-can race with madvise which can unmap the fresh COWed page or with KSM
-and corrupt the content of the shared page.
-
-This patch is based on the Linus' approach to not clear FOLL_WRITE after
-the CoW page fault (aka VM_FAULT_WRITE) but instead introduces FOLL_COW
-to note this fact. The flag is then rechecked during follow_pfn_pte to
-enforce the page fault again if we do not see the CoWed page. Linus was
-suggesting to check pte_dirty again as s390 is OK now. But that would
-make backporting to some old kernels harder. So instead let's just make
-sure that vm_normal_page sees a pure anonymous page.
-
-This would guarantee we are seeing a real CoW page. Introduce
-can_follow_write_pte which checks both pte_write and falls back to
-PageAnon on forced write faults which passed CoW already. Thanks to Hugh
-to point out that a special care has to be taken for KSM pages because
-our COWed page might have been merged with a KSM one and keep its
-PageAnon flag.
-
-Fixes: 0a27a14a6292 ("mm: madvise avoid exclusive mmap_sem")
-Reported-by: Phil "not Paul" Oester <ke...@li...>
-Disclosed-by: Andy Lutomirski <lu...@ke...>
-Signed-off-by: Linus Torvalds <tor...@li...>
-Signed-off-by: Michal Hocko <mh...@su...>
-[bwh: Backported to 3.2:
- - Adjust filename, context, indentation
- - The 'no_page' exit path in follow_page() is different, so open-code the
- cleanup
- - Delete a now-unused label]
-Signed-off-by: Ben Hutchings <be...@de...>
----
- include/linux/mm.h | 1 +
- mm/memory.c | 39 ++++++++++++++++++++++++++++-----------
- 2 files changed, 29 insertions(+), 11 deletions(-)
-
-diff --git a/include/linux/mm.h b/include/linux/mm.h
-index e5ee683..16394da 100644
---- a/include/linux/mm.h
-+++ b/include/linux/mm.h
-@@ -1527,6 +1527,7 @@ struct page *follow_page(struct vm_area_struct *, unsigned long address,
- #define FOLL_MLOCK 0x40 /* mark page as mlocked */
- #define FOLL_SPLIT 0x80 /* don't return transhuge pages, split them */
- #define FOLL_HWPOISON 0x100 /* check page is hwpoisoned */
-+#define FOLL_COW 0x4000 /* internal GUP flag */
-
- typedef int (*pte_fn_t)(pte_t *pte, pgtable_t token, unsigned long addr,
- void *data);
-diff --git a/mm/memory.c b/mm/memory.c
-index 675b211..2917e9b 100644
---- a/mm/memory.c
-+++ b/mm/memory.c
-@@ -1427,6 +1427,24 @@ int zap_vma_ptes(struct vm_area_struct *vma, unsigned long address,
- }
- EXPORT_SYMBOL_GPL(zap_vma_ptes);
-
-+static inline bool can_follow_write_pte(pte_t pte, struct page *page,
-+ unsigned int flags)
-+{
-+ if (pte_write(pte))
-+ return true;
-+
-+ /*
-+ * Make sure that we are really following CoWed page. We do not really
-+ * have to care about exclusiveness of the page because we only want
-+ * to ensure that once COWed page hasn't disappeared in the meantime
-+ * or it hasn't been merged to a KSM page.
-+ */
-+ if ((flags & FOLL_FORCE) && (flags & FOLL_COW))
-+ return page && PageAnon(page) && !PageKsm(page);
-+
-+ return false;
-+}
-+
- /**
- * follow_page - look up a page descriptor from a user-virtual address
- * @vma: vm_area_struct mapping @address
-@@ -1509,10 +1527,13 @@ split_fallthrough:
- pte = *ptep;
- if (!pte_present(pte))
- goto no_page;
-- if ((flags & FOLL_WRITE) && !pte_write(pte))
-- goto unlock;
-
- page = vm_normal_page(vma, address, pte);
-+ if ((flags & FOLL_WRITE) && !can_follow_write_pte(pte, page, flags)) {
-+ pte_unmap_unlock(ptep, ptl);
-+ return NULL;
-+ }
-+
- if (unlikely(!page)) {
- if ((flags & FOLL_DUMP) ||
- !is_zero_pfn(pte_pfn(pte)))
-@@ -1555,7 +1576,7 @@ split_fallthrough:
- unlock_page(page);
- }
- }
--unlock:
-+
- pte_unmap_unlock(ptep, ptl);
- out:
- return page;
-@@ -1789,17 +1810,13 @@ int __get_user_pages(struct task_struct *tsk, struct mm_struct *mm,
- * The VM_FAULT_WRITE bit tells us that
- * do_wp_page has broken COW when necessary,
- * even if maybe_mkwrite decided not to set
-- * pte_write. We can thus safely do subsequent
-- * page lookups as if they were reads. But only
-- * do so when looping for pte_write is futile:
-- * in some cases userspace may also be wanting
-- * to write to the gotten user page, which a
-- * read fault here might prevent (a readonly
-- * page might get reCOWed by userspace write).
-+ * pte_write. We cannot simply drop FOLL_WRITE
-+ * here because the COWed page might be gone by
-+ * the time we do the subsequent page lookups.
- */
- if ((ret & VM_FAULT_WRITE) &&
- !(vma->vm_flags & VM_WRITE))
-- foll_flags &= ~FOLL_WRITE;
-+ foll_flags |= FOLL_COW;
-
- cond_resched();
- }
---
-cgit v0.12
Modified: branches/1.0/project/runnix/geni586/linux.config
===================================================================
--- branches/1.0/project/runnix/geni586/linux.config 2016-11-19 21:51:06 UTC (rev 7970)
+++ branches/1.0/project/runnix/geni586/linux.config 2016-11-20 18:13:08 UTC (rev 7971)
@@ -1,6 +1,6 @@
#
# Automatically generated file; DO NOT EDIT.
-# Linux/i386 3.2.80 Kernel Configuration
+# Linux/i386 3.2.84 Kernel Configuration
#
# CONFIG_64BIT is not set
CONFIG_X86_32=y
Modified: branches/1.0/project/runnix-iso/geni586/linux.config
===================================================================
--- branches/1.0/project/runnix-iso/geni586/linux.config 2016-11-19 21:51:06 UTC (rev 7970)
+++ branches/1.0/project/runnix-iso/geni586/linux.config 2016-11-20 18:13:08 UTC (rev 7971)
@@ -1,6 +1,6 @@
#
# Automatically generated file; DO NOT EDIT.
-# Linux/i386 3.2.80 Kernel Configuration
+# Linux/i386 3.2.84 Kernel Configuration
#
# CONFIG_64BIT is not set
CONFIG_X86_32=y
Modified: branches/1.0/runnix-iso.config
===================================================================
--- branches/1.0/runnix-iso.config 2016-11-19 21:51:06 UTC (rev 7970)
+++ branches/1.0/runnix-iso.config 2016-11-20 18:13:08 UTC (rev 7971)
@@ -812,7 +812,7 @@
# BR2_LINUX_KERNEL_CUSTOM_VERSION is not set
BR2_LINUX_KERNEL_CUSTOM_TARBALL=y
# BR2_LINUX_KERNEL_CUSTOM_GIT is not set
-BR2_LINUX_KERNEL_CUSTOM_TARBALL_LOCATION="https://www.kernel.org/pub/linux/kernel/v3.x/linux-3.2.80.tar.gz"
+BR2_LINUX_KERNEL_CUSTOM_TARBALL_LOCATION="https://www.kernel.org/pub/linux/kernel/v3.x/linux-3.2.84.tar.gz"
BR2_LINUX_KERNEL_VERSION="custom"
BR2_LINUX_KERNEL_PATCH=""
# BR2_LINUX_KERNEL_USE_DEFCONFIG is not set
Modified: branches/1.0/runnix.config
===================================================================
--- branches/1.0/runnix.config 2016-11-19 21:51:06 UTC (rev 7970)
+++ branches/1.0/runnix.config 2016-11-20 18:13:08 UTC (rev 7971)
@@ -813,7 +813,7 @@
# BR2_LINUX_KERNEL_CUSTOM_VERSION is not set
BR2_LINUX_KERNEL_CUSTOM_TARBALL=y
# BR2_LINUX_KERNEL_CUSTOM_GIT is not set
-BR2_LINUX_KERNEL_CUSTOM_TARBALL_LOCATION="https://www.kernel.org/pub/linux/kernel/v3.x/linux-3.2.80.tar.gz"
+BR2_LINUX_KERNEL_CUSTOM_TARBALL_LOCATION="https://www.kernel.org/pub/linux/kernel/v3.x/linux-3.2.84.tar.gz"
BR2_LINUX_KERNEL_VERSION="custom"
BR2_LINUX_KERNEL_PATCH=""
# BR2_LINUX_KERNEL_USE_DEFCONFIG is not set
Modified: branches/1.0/x86_64-configs/astlinux-ast11.config
===================================================================
--- branches/1.0/x86_64-configs/astlinux-ast11.config 2016-11-19 21:51:06 UTC (rev 7970)
+++ branches/1.0/x86_64-configs/astlinux-ast11.config 2016-11-20 18:13:08 UTC (rev 7971)
@@ -904,7 +904,7 @@
# BR2_LINUX_KERNEL_CUSTOM_VERSION is not set
BR2_LINUX_KERNEL_CUSTOM_TARBALL=y
# BR2_LINUX_KERNEL_CUSTOM_GIT is not set
-BR2_LINUX_KERNEL_CUSTOM_TARBALL_LOCATION="https://www.kernel.org/pub/linux/kernel/v3.x/linux-3.2.80.tar.gz"
+BR2_LINUX_KERNEL_CUSTOM_TARBALL_LOCATION="https://www.kernel.org/pub/linux/kernel/v3.x/linux-3.2.84.tar.gz"
BR2_LINUX_KERNEL_VERSION="custom"
BR2_LINUX_KERNEL_PATCH="project/astlinux/kernel-patches"
# BR2_LINUX_KERNEL_USE_DEFCONFIG is not set
Modified: branches/1.0/x86_64-configs/astlinux-ast13.config
===================================================================
--- branches/1.0/x86_64-configs/astlinux-ast13.config 2016-11-19 21:51:06 UTC (rev 7970)
+++ branches/1.0/x86_64-configs/astlinux-ast13.config 2016-11-20 18:13:08 UTC (rev 7971)
@@ -904,7 +904,7 @@
# BR2_LINUX_KERNEL_CUSTOM_VERSION is not set
BR2_LINUX_KERNEL_CUSTOM_TARBALL=y
# BR2_LINUX_KERNEL_CUSTOM_GIT is not set
-BR2_LINUX_KERNEL_CUSTOM_TARBALL_LOCATION="https://www.kernel.org/pub/linux/kernel/v3.x/linux-3.2.80.tar.gz"
+BR2_LINUX_KERNEL_CUSTOM_TARBALL_LOCATION="https://www.kernel.org/pub/linux/kernel/v3.x/linux-3.2.84.tar.gz"
BR2_LINUX_KERNEL_VERSION="custom"
BR2_LINUX_KERNEL_PATCH="project/astlinux/kernel-patches"
# BR2_LINUX_KERNEL_USE_DEFCONFIG is not set
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
1 message has been excluded from this view by a project administrator.
