aboutsummaryrefslogtreecommitdiffstats
path: root/package/system
Commit message (Collapse)AuthorAgeFilesLines
* rpcd: update to git HEADDaniel Golle2021-01-071-4/+4
| | | | | | | | | | fd017ba iwinfo: add ht and vht operation info to wifi scan 4c66b31 iwinfo: export center channel for info ubus call e28d4a5 iwinfo: add support for 802.11ad and GCMP 5c15f57 iwinfo: return hwmode 'ad' on 802.11ad-only hardware ea7f471 iwinfo: include ht_operation data only if available Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* Revert "rpcd: update to git HEAD"Jo-Philipp Wich2021-01-061-4/+4
| | | | | | | | | | | This reverts commit 190e7939639846b86ab487c50169963382720e2b. This update introduces a potential null-pointer deref with subsequent rpcd crash when querying wireless info for non-nl80211 wdevs. Additionally it wrongly includes ht frequency information for non-ht BSSes. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* rpcd: update to git HEADDaniel Golle2021-01-051-4/+4
| | | | | | | | | fd017ba iwinfo: add ht and vht operation info to wifi scan 4c66b31 iwinfo: export center channel for info ubus call e28d4a5 iwinfo: add support for 802.11ad and GCMP 5c15f57 iwinfo: return hwmode 'ad' on 802.11ad-only hardware Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* fstools: fix 'firstboot' on unmounted UBIFS overlayDaniel Golle2021-01-041-3/+3
| | | | | | | | | | | The usual OpenWrt-way of writing the JFFS2-marker in order to have a filesystem erased at the next boot fails on UBIFS volumes due to UBI being a different beast when it comes to writing. As truncating a UBIFS volume only takes a few milliseconds and has the desired effect of wiping-out all content of that volume, just do that instead. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* opkg: update to git HEADDaniel Golle2020-12-241-3/+3
| | | | | | 9bbc7ea pkg_hash: pkg_hash_check_unresolved: fix segfault Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* zram-swap: remove the compression streams settingsRui Salvaterra2020-12-131-15/+0
| | | | | | | | | Zram switched to per-cpu compression streams since Linux 4.7 [1]. Drop the irrelevant configuration (no-op). [1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/drivers/block/zram?h=v4.7&id=43209ea2d17aae1540d4e28274e36404f72702f2 Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
* procd: update to git HEADDaniel Golle2020-12-121-3/+3
| | | | | | | 111416d jail: remove unreachable code 7f12c89 treewide: replace local mkdir_p implementations Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* fstools: update to git HEADDaniel Golle2020-12-121-3/+3
| | | | | | | | 0c6fb90 jffs2-reset: allow doing a factory reset and passing a sysupgrade.tgz 4862530 mount: restorecon: guard against execl() errors f415323 block: replace local mkdir_p implementation Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* selinux-policy: update to version 0.4Daniel Golle2020-12-121-2/+3
| | | | Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* opkg: remove legacy dist and extra_dataPaul Spooren2020-12-091-3/+3
| | | | | | | | | efb26a3 libopkg: remove "extra_data" option 1d67ab7 libopkg: remove support for "dist" config Reduces opkg size by about 400 Bytes. Signed-off-by: Paul Spooren <mail@aparcar.org>
* procd: also depend on jshnSven Roederer2020-12-051-2/+2
| | | | | | fixes "file no found" error on stripped down images, caused by prod.sh:43. Signed-off-by: Sven Roederer <devel-sven@geroedel.de>
* procd: output warning if user 'ubus' doesn't existDaniel Golle2020-12-041-3/+3
| | | | | | 6acc48c early: fall-back to run ubus as root if user can't be found Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* ubus: make sure ubusd starts in case user 'ubus' doesn't existDaniel Golle2020-12-041-3/+3
| | | | | | d1d9ddf ubusd: attempt to create socket folder Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* procd: update to git HEADDaniel Golle2020-11-301-3/+3
| | | | | | | | f3c3563 jail: improve seccomp BPF generator f67a66f jail: always call cgroups_free() 4625350 jail: seccomp: improve code readability Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* procd: update to git HEADDaniel Golle2020-11-271-3/+3
| | | | | | | | | | | | | | | | 3019f50 jail: leak less memory 7e01453 jail: fix segfault on missing name and refactor 5abee8f jail: fix and simplify userns uid/gid maps from OCI 4ba72ec jail: relax /etc/resolv.conf creation db5ef86 jail: don't use NULL arguments for mount syscall 19ac9df jail: don't fail if can't mount-bind /etc/resolv.conf acf36f2 jail: seteuid before clone(CLONE_NEWUSER) e40828f jail: fix typo in usage output b87984b jail: don't attempt to mount /sys with noatime b275b11 jail: enter existing cgroups namespace if given 31e0a46 jail: properly initialize timens_fd Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* opkg: cleanup man pages and md5 fixupPaul Spooren2020-11-251-3/+3
| | | | | | | 66f458d fix md5sum calculation 02eaf9c man: remove obsolete manual pages Signed-off-by: Paul Spooren <mail@aparcar.org>
* opkg: purge package from cache on hash mismatchPaul Spooren2020-11-241-4/+4
| | | | | | | | | | 61b3c62 opkg_verify_integrity: better logging and error conditions f73d42f download: purge cached packages that have incorrect checksum 1c1480e download: factor out the logic for building cache filenames 293b1ce libopkg: factor out checksum and size verification a786e25 download: remove compatibility with old cache naming scheme Signed-off-by: Paul Spooren <mail@aparcar.org>
* procd: update to git HEADDaniel Golle2020-11-231-3/+3
| | | | | | | d4d78db uxc: also delete procd runtime state on 'delete' e935c0c jail: add 'debug' extern variable to preload_seccomp Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* Revert "refpolicy: add variant that builds modular policy"Daniel Golle2020-11-221-33/+2
| | | | | | | | | | This reverts commit 9eb9943f82e0b2d5e32ffe1c63f5a82caca5094d. Building the 'modular' variant requires 'semodule_package' from 'selinux-python' to be installed on the buildhost. Apart from that, this change also broke the monolithic refpolicy 'targeted' build. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* procd: update to git HEADDaniel Golle2020-11-221-3/+3
| | | | | | | | | 04a2edd uxc: make force-delete kill container process be6da62 seccomp: silence 'unknown syscall' warnings b22e625 jail: cgroup hack: rewrite cgroup -> cgroup2 df7fa7b uxc: fix incomplete commit Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* procd: drop legacy seccomp support, switch to OCI parsersDaniel Golle2020-11-171-3/+3
| | | | | | | | d8f36f5 seccomp: specifying architectures is optional d352e6e seccomp: switch to new OCI compliant parser c110405 trace: switch to OCI seccomp JSON output Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* rpcd: remove file when appliedHuangbin Zhan2020-11-122-5/+7
| | | | | | Make sure exit value of this script is zero. Or the file won't be deleted. Signed-off-by: Huangbin Zhan <zhanhb88@gmail.com>
* ca-certificates: canonical the build dirJianhui Zhao2020-11-121-1/+7
| | | | | | | The previous build directory "build_dir/target-xx/work/" contaminated the entire build directory. Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
* refpolicy: add variant that builds modular policyW. Michael Petullo2020-11-091-2/+33
| | | | | | | | | This adds a variant of refpolicy that builds the modular form of the policy. While this requires more memory on the target device, along with some tricks to deal with OpenWrt's volatile /var directory, it is useful for experiementing with SELinux policy. Signed-off-by: W. Michael Petullo <mike@flyn.org>
* procd: bump to git HEADDaniel Golle2020-11-071-3/+3
| | | | | | b0de894 jail: fix capabilities Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* procd: bump to git HEADDaniel Golle2020-11-051-3/+3
| | | | | | | | | | | | 2f381fe jail: guard boolean blobmsg attributes 602b8fa jail: add option for pidfile bba6de7 jail: handle mount propagation flags 6963d50 jail: relax seccomp unknown syscall handling e1fcfdc jail: add support for absolute root path in OCI spec 257f29b jail: don't fail if maskedPath cannot be found 75f2374 uxc: mimic runc cmdline by using getopt_long Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* opkg: clean up and fix performance regressionDaniel Golle2020-11-031-3/+3
| | | | | | | da9746a libopkg: clean up handling of unresolved dependencies Signed-off-by: Daniel Golle <daniel@makrotopia.org> Signed-off-by: Paul Spooren <mail@aparcar.org>
* opkg: fix yet another dependency resolution bugDaniel Golle2020-11-021-3/+3
| | | | | | | | | | The previous fix of a fix caused yet another problem leading to `opkg show-upgradable` ending up in an infinite loop. Fix that. Fixes: 4a2b1ff7fb ("opkg: fix dependency resolution") Reported-by: Huangbin Zhan <zhanhb88@gmail.com> Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* opkg: fix dependency resolutionDaniel Golle2020-11-021-3/+3
| | | | | | | | | | | | The previous commit broke opkg in a way that it would no longer include dependencies when installing a package, effectively leading to broken images and unusable systems. Fix that by making sure dependencies are still going to be checked. Also reduce size of struct abstract_pkg as suggested by @jow- while at it. Fixes: 1445d333aa ("opkg: bump to git HEAD") Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* zram-swap: use new extra_command wrapperFlorian Eckert2020-11-022-4/+3
| | | | | | Use new `extra_command` wrapper to fix the alignement. Signed-off-by: Florian Eckert <fe@dev.tdt.de>
* opkg: bump to git HEADDaniel Golle2020-10-301-3/+3
| | | | | | 8769c75 pkg_hash: don't suggest incompatible packages Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* uci: fix package mirror hashPetr Štetiar2020-10-271-1/+1
| | | | | | | | I've forget to update PKG_MIRROR_HASH in my previous package version bump. Fixes: 095cc2b7454a ("uci: update to version 2020-10-06") Signed-off-by: Petr Štetiar <ynezz@true.cz>
* uci: update to version 2020-10-06Petr Štetiar2020-10-271-2/+2
| | | | | | | | | | | | | | | | 52bbc99f69ea Replace malloc() + memset() with calloc() 3fbd6c923434 ucimap: Check return of malloc() eae126f66663 file: Check buffer size after strtok() 7f574273180a file: use size_t for position and pointer 19770b6949b9 file: use dynamic memory allocation for tempfile name aa46546794ac file: uci_file_commit: fix memory leak 671c7554bfde uci: silence UBSAN error by using offsetof macro from compiler ea5bbd57d0e1 tests: cram: add uci import testing on fuzzer corpus 31f78bfbf75f cmake: add uci-san cli built with clang sanitizers a3e650911f5e file: uci_parse_package: fix heap use after free 9bd361ca3236 tests: add libFuzzer based fuzzing Signed-off-by: Petr Štetiar <ynezz@true.cz>
* ubus: bump to git HEADDaniel Golle2020-10-251-3/+3
| | | | | | ad0cd11 ubusd_acl: add support for wildcard in methods Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* procd: ujail fixesDaniel Golle2020-10-251-3/+3
| | | | | | | ec461ff jail: mount more stuff read-only 33b799b ujail: elf: work around GCC bug on MIPS64 Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* ubox: run logd non-root as user logdDaniel Golle2020-10-251-4/+5
| | | | Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* rpcd: adapt defaults for changed ubus.sock pathDaniel Golle2020-10-223-2/+10
| | | | Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* procd: jail: clean up capability handling and non-root ubusdDaniel Golle2020-10-211-3/+3
| | | | | | | | | | | | | | | Unify capability handling to only use OCI spec parsers even for ujail slim containers which previously supposedly used their own format. 80c9516 cgroups: restrict allowed keys in 'unified' section 5ade567 cgroups: memory controller fixes 3121467 early: run ubusd non-root as user ubus, group ubus 12a5b97 jail: adapt to new ubus socket path 788d144 instance: actually wire up capabilities filename ebc5a7f jail: nuke old capabilities code in favour of reusing OCI code 6c5233a jail: capabilities: apply in two phases Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* ubus: prepare to run ubusd as non-root userDaniel Golle2020-10-211-3/+4
| | | | | | | Move /var/run/ubus.sock to /var/run/ubus/ubus.sock in preparation for having ubusd run as non-root user. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* selinux-policy: update to git tag v0.3Daniel Golle2020-10-161-3/+3
| | | | Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* fstools: update to git HEADDaniel Golle2020-10-161-3/+3
| | | | | | | | | | | 8e0f29a mount: remove support for legacy overlayfs before v2.3 0f8a443 mount: fix log format string and indentation 46a56d3 overlay: use precompiler macros for reoccuring path names f25ab8a mount: apply SELinux labels before overlayfs mount Total ipk size change (ipq40xx): +120b Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* selinux-policy: adds new packageDominick Grift2020-10-092-0/+55
| | | | Signed-off-by: Dominick Grift <dominick.grift@defensec.nl>
* refpolicy: fix path to setfiles and checkpolicyPaul Spooren2020-09-301-3/+2
| | | | | | | | Directly set path via MAKE vars instead of defning TESTTOOLS. This way setfiles, which is required by the ImageBuilder, ends up in /host/bin while checkpolicy can stay in hostpkg/bin. Signed-off-by: Paul Spooren <mail@aparcar.org>
* refpolicy: mark as architecture independentDaniel Golle2020-09-291-1/+2
| | | | | | | Use PKGARCH:=all to declare this package to be free of any architecture dependent code. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* zram-swap: explicitly use mkswap/swapon/swapoff from /sbinRui Salvaterra2020-09-202-11/+11
| | | | | | | | | | | | | The required BusyBox applets are enabled by default, so we can rely on them being present in the system. This way, we make sure there are no conflicts with less featured variants of these same applets which might also be present in the system. Fixes: 0bd7dfa3ed60 ("zram-swap: enable swap discard") Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com> [wrap commit description] Signed-off-by: David Bauer <mail@david-bauer.net>
* rpcd: update to the latest masterRafał Miłecki2020-09-181-3/+3
| | | | | | 3fea655 rc: support init.d scripts with START=0 Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* zram-swap: default to lzo instead of lzo-rle compressionRui Salvaterra2020-09-171-2/+3
| | | | | | | | | | | | | | | | | | | On devices with small amounts of RAM, zram-swap fails to initialise due to the default compression algorithm (lzo-rle). Startup example on an AirGrid M2, with 32 MiB of RAM: root@airgrid:/etc/config# /etc/init.d/zram start zram_start: activating '/dev/zram0' for swapping (13 MegaBytes) zram_reset: enforcing defaults via /sys/block/zram0/reset sh: write error: Out of memory mkswap: image is too small swapon: /dev/zram0: Invalid argument root@airgrid:/etc/config# Fix this by defaulting to traditional lzo, which works fine and is always available. Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
* rpcd: update to the latest masterRafał Miłecki2020-09-101-3/+3
| | | | | | rc: new ubus object for handling /etc/init.d/ scripts Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* refpolicy: skip building docsDaniel Golle2020-09-012-1/+13
| | | | | | | Building docs requires xmllint and other bulky things being present on the host. Skip that. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* fstools: update to the latest versionHauke Mehrtens2020-09-011-3/+3
| | | | | | 5345343 fstoools: add define for GLOB_ONLYDIR Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-28 00:24:01 +0000