This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree".
The branch, master has been updated via 606efa9c2a1515fdb76e2f710b2237335d1584ce (commit) via be60bc8914126fbcbab34cbf3826d2d5c821bfeb (commit) via 520e6a1dd4d31d32ff6194ea96362f2881119984 (commit) via 793a273ab5da4c03db0a62b54104bbd4d8225b1c (commit) via 559e94bafbcbd68a44de695f14287e46d0044713 (commit) via 99f2c6951123b5d961f4af92c2d9eb188204580e (commit) via 10dd2afd6d339247e5c918f53d1a7fcbb5c43ddb (commit) via c0f4a530348101f7f75b4282471a1388fa1622e8 (commit) via 236bb273200c756085a39ac1471835468acdc425 (commit) via 00d7bb9f96eabb528a726f7e357ea229703cc258 (commit) via 66eb3fd8b87b7c77e83c910e2d66facebb13c293 (commit) via 3b415347bbd158690b72bbad700faf43df3bc5cc (commit) via c934c5ff1983826291b73da54e093aa7caa7c151 (commit) via dc362263f4d1b2e1551e7cca406e82eddcd01aee (commit) via 6836e528e521b94e8e4360451f11a5b9ce1d82d2 (commit) via e47e01f60c379922d11ea8a9352f163d4e034ff0 (commit) via fd9fa1d8947f1691db53f5839658eddfa392c165 (commit) via ca75ec5278c0d0ec5fec3500b88ab7fbaa48a285 (commit) via fa5e921ccbf6360ac44d51aa0c8b832800b4b120 (commit) via a6859d889e4ab04ee06b5b0363bef65cd7b3a1a0 (commit) via 2e65d316a7ee76eeb8edd2492e1c3fe013d366ba (commit) via 53ece8f1f7e4ca46a327f620c15bf1b3b54bcde2 (commit) via 1fd34bd2ecf5f253673cf5912be4687ebe8f699e (commit) via efc5cb1d3454896923355217ce8f7495df723e97 (commit) via c7ad4315ea9862a5d07a7d347701a933d1f997b5 (commit) via eb5cd9fa57f795615e0f00c2cf2b4acf67688c7e (commit) via de8810fbaa42aebf2f2a9949482fca57778db92b (commit) via e4e1b8718e75e72e192e748fb11643ba198d3c08 (commit) via fd7c2f3a9ea343a1e123694025f166b960857921 (commit) via 3ec3329dffe9e045c37b1b3d048947bb59cd6fa6 (commit) via 4a46575628378e447f6aec0771cc4cc0f2743a3a (commit) via 65114604878aaae06354819e13d9c069e00b9411 (commit) via d0d79462d654a490b47874583a014d151bdb9717 (commit) via 61e1ad2703868fe84f4505cbbf9d2f109256aef7 (commit) via dd4f9a87c1f2dc48d31a939f60c651bbb2688797 (commit) via 65650ec69be35b5372a7fdca3e74deb3fd433327 (commit) via ef21f3e49d2998eb4a223c05ef05f169ae99537a (commit) via 4cd82be05f21bcf49e38793e41730923a0107a0b (commit) via fd244f4327bcfb945d4a30d67e0634279a835e37 (commit) via 8650d11bc3a6e506e08dd708ec3f86fd566bb182 (commit) via 2aab3e9a333b3b765ed73607db1502a0fe8ed0d5 (commit) via c4dd9dfc46a3d0e4a0f96ce1de7606f2dd235f2b (commit) via abccd997c09825ed286a39262030cd81693e6908 (commit) via bc5037150a6fb69d1f117235f37c2f42860e1b6b (commit) via 8bd0c4b17dfdf27dc072c4032d88cf2676f6fd51 (commit) via ee0e3beb39da302fb9735b8b3846ee675192b350 (commit) via acf47bfa80a3f8234a7ef2e5ce9b8cbf4c9b0f7b (commit) via b9021f9277e83b488c27c434ea6fee3c3d85490d (commit) via d035f60c9fd81a2a9c1fdbf69262dc5bc1d3e966 (commit) via ffb37e51d4a89588d0574756120cc9c764d27161 (commit) via 4cf7c05dd857c7a2921015401e43f2d2cce7b00f (commit) via 7d38e8a94100c44102168a37bac5d5dfab060a4d (commit) via 12f462f154ef6a3637027aaf588c2b59e0ba7237 (commit) via 1c505151cb4da3ea28aba715250544a831d7139f (commit) via 5fa51a839ea32ff0b0a2bc4ccd549296c5292fa8 (commit) via 4b75e9c92edffca7f3935dfe0c6500038df5c80a (commit) via 527d14bf5a2f0f3fc1923efc235a39fe50fb97b7 (commit) via 759be5855faac744f36abc3d1b76c279a3dba379 (commit) via 4e5802a9be6eb2bcaebcbebecaca5501fda23a32 (commit) from cdf1bea72448ac1f5704bd292ae1a5338a856d58 (commit)
Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below.
- Log ----------------------------------------------------------------- commit 606efa9c2a1515fdb76e2f710b2237335d1584ce Merge: cdf1bea72 be60bc891 Author: Arne Fitzenreiter arne_f@ipfire.org Date: Fri Aug 9 23:55:36 2019 +0200
Merge remote-tracking branch 'origin/next'
Signed-off-by: Arne Fitzenreiter arne_f@ipfire.org
-----------------------------------------------------------------------
Summary of changes: config/dhcpc/dhcpcd.conf | 3 + config/etc/sysctl-x86_64.conf | 3 + config/kernel/kernel.config.aarch64-ipfire | 2 +- .../kernel/kernel.config.armv5tel-ipfire-kirkwood | 2 +- config/kernel/kernel.config.armv5tel-ipfire-multi | 2 +- config/kernel/kernel.config.i586-ipfire | 2 +- config/kernel/kernel.config.i586-ipfire-pae | 2 +- config/kernel/kernel.config.x86_64-ipfire | 2 +- config/rootfiles/common/aarch64/initscripts | 7 +- config/rootfiles/common/armv5tel/initscripts | 7 +- config/rootfiles/common/armv5tel/linux-multi | 1 + config/rootfiles/common/armv5tel/rpi-firmware | 1 + .../rootfiles/common/armv5tel/u-boot-friendlyarm | 1 + config/rootfiles/common/i586/initscripts | 7 +- config/rootfiles/common/nettle | 12 +- config/rootfiles/common/stage2 | 1 + config/rootfiles/common/x86_64/initscripts | 7 +- config/rootfiles/common/x86_64/linux | 2 +- config/rootfiles/common/x86_64/stage2 | 1 + config/rootfiles/core/{134 => 135}/exclude | 0 .../core/{134 => 135}/filelists/aarch64/linux | 0 .../{134 => 135}/filelists/aarch64/linux-initrd | 0 .../129 => core/135}/filelists/aarch64/u-boot | 0 .../filelists/armv5tel/linux-initrd-kirkwood | 0 .../filelists/armv5tel/linux-initrd-multi | 0 .../{134 => 135}/filelists/armv5tel/linux-kirkwood | 0 .../{134 => 135}/filelists/armv5tel/linux-multi | 0 .../aarch64 => core/135/filelists/armv5tel}/u-boot | 0 .../core/135/filelists/armv5tel/u-boot-friendlyarm | 1 + .../{oldcore/104 => core/135}/filelists/ddns | 0 .../{oldcore/125 => core/135}/filelists/dhcpcd | 0 config/rootfiles/core/135/filelists/files | 17 +++ .../core/{134 => 135}/filelists/i586/linux | 0 .../core/{134 => 135}/filelists/i586/linux-initrd | 0 .../{oldcore/101 => core/135}/filelists/nettle | 0 .../{oldcore/100 => core/135}/filelists/squid | 0 .../{oldcore/100 => core/135}/filelists/tzdata | 0 .../core/{134 => 135}/filelists/x86_64/linux | 0 .../{134 => 135}/filelists/x86_64/linux-initrd | 0 .../core/135/filelists/x86_64/sysctl-x86_64 | 1 + .../rootfiles/{oldcore/132 => core/135}/update.sh | 26 ++-- config/rootfiles/{core => oldcore}/134/exclude | 0 .../{core => oldcore}/134/filelists/aarch64/linux | 0 .../134/filelists/aarch64/linux-initrd | 0 .../134/filelists/armv5tel/linux-initrd-kirkwood | 0 .../134/filelists/armv5tel/linux-initrd-multi | 0 .../134/filelists/armv5tel/linux-kirkwood | 0 .../134/filelists/armv5tel/linux-multi | 0 .../rootfiles/{core => oldcore}/134/filelists/bind | 0 .../{core => oldcore}/134/filelists/files | 0 .../134/filelists/i586/intel-microcode | 0 .../{core => oldcore}/134/filelists/i586/linux | 0 .../134/filelists/i586/linux-initrd | 0 .../134/filelists/i586/openssl-sse2 | 0 .../{core => oldcore}/134/filelists/openssl | 0 .../{core => oldcore}/134/filelists/unbound | 0 .../rootfiles/{core => oldcore}/134/filelists/vim | 0 .../134/filelists/x86_64/intel-microcode | 0 .../{core => oldcore}/134/filelists/x86_64/linux | 0 .../134/filelists/x86_64/linux-initrd | 0 config/rootfiles/{core => oldcore}/134/update.sh | 0 config/rootfiles/packages/mc | 1 + config/rootfiles/packages/pcengines-apu-firmware | 10 +- config/u-boot/boot.cmd | 6 +- config/u-boot/boot.scr | Bin 2544 -> 2607 bytes config/u-boot/uEnv.txt | 3 +- config/unbound/root.hints | 52 ++++---- config/unbound/unbound-dhcp-leases-bridge | 2 +- lfs/bird | 6 +- lfs/clamav | 6 +- lfs/dhcpcd | 4 +- lfs/flash-images | 8 +- lfs/initscripts | 2 +- lfs/iperf | 8 +- lfs/iperf3 | 10 +- lfs/linux | 14 ++- lfs/mc | 8 +- lfs/nettle | 4 +- lfs/pcengines-apu-firmware | 15 +-- lfs/rpi-firmware | 2 + lfs/squid | 4 +- lfs/tzdata | 6 +- lfs/{wget => u-boot-friendlyarm} | 34 ++++-- make.sh | 5 +- src/initscripts/helper/{aws-setup => azure-setup} | 132 ++++++++++++--------- .../networking/red.down/05-remove-dns-forwarders | 4 + .../networking/red.down/05-update-dns-forwarders | 4 - src/initscripts/system/{aws => cloud-init} | 51 ++++---- src/initscripts/system/functions | 38 ++++++ src/initscripts/system/leds | 11 ++ src/initscripts/system/partresize | 29 ++++- src/initscripts/system/smt | 2 +- src/initscripts/system/sysctl | 12 ++ src/initscripts/system/unbound | 44 ++++++- src/patches/iperf3/0001-remove-pg-flag.patch | 46 ------- src/patches/iperf3/iperf-3.7-remove-pg-flag.patch | 30 +++++ src/patches/u-boot/sunxi/nanopi-r1-add-mac.diff | 15 +++ src/setup/networking.c | 30 +++-- 98 files changed, 486 insertions(+), 282 deletions(-) create mode 100644 config/etc/sysctl-x86_64.conf create mode 100644 config/rootfiles/common/armv5tel/u-boot-friendlyarm copy config/rootfiles/core/{134 => 135}/exclude (100%) copy config/rootfiles/core/{134 => 135}/filelists/aarch64/linux (100%) copy config/rootfiles/core/{134 => 135}/filelists/aarch64/linux-initrd (100%) copy config/rootfiles/{oldcore/129 => core/135}/filelists/aarch64/u-boot (100%) copy config/rootfiles/core/{134 => 135}/filelists/armv5tel/linux-initrd-kirkwood (100%) copy config/rootfiles/core/{134 => 135}/filelists/armv5tel/linux-initrd-multi (100%) copy config/rootfiles/core/{134 => 135}/filelists/armv5tel/linux-kirkwood (100%) copy config/rootfiles/core/{134 => 135}/filelists/armv5tel/linux-multi (100%) copy config/rootfiles/{oldcore/129/filelists/aarch64 => core/135/filelists/armv5tel}/u-boot (100%) create mode 120000 config/rootfiles/core/135/filelists/armv5tel/u-boot-friendlyarm copy config/rootfiles/{oldcore/104 => core/135}/filelists/ddns (100%) copy config/rootfiles/{oldcore/125 => core/135}/filelists/dhcpcd (100%) create mode 100644 config/rootfiles/core/135/filelists/files copy config/rootfiles/core/{134 => 135}/filelists/i586/linux (100%) copy config/rootfiles/core/{134 => 135}/filelists/i586/linux-initrd (100%) copy config/rootfiles/{oldcore/101 => core/135}/filelists/nettle (100%) copy config/rootfiles/{oldcore/100 => core/135}/filelists/squid (100%) copy config/rootfiles/{oldcore/100 => core/135}/filelists/tzdata (100%) copy config/rootfiles/core/{134 => 135}/filelists/x86_64/linux (100%) copy config/rootfiles/core/{134 => 135}/filelists/x86_64/linux-initrd (100%) create mode 100644 config/rootfiles/core/135/filelists/x86_64/sysctl-x86_64 copy config/rootfiles/{oldcore/132 => core/135}/update.sh (91%) rename config/rootfiles/{core => oldcore}/134/exclude (100%) rename config/rootfiles/{core => oldcore}/134/filelists/aarch64/linux (100%) rename config/rootfiles/{core => oldcore}/134/filelists/aarch64/linux-initrd (100%) rename config/rootfiles/{core => oldcore}/134/filelists/armv5tel/linux-initrd-kirkwood (100%) rename config/rootfiles/{core => oldcore}/134/filelists/armv5tel/linux-initrd-multi (100%) rename config/rootfiles/{core => oldcore}/134/filelists/armv5tel/linux-kirkwood (100%) rename config/rootfiles/{core => oldcore}/134/filelists/armv5tel/linux-multi (100%) rename config/rootfiles/{core => oldcore}/134/filelists/bind (100%) rename config/rootfiles/{core => oldcore}/134/filelists/files (100%) rename config/rootfiles/{core => oldcore}/134/filelists/i586/intel-microcode (100%) rename config/rootfiles/{core => oldcore}/134/filelists/i586/linux (100%) rename config/rootfiles/{core => oldcore}/134/filelists/i586/linux-initrd (100%) rename config/rootfiles/{core => oldcore}/134/filelists/i586/openssl-sse2 (100%) rename config/rootfiles/{core => oldcore}/134/filelists/openssl (100%) rename config/rootfiles/{core => oldcore}/134/filelists/unbound (100%) rename config/rootfiles/{core => oldcore}/134/filelists/vim (100%) rename config/rootfiles/{core => oldcore}/134/filelists/x86_64/intel-microcode (100%) rename config/rootfiles/{core => oldcore}/134/filelists/x86_64/linux (100%) rename config/rootfiles/{core => oldcore}/134/filelists/x86_64/linux-initrd (100%) rename config/rootfiles/{core => oldcore}/134/update.sh (100%) copy lfs/{wget => u-boot-friendlyarm} (75%) copy src/initscripts/helper/{aws-setup => azure-setup} (68%) create mode 100644 src/initscripts/networking/red.down/05-remove-dns-forwarders delete mode 100644 src/initscripts/networking/red.down/05-update-dns-forwarders rename src/initscripts/system/{aws => cloud-init} (56%) delete mode 100644 src/patches/iperf3/0001-remove-pg-flag.patch create mode 100644 src/patches/iperf3/iperf-3.7-remove-pg-flag.patch create mode 100644 src/patches/u-boot/sunxi/nanopi-r1-add-mac.diff
Difference in files: diff --git a/config/dhcpc/dhcpcd.conf b/config/dhcpc/dhcpcd.conf index eb625a70c..7b18896ec 100644 --- a/config/dhcpc/dhcpcd.conf +++ b/config/dhcpc/dhcpcd.conf @@ -21,3 +21,6 @@ require dhcp_server_identifier # A hook script is provided to lookup the hostname if not set by the DHCP # server, but it should not be run by default. nohook lookup-hostname + +# disable ipv4ll (IPv4 local link/apipa) ip's +noipv4ll diff --git a/config/etc/sysctl-x86_64.conf b/config/etc/sysctl-x86_64.conf new file mode 100644 index 000000000..7384bed51 --- /dev/null +++ b/config/etc/sysctl-x86_64.conf @@ -0,0 +1,3 @@ +# Improve KASLR effectiveness for mmap +vm.mmap_rnd_bits = 32 +vm.mmap_rnd_compat_bits = 16 diff --git a/config/kernel/kernel.config.aarch64-ipfire b/config/kernel/kernel.config.aarch64-ipfire index 165f90421..5934e3aff 100644 --- a/config/kernel/kernel.config.aarch64-ipfire +++ b/config/kernel/kernel.config.aarch64-ipfire @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/arm64 4.14.121-ipfire Kernel Configuration +# Linux/arm64 4.14.137-ipfire Kernel Configuration # CONFIG_ARM64=y CONFIG_64BIT=y diff --git a/config/kernel/kernel.config.armv5tel-ipfire-kirkwood b/config/kernel/kernel.config.armv5tel-ipfire-kirkwood index 7879e9177..22f9812f2 100644 --- a/config/kernel/kernel.config.armv5tel-ipfire-kirkwood +++ b/config/kernel/kernel.config.armv5tel-ipfire-kirkwood @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/arm 4.14.121-ipfire-kirkwood Kernel Configuration +# Linux/arm 4.14.137-ipfire-kirkwood Kernel Configuration # CONFIG_ARM=y CONFIG_ARM_HAS_SG_CHAIN=y diff --git a/config/kernel/kernel.config.armv5tel-ipfire-multi b/config/kernel/kernel.config.armv5tel-ipfire-multi index 50d26909a..cb1ea1d26 100644 --- a/config/kernel/kernel.config.armv5tel-ipfire-multi +++ b/config/kernel/kernel.config.armv5tel-ipfire-multi @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/arm 4.14.121-ipfire-multi Kernel Configuration +# Linux/arm 4.14.137-ipfire-multi Kernel Configuration # CONFIG_ARM=y CONFIG_ARM_HAS_SG_CHAIN=y diff --git a/config/kernel/kernel.config.i586-ipfire b/config/kernel/kernel.config.i586-ipfire index ff07cdc0b..20f432b3c 100644 --- a/config/kernel/kernel.config.i586-ipfire +++ b/config/kernel/kernel.config.i586-ipfire @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 4.14.128-ipfire Kernel Configuration +# Linux/x86 4.14.137-ipfire Kernel Configuration # # CONFIG_64BIT is not set CONFIG_X86_32=y diff --git a/config/kernel/kernel.config.i586-ipfire-pae b/config/kernel/kernel.config.i586-ipfire-pae index 267438631..d0c9be079 100644 --- a/config/kernel/kernel.config.i586-ipfire-pae +++ b/config/kernel/kernel.config.i586-ipfire-pae @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 4.14.128-ipfire-pae Kernel Configuration +# Linux/x86 4.14.137-ipfire-pae Kernel Configuration # # CONFIG_64BIT is not set CONFIG_X86_32=y diff --git a/config/kernel/kernel.config.x86_64-ipfire b/config/kernel/kernel.config.x86_64-ipfire index 00314c7c9..eb9e4f80e 100644 --- a/config/kernel/kernel.config.x86_64-ipfire +++ b/config/kernel/kernel.config.x86_64-ipfire @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 4.14.128-ipfire Kernel Configuration +# Linux/x86 4.14.137-ipfire Kernel Configuration # CONFIG_64BIT=y CONFIG_X86_64=y diff --git a/config/rootfiles/common/aarch64/initscripts b/config/rootfiles/common/aarch64/initscripts index cc23cd7fe..260a961fe 100644 --- a/config/rootfiles/common/aarch64/initscripts +++ b/config/rootfiles/common/aarch64/initscripts @@ -2,11 +2,12 @@ etc/init.d #etc/rc.d #etc/rc.d/helper etc/rc.d/helper/aws-setup +etc/rc.d/helper/azure-setup etc/rc.d/helper/getdnsfromdhcpc.pl #etc/rc.d/init.d etc/rc.d/init.d/acpid etc/rc.d/init.d/apache -etc/rc.d/init.d/aws +etc/rc.d/init.d/cloud-init etc/rc.d/init.d/beep etc/rc.d/init.d/checkfs etc/rc.d/init.d/cleanfs @@ -40,7 +41,7 @@ etc/rc.d/init.d/networking/green etc/rc.d/init.d/networking/orange etc/rc.d/init.d/networking/red #etc/rc.d/init.d/networking/red.down -etc/rc.d/init.d/networking/red.down/05-update-dns-forwarders +etc/rc.d/init.d/networking/red.down/05-remove-dns-forwarders etc/rc.d/init.d/networking/red.down/10-ipsec etc/rc.d/init.d/networking/red.down/10-miniupnpd etc/rc.d/init.d/networking/red.down/10-ovpn @@ -192,7 +193,7 @@ etc/rc.d/rcsysinit.d/S60setclock etc/rc.d/rcsysinit.d/S70console etc/rc.d/rcsysinit.d/S71pakfire etc/rc.d/rcsysinit.d/S73swconfig -etc/rc.d/rcsysinit.d/S74aws +etc/rc.d/rcsysinit.d/S74cloud-init etc/rc.d/rcsysinit.d/S75firstsetup etc/rc.d/rcsysinit.d/S80localnet etc/rc.d/rcsysinit.d/S85firewall diff --git a/config/rootfiles/common/armv5tel/initscripts b/config/rootfiles/common/armv5tel/initscripts index cc23cd7fe..260a961fe 100644 --- a/config/rootfiles/common/armv5tel/initscripts +++ b/config/rootfiles/common/armv5tel/initscripts @@ -2,11 +2,12 @@ etc/init.d #etc/rc.d #etc/rc.d/helper etc/rc.d/helper/aws-setup +etc/rc.d/helper/azure-setup etc/rc.d/helper/getdnsfromdhcpc.pl #etc/rc.d/init.d etc/rc.d/init.d/acpid etc/rc.d/init.d/apache -etc/rc.d/init.d/aws +etc/rc.d/init.d/cloud-init etc/rc.d/init.d/beep etc/rc.d/init.d/checkfs etc/rc.d/init.d/cleanfs @@ -40,7 +41,7 @@ etc/rc.d/init.d/networking/green etc/rc.d/init.d/networking/orange etc/rc.d/init.d/networking/red #etc/rc.d/init.d/networking/red.down -etc/rc.d/init.d/networking/red.down/05-update-dns-forwarders +etc/rc.d/init.d/networking/red.down/05-remove-dns-forwarders etc/rc.d/init.d/networking/red.down/10-ipsec etc/rc.d/init.d/networking/red.down/10-miniupnpd etc/rc.d/init.d/networking/red.down/10-ovpn @@ -192,7 +193,7 @@ etc/rc.d/rcsysinit.d/S60setclock etc/rc.d/rcsysinit.d/S70console etc/rc.d/rcsysinit.d/S71pakfire etc/rc.d/rcsysinit.d/S73swconfig -etc/rc.d/rcsysinit.d/S74aws +etc/rc.d/rcsysinit.d/S74cloud-init etc/rc.d/rcsysinit.d/S75firstsetup etc/rc.d/rcsysinit.d/S80localnet etc/rc.d/rcsysinit.d/S85firewall diff --git a/config/rootfiles/common/armv5tel/linux-multi b/config/rootfiles/common/armv5tel/linux-multi index ec260e8c9..08a5f601c 100644 --- a/config/rootfiles/common/armv5tel/linux-multi +++ b/config/rootfiles/common/armv5tel/linux-multi @@ -468,6 +468,7 @@ boot/dtb-KVER-ipfire-multi #boot/dtb-KVER-ipfire-multi/sun8i-h3-nanopi-m1.dtb #boot/dtb-KVER-ipfire-multi/sun8i-h3-nanopi-neo-air.dtb #boot/dtb-KVER-ipfire-multi/sun8i-h3-nanopi-neo.dtb +#boot/dtb-KVER-ipfire-multi/sun8i-h3-nanopi-r1.dtb #boot/dtb-KVER-ipfire-multi/sun8i-h3-orangepi-2.dtb #boot/dtb-KVER-ipfire-multi/sun8i-h3-orangepi-lite.dtb #boot/dtb-KVER-ipfire-multi/sun8i-h3-orangepi-one.dtb diff --git a/config/rootfiles/common/armv5tel/rpi-firmware b/config/rootfiles/common/armv5tel/rpi-firmware index 6d0f5d434..62c6b3d33 100644 --- a/config/rootfiles/common/armv5tel/rpi-firmware +++ b/config/rootfiles/common/armv5tel/rpi-firmware @@ -12,6 +12,7 @@ boot/start_db.elf boot/start_x.elf lib/firmware/brcm/brcmfmac43430-sdio.bin lib/firmware/brcm/brcmfmac43430-sdio.txt +lib/firmware/brcm/brcmfmac43430-sdio.RPI3.txt lib/firmware/brcm/brcmfmac43430a0-sdio.bin lib/firmware/brcm/brcmfmac43455-sdio.bin lib/firmware/brcm/brcmfmac43455-sdio.clm_blob diff --git a/config/rootfiles/common/armv5tel/u-boot-friendlyarm b/config/rootfiles/common/armv5tel/u-boot-friendlyarm new file mode 100644 index 000000000..d3d3e1088 --- /dev/null +++ b/config/rootfiles/common/armv5tel/u-boot-friendlyarm @@ -0,0 +1 @@ +usr/share/u-boot/nanopi-r1/u-boot-sunxi-with-spl.bin diff --git a/config/rootfiles/common/i586/initscripts b/config/rootfiles/common/i586/initscripts index c0c6cf8a9..d74fb743b 100644 --- a/config/rootfiles/common/i586/initscripts +++ b/config/rootfiles/common/i586/initscripts @@ -2,11 +2,12 @@ etc/init.d #etc/rc.d #etc/rc.d/helper etc/rc.d/helper/aws-setup +etc/rc.d/helper/azure-setup etc/rc.d/helper/getdnsfromdhcpc.pl #etc/rc.d/init.d etc/rc.d/init.d/acpid etc/rc.d/init.d/apache -etc/rc.d/init.d/aws +etc/rc.d/init.d/cloud-init etc/rc.d/init.d/beep etc/rc.d/init.d/checkfs etc/rc.d/init.d/cleanfs @@ -40,7 +41,7 @@ etc/rc.d/init.d/networking/green etc/rc.d/init.d/networking/orange etc/rc.d/init.d/networking/red #etc/rc.d/init.d/networking/red.down -etc/rc.d/init.d/networking/red.down/05-update-dns-forwarders +etc/rc.d/init.d/networking/red.down/05-remove-dns-forwarders etc/rc.d/init.d/networking/red.down/10-ipsec etc/rc.d/init.d/networking/red.down/10-miniupnpd etc/rc.d/init.d/networking/red.down/10-ovpn @@ -190,7 +191,7 @@ etc/rc.d/rcsysinit.d/S50cleanfs etc/rc.d/rcsysinit.d/S60setclock etc/rc.d/rcsysinit.d/S70console etc/rc.d/rcsysinit.d/S71pakfire -etc/rc.d/rcsysinit.d/S74aws +etc/rc.d/rcsysinit.d/S74cloud-init etc/rc.d/rcsysinit.d/S75firstsetup etc/rc.d/rcsysinit.d/S80localnet etc/rc.d/rcsysinit.d/S85firewall diff --git a/config/rootfiles/common/nettle b/config/rootfiles/common/nettle index d3621683c..58e3f57a0 100644 --- a/config/rootfiles/common/nettle +++ b/config/rootfiles/common/nettle @@ -20,9 +20,9 @@ #usr/include/nettle/cfb.h #usr/include/nettle/chacha-poly1305.h #usr/include/nettle/chacha.h +#usr/include/nettle/cmac.h #usr/include/nettle/ctr.h #usr/include/nettle/curve25519.h -#usr/include/nettle/des-compat.h #usr/include/nettle/des.h #usr/include/nettle/dsa-compat.h #usr/include/nettle/dsa.h @@ -44,7 +44,6 @@ #usr/include/nettle/memops.h #usr/include/nettle/memxor.h #usr/include/nettle/nettle-meta.h -#usr/include/nettle/nettle-stdint.h #usr/include/nettle/nettle-types.h #usr/include/nettle/pbkdf2.h #usr/include/nettle/pgp.h @@ -65,12 +64,13 @@ #usr/include/nettle/twofish.h #usr/include/nettle/umac.h #usr/include/nettle/version.h +#usr/include/nettle/xts.h #usr/include/nettle/yarrow.h usr/lib/libhogweed.so -usr/lib/libhogweed.so.4 -usr/lib/libhogweed.so.4.5 +usr/lib/libhogweed.so.5 +usr/lib/libhogweed.so.5.0 #usr/lib/libnettle.so -usr/lib/libnettle.so.6 -usr/lib/libnettle.so.6.5 +usr/lib/libnettle.so.7 +usr/lib/libnettle.so.7.0 #usr/lib/pkgconfig/hogweed.pc #usr/lib/pkgconfig/nettle.pc diff --git a/config/rootfiles/common/stage2 b/config/rootfiles/common/stage2 index 5999609ed..5b213c8de 100644 --- a/config/rootfiles/common/stage2 +++ b/config/rootfiles/common/stage2 @@ -42,6 +42,7 @@ etc/profile.d/umask.sh etc/resolv.conf etc/securetty etc/sysctl.conf +#etc/sysctl-x86_64.conf etc/syslog.conf etc/system-release #home diff --git a/config/rootfiles/common/x86_64/initscripts b/config/rootfiles/common/x86_64/initscripts index c0c6cf8a9..d74fb743b 100644 --- a/config/rootfiles/common/x86_64/initscripts +++ b/config/rootfiles/common/x86_64/initscripts @@ -2,11 +2,12 @@ etc/init.d #etc/rc.d #etc/rc.d/helper etc/rc.d/helper/aws-setup +etc/rc.d/helper/azure-setup etc/rc.d/helper/getdnsfromdhcpc.pl #etc/rc.d/init.d etc/rc.d/init.d/acpid etc/rc.d/init.d/apache -etc/rc.d/init.d/aws +etc/rc.d/init.d/cloud-init etc/rc.d/init.d/beep etc/rc.d/init.d/checkfs etc/rc.d/init.d/cleanfs @@ -40,7 +41,7 @@ etc/rc.d/init.d/networking/green etc/rc.d/init.d/networking/orange etc/rc.d/init.d/networking/red #etc/rc.d/init.d/networking/red.down -etc/rc.d/init.d/networking/red.down/05-update-dns-forwarders +etc/rc.d/init.d/networking/red.down/05-remove-dns-forwarders etc/rc.d/init.d/networking/red.down/10-ipsec etc/rc.d/init.d/networking/red.down/10-miniupnpd etc/rc.d/init.d/networking/red.down/10-ovpn @@ -190,7 +191,7 @@ etc/rc.d/rcsysinit.d/S50cleanfs etc/rc.d/rcsysinit.d/S60setclock etc/rc.d/rcsysinit.d/S70console etc/rc.d/rcsysinit.d/S71pakfire -etc/rc.d/rcsysinit.d/S74aws +etc/rc.d/rcsysinit.d/S74cloud-init etc/rc.d/rcsysinit.d/S75firstsetup etc/rc.d/rcsysinit.d/S80localnet etc/rc.d/rcsysinit.d/S85firewall diff --git a/config/rootfiles/common/x86_64/linux b/config/rootfiles/common/x86_64/linux index 238134dd3..755d7627a 100644 --- a/config/rootfiles/common/x86_64/linux +++ b/config/rootfiles/common/x86_64/linux @@ -18484,7 +18484,7 @@ etc/modprobe.d/ipv6.conf #lib/modules/KVER-ipfire/build/virt/lib #lib/modules/KVER-ipfire/build/virt/lib/Kconfig #lib/modules/KVER-ipfire/build/virt/lib/Makefile -#lib/modules/KVER-ipfire/extra +lib/modules/KVER-ipfire/extra lib/modules/KVER-ipfire/kernel #lib/modules/KVER-ipfire/kernel/arch #lib/modules/KVER-ipfire/kernel/arch/x86 diff --git a/config/rootfiles/common/x86_64/stage2 b/config/rootfiles/common/x86_64/stage2 index 576d3f77b..5734b4542 100644 --- a/config/rootfiles/common/x86_64/stage2 +++ b/config/rootfiles/common/x86_64/stage2 @@ -42,6 +42,7 @@ etc/profile.d/umask.sh etc/resolv.conf etc/securetty etc/sysctl.conf +etc/sysctl-x86_64.conf etc/syslog.conf etc/system-release #home diff --git a/config/rootfiles/core/134/exclude b/config/rootfiles/core/135/exclude similarity index 100% rename from config/rootfiles/core/134/exclude rename to config/rootfiles/core/135/exclude diff --git a/config/rootfiles/core/134/filelists/aarch64/linux b/config/rootfiles/core/135/filelists/aarch64/linux similarity index 100% rename from config/rootfiles/core/134/filelists/aarch64/linux rename to config/rootfiles/core/135/filelists/aarch64/linux diff --git a/config/rootfiles/core/134/filelists/aarch64/linux-initrd b/config/rootfiles/core/135/filelists/aarch64/linux-initrd similarity index 100% rename from config/rootfiles/core/134/filelists/aarch64/linux-initrd rename to config/rootfiles/core/135/filelists/aarch64/linux-initrd diff --git a/config/rootfiles/core/135/filelists/aarch64/u-boot b/config/rootfiles/core/135/filelists/aarch64/u-boot new file mode 100644 index 000000000..6a00446f4 --- /dev/null +++ b/config/rootfiles/core/135/filelists/aarch64/u-boot @@ -0,0 +1,2 @@ +boot/boot.cmd +boot/boot.scr diff --git a/config/rootfiles/core/134/filelists/armv5tel/linux-initrd-kirkwood b/config/rootfiles/core/135/filelists/armv5tel/linux-initrd-kirkwood similarity index 100% rename from config/rootfiles/core/134/filelists/armv5tel/linux-initrd-kirkwood rename to config/rootfiles/core/135/filelists/armv5tel/linux-initrd-kirkwood diff --git a/config/rootfiles/core/134/filelists/armv5tel/linux-initrd-multi b/config/rootfiles/core/135/filelists/armv5tel/linux-initrd-multi similarity index 100% rename from config/rootfiles/core/134/filelists/armv5tel/linux-initrd-multi rename to config/rootfiles/core/135/filelists/armv5tel/linux-initrd-multi diff --git a/config/rootfiles/core/134/filelists/armv5tel/linux-kirkwood b/config/rootfiles/core/135/filelists/armv5tel/linux-kirkwood similarity index 100% rename from config/rootfiles/core/134/filelists/armv5tel/linux-kirkwood rename to config/rootfiles/core/135/filelists/armv5tel/linux-kirkwood diff --git a/config/rootfiles/core/134/filelists/armv5tel/linux-multi b/config/rootfiles/core/135/filelists/armv5tel/linux-multi similarity index 100% rename from config/rootfiles/core/134/filelists/armv5tel/linux-multi rename to config/rootfiles/core/135/filelists/armv5tel/linux-multi diff --git a/config/rootfiles/core/135/filelists/armv5tel/u-boot b/config/rootfiles/core/135/filelists/armv5tel/u-boot new file mode 100644 index 000000000..6a00446f4 --- /dev/null +++ b/config/rootfiles/core/135/filelists/armv5tel/u-boot @@ -0,0 +1,2 @@ +boot/boot.cmd +boot/boot.scr diff --git a/config/rootfiles/core/135/filelists/armv5tel/u-boot-friendlyarm b/config/rootfiles/core/135/filelists/armv5tel/u-boot-friendlyarm new file mode 120000 index 000000000..4f9b7980b --- /dev/null +++ b/config/rootfiles/core/135/filelists/armv5tel/u-boot-friendlyarm @@ -0,0 +1 @@ +../../../../common/armv5tel/u-boot-friendlyarm \ No newline at end of file diff --git a/config/rootfiles/core/135/filelists/ddns b/config/rootfiles/core/135/filelists/ddns new file mode 120000 index 000000000..739516420 --- /dev/null +++ b/config/rootfiles/core/135/filelists/ddns @@ -0,0 +1 @@ +../../../common/ddns \ No newline at end of file diff --git a/config/rootfiles/core/135/filelists/dhcpcd b/config/rootfiles/core/135/filelists/dhcpcd new file mode 120000 index 000000000..1e799dabb --- /dev/null +++ b/config/rootfiles/core/135/filelists/dhcpcd @@ -0,0 +1 @@ +../../../common/dhcpcd \ No newline at end of file diff --git a/config/rootfiles/core/135/filelists/files b/config/rootfiles/core/135/filelists/files new file mode 100644 index 000000000..c6c87ba18 --- /dev/null +++ b/config/rootfiles/core/135/filelists/files @@ -0,0 +1,17 @@ +etc/system-release +etc/issue +srv/web/ipfire/cgi-bin/credits.cgi +var/ipfire/langs +etc/unbound/root.hints +etc/rc.d/helper/azure-setup +etc/rc.d/init.d/cloud-init +etc/rc.d/init.d/functions +etc/rc.d/init.d/leds +etc/rc.d/init.d/networking/red.down/05-remove-dns-forwarders +etc/rc.d/init.d/partresize +etc/rc.d/init.d/smt +etc/rc.d/init.d/sysctl +etc/rc.d/init.d/unbound +etc/sysctl.conf +usr/sbin/setup +usr/sbin/unbound-dhcp-leases-bridge diff --git a/config/rootfiles/core/134/filelists/i586/linux b/config/rootfiles/core/135/filelists/i586/linux similarity index 100% rename from config/rootfiles/core/134/filelists/i586/linux rename to config/rootfiles/core/135/filelists/i586/linux diff --git a/config/rootfiles/core/134/filelists/i586/linux-initrd b/config/rootfiles/core/135/filelists/i586/linux-initrd similarity index 100% rename from config/rootfiles/core/134/filelists/i586/linux-initrd rename to config/rootfiles/core/135/filelists/i586/linux-initrd diff --git a/config/rootfiles/core/135/filelists/nettle b/config/rootfiles/core/135/filelists/nettle new file mode 120000 index 000000000..f0dba7ac8 --- /dev/null +++ b/config/rootfiles/core/135/filelists/nettle @@ -0,0 +1 @@ +../../../common/nettle \ No newline at end of file diff --git a/config/rootfiles/core/135/filelists/squid b/config/rootfiles/core/135/filelists/squid new file mode 120000 index 000000000..2dc8372a0 --- /dev/null +++ b/config/rootfiles/core/135/filelists/squid @@ -0,0 +1 @@ +../../../common/squid \ No newline at end of file diff --git a/config/rootfiles/core/135/filelists/tzdata b/config/rootfiles/core/135/filelists/tzdata new file mode 120000 index 000000000..5a6e3252f --- /dev/null +++ b/config/rootfiles/core/135/filelists/tzdata @@ -0,0 +1 @@ +../../../common/tzdata \ No newline at end of file diff --git a/config/rootfiles/core/134/filelists/x86_64/linux b/config/rootfiles/core/135/filelists/x86_64/linux similarity index 100% rename from config/rootfiles/core/134/filelists/x86_64/linux rename to config/rootfiles/core/135/filelists/x86_64/linux diff --git a/config/rootfiles/core/134/filelists/x86_64/linux-initrd b/config/rootfiles/core/135/filelists/x86_64/linux-initrd similarity index 100% rename from config/rootfiles/core/134/filelists/x86_64/linux-initrd rename to config/rootfiles/core/135/filelists/x86_64/linux-initrd diff --git a/config/rootfiles/core/135/filelists/x86_64/sysctl-x86_64 b/config/rootfiles/core/135/filelists/x86_64/sysctl-x86_64 new file mode 100644 index 000000000..0a9fd8a87 --- /dev/null +++ b/config/rootfiles/core/135/filelists/x86_64/sysctl-x86_64 @@ -0,0 +1 @@ +etc/sysctl-x86_64.conf diff --git a/config/rootfiles/core/135/update.sh b/config/rootfiles/core/135/update.sh new file mode 100644 index 000000000..13959a647 --- /dev/null +++ b/config/rootfiles/core/135/update.sh @@ -0,0 +1,160 @@ +#!/bin/bash +############################################################################ +# # +# This file is part of the IPFire Firewall. # +# # +# IPFire is free software; you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation; either version 3 of the License, or # +# (at your option) any later version. # +# # +# IPFire is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with IPFire; if not, write to the Free Software # +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # +# # +# Copyright (C) 2019 IPFire-Team info@ipfire.org. # +# # +############################################################################ +# +. /opt/pakfire/lib/functions.sh +/usr/local/bin/backupctrl exclude >/dev/null 2>&1 + +core=135 + +exit_with_error() { + # Set last succesfull installed core. + echo $(($core-1)) > /opt/pakfire/db/core/mine + # don't start pakfire again at error + killall -KILL pak_update + /usr/bin/logger -p syslog.emerg -t ipfire \ + "core-update-${core}: $1" + exit $2 +} + +# Remove old core updates from pakfire cache to save space... +for (( i=1; i<=$core; i++ )); do + rm -f /var/cache/pakfire/core-upgrade-*-$i.ipfire +done + +KVER="xxxKVERxxx" + +# Backup uEnv.txt if exist +if [ -e /boot/uEnv.txt ]; then + cp -vf /boot/uEnv.txt /boot/uEnv.txt.org +fi + +# Do some sanity checks. +case $(uname -r) in + *-ipfire*) + # Ok. + ;; + *) + exit_with_error "ERROR cannot update. No IPFire Kernel." 1 + ;; +esac + +# Check diskspace on root +ROOTSPACE=`df / -Pk | sed "s| * | |g" | cut -d" " -f4 | tail -n 1` + +if [ $ROOTSPACE -lt 80000 ]; then + exit_with_error "ERROR cannot update because not enough free space on root." 2 + exit 2 +fi + +# Remove the old kernel +rm -rf /boot/System.map-* +rm -rf /boot/config-* +rm -rf /boot/ipfirerd-* +rm -rf /boot/initramfs-* +rm -rf /boot/vmlinuz-* +rm -rf /boot/uImage-*-ipfire-* +rm -rf /boot/zImage-*-ipfire-* +rm -rf /boot/uInit-*-ipfire-* +rm -rf /boot/dtb-*-ipfire-* +rm -rf /lib/modules +rm -f /etc/sysconfig/lm_sensors + +# Remove files +rm -vf \ + /etc/rc.d/init.d/aws \ + /etc/rc.d/rcsysinit.d/S74aws + /etc/rc.d/init.d/networking/red.down/05-update-dns-forwarders + +# Stop services +/etc/init.d/squid stop + +# Extract files +extract_files + +# update dhcpcd.conf +sed -i -e "s|.*ipv4ll.*||g" /var/ipfire/dhcpc/dhcpcd.conf +echo "# disable ipv4ll (IPv4 local link/apipa) ip's" >> /var/ipfire/dhcpc/dhcpcd.conf +echo "noipv4ll" >> /var/ipfire/dhcpc/dhcpcd.conf + +# update linker config +ldconfig + +# Update Language cache +/usr/local/bin/update-lang-cache + +# Start services +/etc/init.d/squid start + +# Search sensors again after reboot into the new kernel +rm -f /etc/sysconfig/lm_sensors + +# Upadate Kernel version uEnv.txt +if [ -e /boot/uEnv.txt ]; then + sed -i -e "s/KVER=.*/KVER=${KVER}/g" /boot/uEnv.txt +fi + +# call user update script (needed for some arm boards) +if [ -e /boot/pakfire-kernel-update ]; then + /boot/pakfire-kernel-update ${KVER} +fi + +case "$(uname -m)" in + i?86) + # Force (re)install pae kernel if pae is supported + rm -rf /opt/pakfire/db/installed/meta-linux-pae + rm -rf /opt/pakfire/db/rootfiles/linux-pae + if [ ! "$(grep "^flags.* pae " /proc/cpuinfo)" == "" ]; then + ROOTSPACE=`df / -Pk | sed "s| * | |g" | cut -d" " -f4 | tail -n 1` + BOOTSPACE=`df /boot -Pk | sed "s| * | |g" | cut -d" " -f4 | tail -n 1` + if [ $BOOTSPACE -lt 22000 -o $ROOTSPACE -lt 120000 ]; then + /usr/bin/logger -p syslog.emerg -t ipfire \ + "core-update-${core}: WARNING not enough space for pae kernel." + touch /var/run/need_reboot + else + echo "Name: linux-pae" > /opt/pakfire/db/installed/meta-linux-pae + echo "ProgVersion: 0" >> /opt/pakfire/db/installed/meta-linux-pae + echo "Release: 0" >> /opt/pakfire/db/installed/meta-linux-pae + fi + else + touch /var/run/need_reboot + fi + ;; + *) + # This update needs a reboot... + touch /var/run/need_reboot + ;; +esac + +# Finish +/etc/init.d/fireinfo start +sendprofile + +# Update grub config to display new core version +if [ -e /boot/grub/grub.cfg ]; then + grub-mkconfig -o /boot/grub/grub.cfg +fi + +sync + +# Don't report the exitcode last command +exit 0 diff --git a/config/rootfiles/oldcore/134/exclude b/config/rootfiles/oldcore/134/exclude new file mode 100644 index 000000000..b22159878 --- /dev/null +++ b/config/rootfiles/oldcore/134/exclude @@ -0,0 +1,28 @@ +boot/config.txt +boot/grub/grub.cfg +boot/grub/grubenv +etc/alternatives +etc/collectd.custom +etc/default/grub +etc/ipsec.conf +etc/ipsec.secrets +etc/ipsec.user.conf +etc/ipsec.user.secrets +etc/localtime +etc/shadow +etc/snort/snort.conf +etc/ssl/openssl.cnf +etc/sudoers +etc/sysconfig/firewall.local +etc/sysconfig/rc.local +etc/udev/rules.d/30-persistent-network.rules +srv/web/ipfire/html/proxy.pac +var/ipfire/dma +var/ipfire/time +var/ipfire/ovpn +var/lib/alternatives +var/log/cache +var/log/dhcpcd.log +var/log/messages +var/state/dhcp/dhcpd.leases +var/updatecache diff --git a/config/rootfiles/oldcore/134/filelists/aarch64/linux b/config/rootfiles/oldcore/134/filelists/aarch64/linux new file mode 120000 index 000000000..3a2532bc7 --- /dev/null +++ b/config/rootfiles/oldcore/134/filelists/aarch64/linux @@ -0,0 +1 @@ +../../../../common/aarch64/linux \ No newline at end of file diff --git a/config/rootfiles/oldcore/134/filelists/aarch64/linux-initrd b/config/rootfiles/oldcore/134/filelists/aarch64/linux-initrd new file mode 120000 index 000000000..8acdb0f31 --- /dev/null +++ b/config/rootfiles/oldcore/134/filelists/aarch64/linux-initrd @@ -0,0 +1 @@ +../../../../common/aarch64/linux-initrd \ No newline at end of file diff --git a/config/rootfiles/oldcore/134/filelists/armv5tel/linux-initrd-kirkwood b/config/rootfiles/oldcore/134/filelists/armv5tel/linux-initrd-kirkwood new file mode 120000 index 000000000..39c5591b7 --- /dev/null +++ b/config/rootfiles/oldcore/134/filelists/armv5tel/linux-initrd-kirkwood @@ -0,0 +1 @@ +../../../../common/armv5tel/linux-initrd-kirkwood \ No newline at end of file diff --git a/config/rootfiles/oldcore/134/filelists/armv5tel/linux-initrd-multi b/config/rootfiles/oldcore/134/filelists/armv5tel/linux-initrd-multi new file mode 120000 index 000000000..0b1b4530a --- /dev/null +++ b/config/rootfiles/oldcore/134/filelists/armv5tel/linux-initrd-multi @@ -0,0 +1 @@ +../../../../common/armv5tel/linux-initrd-multi \ No newline at end of file diff --git a/config/rootfiles/oldcore/134/filelists/armv5tel/linux-kirkwood b/config/rootfiles/oldcore/134/filelists/armv5tel/linux-kirkwood new file mode 120000 index 000000000..72171071e --- /dev/null +++ b/config/rootfiles/oldcore/134/filelists/armv5tel/linux-kirkwood @@ -0,0 +1 @@ +../../../../common/armv5tel/linux-kirkwood \ No newline at end of file diff --git a/config/rootfiles/oldcore/134/filelists/armv5tel/linux-multi b/config/rootfiles/oldcore/134/filelists/armv5tel/linux-multi new file mode 120000 index 000000000..204eb4c43 --- /dev/null +++ b/config/rootfiles/oldcore/134/filelists/armv5tel/linux-multi @@ -0,0 +1 @@ +../../../../common/armv5tel/linux-multi \ No newline at end of file diff --git a/config/rootfiles/core/134/filelists/bind b/config/rootfiles/oldcore/134/filelists/bind similarity index 100% rename from config/rootfiles/core/134/filelists/bind rename to config/rootfiles/oldcore/134/filelists/bind diff --git a/config/rootfiles/core/134/filelists/files b/config/rootfiles/oldcore/134/filelists/files similarity index 100% rename from config/rootfiles/core/134/filelists/files rename to config/rootfiles/oldcore/134/filelists/files diff --git a/config/rootfiles/core/134/filelists/i586/intel-microcode b/config/rootfiles/oldcore/134/filelists/i586/intel-microcode similarity index 100% rename from config/rootfiles/core/134/filelists/i586/intel-microcode rename to config/rootfiles/oldcore/134/filelists/i586/intel-microcode diff --git a/config/rootfiles/oldcore/134/filelists/i586/linux b/config/rootfiles/oldcore/134/filelists/i586/linux new file mode 120000 index 000000000..693ec4bbf --- /dev/null +++ b/config/rootfiles/oldcore/134/filelists/i586/linux @@ -0,0 +1 @@ +../../../../common/i586/linux \ No newline at end of file diff --git a/config/rootfiles/oldcore/134/filelists/i586/linux-initrd b/config/rootfiles/oldcore/134/filelists/i586/linux-initrd new file mode 120000 index 000000000..32a03e6a9 --- /dev/null +++ b/config/rootfiles/oldcore/134/filelists/i586/linux-initrd @@ -0,0 +1 @@ +../../../../common/i586/linux-initrd \ No newline at end of file diff --git a/config/rootfiles/core/134/filelists/i586/openssl-sse2 b/config/rootfiles/oldcore/134/filelists/i586/openssl-sse2 similarity index 100% rename from config/rootfiles/core/134/filelists/i586/openssl-sse2 rename to config/rootfiles/oldcore/134/filelists/i586/openssl-sse2 diff --git a/config/rootfiles/core/134/filelists/openssl b/config/rootfiles/oldcore/134/filelists/openssl similarity index 100% rename from config/rootfiles/core/134/filelists/openssl rename to config/rootfiles/oldcore/134/filelists/openssl diff --git a/config/rootfiles/core/134/filelists/unbound b/config/rootfiles/oldcore/134/filelists/unbound similarity index 100% rename from config/rootfiles/core/134/filelists/unbound rename to config/rootfiles/oldcore/134/filelists/unbound diff --git a/config/rootfiles/core/134/filelists/vim b/config/rootfiles/oldcore/134/filelists/vim similarity index 100% rename from config/rootfiles/core/134/filelists/vim rename to config/rootfiles/oldcore/134/filelists/vim diff --git a/config/rootfiles/core/134/filelists/x86_64/intel-microcode b/config/rootfiles/oldcore/134/filelists/x86_64/intel-microcode similarity index 100% rename from config/rootfiles/core/134/filelists/x86_64/intel-microcode rename to config/rootfiles/oldcore/134/filelists/x86_64/intel-microcode diff --git a/config/rootfiles/oldcore/134/filelists/x86_64/linux b/config/rootfiles/oldcore/134/filelists/x86_64/linux new file mode 120000 index 000000000..0615b5b9a --- /dev/null +++ b/config/rootfiles/oldcore/134/filelists/x86_64/linux @@ -0,0 +1 @@ +../../../../common/x86_64/linux \ No newline at end of file diff --git a/config/rootfiles/oldcore/134/filelists/x86_64/linux-initrd b/config/rootfiles/oldcore/134/filelists/x86_64/linux-initrd new file mode 120000 index 000000000..1b9fff70f --- /dev/null +++ b/config/rootfiles/oldcore/134/filelists/x86_64/linux-initrd @@ -0,0 +1 @@ +../../../../common/x86_64/linux-initrd \ No newline at end of file diff --git a/config/rootfiles/core/134/update.sh b/config/rootfiles/oldcore/134/update.sh similarity index 100% rename from config/rootfiles/core/134/update.sh rename to config/rootfiles/oldcore/134/update.sh diff --git a/config/rootfiles/packages/mc b/config/rootfiles/packages/mc index 06c536ed4..73ff588c7 100644 --- a/config/rootfiles/packages/mc +++ b/config/rootfiles/packages/mc @@ -106,6 +106,7 @@ usr/share/mc/skins/dark.ini usr/share/mc/skins/darkfar.ini usr/share/mc/skins/default.ini usr/share/mc/skins/double-lines.ini +usr/share/mc/skins/featured-plus.ini usr/share/mc/skins/featured.ini usr/share/mc/skins/gotar.ini usr/share/mc/skins/gray-green-purple256.ini diff --git a/config/rootfiles/packages/pcengines-apu-firmware b/config/rootfiles/packages/pcengines-apu-firmware index 271d6df32..b2126e822 100644 --- a/config/rootfiles/packages/pcengines-apu-firmware +++ b/config/rootfiles/packages/pcengines-apu-firmware @@ -1,7 +1,7 @@ #lib/firmware/pcengines #lib/firmware/pcengines/apu -lib/firmware/pcengines/apu/apu1_v4.9.0.3.rom -lib/firmware/pcengines/apu/apu2_v4.9.0.3.rom -lib/firmware/pcengines/apu/apu3_v4.9.0.3.rom -lib/firmware/pcengines/apu/apu4_v4.9.0.3.rom -lib/firmware/pcengines/apu/apu5_v4.9.0.3.rom +lib/firmware/pcengines/apu/apu1_v4.9.0.7.rom +lib/firmware/pcengines/apu/apu2_v4.9.0.7.rom +lib/firmware/pcengines/apu/apu3_v4.9.0.7.rom +lib/firmware/pcengines/apu/apu4_v4.9.0.7.rom +lib/firmware/pcengines/apu/apu5_v4.9.0.7.rom diff --git a/config/u-boot/boot.cmd b/config/u-boot/boot.cmd index 5cb4b8971..b86b6809a 100644 --- a/config/u-boot/boot.cmd +++ b/config/u-boot/boot.cmd @@ -3,8 +3,12 @@ if test ${boot_dev} = ""; then setenv root_dev /dev/mmcblk0p3; fi;
+if test ${dev_num} = ""; then + setenv dev_num 0; +fi; + if test ${boot_part} = ""; then - setenv boot_part 0:1; + setenv boot_part ${dev_num}:1; fi;
if test ${soc} = "kirkwood"; then diff --git a/config/u-boot/boot.scr b/config/u-boot/boot.scr index 5143b051b..b3c6bc2c8 100644 Binary files a/config/u-boot/boot.scr and b/config/u-boot/boot.scr differ diff --git a/config/u-boot/uEnv.txt b/config/u-boot/uEnv.txt index c7466778f..21780a971 100644 --- a/config/u-boot/uEnv.txt +++ b/config/u-boot/uEnv.txt @@ -1,3 +1,4 @@ KVER=xxxKVERxxx -DTBSUNXI=sun8i-h2-plus-ipfire-nano.dtb +DTBSUNXI=sun8i-h3-nanopi-r1.dtb +root_dev=UUID=xxxROOT-UUIDxxx SERIAL-CONSOLE=ON diff --git a/config/unbound/root.hints b/config/unbound/root.hints index 877fc6981..08c76a372 100644 --- a/config/unbound/root.hints +++ b/config/unbound/root.hints @@ -1,92 +1,92 @@ -; This file holds the information on root name servers needed to +; This file holds the information on root name servers needed to ; initialize cache of Internet domain name servers ; (e.g. reference this file in the "cache . <file>" -; configuration file of BIND domain name servers). -; +; configuration file of BIND domain name servers). +; ; This file is made available by InterNIC ; under anonymous FTP as -; file /domain/named.cache +; file /domain/named.cache ; on server FTP.INTERNIC.NET ; -OR- RS.INTERNIC.NET -; -; last update: July 26, 2017 -; related version of root zone: 2017072601 -; -; FORMERLY NS.INTERNIC.NET +; +; last update: July 03, 2019 +; related version of root zone: 2019070301 +; +; FORMERLY NS.INTERNIC.NET ; . 3600000 NS A.ROOT-SERVERS.NET. A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4 A.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:ba3e::2:30 -; -; FORMERLY NS1.ISI.EDU +; +; FORMERLY NS1.ISI.EDU ; . 3600000 NS B.ROOT-SERVERS.NET. -B.ROOT-SERVERS.NET. 3600000 A 192.228.79.201 +B.ROOT-SERVERS.NET. 3600000 A 199.9.14.201 B.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:200::b -; -; FORMERLY C.PSI.NET +; +; FORMERLY C.PSI.NET ; . 3600000 NS C.ROOT-SERVERS.NET. C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12 C.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2::c -; -; FORMERLY TERP.UMD.EDU +; +; FORMERLY TERP.UMD.EDU ; . 3600000 NS D.ROOT-SERVERS.NET. D.ROOT-SERVERS.NET. 3600000 A 199.7.91.13 D.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2d::d -; +; ; FORMERLY NS.NASA.GOV ; . 3600000 NS E.ROOT-SERVERS.NET. E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10 E.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:a8::e -; +; ; FORMERLY NS.ISC.ORG ; . 3600000 NS F.ROOT-SERVERS.NET. F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241 F.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2f::f -; +; ; FORMERLY NS.NIC.DDN.MIL ; . 3600000 NS G.ROOT-SERVERS.NET. G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4 G.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:12::d0d -; +; ; FORMERLY AOS.ARL.ARMY.MIL ; . 3600000 NS H.ROOT-SERVERS.NET. H.ROOT-SERVERS.NET. 3600000 A 198.97.190.53 H.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:1::53 -; +; ; FORMERLY NIC.NORDU.NET ; . 3600000 NS I.ROOT-SERVERS.NET. I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17 I.ROOT-SERVERS.NET. 3600000 AAAA 2001:7fe::53 -; +; ; OPERATED BY VERISIGN, INC. ; . 3600000 NS J.ROOT-SERVERS.NET. J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30 J.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:c27::2:30 -; +; ; OPERATED BY RIPE NCC ; . 3600000 NS K.ROOT-SERVERS.NET. K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129 K.ROOT-SERVERS.NET. 3600000 AAAA 2001:7fd::1 -; +; ; OPERATED BY ICANN ; . 3600000 NS L.ROOT-SERVERS.NET. L.ROOT-SERVERS.NET. 3600000 A 199.7.83.42 L.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:9f::42 -; +; ; OPERATED BY WIDE ; . 3600000 NS M.ROOT-SERVERS.NET. M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33 M.ROOT-SERVERS.NET. 3600000 AAAA 2001:dc3::35 -; End of file +; End of file \ No newline at end of file diff --git a/config/unbound/unbound-dhcp-leases-bridge b/config/unbound/unbound-dhcp-leases-bridge index a8cd837bb..64306bc9b 100644 --- a/config/unbound/unbound-dhcp-leases-bridge +++ b/config/unbound/unbound-dhcp-leases-bridge @@ -153,7 +153,7 @@ class UnboundDHCPLeasesBridge(object): line = line.rstrip()
try: - enabled, ipaddr, hostname, domainname = line.split(",") + enabled, ipaddr, hostname, domainname, generateptr = line.split(",") except: log.warning("Could not parse line: %s" % line) continue diff --git a/lfs/bird b/lfs/bird index 84487a861..0c908ec7b 100644 --- a/lfs/bird +++ b/lfs/bird @@ -24,7 +24,7 @@
include Config
-VER = 2.0.2 +VER = 2.0.4
THISAPP = bird-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = bird -PAK_VER = 3 +PAK_VER = 4
DEPS = ""
@@ -44,7 +44,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = de17645b045fa13912409aea59420132 +$(DL_FILE)_MD5 = f0d0db5c6325437be66a6165ea29e5f9
install : $(TARGET)
diff --git a/lfs/clamav b/lfs/clamav index 640691408..d6f8164b7 100644 --- a/lfs/clamav +++ b/lfs/clamav @@ -24,7 +24,7 @@
include Config
-VER = 0.101.2 +VER = 0.101.3
THISAPP = clamav-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = clamav -PAK_VER = 44 +PAK_VER = 45
DEPS = ""
@@ -50,7 +50,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = faeb0e286e76c2a26e2e10845e4b68db +$(DL_FILE)_MD5 = 1981c5bd299c1f3cbf3f74095a00524c
install : $(TARGET)
diff --git a/lfs/dhcpcd b/lfs/dhcpcd index 08d763f37..83252e897 100644 --- a/lfs/dhcpcd +++ b/lfs/dhcpcd @@ -24,7 +24,7 @@
include Config
-VER = 7.2.2 +VER = 7.2.3
THISAPP = dhcpcd-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 2f17034432ea10415ee84a97ef131128 +$(DL_FILE)_MD5 = b7aade2cc47afa6d645f798103365402
install : $(TARGET)
diff --git a/lfs/flash-images b/lfs/flash-images index b78691e08..e9bd0434b 100644 --- a/lfs/flash-images +++ b/lfs/flash-images @@ -79,7 +79,7 @@ endif # /boot: 128MB - OFFSET # / : 1200 MB S_BOOT := $(shell echo $$(( 262144 - $(S_OFFSET) ))) -S_ROOT := 2477600 +S_ROOT := 2476032
ifeq "$(EFI)" "1" S_EFI = 65536 # 32 MB @@ -215,6 +215,12 @@ endif rm -f $(MNThdd)/etc/grub.d/11_linux_scon endif
+ifeq "$(BUILD_ARCH)" "armv5tel" + # Insert the UUID to uENV.txt + sed -i $(MNThdd)/boot/uENV.txt \ + -e "s/^root_dev=.*/root_dev=UUID=$$(blkid -o value -s UUID $(PART_ROOT))/g" +endif + # Set ramdisk mode to automatic echo RAMDISK_MODE=2 > $(MNThdd)/etc/sysconfig/ramdisk
diff --git a/lfs/initscripts b/lfs/initscripts index 5ed5f9524..68cab0ba2 100644 --- a/lfs/initscripts +++ b/lfs/initscripts @@ -177,7 +177,7 @@ $(TARGET) : ln -sf ../init.d/setclock /etc/rc.d/rc6.d/K47setclock ln -sf ../init.d/console /etc/rc.d/rcsysinit.d/S70console ln -sf ../init.d/pakfire /etc/rc.d/rcsysinit.d/S71pakfire - ln -sf ../init.d/aws /etc/rc.d/rcsysinit.d/S74aws + ln -sf ../init.d/cloud-init /etc/rc.d/rcsysinit.d/S74cloud-init ln -sf ../init.d/firstsetup /etc/rc.d/rcsysinit.d/S75firstsetup ln -sf ../init.d/localnet /etc/rc.d/rcsysinit.d/S80localnet ln -sf ../init.d/firewall /etc/rc.d/rcsysinit.d/S85firewall diff --git a/lfs/iperf b/lfs/iperf index 23a8b7abe..aaace823f 100644 --- a/lfs/iperf +++ b/lfs/iperf @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2018 IPFire Team info@ipfire.org # +# Copyright (C) 2007-2019 IPFire Team info@ipfire.org # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,7 +24,7 @@
include Config
-VER = 2.0.9 +VER = 2.0.13
THISAPP = iperf-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = iperf -PAK_VER = 3 +PAK_VER = 4
DEPS = ""
@@ -44,7 +44,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 351b018b71176b8cb25f20eef6a9e37c +$(DL_FILE)_MD5 = 31ea1c6d5cbf80b16ff3abe4288dad5e
install : $(TARGET)
diff --git a/lfs/iperf3 b/lfs/iperf3 index fc84f6468..842d48cec 100644 --- a/lfs/iperf3 +++ b/lfs/iperf3 @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2018 IPFire Team info@ipfire.org # +# Copyright (C) 2007-2019 IPFire Team info@ipfire.org # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,7 +24,7 @@
include Config
-VER = 3.1.2 +VER = 3.7
THISAPP = iperf-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = iperf3 -PAK_VER = 1 +PAK_VER = 2
DEPS = ""
@@ -44,7 +44,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = f48a1b45c68647a9d8a8491af44470d6 +$(DL_FILE)_MD5 = 9534aae7430791b46d8cb8fc44afb6f8
install : $(TARGET) check : $(patsubst %,$(DIR_CHK)/%,$(objects)) @@ -76,7 +76,7 @@ $(subst %,%_MD5,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) - cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/iperf3/0001-remove-pg-flag.patch + cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/iperf3/iperf-3.7-remove-pg-flag.patch cd $(DIR_APP) && ./configure --prefix=/usr cd $(DIR_APP) && make $(MAKETUNING) $(EXTRA_MAKE) cd $(DIR_APP) && make install diff --git a/lfs/linux b/lfs/linux index b675e4fbe..a9e30714f 100644 --- a/lfs/linux +++ b/lfs/linux @@ -24,8 +24,8 @@
include Config
-VER = 4.14.131 -ARM_PATCHES = 4.14.131-ipfire0 +VER = 4.14.138 +ARM_PATCHES = 4.14.138-ipfire0
THISAPP = linux-$(VER) DL_FILE = linux-$(VER).tar.xz @@ -34,7 +34,7 @@ DIR_APP = $(DIR_SRC)/$(THISAPP) CFLAGS = CXXFLAGS =
-PAK_VER = 85 +PAK_VER = 86 DEPS = ""
HEADERS_ARCH = $(BUILD_PLATFORM) @@ -82,9 +82,8 @@ objects =$(DL_FILE) \ $(DL_FILE) = $(URL_IPFIRE)/$(DL_FILE) arm-multi-patches-$(ARM_PATCHES).patch.xz = $(URL_IPFIRE)/arm-multi-patches-$(ARM_PATCHES).patch.xz
-$(DL_FILE)_MD5 = 895790cf47b6a565ac5e5ce71b322dac - -arm-multi-patches-$(ARM_PATCHES).patch.xz_MD5 = 5c5f6da89606e63701cdcd84a500aca1 +$(DL_FILE)_MD5 = 00a16e1b1c6f295d236e5f82e20a0d2f +arm-multi-patches-$(ARM_PATCHES).patch.xz_MD5 = aac1fa091598028a8c27d64f206b6fca
install : $(TARGET)
@@ -179,6 +178,9 @@ else cd $(DIR_APP) && make clean cd $(DIR_APP) && sed -i -e 's/EXTRAVERSION\ =.*/EXTRAVERSION\ =\ -$(VERSUFIX)/' Makefile
+ # Remove modules folder if exists + rm -rf /lib/modules/$(VER)-$(VERSUFIX) + # Build the kernel cd $(DIR_APP) && make $(MAKETUNING) $(KERNEL_TARGET) modules
diff --git a/lfs/mc b/lfs/mc index 6600702e5..ff23c4064 100644 --- a/lfs/mc +++ b/lfs/mc @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2018 IPFire Team info@ipfire.org # +# Copyright (C) 2007-2019 IPFire Team info@ipfire.org # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,7 +24,7 @@
include Config
-VER = 4.8.22 +VER = 4.8.23
THISAPP = mc-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = mc -PAK_VER = 17 +PAK_VER = 18
DEPS = ""
@@ -44,7 +44,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 62bba2bfccadf08eb554321899f475bc +$(DL_FILE)_MD5 = 466c3135f727f8ac2102d060a080ace3
install : $(TARGET)
diff --git a/lfs/nettle b/lfs/nettle index 36f247d34..cc34b1fad 100644 --- a/lfs/nettle +++ b/lfs/nettle @@ -24,7 +24,7 @@
include Config
-VER = 3.4.1 +VER = 3.5.1
THISAPP = nettle-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 9bdebb0e2f638d3b9d91f7fc264b70c1 +$(DL_FILE)_MD5 = 0e5707b418c3826768d41130fbe4ee86
install : $(TARGET)
diff --git a/lfs/pcengines-apu-firmware b/lfs/pcengines-apu-firmware index f318a60a6..efc859388 100644 --- a/lfs/pcengines-apu-firmware +++ b/lfs/pcengines-apu-firmware @@ -24,14 +24,15 @@
include Config
-VER = 4.9.0.3 +VER = 4.9.0.7
THISAPP = pcengines-apu-firmware-$(VER) DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = pcengines-apu-firmware -PAK_VER = 1 +PAK_VER = 2 +SUP_ARCH = i586 x86_64
DEPS = "firmware-update"
@@ -52,11 +53,11 @@ apu3_v$(VER).rom = $(DL_FROM)/apu3_v$(VER).rom apu4_v$(VER).rom = $(DL_FROM)/apu4_v$(VER).rom apu5_v$(VER).rom = $(DL_FROM)/apu5_v$(VER).rom
-apu1_v$(VER).rom_MD5 = eb446600520f9abc3704cd806cbf160f -apu2_v$(VER).rom_MD5 = c61e10a6b2f76c8ada4e81f9e654decd -apu3_v$(VER).rom_MD5 = d1390d76d0ee18912825fd95b08e3f26 -apu4_v$(VER).rom_MD5 = c36cc13a1ba196b33eb85592bd44fad7 -apu5_v$(VER).rom_MD5 = da69300aed63e89e827f1e3ee3adc06d +apu1_v$(VER).rom_MD5 = c4319969ebe031d8ab04e4d758581ca0 +apu2_v$(VER).rom_MD5 = eea6483fcd473fbb38f0547aa1aaeb31 +apu3_v$(VER).rom_MD5 = 790bc3934c7429c322d04c49e0fadb95 +apu4_v$(VER).rom_MD5 = d1c9fea737d46c82bfec2a8f3bee6c46 +apu5_v$(VER).rom_MD5 = e60502e06f5e814c2845cde447aa8f6f
install : $(TARGET)
diff --git a/lfs/rpi-firmware b/lfs/rpi-firmware index 482d66dc8..7ee3e8420 100644 --- a/lfs/rpi-firmware +++ b/lfs/rpi-firmware @@ -70,5 +70,7 @@ $(subst %,%_MD5,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @cd / && tar axf $(DIR_DL)/$(DL_FILE) + cp -f /lib/firmware/brcm/brcmfmac43430-sdio.txt \ + /lib/firmware/brcm/brcmfmac43430-sdio.RPI3.txt cp -f $(DIR_SRC)/config/rpi-firmware/config.txt /boot @$(POSTBUILD) diff --git a/lfs/squid b/lfs/squid index 92392ea21..7df658a20 100644 --- a/lfs/squid +++ b/lfs/squid @@ -24,7 +24,7 @@
include Config
-VER = 4.7 +VER = 4.8
THISAPP = squid-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -46,7 +46,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = ec7be696032b962eac9ba5726940a3aa +$(DL_FILE)_MD5 = 08e018f2d8db4911ee90591284fa1ca5
install : $(TARGET)
diff --git a/lfs/tzdata b/lfs/tzdata index 39f262608..04add8396 100644 --- a/lfs/tzdata +++ b/lfs/tzdata @@ -24,7 +24,7 @@
include Config
-VER = 2018i +VER = 2019b TZDATA_VER = $(VER) TZCODE_VER = $(VER)
@@ -45,8 +45,8 @@ objects = tzdata$(TZDATA_VER).tar.gz tzcode$(TZCODE_VER).tar.gz tzdata$(TZDATA_VER).tar.gz = $(DL_FROM)/tzdata$(TZDATA_VER).tar.gz tzcode$(TZCODE_VER).tar.gz = $(DL_FROM)/tzcode$(TZCODE_VER).tar.gz
-tzdata$(TZDATA_VER).tar.gz_MD5 = b3f0a1a789480a036e58466cd0702477 -tzcode$(TZCODE_VER).tar.gz_MD5 = 6a6d98be8fa2fa3485e25343e79188b4 +tzdata$(TZDATA_VER).tar.gz_MD5 = b26b5d7d844cb96c73ed2fb6d588daaf +tzcode$(TZCODE_VER).tar.gz_MD5 = 91e0978d947496fd6aaf46d351f9c41d
install : $(TARGET)
diff --git a/lfs/u-boot-friendlyarm b/lfs/u-boot-friendlyarm new file mode 100644 index 000000000..5945ef6c5 --- /dev/null +++ b/lfs/u-boot-friendlyarm @@ -0,0 +1,93 @@ +############################################################################### +# # +# IPFire.org - A linux based firewall # +# Copyright (C) 2007-2019 IPFire Team info@ipfire.org # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see http://www.gnu.org/licenses/. # +# # +############################################################################### + +############################################################################### +# Definitions +############################################################################### + +include Config + +VER = 1ee53f5 + +THISAPP = u-boot-friendlyarm-$(VER) +DL_FILE = $(THISAPP).tar.gz +DL_FROM = $(URL_IPFIRE) +DIR_APP = $(DIR_SRC)/u-boot-$(VER)* +TARGET = $(DIR_INFO)/$(THISAPP) +SUP_ARCH = armv5tel + +############################################################################### +# Top-level Rules +############################################################################### + +objects = $(DL_FILE) + +$(DL_FILE) = $(DL_FROM)/$(DL_FILE) + +$(DL_FILE)_MD5 = a329359aa0e9211f02526548eb6a6208 + +install : $(TARGET) + +check : $(patsubst %,$(DIR_CHK)/%,$(objects)) + +download :$(patsubst %,$(DIR_DL)/%,$(objects)) + +md5 : $(subst %,%_MD5,$(objects)) + +############################################################################### +# Downloading, checking, md5sum +############################################################################### + +$(patsubst %,$(DIR_CHK)/%,$(objects)) : + @$(CHECK) + +$(patsubst %,$(DIR_DL)/%,$(objects)) : + @$(LOAD) + +$(subst %,%_MD5,$(objects)) : + @$(MD5) + +dist: + @$(PAK) + +############################################################################### +# Installation Details +############################################################################### + +$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) + @$(PREBUILD) + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE) + +ifeq "${BUILD_ARCH}" "armv5tel" + # Nanopi-R1 eMMC + -mkdir -pv /usr/share/u-boot/nanopi-r1 + cd $(DIR_APP) && cp arch/arm/dts/sun8i-h3-nanopi-m1-plus.dts arch/arm/dts/sun8i-h3-nanopi-r1.dts + cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/u-boot/sunxi/nanopi-r1-add-mac.diff + cd $(DIR_APP) && make CROSS_COMPILE="" nanopi_h3_config + cd $(DIR_APP) && sed -i -e 's!^CONFIG_IDENT_STRING=.*!CONFIG_IDENT_STRING=" Nanopi-R1 eMMC - IPFire.org"!' .config + cd $(DIR_APP) && sed -i -e 's!^CONFIG_DEFAULT_DEVICE_TREE=.*!CONFIG_DEFAULT_DEVICE_TREE="sun8i-h3-nanopi-r1"!' .config + cd $(DIR_APP) && make CROSS_COMPILE="" HOSTCC="gcc $(CFLAGS)" + cd $(DIR_APP) && install -v -m 644 u-boot-sunxi-with-spl.bin \ + /usr/share/u-boot/nanopi-r1 + cd $(DIR_APP) && make distclean +endif + + @rm -rf $(DIR_APP) + @$(POSTBUILD) diff --git a/make.sh b/make.sh index aca75fc71..9d5e561bc 100755 --- a/make.sh +++ b/make.sh @@ -26,8 +26,8 @@ NAME="IPFire" # Software name SNAME="ipfire" # Short name # If you update the version don't forget to update backupiso and add it to core update VERSION="2.23" # Version number -CORE="134" # Core Level (Filename) -PAKFIRE_CORE="134" # Core Level (PAKFIRE) +CORE="135" # Core Level (Filename) +PAKFIRE_CORE="135" # Core Level (PAKFIRE) GIT_BRANCH=`git rev-parse --abbrev-ref HEAD` # Git Branch SLOGAN="www.ipfire.org" # Software slogan CONFIG_ROOT=/var/ipfire # Configuration rootdir @@ -1518,6 +1518,7 @@ buildipfire() { lfsmake2 swig lfsmake2 u-boot lfsmake2 u-boot-kirkwood + lfsmake2 u-boot-friendlyarm lfsmake2 python-typing lfsmake2 python-m2crypto lfsmake2 wireless-regdb diff --git a/src/initscripts/helper/azure-setup b/src/initscripts/helper/azure-setup new file mode 100644 index 000000000..86042a204 --- /dev/null +++ b/src/initscripts/helper/azure-setup @@ -0,0 +1,326 @@ +#!/bin/bash + +. /etc/sysconfig/rc +. ${rc_functions} + +# Set PATH to find our own executables +export PATH=/usr/local/sbin:/usr/local/bin:${PATH} + +get() { + local file="${1}" + + wget -qO - --header="Metadata:true" "http://169.254.169.254/metadata/instance/$%7Bfile%7D?api-version=2019-06-01&..." +} + +format_mac() { + local mac="${1,,}" + + echo "${mac:0:2}:${mac:2:2}:${mac:4:2}:${mac:6:2}:${mac:8:2}:${mac:10:2}" +} + +to_address() { + local n="${1}" + + local o1=$(( (n & 0xff000000) >> 24 )) + local o2=$(( (n & 0xff0000) >> 16 )) + local o3=$(( (n & 0xff00) >> 8 )) + local o4=$(( (n & 0xff) )) + + printf "%d.%d.%d.%d\n" "${o1}" "${o2}" "${o3}" "${o4}" +} + +to_integer() { + local address="${1}" + + local integer=0 + + local i + for i in ${address//./ }; do + integer=$(( (integer << 8) + i )) + done + + printf "%d\n" "${integer}" +} + +prefix2netmask() { + local prefix=${1} + + local zeros=$(( 32 - prefix )) + local netmask=0 + + local i + for (( i=0; i<${zeros}; i++ )); do + netmask=$(( (netmask << 1) ^ 1 )) + done + + to_address "$(( netmask ^ 0xffffffff ))" +} + +import_azure_configuration() { + local instance_id="$(get compute/vmId)" + + boot_mesg "Importing Microsoft Azure configuration for instance ${instance_id}..." + + # Store instance ID + echo "${instance_id}" > /var/run/azure-instance-id + + # Initialise system settings + local hostname=$(get compute/name) + + # Set hostname + if ! grep -q "^HOSTNAME=" /var/ipfire/main/settings; then + echo "HOSTNAME=${hostname%%.*}" >> /var/ipfire/main/settings + fi + + # Set domainname + if ! grep -q "^DOMAINNAME=" /var/ipfire/main/settings; then + echo "DOMAINNAME=${hostname#*.}" >> /var/ipfire/main/settings + fi + + # Import SSH keys for setup user + local line + for line in $(get "compute/publicKeys/"); do + # Remove trailing slash + local key_no="${line////}" + + # Get the path where this key should be installed + local path="$(get "compute/publicKeys/${key_no}/path")" + local key="$(get "compute/publicKeys/${key_no}/keyData")" + + local user + if [[ "${path}" =~ ^/home ]]; then + user="${path:6}" + user="${user%%/*}" + else + # Cannot process this user + continue + fi + + # Create user if it does not exist + if ! getent passwd "${user}" &>/dev/null; then + useradd "${user}" -s /usr/bin/run-setup -g nobody -m + + # Unlock the account + usermod -p "x" "${user}" + fi + + if [ -n "${key}" ] && ! grep -q "^${key}$" "${path}" 2>/dev/null; then + local dir="$(dirname "${path}")" + + # Install directory + mkdir -p "${dir}" + chmod 700 "${dir}" + chown "${user}.nobody" "${dir}" + + # Install the key + echo "${key}" >> "${path}" + chmod 600 "${path}" + chown "${user}.nobody" "${path}" + fi + done + + # Download the user-data script only on the first boot + if [ ! -e "/var/ipfire/main/firstsetup_ok" ]; then + # Download user-data + local user_data="$(get customData)" + + # Save user-data script to be executed later + if [ "${user_data:0:2}" = "#!" ]; then + echo "${user_data}" > /tmp/azure-user-data.script + chmod 700 /tmp/azure-user-data.script + + # Run the user-data script + local now="$(date -u +"%s")" + /tmp/azure-user-data.script &>/var/log/user-data.log.${now} + + # Delete the script right away + rm /tmp/azure-user-data.script + fi + fi + + # Import any DNS server settings + eval $(/usr/local/bin/readhash <(grep -E "^DNS([0-9])=" /var/ipfire/ethernet/settings 2>/dev/null)) + + # Import network configuration + # After this, no network connectivity will be available from this script due to the + # renaming of the network interfaces for which they have to be shut down + local config_type=1 + : > /var/ipfire/ethernet/settings + + local device_number + for device_number in $(get network/interface); do + # Remove trailing slash + device_number="${device_number////}" + + local mac="$(get "network/interface/${device_number}/macAddress")" + mac="$(format_mac "${mac}")" + + # First IPv4 address + local ipv4_address="$(get "network/interface/${device_number}/ipv4/ipAddress/0/privateIpAddress")" + local ipv4_address_num="$(to_integer "${ipv4_address}")" + local prefix="$(get "network/interface/${device_number}/ipv4/subnet/0/prefix")" + local netmask="$(prefix2netmask "${prefix}")" + local netmask_num="$(to_integer "${netmask}")" + + # Calculate the network and broadcast addresses + local netaddress="$(get "network/interface/${device_number}/ipv4/subnet/0/address")" + local netaddress_num="$(to_integer "${netaddress}")" + local broadcast="$(to_address $(( ipv4_address_num | (0xffffffff ^ netmask_num) )))" + + case "${device_number}" in + # RED + 0) + local interface_name="red0" + + # The gateway is always the first IP address in the subnet + local gateway="$(to_address $(( netaddress_num + 1 )))" + + # Microsoft uses a special IP address for DNS + # https://blogs.msdn.microsoft.com/mast/2015/05/18/what-is-the-ip-address-168-... + local dns1="168.63.129.16" + local dns2= + + ( + echo "RED_TYPE=STATIC" + echo "RED_DEV=${interface_name}" + echo "RED_MACADDR=${mac}" + echo "RED_DESCRIPTION='${interface_id}'" + echo "RED_ADDRESS=${ipv4_address}" + echo "RED_NETMASK=${netmask}" + echo "RED_NETADDRESS=${netaddress}" + echo "RED_BROADCAST=${broadcast}" + echo "DEFAULT_GATEWAY=${gateway}" + echo "DNS1=${DNS1:-${dns1}}" + echo "DNS2=${DNS2:-${dns2}}" + ) >> /var/ipfire/ethernet/settings + + # Import aliases for RED + local address_no + for address_no in $(get "network/interface/0/ipv4/ipAddress"); do + # Remove trailing slash + address_no="${address_no////}" + + # Skip the first address + [ "${address_no}" = "0" ] && continue + + # Fetch the IP address + local alias="$(get "network/interface/0/ipv4/ipAddress/${address_no}/privateIpAddress")" + echo "${alias},on," + done > /var/ipfire/ethernet/aliases + ;; + + # GREEN + 1) + local interface_name="green0" + + ( + echo "GREEN_DEV=${interface_name}" + echo "GREEN_MACADDR=${mac}" + echo "GREEN_DESCRIPTION='${interface_id}'" + echo "GREEN_ADDRESS=${ipv4_address}" + echo "GREEN_NETMASK=${netmask}" + echo "GREEN_NETADDRESS=${netaddress}" + echo "GREEN_BROADCAST=${broadcast}" + ) >> /var/ipfire/ethernet/settings + ;; + + # ORANGE + 2) + local interface_name="orange0" + config_type=2 + + ( + echo "ORANGE_DEV=${interface_name}" + echo "ORANGE_MACADDR=${mac}" + echo "ORANGE_DESCRIPTION='${interface_id}'" + echo "ORANGE_ADDRESS=${ipv4_address}" + echo "ORANGE_NETMASK=${netmask}" + echo "ORANGE_NETADDRESS=${netaddress}" + echo "ORANGE_BROADCAST=${broadcast}" + ) >> /var/ipfire/ethernet/settings + ;; + esac + done + + # Save CONFIG_TYPE + echo "CONFIG_TYPE=${config_type}" >> /var/ipfire/ethernet/settings + + # Actions performed only on the very first start + if [ ! -e "/var/ipfire/main/firstsetup_ok" ]; then + # Enable SSH + sed -e "s/ENABLE_SSH=.*/ENABLE_SSH=on/g" -i /var/ipfire/remote/settings + + # Disable SSH password authentication + sed -e "s/^ENABLE_SSH_PASSWORDS=.*/ENABLE_SSH_PASSWORDS=off/" -i /var/ipfire/remote/settings + + # Enable SSH key authentication + sed -e "s/^ENABLE_SSH_KEYS=.*/ENABLE_SSH_KEYS=on/" -i /var/ipfire/remote/settings + + # Apply SSH settings + /usr/local/bin/sshctrl + + # Mark SSH to start immediately (but not right now) + touch /var/ipfire/remote/enablessh + chown nobody:nobody /var/ipfire/remote/enablessh + + # Firewall rules for SSH and WEBIF + ( + echo "1,ACCEPT,INPUTFW,ON,std_net_src,ALL,ipfire,RED1,,TCP,,,ON,,,cust_srv,SSH,,,,,,,,,,,00:00,00:00,,AUTO,,dnat,,,,,second" + echo "2,ACCEPT,INPUTFW,ON,std_net_src,ALL,ipfire,RED1,,TCP,,,ON,,,TGT_PORT,444,,,,,,,,,,,00:00,00:00,,AUTO,,dnat,,,,,second" + ) >> /var/ipfire/firewall/input + + # This script has now completed the first steps of setup + touch /var/ipfire/main/firstsetup_ok + fi + + # All done + echo_ok +} + +case "${reason}" in + PREINIT) + # Bring up the interface + ip link set "${interface}" up + ;; + + BOUND|RENEW|REBIND|REBOOT) + # Remove any previous IP addresses + ip addr flush dev "${interface}" + + # Add (or re-add) the new IP address + ip addr add "${new_ip_address}/${new_subnet_mask}" dev "${interface}" + + # Add the default route + ip route add default via "${new_routers}" + + # Setup DNS + for domain_name_server in ${new_domain_name_servers}; do + echo "nameserver ${domain_name_server}" + done > /etc/resolv.conf + + # The system is online now + touch /var/ipfire/red/active + + # Import Azure configuration + import_azure_configuration + ;; + + EXPIRE|FAIL|RELEASE|STOP) + # The system is no longer online + rm -f /var/ipfire/red/active + + # Remove all IP addresses + ip addr flush dev "${interface}" + + # Shut down the interface + ip link set "${interface}" down + ;; + + *) + echo "Unhandled reason: ${reason}" >&2 + exit 2 + ;; +esac + +# Terminate +exit 0 diff --git a/src/initscripts/networking/red.down/05-remove-dns-forwarders b/src/initscripts/networking/red.down/05-remove-dns-forwarders new file mode 100644 index 000000000..671cca9df --- /dev/null +++ b/src/initscripts/networking/red.down/05-remove-dns-forwarders @@ -0,0 +1,4 @@ +#!/bin/bash + +# Remove DNS forwarders for unbound +exec /etc/init.d/unbound remove-forwarders diff --git a/src/initscripts/networking/red.down/05-update-dns-forwarders b/src/initscripts/networking/red.down/05-update-dns-forwarders deleted file mode 100644 index 7f35696f5..000000000 --- a/src/initscripts/networking/red.down/05-update-dns-forwarders +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash - -# Update DNS forwarders for unbound -exec /etc/init.d/unbound update-forwarders diff --git a/src/initscripts/system/aws b/src/initscripts/system/cloud-init similarity index 56% rename from src/initscripts/system/aws rename to src/initscripts/system/cloud-init index b22af7573..79a762b2d 100644 --- a/src/initscripts/system/aws +++ b/src/initscripts/system/cloud-init @@ -1,37 +1,22 @@ #!/bin/sh ######################################################################## -# Begin $rc_base/init.d/aws +# Begin $rc_base/init.d/cloud-init ########################################################################
. /etc/sysconfig/rc . ${rc_functions}
-# https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/identify_ec2_instances.h... -running_on_ec2() { - local uuid - - # Check if the hypervisor UUID starts with ec2 - if [ -r "/sys/hypervisor/uuid" ]; then - uuid=$(</sys/hypervisor/uuid) - - [ "${uuid:0:3}" = "ec2" ] && return 0 - fi - - # Check if the DMI product UUID starts with EC2 - if [ -r "/sys/devices/virtual/dmi/id/product_uuid" ]; then - uuid=$(</sys/devices/virtual/dmi/id/product_uuid) - - [ "${uuid:0:3}" = "EC2" ] && return 0 - fi - - # We are not running on AWS EC2 - return 1 -} - case "${1}" in start) - # Do nothing if we are not running on AWS EC2 - running_on_ec2 || exit 0 + # Check if we are running in the cloud + if running_on_ec2; then + scriptname="/etc/rc.d/helper/aws-setup" + elif running_on_azure; then + scriptname="/etc/rc.d/helper/azure-setup" + else + # This system is not running in the cloud + exit 0 + fi
# Find the first interface to use for i in /sys/class/net/red* /sys/class/net/eth* \ @@ -56,10 +41,10 @@ case "${1}" in fi
# Run a DHCP client and set up the system accordingly - dhclient -sf /etc/rc.d/helper/aws-setup "${intf}" + dhclient -sf "${scriptname}" "${intf}"
# End DHCP client immediately - dhclient -sf /etc/rc.d/helper/aws-setup -r "${intf}" &>/dev/null + dhclient -sf "${scriptname}" -r "${intf}" &>/dev/null
# Rename network devices udevadm trigger --action="add" --subsystem-match="net" @@ -68,11 +53,19 @@ case "${1}" in ;;
status) + # Check Amazon if running_on_ec2; then echo "This system is running on AWS EC2" exit 0 + + # Check Microsoft + elif running_on_azure; then + echo "This system is running on Microsoft Azure" + exit 0 + + # The rest else - echo "This system is NOT running on AWS EC2" + echo "This system is NOT running in the cloud" exit 1 fi ;; @@ -83,4 +76,4 @@ case "${1}" in ;; esac
-# End $rc_base/init.d/aws +# End $rc_base/init.d/cloud-init diff --git a/src/initscripts/system/functions b/src/initscripts/system/functions index c00f65922..2870729a5 100644 --- a/src/initscripts/system/functions +++ b/src/initscripts/system/functions @@ -784,4 +784,42 @@ umount_ramdisk() { rm -rf "${path_tmpfs}" }
+# https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/identify_ec2_instances.h... +running_on_ec2() { + local uuid + + # Check if the hypervisor UUID starts with ec2 + if [ -r "/sys/hypervisor/uuid" ]; then + uuid=$(</sys/hypervisor/uuid) + + [ "${uuid:0:3}" = "ec2" ] && return 0 + fi + + # Check if the DMI product UUID starts with EC2 + if [ -r "/sys/devices/virtual/dmi/id/product_uuid" ]; then + uuid=$(</sys/devices/virtual/dmi/id/product_uuid) + + [ "${uuid:0:3}" = "EC2" ] && return 0 + fi + + # We are not running on AWS EC2 + return 1 +} + +running_on_azure() { + # Check if the vendor is Microsoft + if [ -r "/sys/devices/virtual/dmi/id/sys_vendor" ] && \ + [ "$(</sys/devices/virtual/dmi/id/sys_vendor)" = "Microsoft Corporation" ]; then + # Check if this product is a "Virtual Machine" + if [ -r "/sys/devices/virtual/dmi/id/product_name" ] && \ + [ "$(</sys/devices/virtual/dmi/id/product_name)" = "Virtual Machine" ]; then + # Yes, we are running on Azure + return 0 + fi + fi + + # We are not running on Azure + return 1 +} + # End $rc_base/init.d/functions diff --git a/src/initscripts/system/leds b/src/initscripts/system/leds index 4b4563c86..3c3b4204a 100644 --- a/src/initscripts/system/leds +++ b/src/initscripts/system/leds @@ -99,6 +99,11 @@ case "${1}" in setup_netdev_trigger mirabox:green:stat ${GREEN_DEV} tx rx setup_netdev_trigger mirabox:blue:stat ${BLUE_DEV} tx rx
+ # Nanopi R1 start + setup_heartbeat_trigger nanopi-r1:red:status + setup_netdev_trigger nanopi-r1:green:wan ${RED_DEV} tx rx + setup_netdev_trigger nanopi-r1:green:lan ${GREEN_DEV} tx rx + exit 0 ;;
@@ -143,6 +148,12 @@ case "${1}" in disable_led_trigger mirabox:green:stat disable_led_trigger mirabox:blue:stat
+ # Nanopi R1 stop + disable_led_trigger nanopi-r1:red:status + enable_led nanopi-r1:red:status + disable_led_trigger nanopi-r1:green:wan + disable_led_trigger nanopi-r1:green:lan + exit 0 ;;
diff --git a/src/initscripts/system/partresize b/src/initscripts/system/partresize index e2df11ee0..040c6c369 100644 --- a/src/initscripts/system/partresize +++ b/src/initscripts/system/partresize @@ -3,6 +3,8 @@ # Begin $rc_base/init.d/partresize # # Description : Resize the root partition to the drivesize +# and setup some platform or hardware options in +# flashimage # # Authors : Arne Fitzenreiter - arne_f@ipfire.org # @@ -34,12 +36,27 @@ case "${1}" in if [ ! "$(grep "console=ttyS0" /proc/cmdline)" == "" ]; then scon="on"; fi - IFS= read -r DMI_PRODUCT_NAME < /sys/class/dmi/id/product_name; - case ${DMI_PRODUCT_NAME} in - APU|apu[1-4]|PC\ Engines\ apu[1-4] ) - scon="on"; - ;; - esac + if [ -e /sys/class/dmi/id/product_name ]; then + IFS= read -r DMI_PRODUCT_NAME < /sys/class/dmi/id/product_name; + case ${DMI_PRODUCT_NAME} in + APU|apu[1-4]|PC\ Engines\ apu[1-4] ) + scon="on"; + ;; + esac + fi + + # Enable the serial console on all systems on Azure + if running_on_azure; then + scon="on" + fi + + # Install AP6112 wlan config on NanoPi R1 + case "$(< /proc/device-tree/model )" in + "FriendlyElec NanoPi-R1") + cp -f /lib/firmware/brcm/brcmfmac43430-sdio.AP6212.txt \ + /lib/firmware/brcm/brcmfmac43430-sdio.txt + ;; + esac 2>/dev/null
mount /boot > /dev/null if [ -e /boot/grub/grub.cfg ]; then diff --git a/src/initscripts/system/smt b/src/initscripts/system/smt index f83776c1a..cc4128b2d 100644 --- a/src/initscripts/system/smt +++ b/src/initscripts/system/smt @@ -18,7 +18,7 @@ case "${1}" in # Nothing to do when SMT is not enabled or not supported anyways if [ "$(</sys/devices/system/cpu/smt/control)" != "on" ]; then exit 0 - fi + fi 2>/dev/null
# Disable SMT when the processor is vulnerable to Foreshadow or Fallout/ZombieLoad/RIDL for vuln in l1tf mds; do diff --git a/src/initscripts/system/sysctl b/src/initscripts/system/sysctl index 0d0b5c1b3..296d589c5 100644 --- a/src/initscripts/system/sysctl +++ b/src/initscripts/system/sysctl @@ -24,6 +24,18 @@ case "${1}" in sysctl -q -p evaluate_retval fi + arch=`uname -m` + case "${arch}" in + i?86 ) arch="i586"; + ;; + armv*) arch="armv5tel": + ;; + esac + if [ -f "/etc/sysctl-${arch}.conf" ]; then + boot_mesg "Setting ${arch}-kernel runtime parameters..." + sysctl -q -p /etc/sysctl-${arch}.conf + evaluate_retval + fi ;;
status) diff --git a/src/initscripts/system/unbound b/src/initscripts/system/unbound index 34b3e06fd..dbcfc951f 100644 --- a/src/initscripts/system/unbound +++ b/src/initscripts/system/unbound @@ -41,6 +41,22 @@ read_name_servers() { done 2>/dev/null | xargs echo }
+check_red_has_carrier_and_ip() { + # Interface configured ? + [ ! -e "/var/ipfire/red/iface" ] && return 0; + + # Interface present ? + [ ! -e "/sys/class/net/$(</var/ipfire/red/iface)" ] && return 0; + + # has carrier ? + [ ! "$(</sys/class/net/$(</var/ipfire/red/iface)/carrier)" = "1" ] && return 0; + + # has ip ? + [ "$(ip address show dev $(</var/ipfire/red/iface) | grep "inet")" = "" ] && return 0; + + return 1; +} + config_header() { echo "# This file is automatically generated and any changes" echo "# will be overwritten. DO NOT EDIT!" @@ -48,7 +64,8 @@ config_header() { }
update_forwarders() { - if [ "${USE_FORWARDERS}" = "1" -a -e "/var/ipfire/red/active" ]; then + check_red_has_carrier_and_ip + if [ "${USE_FORWARDERS}" = "1" -a "${?}" = "1" ]; then local forwarders local broken_forwarders
@@ -131,6 +148,13 @@ update_forwarders() { unbound-control -q forward off }
+remove_forwarders() { + enable_dnssec + echo "local recursor" > /var/ipfire/red/dns + unbound-control -q forward off + +} + own_hostname() { local hostname=$(hostname -f) # 1.1.1.1 is reserved for unused green, skip this @@ -473,7 +497,8 @@ disable_dnssec() { fix_time_if_dns_fail() { # If DNS still not work try to init ntp with # hardcoded ntp.ipfire.org (81.3.27.46) - if [ -e /var/ipfire/red/active ]; then + check_red_has_carrier_and_ip + if [ -e "/var/ipfire/red/iface" -a "${?}" = "1" ]; then host 0.ipfire.pool.ntp.org > /dev/null 2>&1 if [ "${?}" != "0" ]; then boot_mesg "DNS still not functioning... Trying to sync time with ntp.ipfire.org (81.3.27.46)..." @@ -807,6 +832,19 @@ case "$1" in fix_time_if_dns_fail ;;
+ remove-forwarders) + # Do not try updating forwarders when unbound is not running + if ! pgrep unbound &>/dev/null; then + exit 0 + fi + + remove_forwarders + + unbound-control flush_negative > /dev/null + unbound-control flush_bogus > /dev/null + ;; + + test-name-server) ns=${2}
@@ -848,7 +886,7 @@ case "$1" in ;;
*) - echo "Usage: $0 {start|stop|restart|status|update-forwarders|test-name-server|resolve}" + echo "Usage: $0 {start|stop|restart|status|update-forwarders|remove-forwarders|test-name-server|resolve}" exit 1 ;; esac diff --git a/src/patches/iperf3/0001-remove-pg-flag.patch b/src/patches/iperf3/0001-remove-pg-flag.patch deleted file mode 100644 index 601712d88..000000000 --- a/src/patches/iperf3/0001-remove-pg-flag.patch +++ /dev/null @@ -1,46 +0,0 @@ -From be7dafdb802f39c3ad8bcc896216508842c42751 Mon Sep 17 00:00:00 2001 -From: Jonatan Schlag jonatan.schlag@ipfire.org -Date: Thu, 31 Mar 2016 19:33:17 +0200 -Subject: [PATCH] remove -pg flag - -Signed-off-by: Jonatan Schlag jonatan.schlag@ipfire.org ---- - src/Makefile.am | 4 ++-- - src/Makefile.in | 4 ++-- - 2 files changed, 4 insertions(+), 4 deletions(-) - -diff --git a/src/Makefile.am b/src/Makefile.am -index 23b0c72..6268145 100644 ---- a/src/Makefile.am -+++ b/src/Makefile.am -@@ -49,9 +49,9 @@ iperf3_LDFLAGS = -g - iperf3_profile_SOURCES = main.c \ - $(libiperf_la_SOURCES) - --iperf3_profile_CFLAGS = -pg -g -+iperf3_profile_CFLAGS = -g - iperf3_profile_LDADD = libiperf.la --iperf3_profile_LDFLAGS = -pg -g -+iperf3_profile_LDFLAGS = -g - - # Specify the sources and various flags for the test cases - t_timer_SOURCES = t_timer.c -diff --git a/src/Makefile.in b/src/Makefile.in -index f7c46ad..016a022 100644 ---- a/src/Makefile.in -+++ b/src/Makefile.in -@@ -610,9 +610,9 @@ iperf3_LDFLAGS = -g - iperf3_profile_SOURCES = main.c \ - $(libiperf_la_SOURCES) - --iperf3_profile_CFLAGS = -pg -g -+iperf3_profile_CFLAGS = -g - iperf3_profile_LDADD = libiperf.la --iperf3_profile_LDFLAGS = -pg -g -+iperf3_profile_LDFLAGS = -g - - # Specify the sources and various flags for the test cases - t_timer_SOURCES = t_timer.c --- -2.1.4 - diff --git a/src/patches/iperf3/iperf-3.7-remove-pg-flag.patch b/src/patches/iperf3/iperf-3.7-remove-pg-flag.patch new file mode 100644 index 000000000..1dae2c211 --- /dev/null +++ b/src/patches/iperf3/iperf-3.7-remove-pg-flag.patch @@ -0,0 +1,30 @@ +diff -Naur iperf-3.7.org/src/Makefile.am iperf-3.7/src/Makefile.am +--- iperf-3.7.org/src/Makefile.am 2019-06-21 03:12:47.000000000 +0200 ++++ iperf-3.7/src/Makefile.am 2019-07-17 12:19:38.133540594 +0200 +@@ -58,9 +58,9 @@ + iperf3_profile_SOURCES = main.c \ + $(libiperf_la_SOURCES) + +-iperf3_profile_CFLAGS = -pg -g ++iperf3_profile_CFLAGS = -g + iperf3_profile_LDADD = libiperf.la +-iperf3_profile_LDFLAGS = -pg -g ++iperf3_profile_LDFLAGS = -g + endif + + # Specify the sources and various flags for the test cases +diff -Naur iperf-3.7.org/src/Makefile.in iperf-3.7/src/Makefile.in +--- iperf-3.7.org/src/Makefile.in 2019-06-21 03:12:47.000000000 +0200 ++++ iperf-3.7/src/Makefile.in 2019-07-17 12:19:53.133496336 +0200 +@@ -670,9 +670,9 @@ + @ENABLE_PROFILING_TRUE@iperf3_profile_SOURCES = main.c \ + @ENABLE_PROFILING_TRUE@ $(libiperf_la_SOURCES) + +-@ENABLE_PROFILING_TRUE@iperf3_profile_CFLAGS = -pg -g ++@ENABLE_PROFILING_TRUE@iperf3_profile_CFLAGS = -g + @ENABLE_PROFILING_TRUE@iperf3_profile_LDADD = libiperf.la +-@ENABLE_PROFILING_TRUE@iperf3_profile_LDFLAGS = -pg -g ++@ENABLE_PROFILING_TRUE@iperf3_profile_LDFLAGS = -g + + # Specify the sources and various flags for the test cases + t_timer_SOURCES = t_timer.c diff --git a/src/patches/u-boot/sunxi/nanopi-r1-add-mac.diff b/src/patches/u-boot/sunxi/nanopi-r1-add-mac.diff new file mode 100644 index 000000000..70cf4a6e4 --- /dev/null +++ b/src/patches/u-boot/sunxi/nanopi-r1-add-mac.diff @@ -0,0 +1,15 @@ +diff -Naur u-boot-1ee53f5cff60d4daf9e5b49873932c454d53383a.org/arch/arm/dts/sun8i-h3-nanopi-r1.dts u-boot-1ee53f5cff60d4daf9e5b49873932c454d53383a/arch/arm/dts/sun8i-h3-nanopi-r1.dts +--- u-boot-1ee53f5cff60d4daf9e5b49873932c454d53383a.org/arch/arm/dts/sun8i-h3-nanopi-r1.dts 2019-08-05 09:02:22.211159367 +0000 ++++ u-boot-1ee53f5cff60d4daf9e5b49873932c454d53383a/arch/arm/dts/sun8i-h3-nanopi-r1.dts 2019-08-05 09:05:25.745207373 +0000 +@@ -46,6 +46,11 @@ + model = "FriendlyElec NanoPi H3"; + compatible = "friendlyarm,nanopi-m1-plus", "allwinner,sun8i-h3"; + ++ aliases { ++ /* entry to generate a second mac address for the realtek ++ u-boot ignore that it point to wrong device */ ++ ethernet1 = &emac; ++ }; + + reg_gmac_3v3: gmac-3v3 { + compatible = "regulator-fixed"; diff --git a/src/setup/networking.c b/src/setup/networking.c index 00dfc4b5a..d6cd30cff 100644 --- a/src/setup/networking.c +++ b/src/setup/networking.c @@ -144,9 +144,13 @@ int oktoleave(void) strcpy(temp, ""); findkey(kv, "GREEN_DEV", temp); if (!(strlen(temp))) { - errorbox(_("No GREEN interface assigned.")); - freekeyvalues(kv); - return 0; + rc = newtWinChoice(_("Error"), _("OK"), _("Ignore"), + _("No GREEN interface assigned.")); + if (rc == 0 || rc == 1) + { + freekeyvalues(kv); + return 0; + } } if (!(interfacecheck(kv, "GREEN"))) { @@ -181,9 +185,13 @@ int oktoleave(void) strcpy(temp, ""); findkey(kv, "ORANGE_DEV", temp); if (!(strlen(temp))) { - errorbox(_("No ORANGE interface assigned.")); - freekeyvalues(kv); - return 0; + rc = newtWinChoice(_("Error"), _("OK"), _("Ignore"), + _("No ORANGE interface assigned.")); + if (rc == 0 || rc == 1) + { + freekeyvalues(kv); + return 0; + } } if (!(interfacecheck(kv, "ORANGE"))) { @@ -197,9 +205,13 @@ int oktoleave(void) strcpy(temp, ""); findkey(kv, "BLUE_DEV", temp); if (!(strlen(temp))) { - errorbox(_("No BLUE interface assigned.")); - freekeyvalues(kv); - return 0; + rc = newtWinChoice(_("Error"), _("OK"), _("Ignore"), + _("No BLUE interface assigned.")); + if (rc == 0 || rc == 1) + { + freekeyvalues(kv); + return 0; + } } if (!(interfacecheck(kv, "BLUE"))) {
hooks/post-receive -- IPFire 2.x development tree