From: Michael Tremer <git@ipfire.org>
To: ipfire-scm@lists.ipfire.org
Subject: [git.ipfire.org] IPFire 2.x development tree branch, next, updated. 81e838ebde6879ee91c61ec4d8a17ef100b486bd
Date: Mon, 29 Oct 2018 11:31:10 +0000 [thread overview]
Message-ID: <20181029113111.183601081BB0@git01.ipfire.org> (raw)
[-- Attachment #1: Type: text/plain, Size: 16580 bytes --]
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".
The branch, next has been updated
via 81e838ebde6879ee91c61ec4d8a17ef100b486bd (commit)
via 92505ef00391d1fc58e1a69f23a6ef2b3094a640 (commit)
via aeefbca7305ea302bf2e3bee419f799db9f9483c (commit)
via 2f1d27e3d847ce723c6c00d2d9757fb4dfcccf05 (commit)
via 3ece78597aca14d764fb508fc8920c7d59723c1e (commit)
via 1c053ccee29730c1cfde94e50780b48a4fbe23b6 (commit)
via 5a40f7aebb0ba46e83260fda2d198362ae72d3a6 (commit)
from 3ed2de12510dcca5dea8e96b02f785cb0f8fe10c (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 81e838ebde6879ee91c61ec4d8a17ef100b486bd
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Mon Oct 29 11:30:12 2018 +0000
tzdata: Update to 2018g
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 92505ef00391d1fc58e1a69f23a6ef2b3094a640
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Mon Oct 29 11:27:34 2018 +0000
Drop paxctl
We do not have grsecurity and more and there is no point
in shipping this tool.
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit aeefbca7305ea302bf2e3bee419f799db9f9483c
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Mon Oct 29 11:25:24 2018 +0000
clamav: Move database directory to /var partition
The clamav database is quite large and occupies valuable
space on the root partition that on older systems is only
2GB large. This change moves the virus definition database
to the /var partition which is larger and supposed to hold
data like this anyway.
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 2f1d27e3d847ce723c6c00d2d9757fb4dfcccf05
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Mon Oct 29 11:14:45 2018 +0000
kmod: Build with support for XZ compressed modules
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 3ece78597aca14d764fb508fc8920c7d59723c1e
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Mon Oct 29 11:12:43 2018 +0000
make.sh: Build xz earlier in the build process
XZ compression is becoming more popular and being used
by various other libraries and should therefore be available
to be linked.
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 1c053ccee29730c1cfde94e50780b48a4fbe23b6
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Mon Oct 29 11:10:58 2018 +0000
strongswan: Update to 5.7.1
Fixes security vulnerabilities: CVE-2018-16151, CVE-2018-16152 and
CVE-2018-17540.
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 5a40f7aebb0ba46e83260fda2d198362ae72d3a6
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Mon Oct 29 11:02:08 2018 +0000
haproxy: Update to 1.8.14
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
-----------------------------------------------------------------------
Summary of changes:
config/rootfiles/common/paxctl | 2 -
.../{oldcore/106 => core/125}/filelists/strongswan | 0
.../{oldcore/100 => core/125}/filelists/tzdata | 0
config/rootfiles/packages/clamav | 2 +-
lfs/clamav | 16 ++---
lfs/grub | 4 --
lfs/haproxy | 6 +-
lfs/kmod | 1 +
lfs/paxctl | 79 ----------------------
lfs/qemu | 8 ---
lfs/strongswan | 4 +-
lfs/tzdata | 6 +-
make.sh | 3 +-
src/initscripts/packages/clamav | 10 +--
src/paks/clamav/update.sh | 4 +-
15 files changed, 25 insertions(+), 120 deletions(-)
delete mode 100644 config/rootfiles/common/paxctl
copy config/rootfiles/{oldcore/106 => core/125}/filelists/strongswan (100%)
copy config/rootfiles/{oldcore/100 => core/125}/filelists/tzdata (100%)
delete mode 100644 lfs/paxctl
Difference in files:
diff --git a/config/rootfiles/common/paxctl b/config/rootfiles/common/paxctl
deleted file mode 100644
index c9135a865..000000000
--- a/config/rootfiles/common/paxctl
+++ /dev/null
@@ -1,2 +0,0 @@
-sbin/paxctl
-#usr/share/man/man1/paxctl.1
diff --git a/config/rootfiles/core/125/filelists/strongswan b/config/rootfiles/core/125/filelists/strongswan
new file mode 120000
index 000000000..90c727e26
--- /dev/null
+++ b/config/rootfiles/core/125/filelists/strongswan
@@ -0,0 +1 @@
+../../../common/strongswan
\ No newline at end of file
diff --git a/config/rootfiles/core/125/filelists/tzdata b/config/rootfiles/core/125/filelists/tzdata
new file mode 120000
index 000000000..5a6e3252f
--- /dev/null
+++ b/config/rootfiles/core/125/filelists/tzdata
@@ -0,0 +1 @@
+../../../common/tzdata
\ No newline at end of file
diff --git a/config/rootfiles/packages/clamav b/config/rootfiles/packages/clamav
index ec5e09c84..40ee46fef 100644
--- a/config/rootfiles/packages/clamav
+++ b/config/rootfiles/packages/clamav
@@ -27,7 +27,6 @@ usr/lib/libclamunrar_iface.so.7.1.1
#usr/lib/pkgconfig/libclamav.pc
#usr/lib/pkgconfig/libclammspack.pc
usr/sbin/clamd
-usr/share/clamav
#usr/share/man/man1/clambc.1
#usr/share/man/man1/clamconf.1
#usr/share/man/man1/clamdscan.1
@@ -45,5 +44,6 @@ var/ipfire/clamav/clamd.conf
var/ipfire/clamav/clamd.conf.sample
var/ipfire/clamav/freshclam.conf
var/ipfire/clamav/freshclam.conf.sample
+var/lib/clamav
etc/rc.d/init.d/clamav
usr/local/bin/clamavctrl
diff --git a/lfs/clamav b/lfs/clamav
index ad89e1356..420ee82b3 100644
--- a/lfs/clamav
+++ b/lfs/clamav
@@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = clamav
-PAK_VER = 40
+PAK_VER = 41
DEPS = ""
@@ -40,6 +40,8 @@ ifeq "$(BUILD_PLATFORM)" "arm"
CONFIGURE_FLAGS = --disable-fanotify
endif
+DATABASE_DIR = /var/lib/clamav
+
###############################################################################
# Top-level Rules
###############################################################################
@@ -84,21 +86,17 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
cd $(DIR_APP) && ./configure \
--prefix=/usr \
--sysconfdir=/var/ipfire/clamav \
+ --with-dbdir=$(DATABASE_DIR) \
$(CONFIGURE_FLAGS)
cd $(DIR_APP) && make $(MAKETUNING)
cd $(DIR_APP) && make install
- mkdir -p /usr/share/clamav/
- chown clamav.clamav -R /usr/share/clamav/
+ mkdir -pv $(DATABASE_DIR)
+ chown clamav.clamav -R $(DATABASE_DIR)
+ rm -rfv $(DATABASE_DIR)/*.cvd
cp -rf $(DIR_SRC)/config/clamav/* /var/ipfire/clamav/
- rm -rfv /usr/share/clamav/*.cvd
mkdir -p /var/run/clamav
chown clamav:clamav /var/run/clamav
#install initscripts
$(call INSTALL_INITSCRIPT,clamav)
- # Disable PaX mprotect for clamd, clamscan and freshclam
- paxctl -Cm /usr/sbin/clamd
- paxctl -Cm /usr/bin/clamscan
- paxctl -Cm /usr/bin/freshclam
-
@rm -rf $(DIR_APP)
@$(POSTBUILD)
diff --git a/lfs/grub b/lfs/grub
index b51566df3..1a10c2aa5 100644
--- a/lfs/grub
+++ b/lfs/grub
@@ -131,9 +131,5 @@ endif
-mkdir -pv /etc/default
install -m 644 $(DIR_SRC)/config/grub2/default /etc/default/grub
- # Disable hardening.
- paxctl -Cmpes /usr/sbin/grub-bios-setup /usr/sbin/grub-probe
- paxctl -Cmpexs /usr/bin/grub-script-check
-
@rm -rf $(DIR_APP) $(DIR_APP_PC) $(DIR_APP_EFI)
@$(POSTBUILD)
diff --git a/lfs/haproxy b/lfs/haproxy
index 1103e331a..2cf23526e 100644
--- a/lfs/haproxy
+++ b/lfs/haproxy
@@ -24,7 +24,7 @@
include Config
-VER = 1.8.0
+VER = 1.8.14
THISAPP = haproxy-$(VER)
DL_FILE = $(THISAPP).tar.gz
@@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = haproxy
-PAK_VER = 5
+PAK_VER = 6
DEPS = ""
@@ -48,7 +48,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 6ccea4619b7183fbcc8c98bae1f9823d
+$(DL_FILE)_MD5 = a050bcb90426d1c939b4b0ce3098a8c4
install : $(TARGET)
diff --git a/lfs/kmod b/lfs/kmod
index bb49fbb3c..4ef2088fd 100644
--- a/lfs/kmod
+++ b/lfs/kmod
@@ -75,6 +75,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
--bindir=/bin \
--sysconfdir=/etc \
--disable-manpages \
+ --with-xz \
--with-zlib
cd $(DIR_APP) && make $(MAKETUNING)
diff --git a/lfs/paxctl b/lfs/paxctl
deleted file mode 100644
index 85e54a5ac..000000000
--- a/lfs/paxctl
+++ /dev/null
@@ -1,79 +0,0 @@
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2018 IPFire Team <info(a)ipfire.org> #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-###############################################################################
-# Definitions
-###############################################################################
-
-include Config
-
-VER = 0.9
-
-THISAPP = paxctl-$(VER)
-DL_FILE = $(THISAPP).tar.gz
-DL_FROM = $(URL_IPFIRE)
-DIR_APP = $(DIR_SRC)/$(THISAPP)
-TARGET = $(DIR_INFO)/$(THISAPP)
-
-###############################################################################
-# Top-level Rules
-###############################################################################
-
-objects = $(DL_FILE)
-
-$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-
-$(DL_FILE)_MD5 = 9bea59b1987dc4e16c2d22d745374e64
-
-install : $(TARGET)
-
-check : $(patsubst %,$(DIR_CHK)/%,$(objects))
-
-download :$(patsubst %,$(DIR_DL)/%,$(objects))
-
-md5 : $(subst %,%_MD5,$(objects))
-
-dist:
- @$(PAK)
-
-###############################################################################
-# Downloading, checking, md5sum
-###############################################################################
-
-$(patsubst %,$(DIR_CHK)/%,$(objects)) :
- @$(CHECK)
-
-$(patsubst %,$(DIR_DL)/%,$(objects)) :
- @$(LOAD)
-
-$(subst %,%_MD5,$(objects)) :
- @$(MD5)
-
-###############################################################################
-# Installation Details
-###############################################################################
-
-$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
- @$(PREBUILD)
- @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
- cd $(DIR_APP) && make $(MAKETUNING)
- cd $(DIR_APP) && make install
- @rm -rf $(DIR_APP)
- @$(POSTBUILD)
diff --git a/lfs/qemu b/lfs/qemu
index be5d7193d..015837a59 100644
--- a/lfs/qemu
+++ b/lfs/qemu
@@ -89,14 +89,6 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
# install wrapper for old kvm parameter handling
install -m 755 $(DIR_SRC)/config/qemu/qemu /usr/bin/qemu
- # disable PaX MPROTECT and RANDMMAP
- paxctl -cmr /usr/bin/qemu-system-arm
- paxctl -cmr /usr/bin/qemu-system-i386
- paxctl -cmr /usr/bin/qemu-system-x86_64
- paxctl -cmr /usr/bin/qemu-arm
- paxctl -cmr /usr/bin/qemu-i386
- paxctl -cmr /usr/bin/qemu-x86_64
-
# install an udev script to set the permissions of /dev/kvm
cp -avf $(DIR_SRC)/config/qemu/65-kvm.rules /lib/udev/rules.d/65-kvm.rules
diff --git a/lfs/strongswan b/lfs/strongswan
index 9dee2613b..fd0b91a25 100644
--- a/lfs/strongswan
+++ b/lfs/strongswan
@@ -24,7 +24,7 @@
include Config
-VER = 5.6.3
+VER = 5.7.1
THISAPP = strongswan-$(VER)
DL_FILE = $(THISAPP).tar.bz2
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = a6a28eeb22aa58080a7581771a5b63f9
+$(DL_FILE)_MD5 = 86b7e9321cde075cf382268fd282e0b0
install : $(TARGET)
diff --git a/lfs/tzdata b/lfs/tzdata
index 258fce8d3..5ed32d8d4 100644
--- a/lfs/tzdata
+++ b/lfs/tzdata
@@ -24,7 +24,7 @@
include Config
-VER = 2018e
+VER = 2018g
TZDATA_VER = $(VER)
TZCODE_VER = $(VER)
@@ -45,8 +45,8 @@ objects = tzdata$(TZDATA_VER).tar.gz tzcode$(TZCODE_VER).tar.gz
tzdata$(TZDATA_VER).tar.gz = $(DL_FROM)/tzdata$(TZDATA_VER).tar.gz
tzcode$(TZCODE_VER).tar.gz = $(DL_FROM)/tzcode$(TZCODE_VER).tar.gz
-tzdata$(TZDATA_VER).tar.gz_MD5 = 97d654f4d7253173b3eeb76a836dd65e
-tzcode$(TZCODE_VER).tar.gz_MD5 = c4d7df0fff7ba5588b32c5f27e2caf97
+tzdata$(TZDATA_VER).tar.gz_MD5 = e71cb1f9d8d53c43904d79d7aeeedc1b
+tzcode$(TZCODE_VER).tar.gz_MD5 = b48f0282b80bb7dbe16e35626f446ae9
install : $(TARGET)
diff --git a/make.sh b/make.sh
index b9558bc04..c5cfab151 100755
--- a/make.sh
+++ b/make.sh
@@ -1039,6 +1039,7 @@ buildbase() {
lfsmake2 readline
lfsmake2 readline-compat
lfsmake2 bzip2
+ lfsmake2 xz
lfsmake2 pcre
lfsmake2 pcre-compat
lfsmake2 bash
@@ -1073,8 +1074,6 @@ buildbase() {
lfsmake2 util-linux
lfsmake2 udev
lfsmake2 vim
- lfsmake2 xz
- lfsmake2 paxctl
}
buildipfire() {
diff --git a/src/initscripts/packages/clamav b/src/initscripts/packages/clamav
index fa080a67b..d2f63a910 100644
--- a/src/initscripts/packages/clamav
+++ b/src/initscripts/packages/clamav
@@ -12,12 +12,12 @@ case "$1" in
COUNTER=0
while [ "$COUNTER" -lt "61" ]; do
- [ -e "/usr/share/clamav/main.cvd" ] && \
- [ -e "/usr/share/clamav/daily.cvd" ] || \
- [ -e "/usr/share/clamav/daily.cld" ] && \
+ [ -e "/var/lib/clamav/main.cvd" ] && \
+ [ -e "/var/lib/clamav/daily.cvd" ] || \
+ [ -e "/var/lib/clamav/daily.cld" ] && \
break
if [ "$COUNTER" -lt "1" ]; then
- boot_mesg -n "Download db "
+ boot_mesg -n "Downloading database"
else
boot_mesg -n "."
fi
@@ -46,7 +46,7 @@ case "$1" in
stop)
boot_mesg "Stopping Clamav Definition Updater..."
killproc /usr/bin/freshclam
- rm -rf /usr/share/clamav/*.tmp
+ rm -rf /var/lib/clamav/*.tmp
boot_mesg "Stopping Clamav Daemon..."
killproc /usr/sbin/clamd
diff --git a/src/paks/clamav/update.sh b/src/paks/clamav/update.sh
index 303f036b0..0a4af73c2 100644
--- a/src/paks/clamav/update.sh
+++ b/src/paks/clamav/update.sh
@@ -22,7 +22,7 @@
############################################################################
#
. /opt/pakfire/lib/functions.sh
-mv /usr/share/clamav /usr/share/clamav-update
+mv /var/lib/clamav /var/lib/clamav-update
./uninstall.sh
-mv /usr/share/clamav-update /usr/share/clamav
+mv /var/lib/clamav-update /var/lib/clamav
./install.sh
hooks/post-receive
--
IPFire 2.x development tree
reply other threads:[~2018-10-29 11:31 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20181029113111.183601081BB0@git01.ipfire.org \
--to=git@ipfire.org \
--cc=ipfire-scm@lists.ipfire.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox