From mboxrd@z Thu Jan 1 00:00:00 1970 From: Michael Tremer To: ipfire-scm@lists.ipfire.org Subject: [git.ipfire.org] IPFire 2.x development tree branch, next, updated. 81e838ebde6879ee91c61ec4d8a17ef100b486bd Date: Mon, 29 Oct 2018 11:31:10 +0000 Message-ID: <20181029113111.183601081BB0@git01.ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============5357255962427757320==" List-Id: --===============5357255962427757320== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree". The branch, next has been updated via 81e838ebde6879ee91c61ec4d8a17ef100b486bd (commit) via 92505ef00391d1fc58e1a69f23a6ef2b3094a640 (commit) via aeefbca7305ea302bf2e3bee419f799db9f9483c (commit) via 2f1d27e3d847ce723c6c00d2d9757fb4dfcccf05 (commit) via 3ece78597aca14d764fb508fc8920c7d59723c1e (commit) via 1c053ccee29730c1cfde94e50780b48a4fbe23b6 (commit) via 5a40f7aebb0ba46e83260fda2d198362ae72d3a6 (commit) from 3ed2de12510dcca5dea8e96b02f785cb0f8fe10c (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 81e838ebde6879ee91c61ec4d8a17ef100b486bd Author: Michael Tremer Date: Mon Oct 29 11:30:12 2018 +0000 tzdata: Update to 2018g =20 Signed-off-by: Michael Tremer commit 92505ef00391d1fc58e1a69f23a6ef2b3094a640 Author: Michael Tremer Date: Mon Oct 29 11:27:34 2018 +0000 Drop paxctl =20 We do not have grsecurity and more and there is no point in shipping this tool. =20 Signed-off-by: Michael Tremer commit aeefbca7305ea302bf2e3bee419f799db9f9483c Author: Michael Tremer Date: Mon Oct 29 11:25:24 2018 +0000 clamav: Move database directory to /var partition =20 The clamav database is quite large and occupies valuable space on the root partition that on older systems is only 2GB large. This change moves the virus definition database to the /var partition which is larger and supposed to hold data like this anyway. =20 Signed-off-by: Michael Tremer commit 2f1d27e3d847ce723c6c00d2d9757fb4dfcccf05 Author: Michael Tremer Date: Mon Oct 29 11:14:45 2018 +0000 kmod: Build with support for XZ compressed modules =20 Signed-off-by: Michael Tremer commit 3ece78597aca14d764fb508fc8920c7d59723c1e Author: Michael Tremer Date: Mon Oct 29 11:12:43 2018 +0000 make.sh: Build xz earlier in the build process =20 XZ compression is becoming more popular and being used by various other libraries and should therefore be available to be linked. =20 Signed-off-by: Michael Tremer commit 1c053ccee29730c1cfde94e50780b48a4fbe23b6 Author: Michael Tremer Date: Mon Oct 29 11:10:58 2018 +0000 strongswan: Update to 5.7.1 =20 Fixes security vulnerabilities: CVE-2018-16151, CVE-2018-16152 and CVE-2018-17540. =20 Signed-off-by: Michael Tremer commit 5a40f7aebb0ba46e83260fda2d198362ae72d3a6 Author: Michael Tremer Date: Mon Oct 29 11:02:08 2018 +0000 haproxy: Update to 1.8.14 =20 Signed-off-by: Michael Tremer ----------------------------------------------------------------------- Summary of changes: config/rootfiles/common/paxctl | 2 - .../{oldcore/106 =3D> core/125}/filelists/strongswan | 0 .../{oldcore/100 =3D> core/125}/filelists/tzdata | 0 config/rootfiles/packages/clamav | 2 +- lfs/clamav | 16 ++--- lfs/grub | 4 -- lfs/haproxy | 6 +- lfs/kmod | 1 + lfs/paxctl | 79 --------------------= -- lfs/qemu | 8 --- lfs/strongswan | 4 +- lfs/tzdata | 6 +- make.sh | 3 +- src/initscripts/packages/clamav | 10 +-- src/paks/clamav/update.sh | 4 +- 15 files changed, 25 insertions(+), 120 deletions(-) delete mode 100644 config/rootfiles/common/paxctl copy config/rootfiles/{oldcore/106 =3D> core/125}/filelists/strongswan (100%) copy config/rootfiles/{oldcore/100 =3D> core/125}/filelists/tzdata (100%) delete mode 100644 lfs/paxctl Difference in files: diff --git a/config/rootfiles/common/paxctl b/config/rootfiles/common/paxctl deleted file mode 100644 index c9135a865..000000000 --- a/config/rootfiles/common/paxctl +++ /dev/null @@ -1,2 +0,0 @@ -sbin/paxctl -#usr/share/man/man1/paxctl.1 diff --git a/config/rootfiles/core/125/filelists/strongswan b/config/rootfile= s/core/125/filelists/strongswan new file mode 120000 index 000000000..90c727e26 --- /dev/null +++ b/config/rootfiles/core/125/filelists/strongswan @@ -0,0 +1 @@ +../../../common/strongswan \ No newline at end of file diff --git a/config/rootfiles/core/125/filelists/tzdata b/config/rootfiles/co= re/125/filelists/tzdata new file mode 120000 index 000000000..5a6e3252f --- /dev/null +++ b/config/rootfiles/core/125/filelists/tzdata @@ -0,0 +1 @@ +../../../common/tzdata \ No newline at end of file diff --git a/config/rootfiles/packages/clamav b/config/rootfiles/packages/cla= mav index ec5e09c84..40ee46fef 100644 --- a/config/rootfiles/packages/clamav +++ b/config/rootfiles/packages/clamav @@ -27,7 +27,6 @@ usr/lib/libclamunrar_iface.so.7.1.1 #usr/lib/pkgconfig/libclamav.pc #usr/lib/pkgconfig/libclammspack.pc usr/sbin/clamd -usr/share/clamav #usr/share/man/man1/clambc.1 #usr/share/man/man1/clamconf.1 #usr/share/man/man1/clamdscan.1 @@ -45,5 +44,6 @@ var/ipfire/clamav/clamd.conf var/ipfire/clamav/clamd.conf.sample var/ipfire/clamav/freshclam.conf var/ipfire/clamav/freshclam.conf.sample +var/lib/clamav etc/rc.d/init.d/clamav usr/local/bin/clamavctrl diff --git a/lfs/clamav b/lfs/clamav index ad89e1356..420ee82b3 100644 --- a/lfs/clamav +++ b/lfs/clamav @@ -32,7 +32,7 @@ DL_FROM =3D $(URL_IPFIRE) DIR_APP =3D $(DIR_SRC)/$(THISAPP) TARGET =3D $(DIR_INFO)/$(THISAPP) PROG =3D clamav -PAK_VER =3D 40 +PAK_VER =3D 41 =20 DEPS =3D "" =20 @@ -40,6 +40,8 @@ ifeq "$(BUILD_PLATFORM)" "arm" CONFIGURE_FLAGS =3D --disable-fanotify endif =20 +DATABASE_DIR =3D /var/lib/clamav + ############################################################################= ### # Top-level Rules ############################################################################= ### @@ -84,21 +86,17 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) cd $(DIR_APP) && ./configure \ --prefix=3D/usr \ --sysconfdir=3D/var/ipfire/clamav \ + --with-dbdir=3D$(DATABASE_DIR) \ $(CONFIGURE_FLAGS) cd $(DIR_APP) && make $(MAKETUNING) cd $(DIR_APP) && make install - mkdir -p /usr/share/clamav/ - chown clamav.clamav -R /usr/share/clamav/ + mkdir -pv $(DATABASE_DIR) + chown clamav.clamav -R $(DATABASE_DIR) + rm -rfv $(DATABASE_DIR)/*.cvd cp -rf $(DIR_SRC)/config/clamav/* /var/ipfire/clamav/ - rm -rfv /usr/share/clamav/*.cvd mkdir -p /var/run/clamav chown clamav:clamav /var/run/clamav #install initscripts $(call INSTALL_INITSCRIPT,clamav) - # Disable PaX mprotect for clamd, clamscan and freshclam - paxctl -Cm /usr/sbin/clamd - paxctl -Cm /usr/bin/clamscan - paxctl -Cm /usr/bin/freshclam - @rm -rf $(DIR_APP) @$(POSTBUILD) diff --git a/lfs/grub b/lfs/grub index b51566df3..1a10c2aa5 100644 --- a/lfs/grub +++ b/lfs/grub @@ -131,9 +131,5 @@ endif -mkdir -pv /etc/default install -m 644 $(DIR_SRC)/config/grub2/default /etc/default/grub =20 - # Disable hardening. - paxctl -Cmpes /usr/sbin/grub-bios-setup /usr/sbin/grub-probe - paxctl -Cmpexs /usr/bin/grub-script-check - @rm -rf $(DIR_APP) $(DIR_APP_PC) $(DIR_APP_EFI) @$(POSTBUILD) diff --git a/lfs/haproxy b/lfs/haproxy index 1103e331a..2cf23526e 100644 --- a/lfs/haproxy +++ b/lfs/haproxy @@ -24,7 +24,7 @@ =20 include Config =20 -VER =3D 1.8.0 +VER =3D 1.8.14 =20 THISAPP =3D haproxy-$(VER) DL_FILE =3D $(THISAPP).tar.gz @@ -32,7 +32,7 @@ DL_FROM =3D $(URL_IPFIRE) DIR_APP =3D $(DIR_SRC)/$(THISAPP) TARGET =3D $(DIR_INFO)/$(THISAPP) PROG =3D haproxy -PAK_VER =3D 5 +PAK_VER =3D 6 =20 DEPS =3D "" =20 @@ -48,7 +48,7 @@ objects =3D $(DL_FILE) =20 $(DL_FILE) =3D $(DL_FROM)/$(DL_FILE) =20 -$(DL_FILE)_MD5 =3D 6ccea4619b7183fbcc8c98bae1f9823d +$(DL_FILE)_MD5 =3D a050bcb90426d1c939b4b0ce3098a8c4 =20 install : $(TARGET) =20 diff --git a/lfs/kmod b/lfs/kmod index bb49fbb3c..4ef2088fd 100644 --- a/lfs/kmod +++ b/lfs/kmod @@ -75,6 +75,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) --bindir=3D/bin \ --sysconfdir=3D/etc \ --disable-manpages \ + --with-xz \ --with-zlib =20 cd $(DIR_APP) && make $(MAKETUNING) diff --git a/lfs/paxctl b/lfs/paxctl deleted file mode 100644 index 85e54a5ac..000000000 --- a/lfs/paxctl +++ /dev/null @@ -1,79 +0,0 @@ -############################################################################= ### -# = # -# IPFire.org - A linux based firewall = # -# Copyright (C) 2007-2018 IPFire Team = # -# = # -# This program is free software: you can redistribute it and/or modify = # -# it under the terms of the GNU General Public License as published by = # -# the Free Software Foundation, either version 3 of the License, or = # -# (at your option) any later version. = # -# = # -# This program is distributed in the hope that it will be useful, = # -# but WITHOUT ANY WARRANTY; without even the implied warranty of = # -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the = # -# GNU General Public License for more details. = # -# = # -# You should have received a copy of the GNU General Public License = # -# along with this program. If not, see . = # -# = # -############################################################################= ### - -############################################################################= ### -# Definitions -############################################################################= ### - -include Config - -VER =3D 0.9 - -THISAPP =3D paxctl-$(VER) -DL_FILE =3D $(THISAPP).tar.gz -DL_FROM =3D $(URL_IPFIRE) -DIR_APP =3D $(DIR_SRC)/$(THISAPP) -TARGET =3D $(DIR_INFO)/$(THISAPP) - -############################################################################= ### -# Top-level Rules -############################################################################= ### - -objects =3D $(DL_FILE) - -$(DL_FILE) =3D $(DL_FROM)/$(DL_FILE) - -$(DL_FILE)_MD5 =3D 9bea59b1987dc4e16c2d22d745374e64 - -install : $(TARGET) - -check : $(patsubst %,$(DIR_CHK)/%,$(objects)) - -download :$(patsubst %,$(DIR_DL)/%,$(objects)) - -md5 : $(subst %,%_MD5,$(objects)) - -dist:=20 - @$(PAK) - -############################################################################= ### -# Downloading, checking, md5sum -############################################################################= ### - -$(patsubst %,$(DIR_CHK)/%,$(objects)) : - @$(CHECK) - -$(patsubst %,$(DIR_DL)/%,$(objects)) : - @$(LOAD) - -$(subst %,%_MD5,$(objects)) : - @$(MD5) - -############################################################################= ### -# Installation Details -############################################################################= ### - -$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) - @$(PREBUILD) - @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE) - cd $(DIR_APP) && make $(MAKETUNING) - cd $(DIR_APP) && make install - @rm -rf $(DIR_APP) - @$(POSTBUILD) diff --git a/lfs/qemu b/lfs/qemu index be5d7193d..015837a59 100644 --- a/lfs/qemu +++ b/lfs/qemu @@ -89,14 +89,6 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) # install wrapper for old kvm parameter handling install -m 755 $(DIR_SRC)/config/qemu/qemu /usr/bin/qemu =20 - # disable PaX MPROTECT and RANDMMAP - paxctl -cmr /usr/bin/qemu-system-arm - paxctl -cmr /usr/bin/qemu-system-i386 - paxctl -cmr /usr/bin/qemu-system-x86_64 - paxctl -cmr /usr/bin/qemu-arm - paxctl -cmr /usr/bin/qemu-i386 - paxctl -cmr /usr/bin/qemu-x86_64 - # install an udev script to set the permissions of /dev/kvm cp -avf $(DIR_SRC)/config/qemu/65-kvm.rules /lib/udev/rules.d/65-kvm.rules =20 diff --git a/lfs/strongswan b/lfs/strongswan index 9dee2613b..fd0b91a25 100644 --- a/lfs/strongswan +++ b/lfs/strongswan @@ -24,7 +24,7 @@ =20 include Config =20 -VER =3D 5.6.3 +VER =3D 5.7.1 =20 THISAPP =3D strongswan-$(VER) DL_FILE =3D $(THISAPP).tar.bz2 @@ -40,7 +40,7 @@ objects =3D $(DL_FILE) =20 $(DL_FILE) =3D $(DL_FROM)/$(DL_FILE) =20 -$(DL_FILE)_MD5 =3D a6a28eeb22aa58080a7581771a5b63f9 +$(DL_FILE)_MD5 =3D 86b7e9321cde075cf382268fd282e0b0 =20 install : $(TARGET) =20 diff --git a/lfs/tzdata b/lfs/tzdata index 258fce8d3..5ed32d8d4 100644 --- a/lfs/tzdata +++ b/lfs/tzdata @@ -24,7 +24,7 @@ =20 include Config =20 -VER =3D 2018e +VER =3D 2018g TZDATA_VER =3D $(VER) TZCODE_VER =3D $(VER) =20 @@ -45,8 +45,8 @@ objects =3D tzdata$(TZDATA_VER).tar.gz tzcode$(TZCODE_VER).= tar.gz tzdata$(TZDATA_VER).tar.gz =3D $(DL_FROM)/tzdata$(TZDATA_VER).tar.gz tzcode$(TZCODE_VER).tar.gz =3D $(DL_FROM)/tzcode$(TZCODE_VER).tar.gz =20 -tzdata$(TZDATA_VER).tar.gz_MD5 =3D 97d654f4d7253173b3eeb76a836dd65e -tzcode$(TZCODE_VER).tar.gz_MD5 =3D c4d7df0fff7ba5588b32c5f27e2caf97 +tzdata$(TZDATA_VER).tar.gz_MD5 =3D e71cb1f9d8d53c43904d79d7aeeedc1b +tzcode$(TZCODE_VER).tar.gz_MD5 =3D b48f0282b80bb7dbe16e35626f446ae9 =20 install : $(TARGET) =20 diff --git a/make.sh b/make.sh index b9558bc04..c5cfab151 100755 --- a/make.sh +++ b/make.sh @@ -1039,6 +1039,7 @@ buildbase() { lfsmake2 readline lfsmake2 readline-compat lfsmake2 bzip2 + lfsmake2 xz lfsmake2 pcre lfsmake2 pcre-compat lfsmake2 bash @@ -1073,8 +1074,6 @@ buildbase() { lfsmake2 util-linux lfsmake2 udev lfsmake2 vim - lfsmake2 xz - lfsmake2 paxctl } =20 buildipfire() { diff --git a/src/initscripts/packages/clamav b/src/initscripts/packages/clamav index fa080a67b..d2f63a910 100644 --- a/src/initscripts/packages/clamav +++ b/src/initscripts/packages/clamav @@ -12,12 +12,12 @@ case "$1" in =20 COUNTER=3D0 while [ "$COUNTER" -lt "61" ]; do - [ -e "/usr/share/clamav/main.cvd" ] && \ - [ -e "/usr/share/clamav/daily.cvd" ] || \ - [ -e "/usr/share/clamav/daily.cld" ] && \ + [ -e "/var/lib/clamav/main.cvd" ] && \ + [ -e "/var/lib/clamav/daily.cvd" ] || \ + [ -e "/var/lib/clamav/daily.cld" ] && \ break if [ "$COUNTER" -lt "1" ]; then - boot_mesg -n "Download db " + boot_mesg -n "Downloading database" else boot_mesg -n "." fi @@ -46,7 +46,7 @@ case "$1" in stop) boot_mesg "Stopping Clamav Definition Updater..." killproc /usr/bin/freshclam - rm -rf /usr/share/clamav/*.tmp + rm -rf /var/lib/clamav/*.tmp =20 boot_mesg "Stopping Clamav Daemon..." killproc /usr/sbin/clamd diff --git a/src/paks/clamav/update.sh b/src/paks/clamav/update.sh index 303f036b0..0a4af73c2 100644 --- a/src/paks/clamav/update.sh +++ b/src/paks/clamav/update.sh @@ -22,7 +22,7 @@ ############################################################################ # . /opt/pakfire/lib/functions.sh -mv /usr/share/clamav /usr/share/clamav-update +mv /var/lib/clamav /var/lib/clamav-update ./uninstall.sh -mv /usr/share/clamav-update /usr/share/clamav +mv /var/lib/clamav-update /var/lib/clamav ./install.sh hooks/post-receive -- IPFire 2.x development tree --===============5357255962427757320==--