From mboxrd@z Thu Jan 1 00:00:00 1970 From: Michael Tremer To: ipfire-scm@lists.ipfire.org Subject: [git.ipfire.org] IPFire 2.x development tree branch, next, updated. 57521504a89e792336f55e893564a000bfe4b1d7 Date: Mon, 18 Mar 2019 12:45:12 +0000 Message-ID: <20190318124513.0FA0284FDB0@people01.i.ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============6881781352097233698==" List-Id: --===============6881781352097233698== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree". The branch, next has been updated via 57521504a89e792336f55e893564a000bfe4b1d7 (commit) via 5b4464a94478059ceebf266bc31dee4a4ba18fac (commit) via a10b0e5b448bf7e4a9bcc334e177ddae09806dc7 (commit) via a46903cce3863923838c5cc0721f4932adf2175d (commit) via 6f8b156bf0dcda4a1bb8ccdc8db83a54b2d7d1d0 (commit) via 2c703afc04448f15f9ad6b9c90be216bad256532 (commit) via f81c2225198b894c180cf36b6ee2cd6c0ea3849d (commit) via 728f3d2e8f3d26e80154236c6d67e303e1f7f3b9 (commit) via 7bf5b0f22194fcb617f3e678c4a1c492b0faf01d (commit) from e1d9148b61bc973ac1fef063b58500de4d881d7e (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 57521504a89e792336f55e893564a000bfe4b1d7 Author: Michael Tremer Date: Sat Mar 16 12:34:19 2019 +0000 hostapd: Bump package version =20 Signed-off-by: Michael Tremer commit 5b4464a94478059ceebf266bc31dee4a4ba18fac Author: Peter M=C3=BCller Date: Sat Mar 16 14:20:00 2019 +0000 hostapd: make client isolation configurable via WebUI =20 hostapd supports client-isolation, but this feature could not be configured via the WebUI so far. Since it might be desired in public wireless networks, or even private ones, it makes sense to provide a radio button to let the user decide on. =20 Fixes #11974. =20 Signed-off-by: Peter M=C3=BCller Signed-off-by: Michael Tremer commit a10b0e5b448bf7e4a9bcc334e177ddae09806dc7 Author: Peter M=C3=BCller Date: Fri Mar 15 17:00:00 2019 +0000 ensure Tor daemon files have correct permissions =20 Set permissions for /var/lib/tor and /var/ipfire/tor to tor:tor, regardless whether Tor user has been created before or not. =20 This ensures Tor starts properly on existing systems after reinstallation of the add-on. Thanks to Michael for the hint. =20 Further, a comment for new Tor user in /etc/passwd has been added. =20 Fixes #11779. =20 Signed-off-by: Peter M=C3=BCller Signed-off-by: Michael Tremer commit a46903cce3863923838c5cc0721f4932adf2175d Author: Michael Tremer Date: Sat Mar 16 12:32:10 2019 +0000 core130: Ship updated unbound =20 Signed-off-by: Michael Tremer commit 6f8b156bf0dcda4a1bb8ccdc8db83a54b2d7d1d0 Author: Matthias Fischer Date: Fri Mar 15 19:15:19 2019 +0100 unbound: Update to 1.9.1 =20 For details see: https://nlnetlabs.nl/pipermail/unbound-users/2019-March/011415.html =20 Signed-off-by: Matthias Fischer Signed-off-by: Michael Tremer commit 2c703afc04448f15f9ad6b9c90be216bad256532 Author: Michael Tremer Date: Sat Mar 16 12:30:22 2019 +0000 core130: Ship updated ntp =20 Signed-off-by: Michael Tremer commit f81c2225198b894c180cf36b6ee2cd6c0ea3849d Author: Matthias Fischer Date: Fri Mar 15 19:10:11 2019 +0100 ntp: Update to 4.2.8p13 =20 For details see: http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities =20 Signed-off-by: Matthias Fischer Signed-off-by: Michael Tremer commit 728f3d2e8f3d26e80154236c6d67e303e1f7f3b9 Author: Stefan Schantl Date: Sat Mar 16 13:04:18 2019 +0100 suricata: Fix ownership and file permissions of files inside /var/lib/sur= icata. =20 These files needs to have nobody.nobody as owner but requires read-acces = from everyone to allow the suricata user reading-in this files during startup. =20 Signed-off-by: Stefan Schantl Signed-off-by: Michael Tremer commit 7bf5b0f22194fcb617f3e678c4a1c492b0faf01d Author: Stefan Schantl Date: Sat Mar 16 12:57:25 2019 +0100 logs.cgi/ids.dat: Fixup processing dates from logfiles which contains a y= ear =20 Signed-off-by: Stefan Schantl Signed-off-by: Michael Tremer ----------------------------------------------------------------------- Summary of changes: config/rootfiles/common/unbound | 2 +- config/rootfiles/{oldcore/100 =3D> core/130}/filelists/ntp | 0 .../rootfiles/{oldcore/106 =3D> core/130}/filelists/unbound | 0 config/rootfiles/core/130/update.sh | 1 + html/cgi-bin/logs.cgi/ids.dat | 9 ++++++++- html/cgi-bin/wlanap.cgi | 14 ++++++++++++= ++ lfs/hostapd | 2 +- lfs/ntp | 6 +++--- lfs/suricata | 8 ++++++-- lfs/unbound | 6 +++--- src/paks/tor/install.sh | 8 ++++---- 11 files changed, 41 insertions(+), 15 deletions(-) copy config/rootfiles/{oldcore/100 =3D> core/130}/filelists/ntp (100%) copy config/rootfiles/{oldcore/106 =3D> core/130}/filelists/unbound (100%) Difference in files: diff --git a/config/rootfiles/common/unbound b/config/rootfiles/common/unbound index 843e0eeca..a130a059b 100644 --- a/config/rootfiles/common/unbound +++ b/config/rootfiles/common/unbound @@ -11,7 +11,7 @@ etc/unbound/unbound.conf #usr/lib/libunbound.la #usr/lib/libunbound.so usr/lib/libunbound.so.8 -usr/lib/libunbound.so.8.1.0 +usr/lib/libunbound.so.8.1.1 #usr/lib/pkgconfig/libunbound.pc usr/sbin/unbound usr/sbin/unbound-anchor diff --git a/config/rootfiles/core/130/filelists/ntp b/config/rootfiles/core/= 130/filelists/ntp new file mode 120000 index 000000000..7542d86cb --- /dev/null +++ b/config/rootfiles/core/130/filelists/ntp @@ -0,0 +1 @@ +../../../common/ntp \ No newline at end of file diff --git a/config/rootfiles/core/130/filelists/unbound b/config/rootfiles/c= ore/130/filelists/unbound new file mode 120000 index 000000000..66adf0924 --- /dev/null +++ b/config/rootfiles/core/130/filelists/unbound @@ -0,0 +1 @@ +../../../common/unbound \ No newline at end of file diff --git a/config/rootfiles/core/130/update.sh b/config/rootfiles/core/130/= update.sh index b4238e7b4..d33321c32 100644 --- a/config/rootfiles/core/130/update.sh +++ b/config/rootfiles/core/130/update.sh @@ -77,6 +77,7 @@ ldconfig # Start services /etc/init.d/collectd restart /etc/init.d/firewall restart +/etc/init.d/unbound restart /etc/init.d/suricata start =20 # This update needs a reboot... diff --git a/html/cgi-bin/logs.cgi/ids.dat b/html/cgi-bin/logs.cgi/ids.dat index e374f5711..1447a06f0 100644 --- a/html/cgi-bin/logs.cgi/ids.dat +++ b/html/cgi-bin/logs.cgi/ids.dat @@ -460,7 +460,14 @@ sub processevent } } $line++; - unless ($line =3D=3D 1 || $date ne "$monthstr/$daystr") { &append; } + + # Split the date into single chunks. + my ($month, $day, $year) =3D split('/', $date); + + # Check if all data is collected and the date of the event fits the desire= d date to + # get displayed. + if ($line gt 1 || "$month/$day" eq "$monthstr/$daystr") { &append; } + close(LOG); } } diff --git a/html/cgi-bin/wlanap.cgi b/html/cgi-bin/wlanap.cgi index 72c9a1298..cae191101 100644 --- a/html/cgi-bin/wlanap.cgi +++ b/html/cgi-bin/wlanap.cgi @@ -75,6 +75,7 @@ $wlanapsettings{'DRIVER'} =3D 'NL80211'; $wlanapsettings{'HTCAPS'} =3D ''; $wlanapsettings{'VHTCAPS'} =3D ''; $wlanapsettings{'NOSCAN'} =3D 'off'; +$wlanapsettings{'CLIENTISOLATION'} =3D 'off'; =20 &General::readhash("/var/ipfire/wlanap/settings", \%wlanapsettings); &Header::getcgihash(\%wlanapsettings); @@ -252,6 +253,10 @@ $checked{'NOSCAN'}{'off'} =3D ''; $checked{'NOSCAN'}{'on'} =3D ''; $checked{'NOSCAN'}{$wlanapsettings{'NOSCAN'}} =3D "checked=3D'checked'"; =20 +$checked{'CLIENTISOLATION'}{'off'} =3D ''; +$checked{'CLIENTISOLATION'}{'on'} =3D ''; +$checked{'CLIENTISOLATION'}{$wlanapsettings{'CLIENTISOLATION'}} =3D "checked= =3D'checked'"; + $selected{'ENC'}{$wlanapsettings{'ENC'}} =3D "selected=3D'selected'"; $selected{'CHANNEL'}{$wlanapsettings{'CHANNEL'}} =3D "selected=3D'selected'"; $selected{'COUNTRY'}{$wlanapsettings{'COUNTRY'}} =3D "selected=3D'selected'"; @@ -377,6 +382,7 @@ print <SSID:  SSID Broadcast: on | off +Client Isolation: on | off =20 =20 $Lang::tr{'wlanap country'}: = @@ -632,6 +638,14 @@ END =20 } =20 + # https://forum.ipfire.org/viewtopic.php?f=3D22&t=3D12274&p=3D79070#p79070 + if ( $wlanapsettings{'CLIENTISOLATION'} eq 'on' ){ + print CONFIGFILE < = # +# Copyright (C) 2007-2019 IPFire Team = # # = # # This program is free software: you can redistribute it and/or modify = # # it under the terms of the GNU General Public License as published by = # @@ -24,7 +24,7 @@ =20 include Config =20 -VER =3D 4.2.8p12 +VER =3D 4.2.8p13 =20 THISAPP =3D ntp-$(VER) DL_FILE =3D $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects =3D $(DL_FILE) =20 $(DL_FILE) =3D $(DL_FROM)/$(DL_FILE) =20 -$(DL_FILE)_MD5 =3D 1522d66574bae14abb2622746dad2bdc +$(DL_FILE)_MD5 =3D ea040ab9b4ca656b5229b89d6b822f13 =20 install : $(TARGET) =20 diff --git a/lfs/suricata b/lfs/suricata index 0a561ef8b..d7b5b71d6 100644 --- a/lfs/suricata +++ b/lfs/suricata @@ -101,8 +101,12 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) # to the rules directory. mv /etc/suricata/*.config /var/lib/suricata =20 - # Set correct ownership for /var/lib/suricata - chown nobody:nobody /var/lib/suricata + # Set correct permissions for the files. + chmod 644 /var/lib/suricata/*.config + + # Set correct ownership for /var/lib/suricata and the + # contained files + chown -R nobody:nobody /var/lib/suricata =20 # Create logging directory. -mkdir -p /var/log/suricata diff --git a/lfs/unbound b/lfs/unbound index b090010d4..87666dfce 100644 --- a/lfs/unbound +++ b/lfs/unbound @@ -1,7 +1,7 @@ ############################################################################= ### # = # # IPFire.org - A linux based firewall = # -# Copyright (C) 2007-2018 IPFire Team = # +# Copyright (C) 2007-2019 IPFire Team = # # = # # This program is free software: you can redistribute it and/or modify = # # it under the terms of the GNU General Public License as published by = # @@ -24,7 +24,7 @@ =20 include Config =20 -VER =3D 1.9.0 +VER =3D 1.9.1 =20 THISAPP =3D unbound-$(VER) DL_FILE =3D $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects =3D $(DL_FILE) =20 $(DL_FILE) =3D $(DL_FROM)/$(DL_FILE) =20 -$(DL_FILE)_MD5 =3D 1026159991a3883518525bc18e25582f +$(DL_FILE)_MD5 =3D 5d954920d192b33f7c88f015dd969940 =20 install : $(TARGET) =20 diff --git a/src/paks/tor/install.sh b/src/paks/tor/install.sh index e1ed33331..268bccecd 100644 --- a/src/paks/tor/install.sh +++ b/src/paks/tor/install.sh @@ -29,12 +29,12 @@ if ! getent group tor &>/dev/null; then fi =20 if ! getent passwd tor; then - useradd -u 119 -g tor -d /var/empty -s /bin/false tor - - # Adjust some folder permission for new UID/GID - chown -R tor:tor /var/lib/tor /var/ipfire/tor + useradd -u 119 -g tor -c "Tor daemon user" -d /var/empty -s /bin/fals= e tor fi =20 +# Adjust some folder permission for new UID/GID +chown -R tor:tor /var/lib/tor /var/ipfire/tor + extract_files restore_backup ${NAME} start_service --background ${NAME} hooks/post-receive -- IPFire 2.x development tree --===============6881781352097233698==--