* [git.ipfire.org] IPFire 2.x development tree branch, master, updated. 7c6a4babf851a13292f0cfa90ca9e3fbfc42525c
@ 2021-02-16 11:50 Michael Tremer
0 siblings, 0 replies; only message in thread
From: Michael Tremer @ 2021-02-16 11:50 UTC (permalink / raw)
To: ipfire-scm
[-- Attachment #1: Type: text/plain, Size: 4240 bytes --]
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".
The branch, master has been updated
via 7c6a4babf851a13292f0cfa90ca9e3fbfc42525c (commit)
from 0d58fcd2aa1240e96754aaf24665d4d1650e301a (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 7c6a4babf851a13292f0cfa90ca9e3fbfc42525c
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Tue Feb 16 11:50:16 2021 +0000
Revert "dhcpcd: Update to 9.3.4"
This reverts commit d96d979e2a0bb199b5ae7bec75964f4091996268.
Arne requested to revert this commit as well since dhcpcd still does not
run without any problems on i586 systems.
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
-----------------------------------------------------------------------
Summary of changes:
lfs/dhcpcd | 7 ++---
...86_for_SECCOMP_as_it_just_uses_socketcall.patch | 36 ----------------------
2 files changed, 2 insertions(+), 41 deletions(-)
delete mode 100644 src/patches/dhcpcd/01_Fix_Linux_i386_for_SECCOMP_as_it_just_uses_socketcall.patch
Difference in files:
diff --git a/lfs/dhcpcd b/lfs/dhcpcd
index 4e34e19d5..3bd33dc56 100644
--- a/lfs/dhcpcd
+++ b/lfs/dhcpcd
@@ -24,7 +24,7 @@
include Config
-VER = 9.3.4
+VER = 9.1.4
THISAPP = dhcpcd-$(VER)
DL_FILE = $(THISAPP).tar.xz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = badb02dfc69fe9bbeec35a02efcdb4db
+$(DL_FILE)_MD5 = dd77711cf3232002bb075f5210269f88
install : $(TARGET)
@@ -70,9 +70,6 @@ $(subst %,%_MD5,$(objects)) :
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
-
- cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dhcpcd/01_Fix_Linux_i386_for_SECCOMP_as_it_just_uses_socketcall.patch
-
cd $(DIR_APP) && ./configure --prefix="" --sysconfdir=/var/ipfire/dhcpc \
--dbdir=/var/ipfire/dhcpc \
--libexecdir=/var/ipfire/dhcpc \
diff --git a/src/patches/dhcpcd/01_Fix_Linux_i386_for_SECCOMP_as_it_just_uses_socketcall.patch b/src/patches/dhcpcd/01_Fix_Linux_i386_for_SECCOMP_as_it_just_uses_socketcall.patch
deleted file mode 100644
index 9efcde219..000000000
--- a/src/patches/dhcpcd/01_Fix_Linux_i386_for_SECCOMP_as_it_just_uses_socketcall.patch
+++ /dev/null
@@ -1,36 +0,0 @@
-diff --git a/src/privsep-linux.c b/src/privsep-linux.c
-index 050a30cf..d31d720d 100644
---- a/src/privsep-linux.c
-+++ b/src/privsep-linux.c
-@@ -32,6 +32,7 @@
-
- #include <linux/audit.h>
- #include <linux/filter.h>
-+#include <linux/net.h>
- #include <linux/seccomp.h>
- #include <linux/sockios.h>
-
-@@ -304,6 +305,23 @@ static struct sock_filter ps_seccomp_filter[] = {
- #ifdef __NR_sendto
- SECCOMP_ALLOW(__NR_sendto),
- #endif
-+#ifdef __NR_socketcall
-+ /* i386 needs this and demonstrates why SECCOMP
-+ * is poor compared to OpenBSD pledge(2) and FreeBSD capsicum(4)
-+ * as this is soooo tied to the kernel API which changes per arch
-+ * and likely libc as well. */
-+ SECCOMP_ALLOW_ARG(__NR_socketcall, 0, SYS_ACCEPT),
-+ SECCOMP_ALLOW_ARG(__NR_socketcall, 0, SYS_ACCEPT4),
-+ SECCOMP_ALLOW_ARG(__NR_socketcall, 0, SYS_LISTEN),
-+ SECCOMP_ALLOW_ARG(__NR_socketcall, 0, SYS_GETSOCKOPT), /* overflow */
-+ SECCOMP_ALLOW_ARG(__NR_socketcall, 0, SYS_RECV),
-+ SECCOMP_ALLOW_ARG(__NR_socketcall, 0, SYS_RECVFROM),
-+ SECCOMP_ALLOW_ARG(__NR_socketcall, 0, SYS_RECVMSG),
-+ SECCOMP_ALLOW_ARG(__NR_socketcall, 0, SYS_SEND),
-+ SECCOMP_ALLOW_ARG(__NR_socketcall, 0, SYS_SENDMSG),
-+ SECCOMP_ALLOW_ARG(__NR_socketcall, 0, SYS_SENDTO),
-+ SECCOMP_ALLOW_ARG(__NR_socketcall, 0, SYS_SHUTDOWN),
-+#endif
- #ifdef __NR_shutdown
- SECCOMP_ALLOW(__NR_shutdown),
- #endif
hooks/post-receive
--
IPFire 2.x development tree
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2021-02-16 11:50 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-02-16 11:50 [git.ipfire.org] IPFire 2.x development tree branch, master, updated. 7c6a4babf851a13292f0cfa90ca9e3fbfc42525c Michael Tremer
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox