From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4bLQVG3ySsz3028 for ; Mon, 16 Jun 2025 10:00:22 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mail01.haj.ipfire.org", Issuer "R10" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4bLQVG3k4mz2xSN for ; Mon, 16 Jun 2025 10:00:22 +0000 (UTC) Received: from people01.haj.ipfire.org (people01.haj.ipfire.org [172.28.1.161]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature ECDSA (secp384r1) client-digest SHA384) (Client CN "people01.haj.ipfire.org", Issuer "E6" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4bLQVF3qL5zdN for ; Mon, 16 Jun 2025 10:00:21 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1750068021; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc; bh=3l09qpAxsDqsmA84YlxPaIiRg8LTB/egGY3Rre4vByw=; b=U4VY7lHsEphZm1G2UxYtf0HIXRQfXblDoLvvJ0dK7gg/khUM6v4JOiWSlLazBkxw0vleeN 1aeU6nbr+By4ZJAw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1750068021; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc; bh=3l09qpAxsDqsmA84YlxPaIiRg8LTB/egGY3Rre4vByw=; b=hsNnkOL+cbksXZeBVwZvd4Vk+DkVcxfL9cmKntxsMRhIol3aMXSJU8YXAeEVTWItlhKJH2 Gbs3ajxEqC1l3RGdFuFxNZ0NNvckKxVrfyMn7I17HzUXOQCWYXtmhN3lGI6FJHaO1zfaaT vk4ZphVyJJVA40kQhFZpp/IQz5JeWcV2wkylMBX5PyuTx4lCirHeUuu+abJFYp+G/6OM4m ozLn0oqOZzeOtu2VRZ6wmyC8zuaTBfV4F5litUJKt6FyVzxxPA6nmcUEOnX+un0IiV84Bk cnb1J19WbkuCBsNF5ZN+pAYGpRUP7Zltda+46Nilo/D7zPrG90D7b/Bm8LoQuw== Received: by people01.haj.ipfire.org (Postfix, from userid 1000) id 4bLQVF1tzpz2xfL; Mon, 16 Jun 2025 10:00:21 +0000 (UTC) To: ipfire-scm@lists.ipfire.org Subject: [git.ipfire.org] IPFire 2.x development tree branch, next, updated. e53ee18418724ee1f442c94b9caacdeb5459524f X-Git-Refname: refs/heads/next X-Git-Reftype: branch X-Git-Oldrev: 8e1a9a3699e7061405ae7ee49caf672558a1c792 X-Git-Newrev: e53ee18418724ee1f442c94b9caacdeb5459524f Message-Id: <4bLQVF1tzpz2xfL@people01.haj.ipfire.org> Date: Mon, 16 Jun 2025 10:00:21 +0000 (UTC) From: Michael Tremer Precedence: list List-Id: List-Subscribe: , List-Unsubscribe: , List-Post: List-Help: Sender: Mail-Followup-To: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree". The branch, next has been updated via e53ee18418724ee1f442c94b9caacdeb5459524f (commit) via d5a6101fbcb446c41f15963971edab801ee059c0 (commit) via a005bdb87938029cfb768ccfdf9fc40a08ea68aa (commit) via d01b600c15cb1b0fb04049af88b193bd9fbdf9d4 (commit) via ccc460565ffd5e36d6c494726bac8c91ffd98168 (commit) via 5e5aeed7b0c955ccaecaefed9e3f104ffad56136 (commit) from 8e1a9a3699e7061405ae7ee49caf672558a1c792 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit e53ee18418724ee1f442c94b9caacdeb5459524f Author: Michael Tremer Date: Mon Jun 16 09:41:07 2025 +0000 fort: This package requires rsync Signed-off-by: Michael Tremer commit d5a6101fbcb446c41f15963971edab801ee059c0 Author: Michael Tremer Date: Mon Jun 16 09:40:36 2025 +0000 fort: Listen on localhost only Signed-off-by: Michael Tremer commit a005bdb87938029cfb768ccfdf9fc40a08ea68aa Author: Michael Tremer Date: Mon Jun 16 09:38:14 2025 +0000 fort: Run the service as daemon in the background Signed-off-by: Michael Tremer commit d01b600c15cb1b0fb04049af88b193bd9fbdf9d4 Author: Michael Tremer Date: Mon Jun 16 09:35:18 2025 +0000 fort: Give it a cache directory Signed-off-by: Michael Tremer commit ccc460565ffd5e36d6c494726bac8c91ffd98168 Author: Michael Tremer Date: Mon Jun 16 09:32:52 2025 +0000 fort: Install all TALs Signed-off-by: Michael Tremer commit 5e5aeed7b0c955ccaecaefed9e3f104ffad56136 Author: Michael Tremer Date: Mon Jun 16 09:07:37 2025 +0000 fort-validator: Make the argument list an array Signed-off-by: Michael Tremer ----------------------------------------------------------------------- Summary of changes: config/rootfiles/packages/fort-validator | 8 ++++++++ lfs/fort-validator | 15 ++++++++++++++- src/initscripts/packages/fort-validator | 24 +++++++++++++++++++++++- 3 files changed, 45 insertions(+), 2 deletions(-) Difference in files: diff --git a/config/rootfiles/packages/fort-validator b/config/rootfiles/packages/fort-validator index 629aab345..929c9b43e 100644 --- a/config/rootfiles/packages/fort-validator +++ b/config/rootfiles/packages/fort-validator @@ -3,6 +3,14 @@ etc/fort/config.json etc/fort/config.json.example etc/rc.d/init.d/fort-validator usr/bin/fort +usr/share/fort +#usr/share/fort/tals +#usr/share/fort/tals/afrinic.tal +#usr/share/fort/tals/apnic.tal +#usr/share/fort/tals/arin.tal +#usr/share/fort/tals/lacnic.tal +#usr/share/fort/tals/ripe-ncc.tal #usr/share/man/man8/fort.8 +var/cache/fort var/ipfire/backup/addons/includes/fort-validator var/lib/fort diff --git a/lfs/fort-validator b/lfs/fort-validator index cb8ba8972..1f9ae5499 100644 --- a/lfs/fort-validator +++ b/lfs/fort-validator @@ -36,7 +36,7 @@ TARGET = $(DIR_INFO)/$(THISAPP) PROG = fort-validator PAK_VER = 1 -DEPS = +DEPS = rsync SERVICES = fort-validator @@ -101,6 +101,19 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) cd $(DIR_APP) && install -m 0644 $(DIR_APP)/examples/config.json \ /etc/fort/config.json.example + # Install TALs + mkdir -pv /usr/share/fort/tals + cd $(DIR_APP) && install -v -m 644 \ + $(DIR_APP)/examples/tal/afrinic.tal \ + $(DIR_APP)/examples/tal/apnic.tal \ + $(DIR_APP)/examples/tal/arin.tal \ + $(DIR_APP)/examples/tal/lacnic.tal \ + $(DIR_APP)/examples/tal/ripe-ncc.tal \ + /usr/share/fort/tals + + # Cache directory + mkdir -pv /var/cache/fort + # Install initscripts $(call INSTALL_INITSCRIPTS,$(SERVICES)) diff --git a/src/initscripts/packages/fort-validator b/src/initscripts/packages/fort-validator index e0c9ba29c..e9cc3ed05 100644 --- a/src/initscripts/packages/fort-validator +++ b/src/initscripts/packages/fort-validator @@ -22,10 +22,32 @@ . /etc/sysconfig/rc . ${rc_functions} +ARGS=( + # Load the configuration file + --configuration-file /etc/fort/config.json + + # Log to syslog + --log.output=syslog + --validation-log.output=syslog + + # Read TALs + --tal /usr/share/fort/tals + + # Configure a cache directory + --local-repository /var/cache/fort + + # Run as daemon + --daemon + + # Listen on localhost + --server.address 127.0.0.1 + --server.port 3323 +) + case "${1}" in start) boot_mesg "Starting fort RPKI validator..." - loadproc /usr/bin/fort --log.output=syslog --validation-log.output=syslog --configuration-file /etc/fort/config.json + loadproc /usr/bin/fort "${ARGS[@]}" ;; stop) hooks/post-receive -- IPFire 2.x development tree