* [git.ipfire.org] IPFire 2.x development tree branch, next, updated. dba199447f129f67a7ff0c36d25511643810222c
@ 2025-06-23 9:51 Michael Tremer
0 siblings, 0 replies; only message in thread
From: Michael Tremer @ 2025-06-23 9:51 UTC (permalink / raw)
To: ipfire-scm
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #1: Type: text/plain, Size: 191134 bytes --]
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".
The branch, next has been updated
via dba199447f129f67a7ff0c36d25511643810222c (commit)
via 93ceb9159dc02550a80054f8b9bd038ab45d5ab4 (commit)
via ed4e0718dbc7dc6448d50a81845ce9308b665058 (commit)
via d741cf944e3127d31fb4adcdccf7d4ac18596682 (commit)
via ea70c5fee2f248c2fe999c5fdd3559bc221b81ab (commit)
via 9fa89ee6fbd4935b43d921766bce6e085c558677 (commit)
via b9a324bf067450f3cd4d4d9a291f80ee55f33c26 (commit)
via fecdaf9c85bf91e63ce2629ed2bd4fbb770d8af4 (commit)
via 9c992d52903d7610a6e50046f771f23bd95c35f2 (commit)
via 2116a336a5022f260dd9f7368b5007d9439eb2aa (commit)
via 733c3728a2877a58a46aa6335698bbdb88d02291 (commit)
via 8ec17e164807e5232c880b55527412dd83e3cd1a (commit)
via 02084f578149be840cb43470e9aabed4af4c2ebc (commit)
via 663e19144877926fd97d8e5f95c5fbb6319c6b3a (commit)
via 349fe1e84ae2ed3b31eb99b9980af0722e40b352 (commit)
via 5536d27c0dec020cff144b89623cc04f87b7b7eb (commit)
from b640e1d98a373940cbce2519639ffeeff8977aac (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit dba199447f129f67a7ff0c36d25511643810222c
Author: Adolf Belka <adolf.belka@ipfire.org>
Date: Mon Jun 23 10:02:31 2025 +0200
iniparser: New package as required dependency for netatalk
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit 93ceb9159dc02550a80054f8b9bd038ab45d5ab4
Author: Adolf Belka <adolf.belka@ipfire.org>
Date: Mon Jun 23 10:02:30 2025 +0200
netatalk: Update to version 4.2.4
- Update from version 3.2.8 to 4.2.4
- Patch for removal of prefix for sysconfdir and localstatedir has been removed as there
is an alternative way to define the required paths using meson options.
- The -Dwith-embedded-ssl option is no longer needed as the embedded WolfSSL has been
removed from netatalk
- Update of rootfile
- netatalk now requires the iniparser package as their own hacked version has been
removed. So iniparser has been added in another patch in this patch set.
- Changelog
4.2.4
* FIX: uams: Check for const pam_message member of pam_conv, GitHub #2196
Makes it possible to build on Solaris 11.4.81 CBE
* FIX: meson: Avoid build error in incomplete Homebrew env, GitHub #2190
* UPD: meson: Build with Homebrew libraries is now opt-in, GitHub #2194
To opt in to build against Homebrew, use -Dwith-homebrew=true
* UPD: docs: Improve afpd and macipgw man pages, GitHub #2155
4.2.3
* FIX: Properly read from afp.conf file passed with -F parameter, GitHub #2150
* FIX: Read the appletalk option only when built with DDP, GitHub #2149
* UPD: Consistently return exit code 0 after daemon version info, GitHub #2151
* UPD: libatalk: MySQL query error log level is dropped to debug, GitHub #2143
* UPD: initscripts: Improvements to netatalk OpenRC init script, GitHub #2148
* FIX: meson: enhance iconv detection when cross compiling, GitHub #1921
* UPD: docs: Cross-platform friendly docs for CNID statedir, GitHub #2146
4.2.2
* NEW: cnid: Create MySQL database automatically if needed, GitHub #2119
* UPD: meson: Use pandoc to build documentation when available, GitHub #2127
* UPD: meson: Generate the html manual with plain cmark, GitHub #2134
* NEW: docker: Support for the mysql CNID backend in container, GitHub #2116
* NEW: docker: Containerized netatalk webmin module, GitHub #1463
* NEW: docker: Introduce option to enable extension mapping, GitHub #2125
* NEW: docker: Introduce option for disabling Spotlight, GitHub #2128
* NEW: webmin: UI for editing of the extmap.conf file, GitHub #2129
* NEW: webmin: Introduce option for hiding service controls, GitHub #2133
* FIX: webmin: Correct handling of volume and preset names, GitHub #2130
* FIX: webmin: Treat uams_randnum.so as a standard UAM, GitHub #2131
* FIX: docs: More portable man page markdown source syntax, GitHub #2114
* FIX: docs: Properly build the localized html manual, GitHub #2136
* FIX: docs: Overhauled markdown styles of whole manual, GitHub #2138
4.2.1
* NEW: meson: Introduce option to control state dir creation, GitHub #2070
Introduces the with-statedir-creation boolean option, true by default
* NEW: meson: Option for controlling CUPS backend installation, GitHub #2071
Introduces with-cups-pap-backend (boolean, default false)
and with-cups-libdir-path (string)
* FIX: meson: Generate Unicode lookup table sources before use, GitHub #2072
* FIX: libatalk: Work around DSIWrite() bug in AppleShare Client 3.7.x,
GitHub #2085
* FIX: libatalk: Restore cnid mysql pw option that had fallen off
which makes the mysql backend usable again, GitHub #2112
* FIX: afpd: Don't lose extension mapping on macOS hosts, GitHub #2092
* FIX: afpd: Fall back to ea = none rather than ea = ad when
the filesystem EA support check fails, GitHub #2103
* UPD: webmin: Print volume name + section name in volumes list, GitHub #2073
* FIX: webmin: Sort lists of index page items in alphabetical order,
GitHub #2074
* FIX: webmin: Return to the correct index tab from other actions, GitHub #2075
* UPD: testsuite: Print a detailed test summary after spectest run, GitHub #2095
* UPD: testsuite: Break out separate FPGetExtAttr test module, GitHub #2104
* UPD: testsuite: Print usage helptext when running test binaries
without params, GitHub #2111
* UPD: docs: Major additions to the afptest man page, GitHub #2100
* NEW: docs: bstring README with redistribution notes and LICENSE,
GitHub #2077
* FIX: docs: Improve verbiage in signature and UUID man pages, GitHub #2084
* UPD: docs: Transition Compilation from manual chapter to readme, GitHub #2106
* UPD: docs: Reduce overlap between install chapter and install readme,
GitHub #2107
4.2.0
* NEW: Link with shared iniparser library instead of vendored one, GitHub #1948
- Makes iniparser a mandatory dependency
- Our own hacked iniparser is now removed, which has a few side effects
- Volume section names are now case insensitive, forced to lower case
- The include directive is no longer supported (for now)
* NEW: afpd: Introduce apf.conf 'volume name' Volume option, GitHub #1976
* NEW: afpd: Introduce 'server name' Global option in afp.conf, GitHub #1974
* NEW: docs: Convert documentation from XML to Markdown format,
introducing cmark dependency instead of docbook-xsl, GitHub #1905
* NEW: docs: Generate local html manual with only core pages, GitHub #1969
* NEW: docker: Introduce dropbox mode option for guest access, GitHub #1981
* NEW: docker: New and improved env variable options including debug mode,
GitHub #1977, #1979
* UPD: Control metadata settings with 'ea' solely,
removing 'appledouble' option, GitHub #1983
* UPD: afpd: Use servername for ASP connections with hostname fallback,
GitHub #1978
* UPD: afpd: Refactor FCE file skip logic, make comma the standard delineator,
GitHub #1997
* UPD: libatalk: Use getaddrinfo() instead of deprecated gethostbyname(),
GitHub #1934
* UPD: meson: Introduce with-unicode-data option to build case tables,
GitHub #1928
* UPD: meson: Clean up obsoleted compatibility macros, GitHub #2035
* UPD: meson: Cross-platform crypt library detection, GitHub #2036
* UPD: Improve and harden the FCE listener app,
rename it to fce_listen and install with Meson, GitHub #2063
* FIX: afpd: Register FCE file creation event when copying files, GitHub #2027
* FIX: afpd: Use getpwnam_shadow() for basic auth on OpenBSD, GitHub #2040
* FIX: libatalk: Use unspecified network stack by default on OpenBSD,
GitHub #2044
* FIX: uams: Support for OpenBSD flavor crypt_checkpass()
for password validation, GitHub #2037
* FIX: Fix ad cp loss of FinderInfo, GitHub #2058
* FIX: Fix for CNID error with ad mv utility, GitHub #2060
* FIX: Apply additional hardening to the Netatalk Metadata EA handling,
GitHub #2059
* FIX: Avoid TOCTOU race conditions in libatalk code, GitHub #1938, #1936
* FIX: Fix high severity memory safety bugs, GitHub #1966
* FIX: Protect against memory leaks and out of bounds array access,
GitHub #1989
* FIX: bstrlib: Protect against buffer overflow, null pointer dereference,
GitHub #1987
* FIX: libatalk: Refactor vfs write_ea() to avoid TOCTOU race condition,
GitHub #1965
* FIX: libatalk: Refactor vfs ea_open() to avoid TOCTOU race condition,
GitHub #1964
* FIX: uams: Check account validity after calling pam_authenticate(),
GitHub #1935
* FIX: uams: Validate PAM account after root auth in DHX2 UAM, GitHub #1937
* FIX: uams: Return properly when ClearTxt shadow password has expired,
GitHub #2041
* FIX: getzones: do not attempt to bind to the address we're also sending to,
GitHub #2051
* FIX: libatalk: Improved logging when charset conversion fails,
GitHub #1952
* FIX: webmin: Add RandNum UAM option to Global config, GitHub #2047
* REM: Remove traces of unsupported LDAP SASL auth, GitHub #1925
* REM: Remove standards.h with macros that are defined by the build system,
GitHub #1988
* REM: Eliminate obsoleted NO_REAL_USER_NAME capability flag macro,
GitHub #2018
* REM: meson: Remove legacy IRIX XFS extended attributes API, GitHub #2052
4.1.2
* UPD: meson: Look for shared Berkeley DB library in versioned subdir too,
to detect the library in the MacPorts build system, GitHub #1909
* FIX: webmin: Redirect back to the originating module index tab
when returning from actions, GitHub #1915
* FIX: webmin: Fix '-router' switch in Webmin atalkd module, GitHub #1943
* FIX: webmin: Fix a default value helptext string, GitHub #1946
* UPD: Add GPL v2 license grant to mysql CNID backend code, GitHub #1874
4.1.1
* NEW: meson: Introduce with-bdb-include-path override option, GitHub #1908
* FIX: meson: Restore prioritized Berkeley DB detection, GitHub #1877
Fixes a regression when building on Arch Linux.
* FIX: meson: Detect file command dynamically for NixOS, GitHub #1907
* FIX: meson: Remove libquota check that breaks NetBSD, GitHub #1900
* FIX: docs: Consolidate redundant CNID and encoding info, GitHub #1880
* FIX: afpd: Log an error when directory has invalid did, GitHub #1893
* FIX: macipgw: Don't crash when config file is missing, GitHub #1891
* FIX: macipgw: Disable default options in macipgw.conf, GitHub #1876
* UPD: macipgw: Print usage notes for the -f option, GitHub #1898
* FIX: Prevent a number of illegal null pointer calls, GitHub #1894
4.1.0
* NEW: afpd: Add native metadata storage for macOS hosts, GitHub #1813
* FIX: afpd: Do not report old AFP versions when AppleTalk support
is disabled, GitHub #1846
* REM: Remove 'start tracker' and 'start dbus' afp.conf options, GitHub #1848
* REM: Remove the running of AFP commands with root privileges, GitHub #1849
* FIX: libatalk: Loosen AppleDouble checks for macOS, GitHub #1829
* FIX: libatalk: Protect Netatalk metadata EA from tampering, GitHub #1855
* FIX: Refactor retreival of native FinderInfo EA on macOS hosts, GitHub #1858
* NEW: macipgw: Introduce a configuration file, GitHub #1852
* UPD: macipgw: Default port value for zip/ddp service, GitHub #1836
This should get the gateway working on musl systems (OpenWrt)
* FIX: afppasswd: Safe password string handling, GitHub #1845
* NEW: meson: Introduce with-kerberos-path option for custom dependency path,
which can be used for Heimdal compatibility, GitHub #1822
* UPD: meson: Define lockfiles through the Meson build system, GitHub #1850
Meson's with-lockfile-path now points to the lockfile root
* UPD: meson: Detect lib paths within Homebrew build system, GitHub #1833
* FIX: meson: Correctly detect bundled iconv on OpenWrt, GitHub #1857
* UPD: meson: Link papd with cups only when cups is enabled, GitHub #1862
* UPD: initscripts: Disable fork safety workaround for macOS, GitHub #1810
* UPD: initscripts: Start in non-forking mode with launchd, GitHub #1859
* UPD: docs: Correct atalkd.conf documentation, GitHub #1818
* FIX: docs: Fixes for spelling and grammar, GitHub #1856
* UPD: docs: Clarify the behavior of the -d option for daemons, GitHub #1861
* NEW: testsuite: Introduce -X option for running on big-endian systems,
specifically s309x, GitHub #1817
* FIX: testsuite: Cross-platform compatible file ID tests, GitHub #1826
* FIX: testsuite: Don't attempt unauthorized file renaming in Error tests,
GitHub #1828
* FIX: testsuite: Clean up after execution of encoding test, GitHub #1832
* FIX: testsuite: Free memory after running tests, GitHub #1866
* FIX: testsuite: Improve memory management in lantest, GitHub #1868
* UPD: Rename apple_dump script to addump, GitHub #1811
* UPD: webmin: Restructure index page into three tabs, GitHub #1785
* UPD: docker: Bump base image to Alpine 3.21, GitHub #1842
4.0.8
* UPD: Set resource max limit to 10240 on macOS, GitHub #1793
Compatibility with older macOS hosts such as 10.15 Catalina.
* UPD: meson: Allow building papd without CUPS, GitHub #1774
Activate the override with: -Dwith-cups=false
* UPD: meson: Favor openldap when building on macOS, GitHub #1792
Avoids linking with macOS LDAP.Framework by default.
* UPD: meson: Improved libquota detection on FreeBSD and NetBSD, GitHub #1805
* FIX: meson: DocBook detection stops at first hit, GitHub #1800
Detect xsl-stylesheets-nons with higher priority than xsl-stylesheets;
-Dwith-docbook-path is now a hard override
* UPD: docs: Clarify D-Bus and GLib dependencies in the Install chapter,
GitHub #1798 GitHub #1799
* FIX: docs: Document that DocBook XSL has to be non-namespaced, GitHub #1800
* FIX: testsuite: Retry logic for final cleanup step in test358, GitHub #1795
4.0.7
* FIX: Remove bitrotted code in the bstring library, GitHub #1769
This was a regression between netatalk 3.2 and 4.0.
* FIX: meson: Check for SunRPC function quota_open(), GitHub #1225
This should enable build with quota on *BSDs.
* FIX: meson: *BSD compatible libwrap check, GitHub #1770
* NEW: meson: Add option with-manual=man_only
which compiles and installs only troff pages, GitHub #1766
* NEW: meson: Option to specify path to perl runtime, GitHub #1776
* UPD: meson: Flip order of Berkeley DB version detection, GitHub #1771
A more recent version of dbd is now prioritized over older ones.
* FIX: meson: Don't attempt to detect shadow passwords
on *BSD and macOS, GitHub #1777
* FIX: meson: Configure dbus paths and config files only if dbus exists,
GitHub #1773
* FIX: meson: Don't define spooldir when building without papd, GitHub #1786
* UPD: meson: Generate appendix XML sources via with-manual=www
and allow custom manual install path with with-manual-install-path,
GitHub #1781
(This is useful primarily for project maintainers.)
* UPD: docs: Only compile and install appletalk documentation when
with-appletalk=true, GitHub #1753
* UPD: docs: Overhaul of man page Synopsis sections, GitHub #1765
* UPD: docs: Refer to CONTRIBUTORS hosted on netatalk.io in man pages,
GitHub #1767
4.0.6
* FIX: Workaround for bug in AppleShare Client 3.7.4, GitHub #1749
Only report support of AFP 2.2 and later to DSI (TCP) clients
which shaves several bytes off the server response
and lowers the chance of >512 byte FPGetSrvrInfo response.
* UPD: All AppleTalk daemons now take -v to print version info, GitHub #1745
* FIX: `ad find' can take any kind of string, not just lowercase, GitHub #1751
* UPD: meson: Default to no init scripts if service management command
not found, GitHub #1743
* FIX: Include config.h by relative path consistently (cleanup) GitHub #1746
* FIX: Remove duplicate header includes in MySQL CNID backend, GitHub #1748
* FIX: docs: Fix formatting of afppasswd man page, GitHub #1750
* FIX: webmin: Properly install netatalk-lib.pl, GitHub #1752
4.0.5
* UPD: Distribute pre-generated Unicode table sources, GitHub #1724
This reverts the previous change in v4.0.0 removing these sources.
We retain the ability to regenerate them on the fly,
if Unicode character database is found by the build system.
Built with UnicodeData.txt version 16.0.
This also removes hard Perl and Unicode dependencies.
* NEW: afpd: Fallback to new DSI icon when no icon defined, GitHub #1729
* FIX: atalkd: Don't send NBP Reply packets from the loopback interface,
addressing side effect in Linux kernel 6.9+ GitHub #1734
* FIX: docs: Strip out linebreak escapes in Compile appendix, GitHub #1733
* FIX: docs: Remove straggler afp_encodingtest.1 man page alias, GitHub #1728
* FIX: macipgw: On MACIP_ASSIGN, prepopulate the newly-assigned IP address
into the arp cache to avoid warning on Linux, GitHub #1727
* NEW: macipgw: Add command-line option to drop root privileges
after the server has been started, GitHub #1727
* FIX: macipgw: Fix argument handling in main() for aarch64 compatibility,
GitHub #1735
* FIX: webmin: Revert default dir detection to address
critical regression bug, GitHub #1736
* FIX: testsuite: Exit tests with the Exclude flag early, GitHub #1737
* FIX: testsuite: Longer sleep time after file operation in test358,
GitHub #1739
* FIX: testsuite: Make Utf8 tests big-endian safe, GitHub #1740
4.0.4
* FIX: Fix loss of FinderInfo on resource fork creation with
AppleDouble EA backend, GitHub #1702
* FIX: Remove remnants of obsoleted DEBUG compile time flag, GitHub #1696
- Fixes compile time error on MUSL systems when building with AppleTalk
- When building debug builds, the EBUG flag is now activated
- Print build type in the Meson summary
* FIX: meson: Detect rresvport() function in system libraries, GitHub #1697
- Local rresvport() code was previoulsy behind a broken MUSL flag
- Enables building with AppleTalk on OpenWrt
* FIX: meson: Fix build fail with -Dwith-spotlight=false, GitHub #1715
* FIX: docker: Explicitly launch the cupsd daemon on startup, GitHub #1707
* NEW: docs: Create manual page for `afptest' (testsuite) tools, GitHub #1695
* UPD: docs: Bring CONTRIBUTORS up to date, GitHub #1722
* UPD: testsuite: Consolidate afp_ls as a command in afparg, GitHub #1705
- Add `FPEnumerate dir' as an afparg command
- Remove `afp_ls' as a separate executable
* UPD: testsuite: Merge encoding test into spectest, GitHub #1716
- Add `Encoding' as a testset in the spectest
- Rewrite the `western' test to use Unicode for the same characters
- Remove `afp_encodingtest' as a separate executable
* UPD: testsuite: Collapse spectest into a single suite, GitHub #1713
The testsuite grouping have been removed, and all spectests
are in a single suite. The tier 2 tests are enabled with
the -c option. The sleep and readonly tests can be run with
the -f option.
* UPD: testsuite: Enable Color terminal output by default,
and flip the -C option, GitHub #1708
* UPD: testsuite: Print a test summary for the spectest, GitHub #1708
* UPD: testsuite: Treat `Not Tested' as a failure again, GitHub #1709
* FIX: testsuite: Use AFPopenLogin() for FPopenLoginExt() as bug workaround
to enable testing of AFP 3.x connections, GitHub #1709
* UPD: testsuite: Install test data for test431 into the datadir, GitHub #1712
* FIX: testsuite: Workarounds for MUSL system calls default permissions,
which enables the testsuite to run on Alpine Linux, GitHub #1682
* UPD: testsuite: Break down login testsuite into atomic tests, GitHub #1717
* UPD: testsuite: Use AFP 3.4 by default (previously: AFP 2.1), GitHub #1718
* UPD: testsuite: Use the Exclude flag to skip test that require setup,
previously used to skip known buggy tests, GitHub #1720
* FIX: testsuite: Improvements to test setup, cleanup, and early failure
4.0.3
* FIX: afpd: Limit FPGetSrvrInfo packet for AppleTalk clients, GitHub #1661
This prevents errors with very old clients
when many AFP options are enabled.
* FIX: Fix EOF error reporting in dsi_stream_read(), GitHub #1631
This should prevent warnings such as:
`dsi_stream_read: len:0, unexpected EOF'
* FIX: Fix regression when accessing the afpd UUID, GitHub #1679
Resolves an error when running the `ad' utilities.
* FIX: meson: Fix indexer path detection on meson 1.6, GitHub #1672
* FIX: meson: Fix PAM config directory detection, GitHub #1678
* FIX: meson: Shore up Unicode char table script error handling and detection,
GitHub #1692
* FIX: initscripts: Remove redundant nbpunrgstr cleanup
in atalkd systemd config, GitHub #1660
* NEW: docker: Containerized testsuite, GitHub #1649
* UPD: docker: Register the conventional NBP entities when starting up,
GitHub #1653
* UPD: docker: Remove file/dir perm settings that were causing problems
* FIX: testsuite: Treat NOT TESTED spectest result as non-failure,
GitHub #1663
* FIX: testsuite: Don't treat initial spectest.sh run as a failure,
GitHub #1664
* UPD: testsuite: Reduce default log verbosity for better test reports,
introducing two verbosity levels (-v, -V), GitHub #1665
* UPD: testsuite: Reposition the Exclude option (-x)
to flag known failures with Netatalk 4.0
* UPD: testsuite: Install all test runners and utils, GitHub #1675
* FIX: testsuite: Link test executables with -rdynamic
to allow sole test case runs with -f, GitHub #1690
* UPD: testsuite: Consolidate spectest into a single binary, GitHub #1693
4.0.2
* NEW: Bring back Classic Mac OS `legacy icon' option, GitHub #1622
* UPD: Spotlight: Support TinySPARQL/LocalSearch, GitHub #1078
* FIX: ad: Fix volume check for the AppleDouble toolsuite, GitHub #1605
Check was failing if the `ea = ad' option was set.
* FIX: meson: Refactor Berkley DB detection for robustness, GitHub #1604
* UPD: meson: Add localstatedir override option, GitHub #1608
* UPD: meson: Make the print spool dir FHS compliant, GitHub #1608
* UPD: docs: Improve Upgrade chapter, GitHub #1609
* UPD: docker: Use multistage build to optimize image size, GitHub #1620
* FIX: afpd: Cleanup unused, broken AFP over ASP code #1612
* FIX: papd: Correct PAPStatus string copy buffer length, GitHub #1576
* UPD: Make last CNID backend writable when built for tests, GitHub #1623
This unblocks the integration tests that concern writing.
* NEW: Bundle and improve the afptest test suite, GitHub #1633
Build with the new `-Dwith-testsuite' option.
* FIX: webmin: Make AppleTalk service control functional, GitHub #1636
4.0.1
* UPD: Update license grant to reflect the retroactive rescission
of U.C Berkeley clause 3, GitHub #1567
* FIX: meson: Don't always build AppleTalk utils with RPATH, GitHub #1568
* FIX: docs: Build the macipgw html manual page, GitHub #1569
* FIX: Explicitly import headers to appease gcc on Debian Sid, GitHub #1571
* UPD: docs: Install static redirect man pages for nbp tools, GitHub #1575
* FIX: meson: Missing xsltproc and docbook-xsl treated
as non-fatal error, GitHub #1581
* UPD: docker: Build with optimizations, without debug symbols, GitHub #1584
* UPD: meson: In summary, list Webmin module under
a new Add-ons section, GitHub #1586
* UPD: initscripts: Use launchctl bootstrap and
enable directives for installing on macOS, GitHub #1583
* REM: Remove obsoleted netatalk-config script, GitHub #1587
* FIX: Change u_char data types to the portable uint8_t, GitHub #1590
* FIX: meson: Detect native Avahi before mDNS, GitHub #1591
* UPD: initscripts: Remove the redundant systemd Also directive, GitHub #1593
* UPD: docs: Flesh out the compile appendix
and break down start steps, GitHub #1595
* FIX: Fix seg fault in ad set utility
when not in a netatalk volume, GitHub #1597
* UPD: Update ad manual page to cover 'ad set' utility, GitHub #1599
4.0.0
* NEW: Reintroduce AppleTalk / DDP support, GitHub #220
Controlled with the new build system option `-Dwith-appletalk'.
Revived daemons: atalkd, papd, timelord, a2boot
Revived config files: atalkd.conf, papd.conf
Revived utilities: aecho, getzones, nbplkup, nbprgstr, nbpunrgstr, pap,
papstatus
* NEW: Bundle macipgw, the MacIP Gateway daemon by Stefan Bethke, GitHub #1204
* UPD: uams: All encrypted UAMs depend on Libgcrypt now, GitHub #1488, #1506
This means we remove the bundled wolfSSL library.
A big thanks to the wolfSSL team for all their support!
* FIX: uams: Remove unhelpful Libgcrypt version check, GitHub #1550
* REM: Remove the obsoleted PGP UAM, GitHub #1507
* NEW: Bundle, configure and install the Webmin module, GitHub #518
Controlled with the new build system option `-Dwith-webmin'.
* UPD: Migrate afpstats from dbus-glib to GDBus, GitHub #666
Special thanks to Simon McVittie for his help!
* BREAKING: Remove canned troff man pages from distribution, GitHub #460
The build system now generates them on the fly.
Introduces a build time dependency on DocBook XSL and xsltproc.
* BREAKING: Remove generated Unicode conversion tables, GitHub #1220
Introduces a build time dependency on the UnicodeData.txt database.
* UPD: Detect host OS home dir and configure afp.conf on the fly, GitHub #1274
* UPD: meson: Autodetect init style for host OS, #1124
* UPD: meson: Allow building with multiple init styles, GitHub #1291
* NEW: meson: Introduce `-Dwith-readmes' option for installing additional docs.
GitHub #1310
* REM: Remove the Autotools build system. Meson is now the only choice.
GitHub #1213
3.2.10
* BREAKING: Install netatalk-dbus.conf into datadir by default, GitHub #1533
Previously: sysconfdir. This can be overridden by the build system.
* FIX: uams: Correct shadow password length check for ClearTxt, GitHub #1528
* FIX: cnid_dbd: Set explicit max length of db_params to prevent potential
buffer overflow, GitHub #694
* FIX: meson: Debugging was enabled by default causing tickles
to not be sent out, GitHub #1514
* FIX: meson: Format afpd help text output to match autotools, GitHub #1499
* FIX: meson: Throw missing cracklib dictionary warning, GitHub #1495
* FIX: meson: Use a valid code sample for the TCP Wrappers check, GitHub #1491
3.2.9
* UPD: Use the recommended command to import Solaris init manifest,
GitHub #1451
* FIX: uams: Make sure the DHX2 client nonce is aligned appropriately,
GitHub #1456
* FIX: uams: Fix DHCAST128 key alignment problem, GitHub #1464
* FIX: wolfssl: OpenSSL coexistence tweaks, GitHub #1469
* FIX: docs: Remove straggler path substitution in afp.conf, GitHub #1480
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit ed4e0718dbc7dc6448d50a81845ce9308b665058
Author: Adolf Belka <adolf.belka@ipfire.org>
Date: Sun Jun 22 20:21:53 2025 +0200
core196: Ship sudo
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit d741cf944e3127d31fb4adcdccf7d4ac18596682
Author: Adolf Belka <adolf.belka@ipfire.org>
Date: Sun Jun 22 20:21:41 2025 +0200
sudo: Update to version 1.9.17
- Update from version 1.9.16p2 to 1.9.17
- Removed --with-ignore-dot as the setting is now on bt default. The --with-ignore-dot
configure option has been deprecated so will eventually be removed. Therefore good
to remove it now in preparation for the future.
- Update of rootfile
- Changelog
1.9.17
Sudo now uses the NODEV macro consistently. Bug #1074.
Fixed a bug where the ALL command in a sudoers rule would override a
previous NOSETENV tag. Command tags are inherited from previous Cmnds in
a Cmnd_Spec_List. There is a special case for the SETENV tag with the ALL
command, where SETENV is implied if no explicit SETENV or NOSETENV tag is
specified. This special case did not take into account that a NOSETENV
tag that was inherited should override this behavior.
If sudo is run via ssh without a terminal and a password is required, it
now suggest using ssh’s -t option.
Fixed the display of timeout values in the sudo -V output on systems
without a C99-compliant snprintf() function.
Quieted a number of minor Coverity warnings.
Fixed a problem running sudo from a serial console on Linux when the
command is run in a pseudo-terminal (the default).
Fixed a crash in sudo which could occur if there was a fatal error after
the user was validated but before the command was actually run.
Fixed a number of man page style warnings. The “lint” make target in the
docs directory will now run groff with warnings enabled if it is
available. Bug #1075.
The ignore_dot sudoers setting is now on by default. There is now a
--disable-ignore-dot configure option to disable it. The --with-ignore-dot
configure option has been deprecated.
Fixed a problem with the pwfeedback option where an initial backspace
would reduce the maximum length allowed for the password. GitHub issue #439.
Fixed minor grammar and spelling problems in the man pages.
Fixed a bug where a user could avoid entering a password for sudo -l
command if they specified their own user or group name via the -u or -g
options.
Avoid potential password guessing based on timing attacks on the strcmp()
function on systems without PAM or a crypt() function where plaintext
passwords are stored in the shadow password file.
Fixed a potential information leak where sudo -l command could be used to
determine whether an executable exists in a directory that they do not
have search access to.
Sudo uses TCSAFLUSH, not TCSADRAIN, when disabling echo once again. A long
time ago sudo changed from using TCSAFLUSH to TCSADRAIN due to some
systems having bugs related to TCSAFLUSH. That should no longer be a
concern. Using TCSAFLUSH ensures that password input that has been
received by the kernel, but not yet read by sudo, will be discarded and
not echoed.
Added the SUDO_TTY environment variable if the user has a terminal. This
can be used to find the user’s original tty device when sudo runs the
command in its own pseudo-terminal. GitHub issue #447.
New Cantonese translation for sudo.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit ea70c5fee2f248c2fe999c5fdd3559bc221b81ab
Author: Adolf Belka <adolf.belka@ipfire.org>
Date: Sun Jun 22 14:28:01 2025 +0200
pixman: Update to version 0.46.2
- Update from version 0.46.0 to 0.46.2
- Update of rootfile
- Changelog
0.46.2
region: add translatef function for fractional regions
region: add contains_pointf function for fractional regions
ci: Disable OpenMP for Windows targets
Revert "ci: Allow failures in windows-amd64 jobs"
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit 9fa89ee6fbd4935b43d921766bce6e085c558677
Author: Adolf Belka <adolf.belka@ipfire.org>
Date: Sun Jun 22 14:28:00 2025 +0200
libxml2: Update to version 2.14.4
- Update from 2,14.3 to 2.14.4
- Update of rootfile
- Changelog
2.14.4
Regressions
- parser: Fix parsing of PublicIds and VersionNums
- parser: Fix custom SAX parsers without cdataBlock handler
- error: Fix initGenericErrorDefaultFunc compatibility macro again
- io: Make xmlOutputBufferCreate* not free encoder on error
- reader: Fix null deref on malloc failure
- Revert "meson: Install libxml2.py"
Security
- tree: Fix integer overflow in xmlBuildQName
Improvements
- parser: Use parser context as default in resource loader
- parser: Only validate EnumerationTypes when requested
- parser: Undeprecate some parser context members
Build systems
- cmake: Avoid overlinking with non-CMake libxml2-config.cmake
- cmake: Make iconv a private dependency
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit b9a324bf067450f3cd4d4d9a291f80ee55f33c26
Author: Adolf Belka <adolf.belka@ipfire.org>
Date: Sun Jun 22 14:27:59 2025 +0200
git: Update to version 2.50.0
- Update from version 2.49.0 to 2.50.0
- Update of rootfile
- Changelog
2.50.0
UI, Workflows & Features
* A post-processing filter for "diff --raw" output has been
introduced.
* "git repack" learned "--combine-cruft-below-size" option that
controls how cruft-packs are combined.
* TCP keepalive behaviour on http transports can now be configured by
calling cURL library.
* Incrementally updating multi-pack index files.
* "git reflog" learns "drop" subcommand, that discards the entire
reflog data for a ref.
* A new userdiff driver for ".ini" format configuration files has
been added.
* The job to coalesce loose objects into packfiles in "git
maintenance" now has configurable batch size.
* "git clone" still gave the message about the default branch name;
this message has been turned into an advice message that can be
turned off.
* "git rev-list" learns machine-parsable output format that delimits
each field with NUL.
* "git maintenance" learns a new task to expire reflog entries.
* Auth-related (and unrelated) error handling in send-email has been
made more robust.
* Updating multiple references have only been possible in an all-or-nothing
fashion with transactions, but it can be more efficient to batch
multiple updates even when some of them are allowed to fail in a
best-effort manner. A new "best effort batches of updates" mode
has been introduced.
* "git help --build-options" reports SHA-1 and SHA-256 backends used
in the build.
* "git cat-file --batch" and friends learned to allow "--filter=" to
omit certain objects, just like the transport layer does.
* "git blame --porcelain" mode now talks about unblamable lines and
lines that are blamed to an ignored commit.
* The build procedure installs bash (but not zsh) completion script.
* send-email has been updated to work better with Outlook's SMTP server.
* "git diff --minimal" used to give non-minimal output when its
optimization kicked in, which has been disabled.
* "git index-pack --fix-thin" used to abort to prevent a cycle in
delta chains from forming in a corner case even when there is no
such cycle.
* Make repository clean-up tasks that "gc" can do available to "git
maintenance" front-end.
* Bundle-URI feature did not use refs recorded in the bundle other
than normal branches as anchoring points to optimize the follow-up
fetch during "git clone"; now it is told to utilize all.
* The `send-email` documentation has been updated with OAuth2.0
related examples.
* Two of the "scalar" subcommands that add a repository that hasn't
been under "scalar"'s control are taught an option not to enable the
scheduled maintenance on it.
* The userdiff pattern for shell scripts has been updated to cope
with more bash-isms.
* "git merge-tree" learned an option to see if it resolves cleanly
without actually creating a result.
* The commit title in the "rebase -i" todo file are now prefixed with
'#', just like a merge commit being replayed.
* "git receive-pack" optionally learns not to care about connectivity
check, which can be useful when the repository arranges to ensure
connectivity by some other means.
* "git notes --help" documentation updates.
Performance, Internal Implementation, Development Support etc.
* A handful of built-in command implementations have been rewritten
to use the repository instance supplied by git.c:run_builtin(), its
caller.
* "git fsck" becomes more careful when checking the refs.
* "git fast-export | git fast-import" learns to deal with commit and
tag objects with embedded signatures a bit better. This is highly
experimental and the format of the data stream may change in the
future without compatibility guarantees.
* The code paths to check whether a refname X is available (by seeing
if another ref X/Y exists, etc.) have been optimized.
* First step of deprecating and removing merge-recursive.
* In protocol v2 where the refs advertisement is constrained, we try
to tell the server side not to limit the advertisement when there
is no specific need to, which has been the source of confusion and
recent bugs. Revamp the logic to simplify.
* Update meson based build procedure for breaking changes support.
* Enable -Wunreachable-code for developer builds.
* Ensure what we write in assert() does not have side effects,
and introduce ASSERT() macro to mark those that cannot be
mechanically checked for lack of side effects.
* Give more meaningful error return values from block writer layer of
the reftable ref-API backend.
* Make the code in reftable library less reliant on the service
routines it used to borrow from Git proper, to make it easier to
use by external users of the library.
* CI update.
* The object layer has been updated to take an explicit repository
instance as a parameter in more code paths.
* Some warnings from "-Wsign-compare" for builtin/rm.c have been
squelched.
* A few traditional unit tests have been rewritten to use the clar
framework.
* Some warnings from "-Wsign-compare" for pathspec.c have been
squelched.
* "make test" used to have a hard dependency on (basic) Perl; tests
have been rewritten help environment with NO_PERL test the build as
much as possible.
* Remove remnants of the recursive merge strategy backend, which was
superseded by the ort merge strategy.
* Optimize the code to dedup references recorded in a bundle file.
* Update parse-options API to catch mistakes to pass address of an
integral variable of a wrong type/size.
* Since a call to repo_config() can be called with repo set to NULL
these days, a command that is marked as RUN_SETUP in the builtin
command table does not have to check repo with NULL before making
the call.
* Overhaul of the reftable API.
* Reduce requirement for Perl in our documentation build and a few
scripts.
* The build procedure based on Meson learned to drive the
benchmarking tests.
* Code clean-up for meson-based build infrastructure.
* Add an equivalent to "make hdr-check" target to meson based builds.
* Further code clean-up in the object-store layer.
* Build performance fix.
* Teach "git send-email" to also consult `hostname -f` for mail
domain to compute the identity given to SMTP servers.
* The dependency on the_repository variable has been reduced from the
code paths in "git replay".
* Support to create a loose object file with unknown object type has
been dropped.
* The code path to access the "packed-refs" file while "fsck" is
taught to mmap the file, instead of reading the whole file into
memory.
* Assorted fixes for issues found with CodeQL.
* Remove the leftover hints to the test framework to mark tests that
do not pass the leak checker tests, as they should no longer be
needed.
* When a stale .midx file refers to .pack files that no longer exist,
we ended up checking for these non-existent files repeatedly, which
has been optimized by memoizing the non-existence.
* Build settings have been improved for BSD based systems.
* Newer version of libcURL detected curl_easy_setopt() calls we made
with platform-natural "int" when we should have used "long", which
all have been corrected.
* Tests that compare $HOME and $(pwd), which should be the same
directory unless the tests chdir's around, would fail when the user
enters the test directory via symbolic links, which has been
corrected.
Bugfixes
* The refname exclusion logic in the packed-ref backend has been
broken for some time, which confused upload-pack to advertise
different set of refs. This has been corrected.
(merge 10e8a9352b tb/refs-exclude-fixes later to maint).
* The merge-recursive and merge-ort machinery crashed in corner cases
when certain renames are involved.
(merge 3adba40858 en/merge-process-renames-crash-fix later to maint).
* Certain "cruft" objects would have never been refreshed when there
are multiple cruft packs in the repository, which has been
corrected.
(merge 08f612ba70 tb/multi-cruft-pack-refresh-fix later to maint).
* The xdiff code on 32-bit platform misbehaved when an insanely large
context size is given, which has been corrected.
(merge d39e28e68c rs/xdiff-context-length-fix later to maint).
* GitHub Actions CI switched on a CI/CD variable that does not exist
when choosing what packages to install etc., which has been
corrected.
(merge ee89f7c79d kn/ci-meson-check-build-docs-fix later to maint).
* Using "git name-rev --stdin" as an example, improve the framework to
prepare tests to pretend to be in the future where the breaking
changes have already happened.
(merge de3dec1187 jc/name-rev-stdin later to maint).
* An earlier code refactoring of the hash machinery missed a few
required calls to init_fn.
(merge d39f04b638 jh/hash-init-fixes later to maint).
* A documentation page was left out from formatting and installation,
which has been corrected.
(merge ae85116f18 pw/build-breaking-changes-doc later to maint).
* The bash command line completion script (in contrib/) has been
updated to cope with remote repository nicknames with slashes in
them.
(merge 778d2f1760 dm/completion-remote-names-fix later to maint).
* "Dubious ownership" checks on Windows has been tightened up.
(merge 5bb88e89ef js/mingw-admins-are-special later to maint).
* Layout configuration in vimdiff backend didn't work as advertised,
which has been corrected.
(merge 93bab2d04b fr/vimdiff-layout-fixes later to maint).
* Fix our use of zlib corner cases.
(merge 1cb2f293f5 jk/zlib-inflate-fixes later to maint).
* Fix lockfile contention in reftable code on Windows.
(merge 0a3dceabf1 ps/mingw-creat-excl-fix later to maint).
* "git-merge-file" documentation source, which has lines that look
like conflict markers, lacked custom conflict marker size defined,
which has been corrected..
(merge d3b5832381 pw/custom-conflict-marker-size-for-merge-related-docs
later to maint).
* Squelch false-positive from sparse.
(merge da87b58014 dd/sparse-glibc-workaround later to maint).
* Adjust to the deprecation of use of Ubuntu 20.04 GitHub Actions CI.
(merge 832d9f6d0b js/ci-github-update-ubuntu later to maint).
* Work around CI breakage due to fedora base image getting updated.
(merge 8a471a663b js/ci-fedora-gawk later to maint).
* A ref transaction corner case fix.
(merge b9fadeead7 jt/ref-transaction-abort-fix later to maint).
* Random build fixes.
(merge 85e1d6819f ps/misc-build-fixes later to maint).
* "git fetch [<remote>]" with only the configured fetch refspec
should be the only thing to update refs/remotes/<remote>/HEAD,
but the code was overly eager to do so in other cases.
* Incorrect sorting of refs with bytes with high-bit set on platforms
with signed char led to a BUG, which has been corrected.
* "make perf" fixes.
(merge 1665f12fa0 pb/perf-test-fixes later to maint).
* Doc mark-up updates.
(merge 5a5565ec44 ja/doc-reset-mv-rm-markup-updates later to maint).
* Work around false positive from CodeQL checker.
(merge 0f558141ed js/range-check-codeql-workaround later to maint).
* "git log --{left,right}-only A...B", when A and B does not share
any common ancestor, now behaves as expected.
(merge e7ef4be7c2 mh/left-right-limited later to maint).
* Document the convention to disable hooks altogether by setting the
hooksPath configuration variable to /dev/null.
(merge 1b2eee94f1 ds/doc-disable-hooks later to maint).
* Make sure outage of third-party sites that supply P4, Git-LFS, and
JGit we use for testing would not prevent our CI jobs from running
at all.
* Various build tweaks, including CSPRNG selection on some platforms.
(merge cdda67de03 rj/build-tweaks later to maint).
* Developer support fix..
(merge 32b74b9809 js/git-perf-env-override later to maint).
* Fix for scheduled maintenance tasks on platforms using launchctl.
(merge eb2d7beb0e jh/gc-launchctl-schedule-fix later to maint).
* Update to arm64 Windows port (part of which had been reverted as it
broke builds for existing platforms, which may need to be redone in
future releases).
* hashmap API clean-up to ensure hashmap_clear() leaves a cleared map
in a reusable state.
(merge 9481877de3 en/hashmap-clear-fix later to maint).
* "git mv a a/b dst" would ask to move the directory 'a' itself, as
well as its contents, in a single destination directory, which is
a contradicting request that is impossible to satisfy. This case is
now detected and the command errors out.
(merge 974f0d4664 ps/mv-contradiction-fix later to maint).
* Further refinement on CI messages when an optional external
software is unavailable (e.g. due to third-party service outage).
(merge 956acbefbd jc/ci-skip-unavailable-external-software later to maint).
* Test result aggregation did not work in Meson based CI jobs.
(merge bd38ed5be1 ps/ci-test-aggreg-fix-for-meson later to maint).
* Code clean-up around stale CI elements and building with Visual Studio.
(merge a7b060f67f js/ci-buildsystems-cleanup later to maint).
* "git add 'f?o'" did not add 'foo' if 'f?o', an unusual pathname,
also existed on the working tree, which has been corrected.
(merge ec727e189c kj/glob-path-with-special-char later to maint).
* The fallback implementation of open_nofollow() depended on
open("symlink", O_NOFOLLOW) to set errno to ELOOP, but a few BSD
derived systems use different errno, which has been worked around.
(merge f47bcc3413 cf/wrapper-bsd-eloop later to maint).
* Use-after-free fix in the sequencer.
(merge 5dbaec628d pw/sequencer-reflog-use-after-free later to maint).
* win+Meson CI pipeline, unlike other pipelines for Windows,
used to build artifacts in developer mode, which has been changed to
build them in release mode for consistency.
(merge 184abdcf05 js/ci-build-win-in-release-mode later to maint).
* CI settings at GitLab has been updated to run MSVC based Meson job
automatically (as opposed to be done only upon manual request).
(merge 6389579b2f ps/ci-gitlab-enable-msvc-meson-job later to maint).
* "git apply" and "git add -i/-p" code paths no longer unnecessarily
expand sparse-index while working.
(merge ecf9ba20e3 ds/sparse-apply-add-p later to maint).
* Avoid adding directory path to a sparse-index tree entries to the
name-hash, since they would bloat the hashtable without anybody
querying for them. This was done already for a single threaded
part of the code, but now the multi-threaded code also does the
same.
(merge 2e60aabc75 am/sparse-index-name-hash-fix later to maint).
* Recent versions of Perl started warning against "! A =~ /pattern/"
which does not negate the result of the matching. As it turns out
that the problematic function is not even called, it was removed.
(merge 67cae845d2 op/cvsserver-perl-warning later to maint).
* "git apply --index/--cached" when applying a deletion patch in
reverse failed to give the mode bits of the path "removed" by the
patch to the file it creates, which has been corrected.
* "git verify-refs" errored out in a repository in which
linked worktrees were prepared with Git 2.43 or lower.
(merge d5b3c38b8a sj/ref-contents-check-fix later to maint).
* Update total_ram() function on BSD variants.
* Update online_cpus() function on BSD variants.
* Revert a botched bswap.h change that broke ntohll() functions on
big-endian systems with __builtin_bswap32/64().
* Fixes for GitHub Actions Coverity job.
(merge 3cc4fc1ebd js/github-ci-win-coverity-fix later to maint).
* Other code cleanup, docfix, build fix, etc.
(merge 227c4f33a0 ja/doc-block-delimiter-markup-fix later to maint).
(merge 2bfd3b3685 ab/decorate-code-cleanup later to maint).
(merge 5337daddc7 am/dir-dedup-decl-of-repository later to maint).
(merge 554051d691 en/diff-rename-follow-fix later to maint).
(merge a18c18b470 en/random-cleanups later to maint).
(merge 5af21c9acb hj/doc-rev-list-ancestry-fix later to maint).
(merge 26d76ca284 aj/doc-restore-p-update later to maint).
(merge 2c0dcb9754 cc/lop-remote later to maint).
(merge 7b399322a2 ja/doc-branch-markup later to maint).
(merge ee434e1807 pw/doc-pack-refs-markup-fix later to maint).
(merge c000918eb7 tb/bitamp-typofix later to maint).
(merge fa8cd29676 js/imap-send-peer-cert-verify later to maint).
(merge 98b423bc1c rs/clear-commit-marks-simplify later to maint).
(merge 133d065dd6 ta/bulk-checkin-signed-compare-false-warning-fix later to
maint).
(merge d2827dc31e es/meson-build-skip-coccinelle later to maint).
(merge ee8edb7156 dk/vimdiff-doc-fix later to maint).
(merge 107d889303 md/t1403-path-is-file later to maint).
(merge abd4192b07 js/comma-semicolon-confusion later to maint).
(merge 27b7264206 ab/environment-clean-header later to maint).
(merge ff4a749354 as/typofix-in-env-h-header later to maint).
(merge 86eef3541e az/tighten-string-array-constness later to maint).
(merge 25292c301d lo/remove-log-reencode-from-rev-info later to maint).
(merge 1aa50636fd jk/p5332-testfix later to maint).
(merge 42cf4ac552 ps/ci-resurrect-p4-on-github later to maint).
(merge 104add8368 js/diff-codeql-false-positive-workaround later to maint).
(merge f62977b93c en/get-tree-entry-doc later to maint).
(merge e5dd0a05ed ly/am-split-stgit-leakfix later to maint).
(merge bac220e154 rc/t1001-test-path-is-file later to maint).
(merge 91db6c735d ly/reftable-writer-leakfix later to maint).
(merge 20e4e9ad0b jc/doc-synopsis-option-markup later to maint).
(merge cddcee7f64 es/meson-configure-build-options-fix later to maint).
(merge cea9f55f00 wk/sparse-checkout-doc-fix later to maint).
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit fecdaf9c85bf91e63ce2629ed2bd4fbb770d8af4
Author: Adolf Belka <adolf.belka@ipfire.org>
Date: Sun Jun 22 14:27:58 2025 +0200
fetchmail: Update to version 6.5.4
- Update from version 6.5.3 to 6.5.4
- Update of rootfile not required
- Changelog
6.5.4
BUGFIXES:
* socket: avoid crash when writing to a socket without SSL/TLS fails.
Reported by Andrea Venturoli via mailing list, fixes #71.
* wolfSSL support: avoid fetchmail.c compilation failure in certain
configurations of wolfSSL (for instance, on FreeBSD's wolfssl-5.8.0_1
package), OpenSSL_version enables a newer 1.1.x compat API that passes its
argument to a wolfSSL API, with OPENSSL_DIR and OPENSSL_ENGINES_DIR, causing
related compiler failures.
See <https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=287435>.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit 9c992d52903d7610a6e50046f771f23bd95c35f2
Author: Michael Tremer <michael.tremer@ipfire.org>
Date: Fri Jun 20 13:58:56 2025 +0000
core196: Ship PAM
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit 2116a336a5022f260dd9f7368b5007d9439eb2aa
Author: Adolf Belka <adolf.belka@ipfire.org>
Date: Fri Jun 20 15:57:07 2025 +0200
pam: Update to version 1.7.1
- Update from version 1.7.0 to 1.7.1
- Update of rootfile not required
- This version fixes a CVE. However this is for a local to root permission escalation. So
unlikely to be an issue for IPFire if access is tightly controlled. Also the
vulnerability is related to pam_access and requires the configuration file for that
to be defined with user rules that can be confused with hostnames. pam_access.so is
installed on IPFire but no configuration file.
- Although the risk for IPFire is very low it makes sense to update to the fix.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit 733c3728a2877a58a46aa6335698bbdb88d02291
Author: Adolf Belka <adolf.belka@ipfire.org>
Date: Fri Jun 20 12:29:09 2025 +0200
core196: Ship collectd
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit 8ec17e164807e5232c880b55527412dd83e3cd1a
Author: Adolf Belka <adolf.belka@ipfire.org>
Date: Fri Jun 20 12:29:08 2025 +0200
nut: Update to version 2.8.3
- Update from version 2.8.2 to 2.8.3
- Update of rootfile
- This update has an sobump and this requires collectd to be shipped. Another patch will
be submitted for that together with this one.
- Changelog
2.8.3
- Fix fallout of development in NUT v2.8.0 and/or v2.8.1 and/or v2.8.2:
* Move of `NUT_DEBUG_LEVEL` and "-D" CLI option handling to start of
driver programs for issue #2259 in NUT v2.8.2 release misfired with
regard to data-dump mode (it no longer caused foreground by default).
[#2408]
* The `nut-driver-enumerator.sh` improvements misfired in v2.8.2 release
with an overlooked bit of shell syntax, and caused `nut-driver@upsname`
instances to not auto-restart when `ups.conf` is edited. [#682, #2410]
* Addition of "NUT Simulated devices" support to `nut-scanner` in v2.8.2
broke detection of (in-)ability to find and query "Old NUT" servers via
`libupsclient.so` (internal flag got always enabled). [#2246]
* A fix for `upsmon` v2.8.1 setting of `OFFDURATION` [PR #2108, issue #2104,
revisiting PR #2055, issue #2044] was overly zealous and impacted also
the `OB` state in cases where communications to the data server were
severed and `DEADTIME` setting was not honored. [PR #2462, issue #2454]
* Using `drivername -c reload` (e.g. facilitated by `nut-driver-enumerator`
script and service when editing `ups.conf`) led to disconnected Unix
sockets and a tight polling loop that hogged CPU. While the underlying
bug is ancient, it took recent development to hit it as a practical
regression. [issue #1904, issue #2484]
* Fallback `localtime_r()` and `gmtime_r()` for some platform builds where
a `*_s()` variant was available was not handled correctly. [PR #2583]
* A recently introduced `allow_killpower` did not actually work as an
`ups.conf` flag (only as a protocol command). [issue #2605, PR #2606]
* The ability of two copies of the driver program to talk to each other
with `upsdrvquery.c` code was not complete for the case of indefinite
`select()` wait timeout. Now `upsdrvquery_read_timeout()` fixed private
use of `struct timeval={-1,-1}` as a trigger to `select(..., NULL)`,
as logged in one part of code and not handled in the other, for the
indefinite wait [#1922, #2392, #2686, #2670]
* The `disable_fix_report_desc` option introduced for `usbhid-ups` driver
since NUT v2.8.1 was not applied for early dialog with the device while
its report descriptors were being discovered. Now this flag, as well as
`interruptsize` and `interruptonly`, are considered before we first try
to open the USB device handle. [#1575, #1512]
* In `cps_fix_report_desc()` we intended to fix-up input and output voltages
in certain cases against high voltage transfer, we only fixed-up one of
them. [#1245]
* `upsd` should now handle `TRACKING` value of `STAT_CONVERSION_FAILED`
introduced in NUT v2.8.2 for the socket protocol (between driver and
data server), by returning "ERR INVALID-ARGUMENT", so there is no change
for the network protocol definition. [#2182]
* The `configure --enable-inplace-runtime` option added in NUT v2.8.1 should
now also try to detect and set default values for the `--with-drvpath`,
`--with-cgipath`, `--datadir` and `--libdir` options to more closely match
a packaged setup and avoid confusion with e.g. two incompatible NUT client
libraries in system default search path. [#2895]
- Large parts of the NUT User Manual and NUT Developer Guide were relocated
into the new NUT Quality Assurance and Build Automation Guide (maintained
in `docs/qa-guide.adoc`), accompanied by new chapters written and detailed
for this subject; the chapter about `ci_build.sh` script became a separate
`ci_build.adoc` document included into the new document. Overall, this guide
intended to help the current and future maintainers of NUT itself, as well
as to inspire any other projects that investigate similar solutions. [#2832]
- SEMVER, know thyself!
* Development iterations of NUT should now identify with not only the
semantic version of a preceding release, but with git-derived information
about the amount of iterations that followed (if available):
the three-number "semver" would be seen on release snapshots, while
other builds would expose the added components: one with the amount
of commits on the main development trunk since the preceding release
which are ancestors of the built code base, and in case of feature
development branches -- another component with the amount of commits
unique to this branch (which are not part of the development trunk yet).
This allows to produce more relevant (monotonously growing) version
identifiers for packages and similar artifacts, with more meaningful
upgrades via development snapshots, eventually. A copy of the current
version information would be embedded into "dist" archives as a
`VERSION_DEFAULT` file, among provisions for packager tuning. [#1949]
* Documentation about this would be maintained in `docs/nut-versioning.adoc`
* SMF manifests and systemd units now refer to man pages and their online
variants under `NUT_WEBSITE_BASE` dependent on codebase maturity
(development or release snapshot); many programs now display such
references in their command-line usage help, method `suggest_doc_links()`
was introduced for this purpose. [issue #722, PR #2733]
- A technologically and practically interesting revamp of NUT mesh of
https://www.gnu.org/software/automake/ GNU Automake (`Makefile.am`)
recipes was completed, allowing for a more parallelizable build routine
on multi-CPU machines -- utilizing more cores and completing in less
"wall-clock" time that the standard `SUBDIRS` driven approach -- when
running `make -j (N)` from the project root directory to build everything
enabled by the `configure` script.
This was tested with several (GNU, BSD, Sun) implementations of the
"make" program on the few dozen platforms that NUT CI farm tests on.
Notably, GNU make 4.x and newer seems to process parallel high-level
goals and sub-`make` runs better than the competition (including GNU
make 3.x).
It is not a radical rewrite like some other research suggested, and so retains
the general structure and certain benefits and flexibility of that standard
`automake` approach, including developer build workflows with a bespoke
`Makefile` in every significant directory. This also retains (and builds
upon) the benefits of older work done in NUT, for builds in one directory
to depend on libraries and other artifacts built (once) in another.
Overall, NUT CI farm build times got 25%+ shorter (which is important as
some scenarios had hit the 1-hour timeout imposed by providers of free
CI hosting coupled with the weak machines provided in their free layer),
and we suppose this is an interesting case for other projects to draw
inspiration from for their recipe refactoring. [PR #2825]
- As an aid for developers and maintainers, a new spell-checking recipe was
added to first run non-interactive spelling checks in parallel, and *only*
if something fails -- run an interactive check to edit the text and/or the
dictionary file. The `make spellcheck` rule now also benefits from the
rewritten recipes, as detailed above, to visit directories with text files
in parallel. Overall, these changes may save time on multi-CPU systems, if
compared to a sequential walk of all texts (or their directories) as was
done before. [#2871]
- The `make dist` goal now takes more care to require availability of the man
pages to put into the prepared distribution archive. These may come either
from the current build, or inherited from its sources (if using a tarball
initially) on a platform without tooling required for man page generation.
This requirement compromises usability of `make distcheck` on platforms without
such tools from sources without pre-built man pages (e.g. builds from git),
so a couple of new goals were introduced in PR #2842:
- `make distcheck-fake-man` generates placeholder files named like pre-built
man pages for any missing files, just for the purpose of constructing
a sane-looking dist archive to `distcheck` strictly otherwise;
- `make distcheck-ci` is routed to `distcheck` or `distcheck-fake-man`
based on build circumstances (ability to build man pages or presence
of pre-built pages, or lack of either);
- Similarly, `make dist-ci` is routed to provide a strict or faked tarball;
- Earlier defined goals like `distcheck-light` or `distcheck-valgrind` now
take advantage of these mechanisms to also produce usable dist archives
for their relaxed or purpose-specific tests.
- Revised behaviors for the `upsnotify()` common code introduced in recent NUT
releases (integrating with service management frameworks, etc.):
* It was a bit cryptic when it reported a *failure to notify* (e.g. when a
NUT program was not running as a service currently), fixed now to report
human-friendly text instead of internal enum codes. Follow-up to [issue
#1590, PR #1777, PR #2136]
* Drivers should no longer print warning messages about not-initializing
the notification subsystem because not running as a service when they
are either started explicitly to show the help message, or when their
CLI arguments are fatally wrong (no UPS name, no `port`, invalid trailing
keywords...)
* NUT programs generally should default to not "spam" about lack of known
notification technology if our first message to be suppressed is already
about stopping that program. This might help nag distros into getting
a service framework, or integrating theirs with NUT, but is generally
annoying to end-users where there's little they can do about it (other
than suppressing the message with `NUT_QUIET_INIT_UPSNOTIFY` envvar).
- Drivers, `upsd`, `upsmon`: reduce "scary noise" about failure to `fopen()`
the PID file (which most of the time means that no previous instance of
the daemon was running to potentially conflict with), especially useless
since in recent NUT releases the verdicts from `sendsignal*()` methods
are analyzed and lead to layman worded situation reports in these programs.
[issue #1782, PR #2384]
- Drivers started with the `-FF` command-line option (e.g. wrapped into the
systemd units to stay "foregrounded" *and* save a PID file anyway) should
now also handle an existing PID file to interact with the earlier instance
of the driver program, if still running (e.g. started manually). [#2384]
- Drivers executed to force an UPS shutdown (with `-k` CLI option) should
now try harder to kill off a daemonized sibling, if it still runs (and
did not handle a `driver.killpower` INSTCMD well). [#2666]
- Extended instant commands for driver reloading with a `driver.exit`
command for a protocol equivalent of sending a `SIGTERM`, e.g. when
a newer instance of the driver program tries to start. [#1903, #2392]
- A new `NUT_QUIET_INIT_BANNER` envvar (presence or "true" value) can now
prevent the tool name and NUT version banner from being unilaterally
printed out when NUT programs start. [issues #1789 vs. #316; #2573]
- Drivers would now report the socket they are listening on, and server
would report full path to the driver socket it tries to connect to.
A new `NUT_QUIET_INIT_LISTENER` envvar (presence or "true" value) can
prevent the socket name from being unilaterally printed out when NUT
drivers start. [#2764]
- The `upsdrvctl` tool improvements:
* It should now warn if executed on systems where NUT was built with
support for service management frameworks like systemd or SMF, so
nut-driver service units prepared by `nut-driver-enumerator` would
conflict with manually-executed driver programs. This warning can
be hushed by exporting a `NUT_QUIET_INIT_NDE_WARNING` environment
variable with any value.
* Extended `upsdrvctl` with a `list` operation (or `-l` option) to report
manageable device configuration names (possible `<ups>` arguments to
`start`, `stop` etc. operations), or to confirm a single name that it
is known, and a `status` operation for more information. [#2567]
* Fixed support of `maxstartdelay` at the level of driver section in
`ups.conf`; added support of `maxretry` and `retrydelay` at this
level; bumped the default `maxstartdelay` from 45 to 75 seconds to
accommodate for longer device initialization (e.g. due to support of
more Megatec Qx dialects by `nutdrv_qx`). [#2885, #2888]
- `riello_ser` updates:
* Added `localcalculation` option to compute `battery.runtime` and
`battery.charge` if the device provides bogus values [issue #2390,
following in the footsteps of #1692, #1685 done for `riello_usb`]
(similar to `runtimecal` in some other drivers, may be refactored
to that configuration and logic model in later NUT releases)
- `apcsmart` updates:
* Revised code to use `strncpy()` and avoid potential overflows that are
possible with `strcpy()` used before. [PR #2564]
* Lost communications led to a logging flood, should not anymore.
In fact, the driver should try fully reconnecting upon getting into
a prolonged data stale condition. [issue #704, PR #2564]
- `nutdrv_qx` updates:
* Added Visench C1K (using serial port converter with USB ID `1a86:7523`)
as known supported by `nutdrv_qx` (Megatec protocol) since at least
NUT v2.7.4 release. [#2395]
* Introduced `innovart31` protocol support for Innova RT 3/1 UPSes. [#2712, #2798]
* Introduced `q2` and `q6` protocol support; currently also based/tested
on Innova devices, but other models than RT 3/1. [#2798]
* Introduced a `gtec` subdriver and protocol, tested over USB with a
Gtec ZP120N device. [#2818]
* Fixed `hunnox_protocol()` to honour the optional `novendor` setting for
devices that are confused by such query, e.g. DEXP LCD EURO 1200VA. [#2839]
* Extended Voltronic protocol to support longer numbers as remaining
`battery.runtime` value. [#2765]
- GPIO drivers:
* Extended to support library API of not only libgpiod v1.x releases,
but also v2.x; introduced a NUT `WITH_LIBGPIO_VERSION` C macro (in
`config.h`) to differentiate the library variants. [issue #2833]
- New NUT drivers:
* `bicker_ser`: added new driver for Bicker 12/24Vdc UPS via RS-232 serial
communication protocol, which supports any UPS shipped with the PSZ-1053
extension module. [PR #2448]
* `liebert-gxe`: added new driver with support for Liebert GXE Series UPS
(serial or USB posing as a serial port). [#2629]
* `nhs_ser`: added new driver for numerous NHS Nobreaks, senoidal line -- UPS
models with serial port, made by NHS Sistemas Eletronicos LTDA and popular
in Brazil. Currently this driver only builds on Linux. [#2692]
* `phoenixcontact_modbus` driver: Introduced Phoenix Contact QUINT4-UPS/24DC
management (only new modbus addresses). [#2689, #2716]
- Added `scripts/external_apis` with an example script integrating a
non-native protocol with NUT (as live-stream input for `dummy-ups`
NUT driver to publish further); that example can be installed using
`configure --enable-extapi-enphase`. [issue #2807, PR #2813]
- `usbhid-ups` and `netxml-ups` updated to handle "No battery installed!"
alarm also to set the `RB` (Replace Battery) value in `ups.status`.
This may cause dual triggering of notifications (as an `ALARM` generally
and as an important `REPLBATT` status in particular) in `upsmon`, but
better safe than sorry. [#415]
- `usbhid-ups` updates:
* Support of the `onlinedischarge_log_throttle_hovercharge` in the NUT
v2.8.2 release was found to be incomplete. [#2423, follow-up to #2215]
* Added support for `interrupt_pipe_no_events_tolerance=N` setting to
optionally prevent UPS lockup, indicated by continuous "Got 0 HID Objects"
situation as a clue, by reconnecting on stale data. Note that while some
devices just report information upon subsequent poll and just have nothing
urgent to declare with an USB interrupt, others (e.g. APC BXnnnnMI) were
seen to lock up until a full connection restart. [#2671, #2681]
* Added support for `lbrb_log_delay_sec=N` setting to delay propagation of
`LB` or `LB+RB` state (buggy with APC BXnnnnMI devices circa 2023-2024).
This may work better with flags like `onlinedischarge_calibration` and
`lbrb_log_delay_without_calibrating` for some devices. [#2347]
* General suggestion from `possibly_supported()` message method for devices
with VendorID=`0x06da` (Phoenixtec), seen in some models supported by
MGE HID or Liebert HID, updated to suggest trying `nutdrv_qx`. [#334]
* MGE HID list of `mge_model_names[]` was extended for Eaton 9E, 5PX and 5SC
series (largely guessing, feedback and PRs for adaptation to actual
string values reported by devices via USB are welcome), so these devices
would now report `battery.voltage` and `battery.voltage.nominal`.
Also a device from 5S series (5S1200AU) was tested, although it identifies
as an "Ellipse PRO" in USB metadata. [#2380]
* Added `ups.beeper.status` support for Masterpower MF-UPS650VA using the
MGE HID subdriver. [#2662]
* Added basic support for EcoFlow River 3 Plus and Delta 3 Plus models.
[issue #2735, PRs #2740, #2837]
* Added support for `0x09D6:0x0001` devices using the MGE HID subdriver
assuming devices made by KSTAR (alternately using MGE vendor ID). [#2661]
* `powercom-hid` subdriver sent UPS shutdown commands in wrong byte order,
at least for devices currently in the field. A toggle was added to set
the old behavior (if some devices do need it), while a fix is applied
by default: `powercom_sdcmd_byte_order_fallback`. [PR #2480]
* `cps-hid` subdriver now supports more variables, as available on e.g.
CP1350EPFCLCD model, including temperature. [PRs #2540, #2711]
* Loudly suggest to set `pollonly` flag and default a shorter `pollfreq`
for CPS devices, to try avoiding device-driven timeouts. [#1689]
Also adjust default `offdelay` and `ondelay` to reasonable values,
and warn the users with CPS devices if their configured values are
not multiples of 60. [#432, #1394]
* In `cps-hid` subdriver, `cps_fix_report_desc()` method should now handle
mismatched `LogMax` ranges for input and output voltages, whose USB Report
Descriptors are wrongly encoded by some firmware versions. [#1512]
* In `cps-hid` subdriver, try to fix frequency scaling based on the values
we see from the device and/or configuration overrides (low, nominal, high)
so `499.0 Hz` reading that comes from some firmware versions gets reported
properly as `49.9Hz`. [#2717]
* USB parameters (per `usb_communication_subdriver_t`) are now set back to
their default values during enumeration after probing each subdriver.
Having an unrelated device connected with a VID:PID matching the
`arduino-hid` subdriver prevented use of an actual `usb-hid` device due to
changes made to this struct during probe. [#2611]
- USB-capable drivers generally:
* ...could earlier log `(nut_)libusb_get_string: Success` due to either
reading an empty string or getting a success code `0` from libusb.
This difference should now be better logged, and not into syslog. [#2399]
* ...now can benefit from a new `nut_usb_get_string()` method which can do a
fallback `en_US` query for devices which report a broken "langid" language
identifier value. This notably manifested in inability to query the device
Manufacturer, Model and Serial Number values with some buggy device firmware
or hardware. [PR #2604, issues #1925, #414]
* Currently this was tested to fix certain device discovery with the
`usbhid-ups` driver; but should also apply out of the box to same
discovery logic in `blazer_usb`, `nutdrv_qx`, `riello_usb` and
`tripplite_usb` drivers.
* Also applied to `nut-scanner` and `libnutscan`. [issue #2615]
* More work may be needed for other USB-capable drivers (`richcomm_usb`,
`nutdrv_atcl_usb`) and for general code to collect string readings and
other data points, and to configure the fallback locale or choose one
if several are served by the device. [issues #2613, #2614, #2615]
* ...should now be more likely to succeed with iterative detection
of an UPS interface on a composite USB device or when looking at devices
with non-default interface/endpoint/config numbers. [PR #2611]
* ...should now accept a `LIBUSB_DEBUG=INTEGER` setting in `ups.conf`
(as well as an environment variable that can be generally set via
`nut.conf` or service unit methods or init script), to enable
troubleshooting of LibUSB itself. [issue #2616]
* ...should now not log "insufficient permissions on everything" alone when
some devices were accessible but just did not match -- clarify that case
in the next line, when applicable. [PR #2699]
* ...should now track the fact of `assumed_LogMax` (typically when firmware
encoding logic is wrong, and `-1` is resolved by parser). [#1512, #1040]
- `snmp-ups` updates:
* Added support to monitor BayTech RPC3-NC PDUs, with `baytech-rpc3nc-mib`
serving same basic data points as were available in `baytech-mib.c`,
but checking for a different model OID subtree and different OIDs for
the device model information. [#2779]
* Fixed `netvision-mib`: sync `netvision_output_info` with currently
available `SOCOMECUPS-MIB.txt`. [#2803]
- `mge-utalk` driver will no longer set non-standard status values `COMMFAULT`
and `ALARM` (for a specific status bit); instead, it will set modern
`ups.alarm` with values `COMMFAULT` and/or `DEVICEALARM` (and raise
an `ALARM` in `ups.status` for either, as standard alarms go). [#2708]
- Introduced a new driver concept for interaction with OS-reported hardware
monitoring readings. Currently instantiated as `hwmon_ina219` specifically
made for Texas Instruments INA219 chip as exposed in the Linux "hwmon"
subsystem of its "sysfs" interface (and talking I2C under the hood), this
approach seems to have good potential to expand into covering more devices
and perhaps platforms. [#2430]
- Introduced `ECO` status concept for "ECO mode" (or "High Efficiency" mode,
or "Energy Saver System"...) as named and defined by hardware vendors.
One common aspect is that this is a balance of electrical efficiency vs.
robust outage protection (which may be overkill for IT equipment whose
PSU can survive several milliseconds on capacitors alone) which can be
selected at run-time. Previously such choice was made at the time of
purchase, with the UPSes only supporting some one protection strategy.
[issue #2495, PR #2637]
* Updated documentation, end-user clients (CGI, NUT-Monitor UI);
* Updated `upsmon` client with ability to report entering and exiting
the ECO mode if reported by the driver;
* Initial implementation for Eaton devices with `usbhid-ups` driver.
- Introduced handling for the `ALARM` status, which already existed as a
common denominator for devices seen with active `ups.alarm` variables.
UPS devices in an `ALARM` status are generally considered volatile and
may be considered critical/dead by the `upsmon` client earlier than in
other statuses (e.g. in no-communication situations). It has to be noted
that there is no common standard for what constitutes an alarm and such
alarm states were also previously observed for less severe reasons. This
depends on the manufacturer/device-specific implementation in the driver.
[issues #415, #2657, PR #2658]
* Updated documentation, end-user clients (CGI, NUT-Monitor UI);
* Updated `upsmon` client with ability to report entering and exiting
the ALARM status if reported by the driver;
* Updated `upsmon` client with setting to toggle whether an `ALARM`
status can prompt the UPS to become critical in certain situations.
- The `upsmon` client can now also report entering and exiting the `OVER`
(UPS overloaded), `TRIM` and `BOOST` (adjusting for bad input voltage)
states. A setting `OVERDURATION` was introduced to define a timeout
after which a non-communicating UPS that was last seen in state `OVER`
should be considered critical (or not). [PR #1074, issue #2877]
- Revised `upssched` timer handler that can be called from `upsmon` as its
`NOTIFYCMD` to not report confusing environment variable values of
`NOTIFYTYPE` and `UPSNAME` from the original call when a timer eventually
fires -- these values are irrelevant at that distant future. The NIT (NUT
Integration Tests) suite was extended to configure and call this tool,
facilitating its development and troubleshooting. Also the `upssched`
timer daemon part can now save its PID file (so that NIT can terminate
it after tests). [#2890]
- New `libupsclient` API methods added:
* `upscli_str_add_unique_token()` and `upscli_str_contains_token()`,
to help C NUT clients process `ups.status` and similarly structured
strings same way as NUT core code base. [#2852, #2859]
* `upscli_connect()` was previously always blocking; now this is sort of
optional, with new `upscli_set_default_connect_timeout()` able to change
the implicit timeout from default zero (meaning blocking) to a positive
value (or back to 0). Several NUT clients (`upsc`, `upscmd`, `upsrw`,
`upslog`, `upsmon`, `upsimage`, `upsset` and `upsstats`) were updated
to default with a 10-second timeout in case of name resolution lags or
unresponsive hosts (notably a problem with `upsmon` contacting many
remote systems at once). The `NUT_DEFAULT_CONNECT_TIMEOUT` environment
variable can be used to modify this timeout for all clients. Further
new methods here include `upscli_get_default_connect_timeout()` to
retrieve a copy of the last stored timeout, and
`upscli_init_default_connect_timeout()` to initialize the value from
a number of sources with different priorities. [#2847]
* Symbols exported from `libupsclient` now include `nut_debug_level*` so
that NUT clients can be usefully debugged (e.g. using `NUT_DEBUG_LEVEL`
environment variable). [#2847]
- Several NUT clients including `upscmd`, `upsrw`, `upsimage`, `upsset`,
`upsstats`, and `upslog` (during reconnection), did not `UPSCLI_CONN_TRYSSL`
so went plaintext even when secure connections were possible. Fixed to at
least try being secure, same way as `upsc` does for a long time. [#2847]
- `upsmon` updates:
* It was realized that the `POWERDOWNFLAG` must be explicitly set in the
configuration file, there is no built-in default in the binary program
(the settings facilitated by the `configure` script during build "only"
impact the `upsmon.conf.sample`, init-scripts and similar files generated
from templates). [issue #321, PR #2383]
* Added an `OBLBDURATION` (seconds) setting to optionally delay raising
the alarm for immediate shutdown in critical situation. [#321]
* Optimized `parse_status()` by not checking further strings if we had
a match; report unexpected tokens in debug log. [#415]
* Revised internal `do_notify()` method to support formatting strings
with two `%s` placeholders, to use if certain use-cases pass any extra
information (e.g. not just "we have alarms" but their values too). [#415]
* Introduced handling for "unknown" `ups.status` tokens, reporting them
as "OTHER" notification type (whenever the set of such tokens appears
or changes) or "NOTOTHER" when they disappear. [#415]
- `upslog` updates:
* Added support for limiting the loop count. Using in NIT (NUT Integration
Test) suite for double profit (checking the tool and fallback in NIT).
* If you use the legacy CLI options for single-system logging (`-s <system>`
and `-l <logfile>`) along with newer tuple(s) for multiple-system logging
(repeatable `-m <system,logfile>`), previously the single-system options
were overridden by the tuple(s); now they become part of the list.
* Internally, changed from use of shared global variables to query one UPS
at a time, populated from the new list of tuples during each loop cycle,
to passing and using the new tuple structures directly.
* The `upsname` in the `system=upsname[@hostname[:port]]` parameter may
be an asterisk `*` to query for devices currently served by the hostname.
* Same log file may safely be used in different logging tuples (it is
then recommended to use `%UPSHOST%` in a custom formatting string).
* Fixed printing of `%UPSHOST%` when multiple systems are being logged.
* A `%t` for a TAB character can now be used in the formatting string.
* Added `-N` to prefix `%UPSHOST%%t` before the format string (whether
default or custom). Useful when logging many systems into same target.
* Added `-D` for debugging (and foregrounding by default), like with
other NUT daemons.
* Added systemd and SMF service integration. [#1803]
- More systemd integration:
* Introduced a `nut-sleep.service` unit which stops `nut.target` when a
system sleep was requested, and starts it when the sleep is finished.
This helps avoid NUT shutting down a woken-up system just because its
power state was critical before the sleep (called as a `SHUTDOWNCMD`
implementation by the end-user), and a next-read timestamp was not seen
(deemed to be a stale UPS, meaning lost communications during critical
state, so must go down ASAP). While not as elegant as native systemd
"inhibitor interface" support, this approach does work. [#1833, #1070]
* Introduced support for the "inhibitor interface" as well (should be
available on systems with systemd version 183 or newer) for a better
handling of the time jump specifically in the `upsmon` client via new
`Inhibit()` method in `common.c`. [#1070]
* As an extension of the logic introduced above, hopefully now `upsmon`
would behave better in face of any significant and unexpected clock
jumps (on POSIX builds so far), even if they are not suspend/hibernate
events (or they were but we could not have an inhibit lock). Now they
should be handled similar (avoid stale UPS data and rash decisions)
for summer/winter time change on non-UTC deployments, a debugger
suspending the `upsmon` process, etc. [#2597]
* Introduced delivery of default systemd presets (lists of enabled/disabled
units). [#2721]
* A `nut-udev-settle.service` was introduced to replace dependency on the
`systemd-udev-settle.service` which is deprecated and causes warnings on
some systems. It was shown to benefit NUT use-cases however. [#2638]
- `gamatronic` driver revised for safer memory operations; this was reported
to have fixed a Segmentation Fault seen in earlier NUT releases with
some of the devices supported by this driver. [#2427]
- `upsd` updates:
* `upsd_cleanup()` is now traced, to more easily see that the daemon is
exiting (and/or start-up has aborted due to configuration or run-time
issues). Warning about "world readable" files clarified. [#2417]
* Failure to `LISTEN` on an invalid host name (e.g. `localhost:3493` or
`1.2.3.4/24`) is now logged in a more actionable manner. [#2665]
- `nut-scanner` updates:
* The tool relies on dynamic loading of shared objects (library files)
orchestrated at run-time rather than pre-compiled, to avoid excessively
huge package footprints. This however relies on knowing (or sufficiently
safely guessing) the library file names to use, and short `libname.so`
is not ubiquitously available. With the new `m4` macro `AX_REALPATH_LIB`
we can store and try to use the file name which was present on the build
system, while we search for a suitable library. [#2431]
NOTE: A different but functionally equivalent trick is done for `libupsclient`
during a NUT build.
* Fixed support for IPv6 addresses (passed in square brackets) for both
`-s` start/`-e` end command-line options, and for `-m cidr/mask` option.
[issue #2512, PR #2518]
* Newly added support to scan several IP addresses (single or ranges)
with the same call, by repeating command-line options; also `-m auto{,4,6}`
can be specified (once) to select IP (all, IPv4, IPv6) address ranges of
configured local network interfaces.
An `/ADDRLEN` suffix can be added to the option, to filter out discovered
subnets with too many bits available for the host address part (avoiding
millions of scans in the extreme cases).
[issue #2244, issue #2511, PR #2509, PR #2513, PR #2517]
* Implemented parallel scanning for IPMI bus, otherwise default scan for
all supported buses with `-m auto` takes unbearably long. [#2523]
* Bumped version of `libnutscan` to 2.6.0, it now includes a few more
methods and symbols from `libcommon`. [issue #2244, PR #2509]
* Do not actively suggest `vendor(id)`, `product(id)`, and `serial` options
for `bcmxcp_usb`, `richcomm_usb` and `nutdrv_atcl_usb` drivers for now
[#1763, #1764, #1768, #2580]
- All drivers should now support the optional `sdcommands` setting with
a site-local list of instant commands to handle `upsdrv_shutdown()`,
which may be useful in cases when the driver's built-in commands
(or their order) do not meet the goals of particular NUT deployment.
This can also help with shutdown endgame testing, using a mock command like
starting the beeper (where supported) to verify that the UPS communications
happen as expected, without compromising the load connected to the UPS.
Also defined `EF_EXIT_SUCCESS` and `EF_EXIT_FAILURE` in `include/common.h`
to avoid magic numbers in code like `set_exit_flag(-2)`, and revised whether
it is getting set at all in "killpower" vs. other cases, based on new
`handling_upsdrv_shutdown` internal flag.
NOTE: during this overhaul, many older drivers got their first ever supported
INSTCMD such as `shutdown.return`, `shutdown.stayoff` or `load.off`. Default
logic that was previously the content of `upsdrv_shutdown()` methods was often
relocated into new `shutdown.default` INSTCMD definitions. [#2670]
- Common code:
* `upscli_splitname()` should now recognize `upsname:port` typos (missing
the `@hostname` part) and error out gracefully.
* Introduced a `NUT_DEBUG_SYSLOG` environment variable to tweak activation
of syslog message emission (and related detachment of `stderr` when
backgrounding), primarily useful for NIT and perhaps systemd. Most
methods relied on logging bits being set, so this change aims to be
minimally invasive to impact setting of those bits (or not) in the
first place. [#2394]
* `root`-owned daemons now use not the hard-coded `PIDPATH` value set
by the `configure` script during build, but can override it with a
`NUT_PIDPATH` environment variable in certain use-cases (such as
tests). [#2407]
* Allow drivers to set `STATEPATH` via `ups.conf` to match `upsd`
custom configuration ability; the data server would prefer the value
from `ups.conf` over the one in `upsd.conf`, if both are present.
Note that `NUT_STATEPATH` environment variable trumps both. [issue #694]
* Introduced a check for daemons working with PID files to double-check
that if they can resolve the program name of a running process with
this identifier, that such name matches the current program (avoid
failures to start NUT daemons if PID files are on persistent storage,
and some unrelated program got that PID after a reboot). This might
introduce regressions for heavily customized NUT builds (e.g. those
embedded in NAS or similar devices) where binary file names differ
significantly from a `progname` string defined in the respective NUT
source file, so a boolean `NUT_IGNORE_CHECKPROCNAME` environment
variable support was added to optionally disable this verification.
Also the NUT daemons should request to double-check against their
run-time process name (if it can be detected). [issue #2463]
* Introduced `m4` macros to check during `configure` phase for the
platform, and a `nut_bool.h` header with `nut_bool_t` type to use
during build, to avoid the numerous definitions of Boolean types
and values (or macros) in the NUT codebase. [issue #1176, issue #31]
* Custom `distcheck-something` targets did not inherit `DISTCHECK_FLAGS`
properly. [#2541]
* Added `status_get()` in NUT driver state API, to check if a status
token string had been set recently, and to avoid duplicate settings;
fixed `status_set()` for multi-token arguments. [PR #2565, issue #2708]
* Local socket/pipe protocol introduced a `LOGOUT` command for cleaner
disconnection handling. [#2572]
* Codebase adapted to the liking of `clang-18` and newer revisions of
`gcc-13`+ whose static analyzers on NUT CI farm complained about some
imperfections after adding newer OS revisions to the population of
build agents. [#2585, #2588]
* New checks in `clang-19` brought new findings about mismatched formatting
strings and `int`-ish parameters of respective methods.
Overall, had to change formatting strings in some cases, variable types
in others (e.g. flags or notification types do not make sense as signed)
and added casting in a few places that remained, because:
- `%x` style formatting requires an `unsigned int` variable
- Numeric literals and macros are `int` by default
- Results of math with unsigned types like `uint16_t`, done in some
cases, are up-scaled into `int` by default
- `char`'s, `unsigned` or not, seem to be also up-scaled into `int`
- Updated `docs/nut-names.txt` with items defined by 42ITy NUT fork. [#2339]
- Various recipe, documentation and source files were revised to address
respective warnings issued by the new generations of analysis tools.
[#823, #2437, nut-website issue #52]
- Fixed `configure` script to use default (target-specific) values of
`CFLAGS`, `LIBS` etc. when probing relevant settings for each third-party
dependency; as a consequence, on systems that support building for many
targets, we check relevant build-ability for that target and not for the
building system itself. [issue #2673, PR #2675]
- Fixed dynamic linking of Mozilla NSS on systems like Solaris/illumos,
where the shared objects are not packaged into the common RPATH.
[issue #2674, PR #2675]
- Added `scripts/valgrind` with a helper script and suppression file to
ignore common third-party problems. [#2511]
- Fixed `configure --with-valgrind=PATH` vs. detection of its usability;
fixed some portability issues with detection of usability per se, tried
`--with-valgrind=auto` the default to auto-detect and use the feature
(in tests) wherever possible, but too many NUT CI farm agents disagreed;
so for now the default is `no`. [#2823]
- When drivers dump collected data (during troubleshooting), flush `stdout`
buffer immediately for sane logging (especially on Windows). [PR #2699]
- Revised `nut.exe` (the NUT for Windows wrapper for all-in-one service)
to be more helpful with command-line use (report that it failed to start
as a service, have a help message, pass debug verbosity to launched NUT
programs...) and add a man page for it. [issue #2432, PR #2446]
- The `scripts/Windows/build-mingw-nut.sh` helper script was extended to
use `nut_build_${ARCH}` and `nut_install_${ARCH}` directories by default,
with the older `nut_build` and `nut_install` short names becoming just a
symbolic link to the latest executed build: this should help compare the
differences of 32/64-bit builds, without them stepping on each other's toes.
- NUT binding for Python and the `NUT-Monitor` Python UI client updates:
* The `PyNUTClient` module should no longer rely on presence of a `telnetlib`
module in the build or execution environment (deprecated in Python 3.11,
removed since Python 3.13). [issue #2183, PR #2792]
* The PyPI distribution of the `PyNUTClient` module tarball should now use a
lower-cased file name (and immediate versioned directory name inside) to
match the requirements of https://peps.python.org/pep-0625/.
The Python module name (and its directory) should remain camel-cased. [#2773]
* Added man page for the `NUT-Monitor` Python UI client.
* The `NUT-Monitor` Python UI client itself was revised to report the
`PACKAGE_VERSION` and `NUT_WEBSITE_BASE` strings in the "About" dialog
contents; localization support for the dialog and some other resources
was revised to work in Py3Qt5 variant of the script. [#722]
- Documentation recipe updates:
* Enabled installation of built single-file PDF and HTML (including man
page renditions) under the configured `docdir`. It seems that previously
they were only built (if requested) but not installed via `make`, unlike
the common man pages which are delivered automatically. [#2445]
NOTE: The `html-chunked` documents are currently still not installed.
* Added support to `./configure --with-doc=man=dist-auto` to use the
distributed manual page files if present; only fall back to (re-)building
them if we can. [#2473]
* Added a `make distcheck-light-man` recipe to require verification that
the manual page files can be built using the prepared "tarball" archive.
[#2473]
* Revised the documentation building recipes, with the goal to avoid
building the `ChangeLog` products and their intermediate files more
than once (but still react to `git` metadata changes during development),
and to sanity-check the resulting final document (currently only for
`html-single` mode).
As part of this, the `CHANGELOG_REQUIRE_GROUP_BY_DATE_AUTHOR` setting was
added (for `make` calls and used by `tools/gitlog2changelog.py.in`
script), and it defaults to `true` allowing for better ordered documents
at the cost of some memory during document generation. [#2510]
* Updated man page generation with `configure` script options to specify
that manual section codes on the target platform differ from (Linux-based)
defaults hard-coded into page sources; this should allow to simplify NUT
packaging recipe maintenance in those diverse distributions (no more need
to update patches for changed or added documentation sources).
* Lines in first section of NUT configuration report (which can optionally
remain as `config.nut_report_feature.log` and be installed into shared
documentation of a NUT package) are now better grouped as miscellaneous
features and detection results, then drivers and programs/tools. [#2676]
- Added a `common/Makefile.am` build product for a new internal library
`libcommonstr.la` which allows a smaller selection of helper methods
for tools like `nut-scanner` which do not need the full `libcommon.la`
nor `libcommonclient.la`. [#2478, #2491]
- Added a `drivers/Makefile.am` build product for a new internal library
`libserial-nutscan.la` to simplify `tools/nut-scanner/Makefile.am` recipes.
[#2490]
- Build of `snmp-ups` and `netxml-ups` drivers now explicitly brings linker
dependency on chosen SSL libraries. [#2479]
- Introduced `configure --with-modbus+usb` option to require an USB-capable
libmodbus, and defaulted a couple of specific situations as if this was
required (implicitly): `configure --with-modbus --with-usb` and
either `--with-drivers=*apc_modbus*` (actually implies `--with-modbus`)
or `--with-modbus-includes=... --with-modbus-libs=...`
as a way to avoid surprises with custom NUT builds aiming to have an
USB-capable `apc_modbus` driver (currently this requires a custom-built
libmodbus). Also fixed (re-)detection of libmodbus RTU USB support with
static libmodbus builds. [#2666]
- Drivers built with libmodbus (`phoenixcontact_modbus`, `generic_modbus`,
`huawei-ups2000`, `socomec_jbus`, `adelsystem_cbi`, `apc_modbus`) should
now report whether the library is linked dynamically or statically -- this
can help in troubleshooting (especially of `apc_modbus` which may be using
a custom build of the library not delivered by the operating system). [#2897]
- Brought keyword dictionaries of `nutconf` and `augeas` NUT configuration
file parsers up to date; restored automated checks for `augeas` lenses.
[issue #657, issue #2294]
NOTE: Some known issues remain with augeas lens definitions, so currently
they should be able to parse common simple use-cases but not certain types
of more complex configurations (e.g. some line patterns that involve too
many double-quote characters) which are valid for NUT proper. [#657]
- Cross-builds using only a host implementation of `pkg-config` program
should now ignore host `*.pc` files and avoid confusion.
- NUT CI farm build recipes, documentation and some `m4`/`configure.ac`
sources updated to handle a much larger build scope on MacOS. Also
migrated the builders to Apple Silicon from x86 (deprecated by CircleCI).
Disabled `HOMEBREW_NO_AUTO_UPDATE` to gain 40 min per build at cost of
slightly older environment. [#2502, #1579]
- Introduced a simple experiment to expose NUT client readings as filesystem
objects via FUSE, in `scripts/fuse/execfuse-nut` now. [#2591]
- Introduced `make install-as-root` to create directories not directly
populated by `make install` and NUT build artifacts, apply permissions
and (on some platforms) restart services involved with NUT. [#1298]
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit 02084f578149be840cb43470e9aabed4af4c2ebc
Author: Matthias Fischer <matthias.fischer@ipfire.org>
Date: Thu Jun 19 22:49:23 2025 +0200
bind: Update ot 9.20.10
For details see:
https://downloads.isc.org/isc/bind9/9.20.10/doc/arm/html/notes.html#notes-for-bind-9-20-10
"Notes for BIND 9.20.10
New Features
Implement a new notify-defer configuration option.
This new option sets a delay (in seconds) to wait before sending a
set of NOTIFY messages for a zone. Whenever a NOTIFY message is
ready to be sent, sending is deferred for this duration. This
option should not be confused with the notify-delay option. The
default is 0 seconds. [GL #5259]
Removed Features
Implement the systemd notification protocol manually to remove
dependency on libsystemd.
Bug Fixes
Fix zone deletion issue.
A secondary zone could initiate a new zone transfer from the primary
server after it had been already deleted from the secondary server,
and before the internal garbage collection was activated to clean it
up completely. This has been fixed. [GL #5291]
Fix a zone refresh bug.
A secondary zone could fail to further refresh with new versions of
the zone from a primary server if named was reconfigured during the
SOA request step of an ongoing zone transfer. This has been fixed.
[GL #5307]"
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Reviewed-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit 663e19144877926fd97d8e5f95c5fbb6319c6b3a
Author: Adolf Belka <adolf.belka@ipfire.org>
Date: Thu Jun 19 22:20:45 2025 +0200
qemu-ga: Update to version 10.0.2
- Update from version 9.2.0 to 10.0.2
- Update of rootfile not required
- Changelog
See commit for IPFire qemu package
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit 349fe1e84ae2ed3b31eb99b9980af0722e40b352
Author: Adolf Belka <adolf.belka@ipfire.org>
Date: Thu Jun 19 22:20:46 2025 +0200
qemu: Update to version 10.0.2
- Update from version 9.2.0 to 10.0.2
- Update of rootfile
- Removal of sched-attr patch as this is now built into the source tarball.
- Changelog
10.0
Removed features and incompatible changes
Consult the 'Removed features' page for details of suggested replacement
functionality.
New deprecated options and features
The -old-param option (used for booting some ancient Arm kernels) has been
deprecated, as none of the boards QEMU supports need it.
The Arm PXA2xx CPUs and the iwMMXt emulation have been deprecated and will
be removed in a future release.
Consult the "Deprecated Features" chapter of the QEMU System Emulation User's
Guide for further details of the deprecations and their suggested replacements.
Arm
iwMMXt emulation and the PXA2xx CPUs have been deprecated and will be
removed in a future release. (You were only using this if you explicitly
selected a pxa2xx CPU type on the command line or by environment variable.)
When emulating FEAT_PAUTH, the default pointer authentication algorithm
has been changed from the architected QARMA5 algorithm to QEMU's
implementation-defined algorithm. This is non-cryptographic but is
significantly faster, which is what most users will want. If you need the
architected algorithm you can select it with the 'pauth-qarma5'
CPU option, e.g. "-cpu max,pauth-qarma5=on".
The CPU now emulates the Secure EL2 physical and virtual timers
New CPU architectural features emulated:
FEAT_AFP
FEAT_RPRES
FEAT_XS
The Stellaris boards now model both I2C controllers
The 'virt' board now has a 'highmem-mmio-size' property to allow
configuring a larger PCIe MMIO region; this can be useful when passing
through a lot of PCI devices with large MMIO BARs to a VM.
New board models:
"npcm845-evb": NPCM845 Evaluation board
"imx8mp-evk": i.MX 8M Plus EVK board
HPPA
New SeaBIOS-hppa version 18 with lots of fixes and enhancements
Emulate up to 256 GB RAM on 64-bit guests
Speed up translation time
Improve virtual CPU reset function
Support space register hashing via diag registers as required by 64-bit HP-UX
Add emulation of Diva GSP ("Guardian Service Processor" / BMC) PCI boards
Artist graphic card can be disabled on command line with "-global
artist.disable=true"
Added Astro LLMIO support, which allows adding other graphic cards, e.g.
with "-device ati-vga"
LoongArch
KVM support cpu hotplug.
kVM support paravirt ipi.
KVM support kvm steal time.
KVM support virtual extioi feature.
ISA and Extensions
Support riscv-iommu-sys device
Introduce svukte ISA extension
Support ssstateen extension
Reduce the overhead for simple RISC-V vector unit-stride loads and stores
Add 'sha' support
Add traces for exceptions in user mode
Update Pointer Masking to Zjpm v1.0
Add Smrnmi support
Add RISC-V Counter delegation ISA extension support
Add support for Smdbltrp and Ssdbltrp extensions
Introduce a translation tag for the IOMMU page table cache
Support Supm and Sspm as part of Zjpm v1.0
Machines
Deprecate the default RISC-V machine
Add Tenstorrent Ascalon CPU
Support for RV64 Xiangshan Nanhu CPU
Add AIA userspace irqchip_split support
Add Microblaze V generic board
Support 64-bit address of initrd
Add V bit to GDB priv reg
Fixes and Misc
Correct the validness check of iova
Fix APLIC in_clrip and clripnum write emulation
Upgrade ACPI SPCR table to support SPCR table revision 4 format
Fix timebase-frequency when using KVM acceleration
Convert htif debug prints to trace event
s390x
Add feature definitions and CPU model for the generation 17 mainframe CPU
Add support for virtio-mem on s390x
Fix CPU emulation bugs with the PPNO and MCV instructions
Allow bypassing IOMMU for PCI devices for enhanced performance
x86
Faster emulation of string instructions.
ClearwaterForest cpu model
SierraForest-v2 cpu model (for changes vs V1 see commit c597ff5339)
ACPI / SMBIOS
Workaround 'PCI Label Id' Windows bug, which is normally harmless but on
localized versions can lead to guest hangs (commit 0b053391985)
Block devices
The 'virtio-scsi' device has gained true multiqueue support where different
queues of a single controller can be processed by different I/O threads
(this catches up to the `virtio-blk` support that was added in QEMU 9.0).
This can improve scalability in cases where the guest submitted enough
I/O to saturate the host CPU running a single I/O thread processing the
virtio-scsi requests. Multiple I/O threads can be configured using the
new 'iothread-vq-mapping' property.
Add new handshake-max-seconds optional parameter to nbd-server-start QMP
command, and counterpart --handshake-limit option to qemu-nbd. This
allows fine-tuning the duration allowed for client negotiation during
integration testing.
qemu-nbd no longer hangs on exit when run as a daemon (the --fork
command-line option) when qemu is built with the simple trace backend.
Graphics
Add new 'apple-gfx-pci' and 'apple-gfx-mmio' devices which use the macOS
host's ParavirtualizedGraphics.framework to provide accelerated graphics
to macOS guests. 'apple-gfx-pci' is intended for use on x86-64,
'apple-gfx-mmio' replicates the graphics device implemented by the
Virtualization.framework from the aarch64 version of macOS.
IPMI
Multiple different internal BMCs are now supported.
The "Get Channel Info" command is now implemented in the internal BMC.
Add support for the "don't log" flag in the set watchdog command. This
will prevent watchdog timer events being added to the IPMI event log.
Return an error if invalid bits are set in the "Set BMC Global Enables"
command in the internal BMC.
VFIO
Improved support for IGD passthrough on all Intel Gen 11 and 12 devices
Refactored dirty tracking engine to include VFIO state in calc-dirty-rate
Improved error reporting for MMIO region mapping failures
Improved property documentation
Implemented basic PCI PM capability backing
Added multifd support for VFIO migration
Added support for old ATI GPUs (x550)
Deprecated vfio-plaform
Misc fixes
virtio
virtio-mem is now also supported on s390x
virtio-balloon guests stats are now cleared (set to zero) upon
device/machine reset.
9pfs
Fix a regression regarding CVE-2023-2861 with security_model=passthrough
which caused certain sockets on guest to fail (bug #2337, commit b5e3f63a).
multidevs=remap is new default behaviour (see commit a2f17bd4).
Audio
-audio dbus learned "nsamples" option, to set number of samples per
read/write
Character devices
"hub": new chardev, aggregate multiple chardev backends
GUI
VC: add support for cursor DECSC and DECRC commands
VC: implement DCH (delete) and ICH (insert) commands
VC: various parsing/display fixes
GDBStub
linux-user processes can defer connection using -g <port>,suspend=n
TCG Plugins
core plugin code is now only built once
Migration
Fixed regressions in s390x (#2704) and pre-9.0 to post-9.1 migrations with
multifd capability (#2720)
Fixed long-standing bug with paused VMs (#686)
New migration mode "cpr-transfer" to support live updates (documentation).
Block device backends and tools
The Linux AIO and io_uring backends can now make use of the RWF_DSYNC flag
for FUA write requests instead of emulating it with a normal write
followed by an fdatasync() call. This can improve performance for guest
disks with disabled write cache significantly (cache=writethrough and
cache=directsync result in such configurations), in particular if the
host disk is already operating in a write through cache mode.
The user can now actively manage if nodes are active or inactive. Amongst
others, this is required to perform safe live migration with a
qemu-storage-daemon based backend. It also allows starting block device
operation on the live migration destination of a paused VM without first
resuming the VM (which was previously the only way to activate images).
The vpc block driver has been fixed to handle VHD images exported from
Azure more correctly
runtime
Improved networking emulation regarding netlink and multicast
PowerPC
Added /proc/cpuinfo file emulation
Guest agent
Implement a 'guest-get-load' command (Linux only)
Don't daemonize before the channel is initialized
This changes the exit code when QGA fails with the daemonize option
Optimize the freeze-hook script logic of logging errors
Log to syslog if the file log is unavailable
fsfreeze command: Skip bind mounts in the FS list
Documentation
All QEMU Machine Protocol (QMP) interface documentation (QEMU, QEMU Storage
Daemon, QEMU Guest Agent) pages have been drastically overhauled,
featuring a new look and layout.
New QMP reference indices have been added per-API: QEMU QMP Index,
QEMU Storage Daemon QMP Index, and QEMU Guest Agent QMP Index. The
indices are sorted both per-type (Commands, Events, data types) and
alphabetically; providing a convenient one-page reference for all
available Commands and Events for a given interface.
All Commands, Events, and all documentation-referenced types are now
cross-reference-able; with clickable cross-references inserted in many
cases to make navigating complex commands, events, and types much easier.
References that aren't generated from metadata but are instead
"hardcoded" in the source documentation have not yet been converted, but
all generated references have been. (i.e. all type names for
arguments/members, return values, and "The members of..." pointers are
now clickable.)
Some return types are still omitted where they are undocumented, but this
will be rectified for next release.
Some build-time conditional information ("if", "ifcond") is temporarily
missing from the new documentation. For commands, events, or
members/values/arguments that are only conditionally available, please
consult the runtime introspection data to determine availability for a
given binary, as per usual. This will also be rectified for the next
release.
Support for device models written in the Rust programming language is still
considered experimental, and does not have full feature parity compared to
QEMU binaries that are compiled with --disable-rust. However, it has matured
enough that developing new devices can (almost entirely) be done in the safe
subset of Rust.
For now, binaries compiled with --enable-rust link statically to Rust libstd.
This is not suitable for e.g. Linux distributions but could be okay for other,
special purpose distributions of QEMU.
The current minimum supported Rust version is 1.63.0, with plans to move to
1.77.0. This means that:
--enable-rust does not work with Debian bullseye's rustc packages.
in the future, --enable-rust will not support Debian bookworm's rustc for
the mips64el architecture, and will require the rustc-web package for
other architectures.
Debian bullseye and bookworm otherwise remains supported platforms for QEMU;
Debian bullseye will cease to be a supported platform as soon as Debian
trixie is released.
Testing and CI
updated baseline tuxrun tests to 19/11/2024 images
added new test for virtio-vulkan (needs upto date build with access to dri)
qtest clock_set and clock_step now check return values
riscv64 cross compile now based on trixie
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit 5536d27c0dec020cff144b89623cc04f87b7b7eb
Author: Adolf Belka <adolf.belka@ipfire.org>
Date: Thu Jun 19 22:20:44 2025 +0200
libvirt: Update to version 11.4.0
- Update from version 10.10.0 to 11.4.0
- Update of rootfile
- Changelog
11.4.0
New features
qemu: ppc64 POWER11 processor support
Support for the recently released IBM POWER11 processor was added.
Packaging changes
All helper programs are now detected from $PATH during runtime
All of the code was now converted to dynamically look up helper programs in
$PATH rather than doing the lookup at build time and then compiling in the
result.
Programs mount, umount, mkfs, modprobe, rmmod, numad, dmidecode, ip, tc,
mdevctl, mm-ctl, iscsiadm, ovs-vsctl, pkttyagent, bhyveload, bhyvectl, bhyve,
ifconfig, vzlist, vzctl, vzmigrate, and the tools from the lvm suite
(vgchange, lvcreate, etc..) are now not needed during build and will still
work properly if placed in $PATH.
This also ensures that libvirt works correctly on distros that are
transitioning /sbin into /bin and upgraded installations have a different
layout from fresh installations.
Improvements
virsh: Add option --no-pkttyagent
That option suppresses registration of pkttyagent with polkitd.
bhyve: support NVRAM configuration for UEFI firmwares
The bhyve driver now supports specifying NVRAM store file, such as:
<os firmware='efi'>
<nvram/>
</os>
qemu: Improve accuracy of FDC/floppy device support statement in capabilities XML
The data is now based on the presence of the controller in qemu rather than
just a denylist of machine types where floppies not work.
Bug fixes
qemu: Fix failure when reverting to internal snapshots
A regression in libvirt-11.2 and libvirt-11.3 prevents reverting to an
internal snapshot. Attempts to revert would produce the following error:
error: operation failed: load of internal snapshot 'foo1' job failed: Device
'libvirt-1-format' is writable but does not support snapshots
The only workaround is to avoid the broken versions.
qemu: Fix virtqemud crash when resuming failed post-copy migration
A regression introduced in libvirt-11.2.0 caused virtqemud on the destination
host to crash when trying to resume failed post-copy migration.
qemu: Treat the queues configuration of virtio-net as guest ABI
The queue count itself isn't a device frontend property but libvirt uses it to
calculate vectors option of the device which is a guest OS visible property,
thus queues must not change during migration. The ABI stability check now
handles this properly.
11.3.0
Removed features
Support for AppArmor versions prior to 3.0.0 has been dropped.
New features
xen: Support configuration of <hyperv/> flags for Xen domains.
The following flags are now configurable for Xen: vapic, synic, stimer,
frequencies, tlbflush and ipi.
bhyve: Support virtio random number generator devices
Domain XMLs can now include virtio random number generator devices. They are
configured with:
<rng model='virtio'>
<backend model='random'/>
</rng>
bhyve: Support <interface type='network'>
At the moment it doesn't provide any new features compared to
<interface type='bridge'>, but allows a more flexible configuration.
Bug fixes
cpu_map: Install Ampere-1 ARM CPU models
The Ampere-1 CPU models added in the previous release were not properly
installed and thus every attempt to start an ARM domain with custom CPU
definition would fail.
storage: Fix new volume creation
No more errors occur when new storage volume is being created using virsh
vol-create with --validate option and/or virStorageVolCreateXML() with
VIR_VOL_XML_PARSE_VALIDATE flag.
Don't spam logs with error about qemu-rdp when starting a qemu VM
On hosts where the qemu-rdp binary is not installed a start of a VM would
cause an error such as
error : qemuRdpNewForHelper:103 : 'qemu-rdp' is not a suitable qemu-rdp helper
name: No such file or directory
to be logged in the system log. It is safe to ignore the error. The code was
fixed to avoid the message when probing for support.
Fix libvirt daemon crash on failure to hotplug a disk into a qemu VM
Some failures of disk hotplug could cause the libvirt daemon to crash due to a
bug when rolling back disk throttling filters.
11.2.0
Removed features
Remove support for qemu-6.1 and older
Libvirt now requires qemu-6.2 or newer based on our platform support policy.
New features
qemu: Add new 'image_format' parameter to virDomainSaveParams
virDomainSaveParams now supports an image_format parameter for specifying the
save image format on a per-domain basis. The parameter accepts the same
values as the driver-wide save_image_format setting in qemu.conf. An image
format specified via virDomainSaveParams takes precedence over the
driver-wide setting.
qemu: Added guest load averages to the output of virDomainGetGuestInfo
This feature will be available with qemu guest agent 10.0 onwards.
qemu: Add support for multiple iothreads for virtio-scsi controller
It's now possible to map multiple iothreads to the virtio-scsi controller or
even map them to specific virtqueues similarly to the virtio-blk device
allowing for better performance in certain scenarios.
qemu: integrate support for VM shutdown on host shutdown
It is now possible to instruct the QEMU driver to automatically perform
managed save, graceful shutdown, or hard poweroff on running VMs, when a host
shutdown is requested. This feature is intended to eventually replace usage
of the libvirt-guests script. The new approach improves on the libvirt-guests
script, by proactively monitoring logind for a signal that a host shutdown
has been requested. It will initiate the chosen action on running guests
immediately, allowing shutdown inhibitors to be released sooner. The new
solution is also able to iteratively try multiple actions until one of them
succeeds in shutting down the VM.
Since it must be mutually exclusive with the libvirt-guests script, this
feature currently requires a manual opt-in through editing of the
/etc/libvirt/qemu.conf configuration file. The libvirt-guests script must be
disabled before doing this.
qemu: Add 'sparse' as a new save image format
QEMU's file migration has been supplemented with the new stream format
mapped-ram, where RAM pages are mapped directly to offsets in the migration
file. mapped-ram is now supported by augmenting the existing save image
formats with the sparse format.
qemu: Add support for parallel save/restore
The sparse image format can support reading and writing by multiple channels.
virDomainSaveParams and virDomainRestoreParams now support specifying the
number of IO channels used for parallel save and restore. Using multiple
channels can reduce the time required to save and restore domains.
virsh: Introduce new hypervisor-cpu-models command
Added a new virsh command hypervisor-cpu-models. The command pulls from the
existing domcapabilities XML and uses xpath to parse CPU model strings. By
default, only models reported as usable by the hypervisor on the host system
are printed. A user may specify --all to also print models which are not
supported on the host.
qemu: Introduce os/shim element
For secure boot environments where <loader/> is signed, it may be unfeasible
to keep the binary up to date (esp. when revoking certificates contained
within). To address that, new <shim/> element is introduced which allows
hypervisor to side load another UEFI binary, which can then contain new
certification authorities and/or list of revocations.
ch: Enable SEV SNP support
Cloud Hypervisor guests can be now started with SEV SNP enabled.
qemu: Support for Block Disk Along with Throttle Filters
Introduce support for multiple throttle groups per block disk in QEMU,
enhancing I/O control and performance optimization. This update builds on the
existing throttling functionality by allowing more granular control with the
ability to assign different throttle groups to multiple block devices,
improving shared throttling across devices.
Improvements
qemu: Improved guest agent corner case error reporting
The APIs using the guest agent now report two specific error codes aimed at
helping management applications/users to differentiate between timeout while
libvirt was synchronizing with the guest agent and timeout after a command
was already sent.
The new error codes are VIR_ERR_AGENT_COMMAND_TIMEOUT and
VIR_ERR_AGENT_COMMAND_FAILED.
qemu: Use common check for shared memory use for vhost-user network devices
Historically libvirt printed only a warning if the vhost-user network was
misconfigured. Since we enforce proper configuration for other device types
using vhost-user it is now enforced also for network devices and prints an
actual error on misconfiguration.
Introduce constants for discoverability of entries in bulk stats APIs
Libvirt introduced constants exposed by our API description XML which allows
discoverability of new entries in typed parameter names returned by
virConnectGetAllDomainStats, virDomainListGetStats, and virDomainGetGuestInfo.
qemu: Reflect MAC address change in live domain XML
When a guest changes MAC address on one of its vNICs the new MAC address is
now visible in the live XML under currentAddress attribute of <mac/> element.
At the same time, VIR_DOMAIN_EVENT_ID_NIC_MAC_CHANGE event is emitted so that
management applications can update their internal state.
Bug fixes
qemu: attach virtio-mem with CCW address
Attaching a virtio-mem device on s390 without an address type now gets a
default type CCW address assigned. A specified CCW address is now used for
the virtio-mem device instead of getting overwritten by a PCI address.
ch: Various memory leak fixes
There were some memory leaks identified in the Cloud Hypervisor driver. They
are fixed now.
11.1.0
Packaging changes
De-modularize the 'fs' storage file backend
The storage file backend for local files uses only code which we compile into
the internal libraries anyways so there's no point in having it as a loadable
module. The storage-file/libvirt_storage_file_fs.so module no longer exists
and its functionality is embedded directly.
Removed features
vbox: removed support for version 6.1 APIs
Libvirt no longer supports use of VirtualBox 6.1 since this version reached
its end of life on 2024/01.
New features
nodedev: Support ccwgroup based qeth devices
CCW group devices are devices that use multiple subchannels on the mainframe's
channel subsystem. A qeth group device maps to subchannels and their
corresponding device numbers and device bus-IDs. The ccwgroup device nodes
are placed besides the subchannel nodes under computer and list the group
members within a new ccwgroup capability. A new capability ccwgroup_member is
added into capability ccw to represent a device membership to a ccwgroup.
Filters are added to find ccwgroups as well as ccwgroup members.
ch: Support handling events from cloud-hypervisor
The ch driver now supports handling events from the cloud-hypervisor. Events
include VM lifecyle operations such as shutdown, pause, resume, etc. Libvirt
will now read these events and take actions such as updating domain state, etc.
Introduce virtio-mem <memory/> model for s390 guests
The virtio-mem model of <memory/> device can now be used with s390 guests.
Support using passt as the backend for interface type='vhostuser'
The combination of vhostuser transport with passt as the backend provides high
performance, fully featured networking without the need for libvirt or QEMU
to have any elevated privileges or capabilities. Configuration and features
are identical to the configuration for type='user' with the passt backend.
Improvements
qemu: I/O error messages can be queried via virDomainGetMessages()
The qemu hypervisor driver now preserves the last I/O error message along with
the timestamp when it was recorded and preserves it to be queried via
virDomainGetMessages().
Bug fixes
tools: ssh-proxy: Check if domain is running before connecting to it
If domain is not running but has a static CID configured for its VSOCK then
the ssh-proxy parsed it anyways. This may have resulted in mistakenly
connecting to a different domain. Domain status is checked before parsing its
CID.
apparmor: Allow SGX if configured
If domain has <memory model='sgx-epc'\> configured then libvirt now adds
corresponding devices into a per-domain profile so that AppArmor does not
deny QEMU access to them.
qemu: Fix crash when starting a domain on a host with unknown host CPU
On hosts where we cannot detect a host CPU model (mostly aarch64 hosts)
starting a domain with a custom CPU model caused a crash of virtqemud.
The bug was introduced in libvirt-10.9.0
11.0.0
New features
network/qemu/lxc: support vlans on standard Linux host bridges
The network, qemu, and lxc drivers now support (using the <vlan> subelement)
vlan tagging and trunking on network interfaces connected to a standard Linux
host bridge.
qemu: Add support for direct and extended tlbflush features
Domains can now utilise more tlbflush hyperv features.
Improvements
ch: Enable user aliases
User can now specify custom aliases for devices in domain XML
qemu: Grab a QUERY job when formatting domain XML
Under some specific conditions it might have happened that domain XML did not
contain runtime information or returned an XML that's in process of changing
(e.g. by a thread that's hotplugging a device). Formatting domain XML now
serializes properly with other threads.
virtiofs: Allow read only mode
The <filesystem/> with virtiofsd backend can now use <readonly/> tag to export
underlying filesystem in read only mode.
qemu: allow migration of vGPU from mdev device <-> SRIOV VF device
Some GPU vendors are switching from using vGPUs creating using mdev and
identified with a uuid, to vGPUs created as SRIOV VFs and identified by their
PCI address, and want to support live migration from a host using one type of
vGPU to the other type. This is now possible.
Bug fixes
qemu: tpm: do not update profile name for transient domains
Fix a possible crash when starting a transient domain which was introduced in
the previous release.
qemu: Fix snapshot to not delete disk image with internal snapshot
When a VM has internal snapshot that is parent to external snapshot and user
reverts to the internal snapshot and deletes the external snapshot libvirt
would delete the disk image containing the internal snapshot. This would
result in data loss.
qemu: Do not format invalid XML with hyperv features in passthrough mode
When hyperv features were specified together with mode="passthrough" libvirt
parsed and formatted such features in the domain XML even though they were
not used at all, resulting in XML that is not valid based on our schema. This
is now fixed by not parsing any specified features when the passthrough mode
is used.
qemu: Fix a crash when starting a domain with ovs bridge and QOS
cpu: Add missing -v1 variants for CPU models
Some CPU models (mostly old ones) were missed when versioned CPU model names
were introduced in the previous release.
qemu: Fix false error when recovering failed post-copy migration
In some cases libvirt would report a failure to recover post-copy migration
even though the recovery started just fine and migration would eventually
successfully finish.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
-----------------------------------------------------------------------
Summary of changes:
config/rootfiles/common/bind | 10 +-
config/rootfiles/common/libxml2 | 2 +-
config/rootfiles/common/pixman | 2 +-
config/rootfiles/common/sudo | 3 +
.../{oldcore/125 => core/196}/filelists/collectd | 0
.../{oldcore/119 => core/196}/filelists/pam | 0
.../{oldcore/112 => core/196}/filelists/sudo | 0
config/rootfiles/packages/git | 4 +
config/rootfiles/packages/iniparser | 12 ++
config/rootfiles/packages/libvirt | 37 +++-
config/rootfiles/packages/netatalk | 52 +++---
config/rootfiles/packages/nut | 19 +-
config/rootfiles/packages/qemu | 3 +
lfs/bind | 4 +-
lfs/fetchmail | 6 +-
lfs/git | 16 +-
lfs/{fmt => iniparser} | 18 +-
lfs/libvirt | 6 +-
lfs/libxml2 | 4 +-
lfs/netatalk | 16 +-
lfs/nut | 8 +-
lfs/pam | 6 +-
lfs/pixman | 4 +-
lfs/qemu | 7 +-
lfs/qemu-ga | 4 +-
lfs/sudo | 26 ++-
make.sh | 1 +
..._prefix_from_sysconfdir_and_localstatedir.patch | 15 --
src/patches/qemu-9.2.0-sched-attr.patch | 192 ---------------------
29 files changed, 161 insertions(+), 316 deletions(-)
copy config/rootfiles/{oldcore/125 => core/196}/filelists/collectd (100%)
copy config/rootfiles/{oldcore/119 => core/196}/filelists/pam (100%)
copy config/rootfiles/{oldcore/112 => core/196}/filelists/sudo (100%)
create mode 100644 config/rootfiles/packages/iniparser
copy lfs/{fmt => iniparser} (89%)
delete mode 100644 src/patches/netatalk-3.2.5_remove_prefix_from_sysconfdir_and_localstatedir.patch
delete mode 100644 src/patches/qemu-9.2.0-sched-attr.patch
Difference in files:
diff --git a/config/rootfiles/common/bind b/config/rootfiles/common/bind
index 23d8cd20b6..f387a31a79 100644
--- a/config/rootfiles/common/bind
+++ b/config/rootfiles/common/bind
@@ -240,18 +240,18 @@ usr/bin/nsupdate
#usr/include/ns/types.h
#usr/include/ns/update.h
#usr/include/ns/xfrout.h
-usr/lib/libdns-9.20.9.so
+usr/lib/libdns-9.20.10.so
#usr/lib/libdns.la
#usr/lib/libdns.so
-usr/lib/libisc-9.20.9.so
+usr/lib/libisc-9.20.10.so
#usr/lib/libisc.la
#usr/lib/libisc.so
-usr/lib/libisccc-9.20.9.so
+usr/lib/libisccc-9.20.10.so
#usr/lib/libisccc.la
#usr/lib/libisccc.so
-usr/lib/libisccfg-9.20.9.so
+usr/lib/libisccfg-9.20.10.so
#usr/lib/libisccfg.la
#usr/lib/libisccfg.so
-usr/lib/libns-9.20.9.so
+usr/lib/libns-9.20.10.so
#usr/lib/libns.la
#usr/lib/libns.so
diff --git a/config/rootfiles/common/libxml2 b/config/rootfiles/common/libxml2
index fc7457702a..009e1fb06f 100644
--- a/config/rootfiles/common/libxml2
+++ b/config/rootfiles/common/libxml2
@@ -54,7 +54,7 @@
#usr/lib/libxml2.la
#usr/lib/libxml2.so
usr/lib/libxml2.so.16
-usr/lib/libxml2.so.16.0.3
+usr/lib/libxml2.so.16.0.4
#usr/lib/pkgconfig/libxml-2.0.pc
#usr/share/doc/libxml2
#usr/share/doc/libxml2/xmlcatalog.html
diff --git a/config/rootfiles/common/pixman b/config/rootfiles/common/pixman
index 385a9eceeb..913b860eb9 100644
--- a/config/rootfiles/common/pixman
+++ b/config/rootfiles/common/pixman
@@ -3,5 +3,5 @@
#usr/include/pixman-1/pixman.h
#usr/lib/libpixman-1.so
usr/lib/libpixman-1.so.0
-usr/lib/libpixman-1.so.0.46.0
+usr/lib/libpixman-1.so.0.46.2
#usr/lib/pkgconfig/pixman-1.pc
diff --git a/config/rootfiles/common/sudo b/config/rootfiles/common/sudo
index 651a284e34..2e97d2c4fc 100644
--- a/config/rootfiles/common/sudo
+++ b/config/rootfiles/common/sudo
@@ -115,6 +115,9 @@ usr/sbin/visudo
#usr/share/locale/uk/LC_MESSAGES/sudoers.mo
#usr/share/locale/vi/LC_MESSAGES/sudo.mo
#usr/share/locale/vi/LC_MESSAGES/sudoers.mo
+#usr/share/locale/yue
+#usr/share/locale/yue/LC_MESSAGES
+#usr/share/locale/yue/LC_MESSAGES/sudo.mo
#usr/share/locale/zh_CN/LC_MESSAGES/sudo.mo
#usr/share/locale/zh_CN/LC_MESSAGES/sudoers.mo
#usr/share/locale/zh_TW/LC_MESSAGES/sudo.mo
diff --git a/config/rootfiles/core/196/filelists/collectd b/config/rootfiles/core/196/filelists/collectd
new file mode 120000
index 0000000000..871b32f14b
--- /dev/null
+++ b/config/rootfiles/core/196/filelists/collectd
@@ -0,0 +1 @@
+../../../common/collectd
\ No newline at end of file
diff --git a/config/rootfiles/core/196/filelists/pam b/config/rootfiles/core/196/filelists/pam
new file mode 120000
index 0000000000..660a1d80ec
--- /dev/null
+++ b/config/rootfiles/core/196/filelists/pam
@@ -0,0 +1 @@
+../../../common/pam
\ No newline at end of file
diff --git a/config/rootfiles/core/196/filelists/sudo b/config/rootfiles/core/196/filelists/sudo
new file mode 120000
index 0000000000..0d3c45e042
--- /dev/null
+++ b/config/rootfiles/core/196/filelists/sudo
@@ -0,0 +1 @@
+../../../common/sudo
\ No newline at end of file
diff --git a/config/rootfiles/packages/git b/config/rootfiles/packages/git
index a3a3bf48f8..a4e2ebfc89 100644
--- a/config/rootfiles/packages/git
+++ b/config/rootfiles/packages/git
@@ -52,6 +52,7 @@ usr/libexec/git-core/git-diagnose
usr/libexec/git-core/git-diff
usr/libexec/git-core/git-diff-files
usr/libexec/git-core/git-diff-index
+usr/libexec/git-core/git-diff-pairs
usr/libexec/git-core/git-diff-tree
usr/libexec/git-core/git-difftool
usr/libexec/git-core/git-difftool--helper
@@ -208,6 +209,7 @@ usr/libexec/git-core/mergetools/vscode
usr/libexec/git-core/mergetools/winmerge
usr/libexec/git-core/mergetools/xxdiff
usr/libexec/git-core/scalar
+usr/share/bash-completion/completions/git
#usr/share/git-core
#usr/share/git-core/templates
usr/share/git-core/templates/description
@@ -303,6 +305,7 @@ usr/share/git-core/templates/info/exclude
#usr/share/gitk/lib/msgs/pt_pt.msg
#usr/share/gitk/lib/msgs/ru.msg
#usr/share/gitk/lib/msgs/sv.msg
+#usr/share/gitk/lib/msgs/ta.msg
#usr/share/gitk/lib/msgs/vi.msg
#usr/share/gitk/lib/msgs/zh_cn.msg
#usr/share/gitweb
@@ -318,6 +321,7 @@ usr/share/git-core/templates/info/exclude
#usr/share/locale/el/LC_MESSAGES/git.mo
#usr/share/locale/es/LC_MESSAGES/git.mo
#usr/share/locale/fr/LC_MESSAGES/git.mo
+#usr/share/locale/ga/LC_MESSAGES/git.mo
#usr/share/locale/id/LC_MESSAGES/git.mo
#usr/share/locale/is/LC_MESSAGES/git.mo
#usr/share/locale/it/LC_MESSAGES/git.mo
diff --git a/config/rootfiles/packages/iniparser b/config/rootfiles/packages/iniparser
new file mode 100644
index 0000000000..fbed5418b1
--- /dev/null
+++ b/config/rootfiles/packages/iniparser
@@ -0,0 +1,12 @@
+#usr/include/iniparser
+#usr/include/iniparser/dictionary.h
+#usr/include/iniparser/iniparser.h
+#usr/lib/cmake/iniparser
+#usr/lib/cmake/iniparser/iniparser-config-version.cmake
+#usr/lib/cmake/iniparser/iniparser-config.cmake
+#usr/lib/cmake/iniparser/iniparser-sharedTargets-noconfig.cmake
+#usr/lib/cmake/iniparser/iniparser-sharedTargets.cmake
+#usr/lib/libiniparser.so
+usr/lib/libiniparser.so.4
+usr/lib/libiniparser.so.4.2.6
+#usr/lib/pkgconfig/iniparser.pc
diff --git a/config/rootfiles/packages/libvirt b/config/rootfiles/packages/libvirt
index 55bd39a4e0..d265125b0d 100644
--- a/config/rootfiles/packages/libvirt
+++ b/config/rootfiles/packages/libvirt
@@ -87,16 +87,16 @@ usr/bin/virt-xml-validate
#usr/lib/libvirt
#usr/lib/libvirt-admin.so
usr/lib/libvirt-admin.so.0
-usr/lib/libvirt-admin.so.0.10010.0
+usr/lib/libvirt-admin.so.0.11004.0
#usr/lib/libvirt-lxc.so
usr/lib/libvirt-lxc.so.0
-usr/lib/libvirt-lxc.so.0.10010.0
+usr/lib/libvirt-lxc.so.0.11004.0
#usr/lib/libvirt-qemu.so
usr/lib/libvirt-qemu.so.0
-usr/lib/libvirt-qemu.so.0.10010.0
+usr/lib/libvirt-qemu.so.0.11004.0
#usr/lib/libvirt.so
usr/lib/libvirt.so.0
-usr/lib/libvirt.so.0.10010.0
+usr/lib/libvirt.so.0.11004.0
#usr/lib/libvirt/connection-driver
usr/lib/libvirt/connection-driver/libvirt_driver_ch.so
usr/lib/libvirt/connection-driver/libvirt_driver_interface.so
@@ -112,7 +112,6 @@ usr/lib/libvirt/storage-backend/libvirt_storage_backend_fs.so
usr/lib/libvirt/storage-backend/libvirt_storage_backend_logical.so
usr/lib/libvirt/storage-backend/libvirt_storage_backend_vstorage.so
#usr/lib/libvirt/storage-file
-usr/lib/libvirt/storage-file/libvirt_storage_file_fs.so
#usr/lib/pkgconfig/libvirt-admin.pc
#usr/lib/pkgconfig/libvirt-lxc.pc
#usr/lib/pkgconfig/libvirt-qemu.pc
@@ -121,7 +120,9 @@ usr/lib/libvirt/storage-file/libvirt_storage_file_fs.so
usr/lib/sysctl.d/60-libvirtd.conf
usr/lib/sysctl.d/60-qemu-postcopy-migration.conf
#usr/lib/sysusers.d
+usr/lib/sysusers.d/libvirt-login-shell.conf
usr/lib/sysusers.d/libvirt-qemu.conf
+usr/lib/sysusers.d/libvirt.conf
usr/libexec/libvirt-ssh-proxy
usr/libexec/libvirt_iohelper
usr/libexec/virt-login-shell-helper
@@ -220,6 +221,8 @@ usr/sbin/virtstoraged
#usr/share/doc/libvirt/examples/xml/test/testvol.xml
#usr/share/libvirt
#usr/share/libvirt/cpu_map
+usr/share/libvirt/cpu_map/arm_Ampere-1.xml
+usr/share/libvirt/cpu_map/arm_Ampere-1a.xml
usr/share/libvirt/cpu_map/arm_FT-2000plus.xml
usr/share/libvirt/cpu_map/arm_Falkor.xml
usr/share/libvirt/cpu_map/arm_Kunpeng-920.xml
@@ -236,6 +239,7 @@ usr/share/libvirt/cpu_map/arm_features.xml
usr/share/libvirt/cpu_map/arm_vendors.xml
usr/share/libvirt/cpu_map/index.xml
usr/share/libvirt/cpu_map/ppc64_POWER10.xml
+usr/share/libvirt/cpu_map/ppc64_POWER11.xml
usr/share/libvirt/cpu_map/ppc64_POWER6.xml
usr/share/libvirt/cpu_map/ppc64_POWER7.xml
usr/share/libvirt/cpu_map/ppc64_POWER8.xml
@@ -243,6 +247,7 @@ usr/share/libvirt/cpu_map/ppc64_POWER9.xml
usr/share/libvirt/cpu_map/ppc64_POWERPC_e5500.xml
usr/share/libvirt/cpu_map/ppc64_POWERPC_e6500.xml
usr/share/libvirt/cpu_map/ppc64_vendors.xml
+usr/share/libvirt/cpu_map/x86_486-v1.xml
usr/share/libvirt/cpu_map/x86_486.xml
usr/share/libvirt/cpu_map/x86_Broadwell-IBRS.xml
usr/share/libvirt/cpu_map/x86_Broadwell-noTSX-IBRS.xml
@@ -259,6 +264,7 @@ usr/share/libvirt/cpu_map/x86_Cascadelake-Server-v3.xml
usr/share/libvirt/cpu_map/x86_Cascadelake-Server-v4.xml
usr/share/libvirt/cpu_map/x86_Cascadelake-Server-v5.xml
usr/share/libvirt/cpu_map/x86_Cascadelake-Server.xml
+usr/share/libvirt/cpu_map/x86_Conroe-v1.xml
usr/share/libvirt/cpu_map/x86_Conroe.xml
usr/share/libvirt/cpu_map/x86_Cooperlake-v1.xml
usr/share/libvirt/cpu_map/x86_Cooperlake-v2.xml
@@ -270,6 +276,7 @@ usr/share/libvirt/cpu_map/x86_Denverton.xml
usr/share/libvirt/cpu_map/x86_Dhyana-v1.xml
usr/share/libvirt/cpu_map/x86_Dhyana-v2.xml
usr/share/libvirt/cpu_map/x86_Dhyana.xml
+usr/share/libvirt/cpu_map/x86_EPYC-Genoa-v1.xml
usr/share/libvirt/cpu_map/x86_EPYC-Genoa.xml
usr/share/libvirt/cpu_map/x86_EPYC-IBPB.xml
usr/share/libvirt/cpu_map/x86_EPYC-Milan-v1.xml
@@ -286,6 +293,7 @@ usr/share/libvirt/cpu_map/x86_EPYC-v3.xml
usr/share/libvirt/cpu_map/x86_EPYC-v4.xml
usr/share/libvirt/cpu_map/x86_EPYC.xml
usr/share/libvirt/cpu_map/x86_GraniteRapids-v1.xml
+usr/share/libvirt/cpu_map/x86_GraniteRapids-v2.xml
usr/share/libvirt/cpu_map/x86_GraniteRapids.xml
usr/share/libvirt/cpu_map/x86_Haswell-IBRS.xml
usr/share/libvirt/cpu_map/x86_Haswell-noTSX-IBRS.xml
@@ -310,16 +318,23 @@ usr/share/libvirt/cpu_map/x86_IvyBridge-IBRS.xml
usr/share/libvirt/cpu_map/x86_IvyBridge-v1.xml
usr/share/libvirt/cpu_map/x86_IvyBridge-v2.xml
usr/share/libvirt/cpu_map/x86_IvyBridge.xml
+usr/share/libvirt/cpu_map/x86_KnightsMill-v1.xml
usr/share/libvirt/cpu_map/x86_KnightsMill.xml
usr/share/libvirt/cpu_map/x86_Nehalem-IBRS.xml
usr/share/libvirt/cpu_map/x86_Nehalem-v1.xml
usr/share/libvirt/cpu_map/x86_Nehalem-v2.xml
usr/share/libvirt/cpu_map/x86_Nehalem.xml
+usr/share/libvirt/cpu_map/x86_Opteron_G1-v1.xml
usr/share/libvirt/cpu_map/x86_Opteron_G1.xml
+usr/share/libvirt/cpu_map/x86_Opteron_G2-v1.xml
usr/share/libvirt/cpu_map/x86_Opteron_G2.xml
+usr/share/libvirt/cpu_map/x86_Opteron_G3-v1.xml
usr/share/libvirt/cpu_map/x86_Opteron_G3.xml
+usr/share/libvirt/cpu_map/x86_Opteron_G4-v1.xml
usr/share/libvirt/cpu_map/x86_Opteron_G4.xml
+usr/share/libvirt/cpu_map/x86_Opteron_G5-v1.xml
usr/share/libvirt/cpu_map/x86_Opteron_G5.xml
+usr/share/libvirt/cpu_map/x86_Penryn-v1.xml
usr/share/libvirt/cpu_map/x86_Penryn.xml
usr/share/libvirt/cpu_map/x86_SandyBridge-IBRS.xml
usr/share/libvirt/cpu_map/x86_SandyBridge-v1.xml
@@ -355,21 +370,33 @@ usr/share/libvirt/cpu_map/x86_Westmere-IBRS.xml
usr/share/libvirt/cpu_map/x86_Westmere-v1.xml
usr/share/libvirt/cpu_map/x86_Westmere-v2.xml
usr/share/libvirt/cpu_map/x86_Westmere.xml
+usr/share/libvirt/cpu_map/x86_athlon-v1.xml
usr/share/libvirt/cpu_map/x86_athlon.xml
+usr/share/libvirt/cpu_map/x86_core2duo-v1.xml
usr/share/libvirt/cpu_map/x86_core2duo.xml
+usr/share/libvirt/cpu_map/x86_coreduo-v1.xml
usr/share/libvirt/cpu_map/x86_coreduo.xml
usr/share/libvirt/cpu_map/x86_cpu64-rhel5.xml
usr/share/libvirt/cpu_map/x86_cpu64-rhel6.xml
usr/share/libvirt/cpu_map/x86_features.xml
+usr/share/libvirt/cpu_map/x86_kvm32-v1.xml
usr/share/libvirt/cpu_map/x86_kvm32.xml
+usr/share/libvirt/cpu_map/x86_kvm64-v1.xml
usr/share/libvirt/cpu_map/x86_kvm64.xml
+usr/share/libvirt/cpu_map/x86_n270-v1.xml
usr/share/libvirt/cpu_map/x86_n270.xml
+usr/share/libvirt/cpu_map/x86_pentium-v1.xml
usr/share/libvirt/cpu_map/x86_pentium.xml
+usr/share/libvirt/cpu_map/x86_pentium2-v1.xml
usr/share/libvirt/cpu_map/x86_pentium2.xml
+usr/share/libvirt/cpu_map/x86_pentium3-v1.xml
usr/share/libvirt/cpu_map/x86_pentium3.xml
usr/share/libvirt/cpu_map/x86_pentiumpro.xml
+usr/share/libvirt/cpu_map/x86_phenom-v1.xml
usr/share/libvirt/cpu_map/x86_phenom.xml
+usr/share/libvirt/cpu_map/x86_qemu32-v1.xml
usr/share/libvirt/cpu_map/x86_qemu32.xml
+usr/share/libvirt/cpu_map/x86_qemu64-v1.xml
usr/share/libvirt/cpu_map/x86_qemu64.xml
usr/share/libvirt/cpu_map/x86_vendors.xml
#usr/share/libvirt/schemas
diff --git a/config/rootfiles/packages/netatalk b/config/rootfiles/packages/netatalk
index d23b053909..23d980916f 100644
--- a/config/rootfiles/packages/netatalk
+++ b/config/rootfiles/packages/netatalk
@@ -1,43 +1,47 @@
etc/afp.conf
-#etc/dbus-1/system.d/netatalk-dbus.conf
-etc/dbus-session.conf
etc/extmap.conf
etc/pam.d/netatalk
etc/rc.d/init.d/netatalk
usr/bin/ad
+usr/bin/addump
usr/bin/afpldaptest
usr/bin/afppasswd
usr/bin/afpstats
-usr/bin/apple_dump
usr/bin/asip-status
usr/bin/dbd
+usr/bin/fce_listen
usr/bin/macusers
-#usr/bin/netatalk-config
#usr/include/atalk
#usr/include/atalk/acl.h
#usr/include/atalk/adouble.h
+#usr/include/atalk/aep.h
#usr/include/atalk/afp.h
+#usr/include/atalk/asp.h
+#usr/include/atalk/atp.h
#usr/include/atalk/bstrlib.h
#usr/include/atalk/cnid.h
-#usr/include/atalk/dictionary.h
+#usr/include/atalk/ddp.h
#usr/include/atalk/ea.h
#usr/include/atalk/globals.h
#usr/include/atalk/hash.h
-#usr/include/atalk/iniparser.h
#usr/include/atalk/list.h
#usr/include/atalk/logger.h
+#usr/include/atalk/nbp.h
#usr/include/atalk/netatalk_conf.h
-#usr/include/atalk/paths.h
-#usr/include/atalk/standards.h
+#usr/include/atalk/netddp.h
+#usr/include/atalk/pap.h
+#usr/include/atalk/queue.h
+#usr/include/atalk/rtmp.h
#usr/include/atalk/uam.h
#usr/include/atalk/unicode.h
#usr/include/atalk/unix.h
#usr/include/atalk/util.h
#usr/include/atalk/vfs.h
#usr/include/atalk/volume.h
+#usr/include/atalk/zip.h
#usr/lib/libatalk.so
-usr/lib/libatalk.so.18
-usr/lib/libatalk.so.18.0.0
+usr/lib/libatalk.so.19
+usr/lib/libatalk.so.19.0.0
#usr/lib/netatalk
#usr/lib/netatalk/uams_clrtxt.so
usr/lib/netatalk/uams_dhx.so
@@ -55,25 +59,17 @@ usr/sbin/afpd
usr/sbin/cnid_dbd
usr/sbin/cnid_metad
usr/sbin/netatalk
-#usr/share/man/man1/ad.1
-#usr/share/man/man1/afpldaptest.1
-#usr/share/man/man1/afppasswd.1
-#usr/share/man/man1/afpstats.1
-#usr/share/man/man1/apple_dump.1
-#usr/share/man/man1/asip-status.1
-#usr/share/man/man1/dbd.1
-#usr/share/man/man1/macusers.1
-#usr/share/man/man1/netatalk-config.1
-#usr/share/man/man5/afp.conf.5
-#usr/share/man/man5/afp_signature.conf.5
-#usr/share/man/man5/afp_voluuid.conf.5
-#usr/share/man/man5/extmap.conf.5
-#usr/share/man/man8/afpd.8
-#usr/share/man/man8/cnid_dbd.8
-#usr/share/man/man8/cnid_metad.8
-#usr/share/man/man8/netatalk.8
+#usr/share/dbus-1/system.d/netatalk-dbus.conf
+#usr/share/doc/netatalk
+#usr/share/doc/netatalk/COMPILATION.md
+#usr/share/doc/netatalk/CONTRIBUTORS.md
+#usr/share/doc/netatalk/DEVELOPER.md
+#usr/share/doc/netatalk/DOCKER.md
+#usr/share/doc/netatalk/INSTALL.md
+#usr/share/doc/netatalk/NEWS.md
+#usr/share/doc/netatalk/README.md
+#usr/share/doc/netatalk/SECURITY.md
var/ipfire/backup/addons/includes/netatalk
var/state/netatalk
#var/state/netatalk/CNID
#var/state/netatalk/CNID/README
-#var/state/netatalk/README
diff --git a/config/rootfiles/packages/nut b/config/rootfiles/packages/nut
index 2401826197..4367797bf6 100644
--- a/config/rootfiles/packages/nut
+++ b/config/rootfiles/packages/nut
@@ -19,6 +19,7 @@ usr/bin/bestfcom
usr/bin/bestfortress
usr/bin/bestuferrups
usr/bin/bestups
+usr/bin/bicker_ser
usr/bin/blazer_ser
usr/bin/blazer_usb
usr/bin/clone
@@ -32,12 +33,14 @@ usr/bin/isbmex
usr/bin/ivtscd
usr/bin/liebert
usr/bin/liebert-esp2
+usr/bin/liebert-gxe
usr/bin/masterguard
usr/bin/metasys
usr/bin/mge-shut
usr/bin/mge-utalk
usr/bin/microdowell
usr/bin/microsol-apc
+usr/bin/nhs_ser
usr/bin/nut-scanner
usr/bin/nutconf
usr/bin/nutdrv_atcl_usb
@@ -54,6 +57,7 @@ usr/bin/riello_usb
usr/bin/safenet
usr/bin/skel
usr/bin/sms_ser
+usr/bin/snmp-ups
usr/bin/solis
usr/bin/tripplite
usr/bin/tripplite_usb
@@ -85,25 +89,30 @@ usr/lib/libnutclientstub.so.1
usr/lib/libnutclientstub.so.1.0.1
#usr/lib/libnutscan.la
#usr/lib/libnutscan.so
-usr/lib/libnutscan.so.2
-usr/lib/libnutscan.so.2.0.5
+usr/lib/libnutscan.so.3
+usr/lib/libnutscan.so.3.0.0
#usr/lib/libupsclient.la
#usr/lib/libupsclient.so
-usr/lib/libupsclient.so.6
-usr/lib/libupsclient.so.6.0.1
+usr/lib/libupsclient.so.7
+usr/lib/libupsclient.so.7.0.0
#usr/lib/pkgconfig/libnutclient.pc
#usr/lib/pkgconfig/libnutclientstub.pc
#usr/lib/pkgconfig/libnutscan.pc
#usr/lib/pkgconfig/libupsclient.pc
#usr/lib/python3.10/site-packages/PyNUT.py
#usr/lib/python3.10/site-packages/test_nutclient.py
+#usr/libexec/enphase-monitor
#usr/libexec/sockdebug
usr/sbin/upsd
usr/sbin/upsdrvctl
usr/sbin/upsmon
usr/sbin/upssched
usr/share/cmdvartab
+#usr/share/doc/nut
+#usr/share/doc/nut/html-man
usr/share/driver.list
+#usr/share/external_apis
+#usr/share/external_apis/enphase
+#usr/share/external_apis/enphase/README.adoc
var/ipfire/backup/addons/includes/nut
var/state/ups
-usr/bin/snmp-ups
diff --git a/config/rootfiles/packages/qemu b/config/rootfiles/packages/qemu
index 49105c5232..90d70a83f3 100644
--- a/config/rootfiles/packages/qemu
+++ b/config/rootfiles/packages/qemu
@@ -78,6 +78,7 @@ usr/share/qemu/firmware/60-edk2-aarch64.json
usr/share/qemu/firmware/60-edk2-arm.json
usr/share/qemu/firmware/60-edk2-i386.json
usr/share/qemu/firmware/60-edk2-loongarch64.json
+usr/share/qemu/firmware/60-edk2-riscv64.json
usr/share/qemu/firmware/60-edk2-x86_64.json
#usr/share/qemu/hppa-firmware.img
#usr/share/qemu/hppa-firmware64.img
@@ -122,6 +123,7 @@ usr/share/qemu/linuxboot_dma.bin
usr/share/qemu/multiboot.bin
usr/share/qemu/multiboot_dma.bin
usr/share/qemu/npcm7xx_bootrom.bin
+usr/share/qemu/npcm8xx_bootrom.bin
#usr/share/qemu/openbios-ppc
#usr/share/qemu/openbios-sparc32
#usr/share/qemu/openbios-sparc64
@@ -130,6 +132,7 @@ usr/share/qemu/opensbi-riscv64-generic-fw_dynamic.bin
#usr/share/qemu/palcode-clipper
#usr/share/qemu/petalogix-ml605.dtb
#usr/share/qemu/petalogix-s3adsp1800.dtb
+usr/share/qemu/pnv-pnor.bin
usr/share/qemu/pvh.bin
usr/share/qemu/pxe-e1000.rom
usr/share/qemu/pxe-eepro100.rom
diff --git a/lfs/bind b/lfs/bind
index 6d448f728d..cdba7c307e 100644
--- a/lfs/bind
+++ b/lfs/bind
@@ -25,7 +25,7 @@
include Config
-VER = 9.20.9
+VER = 9.20.10
THISAPP = bind-$(VER)
DL_FILE = $(THISAPP).tar.xz
@@ -43,7 +43,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 40a1428d2da9d92b3604f04234b2ff44701abcf2ea22883caea7fb4ee157547125fd68accb8fe10853ff64cd5018fa89e36eeb53021fa3ee9bc056e05ac228d6
+$(DL_FILE)_BLAKE2 = e5a7824ff5b901be447a2f4f067aa8b3345eb8187ed86f3bf6bc623e2b6c812722667eefd1f915026dab078846011e222336a30c4da640c4e54aa828398b180d
install : $(TARGET)
diff --git a/lfs/fetchmail b/lfs/fetchmail
index 744de7c1b0..fcdd836649 100644
--- a/lfs/fetchmail
+++ b/lfs/fetchmail
@@ -26,7 +26,7 @@ include Config
SUMMARY = Full-Featured POP and IMAP Mail Retrieval Daemon
-VER = 6.5.3
+VER = 6.5.4
THISAPP = fetchmail-$(VER)
DL_FILE = $(THISAPP).tar.xz
@@ -34,7 +34,7 @@ DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = fetchmail
-PAK_VER = 19
+PAK_VER = 20
DEPS =
@@ -48,7 +48,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 8f8a3b44c8e06fa922579ee4c8c4c60bbfaefcd82c917c9a05ec627d3e59ba1dd319a8c45046eab78f3c5def3a102d5213099e6bf8dc87d774a16823de2ad7a4
+$(DL_FILE)_BLAKE2 = f443ff50244c78de82974612a615983e175d78288705ec95b982244d595185790dbecd43e10de0d917f677fe4a6c8df88d60bd96e7ef871067d91561e9a4f9c3
install : $(TARGET)
diff --git a/lfs/git b/lfs/git
index d2eb9da839..d84c928929 100644
--- a/lfs/git
+++ b/lfs/git
@@ -24,7 +24,7 @@
include Config
-VER = 2.49.0
+VER = 2.50.0
SUMMARY = Fast, scalable, distributed revision control system
THISAPP = git-$(VER)
@@ -33,7 +33,7 @@ DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = git
-PAK_VER = 37
+PAK_VER = 38
DEPS = perl-Authen-SASL perl-Net-SMTP-SSL
@@ -47,7 +47,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = c9a58cb4bcbc33d3c6ede2ce6e6131af3998669419c8d8e4317c52ee14ae4bfcdd209780c6dda31cd772bdb703096729de17f21579bf7f0bb830bc6c9e1d7ffd
+$(DL_FILE)_BLAKE2 = 2ee60be2d0e749e898016f44107473d6e4dc30f70c73a94b3433f5a479a5a8989d000ca4084fabd32a7d0ace0914136c5c023bd72946ef7003affd535a98b5ee
install : $(TARGET)
@@ -81,11 +81,11 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
cd $(DIR_APP) && ./configure \
- --with-gitconfig=/etc/gitconfig \
- --prefix=/usr \
- --with-libpcre \
- --with-curl \
- --with-expat
+ --with-gitconfig=/etc/gitconfig \
+ --prefix=/usr \
+ --with-libpcre \
+ --with-curl \
+ --with-expat
cd $(DIR_APP) && make $(MAKETUNING)
cd $(DIR_APP) && make install
@rm -rf $(DIR_APP)
diff --git a/lfs/iniparser b/lfs/iniparser
new file mode 100644
index 0000000000..0395d2ad0c
--- /dev/null
+++ b/lfs/iniparser
@@ -0,0 +1,91 @@
+###############################################################################
+# #
+# IPFire.org - A linux based firewall #
+# Copyright (C) 2007-2025 IPFire Team <info@ipfire.org> #
+# #
+# This program is free software: you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation, either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# This program is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with this program. If not, see <http://www.gnu.org/licenses/>. #
+# #
+###############################################################################
+
+###############################################################################
+# Definitions
+###############################################################################
+
+include Config
+
+SUMMARY = Parsing of ini files from C
+
+VER = 4.2.6
+
+THISAPP = iniparser-v$(VER)
+DL_FILE = $(THISAPP).tar.bz2
+DL_FROM = $(URL_IPFIRE)
+DIR_APP = $(DIR_SRC)/$(THISAPP)
+TARGET = $(DIR_INFO)/$(THISAPP)
+PROG = iniparser
+PAK_VER = 1
+
+DEPS =
+
+SERVICES =
+
+###############################################################################
+# Top-level Rules
+###############################################################################
+
+objects = $(DL_FILE)
+
+$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
+
+$(DL_FILE)_BLAKE2 = ce63256b8a6640e188184f7d1d7de40690ca612938d6d06cb97d012fe40e05e647510d97221bc61fa25db47a96565b21e7fd346f370afde7d3c461f93c3e2fc0
+
+install : $(TARGET)
+
+check : $(patsubst %,$(DIR_CHK)/%,$(objects))
+
+download :$(patsubst %,$(DIR_DL)/%,$(objects))
+
+b2 : $(subst %,%_BLAKE2,$(objects))
+
+dist:
+ @$(PAK)
+
+###############################################################################
+# Downloading, checking, b2sum
+###############################################################################
+
+$(patsubst %,$(DIR_CHK)/%,$(objects)) :
+ @$(CHECK)
+
+$(patsubst %,$(DIR_DL)/%,$(objects)) :
+ @$(LOAD)
+
+$(subst %,%_BLAKE2,$(objects)) :
+ @$(B2SUM)
+
+###############################################################################
+# Installation Details
+###############################################################################
+
+$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
+ @$(PREBUILD)
+ @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
+ cd $(DIR_APP) && mkdir -pv build
+ cd $(DIR_APP)/build && cmake .. \
+ -DCMAKE_INSTALL_PREFIX=/usr \
+ -DBUILD_STATIC_LIBS=FALSE
+ cd $(DIR_APP)/build && make $(MAKETUNING)
+ cd $(DIR_APP)/build && make install
+ @rm -rf $(DIR_APP)
+ @$(POSTBUILD)
diff --git a/lfs/libvirt b/lfs/libvirt
index 1bd9844be8..f2915ec94d 100644
--- a/lfs/libvirt
+++ b/lfs/libvirt
@@ -26,7 +26,7 @@ include Config
SUMMARY = Server side daemon and supporting files for libvirt
-VER = 10.10.0
+VER = 11.4.0
THISAPP = libvirt-$(VER)
DL_FILE = $(THISAPP).tar.xz
@@ -35,7 +35,7 @@ DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
SUP_ARCH = x86_64 aarch64
PROG = libvirt
-PAK_VER = 39
+PAK_VER = 40
DEPS = ebtables libpciaccess ovmf qemu
@@ -49,7 +49,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 8042ce1493c3ffd6e6deeb7d94d0744da18850fe416480487a57ffd33bf3390f587849f308aad12fd38c887628f90137ba717ea11ef7e0f73a97b157fa985a6e
+$(DL_FILE)_BLAKE2 = 54d2b9cb35394184d2ce22670623849ecfb54abd1c8e48135ec735ed6b30fa9fa22261cf847a66269a0f3918f164954fcc0a5d7eec1e0d759831925f3ac6b546
install : $(TARGET)
check : $(patsubst %,$(DIR_CHK)/%,$(objects))
diff --git a/lfs/libxml2 b/lfs/libxml2
index da43cd33d2..7e3be5f8d0 100644
--- a/lfs/libxml2
+++ b/lfs/libxml2
@@ -24,7 +24,7 @@
include Config
-VER = 2.14.3
+VER = 2.14.4
THISAPP = libxml2-$(VER)
DL_FILE = $(THISAPP).tar.xz
@@ -42,7 +42,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 25ad281925dee3aa032f9ce5c71bebfdfeb3469351eebdcede01c81978ddc411376f2a13b82d207614857b385ca7d589708c3437ad3effd5bc425d7e6b515cf2
+$(DL_FILE)_BLAKE2 = 6ee7e4f35e6f15124fe1ceb55758236229f87e05344c55e82c419f8e8dba763adbd25746c038d13189dfadc3bb023fd8891251e78e9c9046d42961829d93b885
install : $(TARGET)
diff --git a/lfs/netatalk b/lfs/netatalk
index 00d804eaf7..e0f9c4b4a3 100644
--- a/lfs/netatalk
+++ b/lfs/netatalk
@@ -1,7 +1,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2024 IPFire Team <info@ipfire.org> #
+# Copyright (C) 2007-2025 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -26,7 +26,7 @@ include Config
SUMMARY = AppleShare file server
-VER = 3.2.8
+VER = 4.2.4
THISAPP = netatalk-$(VER)
DL_FILE = $(THISAPP).tar.xz
@@ -34,9 +34,9 @@ DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = netatalk
-PAK_VER = 10
+PAK_VER = 11
-DEPS = avahi dbus
+DEPS = avahi dbus iniparser
SERVICES = netatalk
@@ -50,7 +50,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = fa7706a87d446c06fb94f20a17e0894c3c1ed6e8dcb75fd6232f049dc12fb57eb0587b433fa3ccc9be2ccb4d4969a893bb79c065729660142f68862e79f53eba
+$(DL_FILE)_BLAKE2 = a59b1052947d6ff13dec4f3b2f37d7df38d8cbebba5c3daac9449bd90da920925c802e1658b1bbfae2deff866207819fcc4a7245ed59123afa10bac58703b473
install : $(TARGET)
@@ -84,13 +84,11 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
$(UPDATE_AUTOMAKE)
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/netatalk-3.2.5_remove_prefix_from_sysconfdir_and_localstatedir.patch
cd $(DIR_APP) && meson setup \
--prefix=/usr \
- --sysconfdir=/etc \
- --localstatedir=/var/state \
+ -Dwith-pkgconfdir-path=/etc \
+ -Dwith-statedir-path=/var/state \
-Dwith-pam-config-path=/etc/pam.d \
- -Dwith-embedded-ssl=false \
builddir/
cd $(DIR_APP) && ninja -C builddir/ $(MAKETUNING)
cd $(DIR_APP) && ninja -C builddir/ install
diff --git a/lfs/nut b/lfs/nut
index 23b9e6a757..ffd4601ac3 100644
--- a/lfs/nut
+++ b/lfs/nut
@@ -1,7 +1,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2024 IPFire Team <info@ipfire.org> #
+# Copyright (C) 2007-2025 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -26,7 +26,7 @@ include Config
SUMMARY = Network UPS Tools Core (Uninterruptible Power Supply Monitoring)
-VER = 2.8.2
+VER = 2.8.3
THISAPP = nut-$(VER)
DL_FILE = $(THISAPP).tar.gz
@@ -34,7 +34,7 @@ DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = nut
-PAK_VER = 13
+PAK_VER = 14
DEPS =
@@ -50,7 +50,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 87187293d8acda72c2d807d6f41f2601a318540f63a0ea93782b115402c6b43a0b61ecc710fd6de126d25e59dd4e03681f2b859a87549e9d5f7617ac7b2dad8c
+$(DL_FILE)_BLAKE2 = 515e829286b123610a856003a8838a022ae365b193988477086a683b9da0a99b3b1cf048cecd75c764c8a9a03856e966bd9d82333475670d1df43899d9b8a7bf
install : $(TARGET)
diff --git a/lfs/pam b/lfs/pam
index b2847d0a64..577d40aa10 100644
--- a/lfs/pam
+++ b/lfs/pam
@@ -1,7 +1,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2024 IPFire Team <info@ipfire.org> #
+# Copyright (C) 2007-2025 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -24,7 +24,7 @@
include Config
-VER = 1.7.0
+VER = 1.7.1
THISAPP = Linux-PAM-$(VER)
DL_FILE = $(THISAPP).tar.xz
@@ -45,7 +45,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 39c8c2ccc6f7d125d12d49439ae44cb8fe115f0529549269246e54f4b4de0b3b24c1099e4d3fa39d4e477af8a92b66dd6dc2cb93f0643ab7b56bcaabdd3b8539
+$(DL_FILE)_BLAKE2 = 0a64d7dbf6bb7e3d2c36ea1f29c3217d3e43a1cc0ba8adf2ee8a117946a53bd26634ebd70ff3b99a72f7373df6694ee054dc7eddab04e43bbc8f5b0e9e56b3bc
install : $(TARGET)
diff --git a/lfs/pixman b/lfs/pixman
index c2c6fcf2e1..ca195cec36 100644
--- a/lfs/pixman
+++ b/lfs/pixman
@@ -24,7 +24,7 @@
include Config
-VER = 0.46.0
+VER = 0.46.2
THISAPP = pixman-$(VER)
DL_FILE = $(THISAPP).tar.xz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 5fc9d0df2f685afc1931ac12757d7ec0369c1f90b51f79b696479a2edd0c13e0684938871166318ca5c78b4955195ba5517e98e4666803b9062f4ed2b6593afa
+$(DL_FILE)_BLAKE2 = 6d51d4f33f48a1cc991085b5e62e7537b738df78c4efcbce15c37533f24a1d87263401550530d123de86bd72a856d3fd0b1543188c76f074ea3e44d384f1116f
install : $(TARGET)
diff --git a/lfs/qemu b/lfs/qemu
index 5358c566d9..ca48e0fd29 100644
--- a/lfs/qemu
+++ b/lfs/qemu
@@ -27,7 +27,7 @@ include Config
SUMMARY = Machine emulator and virtualizer
# If you update the version also qemu-ga !!!
-VER = 9.2.0
+VER = 10.0.2
THISAPP = qemu-$(VER)
DL_FILE = $(THISAPP).tar.xz
@@ -35,7 +35,7 @@ DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = qemu
-PAK_VER = 45
+PAK_VER = 46
DEPS = alsa libusbredir spice libseccomp libslirp
@@ -57,7 +57,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 5800556f356e4324124e250c02a07857eef3a6f22995a819fe972061fa750ebf7233da64ae4c0a3e775b1639c870be4b7312d86d9866fedf2bc99074aad0a10a
+$(DL_FILE)_BLAKE2 = be4ddf050d2102cefded5b4967222df749ee8af92c2427c31a9b29b3800fac8bb328daf2c38d11aa307b51eb7d7243f9b064b3bf24d446a001e5520359ee83c3
install : $(TARGET)
@@ -90,7 +90,6 @@ $(subst %,%_BLAKE2,$(objects)) :
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/qemu-9.2.0-sched-attr.patch
cd $(DIR_APP) && ./configure \
--prefix=/usr \
--sysconfdir=/etc \
diff --git a/lfs/qemu-ga b/lfs/qemu-ga
index 6416da061b..29ce922db8 100644
--- a/lfs/qemu-ga
+++ b/lfs/qemu-ga
@@ -26,11 +26,11 @@ include Config
SUMMARY = Guest agent for QEMU
-VER = 9.2.0
+VER = 10.0.2
THISAPP = qemu-ga-$(VER)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = qemu-ga
-PAK_VER = 10
+PAK_VER = 11
DEPS =
diff --git a/lfs/sudo b/lfs/sudo
index 852f6c8cfc..51bf0ada0f 100644
--- a/lfs/sudo
+++ b/lfs/sudo
@@ -1,7 +1,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2024 IPFire Team <info@ipfire.org> #
+# Copyright (C) 2007-2025 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -24,7 +24,7 @@
include Config
-VER = 1.9.16p2
+VER = 1.9.17
THISAPP = sudo-$(VER)
DL_FILE = $(THISAPP).tar.gz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = ef9f1c2cd4044454a808d1dff5f865355e1bd061d1b5c93a005207e28e9b9df7c267cf01358ce60dd2c98f6844b51dab00eac4e7a08bade1d621235c3a4774bf
+$(DL_FILE)_BLAKE2 = d9f2e0d8bca5d5dba5f78a9c064454032038fa60dae022ce72dd0d262bc4bd756fcc5a8e5b0ab4e179c3786fc86a401f7f1ba6d45ca4fe02e43d5cacb1e7f022
install : $(TARGET)
@@ -70,17 +70,15 @@ $(subst %,%_BLAKE2,$(objects)) :
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
- cd $(DIR_APP) && \
- ./configure \
- --prefix=/usr \
- --libexecdir=/usr/lib \
- --with-logging=syslog \
- --with-logfac=authpriv \
- --with-env-editor \
- --with-ignore-dot \
- --with-tty-tickets \
- --with-passprompt="[sudo] password for %p: " \
- --without-pam
+ cd $(DIR_APP) && ./configure \
+ --prefix=/usr \
+ --libexecdir=/usr/lib \
+ --with-logging=syslog \
+ --with-logfac=authpriv \
+ --with-env-editor \
+ --with-tty-tickets \
+ --with-passprompt="[sudo] password for %p: " \
+ --without-pam
cd $(DIR_APP) && make $(MAKETUNING)
cd $(DIR_APP) && make install
@rm -rf $(DIR_APP)
diff --git a/make.sh b/make.sh
index fc4ba1f283..57a0ff2cf4 100755
--- a/make.sh
+++ b/make.sh
@@ -1807,6 +1807,7 @@ build_system() {
lfsmake2 rpcsvc-proto
lfsmake2 lmdb
lfsmake2 samba
+ lfsmake2 iniparser
lfsmake2 netatalk
lfsmake2 sudo
lfsmake2 mc
diff --git a/src/patches/netatalk-3.2.5_remove_prefix_from_sysconfdir_and_localstatedir.patch b/src/patches/netatalk-3.2.5_remove_prefix_from_sysconfdir_and_localstatedir.patch
deleted file mode 100644
index 51ce3d6487..0000000000
--- a/src/patches/netatalk-3.2.5_remove_prefix_from_sysconfdir_and_localstatedir.patch
+++ /dev/null
@@ -1,15 +0,0 @@
---- netatalk-3.2.5/meson.build.orig 2024-08-01 12:16:47.000000000 +0200
-+++ netatalk-3.2.5/meson.build 2024-08-08 16:07:31.337732788 +0200
-@@ -39,10 +39,10 @@
- datadir = prefix / get_option('datadir')
- includedir = prefix / get_option('includedir')
- libdir = prefix / get_option('libdir')
--localstatedir = prefix / get_option('localstatedir')
-+localstatedir = get_option('localstatedir')
- mandir = prefix / get_option('mandir')
- sbindir = prefix / get_option('sbindir')
--sysconfdir = prefix / get_option('sysconfdir')
-+sysconfdir = get_option('sysconfdir')
-
- pkgconfdir = get_option('with-pkgconfdir-path')
- if pkgconfdir == ''
diff --git a/src/patches/qemu-9.2.0-sched-attr.patch b/src/patches/qemu-9.2.0-sched-attr.patch
deleted file mode 100644
index 15adf3ce13..0000000000
--- a/src/patches/qemu-9.2.0-sched-attr.patch
+++ /dev/null
@@ -1,192 +0,0 @@
-From qemu-devel-bounces+berrange=redhat.com@nongnu.org Fri Oct 11 20:32:42 2024
-Delivered-To: berrange@gapps.redhat.com
-Received: by 2002:a05:612c:fcb:b0:49e:3967:5c with SMTP id kg11csp620284vqb;
- Fri, 11 Oct 2024 12:32:43 -0700 (PDT)
-X-Forwarded-Encrypted: i=2; AJvYcCXPcgyQ0/+OIS7vrT6LX5S6B3Hgz9IoezpGzlHzuQ86lhsSq6u4TrVfGwET6WFesjl4msgGP886/Q==@gapps.redhat.com
-X-Google-Smtp-Source: AGHT+IGI1MzgaHjMk041SIq3SzZGJRAF05keA8usOtLVfsqz+UnG8gS/7JH2MnqELZrotA/GJ+FI
-X-Received: by 2002:a05:6870:530c:b0:277:e35a:d2d5 with SMTP id 586e51a60fabf-2886e0d7223mr2593115fac.47.1728675162879;
- Fri, 11 Oct 2024 12:32:42 -0700 (PDT)
-ARC-Seal: i=1; a=rsa-sha256; t=1728675162; cv=none;
- d=google.com; s=arc-20240605;
- b=alETPlokQysotchMz04b4QkeW4n7IaCvDHuYMZh698k8mF5RJMclj7AfzOWMyGXURw
- kFfdMDxoHBlzWY9bTAGsH6EBkFDcJ9RyMs2Oy/exl09b3Zbt/LaW/PgqJZWi7DqZe7FD
- Zo3bqW5OSwWxU/vpy6n8B4EV22uFeRNhdTlzj0nbU4h+YpUcUzXR++ssowqa367TMQ5s
- THtVdddGT62AlbkeybdC/gTVxTt0RktEBMKTh+MzuZJ1rcgMb+pbG6h/XF5Iub2C+szk
- EkyaW96aO1YTzalK4HCCL7cuCauVGvVShSjUfPFMqXRxvzVfFqn02zZh6C4AXb/a/gIT
- YiXA==
-ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;
- h=content-transfer-encoding:sender:errors-to:list-subscribe:list-help
- :list-post:list-archive:list-unsubscribe:list-id:precedence
- :mime-version:message-id:date:subject:cc:to:from:delivered-to;
- bh=PO9IbOEY2YqKRkyInUx1mFCEKdNyF6F1Ade1P8ET5cM=;
- fh=xgCffyEVvm6hjKwQ8pT/suARWWrEEvCTAvMVKpBgaZg=;
- b=Q4fnfvzilypAHQRG6QbhiDXJWTDiP8dnRA4CB3fnXjC3sGRa+4+abHQkdOy6pMW4T9
- HhCdtLquJqRIBSQNVEVZMN5bFDX+gIaEA6pmEbd8Sdi47dl2+VS7vP9dQWf/FOtrkGqg
- D6K6DlbOdtzmdoTtWcI9Zm1eg6/98cVH2/hqzO/Ig1eI47UvIJpZtm3CMa3y5BgoJhmX
- v1pxjLmbVwmOdo8YkXgT3bH5iAPwXjn8FU7q4Z+CX3XChIQksWGvkB+zR/d7xqsEEdTv
- x85zJC/K4M9DAnuyJA2rIcrt/QUDHpdAPfcV2gDWr4IBhF27Ul9j6vjXzKNHaGjJxXbF
- hFsw==;
- dara=google.com
-ARC-Authentication-Results: i=1; mx.google.com;
- spf=pass (google.com: domain of qemu-devel-bounces+berrange=redhat.com@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+berrange=redhat.com@nongnu.org"
-Return-Path: <qemu-devel-bounces+berrange=redhat.com@nongnu.org>
-Received: from us-smtp-inbound-delivery-1.mimecast.com (us-smtp-inbound-delivery-1.mimecast.com. [205.139.110.120])
- by mx.google.com with ESMTPS id af79cd13be357-7b114998ee3si449329885a.281.2024.10.11.12.32.42
- for <berrange@gapps.redhat.com>
- (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
- Fri, 11 Oct 2024 12:32:42 -0700 (PDT)
-Received-SPF: pass (google.com: domain of qemu-devel-bounces+berrange=redhat.com@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17;
-Authentication-Results: mx.google.com;
- spf=pass (google.com: domain of qemu-devel-bounces+berrange=redhat.com@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+berrange=redhat.com@nongnu.org"
-Received: from mx-prod-mc-04.mail-002.prod.us-west-2.aws.redhat.com
- (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by
- relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3,
- cipher=TLS_AES_256_GCM_SHA384) id us-mta-14-mwcDIPw2Ma-2fc8EyJ2Anw-1; Fri,
- 11 Oct 2024 15:32:41 -0400
-X-MC-Unique: mwcDIPw2Ma-2fc8EyJ2Anw-1
-Received: from mx-prod-int-02.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-02.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.15])
- (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
- key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
- (No client certificate requested)
- by mx-prod-mc-04.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id A96C819560AE
- for <berrange@gapps.redhat.com>; Fri, 11 Oct 2024 19:32:40 +0000 (UTC)
-Received: by mx-prod-int-02.mail-002.prod.us-west-2.aws.redhat.com (Postfix)
- id A3F151956089; Fri, 11 Oct 2024 19:32:40 +0000 (UTC)
-Delivered-To: berrange@redhat.com
-Received: from mx-prod-mc-04.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-mc-04.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.23])
- by mx-prod-int-02.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 9EAE41955F42
- for <berrange@redhat.com>; Fri, 11 Oct 2024 19:32:40 +0000 (UTC)
-Received: from us-smtp-inbound-delivery-1.mimecast.com (us-smtp-delivery-1.mimecast.com [205.139.110.120])
- (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
- key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
- (No client certificate requested)
- by mx-prod-mc-04.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 4A35819560B5
- for <berrange@redhat.com>; Fri, 11 Oct 2024 19:32:40 +0000 (UTC)
-Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
- relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2,
- cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
- us-mta-656-VIioc_tgPx6dfe3wuTFP4A-1; Fri, 11 Oct 2024 15:32:38 -0400
-X-MC-Unique: VIioc_tgPx6dfe3wuTFP4A-1
-Received: from localhost ([::1] helo=lists1p.gnu.org)
- by lists.gnu.org with esmtp (Exim 4.90_1)
- (envelope-from <qemu-devel-bounces@nongnu.org>)
- id 1szLMh-00020r-5j; Fri, 11 Oct 2024 15:31:55 -0400
-Received: from eggs.gnu.org ([2001:470:142:3::10])
- by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
- (Exim 4.90_1) (envelope-from <raj.khem@gmail.com>)
- id 1szLMb-00020P-1q
- for qemu-devel@nongnu.org; Fri, 11 Oct 2024 15:31:51 -0400
-Received: from mail-pl1-x635.google.com ([2607:f8b0:4864:20::635])
- by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
- (Exim 4.90_1) (envelope-from <raj.khem@gmail.com>)
- id 1szLMW-0003EY-RE
- for qemu-devel@nongnu.org; Fri, 11 Oct 2024 15:31:46 -0400
-Received: by mail-pl1-x635.google.com with SMTP id
- d9443c01a7336-20bb610be6aso25161715ad.1
- for <qemu-devel@nongnu.org>; Fri, 11 Oct 2024 12:31:44 -0700 (PDT)
-X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
- d=1e100.net; s=20230601; t=1728675103; x=1729279903;
- h=content-transfer-encoding:mime-version:message-id:date:subject:cc
- :to:from:x-gm-message-state:from:to:cc:subject:date:message-id
- :reply-to;
- bh=PO9IbOEY2YqKRkyInUx1mFCEKdNyF6F1Ade1P8ET5cM=;
- b=K3X31NNuvHdknW5P8UcnhDjhiG8YvVt80acZ9o0cp4OYATGyivVrgqlV16YtlE7nbP
- c2GxVasHb4XHOFgQ/OS9twOzcL7BvXjTYuSlqOjY9QQ9Ng38MAMFgLpleBdUdi0JHrfh
- vH2pyWqiWlGfPiDmnJWawogp9bgGCHsqyjPUtcw1LCUqNNx0sfyV98mwYq27/2m4POny
- BQ0yFM/O7SF2EkZuaQwCJWPmH3fQatSgwEAq5u1SGy/Tn9a9GB4Iyolqgm4mMJBiful/
- xoI0a2JEsYatNItIvqoWJ5uBgwrOZHldhxPZGCUP9cL5ecB1flcnPXHxLR4p0/kiQzuI
- LzCw==
-X-Gm-Message-State: AOJu0YxWyAwGwQqYK1sZdfMljusz9BkH4fhylN1UvHETC7GDQDWtfFQS
- zz40Z5A7yrfIoS4SkMLM2xTSe57qyfKfFPHRVJe68kPHnsvbdEUpZAecLqJ/
-X-Received: by 2002:a17:902:d2c5:b0:20c:a644:817f with SMTP id
- d9443c01a7336-20ca6448261mr49539675ad.7.1728675103070;
- Fri, 11 Oct 2024 12:31:43 -0700 (PDT)
-Received: from apollo.hsd1.ca.comcast.net ([2601:646:9d80:4380::f083])
- by smtp.gmail.com with ESMTPSA id
- d9443c01a7336-20c8bc13551sm26871055ad.88.2024.10.11.12.31.42
- (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
- Fri, 11 Oct 2024 12:31:42 -0700 (PDT)
-From: Khem Raj <raj.khem@gmail.com>
-To: qemu-devel@nongnu.org
-Cc: Khem Raj <raj.khem@gmail.com>, Laurent Vivier <laurent@vivier.eu>,
- Paolo Bonzini <pbonzini@redhat.com>
-Subject: [PATCH v2] sched_attr: Do not define for glibc >= 2.41
-Date: Fri, 11 Oct 2024 12:31:40 -0700
-Message-ID: <20241011193140.1047648-1-raj.khem@gmail.com>
-MIME-Version: 1.0
-X-Spam_score_int: -20
-X-Spam_score: -2.1
-X-Spam_bar: --
-X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
- DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001,
- RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001,
- SPF_PASS=-0.001 autolearn=ham autolearn_force=no
-X-Spam_action: no action
-X-BeenThere: qemu-devel@nongnu.org
-X-Mailman-Version: 2.1.29
-Precedence: list
-List-Id: <qemu-devel.nongnu.org>
-List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
- <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
-List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
-List-Post: <mailto:qemu-devel@nongnu.org>
-List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
-List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
- <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
-Errors-To: qemu-devel-bounces+berrange=redhat.com@nongnu.org
-Sender: qemu-devel-bounces+berrange=redhat.com@nongnu.org
-X-Mimecast-Impersonation-Protect: Policy=CLT - Impersonation Protection Definition;Similar Internal Domain=false;Similar Monitored External Domain=false;Custom External Domain=false;Mimecast External Domain=false;Newly Observed Domain=false;Internal User Name=false;Custom Display Name List=false;Reply-to Address Mismatch=false;Targeted Threat Dictionary=false;Mimecast Threat Dictionary=false;Custom Threat Dictionary=false
-X-Mimecast-Bulk-Signature: yes
-X-Mimecast-Spam-Signature: bulk
-X-Scanned-By: MIMEDefang 3.0 on 10.30.177.15
-X-Mimecast-Spam-Score: 0
-X-Mimecast-Originator: gmail.com
-Content-Transfer-Encoding: 8bit
-Content-Type: text/plain; charset="US-ASCII"; x-default=true
-Status: RO
-Content-Length: 1578
-Lines: 42
-
-glibc 2.41+ has added [1] definitions for sched_setattr and sched_getattr functions
-and struct sched_attr. Therefore, it needs to be checked for here as well before
-defining sched_attr
-
-Define sched_attr conditionally on SCHED_ATTR_SIZE_VER0
-
-Fixes builds with glibc/trunk
-
-[1] https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=21571ca0d70302909cf72707b2a7736cf12190a0;hp=298bc488fdc047da37482f4003023cb9adef78f8
-
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
-Cc: Laurent Vivier <laurent@vivier.eu>
-Cc: Paolo Bonzini <pbonzini@redhat.com>
----
-v2: Use SCHED_ATTR_SIZE_VER0 instead of glibc version check
-
- linux-user/syscall.c | 4 +++-
- 1 file changed, 3 insertions(+), 1 deletion(-)
-
-diff --git a/linux-user/syscall.c b/linux-user/syscall.c
-index 1354e75694..caecbb765d 100644
---- a/linux-user/syscall.c
-+++ b/linux-user/syscall.c
-@@ -359,7 +359,8 @@ _syscall3(int, sys_sched_getaffinity, pid_t, pid, unsigned int, len,
- #define __NR_sys_sched_setaffinity __NR_sched_setaffinity
- _syscall3(int, sys_sched_setaffinity, pid_t, pid, unsigned int, len,
- unsigned long *, user_mask_ptr);
--/* sched_attr is not defined in glibc */
-+/* sched_attr is not defined in glibc < 2.41 */
-+#ifndef SCHED_ATTR_SIZE_VER0
- struct sched_attr {
- uint32_t size;
- uint32_t sched_policy;
-@@ -372,6 +373,7 @@ struct sched_attr {
- uint32_t sched_util_min;
- uint32_t sched_util_max;
- };
-+#endif
- #define __NR_sys_sched_getattr __NR_sched_getattr
- _syscall4(int, sys_sched_getattr, pid_t, pid, struct sched_attr *, attr,
- unsigned int, size, unsigned int, flags);
-
-
hooks/post-receive
--
IPFire 2.x development tree
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2025-06-23 9:51 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2025-06-23 9:51 [git.ipfire.org] IPFire 2.x development tree branch, next, updated. dba199447f129f67a7ff0c36d25511643810222c Michael Tremer
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox