I was trying to make the ISC dhcp daemon more secure by using the
-user and -group option to let dhcp server run as non-root user.
Unfortunately these options are not available when building ISC dhcp
server with buildroot.
The reason is, that the configure script must be called with the
option --enable-paranoia to activate these options. But this option
is not set in the dhcp.mk file.
To be backward compatible I added a new option to the dhcp's Config.in
file to enable this feature when desired and parse this option in
dhcp.mk.
Signed-off-by: Andreas Ehmanns <universeiii@gmx.de>
[yann.morin.1998@free.fr: fix check-package]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
HPA's tftp server init script does not support include of a
configuration file. So changing daemon parameters would cause
a modification of the init script.
Similar to NFS, dropbear, DHCP, SNMP and other network services
in buildroot, this patch adds an include of /etc/default/tftpd
to the init script. So any user can change the default behaviour
by adding its own configuration file instead of changing the init
script.
Signed-off-by: Andreas Ehmanns <universeiii@gmx.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Moved groups render and sgx from UDEV_USERS to SYSTEMD_USERS as they
currently only appear in systemd's udev rules.
In systemd, group render was introduced since commit 4e15a73, and group
sgx was introduced since commit c9c4899.
In eudev, group render was introduced since commit bb070c1, but was
removed since commit a8ffcd1 [1].
[1]: https://github.com/eudev-project/eudev/issues/160
Signed-off-by: TIAN Yuanhao <tianyuanhao3@163.com>
Cc: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Cc: Carlos Santos <unixmania@gmail.com>
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
On m68k building with optimizations results in failures such as:
/tmp/cckiMnG5.s: Assembler messages:
/tmp/cckiMnG5.s:142572: Error: value -39206 out of range
/tmp/cckiMnG5.s:142629: Error: value -40282 out of range
/tmp/cckiMnG5.s:146408: Error: value -53294 out of range
/tmp/cckiMnG5.s:159014: Error: value -39206 out of range
/tmp/cckiMnG5.s:159071: Error: value -40282 out of range
/tmp/cckiMnG5.s:162850: Error: value -53294 out of range
/tmp/cckiMnG5.s:175456: Error: value -39206 out of range
/tmp/cckiMnG5.s:175513: Error: value -40282 out of range
/tmp/cckiMnG5.s:179292: Error: value -53294 out of range
/tmp/cckiMnG5.s:191898: Error: value -39206 out of range
/tmp/cckiMnG5.s:191955: Error: value -40282 out of range
/tmp/cckiMnG5.s:195734: Error: value -53294 out of range
These only appear when building with -O2, the smaller code generated
with -Os does not cause trouble, so workaround by using that.
Fixes:
http://autobuild.buildroot.net/results/2f222d5a86b4237b81ca31dba89f58b0e6e879db/
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
git added restrictions on config files to fix CVE 2022-24765. libgit2
adopted these changes for compatibility reasons, even if the vuln is
not exploitable in libgit2.
https://github.com/libgit2/libgit2/releases/tag/v1.4.3
Signed-off-by: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fix the following build failure with libressl raised since bump to
version 3.5.2 in commit 8b216927db:
crypto/hash/hmac_ossl.c: In function 'srtp_hmac_alloc':
crypto/hash/hmac_ossl.c:88:55: error: invalid application of 'sizeof' to incomplete type 'HMAC_CTX' {aka 'struct hmac_ctx_st'}
88 | pointer = (uint8_t *)srtp_crypto_alloc(sizeof(HMAC_CTX) +
| ^~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/c346780ed664c9fe8c7112e4c256cfe8080a7af5
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Force LibUSB_VERSION_1.0 to ON to fix the following static build failure
with libusb and libatomic:
-- Looking for libusb_get_device_list in /nvmedata/autobuild/instance-4/output-1/host/sparc-buildroot-linux-uclibc/sysroot/usr/lib/libusb-1.0.a
-- Looking for libusb_get_device_list in /nvmedata/autobuild/instance-4/output-1/host/sparc-buildroot-linux-uclibc/sysroot/usr/lib/libusb-1.0.a - not found
[...]
/nvmedata/autobuild/instance-4/output-1/build/openobex-1.7.2/lib/transport/usbobex.h:30:10: fatal error: usb.h: No such file or directory
30 | #include <usb.h>
| ^~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/52b0edc4278f65fb4a9671b65c655cc4544a3103
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fix the following build failure with libressl raised since bump to
version 3.5.2 in commit 8b216927db:
In file included from bufferevent_openssl.c:68:
bufferevent_openssl.c: In function 'bio_bufferevent_free':
openssl-compat.h:44:28: error: invalid use of incomplete typedef 'BIO' {aka 'struct bio_st'}
44 | #define BIO_get_init(b) (b)->init
| ^~
bufferevent_openssl.c:124:7: note: in expansion of macro 'BIO_get_init'
124 | if (BIO_get_init(b) && BIO_get_data(b))
| ^~~~~~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/273f9aa354a08ef3af6140b8dec086408bf5d574
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
This patch allows to use an external toolchain based on gcc 12.
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
In order to add gcc 12 support for internal and external toolchain
in follow-up commits, introduce BR2_TOOLCHAIN_GCC_AT_LEAST_12 symbol.
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fix the following static build failure:
/nvmedata/autobuild/instance-15/output-1/per-package/ltp-testsuite/host/bin/../lib/gcc/mipsel-buildroot-linux-uclibc/10.3.0/../../../../mipsel-buildroot-linux-uclibc/bin/ld: /nvmedata/autobuild/instance-15/output-1/per-package/ltp-testsuite/host/bin/../mipsel-buildroot-linux-uclibc/sysroot/usr/lib/libc.a(syslog.os): in function `openlog':
syslog.c:(.text+0x6b8): multiple definition of `openlog'; /tmp/ccvRnqfT.o:/nvmedata/autobuild/instance-15/output-1/build/ltp-testsuite-20220121/testcases/kernel/fs/fs-bench/random-access.c:14: first defined here
Fixes:
- http://autobuild.buildroot.org/results/bfd0d906a05564a4f323db604f3b908abf552b20
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
This reverts commit e87e6fd085 as
pure-ftpd can be built with libressl since bump to version 3.5.2 in
commit 8b216927db and
f5674b4e23.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fix the following build failure raised on uclibc and musl since the
addition of libexecinfo package in commit
eea8ba446c:
/home/giuliobenetti/autobuild/run/instance-2/output-1/host/lib/gcc/arm-buildroot-linux-uclibcgnueabi/10.3.0/../../../../arm-buildroot-linux-uclibcgnueabi/bin/ld: /home/giuliobenetti/autobuild/run/instance-2/output-1/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib/libvcos.so: undefined reference to `backtrace_symbols'
/home/giuliobenetti/autobuild/run/instance-2/output-1/host/lib/gcc/arm-buildroot-linux-uclibcgnueabi/10.3.0/../../../../arm-buildroot-linux-uclibcgnueabi/bin/ld: /home/giuliobenetti/autobuild/run/instance-2/output-1/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib/libvcos.so: undefined reference to `backtrace'
Fixes:
- http://autobuild.buildroot.org/results/836348270d564a46cc9ee840cf87b2494cc82cec
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Drop override system locale patch which is now upstream.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fix the following build failure with libressl >= 3.4.1 raised since
commit 25ef2c26da:
In file included from eXtl_dtls.c:82:
/home/autobuild/autobuild/instance-4/output-1/host/x86_64-buildroot-linux-musl/sysroot/usr/include/openssl/ssl.h:1272:6: note: previous declaration of 'SSL_set0_rbio' was here
1272 | void SSL_set0_rbio(SSL *s, BIO *rbio);
| ^~~~~~~~~~~~~
eXtl_dtls.c: In function 'SSL_set0_rbio':
eXtl_dtls.c:108:17: error: invalid use of incomplete typedef 'SSL' {aka 'struct ssl_st'}
108 | BIO_free_all(s->rbio);
| ^~
Fixes:
- http://autobuild.buildroot.org/results/dfafdbf71b31fbda1b5ba491ac35239af4a20aa2
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fix the following build failure raised since bump of argp-standalone to
version 1.4.1 in commit 0fe85041bc and
e7ff8d9787:
/home/autobuild/autobuild/instance-10/output-1/host/lib/gcc/i686-buildroot-linux-musl/10.3.0/../../../../i686-buildroot-linux-musl/bin/ld: tokens/ssh/cryptsetup_ssh-cryptsetup-ssh.o: in function `parse_opt':
cryptsetup-ssh.c:(.text+0x14c): undefined reference to `argp_state_help'
/home/autobuild/autobuild/instance-10/output-1/host/lib/gcc/i686-buildroot-linux-musl/10.3.0/../../../../i686-buildroot-linux-musl/bin/ld: tokens/ssh/cryptsetup_ssh-cryptsetup-ssh.o: in function `main':
cryptsetup-ssh.c:(.text+0x7db): undefined reference to `argp_parse'
Fixes:
- http://autobuild.buildroot.org/results/cb3fdae4e0da603f304501f65127800346cb3915
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
