Do it to avoid having duplicate and conflicting functionality with
busybox's S01logging.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Also add hash file and drop upstream patch.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Also drop PAN profile comment since it now supports GN and PANU profiles
as well to avoid overcrowding.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Fixes:
CVE-2015-0219 - incorrectly handled underscores in WSGI headers. A
remote attacker could possibly use this issue to spoof headers in
certain environments.
CVE-2015-0220 - incorrectly handled user-supplied redirect URLs. A
remote attacker could possibly use this issue to perform a cross-site
scripting attack.
CVE-2015-0221 - incorrectly handled reading files in
django.views.static.serve(). A remote attacker could possibly use this
issue to cause Django to consume resources, resulting in a denial of
service.
CVE-2015-0222 - incorrectly handled forms with ModelMultipleChoiceField.
A remote attacker could possibly use this issue to cause a large number
of SQL queries, resulting in a database denial of service.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
It has a hardcoded -ldl link invocation, so drop it. Fixes:
http://autobuild.buildroot.net/results/66ba5f76694d0738b113463579ce6b2fa49a89d6/
Also add hash file and rename uclinux patch to new naming convention.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Samuel Martin <s.martin49@gmail.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Patches located at ftp or http(s) URLs were downloaded using DOWNLOAD
macro. For example, if linux source was located at external git
repository, DOWNLOAD macro uses git scheme as well and buildroot
tried to downlod a path using DOWNLOAD_GIT macro. As a result, nothing
was downloaded and build siletly passes.
Patches located at mentioned URLs is now downloaded directly with
DOWNLOAD_WGET macro.
Signed-off-by: Ivo Slanina <ivo.slanina@gmail.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Patches located at https:// scheme URL were threated as directories,
causing build failures.
Fixed by adding https:// pattern.
Signed-off-by: Ivo Slanina <ivo.slanina@gmail.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
It is only the get-edid tool that is x86 specific, parse-edid builds and
works fine on other architectures so make it available everywhere.
Also drop the custom install step as 'make install' does the right thing.
This does cause us to install into /usr/sbin instead of /sbin, but as that
is what upstream wants we can consider that a bugfix.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
We don't use the 1.17.x series because it has issues when
cross-compiling.
[Thomas:
- change license to GPLv2+, and the license file to COPYING. While
start-stop-daemon.c itself is under the Public Domain, the compat
library against which it is linked is GPLv2+.]
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Tested-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Tested-by: Karoly Kasza <kaszak@gmail.com>
Reviewed-by: Karoly Kasza <kaszak@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Make the S40network script create the /run/network directory for the
debian variant of ifupdown which uses it as a lock directory.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Tested-by: Karoly Kasza <kaszak@gmail.com>
Reviewed-by: Karoly Kasza <kaszak@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The unit file is taken from debian, but tested working.
We'll call it named.service to match the sysV initscript.
Signed-off-by: Nathaniel Roach <nroach44@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Compilation fails with this defconfig, provided by Thomas
BR2_arm=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_TOOLCHAIN_EXTERNAL_CUSTOM=y
BR2_TOOLCHAIN_EXTERNAL_DOWNLOAD=y
BR2_TOOLCHAIN_EXTERNAL_URL="http://autobuild.buildroot.org/toolchains/tarballs/br-arm-full-2014.11.tar.bz2"
BR2_TOOLCHAIN_EXTERNAL_HEADERS_3_17=y
BR2_TOOLCHAIN_EXTERNAL_LARGEFILE=y
BR2_TOOLCHAIN_EXTERNAL_INET_IPV6=y
BR2_TOOLCHAIN_EXTERNAL_LOCALE=y
BR2_TOOLCHAIN_EXTERNAL_INET_RPC=y
BR2_TOOLCHAIN_EXTERNAL_CXX=y
BR2_ROOTFS_DEVICE_CREATION_DYNAMIC_EUDEV=y
BR2_PACKAGE_GLMARK2=y
BR2_PACKAGE_MESA3D=y
BR2_PACKAGE_RPI_USERLAND=y
because rpi-userland is used a provider for libegl/gles.
Fix this by depending on the corresponding mesa3d suboptions.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Add support for building nodejs with hard floating ABI if supported by the
target and remove bogus comment. Buildroot does propose this tuning.
Basically, you have three cases of floating point strategies:
* soft float, i.e 'soft' in nodejs speak. This is enabled in Buildroot
when BR2_ARM_EABI=y and BR2_SOFT_FLOAT=y.
* hard float using integer registers to pass floating point arguments,
i.e 'softfp' in nodejs speak. This is enabled in Buildroot when
BR2_ARM_EABI=y and BR2_SOFT_FLOAT is disabled.
* hard float using floating pointer registers to pass floating point
arguments, i.e 'hard' in nodejs speak. This is enabled in Buildroot
when BR2_ARM_EABIHF=y.
This patch fixes "[Buildroot] Float error on SAMA5D3 Xplained using nodejs":
http://lists.busybox.net/pipermail/buildroot/2014-December/114254.html
Tested at run-time by me on a TI Beaglebone Black.
[Thomas: add qstrip call when using the BR2_GCC_TARGET_FLOAT_ABI
variable.]
Signed-off-by: Jörg Krause <jkrause@posteo.de>
Reported-by: Cédric Heyman <c.heyman@til-technologies.fr>
Suggested-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Squid bundles a copy of libltdl (from libtool) which autoreconfigures on
its own.
For some odd reason when automake was bumped to version 1.15 and if the host
system has another automake version, for example 1.14, the ACLOCAL and
AUTOMAKE variables don't expand properly when the internal autoreconf is
triggered hence calling the missing handler which in turn tries to use
an incorrect automake version.
The solution is to pass unexpanded ACLOCAL and AUTOMAKE variables that
defer the evaluation to a later moment and avoid the issue.
Fixes:
http://autobuild.buildroot.net/results/73f/73fcffafbea320f8c64378bbe8a96922b5e7c6b5/
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Tested-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Enable the required conntrack/netfilter options, otherwise
xtables-addons will fail to build.
The basic iptables options are already covered by the iptables package
which is a required dependency anyway.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Enable the basic kernel options for iptables to be useful at least to
filter incoming connections.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The geoip "helpers" are basically scripts that download and reformat
the geoip database in a form usable by xt_geoip.
The netfilter (kernel & userland) sides of it are built and installed.
Since there are many considerations to geoip databases (free,
commercial and variants for each) it's left to the user to deal with
that if they plan to use the extension which is only one among many.
[Thomas:
- Take into account the rename of BR2_PREFER_STATIC_LIB to
BR2_STATIC_LIBS
- Remove "depends on BR2_LINUX_KERNEL" as suggested by Arnout.
- Move XTABLES_ADDONS_CONF_OPTS a bit further down, with newlines
around it, and adjust the indentation of the first line. Just to
make it slightly more readable.]
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Currently in Buildroot we have a BR2_PACKAGE_QT_ARCH_SUPPORTS_WEBKIT
variable indicating which architectures support Qt Webkit. We also make
Qt Script depending on that variable, so we are assuming that Qt Script
is supported for exactly the same architectures which support Qt Webkit,
and that's not true.
For instance, Qt Webkit is not supported for MIPS64 when
using the n32 ABI, but Qt Script is actually supported. So, if we make
BR2_PACKAGE_QT_ARCH_SUPPORTS_WEBKIT depending on !BR2_MIPS_NABI32 we
will also disable Qt Script, because as I said before, Qt Script depends
on BR2_PACKAGE_QT_ARCH_SUPPORTS_WEBKIT, and we don't want that because
Qt Script works.
We fix this by creating another variable called
BR2_PACKAGE_QT_ARCH_SUPPORTS_SCRIPT to state which architectures support
Qt Script, so now we can differentiate them from the ones supporting Qt
Webkit.
Related:
http://lists.busybox.net/pipermail/buildroot/2014-November/112605.html
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Currently, all the installation work of the toolchain-external package
is done during the install-staging step. However, in order to be able
to properly collect the size added by each package to the target
filesystem, we need to make sure that toolchain-external installs its
files to $(TARGET_DIR) during the install-target step.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Tested-by: Jérôme Pouiller <jezz@sysmic.org>
The build of host-lzma is broken since commit 97703978ac
("support/libtool: make -static behave like -all-static").
Lzma forces '-static' in its LDFLAGS, which contradicts what buildroot tries to
achieve by patching libtool scripts and configuring host packages with
'--disable-static'.
We add a patch to remove lzma's hardcoded LDFLAGS, to fix the build.
Signed-off-by: Vincent Stehlé <vincent.stehle@laposte.net>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This lets you (by default enabled) compile out its readline
dependency.
[Thomas:
- remove the patch, which is now unneeded, since we've bumped to
nftables 0.4, which as the patch to make readline optional.
- remove the new Config.in option, just enable the interactive
console when the readline package is enabled.]
Signed-off-by: Alexander Clouter <alex+buildroot@digriz.org.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
We used to specify explicitly serial port with all its settings
for init to instantiate getty.
This limits usecases when the same one rootfs could be used.
For example following cases won't work well with hardcoded
serial console settings:
* On the same board other serial port is expected to be used
* The same rootfs is intended to be used on different boards with
different serial ports (like ttySx vs ttyAMAx or even ttyx)
With this change by default we rely on "console" specified in
kernel's boot command line.
What is important getty will be set on the last console
specified in bootargs.
For example is a kernel comand line:
--->---
bootargs="... console=tty0 console=ttyS3,115200n8..."
--->---
This now will instantiate serial console on ttyS3 but not on tty0.
Tested with both Busybox and SysV init.
Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This flag seems to be obsolete. There is no piece of code in the U-Boot source
tree referencing CONFIG_NOSOFTFLOAT.
Unfortunatly the use of this flag is not documented here. Maybe it's about this
old workaround:
http://lists.denx.de/pipermail/u-boot/2007-March/020282.html
However, this patch has been declined:
http://www.denx.de/wiki/view/U-Boot/PatchStatus?rev=1.27
Since no other configure options are used, remove also UBOOT_CONFIGURE_OPTS.
Signed-off-by: Jörg Krause <jkrause@posteo.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Like was done for the 'python' package, also make the ossaudiodev
module optional for 'python3'. ossaudiodev is always disabled for
host-python3, and a new option is added to enable it for the target
python3.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Now that we have a configure option in Python to enable/disable the
ossaudiodev module, this commit adds a configuration option to the
target Python to explicitly enable/disable this module.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This module is not needed to build the target Python, and can cause
some build issues on certain systems (when <linux/soundcard.h> does
not contain the OSS related definitions).
Signed-off-by: Zoltan Gyarmati <mr.zoltan.gyarmati@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
