Support for avahi is added by the services/avahi module in the SELinux
refpolicy.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Avahi 0.8 allows a local denial of service (NULL pointer dereference and
daemon crash) against avahi-daemon via the D-Bus interface or a "ping
.local" command.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
CVE-2021-26720 is an issue in avahi-daemon-check-dns.sh, which is part of
the Debian packaging and not part of upstream avahi - So ignore the CVE.
https://security-tracker.debian.org/tracker/CVE-2021-26720
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fixes:
http://autobuild.buildroot.net/results/b9bf7cea8be9231552a10e8ea828bf24394402ba/
Building with introspection (together with D-Bus) support currently fails.
Fixing it is not trivial, so explicitly disable introspection for now.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Tested-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This bump also includes:
* Drop upstream security patch which is included in the new version
* Unconditionally disable support for Qt5 [1] (same as Qt3 and Qt4)
* Drop dependency on host-inttool, as avahi switched to host-gettext [2]
* Conditionally enable support for libevent [3]
[1] 5dbb32767a
[2] 3d5a0c6805
[3] 998e20cd76
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
All these packages have an upstream-provided service, but buildroot
enabled manually the services in exactly the same way as the [Install]
section.
This is not needed anymore
Signed-off-by: Jérémy Rosen <jeremy.rosen@smile.fr>
[yann.morin.1998@free.fr: fix check-package errors]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Chris Lesiak <chris.lesiak@licor.com>
Reviewed-by: Samuel Martin <s.martin49@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since D-Bus 1.9.18, the recommended location for the system and
session busses configuration files is /usr/share instead of /etc. From
the D-Bus NEWS file:
D-Bus 1.9.18 (2015-07-21)
==
The “Pirate Elite” release.
Configuration changes:
• The basic setup for the well-known system and session buses is now done
in read-only files in ${datadir}, moving a step closer to systems
that can operate with an empty /etc directory. In increasing order
of precedence:
· ${datadir}/dbus-1/s*.conf now perform the basic setup such as setting
the default message policies.
· ${sysconfdir}/dbus-1/s*.conf are now optional. By default
dbus still installs a trivial version of each, for documentation
purposes; putting configuration directives in these files is
deprecated.
· ${datadir}/dbus-1/s*.d/ are now available for third-party software
to install "drop-in" configuration snippets (any packages
using those directories should explicitly depend on at least this
version of dbus).
· ${sysconfdir}/dbus-1/s*.d/ are also still available for sysadmins
or third-party software to install "drop-in" configuration snippets
· ${sysconfdir}/dbus-1/s*-local.conf are still available for sysadmins'
overrides
${datadir} is normally /usr/share, ${sysconfdir} is normally /etc,
and "s*" refers to either system or session as appropriate.
Therefore, this commit adjusts the Avahi package to install the D-Bus
related files to /usr/share/dbus-1/system.d.
Signed-off-by: Chris Lesiak <chris.lesiak@licor.com>
Reviewed-by: Samuel Martin <s.martin49@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This commit switches to use the new gettext logic, which involves:
- using TARGET_NLS_DEPENDENCIES instead of hand-encoded dependencies
on gettext/host-gettext
- using TARGET_NLS_LIBS to force linking against libintl
- dropping BR2_PACKAGE_GETTEXT selection
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
We want to use SPDX identifier for license string as much as possible.
SPDX short identifier for LGPLv2.1/LGPLv2.1+ is LGPL-2.1/LGPL-2.1+.
This change is done using following command.
find . -name "*.mk" | xargs sed -ri '/LICENSE( )?[\+:]?=/s/LGPLv2.1(\+)?/LGPL-2.1\1/g'
Signed-off-by: Rahul Bedarkar <rahulbedarkar89@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
As directed in the buildroot manual, "Optional hooks: keep hook
definition and assignment together in one if block". And also
to be consistent with the rest of avahi.mk.
Signed-off-by: Danomi Manchego <danomimanchego123@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
When libcap was compiled before, avahi daemon will use it as optional
dependency:
$ output/host/usr/bin/x86_64-linux-readelf -a output/target/usr/sbin/avahi-daemon | grep NEEDED | sort
0x0000000000000001 (NEEDED) Shared library: [libavahi-common.so.3]
0x0000000000000001 (NEEDED) Shared library: [libavahi-core.so.7]
0x0000000000000001 (NEEDED) Shared library: [libcap.so.2]
[...]
The build system offers no option to en-/disable libcap support:
http://git.0pointer.net/avahi.git/tree/configure.ac#n382
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Thomas: make the test unconditionally, even if libcap is only used by
avahi-daemon for the moment.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Also:
* switch download site to github as the previous download page is not
maintained anymore
* drop 0004-no-gtk-deprecations.patch as it is applied upstream
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
We currently have two circular dependency chains:
avahi -> libglade -> libgtk2 -> cups -> avahi
avahi -> libgtk3 -> cups -> avahi
The cups -> avahi dependency makes sense, as cups would be able to use
Bonjour and mDNS to find printers, so we want to keep that dependency.
The libgtk2 -> cups and libgtk3 -> cups dependencies also make sense, to
be able to offer cups in the print dialogs.
However, the avahi -> libglade and avahi -> libgtk3 dependencies do not
really make sense. As Thomas puts it:
The avahi GUI programs seem really useless to me. On Debian/Ubuntu
distributions, they are not even packaged within the main avahi
packages, but as separate packages, probably indicating that they
are not very commonly used.
So, we drop the avahi -> libglade and avahi -> libgtk3 dependencies, to
break the circular dependency chain.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
[Thomas: add comment in the .mk file.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* Move service files to /usr/lib/systemd/system/
* Only disable systemd support on non-systemd systems
[Thomas: use positive logic for the systemd test.]
Signed-off-by: Mike Williams <mike@mikebwilliams.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Without this, the python support doesn't do anything.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The AVAHI_INSTALL_AUTOIPD was unconditionally installing
S05avahi-setup.sh to /etc/init.d/, even in systemd
configurations. Therefore, this commit:
* Moves the installation of S05avahi-setup.sh to a separate variable
called AVAHI_INSTALL_AUTOIPD_INIT_SYSV.
* Makes sure to use 'install -D' and a full destination path when
installing S05avahi-setup.sh.
* Moves the definition of AVAHI_INSTALL_AUTOIPD inside the
BR2_PACKAGE_AVAHI_AUTOIPD conditional, so that both the variable
definition and its addition to AVAHI_POST_INSTALL_TARGET_HOOKS are
enclosed in the conditional.
* Moves the S50avahi-daemon installation from AVAHI_INSTALL_INIT_SYSV
to AVAHI_INSTALL_DAEMON_INIT_SYSV.
* Uses 'install -D' to install S50avahi-daemon.
* Adds a AVAHI_INSTALL_INIT_SYSV definition which calls both
AVAHI_INSTALL_AUTOIPD_INIT_SYSV and AVAHI_INSTALL_DAEMON_INIT_SYSV.
Note: in a systemd configuration, there is no provision to do what
S05avahi-setup.sh is doing for sysv init configurations. Maybe this is
something that our systemd people should have a look at.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
In AVAHI_INSTALL_INIT_SYSTEMD, since we're using 'install -D' to
install /usr/lib/tmpfiles.d/avahi.conf in $(TARGET_DIR), there's no
need to have a 'mkdir -p' before that, since 'install -D' creates the
directories as needed.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The indentation for commands should be made with tabs, not spaces, so
fix that up in AVAHI_INSTALL_INIT_SYSTEMD.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
When using the buildroot-provided avahi-daemon.service file, bootup never
finishes, because multi-user.target is waiting for avahi-daemon to exit,
which is caused by "Type=oneshot" (in avahi-daemon.service).
Upstream's systemd files get already installed to /lib/systemd.
They're not an exact copy of S50avahi-daemon, but work flawlessly,
so use these units:
* avahi-daemon.service, auto-enabled (ln -fs in AVAHI_INSTALL_INIT_SYSTEMD)
* avahi-daemon.socket,
not auto-enabled, but a dependency of avahi-daemon.service
* avahi-dnsconfd.service, auto-enabled
[Thomas: use simpler absolute paths for the symbolic links instead of
relative paths. Suggested by Maxime Hadjinlian.]
Signed-off-by: André Erdmann <dywi@mailerd.de>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Remove --localstatedir=/var from all autotools packages where it is no longer
needed.
Also remove --localstatedir=/var/lib/dhcp from package dhcp. localstatedir is
used by dhcp to set the default directory for the leases files. This can also
be done by setting --with-*-lease-file=/var/lib/dhcp/*, which is done in
dhcp.mk.
A custom --localstatedir is left in:
* proftpd.mk
* mysql.mk
This is safe to do:
One of the good thing with autoconf is that if you pass:
--localstatedir=/var ... --localstatedir=/var/something
Then /var/something will be used. So, we can set --localstatedir=/var
by default in the infrastructure, and still have certain packages doing
weird things override it. [Thanks to Thomas Petazzoni]
Signed-off-by: Jörg Krause <jkrause@posteo.de>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
To be consistent with the recent change of FOO_MAKE_OPT into FOO_MAKE_OPTS,
make the same change for FOO_CONF_OPT.
Sed command used:
find * -type f | xargs sed -i 's#_CONF_OPT\>#&S#g'
Signed-off-by: Thomas De Schampheleire <thomas.de.schampheleire@gmail.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
While the autotools infrastructure was using FOO_MAKE_OPT, generic packages
were typically using FOO_MAKE_OPTS. This inconsistency becomes a problem
when a new infrastructure is introduced that wants to make use of
FOO_MAKE_OPT(S), and can live alongside either generic-package or
autotools-package. The new infrastructure will have to choose between either
OPT or OPTS, and thus rule out transparent usage by respectively generic
packages or generic packages. An example of such an infrastructure is
kconfig-package, which provides kconfig-related make targets.
The OPTS variant is more logical, as there are typically multiple options.
This patch renames all occurrences of FOO_MAKE_OPT in FOO_MAKE_OPTS.
Sed command used:
find * -type f | xargs sed -i 's#_MAKE_OPT\>#&S#g'
Signed-off-by: Thomas De Schampheleire <thomas.de.schampheleire@gmail.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Since the trailing slash is stripped from $($(PKG)_SITE) by pkg-generic.mk:
$(call DOWNLOAD,$($(PKG)_SITE:/=)/$($(PKG)_SOURCE))
so it is redundant.
This patch removes it from $(PKG)_SITE variable for BR consistency.
Signed-off-by: Jerzy Grzegorek <jerzy.grzegorek@trzebnica.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Create an avahi specific user/group and use it instead of the global
'default' one, so it can be removed.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This consists of two files:
- avahi-daemon.service:
It start/stop the daemon avahi, it's a copy of the S50avahi-daemon
script.
- avahi_tmpfiles.conf:
This one gets installed in /usr/lib/tmpfiles.d/ to be used by
systemd-tmpfiles which will create the correct directory structure
with the appropriate rights.
This is the equivalent of the S05avahi-setup.sh script.
Signed-off-by: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This patch removes deprecated symbol BR2_HAVE_DOCUMENTATION and all its
usage. Additionally, it removes the now unused BR2_DEPRECATED_SINCE_2012_11.
Signed-off-by: Thomas De Schampheleire <thomas.de.schampheleire@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Jerzy Grzegorek <jerzy.grzegorek@trzebnica.net>
Acked-by: Thomas De Schampheleire <thomas.de.schampheleire@gmail.com)
Acked-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
We're currently using two different udhcpc scripts, one in the busybox
package and another in the avahi one, which calls avahi-autoipd on
dhcp failures.
The avahi one actually only does something differently from the default
if avahi-autoipd is available, so let's just always use this one instead
of the complicated logic about writing the file if not present /
overwriting it afterwards.
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>