Fail2ban scans log files (e.g. /var/log/apache/error_log)
and bans IPs that show malicious behaviours.
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
[Thomas: simplify $(SED) expression by using comma as a separator
instead of slash.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Some python software refers to setuptool/distutils options
to install files in python root directory (like data_files option).
To use this type of option, python root should point to the real python
root in buildroot folder and not to the guest os /.
Prefix path is always built starting from the python root, so it should
be simply /usr.
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Enable for uClibc, which is supported now.
- Keep microblaze, nios2 and arc restrictions, since it was not possible
to test on those architectures (no hardware available).
- Keep musl restriction, since it was possible to compile the code (with
some patches) but it failed at run time with
Cannot set scheduler: errno=38 (Function not implemented)
Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Should have been removed in commit 27bce5fc8e (package/stress-ng: bump
to version 0.09.39) but was left as an empty file.
Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
It is required to use qemu with libvirt and allows us to resume working
on the libvirt package (https://patchwork.ozlabs.org/patch/841613).
Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Remove all patches, since they were already applied upstream.
Add license file hash.
Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Recently, some hash mismatch have been reported, both by users as well
as autobuilder failures, about tarballs generated from git repositories.
This turned out to be caused by users having the 'gzip' command somehow
aliased to 'pigz' (which stand for: parallel implementation of gzip,
which takes advantage of multi-processor system to parallelise the
compression).
Unfortunately, the output of pigz-compressed archives differ from that
of gzip (even though they *are* valid gzip-compressed streams).
Add a dependency check that ensures that gzip is not pigz. If that is
the case, define a conditional dependency to host-gzip, that is used as
a download dependency for packages that will generate compressed files,
i.e. cvs, git, and svn.
Fixes:
http://autobuild.buildroot.org/results/330/3308271fc641cadb59dbf1b5ee529a84f79e6d5c/
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Marcin Niestrój <m.niestroj@grinn-global.com>
Cc: Erico Nunes <nunes.erico@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
In case someone is building on a musl-based distro (Alpine), we do as
for the target variant, and force the fflush_stdin detection.
We however do not do the /bin/sh trick, because we are building
natively, so the shell check is working.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Currently, when we detect that tar is BSD-tar, we fake an unsupported
version (major, minor) and rely on the version check to reject BSD-tar.
There is no reason to use such shenanigans, when we can simply reject it
from the onset.
Simplify the logic:
- use positive logic in the condition
- directly exit in error
Also, comment that case like the other cases are commented.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Select BR2_PACKAGE_OPENSSL_FORCE_LIBOPENSSL and drop the patch to
compile with libressl.
The discussion with the tpm2-tss developers led to the conclusion that
libressl lacks some required functionalities. Quoting Andreas Fuchs[1]:
"LibreSSL does not support OAEP-mode with labels at all, even though the
internal OAEP-padding-function includes the parameters already. [...]
Further, the internal OAEP-padding-function does not support variable
hash algs, but staticly uses SHA1."
Notice that there will NOT be an option to use libgcrypt. OpenSSL will
soon become the default ESAPI crypto backend to prevent the problem of
forcing applications to link against both libgcrypt and libssl[2].
1. https://github.com/tpm2-software/tpm2-tss/pull/1207#issuecomment-440217659
2. https://github.com/tpm2-software/tpm2-tss/issues/1169
Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch adds an option to build and install the ext4_utils for the
host, i.e. make_ext4fs, ext4fixup, ext2simg, img2simg, simg2img and
simg2simg.
Signed-off-by: Alex Kaplan <kaplan2539@gmail.com>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[Thomas:
- simplify a bit the installation logic by using a single
HOST_ANDROID_TOOLS_INSTALL_TARGETS variable, instead of having one
specific for ext4 tools
- drop "default n" from Config.in.host]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
We need to bump both packages in one commit:
https://dovecot.org/pipermail/dovecot-news/2018-November/000392.html
Adjustments to several changes in Dovecot v2.3.4 make this Pigeonhole
release dependent on that Dovecot release; it will not compile against
older Dovecot versions. And, conversely, you need to upgrade
Pigeonhole when upgrading Dovecot to v2.3.4.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
We are using empty CONFIG_PREFIX_. This results in false positive match
for comment lines when merging config fragments.
To avoid false positive reports, we use separate sed expressions and
address comment lines explicitly.
This is actually is in the Linux kernel mainline (v4.20-rc2):
6bbe4385d035c6fac56f840a59861a0310ce137b
("kconfig: merge_config: avoid false positive matches from comment lines")
Signed-off-by: Nasser Afshin <Afshin.Nasser@gmail.com>
Reviewed-by: Petr Vorel <petr.vorel@gmail.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
We should use an empty prefix as we do not have any prefix.
Note that BR2_ is mere a convention.
Signed-off-by: Nasser Afshin <Afshin.Nasser@gmail.com>
Reviewed-by: Petr Vorel <petr.vorel@gmail.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch allows us to define config prefix with CONFIG_ environment
variable.
By setting the proper config prefix, we will have proper 'redundant
configuration warnings' when we use '-r -m' options.
This is actually already in mainline for v4.20-rc1:
2cd3faf87d2d8f6123adf34741b9a7b98828a76f
("merge_config.sh: Allow to define config prefix")
Signed-off-by: Nasser Afshin <afshin.nasser@gmail.com>
Reviewed-by: Petr Vorel <petr.vorel@gmail.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Drop upstream patch.
Add upstream patch for fixing build with musl libc.
Add upstream patch fixing build with glibc older that 2.19, and another
upstream patch fixing musl build cause by the previous patch.
Add yet another upstream patch fixing build with kernel headers before
4.2
Switch download site to https for better security.
Add license file hash.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add a simple test case to check the basic usage, storing a dict into a
file and then retrieving the dict from the file.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Use a simple script to check the basic usage. The target has no https
server, so a connection from in the target to localhost must not
succeed.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add a simple test case to check the basic usage by calling 'ls' and
checking the output.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add a simple test case that imports the module.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add a simple test case to check the basic usage, storing a dict into a
file and then retrieving the dict from the file.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add a simple test case that minimally uses the module.
Add haveged to the target to generate enough entropy so pynacl ->
libsodium don't hang waiting for /dev/random.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add a simple test case to check the basic usage. Call 'login' and try
wrong user/password, expecting the 'Login incorrect' message.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add a simple test case that creates a hash for a password and verifies
it against an incorrect and a correct password.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add a simple test case to check the basic usage by creating a class with
two constants.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Use a simple script to check the basic usage. Since this package
provides command line arguments, override run_sample_scripts to call the
script with arguments and check the expected output.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add a simple test case to check the basic usage, storing a dict into a
file and then retrieving the dict from the file.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add a simple test case to check the basic usage by checking the
corresponding representation of a 12-bit decimal number in hex, binary
and integer.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Use a minimal script to check the basic usage by creating and using a
small state machine.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Use a minimal script to check the basic usage creating a class with 2
attributes.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Use a simple script to check the basic usage. Since this package
provides command line arguments, override run_sample_scripts to call the
script with arguments and check the expected output.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
SDL_LinuxSetThreadPriority() has been added since version 2.0.9 and
f25a7fa870
However, this function is used in src/dynapi/SDL_dynapi_procs.h even
when SDL_THREADS_DISABLED
However, when SDL_THREADS_DISABLED is set, SDL_LinuxSetThreadPriority is
not defined because thread/pthread/SDL_systhread.c is not built
So check SDL_THREADS_DISABLED in addition to __LINUX__
Fixes:
- http://autobuild.buildroot.org/results/539cb9ab6c605dc6be73ebe90debab1a998f2451
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- This version adds support for ipset version 7, see:
b7a98f9265
- Remove patch and AUTORECONF = YES, an alternative solution has been
implemented, see:
9bd10d8168
- Disable hardening option (enabled by default):
5a65e1eb55
Fixes:
- http://autobuild.buildroot.org/results/b730e8b25c1d3343b7a6d73f6d3b82b13692578b
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Drop patches for atom glue and remove CXX compiler check as they are
applied upstream.
Replace patch to disable libbsd with upstream patch to accomplish the
same thing using --without-libbsd.
Enable support for readline when that package is enabled.
Enable lldpd's systemd unit file.
Signed-off-by: Trent Piepho <tpiepho@impinj.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since bumping luv from version 1.9.1 to 1.22.0, building luvi fails, as
"luv.h" now includes "compat-5.3.h", which is locally shipped as a
dependency to lua-compat-5.3.
Fixing the issue reveals, that luvi is using `luaL_newlib` which is not
available in the Lua 5.1 API. Building luvi with luv 1.9.1 was not an
issue before, because luv 1.9.1 defined `luaL_newlib` in luv.h, which
was removed in 1.22.0 in favour of using lua-compat-5.3.
Therefore, add a patch which defines `luaL_newlib` in luvi.h.
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add a patch to fix a build issue with luvi after bumping luv from
version 1.9.1 to 1.22.0.
The problem is that luv now uses lua-compat-5.3 instead of defining the
Lua 5.3 API itself. Unfortunately, luv.h now includes compat-5.3.h in the
header file, which causes the build issue with luvi, as luvi does not
find this local header file. Note, that luv ships lua-compat-5.3 as a
dependency.
Therefore, the patch includes compat-5.3.h in the source file luv.c, so
it isn't exposed to external programs.
Fixes:
http://autobuild.buildroot.net/results/2244cd30986aff29b763fb7183f6fc27a82bd7fahttp://autobuild.buildroot.net/results/01938f7f018dc69d564c22489933647b1daf62f3http://autobuild.buildroot.net/results/8217e863c2776d299cb90b90f1a2ed8233ec82ba
.. and many more
Note, that fixing this issue reveals another issue in luvi, which is
fixed by the follow up patch.
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4.18 brought cpufreq support for H3, but sunxi_defconfig does not enable the
ondemand cpufreq govenor so the frequency is dynamically adjusted - So
enable it in linux-extra.config.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
4.18 brought cpufreq support for H3, but sunxi_defconfig does not enable the
driver for the sy8106a regulator used on the board or enable the ondemand
cpufreq govenor so the frequency is dynamically adjusted - So enable these in
linux.fragment.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>