Switch to AUTORELEASE for simplicity.
Refresh patches.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 5c467bb76f)
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Signed-off-by: Jonathan Pagel <jonny_tischbein@systemli.org>
(cherry picked from commit f43a5f03bb)
Signed-off-by: Jonathan Pagel <jonny_tischbein@systemli.org>
otherwise, a user would have to either manually run /etc/init.d/lxc-auto
boot or reboot the system to start using lxc.
Signed-off-by: Michal Vasilek <michal.vasilek@nic.cz>
(cherry picked from commit 2cde10b950)
a7a7c732c0
changed package pinning from commit hash to version for some dependencies
(but not all, libnetwork is still referenced by commit)
Support the version-based pinning mechanism in addition to commit-based
Signed-off-by: Andy Dodd <atd7@cornell.edu>
(cherry picked from commit c3166c5a22)
This fixes CVE-2022-24884.
Also update the package URL to match the source repository.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
(cherry picked from commit de5671e582)
Signed-off-by: Jonathan Pagel <jonny_tischbein@systemli.org>
(cherry picked from commit c5b668df5b)
Signed-off-by: Jonathan Pagel <jonny_tischbein@systemli.org>
Signed-off-by: Jonathan Pagel <jonny_tischbein@systemli.org>
(cherry picked from commit a93b3baba1)
Signed-off-by: Jonathan Pagel <jonny_tischbein@systemli.org>
It is costly in transmissions to add all information to each metric.
Instead, only use the "device" as a label and add all other important
labels to the "uptime" metric.
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 9f3064a11c)
Update the version and add ubnt-manager to the build section.
Fixes: 76f27975a9 (" prometheus-node-exporter-lua: add ubnt-manager collector ")
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 42e841039b)
Ubnt-manager-collector collects statistics from airos devices configured
in ubnt-manager.
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 76f27975a9)
This app makes it easier to work with AirOS devices. So far, only monitoring is implemented.
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit e4a8d3fc29)
Signed-off-by: Jonathan Pagel <jonny_tischbein@systemli.org>
(cherry picked from commit 86b8b30683)
Signed-off-by: Jonathan Pagel <jonny_tischbein@systemli.org>
Signed-off-by: Jonathan Pagel <jonny_tischbein@systemli.org>
(cherry picked from commit 2c9c485822)
Signed-off-by: Jonathan Pagel <jonny_tischbein@systemli.org>
Provide a new variant, nano-full, that enables almost
all functionality of nano. Only libmagic file type detection
has been left out.
Ship with a minimal /etc/nanorc that the user can modify.
nanorc documentation at
https://www.nano-editor.org/dist/latest/nanorc.5.html
Provide color highlighting for the uci config files.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit 6a51794638)
Show error message instead of segfaulting in case of an invalid URL
being read from UCI config.
Fixes: #17971
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit c0d2c82528)
Fallback to use 'sdcard' image in case there is neither 'sysupgrade'
nor 'combined' image available.
This allows using 'auc' on targets where 'sdcard' image is also used
for sysupgrade (such as some mvebu-based devices with eMMC).
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 6b041752a0)
Accept both 'y' and 'Y' as positive confirmation when asking the user
if auc should proceed with requesting and installing an upgrade.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit d27ecdcc49)
Add option to allow only requesting an image but not actually download
or sysupgrade anything.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 19c135685f)
* Use SPDX
* Use CA (ucert) public key
* Update repo link
* Update maintainer email
* Format description
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit a54b9570ad)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Nano is by default built as "tiny" with most features disabled.
That is suitable for basic tasks in routers with small flash.
Add a new nano-plus variant that enables selected additional
features in the build config:
* multiple files (multibuffer)
* Unicode/utf8
* justify
* .nanorc support
* help
* also some key bindings get enabled as "tiny" configure option
is removed.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit 85cb71d8d8)
Signed-off-by: Jonathan Pagel <jonny_tischbein@systemli.org>
(cherry picked from commit 912bb2c803)
Signed-off-by: Jonathan Pagel <jonny_tischbein@systemli.org>
/etc/config is the default uci folder. Also marking it as
configuration file prevents overwriting it on updates.
Signed-off-by: Jonathan Pagel <jonny_tischbein@systemli.org>
(cherry picked from commit abb33331e5)
Signed-off-by: Jonathan Pagel <jonny_tischbein@systemli.org>
Telegraf is a plugin-driven agent for collecting and sending metrics
and events. It supports various inputs (including prometheus
endpoints) and is able to send data into InfluxDB.
https://www.influxdata.com/time-series-platform/telegraf/
Signed-off-by: Jonathan Pagel <jonny_tischbein@systemli.org>
(cherry picked from commit 0781a15c93)
Signed-off-by: Jonathan Pagel <jonny_tischbein@systemli.org>
During update we use sudo to start an instance. It probably could be
workarounded, but given the MariaDB size, dependency on sudo shouldn't
be an issue.
Signed-off-by: Michal Hrusecky <michal.hrusecky@turris.com>
(cherry picked from commit 0ffec9bd4b)
If you are migrating to MariaDB package, you might have old datadir
stored somewhere using different setup with different users. If you
trust us enough to enable autoupgrade, you probably trust us enough to
chown your datadir as well. This can prevent some potential issues.
Signed-off-by: Michal Hrusecky <michal.hrusecky@turris.com>
(cherry picked from commit b41525cef4)
Update nano editor to version 6.0
Version 6.0 enable toggling the display of the line numbers with
the shortcut key M-N (Alt-n). Also the cmdline option "-l" works.
Remove earlier patch regarding that.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit 0571f5400d)
For every mysql* binary create corresponding mariadb binary and vice
versa.
Signed-off-by: Michal Hrusecky <michal.hrusecky@turris.com>
(cherry picked from commit 2295c351ed)
Do not pick just few random SQL files to install, install all of them.
Signed-off-by: Michal Hrusecky <michal.hrusecky@turris.com>
(cherry picked from commit 4653d83048)
Remove from default configuration options that are compiled in like
default paths and character set. On the other hand add few examples of
tweak options that might be handy.
Signed-off-by: Michal Hrusecky <michal.hrusecky@turris.com>
(cherry picked from commit a2c1a57282)
Update init script so other user/group can be used. Also make sure that
init script can actually create an empty database instead of forcing the
user to do it by hand. Other new feature is taking care of migration
of the database when upgrading the database.
Signed-off-by: Michal Hrusecky <michal.hrusecky@turris.com>
(cherry picked from commit 1be35284bb)
The raison d'être of package mariadb-common was to provide common my.cnf
config file that was being used to include subdirectories and then to
push utf-8 as default everywhere. Let's make this file part of the
server package as there we actually set other options as well and drop
it from all clients. Instead let's set utf-8 as default in server,
client and client libraries. While at it also set socket to the more
common path and drop mysqld_safe script from the list of configuration
files and do other minor tweaks.
Signed-off-by: Michal Hrusecky <michal.hrusecky@turris.com>
(cherry picked from commit d8ecded02d)
Remove parsing of data which is not used within `auc`. Later iterations
may use these but they can be gradually added whenever needed.
Also remove HTTP code handling of error codes no longer used by the
backend. Early iterations of the server where infinitely complex to
figure out created images and announce them to clients but ever since
everything is stored in JSON, things got better (aka simpler).
If a package is missing on the upstream server, color it in red.
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit 6527d65b9b)
Currently `auc` uses the outdated /json/ path, this commit uses
/json/v1/ to be more future proof.
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit 69b5c28929)
A lot of changes since 3.3.1.
Full (long) lists of release notes between
versions are available at
https://github.com/containers/podman/releases
containers.conf updated
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
(cherry picked from commit 3e5761d6cd)
Earlier versions of podman did not make use of TMPDIR when running "podman
run ...". Podman's default, /var/tmp, presents a problem to rootless
use since OpenWrt's /var/tmp does not permit writes by non-root users.
Podman 3.3.1 makes full use of TMPDIR.
This is part of an attempt to get rootless podman to work on OpenWrt.
See https://github.com/openwrt/packages/issues/15096.
See also the upstream issue at
https://github.com/containers/podman/issues/10698.
Signed-off-by: W. Michael Petullo <mike@flyn.org>
(cherry picked from commit 416eced174)
Running podman as users other than root seems to require that those
users can read /usr/share/containers/seccomp.json. This change sets the
permissions on that file to match those used on Fedora.
Signed-off-by: W. Michael Petullo <mike@flyn.org>
(cherry picked from commit a41556af4f)
Running podman as users other than root seems to require that those
users can read the configuration files in /etc/containers. This change
sets the permissions of /etc/containers and its contents to match those
used on Fedora.
Signed-off-by: W. Michael Petullo <mike@flyn.org>
(cherry picked from commit f51ef46aa6)
- Add support for AppArmor
- Gracefully stop containers and pods on shutdown
I found out that If you change location of containers to persistent storage instead of tmpfs, starting them will fail unless they have been stopped. If this is the case that reboot has occurred before pods and containers have been stopped, they cannot be started, they have to be removed and re-created. Change in initscript tries to avoid that. Even if containers are running at tmpfs, this won't hurt. Still, if something happens and system hangs/reboots/etc, script won't save you from that. It's just a attempt to make things better.
I also enabled AppArmor support for future possibilities.
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
(cherry picked from commit 5bb8844fe3)
Now that 'crun' has been packaged, add support for it in podman.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 954be76e6a)
bug fixes:
- Remove unreachable code path
- exit: report if the exit command was killed
- exit: fix race zombie reaper
- conn_sock: allow watchdog messages through the notify socket proxy
- seccomp: add support for seccomp notify
misc:
- Add seccomp to build dependency
included patch removes unnecessary dependency of libdl and also allows a succesfull build
disabled for arc where libseccomp does not seem to be available
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
(cherry picked from commit ab08ad2ad9)
Patch fixing segfaults on nulls was removed due to patch's content being now included in conmon's source since containers/conmon@355dbf1
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
(cherry picked from commit 9fdfe2e2c7)
Switched to building with meson as it works better in a parallel
context.
Small Makefile adjustments for consistency.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit c8128df4e4)
cni-plugins makes use of veth, make sure kernel module is installed.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 1b25b6e239)
This is a security release that fixes a single bug:
- tighten up plugin-finding logic (#811)
Users of libcni are strongly encouraged to update.
Added me to list of maintainers as requested by @dangowrt.
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
(cherry picked from commit ceaccc1c7a)
Package new experimental SSH token authenticator plugin as new package
'cryptsetup-ssh'.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 97dd009f58)
Drop two local patches which were replaced by upstream commits.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 74969337cf)
Automatically scan and activate physical volumes when added at runtime.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit f32236e542)
Two notable changes are devices file and metadata based autoactivation.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit dc27d43f29)
This was probably a work-around for an issue with dependencies which
was fixed by
988ed00802
Remove it as all other packages with `-selinux` variants do provide
a non-SELinux-variant without any suffix and that works now, see
procd vs. procd-selinux
busybox vs. busybox-selinux
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 43597b918a)
Backport new upstream patch to enable toggling the display of
the line numbers with the shortcut key M-N (Alt-n).
Also the cmdline option "-l" works.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit 9023845d50)
Enable showing line numbers, which makes it easier to find
the correct place in long files. Due to the "tiny" build,
the functionality is only available from cmdline with "-l"
option.
For example: nano -l /etc/banner
Key shortcut M-n is disabled due to "tiny".
See https://savannah.gnu.org/bugs/?61441 for explanation.
Also
* remove without-slang config option, deprecated in Dec 2020
* adopt AUTORELEASE
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit ae7f62d637)
This commit add new package afuse into packages feed.
afuse is an automounting file system implemented in user-space using
FUSE. It implements the most basic functionality that can be expected by
an automounter; that is it manages a directory of virtual directories.
If one of these virtual directories is accessed and is not already
automounted, afuse will attempt to mount a filesystem onto that
directory. If the mount succeeds the requested access proceeds as
normal, otherwise it will fail with an error.
Signed-off-by: Michal Hrusecky <michal@hrusecky.net>
(cherry picked from commit 3d0f73ea67)
Update to the latest stable version. Also contains minor Makefile
polishing - better source RL and correctly formatted license.
Signed-off-by: Michal Hrusecky <michal.hrusecky@turris.com>
Remove getline patch. It seems to be for uClibc, which is no longer in
the tree.
Remove commands patch. Issue was fixed upstream. Same with the tests
patch.
Remove gpg patch. It's an upstream backport.
Refreshed others.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 3df43e2f66)
* Removed all unnecessary files after configuration
* Reduced code duplication
* Changed to symlinking config instead of copying
Signed-off-by: Gerard Ryan <G.M0N3Y.2503@gmail.com>
