The CONTRIBUTING.md requests an (or multiple) SPDX identifier for GPL
licenses. But a lot of packages did use a different, non-SPDX style with a
"+" at the end instead of "-or-later".
Signed-off-by: Sven Eckelmann <sven@narfation.org>
* remove 'http-only' mode, all sources are now fetched from https sites
* the backup mode is now mandatory ('/tmp' is the default backup
directory), always create and re-use backups if available.
To force a re-download take the 'reload' action.
* support 'sshd' in addition to 'dropbear' for logfile parsing
to detect break-in events
* always update the black-/whitelist with logfile parsing results
in 'refresh' mode (no new downloads)
* rework the return code handling
* tweak procd trigger
* various small fixes
* (s)hellsheck cosmetics
Signed-off-by: Dirk Brenken <dev@brenken.org>
So that packages like acme requiring features from it can depend on it
explicitly, not the more basic "wget" which is also provided by
"uclient-fetch"
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* use raw procd interface trigger as last resort, if the
adblock config is not available during startup
* fix selective subdomain whitelisting for dnsmasq
* fix a kresd restart issue with 'DNS File Reset'
* fix a suspend/resume cornercase
* disable the tld compression, if the number of blocked domains
is greater than 'adb_maxtld' (default: 100000)
* made the fw portlist configurable (default '53 853 5353')
* preliminary support for inotify-like autoload features
of dns backends like kresd in future Turris OS. If 'adb_dnsinotify'
is set to 'true', all adblock related restarts and the
'DNS File Reset' will be disabled
Signed-off-by: Dirk Brenken <dev@brenken.org>
The double quote thells the shell that the list returned from `pidof` is a
single argument, therefore, `renice` will cry about a malformed input.
With this commit, `renice` will be applied correctly to all the returned PIDs
from `pidof`.
The output of `renice` for the quoted list is as follows:
`renice: invalid number '6592 6587 6586 6574'`
`renice` does not show and does apply the nice value if the list is unquoted.
Signed-off-by: Oever González <notengobattery@gmail.com>
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
Maintainer: Jakub Tymejczyk <jakub@tymejczyk.pl>
Compile tested: ramips, Xiaomi Router 3G, fc54256
Run tested: ramips, Xiaomi Router 3G, 0f54d96
Description:
Mosh is "Remote terminal application that allows roaming, supports
intermittent connectivity, and provides intelligent local echo and line
editing of user keystrokes".
Project's site: https://mosh.org
Makefile and patch taken from: https://github.com/mchwalisz/mosh-openwrt
updated by me
Signed-off-by: Jakub Tymejczyk <jakub@tymejczyk.pl>
(Makefile cleanup and size optimizations)
Signed-off-by: Rosen Penev <rosenp@gmail.com>
- Correct SPDX License Identifier
- Move MAINTAINER, SUBMENU to more appropriate place
- Use HTTPS in URL
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
As discussed on GitHub[0] the package should be removed.
[0]: https://github.com/openwrt/packages/issues/7832
> The package is effectively orphaned upstream and has been for some
time. Given the security-sensitive nature of the package, an active
maintainer community is essential for safe usage. Racoon's lack of
support for IKEv2, despite it being stable for a long time, and the
availability of next-generation tunneling systems such as wireguard,
also would seem to limit its future value. Setkey's functionality
has been subsumed by 'ip xfrm'.
> If you disagree that ipsec-tools should be removed from OpenWRT,
please say so now. If there are still use cases for it that are
not met by other IKE implmenentations that would be good to
know. But more importantly, I think you'll need to convince us
that ipsec-tools is actually safe to operate on today's Internet
given its current state of development.
Signed-off-by: Paul Spooren <mail@aparcar.org>
Introduce further ACL checks to verify that the request-supplied
upload location may be written to. This prevents overwriting things
like /bin/busybox and allows to confine uploads to specific directories.
To setup the required ACLs, the following ubus command may be used
on the command line:
ubus call session grant '{
"ubus_rpc_session": "d41d8cd98f00b204e9800998ecf8427e",
"scope": "cgi-io",
"objects": [
[ "/etc/certificates/*", "write" ],
[ "/var/uploads/*", "write" ]
]
}'
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* automatically add open uplinks to your wireless config,
e.g. hotel captive portals (disabled by default)
* shift net status check in a separate function
* (s)hellcheck cosmetics
Signed-off-by: Dirk Brenken <dev@brenken.org>
Sven Eckelmann