This update includes following changes:
lldpd (0.9.6)
* Changes:
+ Add a compile-time option to restore pre-0.9.2 JSON format (when
using json-c). Use `--enable-json0` to enable this option.
+ Support for newer ethtool interface on Linux
(ETHTOOL_GLINKSETTINGS) and additional speed settings.
+ Current MAU type is displayed even when autoneg is off.
+ Increase netlink receive buffer by default. Can be changed at
compile-time through ./configure.
* Fixes:
+ Correctly parse LLDP-MED civic address when the length of the
TLV exceeds the length of the address.
+ Fix 100% CPU on some rare error condition.
+ Fix lost timer when an interface is enslaved on Linux.
lldpd (0.9.5)
* Changes:
+ More Ethernet media supported. However, RFC4836 is quite
out-of-date with respected to 10G+ speeds, bringing some
inaccuracies.
+ Directly get media information for an interface without using
the privileged process.
+ LLDP-MED capability TLV is not sent when LLDP-MED is not
enabled,
even if other LLDP-MED TLV are present.
* Fixes:
+ Compilation fix with older versions of GCC.
+ Don't use ethtool at all to get real MAC address for enslaved
devices (always use /proc).
lldpd (0.9.4)
* Changes:
+ Make lldpd accepts a `-p` option to specify the PID file.
+ Ability to change multicast MAC address to two additional values
to reach customer bridges.
+ lldpcli will now display chassis TTL when detailed view is
enabled.
* Fixes:
+ Fix setting of local value for port ID.
+ Fix compilation with BSD make.
+ Ensure lldpcli returns an error code on invalid commands.
lldpd (0.9.3)
* Changes:
+ Do not rely on support of constructors for liblldpctl.
+ Always log to stderr (even in addition to syslog).
+ `lldpcli watch` accepts a limit on the number of received
events.
* Fixes:
+ `lldpcli -f {xml,json} watch` should work now.
+ Consider `veth` interfaces as physical interfaces.
Signed-off-by: Fabio Berton <fabio.berton@ossystems.com.br>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
It calls icu-config to detect icu support in file makedefs of postfix.
The compile results are different depends on whether icu has been built
already.
postfix should provide Unicode support, so add dependency icu to solve
the problem.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
The latest iscsi-initiator-utils has been available for a while now,
update our recipe. The new version no longer bundles its own ISNS server,
so this update brings in open-isns as a dependency.
As open-isns depends on systemd, add systemd to REQUIRED_DISTRO_FEATURES
Additionally, open-iscsi.org is defunct, the new home is at
open-iscsi.com, update the SRC_URI and homepage accordingly.
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Fix error when run ptest on target:
cp: cannot stat '/usr/bin/true': No such file or directory
make: *** [Makefile:1120: squid-conf-tests] Error 1
The correct path should be /bin/true on target.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
The default sysconfdir is /etc and logdir is /var/logs. Set sysconfdir
and logdir when configure, replace them with /etc/squid and
/var/log/squid.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* Allow sysinfo() in the seccomp sandbox otherwise
comes below OOPS: priv_sock_get_cmd as the syscall
sysinfo() not allowed
tnftp 192.168.1.1
Connected to 192.168.1.1.
220 (vsFTPd 3.0.3)
Name (192.168.1.1:root): anonymous
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> prompt
Interactive mode off.
ftp> mget small*
OOPS: priv_sock_get_cmd
* use "strace -ff /usr/sbin/vsftpd" to track in both
seccomp sandbox on and seccomp sandbox off (add
seccomp_sandbox=NO in /etc/vsftpd.conf) scenarios when
type the commands at ftp client as above, the ftp
connection at server side ends up each time with SIGSYS when
call sysinfo() syscall in seccomp sandbox on case,
so we need to add sysinfo() in the seccomp sandbox if
still use seccomp sandbox for vsftpd
* The issue still exists in other distribution, Please
check https://bugzilla.redhat.com/show_bug.cgi?id=845980 for details
And check ftp://195.220.108.108/linux/fedora/linux/updates/\
24/SRPMS/p/proftpd-1.3.5b-2.fc24.src.rpm for fedora, there
is even a patch vsftpd-3.0.2-seccomp.patch as below to turn off
seccomp sandbox for vsftpd by default which also means fedora
doesn't limit the syscall any more by default.
From dd86a1c28f11fa67b1263d5dc79fa9953629d30d Mon Sep 17 00:00:00 2001
From: Martin Sehnoutka <msehnout@redhat.com>
Date: Fri, 8 Apr 2016 15:03:16 +0200
Subject: [PATCH 1/7] vsftpd-3.0.2-seccomp
---
tunables.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tunables.c b/tunables.c
index 93f85b1..b024be4 100644
--- a/tunables.c
+++ b/tunables.c
@@ -232,7 +232,7 @@ tunables_load_defaults()
tunable_isolate_network = 1;
tunable_ftp_enable = 1;
tunable_http_enable = 0;
- tunable_seccomp_sandbox = 1;
+ tunable_seccomp_sandbox = 0;
tunable_allow_writeable_chroot = 0;
tunable_accept_timeout = 60;
Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* Remove the ftpmail script to avoid confusion
about it fails to run because it lacks a dependency
on Mail/Sendmail.pm which is not shipped by default.
Also it has not been maintained for more than 10 years as
http://search.cpan.org/~mivkovic/Mail-Sendmail/Sendmail.pm.
* And it's bad to add the dependency perl module
Mail/Sendmail.pm as it's too old and also send email to
Proftp-devel@lists.sourceforge.net to ask guidance about
ftpmail as below:
Q: In my environment, the ftpmail fails to run as
it lacks the dependency on Mail/Sendmail.pm which
is not shipped by default and also not maintained more
than 10 years as
http://search.cpan.org/~mivkovic/Mail-Sendmail/Sendmail.pm.
A: Patches for updates to the ftpmail script are highly
encouraged! If the Mail-Sendmail package is not to
your preference, what would you suggest/prefer using
instead?
We don't plan to do more improvements about the perl module
Mail-Sendmail now since it's not something we, or other distros
apparently need as other distribution also not include the
ftpmail script.
* The ftpmail is initially added as a perl script to send an email
notification when upload proftpd log as below commit in
https://github.com/proftpd/proftpd.git:
commit 8d602d4bf01ef0c6464c7a16dbbe570a0322dc17
Author: castaglia <castaglia>
Date: Thu Mar 6 03:06:14 2008 +0000
Added ftpmail, a Perl script which reads a TransferLog FIFO and sends
automatic email notifications for uploads.
Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* squid-conf-tests is a test to run "squid -k parse -f"
to perse the config files, which should not be run
at build time since we are cross compiling, so remove
it when compiling test-suite
* Fix the directories of the conf files for squid-conf-tests
so that it can run on the target and add it for ptest
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
when disable sysvinit and specify "systemd" in DISTRO_FEATURES,
the recipe "inhert systemd" will delete "/etc/init.d/opensafd",but
"/etc/init.d/opensafd" is needed to start opensafd.service.
Signed-off-by: Dai Caiyun <daicy.fnst@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
When pam is enabled,
1, Customize the proftpd.conf to use pam to authenticate
2, Add proftpd pam configuration file /etc/pam.d/proftpd
Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
When configuring squid with --enable-esi option,
the following error was observed:
[snip]
checking libxml/parser.h usability... no
checking libxml/parser.h presence... no
checking for libxml/parser.h... no
configure: Failed to find libxml2 header file libxml/parser.h
[snip]
ERROR: This autoconf log indicates errors, it looked at host include
and/or library paths while determining system capabilities.
[snip]
It tried to search libxml header file in host path. Set the SYSROOT
to avoid this host contamination.
Signed-off-by: Yue Tao <yue.tao@windriver.com>
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Commit f8dd8cde90 removed the StandardError
option from the proftpd service file, re-introduce it.
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
When using '??=' to set a variable, '+=' will cause
the '??=' value to be discarded. We change how PACKAGECONFIG
is defined. We also do not make sia support a default
since it is not likely to be available.
Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* Remove the blacklist since the issue is gone with new version
* Remove two CVE patches which have been fixed:
- CVE-2016-3947 and CVE-2016-4553
* Rebased the patch for ptest.
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
The recipe for atftp inherits useradd.bbclass and
re-creates the user nobody as a "system" user. This
is not correct and is in vain because this new definition
will not be created on the target.
Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
1) error: file /usr/share/man/man1/mailq.1 from install of postfix-doc
conflicts with file from package esmtp-doc
2) error: file /usr/share/man/man1/newaliases.1 from install of postfix-doc
conflicts with file from package esmtp-doc
3) error: file /usr/share/man/man1/sendmail.1 from install of postfix-doc
conflicts with file from package esmtp-doc
Signed-off-by: Dai Caiyun <daicy.fnst@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
base_contains() is a compatibility wrapper and may warn in the future, so
replace all instances with bb.utils.contains().
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
This new release has following changes since version 0.9.0:
lldpd (0.9.2)
Change:
- Ability to add/remove/replace custom TLV from lldpcli.
- LLDP-MED capabilities are displayed differently in lldpcli.
- Limit the maximum depth (5) when trying to apply a VLAN.
- Change JSON output format when using json-c to match Jansson
output.
- Integration tests for the major parts of lldpd, including use of
address and leak sanitizer.
Fix:
- LLDP-MED POE TLV are now displayed in lldpcli.
- Ignore lower link when it is in another namespace.
- Fix various problems with interfaces being enslaved.
- Fix a memory leak when modifying port-related settings.
lldpd (0.9.1)
Change:
- Rework packaging for OS X to make it work with El Capitan. To
simplify a bit, it is not possible anymore to build fat
binaries. Latest version of OS X supporting 32bit was 10.6.
Fix:
- By default, when using port alias as description, use port name
as port ID.
- Miscellaneous fixes with netlink cache.
- Ensure large netlink messages can be received.
Signed-off-by: Fabio Berton <fabio.berton@ossystems.com.br>
Acked-by: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
The mail group is provided by base-passwd so would always be present. Therefore
drop the uneeded group addition from this recipe.
This works around the recent user cleanup code improvements which meant
this started causing failures for people.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Acked-by: Otavio Salvador <otavio@ossystems.com.br>
Tested-by: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
ccdv is an internal tool to reduce the deluge Make output
to make finding actual problems easier and it is intended
to be invoked from Makefiles only, it doesn't work for the
cross compiling, so compile it with $BUILD_CC and
corresponding CFLAGS.
And I think we don't need to enable it by default to
reduce our Make output, so add a PACKAGECONFIG for it
but disable it by default.
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
There is a build failure while rebuilding postfix
...
| NOTE: make -e MAKEFLAGS= OPT= DEBUG= OPTS= clean
| make -f Makefile.in MAKELEVEL= Makefiles
| (echo "# Do not edit -- this file documents how Postfix was built for your
machine.";/bin/sh makedefs) >makedefs.tmp
| No <db.h> include file found.
| Install the appropriate db*-devel package first.
| Makefile.in:31: recipe for target 'Makefiles' failed
| make: *** [Makefiles] Error 1
| Makefile:21: recipe for target 'Makefiles' failed
| make: *** [Makefiles] Error 2
| ERROR: oe_runmake failed
| ERROR: Function failed: do_configure (log file is located at tmp/work/
core2-64-wrs-linux/postfix/3.0.2-r0/temp/do_configure/log.do_configure.12848)
...
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
