Change case of the unit "bit" from "Bit" to "bit" in web UI
The correct case for "kilobit" is "kilobit", not "kiloBit".
And the same applies for Mbit, Gbit etc.
Reference is https://en.wikipedia.org/wiki/Kilobit
This commit changes the texts used in the web UI, so
that it correctly displays as "bit", "kbit", "Mbit" etc.
This fixes bugzilla item 10918.
Signed-off-by: Alf Høgemark <alf@i100.no> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This patch update qemu to version 2.6
For changelogs see:
http://wiki.qemu.org/ChangeLog/2.5
http://wiki.qemu.org/ChangeLog/2.6
Qemu try to built with bluez, but before version 2.6 bluez was not used
by qemu on IPFire, so I think it is better to disable bluez because
nobody needs it before version 2.6 and our bluez is not the latest
version so I think this will cause more problems than benefits.
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This is an security update.
Recent were 2 serious security vulnerabilities published.
This patch update spice to a version which is not vulnerable.
Changelog:
Changes in 0.12.8:
==================
* Fixes for CVE-2016-0749 and CVE-2016-2150
Changes in 0.12.7:
==================
* spice-server will now send TCP keepalive probes on the TCP connections
it
uses. This can prevent unwanted idle disconnections if proxies are
used
between the client and the host.
* Fix important memory usage when the webdav channel is used
* Do not disconnect when the client requests an unsupported compression
type
* Fix a few race conditions
* Fix display glitch when using XSpice
* Improve help string for 'replay -s'
* Fix crashes in corner cases (buggy spice-html5 + win10, vnc + SPICE
port
configured, USB webcam redirection over a slow link)
* Fix various compilation warning when building on 32 bit machines
* Some fixes for big-endian machines, more work is likely to be needed
* Do not build static libraries by default, this can be reenabled with
--enable-static
* Fix small leak in MJPEG code
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
The libvirt daemon was not started after installation because the
initscritp is named 'libvirtd' not like the package 'libvirt'.
The same problem appear in the uninstall.sh. The service was not
stopped.
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Fri, 17 Jun 2016 11:06:40 +0000 (13:06 +0200)]
Qemu: add a group kvm to access /dev/kvm eaiser
As a normal user, it is not possible to use qemu with KVM. This is bad
because it is better when it is possible to start the machine with a
less privileged user. To achieve this a group KVM is created and the
access to /dev/kvm is allowed for this group. So every user in this
group can use qemu with KVM.
This change is also useful for libvirt because the VMs can be started
with user nobody and group kvm.
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Fri, 10 Jun 2016 08:13:41 +0000 (10:13 +0200)]
Fix in pakfire functions.sh
The if statement in line 89 and 99 are useless with the -e
conditional expression because it returns true if the path ist a
regular file or a directory.
So "/etc/init.d/ " returns true and "/etc/init.d/avahi" return also true,
but the statement should return only true if we have a regular file.
So -f if the right conditional expression, and we only try to execute
the init script if the path "/etc/init.d/${1}" points to a regular file.
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Fri, 10 Jun 2016 08:57:13 +0000 (10:57 +0200)]
Change the default libvirt remote user to libvirt-remote
It is possible to communicate per ssh via a socket with libvirt. It is
not a good idea to do this as root, so the remote user is now
libvirt-remote. Only this user or users in the group libvirt-remote can
communicate with the socket.
The user libvirt-remote is created without a password. The users have to
set a password for this user after installation.
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Matthias Fischer [Tue, 14 Jun 2016 10:33:00 +0000 (12:33 +0200)]
wget: Update to 1.18
Excerpt from annoncement:
"This version fixes a security vulnerability (CVE-2016-4971) present in
all old versions of wget. The vulnerability was discovered by Dawid
Golunski which were reported to us by Beyond Security's SecuriTeam.
On a server redirect from HTTP to a FTP resource, wget would trust the
HTTP server and uses the name in the redirected URL as the destination
filename.
This behaviour was changed and now it works similarly as a redirect from
HTTP to another HTTP resource so the original name is used as
the destination file. To keep the previous behaviour the user must
provide --trust-server-names."
Best,
Mat-backfromholidays-thias
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
BUG11131: fix errormessage when more ipsec subnets defined
When having more than one subnet in an ipsec connection it is not
possible to create a new openvpn static subnet.
Signed-off-by: Alexander Marx <alexander.marx@ipfire.org> Signed-off-by: Heino Gutschmidt <heino.gutschmidt@managedhosting.de> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Marcel Lorenz [Thu, 2 Jun 2016 17:39:51 +0000 (19:39 +0200)]
ncurses: update to 6.0 and rename 5.9 to ncurses-compat v3
This patch updates the ncurses to 6.0. The old 5.9 are renamed to ncurses-compat.
The compat makes the old libs maintainable and the compat rootfile is cleaned up.
The 6.0 is build after 5.9 and all IPFire componentes will build with 6.0
In version 6 only the wide-character libraries are build. The are usable
in both multibyte and traditional 8-bit locales while normal libraries work
properly only in 8-bit locales. The toolchain is only bild with 6.0.
Signed-off-by: Marcel Lorenz <marcel.lorenz@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Sat, 7 May 2016 14:01:09 +0000 (16:01 +0200)]
New package util-macros
This package is a build dependency of libpciaccess, we do not need this
as a package. That's why the rootfiles goes into common and all lines
are excluded.
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Sat, 7 May 2016 14:01:08 +0000 (16:01 +0200)]
Network: add macvtap mode
This change make it possible to use a macvtap interface as a
standard interface (green0).
This is required by libvirt, because libvirt adds macvtap interfaces to
the physical interface, but this causes a problem. A VM with this
configuration can communicate with the whole network,
but not with the Host (IPFire).
To solve this problem, the host interface must be also a macvtap interface.
This is achieved by:
1. In /var/ipfire/ethernet/settings the mode of a interface could set
with GREEN_MODE= ...
When the mode is macvtap the physical interface is renamed to green0phys
instead of green0. If the mode is not set the normal configuration is
applied .
2. The network-hotplug-macvtap script checks if a physical nic ends
with "phys".
When the interface ends with "phys", the script adds a macvtap interface
to the physical nic which is named green0. The MAC address of this
interface is set to the MAC address of the physical nic. The MAC address
of the physical is set to a random value. We do this because the MAC
address of green0 should not change.
All services, IP addresses then binds to the macvatap interface, the
physical nic is not used.
PS.: The script works also with the orange or blue interface, just
replace green with orange or blue.
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>