git.ipfire.org Git - people/stevee/ipfire-3.x.git/log

]> git.ipfire.org Git - people/stevee/ipfire-3.x.git/log

projects / people / stevee / ipfire-3.x.git / log

Stefan Schantl [Sat, 25 Mar 2023 19:22:54 +0000 (20:22 +0100)]

glibc: Disable multilib support on X86_64

This requires a 32bit glibc to link against, which we do not have.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sat, 25 Mar 2023 19:20:30 +0000 (20:20 +0100)]

unbound: Create missing directory for root anchor

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sat, 25 Mar 2023 19:09:15 +0000 (20:09 +0100)]

whois: Change download location

Debian moved to a recent version of which and dropped
the source tarball from their server.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sat, 25 Mar 2023 18:17:04 +0000 (19:17 +0100)]

systemd: Enable sysusers subsystem

This allows dynamically user and group creation based on
sysusers config files.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sat, 25 Mar 2023 18:16:30 +0000 (19:16 +0100)]

systemd: Update to 253

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Fri, 24 Mar 2023 17:15:02 +0000 (17:15 +0000)]

glibc: Fix runtime linker path chaos

Some architectures have a specific path for their runtime linker
hardcoded and in order to avoid installing them into /lib or /lib64
instead of /usr/lib or /usr/lib64, we are adding artificial provides.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Fri, 24 Mar 2023 10:55:33 +0000 (10:55 +0000)]

gcc: Harden this package

This is a major rewrite of this package which should probably be broken
down into several commits, but since GCC takes many hours to build, this
has now been mushed into one to keep us moving forward.

This patch re-introduces a full bootstrap of GCC.

We also build GCC with our own compiler flags and make it pass our
hardening checks which includes patching the build system to build GCC
itself as PIE.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Tue, 21 Mar 2023 18:49:23 +0000 (19:49 +0100)]

glibc: Fix RUNPATH in gconv libraries

Those libraries uses a special RUNPATH called $ORIGIN which we
do not support in IPFire. So changing this to the directory where
the are installed.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Tue, 21 Mar 2023 19:42:41 +0000 (20:42 +0100)]

chrpath: Drop package

This package has seen no updates for a long time and has been
replaced by the similar and better supported patchelf.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Tue, 21 Mar 2023 19:41:37 +0000 (20:41 +0100)]

gettext: Switch to patchelf to remove the RPATH

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Tue, 21 Mar 2023 19:33:36 +0000 (20:33 +0100)]

libldb: Switch to patchelf to remove the RPATH

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Tue, 21 Mar 2023 19:23:41 +0000 (20:23 +0100)]

libdb: Switch to patchelf to remove the RPATH

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Tue, 21 Mar 2023 19:17:46 +0000 (20:17 +0100)]

net-snmp: Switch to patchelf to remove the RPATH

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Tue, 21 Mar 2023 19:09:35 +0000 (20:09 +0100)]

tcpdump: Switch to patchelf to remove the RPATH

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Tue, 21 Mar 2023 18:07:43 +0000 (19:07 +0100)]

patchelf: New package

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Mon, 20 Mar 2023 17:47:48 +0000 (18:47 +0100)]

filesystem: Make filesystem structure FHS compliant

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Tue, 21 Mar 2023 10:20:16 +0000 (11:20 +0100)]

kernel: Proper build the helper binaries with our C and LDFLAGS

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Mon, 20 Mar 2023 11:41:11 +0000 (12:41 +0100)]

liboping: Re-enable setting capabilities

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Mon, 20 Mar 2023 11:40:19 +0000 (12:40 +0100)]

iputils: Re-enable setting capabilities

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Mon, 20 Mar 2023 11:39:16 +0000 (12:39 +0100)]

util-linux: Re-enable setting capabilities

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Mon, 20 Mar 2023 11:35:52 +0000 (12:35 +0100)]

nfs-utils: mount.nfs - Use capabilities instead of suid bit

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Mon, 20 Mar 2023 11:04:14 +0000 (12:04 +0100)]

shadow-utils: Use capabilites and remove more unused binaries

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Mon, 20 Mar 2023 11:01:37 +0000 (12:01 +0100)]

unbound: Use /run instead of /var/run

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Mon, 20 Mar 2023 10:43:42 +0000 (11:43 +0100)]

screen: Make screen FHS compliant

* Explicit use pam.
* Change socket dir to /run and add tmpfiles file.
* Only ship a simple screen binary without version
fragments
* Remove SUID bit from binary

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Mon, 20 Mar 2023 10:31:49 +0000 (11:31 +0100)]

sudo: Fix library permissions

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sun, 19 Mar 2023 15:02:04 +0000 (16:02 +0100)]

network: Add patch to fix logdir

Add upstream patch to proper set the location
to the logdir.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sun, 19 Mar 2023 14:49:00 +0000 (15:49 +0100)]

openssh: Change privsep directory to /var/lib/sshd

The old one /var/empty/sshd violated our FHS

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sun, 19 Mar 2023 14:48:19 +0000 (15:48 +0100)]

samba: Drop /var/run

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sun, 19 Mar 2023 14:19:41 +0000 (15:19 +0100)]

unbound: Do not create /var/run

This violates our FHS specs.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sun, 19 Mar 2023 14:13:54 +0000 (15:13 +0100)]

tcl: Fix library permissions

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sun, 19 Mar 2023 14:01:44 +0000 (15:01 +0100)]

sssd: Use /var/lib/sss and drop /var/run

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sun, 19 Mar 2023 13:39:26 +0000 (14:39 +0100)]

squid: Drop /var/run

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sun, 19 Mar 2023 11:07:16 +0000 (12:07 +0100)]

snort: Set correct permissions of helper script

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sun, 19 Mar 2023 10:43:19 +0000 (11:43 +0100)]

spectre-meltdown-checker: Install binary with correct permissions

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sun, 19 Mar 2023 10:36:03 +0000 (11:36 +0100)]

python3-pygobject3: Fix header file permissions

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sun, 19 Mar 2023 10:26:55 +0000 (11:26 +0100)]

python3-cairo: Fix header permissions

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sun, 19 Mar 2023 10:25:03 +0000 (11:25 +0100)]

ppp: Fix binary permissions and drop deprecated dirs in /var

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sun, 19 Mar 2023 10:16:49 +0000 (11:16 +0100)]

plymouth: Drop /var/run

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sun, 19 Mar 2023 10:09:57 +0000 (11:09 +0100)]

perl-WWW-Curl: Fix library permissions

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sun, 19 Mar 2023 10:09:24 +0000 (11:09 +0100)]

perl-WWW-Curl: Enable testsuite

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sun, 19 Mar 2023 10:07:39 +0000 (11:07 +0100)]

perl-XML-Parser: Fix library permissions

* Also enable the testsuite
* Drop old fragment from QA

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sun, 19 Mar 2023 10:06:31 +0000 (11:06 +0100)]

perl-XML-Parser: Set correct perl dependencies

Do not longer use perl-core/perl-devel as build
dependencies.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sun, 19 Mar 2023 09:53:45 +0000 (10:53 +0100)]

perl-TermReadkey: Enable testsuite

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sun, 19 Mar 2023 09:53:08 +0000 (10:53 +0100)]

perl-TermReadkey: Fix library permissions

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sun, 19 Mar 2023 09:47:48 +0000 (10:47 +0100)]

perl-SGMLSpm: Drop unneccessary perl script

We do not need this and it violates our FHS specs.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sun, 19 Mar 2023 09:37:25 +0000 (10:37 +0100)]

perl-Parse-Yapp: Fix library and binary permissions

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sun, 19 Mar 2023 09:32:49 +0000 (10:32 +0100)]

perl-Net-SSLeay: Fix library permissions

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sun, 19 Mar 2023 09:31:06 +0000 (10:31 +0100)]

perl-libintl-perl: Fix library permissions

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sun, 19 Mar 2023 09:29:11 +0000 (10:29 +0100)]

perl-IO-AIO: Fix library permissions

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sun, 19 Mar 2023 09:26:38 +0000 (10:26 +0100)]

perl-HTML-Tagset: Add proper perl build dependencies

Do not longer depend on perl-core or perl-devel.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sun, 19 Mar 2023 09:24:07 +0000 (10:24 +0100)]

perl-HTML-Parser: Fix library permissions

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sun, 19 Mar 2023 09:22:25 +0000 (10:22 +0100)]

perl-GSSAPI: Fix library permissions

* Also enable the testsuite

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sun, 19 Mar 2023 09:20:34 +0000 (10:20 +0100)]

perl-FCGI: Fix library permissions

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sun, 19 Mar 2023 09:17:20 +0000 (10:17 +0100)]

perl-DBI: Fix library and binary permissions

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sun, 19 Mar 2023 09:16:43 +0000 (10:16 +0100)]

perl-Digest-SHA1: Enable testsuite

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sun, 19 Mar 2023 09:16:07 +0000 (10:16 +0100)]

perl-Digest-SHA1: Fix library permissions

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sun, 19 Mar 2023 09:06:18 +0000 (10:06 +0100)]

perl-Crypt-OpenSSL-X509: Enable testsuite

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sun, 19 Mar 2023 09:01:19 +0000 (10:01 +0100)]

perl-Crypt-OpenSSL-X509: Fix library permissions

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sun, 19 Mar 2023 08:59:31 +0000 (09:59 +0100)]

perl-Coro: Fix library permissions

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sun, 19 Mar 2023 08:57:44 +0000 (09:57 +0100)]

perl-BDB: Fix library permissions

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sat, 18 Mar 2023 22:00:19 +0000 (23:00 +0100)]

libvirt: Fix binary permissions and drop /var/run

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sat, 18 Mar 2023 21:58:22 +0000 (22:58 +0100)]

pciutils: Install header files with correct permissions

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sat, 18 Mar 2023 21:15:52 +0000 (22:15 +0100)]

bash: Set correct permissions for /root and binaries

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sat, 18 Mar 2023 20:45:09 +0000 (21:45 +0100)]

openssh: Fix permissions for sshd-keygen

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sat, 18 Mar 2023 20:35:23 +0000 (21:35 +0100)]

openldap: Do not ship /run/openldap anymore

This violetes our FHS specs

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sat, 18 Mar 2023 20:34:06 +0000 (21:34 +0100)]

nettle: Fix library permissions

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sat, 18 Mar 2023 20:30:41 +0000 (21:30 +0100)]

net-snmp: Do not create /var/run anymore

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sat, 18 Mar 2023 20:24:11 +0000 (21:24 +0100)]

netpbm: Drop unneeded pkgconfig_template file

Anyway it was located at an invalid place.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sat, 18 Mar 2023 20:21:21 +0000 (21:21 +0100)]

mdadm: Use systemd tmpfile

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sat, 18 Mar 2023 20:15:26 +0000 (21:15 +0100)]

lvm2: Do not ship /run and it's content

This violetes our FHS specs

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sat, 18 Mar 2023 20:07:19 +0000 (21:07 +0100)]

lm-sensors: Proper use compiler and linker flags during build time

Those flags are required during build time and not during installation.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sat, 18 Mar 2023 19:49:10 +0000 (20:49 +0100)]

lldpd: Do not create /run/lldpd

This violates our FHS specs.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sat, 18 Mar 2023 19:47:24 +0000 (20:47 +0100)]

kea: Drop /var/run

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sat, 18 Mar 2023 19:32:35 +0000 (20:32 +0100)]

krb5: Change /var/kerberos to /var/lib/kerberos

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sat, 18 Mar 2023 19:29:58 +0000 (20:29 +0100)]

libdb: Fix binary and header file permissions

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sat, 18 Mar 2023 18:52:37 +0000 (19:52 +0100)]

iptraf-ng: Proper use our compiler and linker flags

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sat, 18 Mar 2023 18:47:36 +0000 (19:47 +0100)]

iptraf-ng: Do not longer create /var/lock

This folder violetes our FHS specs.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sat, 18 Mar 2023 18:44:06 +0000 (19:44 +0100)]

intel-microcode: Set correct permissions for dirs and files

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sat, 18 Mar 2023 16:17:25 +0000 (17:17 +0100)]

gettext: The config.rpath script needs to be executeable

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sat, 18 Mar 2023 16:12:51 +0000 (17:12 +0100)]

dma: Update to 0.13

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sat, 18 Mar 2023 15:58:42 +0000 (16:58 +0100)]

chrpath: Install documentation to the correct place

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sat, 18 Mar 2023 15:48:23 +0000 (16:48 +0100)]

dhcpcd: Fix permissions of dhcpcd binary

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sat, 18 Mar 2023 15:35:35 +0000 (16:35 +0100)]

cyrus-sasl: Use /run instead of /var/run

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sat, 18 Mar 2023 15:33:13 +0000 (16:33 +0100)]

cups: Fix file permissions in /usr/include and drop /var/run

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sat, 18 Mar 2023 15:05:26 +0000 (16:05 +0100)]

sudo: Use systemd tmpfiles mechanism

Use the tmpfiles mechanism from systemd to proper
recreate the /run/sudo directory.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sat, 18 Mar 2023 14:37:20 +0000 (15:37 +0100)]

bird: Drop /var/run

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sat, 18 Mar 2023 14:05:20 +0000 (15:05 +0100)]

git: Hook examples should not be executeable

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sat, 18 Mar 2023 13:19:01 +0000 (14:19 +0100)]

gettext: Drop unneccessary stuff

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sat, 18 Mar 2023 09:02:50 +0000 (10:02 +0100)]

sgml-common: Drop HTML documentation

We do not need this on our systems - anyway it
has been installed in a wrong directory.

Also replaced all hardcoded path values.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sat, 18 Mar 2023 08:52:40 +0000 (09:52 +0100)]

docbook-xsl: Fix file and directory permissions

The violated our FHS standards.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sat, 18 Mar 2023 08:50:57 +0000 (09:50 +0100)]

docbook-utils: Drop HTML documentation

We do not need this on our systems - Anyway it has been
installed to a wrong place by default.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Sat, 18 Mar 2023 08:49:50 +0000 (09:49 +0100)]

docbook-dtds: Install files not executeable

This is not required and vilates our FSH standards.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Fri, 17 Mar 2023 18:41:42 +0000 (19:41 +0100)]

qemu: Drop unused firmware files and /var/run

* Drop firmware files for platforms we do not support.
* Drop /var/run directory which violetes the FSH.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Fri, 17 Mar 2023 17:30:32 +0000 (18:30 +0100)]

perl: Fix library permissions

They did not fit the FSH and our own specs.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Fri, 17 Mar 2023 15:08:23 +0000 (16:08 +0100)]

util-linux: Do no create /run/uuidd

The folder will be created by systemd and violates the FSH.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Fri, 17 Mar 2023 14:56:08 +0000 (15:56 +0100)]

systemd: Do not create /run/log/journal

This will be done by the corresponding tmpfiles configuration
and violetes the FHS.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Fri, 17 Mar 2023 14:48:36 +0000 (15:48 +0100)]

setup: Do not create /run/motd.d folder

This folder will be created from systemd by the corresponding
tmpfiles script and fails our FHS checks.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Mon, 20 Mar 2023 19:06:43 +0000 (20:06 +0100)]

dwz: New package

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Stefan Schantl [Mon, 20 Mar 2023 19:06:24 +0000 (20:06 +0100)]

xxhash: New package

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit | commitdiff | tree

Michael Tremer [Tue, 21 Mar 2023 18:13:50 +0000 (18:13 +0000)]

glibc: Make this package confirm to FHS/Hardening

This patch changes many things about glibc in one go. Sorry.

We move glibc out of /lib so that we no longer install any files where
they should not be according to our FHS.

We also enable SSP-all and ensure that everything is properly hardened.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

Stefan's tree of IPFire 3.x.

RSS Atom