rpcd/ubox/procd: sync with upstream source

2020-07-07 10:08:43 +08:00 · 2020-07-07 10:08:43 +08:00 · c4faaf2a74
commit c4faaf2a74
parent ff0b338fe3
8 changed files with 38 additions and 58 deletions
--- a/package/system/procd/Makefile
+++ b/package/system/procd/Makefile
@ -8,13 +8,13 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=procd
-PKG_RELEASE:=3
+PKG_RELEASE:=2

 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL=$(PROJECT_GIT)/project/procd.git
-PKG_SOURCE_DATE:=2020-03-13
-PKG_SOURCE_VERSION:=77a6782d6e4eba2c49e642672de134aff443ef72
-PKG_MIRROR_HASH:=bb7e98a6b6f997a4fa2fb924be248febe5a7633601df2e97e7a7513c57b63870
+PKG_SOURCE_DATE:=2020-05-28
+PKG_SOURCE_VERSION:=b9b39e2061d7035a9d84eecbb4a4613deaf6d03f
+PKG_MIRROR_HASH:=0d6a96a2fb38f72c72b457a2a8638bee22f91009f9686152fcf4aee97846fc84
 CMAKE_INSTALL:=1

 PKG_LICENSE:=GPL-2.0
@ -56,6 +56,13 @@ define Package/procd-ujail
  TITLE:=OpenWrt process jail helper
 endef

+define Package/procd-ujail-console
+  SECTION:=base
+  CATEGORY:=Base system
+  DEPENDS:=+procd-ujail +libubus +libubox
+  TITLE:=OpenWrt process jail console
+endef
+
 define Package/procd-seccomp
  SECTION:=base
  CATEGORY:=Base system
@ -110,6 +117,11 @@ define Package/procd-ujail/install
 	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/ujail $(1)/sbin/
 endef

+define Package/procd-ujail-console/install
+	$(INSTALL_DIR) $(1)/sbin
+	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/ujail-console $(1)/sbin/
+endef
+
 define Package/procd-seccomp/install
 	$(INSTALL_DIR) $(1)/sbin $(1)/lib
 	$(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/libpreload-seccomp.so $(1)/lib
@ -120,4 +132,5 @@ endef

 $(eval $(call BuildPackage,procd))
 $(eval $(call BuildPackage,procd-ujail))
+$(eval $(call BuildPackage,procd-ujail-console))
 $(eval $(call BuildPackage,procd-seccomp))
--- a/package/system/procd/files/procd.sh
+++ b/package/system/procd/files/procd.sh
@ -187,6 +187,9 @@ _procd_add_jail() {
 		ronly)	json_add_boolean "ronly" "1";;
 		requirejail)	json_add_boolean "requirejail" "1";;
 		netns)	json_add_boolean "netns" "1";;
+		userns)	json_add_boolean "userns" "1";;
+		cgroupsns)	json_add_boolean "cgroupsns" "1";;
+		console)	json_add_boolean "console" "1";;
 		esac
 	done
 	json_add_object "mount"
@ -249,7 +252,8 @@ _procd_set_param() {
 		reload_signal)
 			json_add_int "$type" $(kill -l "$1")
 		;;
-		pidfile|user|group|seccomp|capabilities|facility)
+		pidfile|user|group|seccomp|capabilities|facility|\
+		extroot|overlaydir|tmpoverlaysize)
 			json_add_string "$type" "$1"
 		;;
 		stdout|stderr|no_new_privs)
@ -516,10 +520,10 @@ uci_validate_section()
 	local _result
 	local _error
 	shift; shift; shift
-	_result=`/sbin/validate_data "$_package" "$_type" "$_name" "$@" 2> /dev/null`
+	_result=$(/sbin/validate_data "$_package" "$_type" "$_name" "$@" 2> /dev/null)
 	_error=$?
 	eval "$_result"
-	[ "$_error" = "0" ] || `/sbin/validate_data "$_package" "$_type" "$_name" "$@" 1> /dev/null`
+	[ "$_error" = "0" ] || $(/sbin/validate_data "$_package" "$_type" "$_name" "$@" 1> /dev/null)
 	return $_error
 }

--- a/package/system/procd/files/reload_config
+++ b/package/system/procd/files/reload_config
@ -7,7 +7,7 @@ for config in /etc/config/*; do
 done
 MD5FILE=/var/run/config.md5
 [ -f $MD5FILE ] && {
-	for c in `md5sum -c $MD5FILE 2>/dev/null| grep FAILED | cut -d: -f1`; do
+	for c in $(md5sum -c $MD5FILE 2>/dev/null| grep FAILED | cut -d: -f1); do
 		ubus call service event "{ \"type\": \"config.change\", \"data\": { \"package\": \"$(basename $c)\" }}"
 	done
 }
--- a/package/system/procd/patches/001-include-nsswitch-in-jail-for-gilbc.patch
+++ b/package/system/procd/patches/001-include-nsswitch-in-jail-for-gilbc.patch
@ -1,30 +0,0 @@
-From d200b70e5d5b0b3b61e2573f1c2fa22b3fa9d63a Mon Sep 17 00:00:00 2001
-From: Daniel Golle <daniel@makrotopia.org>
-Date: Sun, 19 Apr 2020 23:06:51 +0100
-Subject: [PATCH] jail: include /etc/nsswitch.conf in jail for glibc.
-
-/etc/nsswitch.conf is needed to resolve usernames and groups from
-/etc/passwd and /etc/groups, name resoultion and a bunch of other
-things when using glibc.
-Mount /etc/nsswitch.conf in jail when building against glibc.
-
-Reported-by: Tobias Waldvogel <tobias.waldvogel@gmail.com>
-Signed-off-by: Daniel Golle <daniel@makrotopia.org>
---
- jail/jail.c | 5 +++++
- 1 file changed, 5 insertions(+)
-
--- a/jail/jail.c
-+++ b/jail/jail.c
-@@ -545,6 +545,11 @@ int main(int argc, char **argv)
- 				add_mount("/etc/group", 0, -1);
- 			}
- 
-+#if defined(__GLIBC__)
-+			if (!opts.extroot)
-+				add_mount("/etc/nsswitch.conf", 0, -1);
-+#endif
-+
- 			if (!(opts.namespace & CLONE_NEWNET)) {
- 				add_mount("/etc/resolv.conf", 0, -1);
- 			}
--- a/package/system/rpcd/Makefile
+++ b/package/system/rpcd/Makefile
@ -13,14 +13,15 @@ PKG_RELEASE:=1
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL=$(PROJECT_GIT)/project/rpcd.git
 PKG_SOURCE_DATE:=2020-05-26
-PKG_SOURCE_VERSION:=7be1f17138f19d1d7a86e0c27b3662d3643ff296
+PKG_SOURCE_VERSION:=078bb57e0769c987c05244abe1f7d8d53e0e323e
 PKG_MAINTAINER:=Jo-Philipp Wich <jo@mein.io>
-PKG_MIRROR_HASH:=b427b2be8ebd486edbc88f6e789d1890cbdda1b4f04dcfcc8751f568c3a82674
+PKG_MIRROR_HASH:=7f626efd95eccc7b8262a7e533341e17fe765d99cfa2fafde978190cb834fced

 PKG_LICENSE:=ISC
 PKG_LICENSE_FILES:=

 PKG_BUILD_PARALLEL:=1
+PKG_ASLR_PIE_REGULAR:=1

 include $(INCLUDE_DIR)/package.mk
 include $(INCLUDE_DIR)/cmake.mk
--- a/package/system/rpcd/files/rpcd.init
+++ b/package/system/rpcd/files/rpcd.init
@ -19,7 +19,3 @@ start_service() {
 reload_service() {
 	procd_send_signal rpcd
 }
-
-service_running() {
-	procd_running rpcd
-}
--- a/package/system/ubox/Makefile
+++ b/package/system/ubox/Makefile
@ -1,13 +1,13 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=ubox
-PKG_RELEASE:=2
+PKG_RELEASE:=4

 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL=$(PROJECT_GIT)/project/ubox.git
-PKG_SOURCE_DATE:=2019-06-16
-PKG_SOURCE_VERSION:=4df34a4d0d5183135217fc8280faae8e697147bc
-PKG_MIRROR_HASH:=a4064a1aa29cf612735b0da180f5bdee62304e907f57730482cad97b04f2b189
+PKG_SOURCE_DATE:=2019-12-31
+PKG_SOURCE_VERSION:=0e34af143373126fc62b43612233a158694ec643
+PKG_MIRROR_HASH:=8ad36b252419a88d1018addec84900f9601ef5aece39bd0171c918d0817688c9
 CMAKE_INSTALL:=1

 PKG_LICENSE:=GPL-2.0
@ -25,6 +25,12 @@ define Package/ubox
  CATEGORY:=Base system
  DEPENDS:=+libubox +ubusd +ubus +libubus +libuci +USE_GLIBC:librt
  TITLE:=OpenWrt system helper toolbox
+  ALTERNATIVES:=\
+    100:/sbin/rmmod:/sbin/kmodloader \
+    100:/sbin/insmod:/sbin/kmodloader \
+    100:/sbin/lsmod:/sbin/kmodloader \
+    100:/sbin/modinfo:/sbin/kmodloader \
+    100:/sbin/modprobe:/sbin/kmodloader
 endef

 define Package/getrandom
@ -50,12 +56,6 @@ define Package/ubox/install

 	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/{kmodloader,validate_data} $(1)/sbin/
 	$(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/libvalidate.so $(1)/lib
-
-	$(LN) kmodloader $(1)/sbin/rmmod
-	$(LN) kmodloader $(1)/sbin/insmod
-	$(LN) kmodloader $(1)/sbin/lsmod
-	$(LN) kmodloader $(1)/sbin/modinfo
-	$(LN) kmodloader $(1)/sbin/modprobe
 endef

 define Package/logd/install
--- a/package/system/ubox/files/log.init
+++ b/package/system/ubox/files/log.init
@ -96,7 +96,3 @@ start_service()
 	config_foreach validate_log_section system start_service_file
 	config_foreach validate_log_section system start_service_remote
 }
-
-service_running() {
-	procd_running log
-}