efb26a3 libopkg: remove "extra_data" option
1d67ab7 libopkg: remove support for "dist" config
Reduces opkg size by about 400 Bytes.
Signed-off-by: Paul Spooren <mail@aparcar.org>
61b3c62 opkg_verify_integrity: better logging and error conditions
f73d42f download: purge cached packages that have incorrect checksum
1c1480e download: factor out the logic for building cache filenames
293b1ce libopkg: factor out checksum and size verification
a786e25 download: remove compatibility with old cache naming scheme
Signed-off-by: Paul Spooren <mail@aparcar.org>
This reverts commit 9eb9943f82.
Building the 'modular' variant requires 'semodule_package' from
'selinux-python' to be installed on the buildhost.
Apart from that, this change also broke the monolithic refpolicy
'targeted' build.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Move /var/run/ubus.sock to /var/run/ubus/ubus.sock in preparation for
having ubusd run as non-root user.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Unify capability handling to only use OCI spec parsers even for ujail
slim containers which previously supposedly used their own format.
80c9516 cgroups: restrict allowed keys in 'unified' section
5ade567 cgroups: memory controller fixes
3121467 early: run ubusd non-root as user ubus, group ubus
12a5b97 jail: adapt to new ubus socket path
788d144 instance: actually wire up capabilities filename
ebc5a7f jail: nuke old capabilities code in favour of reusing OCI code
6c5233a jail: capabilities: apply in two phases
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This adds a variant of refpolicy that builds the modular form of the
policy. While this requires more memory on the target device, along with
some tricks to deal with OpenWrt's volatile /var directory, it is useful
for experiementing with SELinux policy.
Signed-off-by: W. Michael Petullo <mike@flyn.org>
da9746a libopkg: clean up handling of unresolved dependencies
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Signed-off-by: Paul Spooren <mail@aparcar.org>
da9746a libopkg: clean up handling of unresolved dependencies
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Signed-off-by: Paul Spooren <mail@aparcar.org>
The previous fix of a fix caused yet another problem leading to
`opkg show-upgradable` ending up in an infinite loop.
Fix that.
Fixes: 4a2b1ff7fb ("opkg: fix dependency resolution")
Reported-by: Huangbin Zhan <zhanhb88@gmail.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
The previous commit broke opkg in a way that it would no longer
include dependencies when installing a package, effectively leading
to broken images and unusable systems.
Fix that by making sure dependencies are still going to be checked.
Also reduce size of struct abstract_pkg as suggested by @jow- while at
it.
Fixes: 1445d333aa ("opkg: bump to git HEAD")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Unify capability handling to only use OCI spec parsers even for ujail
slim containers which previously supposedly used their own format.
80c9516 cgroups: restrict allowed keys in 'unified' section
5ade567 cgroups: memory controller fixes
3121467 early: run ubusd non-root as user ubus, group ubus
12a5b97 jail: adapt to new ubus socket path
788d144 instance: actually wire up capabilities filename
ebc5a7f jail: nuke old capabilities code in favour of reusing OCI code
6c5233a jail: capabilities: apply in two phases
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Move /var/run/ubus.sock to /var/run/ubus/ubus.sock in preparation for
having ubusd run as non-root user.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Directly set path via MAKE vars instead of defning TESTTOOLS. This way
setfiles, which is required by the ImageBuilder, ends up in /host/bin
while checkpolicy can stay in hostpkg/bin.
Signed-off-by: Paul Spooren <mail@aparcar.org>
The required BusyBox applets are enabled by default, so we can rely on them
being present in the system. This way, we make sure there are no conflicts
with less featured variants of these same applets which might also be
present in the system.
Fixes: 0bd7dfa3ed ("zram-swap: enable swap discard")
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
[wrap commit description]
Signed-off-by: David Bauer <mail@david-bauer.net>
This target has been mostly replaced by ath79 and won't be included
in the upcoming release anymore. Finally put it to rest.
This also removes all references in packages, tools, etc. as well as
the uboot-ar71xx and vsc73x5-ucode packages.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
