David Oberhollenzer
69aa1d33e9
Set hardening options for packages with custom build system
...
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-19 00:18:51 +02:00
David Oberhollenzer
7b0e1f182c
Add hardening flags to autotools based packages
...
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-17 01:11:02 +02:00
David Oberhollenzer
8063550d4e
Add libc agnostic fortify-headers package
...
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-17 01:11:02 +02:00
David Oberhollenzer
52933c58c9
Enable hardening flags for stage-1 gcc
...
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-17 00:52:10 +02:00
David Oberhollenzer
0958272eb3
Export CROSS_COMPILE environment variable for Musl build script
...
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-17 00:52:10 +02:00
David Oberhollenzer
c16ff53c14
Remove overlay partition setup from release shell scripts
...
The initial ram disk does that for us (with the propper permissions
in the case of Qemu).
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-11 19:02:11 +02:00
David Oberhollenzer
cf60632398
Enable kernel hardening options
...
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-11 19:02:11 +02:00
David Oberhollenzer
2a1add41e7
Enable stack protection flags in GCC cross compiler
...
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-11 19:02:11 +02:00
David Oberhollenzer
f1be060f7c
Bump mainline LTS linux version
...
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-07 16:35:25 +02:00
David Oberhollenzer
edeedb8047
Update documentation
...
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-07 16:35:25 +02:00
David Oberhollenzer
62345ef7bb
Cleanup nginx user and directory setup
...
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-07 16:35:25 +02:00
David Oberhollenzer
30cad432bf
Add an Nginx server landing page to the router product
...
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-07 02:16:28 +02:00
David Oberhollenzer
dcadff7637
Init version rebase
...
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-07 02:16:28 +02:00
David Oberhollenzer
8d75cb83fd
Add nginx package
...
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-06 20:32:44 +02:00
David Oberhollenzer
f3861b9df1
Add PCRE package
...
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-06 17:25:52 +02:00
David Oberhollenzer
a71c45aec0
Fix final image copy in Linux LTS build script
...
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-06 17:25:52 +02:00
David Oberhollenzer
e7101d5400
Unfuck libtool archives for libnl3
...
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-06 17:25:52 +02:00
David Oberhollenzer
8ee48e70d2
Add documentation index
...
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-03 02:04:01 +02:00
David Oberhollenzer
804aad6274
Add writeup on system boot and VFS setup
...
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-03 01:59:57 +02:00
David Oberhollenzer
86dcb7d8c1
Bump mainline LTS linux version
...
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-01 20:49:03 +02:00
David Oberhollenzer
e61ca9decf
Another overlay mount overhaul
...
- Directly pass the device type to the mount command
- Use the special default type "hwdevice" to wait for a device node
before mounting it
- Initialize the overlay partition from the initrd script
- Do the bind mount setup as document
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-01 19:11:12 +02:00
David Oberhollenzer
05298e3363
Update documentation
...
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-01 17:34:25 +02:00
David Oberhollenzer
38a9b5865c
Add libdir to autotools configuration
...
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-30 02:36:59 +02:00
David Oberhollenzer
121fee7e97
Add configuration for testing with qemu
...
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-30 01:28:33 +02:00
David Oberhollenzer
59d01432b1
More sophisticated filesystem setup from initrd
...
- Let us specify the "type" of the root and overlay filesystem.
At the moment we have raw device that we wait for (default) and
qemu virtio 9pfs.
- If no squasfs image is specified, mount the root partition as
root filesystem.
- If no overlay device is specified, don't touch the new root
filesystem.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-29 21:32:58 +02:00
David Oberhollenzer
2d74caf06b
Remove perl scripts from ntp package installed files
...
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-29 17:10:07 +02:00
David Oberhollenzer
90fc4f4e9e
Patch gcc to install 64 bit libraries to /lib instead of /lib64
...
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-29 17:10:07 +02:00
David Oberhollenzer
6ced6fc948
Minor fixes for main line Linux LTS build
...
- Patch the config first, don't touch it after running make oldconfig
- Add modules target to toolchain config, don't directly call it
- Only try to install modules if we actually have support for loadable
modules
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-29 17:10:07 +02:00
David Oberhollenzer
8faae986b6
Bump psmisc version
...
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-27 23:58:12 +02:00
David Oberhollenzer
b0da273179
Bump mainline LTS linux version
...
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-27 23:56:34 +02:00
David Oberhollenzer
b4824a9f29
Fix missing LAYERCONF in check_update script
...
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-27 23:51:15 +02:00
David Oberhollenzer
5b17bc9526
Cleanup layer configuration
...
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-24 13:27:26 +02:00
David Oberhollenzer
c7231478d5
Restructure build system configuration
...
Add a generic, stackable layer based structure instead of special purpose
subdirectories with specific behaviour.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-23 16:19:52 +02:00
David Oberhollenzer
de14b86043
Build coreutils as single call binary
...
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-22 21:29:29 +02:00
David Oberhollenzer
de90e7bcbb
Bump nano version
...
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-21 22:27:18 +02:00
David Oberhollenzer
0b8ffdbb7f
Bump mainline LTS linux version
...
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-21 22:25:49 +02:00
David Oberhollenzer
e865ae2d1c
Bump Raspberry Pi 3 vendor kernel version
...
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-21 22:23:08 +02:00
David Oberhollenzer
ad3b6d19a2
Bump Raspberry Pi 3 firmware version
...
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-21 22:22:50 +02:00
David Oberhollenzer
bbac1391dc
Bump init version
...
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-21 22:11:58 +02:00
David Oberhollenzer
51a2c5ea17
Fix permissions for root user home directory
...
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-15 20:25:27 +02:00
David Oberhollenzer
700395b508
Bump OpenSSL version
...
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-15 20:18:19 +02:00
David Oberhollenzer
0f3d04a3b8
Bump unbound version
...
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-15 20:18:19 +02:00
David Oberhollenzer
76fba828f3
Bump mainline LTS linux version
...
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-15 20:18:19 +02:00
David Oberhollenzer
48e6358906
Bump busybox version
...
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-15 20:18:19 +02:00
David Oberhollenzer
fc6d7292c5
Bump nano version
...
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-15 20:18:19 +02:00
David Oberhollenzer
6aff04a1fd
Shadow: provide configuration files directly
...
Instead of patching around in the build/deploy directories, simply
provide a set of default configuration files directly from the package
directory.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-15 20:18:19 +02:00
David Oberhollenzer
d515f0dde2
Minor default settings cleanup
...
- Add 'rm -I' and 'cp -i' aliases to bashrc
- Make sure tmpfsvar creates the log files that the login program expects
- Restore 'tty' group; some scripts actually rely on that
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-15 16:01:06 +02:00
David Oberhollenzer
7eb727e26f
Remove programs depending on non-existant utmp data
...
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-10 09:26:47 +02:00
David Oberhollenzer
b4502eaf80
Add time zone data
...
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-08 15:05:49 +02:00
David Oberhollenzer
3e75dc1e37
Add ntp package
...
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-08 15:05:49 +02:00