1
0
Fork 0
mirror of https://github.com/pygos/build.git synced 2024-11-25 12:20:42 +01:00
Commit graph

309 commits

Author SHA1 Message Date
David Oberhollenzer
6e3b2ab4f9 Cleanup shadow-utils installed programs
- Remove programs for converting shadow/regular files into each other
 - Remove programs for working with group passwords
 - Remove batch processing programs
 - Remove namespace related programs
 - Remove other convoluted group management programs
 - Remove password expiry and finger information utilites

Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-11-14 16:23:25 +01:00
David Oberhollenzer
2c394f4246 Bump init version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-11-05 21:55:15 +01:00
David Oberhollenzer
5e11afa1f6 Bump tzdb version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-11-03 19:28:43 +01:00
David Oberhollenzer
3432245e78 Bump OpenSSH version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-11-03 19:28:43 +01:00
David Oberhollenzer
6c0ec9a4ab Bump iproute2 version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-11-03 19:28:43 +01:00
David Oberhollenzer
41aa911d92 Bump ethtool version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-11-03 19:28:43 +01:00
David Oberhollenzer
0645f44a1f Fix /lib64 substitution pattern in tc-gcc1
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-11-03 19:28:43 +01:00
David Oberhollenzer
45cc27ca40 Bump binutils version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-11-03 19:28:43 +01:00
David Oberhollenzer
6ad8ed37f7 Cleanup binutils confgiure flags, add relro, PIC, deterministic ar
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-11-03 19:28:43 +01:00
David Oberhollenzer
1aa829699c Explicitly disable libquadmath in second stage gcc
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-11-03 19:28:43 +01:00
David Oberhollenzer
544ac03d1f Allways build libssp_noshared, even for non hardened toolchains
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-11-03 19:28:43 +01:00
David Oberhollenzer
e87a8ec43c Explicitly turn on size optimizations
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-11-03 19:28:43 +01:00
David Oberhollenzer
cf2e438a45 Bump Raspberry Pi 3 vendor kernel version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-11-03 19:28:43 +01:00
David Oberhollenzer
35e72a4ae7 Bump Raspberry Pi 3 firmware version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-11-03 19:28:43 +01:00
David Oberhollenzer
82a00e5a1b Bump mainline LTS linux version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-11-03 19:28:43 +01:00
David Oberhollenzer
60f9a68807 Bump file version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-11-03 19:28:43 +01:00
David Oberhollenzer
81f4f36044 Bump tzdata version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-11-03 19:28:43 +01:00
David Oberhollenzer
e91029b64e Bump unbound version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-11-03 19:28:43 +01:00
David Oberhollenzer
0b5e2ccc38 Bump dnsmasq version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-11-03 19:28:43 +01:00
David Oberhollenzer
1786c65c4c Bump init version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-11-03 19:28:43 +01:00
David Oberhollenzer
d6030cd898 Replace gcc libssp with built musl builtins
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-20 12:52:06 +02:00
David Oberhollenzer
d06083c96d Propperly process Linux package targets in deploy function
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-19 21:50:57 +02:00
David Oberhollenzer
7dd6306b30 cleanup: derive LINUX_CPU from TARGET, merge linux packages
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-19 21:50:57 +02:00
David Oberhollenzer
b5d4ece03d cleanup: derive MUSL_CPU from TARGET in Musl package
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-19 21:50:57 +02:00
David Oberhollenzer
569f7d5e0c cleanup: derive OPENSSL_TARGET from TARGET in OpenSSL package
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-19 21:50:57 +02:00
David Oberhollenzer
8e5c6d3a2e Make toolchain and user space hardening configurable
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-19 21:50:57 +02:00
David Oberhollenzer
69aa1d33e9 Set hardening options for packages with custom build system
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-19 00:18:51 +02:00
David Oberhollenzer
8063550d4e Add libc agnostic fortify-headers package
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-17 01:11:02 +02:00
David Oberhollenzer
52933c58c9 Enable hardening flags for stage-1 gcc
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-17 00:52:10 +02:00
David Oberhollenzer
0958272eb3 Export CROSS_COMPILE environment variable for Musl build script
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-17 00:52:10 +02:00
David Oberhollenzer
c16ff53c14 Remove overlay partition setup from release shell scripts
The initial ram disk does that for us (with the propper permissions
in the case of Qemu).

Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-11 19:02:11 +02:00
David Oberhollenzer
2a1add41e7 Enable stack protection flags in GCC cross compiler
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-11 19:02:11 +02:00
David Oberhollenzer
f1be060f7c Bump mainline LTS linux version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-07 16:35:25 +02:00
David Oberhollenzer
62345ef7bb Cleanup nginx user and directory setup
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-07 16:35:25 +02:00
David Oberhollenzer
dcadff7637 Init version rebase
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-07 02:16:28 +02:00
David Oberhollenzer
8d75cb83fd Add nginx package
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-06 20:32:44 +02:00
David Oberhollenzer
f3861b9df1 Add PCRE package
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-06 17:25:52 +02:00
David Oberhollenzer
a71c45aec0 Fix final image copy in Linux LTS build script
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-06 17:25:52 +02:00
David Oberhollenzer
e7101d5400 Unfuck libtool archives for libnl3
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-06 17:25:52 +02:00
David Oberhollenzer
86dcb7d8c1 Bump mainline LTS linux version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-01 20:49:03 +02:00
David Oberhollenzer
e61ca9decf Another overlay mount overhaul
- Directly pass the device type to the mount command
 - Use the special default type "hwdevice" to wait for a device node
   before mounting it
 - Initialize the overlay partition from the initrd script
 - Do the bind mount setup as document

Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-01 19:11:12 +02:00
David Oberhollenzer
121fee7e97 Add configuration for testing with qemu
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-30 01:28:33 +02:00
David Oberhollenzer
59d01432b1 More sophisticated filesystem setup from initrd
- Let us specify the "type" of the root and overlay filesystem.
   At the moment we have raw device that we wait for (default) and
   qemu virtio 9pfs.
 - If no squasfs image is specified, mount the root partition as
   root filesystem.
 - If no overlay device is specified, don't touch the new root
   filesystem.

Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-29 21:32:58 +02:00
David Oberhollenzer
2d74caf06b Remove perl scripts from ntp package installed files
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-29 17:10:07 +02:00
David Oberhollenzer
90fc4f4e9e Patch gcc to install 64 bit libraries to /lib instead of /lib64
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-29 17:10:07 +02:00
David Oberhollenzer
6ced6fc948 Minor fixes for main line Linux LTS build
- Patch the config first, don't touch it after running make oldconfig
 - Add modules target to toolchain config, don't directly call it
 - Only try to install modules if we actually have support for loadable
   modules

Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-29 17:10:07 +02:00
David Oberhollenzer
8faae986b6 Bump psmisc version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-27 23:58:12 +02:00
David Oberhollenzer
b0da273179 Bump mainline LTS linux version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-27 23:56:34 +02:00
David Oberhollenzer
de14b86043 Build coreutils as single call binary
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-22 21:29:29 +02:00
David Oberhollenzer
de90e7bcbb Bump nano version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-21 22:27:18 +02:00