1
0
Fork 0
mirror of https://github.com/pygos/build.git synced 2024-11-25 04:20:41 +01:00
Commit graph

339 commits

Author SHA1 Message Date
David Oberhollenzer
d6030cd898 Replace gcc libssp with built musl builtins
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-20 12:52:06 +02:00
David Oberhollenzer
d06083c96d Propperly process Linux package targets in deploy function
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-19 21:50:57 +02:00
David Oberhollenzer
7dd6306b30 cleanup: derive LINUX_CPU from TARGET, merge linux packages
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-19 21:50:57 +02:00
David Oberhollenzer
b5d4ece03d cleanup: derive MUSL_CPU from TARGET in Musl package
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-19 21:50:57 +02:00
David Oberhollenzer
569f7d5e0c cleanup: derive OPENSSL_TARGET from TARGET in OpenSSL package
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-19 21:50:57 +02:00
David Oberhollenzer
8e5c6d3a2e Make toolchain and user space hardening configurable
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-19 21:50:57 +02:00
David Oberhollenzer
69aa1d33e9 Set hardening options for packages with custom build system
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-19 00:18:51 +02:00
David Oberhollenzer
8063550d4e Add libc agnostic fortify-headers package
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-17 01:11:02 +02:00
David Oberhollenzer
52933c58c9 Enable hardening flags for stage-1 gcc
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-17 00:52:10 +02:00
David Oberhollenzer
0958272eb3 Export CROSS_COMPILE environment variable for Musl build script
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-17 00:52:10 +02:00
David Oberhollenzer
c16ff53c14 Remove overlay partition setup from release shell scripts
The initial ram disk does that for us (with the propper permissions
in the case of Qemu).

Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-11 19:02:11 +02:00
David Oberhollenzer
2a1add41e7 Enable stack protection flags in GCC cross compiler
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-11 19:02:11 +02:00
David Oberhollenzer
f1be060f7c Bump mainline LTS linux version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-07 16:35:25 +02:00
David Oberhollenzer
62345ef7bb Cleanup nginx user and directory setup
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-07 16:35:25 +02:00
David Oberhollenzer
dcadff7637 Init version rebase
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-07 02:16:28 +02:00
David Oberhollenzer
8d75cb83fd Add nginx package
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-06 20:32:44 +02:00
David Oberhollenzer
f3861b9df1 Add PCRE package
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-06 17:25:52 +02:00
David Oberhollenzer
a71c45aec0 Fix final image copy in Linux LTS build script
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-06 17:25:52 +02:00
David Oberhollenzer
e7101d5400 Unfuck libtool archives for libnl3
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-06 17:25:52 +02:00
David Oberhollenzer
86dcb7d8c1 Bump mainline LTS linux version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-01 20:49:03 +02:00
David Oberhollenzer
e61ca9decf Another overlay mount overhaul
- Directly pass the device type to the mount command
 - Use the special default type "hwdevice" to wait for a device node
   before mounting it
 - Initialize the overlay partition from the initrd script
 - Do the bind mount setup as document

Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-10-01 19:11:12 +02:00
David Oberhollenzer
121fee7e97 Add configuration for testing with qemu
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-30 01:28:33 +02:00
David Oberhollenzer
59d01432b1 More sophisticated filesystem setup from initrd
- Let us specify the "type" of the root and overlay filesystem.
   At the moment we have raw device that we wait for (default) and
   qemu virtio 9pfs.
 - If no squasfs image is specified, mount the root partition as
   root filesystem.
 - If no overlay device is specified, don't touch the new root
   filesystem.

Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-29 21:32:58 +02:00
David Oberhollenzer
2d74caf06b Remove perl scripts from ntp package installed files
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-29 17:10:07 +02:00
David Oberhollenzer
90fc4f4e9e Patch gcc to install 64 bit libraries to /lib instead of /lib64
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-29 17:10:07 +02:00
David Oberhollenzer
6ced6fc948 Minor fixes for main line Linux LTS build
- Patch the config first, don't touch it after running make oldconfig
 - Add modules target to toolchain config, don't directly call it
 - Only try to install modules if we actually have support for loadable
   modules

Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-29 17:10:07 +02:00
David Oberhollenzer
8faae986b6 Bump psmisc version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-27 23:58:12 +02:00
David Oberhollenzer
b0da273179 Bump mainline LTS linux version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-27 23:56:34 +02:00
David Oberhollenzer
de14b86043 Build coreutils as single call binary
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-22 21:29:29 +02:00
David Oberhollenzer
de90e7bcbb Bump nano version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-21 22:27:18 +02:00
David Oberhollenzer
0b8ffdbb7f Bump mainline LTS linux version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-21 22:25:49 +02:00
David Oberhollenzer
e865ae2d1c Bump Raspberry Pi 3 vendor kernel version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-21 22:23:08 +02:00
David Oberhollenzer
ad3b6d19a2 Bump Raspberry Pi 3 firmware version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-21 22:22:50 +02:00
David Oberhollenzer
bbac1391dc Bump init version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-21 22:11:58 +02:00
David Oberhollenzer
51a2c5ea17 Fix permissions for root user home directory
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-15 20:25:27 +02:00
David Oberhollenzer
700395b508 Bump OpenSSL version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-15 20:18:19 +02:00
David Oberhollenzer
0f3d04a3b8 Bump unbound version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-15 20:18:19 +02:00
David Oberhollenzer
76fba828f3 Bump mainline LTS linux version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-15 20:18:19 +02:00
David Oberhollenzer
48e6358906 Bump busybox version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-15 20:18:19 +02:00
David Oberhollenzer
fc6d7292c5 Bump nano version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-15 20:18:19 +02:00
David Oberhollenzer
6aff04a1fd Shadow: provide configuration files directly
Instead of patching around in the build/deploy directories, simply
provide a set of default configuration files directly from the package
directory.

Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-15 20:18:19 +02:00
David Oberhollenzer
d515f0dde2 Minor default settings cleanup
- Add 'rm -I' and 'cp -i' aliases to bashrc
 - Make sure tmpfsvar creates the log files that the login program expects
 - Restore 'tty' group; some scripts actually rely on that

Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-15 16:01:06 +02:00
David Oberhollenzer
7eb727e26f Remove programs depending on non-existant utmp data
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-10 09:26:47 +02:00
David Oberhollenzer
b4502eaf80 Add time zone data
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-08 15:05:49 +02:00
David Oberhollenzer
3e75dc1e37 Add ntp package
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-08 15:05:49 +02:00
David Oberhollenzer
03a11e26ef Bump Raspberry Pi 3 firmware version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-08 15:05:49 +02:00
David Oberhollenzer
8b1e3e0b6b Bump Raspberry Pi 3 vendor kernel version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-08 15:05:49 +02:00
David Oberhollenzer
79ac5f1293 Propperly handle symlinks to directories in rootfs package
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-08 14:51:52 +02:00
David Oberhollenzer
4498b0ccb0 Bump mainline LTS linux version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-08 14:51:52 +02:00
David Oberhollenzer
136ff32374 Bump musl version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-08 14:51:52 +02:00
David Oberhollenzer
50dce293c1 Add helper macro for running configure with standard arguments
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-03 13:58:35 +02:00
David Oberhollenzer
7f020c855b Remove defunct nettle and support libraries
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-02 14:25:56 +02:00
David Oberhollenzer
c29955adf5 Add default configuration for OpenSSH server
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-01 17:49:18 +02:00
David Oberhollenzer
601068d8ed Bump init version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-09-01 17:49:18 +02:00
David Oberhollenzer
054464e16b Change/add bash aliases to enable ls colors by default
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-08-31 22:49:18 +02:00
David Oberhollenzer
ab17c95cf9 Redirect bzip2 URL
The domain bzip2.org has expired and is now held by someone placing ads.

Aparently bzip2 development is pretty dead for now.

Redirect source URL to the debian snapshot archive.

Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-08-31 18:41:07 +02:00
David Oberhollenzer
382f2b9bfe Bump OpenSSH version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-08-31 18:41:07 +02:00
David Oberhollenzer
02f2fdcb4d Bump ethtool version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-08-24 22:00:09 +02:00
David Oberhollenzer
80ae626080 Bump dhcpcd version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-08-24 22:00:09 +02:00
David Oberhollenzer
c75c488e4f Bump main line Linux version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-08-24 22:00:09 +02:00
David Oberhollenzer
7d53200b9c Remove arpd and Oracle BDB it depends on
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-08-19 15:59:43 +02:00
David Oberhollenzer
9684f7bb92 Cleanup users and groups
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-08-19 15:57:06 +02:00
David Oberhollenzer
6472fbe9c0 Remove further unneded programs
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-08-19 15:56:48 +02:00
David Oberhollenzer
53c93938ac Remove programs for which we have bash shell builtins
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-08-19 15:55:58 +02:00
David Oberhollenzer
e8f94f293b Remove unused eudev package
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-08-19 12:24:37 +02:00
David Oberhollenzer
048229bb71 Bump sqlite version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-08-18 17:59:25 +02:00
David Oberhollenzer
0faf37f421 Bump iproute2 version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-08-18 17:59:25 +02:00
David Oberhollenzer
ebee030b86 Bump btrfs-progs version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-08-18 17:59:25 +02:00
David Oberhollenzer
5c60596853 Bump dhcpcd version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-08-18 17:59:25 +02:00
David Oberhollenzer
b31bd42a93 Bump libexpat version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-08-18 17:59:25 +02:00
David Oberhollenzer
49f0751c11 Mover mainline kernel version to newest LTS
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-08-17 10:35:43 +02:00
David Oberhollenzer
0584cd076c Add routing configuration
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-08-16 22:54:28 +02:00
David Oberhollenzer
360a9538c5 Bump init version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-08-16 22:54:28 +02:00
David Oberhollenzer
e7a86f1f70 Downgrade binutils to 2.30
This is a workaround for an issue with binutils on statically linked x86
binaries. The tls section has some loading flag set wrong and is not mapped
into memory by the kernel. The musl startup code tries to parse the section
information and segfaults.

See: http://www.openwall.com/lists/musl/2018/07/18/5

Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-08-16 17:39:12 +02:00
David Oberhollenzer
8e4ff996e8 Bump openssl version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-08-15 01:19:21 +02:00
David Oberhollenzer
512fb7bc28 Bump file version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-08-15 01:19:21 +02:00
David Oberhollenzer
16e7c6da93 Bump gcc version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-08-15 01:19:21 +02:00
David Oberhollenzer
259005f7ed Bump binutils version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-08-15 01:19:21 +02:00
David Oberhollenzer
831e4cee6e Bump busybox version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-08-14 20:12:01 +02:00
David Oberhollenzer
aed4fe12f6 Remove nftables example files from root filesystem
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-08-12 18:51:05 +02:00
David Oberhollenzer
790db0d992 Add tcpdump and libpcap packages
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-08-12 18:51:05 +02:00
David Oberhollenzer
7ba1cda7f2 Add hostapd package
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-07-20 23:39:55 +02:00
David Oberhollenzer
6c68ba8332 Bump bbstatic version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-07-16 20:00:35 +02:00
David Oberhollenzer
04459a3847 Bump binutils version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-07-16 20:00:26 +02:00
David Oberhollenzer
b96462d5dd Bump coreutils version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-07-16 20:00:14 +02:00
David Oberhollenzer
4bd18560dd Add wifi command line tools
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-07-16 17:56:32 +02:00
David Oberhollenzer
7a735f1a75 Bump Raspberry Pi 3 wireless firmware version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-07-15 21:24:13 +02:00
David Oberhollenzer
b7fdbc5599 Bump Raspberry Pi 3 kernel version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-07-15 20:46:32 +02:00
David Oberhollenzer
d820876472 Bump Raspberry Pi 3 firmware version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-07-15 20:42:31 +02:00
David Oberhollenzer
cd74009293 Merge linux_modules package into linux package
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-07-15 17:59:47 +02:00
David Oberhollenzer
39c0c2c98d Handle boot files via regular rootfs package machanisms
Just install the kernel package to the rootfs /boot directory and add a step
to the rootfs package to move /boot data out of the squasfs image.

Add linux package as regular dependency to the rootfs.

Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-07-15 16:19:44 +02:00
David Oberhollenzer
54b9f37d96 Add Raspberry Pi 3 wifi firmware config & blob
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-06-24 21:54:18 +02:00
David Oberhollenzer
fff4f7a5be Add ldns package
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-06-22 20:49:54 +02:00
David Oberhollenzer
800b2b9dd1 Bump dhcpcd version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-06-22 17:57:45 +02:00
David Oberhollenzer
bb000e5c24 Bump unbound version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-06-22 17:57:45 +02:00
David Oberhollenzer
89f3997429 Bump iproute2 version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-06-21 16:45:42 +02:00
David Oberhollenzer
a4a73b01e1 Bump libunistring version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-06-19 22:56:06 +02:00
David Oberhollenzer
5bbaffbd58 Bump unbound version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-06-19 22:56:06 +02:00
David Oberhollenzer
4452aa2314 Bump nftables version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-06-19 22:56:06 +02:00
David Oberhollenzer
4b3832bbb5 Bump nano version
Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
2018-06-19 22:56:06 +02:00