summaryrefslogtreecommitdiff
path: root/system
AgeCommit message (Collapse)AuthorFilesLines
2019-07-14system/easy-kernel*: (Partly) sync kernel configsLuis Ressel7-2063/+3078
This is an attempt at syncing the kernel configs of our different arches. So far, only the 'Networking support/Networking options', 'Filesystems', 'Security Options' and 'Cryptographic API' sections have been handled, since those require much less knowledge about some of the more exotic hardware we support than some of the other sections. Some notable changes: Network * Enable IPsec, miscellaneous tunnels, and the diag interfaces for all socket families. * Enable policy routing (for wireguard). * Make the CUBIC TCP congestion control algorithm the default everywhere, provide a few other common choices. * Support FQ_CODEL. We may want to support further QoS features. * Disable support for PF_KEY sockets, which shouldn't be required by our IPsec userland tools. * Enable most netfilter features, except for arptables/ebtables/nfacct/ nfqueue/ipset, whose userland tools we don't provide yet, and a few other very specialized options. Filesystems * Build everything except for ext4, iso9660, vfat and squashfs as modules. * Use the ext4 driver for ext2 filesystems. * Disable the kernel automounter, which is currently only enabled on ppc32 and aarch64. Security * Only grant root access to dmesg by default; this can be overriden via a sysctl. * Support Yama; it doesn't do anything unless explicitly enabled by a sysctl, and may be useful to some users. * Disable AppAarmor, which is currently only enabled on pmmx and x86_64. Crypto * Disable a lot of uncommon ciphers which are unlikely to be used by anything. * Build all crypto code as modules (where possible); this means users with a dm-crypt-encrypted root filesystem now need to provide the appropriate kernel modules in their initramfs images on all arches. * Disable support for dedicated cryptographic coprocessors; we are not in a position to evaluate their security and performance benefits or disadvantages. Other * Allow serial consoles to be used as the kernel console on all arches; this is important for VMs.
2019-07-12system/icu: fix test failure on 32-bit; resolves #88A. Wilcox2-1/+72
2019-07-12system/argon2: sec bump to 20190702A. Wilcox1-7/+11
2019-07-10system/bubblewrap: add non-setuid variantMax Rees1-1/+11
2019-07-10system/perl-libwww: doc fix bump to 6.39A. Wilcox1-7/+2
2019-07-10system/perl-net-http: bugfix bump to 6.19A. Wilcox1-6/+2
2019-07-10system/perl-test-simple: bugfix bump to 1.302164A. Wilcox1-24/+6
2019-07-09system/bc: bump to 2.1.0Gavin Howard1-2/+2
This will be the last release with new features. This bc is complete.
2019-07-09Merge branch 'lr.env' into 'master'A. Wilcox1-2/+3
system/coreutils: Move env back to /usr/bin/ See merge request adelie/packages!274
2019-07-09system/apk-tools: bump to 2.10.4A. Wilcox6-83/+147
2019-07-08system/coreutils: Move env back to /usr/bin/Luis Ressel1-2/+3
2019-07-08Merge s6-l-i bump into masterA. Wilcox1-2/+2
system/s6-linux-init: Bump to 1.0.2.0 See merge request adelie/packages!272
2019-07-07system/nss: bump to 3.44.1A. Wilcox1-2/+2
2019-07-07system/coreutils: fix everythingA. Wilcox1-4/+7
2019-07-07system/s6-linux-init: Bump to 1.0.2.0Luis Ressel1-2/+2
2019-07-07system/coreutils: and don't come back, stupid symlinksA. Wilcox1-16/+0
2019-07-07system/coreutils: single-binary violates split /usr; kill offA. Wilcox1-3/+2
2019-07-06system/pcre: maybe even fix pmmx mariadb build?A. Wilcox2-4/+22
2019-07-06system/lddtree: add dep on which(1), overhaul buildA. Wilcox1-11/+4
2019-07-06system/lvm2: build udev rules tooA. Wilcox2-17/+16
2019-07-05system/vim: upgrade to 8.1.1635Kiyoshi Aman1-2/+2
2019-07-05system/perl-net-ssleay: upgrade to 1.88Kiyoshi Aman1-4/+4
2019-07-05system/perl-cpanel-json-xs: upgrade to 4.12Kiyoshi Aman1-2/+2
2019-07-04system/docbook-xsl: le petite merdeA. Wilcox2-8/+8
2019-07-04system/docbook-xsl: overhaul catalog(ue) managementA. Wilcox8-58/+89
2019-07-04system/libssh2: enable more tests (no content change)A. Wilcox1-0/+1
2019-07-01system/ruby: fix depends on some split gems, don't split etcA. Wilcox1-12/+3
2019-06-28Merge branch 'skaware.20190515' into 'master' A. Wilcox23-138/+339
skaware 2019-05-15 See merge request !234
2019-06-28Merge branch 'bump.djt.20190625' into 'master' A. Wilcox7-64/+82
djt's June 2019 Package Bumps This MR bumps most of the outdated packages that I maintain to their latest versions. See merge request !256
2019-06-28system/gcc: more AdaA. Wilcox2-127/+0
2019-06-28system/gcc: look, ma! Ada is in the house!A. Wilcox6-16/+806
2019-06-28system/console-setup: depend on ckbcompA. Wilcox1-2/+2
2019-06-27system/po4a: bump to 0.56A. Wilcox1-2/+2
2019-06-26system/docbook-xsl: add docbook-xsl-ns subpackageDan Theisen1-2/+30
2019-06-26system/lz4: bump package to 1.9.1Dan Theisen1-2/+2
2019-06-26system/lvm2: bump package to 2.03.05Dan Theisen1-2/+2
2019-06-26system/iproute2: bump package to 5.1.0Dan Theisen4-58/+48
2019-06-26system/pcre2: bump to 10.33, enable JIT on ppc64 \o/A. Wilcox1-9/+2
2019-06-26system/pax-utils: bump to 1.2.4A. Wilcox2-10/+8
2019-06-25system/easy-kernel*: update checksums for configsA. Wilcox3-8/+8
2019-06-25Merge branch 'lr.easy-kernel-crypto-uapi' into 'master' A. Wilcox8-30/+37
system/easy-kernel*: Enable the crypto user API modules The SKCIPHER and HASH components are required for cryptsetup/dm-crypt, and there's no reason not to enable RNG and AEAD as well. See merge request !254
2019-06-25system/easy-kernel*: Enable the crypto user API modulesLuis Ressel8-30/+37
The SKCIPHER and HASH components are required for cryptsetup/dm-crypt, and there's no reason not to enable RNG and AEAD as well.
2019-06-24system/byacc: upgrade to 20190617Kiyoshi Aman1-3/+3
2019-06-24system/vim: upgrade to 8.1.1583Kiyoshi Aman1-2/+2
2019-06-22system/e2fsprogs: bump to 1.45.2A. Wilcox2-26/+9
2019-06-22system/easy-kernel-power8*: use new mc14A. Wilcox2-2/+2
2019-06-21system/sharutils: patch for CVE-2018-1000097Max Rees2-6/+25
2019-06-21system/cvs: patch for CVE-2010-3846 and CVE-2017-12836Max Rees3-2/+236
2019-06-21system/python3: [CVE] bump to 3.6.8, patch extra CVEsMax Rees4-3/+398
2019-06-21system/curl: [CVE] bump to 7.65.1Max Rees1-2/+5