2021-04-23 21:13:09 +02:00
|
|
|
#!/bin/bash
|
2009-08-26 17:00:38 +02:00
|
|
|
#
|
|
|
|
# /etc/rc.d/rc.S: System initialization script.
|
|
|
|
#
|
|
|
|
# Mostly written by: Patrick J. Volkerding, <volkerdi@slackware.com>
|
|
|
|
#
|
|
|
|
|
2018-05-28 21:12:29 +02:00
|
|
|
PATH=/usr/local/sbin:/usr/sbin:/sbin:/usr/local/bin:/usr/bin:/bin
|
2009-08-26 17:00:38 +02:00
|
|
|
|
2021-11-11 21:36:12 +01:00
|
|
|
# If we are in an lxc container, set $container to skip parts of the script.
|
|
|
|
# Thanks to Matteo Bernardini <ponce@slackbuilds.org> and Chris Willing for
|
|
|
|
# the initial work making this script lxc compatible.
|
|
|
|
if grep -aq container=lxc /proc/1/environ 2> /dev/null ; then
|
|
|
|
container="lxc"
|
|
|
|
fi
|
|
|
|
|
2021-04-21 22:04:15 +02:00
|
|
|
# Mount /proc if it is not already mounted:
|
2021-11-11 21:36:12 +01:00
|
|
|
if [ ! -d /proc/sys -a -z "$container" ]; then
|
2024-05-28 20:08:19 +02:00
|
|
|
/sbin/mount -v proc /proc -t proc 2> /dev/null
|
2021-04-21 22:04:15 +02:00
|
|
|
fi
|
2009-08-26 17:00:38 +02:00
|
|
|
|
2021-04-23 21:13:09 +02:00
|
|
|
# Mount /sys if it is not already mounted:
|
2021-11-11 21:36:12 +01:00
|
|
|
if [ ! -d /sys/kernel -a -z "$container" ]; then
|
2024-05-28 20:08:19 +02:00
|
|
|
/sbin/mount -v sysfs /sys -t sysfs 2> /dev/null
|
2009-08-26 17:00:38 +02:00
|
|
|
fi
|
|
|
|
|
2023-05-25 02:24:33 +02:00
|
|
|
# The efivarfs filesystem is used for reading and writing EFI variables, such
|
|
|
|
# as the boot menu entries. By default efivarfs will be mounted read-write on
|
|
|
|
# the /sys/firmware/efi/efivars directory. To modify this behavior, edit the
|
|
|
|
# file: /etc/default/efivarfs
|
|
|
|
# Only try to mount if this directory exists (so the kernel supports efivarfs):
|
|
|
|
if [ -d /sys/firmware/efi/efivars ]; then
|
|
|
|
# Only try to mount if efivarfs is not already mounted:
|
|
|
|
if ! mount | grep -wq efivarfs ; then
|
|
|
|
# Mount according to /etc/default/efivarfs:
|
|
|
|
if [ -r /etc/default/efivarfs ]; then
|
|
|
|
. /etc/default/efivarfs
|
|
|
|
else # default
|
|
|
|
EFIVARFS=rw
|
|
|
|
fi
|
|
|
|
case "$EFIVARFS" in
|
|
|
|
'rw')
|
|
|
|
mount -o rw -t efivarfs none /sys/firmware/efi/efivars
|
|
|
|
;;
|
|
|
|
'ro')
|
|
|
|
mount -o ro -t efivarfs none /sys/firmware/efi/efivars
|
|
|
|
;;
|
|
|
|
esac
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
2012-09-26 03:10:42 +02:00
|
|
|
# If /run exists, mount a tmpfs on it (unless the
|
|
|
|
# initrd has already done so):
|
2021-11-11 21:36:12 +01:00
|
|
|
if [ -d /run -a -z "$container" ]; then
|
2012-09-26 03:10:42 +02:00
|
|
|
if ! grep -wq "tmpfs /run tmpfs" /proc/mounts ; then
|
2024-05-28 20:08:19 +02:00
|
|
|
/sbin/mount -v -t tmpfs tmpfs /run -o mode=0755,size=32M,nodev,nosuid,noexec
|
2012-09-26 03:10:42 +02:00
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
2011-04-25 15:37:00 +02:00
|
|
|
# Load the loop device kernel module:
|
2021-11-11 21:36:12 +01:00
|
|
|
if [ -x /etc/rc.d/rc.loop -a -z "$container" ]; then
|
2018-05-28 21:12:29 +02:00
|
|
|
/etc/rc.d/rc.loop start
|
2011-04-25 15:37:00 +02:00
|
|
|
fi
|
|
|
|
|
2016-06-30 22:26:57 +02:00
|
|
|
# Initialize udev to manage /dev entries and hotplugging.
|
2009-08-26 17:00:38 +02:00
|
|
|
# You may turn off udev by making the /etc/rc.d/rc.udev file non-executable
|
2012-09-26 03:10:42 +02:00
|
|
|
# or giving the "nohotplug" option at boot, but realize that if you turn off
|
|
|
|
# udev that you will have to load all the kernel modules that you need
|
2016-06-30 22:26:57 +02:00
|
|
|
# yourself (possibly in /etc/rc.d/rc.modules.local), and make any additional
|
|
|
|
# device nodes that you need in the /dev directory. Even USB and IEEE1394
|
|
|
|
# devices will need to have the modules loaded by hand if udev is not used.
|
|
|
|
# So use it. :-)
|
2013-11-04 18:08:47 +01:00
|
|
|
if grep -wq sysfs /proc/mounts && grep -q devtmpfs /proc/filesystems ; then
|
2009-08-26 17:00:38 +02:00
|
|
|
if ! grep -wq nohotplug /proc/cmdline ; then
|
2021-11-11 21:36:12 +01:00
|
|
|
if [ -x /etc/rc.d/rc.udev -a -z "$container" ]; then
|
2018-05-28 21:12:29 +02:00
|
|
|
/etc/rc.d/rc.udev start
|
2009-08-26 17:00:38 +02:00
|
|
|
fi
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
2011-04-25 15:37:00 +02:00
|
|
|
# Mount Control Groups filesystem interface:
|
2021-11-11 21:36:12 +01:00
|
|
|
if [ -z "$container" ]; then
|
|
|
|
if grep -wq cgroup /proc/filesystems ; then
|
|
|
|
if [ -d /sys/fs/cgroup ]; then
|
2023-09-05 22:00:30 +02:00
|
|
|
# See linux-*/Documentation/admin-guide/cgroup-v1/cgroups.rst (section 1.6)
|
2021-11-11 21:36:12 +01:00
|
|
|
# Check if we have some tools to autodetect the available cgroup controllers
|
|
|
|
if [ -x /bin/cut -a -x /bin/tail ]; then
|
|
|
|
# Mount a tmpfs as the cgroup filesystem root
|
|
|
|
mount -t tmpfs -o mode=0755,size=8M cgroup_root /sys/fs/cgroup
|
|
|
|
# Autodetect available controllers and mount them in subfolders
|
|
|
|
controllers="$(/bin/cut -f 1 /proc/cgroups | /bin/tail -n +2)"
|
|
|
|
for i in $controllers; do
|
|
|
|
mkdir /sys/fs/cgroup/$i
|
|
|
|
mount -t cgroup -o $i $i /sys/fs/cgroup/$i
|
|
|
|
done
|
|
|
|
unset i controllers
|
|
|
|
else
|
|
|
|
# We can't use autodetection so fall back mounting them all together
|
|
|
|
mount -t cgroup cgroup /sys/fs/cgroup
|
|
|
|
fi
|
2013-11-04 18:08:47 +01:00
|
|
|
else
|
2021-11-11 21:36:12 +01:00
|
|
|
mkdir -p /dev/cgroup
|
|
|
|
mount -t cgroup cgroup /dev/cgroup
|
2013-11-04 18:08:47 +01:00
|
|
|
fi
|
2011-04-25 15:37:00 +02:00
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
2009-08-26 17:00:38 +02:00
|
|
|
# Initialize the Logical Volume Manager.
|
|
|
|
# This won't start unless we find /etc/lvmtab (LVM1) or
|
|
|
|
# /etc/lvm/backup/ (LVM2). This is created by /sbin/vgscan, so to
|
|
|
|
# use LVM you must run /sbin/vgscan yourself the first time (and
|
|
|
|
# create some VGs and LVs).
|
2021-11-11 21:36:12 +01:00
|
|
|
if [ -z "$container" ]; then
|
|
|
|
# Create LVM lock/run directories:
|
|
|
|
mkdir -p -m 0700 /run/lvm /run/lock /run/lock/lvm
|
|
|
|
if [ -r /etc/lvmtab -o -d /etc/lvm/backup ]; then
|
|
|
|
echo "Initializing LVM (Logical Volume Manager):"
|
|
|
|
# Check for device-mapper support.
|
|
|
|
if ! grep -wq device-mapper /proc/devices ; then
|
|
|
|
# Try to load a device-mapper kernel module:
|
|
|
|
/sbin/modprobe -q dm-mod
|
|
|
|
fi
|
|
|
|
# Scan for new volume groups:
|
|
|
|
/sbin/vgscan --mknodes --ignorelockingfailure 2> /dev/null
|
|
|
|
if [ $? = 0 ]; then
|
|
|
|
# Make volume groups available to the kernel.
|
|
|
|
# This should also make logical volumes available.
|
|
|
|
/sbin/vgchange -ay --ignorelockingfailure
|
|
|
|
fi
|
2009-08-26 17:00:38 +02:00
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
2022-08-02 01:30:59 +02:00
|
|
|
# Open any volumes created by cryptsetup:
|
|
|
|
if [ -x /etc/rc.d/rc.luks -a -f /etc/crypttab -a -x /sbin/cryptsetup -a -z "$container" ]; then
|
|
|
|
/etc/rc.d/rc.luks start
|
2009-08-26 17:00:38 +02:00
|
|
|
fi
|
|
|
|
|
|
|
|
# Enable swapping:
|
2021-11-11 21:36:12 +01:00
|
|
|
if [ -z "$container" ]; then
|
|
|
|
/sbin/swapon -a 2> /dev/null
|
|
|
|
fi
|
2009-08-26 17:00:38 +02:00
|
|
|
|
2024-05-28 20:08:19 +02:00
|
|
|
# Enable swapping on a ZRAM device:
|
|
|
|
if [ -z "$container" -a -r /etc/default/zram ]; then
|
|
|
|
. /etc/default/zram
|
|
|
|
if [ "$ZRAM_ENABLE" = "1" ]; then
|
|
|
|
if [ ! -d /sys/devices/virtual/block/zram0 ]; then
|
|
|
|
modprobe zram num_devices=$ZRAMNUMBER
|
|
|
|
fi
|
|
|
|
echo "Setting up /dev/zram0: zramctl -f -a $ZRAMCOMPRESSION -s ${ZRAMSIZE}K"
|
|
|
|
ZRAM_DEVICE=$(zramctl -f -a $ZRAMCOMPRESSION -s ${ZRAMSIZE}K)
|
|
|
|
if [ ! -z $ZRAM_DEVICE ]; then
|
|
|
|
mkswap $ZRAM_DEVICE 1> /dev/null 2> /dev/null
|
|
|
|
echo "Activating ZRAM swap: swapon --priority $ZRAMPRIORITY $ZRAM_DEVICE"
|
|
|
|
swapon --priority $ZRAMPRIORITY $ZRAM_DEVICE
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
unset MEMTOTAL ZRAMCOMPRESSION ZRAMNUMBER ZRAMSIZE ZRAM_DEVICE ZRAM_ENABLE
|
|
|
|
fi
|
|
|
|
|
2016-06-30 22:26:57 +02:00
|
|
|
# Set the tick and frequency for the system clock.
|
|
|
|
# Default values are: TICK=10000 and FREQ=0
|
2021-11-11 21:36:12 +01:00
|
|
|
if [ -z "$container" ]; then
|
|
|
|
TICK=10000
|
|
|
|
FREQ=0
|
|
|
|
# If there's a /etc/default/adjtimex config file, source it to override
|
|
|
|
# the default TICK and FREQ:
|
|
|
|
if [ -r /etc/default/adjtimex ]; then
|
|
|
|
. /etc/default/adjtimex
|
|
|
|
fi
|
|
|
|
if /sbin/adjtimex --tick $TICK --frequency $FREQ; then
|
|
|
|
echo "Setting the system clock rate: /sbin/adjtimex --tick $TICK --frequency $FREQ"
|
|
|
|
else
|
|
|
|
echo "Failed to set system clock with adjtimex, possibly invalid parameters? (TICK=$TICK FREQ=$FREQ)"
|
|
|
|
fi
|
2016-06-30 22:26:57 +02:00
|
|
|
fi
|
|
|
|
|
2009-08-26 17:00:38 +02:00
|
|
|
# Set the system time from the hardware clock using hwclock --hctosys.
|
2021-11-11 21:36:12 +01:00
|
|
|
if [ -x /sbin/hwclock -a -z "$container" ]; then
|
2009-08-26 17:00:38 +02:00
|
|
|
# Check for a broken motherboard RTC clock (where ioports for rtc are
|
|
|
|
# unknown) to prevent hwclock causing a hang:
|
2016-06-30 22:26:57 +02:00
|
|
|
if ! grep -q " : rtc" /proc/ioports ; then
|
2009-08-26 17:00:38 +02:00
|
|
|
CLOCK_OPT="--directisa"
|
|
|
|
fi
|
2016-06-30 22:26:57 +02:00
|
|
|
if [ /etc/adjtime -nt /etc/hardwareclock ]; then
|
|
|
|
if grep -q "^LOCAL" /etc/adjtime ; then
|
|
|
|
echo -n "Setting system time from the hardware clock (localtime): "
|
|
|
|
else
|
|
|
|
echo -n "Setting system time from the hardware clock (UTC): "
|
|
|
|
fi
|
|
|
|
/sbin/hwclock $CLOCK_OPT --hctosys
|
|
|
|
elif grep -wq "^localtime" /etc/hardwareclock 2> /dev/null ; then
|
|
|
|
echo -n "Setting system time from the hardware clock (localtime): "
|
2009-08-26 17:00:38 +02:00
|
|
|
/sbin/hwclock $CLOCK_OPT --localtime --hctosys
|
2016-06-30 22:26:57 +02:00
|
|
|
else
|
|
|
|
echo -n "Setting system time from the hardware clock (UTC): "
|
|
|
|
/sbin/hwclock $CLOCK_OPT --utc --hctosys
|
2009-08-26 17:00:38 +02:00
|
|
|
fi
|
2012-09-26 03:10:42 +02:00
|
|
|
date
|
2009-08-26 17:00:38 +02:00
|
|
|
fi
|
|
|
|
|
|
|
|
# Test to see if the root partition is read-only, like it ought to be.
|
2021-11-11 21:36:12 +01:00
|
|
|
if [ -z "$container" ]; then
|
|
|
|
READWRITE=no
|
|
|
|
if touch /fsrwtestfile 2>/dev/null; then
|
|
|
|
rm -f /fsrwtestfile
|
|
|
|
READWRITE=yes
|
|
|
|
else
|
|
|
|
echo "Testing root filesystem status: read-only filesystem"
|
|
|
|
fi
|
2009-08-26 17:00:38 +02:00
|
|
|
fi
|
|
|
|
|
|
|
|
# See if a forced filesystem check was requested at shutdown:
|
2021-11-11 21:36:12 +01:00
|
|
|
if [ -r /etc/forcefsck -a -z "$container" ]; then
|
2009-08-26 17:00:38 +02:00
|
|
|
FORCEFSCK="-f"
|
|
|
|
fi
|
|
|
|
|
2021-11-11 21:36:12 +01:00
|
|
|
# Check the root filesystem:
|
|
|
|
if [ -z "$container" ]; then
|
|
|
|
# If we're using F2FS for the root filesystem, don't check it as it doesn't
|
|
|
|
# allow checking a read-only filesystem:
|
|
|
|
if grep -q ' / f2fs ' /proc/mounts ; then
|
2024-06-15 22:51:59 +02:00
|
|
|
echo "Remounting f2fs root device with read-write enabled."
|
2024-05-28 20:08:19 +02:00
|
|
|
/sbin/mount -w -v -o remount /
|
2024-06-15 22:51:59 +02:00
|
|
|
# If we're using bcachefs for the root filesystem(s), remount read-write
|
|
|
|
# and let bcachefs do its own fsck:
|
|
|
|
elif grep -q ' / bcachefs ' /proc/mounts ; then
|
|
|
|
echo "Remounting bcachefs root device(s) with read-write enabled."
|
2024-08-16 21:58:10 +02:00
|
|
|
/sbin/mount -o remount,rw,fsck,fix_errors /
|
2021-11-11 21:36:12 +01:00
|
|
|
elif [ ! $READWRITE = yes ]; then
|
|
|
|
# Check the root filesystem:
|
|
|
|
RETVAL=0
|
|
|
|
if [ ! -r /etc/fastboot ]; then
|
|
|
|
echo "Checking root filesystem:"
|
|
|
|
/sbin/fsck $FORCEFSCK -C -a /
|
|
|
|
RETVAL=$?
|
2009-08-26 17:00:38 +02:00
|
|
|
fi
|
2021-11-11 21:36:12 +01:00
|
|
|
# An error code of 2 or higher will require a reboot.
|
|
|
|
if [ $RETVAL -ge 2 ]; then
|
|
|
|
# An error code equal to or greater than 4 means that some errors
|
|
|
|
# could not be corrected. This requires manual attention, so we
|
|
|
|
# offer a chance to try to fix the problem in single-user mode:
|
|
|
|
if [ $RETVAL -ge 4 ]; then
|
|
|
|
echo
|
|
|
|
echo "***********************************************************"
|
|
|
|
echo "*** An error occurred during the root filesystem check. ***"
|
|
|
|
echo "*** You will now be given a chance to log into the ***"
|
|
|
|
echo "*** system in single-user mode to fix the problem. ***"
|
|
|
|
echo "*** ***"
|
|
|
|
echo "*** If you are using the ext2 filesystem, running ***"
|
|
|
|
echo "*** 'e2fsck -v -y <partition>' might help. ***"
|
|
|
|
echo "***********************************************************"
|
|
|
|
echo
|
|
|
|
echo "Once you exit the single-user shell, the system will reboot."
|
|
|
|
echo
|
|
|
|
PS1="(Repair filesystem) \#"; export PS1
|
|
|
|
sulogin
|
|
|
|
else # With an error code of 2 or 3, reboot the machine automatically:
|
|
|
|
echo
|
|
|
|
echo "***********************************"
|
|
|
|
echo "*** The filesystem was changed. ***"
|
|
|
|
echo "*** The system will now reboot. ***"
|
|
|
|
echo "***********************************"
|
|
|
|
echo
|
|
|
|
fi
|
|
|
|
echo "Unmounting file systems."
|
|
|
|
/sbin/umount -a -r
|
2024-05-28 20:08:19 +02:00
|
|
|
/sbin/mount -o remount,ro /
|
2021-11-11 21:36:12 +01:00
|
|
|
echo "Rebooting system."
|
|
|
|
reboot -f
|
|
|
|
fi
|
|
|
|
# Remount the root filesystem in read-write mode
|
|
|
|
echo "Remounting root device with read-write enabled."
|
2024-05-28 20:08:19 +02:00
|
|
|
/sbin/mount -w -v -o remount /
|
2021-11-11 21:36:12 +01:00
|
|
|
if [ $? -gt 0 ] ; then
|
|
|
|
echo "FATAL: Attempt to remount root device as read-write failed! This is going to"
|
|
|
|
echo "cause serious problems."
|
|
|
|
fi
|
|
|
|
else
|
|
|
|
echo "Testing root filesystem status: read-write filesystem"
|
|
|
|
echo
|
|
|
|
echo "ERROR: Root partition has already been mounted read-write. Cannot check!"
|
|
|
|
echo
|
|
|
|
echo "For filesystem checking to work properly, your system must initially mount"
|
|
|
|
echo "the root partition as read only. If you're booting with LILO, add a line:"
|
|
|
|
echo
|
|
|
|
echo " read-only"
|
|
|
|
echo
|
|
|
|
echo "to the Linux section in your /etc/lilo.conf and type 'lilo' to reinstall it."
|
|
|
|
fi # Done checking root filesystem
|
|
|
|
fi
|
2009-08-26 17:00:38 +02:00
|
|
|
|
2018-11-22 06:56:56 +01:00
|
|
|
# If /etc/mtab is a symlink (probably to /proc/mounts) then we don't want to mess with it.
|
|
|
|
if [ ! -L /etc/mtab -o ! -r /etc/mtab ]; then
|
|
|
|
# /etc/mtab is a file (or doesn't exist), so we'll handle it the old way:
|
|
|
|
# Any /etc/mtab that exists here is old, so we start with a new one:
|
|
|
|
/bin/rm -f /etc/mtab{,~,.tmp} && /bin/touch /etc/mtab
|
2021-11-11 21:36:12 +01:00
|
|
|
if [ -z "$container" ]; then
|
|
|
|
# Add /, /proc, /sys, and /dev/shm mounts to /etc/mtab:
|
|
|
|
/sbin/mount -f -w /
|
|
|
|
if [ -d /proc/sys ]; then
|
|
|
|
/sbin/mount -f -t proc proc /proc
|
|
|
|
fi
|
|
|
|
if [ -d /sys/bus ]; then
|
|
|
|
/sbin/mount -f -t sysfs sysfs /sys
|
|
|
|
fi
|
|
|
|
if grep -q '^[^ ]\+ /dev/shm ' /proc/mounts 2> /dev/null ; then
|
|
|
|
/sbin/mount -f -t tmpfs tmpfs /dev/shm
|
|
|
|
fi
|
2018-11-22 06:56:56 +01:00
|
|
|
fi
|
2009-08-26 17:00:38 +02:00
|
|
|
fi
|
|
|
|
|
|
|
|
# Configure ISA Plug-and-Play devices:
|
2021-11-11 21:36:12 +01:00
|
|
|
if [ -r /etc/isapnp.conf -a -z "$container" ]; then
|
2009-08-26 17:00:38 +02:00
|
|
|
if [ -x /sbin/isapnp ]; then
|
|
|
|
/sbin/isapnp /etc/isapnp.conf
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
2016-06-30 22:26:57 +02:00
|
|
|
# Run the kernel module script. This updates the module dependencies and
|
|
|
|
# also supports manually loading kernel modules through rc.modules.local.
|
2021-11-11 21:36:12 +01:00
|
|
|
if [ -x /etc/rc.d/rc.modules -a -z "$container" ]; then
|
2018-05-28 21:12:29 +02:00
|
|
|
/etc/rc.d/rc.modules
|
2009-08-26 17:00:38 +02:00
|
|
|
fi
|
|
|
|
|
2016-06-30 22:26:57 +02:00
|
|
|
# Configure kernel parameters:
|
2024-01-09 02:52:43 +01:00
|
|
|
if [ -r /etc/default/sysctl ]; then
|
|
|
|
# Source user defined options:
|
|
|
|
. /etc/default/sysctl
|
|
|
|
else
|
|
|
|
SYSCTL_OPTIONS="-e --system"
|
|
|
|
fi
|
2021-11-11 21:36:12 +01:00
|
|
|
if [ -x /sbin/sysctl -a -r /etc/sysctl.conf -a -z "$container" ]; then
|
2024-01-09 02:52:43 +01:00
|
|
|
echo "Configuring kernel parameters: /sbin/sysctl $SYSCTL_OPTIONS"
|
|
|
|
/sbin/sysctl $SYSCTL_OPTIONS
|
2021-11-11 21:36:12 +01:00
|
|
|
elif [ -x /sbin/sysctl -a -z "$container" ]; then
|
2024-01-09 02:52:43 +01:00
|
|
|
echo "Configuring kernel parameters: /sbin/sysctl $SYSCTL_OPTIONS"
|
2016-06-30 22:26:57 +02:00
|
|
|
# Don't say "Applying /etc/sysctl.conf" or complain if the file doesn't exist
|
2024-01-09 02:52:43 +01:00
|
|
|
/sbin/sysctl $SYSCTL_OPTIONS 2> /dev/null | grep -v "Applying /etc/sysctl.conf"
|
2009-08-26 17:00:38 +02:00
|
|
|
fi
|
2024-01-09 02:52:43 +01:00
|
|
|
unset SYSCTL_OPTIONS
|
2009-08-26 17:00:38 +02:00
|
|
|
|
|
|
|
# Check all the non-root filesystems:
|
2021-11-11 21:36:12 +01:00
|
|
|
if [ ! -r /etc/fastboot -a -z "$container" ]; then
|
2009-08-26 17:00:38 +02:00
|
|
|
echo "Checking non-root filesystems:"
|
2022-08-02 01:30:59 +02:00
|
|
|
if [ -z "$FORCEFSCK" ]; then
|
|
|
|
/sbin/fsck -C -M -R -A -a
|
|
|
|
else
|
|
|
|
/sbin/fsck $FORCEFSCK -C -R -A -a
|
|
|
|
fi
|
2009-08-26 17:00:38 +02:00
|
|
|
fi
|
|
|
|
|
2011-04-25 15:37:00 +02:00
|
|
|
# Mount usbfs only if it is found in /etc/fstab:
|
2021-11-11 21:36:12 +01:00
|
|
|
if [ -z "$container" ]; then
|
|
|
|
if grep -wq usbfs /proc/filesystems; then
|
|
|
|
if ! grep -wq usbfs /proc/mounts ; then
|
|
|
|
if grep -wq usbfs /etc/fstab; then
|
|
|
|
/sbin/mount -v /proc/bus/usb
|
|
|
|
fi
|
2009-08-26 17:00:38 +02:00
|
|
|
fi
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
2022-08-02 01:30:59 +02:00
|
|
|
# Mount non-root file systems in fstab, but not NFS or SMB because TCP/IP is
|
|
|
|
# not yet configured, and not proc or sysfs because those have already been
|
|
|
|
# mounted. Also check that devpts is not already mounted before attempting to
|
|
|
|
# mount it.
|
2021-11-11 21:36:12 +01:00
|
|
|
if [ -z "$container" ]; then
|
2022-08-02 01:30:59 +02:00
|
|
|
SKIPFS="nonfs,nosmbfs,nocifs,noproc,nosysfs"
|
2021-11-11 21:36:12 +01:00
|
|
|
if /bin/grep -wq devpts /proc/mounts ; then
|
2022-08-02 01:30:59 +02:00
|
|
|
SKIPFS="${SKIPFS},nodevpts"
|
2021-11-11 21:36:12 +01:00
|
|
|
fi
|
2022-08-02 01:30:59 +02:00
|
|
|
echo "Mounting non-root local filesystems:"
|
|
|
|
# This pipe after the mount command is just to convert the new
|
|
|
|
# mount verbose output back to the old format that contained
|
|
|
|
# more useful information:
|
|
|
|
( /sbin/mount -a -v -o remount -O ro -v -t ${SKIPFS} ; /sbin/mount -a -v -t ${SKIPFS} ) | \
|
|
|
|
grep successfully | cut -f 1 -d : | tr -d ' ' | \
|
|
|
|
while read dev ; do mount | grep " ${dev} " ; done
|
2009-08-26 17:00:38 +02:00
|
|
|
fi
|
|
|
|
|
2021-07-27 23:12:53 +02:00
|
|
|
# Make sure that /var/run is a symbolic link pointing to /run:
|
|
|
|
if [ -d /run -a ! -L /var/run ]; then
|
|
|
|
(cd /var ; rm -rf run ; ln -sf /run run)
|
|
|
|
fi
|
2020-02-13 21:17:58 +01:00
|
|
|
|
2009-08-26 17:00:38 +02:00
|
|
|
# Enable swapping again. This is needed in case a swapfile is used,
|
|
|
|
# as it can't be enabled until the filesystem it resides on has been
|
|
|
|
# mounted read-write.
|
2021-11-11 21:36:12 +01:00
|
|
|
if [ -z "$container" ]; then
|
|
|
|
/sbin/swapon -a 2> /dev/null
|
|
|
|
fi
|
2009-08-26 17:00:38 +02:00
|
|
|
|
|
|
|
# Clean up some temporary files:
|
2020-02-13 21:17:58 +01:00
|
|
|
rm -f /etc/nologin /etc/dhcpc/*.pid /etc/forcefsck /etc/fastboot \
|
|
|
|
/var/state/saslauthd/saslauthd.pid /tmp/.Xauth* 1> /dev/null 2> /dev/null
|
|
|
|
rm -rf /tmp/{kde-[a-zA-Z]*,ksocket-[a-zA-Z]*,hsperfdata_[a-zA-Z]*,plugtmp*}
|
2018-08-07 07:51:28 +02:00
|
|
|
if [ -d /var/lib/pkgtools/setup/tmp ]; then
|
|
|
|
( cd /var/lib/pkgtools/setup/tmp && rm -rf * )
|
|
|
|
elif [ -d /var/log/setup/tmp ]; then
|
2009-08-26 17:00:38 +02:00
|
|
|
( cd /var/log/setup/tmp && rm -rf * )
|
2018-08-07 07:51:28 +02:00
|
|
|
fi
|
2009-08-26 17:00:38 +02:00
|
|
|
|
2016-06-30 22:26:57 +02:00
|
|
|
# Clear /var/lock/subsys:
|
|
|
|
if [ -d /var/lock/subsys ]; then
|
|
|
|
rm -f /var/lock/subsys/*
|
|
|
|
fi
|
|
|
|
|
2022-01-27 23:43:13 +01:00
|
|
|
# Start libcgroup services:
|
|
|
|
if [ -x /etc/rc.d/rc.cgconfig -a -x /etc/rc.d/rc.cgred -a -d /sys/fs/cgroup ]; then
|
|
|
|
/etc/rc.d/rc.cgconfig start ; echo " /usr/sbin/cgconfigparser -l /etc/cgconfig.conf"
|
|
|
|
/etc/rc.d/rc.cgred start
|
|
|
|
fi
|
|
|
|
|
2009-08-26 17:00:38 +02:00
|
|
|
# Create /tmp/{.ICE-unix,.X11-unix} if they are not present:
|
|
|
|
if [ ! -e /tmp/.ICE-unix ]; then
|
|
|
|
mkdir -p /tmp/.ICE-unix
|
|
|
|
chmod 1777 /tmp/.ICE-unix
|
|
|
|
fi
|
|
|
|
if [ ! -e /tmp/.X11-unix ]; then
|
|
|
|
mkdir -p /tmp/.X11-unix
|
|
|
|
chmod 1777 /tmp/.X11-unix
|
|
|
|
fi
|
2023-11-03 19:38:03 +01:00
|
|
|
# Clear /tmp/{.ICE-unix,.X11-unix}:
|
|
|
|
rm -f /tmp/.ICE-unix/* /tmp/.X11-unix/*
|
2009-08-26 17:00:38 +02:00
|
|
|
|
|
|
|
# Create a fresh utmp file:
|
|
|
|
touch /var/run/utmp
|
|
|
|
chown root:utmp /var/run/utmp
|
|
|
|
chmod 664 /var/run/utmp
|
|
|
|
|
2020-06-13 22:40:31 +02:00
|
|
|
# In case pam_faillock(8) is being used, create the tally directory:
|
|
|
|
mkdir -p /var/run/faillock
|
|
|
|
|
2009-08-26 17:00:38 +02:00
|
|
|
# Update the current kernel level in the /etc/motd (Message Of The Day) file,
|
|
|
|
# if the first line of that file begins with the word 'Linux'.
|
|
|
|
# You are free to modify the rest of the file as you see fit.
|
2024-01-07 21:24:51 +01:00
|
|
|
# We'll only do this if /etc/motd already exists, is writable, and the first
|
|
|
|
# line starts with "Linux" followed by a version number that needs to be
|
|
|
|
# updated.
|
|
|
|
#
|
|
|
|
if [ -w /etc/motd ]; then
|
2024-03-20 01:08:59 +01:00
|
|
|
if head -n 1 /etc/motd | grep -q "^Linux" ; then
|
2024-01-07 21:24:51 +01:00
|
|
|
# Replace the kernel version if it is not correct:
|
|
|
|
if [ ! "$(/bin/uname -r)." = "$(head -n 1 /etc/motd | cut -f 2 -d ' ')" ]; then
|
|
|
|
sed -i "{1s/^Linux.*/$(/bin/uname -sr)\./}" /etc/motd
|
|
|
|
fi
|
|
|
|
fi
|
2009-08-26 17:00:38 +02:00
|
|
|
fi
|
|
|
|
|
|
|
|
# If there are SystemV init scripts for this runlevel, run them.
|
|
|
|
if [ -x /etc/rc.d/rc.sysvinit ]; then
|
2018-05-28 21:12:29 +02:00
|
|
|
/etc/rc.d/rc.sysvinit
|
2009-08-26 17:00:38 +02:00
|
|
|
fi
|
|
|
|
|
|
|
|
# Run serial port setup script:
|
|
|
|
# CAREFUL! This can make some systems hang if the rc.serial script isn't
|
|
|
|
# set up correctly. If this happens, you may have to edit the file from a
|
|
|
|
# boot disk, and/or set it as non-executable:
|
2021-11-11 21:36:12 +01:00
|
|
|
if [ -x /etc/rc.d/rc.serial -a -z "$container" ]; then
|
2018-05-28 21:12:29 +02:00
|
|
|
/etc/rc.d/rc.serial start
|
2009-08-26 17:00:38 +02:00
|
|
|
fi
|
|
|
|
|
|
|
|
# Carry an entropy pool between reboots to improve randomness.
|
Wed Apr 6 20:23:46 UTC 2022
a/haveged-1.9.17-x86_64-2.txz: Rebuilt.
Install /etc/rc.d/rc.haveged as non-executable. For existing installations
running a recent kernel, it is safe to turn this off.
Back when we added the haveged package we were using the 4.4 kernel, but
since Linux 5.4 this same entropy generating algorithm has been built into
the kernel, so there's no reason to also run it in userspace. We'll keep
the package around (for now, anyway) in case someone might be running an
old kernel. Thanks to Jason A. Donenfeld.
a/sysvinit-scripts-15.0-noarch-10.txz: Rebuilt.
rc.S, rc.6: use the seedrng utility to seed and initialize the kernel
random number generator and generate a new seed.
If seedrng is missing, we'll attempt to do these things with scripting.
Thanks to Jason A. Donenfeld for hints about how to make a modest
improvement in that regard (blame me for any problems with my own changes),
but because you can't force the kernel RNG to initialize with a script
(it needs an ioctl), you won't get the same guarantees that you do when
using the new seedrng utility.
a/util-linux-2.38-x86_64-2.txz: Rebuilt.
Added seedrng utility, used to seed and initialize the kernel random number
generator and to generate new seeds for carrying entropy across reboots.
Thanks to Jason A. Donenfeld.
n/libmnl-1.0.5-x86_64-1.txz: Upgraded.
n/libnfnetlink-1.0.2-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-91.8.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/91.8.0/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2022-15/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1097
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28281
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1197
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1196
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28282
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28285
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28286
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28289
(* Security fix *)
2022-04-06 22:23:46 +02:00
|
|
|
# To do this properly, we need to utilize the "seedrng" utility, since that
|
|
|
|
# supports the ioctls in recent kernels that allow the RNG to be initialized
|
|
|
|
# after seeding. Otherwise using the script methods that were previously
|
|
|
|
# recommended in the kernel source, it could take a long time for entropy
|
|
|
|
# written to /dev/urandom to actually add to the entropy, and the new seed
|
|
|
|
# that's output immediately afterward might actually have less entropy. This
|
|
|
|
# would only be an issue in case a power failure occured before a proper
|
|
|
|
# shutdown, or if a proper shutdown happened before enough time had gone by
|
|
|
|
# to generate good entropy. We'll favor using seedrng, but if it's missing
|
|
|
|
# (shouldn't be) then we'll fall back on using the script method.
|
2021-11-11 21:36:12 +01:00
|
|
|
if [ -z "$container" ]; then
|
Wed Apr 6 20:23:46 UTC 2022
a/haveged-1.9.17-x86_64-2.txz: Rebuilt.
Install /etc/rc.d/rc.haveged as non-executable. For existing installations
running a recent kernel, it is safe to turn this off.
Back when we added the haveged package we were using the 4.4 kernel, but
since Linux 5.4 this same entropy generating algorithm has been built into
the kernel, so there's no reason to also run it in userspace. We'll keep
the package around (for now, anyway) in case someone might be running an
old kernel. Thanks to Jason A. Donenfeld.
a/sysvinit-scripts-15.0-noarch-10.txz: Rebuilt.
rc.S, rc.6: use the seedrng utility to seed and initialize the kernel
random number generator and generate a new seed.
If seedrng is missing, we'll attempt to do these things with scripting.
Thanks to Jason A. Donenfeld for hints about how to make a modest
improvement in that regard (blame me for any problems with my own changes),
but because you can't force the kernel RNG to initialize with a script
(it needs an ioctl), you won't get the same guarantees that you do when
using the new seedrng utility.
a/util-linux-2.38-x86_64-2.txz: Rebuilt.
Added seedrng utility, used to seed and initialize the kernel random number
generator and to generate new seeds for carrying entropy across reboots.
Thanks to Jason A. Donenfeld.
n/libmnl-1.0.5-x86_64-1.txz: Upgraded.
n/libnfnetlink-1.0.2-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-91.8.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/91.8.0/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2022-15/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1097
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28281
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1197
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1196
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28282
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28285
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28286
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28289
(* Security fix *)
2022-04-06 22:23:46 +02:00
|
|
|
# If the old /etc/random-seed exists and no seedrng-generated seeds exist,
|
|
|
|
# then we might as well use it for non-creditable entropy:
|
Mon Apr 11 20:49:27 UTC 2022
a/aaa_libraries-15.1-x86_64-3.txz: Rebuilt.
Upgraded: libz.so.1.2.12, libexpat.so.1.8.8, libcap.so.2.64,
libicudata.so.70.1, libicui18n.so.70.1, libicuio.so.70.1,
libicutest.so.70.1, libicutu.so.70.1, libicuuc.so.70.1.
The icu4c libraries are from the previous package (for temporary
compatibility) and will be removed in a month or so.
Removed: liblber-2.4.so.2.11.7, libldap-2.4.so.2.11.7.
a/haveged-1.9.18-x86_64-1.txz: Upgraded.
I've decided to turn this back on by default in light of comments in
README.md. It doesn't hurt to have an additional source of entropy
(especially in early boot), and the overhead from running this daemon is
negligible.
a/sysvinit-scripts-15.0-noarch-11.txz: Rebuilt.
rc.S, rc.6: use a temporary umask and more syncing to avoid any races when
creating the random seed directory and files. Use the poolsize rather than
a hardcoded 512 bytes when creating a non-creditable seed in the fallback
scripts. Thanks to Jason A. Donenfeld.
a/xfsprogs-5.13.0-x86_64-3.txz: Rebuilt.
Recompiled against icu4c-71.1.
ap/inxi-3.3.15_1-noarch-1.txz: Upgraded.
ap/sqlite-3.38.2-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-71.1.
d/help2man-1.49.2-x86_64-1.txz: Upgraded.
kde/attica-5.93.0-x86_64-1.txz: Upgraded.
kde/baloo-5.93.0-x86_64-1.txz: Upgraded.
kde/bluez-qt-5.93.0-x86_64-1.txz: Upgraded.
kde/breeze-icons-5.93.0-noarch-1.txz: Upgraded.
kde/extra-cmake-modules-5.93.0-x86_64-1.txz: Upgraded.
kde/frameworkintegration-5.93.0-x86_64-1.txz: Upgraded.
kde/kactivities-5.93.0-x86_64-1.txz: Upgraded.
kde/kactivities-stats-5.93.0-x86_64-1.txz: Upgraded.
kde/kapidox-5.93.0-x86_64-1.txz: Upgraded.
kde/karchive-5.93.0-x86_64-1.txz: Upgraded.
kde/kauth-5.93.0-x86_64-1.txz: Upgraded.
kde/kbookmarks-5.93.0-x86_64-1.txz: Upgraded.
kde/kcalendarcore-5.93.0-x86_64-1.txz: Upgraded.
kde/kcmutils-5.93.0-x86_64-1.txz: Upgraded.
kde/kcodecs-5.93.0-x86_64-1.txz: Upgraded.
kde/kcompletion-5.93.0-x86_64-1.txz: Upgraded.
kde/kconfig-5.93.0-x86_64-1.txz: Upgraded.
kde/kconfigwidgets-5.93.0-x86_64-1.txz: Upgraded.
kde/kcontacts-5.93.0-x86_64-1.txz: Upgraded.
kde/kcoreaddons-5.93.0-x86_64-1.txz: Upgraded.
kde/kcrash-5.93.0-x86_64-1.txz: Upgraded.
kde/kdav-5.93.0-x86_64-1.txz: Upgraded.
kde/kdbusaddons-5.93.0-x86_64-1.txz: Upgraded.
kde/kdeclarative-5.93.0-x86_64-1.txz: Upgraded.
kde/kded-5.93.0-x86_64-1.txz: Upgraded.
kde/kdelibs4support-5.93.0-x86_64-1.txz: Upgraded.
kde/kdesignerplugin-5.93.0-x86_64-1.txz: Upgraded.
kde/kdesu-5.93.0-x86_64-1.txz: Upgraded.
kde/kdewebkit-5.93.0-x86_64-1.txz: Upgraded.
kde/kdnssd-5.93.0-x86_64-1.txz: Upgraded.
kde/kdoctools-5.93.0-x86_64-1.txz: Upgraded.
kde/kemoticons-5.93.0-x86_64-1.txz: Upgraded.
kde/kfilemetadata-5.93.0-x86_64-1.txz: Upgraded.
kde/kglobalaccel-5.93.0-x86_64-1.txz: Upgraded.
kde/kguiaddons-5.93.0-x86_64-1.txz: Upgraded.
kde/kholidays-5.93.0-x86_64-1.txz: Upgraded.
kde/khtml-5.93.0-x86_64-1.txz: Upgraded.
kde/ki18n-5.93.0-x86_64-1.txz: Upgraded.
kde/kiconthemes-5.93.0-x86_64-1.txz: Upgraded.
kde/kidletime-5.93.0-x86_64-1.txz: Upgraded.
kde/kimageformats-5.93.0-x86_64-1.txz: Upgraded.
kde/kinit-5.93.0-x86_64-1.txz: Upgraded.
kde/kio-5.93.0-x86_64-1.txz: Upgraded.
kde/kirigami2-5.93.0-x86_64-1.txz: Upgraded.
kde/kitemmodels-5.93.0-x86_64-1.txz: Upgraded.
kde/kitemviews-5.93.0-x86_64-1.txz: Upgraded.
kde/kjobwidgets-5.93.0-x86_64-1.txz: Upgraded.
kde/kjs-5.93.0-x86_64-1.txz: Upgraded.
kde/kjsembed-5.93.0-x86_64-1.txz: Upgraded.
kde/kmediaplayer-5.93.0-x86_64-1.txz: Upgraded.
kde/knewstuff-5.93.0-x86_64-1.txz: Upgraded.
kde/knotifications-5.93.0-x86_64-1.txz: Upgraded.
kde/knotifyconfig-5.93.0-x86_64-1.txz: Upgraded.
kde/kpackage-5.93.0-x86_64-1.txz: Upgraded.
kde/kparts-5.93.0-x86_64-1.txz: Upgraded.
kde/kpeople-5.93.0-x86_64-1.txz: Upgraded.
kde/kplotting-5.93.0-x86_64-1.txz: Upgraded.
kde/kpty-5.93.0-x86_64-1.txz: Upgraded.
kde/kquickcharts-5.93.0-x86_64-1.txz: Upgraded.
kde/kross-5.93.0-x86_64-1.txz: Upgraded.
kde/krunner-5.93.0-x86_64-1.txz: Upgraded.
kde/kservice-5.93.0-x86_64-1.txz: Upgraded.
kde/ktexteditor-5.93.0-x86_64-1.txz: Upgraded.
kde/ktextwidgets-5.93.0-x86_64-1.txz: Upgraded.
kde/kunitconversion-5.93.0-x86_64-1.txz: Upgraded.
kde/kwallet-5.93.0-x86_64-1.txz: Upgraded.
kde/kwayland-5.93.0-x86_64-1.txz: Upgraded.
kde/kwidgetsaddons-5.93.0-x86_64-1.txz: Upgraded.
kde/kwindowsystem-5.93.0-x86_64-1.txz: Upgraded.
kde/kxmlgui-5.93.0-x86_64-1.txz: Upgraded.
kde/kxmlrpcclient-5.93.0-x86_64-1.txz: Upgraded.
kde/modemmanager-qt-5.93.0-x86_64-1.txz: Upgraded.
kde/networkmanager-qt-5.93.0-x86_64-1.txz: Upgraded.
kde/oxygen-icons5-5.93.0-noarch-1.txz: Upgraded.
kde/plasma-framework-5.93.0-x86_64-1.txz: Upgraded.
kde/prison-5.93.0-x86_64-1.txz: Upgraded.
kde/purpose-5.93.0-x86_64-1.txz: Upgraded.
kde/qqc2-desktop-style-5.93.0-x86_64-1.txz: Upgraded.
kde/solid-5.93.0-x86_64-1.txz: Upgraded.
kde/sonnet-5.93.0-x86_64-1.txz: Upgraded.
kde/syndication-5.93.0-x86_64-1.txz: Upgraded.
kde/syntax-highlighting-5.93.0-x86_64-1.txz: Upgraded.
kde/threadweaver-5.93.0-x86_64-1.txz: Upgraded.
l/boost-1.78.0-x86_64-4.txz: Rebuilt.
Recompiled against icu4c-71.1.
l/harfbuzz-4.2.0-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-71.1.
l/icu4c-71.1-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/libcap-2.64-x86_64-1.txz: Upgraded.
l/libical-3.0.14-x86_64-3.txz: Rebuilt.
Recompiled against icu4c-71.1.
l/libqalculate-4.1.1-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-71.1.
l/libvisio-0.1.7-x86_64-9.txz: Rebuilt.
Recompiled against icu4c-71.1.
l/nodejs-16.14.2-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-71.1.
l/qt5-5.15.3_20220407_9b1efa0e-x86_64-1.txz: Upgraded.
Compiled against icu4c-71.1.
l/qt5-webkit-5.212.0_alpha4-x86_64-9.txz: Rebuilt.
Recompiled against icu4c-71.1.
l/vte-0.66.2-x86_64-3.txz: Rebuilt.
Recompiled against icu4c-71.1.
n/dovecot-2.3.18-x86_64-4.txz: Rebuilt.
Recompiled against icu4c-71.1.
n/links-2.26-x86_64-1.txz: Upgraded.
n/openssh-9.0p1-x86_64-1.txz: Upgraded.
This update contains some potentially incompatible changes regarding the
scp utility. For more information, see:
https://www.openssh.com/releasenotes.html#9.0
n/php-7.4.28-x86_64-4.txz: Rebuilt.
Recompiled against icu4c-71.1.
n/postfix-3.7.0-x86_64-4.txz: Rebuilt.
Recompiled against icu4c-71.1.
n/samba-4.16.0-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-71.1.
n/tin-2.6.1-x86_64-3.txz: Rebuilt.
Recompiled against icu4c-71.1.
t/texlive-2021.210418-x86_64-4.txz: Rebuilt.
Recompiled against icu4c-71.1.
x/xclock-1.1.1-x86_64-1.txz: Upgraded.
x/xdpyinfo-1.3.3-x86_64-1.txz: Upgraded.
extra/brltty/brltty-6.4-x86_64-5.txz: Rebuilt.
Recompiled against icu4c-71.1.
extra/php80/php80-8.0.17-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-71.1.
extra/php81/php81-8.1.4-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-71.1.
extra/sendmail/sendmail-8.17.1-x86_64-3.txz: Rebuilt.
Recompiled against icu4c-71.1.
extra/sendmail/sendmail-cf-8.17.1-noarch-3.txz: Rebuilt.
2022-04-11 22:49:27 +02:00
|
|
|
OLD_UMASK="$(umask)"
|
|
|
|
umask 077
|
2021-11-11 21:36:12 +01:00
|
|
|
if [ -f /etc/random-seed ]; then
|
Mon Apr 11 20:49:27 UTC 2022
a/aaa_libraries-15.1-x86_64-3.txz: Rebuilt.
Upgraded: libz.so.1.2.12, libexpat.so.1.8.8, libcap.so.2.64,
libicudata.so.70.1, libicui18n.so.70.1, libicuio.so.70.1,
libicutest.so.70.1, libicutu.so.70.1, libicuuc.so.70.1.
The icu4c libraries are from the previous package (for temporary
compatibility) and will be removed in a month or so.
Removed: liblber-2.4.so.2.11.7, libldap-2.4.so.2.11.7.
a/haveged-1.9.18-x86_64-1.txz: Upgraded.
I've decided to turn this back on by default in light of comments in
README.md. It doesn't hurt to have an additional source of entropy
(especially in early boot), and the overhead from running this daemon is
negligible.
a/sysvinit-scripts-15.0-noarch-11.txz: Rebuilt.
rc.S, rc.6: use a temporary umask and more syncing to avoid any races when
creating the random seed directory and files. Use the poolsize rather than
a hardcoded 512 bytes when creating a non-creditable seed in the fallback
scripts. Thanks to Jason A. Donenfeld.
a/xfsprogs-5.13.0-x86_64-3.txz: Rebuilt.
Recompiled against icu4c-71.1.
ap/inxi-3.3.15_1-noarch-1.txz: Upgraded.
ap/sqlite-3.38.2-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-71.1.
d/help2man-1.49.2-x86_64-1.txz: Upgraded.
kde/attica-5.93.0-x86_64-1.txz: Upgraded.
kde/baloo-5.93.0-x86_64-1.txz: Upgraded.
kde/bluez-qt-5.93.0-x86_64-1.txz: Upgraded.
kde/breeze-icons-5.93.0-noarch-1.txz: Upgraded.
kde/extra-cmake-modules-5.93.0-x86_64-1.txz: Upgraded.
kde/frameworkintegration-5.93.0-x86_64-1.txz: Upgraded.
kde/kactivities-5.93.0-x86_64-1.txz: Upgraded.
kde/kactivities-stats-5.93.0-x86_64-1.txz: Upgraded.
kde/kapidox-5.93.0-x86_64-1.txz: Upgraded.
kde/karchive-5.93.0-x86_64-1.txz: Upgraded.
kde/kauth-5.93.0-x86_64-1.txz: Upgraded.
kde/kbookmarks-5.93.0-x86_64-1.txz: Upgraded.
kde/kcalendarcore-5.93.0-x86_64-1.txz: Upgraded.
kde/kcmutils-5.93.0-x86_64-1.txz: Upgraded.
kde/kcodecs-5.93.0-x86_64-1.txz: Upgraded.
kde/kcompletion-5.93.0-x86_64-1.txz: Upgraded.
kde/kconfig-5.93.0-x86_64-1.txz: Upgraded.
kde/kconfigwidgets-5.93.0-x86_64-1.txz: Upgraded.
kde/kcontacts-5.93.0-x86_64-1.txz: Upgraded.
kde/kcoreaddons-5.93.0-x86_64-1.txz: Upgraded.
kde/kcrash-5.93.0-x86_64-1.txz: Upgraded.
kde/kdav-5.93.0-x86_64-1.txz: Upgraded.
kde/kdbusaddons-5.93.0-x86_64-1.txz: Upgraded.
kde/kdeclarative-5.93.0-x86_64-1.txz: Upgraded.
kde/kded-5.93.0-x86_64-1.txz: Upgraded.
kde/kdelibs4support-5.93.0-x86_64-1.txz: Upgraded.
kde/kdesignerplugin-5.93.0-x86_64-1.txz: Upgraded.
kde/kdesu-5.93.0-x86_64-1.txz: Upgraded.
kde/kdewebkit-5.93.0-x86_64-1.txz: Upgraded.
kde/kdnssd-5.93.0-x86_64-1.txz: Upgraded.
kde/kdoctools-5.93.0-x86_64-1.txz: Upgraded.
kde/kemoticons-5.93.0-x86_64-1.txz: Upgraded.
kde/kfilemetadata-5.93.0-x86_64-1.txz: Upgraded.
kde/kglobalaccel-5.93.0-x86_64-1.txz: Upgraded.
kde/kguiaddons-5.93.0-x86_64-1.txz: Upgraded.
kde/kholidays-5.93.0-x86_64-1.txz: Upgraded.
kde/khtml-5.93.0-x86_64-1.txz: Upgraded.
kde/ki18n-5.93.0-x86_64-1.txz: Upgraded.
kde/kiconthemes-5.93.0-x86_64-1.txz: Upgraded.
kde/kidletime-5.93.0-x86_64-1.txz: Upgraded.
kde/kimageformats-5.93.0-x86_64-1.txz: Upgraded.
kde/kinit-5.93.0-x86_64-1.txz: Upgraded.
kde/kio-5.93.0-x86_64-1.txz: Upgraded.
kde/kirigami2-5.93.0-x86_64-1.txz: Upgraded.
kde/kitemmodels-5.93.0-x86_64-1.txz: Upgraded.
kde/kitemviews-5.93.0-x86_64-1.txz: Upgraded.
kde/kjobwidgets-5.93.0-x86_64-1.txz: Upgraded.
kde/kjs-5.93.0-x86_64-1.txz: Upgraded.
kde/kjsembed-5.93.0-x86_64-1.txz: Upgraded.
kde/kmediaplayer-5.93.0-x86_64-1.txz: Upgraded.
kde/knewstuff-5.93.0-x86_64-1.txz: Upgraded.
kde/knotifications-5.93.0-x86_64-1.txz: Upgraded.
kde/knotifyconfig-5.93.0-x86_64-1.txz: Upgraded.
kde/kpackage-5.93.0-x86_64-1.txz: Upgraded.
kde/kparts-5.93.0-x86_64-1.txz: Upgraded.
kde/kpeople-5.93.0-x86_64-1.txz: Upgraded.
kde/kplotting-5.93.0-x86_64-1.txz: Upgraded.
kde/kpty-5.93.0-x86_64-1.txz: Upgraded.
kde/kquickcharts-5.93.0-x86_64-1.txz: Upgraded.
kde/kross-5.93.0-x86_64-1.txz: Upgraded.
kde/krunner-5.93.0-x86_64-1.txz: Upgraded.
kde/kservice-5.93.0-x86_64-1.txz: Upgraded.
kde/ktexteditor-5.93.0-x86_64-1.txz: Upgraded.
kde/ktextwidgets-5.93.0-x86_64-1.txz: Upgraded.
kde/kunitconversion-5.93.0-x86_64-1.txz: Upgraded.
kde/kwallet-5.93.0-x86_64-1.txz: Upgraded.
kde/kwayland-5.93.0-x86_64-1.txz: Upgraded.
kde/kwidgetsaddons-5.93.0-x86_64-1.txz: Upgraded.
kde/kwindowsystem-5.93.0-x86_64-1.txz: Upgraded.
kde/kxmlgui-5.93.0-x86_64-1.txz: Upgraded.
kde/kxmlrpcclient-5.93.0-x86_64-1.txz: Upgraded.
kde/modemmanager-qt-5.93.0-x86_64-1.txz: Upgraded.
kde/networkmanager-qt-5.93.0-x86_64-1.txz: Upgraded.
kde/oxygen-icons5-5.93.0-noarch-1.txz: Upgraded.
kde/plasma-framework-5.93.0-x86_64-1.txz: Upgraded.
kde/prison-5.93.0-x86_64-1.txz: Upgraded.
kde/purpose-5.93.0-x86_64-1.txz: Upgraded.
kde/qqc2-desktop-style-5.93.0-x86_64-1.txz: Upgraded.
kde/solid-5.93.0-x86_64-1.txz: Upgraded.
kde/sonnet-5.93.0-x86_64-1.txz: Upgraded.
kde/syndication-5.93.0-x86_64-1.txz: Upgraded.
kde/syntax-highlighting-5.93.0-x86_64-1.txz: Upgraded.
kde/threadweaver-5.93.0-x86_64-1.txz: Upgraded.
l/boost-1.78.0-x86_64-4.txz: Rebuilt.
Recompiled against icu4c-71.1.
l/harfbuzz-4.2.0-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-71.1.
l/icu4c-71.1-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/libcap-2.64-x86_64-1.txz: Upgraded.
l/libical-3.0.14-x86_64-3.txz: Rebuilt.
Recompiled against icu4c-71.1.
l/libqalculate-4.1.1-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-71.1.
l/libvisio-0.1.7-x86_64-9.txz: Rebuilt.
Recompiled against icu4c-71.1.
l/nodejs-16.14.2-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-71.1.
l/qt5-5.15.3_20220407_9b1efa0e-x86_64-1.txz: Upgraded.
Compiled against icu4c-71.1.
l/qt5-webkit-5.212.0_alpha4-x86_64-9.txz: Rebuilt.
Recompiled against icu4c-71.1.
l/vte-0.66.2-x86_64-3.txz: Rebuilt.
Recompiled against icu4c-71.1.
n/dovecot-2.3.18-x86_64-4.txz: Rebuilt.
Recompiled against icu4c-71.1.
n/links-2.26-x86_64-1.txz: Upgraded.
n/openssh-9.0p1-x86_64-1.txz: Upgraded.
This update contains some potentially incompatible changes regarding the
scp utility. For more information, see:
https://www.openssh.com/releasenotes.html#9.0
n/php-7.4.28-x86_64-4.txz: Rebuilt.
Recompiled against icu4c-71.1.
n/postfix-3.7.0-x86_64-4.txz: Rebuilt.
Recompiled against icu4c-71.1.
n/samba-4.16.0-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-71.1.
n/tin-2.6.1-x86_64-3.txz: Rebuilt.
Recompiled against icu4c-71.1.
t/texlive-2021.210418-x86_64-4.txz: Rebuilt.
Recompiled against icu4c-71.1.
x/xclock-1.1.1-x86_64-1.txz: Upgraded.
x/xdpyinfo-1.3.3-x86_64-1.txz: Upgraded.
extra/brltty/brltty-6.4-x86_64-5.txz: Rebuilt.
Recompiled against icu4c-71.1.
extra/php80/php80-8.0.17-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-71.1.
extra/php81/php81-8.1.4-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-71.1.
extra/sendmail/sendmail-8.17.1-x86_64-3.txz: Rebuilt.
Recompiled against icu4c-71.1.
extra/sendmail/sendmail-cf-8.17.1-noarch-3.txz: Rebuilt.
2022-04-11 22:49:27 +02:00
|
|
|
echo "Appending /etc/random-seed to /var/lib/seedrng/seed.no-credit."
|
|
|
|
SEED="$(base64 /etc/random-seed)"
|
|
|
|
rm -f /etc/random-seed
|
|
|
|
sync /etc
|
|
|
|
mkdir -p /var/lib/seedrng
|
|
|
|
echo "$SEED" | base64 -d >> /var/lib/seedrng/seed.no-credit
|
2021-11-11 21:36:12 +01:00
|
|
|
fi
|
Wed Apr 6 20:23:46 UTC 2022
a/haveged-1.9.17-x86_64-2.txz: Rebuilt.
Install /etc/rc.d/rc.haveged as non-executable. For existing installations
running a recent kernel, it is safe to turn this off.
Back when we added the haveged package we were using the 4.4 kernel, but
since Linux 5.4 this same entropy generating algorithm has been built into
the kernel, so there's no reason to also run it in userspace. We'll keep
the package around (for now, anyway) in case someone might be running an
old kernel. Thanks to Jason A. Donenfeld.
a/sysvinit-scripts-15.0-noarch-10.txz: Rebuilt.
rc.S, rc.6: use the seedrng utility to seed and initialize the kernel
random number generator and generate a new seed.
If seedrng is missing, we'll attempt to do these things with scripting.
Thanks to Jason A. Donenfeld for hints about how to make a modest
improvement in that regard (blame me for any problems with my own changes),
but because you can't force the kernel RNG to initialize with a script
(it needs an ioctl), you won't get the same guarantees that you do when
using the new seedrng utility.
a/util-linux-2.38-x86_64-2.txz: Rebuilt.
Added seedrng utility, used to seed and initialize the kernel random number
generator and to generate new seeds for carrying entropy across reboots.
Thanks to Jason A. Donenfeld.
n/libmnl-1.0.5-x86_64-1.txz: Upgraded.
n/libnfnetlink-1.0.2-x86_64-1.txz: Upgraded.
xap/mozilla-thunderbird-91.8.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/91.8.0/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2022-15/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1097
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28281
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1197
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1196
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28282
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28285
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28286
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28289
(* Security fix *)
2022-04-06 22:23:46 +02:00
|
|
|
# If we have the seedrng utility, we will use it to initialize the RNG:
|
|
|
|
if [ -x /usr/sbin/seedrng ]; then
|
|
|
|
/usr/sbin/seedrng
|
|
|
|
else # we have to fall back on the old method:
|
Mon Apr 11 20:49:27 UTC 2022
a/aaa_libraries-15.1-x86_64-3.txz: Rebuilt.
Upgraded: libz.so.1.2.12, libexpat.so.1.8.8, libcap.so.2.64,
libicudata.so.70.1, libicui18n.so.70.1, libicuio.so.70.1,
libicutest.so.70.1, libicutu.so.70.1, libicuuc.so.70.1.
The icu4c libraries are from the previous package (for temporary
compatibility) and will be removed in a month or so.
Removed: liblber-2.4.so.2.11.7, libldap-2.4.so.2.11.7.
a/haveged-1.9.18-x86_64-1.txz: Upgraded.
I've decided to turn this back on by default in light of comments in
README.md. It doesn't hurt to have an additional source of entropy
(especially in early boot), and the overhead from running this daemon is
negligible.
a/sysvinit-scripts-15.0-noarch-11.txz: Rebuilt.
rc.S, rc.6: use a temporary umask and more syncing to avoid any races when
creating the random seed directory and files. Use the poolsize rather than
a hardcoded 512 bytes when creating a non-creditable seed in the fallback
scripts. Thanks to Jason A. Donenfeld.
a/xfsprogs-5.13.0-x86_64-3.txz: Rebuilt.
Recompiled against icu4c-71.1.
ap/inxi-3.3.15_1-noarch-1.txz: Upgraded.
ap/sqlite-3.38.2-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-71.1.
d/help2man-1.49.2-x86_64-1.txz: Upgraded.
kde/attica-5.93.0-x86_64-1.txz: Upgraded.
kde/baloo-5.93.0-x86_64-1.txz: Upgraded.
kde/bluez-qt-5.93.0-x86_64-1.txz: Upgraded.
kde/breeze-icons-5.93.0-noarch-1.txz: Upgraded.
kde/extra-cmake-modules-5.93.0-x86_64-1.txz: Upgraded.
kde/frameworkintegration-5.93.0-x86_64-1.txz: Upgraded.
kde/kactivities-5.93.0-x86_64-1.txz: Upgraded.
kde/kactivities-stats-5.93.0-x86_64-1.txz: Upgraded.
kde/kapidox-5.93.0-x86_64-1.txz: Upgraded.
kde/karchive-5.93.0-x86_64-1.txz: Upgraded.
kde/kauth-5.93.0-x86_64-1.txz: Upgraded.
kde/kbookmarks-5.93.0-x86_64-1.txz: Upgraded.
kde/kcalendarcore-5.93.0-x86_64-1.txz: Upgraded.
kde/kcmutils-5.93.0-x86_64-1.txz: Upgraded.
kde/kcodecs-5.93.0-x86_64-1.txz: Upgraded.
kde/kcompletion-5.93.0-x86_64-1.txz: Upgraded.
kde/kconfig-5.93.0-x86_64-1.txz: Upgraded.
kde/kconfigwidgets-5.93.0-x86_64-1.txz: Upgraded.
kde/kcontacts-5.93.0-x86_64-1.txz: Upgraded.
kde/kcoreaddons-5.93.0-x86_64-1.txz: Upgraded.
kde/kcrash-5.93.0-x86_64-1.txz: Upgraded.
kde/kdav-5.93.0-x86_64-1.txz: Upgraded.
kde/kdbusaddons-5.93.0-x86_64-1.txz: Upgraded.
kde/kdeclarative-5.93.0-x86_64-1.txz: Upgraded.
kde/kded-5.93.0-x86_64-1.txz: Upgraded.
kde/kdelibs4support-5.93.0-x86_64-1.txz: Upgraded.
kde/kdesignerplugin-5.93.0-x86_64-1.txz: Upgraded.
kde/kdesu-5.93.0-x86_64-1.txz: Upgraded.
kde/kdewebkit-5.93.0-x86_64-1.txz: Upgraded.
kde/kdnssd-5.93.0-x86_64-1.txz: Upgraded.
kde/kdoctools-5.93.0-x86_64-1.txz: Upgraded.
kde/kemoticons-5.93.0-x86_64-1.txz: Upgraded.
kde/kfilemetadata-5.93.0-x86_64-1.txz: Upgraded.
kde/kglobalaccel-5.93.0-x86_64-1.txz: Upgraded.
kde/kguiaddons-5.93.0-x86_64-1.txz: Upgraded.
kde/kholidays-5.93.0-x86_64-1.txz: Upgraded.
kde/khtml-5.93.0-x86_64-1.txz: Upgraded.
kde/ki18n-5.93.0-x86_64-1.txz: Upgraded.
kde/kiconthemes-5.93.0-x86_64-1.txz: Upgraded.
kde/kidletime-5.93.0-x86_64-1.txz: Upgraded.
kde/kimageformats-5.93.0-x86_64-1.txz: Upgraded.
kde/kinit-5.93.0-x86_64-1.txz: Upgraded.
kde/kio-5.93.0-x86_64-1.txz: Upgraded.
kde/kirigami2-5.93.0-x86_64-1.txz: Upgraded.
kde/kitemmodels-5.93.0-x86_64-1.txz: Upgraded.
kde/kitemviews-5.93.0-x86_64-1.txz: Upgraded.
kde/kjobwidgets-5.93.0-x86_64-1.txz: Upgraded.
kde/kjs-5.93.0-x86_64-1.txz: Upgraded.
kde/kjsembed-5.93.0-x86_64-1.txz: Upgraded.
kde/kmediaplayer-5.93.0-x86_64-1.txz: Upgraded.
kde/knewstuff-5.93.0-x86_64-1.txz: Upgraded.
kde/knotifications-5.93.0-x86_64-1.txz: Upgraded.
kde/knotifyconfig-5.93.0-x86_64-1.txz: Upgraded.
kde/kpackage-5.93.0-x86_64-1.txz: Upgraded.
kde/kparts-5.93.0-x86_64-1.txz: Upgraded.
kde/kpeople-5.93.0-x86_64-1.txz: Upgraded.
kde/kplotting-5.93.0-x86_64-1.txz: Upgraded.
kde/kpty-5.93.0-x86_64-1.txz: Upgraded.
kde/kquickcharts-5.93.0-x86_64-1.txz: Upgraded.
kde/kross-5.93.0-x86_64-1.txz: Upgraded.
kde/krunner-5.93.0-x86_64-1.txz: Upgraded.
kde/kservice-5.93.0-x86_64-1.txz: Upgraded.
kde/ktexteditor-5.93.0-x86_64-1.txz: Upgraded.
kde/ktextwidgets-5.93.0-x86_64-1.txz: Upgraded.
kde/kunitconversion-5.93.0-x86_64-1.txz: Upgraded.
kde/kwallet-5.93.0-x86_64-1.txz: Upgraded.
kde/kwayland-5.93.0-x86_64-1.txz: Upgraded.
kde/kwidgetsaddons-5.93.0-x86_64-1.txz: Upgraded.
kde/kwindowsystem-5.93.0-x86_64-1.txz: Upgraded.
kde/kxmlgui-5.93.0-x86_64-1.txz: Upgraded.
kde/kxmlrpcclient-5.93.0-x86_64-1.txz: Upgraded.
kde/modemmanager-qt-5.93.0-x86_64-1.txz: Upgraded.
kde/networkmanager-qt-5.93.0-x86_64-1.txz: Upgraded.
kde/oxygen-icons5-5.93.0-noarch-1.txz: Upgraded.
kde/plasma-framework-5.93.0-x86_64-1.txz: Upgraded.
kde/prison-5.93.0-x86_64-1.txz: Upgraded.
kde/purpose-5.93.0-x86_64-1.txz: Upgraded.
kde/qqc2-desktop-style-5.93.0-x86_64-1.txz: Upgraded.
kde/solid-5.93.0-x86_64-1.txz: Upgraded.
kde/sonnet-5.93.0-x86_64-1.txz: Upgraded.
kde/syndication-5.93.0-x86_64-1.txz: Upgraded.
kde/syntax-highlighting-5.93.0-x86_64-1.txz: Upgraded.
kde/threadweaver-5.93.0-x86_64-1.txz: Upgraded.
l/boost-1.78.0-x86_64-4.txz: Rebuilt.
Recompiled against icu4c-71.1.
l/harfbuzz-4.2.0-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-71.1.
l/icu4c-71.1-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/libcap-2.64-x86_64-1.txz: Upgraded.
l/libical-3.0.14-x86_64-3.txz: Rebuilt.
Recompiled against icu4c-71.1.
l/libqalculate-4.1.1-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-71.1.
l/libvisio-0.1.7-x86_64-9.txz: Rebuilt.
Recompiled against icu4c-71.1.
l/nodejs-16.14.2-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-71.1.
l/qt5-5.15.3_20220407_9b1efa0e-x86_64-1.txz: Upgraded.
Compiled against icu4c-71.1.
l/qt5-webkit-5.212.0_alpha4-x86_64-9.txz: Rebuilt.
Recompiled against icu4c-71.1.
l/vte-0.66.2-x86_64-3.txz: Rebuilt.
Recompiled against icu4c-71.1.
n/dovecot-2.3.18-x86_64-4.txz: Rebuilt.
Recompiled against icu4c-71.1.
n/links-2.26-x86_64-1.txz: Upgraded.
n/openssh-9.0p1-x86_64-1.txz: Upgraded.
This update contains some potentially incompatible changes regarding the
scp utility. For more information, see:
https://www.openssh.com/releasenotes.html#9.0
n/php-7.4.28-x86_64-4.txz: Rebuilt.
Recompiled against icu4c-71.1.
n/postfix-3.7.0-x86_64-4.txz: Rebuilt.
Recompiled against icu4c-71.1.
n/samba-4.16.0-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-71.1.
n/tin-2.6.1-x86_64-3.txz: Rebuilt.
Recompiled against icu4c-71.1.
t/texlive-2021.210418-x86_64-4.txz: Rebuilt.
Recompiled against icu4c-71.1.
x/xclock-1.1.1-x86_64-1.txz: Upgraded.
x/xdpyinfo-1.3.3-x86_64-1.txz: Upgraded.
extra/brltty/brltty-6.4-x86_64-5.txz: Rebuilt.
Recompiled against icu4c-71.1.
extra/php80/php80-8.0.17-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-71.1.
extra/php81/php81-8.1.4-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-71.1.
extra/sendmail/sendmail-8.17.1-x86_64-3.txz: Rebuilt.
Recompiled against icu4c-71.1.
extra/sendmail/sendmail-cf-8.17.1-noarch-3.txz: Rebuilt.
2022-04-11 22:49:27 +02:00
|
|
|
echo "The SeedRNG utility was not found. Seeding the RNG with an inferior method."
|
|
|
|
SEED="$(cat /var/lib/seedrng/seed.* 2> /dev/null | base64)"
|
|
|
|
rm -f /var/lib/seedrng/seed.*
|
|
|
|
sync /var/lib/seedrng
|
|
|
|
echo "$SEED" | base64 -d > /dev/urandom
|
|
|
|
# The seed saved below isn't going to be as large as the pool size.
|
|
|
|
# Nevertheless we'll try to get a little entropy saved from our
|
|
|
|
# previous seed(s) plus some bits from /dev/urandom (which *might* have
|
|
|
|
# some additional entropy in it). It's probably better than nothing.
|
|
|
|
echo "Saving a new uncreditable seed: /var/lib/seedrng/seed.no-credit"
|
|
|
|
POOLSIZE=$(expr $(cat /proc/sys/kernel/random/poolsize 2> /dev/null || echo 4096) / 8)
|
|
|
|
{
|
|
|
|
head -c $POOLSIZE /dev/urandom
|
|
|
|
echo "$SEED" | base64 -d
|
|
|
|
} | sha512sum | cut -d ' ' -f 1 > /var/lib/seedrng/seed.no-credit
|
2021-11-11 21:36:12 +01:00
|
|
|
fi
|
Mon Apr 11 20:49:27 UTC 2022
a/aaa_libraries-15.1-x86_64-3.txz: Rebuilt.
Upgraded: libz.so.1.2.12, libexpat.so.1.8.8, libcap.so.2.64,
libicudata.so.70.1, libicui18n.so.70.1, libicuio.so.70.1,
libicutest.so.70.1, libicutu.so.70.1, libicuuc.so.70.1.
The icu4c libraries are from the previous package (for temporary
compatibility) and will be removed in a month or so.
Removed: liblber-2.4.so.2.11.7, libldap-2.4.so.2.11.7.
a/haveged-1.9.18-x86_64-1.txz: Upgraded.
I've decided to turn this back on by default in light of comments in
README.md. It doesn't hurt to have an additional source of entropy
(especially in early boot), and the overhead from running this daemon is
negligible.
a/sysvinit-scripts-15.0-noarch-11.txz: Rebuilt.
rc.S, rc.6: use a temporary umask and more syncing to avoid any races when
creating the random seed directory and files. Use the poolsize rather than
a hardcoded 512 bytes when creating a non-creditable seed in the fallback
scripts. Thanks to Jason A. Donenfeld.
a/xfsprogs-5.13.0-x86_64-3.txz: Rebuilt.
Recompiled against icu4c-71.1.
ap/inxi-3.3.15_1-noarch-1.txz: Upgraded.
ap/sqlite-3.38.2-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-71.1.
d/help2man-1.49.2-x86_64-1.txz: Upgraded.
kde/attica-5.93.0-x86_64-1.txz: Upgraded.
kde/baloo-5.93.0-x86_64-1.txz: Upgraded.
kde/bluez-qt-5.93.0-x86_64-1.txz: Upgraded.
kde/breeze-icons-5.93.0-noarch-1.txz: Upgraded.
kde/extra-cmake-modules-5.93.0-x86_64-1.txz: Upgraded.
kde/frameworkintegration-5.93.0-x86_64-1.txz: Upgraded.
kde/kactivities-5.93.0-x86_64-1.txz: Upgraded.
kde/kactivities-stats-5.93.0-x86_64-1.txz: Upgraded.
kde/kapidox-5.93.0-x86_64-1.txz: Upgraded.
kde/karchive-5.93.0-x86_64-1.txz: Upgraded.
kde/kauth-5.93.0-x86_64-1.txz: Upgraded.
kde/kbookmarks-5.93.0-x86_64-1.txz: Upgraded.
kde/kcalendarcore-5.93.0-x86_64-1.txz: Upgraded.
kde/kcmutils-5.93.0-x86_64-1.txz: Upgraded.
kde/kcodecs-5.93.0-x86_64-1.txz: Upgraded.
kde/kcompletion-5.93.0-x86_64-1.txz: Upgraded.
kde/kconfig-5.93.0-x86_64-1.txz: Upgraded.
kde/kconfigwidgets-5.93.0-x86_64-1.txz: Upgraded.
kde/kcontacts-5.93.0-x86_64-1.txz: Upgraded.
kde/kcoreaddons-5.93.0-x86_64-1.txz: Upgraded.
kde/kcrash-5.93.0-x86_64-1.txz: Upgraded.
kde/kdav-5.93.0-x86_64-1.txz: Upgraded.
kde/kdbusaddons-5.93.0-x86_64-1.txz: Upgraded.
kde/kdeclarative-5.93.0-x86_64-1.txz: Upgraded.
kde/kded-5.93.0-x86_64-1.txz: Upgraded.
kde/kdelibs4support-5.93.0-x86_64-1.txz: Upgraded.
kde/kdesignerplugin-5.93.0-x86_64-1.txz: Upgraded.
kde/kdesu-5.93.0-x86_64-1.txz: Upgraded.
kde/kdewebkit-5.93.0-x86_64-1.txz: Upgraded.
kde/kdnssd-5.93.0-x86_64-1.txz: Upgraded.
kde/kdoctools-5.93.0-x86_64-1.txz: Upgraded.
kde/kemoticons-5.93.0-x86_64-1.txz: Upgraded.
kde/kfilemetadata-5.93.0-x86_64-1.txz: Upgraded.
kde/kglobalaccel-5.93.0-x86_64-1.txz: Upgraded.
kde/kguiaddons-5.93.0-x86_64-1.txz: Upgraded.
kde/kholidays-5.93.0-x86_64-1.txz: Upgraded.
kde/khtml-5.93.0-x86_64-1.txz: Upgraded.
kde/ki18n-5.93.0-x86_64-1.txz: Upgraded.
kde/kiconthemes-5.93.0-x86_64-1.txz: Upgraded.
kde/kidletime-5.93.0-x86_64-1.txz: Upgraded.
kde/kimageformats-5.93.0-x86_64-1.txz: Upgraded.
kde/kinit-5.93.0-x86_64-1.txz: Upgraded.
kde/kio-5.93.0-x86_64-1.txz: Upgraded.
kde/kirigami2-5.93.0-x86_64-1.txz: Upgraded.
kde/kitemmodels-5.93.0-x86_64-1.txz: Upgraded.
kde/kitemviews-5.93.0-x86_64-1.txz: Upgraded.
kde/kjobwidgets-5.93.0-x86_64-1.txz: Upgraded.
kde/kjs-5.93.0-x86_64-1.txz: Upgraded.
kde/kjsembed-5.93.0-x86_64-1.txz: Upgraded.
kde/kmediaplayer-5.93.0-x86_64-1.txz: Upgraded.
kde/knewstuff-5.93.0-x86_64-1.txz: Upgraded.
kde/knotifications-5.93.0-x86_64-1.txz: Upgraded.
kde/knotifyconfig-5.93.0-x86_64-1.txz: Upgraded.
kde/kpackage-5.93.0-x86_64-1.txz: Upgraded.
kde/kparts-5.93.0-x86_64-1.txz: Upgraded.
kde/kpeople-5.93.0-x86_64-1.txz: Upgraded.
kde/kplotting-5.93.0-x86_64-1.txz: Upgraded.
kde/kpty-5.93.0-x86_64-1.txz: Upgraded.
kde/kquickcharts-5.93.0-x86_64-1.txz: Upgraded.
kde/kross-5.93.0-x86_64-1.txz: Upgraded.
kde/krunner-5.93.0-x86_64-1.txz: Upgraded.
kde/kservice-5.93.0-x86_64-1.txz: Upgraded.
kde/ktexteditor-5.93.0-x86_64-1.txz: Upgraded.
kde/ktextwidgets-5.93.0-x86_64-1.txz: Upgraded.
kde/kunitconversion-5.93.0-x86_64-1.txz: Upgraded.
kde/kwallet-5.93.0-x86_64-1.txz: Upgraded.
kde/kwayland-5.93.0-x86_64-1.txz: Upgraded.
kde/kwidgetsaddons-5.93.0-x86_64-1.txz: Upgraded.
kde/kwindowsystem-5.93.0-x86_64-1.txz: Upgraded.
kde/kxmlgui-5.93.0-x86_64-1.txz: Upgraded.
kde/kxmlrpcclient-5.93.0-x86_64-1.txz: Upgraded.
kde/modemmanager-qt-5.93.0-x86_64-1.txz: Upgraded.
kde/networkmanager-qt-5.93.0-x86_64-1.txz: Upgraded.
kde/oxygen-icons5-5.93.0-noarch-1.txz: Upgraded.
kde/plasma-framework-5.93.0-x86_64-1.txz: Upgraded.
kde/prison-5.93.0-x86_64-1.txz: Upgraded.
kde/purpose-5.93.0-x86_64-1.txz: Upgraded.
kde/qqc2-desktop-style-5.93.0-x86_64-1.txz: Upgraded.
kde/solid-5.93.0-x86_64-1.txz: Upgraded.
kde/sonnet-5.93.0-x86_64-1.txz: Upgraded.
kde/syndication-5.93.0-x86_64-1.txz: Upgraded.
kde/syntax-highlighting-5.93.0-x86_64-1.txz: Upgraded.
kde/threadweaver-5.93.0-x86_64-1.txz: Upgraded.
l/boost-1.78.0-x86_64-4.txz: Rebuilt.
Recompiled against icu4c-71.1.
l/harfbuzz-4.2.0-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-71.1.
l/icu4c-71.1-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
l/libcap-2.64-x86_64-1.txz: Upgraded.
l/libical-3.0.14-x86_64-3.txz: Rebuilt.
Recompiled against icu4c-71.1.
l/libqalculate-4.1.1-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-71.1.
l/libvisio-0.1.7-x86_64-9.txz: Rebuilt.
Recompiled against icu4c-71.1.
l/nodejs-16.14.2-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-71.1.
l/qt5-5.15.3_20220407_9b1efa0e-x86_64-1.txz: Upgraded.
Compiled against icu4c-71.1.
l/qt5-webkit-5.212.0_alpha4-x86_64-9.txz: Rebuilt.
Recompiled against icu4c-71.1.
l/vte-0.66.2-x86_64-3.txz: Rebuilt.
Recompiled against icu4c-71.1.
n/dovecot-2.3.18-x86_64-4.txz: Rebuilt.
Recompiled against icu4c-71.1.
n/links-2.26-x86_64-1.txz: Upgraded.
n/openssh-9.0p1-x86_64-1.txz: Upgraded.
This update contains some potentially incompatible changes regarding the
scp utility. For more information, see:
https://www.openssh.com/releasenotes.html#9.0
n/php-7.4.28-x86_64-4.txz: Rebuilt.
Recompiled against icu4c-71.1.
n/postfix-3.7.0-x86_64-4.txz: Rebuilt.
Recompiled against icu4c-71.1.
n/samba-4.16.0-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-71.1.
n/tin-2.6.1-x86_64-3.txz: Rebuilt.
Recompiled against icu4c-71.1.
t/texlive-2021.210418-x86_64-4.txz: Rebuilt.
Recompiled against icu4c-71.1.
x/xclock-1.1.1-x86_64-1.txz: Upgraded.
x/xdpyinfo-1.3.3-x86_64-1.txz: Upgraded.
extra/brltty/brltty-6.4-x86_64-5.txz: Rebuilt.
Recompiled against icu4c-71.1.
extra/php80/php80-8.0.17-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-71.1.
extra/php81/php81-8.1.4-x86_64-2.txz: Rebuilt.
Recompiled against icu4c-71.1.
extra/sendmail/sendmail-8.17.1-x86_64-3.txz: Rebuilt.
Recompiled against icu4c-71.1.
extra/sendmail/sendmail-cf-8.17.1-noarch-3.txz: Rebuilt.
2022-04-11 22:49:27 +02:00
|
|
|
unset SEED
|
|
|
|
umask "$OLD_UMASK"
|
2009-08-26 17:00:38 +02:00
|
|
|
fi
|