In preparation for new reboot fix testing remove these hacks. They do
not work anyway.

This is better approach not only because we can potentially upstream
this but also because it covers all packages and breaks potentially if
new variant is added.

Marek Behun authored 4 years ago and Karel Koci committed 4 years ago

This adds support for Turris SFP modules for kernel 4.14.

Karel Koci authored 4 years ago and Karel Koci committed 4 years ago

This disables root account.

Placing of this patch expects it to be caried for a long time so it was
moved to second possition while current second patch was moved to thid.
That makes it of same number as existing patch but that patch is going
to be dropped in future so no harm to have them with same number for
now.

Marek Behun authored 4 years ago and Karel Koci committed 4 years ago

This patches were also sent upstream.

It is now in specific packages in Turris OS packages

Atlas and netdata services are new services that can be installed trough
package lists. They should be also automatically activated.

sentinel-dynfw-ipset is not longer present in system as it was drop in
favor of different approach.

socat is not longer used as service since uCollect times.

Michal Hrusecky authored 4 years ago and Karel Koci committed 4 years ago

https://github.com/openwrt/openwrt/pull/3243

This reverts commit 82044fb2.

With b46683a4 this should no longer be
required.

This is required for new versions of kernel but let's not include this
in minor release just to be safe.

My fault... :(

To be able to proxy netdata through lighttpd and to require some sort
of authetification, changing the defaults to forbid remote access from
every IPv4 private segment possible by default (security enhancement)
and disabling compression (to make proxy work).

This is requirement for webapps integration.

This fixes restarts of hostapd process by netifd when wpad (hostapd)
program file is removed/replaced.

This happes on update and tiggers start of new hostapd instance while
old one is still running.

Makefile was modified in upstream. This is just simple rebase of
existing patch.

This package is necessary to control rescue modes for Turris MOX.

Karel Koci authored 4 years ago and Karel Koci committed 4 years ago

This is going to be superseded by LinkSignature in packages.

This implementation was problematic in the way that it touched version
of package after it was used in other places. The result were invalid
dependencies between some packages.

This should in future replace potentially automatic package version
bumping patch. This should be cleaner solution for same problem as it
won't tamper with versions and does not need server-side database.

Problem with tampering with version is that matching version exactly was
then pretty much broken. Once package was bumped the version did not
match. It is impossible to update dependency easily enough when package
bump occurs.

The idea is that updater just matches signature that should be
consistent between builds (unless dynamic link dependencies changed of
course). When build results to package with different link dependencies
then signature changes and updater reinstall such package to version
from repository that is consistent. Version stays the same all the time.

Signature is generated from two sources. Dynamic library names and
dynamic symbols that are linked to those libraries are included.

This patch was backported by Kernel developers to LTS versions.
It can be found in 5.4.48, 4.4.185 and 4.4.228.