diff options
Diffstat (limited to 'source')
20 files changed, 376 insertions, 69 deletions
diff --git a/source/a/etc/etc.SlackBuild b/source/a/etc/etc.SlackBuild index 44a332539..295cf8baf 100755 --- a/source/a/etc/etc.SlackBuild +++ b/source/a/etc/etc.SlackBuild @@ -1,6 +1,6 @@ #!/bin/bash -# Copyright 2005-2018 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2005-2021 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -24,7 +24,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=etc VERSION=15.0 -BUILD=${BUILD:-16} +BUILD=${BUILD:-17} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then diff --git a/source/a/etc/group.new b/source/a/etc/group.new index 414f4855a..47f4988d1 100644 --- a/source/a/etc/group.new +++ b/source/a/etc/group.new @@ -33,6 +33,7 @@ ntp:x:44: icecc:x:49: ftp:x:50: oprofile:x:51: +named:x:53: sddm:x:64: pulse:x:65: dhcpcd:x:68: diff --git a/source/a/etc/passwd.new b/source/a/etc/passwd.new index e2e187ff8..2b4527d4f 100644 --- a/source/a/etc/passwd.new +++ b/source/a/etc/passwd.new @@ -21,6 +21,7 @@ ntp:x:44:44:User for NTP:/:/bin/false icecc:x:49:49:User for Icecream distributed compiler:/var/cache/icecream:/bin/false oprofile:x:51:51:oprofile:/:/bin/false usbmux:x:52:83:User for usbmux daemon:/var/empty:/bin/false +named:x:53:53:User for BIND:/var/named:/bin/false sddm:x:64:64:User for SDDM:/var/lib/sddm:/bin/false pulse:x:65:65:User for PulseAudio:/var/run/pulse:/bin/false dhcpcd:x:68:68:User for dhcpcd:/var/lib/dhcpcd:/bin/false diff --git a/source/a/etc/shadow.new b/source/a/etc/shadow.new index 1f3d8a5ce..c7443cb5f 100644 --- a/source/a/etc/shadow.new +++ b/source/a/etc/shadow.new @@ -21,6 +21,7 @@ ntp:*:9797:0::::: icecc:*:9797:0::::: oprofile:*:9797:0::::: usbmux:*:9797:0::::: +named:*:9797:0::::: sddm:*:9797:0::::: pulse:*:9797:0::::: dhcpcd:*:9797:0::::: diff --git a/source/k/kernel-configs/config-generic-5.14.3 b/source/k/kernel-configs/config-generic-5.14.4 index d2a68e214..2beb08f01 100644 --- a/source/k/kernel-configs/config-generic-5.14.3 +++ b/source/k/kernel-configs/config-generic-5.14.4 @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 5.14.3 Kernel Configuration +# Linux/x86 5.14.4 Kernel Configuration # CONFIG_CC_VERSION_TEXT="gcc (GCC) 11.2.0" CONFIG_CC_IS_GCC=y @@ -1538,7 +1538,6 @@ CONFIG_BRIDGE_VLAN_FILTERING=y CONFIG_BRIDGE_MRP=y CONFIG_BRIDGE_CFM=y CONFIG_NET_DSA=m -CONFIG_NET_DSA_TAG_8021Q=m CONFIG_NET_DSA_TAG_AR9331=m CONFIG_NET_DSA_TAG_BRCM_COMMON=m CONFIG_NET_DSA_TAG_BRCM=m diff --git a/source/k/kernel-configs/config-generic-5.14.3.x64 b/source/k/kernel-configs/config-generic-5.14.4.x64 index cc17ddede..eef30b96b 100644 --- a/source/k/kernel-configs/config-generic-5.14.3.x64 +++ b/source/k/kernel-configs/config-generic-5.14.4.x64 @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 5.14.3 Kernel Configuration +# Linux/x86 5.14.4 Kernel Configuration # CONFIG_CC_VERSION_TEXT="gcc (GCC) 11.2.0" CONFIG_CC_IS_GCC=y @@ -1615,7 +1615,6 @@ CONFIG_BRIDGE_VLAN_FILTERING=y CONFIG_BRIDGE_MRP=y CONFIG_BRIDGE_CFM=y CONFIG_NET_DSA=m -CONFIG_NET_DSA_TAG_8021Q=m CONFIG_NET_DSA_TAG_AR9331=m CONFIG_NET_DSA_TAG_BRCM_COMMON=m CONFIG_NET_DSA_TAG_BRCM=m diff --git a/source/k/kernel-configs/config-generic-smp-5.14.3-smp b/source/k/kernel-configs/config-generic-smp-5.14.4-smp index d3a38b6ee..146942965 100644 --- a/source/k/kernel-configs/config-generic-smp-5.14.3-smp +++ b/source/k/kernel-configs/config-generic-smp-5.14.4-smp @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 5.14.3 Kernel Configuration +# Linux/x86 5.14.4 Kernel Configuration # CONFIG_CC_VERSION_TEXT="gcc (GCC) 11.2.0" CONFIG_CC_IS_GCC=y @@ -1581,7 +1581,6 @@ CONFIG_BRIDGE_VLAN_FILTERING=y CONFIG_BRIDGE_MRP=y CONFIG_BRIDGE_CFM=y CONFIG_NET_DSA=m -CONFIG_NET_DSA_TAG_8021Q=m CONFIG_NET_DSA_TAG_AR9331=m CONFIG_NET_DSA_TAG_BRCM_COMMON=m CONFIG_NET_DSA_TAG_BRCM=m diff --git a/source/k/kernel-configs/config-huge-5.14.3 b/source/k/kernel-configs/config-huge-5.14.4 index 8b3b03ff8..bced9b3f4 100644 --- a/source/k/kernel-configs/config-huge-5.14.3 +++ b/source/k/kernel-configs/config-huge-5.14.4 @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 5.14.3 Kernel Configuration +# Linux/x86 5.14.4 Kernel Configuration # CONFIG_CC_VERSION_TEXT="gcc (GCC) 11.2.0" CONFIG_CC_IS_GCC=y @@ -1538,7 +1538,6 @@ CONFIG_BRIDGE_VLAN_FILTERING=y CONFIG_BRIDGE_MRP=y CONFIG_BRIDGE_CFM=y CONFIG_NET_DSA=m -CONFIG_NET_DSA_TAG_8021Q=m CONFIG_NET_DSA_TAG_AR9331=m CONFIG_NET_DSA_TAG_BRCM_COMMON=m CONFIG_NET_DSA_TAG_BRCM=m diff --git a/source/k/kernel-configs/config-huge-5.14.3.x64 b/source/k/kernel-configs/config-huge-5.14.4.x64 index 70aaa4b46..93e71a943 100644 --- a/source/k/kernel-configs/config-huge-5.14.3.x64 +++ b/source/k/kernel-configs/config-huge-5.14.4.x64 @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 5.14.3 Kernel Configuration +# Linux/x86 5.14.4 Kernel Configuration # CONFIG_CC_VERSION_TEXT="gcc (GCC) 11.2.0" CONFIG_CC_IS_GCC=y @@ -1615,7 +1615,6 @@ CONFIG_BRIDGE_VLAN_FILTERING=y CONFIG_BRIDGE_MRP=y CONFIG_BRIDGE_CFM=y CONFIG_NET_DSA=m -CONFIG_NET_DSA_TAG_8021Q=m CONFIG_NET_DSA_TAG_AR9331=m CONFIG_NET_DSA_TAG_BRCM_COMMON=m CONFIG_NET_DSA_TAG_BRCM=m diff --git a/source/k/kernel-configs/config-huge-smp-5.14.3-smp b/source/k/kernel-configs/config-huge-smp-5.14.4-smp index 2e52aec49..b29c67643 100644 --- a/source/k/kernel-configs/config-huge-smp-5.14.3-smp +++ b/source/k/kernel-configs/config-huge-smp-5.14.4-smp @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 5.14.3 Kernel Configuration +# Linux/x86 5.14.4 Kernel Configuration # CONFIG_CC_VERSION_TEXT="gcc (GCC) 11.2.0" CONFIG_CC_IS_GCC=y @@ -1581,7 +1581,6 @@ CONFIG_BRIDGE_VLAN_FILTERING=y CONFIG_BRIDGE_MRP=y CONFIG_BRIDGE_CFM=y CONFIG_NET_DSA=m -CONFIG_NET_DSA_TAG_8021Q=m CONFIG_NET_DSA_TAG_AR9331=m CONFIG_NET_DSA_TAG_BRCM_COMMON=m CONFIG_NET_DSA_TAG_BRCM=m diff --git a/source/kde/kde/build/breeze-icons b/source/kde/kde/build/breeze-icons index d00491fd7..0cfbf0888 100644 --- a/source/kde/kde/build/breeze-icons +++ b/source/kde/kde/build/breeze-icons @@ -1 +1 @@ -1 +2 diff --git a/source/kde/kde/patch/breeze-icons.patch b/source/kde/kde/patch/breeze-icons.patch new file mode 100644 index 000000000..bf561ccf6 --- /dev/null +++ b/source/kde/kde/patch/breeze-icons.patch @@ -0,0 +1,2 @@ +# Fix using this icon theme in Xfce: +cat $CWD/patch/breeze-icons/breeze-icons.04a13e272dd395442e7eb9dc58de3ab55a2f22f3.patch | patch -p1 --verbose || { touch ${SLACK_KDE_BUILD_DIR}/${PKGNAME}.failed ; continue ; } diff --git a/source/kde/kde/patch/breeze-icons/breeze-icons.04a13e272dd395442e7eb9dc58de3ab55a2f22f3.patch b/source/kde/kde/patch/breeze-icons/breeze-icons.04a13e272dd395442e7eb9dc58de3ab55a2f22f3.patch new file mode 100644 index 000000000..17c33ded5 --- /dev/null +++ b/source/kde/kde/patch/breeze-icons/breeze-icons.04a13e272dd395442e7eb9dc58de3ab55a2f22f3.patch @@ -0,0 +1,274 @@ +From 04a13e272dd395442e7eb9dc58de3ab55a2f22f3 Mon Sep 17 00:00:00 2001 +From: Nate Graham <nate@kde.org> +Date: Wed, 3 Feb 2021 20:49:41 -0700 +Subject: [PATCH] Add Xfce compatibility symlinks + +This commit adds the necessary compatibility symlinks to allow the +Breeze icon theme to be used on Xfce. + +BUG: 432333 +FIXED-IN: 5.85 +--- + icons-dark/actions/22/system-hibernate.svg | 1 + + icons-dark/actions/22/xfsm-hibernate.svg | 1 + + icons-dark/actions/32/system-hibernate.svg | 1 + + icons-dark/actions/32/xfsm-hibernate.svg | 1 + + icons-dark/places/16/org.xfce.gigolo.svg | 1 + + icons-dark/places/22/org.xfce.gigolo.svg | 1 + + icons-dark/status/22/nm-device-wired.svg | 1 + + icons-dark/status/22/nm-nm-signal-00.svg | 1 + + icons-dark/status/22/nm-nm-signal-100.svg | 1 + + icons-dark/status/22/nm-nm-signal-25.svg | 1 + + icons-dark/status/22/nm-nm-signal-50.svg | 1 + + icons-dark/status/22/nm-nm-signal-75.svg | 1 + + icons-dark/status/22/nm-no-connection.svg | 1 + + icons/actions/22/system-hibernate.svg | 1 + + icons/actions/22/xfsm-hibernate.svg | 1 + + icons/actions/32/system-hibernate.svg | 1 + + icons/actions/32/xfsm-hibernate.svg | 1 + + icons/places/16/org.xfce.gigolo.svg | 1 + + icons/places/22/org.xfce.gigolo.svg | 1 + + icons/status/22/nm-device-wired.svg | 1 + + icons/status/22/nm-nm-signal-00.svg | 1 + + icons/status/22/nm-nm-signal-100.svg | 1 + + icons/status/22/nm-nm-signal-25.svg | 1 + + icons/status/22/nm-nm-signal-50.svg | 1 + + icons/status/22/nm-nm-signal-75.svg | 1 + + icons/status/22/nm-no-connection.svg | 1 + + 26 files changed, 26 insertions(+) + create mode 120000 icons-dark/actions/22/system-hibernate.svg + create mode 120000 icons-dark/actions/22/xfsm-hibernate.svg + create mode 120000 icons-dark/actions/32/system-hibernate.svg + create mode 120000 icons-dark/actions/32/xfsm-hibernate.svg + create mode 120000 icons-dark/places/16/org.xfce.gigolo.svg + create mode 120000 icons-dark/places/22/org.xfce.gigolo.svg + create mode 120000 icons-dark/status/22/nm-device-wired.svg + create mode 120000 icons-dark/status/22/nm-nm-signal-00.svg + create mode 120000 icons-dark/status/22/nm-nm-signal-100.svg + create mode 120000 icons-dark/status/22/nm-nm-signal-25.svg + create mode 120000 icons-dark/status/22/nm-nm-signal-50.svg + create mode 120000 icons-dark/status/22/nm-nm-signal-75.svg + create mode 120000 icons-dark/status/22/nm-no-connection.svg + create mode 120000 icons/actions/22/system-hibernate.svg + create mode 120000 icons/actions/22/xfsm-hibernate.svg + create mode 120000 icons/actions/32/system-hibernate.svg + create mode 120000 icons/actions/32/xfsm-hibernate.svg + create mode 120000 icons/places/16/org.xfce.gigolo.svg + create mode 120000 icons/places/22/org.xfce.gigolo.svg + create mode 120000 icons/status/22/nm-device-wired.svg + create mode 120000 icons/status/22/nm-nm-signal-00.svg + create mode 120000 icons/status/22/nm-nm-signal-100.svg + create mode 120000 icons/status/22/nm-nm-signal-25.svg + create mode 120000 icons/status/22/nm-nm-signal-50.svg + create mode 120000 icons/status/22/nm-nm-signal-75.svg + create mode 120000 icons/status/22/nm-no-connection.svg + +diff --git a/icons-dark/actions/22/system-hibernate.svg b/icons-dark/actions/22/system-hibernate.svg +new file mode 120000 +index 000000000..2451dd60b +--- /dev/null ++++ b/icons-dark/actions/22/system-hibernate.svg +@@ -0,0 +1 @@ ++system-suspend-hibernate.svg +\ No newline at end of file +diff --git a/icons-dark/actions/22/xfsm-hibernate.svg b/icons-dark/actions/22/xfsm-hibernate.svg +new file mode 120000 +index 000000000..2451dd60b +--- /dev/null ++++ b/icons-dark/actions/22/xfsm-hibernate.svg +@@ -0,0 +1 @@ ++system-suspend-hibernate.svg +\ No newline at end of file +diff --git a/icons-dark/actions/32/system-hibernate.svg b/icons-dark/actions/32/system-hibernate.svg +new file mode 120000 +index 000000000..2451dd60b +--- /dev/null ++++ b/icons-dark/actions/32/system-hibernate.svg +@@ -0,0 +1 @@ ++system-suspend-hibernate.svg +\ No newline at end of file +diff --git a/icons-dark/actions/32/xfsm-hibernate.svg b/icons-dark/actions/32/xfsm-hibernate.svg +new file mode 120000 +index 000000000..2451dd60b +--- /dev/null ++++ b/icons-dark/actions/32/xfsm-hibernate.svg +@@ -0,0 +1 @@ ++system-suspend-hibernate.svg +\ No newline at end of file +diff --git a/icons-dark/places/16/org.xfce.gigolo.svg b/icons-dark/places/16/org.xfce.gigolo.svg +new file mode 120000 +index 000000000..b3a26eea3 +--- /dev/null ++++ b/icons-dark/places/16/org.xfce.gigolo.svg +@@ -0,0 +1 @@ ++folder-network.svg +\ No newline at end of file +diff --git a/icons-dark/places/22/org.xfce.gigolo.svg b/icons-dark/places/22/org.xfce.gigolo.svg +new file mode 120000 +index 000000000..b3a26eea3 +--- /dev/null ++++ b/icons-dark/places/22/org.xfce.gigolo.svg +@@ -0,0 +1 @@ ++folder-network.svg +\ No newline at end of file +diff --git a/icons-dark/status/22/nm-device-wired.svg b/icons-dark/status/22/nm-device-wired.svg +new file mode 120000 +index 000000000..141bbe50a +--- /dev/null ++++ b/icons-dark/status/22/nm-device-wired.svg +@@ -0,0 +1 @@ ++network-wired-activated.svg +\ No newline at end of file +diff --git a/icons-dark/status/22/nm-nm-signal-00.svg b/icons-dark/status/22/nm-nm-signal-00.svg +new file mode 120000 +index 000000000..49fca1ef6 +--- /dev/null ++++ b/icons-dark/status/22/nm-nm-signal-00.svg +@@ -0,0 +1 @@ ++network-wireless-connected-00.svg +\ No newline at end of file +diff --git a/icons-dark/status/22/nm-nm-signal-100.svg b/icons-dark/status/22/nm-nm-signal-100.svg +new file mode 120000 +index 000000000..af0386014 +--- /dev/null ++++ b/icons-dark/status/22/nm-nm-signal-100.svg +@@ -0,0 +1 @@ ++network-wireless-connected-100.svg +\ No newline at end of file +diff --git a/icons-dark/status/22/nm-nm-signal-25.svg b/icons-dark/status/22/nm-nm-signal-25.svg +new file mode 120000 +index 000000000..bb1542d2d +--- /dev/null ++++ b/icons-dark/status/22/nm-nm-signal-25.svg +@@ -0,0 +1 @@ ++network-wireless-connected-25.svg +\ No newline at end of file +diff --git a/icons-dark/status/22/nm-nm-signal-50.svg b/icons-dark/status/22/nm-nm-signal-50.svg +new file mode 120000 +index 000000000..f1b34079f +--- /dev/null ++++ b/icons-dark/status/22/nm-nm-signal-50.svg +@@ -0,0 +1 @@ ++network-wireless-connected-50.svg +\ No newline at end of file +diff --git a/icons-dark/status/22/nm-nm-signal-75.svg b/icons-dark/status/22/nm-nm-signal-75.svg +new file mode 120000 +index 000000000..d68bc0dc4 +--- /dev/null ++++ b/icons-dark/status/22/nm-nm-signal-75.svg +@@ -0,0 +1 @@ ++network-wireless-connected-75.svg +\ No newline at end of file +diff --git a/icons-dark/status/22/nm-no-connection.svg b/icons-dark/status/22/nm-no-connection.svg +new file mode 120000 +index 000000000..b2b468bde +--- /dev/null ++++ b/icons-dark/status/22/nm-no-connection.svg +@@ -0,0 +1 @@ ++network-wired-unavailable.svg +\ No newline at end of file +diff --git a/icons/actions/22/system-hibernate.svg b/icons/actions/22/system-hibernate.svg +new file mode 120000 +index 000000000..2451dd60b +--- /dev/null ++++ b/icons/actions/22/system-hibernate.svg +@@ -0,0 +1 @@ ++system-suspend-hibernate.svg +\ No newline at end of file +diff --git a/icons/actions/22/xfsm-hibernate.svg b/icons/actions/22/xfsm-hibernate.svg +new file mode 120000 +index 000000000..2451dd60b +--- /dev/null ++++ b/icons/actions/22/xfsm-hibernate.svg +@@ -0,0 +1 @@ ++system-suspend-hibernate.svg +\ No newline at end of file +diff --git a/icons/actions/32/system-hibernate.svg b/icons/actions/32/system-hibernate.svg +new file mode 120000 +index 000000000..2451dd60b +--- /dev/null ++++ b/icons/actions/32/system-hibernate.svg +@@ -0,0 +1 @@ ++system-suspend-hibernate.svg +\ No newline at end of file +diff --git a/icons/actions/32/xfsm-hibernate.svg b/icons/actions/32/xfsm-hibernate.svg +new file mode 120000 +index 000000000..2451dd60b +--- /dev/null ++++ b/icons/actions/32/xfsm-hibernate.svg +@@ -0,0 +1 @@ ++system-suspend-hibernate.svg +\ No newline at end of file +diff --git a/icons/places/16/org.xfce.gigolo.svg b/icons/places/16/org.xfce.gigolo.svg +new file mode 120000 +index 000000000..b3a26eea3 +--- /dev/null ++++ b/icons/places/16/org.xfce.gigolo.svg +@@ -0,0 +1 @@ ++folder-network.svg +\ No newline at end of file +diff --git a/icons/places/22/org.xfce.gigolo.svg b/icons/places/22/org.xfce.gigolo.svg +new file mode 120000 +index 000000000..b3a26eea3 +--- /dev/null ++++ b/icons/places/22/org.xfce.gigolo.svg +@@ -0,0 +1 @@ ++folder-network.svg +\ No newline at end of file +diff --git a/icons/status/22/nm-device-wired.svg b/icons/status/22/nm-device-wired.svg +new file mode 120000 +index 000000000..141bbe50a +--- /dev/null ++++ b/icons/status/22/nm-device-wired.svg +@@ -0,0 +1 @@ ++network-wired-activated.svg +\ No newline at end of file +diff --git a/icons/status/22/nm-nm-signal-00.svg b/icons/status/22/nm-nm-signal-00.svg +new file mode 120000 +index 000000000..49fca1ef6 +--- /dev/null ++++ b/icons/status/22/nm-nm-signal-00.svg +@@ -0,0 +1 @@ ++network-wireless-connected-00.svg +\ No newline at end of file +diff --git a/icons/status/22/nm-nm-signal-100.svg b/icons/status/22/nm-nm-signal-100.svg +new file mode 120000 +index 000000000..af0386014 +--- /dev/null ++++ b/icons/status/22/nm-nm-signal-100.svg +@@ -0,0 +1 @@ ++network-wireless-connected-100.svg +\ No newline at end of file +diff --git a/icons/status/22/nm-nm-signal-25.svg b/icons/status/22/nm-nm-signal-25.svg +new file mode 120000 +index 000000000..bb1542d2d +--- /dev/null ++++ b/icons/status/22/nm-nm-signal-25.svg +@@ -0,0 +1 @@ ++network-wireless-connected-25.svg +\ No newline at end of file +diff --git a/icons/status/22/nm-nm-signal-50.svg b/icons/status/22/nm-nm-signal-50.svg +new file mode 120000 +index 000000000..f1b34079f +--- /dev/null ++++ b/icons/status/22/nm-nm-signal-50.svg +@@ -0,0 +1 @@ ++network-wireless-connected-50.svg +\ No newline at end of file +diff --git a/icons/status/22/nm-nm-signal-75.svg b/icons/status/22/nm-nm-signal-75.svg +new file mode 120000 +index 000000000..d68bc0dc4 +--- /dev/null ++++ b/icons/status/22/nm-nm-signal-75.svg +@@ -0,0 +1 @@ ++network-wireless-connected-75.svg +\ No newline at end of file +diff --git a/icons/status/22/nm-no-connection.svg b/icons/status/22/nm-no-connection.svg +new file mode 120000 +index 000000000..b2b468bde +--- /dev/null ++++ b/icons/status/22/nm-no-connection.svg +@@ -0,0 +1 @@ ++network-wired-unavailable.svg +\ No newline at end of file + diff --git a/source/n/NetworkManager/NetworkManager.SlackBuild b/source/n/NetworkManager/NetworkManager.SlackBuild index fb108b5bf..3cfd061d4 100755 --- a/source/n/NetworkManager/NetworkManager.SlackBuild +++ b/source/n/NetworkManager/NetworkManager.SlackBuild @@ -27,7 +27,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=NetworkManager VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-2} +BUILD=${BUILD:-3} # Automatically determine the architecture we're building on: MARCH=$( uname -m ) diff --git a/source/n/NetworkManager/conf.d/00-dhcp-client.conf b/source/n/NetworkManager/conf.d/00-dhcp-client.conf index 8f4356924..53e30c85d 100644 --- a/source/n/NetworkManager/conf.d/00-dhcp-client.conf +++ b/source/n/NetworkManager/conf.d/00-dhcp-client.conf @@ -1,9 +1,22 @@ [main] # Choose a DHCP client below. Upstream recommends internal, but results may vary. -# dhcpcd is the DHCP client usually used by Slackware. The --noconfigure -# option must be used or the network will not return after suspend/resume: -dhcp=dhcpcd --noconfigure +# +# This is a simple DHCP client that is built into NetworkManager: +dhcp=internal +# # dhclient is the ISC reference DHCP client, part of the dhcp package: #dhcp=dhclient -# This is a simple DHCP client that is built into NetworkManager: -#dhcp=internal +# +# dhcpcd is the DHCP client usually used by Slackware. However, it is built +# with --enable-privsep, and a side-effect of this when used with +# NetworkManager is that the network will not return properly after a +# suspend/resume cycle. If you don't require this functionality, dhcpcd will +# work fine otherwise. If you do require it and don't want to use one of the +# other two options here, there are some workarounds. +# You may force NetworkManager to reload the network by killing dhcpcd: +# killall -9 dhcpcd +# Otherwise, you may rebuild the dhcpcd package without privilege separation +# using the following command in the dhcpcd source directory: +# PRIVSEP=no ./dhcpcd.SlackBuild +# The resulting dhcpcd package will work fine with NetworkManager. +#dhcp=dhcpcd diff --git a/source/n/bind/bind.SlackBuild b/source/n/bind/bind.SlackBuild index 783ef548a..45dbf08ed 100755 --- a/source/n/bind/bind.SlackBuild +++ b/source/n/bind/bind.SlackBuild @@ -1,6 +1,6 @@ #!/bin/bash -# Copyright 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016, 2018, 2019, 2020 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016, 2018, 2019, 2020, 2021 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -24,7 +24,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=bind VERSION=${VERSION:-$(echo ${PKGNAM}-[0-9]*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-2} +BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then @@ -121,6 +121,10 @@ mkdir -p $PKG/etc/rc.d cp -a $CWD/rc.bind $PKG/etc/rc.d/rc.bind.new chmod 644 $PKG/etc/rc.d/rc.bind.new +# Install default options file for named: +mkdir $PKG/etc/default +cat $CWD/default.named > $PKG/etc/default/named.new + # Fix library perms: chmod 755 $PKG/usr/lib${LIBDIRSUFFIX}/* diff --git a/source/n/bind/default.named b/source/n/bind/default.named new file mode 100644 index 000000000..2983934f4 --- /dev/null +++ b/source/n/bind/default.named @@ -0,0 +1,15 @@ +# User to run named as: +BIND_USER=named + +# By default, named will also run as the primary group of $BIND_USER. +# We will determine this now for the purpose of also chowning /run/named +# and /var/named to this group. You may also comment this section out and +# set BIND_GROUP manually if desired. +BIND_GROUP="$(groups $BIND_USER | cut -f 3 -d " ")" +# Fallback if there's no primary group for $BIND_USER: +if [ -z "$BIND_GROUP" ]; then + BIND_GROUP=wheel +fi + +# Options to run named with: +NAMED_OPTIONS="-u $BIND_USER" diff --git a/source/n/bind/doinst.sh b/source/n/bind/doinst.sh index afeff946f..0e90be641 100644 --- a/source/n/bind/doinst.sh +++ b/source/n/bind/doinst.sh @@ -18,6 +18,7 @@ if [ -e etc/rc.d/rc.bind ]; then mv etc/rc.d/rc.bind.new.incoming etc/rc.d/rc.bind.new fi +config etc/default/named.new config etc/named.conf.new config etc/rc.d/rc.bind.new @@ -28,9 +29,10 @@ if [ ! -d var/named ]; then fi # Generate /etc/rndc.key if there's none there, -# and there also no /etc/rndc.conf (the other +# and there's also no /etc/rndc.conf (the other # way to set this up). if [ ! -r etc/rndc.key -a ! -r /etc/rndc.conf ]; then chroot . /sbin/ldconfig - chroot . /usr/sbin/rndc-confgen -r /dev/urandom -a 2> /dev/null + chroot . /usr/sbin/rndc-confgen -a 2> /dev/null + chroot . /bin/chown named:named /etc/rndc.key 2> /dev/null fi diff --git a/source/n/bind/rc.bind b/source/n/bind/rc.bind index cab751634..7886a2543 100644 --- a/source/n/bind/rc.bind +++ b/source/n/bind/rc.bind @@ -1,19 +1,8 @@ #!/bin/sh # Start/stop/restart the BIND name server daemon (named). -# Start BIND. In the past it was more secure to run BIND as a non-root -# user (for example, with '-u daemon'), but the modern version of BIND -# knows how to use the kernel's capability mechanism to drop all root -# privileges except the ability to bind() to a privileged port and set -# process resource limits, so running as a non-root user is not needed. -# But if you want to run as a non-root user anyway, the command options -# can be set like this in /etc/default/named: -# NAMED_OPTIONS="-u daemon" -# So you will not have to edit this script. -# -# Please note that if you run BIND as a non-root user, your files in -# /var/named may need to be chowned to this user or else named will -# refuse to start. +# Start BIND. By default this will run with user "named". If you'd like to +# change this or other options, see: /etc/default/named # You might also consider running BIND in a "chroot jail", # a discussion of which may be found in @@ -27,6 +16,17 @@ if [ -f /etc/default/named ] ; then . /etc/default/named ; fi if [ -f /etc/default/rndc ] ; then . /etc/default/rndc ; fi +# In case /etc/default/named was missing: +if [ -z "$BIND_USER" ]; then + BIND_USER="named" +fi +if [ -z "$BIND_GROUP" ]; then + BIND_GROUP="named" +fi +if [ -z "$BIND_OPTIONS" ]; then + BIND_OPTIONS="-u $BIND_USER" +fi + # Sanity check. If /usr/sbin/named is missing then it # doesn't make much sense to try to run this script: if [ ! -x /usr/sbin/named ]; then @@ -34,40 +34,16 @@ if [ ! -x /usr/sbin/named ]; then exit 1 fi -# Function to find the user BIND is running as in $NAMED_OPTIONS: -find_bind_user() { - if echo $NAMED_OPTIONS | grep -wq "\-u" ; then - unset BIND_USER USER_FOUND - echo $NAMED_OPTIONS | tr ' ' '\n' | while read element ; do - if [ "$USER_FOUND" = "true" ]; then - BIND_USER="$element" - echo $BIND_USER - break - elif [ "$element" = "-u" ]; then - USER_FOUND="true" - fi - done - else - echo "root" - fi -} - # Start BIND. As many times as you like. ;-) # Seriously, don't run "rc.bind start" if BIND is already # running or you'll get more than one copy running. bind_start() { # Make sure /var/run/named exists: mkdir -p /var/run/named - # If we are running as a non-root user, we'll need to be sure that - # /var/run/named is chowned properly to that user. Your files in - # /var/named may need to be chowned as well, but that will be up to - # the sysadmin to do. - BIND_USER="$(find_bind_user)" - if [ ! "$BIND_USER" = "root" ]; then - chown -R $BIND_USER /var/run/named - else # prevent error if switching back to running as root: - chown -R root /var/run/named - fi + # Make sure that /var/run/named has correct ownership: + chown -R ${BIND_USER}:${BIND_GROUP} /var/run/named + # Make sure that /var/named has correct ownership: + chown -R ${BIND_USER}:${BIND_GROUP} /var/named # Start named: if [ -x /usr/sbin/named ]; then echo "Starting BIND: /usr/sbin/named $NAMED_OPTIONS" diff --git a/source/n/dhcpcd/dhcpcd.SlackBuild b/source/n/dhcpcd/dhcpcd.SlackBuild index 2027e5b6d..53cf1be4a 100755 --- a/source/n/dhcpcd/dhcpcd.SlackBuild +++ b/source/n/dhcpcd/dhcpcd.SlackBuild @@ -1,6 +1,6 @@ #!/bin/bash -# Copyright 2008, 2009, 2010, 2013, 2014, 2017, 2018, 2020 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2008, 2009, 2010, 2013, 2014, 2017, 2018, 2020, 2021 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -26,6 +26,21 @@ PKGNAM=dhcpcd VERSION=${VERSION:-$(echo dhcpcd-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} BUILD=${BUILD:-1} +# By default, Slackware builds dhcpcd with privilege separation, which improves +# security by ensuring that any security vulnerabilies such as buffer overflows +# or shell metacharacter insertion would gain access to an unprivileged user +# (the dhcpcd user) rather than the root user. However, this creates issues +# when using dhcpcd with NetworkManager. With privilege separation enabled, +# the network won't return properly after suspend/resume. +# +# If you use dhcpcd with NetworkManager and this functionality is important to +# you, rebuild dhcpcd with this command: +# +# PRIVSEP=no ./dhcpcd.SlackBuild +# +# Then upgrade to the generated package. +PRIVSEP=${PRIVSEP:-yes} + NUMJOBS=${NUMJOBS:-" -j$(expr $(nproc) + 1) "} # Automatically determine the architecture we're building on: @@ -85,6 +100,15 @@ patch -p1 --verbose < $CWD/patches/dhcpcd.conf-request_ntp_server_by_default.pat # /etc/rc.d/rc.S, and /var should not be on a network filesystem. As such, # we'll use the FHS layout instead of putting things in /etc/dhcpc +# Set options to build with or without privsep: +if [ "$PRIVSEP" = "yes" ]; then + PRIVSEP_OPTIONS="--enable-privsep --privsepuser=dhcpcd" + unset TAG +else + PRIVSEP_OPTIONS="--disable-privsep" + TAG="_noprivsep" +fi + # Yes, /lib/dhcpcd is correct, even on x86_64. CFLAGS="$SLKCFLAGS" \ ./configure \ @@ -96,6 +120,7 @@ CFLAGS="$SLKCFLAGS" \ --libexecdir=/lib/dhcpcd \ --mandir=/usr/man \ --rundir=/run \ + $PRIVSEP_OPTIONS \ --build=$ARCH-slackware-linux || exit 1 make $NUMJOBS || make || exit 1 @@ -138,5 +163,4 @@ cat $CWD/slack-desc > $PKG/install/slack-desc zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh cd $PKG -/sbin/makepkg -l y -c n $TMP/dhcpcd-$VERSION-$ARCH-$BUILD.txz - +/sbin/makepkg -l y -c n $TMP/dhcpcd-$VERSION-$ARCH-$BUILD$TAG.txz |