summaryrefslogtreecommitdiffstats
path: root/meta/recipes-connectivity
Commit message (Collapse)AuthorAgeFilesLines
* wpa_supplicant: fix WPA2 key replay security bugkrogoth-nextRoss Burton2017-10-162-0/+940
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | WPA2 is vulnerable to replay attacks which result in unauthenticated users having access to the network. * CVE-2017-13077: reinstallation of the pairwise key in the Four-way handshake * CVE-2017-13078: reinstallation of the group key in the Four-way handshake * CVE-2017-13079: reinstallation of the integrity group key in the Four-way handshake * CVE-2017-13080: reinstallation of the group key in the Group Key handshake * CVE-2017-13081: reinstallation of the integrity group key in the Group Key handshake * CVE-2017-13082: accepting a retransmitted Fast BSS Transition Reassociation Request and reinstalling the pairwise key while processing it * CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake * CVE-2017-13087: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame * CVE-2017-13088: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame Backport patches from upstream to resolve these CVEs. Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl.inc: avoid random ptest failuresPatrick Ohly2017-05-181-0/+13
| | | | | | | | | | | | | | | | | | | "make alltests" is sensitive to the timestamps of the installed files. Depending on the order in which cp copies files, .o and/or executables may end up with time stamps older than the source files. Running tests then triggers recompilation attempts, which typically will fail because dev tools and files are not installed. "cp -a" is not enough because the files also have to be newer than the installed header files. Setting the file time stamps to the current time explicitly after copying solves the problem because do_install_ptest_base is guaranteed to run after do_install. (From OE-Core rev: 101e2a5e0b7822ca3de3d3a73369405c05ab3c5b) Signed-off-by: Patrick Ohly <patrick.ohly@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* openssl: fix do_configure error when cwd is not in @INCRobert Yang2017-05-182-0/+35
| | | | | | | | | | | | | | Fixed when building on Debian-testing: | Can't locate find.pl in @INC (@INC contains: /etc/perl /usr/local/lib/x86_64-linux-gnu/perl/5.22.2 /usr/local/share/perl/5.22.2 /usr/lib/x86_64-linux-gnu/perl5/5.22 /usr/share/perl5 /usr/lib/x86_64-linux-gnu/perl/5.22 /usr/share/perl/5.22 /usr/local/lib/site_perl /usr/lib/x86_64-linux-gnu/perl-base) at perlpath.pl line 7. (From OE-Core rev: c28065671b582c140d5971c73791d2ac8bdebe69) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> fixed merge conflict Signed-off-by: Armin Kuster <akuster808@gmail.com>
* openssl: Security fix CVE-2016-2177Armin Kuster2017-05-182-0/+287
| | | | | | | | | | | | | | Affects openssl <= 1.0.2h CVSS v2 Base Score: 7.5 HIGH (From OE-Core rev: 2848c7d3e454cbc84cba9183f23ccdf3e9200ec9) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> fixed merge conflicts Signed-off-by: Armin Kuster <akuster808@gmail.com>
* openssl: prevent warnings from openssl-c_rehash.shJoshua Lock2017-05-181-2/+2
| | | | | | | | | | | | | | | | | | The openssl-c_rehash.sh script reports duplicate files and files which don't contain a certificate or CRL by echoing a WARNING to stdout. This warning gets picked up by the log checker during rootfs and results in several warnings getting reported to the console during an image build. To prevent the log from being overrun by warnings related to certificates change these messages in openssl-c_rehash.sh to be prefixed with NOTE not WARNING. (From OE-Core rev: 88c25318db9f8091719b317bacd636b03d50a411) Signed-off-by: Joshua Lock <joshua.g.lock@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* openssl: Ensure SSL certificates are stored on sysconfdirOtavio Salvador2017-05-181-3/+14
| | | | | | | | | | | | | | | | Debian and other generic distributions has moved the certificates for sysconfdir (/etc/ssl) and made the libdir content to link for it. This provides several advantages specially for read-only rootfs. Another benefit is that it ensures foreign implementations (e.g: BoringSSL, from Chromium, when running with OpenSSL backend for the certificates) to find the content correctly. (From OE-Core rev: 50d63fa346bbb05dafffc0cb55e21e1092272d95) Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* openssl: Add Shell-Script based c_rehash utilityOtavio Salvador2017-05-183-5/+215
| | | | | | | | | | | | | | | | | | | | | The PLD Linux distribution has ported the c_rehash[1] utility from Perl to Shell-Script, allowing it to be shipped by default. 1. https://git.pld-linux.org/?p=packages/openssl.git;a=blob;f=openssl-c_rehash.sh;h=0ea22637ee6dbce845a9e2caf62540aaaf5d0761 The OpenSSL upstream intends[2] to convert the utility for C however did not yet finished the conversion. 2. https://rt.openssl.org/Ticket/Display.html?id=2324 This patch adds this script and thus removed the Perl requirement for it. (From OE-Core rev: cb6150f1a779e356f120d5e45c91fda75789970a) Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* openssl: fix add missing dependencies building for test directoryAndrej Valek2017-05-181-0/+3
| | | | | | | | | | | | | | Regarding the last commit about missing dependencies, another issue was found. The problem was found, while ptest has been built with some set extra settings. It means, when ptest is going to be built, it is necessary to rebuild dependencies for test directory too. (From OE-Core rev: 030142d0410bec85aeacfff6be27d5fed41ce808) Signed-off-by: Andrej Valek <andrej.valek@siemens.com> Signed-off-by: Pascal Bach <pascal.bach@siemens.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* openssl: fix add missing `make depend` command before `make` libraryAndrej Valek2017-05-181-1/+2
| | | | | | | | | | | | | | | | Settings from EXTRA_OECONF like en/disable no-ssl3, are transferred only into DEPFLAGS. It means that settings have no effect on output files. DEPFLAGS will be transferred into output files with make depend command. https://wiki.openssl.org/index.php/Compilation_and_Installation#Dependencies (From OE-Core rev: e3c251427a305780d3257a011260bd978de273d5) Signed-off-by: Andrej Valek <andrej.valek@siemens.com> Signed-off-by: Pascal Bach <pascal.bach@siemens.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* openssl: Fix MIPS64be and add MIPS64leZubair Lutfullah Kakakhel2017-05-181-1/+4
| | | | | | | | | | | | | | MIPS64 target was being configured for linux-mips which defaults to MIPS32. Doesn't cause any issue as far as I can see but it would be wiser to use the correct target configuration. Also add MIPS64le configuration which is missing. (From OE-Core rev: 0afec72913bc31d315cba079da317e8b28755ded) Signed-off-by: Zubair Lutfullah Kakakhel <Zubair.Kakakhel@imgtec.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* openssl: Security fix CVE-2016-8610Armin Kuster2017-05-182-0/+125
| | | | | | | | | | affects openssl < 1.0.2i (From OE-Core rev: 0256b61cdafe540edb3cec2a34429e24b037cfae) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* bind: fix two CVEsZheng Ruoqin2016-11-083-0/+215
| | | | | | | | | | | | | | | Add two CVE patches from upstream git: https://www.isc.org/git/ 1.CVE-2016-2775.patch 2.CVE-2016-2776.patch (From OE-Core rev: 5f4588d675e400f13bb6001df04790c867a95230) Signed-off-by: zhengruoqin <zhengrq.fnst@cn.fujitsu.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* openssl: Security fix CVE-2016-6306Armin Kuster2016-09-272-0/+72
| | | | | | affects openssl < 1.0.1i Signed-off-by: Armin Kuster <akuster@mvista.com>
* openssl: Security fix CVE-2016-6304Armin Kuster2016-09-272-0/+76
| | | | | | affects openssl < 1.0.1i Signed-off-by: Armin Kuster <akuster@mvista.com>
* openssl: Security fix CVE-2016-6303Armin Kuster2016-09-272-0/+37
| | | | | | affects openssl < 1.0.1i Signed-off-by: Armin Kuster <akuster@mvista.com>
* openssl: Security fix CVE-2016-6302Armin Kuster2016-09-272-0/+54
| | | | | | affects openssl < 1.0.1i Signed-off-by: Armin Kuster <akuster@mvista.com>
* openssl: Security fix CVE-2016-2182Armin Kuster2016-09-272-0/+71
| | | | | | affects openssl < 1.0.1i Signed-off-by: Armin Kuster <akuster@mvista.com>
* openssl: Security fix CVE-2016-2181Armin Kuster2016-09-274-0/+363
| | | | | | affects openssl < 1.0.1i Signed-off-by: Armin Kuster <akuster@mvista.com>
* openssl: Security fix CVE-2016-2180Armin Kuster2016-09-272-0/+45
| | | | | | affects openssl < 1.0.1i Signed-off-by: Armin Kuster <akuster@mvista.com>
* openssl: Security fix CVE-2016-2179Armin Kuster2016-09-272-0/+256
| | | | | | affects openssl < 1.0.1i Signed-off-by: Armin Kuster <akuster@mvista.com>
* openssl: Security fix CVE-2016-2178Armin Kuster2016-09-272-0/+55
| | | | | | affects openssl < 1.0.2i Signed-off-by: Armin Kuster <akuster@mvista.com>
* wpa_supplicant: Security Advisory-CVE-2016-4477Zhixiong Chi2016-09-274-0/+178
| | | | | | | | | | | | | | Add CVE-2016-4477 patch for avoiding \n and \r characters in passphrase parameters, which allows remote attackers to cause a denial of service (daemon outage) via a crafted WPS operation. Patches came from http://w1.fi/security/2016-1/ (From OE-Core rev: d4d4ed5f31c687b2b2b716ff0fb8ca6c7aa29853) Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com>
* wpa_supplicant: Security Advisory-CVE-2016-4476Zhixiong Chi2016-09-273-0/+174
| | | | | | | | | | | | | | Add CVE-2016-4476 patch for avoiding \n and \r characters in passphrase parameters, which allows remote attackers to cause a denial of service (daemon outage) via a crafted WPS operation. Patches came from http://w1.fi/security/2016-1/ (From OE-Core rev: ed610b68f7e19644c89d7131e34c990a02403c62) Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com>
* openssh: Security fix CVE-2015-8325Armin Kuster2016-09-232-0/+34
| | | | | | openssh < 7.2p2 Signed-off-by: Armin Kuster <akuster@mvista.com>
* openssh: Security fix CVE-2016-5615Armin Kuster2016-09-232-0/+55
| | | | | | openssh < 7.3 Signed-off-by: Armin Kuster <akuster@mvista.com>
* openssh: Security fix CVE-2016-6210Armin Kuster2016-09-234-0/+289
| | | | | | affects openssh < 7.3 Signed-off-by: Armin Kuster <akuster@mvista.com>
* Revert "openssl: prevent ABI break from earlier krogoth releases"Armin Kuster2016-07-061-22/+9
| | | | | | | | | This patch should not have been back ported. This reverts commit 18b0a78f439ce26ea475537cc20ebbc1d091920c. Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: fix init script restart with read-only-rootfsMatthew Campbell2016-06-291-1/+1
| | | | | | | | | | | | | | restart in the init script uses the check_config() function which doesn't have the $SSHD_OPTS passed through. This causes it to check the wrong config (and fail when read-only-rootfs is enabled. (From OE-Core rev: cb6f78072deb8b8c22baf5c31c3bd19d7e0af236) Signed-off-by: Matthew Campbell <mcampbell@izotope.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 772ba8d865c1e7b62496df6b8eac73b367a4dc20) Signed-off-by: Armin Kuster <akuster@mvista.com>
* openssh: change URI to http:Ross Burton2016-06-291-1/+1
| | | | | | | | | | | | | The OpenBSD FTP server isn't accepting connections from wget, which breaks fetches. Luckily they also have a HTTP server on the same host. [ YOCTO #9628 ] (From OE-Core rev: 8b10f0af3c434145b460fd5d7a9f394dc1284260) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com>
* openssl: prevent ABI break from earlier krogoth releasesJoshua Lock2016-06-291-9/+22
| | | | | | | | | | | | | | | | The backported upgrade to 1.0.2h included an updated GNU LD version-script which results in an ABI change. In order to try and respect ABI for existing binaries built against fido this commit partially reverts the version-script to maintain the existing ABI and instead only add the new symbols required by 1.0.2h. Suggested-by: Martin Jansa <martin.jansa@gmail.com> (From OE-Core rev: 480db6be99f9a53d8657b31b846f0079ee1a124f) Signed-off-by: Joshua Lock <joshua.g.lock@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* bluez5: enable out-of-tree buildsRoss Burton2016-06-292-2/+29
| | | | | | | | | | | A patch is needed to fix a race in out-of-tree builds, and the install-ptest logic can be simplified. (From OE-Core rev: 471fdafb340e90a4ab2e31854f69d5204e9380bf) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com>
* bluez5: fixed path to bluetoothd in sysvinit scriptChristian Ege2016-06-152-1/+5
| | | | | | | | Within the sysvinit script the path to bluetoothd is wrong. Because of this the init scripts silently terminates without any message Signed-off-by: Christian Ege <k4230r6@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
* openssl: Security fix via update to 1.0.2hArmin Kuster2016-05-172-11/+9
| | | | | | | | | | | | | | | | | | | | | CVE-2016-2105 CVE-2016-2106 CVE-2016-2109 CVE-2016-2176 https://www.openssl.org/news/secadv/20160503.txt fixup openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch drop crypto_use_bigint_in_x86-64_perl.patch as that fix is in latest. (From OE-Core rev: c693f34f54257a8eca9fe8c5a9eee5647b7eeb0c) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: Security Fix CVE-2016-3115Armin Kuster2016-04-292-1/+87
| | | | | | | opehssh <= 7.2 Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* connman-gnome: Depend on dbus-glib-nativeJussi Kukkonen2016-04-291-1/+1
| | | | | | | This is required for dbus-binding-tool. Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
* dhcp: CVE-2016-2774Catalin Enache2016-04-182-0/+66
| | | | | | | | | | | | | ISC DHCP 4.1.x before 4.1-ESV-R13 and 4.2.x and 4.3.x before 4.3.4 does not restrict the number of concurrent TCP sessions, which allows remote attackers to cause a denial of service (INSIST assertion failure or request-processing outage) by establishing many sessions. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2774 Signed-off-by: Catalin Enache <catalin.enache@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
* bind: CVE-2016-2088Jussi Kukkonen2016-04-182-0/+248
| | | | | | | | | | | | | | Duplicate EDNS COOKIE options in a response could trigger an assertion failure: Fix with a backport. bind as built with the oe-core recipe is not at risk: Only servers which are built with DNS cookie support (--enable-sit) are vulnerable to denial of service. Fixes [YOCTO #9438] Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
* dhcp: Enable update-rc.d serviceFabio Berton2016-04-151-1/+5
| | | | | | | | | do_install_append function installs init scripts but to enable this service we need to inherit update-rc.d class and set INITSCRIPT name and params. Signed-off-by: Fabio Berton <fabio.berton@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: CVE-2016-1285 CVE-2016-1286Sona Sarmadi2016-04-144-0/+550
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes following vulnerabilities: CVE-2016-1285 bind: malformed packet sent to rndc can trigger assertion failure CVE-2016-1286 bind: malformed signature records for DNAME records can trigger assertion failure [YOCTO #9400] External References: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-1285 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-1286 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1285 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1286 References to the Upstream commits and Security Advisories: =========================================================== CVE-2016-1285: https://kb.isc.org/article/AA-01352 https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=patch; h=70037e040e587329cec82123e12b9f4f7c945f67 CVE-2016-1286_1: https://kb.isc.org/article/AA-01353 https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=patch; h=a3d327bf1ceaaeabb20223d8de85166e940b9f12 CVE-2016-1286_2: https://kb.isc.org/article/AA-01353 https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=patch; h=7602be276a73a6eb5431c5acd9718e68a55e8b61 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
* socat: Use c_ispeed and c_ospeed based upon libcKhem Raj2016-04-141-20/+33
| | | | | | | | | | musl calls them __c_ispeed and __c_ospeed and we can not use get/set APIs because the get APIs will return the value from iflags and not from *speed element from termios struct Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
* openssl.inc: minor packaging cleanupAndre McCurdy2016-04-081-2/+1
| | | | | | | | | | | | | | | | | | | libcrypto.so was explicitly added to FILES_${PN}-dev as part of moving libcrypto from libdir -> base_libdir to support dhclient [1]. However, the line has been unnecessary since ${base_libdir}/lib*.so files started to be included in FILES_${PN}-dev by default [2] (and it's still unnecessary now, after moving libcrypto from back to libdir to support ntp [3]). [1] http://git.openembedded.org/openembedded-core/commit/?id=01ea85f7f6c53c66c76d6f832518b28bf06ec072 [2] http://git.openembedded.org/openembedded-core/commit/?id=66c36bcb7d9368718453265e58bd5e3c854c786a [3] http://git.openembedded.org/openembedded-core/commit/?id=0be2ab32f690a2fcba0e821abe11460958bbc6dc Also define FILES_libssl using SOLIBS instead of a hardcoded pattern. Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bluez5.inc: remove obsolete workaroundPatrick Ohly2016-04-051-2/+0
| | | | | | | | | | | Bluez 5.37 itself correctly installs bluetooth.conf, and honors the path settings in dbus-1.pc. Removing the obsolete workaround is necessary for compiling "stateless" (= read-only system configuration moved out of /etc). Signed-off-by: Patrick Ohly <patrick.ohly@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bluez5: add ptest supportAlexander Kanavin2016-04-033-1/+71
| | | | | | | [YOCTO #5134] Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: /var/cache/bindJoe Slater2016-03-241-3/+2
| | | | | | | Change the ownership of /var/cache/bind to bind rather than root. Signed-off-by: Joe Slater <jslater@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
* dhcpd: create dhcpd user for dhcp dameonAlexandru Moise2016-03-202-2/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch enables the functionality for dhcpd service to be started with dhcp uid and gid. Test steps: Step 1: Assign ip to interface ifconfig eth0 192.168.1.1 Step 2: Edit /etc/dhcp/dhcpd.conf: default-lease-time 600; max-lease-time 7200; option subnet-mask 255.255.255.0; subnet 192.168.1.0 netmask 255.255.255.0 { option broadcast-address 192.168.1.255; range 192.168.1.88 192.168.1.88; option routers 192.168.1.0; } Step 3: Edit /etc/default/dhcp-server: INTERFACES="eth0" Step 4: Check uid and gid of running dhcpd process $ ps -eo user:19,group:19,cmd | grep dhcpd dhcp dhcp /usr/sbin/dhcpd eth0 -user dhcp -group dhcp Signed-off-by: Alexandru Moise <alexandru.moise@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
* bluez5: allow D-Bus to spawn obexd in systems without systemdJavier Viguera2016-03-202-0/+64
| | | | | | | | This includes a proper D-Bus service file for obexd in systems that do not support systemd. Signed-off-by: Javier Viguera <javier.viguera@digi.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
* socat: Access c_ispeed and c_ospeed via APIsKhem Raj2016-03-202-0/+40
| | | | | | | make it more portable across libc implementations Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
* openssl: don't move libcrypto to base_libdirChen Qi2016-03-201-9/+2
| | | | | | | | | | | For now, if 'openssl' is enabled for ntp, ntp would still be built without openssl & libcrypto. This is because that ntp thinks openssl and libcrypto locates under the same directory. This patch removes the codes of moving libcrypto to base_libdir. Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
* dhcp: enable gentle shutdownChen Qi2016-03-202-0/+26
| | | | | | | | | | | For now, `systemctl stop dhcpd' cannot stop dhcpd correctly, the SIGTERM signal would time out, causing a SIGKILL signal sent to dhcpd. Patch site.h to enable gentle shutdown to so that dhcpd could be stopped by SIGTERM. Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
* avahi: enable gobject-introspectionAlexander Kanavin2016-03-122-5/+12
| | | | | Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>