d/patches: cherry-pick fitting upstream commits for Bullseye
Reorganize patches in sub-directories.
Christian Göttsche
3 years ago
+107
-0
0 | From: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com> | |
1 | Date: Wed, 5 Feb 2020 14:45:54 +0100 | |
2 | Applied-Upstream: https://github.com/vergoh/vnstat/commit/16a6e728ec207e022f478c524260f19d44d4d13e | |
3 | Subject: avoid discarding const on const strings | |
4 | MIME-Version: 1.0 | |
5 | Content-Type: text/plain; charset="utf-8" | |
6 | Content-Transfer-Encoding: 8bit | |
7 | ||
8 | gcc warnings: | |
9 | ||
10 | src/dbsql.c: In function ‘db_create’: | |
11 | src/dbsql.c:314:6: warning: assignment discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers] | |
12 | 314 | sql = "CREATE TABLE info(\n" | |
13 | | ^ | |
14 | src/dbsql.c:324:6: warning: assignment discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers] | |
15 | 324 | sql = "CREATE TABLE interface(\n" | |
16 | | ^ | |
17 | src/dbsql.c: In function ‘db_getiflist_sorted’: | |
18 | src/dbsql.c:730:7: warning: assignment discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers] | |
19 | 730 | sql = "select name from interface order by name asc"; | |
20 | | ^ | |
21 | src/dbsql.c:732:7: warning: assignment discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers] | |
22 | 732 | sql = "select name from interface order by rxtotal+txtotal desc"; | |
23 | | ^ | |
24 | --- | |
25 | src/dbsql.c | 23 ++++++++++++----------- | |
26 | 1 file changed, 12 insertions(+), 11 deletions(-) | |
27 | ||
28 | diff --git a/src/dbsql.c b/src/dbsql.c | |
29 | index c863541..98eb8dc 100644 | |
30 | --- a/src/dbsql.c | |
31 | +++ b/src/dbsql.c | |
32 | @@ -303,7 +303,8 @@ int db_exec(const char *sql) | |
33 | int db_create(void) | |
34 | { | |
35 | int i; | |
36 | - char *sql; | |
37 | + const char *sql1; | |
38 | + char *sql2; | |
39 | char buffer[32]; | |
40 | const char *datatables[] = {"fiveminute", "hour", "day", "month", "year", "top"}; | |
41 | ||
42 | @@ -311,17 +312,17 @@ int db_create(void) | |
43 | return 0; | |
44 | } | |
45 | ||
46 | - sql = "CREATE TABLE info(\n" | |
47 | + sql1 = "CREATE TABLE info(\n" | |
48 | " id INTEGER PRIMARY KEY,\n" | |
49 | " name TEXT UNIQUE NOT NULL,\n" | |
50 | " value TEXT NOT NULL)"; | |
51 | ||
52 | - if (!db_exec(sql)) { | |
53 | + if (!db_exec(sql1)) { | |
54 | db_rollbacktransaction(); | |
55 | return 0; | |
56 | } | |
57 | ||
58 | - sql = "CREATE TABLE interface(\n" | |
59 | + sql1 = "CREATE TABLE interface(\n" | |
60 | " id INTEGER PRIMARY KEY,\n" | |
61 | " name TEXT UNIQUE NOT NULL,\n" | |
62 | " alias TEXT,\n" | |
63 | @@ -333,14 +334,14 @@ int db_create(void) | |
64 | " rxtotal INTEGER NOT NULL,\n" | |
65 | " txtotal INTEGER NOT NULL)"; | |
66 | ||
67 | - if (!db_exec(sql)) { | |
68 | + if (!db_exec(sql1)) { | |
69 | db_rollbacktransaction(); | |
70 | return 0; | |
71 | } | |
72 | ||
73 | - sql = malloc(sizeof(char) * 512); | |
74 | + sql2 = malloc(sizeof(char) * 512); | |
75 | for (i = 0; i < 6; i++) { | |
76 | - sqlite3_snprintf(512, sql, "CREATE TABLE %s(\n" | |
77 | + sqlite3_snprintf(512, sql2, "CREATE TABLE %s(\n" | |
78 | " id INTEGER PRIMARY KEY,\n" | |
79 | " interface INTEGER REFERENCES interface(id) ON DELETE CASCADE,\n" | |
80 | " date DATE NOT NULL,\n" | |
81 | @@ -349,13 +350,13 @@ int db_create(void) | |
82 | " CONSTRAINT u UNIQUE (interface, date))", | |
83 | datatables[i]); | |
84 | ||
85 | - if (!db_exec(sql)) { | |
86 | - free(sql); | |
87 | + if (!db_exec(sql2)) { | |
88 | + free(sql2); | |
89 | db_rollbacktransaction(); | |
90 | return 0; | |
91 | } | |
92 | } | |
93 | - free(sql); | |
94 | + free(sql2); | |
95 | ||
96 | snprintf(buffer, 32, "%" PRIu64 "", (uint64_t)MAX32); | |
97 | if (!db_setinfo("btime", buffer, 1)) { | |
98 | @@ -723,7 +724,7 @@ int db_getiflist(iflist **ifl) | |
99 | int db_getiflist_sorted(iflist **ifl, const int orderbytraffic) | |
100 | { | |
101 | int rc; | |
102 | - char *sql; | |
103 | + const char *sql; | |
104 | sqlite3_stmt *sqlstmt; | |
105 | ||
106 | if (!orderbytraffic) { |
+101
-0
0 | From: Teemu Toivola <git@humdi.net> | |
1 | Date: Wed, 26 Feb 2020 00:18:06 +0200 | |
2 | Applied-Upstream: https://github.com/vergoh/vnstat/commit/0b8f38cb87044e553e061dee2e590cff8bc56a5d | |
3 | Subject: rename variables for improved readability | |
4 | ||
5 | --- | |
6 | src/dbsql.c | 30 +++++++++++++++--------------- | |
7 | 1 file changed, 15 insertions(+), 15 deletions(-) | |
8 | ||
9 | diff --git a/src/dbsql.c b/src/dbsql.c | |
10 | index 98eb8dc..747cd14 100644 | |
11 | --- a/src/dbsql.c | |
12 | +++ b/src/dbsql.c | |
13 | @@ -303,8 +303,8 @@ int db_exec(const char *sql) | |
14 | int db_create(void) | |
15 | { | |
16 | int i; | |
17 | - const char *sql1; | |
18 | - char *sql2; | |
19 | + const char *constsql; | |
20 | + char *sql; | |
21 | char buffer[32]; | |
22 | const char *datatables[] = {"fiveminute", "hour", "day", "month", "year", "top"}; | |
23 | ||
24 | @@ -312,17 +312,17 @@ int db_create(void) | |
25 | return 0; | |
26 | } | |
27 | ||
28 | - sql1 = "CREATE TABLE info(\n" | |
29 | + constsql = "CREATE TABLE info(\n" | |
30 | " id INTEGER PRIMARY KEY,\n" | |
31 | " name TEXT UNIQUE NOT NULL,\n" | |
32 | " value TEXT NOT NULL)"; | |
33 | ||
34 | - if (!db_exec(sql1)) { | |
35 | + if (!db_exec(constsql)) { | |
36 | db_rollbacktransaction(); | |
37 | return 0; | |
38 | } | |
39 | ||
40 | - sql1 = "CREATE TABLE interface(\n" | |
41 | + constsql = "CREATE TABLE interface(\n" | |
42 | " id INTEGER PRIMARY KEY,\n" | |
43 | " name TEXT UNIQUE NOT NULL,\n" | |
44 | " alias TEXT,\n" | |
45 | @@ -334,14 +334,14 @@ int db_create(void) | |
46 | " rxtotal INTEGER NOT NULL,\n" | |
47 | " txtotal INTEGER NOT NULL)"; | |
48 | ||
49 | - if (!db_exec(sql1)) { | |
50 | + if (!db_exec(constsql)) { | |
51 | db_rollbacktransaction(); | |
52 | return 0; | |
53 | } | |
54 | ||
55 | - sql2 = malloc(sizeof(char) * 512); | |
56 | + sql = malloc(sizeof(char) * 512); | |
57 | for (i = 0; i < 6; i++) { | |
58 | - sqlite3_snprintf(512, sql2, "CREATE TABLE %s(\n" | |
59 | + sqlite3_snprintf(512, sql, "CREATE TABLE %s(\n" | |
60 | " id INTEGER PRIMARY KEY,\n" | |
61 | " interface INTEGER REFERENCES interface(id) ON DELETE CASCADE,\n" | |
62 | " date DATE NOT NULL,\n" | |
63 | @@ -350,13 +350,13 @@ int db_create(void) | |
64 | " CONSTRAINT u UNIQUE (interface, date))", | |
65 | datatables[i]); | |
66 | ||
67 | - if (!db_exec(sql2)) { | |
68 | - free(sql2); | |
69 | + if (!db_exec(sql)) { | |
70 | + free(sql); | |
71 | db_rollbacktransaction(); | |
72 | return 0; | |
73 | } | |
74 | } | |
75 | - free(sql2); | |
76 | + free(sql); | |
77 | ||
78 | snprintf(buffer, 32, "%" PRIu64 "", (uint64_t)MAX32); | |
79 | if (!db_setinfo("btime", buffer, 1)) { | |
80 | @@ -724,16 +724,16 @@ int db_getiflist(iflist **ifl) | |
81 | int db_getiflist_sorted(iflist **ifl, const int orderbytraffic) | |
82 | { | |
83 | int rc; | |
84 | - const char *sql; | |
85 | + const char *constsql; | |
86 | sqlite3_stmt *sqlstmt; | |
87 | ||
88 | if (!orderbytraffic) { | |
89 | - sql = "select name from interface order by name asc"; | |
90 | + constsql = "select name from interface order by name asc"; | |
91 | } else { | |
92 | - sql = "select name from interface order by rxtotal+txtotal desc"; | |
93 | + constsql = "select name from interface order by rxtotal+txtotal desc"; | |
94 | } | |
95 | ||
96 | - rc = sqlite3_prepare_v2(db, sql, -1, &sqlstmt, NULL); | |
97 | + rc = sqlite3_prepare_v2(db, constsql, -1, &sqlstmt, NULL); | |
98 | if (rc != SQLITE_OK) { | |
99 | db_errcode = rc; | |
100 | snprintf(errorstring, 1024, "Failed to get interface list from database (%d): %s", rc, sqlite3_errmsg(db)); |
+23
-0
0 | From: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com> | |
1 | Date: Sun, 15 Mar 2020 20:45:16 +0100 | |
2 | Applied-Upstream: https://github.com/vergoh/vnstat/commit/c96ec890e72cb469be0dc8170ab7c1cebbd3dc61 | |
3 | Subject: Error early on non Linux and BSD like systems | |
4 | ||
5 | E.g. vnStat compiles on hurd, but the testsuite fails ultimately | |
6 | --- | |
7 | src/ifinfo.c | 2 ++ | |
8 | 1 file changed, 2 insertions(+) | |
9 | ||
10 | diff --git a/src/ifinfo.c b/src/ifinfo.c | |
11 | index a4e9893..63c0b8a 100644 | |
12 | --- a/src/ifinfo.c | |
13 | +++ b/src/ifinfo.c | |
14 | @@ -110,6 +110,8 @@ int getiflist(iflist **ifl, const int getspeed, const int validate) | |
15 | return getiflist_linux(ifl, getspeed, validate); | |
16 | #elif defined(BSD_VNSTAT) | |
17 | return getiflist_bsd(ifl, getspeed, validate); | |
18 | +#else | |
19 | +#error vnStat only supports Linux and BSD like systems | |
20 | #endif | |
21 | } | |
22 |
0 | From: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com> | |
1 | Date: Mon, 30 Mar 2020 14:39:45 +0200 | |
2 | Applied-Upstream: https://github.com/vergoh/vnstat/commit/7c39e21e0798093feb878447158960c5630a1359 | |
3 | Subject: add check for memory allocation failure | |
4 | ||
5 | Avoid passing potential NULL to memset | |
6 | --- | |
7 | src/dbsql.c | 4 ++++ | |
8 | 1 file changed, 4 insertions(+) | |
9 | ||
10 | diff --git a/src/dbsql.c b/src/dbsql.c | |
11 | index 747cd14..0f9cdb8 100644 | |
12 | --- a/src/dbsql.c | |
13 | +++ b/src/dbsql.c | |
14 | @@ -1379,6 +1379,10 @@ char *getifaceinquery(const char *input) | |
15 | /* each interface requires two quotes and comma or \0 so 3 extra chars */ | |
16 | j = (unsigned int)strlen(input) + ifacecount * 3; | |
17 | result = malloc(sizeof(char) * j); | |
18 | + if (result == NULL) { | |
19 | + panicexit(__FILE__, __LINE__); | |
20 | + } | |
21 | + | |
22 | memset(result, '\0', j); | |
23 | ||
24 | result[0] = '"'; |
0 | From: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com> | |
1 | Date: Wed, 29 Apr 2020 17:43:24 +0200 | |
2 | Applied-Upstream: https://github.com/vergoh/vnstat/commit/74fa5e26b2eb43a602d5a4c7ded778de74624ea2 | |
3 | Subject: vnstat.service: sort hardening options | |
4 | ||
5 | --- | |
6 | examples/systemd/vnstat.service | 14 +++++++------- | |
7 | 1 file changed, 7 insertions(+), 7 deletions(-) | |
8 | ||
9 | diff --git a/examples/systemd/vnstat.service b/examples/systemd/vnstat.service | |
10 | index 4f2d27f..50e5dcb 100644 | |
11 | --- a/examples/systemd/vnstat.service | |
12 | +++ b/examples/systemd/vnstat.service | |
13 | @@ -12,18 +12,18 @@ Restart=on-failure | |
14 | RestartSec=2 | |
15 | ||
16 | # Hardening | |
17 | -ProtectSystem=strict | |
18 | -ReadWritePaths=/var/lib | |
19 | -StateDirectory=vnstat | |
20 | +MemoryDenyWriteExecute=yes | |
21 | PrivateDevices=yes | |
22 | -ProtectKernelTunables=yes | |
23 | +PrivateTmp=yes | |
24 | ProtectControlGroups=yes | |
25 | ProtectHome=yes | |
26 | ProtectKernelModules=yes | |
27 | -PrivateTmp=yes | |
28 | -MemoryDenyWriteExecute=yes | |
29 | -RestrictRealtime=yes | |
30 | +ProtectKernelTunables=yes | |
31 | +ProtectSystem=strict | |
32 | +ReadWritePaths=/var/lib | |
33 | RestrictNamespaces=yes | |
34 | +RestrictRealtime=yes | |
35 | +StateDirectory=vnstat | |
36 | ||
37 | [Install] | |
38 | WantedBy=multi-user.target |
+40
-0
0 | From: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com> | |
1 | Date: Wed, 29 Apr 2020 17:44:02 +0200 | |
2 | Applied-Upstream: https://github.com/vergoh/vnstat/commit/f76901f6c5bcd2c085e4a8c1f416737bd84d9eaa | |
3 | Subject: vnstat.service: add systemd hardening options | |
4 | ||
5 | Add empty CapabilityBoundingSet | |
6 | Enable LockPersonality, NoNewPrivileges, ProtectClock, ProtectKernelLogs | |
7 | and RestrictSEUIDSGID | |
8 | --- | |
9 | examples/systemd/vnstat.service | 6 ++++++ | |
10 | 1 file changed, 6 insertions(+) | |
11 | ||
12 | diff --git a/examples/systemd/vnstat.service b/examples/systemd/vnstat.service | |
13 | index 50e5dcb..49d07c3 100644 | |
14 | --- a/examples/systemd/vnstat.service | |
15 | +++ b/examples/systemd/vnstat.service | |
16 | @@ -12,17 +12,23 @@ Restart=on-failure | |
17 | RestartSec=2 | |
18 | ||
19 | # Hardening | |
20 | +CapabilityBoundingSet= | |
21 | +LockPersonality=yes | |
22 | MemoryDenyWriteExecute=yes | |
23 | +NoNewPrivileges=yes | |
24 | PrivateDevices=yes | |
25 | PrivateTmp=yes | |
26 | +ProtectClock=yes | |
27 | ProtectControlGroups=yes | |
28 | ProtectHome=yes | |
29 | +ProtectKernelLogs=yes | |
30 | ProtectKernelModules=yes | |
31 | ProtectKernelTunables=yes | |
32 | ProtectSystem=strict | |
33 | ReadWritePaths=/var/lib | |
34 | RestrictNamespaces=yes | |
35 | RestrictRealtime=yes | |
36 | +RestrictSUIDSGID=yes | |
37 | StateDirectory=vnstat | |
38 | ||
39 | [Install] |
0 | From: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com> | |
1 | Date: Sat, 30 May 2020 19:51:15 +0200 | |
2 | Applied-Upstream: https://github.com/vergoh/vnstat/commit/4d8b4da4cd949ce37358225a5d041453071d200b | |
3 | Subject: Correct misspellings | |
4 | ||
5 | --- | |
6 | CHANGES | 2 +- | |
7 | FAQ | 2 +- | |
8 | INSTALL | 2 +- | |
9 | INSTALL_BSD | 2 +- | |
10 | src/daemon.c | 2 +- | |
11 | src/image.c | 12 ++++++------ | |
12 | 6 files changed, 11 insertions(+), 11 deletions(-) | |
13 | ||
14 | diff --git a/CHANGES b/CHANGES | |
15 | index 2a0da20..e2adb9d 100644 | |
16 | --- a/CHANGES | |
17 | +++ b/CHANGES | |
18 | @@ -163,7 +163,7 @@ | |
19 | - Add --json support for -l / --live and -tr outputs | |
20 | - Number of decimals used in outputs can be configured using DefaultDecimals | |
21 | and HourlyDecimals | |
22 | - - Add section separators for improving readabilty of the vnstat -h output, | |
23 | + - Add section separators for improving readability of the vnstat -h output, | |
24 | configurable using HourlySectionStyle | |
25 | ||
26 | ||
27 | diff --git a/FAQ b/FAQ | |
28 | index 76aa788..9a3c2da 100644 | |
29 | --- a/FAQ | |
30 | +++ b/FAQ | |
31 | @@ -28,7 +28,7 @@ How do I uninstall vnStat? | |
32 | You only need to run 'make uninstall' in the directory that comes when the | |
33 | .tar.gz is extracted. Just make sure it's the same version you have | |
34 | installed. If you've used a binary package included with the distribution | |
35 | - then refer to intructions provided by the package manager. | |
36 | + then refer to instructions provided by the package manager. | |
37 | ||
38 | ||
39 | What is this KiB/MiB/GiB/TiB thing? | |
40 | diff --git a/INSTALL b/INSTALL | |
41 | index 278f11e..5694280 100644 | |
42 | --- a/INSTALL | |
43 | +++ b/INSTALL | |
44 | @@ -159,7 +159,7 @@ Finally, save the file. If you are unsure about your home directory path, execut | |
45 | ||
46 | cd ; pwd | |
47 | ||
48 | -The ouput should tell your home directory. | |
49 | +The output should tell your home directory. | |
50 | ||
51 | Now it's time to add a crontab entry for vnStat in order to get the daemon | |
52 | running automatically after a system startup. Do that by executing the | |
53 | diff --git a/INSTALL_BSD b/INSTALL_BSD | |
54 | index 5113a53..d1a5567 100644 | |
55 | --- a/INSTALL_BSD | |
56 | +++ b/INSTALL_BSD | |
57 | @@ -108,7 +108,7 @@ Finally, save the file. If you are unsure about your home directory path, execut | |
58 | ||
59 | cd ; pwd | |
60 | ||
61 | -The ouput should tell your home directory. | |
62 | +The output should tell your home directory. | |
63 | ||
64 | Now it's time to add a crontab entry for vnStat. Do that by executing the | |
65 | command `crontab -e` and add the following line (without leading spaces, | |
66 | diff --git a/src/daemon.c b/src/daemon.c | |
67 | index 5f8f711..b1b26e2 100644 | |
68 | --- a/src/daemon.c | |
69 | +++ b/src/daemon.c | |
70 | @@ -513,7 +513,7 @@ int processifinfo(DSTATE *s, datacache **dc) | |
71 | ||
72 | if ((*dc)->updated > ifinfo.timestamp) { | |
73 | /* skip update if previous update is less than a day in the future */ | |
74 | - /* otherwise exit with error message since the clock is problably messed */ | |
75 | + /* otherwise exit with error message since the clock is probably messed */ | |
76 | if ((*dc)->updated > (ifinfo.timestamp + 86400)) { | |
77 | snprintf(errorstring, 1024, "Interface \"%s\" has previous update date too much in the future, exiting. (%u / %u)", (*dc)->interface, (unsigned int)(*dc)->updated, (unsigned int)ifinfo.timestamp); | |
78 | printe(PT_Error); | |
79 | diff --git a/src/image.c b/src/image.c | |
80 | index 8a8e304..8b01001 100644 | |
81 | --- a/src/image.c | |
82 | +++ b/src/image.c | |
83 | @@ -982,15 +982,15 @@ void drawsummary_digest(IMAGECONTENT *ic, const int x, const int y, const char * | |
84 | drawdonut(ic, textx + 50, texty + 45, rxp, txp); | |
85 | ||
86 | if (mode[0] == 'd') { | |
87 | - /* get formated date for today */ | |
88 | + /* get formatted date for today */ | |
89 | d = localtime(&ic->current); | |
90 | strftime(datebuff, 16, cfg.dformat, d); | |
91 | ||
92 | - /* get formated date for current day in database */ | |
93 | + /* get formatted date for current day in database */ | |
94 | d = localtime(&data_current->timestamp); | |
95 | strftime(daytemp, 16, cfg.dformat, d); | |
96 | ||
97 | - /* change daytemp to today if formated days match */ | |
98 | + /* change daytemp to today if formatted days match */ | |
99 | if (strcmp(datebuff, daytemp) == 0) { | |
100 | strncpy_nt(daytemp, "today", 32); | |
101 | } | |
102 | @@ -1045,15 +1045,15 @@ void drawsummary_digest(IMAGECONTENT *ic, const int x, const int y, const char * | |
103 | drawdonut(ic, textx + 50, texty + 45, rxp, txp); | |
104 | ||
105 | if (mode[0] == 'd') { | |
106 | - /* get formated date for yesterday */ | |
107 | + /* get formatted date for yesterday */ | |
108 | d = localtime(&yesterday); | |
109 | strftime(datebuff, 16, cfg.dformat, d); | |
110 | ||
111 | - /* get formated date for previous day in database */ | |
112 | + /* get formatted date for previous day in database */ | |
113 | d = localtime(&data_previous->timestamp); | |
114 | strftime(daytemp, 16, cfg.dformat, d); | |
115 | ||
116 | - /* change daytemp to yesterday if formated days match */ | |
117 | + /* change daytemp to yesterday if formatted days match */ | |
118 | if (strcmp(datebuff, daytemp) == 0) { | |
119 | strncpy_nt(daytemp, "yesterday", 32); | |
120 | } |
0 | From: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com> | |
1 | Date: Fri, 17 Jul 2020 10:51:15 +0200 | |
2 | Applied-Upstream: https://github.com/vergoh/vnstat/commit/a0477eb0061bf22934cc2c4c9d4b055f9b199bea | |
3 | Subject: vnstat.conf.5: use single closing ' | |
4 | ||
5 | Currently the man page shows '#`, let show it '#'. | |
6 | ||
7 | Also stop escaping the leading space, seems like it was introduced by | |
8 | accident in e5c5e2da15a2 ("more documentation updates") | |
9 | ||
10 | Found by Lintian (acute-accent-in-manual-page) | |
11 | ||
12 | This manual page uses the \' groff sequence. Usually, the intent to | |
13 | generate an apostrophe, but that sequence actually renders as a an acute | |
14 | accent. | |
15 | ||
16 | For an apostrophe or a single closing quote, use plain '. For single | |
17 | opening quote, i.e. a straight downward line ' like the one used in | |
18 | shell commands, use \(aq. | |
19 | --- | |
20 | man/vnstat.conf.5 | 2 +- | |
21 | 1 file changed, 1 insertion(+), 1 deletion(-) | |
22 | ||
23 | diff --git a/man/vnstat.conf.5 b/man/vnstat.conf.5 | |
24 | index 35fbc0f..864742c 100644 | |
25 | --- a/man/vnstat.conf.5 | |
26 | +++ b/man/vnstat.conf.5 | |
27 | @@ -15,7 +15,7 @@ and | |
28 | all use the same configuration file for configuration related settings. | |
29 | Some of the settings are common for all three programs. The file | |
30 | consists of keyword-argument pairs, one per line. Empty lines and | |
31 | -lines starting with\ '#\' are interpreted as comments and not processed. | |
32 | +lines starting with '#' are interpreted as comments and not processed. | |
33 | Arguments may optionally be enclosed in double quotes (") in order | |
34 | to represent arguments containing spaces. Arguments can be padded | |
35 | with spaces or tabulator characters. A hardcoded default value |
0 | From: Ani <ani-leo@outlook.com> | |
1 | Date: Sun, 18 Oct 2020 00:20:46 +0100 | |
2 | Applied-Upstream: https://github.com/vergoh/vnstat/commit/817a652a5e52b9c57a44345ef668662cb109bb36 | |
3 | Subject: rename: Correctly log existing interface | |
4 | ||
5 | --- | |
6 | src/vnstat_func.c | 2 +- | |
7 | 1 file changed, 1 insertion(+), 1 deletion(-) | |
8 | ||
9 | diff --git a/src/vnstat_func.c b/src/vnstat_func.c | |
10 | index e9e5de5..fd863a0 100644 | |
11 | --- a/src/vnstat_func.c | |
12 | +++ b/src/vnstat_func.c | |
13 | @@ -547,7 +547,7 @@ void handlerenameinterface(PARAMS *p) | |
14 | } | |
15 | ||
16 | if (db_getinterfacecountbyname(p->newifname)) { | |
17 | - printf("Error: Interface \"%s\" already exists in database.\n", p->interface); | |
18 | + printf("Error: Interface \"%s\" already exists in database.\n", p->newifname); | |
19 | exit(EXIT_FAILURE); | |
20 | } | |
21 |
0 | From: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com> | |
1 | Date: Mon, 18 May 2020 23:06:50 +0200 | |
2 | Forwarded: no | |
3 | Subject: Drop ReadWritePaths from systemd service | |
4 | ||
5 | This is only a compatibility setting for systemd versions supporting | |
6 | ProtectSystem=strict but not StateDirectory= | |
7 | --- | |
8 | examples/systemd/vnstat.service | 1 - | |
9 | 1 file changed, 1 deletion(-) | |
10 | ||
11 | diff --git a/examples/systemd/vnstat.service b/examples/systemd/vnstat.service | |
12 | index a34c1f7..a3f20b2 100644 | |
13 | --- a/examples/systemd/vnstat.service | |
14 | +++ b/examples/systemd/vnstat.service | |
15 | @@ -26,7 +26,6 @@ ProtectKernelLogs=yes | |
16 | ProtectKernelModules=yes | |
17 | ProtectKernelTunables=yes | |
18 | ProtectSystem=strict | |
19 | -ReadWritePaths=/var/lib | |
20 | RestrictNamespaces=yes | |
21 | RestrictRealtime=yes | |
22 | RestrictSUIDSGID=yes |
0 | From: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com> | |
1 | Date: Mon, 6 Apr 2020 16:42:55 +0200 | |
2 | Forwarded: no | |
3 | Subject: Drop systemd service alias | |
4 | ||
5 | The use of aliases in systemd unit files is not recommended and static | |
6 | symlink should be created at post-installation step instead to support | |
7 | multiple naming in systemctl commands: | |
8 | https://wiki.debian.org/Teams/pkg-systemd/Packaging#systemd_unit_files_naming_and_installation | |
9 | --- | |
10 | examples/systemd/vnstat.service | 1 - | |
11 | 1 file changed, 1 deletion(-) | |
12 | ||
13 | diff --git a/examples/systemd/vnstat.service b/examples/systemd/vnstat.service | |
14 | index 3909a9c..a34c1f7 100644 | |
15 | --- a/examples/systemd/vnstat.service | |
16 | +++ b/examples/systemd/vnstat.service | |
17 | @@ -34,4 +34,3 @@ StateDirectory=vnstat | |
18 | ||
19 | [Install] | |
20 | WantedBy=multi-user.target | |
21 | -Alias=vnstatd.service |
0 | From: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com> | |
1 | Date: Sun, 22 Sep 2019 19:27:11 +0200 | |
2 | Forwarded: not-needed | |
3 | Subject: remove unknown dir entries in remove_directory for vnstat tests | |
4 | ||
5 | Salsa-ci might alter directory entries for reproducible build, so that | |
6 | some might end up with an unknown entry type. | |
7 | Delete those too. | |
8 | --- | |
9 | tests/vnstat_tests.c | 17 +++++++++++++++++ | |
10 | 1 file changed, 17 insertions(+) | |
11 | ||
12 | diff --git a/tests/vnstat_tests.c b/tests/vnstat_tests.c | |
13 | index d437a89..31b7909 100644 | |
14 | --- a/tests/vnstat_tests.c | |
15 | +++ b/tests/vnstat_tests.c | |
16 | @@ -211,6 +211,23 @@ int remove_directory(const char *directory) | |
17 | return 0; | |
18 | } | |
19 | break; | |
20 | + case DT_UNKNOWN: | |
21 | + if (strcmp(di->d_name, ".") == 0 || strcmp(di->d_name, "..") == 0) { | |
22 | + continue; | |
23 | + } | |
24 | + snprintf(entryname, 512, "%s/%s", directory, di->d_name); | |
25 | + if (unlink(entryname) != 0) { | |
26 | + if (errno == EISDIR) { | |
27 | + if (!remove_directory(entryname)) { | |
28 | + closedir(dir); | |
29 | + return 0; | |
30 | + } | |
31 | + } else { | |
32 | + closedir(dir); | |
33 | + return 0; | |
34 | + } | |
35 | + } | |
36 | + break; | |
37 | default: | |
38 | continue; | |
39 | } |
0 | From: Felix Geyer <fgeyer@debian.org> | |
1 | Date: Sun, 20 Aug 2017 11:18:29 +0200 | |
2 | Forwarded: not-needed | |
3 | Subject: Adjust PidFile path to the new location | |
4 | ||
5 | --- | |
6 | cfg/vnstat.conf | 2 +- | |
7 | man/vnstatd.8 | 2 +- | |
8 | src/common.h | 2 +- | |
9 | 3 files changed, 3 insertions(+), 3 deletions(-) | |
10 | ||
11 | diff --git a/cfg/vnstat.conf b/cfg/vnstat.conf | |
12 | index dbdf0ce..a7f124f 100644 | |
13 | --- a/cfg/vnstat.conf | |
14 | +++ b/cfg/vnstat.conf | |
15 | @@ -143,7 +143,7 @@ UpdateFileOwner 1 | |
16 | LogFile "/var/log/vnstat/vnstat.log" | |
17 | ||
18 | # file used as daemon pid / lock file | |
19 | -PidFile "/var/run/vnstat/vnstat.pid" | |
20 | +PidFile "/run/vnstat/vnstat.pid" | |
21 | ||
22 | # 1 = 64-bit, 0 = 32-bit, -1 = old style logic, -2 = automatic detection | |
23 | 64bitInterfaceCounters -2 | |
24 | diff --git a/man/vnstatd.8 b/man/vnstatd.8 | |
25 | index 81a1b1a..5e74264 100644 | |
26 | --- a/man/vnstatd.8 | |
27 | +++ b/man/vnstatd.8 | |
28 | @@ -239,7 +239,7 @@ Log file that will be used if logging to file is enable and no other file | |
29 | is specified in the config file. | |
30 | ||
31 | .TP | |
32 | -.I /var/run/vnstat.pid | |
33 | +.I /run/vnstat.pid | |
34 | File used for storing the process id if no other file is specified in the | |
35 | configuration file or using the command line parameter. | |
36 | ||
37 | diff --git a/src/common.h b/src/common.h | |
38 | index 2f411c8..14e7613 100644 | |
39 | --- a/src/common.h | |
40 | +++ b/src/common.h | |
41 | @@ -230,7 +230,7 @@ and most can be changed later from the config file. | |
42 | #define CREATEDIRS 1 | |
43 | #define UPDATEFILEOWNER 1 | |
44 | #define LOGFILE "/var/log/vnstat/vnstat.log" | |
45 | -#define PIDFILE "/var/run/vnstat/vnstat.pid" | |
46 | +#define PIDFILE "/run/vnstat/vnstat.pid" | |
47 | #define IS64BIT -2 | |
48 | #define WALDB 0 | |
49 | #define WALDBCHECKPOINTINTERVALMINS 240 |
0 | From: Felix Geyer <fgeyer@debian.org> | |
1 | Date: Sun, 20 Aug 2017 11:18:29 +0200 | |
2 | Forwarded: not-needed | |
3 | Subject: Run vnstatd as user vnstat | |
4 | ||
5 | --- | |
6 | examples/systemd/vnstat.service | 1 + | |
7 | 1 file changed, 1 insertion(+) | |
8 | ||
9 | diff --git a/examples/systemd/vnstat.service b/examples/systemd/vnstat.service | |
10 | index 49d07c3..3909a9c 100644 | |
11 | --- a/examples/systemd/vnstat.service | |
12 | +++ b/examples/systemd/vnstat.service | |
13 | @@ -10,6 +10,7 @@ ExecStart=/usr/sbin/vnstatd -n | |
14 | ExecReload=/bin/kill -HUP $MAINPID | |
15 | Restart=on-failure | |
16 | RestartSec=2 | |
17 | +User=vnstat | |
18 | ||
19 | # Hardening | |
20 | CapabilityBoundingSet= |
0 | From: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com> | |
1 | Date: Mon, 18 May 2020 23:06:50 +0200 | |
2 | Subject: Drop ReadWritePaths from systemd service | |
3 | ||
4 | This is only a compatibility setting for systemd versions supporting | |
5 | ProtectSystem=strict but not StateDirectory= | |
6 | --- | |
7 | examples/systemd/vnstat.service | 1 - | |
8 | 1 file changed, 1 deletion(-) | |
9 | ||
10 | diff --git a/examples/systemd/vnstat.service b/examples/systemd/vnstat.service | |
11 | index 3412e44..f8b895d 100644 | |
12 | --- a/examples/systemd/vnstat.service | |
13 | +++ b/examples/systemd/vnstat.service | |
14 | @@ -14,7 +14,6 @@ User=vnstat | |
15 | ||
16 | # Hardening | |
17 | ProtectSystem=strict | |
18 | -ReadWritePaths=/var/lib | |
19 | StateDirectory=vnstat | |
20 | PrivateDevices=yes | |
21 | ProtectKernelTunables=yes |
0 | From: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com> | |
1 | Date: Mon, 6 Apr 2020 16:42:55 +0200 | |
2 | Subject: Drop systemd service alias | |
3 | ||
4 | The use of aliases in systemd unit files is not recommended and static | |
5 | symlink should be created at post-installation step instead to support | |
6 | multiple naming in systemctl commands: | |
7 | https://wiki.debian.org/Teams/pkg-systemd/Packaging#systemd_unit_files_naming_and_installation | |
8 | --- | |
9 | examples/systemd/vnstat.service | 1 - | |
10 | 1 file changed, 1 deletion(-) | |
11 | ||
12 | diff --git a/examples/systemd/vnstat.service b/examples/systemd/vnstat.service | |
13 | index cb09b40..3412e44 100644 | |
14 | --- a/examples/systemd/vnstat.service | |
15 | +++ b/examples/systemd/vnstat.service | |
16 | @@ -28,4 +28,3 @@ RestrictNamespaces=yes | |
17 | ||
18 | [Install] | |
19 | WantedBy=multi-user.target | |
20 | -Alias=vnstatd.service |
0 | From: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com> | |
1 | Date: Sun, 15 Mar 2020 20:45:16 +0100 | |
2 | Subject: Error early on non Linux and BSD like systems | |
3 | ||
4 | Applied-Upstream: https://github.com/vergoh/vnstat/commit/c96ec890e72cb469be0dc8170ab7c1cebbd3dc61 | |
5 | Origin: upstream | |
6 | Forwarded: not-needed | |
7 | ||
8 | E.g. vnStat compiles on hurd, but the testsuite fails ultimately | |
9 | --- | |
10 | src/ifinfo.c | 2 ++ | |
11 | 1 file changed, 2 insertions(+) | |
12 | ||
13 | diff --git a/src/ifinfo.c b/src/ifinfo.c | |
14 | index a4e9893..63c0b8a 100644 | |
15 | --- a/src/ifinfo.c | |
16 | +++ b/src/ifinfo.c | |
17 | @@ -110,6 +110,8 @@ int getiflist(iflist **ifl, const int getspeed, const int validate) | |
18 | return getiflist_linux(ifl, getspeed, validate); | |
19 | #elif defined(BSD_VNSTAT) | |
20 | return getiflist_bsd(ifl, getspeed, validate); | |
21 | +#else | |
22 | +#error vnStat only supports Linux and BSD like systems | |
23 | #endif | |
24 | } | |
25 |
0 | From: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com> | |
1 | Date: Sun, 22 Sep 2019 19:27:11 +0200 | |
2 | Subject: remove unknown dir entries in remove_directory for vnstat tests | |
3 | ||
4 | Salsa-ci might alter directory entries for reproducible build, so that | |
5 | some might end up with an unknown entry type. | |
6 | Delete those too. | |
7 | --- | |
8 | tests/vnstat_tests.c | 17 +++++++++++++++++ | |
9 | 1 file changed, 17 insertions(+) | |
10 | ||
11 | diff --git a/tests/vnstat_tests.c b/tests/vnstat_tests.c | |
12 | index d437a89..31b7909 100644 | |
13 | --- a/tests/vnstat_tests.c | |
14 | +++ b/tests/vnstat_tests.c | |
15 | @@ -211,6 +211,23 @@ int remove_directory(const char *directory) | |
16 | return 0; | |
17 | } | |
18 | break; | |
19 | + case DT_UNKNOWN: | |
20 | + if (strcmp(di->d_name, ".") == 0 || strcmp(di->d_name, "..") == 0) { | |
21 | + continue; | |
22 | + } | |
23 | + snprintf(entryname, 512, "%s/%s", directory, di->d_name); | |
24 | + if (unlink(entryname) != 0) { | |
25 | + if (errno == EISDIR) { | |
26 | + if (!remove_directory(entryname)) { | |
27 | + closedir(dir); | |
28 | + return 0; | |
29 | + } | |
30 | + } else { | |
31 | + closedir(dir); | |
32 | + return 0; | |
33 | + } | |
34 | + } | |
35 | + break; | |
36 | default: | |
37 | continue; | |
38 | } |
0 | From: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com> | |
1 | Date: Mon, 18 May 2020 23:24:07 +0200 | |
2 | Subject: harden systemd service | |
3 | ||
4 | Add empty CapabilityBoundingSet | |
5 | Enable LockPersonality, NoNewPrivileges, ProtectClock, ProtectKernelLogs | |
6 | and RestrictSUIDSGID | |
7 | --- | |
8 | examples/systemd/vnstat.service | 6 ++++++ | |
9 | 1 file changed, 6 insertions(+) | |
10 | ||
11 | diff --git a/examples/systemd/vnstat.service b/examples/systemd/vnstat.service | |
12 | index f8b895d..597a580 100644 | |
13 | --- a/examples/systemd/vnstat.service | |
14 | +++ b/examples/systemd/vnstat.service | |
15 | @@ -24,6 +24,12 @@ PrivateTmp=yes | |
16 | MemoryDenyWriteExecute=yes | |
17 | RestrictRealtime=yes | |
18 | RestrictNamespaces=yes | |
19 | +CapabilityBoundingSet= | |
20 | +LockPersonality=yes | |
21 | +NoNewPrivileges=yes | |
22 | +ProtectClock=yes | |
23 | +ProtectKernelLogs=yes | |
24 | +RestrictSUIDSGID=yes | |
25 | ||
26 | [Install] | |
27 | WantedBy=multi-user.target |
0 | From: Felix Geyer <fgeyer@debian.org> | |
1 | Date: Sun, 20 Aug 2017 11:18:29 +0200 | |
2 | Forwarded: not-needed | |
3 | Subject: Adjust PidFile path to the new location | |
4 | ||
5 | --- | |
6 | cfg/vnstat.conf | 2 +- | |
7 | man/vnstatd.8 | 2 +- | |
8 | src/common.h | 2 +- | |
9 | 3 files changed, 3 insertions(+), 3 deletions(-) | |
10 | ||
11 | diff --git a/cfg/vnstat.conf b/cfg/vnstat.conf | |
12 | index dbdf0ce..a7f124f 100644 | |
13 | --- a/cfg/vnstat.conf | |
14 | +++ b/cfg/vnstat.conf | |
15 | @@ -143,7 +143,7 @@ UpdateFileOwner 1 | |
16 | LogFile "/var/log/vnstat/vnstat.log" | |
17 | ||
18 | # file used as daemon pid / lock file | |
19 | -PidFile "/var/run/vnstat/vnstat.pid" | |
20 | +PidFile "/run/vnstat/vnstat.pid" | |
21 | ||
22 | # 1 = 64-bit, 0 = 32-bit, -1 = old style logic, -2 = automatic detection | |
23 | 64bitInterfaceCounters -2 | |
24 | diff --git a/man/vnstatd.8 b/man/vnstatd.8 | |
25 | index 81a1b1a..5e74264 100644 | |
26 | --- a/man/vnstatd.8 | |
27 | +++ b/man/vnstatd.8 | |
28 | @@ -239,7 +239,7 @@ Log file that will be used if logging to file is enable and no other file | |
29 | is specified in the config file. | |
30 | ||
31 | .TP | |
32 | -.I /var/run/vnstat.pid | |
33 | +.I /run/vnstat.pid | |
34 | File used for storing the process id if no other file is specified in the | |
35 | configuration file or using the command line parameter. | |
36 | ||
37 | diff --git a/src/common.h b/src/common.h | |
38 | index 2f411c8..14e7613 100644 | |
39 | --- a/src/common.h | |
40 | +++ b/src/common.h | |
41 | @@ -230,7 +230,7 @@ and most can be changed later from the config file. | |
42 | #define CREATEDIRS 1 | |
43 | #define UPDATEFILEOWNER 1 | |
44 | #define LOGFILE "/var/log/vnstat/vnstat.log" | |
45 | -#define PIDFILE "/var/run/vnstat/vnstat.pid" | |
46 | +#define PIDFILE "/run/vnstat/vnstat.pid" | |
47 | #define IS64BIT -2 | |
48 | #define WALDB 0 | |
49 | #define WALDBCHECKPOINTINTERVALMINS 240 |
0 | pidfile_path.diff | |
1 | systemd_user.diff | |
2 | fix-salsaci-remove-dir.patch | |
3 | drop_systemd_alias.patch | |
4 | drop-ReadWritePaths-from-systemd-service.patch | |
5 | harden-systemd-service.patch | |
6 | error-early-on-non-Linux-and-BSD-like-systems.patch | |
0 | applied-upstream/0001-avoid-discarding-const-on-const-strings.patch | |
1 | applied-upstream/0002-rename-variables-for-improved-readability.patch | |
2 | applied-upstream/0003-Error-early-on-non-Linux-and-BSD-like-systems.patch | |
3 | applied-upstream/0004-add-check-for-memory-allocation-failure.patch | |
4 | applied-upstream/0005-vnstat.service-sort-hardening-options.patch | |
5 | applied-upstream/0006-vnstat.service-add-systemd-hardening-options.patch | |
6 | applied-upstream/0007-Correct-misspellings.patch | |
7 | applied-upstream/0008-vnstat.conf.5-use-single-closing.patch | |
8 | applied-upstream/0009-rename-Correctly-log-existing-interface.patch | |
9 | debian/pidfile_path.diff | |
10 | debian/systemd_user.diff | |
11 | debian/fix-salsaci-remove-dir.patch | |
12 | debian/drop_systemd_alias.patch | |
13 | debian/drop-ReadWritePaths-from-systemd-service.patch |
0 | From: Felix Geyer <fgeyer@debian.org> | |
1 | Date: Sun, 20 Aug 2017 11:18:29 +0200 | |
2 | Forwarded: not-needed | |
3 | Subject: Run vnstatd as user vnstat | |
4 | ||
5 | --- | |
6 | examples/systemd/vnstat.service | 1 + | |
7 | 1 file changed, 1 insertion(+) | |
8 | ||
9 | diff --git a/examples/systemd/vnstat.service b/examples/systemd/vnstat.service | |
10 | index 4f2d27f..cb09b40 100644 | |
11 | --- a/examples/systemd/vnstat.service | |
12 | +++ b/examples/systemd/vnstat.service | |
13 | @@ -10,6 +10,7 @@ ExecStart=/usr/sbin/vnstatd -n | |
14 | ExecReload=/bin/kill -HUP $MAINPID | |
15 | Restart=on-failure | |
16 | RestartSec=2 | |
17 | +User=vnstat | |
18 | ||
19 | # Hardening | |
20 | ProtectSystem=strict |