d/patches: cherry-pick fitting upstream commits for Bullseye
Reorganize patches in sub-directories.
Christian Göttsche
3 years ago
+107
-0
| 0 | From: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com> | |
| 1 | Date: Wed, 5 Feb 2020 14:45:54 +0100 | |
| 2 | Applied-Upstream: https://github.com/vergoh/vnstat/commit/16a6e728ec207e022f478c524260f19d44d4d13e | |
| 3 | Subject: avoid discarding const on const strings | |
| 4 | MIME-Version: 1.0 | |
| 5 | Content-Type: text/plain; charset="utf-8" | |
| 6 | Content-Transfer-Encoding: 8bit | |
| 7 | ||
| 8 | gcc warnings: | |
| 9 | ||
| 10 | src/dbsql.c: In function ‘db_create’: | |
| 11 | src/dbsql.c:314:6: warning: assignment discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers] | |
| 12 | 314 | sql = "CREATE TABLE info(\n" | |
| 13 | | ^ | |
| 14 | src/dbsql.c:324:6: warning: assignment discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers] | |
| 15 | 324 | sql = "CREATE TABLE interface(\n" | |
| 16 | | ^ | |
| 17 | src/dbsql.c: In function ‘db_getiflist_sorted’: | |
| 18 | src/dbsql.c:730:7: warning: assignment discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers] | |
| 19 | 730 | sql = "select name from interface order by name asc"; | |
| 20 | | ^ | |
| 21 | src/dbsql.c:732:7: warning: assignment discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers] | |
| 22 | 732 | sql = "select name from interface order by rxtotal+txtotal desc"; | |
| 23 | | ^ | |
| 24 | --- | |
| 25 | src/dbsql.c | 23 ++++++++++++----------- | |
| 26 | 1 file changed, 12 insertions(+), 11 deletions(-) | |
| 27 | ||
| 28 | diff --git a/src/dbsql.c b/src/dbsql.c | |
| 29 | index c863541..98eb8dc 100644 | |
| 30 | --- a/src/dbsql.c | |
| 31 | +++ b/src/dbsql.c | |
| 32 | @@ -303,7 +303,8 @@ int db_exec(const char *sql) | |
| 33 | int db_create(void) | |
| 34 | { | |
| 35 | int i; | |
| 36 | - char *sql; | |
| 37 | + const char *sql1; | |
| 38 | + char *sql2; | |
| 39 | char buffer[32]; | |
| 40 | const char *datatables[] = {"fiveminute", "hour", "day", "month", "year", "top"}; | |
| 41 | ||
| 42 | @@ -311,17 +312,17 @@ int db_create(void) | |
| 43 | return 0; | |
| 44 | } | |
| 45 | ||
| 46 | - sql = "CREATE TABLE info(\n" | |
| 47 | + sql1 = "CREATE TABLE info(\n" | |
| 48 | " id INTEGER PRIMARY KEY,\n" | |
| 49 | " name TEXT UNIQUE NOT NULL,\n" | |
| 50 | " value TEXT NOT NULL)"; | |
| 51 | ||
| 52 | - if (!db_exec(sql)) { | |
| 53 | + if (!db_exec(sql1)) { | |
| 54 | db_rollbacktransaction(); | |
| 55 | return 0; | |
| 56 | } | |
| 57 | ||
| 58 | - sql = "CREATE TABLE interface(\n" | |
| 59 | + sql1 = "CREATE TABLE interface(\n" | |
| 60 | " id INTEGER PRIMARY KEY,\n" | |
| 61 | " name TEXT UNIQUE NOT NULL,\n" | |
| 62 | " alias TEXT,\n" | |
| 63 | @@ -333,14 +334,14 @@ int db_create(void) | |
| 64 | " rxtotal INTEGER NOT NULL,\n" | |
| 65 | " txtotal INTEGER NOT NULL)"; | |
| 66 | ||
| 67 | - if (!db_exec(sql)) { | |
| 68 | + if (!db_exec(sql1)) { | |
| 69 | db_rollbacktransaction(); | |
| 70 | return 0; | |
| 71 | } | |
| 72 | ||
| 73 | - sql = malloc(sizeof(char) * 512); | |
| 74 | + sql2 = malloc(sizeof(char) * 512); | |
| 75 | for (i = 0; i < 6; i++) { | |
| 76 | - sqlite3_snprintf(512, sql, "CREATE TABLE %s(\n" | |
| 77 | + sqlite3_snprintf(512, sql2, "CREATE TABLE %s(\n" | |
| 78 | " id INTEGER PRIMARY KEY,\n" | |
| 79 | " interface INTEGER REFERENCES interface(id) ON DELETE CASCADE,\n" | |
| 80 | " date DATE NOT NULL,\n" | |
| 81 | @@ -349,13 +350,13 @@ int db_create(void) | |
| 82 | " CONSTRAINT u UNIQUE (interface, date))", | |
| 83 | datatables[i]); | |
| 84 | ||
| 85 | - if (!db_exec(sql)) { | |
| 86 | - free(sql); | |
| 87 | + if (!db_exec(sql2)) { | |
| 88 | + free(sql2); | |
| 89 | db_rollbacktransaction(); | |
| 90 | return 0; | |
| 91 | } | |
| 92 | } | |
| 93 | - free(sql); | |
| 94 | + free(sql2); | |
| 95 | ||
| 96 | snprintf(buffer, 32, "%" PRIu64 "", (uint64_t)MAX32); | |
| 97 | if (!db_setinfo("btime", buffer, 1)) { | |
| 98 | @@ -723,7 +724,7 @@ int db_getiflist(iflist **ifl) | |
| 99 | int db_getiflist_sorted(iflist **ifl, const int orderbytraffic) | |
| 100 | { | |
| 101 | int rc; | |
| 102 | - char *sql; | |
| 103 | + const char *sql; | |
| 104 | sqlite3_stmt *sqlstmt; | |
| 105 | ||
| 106 | if (!orderbytraffic) { |
+101
-0
| 0 | From: Teemu Toivola <git@humdi.net> | |
| 1 | Date: Wed, 26 Feb 2020 00:18:06 +0200 | |
| 2 | Applied-Upstream: https://github.com/vergoh/vnstat/commit/0b8f38cb87044e553e061dee2e590cff8bc56a5d | |
| 3 | Subject: rename variables for improved readability | |
| 4 | ||
| 5 | --- | |
| 6 | src/dbsql.c | 30 +++++++++++++++--------------- | |
| 7 | 1 file changed, 15 insertions(+), 15 deletions(-) | |
| 8 | ||
| 9 | diff --git a/src/dbsql.c b/src/dbsql.c | |
| 10 | index 98eb8dc..747cd14 100644 | |
| 11 | --- a/src/dbsql.c | |
| 12 | +++ b/src/dbsql.c | |
| 13 | @@ -303,8 +303,8 @@ int db_exec(const char *sql) | |
| 14 | int db_create(void) | |
| 15 | { | |
| 16 | int i; | |
| 17 | - const char *sql1; | |
| 18 | - char *sql2; | |
| 19 | + const char *constsql; | |
| 20 | + char *sql; | |
| 21 | char buffer[32]; | |
| 22 | const char *datatables[] = {"fiveminute", "hour", "day", "month", "year", "top"}; | |
| 23 | ||
| 24 | @@ -312,17 +312,17 @@ int db_create(void) | |
| 25 | return 0; | |
| 26 | } | |
| 27 | ||
| 28 | - sql1 = "CREATE TABLE info(\n" | |
| 29 | + constsql = "CREATE TABLE info(\n" | |
| 30 | " id INTEGER PRIMARY KEY,\n" | |
| 31 | " name TEXT UNIQUE NOT NULL,\n" | |
| 32 | " value TEXT NOT NULL)"; | |
| 33 | ||
| 34 | - if (!db_exec(sql1)) { | |
| 35 | + if (!db_exec(constsql)) { | |
| 36 | db_rollbacktransaction(); | |
| 37 | return 0; | |
| 38 | } | |
| 39 | ||
| 40 | - sql1 = "CREATE TABLE interface(\n" | |
| 41 | + constsql = "CREATE TABLE interface(\n" | |
| 42 | " id INTEGER PRIMARY KEY,\n" | |
| 43 | " name TEXT UNIQUE NOT NULL,\n" | |
| 44 | " alias TEXT,\n" | |
| 45 | @@ -334,14 +334,14 @@ int db_create(void) | |
| 46 | " rxtotal INTEGER NOT NULL,\n" | |
| 47 | " txtotal INTEGER NOT NULL)"; | |
| 48 | ||
| 49 | - if (!db_exec(sql1)) { | |
| 50 | + if (!db_exec(constsql)) { | |
| 51 | db_rollbacktransaction(); | |
| 52 | return 0; | |
| 53 | } | |
| 54 | ||
| 55 | - sql2 = malloc(sizeof(char) * 512); | |
| 56 | + sql = malloc(sizeof(char) * 512); | |
| 57 | for (i = 0; i < 6; i++) { | |
| 58 | - sqlite3_snprintf(512, sql2, "CREATE TABLE %s(\n" | |
| 59 | + sqlite3_snprintf(512, sql, "CREATE TABLE %s(\n" | |
| 60 | " id INTEGER PRIMARY KEY,\n" | |
| 61 | " interface INTEGER REFERENCES interface(id) ON DELETE CASCADE,\n" | |
| 62 | " date DATE NOT NULL,\n" | |
| 63 | @@ -350,13 +350,13 @@ int db_create(void) | |
| 64 | " CONSTRAINT u UNIQUE (interface, date))", | |
| 65 | datatables[i]); | |
| 66 | ||
| 67 | - if (!db_exec(sql2)) { | |
| 68 | - free(sql2); | |
| 69 | + if (!db_exec(sql)) { | |
| 70 | + free(sql); | |
| 71 | db_rollbacktransaction(); | |
| 72 | return 0; | |
| 73 | } | |
| 74 | } | |
| 75 | - free(sql2); | |
| 76 | + free(sql); | |
| 77 | ||
| 78 | snprintf(buffer, 32, "%" PRIu64 "", (uint64_t)MAX32); | |
| 79 | if (!db_setinfo("btime", buffer, 1)) { | |
| 80 | @@ -724,16 +724,16 @@ int db_getiflist(iflist **ifl) | |
| 81 | int db_getiflist_sorted(iflist **ifl, const int orderbytraffic) | |
| 82 | { | |
| 83 | int rc; | |
| 84 | - const char *sql; | |
| 85 | + const char *constsql; | |
| 86 | sqlite3_stmt *sqlstmt; | |
| 87 | ||
| 88 | if (!orderbytraffic) { | |
| 89 | - sql = "select name from interface order by name asc"; | |
| 90 | + constsql = "select name from interface order by name asc"; | |
| 91 | } else { | |
| 92 | - sql = "select name from interface order by rxtotal+txtotal desc"; | |
| 93 | + constsql = "select name from interface order by rxtotal+txtotal desc"; | |
| 94 | } | |
| 95 | ||
| 96 | - rc = sqlite3_prepare_v2(db, sql, -1, &sqlstmt, NULL); | |
| 97 | + rc = sqlite3_prepare_v2(db, constsql, -1, &sqlstmt, NULL); | |
| 98 | if (rc != SQLITE_OK) { | |
| 99 | db_errcode = rc; | |
| 100 | snprintf(errorstring, 1024, "Failed to get interface list from database (%d): %s", rc, sqlite3_errmsg(db)); |
+23
-0
| 0 | From: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com> | |
| 1 | Date: Sun, 15 Mar 2020 20:45:16 +0100 | |
| 2 | Applied-Upstream: https://github.com/vergoh/vnstat/commit/c96ec890e72cb469be0dc8170ab7c1cebbd3dc61 | |
| 3 | Subject: Error early on non Linux and BSD like systems | |
| 4 | ||
| 5 | E.g. vnStat compiles on hurd, but the testsuite fails ultimately | |
| 6 | --- | |
| 7 | src/ifinfo.c | 2 ++ | |
| 8 | 1 file changed, 2 insertions(+) | |
| 9 | ||
| 10 | diff --git a/src/ifinfo.c b/src/ifinfo.c | |
| 11 | index a4e9893..63c0b8a 100644 | |
| 12 | --- a/src/ifinfo.c | |
| 13 | +++ b/src/ifinfo.c | |
| 14 | @@ -110,6 +110,8 @@ int getiflist(iflist **ifl, const int getspeed, const int validate) | |
| 15 | return getiflist_linux(ifl, getspeed, validate); | |
| 16 | #elif defined(BSD_VNSTAT) | |
| 17 | return getiflist_bsd(ifl, getspeed, validate); | |
| 18 | +#else | |
| 19 | +#error vnStat only supports Linux and BSD like systems | |
| 20 | #endif | |
| 21 | } | |
| 22 |
| 0 | From: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com> | |
| 1 | Date: Mon, 30 Mar 2020 14:39:45 +0200 | |
| 2 | Applied-Upstream: https://github.com/vergoh/vnstat/commit/7c39e21e0798093feb878447158960c5630a1359 | |
| 3 | Subject: add check for memory allocation failure | |
| 4 | ||
| 5 | Avoid passing potential NULL to memset | |
| 6 | --- | |
| 7 | src/dbsql.c | 4 ++++ | |
| 8 | 1 file changed, 4 insertions(+) | |
| 9 | ||
| 10 | diff --git a/src/dbsql.c b/src/dbsql.c | |
| 11 | index 747cd14..0f9cdb8 100644 | |
| 12 | --- a/src/dbsql.c | |
| 13 | +++ b/src/dbsql.c | |
| 14 | @@ -1379,6 +1379,10 @@ char *getifaceinquery(const char *input) | |
| 15 | /* each interface requires two quotes and comma or \0 so 3 extra chars */ | |
| 16 | j = (unsigned int)strlen(input) + ifacecount * 3; | |
| 17 | result = malloc(sizeof(char) * j); | |
| 18 | + if (result == NULL) { | |
| 19 | + panicexit(__FILE__, __LINE__); | |
| 20 | + } | |
| 21 | + | |
| 22 | memset(result, '\0', j); | |
| 23 | ||
| 24 | result[0] = '"'; |
| 0 | From: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com> | |
| 1 | Date: Wed, 29 Apr 2020 17:43:24 +0200 | |
| 2 | Applied-Upstream: https://github.com/vergoh/vnstat/commit/74fa5e26b2eb43a602d5a4c7ded778de74624ea2 | |
| 3 | Subject: vnstat.service: sort hardening options | |
| 4 | ||
| 5 | --- | |
| 6 | examples/systemd/vnstat.service | 14 +++++++------- | |
| 7 | 1 file changed, 7 insertions(+), 7 deletions(-) | |
| 8 | ||
| 9 | diff --git a/examples/systemd/vnstat.service b/examples/systemd/vnstat.service | |
| 10 | index 4f2d27f..50e5dcb 100644 | |
| 11 | --- a/examples/systemd/vnstat.service | |
| 12 | +++ b/examples/systemd/vnstat.service | |
| 13 | @@ -12,18 +12,18 @@ Restart=on-failure | |
| 14 | RestartSec=2 | |
| 15 | ||
| 16 | # Hardening | |
| 17 | -ProtectSystem=strict | |
| 18 | -ReadWritePaths=/var/lib | |
| 19 | -StateDirectory=vnstat | |
| 20 | +MemoryDenyWriteExecute=yes | |
| 21 | PrivateDevices=yes | |
| 22 | -ProtectKernelTunables=yes | |
| 23 | +PrivateTmp=yes | |
| 24 | ProtectControlGroups=yes | |
| 25 | ProtectHome=yes | |
| 26 | ProtectKernelModules=yes | |
| 27 | -PrivateTmp=yes | |
| 28 | -MemoryDenyWriteExecute=yes | |
| 29 | -RestrictRealtime=yes | |
| 30 | +ProtectKernelTunables=yes | |
| 31 | +ProtectSystem=strict | |
| 32 | +ReadWritePaths=/var/lib | |
| 33 | RestrictNamespaces=yes | |
| 34 | +RestrictRealtime=yes | |
| 35 | +StateDirectory=vnstat | |
| 36 | ||
| 37 | [Install] | |
| 38 | WantedBy=multi-user.target |
+40
-0
| 0 | From: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com> | |
| 1 | Date: Wed, 29 Apr 2020 17:44:02 +0200 | |
| 2 | Applied-Upstream: https://github.com/vergoh/vnstat/commit/f76901f6c5bcd2c085e4a8c1f416737bd84d9eaa | |
| 3 | Subject: vnstat.service: add systemd hardening options | |
| 4 | ||
| 5 | Add empty CapabilityBoundingSet | |
| 6 | Enable LockPersonality, NoNewPrivileges, ProtectClock, ProtectKernelLogs | |
| 7 | and RestrictSEUIDSGID | |
| 8 | --- | |
| 9 | examples/systemd/vnstat.service | 6 ++++++ | |
| 10 | 1 file changed, 6 insertions(+) | |
| 11 | ||
| 12 | diff --git a/examples/systemd/vnstat.service b/examples/systemd/vnstat.service | |
| 13 | index 50e5dcb..49d07c3 100644 | |
| 14 | --- a/examples/systemd/vnstat.service | |
| 15 | +++ b/examples/systemd/vnstat.service | |
| 16 | @@ -12,17 +12,23 @@ Restart=on-failure | |
| 17 | RestartSec=2 | |
| 18 | ||
| 19 | # Hardening | |
| 20 | +CapabilityBoundingSet= | |
| 21 | +LockPersonality=yes | |
| 22 | MemoryDenyWriteExecute=yes | |
| 23 | +NoNewPrivileges=yes | |
| 24 | PrivateDevices=yes | |
| 25 | PrivateTmp=yes | |
| 26 | +ProtectClock=yes | |
| 27 | ProtectControlGroups=yes | |
| 28 | ProtectHome=yes | |
| 29 | +ProtectKernelLogs=yes | |
| 30 | ProtectKernelModules=yes | |
| 31 | ProtectKernelTunables=yes | |
| 32 | ProtectSystem=strict | |
| 33 | ReadWritePaths=/var/lib | |
| 34 | RestrictNamespaces=yes | |
| 35 | RestrictRealtime=yes | |
| 36 | +RestrictSUIDSGID=yes | |
| 37 | StateDirectory=vnstat | |
| 38 | ||
| 39 | [Install] |
| 0 | From: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com> | |
| 1 | Date: Sat, 30 May 2020 19:51:15 +0200 | |
| 2 | Applied-Upstream: https://github.com/vergoh/vnstat/commit/4d8b4da4cd949ce37358225a5d041453071d200b | |
| 3 | Subject: Correct misspellings | |
| 4 | ||
| 5 | --- | |
| 6 | CHANGES | 2 +- | |
| 7 | FAQ | 2 +- | |
| 8 | INSTALL | 2 +- | |
| 9 | INSTALL_BSD | 2 +- | |
| 10 | src/daemon.c | 2 +- | |
| 11 | src/image.c | 12 ++++++------ | |
| 12 | 6 files changed, 11 insertions(+), 11 deletions(-) | |
| 13 | ||
| 14 | diff --git a/CHANGES b/CHANGES | |
| 15 | index 2a0da20..e2adb9d 100644 | |
| 16 | --- a/CHANGES | |
| 17 | +++ b/CHANGES | |
| 18 | @@ -163,7 +163,7 @@ | |
| 19 | - Add --json support for -l / --live and -tr outputs | |
| 20 | - Number of decimals used in outputs can be configured using DefaultDecimals | |
| 21 | and HourlyDecimals | |
| 22 | - - Add section separators for improving readabilty of the vnstat -h output, | |
| 23 | + - Add section separators for improving readability of the vnstat -h output, | |
| 24 | configurable using HourlySectionStyle | |
| 25 | ||
| 26 | ||
| 27 | diff --git a/FAQ b/FAQ | |
| 28 | index 76aa788..9a3c2da 100644 | |
| 29 | --- a/FAQ | |
| 30 | +++ b/FAQ | |
| 31 | @@ -28,7 +28,7 @@ How do I uninstall vnStat? | |
| 32 | You only need to run 'make uninstall' in the directory that comes when the | |
| 33 | .tar.gz is extracted. Just make sure it's the same version you have | |
| 34 | installed. If you've used a binary package included with the distribution | |
| 35 | - then refer to intructions provided by the package manager. | |
| 36 | + then refer to instructions provided by the package manager. | |
| 37 | ||
| 38 | ||
| 39 | What is this KiB/MiB/GiB/TiB thing? | |
| 40 | diff --git a/INSTALL b/INSTALL | |
| 41 | index 278f11e..5694280 100644 | |
| 42 | --- a/INSTALL | |
| 43 | +++ b/INSTALL | |
| 44 | @@ -159,7 +159,7 @@ Finally, save the file. If you are unsure about your home directory path, execut | |
| 45 | ||
| 46 | cd ; pwd | |
| 47 | ||
| 48 | -The ouput should tell your home directory. | |
| 49 | +The output should tell your home directory. | |
| 50 | ||
| 51 | Now it's time to add a crontab entry for vnStat in order to get the daemon | |
| 52 | running automatically after a system startup. Do that by executing the | |
| 53 | diff --git a/INSTALL_BSD b/INSTALL_BSD | |
| 54 | index 5113a53..d1a5567 100644 | |
| 55 | --- a/INSTALL_BSD | |
| 56 | +++ b/INSTALL_BSD | |
| 57 | @@ -108,7 +108,7 @@ Finally, save the file. If you are unsure about your home directory path, execut | |
| 58 | ||
| 59 | cd ; pwd | |
| 60 | ||
| 61 | -The ouput should tell your home directory. | |
| 62 | +The output should tell your home directory. | |
| 63 | ||
| 64 | Now it's time to add a crontab entry for vnStat. Do that by executing the | |
| 65 | command `crontab -e` and add the following line (without leading spaces, | |
| 66 | diff --git a/src/daemon.c b/src/daemon.c | |
| 67 | index 5f8f711..b1b26e2 100644 | |
| 68 | --- a/src/daemon.c | |
| 69 | +++ b/src/daemon.c | |
| 70 | @@ -513,7 +513,7 @@ int processifinfo(DSTATE *s, datacache **dc) | |
| 71 | ||
| 72 | if ((*dc)->updated > ifinfo.timestamp) { | |
| 73 | /* skip update if previous update is less than a day in the future */ | |
| 74 | - /* otherwise exit with error message since the clock is problably messed */ | |
| 75 | + /* otherwise exit with error message since the clock is probably messed */ | |
| 76 | if ((*dc)->updated > (ifinfo.timestamp + 86400)) { | |
| 77 | snprintf(errorstring, 1024, "Interface \"%s\" has previous update date too much in the future, exiting. (%u / %u)", (*dc)->interface, (unsigned int)(*dc)->updated, (unsigned int)ifinfo.timestamp); | |
| 78 | printe(PT_Error); | |
| 79 | diff --git a/src/image.c b/src/image.c | |
| 80 | index 8a8e304..8b01001 100644 | |
| 81 | --- a/src/image.c | |
| 82 | +++ b/src/image.c | |
| 83 | @@ -982,15 +982,15 @@ void drawsummary_digest(IMAGECONTENT *ic, const int x, const int y, const char * | |
| 84 | drawdonut(ic, textx + 50, texty + 45, rxp, txp); | |
| 85 | ||
| 86 | if (mode[0] == 'd') { | |
| 87 | - /* get formated date for today */ | |
| 88 | + /* get formatted date for today */ | |
| 89 | d = localtime(&ic->current); | |
| 90 | strftime(datebuff, 16, cfg.dformat, d); | |
| 91 | ||
| 92 | - /* get formated date for current day in database */ | |
| 93 | + /* get formatted date for current day in database */ | |
| 94 | d = localtime(&data_current->timestamp); | |
| 95 | strftime(daytemp, 16, cfg.dformat, d); | |
| 96 | ||
| 97 | - /* change daytemp to today if formated days match */ | |
| 98 | + /* change daytemp to today if formatted days match */ | |
| 99 | if (strcmp(datebuff, daytemp) == 0) { | |
| 100 | strncpy_nt(daytemp, "today", 32); | |
| 101 | } | |
| 102 | @@ -1045,15 +1045,15 @@ void drawsummary_digest(IMAGECONTENT *ic, const int x, const int y, const char * | |
| 103 | drawdonut(ic, textx + 50, texty + 45, rxp, txp); | |
| 104 | ||
| 105 | if (mode[0] == 'd') { | |
| 106 | - /* get formated date for yesterday */ | |
| 107 | + /* get formatted date for yesterday */ | |
| 108 | d = localtime(&yesterday); | |
| 109 | strftime(datebuff, 16, cfg.dformat, d); | |
| 110 | ||
| 111 | - /* get formated date for previous day in database */ | |
| 112 | + /* get formatted date for previous day in database */ | |
| 113 | d = localtime(&data_previous->timestamp); | |
| 114 | strftime(daytemp, 16, cfg.dformat, d); | |
| 115 | ||
| 116 | - /* change daytemp to yesterday if formated days match */ | |
| 117 | + /* change daytemp to yesterday if formatted days match */ | |
| 118 | if (strcmp(datebuff, daytemp) == 0) { | |
| 119 | strncpy_nt(daytemp, "yesterday", 32); | |
| 120 | } |
| 0 | From: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com> | |
| 1 | Date: Fri, 17 Jul 2020 10:51:15 +0200 | |
| 2 | Applied-Upstream: https://github.com/vergoh/vnstat/commit/a0477eb0061bf22934cc2c4c9d4b055f9b199bea | |
| 3 | Subject: vnstat.conf.5: use single closing ' | |
| 4 | ||
| 5 | Currently the man page shows '#`, let show it '#'. | |
| 6 | ||
| 7 | Also stop escaping the leading space, seems like it was introduced by | |
| 8 | accident in e5c5e2da15a2 ("more documentation updates") | |
| 9 | ||
| 10 | Found by Lintian (acute-accent-in-manual-page) | |
| 11 | ||
| 12 | This manual page uses the \' groff sequence. Usually, the intent to | |
| 13 | generate an apostrophe, but that sequence actually renders as a an acute | |
| 14 | accent. | |
| 15 | ||
| 16 | For an apostrophe or a single closing quote, use plain '. For single | |
| 17 | opening quote, i.e. a straight downward line ' like the one used in | |
| 18 | shell commands, use \(aq. | |
| 19 | --- | |
| 20 | man/vnstat.conf.5 | 2 +- | |
| 21 | 1 file changed, 1 insertion(+), 1 deletion(-) | |
| 22 | ||
| 23 | diff --git a/man/vnstat.conf.5 b/man/vnstat.conf.5 | |
| 24 | index 35fbc0f..864742c 100644 | |
| 25 | --- a/man/vnstat.conf.5 | |
| 26 | +++ b/man/vnstat.conf.5 | |
| 27 | @@ -15,7 +15,7 @@ and | |
| 28 | all use the same configuration file for configuration related settings. | |
| 29 | Some of the settings are common for all three programs. The file | |
| 30 | consists of keyword-argument pairs, one per line. Empty lines and | |
| 31 | -lines starting with\ '#\' are interpreted as comments and not processed. | |
| 32 | +lines starting with '#' are interpreted as comments and not processed. | |
| 33 | Arguments may optionally be enclosed in double quotes (") in order | |
| 34 | to represent arguments containing spaces. Arguments can be padded | |
| 35 | with spaces or tabulator characters. A hardcoded default value |
| 0 | From: Ani <ani-leo@outlook.com> | |
| 1 | Date: Sun, 18 Oct 2020 00:20:46 +0100 | |
| 2 | Applied-Upstream: https://github.com/vergoh/vnstat/commit/817a652a5e52b9c57a44345ef668662cb109bb36 | |
| 3 | Subject: rename: Correctly log existing interface | |
| 4 | ||
| 5 | --- | |
| 6 | src/vnstat_func.c | 2 +- | |
| 7 | 1 file changed, 1 insertion(+), 1 deletion(-) | |
| 8 | ||
| 9 | diff --git a/src/vnstat_func.c b/src/vnstat_func.c | |
| 10 | index e9e5de5..fd863a0 100644 | |
| 11 | --- a/src/vnstat_func.c | |
| 12 | +++ b/src/vnstat_func.c | |
| 13 | @@ -547,7 +547,7 @@ void handlerenameinterface(PARAMS *p) | |
| 14 | } | |
| 15 | ||
| 16 | if (db_getinterfacecountbyname(p->newifname)) { | |
| 17 | - printf("Error: Interface \"%s\" already exists in database.\n", p->interface); | |
| 18 | + printf("Error: Interface \"%s\" already exists in database.\n", p->newifname); | |
| 19 | exit(EXIT_FAILURE); | |
| 20 | } | |
| 21 |
| 0 | From: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com> | |
| 1 | Date: Mon, 18 May 2020 23:06:50 +0200 | |
| 2 | Forwarded: no | |
| 3 | Subject: Drop ReadWritePaths from systemd service | |
| 4 | ||
| 5 | This is only a compatibility setting for systemd versions supporting | |
| 6 | ProtectSystem=strict but not StateDirectory= | |
| 7 | --- | |
| 8 | examples/systemd/vnstat.service | 1 - | |
| 9 | 1 file changed, 1 deletion(-) | |
| 10 | ||
| 11 | diff --git a/examples/systemd/vnstat.service b/examples/systemd/vnstat.service | |
| 12 | index a34c1f7..a3f20b2 100644 | |
| 13 | --- a/examples/systemd/vnstat.service | |
| 14 | +++ b/examples/systemd/vnstat.service | |
| 15 | @@ -26,7 +26,6 @@ ProtectKernelLogs=yes | |
| 16 | ProtectKernelModules=yes | |
| 17 | ProtectKernelTunables=yes | |
| 18 | ProtectSystem=strict | |
| 19 | -ReadWritePaths=/var/lib | |
| 20 | RestrictNamespaces=yes | |
| 21 | RestrictRealtime=yes | |
| 22 | RestrictSUIDSGID=yes |
| 0 | From: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com> | |
| 1 | Date: Mon, 6 Apr 2020 16:42:55 +0200 | |
| 2 | Forwarded: no | |
| 3 | Subject: Drop systemd service alias | |
| 4 | ||
| 5 | The use of aliases in systemd unit files is not recommended and static | |
| 6 | symlink should be created at post-installation step instead to support | |
| 7 | multiple naming in systemctl commands: | |
| 8 | https://wiki.debian.org/Teams/pkg-systemd/Packaging#systemd_unit_files_naming_and_installation | |
| 9 | --- | |
| 10 | examples/systemd/vnstat.service | 1 - | |
| 11 | 1 file changed, 1 deletion(-) | |
| 12 | ||
| 13 | diff --git a/examples/systemd/vnstat.service b/examples/systemd/vnstat.service | |
| 14 | index 3909a9c..a34c1f7 100644 | |
| 15 | --- a/examples/systemd/vnstat.service | |
| 16 | +++ b/examples/systemd/vnstat.service | |
| 17 | @@ -34,4 +34,3 @@ StateDirectory=vnstat | |
| 18 | ||
| 19 | [Install] | |
| 20 | WantedBy=multi-user.target | |
| 21 | -Alias=vnstatd.service |
| 0 | From: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com> | |
| 1 | Date: Sun, 22 Sep 2019 19:27:11 +0200 | |
| 2 | Forwarded: not-needed | |
| 3 | Subject: remove unknown dir entries in remove_directory for vnstat tests | |
| 4 | ||
| 5 | Salsa-ci might alter directory entries for reproducible build, so that | |
| 6 | some might end up with an unknown entry type. | |
| 7 | Delete those too. | |
| 8 | --- | |
| 9 | tests/vnstat_tests.c | 17 +++++++++++++++++ | |
| 10 | 1 file changed, 17 insertions(+) | |
| 11 | ||
| 12 | diff --git a/tests/vnstat_tests.c b/tests/vnstat_tests.c | |
| 13 | index d437a89..31b7909 100644 | |
| 14 | --- a/tests/vnstat_tests.c | |
| 15 | +++ b/tests/vnstat_tests.c | |
| 16 | @@ -211,6 +211,23 @@ int remove_directory(const char *directory) | |
| 17 | return 0; | |
| 18 | } | |
| 19 | break; | |
| 20 | + case DT_UNKNOWN: | |
| 21 | + if (strcmp(di->d_name, ".") == 0 || strcmp(di->d_name, "..") == 0) { | |
| 22 | + continue; | |
| 23 | + } | |
| 24 | + snprintf(entryname, 512, "%s/%s", directory, di->d_name); | |
| 25 | + if (unlink(entryname) != 0) { | |
| 26 | + if (errno == EISDIR) { | |
| 27 | + if (!remove_directory(entryname)) { | |
| 28 | + closedir(dir); | |
| 29 | + return 0; | |
| 30 | + } | |
| 31 | + } else { | |
| 32 | + closedir(dir); | |
| 33 | + return 0; | |
| 34 | + } | |
| 35 | + } | |
| 36 | + break; | |
| 37 | default: | |
| 38 | continue; | |
| 39 | } |
| 0 | From: Felix Geyer <fgeyer@debian.org> | |
| 1 | Date: Sun, 20 Aug 2017 11:18:29 +0200 | |
| 2 | Forwarded: not-needed | |
| 3 | Subject: Adjust PidFile path to the new location | |
| 4 | ||
| 5 | --- | |
| 6 | cfg/vnstat.conf | 2 +- | |
| 7 | man/vnstatd.8 | 2 +- | |
| 8 | src/common.h | 2 +- | |
| 9 | 3 files changed, 3 insertions(+), 3 deletions(-) | |
| 10 | ||
| 11 | diff --git a/cfg/vnstat.conf b/cfg/vnstat.conf | |
| 12 | index dbdf0ce..a7f124f 100644 | |
| 13 | --- a/cfg/vnstat.conf | |
| 14 | +++ b/cfg/vnstat.conf | |
| 15 | @@ -143,7 +143,7 @@ UpdateFileOwner 1 | |
| 16 | LogFile "/var/log/vnstat/vnstat.log" | |
| 17 | ||
| 18 | # file used as daemon pid / lock file | |
| 19 | -PidFile "/var/run/vnstat/vnstat.pid" | |
| 20 | +PidFile "/run/vnstat/vnstat.pid" | |
| 21 | ||
| 22 | # 1 = 64-bit, 0 = 32-bit, -1 = old style logic, -2 = automatic detection | |
| 23 | 64bitInterfaceCounters -2 | |
| 24 | diff --git a/man/vnstatd.8 b/man/vnstatd.8 | |
| 25 | index 81a1b1a..5e74264 100644 | |
| 26 | --- a/man/vnstatd.8 | |
| 27 | +++ b/man/vnstatd.8 | |
| 28 | @@ -239,7 +239,7 @@ Log file that will be used if logging to file is enable and no other file | |
| 29 | is specified in the config file. | |
| 30 | ||
| 31 | .TP | |
| 32 | -.I /var/run/vnstat.pid | |
| 33 | +.I /run/vnstat.pid | |
| 34 | File used for storing the process id if no other file is specified in the | |
| 35 | configuration file or using the command line parameter. | |
| 36 | ||
| 37 | diff --git a/src/common.h b/src/common.h | |
| 38 | index 2f411c8..14e7613 100644 | |
| 39 | --- a/src/common.h | |
| 40 | +++ b/src/common.h | |
| 41 | @@ -230,7 +230,7 @@ and most can be changed later from the config file. | |
| 42 | #define CREATEDIRS 1 | |
| 43 | #define UPDATEFILEOWNER 1 | |
| 44 | #define LOGFILE "/var/log/vnstat/vnstat.log" | |
| 45 | -#define PIDFILE "/var/run/vnstat/vnstat.pid" | |
| 46 | +#define PIDFILE "/run/vnstat/vnstat.pid" | |
| 47 | #define IS64BIT -2 | |
| 48 | #define WALDB 0 | |
| 49 | #define WALDBCHECKPOINTINTERVALMINS 240 |
| 0 | From: Felix Geyer <fgeyer@debian.org> | |
| 1 | Date: Sun, 20 Aug 2017 11:18:29 +0200 | |
| 2 | Forwarded: not-needed | |
| 3 | Subject: Run vnstatd as user vnstat | |
| 4 | ||
| 5 | --- | |
| 6 | examples/systemd/vnstat.service | 1 + | |
| 7 | 1 file changed, 1 insertion(+) | |
| 8 | ||
| 9 | diff --git a/examples/systemd/vnstat.service b/examples/systemd/vnstat.service | |
| 10 | index 49d07c3..3909a9c 100644 | |
| 11 | --- a/examples/systemd/vnstat.service | |
| 12 | +++ b/examples/systemd/vnstat.service | |
| 13 | @@ -10,6 +10,7 @@ ExecStart=/usr/sbin/vnstatd -n | |
| 14 | ExecReload=/bin/kill -HUP $MAINPID | |
| 15 | Restart=on-failure | |
| 16 | RestartSec=2 | |
| 17 | +User=vnstat | |
| 18 | ||
| 19 | # Hardening | |
| 20 | CapabilityBoundingSet= |
| 0 | From: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com> | |
| 1 | Date: Mon, 18 May 2020 23:06:50 +0200 | |
| 2 | Subject: Drop ReadWritePaths from systemd service | |
| 3 | ||
| 4 | This is only a compatibility setting for systemd versions supporting | |
| 5 | ProtectSystem=strict but not StateDirectory= | |
| 6 | --- | |
| 7 | examples/systemd/vnstat.service | 1 - | |
| 8 | 1 file changed, 1 deletion(-) | |
| 9 | ||
| 10 | diff --git a/examples/systemd/vnstat.service b/examples/systemd/vnstat.service | |
| 11 | index 3412e44..f8b895d 100644 | |
| 12 | --- a/examples/systemd/vnstat.service | |
| 13 | +++ b/examples/systemd/vnstat.service | |
| 14 | @@ -14,7 +14,6 @@ User=vnstat | |
| 15 | ||
| 16 | # Hardening | |
| 17 | ProtectSystem=strict | |
| 18 | -ReadWritePaths=/var/lib | |
| 19 | StateDirectory=vnstat | |
| 20 | PrivateDevices=yes | |
| 21 | ProtectKernelTunables=yes |
| 0 | From: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com> | |
| 1 | Date: Mon, 6 Apr 2020 16:42:55 +0200 | |
| 2 | Subject: Drop systemd service alias | |
| 3 | ||
| 4 | The use of aliases in systemd unit files is not recommended and static | |
| 5 | symlink should be created at post-installation step instead to support | |
| 6 | multiple naming in systemctl commands: | |
| 7 | https://wiki.debian.org/Teams/pkg-systemd/Packaging#systemd_unit_files_naming_and_installation | |
| 8 | --- | |
| 9 | examples/systemd/vnstat.service | 1 - | |
| 10 | 1 file changed, 1 deletion(-) | |
| 11 | ||
| 12 | diff --git a/examples/systemd/vnstat.service b/examples/systemd/vnstat.service | |
| 13 | index cb09b40..3412e44 100644 | |
| 14 | --- a/examples/systemd/vnstat.service | |
| 15 | +++ b/examples/systemd/vnstat.service | |
| 16 | @@ -28,4 +28,3 @@ RestrictNamespaces=yes | |
| 17 | ||
| 18 | [Install] | |
| 19 | WantedBy=multi-user.target | |
| 20 | -Alias=vnstatd.service |
| 0 | From: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com> | |
| 1 | Date: Sun, 15 Mar 2020 20:45:16 +0100 | |
| 2 | Subject: Error early on non Linux and BSD like systems | |
| 3 | ||
| 4 | Applied-Upstream: https://github.com/vergoh/vnstat/commit/c96ec890e72cb469be0dc8170ab7c1cebbd3dc61 | |
| 5 | Origin: upstream | |
| 6 | Forwarded: not-needed | |
| 7 | ||
| 8 | E.g. vnStat compiles on hurd, but the testsuite fails ultimately | |
| 9 | --- | |
| 10 | src/ifinfo.c | 2 ++ | |
| 11 | 1 file changed, 2 insertions(+) | |
| 12 | ||
| 13 | diff --git a/src/ifinfo.c b/src/ifinfo.c | |
| 14 | index a4e9893..63c0b8a 100644 | |
| 15 | --- a/src/ifinfo.c | |
| 16 | +++ b/src/ifinfo.c | |
| 17 | @@ -110,6 +110,8 @@ int getiflist(iflist **ifl, const int getspeed, const int validate) | |
| 18 | return getiflist_linux(ifl, getspeed, validate); | |
| 19 | #elif defined(BSD_VNSTAT) | |
| 20 | return getiflist_bsd(ifl, getspeed, validate); | |
| 21 | +#else | |
| 22 | +#error vnStat only supports Linux and BSD like systems | |
| 23 | #endif | |
| 24 | } | |
| 25 |
| 0 | From: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com> | |
| 1 | Date: Sun, 22 Sep 2019 19:27:11 +0200 | |
| 2 | Subject: remove unknown dir entries in remove_directory for vnstat tests | |
| 3 | ||
| 4 | Salsa-ci might alter directory entries for reproducible build, so that | |
| 5 | some might end up with an unknown entry type. | |
| 6 | Delete those too. | |
| 7 | --- | |
| 8 | tests/vnstat_tests.c | 17 +++++++++++++++++ | |
| 9 | 1 file changed, 17 insertions(+) | |
| 10 | ||
| 11 | diff --git a/tests/vnstat_tests.c b/tests/vnstat_tests.c | |
| 12 | index d437a89..31b7909 100644 | |
| 13 | --- a/tests/vnstat_tests.c | |
| 14 | +++ b/tests/vnstat_tests.c | |
| 15 | @@ -211,6 +211,23 @@ int remove_directory(const char *directory) | |
| 16 | return 0; | |
| 17 | } | |
| 18 | break; | |
| 19 | + case DT_UNKNOWN: | |
| 20 | + if (strcmp(di->d_name, ".") == 0 || strcmp(di->d_name, "..") == 0) { | |
| 21 | + continue; | |
| 22 | + } | |
| 23 | + snprintf(entryname, 512, "%s/%s", directory, di->d_name); | |
| 24 | + if (unlink(entryname) != 0) { | |
| 25 | + if (errno == EISDIR) { | |
| 26 | + if (!remove_directory(entryname)) { | |
| 27 | + closedir(dir); | |
| 28 | + return 0; | |
| 29 | + } | |
| 30 | + } else { | |
| 31 | + closedir(dir); | |
| 32 | + return 0; | |
| 33 | + } | |
| 34 | + } | |
| 35 | + break; | |
| 36 | default: | |
| 37 | continue; | |
| 38 | } |
| 0 | From: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com> | |
| 1 | Date: Mon, 18 May 2020 23:24:07 +0200 | |
| 2 | Subject: harden systemd service | |
| 3 | ||
| 4 | Add empty CapabilityBoundingSet | |
| 5 | Enable LockPersonality, NoNewPrivileges, ProtectClock, ProtectKernelLogs | |
| 6 | and RestrictSUIDSGID | |
| 7 | --- | |
| 8 | examples/systemd/vnstat.service | 6 ++++++ | |
| 9 | 1 file changed, 6 insertions(+) | |
| 10 | ||
| 11 | diff --git a/examples/systemd/vnstat.service b/examples/systemd/vnstat.service | |
| 12 | index f8b895d..597a580 100644 | |
| 13 | --- a/examples/systemd/vnstat.service | |
| 14 | +++ b/examples/systemd/vnstat.service | |
| 15 | @@ -24,6 +24,12 @@ PrivateTmp=yes | |
| 16 | MemoryDenyWriteExecute=yes | |
| 17 | RestrictRealtime=yes | |
| 18 | RestrictNamespaces=yes | |
| 19 | +CapabilityBoundingSet= | |
| 20 | +LockPersonality=yes | |
| 21 | +NoNewPrivileges=yes | |
| 22 | +ProtectClock=yes | |
| 23 | +ProtectKernelLogs=yes | |
| 24 | +RestrictSUIDSGID=yes | |
| 25 | ||
| 26 | [Install] | |
| 27 | WantedBy=multi-user.target |
| 0 | From: Felix Geyer <fgeyer@debian.org> | |
| 1 | Date: Sun, 20 Aug 2017 11:18:29 +0200 | |
| 2 | Forwarded: not-needed | |
| 3 | Subject: Adjust PidFile path to the new location | |
| 4 | ||
| 5 | --- | |
| 6 | cfg/vnstat.conf | 2 +- | |
| 7 | man/vnstatd.8 | 2 +- | |
| 8 | src/common.h | 2 +- | |
| 9 | 3 files changed, 3 insertions(+), 3 deletions(-) | |
| 10 | ||
| 11 | diff --git a/cfg/vnstat.conf b/cfg/vnstat.conf | |
| 12 | index dbdf0ce..a7f124f 100644 | |
| 13 | --- a/cfg/vnstat.conf | |
| 14 | +++ b/cfg/vnstat.conf | |
| 15 | @@ -143,7 +143,7 @@ UpdateFileOwner 1 | |
| 16 | LogFile "/var/log/vnstat/vnstat.log" | |
| 17 | ||
| 18 | # file used as daemon pid / lock file | |
| 19 | -PidFile "/var/run/vnstat/vnstat.pid" | |
| 20 | +PidFile "/run/vnstat/vnstat.pid" | |
| 21 | ||
| 22 | # 1 = 64-bit, 0 = 32-bit, -1 = old style logic, -2 = automatic detection | |
| 23 | 64bitInterfaceCounters -2 | |
| 24 | diff --git a/man/vnstatd.8 b/man/vnstatd.8 | |
| 25 | index 81a1b1a..5e74264 100644 | |
| 26 | --- a/man/vnstatd.8 | |
| 27 | +++ b/man/vnstatd.8 | |
| 28 | @@ -239,7 +239,7 @@ Log file that will be used if logging to file is enable and no other file | |
| 29 | is specified in the config file. | |
| 30 | ||
| 31 | .TP | |
| 32 | -.I /var/run/vnstat.pid | |
| 33 | +.I /run/vnstat.pid | |
| 34 | File used for storing the process id if no other file is specified in the | |
| 35 | configuration file or using the command line parameter. | |
| 36 | ||
| 37 | diff --git a/src/common.h b/src/common.h | |
| 38 | index 2f411c8..14e7613 100644 | |
| 39 | --- a/src/common.h | |
| 40 | +++ b/src/common.h | |
| 41 | @@ -230,7 +230,7 @@ and most can be changed later from the config file. | |
| 42 | #define CREATEDIRS 1 | |
| 43 | #define UPDATEFILEOWNER 1 | |
| 44 | #define LOGFILE "/var/log/vnstat/vnstat.log" | |
| 45 | -#define PIDFILE "/var/run/vnstat/vnstat.pid" | |
| 46 | +#define PIDFILE "/run/vnstat/vnstat.pid" | |
| 47 | #define IS64BIT -2 | |
| 48 | #define WALDB 0 | |
| 49 | #define WALDBCHECKPOINTINTERVALMINS 240 |
| 0 | pidfile_path.diff | |
| 1 | systemd_user.diff | |
| 2 | fix-salsaci-remove-dir.patch | |
| 3 | drop_systemd_alias.patch | |
| 4 | drop-ReadWritePaths-from-systemd-service.patch | |
| 5 | harden-systemd-service.patch | |
| 6 | error-early-on-non-Linux-and-BSD-like-systems.patch | |
| 0 | applied-upstream/0001-avoid-discarding-const-on-const-strings.patch | |
| 1 | applied-upstream/0002-rename-variables-for-improved-readability.patch | |
| 2 | applied-upstream/0003-Error-early-on-non-Linux-and-BSD-like-systems.patch | |
| 3 | applied-upstream/0004-add-check-for-memory-allocation-failure.patch | |
| 4 | applied-upstream/0005-vnstat.service-sort-hardening-options.patch | |
| 5 | applied-upstream/0006-vnstat.service-add-systemd-hardening-options.patch | |
| 6 | applied-upstream/0007-Correct-misspellings.patch | |
| 7 | applied-upstream/0008-vnstat.conf.5-use-single-closing.patch | |
| 8 | applied-upstream/0009-rename-Correctly-log-existing-interface.patch | |
| 9 | debian/pidfile_path.diff | |
| 10 | debian/systemd_user.diff | |
| 11 | debian/fix-salsaci-remove-dir.patch | |
| 12 | debian/drop_systemd_alias.patch | |
| 13 | debian/drop-ReadWritePaths-from-systemd-service.patch |
| 0 | From: Felix Geyer <fgeyer@debian.org> | |
| 1 | Date: Sun, 20 Aug 2017 11:18:29 +0200 | |
| 2 | Forwarded: not-needed | |
| 3 | Subject: Run vnstatd as user vnstat | |
| 4 | ||
| 5 | --- | |
| 6 | examples/systemd/vnstat.service | 1 + | |
| 7 | 1 file changed, 1 insertion(+) | |
| 8 | ||
| 9 | diff --git a/examples/systemd/vnstat.service b/examples/systemd/vnstat.service | |
| 10 | index 4f2d27f..cb09b40 100644 | |
| 11 | --- a/examples/systemd/vnstat.service | |
| 12 | +++ b/examples/systemd/vnstat.service | |
| 13 | @@ -10,6 +10,7 @@ ExecStart=/usr/sbin/vnstatd -n | |
| 14 | ExecReload=/bin/kill -HUP $MAINPID | |
| 15 | Restart=on-failure | |
| 16 | RestartSec=2 | |
| 17 | +User=vnstat | |
| 18 | ||
| 19 | # Hardening | |
| 20 | ProtectSystem=strict |