Newer versions of wordpress after Bullseye seem to have a different HTML
structure for the title element. Make the functional tests work for the new
structure as well as the old one.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Show the current name of the root channel
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
[james: Use augeas for config file operations]
[james: Pass channel name on command line]
[james: Add functional test for change root channel name]
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Based on work by Benedek Nagy at:
https://salsa.debian.org/freedombox-team/freedombox/-/merge_requests/2198
Tests:
- Install WordPress without this patch. Then switch to code with this patch.
Restart FreedomBox. WordPress setup should get executed and the setup version
should get incremented to 2. The configuration file should contain the include
line for freedombox-static.php. freedombox-static.php should be installed and
should contain the line for setting FS_METHOD to 'direct'.
- Uninstall WordPress and wipe everything. Install WordPress freshly using this
patch. The line to include freedombox-static.php should be present in the
default configuration file. freedombox-static.php should be installed and should
contain the line for setting FS_METHOD to 'direct'.
- Installing a new theme using a URL and setting the default theme to the new
theme should work.
- Installing a plugin and enabling it should work.
- Installing an older version of a plugin and then updating it should work.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Tests:
- Inside container, run 'curl http://localhost/transmission/' and 'curl
http://localhost/transmission/web'. Notice that '409 Conflict' errors are
thrown.
- Apply the patch, run ./setup.py install and restart apache. Run the curl
commands again and this time, they lead to 302 redirects instead.
[sunil]: Update comment and make the redirect temporary.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Tested-by: Sunil Mohan Adapa <sunil@medhas.org>
Closes: #2187
Tests:
- Visit the Tor app page after installing. Port forwarding information is
shown like in all other apps. Protocol column lists 'TCP'.
- Information about SOCKS port is shown in the description.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Also add CSS class for the table to aide functional tests.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Closes: #1797.
Tests:
- For each affected app, install the app, visit frontpage. Select the shortcut.
Notice that Learn More... link is shown and clicking on the link takes us to the
manual page of the app.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Upon access of MediaWiki URL, it redirects to the main page with the URL
configured. This new URL could only be accessed on IPv4 or IPv6 only. When curl
is invoked with the IP address version of a different kind, this fails. Tell the
diagnostics methods not the restrict to a particular address type.
Tests:
- All MediaWiki diagnostic tests pass. URL tests show that they haven't been
performed on particular address type but rather generically.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Upon access of an app URL, it may redirect to another URL that is configured in
app settings. This new URL could only be accessed on IPv4 or IPv6 only. When
curl is invoked with the IP address version of a different kind, the access
fails. In such cases, tell the diagnostics methods not the restrict to a
particular address type.
Tests:
- Unit tests pass.
- All of transmission's diagnostics tests pass. The URL tests show that they
have been performed on a particular IP address type.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
[sunil: rename the form field variable]
[sunil: rename the parater to get/set_server_url functions]
[sunil: remove unused PrependWidget, can be added back later]
[sunil: update functional tests]
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Tests:
- Run ./setup.py install and check that 'systemctl daemon-reload; systemctl show
mediawiki-jobrunner.service' shows the required sandbox changes.
- Tested a few MediaWiki jobs. See:
https://salsa.debian.org/freedombox-team/freedombox/-/issues/299#note_306788
[sunil: Relax the restrictions on read/write paths and networking]
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Tested-by: Sunil Mohan Adapa <sunil@medhas.org>
Closes: #2215.
- matrix-synapse >= 1.55.0-2 requires python3-jinja2 >= 3.0~
- python3-jinja2 >= 3.0~ requires python3-markupsafe >= 2.0
Tests:
- On a stable container, matrixsynapse app is not installable.
- With the changes, start FreedomBox service, setup will run on the upgrades
module and /etc/apt/preferences.d/51freedombox-apps.conf will be changed to
include the two new entries. After this, matrix-synapse app is installable.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Closes: #2063.
When admin password is being set in MediaWiki, if the password is found in the common
list of passwords, MediaWiki will fail instead of setting the password. Detect
this case and show an error instead of a hard server.
Tests:
- Setting the admin password to 'passwordpassword' fails due to check in common
passwords list. A message is shown that strong password is needed instead of a
500 error page.
- Set the password to 'passwordpassword' and update other settings. Settings are
updated with success message but password update fails with error message.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Sunil: Current passwords policies as of MediaWiki 1.35.6 do not require capital
letter and numeral. Add comment that the password can't be common one.
Tests:
- Set the admin password to 'testingtesting'. Update should be successful.
[sunil: Fix typos]
[sunil: Drop checking for capital letter and numeral in password]
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Without the base attribute set, LDAP search returns no results and because of
the lookup failure LMTP will not be able to deliver message even though postfix
has successfully received the messages.
Tests:
- On a fresh container, send a message to a local user using roundcube. The user
should receive the message successfully.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Unix paths can contain double quotes. Allow entering paths with double quotes by
escaping them in c-style[1] and retrieve them back properly.
1) https://httpd.apache.org/docs/2.4/expr.html
Tests:
Run tests on with various paths:
- /var/a b
- /var/c"d
- /var/ef"
Run the following tests.
- Create a directory with the test path and create a sample file inside it.
- Add a share with the test path.
- Ensure that the share is accessible and the file can be downloaded.
- Ensure that the list of the shares shows the path correctly.
- Ensure that the share can be edited.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
- Make terminology more consistent managed vs. possible, resolve vs. actual.
- Fix regression in security report caused by comparing package expressions with
package names.
- Fix regression in package upgrades caused by comparing package expressions
with package names.
- Update API method names to improve readability and prevent accidental
mismatching of package names and package expressions. Update variable names for
same reason during usage.
Tests:
- minetest install successfully in testing.
- Security report shows non-zero value in the current vulnerabilities column.
- When an unavailable package is added to list of packages in an app, the app
can't be installed.
- When PackageOr expressions is added to an essential package, running
--list-dependencies shows an expressions with '|' in it.
- Unit tests succeed.
- Find a package with conffile prompt and add that to list of a packages in an
app like bepasty and implement a stub force_upgrade() method in the app. Run
'apt update' and that triggers and analysis of packages with conf file prompts.
This should call force_upgrade() method in bepasty and with proper argument for
list of packages.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
In Bookworm, the minetest-mod-player-3d-armor package is renamed to
minetest-mod-3d-armor. Allow either package name to fulfill the
requirement, so that the app is installable in both Bullseye and
Bookworm.
Fixes#2164.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Viewing a wifi connection will cause a 500 error. To reproduce this
issue, go to plinth/sys/networks/. If no wifi connections exist,
add one use the "Add Connection" button. Then, click on the name of
the wifi connection to view it. A 500 error is returned.
This commit fixes this error so the normal "show connection" is
returned. It also fixes a bytestring conversion error
for the SSID and a blank value for "mode" on the page.
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
This allows any binary package in src:freedombox to be upgraded from
backports, so that packaged manuals are included.
Thanks for Frank Woodward for finding the root cause and solution.
Tests:
- Build a FreedomBox bullseye image with backports disabled.
- During setup, enable backports, and update packages. freedombox
package from bullseye-backports is installed, but freedombox-doc-*
packages are from bullseye.
- Install freedombox package with the fix, and update
packages. freedombox-doc-* packages from bullseye-backports are
installed.
Closes#2106.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Closes: #2186.
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
[jvalleroy: Remove duplicate import]
[jvalleroy: Reword help text slightly]
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
When old configuration is not set and is exported with new code into newer
format, the result is a domain added with domain name 'null'. This causes issues
with UI not showing configuration and with null domain being added into
configurations of various daemons.
Tests:
- To reproduce the issue, switch to a revision with old dynamicdns code. Then
switch to a latest version without the fix. A 'null' domain is added to
configuration.
- To reproduce the issue, switch to a revision with old dynamicdns code. Then
switch to a latest version with the fix. A 'null' domain is not added to
configuration.
- With null domain in the configuration. Start FreedomBox with the fix. The null
domain should be removed and null domain should not be announced to other
daemons.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Since FreedomBox does not allow any users but those belonging to 'admin' group
to login, using passwd driver for auth means that only admin can login to
postfix/dovecot. Fix this by reverting to using LDAP driver.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Unified querying, reduce random writes for SD cards, eliminate need for separate
log rotation.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
The site will then redirect to a language specific URL.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Otherwise, the default directives in 10-auth.conf take higher priority.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Not very critical. Reduce complexity. Re-implement later at framework level.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
They are unused. postfix-ldap is needed for LDAP based maps. In dovecot,
authentication happens using PAM.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
There is nothing related to LDAP in the module. It actually configures postfix.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Remove unnecessary complex crash handler needed due to setting the service
configuration in two steps. Merge the two step into one after which crash
handler is not needed.
- Drop '_unsafe' API and verify all keys and values for sanity.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
This is not critically needed in FreedomBox. Implementation is complex. This may
be recreated at framework level to benefit all applications.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
