Robert Martinez the original author transferred all copyrights for the initial
logo work to the FreedomBox foundation. The icons are derivatives of this work.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
- Update copyright year for fonts based on information embedded in .ttf file.
- Remove incorrect copyright text.
- Each session should have only one copyright line.
- Fix syntax for multiple licenses.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
- Implement listening for CacheUpdated notification.
- Configuration to allow only root to trigger the notification.
- Trigger the notification from an apt update hook.
- Retrieve the list of packages available for upgrade and print them to log.
- Add dependency on libglib2.0-bin for the gdbus command line tool.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
It is incorrect to check for backports availability, FreedomBox systems got
added buster-backports sources prematurely. This will lead to apt update
failures resulting in FreedomBox becoming unable to install new apps.
Fix this by removing old sources and adding new sources only after
performing (this time correct) backports URL check.
Closes: #1496.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
If we release version 50 into testing and version 49 into buster-backports and
assuming version 45 is in stable, then for stable users, version 49 is selected
properly and upgraded due non-availability of 50 for them and high
prioritization of buster-backports over buster/stable. This is as expected.
For the case of testing user, this does not work as expected, however.
buster-backports will be given 800 priority, testing will be given 500
priority (default) and version 49 will be picked instead of the expected 50.
Setting priority to 500 fixes the problem. It will equate the buster-backports
to all other repositories and will let the system pick the highest version
available.
Closes: #1498.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Merge backports functionality into upgrades module.
- No need to enable systemd timer as dh_installsystemd automatically enables
this during package installation and upgrade.
- Use https:// and deb.debian.org for repository checking. When using Tor for
package installations request the URL via Tor.
- Make daily checking service more generic for all kind of future apt repository
updates.
- Force removal of repository file during purge to avoid failures.
- Don't add contrib/non-free as backports is intended to be enabled for just the
freedombox package and it is free. When the need arises, we can introduce
contrib/non-free. This also eliminates an issue that adding these components
doesn't work without the usage of tor.
- Allow generate apt preferences file to avoid lintian complaining about its
presence. Remove on purge.
- Add unattended upgrades origin pattern to allow it to upgrade from backports
repositories.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Passwords will be automatically upgraded for each user on login.
Usernames not yet upgraded are vulnerable to user enumeration attack due to
difference in password check timing.
No need to add build dependency on python3-argon2 because tests use a different
Django configuration which does not use argon2 hash.
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
This is necessary to avoid errors when installing freedombox with older plinth
already installed. Also make plinth depend on latest freedombox to ensure
upgrades go smoothly.
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
All the packages that are removed as dependencies in freedombox-setup and are
not essential for the operation of FreedomBox/Plinth have been moved to
Recommends .
The following packages were *moved* from freedombox-setup directly as is:
- bridge-utils
- curl
- devio
- dnsutils
- dosfstools
- haveged
- htop
- iftop
- iputils-ping
- iw
- libnss-gw-name
- libnss-mdns
- libnss-myhostname
- libpam-tmpdir
- libpam-abl
- locales
- locales-all
- lsof
- netcat-openbsd
- psmisc
- resolvconf
- rfkill
- tcpdump
- vim-tiny
- wget
- wireless-tools
- zile
The following packages have been *added* as they are part of standard system
utilities present in a Debian system:
- bzip2
- file
- openssh-client
- pciutils
- whois
The following packages were *dropped* as dependencies from freedombox-setup:
- dialog: no utility to an admin on command line. No scripts are currently using
it. Any script using it should have a dependency on it.
- dnsmasq-base: network-manager is one that uses it and it already recommends
it.
- parted: Added as dependency for the storage module which uses it.
- ssl-cert: apache2 and other packages that use it already recommend it.
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Remove access/error log references in configuration files and tests.
- Ensure that /var/log/plinth directory is not created anymore.
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
While capturing stdout and stderr and automatically logging that to system
logging daemon provides basic information, a lot of information lost in the
process.
This change logs to systemd journal directly so that rich information such as
code file, code function, code line, etc, can be captured in a structured way.
To avoid double logging, discard stdout and stderr in the systemd unit file.
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
