Fixes: #2556
Should be merged after fix for https://bugs.debian.org/1122841 is in unstable.
- This fixes issue with Matrix Synapse app not being installable from current
unstable.
- matrix-synapse package depends on older version of python3-typing-extensions.
This causes the daemon to fail during startup when older version is installed.
This was reported as https://bugs.debian.org/1122841. After this bug is fixed
and a newer version of matrix-synapse is uploaded, the patch will work as
expected. An alternative was to allow unattended-upgrades to upgrade
python3-typing-extensions from unstable, but has to be done very carefully and
with a lot of testing.
Tests:
- Install Matrix Synapse apps works. This request installation of the latest
version python3-typing-extensions from unstable. The daemon is running properly
after installation.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
This MR enables FreedomBox to connect as a "client" to a WireGuard
"server" using IPv6.
- Validate IPv4/6 with ip_interface
- Created helper functions to build NM settings for IPv4/6
- Modify get_settings to include settings for either IP version 4 or 6
- Created helper function to get NM address info
- Modify get_nm_info to work with IPv4 and IPv6
- Modified tests to use validate_ip_address_with_network
- Added IPv6 valid and invalid patterns to tests
Tested:
- IPv4 works unchanged
- IPv6 parsing + NM settings generation works
- IPv6 display in Show Server UI
Not tested:
- Needs IPv6 WireGuard server for full connectivity test
Closes: #1762
Signed-off-by: Frederico Gomes <fredericojfgomes@gmail.com>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
sysusers.d/tmpfiles.d config files allow a package to use
declarative configuration instead of manually written maintainer
scripts. This also allows image-based systems to be created
with /usr/ only, and also allows for factory resetting a system
and recreating /etc/ on boot.
https://www.freedesktop.org/software/systemd/man/latest/sysusers.d.htmlhttps://www.freedesktop.org/software/systemd/man/latest/tmpfiles.d.html
Tests:
- /var/lib/plinth and /var/lib/plinth/sessions/ are created on package install.
Ownership is plinth:plinth. 0755 is permissions.
- /var/lib/plinth/firstboot-wizard-secret file is created on package install.
Ownership is plinth:plinth. 0400 is permissions. During first wizard,
providing the secret works.
- /var/lib/plinth/backups-data is owned by root:root.
- When upgrading from old package to new the permissions don't change.
- When reinstalling the new package, the permissions do not change.
- User is created same as before.
plinth❌987:987:FreedomBox service:/var/lib/plinth:/usr/sbin/nologin
- Group is created same as before.
plinth❌987:
- id plinth
uid=987(plinth) gid=987(plinth) groups=987(plinth)
- Upgrading from old package to new does not change user and group records.
- Reinstalling new version does not change user and group records.
[sunil: Don't recursively change ownership for /var/lib/plinth/]
[sunil: Change ownership specifically for /var/lib/plinth/firstboot-wizard-secret]
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Tested-by: Sunil Mohan Adapa <sunil@medhas.org>
This is widely considered bad practice, as the kernel recycles
UIDs/GIDs. So any potential leftover file/directory can then
become owned by the next user/group that gets added, with
unpredictable consequences.
As removing a system user and group is considered a bad practice. Old unused
system accounts are mostly harmless.
Tests:
- Bepasty functional tests pass.
- Installing bepasty and uploading a file works.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
- Drop dependency on 'adduser' package.
Tests:
- Functional tests for infinoted work.
- Installing infinoted app works. The system user and group are created with
proper UID/GID, shell, gecos, and home directory.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
- Drop dependency on 'adduser' package.
Tests:
- Functional tests for syncthing work.
- Installing syncthing app works. The system user and group are created with
proper UID/GID, shell, gecos, and home directory.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
This was meant to be used by the mobile client. But it is in unmaintained and
unusable state. We can re-introduce the API when mobile client is back in
action.
See: https://github.com/freedombox/FreedomBox/pull/1215
[Joseph]
This API is not called by the mobile client, so it is safe to remove.
Reviewed-by: Joseph Nuthalapati <njoseph@riseup.net>
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
