security/wazuh-agent: Reimplement getPackages() using SQLite
- getPackages() is a function used to get a set of information about
the packages installed on the system where the manager and agent
are installed. To obtain this information, pkg-query(8) was used;
however, prior to this commit, it was assumed that pkg(8) was
installed on the system, which could be wrong, especially on systems
such as jails, where pkg(8) is normally used from the host. With
this change, we leverage SQLite to read the pkg(8) database and
obtain information about the packages, which is also much more
efficient than executing a command. This also fixes the segmentation
fault in wazuh-modulesd when this condition occurs.
- Bump PORTREVISION
security/wazuh-manager: Improve port to run inside jail
- Reimplement getPackages() using SQLite
getPackages() is a function used to get a set of information about
the packages installed on the system where the manager and agent
are installed. To obtain this information, pkg-query(8) was used;
however, prior to this commit, it was assumed that pkg(8) was
installed on the system, which could be wrong, especially on systems
such as jails, where pkg(8) is normally used from the host. With
this change, we leverage SQLite to read the pkg(8) database and
obtain information about the packages, which is also much more
efficient than executing a command. This also fixes the segmentation
fault inside jail in wazuh-modulesd when this condition occurs.
- Fix wazuh-apid when security.bsd.see_other_{u,g}ids=0
wazuh-apid checks the status of some daemons (or services) before
starting completely, and if it cannot detect the status, it may
mark the service as failed or stopped. When security.bsd.see_other_{u,g}ids
is enabled, apid cannot correctly detect the status of some daemons
running as root, such as wazuh-execd and wazuh-modulesd, so the API
[7 lines not shown]
multimedia/navidrome: update to 0.59.0
Change the way to deal with npm, to make it more dynamic and not
requireing an actual cache of the npm state.
Reviewed by: kbowling (maintainer)
Approved by: kbowling (maintainer)
Differential Reviewed: https://reviews.freebsd.org/D54417
net-im/teams: Add port: Unofficial Microsoft Teams client
Unofficial Microsoft Teams client for Linux using Electron. It uses
the Web App and wraps it as a standalone application using Electron.
WWW: https://github.com/IsmaelMartinez/teams-for-linux
nfscl: Fix handling of POSIX draft default ACLs
A POSIX draft default ACL may not exist. As such,
an ACL with zero ACEs needs to be allowed.
This patch fixes acquisition of POSIX draft default
ACLs when they do not exist on the directory.
Fixes: a35bbd5d9f5f ("nfscommon: Add some support for POSIX draft ACLs")
nfsd.8: Add a short paragraph w.r.t. NFSv3 vs NFSv4 setup
The nfsd can be configured to support NFSv3, NFSv4 or both
of them.
This patch adds a short paragraph to nfsd.8 to explain this.
This is a content change.
(cherry picked from commit 4f184fd35d81bbd85284d47d2a65aeece67e87d4)
nfsd.8: Add a short paragraph w.r.t. NFSv3 vs NFSv4 setup
The nfsd can be configured to support NFSv3, NFSv4 or both
of them.
This patch adds a short paragraph to nfsd.8 to explain this.
This is a content change.
(cherry picked from commit 4f184fd35d81bbd85284d47d2a65aeece67e87d4)
pfctl: remove duplicate "va" entry
It turns out we'd already added this a few years ago, so didn't need to
add it again.
Fixes: 190c1f3d9326
Reported by: Seth Hoffert <seth.hoffert at gmail.com>
Sponsored by: Rubicon Communications, LLC ("Netgate")
security/vuxml: Adjust version range for py-pdfminer.six
* The fix for CVE-2025-64512 introduced with release 20251107 was
incomplete. This has been remedied with release 20251230, adjust
the entry accordingly.
databases/clickhouse-cpp: Add new port
clickhouse-cpp is the official C++ client library for ClickHouse,
providing a fast and type-safe interface to ClickHouse using its
native binary protocol.
www/gohugo: Update to 0.153.5
ChangeLog: https://github.com/gohugoio/hugo/releases/tag/v0.153.5
* images: Add compression option to image config and clean up some of the options handling
* config: Fix cascade per language in hugo.toml regression
* images: Fix WebP quality and hint parameters being ignored
Approved by: doceng@ (implicit)
aw_rtc: bump settime() delays
There are delay loops, checking the BUSY status bit, before writing to
the date or time registers. Each iteration contains a 1usec delay, for a
maximum of 70 iterations.
This is frequently not enough on the D1 platform, where the message is
emitted:
rtc0: could not set date, RTC busy
Bump the loop delay to 10usecs each, and the maximum number of
iterations to 150, for a maximum delay of 1.5msecs between each write of
the register.
In my testing this seems to be adequate.
The loop variable is renamed for clarity/simplicity.
[6 lines not shown]
