locale: make install Unicode 17.0.0/CLDR 48.2
Data changes:
48.1:
- Update RSD (Serbian Dinar) to use 2-digits for non-cash and 0-digits
for cash.
- Fix issue with tippi and bindi in Punjabi exemplars.
- Fix parsing issue in numeric date+time patterns for zh_Hant and yue.
- Fix issues with hour cycle display names for several languages.
https://cldr.unicode.org/downloads/cldr-48#481-changes
48.2:
- Group separator for number formatting was updated to ' in fr-CH
consistent with other Swiss locales.
- Some fixes to date formats including: Hv available formats were
updated to match behavior in CLDR 47 due to web compatibility issues
related to current JS capabilities.
[9 lines not shown]
locale: Update Unicode to CLDR 48.2
Notable changes:
- Group separator for number formatting was updated to ' in fr-CH
consistent with other Swiss locales.
- Some fixes to date formats including: Hv available formats were
updated to match behavior in CLDR 47 due to web compatibility issues
related to current JS capabilities.
- Emoji annotations fixes including collisions between emoji short
names.
- Updated AM/PM for ko & ps to be consistent with how the wide forms are
localized.
Reviewed by: bapt
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D57626
locale: Do not strip the suffix from CLDRVERSION
The upstream CLDR directory structure requires the full version string.
Remove the ':R' modifier to fix the fetch paths.
Previously this worked because major releases were published in a
directory without the ".0" suffix, while the filenames included it.
Starting with CLDR 47, the upstream layout changed to use the full
version string exclusively, causing the fetch URLs to break for point
releases.
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D57625
padlock.4: Update slightly for 64-bit hardware
- Change the document description to "Via and Zhaoxin CPU crypto driver"
- Add a HARDWARE section mentioning these in the hardware release note
This manual still needs desperate help, but just this little bit could
have saved a lot of confusion. I'd write more if I had information.
PR: 295517
Fixes: 14b8531c4ccb8 (Restore padlock_rng the the amd64 build)
MFC after: 3 days (to 15 only)
Reviewed by: bcr, asomers
Differential Revision: https://reviews.freebsd.org/D57920
periodic/security: Introduce $security_status_loginfail_ignore for 800.loginfail
Introduce a new variable "security_status_loginfail_ignore" to filter unwanted
login failure messages from the daily security checks.
Co-authored-by: Michael Osipov <michaelo at FreeBSD.org>
Co-authored-by: Joseph Mingrone <jrm at FreeBSD.org>
PR: 295191
Reviewed by: jrm
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D57671
(cherry picked from commit 6a7c8c92245562cfd9b900dedacab99a13d5ca86)
periodic/security: Introduce $security_status_loginfail_ignore for 800.loginfail
Introduce a new variable "security_status_loginfail_ignore" to filter unwanted
login failure messages from the daily security checks.
Co-authored-by: Michael Osipov <michaelo at FreeBSD.org>
Co-authored-by: Joseph Mingrone <jrm at FreeBSD.org>
PR: 295191
Reviewed by: jrm
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D57671
(cherry picked from commit 6a7c8c92245562cfd9b900dedacab99a13d5ca86)
nuageinit: validate set-name to prevent shell injection in variable names
Shell variable names cannot be safely quoted with shell_escape() —
only alphanumeric characters are valid. Add validation that set-name
only matches [a-zA-Z0-9]+; invalid values are rejected with a
warning and the rename is skipped entirely.
(cherry picked from commit 13fb6dbc738f4ba30e78a8fb21efa1382c520d33)
nuageinit: use single-quote shell escaping for hostname in rc.conf.d
The hostname value was written inside double quotes in
/etc/rc.conf.d/hostname. POSIX shell performs command substitution
inside double quotes, so a hostname containing $() or backticks would
be executed when the file is sourced (e.g., by rc(8)).
Switch to using the existing shell_escape() helper, which wraps values
in single quotes. In POSIX shell, single-quoted strings are completely
literal — no expansion or substitution of any kind is performed.
While the hostname is already validated to contain only
[a-zA-Z0-9.-], this change provides defense-in-depth so the output
format is safe regardless of future validation changes.
Reported by: Yazdan Soltani <yazdan.soltani at gmail.com>
(cherry picked from commit da3890fdccfa7d540ea746182248299b81f95345)
nuageinit: implement phone_home support
Posts instance data (hostname, instance_id, public keys) to a URL
using fetch(1). Supports:
- url: target URL
- post: list of data items to send, or 'all'
- tries: number of retry attempts (default 1)
(cherry picked from commit 58653bf4d0fb8ccd5de146d671ec101a1df0ede0)
nuageinit: implement MIME multipart user-data support
Add support for MIME multipart/mixed user-data, allowing a single
user-data blob to contain multiple parts with different content types.
(cherry picked from commit be711ade6f66506fb2cae9fd33b142ce910f0346)
nuageinit: implement ntp support
Add support for the 'ntp' cloud-config key which configures NTP
by writing /etc/ntp.conf with server and pool entries.
(cherry picked from commit 6d27d52ccd35d1980e99bc2fc4dae602334d28af)
nuageinit: implement ca_certs support
Add support for the 'ca_certs' cloud-config key which manages
CA certificates by writing them to /etc/ssl/certs/ and running
certctl rehash.
(cherry picked from commit b56f029add4825b21b2957f19ccfbb219a3f96cb)
nuageinit: implement ssh_authkey_fingerprints support
Add support for the 'ssh_authkey_fingerprints' cloud-config key
which logs SSH host key fingerprints to the console via ssh-keygen.
(cherry picked from commit d7984912385cc5a191547dc6c2d73acba25e2239)
pw: fix const qualification in unquote()
The unquote() function took a const char * parameter but modified the
string in-place (removing quote characters). Change the parameter to
char * and update callers that passed const char * to cast explicitly.
(cherry picked from commit 5f9c8f142d1702f5810618e02534054d28d22fa5)
nuageinit: implement mounts support
Add support for the 'mounts' cloud-config key which configures
mount points by appending entries to /etc/fstab and creating
the corresponding directories.
(cherry picked from commit 797dad91ff468a9bd6cd5d4f720eb4bbac1f454a)
