ngcp-panel

Commit Graph

Author	SHA1	Message	Date
Sipwise Jenkins Builder	c667a74de9	Release new version 13.0.1.8+0~mr13.0.1.8	2 months ago
Sipwise Jenkins Builder	588d13d46f	Release new version 13.0.1.7+0~mr13.0.1.7	2 months ago
Sipwise Jenkins Builder	0f2adecaaf	Release new version 13.0.1.6+0~mr13.0.1.6	3 months ago
Sipwise Jenkins Builder	d117075405	Release new version 13.0.1.5+0~mr13.0.1.5	3 months ago
Sipwise Jenkins Builder	4f6fa6580c	Release new version 13.0.1.4+0~mr13.0.1.4	5 months ago
Sipwise Jenkins Builder	84adc2581d	Release new version 13.0.1.3+0~mr13.0.1.3	5 months ago
Sipwise Jenkins Builder	46f205ee7d	Release new version 13.0.1.2+0~mr13.0.1.2	5 months ago
Sipwise Jenkins Builder	bf58945d48	Release new version 13.0.1.1+0~mr13.0.1.1	6 months ago
Sipwise Jenkins Builder	62eb053799	Release new version 13.0.1.0+0~mr13.0.1.0	7 months ago
Sipwise Jenkins Builder	55cf852151	Release new version 13.0.0.0+0~mr13.0.0.0	9 months ago
Kirill Solomko	d9f283cbc8	MT#59449 enhance password validation and handling * passwords are now validated based on - minlen - maxlen - min lower case chars - min uppper case chars - min digits - min special chars * Data::Password::zxcvbn is used to calculate password score and reject passwords with score < 3 as weak (this library is ported from the Dropbox password validation) * Add password journals and check last used passwords in the journals * Improve password generator javascript function to generate a password with at least 4 of each of the char group types. * Currently affected are subcriber and admin entry creation or modification via UI/API * NGCP::Utils::Auth add optional bcrypt_cost support as last argument for generate_salted_hash and get_usr_salted_pass Change-Id: I100c25107d91741d5101bc58d29a3fa558b0b017	9 months ago
Kirill Solomko	522fd97020	MT#58964 /api/platforminfo add licenses info * NGCP::Utils::License new function get_licenses() that reads /proc/ngcp/flags/ and returns all files with content 1. * api/platforminfo.tt template now calls a stashed callback (coderef) that decodes provided json file, includes licenses and returns encoded the json back. * ngcp-panel.service changes # Files + directories not directly associated are made invisible in the /proc/ file system # ProcSubset=pid # Disabled: MT#58964, to be able to read /proc/ngcp/flags/ # Processes owned by other users are hidden from /proc/ # ProtectProc=invisible # Disabled: MT#58964, to be able to read /proc/ngcp/flags/ Change-Id: I84b6707a918e3f4f271e32b9353f320753c5ae68	10 months ago
Sipwise Jenkins Builder	4545987532	Release new version 12.5.0.0+0~mr12.5.0.0	11 months ago
Michael Prokop	c8766cd567	MT#48844 Minor typo fixes s/paramaters/parameters/ s/wihout/without/ s/If it mathes/If it matches/ s/ in in / in / s/the the/the/ (note: fixes translation issue which was introduced with commit `2b7a1a33` and fixed in `072e897c` for the original, but missed for the german translation) Change-Id: I4186bf3f42b1fac11bb7d7fe801f860d2d59adc1	1 year ago
Sipwise Jenkins Builder	e7b131247e	Release new version 12.4.0.0+0~mr12.4.0.0	1 year ago
Sipwise Jenkins Builder	909523b9cb	Release new version 12.3.0.0+0~mr12.3.0.0	1 year ago
Sipwise Jenkins Builder	ee3ba7bb2b	Release new version 12.2.0.0+0~mr12.2.0.0	1 year ago
Sipwise Jenkins Builder	c7e939d892	Release new version 12.1.0.0+0~mr12.1.0.0	2 years ago
Guillem Jover	329b08f905	MT#58356 Update packaging for bookworm - Add Rules-Requires-Root field. - Switch to Standards-Version 4.6.2. - Update copyright years. Change-Id: Ic5efdccd70830c5c41e4e75456ffb8f8c66b535c	2 years ago
Sipwise Jenkins Builder	5f685fceb8	Release new version 12.0.1.0+0~mr12.0.1.0	2 years ago
Sipwise Jenkins Builder	cd5781dfc2	Release new version 11.5.0.0+0~mr11.5.0.0	2 years ago
Sipwise Jenkins Builder	111a431bd3	Release new version 11.4.0.0+0~mr11.4.0.0	2 years ago
Sipwise Jenkins Builder	3650b813b4	Release new version 11.3.0.0+0~mr11.3.0.0	2 years ago
Michael Prokop	846b60ad97	MT#55886 Add dependencies on libdata-page-perl + libio-string-perl Fixes: \| spce ngcp_panel_fastcgi.pl[43411]: Can't locate Data/Page.pm in @INC (you may need to install the Data::Page module) (@INC contains: /etc/perl /usr/local/lib/x86_64-linux-gnu/perl/5.36.0 /usr/local/share/perl/5.36.0 /usr/lib/x86_64-linux-gnu/perl5/5.36 /usr/share/perl5 /usr/lib/x86_64-linux-gnu/perl-base /usr/lib/x86_64-linux-gnu/perl/5.36 /usr/share/perl/5.36 /usr/local/lib/site_perl) at /usr/share/perl5/NGCP/Panel/Utils/RedisLocationResultSet.pm line 10. Fixup for git rev `7177959`, this went unnoticed, because libdbix-class-perl used to depend on libdata-page-perl, while it no longer does (as of version 0.082843-1, as present in Debian/bookworm): \| root@spce:~# aptitude why libdata-page-perl \| i ngcp-ngcp-ce Depends ngcp-services-ce \| i A ngcp-services-ce Depends ngcp-upgrade-ce \| i A ngcp-upgrade-ce Depends libdbix-class-perl \| i A libdbix-class-perl Depends libdata-page-perl Fixes: \| spce ngcp_panel_fastcgi.pl[43663]: Can't locate IO/String.pm in @INC (you may need to install the IO::String module) (@INC contains: /etc/perl /usr/local/lib/x86_64-linux-gnu/perl/5.36.0 /usr/local/share/perl/5.36.0 /usr/lib/x86_64-linux-gnu/perl5/5.36 /usr/share/perl5 /usr/lib/x86_64-linux-gnu/perl-base /usr/lib/x86_64-linux-gnu/perl/5.36 /usr/share/perl/5.36 /usr/local/lib/site_perl) at /usr/share/perl5/NGCP/Panel/Utils/Device.pm line 7. Fixup for git revs `4562fbf8` + `e00e46eba`, this went unnoticed, because libppi-perl used to depend on libio-string-perl, while it no longer does so (as of version 1.276-1, as present in Debian/bookworm): \| root@spce:~# aptitude why libio-string-perl \| i ngcp-ngcp-ce Depends ngcp-services-ce \| i A ngcp-services-ce Depends ngcp-panel \| i A ngcp-panel Depends libtrycatch-perl \| i A libtrycatch-perl Depends libparse-method-signatures-perl \| i A libparse-method-signatures-perl Depends libppi-perl \| i A libppi-perl Depends libio-string-perl Change-Id: I957b8df093753bab19b4d15c405411429a77eb46	3 years ago
Michael Prokop	e8f901a7b5	MT#55524 Update lintian overrides for new lintian behavior lintian v2.115.3 - as currently present in Debian/booksworm - doesn't support the existing syntax for the source-is-missing override, and therefore fails with: \| E: ngcp-panel source: source-is-missing [share/static/js/libs/d3.v2.min-2.8.1.js] \| E: ngcp-panel source: source-is-missing [share/static/js/libs/jquery-ui-1.10.3.custom.js] \| E: ngcp-panel source: source-is-missing [share/static/js/libs/jquery.dataTables.js] \| E: ngcp-panel source: source-is-missing [share/static/js/libs/rrule/rrule.js] \| E: ngcp-panel source: source-is-missing [share/static/js/libs/stanzaio.bundle.js] \| E: ngcp-panel source: source-is-missing [share/static/js/libs/svg-edit/embedapi.js] \| E: ngcp-panel source: source-is-missing [share/static/js/libs/svg-edit/jgraduate/jpicker.js] \| E: ngcp-panel source: source-is-missing [share/static/js/libs/svg-edit/jquery.js] \| E: ngcp-panel source: source-is-missing [share/static/js/libs/svg-edit/sanitize.js] \| E: ngcp-panel source: source-is-missing [share/static/js/plugins/flot/jquery.flot.js] \| E: ngcp-panel source: source-is-missing [share/static/js/plugins/flot/jquery.flot.resize.js] \| E: ngcp-panel source: source-is-missing [share/static/js/plugins/hoverIntent/jquery.hoverIntent.minified.js] \| E: ngcp-panel source: source-is-missing [share/static/js/plugins/lightbox/jquery.lightbox.js] \| E: ngcp-panel source: source-is-missing [share/static/js/plugins/validate/additional-methods.js] \| E: ngcp-panel source: source-is-missing [share/static/js/plugins/validate/jquery.validate.js] \| E: ngcp-panel source: source-is-missing [share/static/js/spectrum.min.js] \| E: ngcp-panel source: source-is-missing [share/static/js/swaggerui/swagger-ui-bundle.js] \| E: ngcp-panel source: source-is-missing [share/static/js/swaggerui/swagger-ui-standalone-preset.js] It instead expects the filename(s) to be listed under "[...]". By using "..." instead, we can support the lintian versions as present in bookworm and bullseye both at the same time. Change-Id: I95c52eae81bb3729524b46459a4283a8f9f56d57	3 years ago
Michael Prokop	9c58e1c4d5	TT#76552 systemd: allow r/w access to /var/mail When mails are sent to root@localhost, they might end up in local system under /var/mail, e.g.: \| root@sp1:~# grep -i Read-only /var/log/exim4/mainlog \| [...] 1ohvHe-001kri-L3 == /var/mail/mail <root@localhost> R=mail4root T=address_file defer (30): Read-only file system: creating lock file hitching post /var/mail/mail.lock.sp1.634442d2.000662b4 (euid=8 egid=8) Change-Id: Iea608327032cc84491c3fe02c2c6be3da10a9c58	3 years ago
Michael Prokop	31429319e7	TT#76552 systemd: reduce hardening for sendmail(1) usage If a customer has email templates enabled, adding a subscriber fails due to: \| Failed to create subscriber: error when closing pipe to sendmail: \| Trace begun at /usr/share/perl5/Email/Sender/Transport/Sendmail.pm line 94 \| Email::Sender::Transport::Sendmail::send_email('Email::Sender::Transport::Sendmail=HASH(0x56251dc80e58)', 'Email::Abstract=ARRAY(0x56252f40f0c0)', 'HASH(0x56252f3fd600)') called at /usr/share/perl5/Email/Sender/Role/CommonSending.pm line 45 \| Email::Sender::Role::CommonSending::try {...} at /usr/share/perl5/Try/Tiny.pm line 102 \| eval {...} at /usr/share/perl5/Try/Tiny.pm line 93 \| [...] Similar, sending subscriber reset password mails etc are also failing. When strace-ing ngcp-panel's fcgi process, one can observe: \| 25173 openat(AT_FDCWD, "/var/spool/exim4//input//1ogR98-0006Y1-IA-D", O_RDWR\|O_CREAT\|O_EXCL, 0640) = -1 EACCES (Permission denied) Now, when disabling all of the systemd hardening, it works fine. Comparing such a working with a failing process, the following changes within /proc/$PID/status can be observed: \| diff -urN proc.failing/status proc.working/status \| --- proc.failing/status 2022-10-06 18:06:08.519873211 +0200 \| +++ proc.working/status 2022-10-06 18:08:17.071722642 +0200 \| [...] \| CapInh: 0000000000000000 \| CapPrm: 0000000000000000 \| CapEff: 0000000000000000 \| -CapBnd: 000001fbffffffff \| +CapBnd: 000001ffffffffff \| CapAmb: 0000000000000000 \| -NoNewPrivs: 1 \| -Seccomp: 2 \| -Seccomp_filters: 3 \| +NoNewPrivs: 0 \| +Seccomp: 0 So NoNewPrivs gets enabled, even though we don't explicitly set NoNewPrivileges but e.g. only ProtectClock=yes. This is expected behavior though, quoting from systemd.exec(5) \| NoNewPrivileges= \| \| Takes a boolean argument. If true, ensures that the service \| process and all its children can never gain new privileges through \| execve() (e.g. via setuid or setgid bits, or filesystem capabilities). \| This is the simplest and most effective way to ensure that a process and \| its children can never elevate privileges again. Defaults to false, but \| certain settings override this and ignore the value of this setting. \| This is the case when SystemCallFilter=, SystemCallArchitectures=, \| RestrictAddressFamilies=, RestrictNamespaces=, PrivateDevices=, \| ProtectKernelTunables=, ProtectKernelModules=, ProtectKernelLogs=, \| ProtectClock=, MemoryDenyWriteExecute=, RestrictRealtime=, \| RestrictSUIDSGID=, DynamicUser= or LockPersonality= are specified. Note \| that even if this setting is overridden by them, systemctl show shows \| the original value of this setting. Also see No New Privileges Flag[4]. Also see https://www.kernel.org/doc/html/latest/userspace-api/no_new_privs.html STR (without having to go through ngcp-panel and a customer/subscriber setup): \| root@spce:~# cat /etc/systemd/system/demo.service \| [Unit] \| Description=sendmail systemd hardening demo \| \| [Service] \| Type=simple \| User=www-data \| Group=www-data \| ExecStart=/usr/bin/perl /usr/bin/send_mail.pl \| \| # this one enough to trigger the problem \| ProtectClock=true \| \| root@spce:~# cat /usr/bin/send_mail.pl \| use strict; \| use Template; \| use Email::Sender::Simple qw(); \| use Email::Simple; \| use Email::Simple::Creator; \| use Email::Sender::Transport::Sendmail qw(); \| \| send_email( \| subject => 'exim test', \| body => 'ohai', \| from => 'root@localhost', \| to => 'foobar@example.org', \| ); \| print "done\n"; \| exit; \| \| sub send_email { \| my %args = @_; \| my $subject = $args{subject}; \| my $body = $args{body}; \| my $from = $args{from}; \| my $to = $args{to}; \| \| my $transport = Email::Sender::Transport::Sendmail->new; \| my $email = Email::Simple->create( \| header => [ \| To => $to, \| From => $from, \| Subject => $subject, \| ], \| body => $body, \| ); \| return Email::Sender::Simple->send($email, { transport => $transport } ); \| } \| \| root@spce:~# systemctl daemon-reload && systemctl restart demo Until we switch the mail interface from sendmail(1) to SMTP or alike (reported as MT#55576), we need to reduce the systemd hardening, to not get the NoNewPrivileges=true (AKA prctl(PR_SET_NO_NEW_PRIVS,...)) behavior through any of the related hardening options. New systemd hardening state of ngcp-panel (as of systemd v247.3-7+deb11u1): \| $ sudo SYSTEMD_COLORS=0 PAGER= COLUMNS=100 unbuffer systemd-analyze security ngcp-panel \| grep -v '✓' \| NAME DESCRIPTION EXPOSURE \| ✗ PrivateNetwork= Service has access to the host's network 0.5 \| ✗ CapabilityBoundingSet=~CAP_SET(UID\|GID\|PCAP) Service may change UID/GID identities/capab… 0.3 \| ✗ CapabilityBoundingSet=~CAP_SYS_ADMIN Service has administrator privileges 0.3 \| ✗ CapabilityBoundingSet=~CAP_SYS_PTRACE Service has ptrace() debugging abilities 0.3 \| ✗ RestrictAddressFamilies=~AF_(INET\|INET6) Service may allocate Internet sockets 0.3 \| ✗ RestrictNamespaces=~CLONE_NEWUSER Service may create user namespaces 0.3 \| ✗ RestrictAddressFamilies=~… Service may allocate exotic sockets 0.3 \| ✗ CapabilityBoundingSet=~CAP_(CHOWN\|FSETID\|SE… Service may change file ownership/access mo… 0.2 \| ✗ CapabilityBoundingSet=~CAP_(DAC_\|FOWNER\|IP… Service may override UNIX file/IPC permissi… 0.2 \| ✗ CapabilityBoundingSet=~CAP_NET_ADMIN Service has network configuration privileges 0.2 \| ✗ CapabilityBoundingSet=~CAP_SYS_MODULE Service may load kernel modules 0.2 \| ✗ CapabilityBoundingSet=~CAP_SYS_RAWIO Service has raw I/O access 0.2 \| ✗ CapabilityBoundingSet=~CAP_SYS_TIME Service processes may change the system clo… 0.2 \| ✗ IPAddressDeny= Service does not define an IP address allow… 0.2 \| ✗ NoNewPrivileges= Service processes may acquire new privileges 0.2 \| ✗ PrivateDevices= Service potentially has access to hardware … 0.2 \| ✗ PrivateUsers= Service has access to other users 0.2 \| ✗ ProtectClock= Service may write to the hardware clock or … 0.2 \| ✗ ProtectKernelLogs= Service may read from or write to the kerne… 0.2 \| ✗ ProtectKernelModules= Service may load or read kernel modules 0.2 \| ✗ ProtectKernelTunables= Service may alter kernel tunables 0.2 \| ✗ RestrictAddressFamilies=~AF_PACKET Service may allocate packet sockets 0.2 \| ✗ RestrictSUIDSGID= Service may create SUID/SGID files 0.2 \| ✗ SystemCallArchitectures= Service may execute system calls with all A… 0.2 \| ✗ SystemCallFilter=~@clock Service does not filter system calls 0.2 \| ✗ SystemCallFilter=~@debug Service does not filter system calls 0.2 \| ✗ SystemCallFilter=~@module Service does not filter system calls 0.2 \| ✗ SystemCallFilter=~@mount Service does not filter system calls 0.2 \| ✗ SystemCallFilter=~@raw-io Service does not filter system calls 0.2 \| ✗ SystemCallFilter=~@reboot Service does not filter system calls 0.2 \| ✗ SystemCallFilter=~@swap Service does not filter system calls 0.2 \| ✗ SystemCallFilter=~@privileged Service does not filter system calls 0.2 \| ✗ SystemCallFilter=~@resources Service does not filter system calls 0.2 \| ✗ CapabilityBoundingSet=~CAP_AUDIT_ Service has audit subsystem access 0.1 \| ✗ CapabilityBoundingSet=~CAP_KILL Service may send UNIX signals to arbitrary … 0.1 \| ✗ CapabilityBoundingSet=~CAP_MKNOD Service may create device nodes 0.1 \| ✗ CapabilityBoundingSet=~CAP_NET_(BIND_SERVIC… Service has elevated networking privileges 0.1 \| ✗ CapabilityBoundingSet=~CAP_SYSLOG Service has access to kernel logging 0.1 \| ✗ CapabilityBoundingSet=~CAP_SYS_(NICE\|RESOUR… Service has privileges to change resource u… 0.1 \| ✗ RestrictNamespaces=~CLONE_NEWCGROUP Service may create cgroup namespaces 0.1 \| ✗ RestrictNamespaces=~CLONE_NEWIPC Service may create IPC namespaces 0.1 \| ✗ RestrictNamespaces=~CLONE_NEWNET Service may create network namespaces 0.1 \| ✗ RestrictNamespaces=~CLONE_NEWNS Service may create file system namespaces 0.1 \| ✗ RestrictNamespaces=~CLONE_NEWPID Service may create process namespaces 0.1 \| ✗ RestrictRealtime= Service may acquire realtime scheduling 0.1 \| ✗ SystemCallFilter=~@cpu-emulation Service does not filter system calls 0.1 \| ✗ SystemCallFilter=~@obsolete Service does not filter system calls 0.1 \| ✗ RestrictAddressFamilies=~AF_NETLINK Service may allocate netlink sockets 0.1 \| ✗ RootDirectory=/RootImage= Service runs within the host's root directo… 0.1 \| ✗ CapabilityBoundingSet=~CAP_MAC_* Service may adjust SMACK MAC 0.1 \| ✗ CapabilityBoundingSet=~CAP_SYS_BOOT Service may issue reboot() 0.1 \| ✗ LockPersonality= Service may change ABI personality 0.1 \| ✗ MemoryDenyWriteExecute= Service may create writable executable memo… 0.1 \| ✗ RestrictNamespaces=~CLONE_NEWUTS Service may create hostname namespaces 0.1 \| ✗ CapabilityBoundingSet=~CAP_LINUX_IMMUTABLE Service may mark files immutable 0.1 \| ✗ CapabilityBoundingSet=~CAP_IPC_LOCK Service may lock memory into RAM 0.1 \| ✗ CapabilityBoundingSet=~CAP_SYS_CHROOT Service may issue chroot() 0.1 \| ✗ ProtectHostname= Service may change system host/domainname 0.1 \| ✗ CapabilityBoundingSet=~CAP_BLOCK_SUSPEND Service may establish wake locks 0.1 \| ✗ CapabilityBoundingSet=~CAP_LEASE Service may create file leases 0.1 \| ✗ CapabilityBoundingSet=~CAP_SYS_PACCT Service may use acct() 0.1 \| ✗ CapabilityBoundingSet=~CAP_SYS_TTY_CONFIG Service may issue vhangup() 0.1 \| ✗ CapabilityBoundingSet=~CAP_WAKE_ALARM Service may program timers that wake up the… 0.1 \| ✗ RestrictAddressFamilies=~AF_UNIX Service may allocate local sockets 0.1 \| \| → Overall exposure level for ngcp-panel.service: 7.9 EXPOSED 🙁 Related: MT#31936 Related: MT#55569 Thanks: Thomas Georg on spce-user ml for the bug report, and Victor Seva, Richard Fuchs + Rene Krenn for assistance in tracking this down Change-Id: Ic3be62247bbcae00c99de3b779df838c0daaaf1a	3 years ago
Sipwise Jenkins Builder	c12487ec99	Release new version 11.2.0.0+0~mr11.2.0.0	3 years ago
Sipwise Jenkins Builder	9f6823eb38	Release new version 11.1.0.0+0~mr11.1.0.0	3 years ago
Marco Capetta	5f316b8e70	TT#179901 Discontinue iNew dedicated features and code SMS prepaid billing using libinewrate is not supported anymore * remove init_prepaid_billing, perform_prepaid_billing, cancel_prepaid_billing functions * /api/sms POST is now self sufficient and use $session internally and does not call *_prepaid_billing functions, nor rely on them Change-Id: I483f27ce82c7e0a039ce1f3f44c24bd9db75dfec	3 years ago
Sipwise Jenkins Builder	6b455b0b75	Release new version 11.0.0.0+0~mr11.0.0.0	3 years ago
Michael Prokop	35edfb92e6	TT#76552 Harden ngcp-panel service ngcp-panel service state BEFORE this change: \| $ sudo systemd-analyze security ngcp-panel \| tail -1 \| → Overall exposure level for ngcp-panel.service: 9.2 UNSAFE 😨 ngcp-panel service state AFTER this change: \| $ sudo SYSTEMD_COLORS=0 PAGER= COLUMNS=100 unbuffer systemd-analyze security ngcp-panel \| grep -v '✓' \| NAME DESCRIPTION EXPOSURE \| ✗ PrivateNetwork= Service has access to the host's network 0.5 \| ✗ RestrictAddressFamilies=~AF_(INET\|INET6) Service may allocate Internet sockets 0.3 \| ✗ DeviceAllow= Service has a device ACL with some special … 0.1 \| ✗ IPAddressDeny= Service does not define an IP address allow… 0.2 \| ✗ PrivateUsers= Service has access to other users 0.2 \| ✗ SystemCallFilter=~@privileged System call allow list defined for service,… 0.2 \| ✗ SystemCallFilter=~@resources System call allow list defined for service,… 0.2 \| ✗ RootDirectory=/RootImage= Service runs within the host's root directo… 0.1 \| ✗ RestrictAddressFamilies=~AF_UNIX Service may allocate local sockets 0.1 \| \| → Overall exposure level for ngcp-panel.service: 1.5 OK 🙂 As of systemd v247.3-7. Change-Id: Id1218abdbe8e9ef27285b4aa4d25972b7646da11	3 years ago
Sipwise Jenkins Builder	b5b270c799	Release new version 10.5.0.0+0~mr10.5.0.0	3 years ago
Sipwise Jenkins Builder	4921c56f7a	Release new version 10.4.0.0+0~mr10.4.0.0	3 years ago
Sipwise Jenkins Builder	9d61b7b06f	Release new version 10.3.0.0+0~mr10.3.0.0	3 years ago
Guillem Jover	95e04a0db6	TT#124273 Update packaging for bullseye - Switch to debhelper compat level 13. - Switch to Standards-Version 4.5.1. - Update copyright years. - Wrap and sort -sat. - Rename obsolete .tmpfile fragment file to .tmpfiles. Change-Id: Ib96fd2cb63be420ebc1409f8c90eb91e0aa7c305	4 years ago
Sipwise Jenkins Builder	26eae5ee39	Release new version 10.2.0.0+0~mr10.2.0.0	4 years ago
Sipwise Jenkins Builder	ac8e69e766	Release new version 10.1.0.0+0~mr10.1.0.0	4 years ago
Alexander Lutay	4f2ba3c53f	TT#130659 Remove 'svg-edit-2.6' JS code (necessary for Opera Presto only) Presto Opera is no longer supported by Opera. They have been migrated to Opera Next long time ago (Chromium codebase). Change-Id: I433e77e2d5295f2d97901e4e2ce58b857fa9281d	4 years ago
Alexander Lutay	42e63e5711	TT#130659 Remove rrd-related ngcp-panel code Change-Id: I76880ba12037f1653c4c969e442738cc7f3eb185	4 years ago
Sipwise Jenkins Builder	5a32d8f793	Release new version 10.0.0.0+0~mr10.0.0.0	4 years ago
Sipwise Jenkins Builder	e4a11fa4d9	Release new version 9.5.0.0+0~mr9.5.0.0	4 years ago
Flaviu Mates	8bc9a3974c	TT#108162 Reseller branding primary and secondary colors * add color pickers and store the hex code of the colors inside the branding table in panel UI * implement /api/resellerbrandings endpoint, where all things related to reseller branding can be managed; the branding logo will still be retrieved using /api/resellerrandinglogos Change-Id: Ib7ed364811acf67ffd62252d9799a0af8b91e9bc	4 years ago
Sipwise Jenkins Builder	ef9bf99809	Release new version 9.4.0.0+0~mr9.4.0.0	4 years ago
Sipwise Jenkins Builder	e49f1584dd	Release new version 9.3.0.0+0~mr9.3.0.0	4 years ago
Sipwise Jenkins Builder	064100ff11	Release new version 9.2.0.0+0~mr9.2.0.0	5 years ago
Michael Prokop	3b9ef3d0b3	TT#99206 Depend on libcrypt-openssl-rsa-perl Since commit `65634d701` (`TT#84329 encrypt/decrypt password, weppassword, pin`) /usr/share/perl5/NGCP/Panel/Utils/Encryption.pm depends on the Perl module Crypt::OpenSSL::RSA (AKA libcrypt-openssl-rsa-perl). File /usr/share/perl5/NGCP/Panel/Utils/Encryption.pm is shipped with the main ngcp-panel package, which doesn't depend on libcrypt-openssl-rsa-perl. This went unnoticed, as we depend on libcrypt-openssl-rsa-perl in the ngcp-panel-tools package only (which is installed by default though), so add libcrypt-openssl-rsa-perl also as dependency of ngcp-panel package. Fixes the following issue (as reported on spce-user mailing list): \| Oct 30 16:40:19 ngcp_panel_fastcgi.pl[15571]: Can't locate Crypt/OpenSSL/RSA.pm in @INC (you may need to install the Crypt::OpenSSL::RSA module) (@INC contains: /etc/perl /usr/local/lib/x86_64-linux-gnu/perl/5.28.1 /usr/local/share/perl/5.28.1 /usr/lib/x86_64-linux-gnu/perl5/5.28 /usr/share/perl5 /usr/lib/x86_64-linux-gnu/perl/5.28 /usr/share/perl/5.28 /usr/local/lib/site_perl /usr/lib/x86_64-linux-gnu/perl-base) at /usr/share/perl5/NGCP/Panel/Utils/Encryption.pm line 4. Change-Id: I33b5eb1d3b621dece48e680fb3cd93429d1030b0	5 years ago
Sipwise Jenkins Builder	aad1c60a05	Release new version 9.1.0.0+0~mr9.1.0.0	5 years ago
Sipwise Jenkins Builder	ba2a80fc81	Release new version 9.0.0.0+0~mr9.0.0.0	5 years ago
Sipwise Jenkins Builder	30f4303f1f	Release new version 8.6.0.0+0~mr8.6.0.0	5 years ago

1 2 3 4 5 ...

361 Commits (mr13.0.1)