This may be useful if you don't entirely trust your flash and want to be able
to check for corruptions.
Signed-off-by: Michal Hrusecky <Michal@Hrusecky.net>
/etc/ethers is missing on /rom but always created when dnsmasq
runs. It is better to have it in place and avoid an extra change
in flash after firstboot.
It will generate an extra /etc/ethers-opkg when it has changed.
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Verify ucert signature chains in sysupgrade images in case ucert is
installed and $CHECK_IMAGE_SIGNARURE = 1.
Also make sure ucert host binary is present and generate a self-signed
ucert in case $TOPDIR/key-build.ucert is missing.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Sysupgrade shouldn't proceed, if the backup of the configuration
fails because tar (or gzip) exit with a non-zero code.
Signed-off-by: Andreas Ziegler <dev@andreas-ziegler.de>
Restarting service sysctl echos multiple errors like:
sysctl: -e: No such file or directory
After the first filename, all remaining arguments are treated
as files.
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
When attempting to use any of the functions in network.sh while netifd is
not started yet, the ubus interface dump query will fail with "Not found",
yielding an empty response.
Subsequently, jsonfilter is invoked with an empty string instead of a valid
JSON document, causing it to emit a second "unexpected end of data" error.
This caused the dnsmasq init script to log the following errors during
early boot on some systems:
procd: /etc/rc.d/S19dnsmasq: Command failed: Not found.
procd: /etc/rc.d/S19dnsmasq: Failed to parse json data: unexpected end of data.
Fix the issue by allowing the ubus query to fail with "Not found" but still
logging other failures, and by passing an empty JSON object to jsonfilter
if the interface status cache is empty.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Allow enabling/commenting/disabling each feed individually by using a
tristate config symbol.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
FEEDS_ENABLED and FEEDS_DISABLED are derived from FEEDS_AVAILABLE, not
FEEDS_INSTALLED.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
There are several long-standing issues present in the UCI shell API as
documented in https://wiki.openwrt.org/doc/devel/config-scripting. They
relate both to high-level, user-defined callback functions used to
process UCI config files, and also to low-level functions used within
scripts generally.
The related problems have been encountered now and in the past, e.g.
https://forum.openwrt.org/viewtopic.php?id=54295, and include:
a) UCI parsing option() function and user-defined option_cb() callbacks
being erroneously called during processing of "list" config file entries;
b) normal usage of the low-level config_set() unexpectedy calling any
defined option_cb() if present; and
c) handling of the list_cb() not respecting the NO_CALLBACK variable.
Root causes include a function stack "inversion", where the low-level
config_set() function incorrectly calls the high-level option() function,
intended only for processing the "option" keyword of UCI config files.
This change addresses the inversion and other issues, making the option
handling code more consistent and smaller, and simplifying developers'
usage of UCI callbacks.
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
Our commands setting accept_ra to 0 on all interfaces got lost in the
transition to procd. This remained unnoticed for a long time, as we also
enable forwarding on all interfaces, which prevents RA handling by default.
Restore the commands, while also fixing a possible race condition in the
old version.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
Let's use /etc/sysctl.d for package-provided snippets and leave
/etc/sysctl.conf to the admin. Don't backup /etc/sysctl.d on upgrades, so
old defaults get replaced properly.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
Some packages are already using $(1)/var on package install.
On multiuser systems this breaks the build when multiple
users build OpenWrt.
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
The default fragment low/high thresholds are 3 and 4 MB. On devices with
only 32MB RAM, these settings may lead to OOM when many fragments that
cannot be reassembled are received. Decrease fragment low/high thresholds
to 384 and 512 kB on devices with less than 64 MB RAM.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
Many packages use the opkg conffiles field to list configuration files that
are to be retained on upgrades. Make this work on systems without opkg.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
We don't need two versions of this. The escaping quotes
is so that the sed commands aren't misinterpreted by shell;
it has nothing to do with the contents of the file, thus
one version is adequate.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
Obviously not all GPIO controller allow to change the direction. The issue
is around since the beginning of the script but only due to the recent
changes error messages are more visible.
Add a check if a change of the direction is supported by the GPIO
controller and fallback to setting only the value if not.
Fixes: FS#1271
Signed-off-by: Mathias Kresin <dev@kresin.me>
Commit 30f61a34b4 claimed to drop -d & -p
options. In reality only -d was dropped. Update command help text to
reflect that -d is no longer a supported option.
Fixes FS#1187
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Use the "low" and "high" values to configure the GPIO as an output with
that initial value. It ensures that the gpio doesn't have a unwanted value
during the time the direction is set to ouput and the actual value is
applied.
We don't need to take care of the GPIO polarity for now, since our
exported GPIOs are always active low.
Signed-off-by: Mathias Kresin <dev@kresin.me>
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
Fixes: 8170f280c4 ("base-files: set FAILSAFE in /etc/profile when
/tmp/.failsafe exists")
Since dropbear clears the environment, FAILSAFE was not set as intended in
failsafe mode. This also broke sysupgrade from failsafe mode over SSH.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
To not clutter the system when building an opkg free image, generate the
distfeeds.conf only if CLEAN_IPKG is unset.
Since opkg is now a shared package, we can't rely on PACKAGE_opkg, but
since opkg is not reasonably usable without the status information, we
can tie the distfeeds.conf to it.
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
Ensure /etc/opkg exists before trying to write there. This fixes a build
failure if SIGNED_PACKAGES is disabled.
Reported-by: Matthias Schiffer <mschiffer@universe-factory.net>
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
All the relevant options used for distfeeds.conf are part of base-files,
so it makes more sense to move the file there as well.
This has the added benefit that the we can share the opkg package again,
reducing the amount of target specific packages.
Acked-by: Jo-Philipp Wich <jo@mein.io>
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
Shell function return code only has range [0, 255]. Other values will
be truncated, e.g. return 65536 will have the same effect as return 0
While at it, drop other "return $rc" where rc will almost always take
value 0 and whose value current callers actually do not check
Fixes FS#988
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
The /bin/config_generate script and some other scripts are assuming the
/etc/config directory exists in the image. This is true in case for
example the package firewall, dropbear or dnsmasq are included, which
are adding the files under /etc/config/. Without any of these package
the system will not boot up fully because the /etc/config/ directory is
missing and some init scripts just fail.
Make sure all images with the base-files contain a /etc/config/
directory.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Acked-by: John Crispin <john@phrozen.org>
Setting ipv6 to auto in case of a pppoe interface will trigger the
creation of a dynamic wan_6 interface meaning two IPv6 interfaces
(wan6 and wan_6) will be active on top of the pppoe interface.
This leads to unpredictable behavior in the network; therefore set
ipv6 to 1 which will prevent the dynamic creation of the wan_6
interface.
Further alias the wan6 interface on top of the wan interface for pppoe
as the wan6 interface can only be started when the link local address is
ready. In case of pppoe the link local address is negotiated during the
Internet Protocol Control Protocol when the PPP link is setup meaning
all the IP address info is only available when the wan interface is up.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Set sysctl fs.suid_dumpable = 2
This allows suid processes to dump core according to kernel.core_pattern
setting. LEDE typically uses suid to drop root priviledge rather than
gain it but without this setting any suid process would be unable to
produce coredumps (e.g. dnsmasq)
Processes still need to set a non zero core file process limit ('ulimit
-c unlimited' or if procd used 'procd_set_param limits
core="unlimited"') in order to produce a core. This setting removes an
obscure stumbling block along the way.
>From https://www.kernel.org/doc/Documentation/sysctl/fs.txt
suid_dumpable:
This value can be used to query and set the core dump mode for setuid
or otherwise protected/tainted binaries. The modes are
0 - (default) - traditional behaviour. Any process which has changed
privilege levels or is execute only will not be dumped.
1 - (debug) - all processes dump core when possible. The core dump is
owned by the current user and no security is applied. This is
intended for system debugging situations only. Ptrace is unchecked.
This is insecure as it allows regular users to examine the memory
contents of privileged processes.
2 - (suidsafe) - any binary which normally would not be dumped is dumped
anyway, but only if the "core_pattern" kernel sysctl is set to
either a pipe handler or a fully qualified path. (For more details
on this limitation, see CVE-2006-2451.) This mode is appropriate
when administrators are attempting to debug problems in a normal
environment, and either have a core dump pipe handler that knows
to treat privileged core dumps with care, or specific directory
defined for catching core dumps. If a core dump happens without
a pipe handler or fully qualifid path, a message will be emitted
to syslog warning about the lack of a correct setting.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
Including version.mk sets PKG_CONFIG_DEPENDS to config entries used for
VERSION_SED command. We should keep these configs to make sure package
gets refreshed when needed.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
There already exist static assignment of uid/gid 65533 in packages feed
and we have nobody/nogroup taking 65534 as their ids. Let's change the
pid of dynamic assignment to start from 65536 so that the two assignment
scheme will not collide with each other
While at it, fix the scan command checking existence of uid/gid
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Rework the network_get_ipaddr6() and network_get_ipaddrs6() functions to
fetch the effective local IPv6 address of delegated prefix from the
"local-address" field instead of naively hardcoding ":1" as static suffix.
Fixes FS#829.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
We always want to support staged upgrades now, so it's better to include
upgraded into the main package. /lib/upgrade/nand.sh is moved to
base-files.
The procd-nand-firstboot package is removed for now, it may return later
as a separate package.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
Properly stop/start services on upgrade, but don't change the enabled
state.
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
Acked-by: Jo-Philipp Wich <jo@mein.io>
Use fwtool to extract it, only require metadata to be present if the
platform sysupgrade script sets REQUIRE_IMAGE_METADATA=1
Image metadata is in JSON format and contains a list of supported
devices, along with version information that could be displayed by a UI
later before the actual upgrade happens.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
The pi_* variables and the fs_failsafe_wait_timeout variable are set by
the CONFIG_TARGET_PREINIT_* config options. No need to maintain the same
values twice.
All other fs_ variables were never used.
Signed-off-by: Mathias Kresin <dev@kresin.me>
/etc/os-release is the standard distribution release information
file, therefore add it (and image configuration options for
fields not previously present in LEDE). Once it is deemed
reasonable the non-standard openwrt_release, openwrt_version,
and device_info files could be removed (that is with this patch
we consider them deprecated in favour of the standard file).
Signed-off-by: Daniel Dickinson <lede@daniel.thecshore.com>