These permissions are not needed. Systemd also mounts these file systems
without these permissions on other Linux distributions.
Dropping these permissions should make the system more secure.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Link: https://github.com/openwrt/openwrt/pull/16960
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit b88d51898d)
Link: https://github.com/openwrt/openwrt/pull/17097
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Create the folder /run and /run/lock using symlinks. Other Linux
distributions also have these folders and some applications might already
depend on them. Just create symlinks pointing to the older folder.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Link: https://github.com/openwrt/openwrt/pull/16961
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit 3b710375dd)
Link: https://github.com/openwrt/openwrt/pull/17097
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Only replace LED state of a single LED instead of removing the entire
/var/run/led.state file.
Fixes: 511e8f84d0 ("base-files: configure LED when added")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Currently LED configuration is only carried out once during boot.
Apply LED configuration also with a hotplug call when a new LED gets
added later.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Add the possibility that colored LEDs can also be configured via the uci.
config led 'led1'
option name '<name>'
option sysfs '<path>'
option trigger 'default-on'
option default '1'
--> option color_{$color} '<0-255>'
The supported names of the variable "${color}" for the selected LED can be
queried in the file with the name 'multi_index'.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Setting the trigger and checking whether the trigger can be set belong
together and should not be interrupted by other lines of code.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
There are monochrome LEDs that can only display one color. However, there
are also LEDs that can display multiple colors. This can be tested in the
led subsystem of the kernel if the files 'multi_index' and 'multi_intensity'
are present in the folder '/sys/class/leds/<ledname>'.
Until now it was not possible to reset the default color. This commit adds
the missing information in the file '/var/run/led.state' so that the bootup
color can be seen on the LED again when the LED configuration has been changed.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
The duplicate sections are caused by a race condition at boot, when board.json
is not available. In that case, the final phy name cannot be resolved, and extra
sections referring to the path are created.
Fix this by making sure that wifi config is not being run before board.json
is created.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
On some devices the chip has RTC but no battery save time.
This leads back to getting the wrong time
and skipping the check of the last file modification date.
This commit ensures that the file time is checked even
if the RTC exists.
which would ordinarily return an approbiate
system time used for e.g. certificate generation.
Tested-on: NanoPi R2S
Signed-off-by: Yuan Tao <ty@wevs.org>
The heartbeat trigger has the option to be inverted, however
openwrt/uci/luci have no way to set this.
This patch adds this support.
Signed-off-by: Olliver Schinagl <oliver@schinagl.nl>
OpenWrt uses a lot of (b)ash scripts for initial setup. This isn't the
best solution as they almost never consider syncing files / data. Still
this is what we have and we need to try living with it.
Without proper syncing OpenWrt can easily get into an inconsistent state
on power cut. It's because:
1. Actual (flash) inode and data writes are not synchronized
2. Data writeback can take up to 30 seconds (dirty_expire_centisecs)
3. ubifs adds extra 5 seconds (dirty_writeback_centisecs) "delay"
Some possible cases (examples) for new files:
1. Power cut during 5 seconds after write() can result in all data loss
2. Power cut happening between 5 and 35 seconds after write() can result
in empty file (inode flushed after 5 seconds, data flush queued)
Above affects e.g. uci-defaults. After executing some migration script
it may get deleted (whited out) without generated data getting actually
written. Power cut will result in missing data and deleted file.
There are three ways of dealing with that:
1. Rewriting all user-space init to proper C with syncs
2. Trying bash hacks (like creating tmp files & moving them)
3. Adding sync and hoping for no power cut during critical section
This change introduces the last solution that is the simplest. It
reduces time during which things may go wrong from ~35 seconds to
probably less than a second. Of course it applies only to IO operations
performed before /etc/init.d/boot . It's probably the stage when the
most new files get created.
All later changes are usually done using smarter C apps (e.g. busybox or
uci) that creates tmp files and uses rename() that is expected to be
atomic.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Acked-by: Hauke Mehrtens <hauke@hauke-m.de>
Acked-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
Per FHS 3.0, /var/lock is the location for lock files [1].
However its current permissions (755) are too restrictive
for use by unprivileged processes.
Debian and Ubuntu set them to 1777, and now so do we.
[1] <https://refspecs.linuxfoundation.org/FHS_3.0/fhs-3.0.html#varlockLockFiles>
Signed-off-by: Deomid Ryabkov <rojer@rojer.me>
[fixed typo in commit message, had to remove "rojer" due to git hooks]
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
The zoneinfo packages are not installed per default so neither
/tmp/localtime nor /tmp/TZ is generated.
This patch mostly reverts the previous fix and instead incooperates a
solution suggested by Jo.
Fixes "base-files: fix zoneinfo support " 8af62ed
Signed-off-by: Paul Spooren <mail@aparcar.org>
The system init script currently sets /tmp/localinfo when zoneinfo is
populated. However, zoneinfo has spaces in it whereas the actual files
have _ instead of spaces. This made the if condition never return true.
Example failure when removing the if condition:
/tmp/localtime -> /usr/share/zoneinfo/America/Los Angeles
This file does not exist. America/Los_Angeles does.
Ran through shfmt -w -ci -bn -sr -s
Signed-off-by: Rosen Penev <rosenp@gmail.com>
For now we have only kernel LED trigger support. With this change it is now
possible to use application triggers.
If we configure a LED with a non kernel trigger, then we check on every
restart and boot of the LED service if we have this trigger as an application
in "/usr/libexec/led-trigger". If this file with the name is found, then we
execute this to init the LED.
Possible use cases are:
- Start/Stop/Restart an application led trigger service for this led
- Init a LED that is configured by a hotplug script (VPN tunnel established)
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
The date -k patch is non standard and will be removed in the next
commit.
Tested behavior to be identical with a simple C program:
#define _GNU_SOURCE
#include <unistd.h>
#include <stdio.h>
#include <sys/time.h>
#include <sys/syscall.h>
int main()
{
struct timezone tt;
struct timezone tz;
int a = syscall(SYS_gettimeofday, NULL, &tt);
int b = gettimeofday(NULL, &tz);
printf("%d - %d, %d\n", a, tt.tz_minuteswest, tt.tz_dsttime);
printf("%d - %d, %d\n", b, tz.tz_minuteswest, tz.tz_dsttime);
}
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Pstore (persistent store) can be used to stash debug information (kernel
console, panics, ftrace) across reboots or crashes. If the filesystem is
present, mount it.
Signed-off-by: Brian Norris <computersforpeace@gmail.com>
vconfig has been disabled by default since 2015 [1] and there are
no remaining uses in entire OpenWrt trunk. However, we still set up
a specific name_type for it during boot.
While this setup is properly implemented to be only triggered when
vconfig is present, it still seems anachronistic and unnecessary
to set up a standard for a tool that is not used anymore.
Therefore, this removes the set_name_type initialization and leaves
it for those people actually using the tool to configure it as needed.
[1] 899a23227e ("busybox: improve applets & deprecate ifconfig, route")
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Set the default state for LEDs to off. When a trigger is set, the
trigger will turn the LED automatically on.
Currently LEDs might stay on, e.g. when the LED trigger is set to a
netdev trigger and the interface is never activated or the 'none'
trigger is selected without setting the 'default' option to 0 and it's
set for the LED indicating the system running state.
Using off as a default value is also consistent with the documentation
in the OpenWrt wiki.
Signed-off-by: David Bauer <mail@david-bauer.net>
Explicitly mount the BPF filesystem if available. This is used for pinning
eBPF programs and maps, making them accessible to other eBPF programs or
from userspace with the help of libbpf or bpftool.
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
[daniel@makrotopia.org: bumped PKG_RELEASE]
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Previously, gpio_switch only accepts GPIO pin number as input. Once a
GPIO pin is exported and named by device tree, its pin state cannot be
configured and saved across reboots by UCI.
This patch adds support for named GPIO pins. Thus GPIO pin can be
exported by device tree with active high/low correctly configured,
having human-readable name in /sys/class/gpio/ is also now possible.
More importantly, GPIO pins which are referenced by name will be immune
from pin mapping breakage while unintentional pin number changes are
introduced by kernel or driver updates.
Signed-off-by: Kuan-Yi Li <kyli@abysm.org>
Due to filesystem write caching the old configuration data could stay
out of flash for a long time during a first boot after the sysupgrade.
Power loss during this period could damage the overlay data and even
make device inaccessable via the network.
Fix this by syncing data to a flash as soon as the previous
configuration will be unpacked after the sysupgrade. Also sync the FS
state after the sysupgrade.tgz archive removing to prevent duplicative
extraction of a previous configuration.
Tested with AMD Geode based board.
Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
This change makes the names of Broadcom targets consistent by using
the common notation based on SoC/CPU ID (which is used internally
anyway), bcmXXXX instead of brcmXXXX.
This is even used for target TITLE in make menuconfig already,
only the short target name used brcm so far.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
"coreutil-date" package from the packages feed replaces the Busybox date
applet by symlinking /usr/bin/gnu-date to /bin/date. This prevents the system
init script from setting kernel timezone because the GNU date utility does not
provide such functionality:
root@OpenWrt:~# date -k
date: invalid option -- 'k'
Try 'date --help' for more information.
A specific reference to the Busybox date applet prevents alternative date
utilities from breaking the system init script.
Signed-off-by: Val Kulkov <val.kulkov@gmail.com>
Restart is in default implemented so it calls stop and start. This is
pretty unsafe to call on umount service. This service should not do
anything on restart the same way as on start. Only use of this service
is on stop.
Signed-off-by: Karel Kočí <cynerd@email.cz>
This patch is in a series to allow additional STOP indexes after umount,
so that other block devices may stop cleanly.
boot is now STOP=90
umount is now STOP=90
After this patch series, the resulting STOP indexes in the 80s & 90s
will be:
STOP=85 odhcpd.init
STOP=89 conntrackd.init
STOP=89 log.init
STOP=89 rssileds.init
STOP=90 boot
STOP=90 kdump.init
STOP=90 network
STOP=90 sysfixtime
STOP=90 umount
STOP=98 mdadm.init (note: will be addressed in a separate patch)
Signed-off-by: Joseph Tingiris <joseph.tingiris@gmail.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
[PKG_RELEASE is now 200]
This adds a wrapper (uci_load_validate) for uci_validate_section() that
allows callers (through a callback function) to access the values set by
uci_validate_section(), without having to manually declare a
(potentially long) list of local variables.
The callback function receives two arguments when called, the config
section name and the return value of uci_validate_section().
If no callback function is given, then the wrapper exits with the value
returned by uci_validate_section().
This also updates several init scripts to use the new wrapper function.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
In the upstream netdev led trigger the one mode file was replaced by 3
files named rx, tx and link. Fix the netdev trigger configuration code
to use the modified API.
Fixes: aa3b6a08c5 ("kernel: Replace ledtrig-netdev with upstream backport")
Reported-by: Hannu Nyman <hannu.nyman@iki.fi>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The swconfig switch led driver has the ability to switch
between a "link, rx and/or tx" mode. However, this feature
was not implemented in uci, the led init script and
config_generate.
This patch adds a seventh parameter to the
ucidef_set_led_switch() function. The accepted values for
this parameter are: link, rx and tx.
Any permutations of these three values are supported, as
long as they are properly encased with quotes.
If the parameter is not specified it will default to "all"
(link rx tx).
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Restarting service sysctl echos multiple errors like:
sysctl: -e: No such file or directory
After the first filename, all remaining arguments are treated
as files.
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Our commands setting accept_ra to 0 on all interfaces got lost in the
transition to procd. This remained unnoticed for a long time, as we also
enable forwarding on all interfaces, which prevents RA handling by default.
Restore the commands, while also fixing a possible race condition in the
old version.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
We can use /etc/sysctl.d/* for package-supplied sysctl snippets, giving
admins the option to use /etc/sysctl.conf to override settings.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
The default fragment low/high thresholds are 3 and 4 MB. On devices with
only 32MB RAM, these settings may lead to OOM when many fragments that
cannot be reassembled are received. Decrease fragment low/high thresholds
to 384 and 512 kB on devices with less than 64 MB RAM.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
Obviously not all GPIO controller allow to change the direction. The issue
is around since the beginning of the script but only due to the recent
changes error messages are more visible.
Add a check if a change of the direction is supported by the GPIO
controller and fallback to setting only the value if not.
Fixes: FS#1271
Signed-off-by: Mathias Kresin <dev@kresin.me>
GPIOs are exported as active high to the sysfs, hence the logic need to be
inverted.
Fixes: e66c47fb14 ("base-files: gpio switch: set output value with
direction")
Signed-off-by: Mathias Kresin <dev@kresin.me>
Use the "low" and "high" values to configure the GPIO as an output with
that initial value. It ensures that the gpio doesn't have a unwanted value
during the time the direction is set to ouput and the actual value is
applied.
We don't need to take care of the GPIO polarity for now, since our
exported GPIOs are always active low.
Signed-off-by: Mathias Kresin <dev@kresin.me>
Start gpio_switch before the boot state is set to up/initialised/done.
This way the exported GPIOs are available at the time rc.local is started.
Signed-off-by: Mathias Kresin <dev@kresin.me>
Currently, the wifi detection script is executed as part of
the (early) boot process. Pluggable wifi USB devices, which
are inserted at a later time are not automatically
detected and therefore they don't show up in LuCI.
A user has to deal with wifi detection manually, or restart
the router.
However, the current "sleep 1" window - which the boot
process waits for wifi devices to "settle down" - is too
short to detect wifi devices for some routers anyway.
For example, this can happen with USB WLAN devices on the
WNDR4700. This is because the usb controller needs to load
its firmware from UBI and initialize, before it can operate.
The issue can be seen on a BT HomeHub 5A as well as soon as
the caldata are on an ubi volume. This is because the ath9k
card has to be initialized by owl-loader first. Which has to
wait for the firmware extraction script to retrieve the pci
initialization values inside the caldata.
This patch moves the wifi configuration to hotplug scripts.
For mac80211, the wifi configuration will now automatically
run any time a "ieee80211" device is added. Likewise
broadcom-wl's script checks for new "net" devices which
have the "wl$NUMBER" moniker.
Issues with spawning multiple interface configuration - in
case the detection script is run concurrently - have been
resolved by using a named section for the initial
configuration. Concurrent configuration scripts will now
simply overwrite the same existing configuration.
A workaround which preserves the "sleep 1" window for just
the first boot has been added. This allows the existing
brcm47xx boot and mvebu uci-default scripts to correctly
setup the initial mac addresses and regulatory domain.
And finally, the patch renames the "wifi detect" into
"wifi config". As the script no longer produces any output
that has to be redirected or appended to the configuration
file.
Thanks to Martin Blumenstingl for helping with the implementation
and testing of the patch.
Acked-by: Jo-Philipp Wich <jo@mein.io>
Signed-off-by: Mathias Kresin <dev@kresin.me>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Previously, wifi detect simply dumped its generated wireless
configuration to STDOUT. A second step was needed to append
the configuration to /etc/config/wireless (or create it, if
it didn't exist).
With this patch, The wifi detection script will now use uci
to update the wireless configuration directly.
This patch also makes the initially created wifi-iface a
named section ('default_radio$X' for mac80211 and
'default_wl$X' for broadcom). With this change, uci will
not print the cfgHASH to STDOUT (which would now corrupt
the wireless configuration). It will also prevent adding
duplicated wifi interface configurations, if the wifi
configuration is run concurrently.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
We need to tell hwclock with -u commandline option, that we would like
to keep our RTC clock in UTC timezone. Linux kernel expects RTC in UTC
timezone anyway.
In current state of things, we don't tell hwclock to load/store time
from/to RTC in UTC timezone so it uses the timezone from the system
time. If it's set to different timezone then UTC, sysfixtime is going to
screw the time in RTC.
I've following in the setup script:
uci set system.@system[0].timezone='CET-1CEST,M3.5.0,M10.5.0/3'
uci set system.@system[0].zonename='Europe/Prague'
I've this RTC setup (rtc1 is RTC on i.MX6 SoC, rtc0 is battery backed RTC mcp7941x):
rtc-ds1307 3-006f: rtc core: registered mcp7941x as rtc0
snvs_rtc 20cc000.snvs:snvs-rtc-lp: rtc core: registered 20cc000.snvs:snvs-r as rtc1
Then we can experience following (current time is 10:15am):
$ date
Fri Oct 21 10:15:07 CEST 2016
$ hwclock -r -f /dev/rtc0
Fri Oct 21 08:14:46 2016 0.000000 seconds
$ hwclock -u -r -f /dev/rtc0
Fri Oct 21 10:14:46 2016 0.000000 seconds
And after current broken sysfixtime:
$ /etc/init.d/sysfixtime stop
$ date
Fri Oct 21 10:15:25 CEST 2016
$ hwclock -r -f /dev/rtc0
Fri Oct 21 10:15:31 2016 0.000000 seconds
Now we've time in our battery backed RTC in CEST timezone instead of
UTC. Then once again, but with this patch applied to sysfixtime, where
hwclock is using correctly the -u parameter:
$ /etc/init.d/sysfixtime stop
$ date
Fri Oct 21 10:15:53 CEST 2016
$ hwclock -r -f /dev/rtc0
Fri Oct 21 08:15:55 2016 0.000000 seconds
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Acked-by: Jo-Philipp Wich <jo@mein.io>
This helper allows using usbport trigger directly. It requires usbport
compatible syntax and supports specifying multiple USB ports, e.g.:
ucidef_set_led_usbport "usb" "USB" "devicename:colour:function" "usb1-port1" "usb2-port1"
This adds a proper object to the board.json, e.g.
"usb": {
"name": "USB",
"type": "usbport",
"sysfs": "devicename:colour:function",
"ports": [
"usb1-port1",
"usb2-port1"
]
}
and supports translating it into uci section.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
This makes init.d script handle existing UCI entries using the new
trigger. It also switches all targets to use its package.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
oneshot trigger configurations for LEDs are created, but the on/off
timing configurations are ignored. generate_config is correctly creating
oneshot configs, but the later led script doesn't recognise the trigger
details.
Fixes: c0c3f2d4c9 leds: support oneshot as well as timer triggers
Signed-off-by: Karl Palsson <karlp@etactica.com>
