Commit Graph

85 Commits

Author SHA1 Message Date
Hauke Mehrtens
b88d51898d
base-files: Mount debugfs and pstore with nosuid,nodev,noexec
These permissions are not needed. Systemd also mounts these file systems
without these permissions on other Linux distributions.

Dropping these permissions should make the system more secure.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Link: https://github.com/openwrt/openwrt/pull/16960
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-11-16 14:23:08 +01:00
Hauke Mehrtens
3b710375dd
base-files: Create /run and /run/lock folder
Create the folder /run and /run/lock using symlinks. Other Linux
distributions also have these folders and some applications might already
depend on them. Just create symlinks pointing to the older folder.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Link: https://github.com/openwrt/openwrt/pull/16961
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2024-11-16 14:22:22 +01:00
John Crispin
7a120ee72e base-files: execute uboot-env script before calling config_generate
This allows /etc/board.d/* scripts to use values from the uboot environment.

Signed-off-by: John Crispin <john@phrozen.org>
2024-10-02 15:41:33 +02:00
Felix Fietkau
b993a00b82 base-files: fix duplicate wifi radio sections when using phy renaming
The duplicate sections are caused by a race condition at boot, when board.json
is not available. In that case, the final phy name cannot be resolved, and extra
sections referring to the path are created.
Fix this by making sure that wifi config is not being run before board.json
is created.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2023-07-17 14:33:57 +02:00
Rafał Miłecki
9851d4b6ce base-files: call "sync" after initial setup
OpenWrt uses a lot of (b)ash scripts for initial setup. This isn't the
best solution as they almost never consider syncing files / data. Still
this is what we have and we need to try living with it.

Without proper syncing OpenWrt can easily get into an inconsistent state
on power cut. It's because:
1. Actual (flash) inode and data writes are not synchronized
2. Data writeback can take up to 30 seconds (dirty_expire_centisecs)
3. ubifs adds extra 5 seconds (dirty_writeback_centisecs) "delay"

Some possible cases (examples) for new files:
1. Power cut during 5 seconds after write() can result in all data loss
2. Power cut happening between 5 and 35 seconds after write() can result
   in empty file (inode flushed after 5 seconds, data flush queued)

Above affects e.g. uci-defaults. After executing some migration script
it may get deleted (whited out) without generated data getting actually
written. Power cut will result in missing data and deleted file.

There are three ways of dealing with that:
1. Rewriting all user-space init to proper C with syncs
2. Trying bash hacks (like creating tmp files & moving them)
3. Adding sync and hoping for no power cut during critical section

This change introduces the last solution that is the simplest. It
reduces time during which things may go wrong from ~35 seconds to
probably less than a second. Of course it applies only to IO operations
performed before /etc/init.d/boot . It's probably the stage when the
most new files get created.

All later changes are usually done using smarter C apps (e.g. busybox or
uci) that creates tmp files and uses rename() that is expected to be
atomic.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Acked-by: Hauke Mehrtens <hauke@hauke-m.de>
Acked-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
2022-03-12 11:13:54 +00:00
Deomid Ryabkov
430f691943 base-files: chmod 1777 /var/lock
Per FHS 3.0, /var/lock is the location for lock files [1].
However its current permissions (755) are too restrictive
for use by unprivileged processes.
Debian and Ubuntu set them to 1777, and now so do we.

[1] <https://refspecs.linuxfoundation.org/FHS_3.0/fhs-3.0.html#varlockLockFiles>

Signed-off-by: Deomid Ryabkov <rojer@rojer.me>
[fixed typo in commit message, had to remove "rojer" due to git hooks]
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2021-10-23 19:30:54 +02:00
Brian Norris
95b30f84d2 base-files: mount pstore if present
Pstore (persistent store) can be used to stash debug information (kernel
console, panics, ftrace) across reboots or crashes. If the filesystem is
present, mount it.

Signed-off-by: Brian Norris <computersforpeace@gmail.com>
2021-01-29 22:26:36 +01:00
Adrian Schmutzler
cb9bb908de base-files: drop default setup for vconfig
vconfig has been disabled by default since 2015 [1] and there are
no remaining uses in entire OpenWrt trunk. However, we still set up
a specific name_type for it during boot.

While this setup is properly implemented to be only triggered when
vconfig is present, it still seems anachronistic and unnecessary
to set up a standard for a tool that is not used anymore.

Therefore, this removes the set_name_type initialization and leaves
it for those people actually using the tool to configure it as needed.

[1] 899a23227e ("busybox: improve applets & deprecate ifconfig, route")

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-09-16 17:28:20 +02:00
Tony Ambardar
217877d046 base-files: mount bpffs at boot
Explicitly mount the BPF filesystem if available. This is used for pinning
eBPF programs and maps, making them accessible to other eBPF programs or
from userspace with the help of libbpf or bpftool.

Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
[daniel@makrotopia.org: bumped PKG_RELEASE]
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-07-31 13:43:03 +01:00
Adrian Schmutzler
8fe5ad5d33 brcm47xx: rename target to bcm47xx
This change makes the names of Broadcom targets consistent by using
the common notation based on SoC/CPU ID (which is used internally
anyway), bcmXXXX instead of brcmXXXX.
This is even used for target TITLE in make menuconfig already,
only the short target name used brcm so far.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-02-14 14:10:51 +01:00
Daniel Golle
fedc5d30ae base-files: move /tmp/resolv.conf.auto to /tmp/resolv.conf.d/
Having it in a directory it more friendly for mount-bind.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-01-07 15:36:03 +02:00
Joseph Tingiris
04811007e5 base-files: change boot & umount STOP indexes
This patch is in a series to allow additional STOP indexes after umount,
so that other block devices may stop cleanly.

boot is now STOP=90
umount is now STOP=90

After this patch series, the resulting STOP indexes in the 80s & 90s
will be:

STOP=85 odhcpd.init
STOP=89 conntrackd.init
STOP=89 log.init
STOP=89 rssileds.init
STOP=90 boot
STOP=90 kdump.init
STOP=90 network
STOP=90 sysfixtime
STOP=90 umount
STOP=98 mdadm.init (note: will be addressed in a separate patch)

Signed-off-by: Joseph Tingiris <joseph.tingiris@gmail.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
[PKG_RELEASE is now 200]
2019-06-24 20:22:23 +02:00
Christian Lamparter
5f8f8a3661 base-files, mac80211, broadcom-wl: wifi detection and configuration
Currently, the wifi detection script is executed as part of
the (early) boot process. Pluggable wifi USB devices, which
are inserted at a later time are not automatically
detected and therefore they don't show up in LuCI.

A user has to deal with wifi detection manually, or restart
the router.

However, the current "sleep 1" window - which the boot
process waits for wifi devices to "settle down" - is too
short to detect wifi devices for some routers anyway.

For example, this can happen with USB WLAN devices on the
WNDR4700. This is because the usb controller needs to load
its firmware from UBI and initialize, before it can operate.

The issue can be seen on a BT HomeHub 5A as well as soon as
the caldata are on an ubi volume. This is because the ath9k
card has to be initialized by owl-loader first. Which has to
wait for the firmware extraction script to retrieve the pci
initialization values inside the caldata.

This patch moves the wifi configuration to hotplug scripts.
For mac80211, the wifi configuration will now automatically
run any time a "ieee80211" device is added. Likewise
broadcom-wl's script checks for new "net" devices which
have the "wl$NUMBER" moniker.

Issues with spawning multiple interface configuration - in
case the detection script is run concurrently - have been
resolved by using a named section for the initial
configuration. Concurrent configuration scripts will now
simply overwrite the same existing configuration.

A workaround which preserves the "sleep 1" window for just
the first boot has been added. This allows the existing
brcm47xx boot and mvebu uci-default scripts to correctly
setup the initial mac addresses and regulatory domain.

And finally, the patch renames the "wifi detect" into
"wifi config". As the script no longer produces any output
that has to be redirected or appended to the configuration
file.

Thanks to Martin Blumenstingl for helping with the implementation
and testing of the patch.

Acked-by: Jo-Philipp Wich <jo@mein.io>
Signed-off-by: Mathias Kresin <dev@kresin.me>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-11-03 11:08:01 +01:00
Christian Lamparter
5e35b4562f base-files, mac80211, broadcom-wl: use uci to populate wireless config
Previously, wifi detect simply dumped its generated wireless
configuration to STDOUT. A second step was needed to append
the configuration to /etc/config/wireless (or create it, if
it didn't exist).

With this patch, The wifi detection script will now use uci
to update the wireless configuration directly.

This patch also makes the initially created wifi-iface a
named section ('default_radio$X' for mac80211 and
'default_wl$X' for broadcom). With this change, uci will
not print the cfgHASH to STDOUT (which would now corrupt
the wireless configuration). It will also prevent adding
duplicated wifi interface configurations, if the wifi
configuration is run concurrently.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2016-11-03 11:08:01 +01:00
Jonas Gorski
e934a129f0 base-files: let config_generate call board_detect
Instead of board_detect generating the config as a side effect, let
config_generate call board_detect as needed.

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2016-08-13 15:49:46 +02:00
Daniel Golle
877168993a base-files: remove dead code
/etc/init.d/boot tried to create /dev/root based on the kernel's
cmdline which won't work on any recent targets. Remove that code now
that fstools can detect the mounted rootfs based on
/proc/self/mountinfo and /dev/root was long gone anyway.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2016-08-04 18:19:46 +02:00
John Crispin
2f42d9e27d base-file: remove /tmp/.jail (now useless)
Signed-off-by: Etienne CHAMPETIER <champetier.etienne@gmail.com>

SVN-Revision: 47855
2015-12-11 15:06:31 +00:00
John Crispin
1c74d046ed base-files: create /var/tmp on boot
FHS mandates presence of /var/tmp on compliant systems.

The lack of /var/tmp was discovered when using MIT Kerberos libraries
which default to that location for storing credentials cache.

Signed-off-by: Paul Fertser <fercerpav@gmail.com>

SVN-Revision: 47219
2015-10-19 10:09:46 +00:00
John Crispin
cf4a0d430b base-files: fix /tmp/.jail permissions
We need a+x rights on the path to the root of the jails
so we can use users other than root (like nobody)

This partly fixes jailed dnsmasq

Signed-off-by: Etienne CHAMPETIER <champetier.etienne@gmail.com>

SVN-Revision: 46466
2015-07-24 09:11:00 +00:00
John Crispin
5b23cfab73 base-files: create jail folder on boot
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 45008
2015-03-26 10:58:11 +00:00
John Crispin
562d9f9582 base-files: add a hardware detection layer
this allows targets to use the new uci-default helper which will generate
a file called /etc/board.json. a tool called /bin/config_generate can then
be used to generate the default uci settings.

Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 42185
2014-08-18 13:09:17 +00:00
John Crispin
3c9cfbeebd base-files: Remove stale calls to start() in initscripts.
based on http://patchwork.openwrt.org/patch/5969/

Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 41840
2014-07-26 20:36:15 +00:00
Felix Fietkau
4a9ea80ef0 /lib/functions.sh: move rarely used mtd and macaddr related functions to /lib/functions/system.sh
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 40411
2014-04-07 10:29:47 +00:00
Felix Fietkau
3d275a8deb base-files: move uci_apply_defaults() to /etc/init.d/boot
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 40408
2014-04-07 10:01:54 +00:00
John Crispin
7917a87d12 base-files: split /etc/init.d/boot into 2 files
this allows us to bind a procd trigger to system.@system[-1]

Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 39615
2014-02-18 13:33:40 +00:00
John Crispin
834204bda6 base-files: fix mount-utils incompatibility
Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>

SVN-Revision: 39169
2013-12-27 21:15:09 +00:00
John Crispin
76506e7fa4 base-files: Make /etc/init.d/boot restartable
Only reload hostname and timezone config on /etc/init.d/boot restart.
Module loading and basic boot setup is only done during boot.

Signed-off-by: Helmut Schaa <helmut.schaa@googlemail.com>

SVN-Revision: 38670
2013-11-07 12:45:57 +00:00
John Crispin
8eb56a88a4 procd: add a small script that handles config reloads until configd is ready
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 37248
2013-07-11 17:00:54 +00:00
John Crispin
9e36e10cf7 base-files: add 2 missing variable defines
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 37204
2013-07-08 16:35:02 +00:00
John Crispin
4c43cacce0 base-files: module loading is now handled by ubox/kmodloader
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 37003
2013-06-21 16:53:59 +00:00
Steven Barth
33c620773d base-files: remove unnecessary early sysctl-hack
SVN-Revision: 36920
2013-06-11 14:10:45 +00:00
John Crispin
39469dea7f boot: make use of kmodloader if it is available
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 36428
2013-04-25 19:02:28 +00:00
John Crispin
f43b7934d2 make basefiles aware of procd
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 36003
2013-03-13 18:11:19 +00:00
Steven Barth
92ad26d1b6 base-files: Fix IPv6 early sysctls again * Kernel IPv6 /proc interface inconsistency caused races
SVN-Revision: 35417
2013-02-01 12:28:24 +00:00
Steven Barth
ea7c9c85a8 base-files: Fix race-conditions with IPv6 sysctls
SVN-Revision: 35368
2013-01-29 10:13:33 +00:00
Mirko Vogt
439a869090 Do not overload mount-call - trying to reduce confusion
The behaviour of calling 'mount' differed depending on whether it called
the busybox-mount, the mount of util-linux, the mount defined in
/lib/functions.sh and /lib/functions/boot.sh

/etc/preinit even included /lib/functions.sh and /lib/functions/boot.sh,
both re-defining 'mount'.

SVN-Revision: 34792
2012-12-19 16:07:46 +00:00
Jo-Philipp Wich
9ae901445b /etc/functions.sh => /lib/functions.sh
SVN-Revision: 32062
2012-06-05 16:04:23 +00:00
Jonas Gorski
80650c9475 base-files: wait for wifi modules to settle
On slower devices wifi drivers might take too long for detecting
devices, resulting in the wifi detect call not seeing them.

This was observed on a bcm6348 with bcm4318 wifi. Adding a one second
pause was enough for b43 to expose the device.

SVN-Revision: 31639
2012-05-06 21:25:42 +00:00
Felix Fietkau
5744d736f2 base-files: remove old coldplugging hacks that are no longer necessary since the new main hotplug2 instance calls udevtrigger as well
SVN-Revision: 30916
2012-03-13 09:18:30 +00:00
Felix Fietkau
a963a80a38 base-files: the initial hotplug2 instance sometimes misses a few relevant events, e.g. during module load. rerun udevtrigger for the final hotplug2 instance to fix this
SVN-Revision: 29862
2012-01-22 21:14:22 +00:00
Jo-Philipp Wich
9fd3886365 base-files: do not pass --set-worker /lib/hotplug2/worker_fork.so to hotplug2 anymore, its statically linked - patch by Viktar Palstsiuk <viktar.palstsiuk@promwad.com>
SVN-Revision: 29806
2012-01-19 15:37:47 +00:00
Jo-Philipp Wich
33443d2a8c base-files: now that we have date -k, adjust the kernel timezone after setting up TZ and localtime
SVN-Revision: 29204
2011-11-17 01:18:22 +00:00
Nicolas Thill
93886bc776 package/base-files: use new service wrapper
SVN-Revision: 28835
2011-11-07 22:58:34 +00:00
Felix Fietkau
44ba13b578 base-files: load modules early, run wifi detect afterwards and only then process uci defaults
this allows uci-defaults scripts to override wifi settings

SVN-Revision: 28733
2011-11-03 20:02:25 +00:00
Jo-Philipp Wich
bfbbe5893f base-files: use "zonename" system option to symlink /etc/localtime via /tmp/localtime to /usr/share/zoneinfo for glibc and eglibc
SVN-Revision: 28306
2011-09-26 02:28:04 +00:00
Jo-Philipp Wich
32731a72c2 base-files: pass conloglevel to syslogd (#9463, #9647)
SVN-Revision: 27400
2011-07-03 15:11:58 +00:00
Jo-Philipp Wich
ba1c1e9016 base-files: retrigger usb coldplug after module loading, solves usb_modeswitch on boot and possibly others (#9352)
SVN-Revision: 26848
2011-05-08 10:25:58 +00:00
Vasilis Tsiligiannis
980190367c base-files: Use -h instead of deprecated -L for symlink check
SVN-Revision: 26485
2011-04-05 15:09:43 +00:00
Vasilis Tsiligiannis
48465d3d63 base-files: fix minor problem in init.d/boot
The script tests for the existance of /dev/root with test -e which fails if
/dev/root is a dangling symlink making the call to ln fail.

Signed-off-by: Justus Winter <4winter@informatik.uni-hamburg.de>

SVN-Revision: 26483
2011-04-05 15:09:32 +00:00
Felix Fietkau
541725ce18 stop syslogd before rebooting, otherwise umount might not work properly when logging to a file (thx, puchu)
SVN-Revision: 19428
2010-01-30 18:17:52 +00:00