Commit Graph

889 Commits

Author SHA1 Message Date
Etienne CHAMPETIER
3946a55291 base-files: seed /dev/urandom
This commit:
1) seed /dev/urandom with the saved seeds as early as possible
   (see /lib/preinit/81_urandom_seed)
2) save a seed at /etc/urandom.seed if it doesn't exists
3) save a new seed each boot at "system.@system[0].urandom_seed"
   (see /etc/init.d/urandom_seed)

We use getrandom() so we are sure /dev/urandom pool is initialized

Seed size is 512 bytes (ie /proc/sys/kernel/random/poolsize / 8)
it's the same size as in ubuntu 14.04 and all systemd systems

Seeding /dev/urandom doesn't change entropy estimation, so we still have
"random: ubus urandom read with 4 bits of entropy available"
messages in the logs, but we can now ignore them if
after "urandom-seed: Seeding with ..." message

Saving a new seed on each boot is disabled by default to avoid too much
writes without user consent

v2: log preinit messages to /dev/kmsg
v3: use non generic function name for logging, as /lib/preinit/ files
    are all sourced together in /etc/preinit
v4: after a lot of discussion on the ML, use a uci config param
v5: config param is now the path of the seed

Signed-off-by: Etienne CHAMPETIER <champetier.etienne@gmail.com>
Acked-by: Jo-Philipp Wich <jo@mein.io>
2016-06-30 22:48:39 +02:00
Jo-Philipp Wich
8d51706616 base-files: use LEDE NTP vendor pool
The vendor NTP pool for the LEDE project got approved, so switch to it now.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-06-28 19:14:31 +02:00
Kevin Darbyshire-Bryant
d4ede1c118 base-files: sysfixtime no longer exclude dnsmasq.time
dnsmasq's dnssec time checking method now uses a ntp hotplug mechanism,
therefore dnsmasq.time is redudant and no longer needs to be explicitly
excluded from sysfixtime.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-06-24 13:56:30 +02:00
Daniel Dickinson
f954f4337b base-files: Add standard os-release file
/etc/os-release is the standard distribution release information
file, therefore add it (and image configuration options for
fields not previously present in LEDE).  Once it is deemed
reasonable the non-standard openwrt_release, openwrt_version,
and device_info files could be removed (that is with this patch
we consider them deprecated in favour of the standard file).

Signed-off-by: Daniel Dickinson <lede@daniel.thecshore.com>
2016-06-24 13:52:53 +02:00
John Crispin
87eb8fad13 base-files: remove fstab symlink
the symlink no longer gets used since we switched to the block-mount tool.

Signed-off-by: John Crispin <john@phrozen.org>
2016-06-17 04:13:07 +02:00
Hannu Nyman
df7581e4c0 base-files: increase default system log size to 64 kB
Increase the default system log buffer size
from 16 kB (built-in default in ubox logd)
to 64 kB by setting the option in /etc/config/system.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2016-06-07 23:13:29 +02:00
Jo-Philipp Wich
35b33f0413 base-files: maintain LED config state
Record the state of any hardware LED configured through UCI and use that
information to revert the state when applying updated settings while
maintaining default behaviour of system LEDs.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-06-08 10:34:50 +02:00
Felix Fietkau
d6ad9d3e9c base-files: fix /bin/config_generate breakage
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-06-08 07:32:30 +02:00
Jo-Philipp Wich
924302ba36 base-files: drop /etc/config/system
The board_detect framework is now able to create the entire system config from
scratch so we can finally drop the copy shipped by base-files.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-06-08 00:34:02 +02:00
Jo-Philipp Wich
b98f78b1c1 base-files: rework config generation logic
Now that config_generate is able to generate the entire /etc/config/system
from scratch we can apply the same logic as used for /etc/config/network;
when the configuration file exists already then do not do anything, else
generate it from the values provided by /etc/board.json .

In order to facilitate that move the file existance checking inside
/bin/config_generate and call it unconditionally from /bin/board_detect.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-06-08 00:34:02 +02:00
Jo-Philipp Wich
07f03d0833 base-files: support port_state LED types in board.d
Add support for handling port_state LEDs as used by ADM5120.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-06-08 00:31:09 +02:00
Jo-Philipp Wich
528b8f6f93 base-files: support hostname and ntp servers through board.d
Add support for specifying hostname and NTP servers via /etc/board.d/ scripts.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-06-08 00:31:09 +02:00
Jo-Philipp Wich
33a4d22f4c base-files: reset LED state
Attempt to reset all LED states before applying the UCI configuration to
avoid leaving disabled LEDs behind in lingering glowing state, e.g. when
changing the sysfs entry in the config from one hardware LED to another.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-06-07 23:01:58 +02:00
Jo-Philipp Wich
7f69458296 base-files: rework postinstall uci-defaults handling
Some package postinstall operations, e.g. those emitted by the LuCI build
system, source and delete the uci-defaults themselves upon package insteall,
causing the generic defaults apply code to trigger shell errors like:

    .../luci-app-ddns.postinst: .: line 130: can't open './40_luci-ddns'

Rework the generic apply code to check the existence of the uci-defaults
script before trying to source it, use sed to prefilter the list of entries
from the control file and perform the directory change in a subshell,
avoiding the need for cd $OLDPWD.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-05-27 10:27:45 +02:00
Jo-Philipp Wich
1012701014 x86: generalize partition discovery for sysupgrade
Generalize the partition discovery in sysupgrade in order to fix sysupgrade
and config backup/recovery on MMC block devices which use a different naming
scheme compared to mtdblock or sd* devices.

The change also adds the find applet to the ramdisk utilities so that upgrade
code can rely on it.

The commit is based on the initial submission by Russell Senior at
http://patchwork.ozlabs.org/patch/625440/ .

Signed-off-by: Russell Senior <russell@personaltelco.net>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-05-24 13:30:58 +02:00
Hannu Nyman
3193053df7 Centralize setting of all version info to include/version.mk
Centralize setting all version information in include/version.mk
* Set RELEASE env variable in include/version.mk instead of toplevel.mk.
  Stop exporting the variable.
* Remove hardcoded release name from /etc/banner

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2016-05-24 13:30:58 +02:00
John Crispin
a39ac242cc base-files: fix some failsafe issues
* if the shell was closed booting continued

Signed-off-by: John Crispin <john@phrozen.org>
2016-05-23 11:03:25 +02:00
Kevin Darbyshire-Bryant
8d105653b1 base-files: sysfixtime typo in exclude dnsmasq.time
Typo, missing space before ] in previous commit caused shell syntax
failure and incorrect restoration of time.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-05-19 18:14:28 +02:00
Kevin Darbyshire-Bryant
2b1556d3e0 base-files: sysfixtime exclude dnsmasq.time
dnsmasq maintains dnsmasq.time across reboots and uses it as a means of
determining if current time is good enough to validate dnssec time
stamps.  By including /etc/dnsmasq.time as a time source for sysfixtime,
the mechanism was effectively defeated because time was set to the
last time that dnsmasq considered current even though that time is in
the past.  Since that time is out of date, dns(sec) resolution would
fail thus defeating any ntp based mechanisms for setting the clock
correctly.

In theory the process is defeated by any files in /etc that are newer
than /etc/dnsmasq.time however dnsmasq now updates the file's timestamp
on process TERM so hopefully /etc/dnsmasq.time is the latest file
timestamp in /etc as part of LEDE shutdown/reboot.

Either way, including /etc/dnsmasq.time as a time source for
sysfixtime is not helpful.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-05-19 10:28:18 +02:00
Jo-Philipp Wich
21f460e0c1 Revert "base-files: sysfixtime exclude dnsmasq.time"
This reverts commit 382779e009.

Reverting this commit due to a missing Signed-off-by.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-05-19 10:28:11 +02:00
Kevin Darbyshire-Bryant
382779e009 base-files: sysfixtime exclude dnsmasq.time
dnsmasq maintains dnsmasq.time across reboots and uses it as a means of
determining if current time is good enough to validate dnssec time
stamps.  By including /etc/dnsmasq.time as a time source for sysfixtime,
the mechanism was effectively defeated because time was set to the
last time that dnsmasq considered current even though that time is in
the past.  Since that time is out of date, dns(sec) resolution would
fail thus defeating any ntp based mechanisms for setting the clock
correctly.

In theory the process is defeated by any files in /etc that are newer
than /etc/dnsmasq.time however dnsmasq now updates the file's timestamp
on process TERM so hopefully /etc/dnsmasq.time is the latest file
timestamp in /etc as part of LEDE shutdown/reboot.

Either way, including /etc/dnsmasq.time as a time source for
sysfixtime is not helpful.
2016-05-18 22:17:33 +02:00
Vittorio G (VittGam)
d742e1b513 base-files: Enhancements to /etc/profile
- Update the terminal window title with the current directory and hostname, if using an xterm-compatible terminal emulator.
- Add ll, an useful alias to ls.

Signed-off-by: Vittorio Gambaletta <openwrt@vittgam.net>
2016-05-14 16:53:10 +02:00
Vittorio Gambaletta (VittGam)
40f933d7ff base-files: Fix config_generate when there are no switch VLANs or ports configured in board.json.
The json_select call fails when there are no roles or ports objects in board.json. "json_select .." must not be executed after failing.

This fixes for example LEDs not being set up in /etc/config/system.

Signed-off-by: Vittorio Gambaletta <openwrt@vittgam.net>
2016-05-11 17:06:54 +02:00
Daniel Golle
9b9c78e071 base-files: evaluate uci-defaults on run-time installations
Packages may install scripts into /etc/uci-defaults to be executed once
after installation, usually at the first boot of the target. This works
fine if the package was installed to the rootfs during build or using
the ImageBuilder.
If the package is installed using opkg during run-time uci-defaults
were applied only after a reboot of the device. Avoid the need to
reboot by evaluting the package's uci-defaults in default-postinst.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2016-05-04 14:24:37 +01:00
Jo-Philipp Wich
a6f76bffd8 signing: remove unatteded build key and use current keyring instead
Remove the public unatteded buildkey from the opkg package to avoid
having hardcoded keys in tree. Use the external keyring package instead
which can be easily updated by users.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-04-30 20:39:23 +02:00
John Crispin
4a8e960c62 base-files: fix group/user settings after sysupgrade
Signed-off-by: John Crispin <john@phrozen.org>
2016-04-29 04:15:34 +02:00
John Crispin
ed07ef1601 base-files: split user/group addition code into a function
Signed-off-by: John Crispin <john@phrozen.org>
2016-04-29 04:15:34 +02:00
John Crispin
d72e538e89 base-files: add new public key used by unattended builds
Signed-off-by: John Crispin <john@phrozen.org>
2016-04-29 04:15:34 +02:00
John Crispin
528ffec3cd base-files: remove ununsed login.sh
Signed-off-by: John Crispin <john@phrozen.org>
2016-04-19 20:42:34 +02:00
John Crispin
b4e33a1c08 base-files: Allow to disable failsafe mode
Signed-off-by: Daniel Dickinson <openwrt@daniel.thecshore.com>
2016-04-19 10:07:35 +02:00
John Crispin
dc92917409 image / basefiles: make console password configurable
Signed-off-by: Daniel Dickinson <openwrt@daniel.thecshore.com>
Signed-off-by: John Crispin <john@phrozen.org>
2016-04-18 21:53:07 +02:00
John Crispin
5e85ae9e4c base-files: fix error message during boot
preinit spews out this message

"cat: can't open '/proc/device-tree/model': No such file or directory"

Signed-off-by: John Crispin <john@phrozen.org>
2016-04-11 11:58:57 +02:00
John Crispin
fa69553900 branding: add LEDE branding
Signed-off-by: John Crispin <blogic@openwrt.org>
2016-03-24 22:40:13 +01:00
Hauke Mehrtens
ea6d36111b base-files: allow to set arbitrary ip address and netmask
Signed-off-by: Roman Yeryomin <roman@advem.lv>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 49179
2016-04-17 12:49:54 +00:00
John Crispin
63c9caaa91 base-files: add function ucidef_set_interface_raw to enable default configuration on interfaces other than lan and wan.
Signed-off-by: Micke Prag <micke.prag@telldus.se>

SVN-Revision: 48976
2016-03-10 19:07:17 +00:00
Felix Fietkau
956794c2e9 base-files: change type of adsl and vdsl to dsl only
Instead of having two different types adsl and vdsl just create one dsl
type. This way we can use the same luci code for adsl and vdsl and the
config parameters are not so different.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 48944
2016-03-07 11:03:29 +00:00
Felix Fietkau
4ac99abeb3 lantiq: do not set default firmware file
We are now shipping a DSL firmware, do not set it by default to some
file name.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 48941
2016-03-07 11:03:18 +00:00
Jo-Philipp Wich
eced3b3a35 base-files: support passing mode to ucidef_set_led_netdev()
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 48806
2016-02-26 14:49:17 +00:00
Felix Fietkau
285d9e364e base-files: add support for speed mask to switch config init scripts
This patch adds extra parameter to switch LED trigger initialization
functions.  New functionality maintains backward compatibility, so
calling functions without setting new speed_mask parameter works
as expected.

Signed-off-by: Michal Cieslakiewicz <michal.cieslakiewicz@wp.pl>

SVN-Revision: 48776
2016-02-25 13:31:29 +00:00
John Crispin
c0c3f2d4c9 leds: support oneshot as well as timer triggers
oneshot and timer have the same configuration options, just a different
trigger name.

Signed-off-by: Karl Palsson <karlp@etactica.com>

SVN-Revision: 48770
2016-02-25 10:14:16 +00:00
Jo-Philipp Wich
117cef6d44 base-files: add netifd's default prelocal table to /etc/iproute2/rt_tables
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 48685
2016-02-09 12:34:05 +00:00
Jo-Philipp Wich
4aeeead303 x86: preserve partition table on sysupgrade
With this patch sysupgrade will write directly to the partitions
instead of to the main disk.  The UUID is copied from the image
to the MBR as well.  This prevents the mbr from being completely
overwritten and losing the partition table.  The -p option has
been added to maintain the original behavior and overwite the
entire disk with the new image.  Tests have been added to ensure
that the image partitions match up with the active partitions.

Signed-off-by: Rob Mosher <nyt-openwrt@countercultured.net>

SVN-Revision: 48682
2016-02-09 12:33:17 +00:00
Jo-Philipp Wich
cc289e0adb base-files: honor CONFIG_TARGET_INIT_PATH
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 48678
2016-02-08 14:28:50 +00:00
John Crispin
e2fd1adaf5 base-files: For sysfixtime use hwclock if RTC available
On systems that have an RTC prefer it to the file-based time fixup (i.e.
use hwclock when there is a permanent clock instead of the faked up time
logic that is needed when there is not RTC).

We can't rely on hctosys kernel feature either as we're usually using
RTC as kernel modules which are usually being loaded after hctosys was
run, leading in the following error:

  hctosys: unable to open rtc device (rtc0)

Signed-off-by: Daniel Dickinson <openwrt@daniel.thecshore.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>

SVN-Revision: 48661
2016-02-08 08:25:53 +00:00
Felix Fietkau
f70c8ba198 base-files: set mac address in default network config via device sections
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48646
2016-02-07 14:18:43 +00:00
Felix Fietkau
57776e68ce base-files: remove default /etc/config/network, generate it via board.d instead
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48493
2016-01-25 16:30:41 +00:00
Felix Fietkau
b7ab6c66cc base-files: fix sysupgrade 'wget' handling for uclient-fetch
change 48451 tried to add support for uclient-fetch by moving
/usr/bin/wget to /bin/wget, but this change kept the symbolic
link to /bin/busybox as install_bin creates links to param 1

the desired fix is to link to uclient-fetch to wget:
  install_bin /bin/uclient-fetch /bin/wget

Signed-off-by: John Clark <inindev@gmail.com>

SVN-Revision: 48483
2016-01-25 12:35:21 +00:00
Felix Fietkau
f57419d26e base-files: fix sysupgrade 'wget' handling
with r48379 and r48386 the path of wget changed.
respect that and adjust the dirname.

this fixes #21680

Signed-off-by: Bastian Bittorf <bittorf@bluebottle.com>

SVN-Revision: 48451
2016-01-22 09:41:58 +00:00
Jo-Philipp Wich
740a2ee163 base-files: Fix sysupgrade overlay saving
A previous change to sysupgrade moved the overlay files into upper/
The -c switch generates a list of files to backup, but the sed
calls did not take this into consideration.

Signed-off-by: Rob Mosher <nyt-openwrt@countercultured.net>

SVN-Revision: 48281
2016-01-17 18:24:30 +00:00
John Crispin
3f78186f76 base-files: allow timezone to be overriden by zonename (proper zoneinfo support)
Signed-off-by: Roman Yeryomin <roman@advem.lv>

SVN-Revision: 47980
2015-12-23 14:44:31 +00:00