Bump procd package to reduce log spam related to missing jail binaries
in a non-jail capable system.
bcb8655 instance: add 'requirejail' attribute
An additional jail attribute 'requirejail' can now be used to indicate
mandatory use of a jailed environment and hence prevent process startup
in the event that the jail subsystem is unavailable.
Procd will now only log errors if jail is unavailable and 1) is a mandatory
requirement or 2) a procd debug level of at least 2 is in use.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
58c12f7 jail: add basic support for network namespaces
ba69639 jail: create resolv.conf symlink for netns jails
81b88b1 jail: more strict mount options for /tmp/resolv.conf.d/
Add new 'netns' flag for procd_add_jail to make ujail setup a new
network namespace for the jailed service.
See previous netifd commit for example configuration for netns jailed
service.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
If zram-backed swap is added after an existing swap, it gets a lower
priority. Assiming that usually all other swaps are slower, there should
be a way to assign a higher priority to zram swap.
Signed-off-by: Maxim Storchak <m.storchak@gmail.com>
This activates PIE ASLR support by default when the regular option is
selected.
Size increase on x86/64:
procd Installed-Size: 44931 -> 47362
Signed-off-by: Petr Štetiar <ynezz@true.cz>
This activates PIE ASLR support by default when the regular option is
selected.
Size increase on x86/64:
ubus Installed-Size: 5602 -> 5950
ubusd Installed-Size: 11643 -> 12119
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Setting user and group for a jailed process caused the jail not to
come up. Fix this by passing user and group to ujail and change
user only once the jail has been setup.
This allows jailing services which refuse to run as root user.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
b30e0df kmodloader: print an error when no kernel module dir can be found
17689b6 logread: add option to filter for facilities
c9ffeac kmodloader: added -v arg to modeprobe
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Contains following changes:
a1523d76b016 fix blob parsing vulnerability by using blob_parse_untrusted
c60583743ccf ubus_monitor: workaround possibly false positive uses of memory after it is freed
dac6c7c575ac ubusd_monitor: fix possible null pointer dereference
060dfbb26da3 ubus_common: remove duplicate ARRAY_SIZE and add missing include
c5f2053dfcfd workaround possibly false positive uses of memory after it is freed
72be8e93f07d lua: ubus_lua_do_subscribe: fix copy&paste error
a995b1e68129 lua: workaround false positive dereference of null pointer
08f17c87a000 add fuzzer and cram based unit tests
c413be9b376c refactor ubusd.c into reusable ubusd_library
afd47189e864 examples: remove dead increments
b2e544238672 add initial GitLab CI support
058f4e9526ed libubus: fix incompatible pointer types assigment
d2e026a33df8 iron out all extra compiler warnings
5d7ca8309d0a ubusd/libubus-io: fix variable sized struct position warning
d61282db5640 ubusd: fix comparison of integers of different signs
90fb16234c22 cmake: enable extra compiler checks
and bumps ABI_VERSION to 20191219.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
14a279411cff fix certificate blob parsing vulnerability by using blob_parse_untrusted
19a7225ac018 fix leaking memory in cert_dump_blob
9dba44ddd4f5 fix possibly garbage value returned in cert_process_revoker
4462ff9dedfa add cram based unit tests
5fe64b5606aa cmake: split usign bits into static library
5d7626a2b6d8 cmake: reindent the file
e284ed941972 cmake: enable hardening compiler flags and fix the reported issues
7e5390666347 add initial GitLab CI support
fa0bf4ef45b1 cmake: add proper include and library dependencies
Signed-off-by: Petr Štetiar <ynezz@true.cz>
The rpcd service is an important service, but if the service stops
working for any reason, no one will ever respawn that service. With this
commit, the procd service will monitor if the rpcd service
is running. If the rpcd service has crashed, then
procd respawns the rpcd service.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
- both packages provide ca-certs
- make ca-bundle the default provider
This should allow easy transition between these two forms of CA certificates storage
Signed-off-by: Maxim Storchak <m.storchak@gmail.com>
e4bd927 cast ucert_argv to proper type when passing to execv
Fixes warnings:
warning: passing argument 2 of 'execv' from incompatible pointer type
[-Wincompatible-pointer-types]
254 | execv(usign_argv[0], usign_argv)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
8dd50da20de0 lua: fix error handling
a2cab3b088a2 ucimap: fix possible use of memory after it is freed
9cf978bc7964 delta: prevent possible null pointer use
7736f497d2d9 cli: remove unused variable assigment
39093f3b040d lua: fix memory leak in set method
19ceff323f1e lua: fix memory leak in changes method
18049a84fe40 tests: add cram based unit tests
2b549cc050de lua: fix copy&paste in error string
f5dd5217d627 cli: fix realloc issue spotted by cppcheck
af59f86a0db9 iron out all extra compiler warnings
1637d2918692 tests: shunit2: run all tests under Valgrind by default
c1af73bfb023 cmake: enable extra compiler checks
be69504e3666 cmake: build Lua module only if enabled
38a2f12ec5ab tests: shunit2: fix issues reported by shellcheck
266fc9e94c1e add initial GitLab CI support
17d6144a49c6 tests: shunit2: make it working under CMake
a6e8bbefd860 cmake: add unit testing option and shunit2 tests
0ca93fec701a test: move shunit2 tests under standalone subdirectory
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Includes following changes:
9d9d4c284786 fix possible garbage in unitialized char* struct members
dbc1b1b71b24 fix possible copy of null buffer and validation of unitialized header
76d53deef8bb crc32: add missing stdint.h dependency
e5666ed3b47c add cram based unit tests
abe0cf7de053 add initial GitLab CI support
e43042507b4f iron out extra compiler warnings
5df0cd6e1523 convert into CMake project
a7dc0526f819 refactor into separate Git project
adds missing PKG_LICENSE field and converts the package build to utilize
CMake.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Now that 'start-console' procd command has reached the main repo,
we can add a rule to start consoles on serial devices which are
created when USB gadget driver reports creation with hotplugging.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
This decreases the size of the usign application by 16% on MIPS BE.
old:
24,597 /usr/bin/usign
new:
20,501 /usr/bin/usign
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This decreases the size of the mtd application by 25% on MIPS BE.
old:
20,597 /sbin/mtd
new:
16,421 /sbin/mtd
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* 40f939d57c67 Tag version 1.0.1
* 9e758e6e6aec jitterentropy-rngd: update to version v1.1.0 + clang compile fix
* 193586a25adc Fix wrong types in format strings used in debug build
* d474977bb611 Add initial GitLab CI support
Signed-off-by: Petr Štetiar <ynezz@true.cz>
service_running() implementation in /etc/rc.common use it.
It is preferable to use wildcard than assuming the instance
name is the default one.
jsonfilter returns all matches when wildcards are used, hence
the -l 1 argument used to limit output to only one value.
Signed-off-by: Alin Nastac <alin.nastac@gmail.com>
The fwutil command will interpret the final 16 byte of a given firmware
image files as "struct fwimage_trailer".
In case these bytes do look like a valid trailer, we must ensure that we
print them out along with the remainder of the image to not accidentally
truncate non-trailer-images by 16 bytes when they're piped through fwtool,
e.g. as part of an image verification command sequence.
Some command sequences pipe images through fwtool in order to strip any
possible metadata, certificate or signature trailers and do not expect
bare images without any of that metadata to get truncated as other non-
fwtool specific metadata is expected at the end of the file, e.g. an
information block with an md5sum in case of the combined image format.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
4327ed4 mkdev: Avoid out of bounds read
9b3eb63 libblkid-tiny: use blkid_probe_set_utf8label for label set
c9d0462 libblkid-tiny: adds blkid_probe_set_utf8label support
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Since service and instance names may contain characters which are not allowed
in JSON path labels, such as dashes or spaces, change the filter expression
to array square bracket notation to properly match these cases as well.
Fixes: 2c3dd70741 ("procd: add procd_running() helper for checking running state")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
commit eb204d14f75c ("base-files: implement generic service_running")
introduced generic service_running so it's not needed to copy&paste same
3 lines over and over again.
I've removed service_running from netifd/network init script as well,
because it was not working properly, looked quite strange and I didn't
understand the intention:
$ /etc/init.d/network stop
$ service network running && echo "yes" || echo "nope"
( have to wait for 30s )
Command failed: Request timed out
yes
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Adds a default status action for init.d scripts.
procd "service status" will return:
0) for loaded services (even if disabled by conf or dead)
3) for inactive services
4) when filtering a non-existing instance
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
[rebased, cleaned up]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
b8238df sysupgrade: support "backup" attribute
This update requires "sysupgrade" method callers to pass "backup"
attribute if $UPGRADE_BACKUP is used in the project.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
0f3c136 sysupgrade: set UPGRADE_BACKUP env variable
0bcbbbf system: fix uninitialized variables in firmware validation code
This update includes a fix for uninitialized variable usage.
Fixes: 7290963d09 ("procd: update to the latest git HEAD")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
6a61b9a probe: fallback to libblkid.so.1 when libblkid.so does not exist
Also remove deprecation notices from init script while we're at it.
Fixes: FS#2274
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Update fstools to commit 1539b535ac327a3bc599d1ca871e14fd0dc3bba1
git log --pretty=oneline --abbrev-commit ff1ded63..1539b535
1539b53 libblkid-tiny: increment label size to 256
d563f3c libblkid-tiny: fix wrong btrfs label length
3957dd3 block: prevent mount point confusion
9b36dc2 libfstools: avoid false positives when matching devices and volumes
Created with the help of the make-package-update-commit.sh script.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Introduce a new option CONFIG_SIGNATURE_CHECK which defaults to the value
of CONFIG_SIGNED_PACKAGES and thus is enabled by default.
This option is needed to support building target opkg with enabled
signature verification while having the signed package lists disabled.
Our buildbots currently disable package signing globally in the
buildroot and SDK to avoid the need to ship private signing keys to
the build workers and to prevent the triggering of random key generation
on the worker nodes since package signing happens off-line on the master
nodes.
As unintended side-effect, updated opkg packages will get built with
disabled signature verification, hence the need for a new override option.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
This update fixes usign signature verification on files with certain
file sizes triggering a bug in the shipped SHA-512 implementation.
5a52b37 sha512: fix bad hardcoded constant in sha512_final()
3e6648b README: replace unicode character
716c3f2 README: add reference to OpenBSD signify
86d3668 README: provide reference for ed25519 algorithm
939ec35 usign: main.c: describe necessary arguments for -G
Ref: https://forum.openwrt.org/t/signature-check-failed/41945
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
This changes the default PKG_BUILD_DIR to take BUILD_VARIANT into
account (if set), so that packages do not need to manually override
PKG_BUILD_DIR just to handle variants.
This also updates most base packages with variants to use the updated
default PKG_BUILD_DIR.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
While compile checking mtd changes in PR#1359 I've noticed following
compiler warnings and cleaned them up:
fis.c: In function 'fis_remap':
fis.c:143:25: warning: variable 'redboot' set but not used [-Wunused-but-set-variable]
struct fis_image_desc *redboot = NULL;
^~~~~~~
fis.c:142:25: warning: variable 'fisdir' set but not used [-Wunused-but-set-variable]
struct fis_image_desc *fisdir = NULL;
^~~~~~
Signed-off-by: Petr Štetiar <ynezz@true.cz>
The code for calculating the CRC32 signatures for RedBoot FIS partitions
was already included, but for unknown reasons, it was never invoked. Some
bootloaders enforce checking these for loaded kernels, so they should be
written. This patch does so.
Tested-by: Brian Gonyer <bgonyer@gmail.com>
Signed-off-by: Daniel Gimpelevich <daniel@gimpelevich.san-francisco.ca.us>
The OpenWrt buildroot ABI version rebuild tracker does not handle
transient dependencies, therefore add all libraries linked by
block-mount and blockd as direct dependencies to the corresponding
binary package definition.
This ensures that block-mount and blockd is automatically rebuilt and
relinked if any of these libraries has its ABI_VERSION updated in the
future.
Fixes: FS#2373
[jow: similar fix for procd and 98.42% of commit message]
Signed-off-by: Jo-Philip Wich <jow@mein.io>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
This patch adds two new commands:
zram status - shows memory stats for all zram swaps
zram compaction - trigger compaction for all zram swaps
Signed-off-by: Emil Muratov <gpm@hotplug.ru>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Executing '/etc/init.d/zram start' during runtime (with a swap being already
mounted) triggers zram device compaction and prints out nice stats info about
zram memory usage
Signed-off-by: Emil Muratov <gpm@hotplug.ru>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> [use IEC's MiB unit]
- fix dependency on BUSYBOX_CONFIG_SWAPONOFF (removed in 84da2a6)
- add busybox defaults checking (fix zram-swap always installs swap-utils
and libblkid as dependency, even if busybox includes mkswap by default)
Signed-off-by: Emil Muratov <gpm@hotplug.ru>
The OpenWrt buildroot ABI version rebuild tracker does not handle
transient dependencies, therefor add all libraries linked by rpcd
as direct dependencies to the corresponding binary package definition.
This ensures that rpcd is automatically rebuilt and relinked if any
of these libraries has its ABI_VERSION updated in the future.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Restarting service causes file-systems to be unmounted without being
mounted back. When this service was obsoleted it should have been
implemented in a way that all actions are ignored. Up to this commit
default handler was called when restart was requested. This default
handler just simply calls stop and start. That means that stop called
unmount but start just printed that this service is obsoleted.
This instead implements restart that just prints same message like start
does. It just calls start in reality. This makes restart unavailable for
call.
Signed-off-by: Karel Kočí <karel.koci@nic.cz>
After commit e82a4d9cfb ("config: regenerate *_shipped sources") the mconf
parser became more strict as a side effect and started to spew a series of
warnings when evaluating our generated kconfig sources:
tmp/.config-package.in:705:warning: ignoring unsupported character '@'
The root cause of these warnings is a wrong use of the @SYMBOL dependency
syntax in various Makefile. Fix the corresponding Makefiles by turning
`@SYM||@SYM2` expressions into the proper `@(SYM||SYM2)` form.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
The OpenWrt buildroot ABI version rebuild tracker does not handle
transient dependencies, therefor add all libraries linked by procd
as direct dependencies to the corresponding binary package definition.
This ensures that procd is automatically rebuilt and relinked
if any of these libraries has its ABI_VERSION updated in the
future.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Also the other type is worng and causes compile problems on ARM64
platforms.
Fixes: 9b53201d9c ("urngd: Fix wrong type in format string")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
GCC 9.1 complains about this wrong type used in the format string, fix
this to make the compiler happy.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Opkg starting from this version special-cases busybox as alternatives
provider. There should be no need to add entries to ALTERNATIVES of
busybox package
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
μrngd is OpenWrt's micro non-physical true random number generator based
on timing jitter.
Using the Jitter RNG core, the rngd provides an entropy source that
feeds into the Linux /dev/random device if its entropy runs low. It
updates the /dev/random entropy estimator such that the newly provided
entropy unblocks /dev/random.
The seeding of /dev/random also ensures that /dev/urandom benefits from
entropy. Especially during boot time, when the entropy of Linux is low,
the Jitter RNGd provides a source of sufficient entropy.
Tested-by: Lucian Cristian <lucian.cristian@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
89bfaa424606 Fix possible linker errors by using CMake find_library macro
569284a119f9 session: handle NULL return values of crypt()
Signed-off-by: Petr Štetiar <ynezz@true.cz>
ade00ca585a4 container: fix .dockerenv stat check
385b904b2f0a hotplug: improve error message during group ownership change
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Using the same method as the D-Link DAP-2695 A1 we use
the "mtd" tool to augment the firmware checkum in flash
on first boot of a new firmware on the D-Link DIR-685.
We need to augment the Makefile for "mtd" to build in
the special WRGG fixup support for Gemini as well.
This works around the problem of the machine not booting
after factory install unless the sysupgrade is applied
immediately.
Based on commit e3875350f3
"ar71xx: add support for D-Link DAP-2695 rev. A1"
Cc: Stijn Tintel <stijn@linux-ipv6.be>
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
The D-Link DIR-685 has the same problem as the
D-Link DAP-2695: when flashing the factory image, the
checksum includes the whole flashed image, even the
rootfs_data part with the end of filesystem mark.
Also the whole flashed image is stored in the flash,
so on the first boot, the whole rootfs image is loaded
into memory with the kernel.
This is fixed using the fixwrgg command to mtd, but
for this to work we need to make fixwrgg work with
the Little-Endian ARM DIR-685.
The code tries to be endian agnostic but this fails
because the WRGG image loader doesn't. On ARM, the
file size is stored in little endian format, and on
big-endian systems it is stored in big endian format,
so we can just drop all the friendly htonl() that
will make the shdr->size big endian: this will
actually break the little endian systems, and on
the big endian systems the native endianness will
still be correct.
The magic number is always stored in little endian
format however, so make sure this is always read
in LE32 format. I chose to create a straight-forward
le32_to_cpu() static inline that IMO is simple and
easy to read.
Cc: Stijn Tintel <stijn@linux-ipv6.be>
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
Consistently handle boot-count reset and upgrade across
ipq40xx, ipq806x, kirkwood, mvebu
Dual-firmware devices often utilize a specific MTD partition
to record the number of times the boot loader has initiated boot.
Most of these devices are NAND, typically with a 2k erase size.
When this code was ported to the ipq40xx platform, the device in hand
used NOR for this partition, with a 16-byte "record" size. As the
implementation of `mtd resetbc` is by-platform, the hard-coded nature
of this change prevented proper operation of a NAND-based device.
* Unified the "NOR" variant with the rest of the Linksys variants
* Added logging to indicate success and failure
* Provided a meaningful return value for scripting
* "Protected" the use of `mtd resetbc` in start-up scripts so that
failure does not end the boot sequence
* Moved Linksys-specific actions into common `/etc/init.d/bootcount`
For upgrade, these devices need to determine which partition to flash,
as well as set certain U-Boot envirnment variables to change the next
boot to the newly flashed version.
* Moved upgrade-related environment changes out of bootcount
* Combined multiple flashes of environment into single one
* Current-partition detection now handles absence of `boot_part`
Runtime-tested: Linksys EA8300
Signed-off-by: Jeff Kletsky <git-commits@allycomm.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
[checkpatch.pl fixes, traded split strings for 80+ chars per line]
This commit makes three changes to the uci shell library:
* A check for UCI_CONFIG_DIR has been added to the command line when
adding anonymous sections. Without this change, adding anonymous
sections to configs not stored in /etc/config is not possible.
* Support for adding/removing items from lists were missing, so I have
added the functions uci_add_list() and uci_remove_list() to simplify
working with uci lists from scripts.
Signed-off-by: Kristian Evensen <kristian.evensen@gmail.com>
[added missing package version bump]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
This should be helpful for implementing service_running() in procd init
scripts.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Acked-by: John Crispin <john@phrozen.org>
Sometimes is desirable to run a process with a specific group id
instead of the default one which is derived from passwd entry.
This can be achived now by using procd_set_param group $mygroup.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_SOURCE_VERSION update]
Optional syslog facility can be set by adding procd_set_param facility
$myfacility.
While at, also add stdout/stderr documentation.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_SOURCE_VERSION update]
Commit 6e060bd62c introduced a dependency to the dialout group.
Adding this group to the "group" file in the base-files package is not
enough to handle this dependency, because after a sysupgrade this entry
will be missing in the "group" file.
To address this problem the dependencies to the required groups needs to
be set in the Makefile of the procd package.
Then, the uci-default script "13_fix_group_user" will add the groups
on first boot-up after a sysupgrade.
Fixes: 6e060bd62c ("base-files/hotplug: fix dedicated group for tty devices")
Tested-by: Michael Heimpold <mhei@heimpold.de>
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
Commit 124ab1dc0a and 5523ee3459 introduced the assignment of the
group "tty" to /dev/tty* devices in order to support unprivileged
user access to serial devices.
However, due to an improperly rebased commit this feature broke.
This patch restores the lost hunk in hotplug.json file to
re-introduce this feature and also renames the existing "tty" group
to "dialout" as this is the more typical name for such a group
on desktop systems.
Fixes: 5209cfa534 ("procd: fix hotplug.json syntax")
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Acked-by: Jo-Philipp Wich <jo@mein.io>
ff1ded6 libfstools: Fix overflow of F2FS_MINSIZE constant
bc2c876 libfstools: Print error in case of loop blkdev failure
Signed-off-by: Petr Štetiar <ynezz@true.cz>
- Tested on Turris MOX, OpenWrt master
- Removed PKG_BUILD_DIR
In build_dir there were two folders
ca-certificates and ca-certificates-20190110 and it failed as files
were in ca-certificates-20190110
Signed-off-by: Josef Schlehofer <josef.schlehofer@nic.cz>
This allows extracing the firmware + metadata from a signed firmware without
altering the original image file
Signed-off-by: Felix Fietkau <nbd@nbd.name>
d4ba162 libopkg: only perform size check when information is available
Fixes: e079591b84 ("opkg: update to latest Git head")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
This adds an option to set the recovery flag of newer TP-Link MediaTek
boards and remove it after a successful write.
To make use of this feature, add the '-t' option to mtd-write.
The '-t' option takes the mtd partition containing the recovery flag
(usually 'romfile') as an argument. Make sure this partition is not
flagged as read-only!
Example:
> mtd -t romfile write owrt.bin firmware
This command writes the recovery-flag before it begins writing the image
to the firmware partition. After the image-write has been successful,
the recovery flag is removed.
This way, the TP-Link web-recovery is automatically enabled on an
unsucessful flash (e.g. power loss).
This option is only available if the mtd package is compiled for the
ramips target.
Signed-off-by: David Bauer <mail@david-bauer.net>
This commit adds the object 'linksys_bootcount_fix.o' to the ipq40xx
target.
This is needed for the Linksys EA6350v3 device. Without this patch, the
device will switch-back between the current and the last flashed firmware
every 3 (three) reboots. With this patch, the device works as expected.
Signed-off-by: Ryan Pannell <ryan@osukl.com>
Signed-off-by: Oever González <notengobattery@gmail.com>
This adds a wrapper (uci_load_validate) for uci_validate_section() that
allows callers (through a callback function) to access the values set by
uci_validate_section(), without having to manually declare a
(potentially long) list of local variables.
The callback function receives two arguments when called, the config
section name and the return value of uci_validate_section().
If no callback function is given, then the wrapper exits with the value
returned by uci_validate_section().
This also updates several init scripts to use the new wrapper function.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Linux kernel has a polling mechanism that can be activated by changing
the parameter /sys/module/block/parameters/events_dfl_poll_msecs which
is deactivated by default or the /sys/block/[device]/events_poll_msecs
for one device.
This patch set the events_poll_msecs when a disk is inserted.
Once the media disk change event is sent by the kernel then we force a
re-read of the devices using /sbin/block info.
With this patch, insertion and ejection of sd card will automatically
generate partition devices in /dev.
Signed-off-by: Matthias Badaire <mbadaire@gmail.com>
[rewrap commit message, fix bashisms, fix non-matching condition,
bump pkg release]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
In the case of upstream libraries, set the ABI_VERSION variable to the
soname value of the first version version after the last backwards
incompatible change.
For custom OpenWrt libraries, set the ABI_VERSION to the date of the
last Git commit doing backwards incompatible changes to the source,
such as changing function singatures or dropping exported symbols.
The soname values have been determined by either checking
https://abi-laboratory.pro/index.php?view=tracker or - in the case
of OpenWrt libraries - by carefully reviewing the changes made to
header files thorough the corresponding Git history.
In the future, the ABI_VERSION values must be bumped whenever the
library is updated to an incpompatible version but not with every
package update, in order to reduce the dependency churn in the
binary package repository.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
This update fixes some cosmetical issues and a number of segmentation
faults when parsing lists having Conflicts or Replaces tags.
d217daf libopkg: fix replacelist parsing and writing
9dd9a07 libopkg: fix segmentation fault when traversing conflicts
34571ba libopkg: consider provided packages in pkg_vec_mark_if_matches()
18740e6 opkg_download: print error when fork() fails
e3d7330 libopkg: don't print unresolved dependencies twice
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
This is a big block(d) cleanup with new feature of generating "mount"
hotplug.d events.
It's an important update for those who were using mountd in the
pre-18.06 releases. Due to the mountd being replaced with blockd a
support for "mountd" hotplug.d events has been lost. It broke all kind
of shell scripts that were e.g. managing services depending on an
external USB drive availability.
This basically (re-)adds support for calling /etc/hotplug.d/mount/
scripts with ACTION ("add" or "remove") and DEVICE set.
af93f4b block(d): improve hotplug.d "mount" events for the autofs
3bb3352 blockd: unmount device explicitly when it disappears
28753b3 block: remove target directory after unmounting
c8c7ca5 block: cleanup handling "start" action of the "autofs" command
f1bb762 block: make blockd_notify() return an int instead of void
71c2bde block: generate hotplug.d mount events
30f5096 block: validate amount of arguments for the "autofs" command
dc6a462 blockd: don't reparse blob msg in the vlist callbacks
f6a9686 blockd: don't unmount device when removing it from the list
1913fea block: don't duplicate unmounting code in the mount_action()
6b445fa block: make umount_device() function more generic
a778468 block: don't duplicate mounting code in the mount_device()
5dc631d block: simplify code picking mount target directory
2971779 block: move blockd_notify() call out of the conditional blocks
b86bd6e block: fix formatting & indent in the mount_device()
e12c0d6 fstools: use EXIT_FAILURE when indicating error on exit
091aa3d fstools: guard usage of WEXITSTATUS
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
check_signature is a bool option and doesn't take any arguments. The
presence of the 1 falsely suggests setting it to 0 disables the check,
while the option actually needs to be removed or commented out to be
disabled. So remove the argument to make it more clear.
Fixes: beca028bd6 ("build: add integration for managing opkg package feed keys")
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
3aa81d0 file: access exec timeout via daemon ops structure
7235f34 plugin: store pointer to exec timeout value in the ops structure
ccd7c0a treewide: rename exec_timeout to rpc_exec_timeout
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2cc4b99 file: use global exec timeout instead of own hardcoded limit
ecd1660 exec: increase maximum execution time to 120s
Also expose the socket and timeout options in /etc/config/rpcd for
easier use.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
221ce7e ubusd_acl: event send access list support
da503db ubusd_acl: event listen access list support
c035bab ubusd_acl: rework wildcard support
73bd847 ubusd_event: move strmatch_len to ubus_common.h
0327a91 ubus/lua: add support for BLOBMSG_TYPE_DOUBLE
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Config option to limit maximum compression streams per zram dev for
multicore CPU's. This could be defined via 'zram_comp_streams' option in
the 'system' section of '/etc/config/system' file or via cli (for e.x.
with 'uci set system.@System[0].zram_comp_streams=2 && uci commit
system'). Default is number of logical CPU cores.
Signed-off-by: Emil Muratov <gpm@hotplug.ru>
Use only one zram swap device of the specified $size instead of
[N x $size] devices for multicore CPUs Now zram module uses multiple
compression streams for each dev by default, so we do not need to create
several zram devs to utilize multicore CPUs.
Signed-off-by: Emil Muratov <gpm@hotplug.ru>
* "zram stop" could reset up to $(num_of_cores) zram devices even if
some of those were not mounted as swap dev's. This fix tries to
enumerate mounted swap zram dev's before making a reset
* remove hot-added zram devs on stop (except zram0)
Signed-off-by: Emil Muratov <gpm@hotplug.ru>
Compression algorithms for zram are provided by kernel crypto API, could
be any of [lzo|zl4|deflate|<some_more>] depending on kernel modules.
Compress algo for zram-swap could be defined via 'zram_comp_algo' option
in 'system' section of '/etc/config/system' file, or via cli (for e.x.
with 'uci set system.@System[0].zram_comp_algo=lz4 && uci commit
system'). check available algo's via 'cat /sys/block/zram0
/comp_algorithm'
Signed-off-by: Emil Muratov <gpm@hotplug.ru>
usign occasionally writes 16 characters then exits without writing a LF,
leaving ucert hanging waiting for more input. Accept 16 characters
or more rather than 17 to work around the short read.
Signed-off-by: Mike McCormack <mike@atratus.org>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Update to latest HEAD in order to fix a stack memory corruption issue:
1056e73 Change the sigb buffer to be the same size as the fread
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
ad816fc set rpath to make bundle-libraries.sh happy
63ad591 blob_buf needs to be zero'd
Now that libubox, libjson-c and libblobms_json are installed into
STAGING_DIR_HOST we can properly bundle ucert in the ImageBuilder.
Follow-up commits will make use of it to include a signature-chain in
sysupgrade images using fwtool.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
e29966f Allow disabling seccomp or changing the whitelist
5f57223 trace: Use properly sized type for PTRACE_GETEVENTMSG
747efb6 procd: fix ustream deadlock when there are 0 bytes or no newlines
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
First of all lengths should be compared after checking all blocks for
being good/bad. It's because requested length may differ from a final
one if there were some bad blocks.
Secondly it makes sense to also compare crc32 since we already have a
new one calculated.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Reading MTD data with (p)read doesn't return any error when accessing
bad block. As the result, with current code, CRC32 covers "data" stored
in bad blocks.
That behavior doesn't match CFE's one (bootloader simply skips bad
blocks) and may result in:
1) Invalid CRC32
2) CFE refusing to boot firmware with a following error:
Boot program checksum is invalid
Fix that problem by checking every block before reading its content.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
OpenSSL defaults X509_CERT_FILE to /etc/ssl/cert.pem. This change is
needed for wget-ssl and possibly others to work seamlessly with fresh
ca-bundle installation
Fixesopenwrt/packages#6152
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
ucert is a wrapper around usign to allow delegation and revocation of
public keys for future use in sysupgrade.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
If log_file is specified, make sure its directory exists.
Signed-off-by: Karl Palsson <karlp@etactica.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
The mtd tool is built with different configurations depending on the
target. For example, brcm47xx adds the fixtrx subcommand, without which
an image fails when booting the second time.
Mark the mtd package as nonshared to really fix FS#484.
Signed-off-by: Mirko Parthey <mirko.parthey@web.de>
dd02dad fstools: allow the mounting with full access time accounting
242248c fstools: allow to compress the filesystem
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Mounting using the zlib compression and mounting with
full access accounting are now available in the
menuconfig.
Signed-off-by: Pierre Lebleu <pme.lebleu@gmail.com>
8206219 uci: fix memory leak in rpc_uci_replace_savedir()
10f7878 exec: close stdout and stderr streams on child signal
92d0d75 uci: use correct sort index when reordering sections
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
When a partition offset is given, it is used in an lseek call, which
affects write, but not erase. Add it to the offset for erase calls as
well
Signed-off-by: Felix Fietkau <nbd@nbd.name>
e243683 libfstools: move mount points when switching to JFFS2
3782b59 libfstools: add "const" to char pointer arguments in mount_move()
79721f0 libfstools: fix foreachdir() to pass dir with a trailing slash
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Changes since last version
dfb68f8 service: initialize supplementary group ids
3db4e6d service: add func for string config change check
c3faabe procd: get rid of putenv usage.
The supplementary group id change fixes FS#988
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
5d2bf09 uci: fix a potential use-after-free in uci_set()
3b3d63e list: only record ordering deltas if element position changed
4c4d343 cmake: Fix cli shared linking against ubox
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
128bc35 logread: fix reconnect logd logic
66347ec logread: move the code setting up the request blob out of the main loop
975a258 logread: move output connection setup code out of main loop
b81bea7 logread: cleanup pid file handling
d73e7d2 ubox: Replace strerror(errno) with %m format.
Signed-off-by: John Crispin <john@phrozen.org>
D-Link DAP-1522 is a wireless bridge/access point with 4 LAN
ports and a dual-band wireless chipset.
Specifications:
- Ralink RT2880
- 32 MB of RAM
- 4 MB of Flash
- 4x 10/100/1000 Mbps Ethernet (RTL8366SR)
- 802.11abgn (RT2850)
Flash Instructions:
1. Download lede-ramips-rt288x-dap-1522-a1-squashfs-factory.bin
2. Open the web interface and upload the image
Signed-off-by: George Hopkins <george-hopkins@null.net>
Add tool to "compile" Intel microcode files. The tool will be
compiled for host (to split the microcode.dat) and for target
(to forcibly reload the microcode if required).
Instead of using the large microcode.bin/microcode-64.bin, the
splitted ucode files (separate for CPU families) will be
installed.
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
This fixes the following errors when doing "make package/install"
/home/yousong/git-repo/lede-project/lede/build_dir/target-mips_24kc_musl/root-malta/lib/functions/procd.sh: line 47: /home/yousong/git-repo/l
ede-project/lede/build_dir/target-mips_24kc_musl/root-malta/var/lock/procd_urandom_seed.lock: No such file or directory
flock: 1000: Bad file descriptor
Fixes FS#1260
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
5bae22e ubus/lua: pass notification name to callback
212ceb1 valgrind complained about these
d57907c fix invalid close() call
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
18090d9 overlay: fix compilation with glibc
2a9a6ea libfstools: optimize building directory string for glob
de6b026 libfstools: support file paths longer than 255 chars
Signed-off-by: John Crispin <john@phrozen.org>
2a9a6ea libfstools: optimize building directory string for glob
de6b026 libfstools: support file paths longer than 255 chars
Signed-off-by: John Crispin <john@phrozen.org>
When using the uci.sh wrapper, allow parameters to match those supported
by the uci binary i.e. "uci rename <config>.<section>[.<option>]=<name>".
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
Usage documentation for 'procd_send_signal' states "The signal is SIGHUP
by default, and must be specified by NAME." Make actual behaviour match
the stated documented behaviour.
https://wiki.openwrt.org/inbox/procd-init-scripts
Suggested-by: Jo-Philip Wich <jow@mein.io>
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
a5954cf procd: Add %m to several functions that return errno.
810d7a5 procd: Remove redundant errno variable in several printf functions.
fa5ce1c procd: Replace strerror(errno) with %m.
Signed-off-by: John Crispin <john@phrozen.org>
11efbf3 overlay: fix race condition when switching to jffs2
bdeb95a libblkid-tiny: add support for NTFS superblock
ef2cc03 fstools: Replace strerror(errno) with %m format.
98fd5b4 libblkid-tiny: add support for UBI superblock
Signed-off-by: John Crispin <john@phrozen.org>
Use flock to protect init script from concurrent execution
(of the same script).
Important for services which generate native config files.
Signed-off-by: Roman Yeryomin <roman@advem.lv>
Signed-off-by: Andrejs Hanins <ahanins@gmail.com>
5beb95d lua: additionally return name when looking up sections
ff33bb2 lua: support extended section notation
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Including version.mk sets PKG_CONFIG_DEPENDS to config entries used for
VERSION_SED command. We should keep these configs to make sure package
gets refreshed when needed.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
All the relevant options used for distfeeds.conf are part of base-files,
so it makes more sense to move the file there as well.
This has the added benefit that the we can share the opkg package again,
reducing the amount of target specific packages.
Acked-by: Jo-Philipp Wich <jo@mein.io>
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
9c13096 ubus: Remove unnecessary memset calls.
6d1ea6c libubus: Fix deletion from context's object AVL tree when removing object
e02813b ubusd: don't free messages in ubus_send_msg() anymore
be146ad ubusd: rename goto label from `error` to `out`
27d712d ubusd_monitor: alloc & free the buffer outside of the loop
5f87f54 ubusd: move global retmsg per client
Signed-off-by: Felix Fietkau <nbd@nbd.name>
7a49632 logd: use uloop instead of ustream_fd for syslog
69d6542 logd: only create pipe in stream mode
df30c8c logread: terminate after EOF
bdcacad logd: implement oneshot mode for stream log read
4a10d4e logread: use oneshot mode without -f, wait for logd to close
ea3d7fa logd: enforce line length limit for ubus based log messages as well
960a29d logread: remove leftover debug code
a081904 logread: fix line buffer size
2c0d9cf logd: move stripping of newlines to log_add()
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Without this change, when a user disables seccomp support in .config,
procd does not get recompiled unless the package is cleaned manually.
It is because when -D option is missing from cmake command line, cmake
uses cached value from the previous run where seccomp was enabled.
Signed-off-by: Michal Sojka <sojkam1@fel.cvut.cz>
ee582d1 instance: properly compare and reload respawn config
260a4cd utrace: Start the tracee only after uloop initialization
520ad3c utrace: Switch all logging to ulog
1c48104 utrace: Support non-contiguous syscall numbers
582cf97 utrace: Forward SIGTERM to the traced process
32534f7 utrace: Report ptrace errors
ccde3fb seccomp: Improve error message
7f9b174 preload-seccomp: Use proper log level for error messages
e3c4302 Start seccomp-enabled services via seccomp-trace
5e4ad02 seccomp: Log seccomp violations with utrace
2661b2f utrace: Use PTHREAD_SEIZE instead of PTHREAD_TRACEME
b5d53c6 utrace: Deliver signals to traced processes
b416ed9 utrace: Support tracing multi-threaded processes and vfork
8b7d47a utrace: Trace processes across forks
c6b6ec6 utrace: Sort syscalls by number of invocations
592c532 Update trace attribute
c8faedc Do not disable seccomp when configuration is not found
017f3a1 utrace: Fix off-by-one errors
5acaf15 utrace: Fix environment initialization
Signed-off-by: John Crispin <john@phrozen.org>
b1bc8d5 kmodloader: log error message in case of out of memory
f346111 kmodloader: lift restriction on module alias info
f1ef2c3 kmodloader: fix possible segfaults
9cb63df kmodloader: fix endianess check
2cff779 kmodloader: Check module endian before loading
d54f38a kmodloader/get_module_info: initialized aliases to make it more clean
a0b6fef kmodloader: insmod: fix a memoryleak in error case
278c4c4 kmodloader/get_module_name: null-terminate the string
16f7e16 syslog: remove unnecessary sizeof struct between messages
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Properly quote the arguments so that you can register a service with TXT
entries that contains spaces.
Example:
procd_add_mdns myservice tcp 9999 "key=descriptive text field 1" \
"another=something equally verbose"
Output before:
$ avahi-browse -r -v _myservice._tcp
_myservice._tcp local
hostname = [blah.local]
address = [192.168.255.74]
port = [9999]
txt = ["verbose" "equally" "another=something" "1" "field" "text" "key=descriptive"]
Output now:
$ avahi-browse -r -v _myservice._tcp
_myservice._tcp local
hostname = [blah.local]
address = [192.168.255.74]
port = [9999]
txt = ["another=something equally verbose" "key=descriptive text field 1"]
Signed-off-by: Karl Palsson <karlp@etactica.com>
Commits since last 2017-07-11:
4bd8601 pkg_parse: fix segfault when parsing descriptions with leading newlines
Fixes FS#933.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Expose "term_timeout" parameter in procd.sh to allow init scripts to
request a longer termination timeout.
This is required to fix FS#859 in a later commit.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Adjust default permissions and ownership of /dev/tty* nodes from
0600/root:root to 0660/root:tty in order to support granting
unprivileged user access when needed.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
453116e system: introduce new attribute board_name
e5b963a preinit: define _GNU_SOURCE
e5ff8ca upgraded: cmake: Find and include uloop.h
f367ec6 hotplug: fix a memory leak in handle_button_complete()
796ba3b service/service_stopped(): fix a use-after-free
79bbe6d system: return legacy board name
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
We can reuse the kill_remaining and run_ramfs facilities of the stage2 run
by upgraded.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
We always want to support staged upgrades now, so it's better to include
upgraded into the main package. /lib/upgrade/nand.sh is moved to
base-files.
The procd-nand-firstboot package is removed for now, it may return later
as a separate package.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
992b796 rcS: add missing fcntl.h include
63789e5 init: add support for sysupgrades triggered from preinit
5b1fb35 Remove code that has become unnecessary after sysupgrade changes
5918b6d upgraded: add support for passing a "command" argument to stage2
056d8dd upgraded: link dynamically, chroot during exec
7c6cf55 system: always support staged sysupgrade
d42b21e procd/rcS: Use /dev/null as stdin
e0098d4 service/instance: add an auto start option
1247db1 procd: Log initscript output prefixed with script name
8d720b2 procd: Don't use syslog before its initialization
2555474 procd: Add missing \n in debug message
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
Use install_bin to copy upgraded with all dependencies. The old name
/tmp/upgraded is temporarily retained as a symlink to avoid breaking
things.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
88d48d5 libfstools: silence mkfs.{ext4,f2fs}
a19f2b3 build: disable the format-truncation warning error to fix gcc 7 build errors
633a8d0 libfstools: fix multiple volume_identify usages with the same volume
c43ae11 fstools: use -Wno-format-truncation instead of -Wno-error=format-truncation
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Changes since last version
546bc72 pkg: alternatives support
7a96972 libbb: xreadlink: fix memory leak on failure case
3f13edd pkg_run_script: use pkg->dest in half installed case
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Update to latest Git in order to import the following fixes:
1d0263b check_data_file_clashes_change: remove duplicated offline root in paths
a00a6a9 buildReplaces: do not add duplicated replacees
9fbedd8 opkg: compare-versions doesn't need any state
45b54f6 opkg_cmd: fix segmentation fault in opkg_compare_versions_cmd()
93de62b opkg_cmd: fix return of opkg compare-versions
51275a8 pkg_src_list_push: remove unused function
947d3d4 pkg_src_list_pop: remove unused function
980cfb2 str_list_push: remove unused function
52c31c1 str_list_prev: remove unused function
7d24212 str_list_last: remove unused function
48142a3 conffile_list_pop: remove unused function
46c5de5 pkg_dest_list_push: remove unused functions
368bb62 nv_pair_list_prev: remove unused function
2985c00 nv_pair_list_last: remove unused function
f5082ac conffile_list_pop: remove unused function
89bf8b9 conffile_list_push: remove unused function
23d31fb active_list_sort: remove unused function
7fe45f2 active_list_add_depend: remove unused function
86b584d pkg_dependence_satisfied: remove unused function
816d330 Fix typo in pkg_hash_fetch_best_installation_candidate.
07f3b02 set_flags_from_control: remove function
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
20c16fc cmake: Make blockd link against libjson-c
92b4c2c libfstools: add basic documentation of mount functions
Signed-off-by: John Crispin <john@phrozen.org>
With this patch, the nand.sh script no longer overwrites
CI_KERNELPART and CI_UBIPART if they have been set before.
This allows platforms specify alternative values for these
variables.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
continue work started here: http://patchwork.ozlabs.org/patch/520859
Extend /etc/config/system with parameters to set the default respawn treshold and respawn timeout
for procd launched services that have respawn enabled.
This results in cleaner init scripts, while making sure services have respawn parameters set.
Signed-off-by: Claudiu Brasovean <cbrasho@gmail.com>
8f218f5 procd: service gets deleted when its last instance is freed
35209a0 procd: update modprobe path
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Update to latest Git in order to import the following fixes:
19070b6 unarchive: fix possible segmentation fault in deb_extract()
758527e pkg: forward "provided_by_hand" flag in pkg_merge()
1fdc2ca pkg: mark bit fields in pkg_t unsigned
15fc1ee opkg_cmd: avoid null pointer dereference in opkg_what_depends_conflicts_cmd()
439c89e opkg_cmd: fix endless loop in whatprovides/whatreplaces
0fb3e9f pkg_depends: propagate virtual provided detail flag to providers
793155f pkg_depends: fix unsatisfied dependency installation order
b1dc770 libopkg: fix some overly aggressive line wrapping in pkg_depends.c
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
c09e4f0 ubusd: fix incomplete copy of shared buf during queue-ing
453b87f cli: add support for subscribing to objects
6eb3c96 cli: do not use default timeout for listen
dfe3383 libubus: reset ctx->sock.error when doing ubus reconnect
34c6e81 cli: fix listen_timeout compile issue
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Update to latest Git head to get rid of a stray printf() causing unwanted
output in the "opkg list-upgradable" command.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
A missing list pointer initialization caused opkg to ignore conffile entries
from status files, breaking the conffile tracking on the target.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
c553354 cmake: fix typo
8973576 kmodloader: fix not being able to find some modules
fce9382 cmake: Check for getrandom system call
Signed-off-by: Felix Fietkau <nbd@nbd.name>
The switch to cmake caused the -DHAVE_USIGN flag to get lost, disabling
compilation of the correspondinf support code.
Update to latest Git head which enables usign support by default.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Switch to our own fork of opkg to significantly reduce the required amount
of memory when updating lists or installing packages.
Preliminary tests showed a usage drop of about 90% during these operations,
from ~3.7MB with unmodified opkg to ~360KB with our custom fork.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5f91241 procd: add cancel_timeout on rc scripts when a runtime_timeout is specified
961dc69 procd: stop service using SIGKILL if SIGTERM failed to do so
Signed-off-by: John Crispin <john@phrozen.org>
Default trigger action timeout was added to procd.sh in commit f88e3a4c0
(procd: add default timeout for reload trigger actions)
However, the timeout value was not placed under the correct JSON-script
array nesting level and thus did not apply.
To fix this and make the timeout actually apply to the reload triggers,
we place it in the correct scope, that is the per-trigger array.
Fixes: f88e3a4c0a
Signed-off-by: Denis Osvald <denis.osvald@sartura.hr>
Adds the following fixes:
91acde6 libubus: do not modify uloop_cancelled
763b9b2 libubus: reset ctx->sock.eof to fix reconnect issues
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Update ubox to latest Git HEAD in order to import the following fixes:
ac2d43e kmodloader: support '-q' quiet option
f8d3d16 ubox: Add an option for more accurate timestamps in log
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Fixes build issues with some toolchains that don't add lcrypt in the default
search paths:
CMakeFiles/rpcd.dir/session.c.o: In function `rpc_login_test_password':
build_dir/target-mipsel-linux-gnu/rpcd-2016-12-03-0577cfc1/session.c:823: undefined reference to `crypt'
collect2: error: ld returned 1 exit status
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Update ubox to latest Git head in order to import the following fixes:
14839f0 kmodloader: make insert_module() idempotent
6e3c6dc kmodloader: add module alias awareness
9371411 kmodloader: fix out-of-bound access when parsing .modinfo
a62c946 kmodloader: modprobe: skip possible command line arguments
46a4b5f kmodloader: log to kmsg when loading directories of modules
eacc426 kmodloader: remove redundant glob wildcard char
8488bb5 ubox: Initialize conditionally uninitialized variable
db070f1 ubox: Fix some memory leaks
acc48b5 kmodloader: Fix typo in error message
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
This is how other Linux distributions are doing and kernel
modprobe_path[] of request_module() also has a default value of
/sbin/modprobe
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
A given signal-name is now converted to the corresonding number. In general
it's good style to use names (readability) and it's more portable: signal
numbers can be architecture-dependent, so we are more safe giving names.
A real world example is signal 10, which is BUS on ramips and USR1 on PPC.
All users of 'procd_send_signal' must change their code to reflect this.
Signed-off-by: Bastian Bittorf <bb@npl.de>
Clarify opkg's messages related to downloads:
* more visible error message for package list download failure
* separate error message for signature file download error
* if wget returns 4, signal the network error more clearly
* remove '.' from end of filenames and URLs
* try signature check only if the package list was downloaded ok.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
- Adds support for passing file descriptors in ubus invoke requests
- Fixes clearing pending timers on ubus_shutdown()
- Fixes checking the amount of written data in ubusd
- Fixes an ubusd crash when trying to subscribe to system objects
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Currently system log is always included as a part of ubox. Add logd as a
seperate package and add it to default packages list.
Signed-off-by: Andrej Vlasic <andrej.vlasic@sartura.hr>
Signed-off-by: Luka Perkov <luka.perkov@sartura.hr>
opkg doesn't have BUILD_VARIANTs anymore, so the previously defined
PKG_BUILD_DIR would lead to a weird 'opkg-' path component.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
This reverts the following commits:
fbe522d120278ad007ee863888e44f96daf6352fcfd83555fc
This seems to trigger some mconf bugs when built with all feeds
packages, so I will try to find a less intrusive solution before the
release.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
It has never been used by default (due to being too bloated), and it is
properly replaced by usign (which has been the default for a long time
now).
Remove this feature to simplify the build system
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Brings in the following changes:
84b530a732b1 libfstools: Check return values for fread and system
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Opkg's builtin decompression code is unsuitable to process nested archives as
it uses a single shared state and relies on undefined seek behaviour for pipes.
Rework the extraction logic to use the external gzip command as I/O filter for
decompressing data and remove the builtin inflate code entirely.
This shrinks the final opkg binary by about 4KB and results in less runtime
memory consumption due to efficient use of vfork() and less copy-on-write
operations in the forked child.
Rework by Felix: create a thread that relays data to the gzip process
instead of using a fragile poll loop
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Opkg's builtin decompression code is unsuitable to process nested archives as
it uses a single shared state and relies on undefined seek behaviour for pipes.
Rework the extraction logic to use the external gzip command as I/O filter for
decompressing data and remove the builtin inflate code entirely.
This shrinks the final opkg binary by about 4KB and results in less runtime
memory consumption due to efficient use of vfork() and less copy-on-write
operations in the forked child.
Rework by Felix: create a thread that relays data to the gzip process
instead of using a fragile poll loop
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Add procd_send_signal which allows to send an optional specified
kill signal to one specified or all instances of a given service.
By default SIGHUP is sent if no signal is specified
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Update procd to latest HEAD in order to introduce support for services signals:
- Adds a new service.signal ubus call to send a kill() signal to one or all
running instances of a given service
- Adds a new "reload_signal" property which allows service init scripts to
request procd to send a specific kill() signal on reload, instead of
stopping and restarting running processes
Also fixes some potential memory leaks reported by cppcheck and an environment
variable corruption in the trace command.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
To make sure we properly restart services on upgrade we need to
call the prerm script of the old package, in case the init script
changes (or vanishes).
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
Acked-by: Jo-Philipp Wich <jo@mein.io>
Allow scripts from the package to be upgraded to be aware of being
upgraded.
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
Acked-by: Jo-Philipp Wich <jo@mein.io>
This will be used to append extra information to images which allows the
system to verify if an image is compatible with the system.
The extra data is appended to the end of the image, where it will be
ignored when upgrading from systems that do not process this data yet:
If the image is a squashfs or jffs2 image, the extra data will land
after the end-of-filesystem marker, where it will be overwritten once
the system boots for the first timee.
If the image is a sysupgrade tar file, tar will simply ignore the extra
data when unpacking.
The layout of the metadata/signature chunks is constructed in a way
that the last part contains just a magic and size information, so that
the tool can quickly check if any valid data is present without having
to do a pattern search throughout the full image.
Chunks also contain CRC32 information to detect file corruption, even
when the image is not signed.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
The libblkid probe support in fstools git head requires blkid/blkid.h for
compilation, so add a build dependency on util-linux which provides libblkid.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Commit f5c741b5e0 updated procd to a more recent version, but did not
change the hash of the tar. Update it to the one matching the file on
the download servers.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* Change git packages to xz
* Update mirror checksums in packages where they are used
* Change a few source tarballs to xz if available upstream
* Remove unused lines in packages we're touching, requested by jow- and blogic
* We're relying more on xz-utils so add official mirror as primary source, master site as secondary.
* Add SHA256 checksums to multiple git tarball packages
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
Enable CONFIG_PROCD_ZRAM_TMPFS compatibility via two changes to list_cpu_idx():
* detect if /tmp is being used by /dev/zram0; if yes, offset initial value by 1 to skip first zram device.
* hot-add /dev/zram1, if not already present.
Signed-off-by: Conn O'Griofa >connogriofa@gmail.com>
This reverts commit 763f5d7873.
Currently the vfork() code path in opkg is broken and relies on unsupported
ftello() / fseeko() operations on pipes - we need to restructure the code
before we can reconsider this approach.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
This reverts commit 02e3c718e9.
Currently the vfork() code path in opkg is broken and relies on unsupported
ftello() / fseeko() operations on pipes - we need to restructure the code
before we can reconsider this approach.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
src/linksys_bootcount.c misses to include stdint.h.
Apparently musl doesn't mind and includes this header by default,
but glibc does not and causes the build to fail.
Signed-off-by: Josua Mayer <josua.mayer97@gmail.com>