Commit Graph

1320 Commits

Author SHA1 Message Date
Mark Mentovai
c9725d4fb6 failsafe: run on all consoles listed in /proc/cmdline
On x86, when both CONFIG_GRUB_CONSOLE and CONFIG_GRUB_SERIAL are set (as
they are by default), the kernel command line will have two console=
entries, such as

    console=tty0 console=ttyS0,115200n8

Failsafe was only running a shell on the first defined console, the VGA
console. This is a problem for devices like apu2, where there is only a
serial console and it appears on ttyS0.

Moreover, the console prompt to enter failsafe during boot was delivered
to, and its input read from, the last console= on the kernel command
line. So while the failsafe shell was on the first defined console, only
the last defined console could be used to enter failsafe during boot.

In contrast, the x86 bootloader (GRUB) operates on both the serial
console and the VGA console by virtue of "terminal_{input,output}
console serial". GRUB also provided an alternate means to enter failsafe
from either console. The presence of two console= kernel command line
parameters causes kernel messages to be delivered to both. Under normal
operation (not failsafe), procd runs login in accordance with inittab,
which on x86 specifies ttyS0, hvc0, and tty1, allowing login through any
of serial, hypervisor, or VGA console. Thus, serial access was
consistently available on x86 devices with serial consoles under normal
operation, except for shell access in failsafe mode (without editing the
kernel command line).

By presenting the failsafe prompt, reading failsafe prompt input, and
running failsafe shells on all consoles listed in /proc/cmdline,
failsafe mode will work correctly on devices with a serial console (like
apu2), and the same image without any need for reconfiguration can be
shared by devices with the more traditional (for x86) VGA console. This
improvement should benefit any system with multiple console= arguments,
including x86 and bcm27xx (Raspberry Pi).

Signed-off-by: Mark Mentovai <mark at moxienet.com>
2022-06-19 12:40:30 +02:00
David Bauer
34437af888 base-files: allow ignoring minor compat-version check
Downstream projects might re-generate device-specific configuration
based on OpenWrt's defaults on each upgrade, thus being unaffected by
forward- as well as backwards-breaking configuration.

Add a new sysupgrade parameter, which allows sysupgrades between minor
compat-versions. Upgrades will still fail upon mismatching major compat
versions.

Signed-off-by: David Bauer <mail@david-bauer.net>
2022-06-18 22:11:04 +02:00
Daniel Golle
7b07c3cff5
base-files: simplify restorecon logic
Remove forgotten redundant selinuxenabled call and skip the whole
thing in case $IPKG_INSTROOT is set as labels are anyway applied only
later on in fakeroot when squashfs is created.

Fixes: 6d7272852e ("base-files: add missing $IPKG_INSTROOT to restorecon call")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2022-05-02 21:11:05 +01:00
Daniel Golle
6d7272852e
base-files: add missing $IPKG_INSTROOT to restorecon call
Update to overlooked v2 version of Dominick Grift's patch.

Fixes: 5109bd164c ("base-files: address sed in-place without SELinux awareness")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2022-05-02 19:59:58 +01:00
Dominick Grift
5109bd164c
base-files: address sed in-place without SELinux awareness
sed(1) in busybox does not support this functionality:
https://git.savannah.gnu.org/cgit/sed.git/tree/sed/execute.c#n598

This causes /etc/group to become mislabeled when a package requests
that a uid/gid be added on OpenWrt with SELinux

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
[move restorecon inside lock]
Signed-off-by: Dominick Grift <dominick.grift@defensec.nl>
2022-05-02 18:56:02 +01:00
Rodrigo Balerdi
7d02fc0951 base-files: fix sysupgrade for kernel-out-of-UBI
Commit ecbcc0b595 bricks devices on which the raw kernel and UBI mtd
partitions overlap.

This is the case of the ZyXEL NR7101 for example. Its OEM bootloader has
no UBI support. OpenWrt splits the stock kernel mtd partition into a raw
kernel part used by the bootloader and a UBI part used to store rootfs
and rootfs_data. Running mtd erase on the complete partition during
sysupgrade erases the UBI part and results in a soft brick.

Arguably the best solution would be to fix the partition layouts so that
kernel and UBI partitions do not overlap, also including a stock_kernel
partition to help reverting to stock firmware. This would have the added
benefit of protecting UBI from kernel images that are excessively large.

Fixes: ecbcc0b595 ("base-files: safer sysupgrade.tar for kernel-out-of-UBI")
Reported-by: Bjørn Mork <bjorn@mork.no>
Signed-off-by: Rodrigo Balerdi <lanchon@gmail.com>
2022-05-02 12:42:15 +01:00
Rodrigo Balerdi
9ba28f978c base-files: minimize critical time in sysupgrade
Attempt to minimize the time during which an interrupted nand sysupgrade
can lead to a non-functional device by flushing caches before starting
the upgrade procedure.

Signed-off-by: Rodrigo Balerdi <lanchon@gmail.com>
2022-04-19 16:28:25 +01:00
Rodrigo Balerdi
9a2f08f6e7 base-files: trim unnecessary nand sysupgrade code
Remove unnecessary sync commands during nand sysupgrade.

Signed-off-by: Rodrigo Balerdi <lanchon@gmail.com>
2022-04-19 16:28:25 +01:00
Rodrigo Balerdi
bfd9afc38d base-files: fix issues in nand sysupgrade
Fix issues while retaining configuration during nand sysupgrade:
- abort configuration saving if data partition is not found
- generate diagnostics if saving fails (eg, because of lack of space)
- do not output "sysupgrade successful" in case of errors

Signed-off-by: Rodrigo Balerdi <lanchon@gmail.com>
2022-04-19 16:28:25 +01:00
Rodrigo Balerdi
f8351d65bb base-files: clean up nand sysupgrade code
Fix some inconsistent quoting in nand sysupgrade code.

Signed-off-by: Rodrigo Balerdi <lanchon@gmail.com>
2022-04-19 16:28:25 +01:00
Rodrigo Balerdi
de4b65a793 base-files: clean up ubinized sysupgrade code
Remove redundant check from nand ubinized sysupgrade code. This check
has already been done in the only caller of the affected function:
nand_do_upgrade.

Signed-off-by: Rodrigo Balerdi <lanchon@gmail.com>
2022-04-19 16:28:25 +01:00
Rodrigo Balerdi
264d948302 base-files: clean up nand tar sysupgrade code
Prepares code for ubirename-based safe sysupgrade implementation.

Fixes several issues:
- the special CI_KERNPART value "none" is ignored if an MTD partition
  named "none" exists
- misleading variable names (such as has_kernel to mean "tar has kernel
  and it should not be written to an MTD partition but a UBI volume")
- inconsistent treatment of zero-length tar member files
- inconsistent meaning of "0" and "" variable values
- redundant operations (unneeded untaring, repeated untaring, unneeded
  partition lookups)
- inconsistent variable quoting

Signed-off-by: Rodrigo Balerdi <lanchon@gmail.com>
2022-04-19 16:28:25 +01:00
Rodrigo Balerdi
ecbcc0b595 base-files: safer sysupgrade.tar for kernel-out-of-UBI
Ensure that the kernel CRC is invalidated while rootfs is being updated.
This allows the bootloader to detect an interrupted sysupgrade and fall
back to an alternate booting method, such as TFTP, instead of just going
ahead with normal boot and effectively bricking the device.

Signed-off-by: Rodrigo Balerdi <lanchon@gmail.com>
2022-04-19 16:28:25 +01:00
Rodrigo Balerdi
073dc450b5 base-files: safer sysupgrade for kernel-in-UBI devices
Ensure that the kernel CRC is invalidated while rootfs is being updated.
This allows the bootloader to detect an interrupted sysupgrade and fall
back to an alternate booting method, instead of just going ahead with
normal boot and effectively bricking the device.

Possible fallbacks include a recovery initramfs partition or UBI volume
and TFTP. See here for an example U-Boot configuration with fallbacks:
https://shorturl.at/befsA (https://github.com/Lanchon/openwrt-tr4400-v2/
blob/e7d707d6bd7839fbd0b8d0bd180fce451df77e47/install-recovery.sh#L52-L63)

Signed-off-by: Rodrigo Balerdi <lanchon@gmail.com>
2022-04-19 16:28:25 +01:00
Rodrigo Balerdi
1e191adb20 base-files: fix nand sysupgrade comments
Erroneous comments possibly applied to an earlier code revision.

Signed-off-by: Rodrigo Balerdi <lanchon@gmail.com>
2022-04-19 16:28:25 +01:00
Rodrigo Balerdi
e3238a486f base-files: improve sysupgrade ubiblock handling
Only remove ubiblock devices required for nand sysupgrade.

Signed-off-by: Rodrigo Balerdi <lanchon@gmail.com>
2022-04-19 16:28:25 +01:00
Rodrigo Balerdi
f5ed603d0c base-files: emit diagnostics on sysupgrade abort
Emit diagnostics if nand sysupgrade is aborted because UBI partition
cannot be attached. Also avoid redudndant checks.

Signed-off-by: Rodrigo Balerdi <lanchon@gmail.com>
2022-04-19 16:28:25 +01:00
Daniel Golle
0dbca1b2ba
base-files: more robust sysupgrade on NAND
Make sure sysupgrade on NAND also works in case of UBI volumes having
index >9. While at it, also make sure UBI device is detected and abort
in case it isn't. Use Shell built-in shorthand ':' instead of 'true'.

Fixes #9708
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2022-04-13 19:50:45 +01:00
Brian Norris
17b05045bd ipq40xx: Support Chromium OS image-type creation
See firmware-utils.git commits [1], which implemented the cros-vbutil
verified-boot payload-packing tool, and extended ptgen for the CrOS
kernel partition type. With these, it's now possible to package kernel +
rootfs to make disk images that can boot a Chrome OS-based system (e.g.,
Chromebooks, or even a few AP models).

Regarding PARTUUID= changes: Chromium bootloaders work well with a
partition number offset (i.e., relative to the kernel partition), so
we'll be using a slightly different root UUID line.

NB: I've made this support specific to ip40xx for now, because I only
plan to support an IPQ4019-based AP that uses a Chromium-based
bootloader, but this image format can be used for essentially any
Chromebook, as well as the Google OnHub, a prior Chromium-based AP using
an IPQ8064 chipset.

[1]
ptgen: add Chromium OS kernel partition support
https://git.openwrt.org/?p=project/firmware-utils.git;a=commit;h=6c95945b5de973026dc6f52eb088d0943efa96bb

cros-vbutil: add Chrome OS vboot kernel-signing utility
https://git.openwrt.org/?p=project/firmware-utils.git;a=commit;h=8e7274e02fdc6f2cb61b415d6e5b2e1c7e977aa1

Signed-off-by: Brian Norris <computersforpeace@gmail.com>
2022-03-25 18:14:13 +01:00
Florian Eckert
09c41ea679 base-files: add wrapper for procd service list command
A service managed by procd does have a json object with usefull information.
This information could by dumped with the following command.

ubus call service list "{ 'verbose':true, 'name': '<service-name>)'". }"

This line is long and complicated to enter. This commit adds a wrapper
call to the procd service section tool to simplify the input and get the
output faster.

We could now enter the command /etc/initd/<service> info to get the info
faster.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2022-03-19 16:13:58 +01:00
Florian Eckert
b9017384ca procd: move service command to procd
The service command belongs to the procd and does not belong in the
shinit. In the course of the move, the script was also checked with
shellcheck and cleaned up.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2022-03-19 16:13:58 +01:00
Brian Norris
e8a0c55909 base-files: Align rootfs_data upgrades to 64KiB on eMMC
Rootfs overlays get created at a ROOTDEV_OVERLAY_ALIGN (64KiB)
alignment after the rootfs, but emmc_do_upgrade() is assuming
it comes at the very next 512-byte sector.

Suggested-by: Christian Lamparter <chunkeey@gmail.com>
Signed-off-by: Brian Norris <computersforpeace@gmail.com>
(move spaces around, mention fstools' libtoolfs)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2022-03-16 17:50:06 +01:00
Rafał Miłecki
9851d4b6ce base-files: call "sync" after initial setup
OpenWrt uses a lot of (b)ash scripts for initial setup. This isn't the
best solution as they almost never consider syncing files / data. Still
this is what we have and we need to try living with it.

Without proper syncing OpenWrt can easily get into an inconsistent state
on power cut. It's because:
1. Actual (flash) inode and data writes are not synchronized
2. Data writeback can take up to 30 seconds (dirty_expire_centisecs)
3. ubifs adds extra 5 seconds (dirty_writeback_centisecs) "delay"

Some possible cases (examples) for new files:
1. Power cut during 5 seconds after write() can result in all data loss
2. Power cut happening between 5 and 35 seconds after write() can result
   in empty file (inode flushed after 5 seconds, data flush queued)

Above affects e.g. uci-defaults. After executing some migration script
it may get deleted (whited out) without generated data getting actually
written. Power cut will result in missing data and deleted file.

There are three ways of dealing with that:
1. Rewriting all user-space init to proper C with syncs
2. Trying bash hacks (like creating tmp files & moving them)
3. Adding sync and hoping for no power cut during critical section

This change introduces the last solution that is the simplest. It
reduces time during which things may go wrong from ~35 seconds to
probably less than a second. Of course it applies only to IO operations
performed before /etc/init.d/boot . It's probably the stage when the
most new files get created.

All later changes are usually done using smarter C apps (e.g. busybox or
uci) that creates tmp files and uses rename() that is expected to be
atomic.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Acked-by: Hauke Mehrtens <hauke@hauke-m.de>
Acked-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
2022-03-12 11:13:54 +00:00
Rucke Teg
e040d31177 base-file: remove password aging feature form /etc/shadow
In the default shadow file, as visible in the failsafe mode, the user
root has value of `0` set in  the 3rd field, the date of last password
change. This setting means that the password needs to be changed the
next time the user will log in the system. `dropbear` server is ignoring
this setting but `openssh-server` tries to enforce it and fails in the
failsafe mode because the rootfs is R/O.

Disable the password aging feature for user root by setting the 3rd
filed empty.

Signed-off-by: Rucke Teg <rucketeg@protonmail.com>
2022-02-24 18:10:30 +01:00
Daniel Golle
2baded9ecc
base-files: make sure tools are present in sysupgrade ramdisk
Not all targets create /var/lock or touch /var/lock/fw_printenv.lock in
their platform.sh. This is problematic as fw_printenv then fails in
case /var/lock/fw_printenv.lock has not been created by previous calls
to fw_printenv/fw_setenv before sysupgrade is run.

Targets using fw_printenv/fw_setenv during sysupgrade:
 * ath79/*
 * ipq40xx/*
 * ipq806x/*
 * kirkwood/*
 * layerscape/*
 * mediatek/mt7622
 * mvebu/*
 * ramips/*
 * realtek/*

Targets currently using additional steps in /lib/upgrade/platform.sh
to make sure /var/lock/fw_printenv.lock (or at least /var/lock)
actually exists:
 * ath79/* (openmesh devices)
 * ipq40xx/* (linksys devices)
 * ipq806x/* (linksys devices)
 * kirkwood/* (linksys devices)
 * layerscape/*
 * mvebu/cortexa9 (linksys devices)

Given that accessing the U-Boot environment during sysupgrade is not
uncommon and the situation across targets is currently quite diverse,
just make sure both tools as well fw_env.config are always copied to
the ramdisk used for sysupgrade. Also make sure /var/lock always
exists.

This now allows to remove copying of fw_printenv/fw_setenv as well as
fw_env.config, creation of /var/lock or even /var/lock/fw_printenv.lock
from lib/upgrade/platform.sh or files included there.

As the same applies also to 'fwtool' which is used by generic eMMC
sysupgrade, also always copy that to ramdisk.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2022-02-22 19:16:03 +00:00
Alexey Smirnov
66071729a2 base-files: add support for heartbeat led trigger
This patch adds support for creation heartbeat led trigger with,
for example, this command:

	ucidef_set_led_heartbeat "..." "..." "..."

from /etc/board.d/01_leds.

Signed-off-by: Alexey Smirnov <s.alexey@gmail.com>
2022-02-19 13:10:01 +01:00
Daniel Golle
397de50089
base-files: Make sure rootfs_data_max is considered
For sysupgrade on NAND/UBI devices there is the U-Boot environment
variable rootfs_data_max which can be used to limit the size of the
rootfs_data volume created on sysupgrade.
This stopped working reliable with recent kernels, probably due to a
race condition when reading the number of free erase blocks from sysfs
just after removing a volume.
Change the script to just try creating rootfs_data with the desired
size and retry with maximum size in case that fails. Hence calculating
the available size in the script can be dropped which works around the
problem.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2022-02-17 15:15:42 +00:00
Rosen Penev
7994461a5a base-files: replace fgrep with grep -F
fgrep is deprecated and replaced by grep -F. The latter is used
throughout the tree whereas this is the only usage of the former.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2022-02-06 23:09:15 +01:00
Javier Marcet
018ada5403 base-files: upgrade: fix efi partitions size calculation
We were missing (not using) the last sector of each partition,
compared with the output of gparted.

Signed-off-by: Javier Marcet <javier@marcet.info>
[moved the dot]
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2021-12-27 13:51:41 +01:00
Florian Eckert
dd681838d3 base-files: fix service_running check
The following command checks if a instance of a service is running.
/etc/init.d/<service> running <instance>

 In the variable `$@`, which is passed to the function
`service_running`, the first argument is always the `instance` which
should be checked. Because all other variables where removed from `$@`
with `shift`.

Before this change the first argument of `$@` was set to the `$service`
Variable. So the function does not work as expected. The `$service`
variable was always the instance which should be checked. This is not
what we want.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Reviewed-by: Sungbo Eo <mans0n@gorani.run>
2021-12-04 09:39:11 +09:00
Enrico Mioso
57c1f3f9c5
base-files: add eMMC sysupgrade support
Adds generic support for sysupgrading on eMMC-based devices.

Provide function emmc_do_upgrade and emmc_copy_config to be used in
/lib/upgrade/platform.sh instead of redundantly implementing the same
logic over and over again.
Similar to generic sysupgrade on NAND, use environment variables
CI_KERNPART, CI_ROOTPART and newly introduce CI_DATAPART to indicate
GPT partition names to be used. On devices with more than one MMC
block device, CI_ROOTDEV can be used to specify the MMC device for
partition name lookups.

Also allow to select block devices directly using EMMC_KERN_DEV,
EMMC_ROOT_DEV and EMMC_DATA_DEV, as using GPT partition names is not
always an option (e.g. when forced to use MBR).

To easily handle writing kernel and rootfs make use of sysupgrade.tar
format convention which is also already used for generic NAND support.

Signed-off-by: Enrico Mioso <mrkiko.rs@gmail.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
CC: Li Zhang <li.zhang@gl-inet.com>
CC: TruongSinh Tran-Nguyen <i@truongsinh.pro>
2021-12-02 20:42:58 +00:00
Robert Marko
f2c4064ecb base-files: dont always create kernel UBI volume
Currently nand_upgrade_tar() will pass the kernel length
to nand_upgrade_prepare_ubi() in all cases except for when
the kernel is to be installed in a separate partition as a
binary with the MTD tool.

While this is fine for almost all cases newer MikroTik NAND
devices like hAP ac3 require the kernel to be installed as a
UBIFS packed UBI volume in its own partition.

So, since we have a custom recipe to use ubiformat to flash
the kernel in its partition it makes no sense for sysupgrade
to also install the kernel as a UBI volume in the "ubi"
partition as it only wastes space and will never be used.

So, simply check whether CI_KERNPART is set to "none" and
if so unset the "has_kernel" variable which will in turn
prevent the kernel length from being passed on and then
the kernel UBI volume wont be created for no usefull purpose.

The ath79 MikroTik NAND target has been setting CI_KERNPART
to "none" for a while now altough that was not preventing
the kernel to be installed as UBI volume as well.

Signed-off-by: Robert Marko <robimarko@gmail.com>
2021-11-28 17:17:22 +01:00
Daniel Golle
4d3303b1bd
base-files: stage2: improve /proc/*/stat parser
Simply reading /proc/*/stat as a space-separated string will not work
as the process name may itself contain spaces. Hence we must match on
the '(' and ')' characters around the process name and can then handle
the remaining string as space-separated values.
This fixes shell error messages which have been popping up the console
due to spaces in process names being interpreted as field separators.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-11-13 18:36:52 +00:00
Daniel Golle
73657dfbdd
base-files: drop get_partition_by_name shell function
find_mmc_part provides a better alternative and all users of
get_partition_by_name have been removed.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-11-01 18:01:02 +00:00
Daniel Golle
9f223a20bd
base-files: allow specifiying rootdev for find_mmc_part
Some devices got more than one mmc device.
Allow specifying the root device as 2nd parameter of find_mmc_part so
scripts can avoid matching irrelevant partitions on wrong mmc device.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-11-01 18:00:42 +00:00
Davide Fioravanti
6e13794344 base-files: add minimal mmc support
Added minimal mmc support for helper functions:

 - find_mmc_part: Look for a given partition name. Returns the
	coresponding partition path
 - caldata_extract_mmc: Look for a given partition name and then
	extracts the calibration data
 - mmc_get_mac_binary: Returns the mac address from a given partition
	name and offset

Signed-off-by: Davide Fioravanti <pantanastyle@gmail.com>
Signed-off-by: Robert Marko <robimarko@gmail.com>
[replace dd with caldata_dd, moved sysupgrade mmc to orbi]
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2021-11-01 00:56:51 +01:00
Daniel Golle
b2aca61360
base-files, metadata: support additional group membership
Some packages may require additional group membership for the system
user added by that package. Allow defining additional groups as third
member of the ':'-separated tuple, allowing to specify multiple
','-separated groups with optional GID.

Example:
USERID:=foouser=1000:foogroup=1000:addg1=1001,addg2=1002,addg3

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-10-28 16:27:21 +01:00
Deomid Ryabkov
430f691943 base-files: chmod 1777 /var/lock
Per FHS 3.0, /var/lock is the location for lock files [1].
However its current permissions (755) are too restrictive
for use by unprivileged processes.
Debian and Ubuntu set them to 1777, and now so do we.

[1] <https://refspecs.linuxfoundation.org/FHS_3.0/fhs-3.0.html#varlockLockFiles>

Signed-off-by: Deomid Ryabkov <rojer@rojer.me>
[fixed typo in commit message, had to remove "rojer" due to git hooks]
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2021-10-23 19:30:54 +02:00
Daniel Golle
98bccdafd7
base-files: rename 'sdcard' to 'legacy-sdcard'
While an image layout based on MBR and 'bootfs' partition may be easy
to understand for users who are very used to the IBM PC and always have
the option to access the SD card outside of the device (and hence don't
really depend on other recovery methods or dual-boot), in my opinion
it's a dead end for many desirable features on embedded systems,
especially when managed remotely (and hence without an easy option to
access the SD card using another device in case things go wrong, for
example).

Let me explain:

* using a MSDOS/VFAT filesystem to store kernel(s) is problematic, as a
  single corruption of the bootfs can render the system into a state
  that it no longer boots at all. This makes dual-boot useless, or at
  least very tedious to setup with then 2 independent boot partitions
  to avoid the single point of failure on a "hot" block (the FAT index
  of the boot partition, written every time a file is changed in
  bootfs). And well: most targets even store the bootloader environment
  in a file in that very same FAT filesystem, hence it cannot be used
  to script a reliable dual-boot method (as loading the environment
  itself will already fail if the filesystem is corrupted).

* loading the kernel uImage from bootfs and using rootfs inside an
  additional partition means the bootloader can only validate the
  kernel -- if rootfs is broken or corrupted, this can lead to a reboot
  loop, which is often a quite costly thing to happen in terms of
  hardware lifetime.

* imitating MBR-boot behavior with a FAT-formatted bootfs partition
  (like IBM PC in the 80s and 90s) is just one of many choices on
  embedded targets. There are much better options with modern U-Boot
  (which is what we use and build from source for all targets booting
  off SD cards), see examples in mediatek/mt7622 and mediatek/mt7623.

Hence rename the 'sdcard' feature to 'legacy-sdcard', and prefix
functions with 'legacy_sdcard_' instead of 'sdcard_'.

Tested-by: Stijn Tintel <stijn@linux-ipv6.be>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-08-16 12:22:17 +01:00
Stijn Tintel
8347d8b4fb base-files: add generic sdcard upgrade method
Add a generic sdcard upgrade method instead of duplicating code in yet
another target, and add a feature flag to only install this upgrade
method in targets that set this flag. Copied from mvebu.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2021-08-07 01:34:40 +03:00
Daniel Golle
e67865c569
base-files: upgrade: try umount lvm and loop devices
Try umount on device mapper and loop devices still mounted, so the
subsequent call to disactivate all physical volumes and delete all
loop devices is more likely to succeed.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-08-04 19:12:34 +01:00
Daniel Golle
af76e26b55
base-files: sysupgrade stage2: fix losetup detection
If the busybox applet losetup was selected, `command -v` selects that
during sysupgrade. As this applet is in another path and doesn't cover
the '-D' option which is used to make sure user-defined loop devices
are no longer active during sysupgrade.
Detect losetup at the path of the full utility to avoid error messages
in case of the busybox applet being selected.

Reported-by: fda77 <fda77@users.noreply.github.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-08-03 18:28:44 +01:00
Bob Cantor
e8b5429609 base-files: wifi: tidy up the reconf code
commit 5edbd390d321532d9a697d6895a1a7c71c40bd5d rearranged the
"wifi up" code.

This commit tidies up the "wifi reconf" code so as to
keep it aligned with the "wifi up" code.

branches affected: trunk, 21.02

Signed-off-by: Bob Cantor <coxede6557@w3boats.com>
2021-06-28 17:24:15 +02:00
Bob Cantor
b82cc80713 base-files: wifi: swap the order of some ubus calls
"/sbin/wifi up" makes three ubus calls:
1. ubus call network reload
2. ubus call network.wireless down
3. ubus call network.wireless up

The first and third ubus calls call drv_mac80211_setup,
while the second ubus call triggers wireless_device_setup_cancel,
so the call sequence becomes,

1. drv_mac80211_setup
2. wireless_device_setup_cancel
3. drv_mac80211_setup

This commit swaps the order of the first two ubus calls,
1. ubus call network.wireless down
2. ubus call network reload
3. ubus call network.wireless up

Consequently drv_mac80211_setup is only called once,
and two related bugs (#FS3784 and #FS3902) are no longer triggered
by /sbin/wifi.

branches affected: trunk, 21.02

Signed-off-by: Bob Cantor <coxede6557@w3boats.com>
2021-06-28 17:24:11 +02:00
Paul Spooren
56bdb6bb97 base-files: fix /tmp/TZ when zoneinfo not installed
The zoneinfo packages are not installed per default so neither
/tmp/localtime nor /tmp/TZ is generated.

This patch mostly reverts the previous fix and instead incooperates a
solution suggested by Jo.

Fixes "base-files: fix zoneinfo support " 8af62ed

Signed-off-by: Paul Spooren <mail@aparcar.org>
2021-06-24 20:00:20 -10:00
Rosen Penev
8af62ede18 base-files: fix zoneinfo support
The system init script currently sets /tmp/localinfo when zoneinfo is
populated. However, zoneinfo has spaces in it whereas the actual files
have _ instead of spaces. This made the if condition never return true.

Example failure when removing the if condition:

/tmp/localtime -> /usr/share/zoneinfo/America/Los Angeles

This file does not exist. America/Los_Angeles does.

Ran through shfmt -w -ci -bn -sr -s

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2021-06-23 14:10:27 -10:00
Luiz Angelo Daros de Luca
fe6b9b0588 base-files: bring up vlan interface too
Vlan subinterface was never brought up when using vlan-based preinit network.
Tested forcing ifname="" before preinit_ip() on a Tp-Link Archer C5v4.

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
2021-06-22 23:23:00 +02:00
Hauke Mehrtens
790561d510 base-files: failsafe: Remove the VLAN modifier from interface name
Some interfaces have a VLAN modifier like :t in lan1:t, this modifier
should be removed from the interface before calling preinit_ip_config().

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2021-06-22 23:23:00 +02:00
Hauke Mehrtens
467cd378db base-files: failsafe: Fix IP configuration
Adapt the preinit_config_board() to the board.json network changes. It
now looks for the device and the ports variables to configure the LAN
network.

This works with swconfig configurations.

Fixes: FS#3866
Fixes: d42640e389 ("base-files: use "ports" array in board.json network for bridges")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Reviewed-by: Rafał Miłecki <rafal@milecki.pl>
2021-06-22 23:23:00 +02:00
Karel Kočí
cc7316d1e9 base-files: fix enabled for services with only STOP
There are services that have only STOP value set. They are executed only
on shutdown and it is common to use them for system cleanup. There is
one such service shipped directly with base-files, it is 'umount'. Those
work the same way as those with START but enabled does not report them
as enabled although it should have as they can be enabled and disabled
as any other service.

This also changes check from check for executable to check for symbolic
link. The implementation depends on those being links to service file
and it is much cleaner and direct to check for them being links.

Signed-off-by: Karel Kočí <karel.koci@nic.cz>
2021-06-22 09:45:27 -10:00
Florian Eckert
40f533b73e base-files: redirect kill ouptut for ash, telnetd and dropbear
If one of the programmes is not running, then we see the following
output in the logs.

`killall: telnetd: no process killed`

To ensure that the log is clean, redirect the output to /dev/null

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2021-06-20 15:15:32 -10:00
Florian Eckert
d8bfcc59b0 base-files: remove unused vn and _vn function
The remaining vn calls have been ported to v.
Therefore, these functions are no longer needed and will be removed.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2021-06-20 15:15:32 -10:00
Florian Eckert
42d78fedfb base-files: change logging for upgrade on stage2
Remove vn call in favour of v call. This commit serves as preparation
for removing the vn function call.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2021-06-20 15:15:32 -10:00
Florian Eckert
bb2b7156a4 base-files: add syslog logging for v function
The logging output should not only be displayed in the calling shell
session but also in the syslog. A sysupgrade and a configuration
import, export can thus be traced in the syslog.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2021-06-20 15:15:32 -10:00
Chuck Fan
d374e2cdb4 base-files: upgrade: use zcat command provided by busybox
Calling `switch_to_ramfs()` will not copy the gzip executable
(/bin/gzip) to ramfs, but `/bin/zcat` will call `/bin/gzip` when
package gzip is installed, instead of the busybox-supplied zcat.
This will cause `zcat` to fail to find `gzip`, then cause the
sysupgrade to fail. Adding the `busybox` prefix here will solve
the problem.

Signed-off-by: Chuck Fan <fanck0605@qq.com>
2021-06-20 14:19:54 -10:00
Sergey Ponomarev
bffee5ea19 busybox: disable bzip2
bzip2 adds about 8kb of size. For tiny builds it's often disabled.
It's not directly used by stock OpenWrt programs.
Kernel images compressed with bzip2 are also not fully supported.

Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
[fix \ indention]
Signed-off-by: Paul Spooren <mail@aparcar.org>
2021-06-20 14:17:49 -10:00
Rafał Miłecki
946019637e base-files: fix typo in config_generate MAC check
Fixes: 8d8eb9d13fc6 ("base-files: set MAC for bridge ports (devices) instead of bridge itself")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2021-06-14 22:29:49 +02:00
Rafał Miłecki
c8d8eb9d13 base-files: set MAC for bridge ports (devices) instead of bridge itself
This restores the original config_generate behaviour. With MAC set for
bridged devices the bridge automatically gets its MAC adjusted (it picks
the lowest MAC of bridged devices).

This fixes confusing interfaces setup (bridge ports not having custom
MAC assigned).

Reported-by: Koen Vandeputte <koen.vandeputte@citymesh.com>
Fixes: e002179a6d ("base-files: simplify setting device MAC")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2021-06-14 20:24:46 +02:00
Michael Pratt
b118aba8cb base-files: upgrade: use procd to kill managed daemons
These processes are managed by procd and set to start again when killed
via the procd instance parameter "respawn" being set during init.

Example:
procd_set_param respawn 3600 1 0

When they are killed manually during sysupgrade,
they are started again in 5 seconds or less, depending on
how the "respawn" parameter is set.

Use procd through ubus to disable the instances that respawn them,
however, allow dnsmasq, netifd, and logd to restart for remote logging.

Properly closing all these processes increases free memory by about 3 MB,
which should help low memory devices upgrade without crashing.

For very low memory devices (set to 32 MB for now)
also kill dnsmasq, netifd, and logd for an additional 3 MB of free memory.

Also, bump sleep values to allow at least 10 seconds
for network interfaces and daemons
to come up after they are killed and restarted
before caches are dropped.

Signed-off-by: Michael Pratt <mcpratt@pm.me>
2021-06-12 13:59:27 -10:00
Rafał Miłecki
e002179a6d base-files: simplify setting device MAC
1. Move code above interface generation
   It results in more logical order. Device gets its config section
   above interface section.
2. Drop the loop
   We have separated code handling bridges now so $device should be
   guaranteed to contain a single device name.
3. Drop section name
   It's not required by netifd or LuCI & it's not needed by this script
   as $device contains a single device name now.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2021-05-28 15:35:32 +02:00
Rafał Miłecki
4b9a67362d base-files: generate network config with "device" options
Replace "ifname" with "device" as netifd has been recently patches to
used the later one. It's more clear and accurate.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2021-05-27 10:58:49 +02:00
INAGAKI Hiroshi
8cc4e87a2f base-files: fix configuration generation of network if "bridge" exists
After the commit 43fc720657
("base-files: generate "device UCI type section for bridge"), the wrong
network configuration is generated for the devices that already have the
bridge device section for VLAN, such as the devices in realtek target.

As a result, the bridge device by additional "device" section is
specified to the "ports" option in the "bridge-vlan" section and netifd
shuts down the switch and the ethernet when the network service started.

Fixes: 43fc720657 ("base-files: generate "device" UCI type section for bridge")
Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
[rmilecki: use $ports for generate_bridge_vlan argument]
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2021-05-24 09:09:00 +02:00
Rafał Miłecki
7a90ad3c43 base-files: support setting bridge MAC address
Fixes: 43fc720657 ("base-files: generate "device" UCI type section for bridge")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2021-05-24 07:48:17 +02:00
Rafał Miłecki
80be798d4a Revert "base-files: migrate old UCI network bridge ports syntax"
This reverts commit f716c30241.

Migrating everyone to the new syntax could break downgrades. We may
reintroduce it way later if needed.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2021-05-20 12:25:25 +02:00
Rafał Miłecki
0e459668c5 base-files: generate bridge device sections with br- name prefix
Missing br- prefix could result in name conflict between DSA port
interface and bridge interface. Some devices with just one LAN port use
"lan" interface name for DSA port. Trying to create bridge with the same
"lan" name was failing.

Reported-by: David Bauer <mail@david-bauer.net>
Fixes: 43fc720657 ("base-files: generate "device" UCI type section for bridge")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2021-05-20 10:40:59 +02:00
Rafał Miłecki
f716c30241 base-files: migrate old UCI network bridge ports syntax
netifd has been recently patched to use more accurate "ports" option
instead of "ifname". This is a simple translation between two UCI
options.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2021-05-18 20:07:56 +02:00
Rafał Miłecki
43fc720657 base-files: generate "device" UCI type section for bridge
This switches from the old way of defining bridges in an "interface" UCI
section type (that should be used for layer 3 only). From now a defualt
board switch will have its own "device" UCI section type. It's a new &
preferred way of defining L2 devices.

Before:

config interface 'lan'
        option type 'bridge'
        option ifname 'lan1 lan2 lan3 lan4'
        option proto 'static'
        option ipaddr '192.168.1.1'
        option netmask '255.255.255.0'

After:

config device
        option name 'lan'
        option type 'bridge'
        list ports 'lan1'
        list ports 'lan2'
        list ports 'lan3'
        list ports 'lan4'

config interface 'lan'
        option ifname 'lan'
        option proto 'static'
        option ipaddr '192.168.1.1'
        option netmask '255.255.255.0'

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2021-05-18 20:07:51 +02:00
Rafał Miłecki
d42640e389 base-files: use "ports" array in board.json network for bridges
Bridge aggregates multiple ports so use a more accurate name ("ports")
and format (array) for storing them in board.json.

Example:

"network": {
	"lan": {
		"ports": [
			"lan1",
			"lan2",
			"lan3",
			"lan4"
		],
		"protocol": "static"
	},
	"wan": {
		"ifname": "wan",
		"protocol": "dhcp"
	}
}

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2021-05-18 12:30:16 +02:00
Florian Eckert
e0c6506158 base-files: change logging for upgrade on fwtool
Remove vn call in favour of v call. This commit serves as preparation
for removing the v function call.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
[alter slightly to prevent double space after colon]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2021-05-17 01:00:14 +02:00
Jo-Philipp Wich
75ea878d1b base-files: shinit: properly handle dashes in service names
Fixes: FS#3801
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2021-05-12 12:44:32 +02:00
Daniel Golle
a2b9ec0231
base-files: upgrade: take down loop and LVM before upgrade
Users of devices with large block storage may choose to have an LVM
partition on the same device which is used for booting OpenWrt.
The presents a problem during sysupgrade as the root device is then
still busy and changing partitions will not work as desired,
leading to data corruption in case the newly flashed image is larger
than the currently installed one.
Having loop devices setup causes similar havoc.
Make sure all volume groups are offline and all loop devices have been
released before sysupgrade.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-05-05 13:18:43 +01:00
Alexander Egorenkov
9318f61556 base-files: fix status display command
If service() is called w/o parameter then the status display for services
with multiple instances is incorrect. E.g. samba4 or wpad have 2 instances.

root@OpenWrt:~# /etc/init.d/samba4 status
running
root@OpenWrt:~# /etc/init.d/wpad status
running

Before change:
/etc/init.d/samba4                 enabled         stopped
/etc/init.d/wpad                   enabled         stopped

After change:
/etc/init.d/samba4                 enabled         running
/etc/init.d/wpad                   enabled         running

Signed-off-by: Alexander Egorenkov <egorenar-dev@posteo.net>
2021-04-03 18:56:02 +02:00
Daniel Golle
bb107ad9c1
base-files: functions: introduce new helper functions
Introduce cmdline_get_var() to /lib/function.sh and make use of it in
export_rootdev() in /lib/upgrade/common.sh, making the code more
simple and removing one level of indentation.
Introduce get_partition_by_name() to /lib/upgrade/common.sh which is
useful on non-EFI GPT platforms like mt7622.
Remove some dead-code while at it.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-03-31 16:53:39 +01:00
Florian Eckert
fdbdbe8eaa base-files: add logging for configuration import
Make sysupgrade backup import more verbose.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2021-03-21 22:45:20 +01:00
Adrian Schmutzler
85b1f4d8ca treewide: remove execute bit and shebang from board.d files
So far, board.d files were having execute bit set and contained a
shebang. However, they are just sourced in board_detect, with an
apparantly unnecessary check for execute permission beforehand.

Replace this check by one for existance and make the board.d files
"normal" files, as would be expected in /etc anyway.

Note:

This removes an apparantly unused '#!/bin/sh /etc/rc.common' in
target/linux/bcm47xx/base-files/etc/board.d/01_network

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2021-03-06 11:30:06 +01:00
Florian Eckert
dec14ac436 base-files: add new application led trigger backend
For now we have only kernel LED trigger support. With this change it is now
possible to use application triggers.

If we configure a LED with a non kernel trigger, then we check on every
restart and boot of the LED service if we have this trigger as an application
in "/usr/libexec/led-trigger". If this file with the name is found, then we
execute this to init the LED.

Possible use cases are:

- Start/Stop/Restart an application led trigger service for this led
- Init a LED that is configured by a hotplug script (VPN tunnel established)

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2021-03-05 00:10:06 -10:00
Daniel Golle
84a339f015 base-files: add support for restoring config from tmpfs
Instead of only relying in /sysupgrade.tgz being present in rootfs to
restore configuration, also grab /tmp/sysupgrade.tar which may have
magically gotten there during preinit...

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-02-28 00:09:09 +00:00
Daniel Golle
287bd78e6f
base-files: remove unneeded '$' signs in nand.sh
When using Shell arithmetric evaluation via $((..)) the variables in
the expression do not need to be prefixed by the '$' sign.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-02-24 11:42:02 +00:00
Daniel Golle
5c10f26c28 sysupgrade-nand: allow limiting rootfs_data by setting env variable
Check if firmware environment variable 'rootfs_data_max' exists and is
set to a numerical value greater than 0. If so, limit rootfs_data
volume to that size instead of using the maximum available size.

This is useful on devices with lots of flash where users may want to
have eg. a volume for persistent logs and statistics or for external
applications/containers. Persistence on rootfs overlay is limited by
the size of memory available during the sysugprade process as that
data needs to be copied to RAM while the volume is being recreated
during sysupgrade. Hence it is unsuitable for keeping larger amounts
of data accross upgrade which makes additional volume(s) for
application data desirable.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-02-24 01:35:20 +00:00
Daniel Golle
e6aac8d98f image: add support for building FIT image with filesystem
Allow for single (external-data) FIT image to hold kernel, dtb and
squashfs. In that way, the bootloader verifies the system integrity
including the rootfs, because what's the point of checking that the
hash of the kernel is correct if it won't boot in case of squashfs
being corrupted? Better allow bootloader to check everything needed
to make it at least up to failsafe mode. As a positive side effect
this change also makes the sysupgrade process on nand potentially
much easier as it is now.
In short: mkimage has a parameter '-E' which allows generating FIT
images with 'external' data rather than embedding the data into the
device-tree blob itself. In this way, the FIT structure itself remains
small and can be parsed easily (rather than having to page around
megabytes of image content). This patch makes use of that and adds
support for adding sub-images of type 'filesystem' which are used to
store the squashfs. Now U-Boot can verify the whole OS and the new
partition parsers added in the Linux kernel can detect the filesystem
sub-images, create partitions for them, and select the active rootfs
volume based on the configuration in FIT (passing configuration via
device tree could be implemented easily at a later stage).

This new FIT partition parser works for NOR flash (on top of mtdblock),
NAND flash (on top of ubiblock) as well as classic block devices
(ie. eMMC, SDcard, SATA, NVME, ...).
It could even be used to mount such FIT images via `losetup -P` on a
user PC if this patch gets included in Linux upstream one day ;)

Signed-off-by: John Crispin <john@phrozen.org>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-02-24 01:35:20 +00:00
Rosen Penev
157cd0bd97 base-files: use hwclock --systz
The date -k patch is non standard and will be removed in the next
commit.

Tested behavior to be identical with a simple C program:

 #define _GNU_SOURCE
 #include <unistd.h>
 #include <stdio.h>
 #include <sys/time.h>
 #include <sys/syscall.h>

int main()
{
        struct timezone tt;
	struct timezone tz;

        int a = syscall(SYS_gettimeofday, NULL, &tt);
        int b = gettimeofday(NULL, &tz);
        printf("%d - %d, %d\n", a, tt.tz_minuteswest, tt.tz_dsttime);
        printf("%d - %d, %d\n", b, tz.tz_minuteswest, tz.tz_dsttime);
}

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2021-02-14 15:15:32 +01:00
Brian Norris
95b30f84d2 base-files: mount pstore if present
Pstore (persistent store) can be used to stash debug information (kernel
console, panics, ftrace) across reboots or crashes. If the filesystem is
present, mount it.

Signed-off-by: Brian Norris <computersforpeace@gmail.com>
2021-01-29 22:26:36 +01:00
Adrian Schmutzler
396a35dd51 base-files: remove execute bit and shebang from functions.sh
/lib/functions.sh was executable for no obvious reason and its
execute property was even checked in package-ipkg.mk just to
source it afterwards.

Remove the execute bit and shebang as this is clearly a library.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Reviewed-by: Philip Prindeville <philipp@redfish-solutions.com>
2021-01-29 14:30:32 +01:00
Adrian Schmutzler
331892f85f treewide: drop shebang from non-executable lib files
This drops the shebang from another bunch of files in various /lib
folders, as these are sourced and the shebang is useless.

Fix execute bit in one case, too.

This should cover almost all trivial cases now, i.e. where /lib is
actually used for library files.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2021-01-29 14:29:41 +01:00
Adrian Schmutzler
81655e1450 base-files: read all 3 bytes in get_magic_vfat() at once
While the speed improvement might be negligible, there is still no
reason to read individual bytes.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2021-01-07 19:51:50 +01:00
Daniel Golle
9c845a5ad1 base-files: wifi: add support for 802.11ad
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-01-05 02:16:24 +00:00
Kagurazaka Kotori
927b9df938 x86/efi: add FAT32 esp mounting support
Adds a new function get_magic_fat32() in base-files to read FAT32 magic.
Now FAT32 EFI system partition can be handled in the same way as FAT12/FAT16.

Signed-off-by: Kagurazaka Kotori <kagurazakakotori@gmail.com>
[replace '-o' with '] || [' to satisfy shellsheck]
Signed-off-by: Paul Spooren <mail@aparcar.org>
2021-01-03 13:48:50 -10:00
Oldřich Jedlička
49d678f0d2 base-files: allow reusing of boolean value extraction logic
The `functions.sh` script has `config_get_bool()` function, which is
usable when using UCI config direct access API, but there is no
equivalent for the callback API. Introduce `get_bool()` function to
allow reusing it from init scripts.

Example:

```sh
option_cb() {
    local option="$1"
    local value="$(get_bool "$2")"
    ...
}
```

Signed-off-by: Oldřich Jedlička <oldium.pro@gmail.com>
2021-01-01 10:23:56 -10:00
Adrian Schmutzler
93b6122212 base-files: sysupgrade: add function for conffiles retrieval
The find command to retrieve files from /etc/sysupgrade.conf and
/lib/upgrade/keep.d/* is used twice in almost the same way.

Move it into a function to consolidate, enhance readability and make
future adjustments easier.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Acked-by: Paul Spooren <mail@aparcar.org>
Reviewed-by: Philip Prindeville <philipp@redfish-solutions.com>
2020-12-30 00:00:13 +01:00
Hannu Nyman
3d12b47985 base-files: flush kernel memory cache during sysupgrade
Flush kernel memory caches during sysupgrade in order
to mitigate the impact from memory consumption spikes
in low-RAM devices.

This may help to prevent sysupgrade causing a reboot
before the actual flashing starts.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2020-12-22 18:59:10 +01:00
Robert Marko
20d847d133 base-files: upgrade: fix initramfs detection
Commit "initramfs: switch to tmpfs to fix ujail" switched initramfs to
now use tmpfs, it causes $(rootfs_type) to now return tmpfs when
running initramfs image instead of being empty.

This broke initramfs detection which prevents config files from
being saved as it does not work from initramfs.

So, lets test for $(rootfs_type) returning "tmpfs" instead.

Fixes: 7fd3c68 ("initramfs: switch to tmpfs to fix ujail)

Signed-off-by: Robert Marko <robimarko@gmail.com>
2020-12-20 17:14:56 +00:00
John Thomson
d82c191283 package/base-files: caldata: use dd iflag fullblock
This dd flag ensures that the requested size
is retrieved from pipes or special filesystems (if available).

Without this flag, on multi-core systems,
Piped or special filesystem data can be truncated
when a size greater than PIPE_BUF is requested.

Fixes: FS#3494
Fixes: 7557e7f ("package/base-files: caldata: work around dd's
limitation")
Cc: Thibaut VARÈNE <hacks@slashdirt.org>

Signed-off-by: John Thomson <git@johnthomson.fastmail.com.au>
2020-12-11 13:48:24 +01:00
Stan Grishin
b4f1f9c9e4 base-files: informative service command in /etc/shinit. service command shows services enabled/disabled and running status, when the service command is invoked with no/invalid arguments, like this:
Usage: service <service> [command]
The following services are available:
/etc/init.d/acme                   enabled         stopped
/etc/init.d/boot                   enabled         stopped
/etc/init.d/cron                   enabled         running
/etc/init.d/dnsmasq                enabled         running
...

Signed-off-by: Stan Grishin <stangri@melmac.net>
2020-12-03 23:28:43 -10:00
John Crispin
9290539ca9 base-files: allow setting device and bridge macs
Add code for setting mac addresses inside board.json and rendering
them out to uci. On switches we want to have a unique MAC on each port.
With 48 port switches that would require 48 device sections in
/etc/config/network. Doing so via board.json is easier.

Signed-off-by: John Crispin <john@phrozen.org>
2020-12-02 07:51:36 +01:00
Huangbin Zhan
451c1eb8c2 base-files: fix alias more to properly detect /usr/bin/more
Package more is installed to /usr/bin rather than /bin.

Signed-off-by: Huangbin Zhan <zhanhb88@gmail.com>
2020-11-28 15:12:36 -10:00
Imran Khan
9c2eceef90 base-files: merge /etc/passwd on rw-rootfs
Support installations without root-overlayfs (and hence without /rom)
when migrating user accounts.

Signed-off-by: Imran Khan <gururug@gmail.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
[simplified patch, bumped PKG_RELEASE, cleaned message]
2020-11-27 09:59:14 +00:00
Rosen Penev
b9246bbdc9 base-files: functions.sh: replace [^...] with [!...] in case
Strictly speaking, ash does not support it.

From https://wiki.ubuntu.com/DashAsBinSh#A.5B.5E.5D

Not to be confused by sed's and other program's regular expression
syntax. Uses of [^...] in case (parameter/word expansion in general) need
to be replaced with [!...].

Found with shellcheck: https://github.com/koalaman/shellcheck/wiki/SC2169

Signed-off-by: Rosen Penev <rosenp@gmail.com>
[minor commit title/message adjustments]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-11-25 17:22:39 +01:00
John Crispin
8134c542e2 base-files: generated named bridge-vlan sections
Signed-off-by: John Crispin <john@phrozen.org>
2020-11-19 15:38:37 +01:00
Matthias Schiffer
3f1109bf2a
base-files: fix backwards compatiblity of rc.common EXTRA_COMMANDS
Avoid needlessly breaking old initscripts that set EXTRA_COMMANDS. This
will aid in debugging (as it simplifies reverting to an older version of
a package) and unbreaks third-party feeds (and packages that maintain
their OpenWrt initscripts as part of the software's repo instead of the
OpenWrt feed like fastd).

Without this, initscripts that set EXTRA_COMMANDS become completely
unusable, as all default commands like start/stop cease working.

Fixes: 1a69f50dc6 ("base-files: fix rc.common help alignment")
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2020-11-17 17:57:42 +01:00
Yousong Zhou
00fb51f97e base-files: upgrade: stage2: use v for log lines
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2020-11-11 21:29:55 +08:00