mirror of
https://github.com/openwrt/openwrt.git
synced 2024-12-19 05:38:00 +00:00
This repository is a mirror of https://git.openwrt.org/openwrt/openwrt.git It is for reference only and is not active for check-ins. We will continue to accept Pull Requests here. They will be merged via staging trees then into openwrt.git.
5e5e92b7c3
This adds a "factory" image for the aircube-isp devices. Note that the firmware can't be uploaded without prior special preparation. For the most recent instructions on how to do that, visit the OpenWRT wiki page of the Ubiquiti airCube ISP for details: https://openwrt.org/toh/ubiquiti/ubiquiti_aircube_isp Current procedure: With the original firmware 2.5.0 it is possible to upload and execute a script via the configuration. To do that download and unpack the original configuration, adapt uhttpd config to execute another lua handler (placed in the config directory) and pack and upload it again. The lua handler can call a script that mounts an overlayfs and modifies the "fwupdate.real" binary so that an unsigned image is accepted. The overlayfs is necessary because a security system (called tomoyo) doesn't allow binaries in other locations than /sbin/fwupdate.real (and maybe some more) to access the flash when executed via network. A big thanks to Torvald Menningen (Snap) from the OpenWRT forum for finding out how to patch the binary so that it accepts an unsigned image. The current step-by-step procedure is: - Use a version 2.5.0 of the original firmware. This is important because a binary file will be modified. - Download a configuration. - Unpack it (it's just a tar gz file without an ending). - Add the following to uhttpd: `````` config 'uhttpd' 'other' list listen_http 0.0.0.0:8080 list listen_http [::]:8080 option 'home' '/tmp/persistent/config/patch/www' option lua_prefix '/lua' option lua_handler '/tmp/persistent/config/patch/handler.lua' `````` - Create a `patch` subfolder. - Create a `patch/www` subfolder. - Create a `patch/handler.lua` with the following content: `````` function handle_request(env) uhttpd.send("Status: 200 OK\r\n") uhttpd.send("Content-Type: text/plain\r\n\r\n") local command = "/bin/sh /tmp/persistent/config/patch/patch.sh 2>&1" local proc = assert(io.popen(command)) for line in proc:lines() do uhttpd.send(line.."\r\n") end proc:close() end `````` - Create a `patch/patch.sh` with the following content: `````` #!/bin/sh -x set -e set -u set -x UBNTBOX_PATCHED="/tmp/fwupdate.real" MD5FILE="/tmp/patchmd5" cat <<EOF > ${MD5FILE} c33235322da5baca5a7b237c09bc8df1 /sbin/fwupdate.real EOF # check md5 of files that will be patched if ! md5sum -c ${MD5FILE} then echo "******** Error when checking files. Refuse to do anything. ********" exit 0 fi # prepare some overlay functionality LOWERDIR="/tmp/lower_root" mkdir -p ${LOWERDIR} mount -t squashfs -oro /dev/mtdblock3 ${LOWERDIR} overlay_some_path() { PATH_TO_OVERLAY=$1 ALIAS=$2 UPPERDIR="/tmp/over_${ALIAS}" WORKDIR="/tmp/over_${ALIAS}_work" mkdir -p ${UPPERDIR} mkdir -p ${WORKDIR} mount -t overlay -o lowerdir=${LOWERDIR}${PATH_TO_OVERLAY},upperdir=${UPPERDIR},workdir=${WORKDIR} overlay ${PATH_TO_OVERLAY} } # patch the ubntbox binary. overlay_some_path "/sbin" "sbin" echo -en '\x10' | dd of=/sbin/fwupdate.real conv=notrunc bs=1 count=1 seek=24598 echo "******** Done ********" `````` - Repack the configuration. - Upload it via the normal web interface. - Wait about a minute. The webserver should restart. - Now there is a second web server at port 8080 which can call the lua script. Visit the page with a web browser. Link is for example http://192.168.1.1:8080/lua - You should see the output of the script with a "*** Done ***" at the end. Note that the patches are not permanent. If you restart the router you have to re-visit the link (but not re-upload the config). - Now you can upload an unsigned binary via the normal web interface. Signed-off-by: Christian Mauderer <oss@c-mauderer.de> |
||
|---|---|---|
| .github | ||
| config | ||
| include | ||
| package | ||
| scripts | ||
| target | ||
| toolchain | ||
| tools | ||
| .gitattributes | ||
| .gitignore | ||
| BSDmakefile | ||
| Config.in | ||
| feeds.conf.default | ||
| LICENSE | ||
| Makefile | ||
| README | ||
| rules.mk | ||
_______ ________ __
| |.-----.-----.-----.| | | |.----.| |_
| - || _ | -__| || | | || _|| _|
|_______|| __|_____|__|__||________||__| |____|
|__| W I R E L E S S F R E E D O M
-----------------------------------------------------
This is the buildsystem for the OpenWrt Linux distribution.
To build your own firmware you need a Linux, BSD or MacOSX system (case
sensitive filesystem required). Cygwin is unsupported because of the lack
of a case sensitive file system.
You need gcc, binutils, bzip2, flex, python3.5+, perl, make, find, grep, diff,
unzip, gawk, getopt, subversion, libz-dev and libc headers installed.
1. Run "./scripts/feeds update -a" to obtain all the latest package definitions
defined in feeds.conf / feeds.conf.default
2. Run "./scripts/feeds install -a" to install symlinks for all obtained
packages into package/feeds/
3. Run "make menuconfig" to select your preferred configuration for the
toolchain, target system & firmware packages.
4. Run "make" to build your firmware. This will download all sources, build
the cross-compile toolchain and then cross-compile the Linux kernel & all
chosen applications for your target system.
Sunshine!
Your OpenWrt Community
http://www.openwrt.org