Commit graph

1033 commits

Author SHA1 Message Date
Mathias Kresin
c90a8cb755 procd: nand: dont rely on boardname in nand_upgrade_tar
Kernel and rootfs in a subdirectory matching the userspace boardname,
was intended to use a single sysupgrade-tar archive for multiple boards
with different kernel/rootfs images. This feature was never used.

Use the first found directory in the tar archive instead of relying on
a directory named according to the userspace boardname.

It allows to change the boardname without adding another compatibility
layer - using the nand_board_name() function - for (sub)targets using
the metadata based image validation in favour to
nand_do_platform_check().

Signed-off-by: Mathias Kresin <dev@kresin.me>
2017-12-08 20:57:12 +01:00
Christian Lamparter
4e3f6dae04 base-files: upgrade: make get_partitions() endian agnostic
This patch fixes two issues with the current get_partitions()
function.

First: "Invalid partition table on $disk" will pop up on
legitimate images on big endian system.

This is because the little-endian representation of "55 AA" is
assumed in the context of little-endian architectures. On these
comparing it to the 16-bit word 0xAA55 does work as intented.
Whereas on big-endian systems, this would have to be 0x55AA.

This patch fixes the issue by replacing the integer conversion
and value match check with just a string comparision.

Second: The extraction of the type, start LBA and LBA num from
the partition table has the same endianness issue. This has been
fixed by using the new hex_le32_to_cpu() function. This function
will translate the stored little-endian data to the correct
byte-order if necessary.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2017-12-08 19:54:16 +01:00
Zoltan HERPAI
bf5cef47b3 merge: release/banner: drop release name and update banner
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
2017-12-08 19:41:18 +01:00
Zoltan HERPAI
34bbbbf9c3 merge: base: update base-files and basic config
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
2017-12-08 19:41:18 +01:00
Mat Trudel
2dca7177e7 sysupgrade: don't kill our own parent
Add the parent of the sysupgrade script to the list of pids not getting
killed

Signed-off-by: Mat Trudel <mat@geeky.net>
Signed-off-by: John Crispin <john@phrozen.org>
2017-11-15 21:11:23 +01:00
Pierre Lebleu
832b6b8305 procd: service_data: Support data within the service itself
Use the same approach than the service_triggers for the service_data.

Signed-off-by: Pierre Lebleu <pme.lebleu@gmail.com>
2017-11-10 23:31:27 +01:00
Yousong Zhou
b2aa820b48 base-files: fix getting gid from group_add_next
Shell function return code only has range [0, 255].  Other values will
be truncated, e.g. return 65536 will have the same effect as return 0

While at it, drop other "return $rc" where rc will almost always take
value 0 and whose value current callers actually do not check

Fixes FS#988

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2017-11-09 17:42:36 +08:00
Marko Ratkaj
73c745f64f functions.sh: fix default_postinst function
When we run "opkg install" on a package that installs an uci-defaults
script, functions.sh will fail to evaluate that script in its
default_postinst function.

This happens because there is no "./" present and it searches for the
file in paths specified by the PATH variable. This would work on bash,
but it will not work on ash and some other shells like sh, zsh. This
applys to the ". filename" directive used in this case.

This patch will make the path relative to the /etc/uci-defaults
directory.

Fixes: FS#1021

Signed-off-by: Marko Ratkaj <marko.ratkaj@sartura.hr>
2017-11-08 23:18:22 +01:00
Jo-Philipp Wich
2b6facc8d4 include: kernel.mk: simplify module autoloading
Let the generic postinstall script invoke "kmodloader" when the just
installed package contains any /etc/module.d/ entries.

This allows us to skip the explicit "insert_module()" calls in the
package postinstall.

Due to the removed insert_module calls we do not need to assemble a
complete list of modules per package anymore, which allows for vast
simplification of the package generation code.

While we're at it, also support specifying default parameters for
modules using either the MODPARAM or MODPARAM.modulename variables
in KernelPackage.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-11-07 12:02:06 +01:00
Edmunt Pienkowsky
fdc7cc9907 base-files: add interval option to netdev LED trigger configuration
Add an uci option to set the interval parameter of the netdev trigger.

Signed-off-by: Edmunt Pienkowsky <roed@onet.eu>
2017-11-03 20:04:52 +01:00
Hans Dedecker
400c5f03c3 base-files: fix wan6 interface config generation for pppoe
Setting ipv6 to auto in case of a pppoe interface will trigger the
creation of a dynamic wan_6 interface meaning two IPv6 interfaces
(wan6 and wan_6) will be active on top of the pppoe interface.
This leads to unpredictable behavior in the network; therefore set
ipv6 to 1 which will prevent the dynamic creation of the wan_6
interface.
Further alias the wan6 interface on top of the wan interface for pppoe
as the wan6 interface can only be started when the link local address is
ready. In case of pppoe the link local address is negotiated during the
Internet Protocol Control Protocol when the PPP link is setup meaning
all the IP address info is only available when the wan interface is up.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-09-18 09:57:34 +02:00
Kevin Darbyshire-Bryant
7765e442d0 basefiles: allow suid coredumps
Set sysctl fs.suid_dumpable = 2

This allows suid processes to dump core according to kernel.core_pattern
setting.  LEDE typically uses suid to drop root priviledge rather than
gain it but without this setting any suid process would be unable to
produce coredumps (e.g. dnsmasq)

Processes still need to set a non zero core file process limit ('ulimit
-c unlimited' or if procd used 'procd_set_param limits
core="unlimited"') in order to produce a core.  This setting removes an
obscure stumbling block along the way.

>From https://www.kernel.org/doc/Documentation/sysctl/fs.txt

suid_dumpable:

This value can be used to query and set the core dump mode for setuid
or otherwise protected/tainted binaries. The modes are

0 - (default) - traditional behaviour. Any process which has changed
	privilege levels or is execute only will not be dumped.
1 - (debug) - all processes dump core when possible. The core dump is
	owned by the current user and no security is applied. This is
	intended for system debugging situations only. Ptrace is unchecked.
	This is insecure as it allows regular users to examine the memory
	contents of privileged processes.
2 - (suidsafe) - any binary which normally would not be dumped is dumped
	anyway, but only if the "core_pattern" kernel sysctl is set to
	either a pipe handler or a fully qualified path. (For more details
	on this limitation, see CVE-2006-2451.) This mode is appropriate
	when administrators are attempting to debug problems in a normal
	environment, and either have a core dump pipe handler that knows
	to treat privileged core dumps with care, or specific directory
	defined for catching core dumps. If a core dump happens without
	a pipe handler or fully qualifid path, a message will be emitted
	to syslog warning about the lack of a correct setting.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
2017-09-12 22:18:45 +02:00
Rafał Miłecki
1e13c6f77f base-files: drop unused preinit_echo function
It isn't used for years since the old 99_10_run_init has been dropped.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2017-08-09 23:23:06 +02:00
Rafał Miłecki
f41dd32722 base-files: don't setup network in preinit if failsafe is disabled
With failsafe disabled there is no point in early network setup. We
don't send announcement over UDP and there is no way to ssh to the
device.

A side effect of this is avoiding a possibly incorrect network config
(only with failsafe disabled). This problem is related to possible
changes made by user in /etc/config/network.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2017-08-09 23:18:59 +02:00
Florian Eckert
c31f0421ce base-files: suppress uci not found output in login.sh
Fix "uci: Entry not found" output if "ttylogin" is not set in
"etc/config/system"

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2017-08-04 23:11:19 +02:00
Matthias Schiffer
1ab227d688
base-files: upgrade: don't loop forever trying to kill processes
When processes don't die on SIGKILL (usually because of kernel bugs), it's
better to give up instead of looping forever.

upgraded will trigger a reboot in this case (and if this fails, a hardware
watchdog will eventually time out and reset the system, if present).

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-07-20 21:41:33 +02:00
Mathias Kresin
ac3e05c5d7 treewide: populate boardname and model earlier
For targets using the generic board detection and board specific
settings in diag.sh, the board name is still unset at the time the
set_state() provided by diag.sh is called by 10_indicate_preinit.

Change the execution order to ensure the boardname is populated before
required the first time. Do the target specific board detection as
early as possible, directly followed by the generic one to allow a
seamless switch to the generic function for populating /tmp/sysinfo/.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2017-07-15 23:13:34 +02:00
Matthias Schiffer
438dcbfe74
base-files: automatically handle paths and symlinks for RAMFS_COPY_BIN
Depending on busybox applet selection, paths of basic utiilties may differ,
and may not work as symlinks to busybox. Simply using whatever binary is
found in PATH and detecting symlinks automatically is more robust and
easier to maintain.

The list of binaries is also slightly cleaned up and duplicates are
removed.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-07-11 17:26:32 +02:00
Matthias Schiffer
73f675415c
bcm53xx: upgrade: fix RAMFS_COPY_*
Fixes: 30f61a34b4 "base-files: always use staged sysupgrade"
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-07-11 17:19:23 +02:00
Matthias Schiffer
7a29e44f90
base-files: upgrade: correctly handle nand_do_upgrade argument passed from preupgrade
Fixes: 30f61a34b4 "base-files: always use staged sysupgrade"
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-07-11 17:19:23 +02:00
Jo-Philipp Wich
5523ee3459 base-files: add "tty" user group
This is needed for an upcoming change to the hotplug default rules which
will cause /dev/tty* nodes to get assigned to the "tty" group in order
to support unprivileged user access when needed.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-06-26 10:02:20 +02:00
Yousong Zhou
f334a0cdb8 base-files: allocate uid/gid starting from 65536
There already exist static assignment of uid/gid 65533 in packages feed
and we have nobody/nogroup taking 65534 as their ids.  Let's change the
pid of dynamic assignment to start from 65536 so that the two assignment
scheme will not collide with each other

While at it, fix the scan command checking existence of uid/gid

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2017-06-18 10:39:35 +08:00
Mathias Kresin
4cdbf4014b base-files: make ucidef_set_led_rssi offset and factor optional
The offset and factor are only related for LEDs which can have
different brightness values. But binary LEDs are more common and don't
require any further configuation than setting the factor to 1.

Use offset = 0 and factor = 1 in case nothing else is specified.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2017-06-17 15:38:19 +02:00
Jonas Gorski
fd952c7a83 base-files: board.json's switch reset means existence, not argument
Don't pass the value unconditionally to swconfig as a parameter but
instead only call reset if it is 1.

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2017-06-11 12:50:14 +02:00
Jo-Philipp Wich
6426e4edef base-files: network.sh: fix a number of IPv6 logic flaws
* Change network_get_subnet6() to sensibly guess a suitable prefix

  Attempt to return the first non-linklocal, non-ula range, then attempt
  to return the first non-linklocal range and finally fall back to the
  previous behaviour of simply returning the first found item.

* Fix network_get_ipaddrs_all()

  Instead of replicating the flawed logic appending a fixed ":1" suffix
  to IPv6 addresses, rely on network_get_ipaddrs() and network_get_ipaddrs6()
  to build a single list of all interface addresses.

* Fix network_get_subnets6()

  Instead of replicating the flawed logic appending a fixed ":1" suffix
  to IPv6 addresses, rely on the ipv6-prefix-assignment.local-address
  field to figure out the proper network address.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-06-08 20:12:52 +02:00
Jo-Philipp Wich
7f91cabd0d base-files: network.sh: properly report local IPv6 addresses
Rework the network_get_ipaddr6() and network_get_ipaddrs6() functions to
fetch the effective local IPv6 address of delegated prefix from the
"local-address" field instead of naively hardcoding ":1" as static suffix.

Fixes FS#829.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-06-08 12:06:01 +02:00
Matthias Schiffer
5654a03768
mvebu: fix sysupgrade
mvebu was modifying RAMFS_COPY_BIN and RAMFS_COPY_DATA from a
sysupgrade_pre_upgrade hook. As the ramfs is created from stage2, this
did not have an effect anymore after the staged sysupgrade changes.

As it doesn't really hurt to copy fw_printenv and fw_setenv
unconditionally, simply add them in /lib/upgrade/platform.sh, so stage2
will see them.

Config copying is moved to a function called by platform_copy_config, where
it belongs.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
Fixes: FS#821
Fixes: 30f61a34b4 "base-files: always use staged sysupgrade"
2017-06-01 20:41:19 +02:00
Christian Lamparter
7783f31359 base-files: nand: use CI_KERNPART whenever the kernel volume is needed
The sender domain has a DMARC Reject/Quarantine policy which disallows
sending mailing list messages using the original "From" header.

To mitigate this problem, the original message has been wrapped
automatically by the mailing list software.
This patch is in continuation of: commit 93aa860405
"procd: nand: make it possible to configure kernel and ubi partition"

The $CI_KERNPART variable should be used in place
of the fixed "kernel" partition name. This allows
targets to specifiy alternate names for the kernel
partition.

Cc: Chris Blake <chrisrblake93@gmail.com>
Signed-off-by: Christian Lamparter <chunkeey@googlemail.com>
2017-05-31 09:55:01 +02:00
Matthias Schiffer
a5428244d9
base-files: add support for staged sysupgrades from failsafe mode
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-05-29 23:50:33 +02:00
Matthias Schiffer
b2adb9a7b5
base-files: sysupgrade cleanup
Some functions only used by stage2 are moved there from common.sh.

One piece that could still use more cleanup is platform_pre_upgrade: many
targets reference files from there are aren't available in the ramfs, so
we need to evaluate it before the switch; conversely, flash writes happen
in that function on some targets. Targets that do the latter should be
fixed eventually to use platform_do_upgrade for that purpose.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-05-29 23:50:33 +02:00
Matthias Schiffer
30f61a34b4
base-files: always use staged sysupgrade
Support for the -d and -p options is dropped; it may be added again at some
point by adding these flags to the ubus sysupgrade call.

A downside of this is that we get a lot less information about the progress
of the upgrade: as soon as the actual upgrade starts, all shell sessions
are killed to allow unmounting the root filesystem.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-05-29 23:50:32 +02:00
Matthias Schiffer
393817df5d
procd: remove procd-nand package
We always want to support staged upgrades now, so it's better to include
upgraded into the main package. /lib/upgrade/nand.sh is moved to
base-files.

The procd-nand-firstboot package is removed for now, it may return later
as a separate package.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-05-29 23:50:32 +02:00
Jo-Philipp Wich
361c8b4ee4 Revert "sysupgrade: run only one instance at a time."
This reverts commit e96a9a9af8.

The change breaks sysupgrade through LuCI and two-stage sysupgrade on
NAND targets. There is also a mismatch of file paths in lock and unlock
operations.

This commit was apparently neither properly tested, nor reviewed, so
drop it for now.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-05-26 14:49:08 +02:00
Kenneth Johansson
e96a9a9af8 sysupgrade: run only one instance at a time.
Things do not work well if running multiple instances of
upgrade at the same time.

Signed-off-by: Kenneth Johansson <kenneth.johansson@inteno.se>
2017-05-25 09:22:43 +02:00
Alexandru Ardelean
c7ee30d53a base-files: fix default procd reload
Bug introduced with 6713694.

I did not count on procd handling reload as mentioned
in this doc:
https://wiki.openwrt.org/inbox/procd-init-scripts

```
procd_set_param file /var/etc/your_service.conf # /etc/init.d/your_service reload will restart the daemon if these files have changed
procd_set_param netdev dev # likewise, except if dev's ifindex changes.
procd_set_param data name=value ... # likewise, except if this data changes.
```

The service would be restarted regardless of any of those params.

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2017-05-20 20:43:45 +02:00
Alberto Bursi
4242ddf8f2 base-files: add led functions to uci-defaults.sh
uci_set_leds_ataport() allows to set a led to show activity
on a specific (s)ata port, which is needed for devices that have
a Sata led for each sata port.
The led trigger is from the 834-ledtrig-libata.patch LEDE kernel patch.

uci_set_leds_usbhost() allows to set a led to show total usb activity.

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
[Jo-Philipp Wich: use a single underscore to denote private functions]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-05-14 21:45:50 +02:00
Alberto Bursi
b06a286a48 base-files: cleanup led functions in uci-defaults.sh
create a function with code common to all led functions,
create another function with code common to functions setting
a simple led trigger, restore alphabetical order in function names.

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
[Jo-Philipp Wich: use a single underscore to denote private functions]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-05-14 21:45:50 +02:00
Jo-Philipp Wich
65de093c18 base-files: implement ucidef_set_hostname(), ucidef_set_ntpserver()
Commit 2036ae4 (base-files: support hostname and ntp servers through board.d)
was supposed to implement these procedures but lacked the required changes
to uci-defaults.sh.

Add the missing procedures now to fix config generation on targets relying
on hostname or NTP server presetting.

Fixes FS#754.

Reported-by: Cristian Morales Vega <cristian@samknows.com>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-05-03 13:47:57 +02:00
Alexandru Ardelean
6713694fe4 base-files: use restart if no reload hook for service
This was also working before, with a slightly
different semantic.

[ Original semantic ]
If no reload hooks was implemented, the default one would
kick in, it would return fail, and restart would happen.

This would happen also in the case where a reload hook
would be implemented, it would fail, and it would restart
the service.

[ New semantic ]
The default reload hook calls restart.
Services can implement their own reload.

If reload fails, then the '/etc/init.d/<service> reload'
would return a non-zero code, and the caller can choose
a way to handle this.

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2017-04-12 09:54:21 +02:00
Felix Fietkau
ec99142474 base-files: add generic board_name function to functions.sh
This will be used to replace all those nasty board specific scripts
that do basically the same thing

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-03-22 11:43:21 +01:00
Mathias Kresin
0f01253b25 base-files: always set proto passed to _ucidef_set_interface()
Overwrite an already set proto if a new one is passed to
_ucidef_set_interface() similar to what is done for the interface.

It is required when using ""ucidef_set_interface_wan 'ptm0' 'pppoe'"
after some initial wan interface configuration is already done by
ucidef_add_switch.

The "json_is_a protocol string" guard is meant to not reset an earlier
set interface proto in case something like
"ucidef_set_interface_lan 'eth0'" is used afterwards.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2017-03-11 13:45:00 +01:00
Lucian Cristian
8e75efc0fb base-files: add submission service port
prevent postfix start failure fatal: 0.0.0.0:submission: Unrecognized service

Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
2017-03-11 05:53:33 +01:00
David Pinilla Caparrós
a896611acd base-files: Added a deprecation notice on wifi detect
When running wifi detect, the user will be told on error output that
wifi detect is deprecated, that wifi config must be used instead. Also
the commit that changes it is referenced for further info.

Signed-off-by: David Pinilla Caparrós <dpinitux@gmail.com>
2017-02-13 10:24:32 +01:00
David Pinilla Caparrós
f6d3ea8c8a base-files: Add wifi config to wifi command usage
Since commit 5f8f8a3661 wifi detect does
not longer work and wifi config it's used to configure not yet
configured wireless devices.

This commit changes command usage to reflect that change.

Signed-off-by: David Pinilla Caparrós <dpinitux@gmail.com>
2017-02-13 10:24:32 +01:00
Jo-Philipp Wich
73d923ed6b base-files: emit tagged switch configuration by default
Instead of only using tagged CPU port configurations when more than one VLAN
is present on the switch, always emit tagged configurations unless a board
explicitely opts out of this behaviour by using the previously introduced
[0-9]u@netdev syntax.

Emitting default tagged configurations has the following benefits:

 - Relation of switch vlans to netdevs is easier to understand, especially
   for multi-cpu-port switches

 - Adding additional VLANs (e.g. to break out a LAN port for other purposes)
   becomes easier as users are not forced to change the existing untagged
   VLAN to tagged and the existing ifname notation from ethX to ethX.Y
   anymore, drastly reducing the likelyhood of soft-bricks.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-02-02 00:13:49 +01:00
Mathias Kresin
60fce1258c base-files: don't overwrite model name set by target
The condition is always true due to the literal string followed the
-n test parameter. A model name set by target scripts always gets
overwritten this way.

Change the condition to check for an already existing destination file
as it was before 5e85ae9 ("base-files: fix error message during boot").

Signed-off-by: Mathias Kresin <dev@kresin.me>
2017-01-30 08:55:41 +01:00
Yousong Zhou
034bed3707 base-files: uppercase default hostname: LEDE
The name will appear in shell prompt and LuCI page title.  Uppercase
letters seem to be more vigorous

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2017-01-26 18:10:10 +01:00
Matthias Schiffer
86ccaf4c18
base-files: fix user creation on sysupgrade with few opkg control files
If only a single opkg control file exists (which can happen with
CONFIG_CLEAN_IPKG), grep would not print the file name by default. Instead
of forcing it using -H, we just switch to -l (print only file names) and
get rid of the cut.

Add -s to suppress an error message when no control files exist.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-01-24 19:08:41 +01:00
Hans Dedecker
5f7a081553 base-files: add /etc/iproute2/rt_protos
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-01-18 13:15:28 +01:00
Matthias Schiffer
b9a408c2b4
base-files: add ARCH_PACKAGES to openwrt_release and os-release
Knowing the package architecture at runtime can be useful, e.g. to
configure opkg repository URLs. The value of ARCH_PACKAGES ("%A" in
VERSION_SED) as added to openwrt_release (as DISTRIB_ARCH) and os-release
(as LEDE_ARCH).

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-01-16 13:29:47 +01:00
Felix Fietkau
7304510392 base-files: save /bin/mknod for sysupgrade
It is used on NAND devices in case hotplug is too slow

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-06 15:34:14 +01:00
Yousong Zhou
6f61d8511e base-files: export x86 platform upgrade functions to common.sh
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2017-01-05 11:09:14 +01:00
Alberto Bursi
8496659eb4 base-files: fix message of initscript wrapper
currently (after blogic's edit to my commit) it prints like this:

root@lede:/# service aa
aa does not exist. the following services are available :adblock       dnsmasq       gpio_switch   rpcd          system
boot          done          led           sqm           uhttpd
crelay        dropbear      log           sysctl        umount
cron          firewall      network       sysfixtime    urandom_seed
ddns          fstab         odhcpd        sysntpd

which looks pretty bad, and is even worse if someone writes only "service" without arguments, as it will print " does not exist. " which is confusing.

with this commit it looks like this:

root@lede:/# service
service "" not found, the following services are available:
adblock       dnsmasq       gpio_switch   rpcd          system
boot          done          led           sqm           uhttpd
crelay        dropbear      log           sysctl        umount
cron          firewall      network       sysfixtime    urandom_seed
ddns          fstab         odhcpd        sysntpd

Yes there is some play with " and ', it is to display "name" or just "" if no service name is entered (like in the example).

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
2017-01-02 16:47:59 +01:00
Rafał Miłecki
b522292405 base-files: add support for overlaying rootfs content
This adds support for install-overlay define. When used in package it
allows installing files to a special directory that gets copied to the
root when installing it.
It allows overwriting files provided by other packages.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2016-12-20 09:35:36 +01:00
Julian Labus
b0ac825884 base-files: Changed UCI variable name for GPIO value from 'default' to 'value'
This changes the UCI variable for the GPIO value from system.$cfg.default back
to system.$cfg.value as it was before the change from uci-defaults [1] to board.d.
/etc/init.d/gpio_switch [2] still expects the value to be in system.$cfg.value.

[1] d65916047b/package/base-files/files/lib/functions/uci-defaults.sh (L197)
[2] https://github.com/lede-project/source/blob/master/package/base-files/files/etc/init.d/gpio_switch#L17

Signed-off-by: Julian Labus <julian@labus-online.de>
2016-12-12 09:57:40 +01:00
Felix Fietkau
81b5e8e5d2 base-files: add a hint in sysupgrade that shows what to do when the image metadata check fails
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-12-04 11:41:49 +01:00
Jo-Philipp Wich
5f3c96c285 build: adjust version number handling
Move the revision info to the VERSION_CODE variable and default VERSION_NUMBER
to CURRENT for master branch builds.

Also introduce a new menuconfig option CONFIG_VERSION_CODE which allows users
to override the revision value put into VERSION_CODE and adjust the template
files used by the base-files package to accomodate for the changed semantics.

While we're at it, also adjust the various URLs to match the current web site.

After this commit, the relevent files will look like the examples given below:

    # cat /etc/openwrt_version
    r2398+1

    # cat /etc/openwrt_release
    DISTRIB_ID='LEDE'
    DISTRIB_RELEASE='CURRENT'
    DISTRIB_REVISION='r2398+1'
    DISTRIB_CODENAME='reboot'
    DISTRIB_TARGET='x86/64'
    DISTRIB_DESCRIPTION='LEDE Reboot CURRENT r2398+1'
    DISTRIB_TAINTS='no-all override'

    # cat /usr/lib/os-release
    NAME="LEDE"
    VERSION="CURRENT, Reboot"
    ID="lede"
    ID_LIKE="lede openwrt"
    PRETTY_NAME="LEDE Reboot CURRENT"
    VERSION_ID="current"
    HOME_URL="http://lede-project.org/"
    BUG_URL="http://bugs.lede-project.org/"
    SUPPORT_URL="http://forum.lede-project.org/"
    BUILD_ID="r2398+1"
    LEDE_BOARD="x86/64"
    LEDE_TAINTS="no-all override"
    LEDE_DEVICE_MANUFACTURER="LEDE"
    LEDE_DEVICE_MANUFACTURER_URL="http://lede-project.org/"
    LEDE_DEVICE_PRODUCT="Generic"
    LEDE_DEVICE_REVISION="v0"
    LEDE_RELEASE="LEDE Reboot CURRENT r2398+1"

On a release branch, those files would look like:

    # cat /etc/openwrt_version
    r2399

    # cat /etc/openwrt_release
    DISTRIB_ID='LEDE'
    DISTRIB_RELEASE='16.12-CURRENT'
    DISTRIB_REVISION='r2399'
    DISTRIB_CODENAME='test_release'
    DISTRIB_TARGET='x86/64'
    DISTRIB_DESCRIPTION='LEDE Test Release 16.12-CURRENT r2399'
    DISTRIB_TAINTS='no-all override'

    # cat /usr/lib/os-release
    NAME="LEDE"
    VERSION="16.12-CURRENT, Test Release"
    ID="lede"
    ID_LIKE="lede openwrt"
    PRETTY_NAME="LEDE Test Release 16.12-CURRENT"
    VERSION_ID="16.12-current"
    HOME_URL="http://lede-project.org/"
    BUG_URL="http://bugs.lede-project.org/"
    SUPPORT_URL="http://forum.lede-project.org/"
    BUILD_ID="r2399"
    LEDE_BOARD="x86/64"
    LEDE_TAINTS="no-all override"
    LEDE_DEVICE_MANUFACTURER="LEDE"
    LEDE_DEVICE_MANUFACTURER_URL="http://lede-project.org/"
    LEDE_DEVICE_PRODUCT="Generic"
    LEDE_DEVICE_REVISION="v0"
    LEDE_RELEASE="LEDE Test Release 16.12-CURRENT r2399"

On a release tag, those files would look like:

    # cat /etc/openwrt_version
    r2500

    # cat /etc/openwrt_release
    DISTRIB_ID='LEDE'
    DISTRIB_RELEASE='17.02.1'
    DISTRIB_REVISION='r2500'
    DISTRIB_CODENAME='mighty_unicorn'
    DISTRIB_TARGET='x86/64'
    DISTRIB_DESCRIPTION='LEDE Mighty Unicorn 17.02.1 r2500'
    DISTRIB_TAINTS='no-all override'

    # cat /usr/lib/os-release
    NAME="LEDE"
    VERSION="17.02.1, Mighty Unicorn"
    ID="lede"
    ID_LIKE="lede openwrt"
    PRETTY_NAME="LEDE Mighty Unicorn 17.02.1"
    VERSION_ID="17.02.1"
    HOME_URL="http://lede-project.org/"
    BUG_URL="http://bugs.lede-project.org/"
    SUPPORT_URL="http://forum.lede-project.org/"
    BUILD_ID="r2500"
    LEDE_BOARD="x86/64"
    LEDE_TAINTS="no-all override"
    LEDE_DEVICE_MANUFACTURER="LEDE"
    LEDE_DEVICE_MANUFACTURER_URL="http://lede-project.org/"
    LEDE_DEVICE_PRODUCT="Generic"
    LEDE_DEVICE_REVISION="v0"
    LEDE_RELEASE="LEDE Mighty Unicorn 17.02.1 r2500"

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Acked-by: Felix Fietkau <nbd@nbd.name>
2016-12-02 16:02:02 +01:00
Alberto Bursi
d52676d1ea base-files: add a wrapper for init scripts in profile
"service" is a simple wrapper that will allow to call init.d scripts

current method:     #  /etc/init.d/network reload
with the wrapper:   #  service network reload

If the wrapper is called without arguments or with a wrong init script name, it will print an error and list the content of /etc/init.d/ folder

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
2016-11-29 21:12:08 +01:00
Jonas Gorski
48cfc826eb base-files: ignore failure of stopping services on removal
Packages that do a killall <cmd> with the same name as the init script
will fail the prerm step when the service isn't running. Do make them
removable without having to restart the service, ignore the return code.

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
Acked-by: Jo-Philipp Wich <jo@mein.io>
2016-11-21 18:40:15 +01:00
Jonas Gorski
afaa34ccd7 base-files: don't modify enabled state of service on upgrade
Properly stop/start services on upgrade, but don't change the enabled
state.

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
Acked-by: Jo-Philipp Wich <jo@mein.io>
2016-11-21 18:40:15 +01:00
Felix Fietkau
cc853810a4 base-files: validate metadata of sysupgrade images
Use fwtool to extract it, only require metadata to be present if the
platform sysupgrade script sets REQUIRE_IMAGE_METADATA=1

Image metadata is in JSON format and contains a list of supported
devices, along with version information that could be displayed by a UI
later before the actual upgrade happens.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-11-19 11:24:09 +01:00
Marek Lindner
9978a3e2ca base-files: Prefer busybox arp over /proc/net/arp alias
A firmware compiled with BUSYBOX_CONFIG_ARP should also use by default the
arp binary from busybox. Otherwise the extra functionality the user
requested can only be used when running arp with the path to the binary.

Signed-off-by: Marek Lindner <marek.lindner@open-mesh.com>
Signed-off-by: Sven Eckelmann <sven.eckelmann@open-mesh.com>
2016-11-10 16:12:52 +01:00
Christian Lamparter
5f8f8a3661 base-files, mac80211, broadcom-wl: wifi detection and configuration
Currently, the wifi detection script is executed as part of
the (early) boot process. Pluggable wifi USB devices, which
are inserted at a later time are not automatically
detected and therefore they don't show up in LuCI.

A user has to deal with wifi detection manually, or restart
the router.

However, the current "sleep 1" window - which the boot
process waits for wifi devices to "settle down" - is too
short to detect wifi devices for some routers anyway.

For example, this can happen with USB WLAN devices on the
WNDR4700. This is because the usb controller needs to load
its firmware from UBI and initialize, before it can operate.

The issue can be seen on a BT HomeHub 5A as well as soon as
the caldata are on an ubi volume. This is because the ath9k
card has to be initialized by owl-loader first. Which has to
wait for the firmware extraction script to retrieve the pci
initialization values inside the caldata.

This patch moves the wifi configuration to hotplug scripts.
For mac80211, the wifi configuration will now automatically
run any time a "ieee80211" device is added. Likewise
broadcom-wl's script checks for new "net" devices which
have the "wl$NUMBER" moniker.

Issues with spawning multiple interface configuration - in
case the detection script is run concurrently - have been
resolved by using a named section for the initial
configuration. Concurrent configuration scripts will now
simply overwrite the same existing configuration.

A workaround which preserves the "sleep 1" window for just
the first boot has been added. This allows the existing
brcm47xx boot and mvebu uci-default scripts to correctly
setup the initial mac addresses and regulatory domain.

And finally, the patch renames the "wifi detect" into
"wifi config". As the script no longer produces any output
that has to be redirected or appended to the configuration
file.

Thanks to Martin Blumenstingl for helping with the implementation
and testing of the patch.

Acked-by: Jo-Philipp Wich <jo@mein.io>
Signed-off-by: Mathias Kresin <dev@kresin.me>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-11-03 11:08:01 +01:00
Christian Lamparter
5e35b4562f base-files, mac80211, broadcom-wl: use uci to populate wireless config
Previously, wifi detect simply dumped its generated wireless
configuration to STDOUT. A second step was needed to append
the configuration to /etc/config/wireless (or create it, if
it didn't exist).

With this patch, The wifi detection script will now use uci
to update the wireless configuration directly.

This patch also makes the initially created wifi-iface a
named section ('default_radio$X' for mac80211 and
'default_wl$X' for broadcom). With this change, uci will
not print the cfgHASH to STDOUT (which would now corrupt
the wireless configuration). It will also prevent adding
duplicated wifi interface configurations, if the wifi
configuration is run concurrently.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2016-11-03 11:08:01 +01:00
Mathias Kresin
ba3540db62 base-files: generate /etc/config/wireless, if it doesn't exist
This patch adds a check in "wifi detect" to test if the wireless
configuration file does exist. If it doesn't exist, an empty
/etc/config/wireless file will be created.

This is necessary because uci doesn't create new files,
instead the tool just exits with "uci: Entry not found".

Signed-off-by: Mathias Kresin <dev@kresin.me>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2016-11-03 11:08:01 +01:00
Jo-Philipp Wich
5e0441aaf0 base-files: uci-defaults: support requesting untagged switch port configuration
Introduce support for a new [0-9]u@netdev syntax to ucidev_add_switch() to let
board.d network files request default network switch configurations which do
not use tagged CPU ports.

This commit itself has no effect on generated configurations at the moment
since we still emit untagged configurations by default but it allows boards to
opt-out from default tagged configs in case we start emitting tagged settings
by default.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-11-02 01:06:29 +01:00
Petr Štetiar
9e8e8b7253 base-files: sysfixtime: Keep RTC time in UTC timezone
We need to tell hwclock with -u commandline option, that we would like
to keep our RTC clock in UTC timezone. Linux kernel expects RTC in UTC
timezone anyway.

In current state of things, we don't tell hwclock to load/store time
from/to RTC in UTC timezone so it uses the timezone from the system
time. If it's set to different timezone then UTC, sysfixtime is going to
screw the time in RTC.

I've following in the setup script:

  uci set system.@system[0].timezone='CET-1CEST,M3.5.0,M10.5.0/3'
  uci set system.@system[0].zonename='Europe/Prague'

I've this RTC setup (rtc1 is RTC on i.MX6 SoC, rtc0 is battery backed RTC mcp7941x):

  rtc-ds1307 3-006f: rtc core: registered mcp7941x as rtc0
  snvs_rtc 20cc000.snvs:snvs-rtc-lp: rtc core: registered 20cc000.snvs:snvs-r as rtc1

Then we can experience following (current time is 10:15am):

	$ date
	Fri Oct 21 10:15:07 CEST 2016

	$ hwclock -r -f /dev/rtc0
	Fri Oct 21 08:14:46 2016  0.000000 seconds

	$ hwclock -u -r -f /dev/rtc0
	Fri Oct 21 10:14:46 2016  0.000000 seconds

And after current broken sysfixtime:

	$ /etc/init.d/sysfixtime stop

	$ date
	Fri Oct 21 10:15:25 CEST 2016

	$ hwclock -r -f /dev/rtc0
	Fri Oct 21 10:15:31 2016  0.000000 seconds

Now we've time in our battery backed RTC in CEST timezone instead of
UTC.  Then once again, but with this patch applied to sysfixtime, where
hwclock is using correctly the -u parameter:

	$ /etc/init.d/sysfixtime stop

	$ date
	Fri Oct 21 10:15:53 CEST 2016

	$ hwclock -r -f /dev/rtc0
	Fri Oct 21 08:15:55 2016  0.000000 seconds

Signed-off-by: Petr Štetiar <ynezz@true.cz>
Acked-by: Jo-Philipp Wich <jo@mein.io>
2016-10-31 16:33:19 +01:00
Chris Blake
b745bfa6dc base-files: Ensure reset only works if an overlay exists
Currently the reset script will try to run jffs2reset on boards that are
running a rw rootfs, such as ext4. This will cause jffs2reset to fail
and the board to never reboot while the LED blinks until a manual
reboot.

This commit does two different things:
1. Disables reset on boards that do not have an overlay mount
2. Disables the Blinking LED after 5 seconds if the board does not
support reset

Signed-off-by: Chris Blake <chrisrblake93@gmail.com>
2016-10-27 12:45:05 +02:00
André Valentin
783875f18b package/basefiles: add mkfs.ext4 and losetup binaries to ramfs list
mkfs.ext4 und losetup are needed for sysupgrade support on mmc devices
with automatic rootfs split (loopback device usage).

Signed-off-by: André Valentin <avalentin@marcant.net>
2016-10-26 12:37:47 +02:00
Rafał Miłecki
2187f57db6 base-files: add ucidef_set_led_usbport for full usbport support
This helper allows using usbport trigger directly. It requires usbport
compatible syntax and supports specifying multiple USB ports, e.g.:
ucidef_set_led_usbport "usb" "USB" "devicename:colour:function" "usb1-port1" "usb2-port1"

This adds a proper object to the board.json, e.g.
"usb": {
	"name": "USB",
	"type": "usbport",
	"sysfs": "devicename:colour:function",
	"ports": [
		"usb1-port1",
		"usb2-port1"
	]
}
and supports translating it into uci section.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2016-10-22 11:16:01 +02:00
Rafał Miłecki
0658527e1e switch to the new usbport LED trigger
This makes init.d script handle existing UCI entries using the new
trigger. It also switches all targets to use its package.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2016-10-19 12:09:45 +02:00
Pierre Lebleu
6bb11d52f3 procd: Allow initscripts to start one daemon instance at a time
Signed-off-by: Pierre Lebleu <pierre.lebleu@technicolor.com>
2016-10-18 08:53:38 +02:00
Koen Vandeputte
0f27096100 base-files: also generate configs when current is empty (FS#193)
Before a configuration is generated, an empty file is created to store
it in. (required by UCI)

If something happens during config generation
(power cut, interruption, ..) an empty file exists and it is never
regenerated again, causing some daemons to fail starting
(NTPD, logread, ..)

Fix this by also generating new configs if a critical file
is empty.

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2016-10-05 19:59:11 +02:00
Christian Lamparter
5a8a986dd5 base-files: remove non-working filter option for wifi detect
This patch removes the non-working wifi driver filter for
the wifi detection script.

I figured that rather than replacing ${2:-$DRIVERS} with
${1:-$DRIVERS}, it would be better to remove it. Nobody
needed it in the previous years.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2016-10-04 11:50:48 +02:00
Matthias Schiffer
26b4216f95
base-files: make default_prerm work offline
IPKG_INSTROOT must be respected for offline removal (used for per-device
rootfs).

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2016-09-26 17:57:57 +02:00
Matthias Schiffer
6c1542787d
base-files: fix check for empty password warning
Now that we know that the password is in /etc/shadow and not in
/etc/passwd, we can properly fix the logic for the empty password check.
Only 'root::' is an empty password, 'root' and 'root:!:' allow no
password login at all.

This fixes the empty password warning still showing after the root password
has been locked using 'passwd -l root' (e.g. to allow public-key auth
only).

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2016-09-26 17:57:56 +02:00
Jo-Philipp Wich
1c09849f6c treewide: remove bad local shell variable declarations
Local variable declarations outside of functions are illegal since the Busybox
update to v1.25.0, therfore remove them from the appropriate places.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-09-24 14:38:20 +02:00
John Crispin
63bd73a5cf base-files: remind users to set root password
print a warning when a shell spawns, telling users to set a root password.

Signed-off-by: John Crispin <john@phrozen.org>
2016-09-19 15:30:32 +02:00
Felix Fietkau
25dab5d217 base-files: reduce vm.min_free_kbytes for devices with 32M RAM
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-09-16 16:44:45 +02:00
Karl Palsson
ad8d197b82 base-files: support oneshot leds properly.
oneshot trigger configurations for LEDs are created, but the on/off
timing configurations are ignored.  generate_config is correctly creating
oneshot configs, but the later led script doesn't recognise the trigger
details.

Fixes: c0c3f2d4c9 leds: support oneshot as well as timer triggers
Signed-off-by: Karl Palsson <karlp@etactica.com>
2016-09-05 07:27:15 +02:00
Jonas Gorski
30352e72ff base-files: set pi_ifname in board.d case to fix deconfig
Due to an empty pi_ifname in the generic failsafe setup, the deconfig
never removed the failsafe networking interface, causing broken
networking later on.

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2016-08-14 23:10:17 +02:00
Jonas Gorski
6c9588ddf5 base-files: configure switch in failsafe
Also configure the switch based on the failsafe config, and create the
failsafe interface as tagged if necessary.

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2016-08-13 15:50:15 +02:00
Jonas Gorski
072cf26729 base-files: allow failsafe to configure vlans
In preparation of properly setting up vlans and switches, add
support for configuring failsafe on a vlan tagged interface.

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2016-08-13 15:50:06 +02:00
Jonas Gorski
c18edcec45 base-files: add preinit ifname detection based on board.json
Make use of the existing board.d to autodetect lan ifname in a generic way.

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2016-08-13 15:50:00 +02:00
Jonas Gorski
0f1ae840c9 base-files: split out preinit interface config
Move preinit interface and ip config to its own function to allow
calling it from more than one place.

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2016-08-13 15:49:56 +02:00
Jonas Gorski
780ccbf9f1 base-files: board_detect: allow specifying the generated file
Allow passing a filename to change the location of the generated
board.json.

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2016-08-13 15:49:51 +02:00
Jonas Gorski
e934a129f0 base-files: let config_generate call board_detect
Instead of board_detect generating the config as a side effect, let
config_generate call board_detect as needed.

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2016-08-13 15:49:46 +02:00
Mathias Kresin
5fadd4397b preinit: use only the image config options
The pi_* variables and the fs_failsafe_wait_timeout variable are set by
the CONFIG_TARGET_PREINIT_* config options. No need to maintain the same
values twice.

All other fs_ variables were never used.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2016-08-10 03:04:08 +02:00
Felix Fietkau
577f873daf kernel: remove unused morse led trigger driver
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-04 20:53:02 +02:00
Mathias Kresin
3004298e62 sysupgrade: unmount filesystems before reboot
sysupgrade immediately reboots after flashing an image and doesn't
allow to unmount filesystems. At least in case the image used for
sysupgrade is stored on a FAT formatted usb flash drive, the following
warning is printed during the next mount of the flash drive:

FAT-fs (sda1): Volume was not properly unmounted. Some data may be
corrupt. Please run fsck.

Although a data corruption during read operations is unlikely, there is
no need to scare the users.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2016-08-04 18:19:46 +02:00
Daniel Golle
877168993a base-files: remove dead code
/etc/init.d/boot tried to create /dev/root based on the kernel's
cmdline which won't work on any recent targets. Remove that code now
that fstools can detect the mounted rootfs based on
/proc/self/mountinfo and /dev/root was long gone anyway.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2016-08-04 18:19:46 +02:00
Felix Fietkau
5c9cc7b7f8 base-files: increase vm.min_free_kbytes
Network drivers typically allocate memory in atomic context. For that to
be reliable, there needs to be enough free memory. Set the value
heuristically based on the total amount of system RAM.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-01 14:53:27 +02:00
Conn O'Griofa
e1406cd31a base-files: sysupgrade: fix pseudobridge upgrades
Treat 'relayd' as an essential service to avoid connection interruptions during sysupgrade on devices configured as a pseudobridge.

Signed-off-by: Conn O'Griofa <connogriofa@gmail.com>
2016-07-24 06:54:40 +02:00
Etienne CHAMPETIER
35e423ca41 base-files: use procd init for urandom_seed
Previous implementation was blocking the init and
breaking halt/reboot/sysupgrade (reported by Daniel Golle)

v2: use procd logging, use set -e + trap for error handling

Signed-off-by: Etienne CHAMPETIER <champetier.etienne@gmail.com>
Tested-by: Daniel Golle <daniel@makrotopia.org>
2016-07-27 01:24:54 +02:00
Etienne CHAMPETIER
3946a55291 base-files: seed /dev/urandom
This commit:
1) seed /dev/urandom with the saved seeds as early as possible
   (see /lib/preinit/81_urandom_seed)
2) save a seed at /etc/urandom.seed if it doesn't exists
3) save a new seed each boot at "system.@system[0].urandom_seed"
   (see /etc/init.d/urandom_seed)

We use getrandom() so we are sure /dev/urandom pool is initialized

Seed size is 512 bytes (ie /proc/sys/kernel/random/poolsize / 8)
it's the same size as in ubuntu 14.04 and all systemd systems

Seeding /dev/urandom doesn't change entropy estimation, so we still have
"random: ubus urandom read with 4 bits of entropy available"
messages in the logs, but we can now ignore them if
after "urandom-seed: Seeding with ..." message

Saving a new seed on each boot is disabled by default to avoid too much
writes without user consent

v2: log preinit messages to /dev/kmsg
v3: use non generic function name for logging, as /lib/preinit/ files
    are all sourced together in /etc/preinit
v4: after a lot of discussion on the ML, use a uci config param
v5: config param is now the path of the seed

Signed-off-by: Etienne CHAMPETIER <champetier.etienne@gmail.com>
Acked-by: Jo-Philipp Wich <jo@mein.io>
2016-06-30 22:48:39 +02:00
Jo-Philipp Wich
8d51706616 base-files: use LEDE NTP vendor pool
The vendor NTP pool for the LEDE project got approved, so switch to it now.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-06-28 19:14:31 +02:00
Kevin Darbyshire-Bryant
d4ede1c118 base-files: sysfixtime no longer exclude dnsmasq.time
dnsmasq's dnssec time checking method now uses a ntp hotplug mechanism,
therefore dnsmasq.time is redudant and no longer needs to be explicitly
excluded from sysfixtime.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
2016-06-24 13:56:30 +02:00
Daniel Dickinson
f954f4337b base-files: Add standard os-release file
/etc/os-release is the standard distribution release information
file, therefore add it (and image configuration options for
fields not previously present in LEDE).  Once it is deemed
reasonable the non-standard openwrt_release, openwrt_version,
and device_info files could be removed (that is with this patch
we consider them deprecated in favour of the standard file).

Signed-off-by: Daniel Dickinson <lede@daniel.thecshore.com>
2016-06-24 13:52:53 +02:00
John Crispin
87eb8fad13 base-files: remove fstab symlink
the symlink no longer gets used since we switched to the block-mount tool.

Signed-off-by: John Crispin <john@phrozen.org>
2016-06-17 04:13:07 +02:00
Hannu Nyman
df7581e4c0 base-files: increase default system log size to 64 kB
Increase the default system log buffer size
from 16 kB (built-in default in ubox logd)
to 64 kB by setting the option in /etc/config/system.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2016-06-07 23:13:29 +02:00