dnsmasq maintains dnsmasq.time across reboots and uses it as a means of
determining if current time is good enough to validate dnssec time
stamps. By including /etc/dnsmasq.time as a time source for sysfixtime,
the mechanism was effectively defeated because time was set to the
last time that dnsmasq considered current even though that time is in
the past. Since that time is out of date, dns(sec) resolution would
fail thus defeating any ntp based mechanisms for setting the clock
correctly.
In theory the process is defeated by any files in /etc that are newer
than /etc/dnsmasq.time however dnsmasq now updates the file's timestamp
on process TERM so hopefully /etc/dnsmasq.time is the latest file
timestamp in /etc as part of LEDE shutdown/reboot.
Either way, including /etc/dnsmasq.time as a time source for
sysfixtime is not helpful.
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
dnsmasq maintains dnsmasq.time across reboots and uses it as a means of
determining if current time is good enough to validate dnssec time
stamps. By including /etc/dnsmasq.time as a time source for sysfixtime,
the mechanism was effectively defeated because time was set to the
last time that dnsmasq considered current even though that time is in
the past. Since that time is out of date, dns(sec) resolution would
fail thus defeating any ntp based mechanisms for setting the clock
correctly.
In theory the process is defeated by any files in /etc that are newer
than /etc/dnsmasq.time however dnsmasq now updates the file's timestamp
on process TERM so hopefully /etc/dnsmasq.time is the latest file
timestamp in /etc as part of LEDE shutdown/reboot.
Either way, including /etc/dnsmasq.time as a time source for
sysfixtime is not helpful.
- Update the terminal window title with the current directory and hostname, if using an xterm-compatible terminal emulator.
- Add ll, an useful alias to ls.
Signed-off-by: Vittorio Gambaletta <openwrt@vittgam.net>
The json_select call fails when there are no roles or ports objects in board.json. "json_select .." must not be executed after failing.
This fixes for example LEDs not being set up in /etc/config/system.
Signed-off-by: Vittorio Gambaletta <openwrt@vittgam.net>
Packages may install scripts into /etc/uci-defaults to be executed once
after installation, usually at the first boot of the target. This works
fine if the package was installed to the rootfs during build or using
the ImageBuilder.
If the package is installed using opkg during run-time uci-defaults
were applied only after a reboot of the device. Avoid the need to
reboot by evaluting the package's uci-defaults in default-postinst.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Remove the public unatteded buildkey from the opkg package to avoid
having hardcoded keys in tree. Use the external keyring package instead
which can be easily updated by users.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Instead of having two different types adsl and vdsl just create one dsl
type. This way we can use the same luci code for adsl and vdsl and the
config parameters are not so different.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 48944
This patch adds extra parameter to switch LED trigger initialization
functions. New functionality maintains backward compatibility, so
calling functions without setting new speed_mask parameter works
as expected.
Signed-off-by: Michal Cieslakiewicz <michal.cieslakiewicz@wp.pl>
SVN-Revision: 48776
oneshot and timer have the same configuration options, just a different
trigger name.
Signed-off-by: Karl Palsson <karlp@etactica.com>
SVN-Revision: 48770
With this patch sysupgrade will write directly to the partitions
instead of to the main disk. The UUID is copied from the image
to the MBR as well. This prevents the mbr from being completely
overwritten and losing the partition table. The -p option has
been added to maintain the original behavior and overwite the
entire disk with the new image. Tests have been added to ensure
that the image partitions match up with the active partitions.
Signed-off-by: Rob Mosher <nyt-openwrt@countercultured.net>
SVN-Revision: 48682
On systems that have an RTC prefer it to the file-based time fixup (i.e.
use hwclock when there is a permanent clock instead of the faked up time
logic that is needed when there is not RTC).
We can't rely on hctosys kernel feature either as we're usually using
RTC as kernel modules which are usually being loaded after hctosys was
run, leading in the following error:
hctosys: unable to open rtc device (rtc0)
Signed-off-by: Daniel Dickinson <openwrt@daniel.thecshore.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
SVN-Revision: 48661
change 48451 tried to add support for uclient-fetch by moving
/usr/bin/wget to /bin/wget, but this change kept the symbolic
link to /bin/busybox as install_bin creates links to param 1
the desired fix is to link to uclient-fetch to wget:
install_bin /bin/uclient-fetch /bin/wget
Signed-off-by: John Clark <inindev@gmail.com>
SVN-Revision: 48483
with r48379 and r48386 the path of wget changed.
respect that and adjust the dirname.
this fixes#21680
Signed-off-by: Bastian Bittorf <bittorf@bluebottle.com>
SVN-Revision: 48451
A previous change to sysupgrade moved the overlay files into upper/
The -c switch generates a list of files to backup, but the sed
calls did not take this into consideration.
Signed-off-by: Rob Mosher <nyt-openwrt@countercultured.net>
SVN-Revision: 48281
The MR18 stores the ath9k eeprom values on the NAND.
This patch makes it possible to retrieve the images
from there.
Signed-off-by: Chris R Blake <chrisrblake93@gmail.com>
SVN-Revision: 47948
Replace former uci-defaults.sh implementation with the uci-defaults-new.sh one
and update all users accordingly.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 47867
LEDs which are controlled by a PWM need to use the supplied
max_brightness instead. Otherwise they might appear to be
very dim / broken.
Signed-off-by: Chris R Blake <chrisrblake93@gmail.com>
SVN-Revision: 47854
This adds support for specifying the dsl modem, atm bridge configs and setting
the pppoe protocol for wan.
These additions are required to port the Lantiq target to board.d.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 47750
Some boards, e.g. the Sheeva Plug, require the lan interface to be set
to DHCP instead of a static address, therfore support that.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 47732
This changes uci-defaults-new.sh, config_generate and all relevant board.d
files in order combine ucidef_add_switch() and ucidef_add_switch_ports() into
a single function.
Also removes now superfluous enable and reset arguments.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 47721
Out of 69 switch definitions, only 3 pass something different than "1" as
values for reset and enable, with one of those three being invalid.
This change ...
* removes the reset and enable arguments from ucidef_add_switch()
* unconditionally writes reset:1 and enable:1 to JSON
* converts the three users of nonstandard values to ucidef_add_switch_attr()
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 47720
Remove support for now unused ucidef_add_switch_vlan(), move port->vlan and
vlan->interfaces conversion to uci-defaults-new.sh and massively simplify
config_generate.
This change prepares the following upcoming steps:
* Eliminate use of ucidef_set_interface_lan_wan() for switch only devices
* Merge ucidef_add_switch() with ucidef_add_switch_ports()
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 47719
Only se4t the force_link property for non-lan, non-wan ifaces as it is
unnecessary in the default cases.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 47675
Properly quote variables in ucidef_set_interface_lan() and
ucidef_set_interface_lan(), otherwise interfaces with multiple devices
are not properly written into the configuration.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 47673
Add ucidef_set_board_id() and ucidef_set_model_name() procedures to store
model information in the board.json file.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 47671
The only user was the hg255d board and config_generate did not even emit
proper uci for it.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 47658
Remove extra nesting of rssi leds in the led object and move rssi monitor
declaration to its own object.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 47655
Add support for generating vlans solely from the port layout description
given through ucidef_add_switch_ports().
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 47639
Add further helper functions to uci-defaults-new.sh for easier declarations
of complex switch layouts.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 47638
since r45833 and r45848 the overlayfs is automatically mounted read-only
(and blocks remounts as r/w) when JFFS2 is full. see ticket #19564
because of this normal file deletion is not possible anymore.
if a user logins interactively (e.g. SSH) show a hint for this,
that files must be removed in /overlay/upper/...
v2: fix subject line
Signed-off-by: Bastian Bittorf <bittorf@bluebottle.com>
SVN-Revision: 47623
FHS mandates presence of /var/tmp on compliant systems.
The lack of /var/tmp was discovered when using MIT Kerberos libraries
which default to that location for storing credentials cache.
Signed-off-by: Paul Fertser <fercerpav@gmail.com>
SVN-Revision: 47219
This URL can be embedded e.g. within UPnP announcements where a link
to the manufacturer's homepage is desired.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
SVN-Revision: 47135
Even though there are not many users left within the OpenWrt tree it seems
this function broke during the kernel 3.18 transition.
Fix it by providing a workdir as required by overlayfs.
Signed-off-by: Helmut Schaa <helmut.schaa@googlemail.com>
SVN-Revision: 47015
- Simplify user spec parsing code
- Alias IPKG_INSTROOT to shorten code
- Quote variables where appropriate
- Remove a useless-use-of-cat instance
- Suppress errors in case control or list files are missing
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 46975
OpenWrt should support an optional /etc/profile.d directory like
most other Linux distributions. This allows packages to install
their own scripts into /etc/profile.d/ directory.
The file suffix should make clear, that these scripts
are (sourced) shell-snippets. If the user needs e.g. php or lua,
one must make sure that the interpreter is called.
The reverse failsafe test makes sure, that the effective returncode is 0.
A typcal usecase is the inclusion of private helpers,
special variables or aliases, which at the moment needs
patching the sourcecode and is not well maintainable.
Now the builder can simply add there files.
v1 initial work of Hendrik Lüth <hendrik@linux-nerds.de>
v2 changes regarding RFC (e.g. thomas.langer@lantiq.com)
v3 changes regarding RFC (e.g. mschiffer@universe-factory.net)
v4 keep it simple and mimic OpenWrt style
Signed-off-by: Bastian Bittorf <bittorf@bluebottle.com>
SVN-Revision: 46965
Move the pattern setting from netifd's service script to
/etc/sysctl.conf. Put the timestamp component '%t' just after
executable name '%e' for more natural order from output of ls command.
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
SVN-Revision: 46867
This enables passworldless login for root via SSH whenever no root
password is set (e.g. after reset, flashing without keeping config
or in failsafe) and removes telnet support alltogether.
Signed-off-by: Steven Barth <steven@midlink.org>
SVN-Revision: 46809
Using the postinst script for sanity checks and expecting opkg to fail
if the postinst didn't return 0 was possible in Barrier Breaker, propagate
the real postinst return code through default_postinst to restore this
behaviour.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
SVN-Revision: 46653
With this change we let user know 5 seconds have passed and reset button
can be released (to trigger factory reset)
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
SVN-Revision: 46650
We need a+x rights on the path to the root of the jails
so we can use users other than root (like nobody)
This partly fixes jailed dnsmasq
Signed-off-by: Etienne CHAMPETIER <champetier.etienne@gmail.com>
SVN-Revision: 46466
Internal GPIO pins are used for PoE passthrough setups in multi-port
routers. This patch implemnets control over this hardware feature for
Ubiquiti Nanostations and TP-Link CPE510.
Signed-off-by: Lars Kruse <lists@sumpfralle.de>
SVN-Revision: 46271
This changes makes it possible to store custom settings
in individual files inside the directory /etc/sysctl.d/.
Signed-off-by: Stefan Tomanek <stefan.tomanek+openwrt@wertarbyte.de>
SVN-Revision: 46239
get_image allows passing 2nd argument that is used in a pipe for
extracting firmware from a non-native format. By accepting such command
in default_do_upgrade we allow platforms to use this helper for vendor
specific images.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
SVN-Revision: 45900
Instead of stripping everything after the first dot, strip everything
after the last dot.
This fixes pre-/postrm actions for packages with a dot in their name,
like libusb-1.0.
Fixes#19668.
Signed-off-by: Jonas Gorski <jogo@openwrt.org>
SVN-Revision: 45702
Depending on configuration, disable the LED before writing the trigger
and enable it after writing it. Fixes LEDs where the value defaults to 1
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
SVN-Revision: 45463
Current NAND sysupgrade process is a bit hard to follow due to the way
of triggering stage1. Currently this is done by leaving a /mark/ in the
form of /tmp/sysupgrade-nand-path during nand_do_platform_check.
Existence of this mark stops standard sysupgrade process (as the result
of sysupgrade_pre_upgrade exit). This may be a bit misleading.
Proposed solution adds a new function that will allow platform.sh
trigger NAND sysupgrade consciously. This will also allow cleaning
nand_do_platform_check limiting it to just checking the image.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
SVN-Revision: 45338
Use xattr to store the filesystem initialization state of the overlay.
As long as the filesystem is not marked as initialized yet (happens in
/etc/init.d/done), all overlay data (except for sysupgrade.tgz) will be
discarded before the system is allowed to boot
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
SVN-Revision: 44942
The name variable contains at first the package name,
and after the last group name.
This patch fixes /etc/rc.d symlink creation (at least).
Change name in pkgname, change the other name in ugname
(user group name), and id in ugid (user group id)
Signed-off-by: Etienne CHAMPETIER <champetier.etienne@gmail.com>
SVN-Revision: 44253
This restores normal pre-r43715 200ms blink-period for the System LED we're all accustomed to see while our OpenWrt routers are booting.
Failsafe possibility will now be signalled with a new 100ms blinking, which is easily recognizable from the normal 200ms booting.
So no existing user will be scared by a new 500ms LED pattern, since such a slow pattern could easily be mistaken for something wrong... I was like "ok why my router is collapsing now, is this a bad flash, a kernel panic, or what else" when I've seen it for the first time ;)
Sorry for not having explained myself better in v1 of this patch.
Original:
Preinit, failsafe is possible: 200ms
Preinit, failsafe not possible anymore, booting normally: 200ms
Failsafe entered: 50ms
Now (after preinit_regular has been introduced):
Preinit, failsafe is possible: 200ms
Preinit, failsafe not possible anymore, booting normally: 500ms *here is the "offending" change*
Failsafe entered: 50ms
With my proposed patch:
Preinit, failsafe is possible: 100ms *indicate this condition with a new timing, that prompts the user to press the key if they want to start failsafe*
Preinit, failsafe not possible anymore, booting normally: 200ms *keep this as before*
Failsafe entered: 50ms
Signed-off-by: Vittorio Gambaletta <openwrt@vittgam.net>
SVN-Revision: 44056
The enable and reset settings need to be added even when they're false. This is true at least for 'enable', that seems to default to true otherwise.
Signed-off-by: Vittorio Gambaletta <openwrt@vittgam.net>
SVN-Revision: 43887
This new argument is used right after starting regular preinit (which
happens if failsafe wasn't triggered). The main purpose of "preinit"
argument is to indicate that failsafe can be triggered, however we were
missing a way to inform user that we don't wait for a trigger anymore.
With this change it's clear when failsafe mode can be triggered.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
SVN-Revision: 43715
create user:group before running postinst-pkg. the postinst hook might require
the user:group to already exist.
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
SVN-Revision: 43472
ldd might be called for shell scrips during sysupgrade, causing it to
complain that they are not a dynamic executables.
This is a harmless error, so supress it to avoid confusing about them
being serious ones.
Signed-off-by: Jonas Gorski <jogo@openwrt.org>
SVN-Revision: 43315
r36107 ("base-files: sysupgrade fail with eglibc") tried to fix
sysupgrade by changing the ld-soname to what is expected, but only
fixed MIPS while breaking ARM.
The underlying issue is that the ld.so name varies widely across
different architectures for eglibc:
eglibc-2.19-r25243$ grep -r "ld-soname :=" . | awk '{ print $3 }' | sort -u
ld64.so.1
ld64.so.2
ld-linux-aarch64_be.so.1
ld-linux-aarch64.so.1
ld-linux-armhf.so.3
ld-linux-mipsn8.so.1
ld-linux.so.2
ld-linux.so.3
ld-linux-x32.so.2
ld-linux-x86-64.so.2
ld.so.1
Instead of adding each different soname to check for and copy it,
replace the awk script with a sed script to extract it properly and
drop the hardcoded so-name.
Signed-off-by: Jonas Gorski <jogo@openwrt.org>
SVN-Revision: 43295
Based on bug #18206 sysupgrade can lead to loss of password information in
certain situations. Most likely all users who will upgrade from versions
r43017-43040, will lose their current passwords. :-(
https://dev.openwrt.org/ticket/18206
Currently /etc/shadow is defined as a conffile in base-files:
https://dev.openwrt.org/browser/trunk/package/base-files/Makefile#L37
But it is not defined in the default list of essential files to keep in
sysupgrade:
https://dev.openwrt.org/browser/trunk/package/base-files/files/lib/upgrade/keep.d/base-files-essential
If exporting conffiles info fails, /etc/shadow can get lost.
Shadow passwords are now the default, so saying that preserving /etc/passwd
is essential while /etc/shadow is not, makes no sense.
The attached patch adds /etc/shadow to the list of essential files.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
SVN-Revision: 43061
[base-files] failsafe-mode: print short help on commandline
Like mentioned in ticket https://dev.openwrt.org/ticket/11911
this should make the IRC much quieter. Failsafe is somehow
special and even experienced users are helpless, because they
are not used to this seldom situation. Also: likely you have
no internet access in this mode, so you cannot use the wiki.
a failsafe-session now looks like this:
first we see from 'package/base-files/files/bin/login.sh' the hint:
=== IMPORTANT ============================
Use 'passwd' to set your login password
this will disable telnet and enable SSH
------------------------------------------
after this the /etc/banner ("OpenWrt - wireless freedom")
and then the new text:
================= FAILSAFE MODE active ================
special commands:
* firstboot reset settings to factory defaults
* mount_root mount root-partition with config files
after mount_root:
* passwd change root's password
* /etc/config directory with config files
for more help see:
http://wiki.openwrt.org/doc/howto/generic.failsafe
=======================================================
this supersedes the old patches:
http://patchwork.openwrt.org/patch/3337/http://patchwork.openwrt.org/patch/3553/
Signed-off-by: Bastian Bittorf <bittorf@bluebottle.com>
SVN-Revision: 42985
Inside every LuCI package you need to clear luci-indexcache and
sometimes when installing non LuCI pacakges it's also needed to clear
it. Easier put it into default_postinst().
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
SVN-Revision: 42923
[base-files] shell-scripting: fix wrong usage of '==' operator
normally the '==' is used for invoking a regex parser and is a bashism.
all of the fixes just want to compare a string. the used busybox-ash
will silently "ignore" this mistake, but make it portable/clean at least.
this patch does not change the behavior/logic of the scripts.
Signed-off-by: Bastian Bittorf <bittorf@bluebottle.com>
SVN-Revision: 42911
This allows IPv6 to set up without IPv4 being up thus
IPv6-only or IPv6+DS-Lite working with the default config.
Signed-off-by: Steven Barth <steven@midlink.org>
SVN-Revision: 42848
it is now possible to inlie the uid and gid in the syntax
USERID:=username=uid:group=gid:group2=gid2:...
Signed-off-by: John Crispin <blogic@openwrt.org>
SVN-Revision: 42838
During boot, a not found message is displayed for systems which do
not have uci 'network.globals.ula_prefix' defined in
/etc/config/network. The error message itself is not used and can
be ignored.
Signed-off-by: Michel Stam <m.stam@fugro.nl>
SVN-Revision: 42755
Add a third argument to ucidef_set_interface_raw, which is specifying
the protocol.
Signed-off-by: Florian Fainelli <florian@openwrt.org>
SVN-Revision: 42665
the postinst script enables/starts the init.d scripts upon package installation
and installs the users required by the package.
the prerm script stops and disables the init.d scripts.
Signed-off-by: John Crispin <blogic@openwrt.org>
SVN-Revision: 42470
somebody started to set a function returncode in the validation
stuff and everybody copies it, e.g.
myfunction()
{
fire_command
return $?
}
a function automatically returns with the last returncode,
so we can safely remove the command 'return $?'. reference:
http://tldp.org/LDP/abs/html/exit-status.html
"The last command executed in the function or script determines the exit status."
Signed-off-by: Bastian Bittorf <bittorf@bluebottle.com>
SVN-Revision: 42278
this allows targets to use the new uci-default helper which will generate
a file called /etc/board.json. a tool called /bin/config_generate can then
be used to generate the default uci settings.
Signed-off-by: John Crispin <blogic@openwrt.org>
SVN-Revision: 42185
When looking for the first ipaddr also consider the current prefix just
like network_get_ipaddrs6 does. If ipv6-address was empty the function
did not return the first ipaddr even if the list was non-empty.
fixes commit 83e9122f88a002871d5cdf421cf6aa6052b7e006
Signed-off-by: Henning Schild <henning@hennsch.de>
SVN-Revision: 42139
Make sure they don't break the sed command, and also make device_info
and openwrt_release more robust for parsing by scripts
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
SVN-Revision: 41885