aboutsummaryrefslogtreecommitdiffstats
path: root/package/base-files/files
Commit message (Collapse)AuthorAgeFilesLines
...
* base-files: add function to get binary mac from fileMathias Kresin2018-03-141-6/+13
| | | | | | | Add a fucntion to get the a binary mac address from file. Use the new function for mtd_get_mac_binary() to limit duplicate code. Signed-off-by: Mathias Kresin <dev@kresin.me>
* base-files: tune fragment queue thresholds for available system memoryMatthias Schiffer2018-03-071-9/+20
| | | | | | | | | The default fragment low/high thresholds are 3 and 4 MB. On devices with only 32MB RAM, these settings may lead to OOM when many fragments that cannot be reassembled are received. Decrease fragment low/high thresholds to 384 and 512 kB on devices with less than 64 MB RAM. Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* base-files: sysupgrade: do not rely on opkg to list changed conffilesMatthias Schiffer2018-03-071-1/+20
| | | | | | | Many packages use the opkg conffiles field to list configuration files that are to be retained on upgrades. Make this work on systems without opkg. Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* base-files: fix off-by-one in counting seconds for factory resetRafał Miłecki2018-03-011-1/+1
| | | | | | | | | There was a mismatch between indicating factory reset and code actually starting it. After 5 seconds status LED started blinking rapidly letting user know it's ready to release reset button. In practice button had to stay pressed for another second in order to relly start the process. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* base-files: don't evaluate block-device ueventDaniel Golle2018-02-131-4/+8
| | | | | | | | | | | | | Current code and also before commit da52dd0c83 was vulnerable to shell injection using volume lables in the GPT partition table of block devices. Given that partition names can be freely defined in GPT tables we really shouldn't evaluate a string which is potentially crafted with evil intentions. Hence rather use `export -n` to absorb the uevent's variables into the environment. Fixes commit da52dd0c83 (base-files: quote values when evaluating uevent) Signed-off-by: Daniel Golle <daniel@makrotopia.org> [mschiffer@universe-factory.net: suggested export -n usage]
* base-files: quote values when evaluating ueventDaniel Golle2018-02-111-3/+2
| | | | | | | | When sourcing /sys/class/block/*/uevent values have to be quoted as they may contain spaces (e.g. in PARTNAME). Fix this by pre-processing with sed before sourcing. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* base-files: gpio switch: check if direction can be setMathias Kresin2018-01-181-2/+9
| | | | | | | | | | | | Obviously not all GPIO controller allow to change the direction. The issue is around since the beginning of the script but only due to the recent changes error messages are more visible. Add a check if a change of the direction is supported by the GPIO controller and fallback to setting only the value if not. Fixes: FS#1271 Signed-off-by: Mathias Kresin <dev@kresin.me>
* base-files: gpio switch: fix inverted logicMathias Kresin2018-01-181-1/+1
| | | | | | | | | GPIOs are exported as active high to the sysfs, hence the logic need to be inverted. Fixes: e66c47fb14f5 ("base-files: gpio switch: set output value with direction") Signed-off-by: Mathias Kresin <dev@kresin.me>
* base-files: sysupgrade: correct command help textKevin Darbyshire-Bryant2018-01-121-1/+0
| | | | | | | | | | Commit 30f61a34b4cfd2c676fea4a919e089d6a77254e9 claimed to drop -d & -p options. In reality only -d was dropped. Update command help text to reflect that -d is no longer a supported option. Fixes FS#1187 Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* linux-atm: add br2684ctl option to specify the netdev nameMartin Schiller2018-01-102-2/+5
| | | | | | | | | | | Add the uci option nameprefix to specifc a target netdev name. Patch the br2684ctl code to accept and set a netdev name via commandline parameters. It allows to use the same netdev name for ATM and PTM lines on lantiq xdsl hardware. Signed-off-by: Martin Schiller <ms@dev.tdt.de> Signed-off-by: Mathis Kresin <dev@kresin.me>
* base-files: gpio switch: set output value with directionMathias Kresin2018-01-091-3/+2
| | | | | | | | | | | | Use the "low" and "high" values to configure the GPIO as an output with that initial value. It ensures that the gpio doesn't have a unwanted value during the time the direction is set to ouput and the actual value is applied. We don't need to take care of the GPIO polarity for now, since our exported GPIOs are always active low. Signed-off-by: Mathias Kresin <dev@kresin.me>
* base-files: gpio_switch: start before boot state done is setMathias Kresin2018-01-091-1/+1
| | | | | | | Start gpio_switch before the boot state is set to up/initialised/done. This way the exported GPIOs are available at the time rc.local is started. Signed-off-by: Mathias Kresin <dev@kresin.me>
* base-files: protect stop and reload actions with procd_lockRoman Yeryomin2018-01-021-0/+2
| | | | | Signed-off-by: Roman Yeryomin <roman@advem.lv> Signed-off-by: Andrejs Hanins <ahanins@gmail.com>
* base-files: rc.common: fix enable() return code and logicRoman Yeryomin2018-01-021-7/+8
| | | | | | | | | | | | | | | In current state, if there is START but no STOP, enbale() will return 1 (failure), which is wrong. Moreover there is no need to check for START/STOP twice. Instead, add err variable to save success state and and return it's value. Also eliminate the need to disable() by using 'ln -sf', which will first delete the old symlink if one exists. Changes from v1: - fixed description Signed-off-by: Roman Yeryomin <roman@advem.lv>
* base-files: fix logic when to show failsafe bannerMatthias Schiffer2017-12-291-1/+1
| | | | | | Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net> Fixes: 8170f280c4 ("base-files: set FAILSAFE in /etc/profile when /tmp/.failsafe exists")
* base-files: set FAILSAFE in /etc/profile when /tmp/.failsafe existsMatthias Schiffer2017-12-291-1/+4
| | | | | | | Since dropbear clears the environment, FAILSAFE was not set as intended in failsafe mode. This also broke sysupgrade from failsafe mode over SSH. Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* base-files: fix sysupgrade -b/-l when -c is usedLuiz Angelo Daros de Luca2017-12-141-10/+11
| | | | | | | | | | | | | Since /overlay/upper appeared, -b ignored -c silently (cause it was still checking for /overlay/etc). Now, if /overlay/upper is absent, sysupgrade -c will fail and exit verbosely. Fix -l to consider -c (it never did). Clean up to always use /overlay/upper/xxx instead of still checking for /overlay/xxx. Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
* base-files: unify get_dt_led helper functionChristian Lamparter2017-12-141-0/+12
| | | | | | | | | | | | | | Lantiq and IPQ806X (which includes IPQ40XX) both define the same custom function {ipq806x|lantiq}_get_dt_led. This patch moves the function into the base-file package at lib/functions/leds.sh to make it more accessible for other targets as well. Cc: Mathias Kresin <dev@kresin.me> Cc: John Crispin <john@phrozen.org> Cc: Hannu Nyman <hannu.nyman@iki.fi> Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
* base-files: remove remaining uses of %N, and drop VERSION_NICK config symbolMatthias Schiffer2017-12-091-3/+3
| | | | | | Fixes d23e1e1e1a "merge: properly remove %n / %N references" Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* merge: properly remove %n / %N referencesJo-Philipp Wich2017-12-091-2/+1
| | | | | | | | | | - use %d instead of %n for opkg feed identifiers - remove %n / %N references from version files Fixes bf5cef47b3 merge: release/banner: drop release name and update banner. Fixes FS#1213. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* procd: nand: remove nand_board_name platform overrideMathias Kresin2017-12-081-9/+0
| | | | | | It isn't uses anymore by any target. Signed-off-by: Mathias Kresin <dev@kresin.me>
* procd: nand: dont rely on boardname in nand_upgrade_tarMathias Kresin2017-12-081-7/+9
| | | | | | | | | | | | | | | | Kernel and rootfs in a subdirectory matching the userspace boardname, was intended to use a single sysupgrade-tar archive for multiple boards with different kernel/rootfs images. This feature was never used. Use the first found directory in the tar archive instead of relying on a directory named according to the userspace boardname. It allows to change the boardname without adding another compatibility layer - using the nand_board_name() function - for (sub)targets using the metadata based image validation in favour to nand_do_platform_check(). Signed-off-by: Mathias Kresin <dev@kresin.me>
* base-files: upgrade: make get_partitions() endian agnosticChristian Lamparter2017-12-081-5/+13
| | | | | | | | | | | | | | | | | | | | | | | | This patch fixes two issues with the current get_partitions() function. First: "Invalid partition table on $disk" will pop up on legitimate images on big endian system. This is because the little-endian representation of "55 AA" is assumed in the context of little-endian architectures. On these comparing it to the 16-bit word 0xAA55 does work as intented. Whereas on big-endian systems, this would have to be 0x55AA. This patch fixes the issue by replacing the integer conversion and value match check with just a string comparision. Second: The extraction of the type, start LBA and LBA num from the partition table has the same endianness issue. This has been fixed by using the new hex_le32_to_cpu() function. This function will translate the stored little-endian data to the correct byte-order if necessary. Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
* merge: release/banner: drop release name and update bannerZoltan HERPAI2017-12-081-10/+8
| | | | Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
* merge: base: update base-files and basic configZoltan HERPAI2017-12-083-7/+7
| | | | Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
* sysupgrade: don't kill our own parentMat Trudel2017-11-151-2/+3
| | | | | | | | Add the parent of the sysupgrade script to the list of pids not getting killed Signed-off-by: Mat Trudel <mat@geeky.net> Signed-off-by: John Crispin <john@phrozen.org>
* procd: service_data: Support data within the service itselfPierre Lebleu2017-11-101-0/+4
| | | | | | Use the same approach than the service_triggers for the service_data. Signed-off-by: Pierre Lebleu <pme.lebleu@gmail.com>
* base-files: fix getting gid from group_add_nextYousong Zhou2017-11-091-7/+6
| | | | | | | | | | | | Shell function return code only has range [0, 255]. Other values will be truncated, e.g. return 65536 will have the same effect as return 0 While at it, drop other "return $rc" where rc will almost always take value 0 and whose value current callers actually do not check Fixes FS#988 Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* functions.sh: fix default_postinst functionMarko Ratkaj2017-11-081-1/+1
| | | | | | | | | | | | | | | | | | When we run "opkg install" on a package that installs an uci-defaults script, functions.sh will fail to evaluate that script in its default_postinst function. This happens because there is no "./" present and it searches for the file in paths specified by the PATH variable. This would work on bash, but it will not work on ash and some other shells like sh, zsh. This applys to the ". filename" directive used in this case. This patch will make the path relative to the /etc/uci-defaults directory. Fixes: FS#1021 Signed-off-by: Marko Ratkaj <marko.ratkaj@sartura.hr>
* include: kernel.mk: simplify module autoloadingJo-Philipp Wich2017-11-071-0/+4
| | | | | | | | | | | | | | | | | | Let the generic postinstall script invoke "kmodloader" when the just installed package contains any /etc/module.d/ entries. This allows us to skip the explicit "insert_module()" calls in the package postinstall. Due to the removed insert_module calls we do not need to assemble a complete list of modules per package anymore, which allows for vast simplification of the package generation code. While we're at it, also support specifying default parameters for modules using either the MODPARAM or MODPARAM.modulename variables in KernelPackage. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* base-files: add interval option to netdev LED trigger configurationEdmunt Pienkowsky2017-11-031-0/+1
| | | | | | Add an uci option to set the interval parameter of the netdev trigger. Signed-off-by: Edmunt Pienkowsky <roed@onet.eu>
* base-files: fix wan6 interface config generation for pppoeHans Dedecker2017-09-181-5/+2
| | | | | | | | | | | | | | | | Setting ipv6 to auto in case of a pppoe interface will trigger the creation of a dynamic wan_6 interface meaning two IPv6 interfaces (wan6 and wan_6) will be active on top of the pppoe interface. This leads to unpredictable behavior in the network; therefore set ipv6 to 1 which will prevent the dynamic creation of the wan_6 interface. Further alias the wan6 interface on top of the wan interface for pppoe as the wan6 interface can only be started when the link local address is ready. In case of pppoe the link local address is negotiated during the Internet Protocol Control Protocol when the PPP link is setup meaning all the IP address info is only available when the wan interface is up. Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* basefiles: allow suid coredumpsKevin Darbyshire-Bryant2017-09-121-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Set sysctl fs.suid_dumpable = 2 This allows suid processes to dump core according to kernel.core_pattern setting. LEDE typically uses suid to drop root priviledge rather than gain it but without this setting any suid process would be unable to produce coredumps (e.g. dnsmasq) Processes still need to set a non zero core file process limit ('ulimit -c unlimited' or if procd used 'procd_set_param limits core="unlimited"') in order to produce a core. This setting removes an obscure stumbling block along the way. >From https://www.kernel.org/doc/Documentation/sysctl/fs.txt suid_dumpable: This value can be used to query and set the core dump mode for setuid or otherwise protected/tainted binaries. The modes are 0 - (default) - traditional behaviour. Any process which has changed privilege levels or is execute only will not be dumped. 1 - (debug) - all processes dump core when possible. The core dump is owned by the current user and no security is applied. This is intended for system debugging situations only. Ptrace is unchecked. This is insecure as it allows regular users to examine the memory contents of privileged processes. 2 - (suidsafe) - any binary which normally would not be dumped is dumped anyway, but only if the "core_pattern" kernel sysctl is set to either a pipe handler or a fully qualified path. (For more details on this limitation, see CVE-2006-2451.) This mode is appropriate when administrators are attempting to debug problems in a normal environment, and either have a core dump pipe handler that knows to treat privileged core dumps with care, or specific directory defined for catching core dumps. If a core dump happens without a pipe handler or fully qualifid path, a message will be emitted to syslog warning about the lack of a correct setting. Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk> Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
* base-files: drop unused preinit_echo functionRafał Miłecki2017-08-091-5/+0
| | | | | | It isn't used for years since the old 99_10_run_init has been dropped. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* base-files: don't setup network in preinit if failsafe is disabledRafał Miłecki2017-08-091-1/+4
| | | | | | | | | | | | With failsafe disabled there is no point in early network setup. We don't send announcement over UDP and there is no way to ssh to the device. A side effect of this is avoiding a possibly incorrect network config (only with failsafe disabled). This problem is related to possible changes made by user in /etc/config/network. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* base-files: suppress uci not found output in login.shFlorian Eckert2017-08-041-1/+1
| | | | | | | Fix "uci: Entry not found" output if "ttylogin" is not set in "etc/config/system" Signed-off-by: Florian Eckert <fe@dev.tdt.de>
* base-files: upgrade: don't loop forever trying to kill processesMatthias Schiffer2017-07-201-1/+10
| | | | | | | | | | When processes don't die on SIGKILL (usually because of kernel bugs), it's better to give up instead of looping forever. upgraded will trigger a reboot in this case (and if this fails, a hardware watchdog will eventually time out and reset the system, if present). Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* treewide: populate boardname and model earlierMathias Kresin2017-07-151-0/+0
| | | | | | | | | | | | | For targets using the generic board detection and board specific settings in diag.sh, the board name is still unset at the time the set_state() provided by diag.sh is called by 10_indicate_preinit. Change the execution order to ensure the boardname is populated before required the first time. Do the target specific board detection as early as possible, directly followed by the generic one to allow a seamless switch to the generic function for populating /tmp/sysinfo/. Signed-off-by: Mathias Kresin <dev@kresin.me>
* base-files: automatically handle paths and symlinks for RAMFS_COPY_BINMatthias Schiffer2017-07-113-39/+33
| | | | | | | | | | | | Depending on busybox applet selection, paths of basic utiilties may differ, and may not work as symlinks to busybox. Simply using whatever binary is found in PATH and detecting symlinks automatically is more robust and easier to maintain. The list of binaries is also slightly cleaned up and duplicates are removed. Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* bcm53xx: upgrade: fix RAMFS_COPY_*Matthias Schiffer2017-07-111-1/+1
| | | | | Fixes: 30f61a34b4cf "base-files: always use staged sysupgrade" Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* base-files: upgrade: correctly handle nand_do_upgrade argument passed from ↵Matthias Schiffer2017-07-112-2/+2
| | | | | | | preupgrade Fixes: 30f61a34b4cf "base-files: always use staged sysupgrade" Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* base-files: add "tty" user groupJo-Philipp Wich2017-06-261-0/+1
| | | | | | | | This is needed for an upcoming change to the hotplug default rules which will cause /dev/tty* nodes to get assigned to the "tty" group in order to support unprivileged user access when needed. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* base-files: allocate uid/gid starting from 65536Yousong Zhou2017-06-181-4/+4
| | | | | | | | | | | There already exist static assignment of uid/gid 65533 in packages feed and we have nobody/nogroup taking 65534 as their ids. Let's change the pid of dynamic assignment to start from 65536 so that the two assignment scheme will not collide with each other While at it, fix the scan command checking existence of uid/gid Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* base-files: make ucidef_set_led_rssi offset and factor optionalMathias Kresin2017-06-171-2/+2
| | | | | | | | | | The offset and factor are only related for LEDs which can have different brightness values. But binary LEDs are more common and don't require any further configuation than setting the factor to 1. Use offset = 0 and factor = 1 in case nothing else is specified. Signed-off-by: Mathias Kresin <dev@kresin.me>
* base-files: board.json's switch reset means existence, not argumentJonas Gorski2017-06-111-1/+4
| | | | | | | Don't pass the value unconditionally to swconfig as a parameter but instead only call reset if it is 1. Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
* base-files: network.sh: fix a number of IPv6 logic flawsJo-Philipp Wich2017-06-081-17/+48
| | | | | | | | | | | | | | | | | | | | | | * Change network_get_subnet6() to sensibly guess a suitable prefix Attempt to return the first non-linklocal, non-ula range, then attempt to return the first non-linklocal range and finally fall back to the previous behaviour of simply returning the first found item. * Fix network_get_ipaddrs_all() Instead of replicating the flawed logic appending a fixed ":1" suffix to IPv6 addresses, rely on network_get_ipaddrs() and network_get_ipaddrs6() to build a single list of all interface addresses. * Fix network_get_subnets6() Instead of replicating the flawed logic appending a fixed ":1" suffix to IPv6 addresses, rely on the ipv6-prefix-assignment.local-address field to figure out the proper network address. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* base-files: network.sh: properly report local IPv6 addressesJo-Philipp Wich2017-06-081-17/+13
| | | | | | | | | | Rework the network_get_ipaddr6() and network_get_ipaddrs6() functions to fetch the effective local IPv6 address of delegated prefix from the "local-address" field instead of naively hardcoding ":1" as static suffix. Fixes FS#829. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* mvebu: fix sysupgradeMatthias Schiffer2017-06-011-1/+1
| | | | | | | | | | | | | | | | | mvebu was modifying RAMFS_COPY_BIN and RAMFS_COPY_DATA from a sysupgrade_pre_upgrade hook. As the ramfs is created from stage2, this did not have an effect anymore after the staged sysupgrade changes. As it doesn't really hurt to copy fw_printenv and fw_setenv unconditionally, simply add them in /lib/upgrade/platform.sh, so stage2 will see them. Config copying is moved to a function called by platform_copy_config, where it belongs. Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net> Fixes: FS#821 Fixes: 30f61a34b4cf "base-files: always use staged sysupgrade"
* base-files: nand: use CI_KERNPART whenever the kernel volume is neededChristian Lamparter2017-05-311-4/+4
| | | | | | | | | | | | | | | | | | The sender domain has a DMARC Reject/Quarantine policy which disallows sending mailing list messages using the original "From" header. To mitigate this problem, the original message has been wrapped automatically by the mailing list software. This patch is in continuation of: commit 93aa86040523 "procd: nand: make it possible to configure kernel and ubi partition" The $CI_KERNPART variable should be used in place of the fixed "kernel" partition name. This allows targets to specifiy alternate names for the kernel partition. Cc: Chris Blake <chrisrblake93@gmail.com> Signed-off-by: Christian Lamparter <chunkeey@googlemail.com>
* base-files: add support for staged sysupgrades from failsafe modeMatthias Schiffer2017-05-293-10/+25
| | | | Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>