aboutsummaryrefslogtreecommitdiffstats
path: root/package/base-files
Commit message (Collapse)AuthorAgeFilesLines
* dropbear: move failsafe code out of base-filesKyle Copperfield2020-01-152-7/+1
| | | | | | | | | | | | The sender domain has a DMARC Reject/Quarantine policy which disallows sending mailing list messages using the original "From" header. To mitigate this problem, the original message has been wrapped automatically by the mailing list software. Failsafe code of dropbear should be in the dropbear package not the base-files package. Signed-off-by: Kyle Copperfield <kmcopper@danwin1210.me>
* base-files: fix build for /sbin/pkg_checkXu Wang2020-01-141-2/+2
| | | | | | | | | | Setting CONFIG_IPK_FILES_CHECKSUMS=y causes sha256 checksum files to be included with the packages to check for corruption. This commit fixes two issues: - /sbin/pkg_check was being removed incorrectly if IPK_FILES_CHECKSUMS=y - checksums were being saved in the wrong file Signed-off-by: Xu Wang <xwang1498@gmx.com>
* base-files: use jshn lib for ubus sysupgrade argument generationFlorian Eckert2020-01-141-14/+11
| | | | | | | | With this change the well known jshn library will be used, to build the json arguments for the ubus sysupgrade method. This is also used in all other shell program that uses JSON. This commit unifies that. Signed-off-by: Florian Eckert <fe@dev.tdt.de>
* base-files: move /tmp/resolv.conf.auto to /tmp/resolv.conf.d/Daniel Golle2020-01-072-3/+4
| | | | | | Having it in a directory it more friendly for mount-bind. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* base-files: sysupgrade: exit if the firmware download failedPetr Štetiar2020-01-052-2/+2
| | | | | | | | | Sysupgrade process shouldn't continue if the firmware image couldn't be downloaded. Ref: http://lists.infradead.org/pipermail/openwrt-devel/2019-December/020940.html Reported-by: Petr Novák <petrn@me.com> Signed-off-by: Petr Štetiar <ynezz@true.cz>
* base-files: send informational UDP message each second waitingPaul Fertser2019-12-191-3/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | The preinit network initialisation and failsafe informational message are inherently racy as the interface takes some time to become functional after "ip link set $pi_ifname up" command. Consider this timing: [ 12.002713] IPv6: ADDRCONF(NETDEV_UP): eth1: link is not ready [ 12.008819] IPv6: ADDRCONF(NETDEV_UP): eth1.1: link is not ready [ 12.118877] random: procd: uninitialized urandom read (4 bytes read) [ 13.068614] eth1: link up (1000Mbps/Full duplex) [ 13.073309] IPv6: ADDRCONF(NETDEV_CHANGE): eth1: link becomes ready [ 13.080445] IPv6: ADDRCONF(NETDEV_CHANGE): eth1.1: link becomes ready Since the UDP message was sent prior to link becoming ready, it was never seen on the wire. The default failsafe timeout is set to 2 seconds, so with this patch there are two attempts to send the message, one spent in vain, and the other visible in tcpdump on an attached host. Of course, in cases when the interface is brought up faster it leads to two messages, however it should be harmless. This patch (almost) doesn't affect normal boot time while still allowing to enter failsafe reliably with a single button press, matching the official "generic failsafe" documentation. Signed-off-by: Paul Fertser <fercerpav@gmail.com>
* base-files: config_generate: split macaddr with multiple ifacesSungbo Eo2019-11-232-7/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | netifd does not handle network.@device[x].name properly if it contains multiple ifaces separated by spaces. Due to this, board.d lan_mac setup does not work if multiple ifaces are set to LAN by ucidef_set_interface_lan. To fix this, create a device node for each member iface when running config_generate instead. Those are named based on the member ifname: ucidef_set_interface_lan "eth0 eth1.1" ucidef_set_interface_macaddr "lan" "yy:yy:yy:yy:yy:01" will return config device 'lan_eth0_dev' option name 'eth0' option macaddr 'yy:yy:yy:yy:yy:01' config device 'lan_eth1_1_dev' option name 'eth1.1' option macaddr 'yy:yy:yy:yy:yy:01' ref: https://github.com/openwrt/openwrt/pull/2542 Signed-off-by: Sungbo Eo <mans0n@gorani.run> [always use new scheme, extend description, change commit title] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* base-files: include 'reconf' in help output of 'wifi' commandDaniel Golle2019-11-181-1/+1
| | | | | Reported-by: Dirk Brenken <dev@brenken.org> Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* base-files: rc.common: fix missing EXTRA_HELP textsPeter Stadler2019-11-142-2/+2
| | | | | | | | | | | | | | | Commit ed5b9129d7a4 ("base-files: implement generic service_running") has added EXTRA_HELP variable, thus overriding already available EXTRA_HELP text available in other init scripts, resulting in the missing help text from services like dropbear for example. So fix this regression by appending EXTRA_HELP text provided by the other init scripts into the one provided by the script itself. Fixes: ed5b9129d7a4 ("base-files: implement generic service_running") Signed-off-by: Peter Stadler <peter.stadler@student.uibk.ac.at> [commit title/description facelift, fixes tag, fixed From:, pkg bump] Signed-off-by: Petr Štetiar <ynezz@true.cz>
* base-files: add /usr/share/libubox/jshn.sh to sysupgrade stage2Russell Senior2019-11-131-1/+1
| | | | | | | | Discovered recent changes had broken sysupgrade for ar71xx mikrotik rb-493g, traced the problem to missing /usr/share/libubox/jshn.sh after switching to tmpfs. Signed-off-by: Russell Senior <russell@personaltelco.net>
* base-files: remove shebang from uci-defaults filesAdrian Schmutzler2019-11-134-7/+1
| | | | | | | | | uci-defaults are sourced and non-executable, so they do not require a shebang. While at it, apply consistent naming scheme. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* base-files: add 'wifi reconf'John Crispin2019-11-122-1/+6
| | | | | | | | Now that netifd and hostapd allow dynamic reconfiguration, add a command to trigger it. Signed-off-by: John Crispin <john@phrozen.org> Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* Revert "base-files: rename hostname with EUI of mac address"Adrian Schmutzler2019-11-071-15/+1
| | | | | | | | | | | | This reverts commit 6170c46b477d4953f91b99e805a276de444913cf. There has been demand for further evaluation of the impact of a changed hostname, so this is reverted for now. The default hostname will be "OpenWrt" again after this commit. The macaddr_geteui() function is not removed by this revert. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* base-files: rename hostname with EUI of mac addressRosy Song2019-11-072-1/+22
| | | | | | | | | | | | | | | If a label MAC address is provided for device, system will rename the hostname with OpenWrt_{eui mac address}. This helps to distinguish between different devices. Since it's no good idea to nest json_* functions, this code does not use get_mac_label directly, but only get_mac_label_dt as external resource. Signed-off-by: Rosy Song <rosysong@rosinson.com> [merged with commit introducing macaddr_geteui, rebased on updated label MAC address storage, extended commit message] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* base-files: don't store label MAC address in uci system configAdrian Schmutzler2019-11-072-8/+32
| | | | | | | | | | | | | | | | | | | | | | | | | | | If set, label MAC address is available from one of two sources, device tree or board.json. So far, the function get_mac_label was meant for retrieving the address, while an option in uci system config was specified only for case 2 (board.json). The uci config option has several drawbacks: - it is only used for a fraction of devices (those not in DT) - label MAC address is a device property, while config implies user interaction - label_macaddr option will only be set if /etc/config/system does not exist (i.e. only for new installations) Thus, this patch changes the behavior of get_mac_label: Instead of writing the value in board.json to uci system config and reading from this location afterwards, get_mac_label now extracts data from board.json directly. The uci config option won't be used anymore. In addition, two utility functions for extraction only from DT or from board.json are introduced. Since this is only changing the access to the label MAC address, it won't interfere with the addresses stored in the code base so far. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* base-files: hotplug-call: exit success when dir is absentYousong Zhou2019-10-292-3/+3
| | | | | | | | | "block mount" invokes "hotplug-call mount". It emits the following error when mount is not present hotplug-call call failed Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* base-files: uci-defaults: do config flush in one shotRoman Yeryomin2019-10-221-2/+1
| | | | | | | | | | | Moving a file between tmpfs and other fs is neither faster nor safer, thus no point in doing it in two steps. Use new jshn option to write output directly to file. Originally discussed here: http://lists.openwrt.org/pipermail/openwrt-devel/2017-December/010127.html Signed-off-by: Roman Yeryomin <roman@advem.lv>
* Revert "build: separate signing logic"John Crispin2019-10-211-9/+8
| | | | | | | | This reverts commit 4a45e69d190f72ed94878487b271ed7651dd9efa. This broke the buildbots Signed-off-by: John Crispin <john@phrozen.org>
* build: separate signing logicPaul Spooren2019-10-211-8/+9
| | | | | | | | | | | | | | | | This separates the options for signature creation and verification * SIGNED_PACKAGES create Packages.sig * SIGNED_IMAGES add ucert signature to created images * CHECK_SIGNATURE add verification capabilities to images * INSTALL_LOCAL_KEY add local key-build to /etc/opkg/keys Right now the buildbot.git contains some hacks to create images that have signature verification capabilities while not storing private keys on buildbot slaves. This commit allows to disable these steps for the buildbots and only perform signing on the master. Signed-off-by: Paul Spooren <mail@aparcar.org>
* treewide: use a single ath10k MAC patching function with checksumAdrian Schmutzler2019-10-151-7/+1
| | | | | | | | | | | | | | | | While all ath10k eeproms have a checksum field, so far two functions for patching ath10k MAC address have been present (and been used). This merges code to provide a single function ath10k_patch_mac in caldata.sh, having its name in accordance with ath9k functions. By doing so, correct MAC patching for current and future ath10k devices should be ensured. This patch adds checksum adjustments for several targets on ath79 and lantiq. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* treewide: move MAC address patch functions to common libraryAdrian Schmutzler2019-10-141-0/+59
| | | | | | | | | This unifies MAC address patch functions and moves them to a common script. While those were implemented differently for different targets, they all seem to do the same. The number of different variants is significantly reduced by this patch. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* treewide: move calibration data extraction function to libraryAdrian Schmutzler2019-10-131-0/+75
| | | | | | | | | | | | | | | | | This moves the almost identical calibration data extraction functions present multiple times in several targets to a single library file /lib/functions/caldata.sh. Functions are renamed with more generic names to merge different variants that only differ in their names. Most of the targets used find_mtd_chardev, while some used find_mtd_part inside the extraction code. To merge them, the more abundant version with find_mtd_chardev is used in the common code. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de> [rebase on latest master; add mpc85xx] Signed-off-by: David Bauer <mail@david-bauer.net>
* base-files: move xor() from caldata extraction to functions.shAdrian Schmutzler2019-10-131-0/+16
| | | | | | | | The xor() function is defined in each of the caldata extraction scripts for several targets. Move it to functions.sh to reduce duplicate code. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* base-files: coreutil-date breaks setting kernel timezoneVal Kulkov2019-10-121-1/+1
| | | | | | | | | | | | | | | | "coreutil-date" package from the packages feed replaces the Busybox date applet by symlinking /usr/bin/gnu-date to /bin/date. This prevents the system init script from setting kernel timezone because the GNU date utility does not provide such functionality: root@OpenWrt:~# date -k date: invalid option -- 'k' Try 'date --help' for more information. A specific reference to the Busybox date applet prevents alternative date utilities from breaking the system init script. Signed-off-by: Val Kulkov <val.kulkov@gmail.com>
* base-files: upgrade: add case to export_bootdeviceKlaus Kudielka2019-10-091-1/+13
| | | | | | | | | | | The factory uboot of the Turris Omnia boots with "root=b301", and we instruct new users to sysupgrade from there (e.g. method 1, step 7). Currently, this will fail with "Unable to determine upgrade device". Add a new case to export_bootdevice, which parses the hex argument. Fixes commit 2e5a0b81 ("mvebu: sysupgrade: sdcard: keep user added ...") Signed-off-by: Klaus Kudielka <klaus.kudielka@gmail.com>
* base-files: provide option to specify label MAC address in board.dAdrian Schmutzler2019-09-193-0/+14
| | | | | | | | | | | | | | For many devices, MAC addresses cannot be retrieved via the device tree alias. To still provide the label MAC address for those, this implements a second mechanism that will put the address into uci config. Note that this stores the actual MAC address, whereas in DTS we reference the bearing device. This is based on the work of Rosy Song <rosysong@rosinson.com> Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* base-files: add function to retrieve label MAC addressAdrian Schmutzler2019-09-191-0/+10
| | | | | | | | | | | | | | | | To refer to the MAC address on a device's label, one can specify the alias label-mac-device in the DTS which should point to the bearer of the corresponding MAC address. With the function get_mac_label, the user can retrieve then retrieve this address and use it as a value that uniquely identifies his device. This is severely helpful for several downstream functionalities, e.g. define MAC addresses of custom netifs or change the SSID to be easily recognizable. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* base-files,procd: add generic service statusLuiz Angelo Daros de Luca2019-09-151-1/+10
| | | | | | | | | | | | | | Adds a default status action for init.d scripts. procd "service status" will return: 0) for loaded services (even if disabled by conf or dead) 3) for inactive services 4) when filtering a non-existing instance Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com> [rebased, cleaned up] Signed-off-by: Petr Štetiar <ynezz@true.cz>
* base-files: implement generic service_runningPetr Štetiar2019-09-151-1/+6
| | | | | | | DRY is good, otherwise we're going to suffer with a copy&paste disease in the init scripts. Signed-off-by: Petr Štetiar <ynezz@true.cz>
* treewide: sysupgrade: use $UPGRADE_BACKUP to check for backupRafał Miłecki2019-09-113-3/+2
| | | | | | | Now that $UPGRADE_BACKUP is set conditionally there is no need to check the $UPGRADE_OPT_SAVE_CONFIG anymore. All conditions can be simplified. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* base-files: sysupgrade: pass "backup" ubus attributeRafał Miłecki2019-09-111-0/+3
| | | | | | | | This explicitly tells procd what backup file should be used during sysupgrade (if any). It's much more generic this way compared to the magic /tmp/sysupgrade.tgz file that had to be created before a call. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* base-files: validate firmware for compatibility with backupRafał Miłecki2019-09-081-0/+7
| | | | | | | | | This allows platform code to check if firmware image can be used with preserving a backup. It may be used e.g. when installing vendor firmwares that won't restore appended backup archive. Suggested-by: Luis Araneda <luaraneda@gmail.com> Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* treewide: use new procd sysupgrade $UPGRADE_BACKUP variableRafał Miłecki2019-09-052-2/+1
| | | | | | | | | | It's a variable set by procd that should replace hardcoded /tmp/sysupgrade.tgz. This change requires the most recent procd with the commit 0f3c136 ("sysupgrade: set UPGRADE_BACKUP env variable"). Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* base-files: use get_mac_binary() in mtd_get_mac_binary_ubi()Adrian Schmutzler2019-09-051-6/+1
| | | | | | | | | | | | The actual retrieval of the MAC address in mtd_get_mac_binary_ubi() is the same as in get_mac_binary(). Thus, use the latter function in the former to reduce duplicate code. This will also allow to benefit from the enhanced path check there and bring mtd_get_mac_binary_ubi() more in line with the similar mtd_get_mac_binary(). Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* base-files: fix mtd_get_mac_text not accepting hex offsetsDavid Bauer2019-09-051-1/+1
| | | | | | | | | | | The mtd_get_mac_text helper method did not support hexadecimal offset values, resulting them to break after 75bfc393ba6c ("treewide: convert MAC address location offsets to hexadecimal") This commit fixes this by evaluating the hexadecimal input, converting them to decimal. Signed-off-by: David Bauer <mail@david-bauer.net>
* treewide: don't hardcode "sysupgrade.tgz" file nameRafał Miłecki2019-09-052-1/+3
| | | | | | | | 1) Add BACKUP_FILE and use it when copying an archive to be restored after sysupgrade (on the next preinit). 2) Use CONF_TAR for copying backup prepared by the /sbin/sysupgrade Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* base-files: pass "force" parameter to the "sysupgrade" callRafał Miłecki2019-09-041-0/+3
| | | | | | | This makes sysupgrade work with the most recent procd that validates firmware before proceeding. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* base-files: use JSON for storing firmware validation infoRafał Miłecki2019-08-302-14/+73
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | So far firmware validation result was binary limited: it was either successful or not. That meant various limitations, e.g.: 1) Lack of proper feedback on validation problems 2) No way of marking firmware as totally broken (impossible to install) This change introduces JSON for storing detailed validation info. It provides a list of performed validation tests and their results. It allows marking firmware as non-forceable (broken image that can't be even forced to install). Example: { "tests": { "fwtool_signature": true, "fwtool_device_match": true }, "valid": true, "forceable": true } Implementation is based on *internal* check_image bash script that: 1) Uses existing validation functions 2) Provides helpers for setting extra validation info This allows e.g. platform_check_image() to call notify_check_broken() when needed & prevent user from bricking a device. Right now the new JSON info is used by /sbin/sysupgrade only. It still doesn't make use of "forceable" as that is planned for later development. Further plans for this feature are: 1) Expose firmware validation using some new ubus method 2) Move validation step from /sbin/sysupgrade into "sysupgrade" ubus method so: a) It's possible to safely sysupgrade using ubus only b) /sbin/sysupgrade can be more like just a CLI Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* treewide: sysupgrade: pass "save_partitions" option to the "sysupgrade" methodRafał Miłecki2019-08-222-12/+2
| | | | | | | This explicitly lets stage2 know if partitions should be preserved. No more "touch /tmp/sysupgrade.always.overwrite.bootdisk.partmap" hack. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* base-files: pass "save_config" option to the "sysupgrade" methodRafał Miłecki2019-08-224-5/+6
| | | | | | This explicitly lets stage2 know if config should be preserved. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* build: add buildinfo files for reproducibilityPaul Spooren2019-08-131-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | generate feeds.buildinfo and version.buildinfo in build dir after containing the feed revisions (via ./scripts/feeds list -sf) as well as the current revision of buildroot (via ./scripts/getver.sh). With this information it should be possible to reproduce any build, especially the release builds. Usage would be to move feeds.buildinfo to feeds.conf and git checkout the revision hash of version.buildinfo. Content of feeds.buildinfo would look similar to this: src-git routing https://git.openwrt.org/feed/routing.git^bf475d6 src-git telephony https://git.openwrt.org/feed/telephony.git^470eb8e ... Content of version.buildinfo would look similar to this: r10203+1-c12bd3a21b Without the exact feed revision it is not possible to determine installed package versions. Also rename config.seed to config.buildinfo to follow the recommended style of https://reproducible-builds.org/docs/recording/ Signed-off-by: Paul Spooren <mail@aparcar.org>
* base-files: drop support for the platform_nand_pre_upgrade()Rafał Miłecki2019-07-222-5/+1
| | | | | | | No target uses it anymore. All code from that callback was moved into the platform_do_upgrade(). Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* base-files: don't set ARGV and ARGCRafał Miłecki2019-07-173-7/+1
| | | | | | Those are not used by any image check function anymore. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* base-files: move stage2 upgrade to separated fileRafał Miłecki2019-07-114-24/+27
| | | | | | | | | do_upgrade_stage2() isn't really any common code. It isn't used anywhere except for /sbin/sysupgrade that passes it to the stage2. Moving its code to separated file also simplifies COMMAND variable. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* base-files: Fix path check in get_mac_binaryAdrian Schmutzler2019-07-091-1/+1
| | | | | | | | | Logic was inverted when changing from string check to file check. Fix it. Fixes: 8592602d0a88 ("base-files: Really check path in get_mac_binary") Reported-by: Matthias Schiffer <mschiffer@universe-factory.net> Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* base-files: drop support for NAND upgrade in platform_pre_upgrade()Rafał Miłecki2019-07-084-17/+3
| | | | | | | With bcm53xx switched to the new procedure there is no more need for keeping that backward compatibility code. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* base-files: drop unused jffs2_copy_config()Rafał Miłecki2019-07-082-11/+1
| | | | | | | | Its last usage was dropped back in 2013 in the commit b95bdc8ab56e ("kernel/base-files: clean up old code related to refreshing mtd partitions, it is no longer used anywhere"). Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* base-files: Really check path in get_mac_binaryAdrian Schmutzler2019-07-071-1/+1
| | | | | | | | Currently, path argument is only checked for being not empty. This changes behavior to actually check whether path exists. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* base-files: supress service restart of umountKarel Kočí2019-07-031-0/+5
| | | | | | | | | Restart is in default implemented so it calls stop and start. This is pretty unsafe to call on umount service. This service should not do anything on restart the same way as on start. Only use of this service is on stop. Signed-off-by: Karel Kočí <cynerd@email.cz>
* base-files: add network_get_uptime() to /lib/functions/network.shFlorian Eckert2019-06-292-1/+6
| | | | | | Add missing ubus api call for uptime value. Signed-off-by: Florian Eckert <fe@dev.tdt.de>