aboutsummaryrefslogtreecommitdiffstats
path: root/package/base-files
Commit message (Collapse)AuthorAgeFilesLines
* OpenWrt v22.03.3: revert to branch defaultsHauke Mehrtens2023-01-031-2/+2
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* OpenWrt v22.03.3: adjust config defaultsv22.03.3Hauke Mehrtens2023-01-031-2/+2
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* base-files: stage2: add 'tail' to sysupgrade environmentTony Ambardar2023-01-011-1/+1
| | | | | | | | This is used to access footer data in firmare files, and is simpler and less error-prone than using 'dd' with calculated offsets. Signed-off-by: Tony Ambardar <itugrok@yahoo.com> (cherry picked from commit 9cbc825b30a60c4c4b466301b87e15e59b107f24)
* base-files: support "metric" in board.jsonRafał Miłecki2022-12-011-1/+2
| | | | | | | | It allows prepopulating /etc/config/network interface-s with predefined metric. It may be useful for devices with multiple WAN ports. Signed-off-by: Rafał Miłecki <rafal@milecki.pl> (cherry picked from commit 7f443d2d9aa1170d6b68f0dc6d5b5552882ee327)
* OpenWrt v22.03.2: revert to branch defaultsHauke Mehrtens2022-10-151-2/+2
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* OpenWrt v22.03.2: adjust config defaultsv22.03.2Hauke Mehrtens2022-10-151-2/+2
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* OpenWrt v22.03.1: revert to branch defaultsHauke Mehrtens2022-10-091-2/+2
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* OpenWrt v22.03.1: adjust config defaultsv22.03.1Hauke Mehrtens2022-10-091-2/+2
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* OpenWrt v22.03.0: revert to branch defaultsHauke Mehrtens2022-09-031-2/+2
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* OpenWrt v22.03.0: adjust config defaultsv22.03.0Hauke Mehrtens2022-09-031-2/+2
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* base-files: add mtd_get_mac_encrypted_arcadyan functionMikhail Zhilkin2022-08-191-0/+31
| | | | | | | | | | Some Arcadyan devices (e.g. MTS WG430223) keep their config in encrypted mtd. This adds mtd_get_mac_encrypted_arcadyan() function to get the MAC address from the encrypted partition. Function uses uencrypt utility for decryption (and openssl if the uencrypt wasn't found). Signed-off-by: Mikhail Zhilkin <csharper2005@gmail.com> (cherry picked from commit 12c971bc26ac0ff04257bc475fff6fa68068c6c0)
* OpenWrt v22.03.0-rc6: revert to branch defaultsHauke Mehrtens2022-08-011-2/+2
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* OpenWrt v22.03.0-rc6: adjust config defaultsv22.03.0-rc6Hauke Mehrtens2022-08-011-2/+2
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* OpenWrt v22.03.0-rc5: revert to branch defaultsHauke Mehrtens2022-07-061-2/+2
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* OpenWrt v22.03.0-rc5: adjust config defaultsv22.03.0-rc5Hauke Mehrtens2022-07-061-2/+2
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* base-files: allow ignoring minor compat-version checkDavid Bauer2022-06-232-0/+5
| | | | | | | | | | | | | Downstream projects might re-generate device-specific configuration based on OpenWrt's defaults on each upgrade, thus being unaffected by forward- as well as backwards-breaking configuration. Add a new sysupgrade parameter, which allows sysupgrades between minor compat-versions. Upgrades will still fail upon mismatching major compat versions. Signed-off-by: David Bauer <mail@david-bauer.net> (cherry picked from commit 34437af88867c4435add8a144417290b7fd4362a)
* OpenWrt v22.03.0-rc4: revert to branch defaultsHauke Mehrtens2022-06-101-2/+2
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* OpenWrt v22.03.0-rc4: adjust config defaultsv22.03.0-rc4Hauke Mehrtens2022-06-101-2/+2
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* OpenWrt v22.03.0-rc3: revert to branch defaultsHauke Mehrtens2022-05-271-2/+2
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* OpenWrt v22.03.0-rc3: adjust config defaultsv22.03.0-rc3Hauke Mehrtens2022-05-271-2/+2
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* base-files: simplify restorecon logicDaniel Golle2022-05-031-2/+2
| | | | | | | | | | Remove forgotten redundant selinuxenabled call and skip the whole thing in case $IPKG_INSTROOT is set as labels are anyway applied only later on in fakeroot when squashfs is created. Fixes: 6d7272852e ("base-files: add missing $IPKG_INSTROOT to restorecon call") Signed-off-by: Daniel Golle <daniel@makrotopia.org> (cherry picked from commit 7b07c3cff57f057d6780d34adeb23c06123732db)
* base-files: add missing $IPKG_INSTROOT to restorecon callDaniel Golle2022-05-031-1/+3
| | | | | | | | Update to overlooked v2 version of Dominick Grift's patch. Fixes: 5109bd164c ("base-files: address sed in-place without SELinux awareness") Signed-off-by: Daniel Golle <daniel@makrotopia.org> (cherry picked from commit 6d7272852e0b2634b2fa93a131ea8659ec87f079)
* base-files: address sed in-place without SELinux awarenessDominick Grift2022-05-031-0/+1
| | | | | | | | | | | | | sed(1) in busybox does not support this functionality: https://git.savannah.gnu.org/cgit/sed.git/tree/sed/execute.c#n598 This causes /etc/group to become mislabeled when a package requests that a uid/gid be added on OpenWrt with SELinux Signed-off-by: Daniel Golle <daniel@makrotopia.org> [move restorecon inside lock] Signed-off-by: Dominick Grift <dominick.grift@defensec.nl> (cherry picked from commit 5109bd164c8f2273329483f990188fb36cf3ad68)
* OpenWrt v22.03.0-rc1: revert to branch defaultsHauke Mehrtens2022-04-211-2/+2
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* OpenWrt v22.03.0-rc1: adjust config defaultsv22.03.0-rc1Hauke Mehrtens2022-04-211-2/+2
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* base-files: more robust sysupgrade on NANDDaniel Golle2022-04-151-4/+10
| | | | | | | | | | Make sure sysupgrade on NAND also works in case of UBI volumes having index >9. While at it, also make sure UBI device is detected and abort in case it isn't. Use Shell built-in shorthand ':' instead of 'true'. Fixes #9708 Signed-off-by: Daniel Golle <daniel@makrotopia.org> (cherry picked from commit 0dbca1b2baf9c26514b517a1e5860f6a5b04d5ae)
* OpenWrt v22.03: set branch defaultsPaul Spooren2022-03-201-1/+1
| | | | Signed-off-by: Paul Spooren <mail@aparcar.org>
* base-files: add wrapper for procd service list commandFlorian Eckert2022-03-191-0/+8
| | | | | | | | | | | | | | | | A service managed by procd does have a json object with usefull information. This information could by dumped with the following command. ubus call service list "{ 'verbose':true, 'name': '<service-name>)'". }" This line is long and complicated to enter. This commit adds a wrapper call to the procd service section tool to simplify the input and get the output faster. We could now enter the command /etc/initd/<service> info to get the info faster. Signed-off-by: Florian Eckert <fe@dev.tdt.de>
* procd: move service command to procdFlorian Eckert2022-03-191-21/+0
| | | | | | | | The service command belongs to the procd and does not belong in the shinit. In the course of the move, the script was also checked with shellcheck and cleaned up. Signed-off-by: Florian Eckert <fe@dev.tdt.de>
* base-files: Align rootfs_data upgrades to 64KiB on eMMCBrian Norris2022-03-161-1/+4
| | | | | | | | | | | Rootfs overlays get created at a ROOTDEV_OVERLAY_ALIGN (64KiB) alignment after the rootfs, but emmc_do_upgrade() is assuming it comes at the very next 512-byte sector. Suggested-by: Christian Lamparter <chunkeey@gmail.com> Signed-off-by: Brian Norris <computersforpeace@gmail.com> (move spaces around, mention fstools' libtoolfs) Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
* base-files: call "sync" after initial setupRafał Miłecki2022-03-121-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | OpenWrt uses a lot of (b)ash scripts for initial setup. This isn't the best solution as they almost never consider syncing files / data. Still this is what we have and we need to try living with it. Without proper syncing OpenWrt can easily get into an inconsistent state on power cut. It's because: 1. Actual (flash) inode and data writes are not synchronized 2. Data writeback can take up to 30 seconds (dirty_expire_centisecs) 3. ubifs adds extra 5 seconds (dirty_writeback_centisecs) "delay" Some possible cases (examples) for new files: 1. Power cut during 5 seconds after write() can result in all data loss 2. Power cut happening between 5 and 35 seconds after write() can result in empty file (inode flushed after 5 seconds, data flush queued) Above affects e.g. uci-defaults. After executing some migration script it may get deleted (whited out) without generated data getting actually written. Power cut will result in missing data and deleted file. There are three ways of dealing with that: 1. Rewriting all user-space init to proper C with syncs 2. Trying bash hacks (like creating tmp files & moving them) 3. Adding sync and hoping for no power cut during critical section This change introduces the last solution that is the simplest. It reduces time during which things may go wrong from ~35 seconds to probably less than a second. Of course it applies only to IO operations performed before /etc/init.d/boot . It's probably the stage when the most new files get created. All later changes are usually done using smarter C apps (e.g. busybox or uci) that creates tmp files and uses rename() that is expected to be atomic. Signed-off-by: Rafał Miłecki <rafal@milecki.pl> Acked-by: Hauke Mehrtens <hauke@hauke-m.de> Acked-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
* base-file: remove password aging feature form /etc/shadowRucke Teg2022-02-241-1/+1
| | | | | | | | | | | | | | In the default shadow file, as visible in the failsafe mode, the user root has value of `0` set in the 3rd field, the date of last password change. This setting means that the password needs to be changed the next time the user will log in the system. `dropbear` server is ignoring this setting but `openssh-server` tries to enforce it and fails in the failsafe mode because the rootfs is R/O. Disable the password aging feature for user root by setting the 3rd filed empty. Signed-off-by: Rucke Teg <rucketeg@protonmail.com>
* base-files: make sure tools are present in sysupgrade ramdiskDaniel Golle2022-02-221-1/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Not all targets create /var/lock or touch /var/lock/fw_printenv.lock in their platform.sh. This is problematic as fw_printenv then fails in case /var/lock/fw_printenv.lock has not been created by previous calls to fw_printenv/fw_setenv before sysupgrade is run. Targets using fw_printenv/fw_setenv during sysupgrade: * ath79/* * ipq40xx/* * ipq806x/* * kirkwood/* * layerscape/* * mediatek/mt7622 * mvebu/* * ramips/* * realtek/* Targets currently using additional steps in /lib/upgrade/platform.sh to make sure /var/lock/fw_printenv.lock (or at least /var/lock) actually exists: * ath79/* (openmesh devices) * ipq40xx/* (linksys devices) * ipq806x/* (linksys devices) * kirkwood/* (linksys devices) * layerscape/* * mvebu/cortexa9 (linksys devices) Given that accessing the U-Boot environment during sysupgrade is not uncommon and the situation across targets is currently quite diverse, just make sure both tools as well fw_env.config are always copied to the ramdisk used for sysupgrade. Also make sure /var/lock always exists. This now allows to remove copying of fw_printenv/fw_setenv as well as fw_env.config, creation of /var/lock or even /var/lock/fw_printenv.lock from lib/upgrade/platform.sh or files included there. As the same applies also to 'fwtool' which is used by generic eMMC sysupgrade, also always copy that to ramdisk. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* base-files: add support for heartbeat led triggerAlexey Smirnov2022-02-191-0/+9
| | | | | | | | | | | This patch adds support for creation heartbeat led trigger with, for example, this command: ucidef_set_led_heartbeat "..." "..." "..." from /etc/board.d/01_leds. Signed-off-by: Alexey Smirnov <s.alexey@gmail.com>
* base-files: Make sure rootfs_data_max is consideredDaniel Golle2022-02-171-8/+5
| | | | | | | | | | | | | | | For sysupgrade on NAND/UBI devices there is the U-Boot environment variable rootfs_data_max which can be used to limit the size of the rootfs_data volume created on sysupgrade. This stopped working reliable with recent kernels, probably due to a race condition when reading the number of free erase blocks from sysfs just after removing a volume. Change the script to just try creating rootfs_data with the desired size and retry with maximum size in case that fails. Hence calculating the available size in the script can be dropped which works around the problem. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* base-files: replace fgrep with grep -FRosen Penev2022-02-061-1/+1
| | | | | | | fgrep is deprecated and replaced by grep -F. The latter is used throughout the tree whereas this is the only usage of the former. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* base-files: upgrade: fix efi partitions size calculationJavier Marcet2021-12-271-1/+1
| | | | | | | | | We were missing (not using) the last sector of each partition, compared with the output of gparted. Signed-off-by: Javier Marcet <javier@marcet.info> [moved the dot] Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
* base-files: fix service_running checkFlorian Eckert2021-12-041-3/+3
| | | | | | | | | | | | | | | | | | The following command checks if a instance of a service is running. /etc/init.d/<service> running <instance> In the variable `$@`, which is passed to the function `service_running`, the first argument is always the `instance` which should be checked. Because all other variables where removed from `$@` with `shift`. Before this change the first argument of `$@` was set to the `$service` Variable. So the function does not work as expected. The `$service` variable was always the instance which should be checked. This is not what we want. Signed-off-by: Florian Eckert <fe@dev.tdt.de> Reviewed-by: Sungbo Eo <mans0n@gorani.run>
* base-files: add eMMC sysupgrade supportEnrico Mioso2021-12-022-0/+72
| | | | | | | | | | | | | | | | | | | | | | | | | Adds generic support for sysupgrading on eMMC-based devices. Provide function emmc_do_upgrade and emmc_copy_config to be used in /lib/upgrade/platform.sh instead of redundantly implementing the same logic over and over again. Similar to generic sysupgrade on NAND, use environment variables CI_KERNPART, CI_ROOTPART and newly introduce CI_DATAPART to indicate GPT partition names to be used. On devices with more than one MMC block device, CI_ROOTDEV can be used to specify the MMC device for partition name lookups. Also allow to select block devices directly using EMMC_KERN_DEV, EMMC_ROOT_DEV and EMMC_DATA_DEV, as using GPT partition names is not always an option (e.g. when forced to use MBR). To easily handle writing kernel and rootfs make use of sysupgrade.tar format convention which is also already used for generic NAND support. Signed-off-by: Enrico Mioso <mrkiko.rs@gmail.com> Signed-off-by: Daniel Golle <daniel@makrotopia.org> CC: Li Zhang <li.zhang@gl-inet.com> CC: TruongSinh Tran-Nguyen <i@truongsinh.pro>
* base-files: dont always create kernel UBI volumeRobert Marko2021-11-281-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | Currently nand_upgrade_tar() will pass the kernel length to nand_upgrade_prepare_ubi() in all cases except for when the kernel is to be installed in a separate partition as a binary with the MTD tool. While this is fine for almost all cases newer MikroTik NAND devices like hAP ac3 require the kernel to be installed as a UBIFS packed UBI volume in its own partition. So, since we have a custom recipe to use ubiformat to flash the kernel in its partition it makes no sense for sysupgrade to also install the kernel as a UBI volume in the "ubi" partition as it only wastes space and will never be used. So, simply check whether CI_KERNPART is set to "none" and if so unset the "has_kernel" variable which will in turn prevent the kernel length from being passed on and then the kernel UBI volume wont be created for no usefull purpose. The ath79 MikroTik NAND target has been setting CI_KERNPART to "none" for a while now altough that was not preventing the kernel to be installed as UBI volume as well. Signed-off-by: Robert Marko <robimarko@gmail.com>
* base-files: stage2: improve /proc/*/stat parserDaniel Golle2021-11-131-2/+5
| | | | | | | | | | | Simply reading /proc/*/stat as a space-separated string will not work as the process name may itself contain spaces. Hence we must match on the '(' and ')' characters around the process name and can then handle the remaining string as space-separated values. This fixes shell error messages which have been popping up the console due to spaces in process names being interpreted as field separators. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* base-files: drop get_partition_by_name shell functionDaniel Golle2021-11-011-9/+0
| | | | | | | find_mmc_part provides a better alternative and all users of get_partition_by_name have been removed. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* base-files: allow specifiying rootdev for find_mmc_partDaniel Golle2021-11-011-2/+8
| | | | | | | | Some devices got more than one mmc device. Allow specifying the root device as 2nd parameter of find_mmc_part so scripts can avoid matching irrelevant partitions on wrong mmc device. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* base-files: add minimal mmc supportDavide Fioravanti2021-11-013-0/+35
| | | | | | | | | | | | | | | | Added minimal mmc support for helper functions: - find_mmc_part: Look for a given partition name. Returns the coresponding partition path - caldata_extract_mmc: Look for a given partition name and then extracts the calibration data - mmc_get_mac_binary: Returns the mac address from a given partition name and offset Signed-off-by: Davide Fioravanti <pantanastyle@gmail.com> Signed-off-by: Robert Marko <robimarko@gmail.com> [replace dd with caldata_dd, moved sysupgrade mmc to orbi] Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
* base-files, metadata: support additional group membershipDaniel Golle2021-10-281-3/+20
| | | | | | | | | | | | Some packages may require additional group membership for the system user added by that package. Allow defining additional groups as third member of the ':'-separated tuple, allowing to specify multiple ','-separated groups with optional GID. Example: USERID:=foouser=1000:foogroup=1000:addg1=1001,addg2=1002,addg3 Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* base-files: chmod 1777 /var/lockDeomid Ryabkov2021-10-231-2/+3
| | | | | | | | | | | | | Per FHS 3.0, /var/lock is the location for lock files [1]. However its current permissions (755) are too restrictive for use by unprivileged processes. Debian and Ubuntu set them to 1777, and now so do we. [1] <https://refspecs.linuxfoundation.org/FHS_3.0/fhs-3.0.html#varlockLockFiles> Signed-off-by: Deomid Ryabkov <rojer@rojer.me> [fixed typo in commit message, had to remove "rojer" due to git hooks] Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
* base-files: reduce number of `mkdir` callsPaul Spooren2021-09-231-17/+19
| | | | | | | | | | | | | The `mkdir` commands supports passing multiple arguments to batch create multiple folders, instead of calling the tool every single time. If the creation of one of the folders fails, all other folder are still created and therefore doesn't change the error handling. Also stop creating `/etc/` explicitly after subfolders of `/etc/` were already created. Signed-off-by: Paul Spooren <mail@aparcar.org>
* base-files: reduce `sed` callsPaul Spooren2021-09-231-4/+2
| | | | | | | | | The `sed`-script shouldn't be called multiple times, especially not with the same files. This commit merges all files together in a single `sed`-script call. Signed-off-by: Paul Spooren <mail@aparcar.org>
* base-files: fix option to make /var persistentStijn Tintel2021-08-231-1/+1
| | | | | | | | | | | | The option was initially named TARGET_ROOTFS_LN_VAR_TMP, and the check was correct. When renaming the option to something more suitable, the check was changed to check for n, but when an option is not set, it's not n but empty. This results in the check always evaluating to false. Fix the check by checking for y with ifneq. Fixes: 57807f50ded6 ("base-files: add option to make /var persistent") Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* base-files: add option to make /var persistentStijn Tintel2021-08-221-0/+5
| | | | | | | | | | | | | | | | In OpenWrt, /var is symlinked to /tmp by default. This is done to reduce the amount of writes to the flash chip, which often have not the greatest durability. As a result, things like DHCP or UPnP lease files, are not persistent across reboots. Since OpenWrt can run on devices with more durable storage, it makes sense to have an option for a persistent /var. Add an option to make /var persistent. When enabled, /var will no longer be symlinked to /tmp, but /var/run will be symlink to /tmp/run, as it should contains only files that should not be kept during reboot. The option is off by default, to maintain the current behaviour. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>