aboutsummaryrefslogtreecommitdiffstats
path: root/package/base-files/Makefile
Commit message (Collapse)AuthorAgeFilesLines
* base-files: merge /etc/passwd et al at sysupgrade config restoreDaniel Golle2020-10-221-1/+1
| | | | Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* target: include selinux-variants if CONFIG_SELINUX is setDaniel Golle2020-10-211-1/+1
| | | | | | | | Rather than unconditionally adding busybox and procd to the set of default packages, add busybox-selinux and procd-selinux in case CONFIG_SELINUX is set. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* base-files: allow exceptions when removing devicename from LEDsAdrian Schmutzler2020-10-021-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Without the model-based devicename for LEDs, there are still cases where a third component is required, typically when it refers to internal "devices" like phys etc. An example are the following two found on ramips: - rt2800soc-phy0::radio - rt2800pci-phy0::radio So far, the rt2800*-phy: prefixes would be removed by the devicename removal ("migration") script, and the configuration for these LEDs would be broken. To address this, this patch allows to add arguments to a call of remove_devicename_leds, which will be compared against the first part of the LED names/labels, and then be ignored by the routine, and thus not removed: remove_devicename_leds "rt2800soc-phy0" "rt2800pci-phy0" This mechanism is supposed to be used when a "devicename" applies to several devices. If only a single device is affected, it might be more effective to use a case statement and exclude the device from migration by that entirely. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* base-files: add function to remove devicename from LED labelsAdrian Schmutzler2020-10-021-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently, we request LED labels in OpenWrt to follow the scheme modelname:color:function However, specifying the modelname at the beginning is actually entirely useless for the devices we support in OpenWrt. In patches subsequent to this one, we will thus remove the modelname from the label definitions on various targets. To migrate the existing definitions from older installations, a migration script needs to be deployed that does modelname:color:function -> color:function e.g. dir-789:green:status -> green:status This patch introduces two functions that do exactly that: For each entry in /etc/config/system, the routine will check whether two (or more) colons are present, and then remove everything up to (and including) the first colon. For now, this will be applied unconditionally, i.e. if the function is called for a device, all labels will be cut like this. However, for a future case of mixed three-part and two-part labels, it should not be too hard to provide a function argument with exceptions to the removal. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* base-files: drop default setup for vconfigAdrian Schmutzler2020-09-161-1/+1
| | | | | | | | | | | | | | | | | vconfig has been disabled by default since 2015 [1] and there are no remaining uses in entire OpenWrt trunk. However, we still set up a specific name_type for it during boot. While this setup is properly implemented to be only triggered when vconfig is present, it still seems anachronistic and unnecessary to set up a standard for a tool that is not used anymore. Therefore, this removes the set_name_type initialization and leaves it for those people actually using the tool to configure it as needed. [1] 899a23227e55 ("busybox: improve applets & deprecate ifconfig, route") Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* base-files: disable LEDs if default state is undefinedDavid Bauer2020-09-111-1/+1
| | | | | | | | | | | | | | | Set the default state for LEDs to off. When a trigger is set, the trigger will turn the LED automatically on. Currently LEDs might stay on, e.g. when the LED trigger is set to a netdev trigger and the interface is never activated or the 'none' trigger is selected without setting the 'default' option to 0 and it's set for the LED indicating the system running state. Using off as a default value is also consistent with the documentation in the OpenWrt wiki. Signed-off-by: David Bauer <mail@david-bauer.net>
* base-files: support label-property-less in get_dt_ledsChristian Lamparter2020-09-051-1/+1
| | | | | | | | | | | | | | | | | | | | | | | The LED's "label" property has been deprecated in upstream by: |commit c5d18dd6b64e09dd6984bda9bdd55160af537a8c |Author: Jacek Anaszewski <jacek.anaszewski@gmail.com> |Date: Sun Jun 9 20:19:04 2019 +0200 | | dt-bindings: leds: Add properties for LED name construction | | Introduce dedicated properties for conveying information about | LED function and color. Mark old "label" property as deprecated. | | Additionally function-enumerator property is being provided | for the cases when neither function nor color can be used | for LED differentiation. in order to be somewhat prepared, this patch adds a fallback as a last resort to make the current led code work by falling back to the node-name as the "label". Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
* treewide: bump PKG_RELEASE after replacing `which`Adrian Schmutzler2020-08-121-1/+1
| | | | | | | | | Bump PKG_RELEASE for the affected packages as replacing "which" by "command -v" represents a content change. Fixes: 1fdf6b745cc3 ("treewide: replace `which` with `command -v`") Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* base-files: functions.sh: fix config_get() on invalid identifiersJo-Philipp Wich2020-08-071-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When passing a section or option value to config_get() which contains characters that happen to be valid variable interpolation expressions, the function returns a nonsensical expression result instead of the expected empty string. When the passed section or option name contains other characters which are not valid within a shell variable name, a substitution error is occuring instead. The issue can be easily reproduced by one of the following examples: root@OpenWrt:~# . /lib/functions.sh root@OpenWrt:~# config load system root@OpenWrt:~# config_get variable invalid-section option root@OpenWrt:~# echo "$variable" section_option:- root@OpenWrt:~# . /lib/functions.sh root@OpenWrt:~# config load system root@OpenWrt:~# config_get variable section invalid-option root@OpenWrt:~# echo "$variable" option:- root@OpenWrt:~# . /lib/functions.sh root@OpenWrt:~# config load system root@OpenWrt:~# config_get variable section invalid@option -ash: eval: syntax error: bad substitution Fix this issue by only performing interpolations when the given section and option arguments are free of illegal characters. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* base-files: mount bpffs at bootTony Ambardar2020-07-311-1/+1
| | | | | | | | | | Explicitly mount the BPF filesystem if available. This is used for pinning eBPF programs and maps, making them accessible to other eBPF programs or from userspace with the help of libbpf or bpftool. Signed-off-by: Tony Ambardar <itugrok@yahoo.com> [daniel@makrotopia.org: bumped PKG_RELEASE] Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* base-files: add function for generating random MACDavid Bauer2020-07-281-1/+1
| | | | | | | | | | This adds a function for generating a valid random MAC address (unset MC bit / set locally administered bit). It is necessary for devices which do not have a MAC address programmed by the manufacturer. Signed-off-by: David Bauer <mail@david-bauer.net>
* base-files: remove urandom-seed definitionSungbo Eo2020-06-231-9/+0
| | | | | | | | urandom-seed has a separate Makefile, we can safely remove the definition here. Fixes: 27bfde9c9f78 ("base-files: move urandom seed bits into separate package") Signed-off-by: Sungbo Eo <mans0n@gorani.run>
* base-files: gpio switch: add named GPIO supportKuan-Yi Li2020-06-181-1/+1
| | | | | | | | | | | | | | | | Previously, gpio_switch only accepts GPIO pin number as input. Once a GPIO pin is exported and named by device tree, its pin state cannot be configured and saved across reboots by UCI. This patch adds support for named GPIO pins. Thus GPIO pin can be exported by device tree with active high/low correctly configured, having human-readable name in /sys/class/gpio/ is also now possible. More importantly, GPIO pins which are referenced by name will be immune from pin mapping breakage while unintentional pin number changes are introduced by kernel or driver updates. Signed-off-by: Kuan-Yi Li <kyli@abysm.org>
* package/base-files: caldata: work around dd's limitationThibaut VARÈNE2020-05-281-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | tl;dr: dd will silently truncate the output if reading from special files (e.g. sysfs attributes) with a too large bs parameter. This problem was exposed on some RouterBOARD ipq40xx devices which use a caldata payload which is larger than PAGE_SIZE, contrary to all other currently supported RouterBOARD devices: the caldata would fail to properly load with the current scripts. Background: dd doesn't seem to correctly handle read() results that return less than requested data. sysfs attributes have a kernel exchange buffer which is at most PAGE_SIZE big, so only 1 page can be read() at a time. In this case, if bs is larger than PAGE_SIZE, dd will silently truncate blocks to PAGE_SIZE. With the current scripts using bs=<size> count=1, the data is truncated to PAGE_SIZE as soon as the requested <size> exceeds this value. This commit works around this problem by using `cat` in the caldata routines that can read from a file (routines that read from mtd devices are untouched). cat correctly handles partial read requests. The output is then piped to dd with the same parameters as before, to ensure that the resulting file remains exactly the same. This is a simple workaround, the downside is that it uses a pipe and one more executable, and therefore has a larger memory footprint and is slower. This is deemed acceptable considering these routines are only used at boot time. Tested-by: Robert Marko <robimarko@gmail.com> Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
* base-files: switch_to_ramfs: add nand-utilsÁlvaro Fernández Rojas2020-05-181-1/+1
| | | | Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
* package/base-files: add caldata_sysfsload_from_file()Thibaut VARÈNE2020-05-081-1/+1
| | | | | | | | This routine enables loading caldata binary via the kernel sysfs loader See https://www.kernel.org/doc/html/v4.19/driver-api/firmware/fallback-mechanisms.html Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
* package/base-files: caldata: allow setting target fileThibaut VARÈNE2020-05-081-1/+1
| | | | | | | This will enable platforms to extract caldata to an arbitrary file, or patch mac in an abitrary file. Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
* base-files: don't ship local build key when on buildbotDaniel Golle2020-04-121-1/+3
| | | | | | | | | | Including the local build key in /etc/opkg/keys isn't feasible when building on the buildbot: The included key collides with its copy already in openwrt-keyring which breaks the ImageBuilder. Not including a locally generated key also makes the base-files package more reproducible. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* base-files: preinit: also config switch when no port roles definedChuanhong Guo2020-04-121-1/+1
| | | | | | | | | current preinit code in base-files doesn't config switch when there are no port roles defined. But this kind of configuration exists on single port devices where switch vlan is simply disabled. configure reset and enable_vlan property when a switch node exist. Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
* base-files: do not source system.sh in functions.shAdrian Schmutzler2020-04-121-1/+1
| | | | | | | | | | | | | | | | | | The default_postinst() function in /lib/functions.sh sources /lib/functions/system.sh before cycling through uci-defaults files. This creates a pseudo-cyclic dependency as system.sh also uses functions that are located in functions.sh. Despite that, there is actually only one uci-defaults file in the entire repo that needs system.sh, and this one contains an explicit source for system.sh anyway. Consequently, this patch removes the sourcing of system.sh in functions.sh. There are no relevant uses in packages, routing and luci repositories. This may require adjustments for downstream, though. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* base-files: add enabled commands to service rc.commonFlorian Eckert2020-04-081-1/+1
| | | | | | Add missing enbaled command help output. Signed-off-by: Florian Eckert <fe@dev.tdt.de>
* base-files: Add /etc/shinit for non-login shell initJeffery To2020-03-011-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Because /etc/profile (and ~/.profile) are read by login shells only, aliases and functions defined there are not available to non-login shells, e.g. when using screen or tmux. If the ENV environment variable exists (exported by /etc/profile or ~/.profile) and references an existing file, then all interactive shells (login or non-login) will read that file as well. This sets the ENV environment variable in /etc/profile, pointing to /etc/shinit. This also adds /etc/shinit, which: * Contains alias and function definitions originally in /etc/profile * Sources /etc/mkshrc if the user is using mksh (also originally in /etc/profile), as /etc/mkshrc is meant for all interactive shells * Sources ~/.mkshrc if the user is using mksh, to compensate for the fact that mksh will not read ~/.mkshrc if ENV is set * Sources ~/.shinit if the user is not using mksh This also removes the shebang from /etc/profile, as the file is sourced, not executed. Signed-off-by: Jeffery To <jeffery.to@gmail.com>
* base-files: add all buildinfo with INCLUDE_CONFIGXu Wang2020-02-271-1/+3
| | | | | | | | | | CONFIG_INCLUDE_CONFIG option is helpful for being able to rebuild the exact same firmware as you see on a live OpenWRT instance, but it's crucially missing feeds information, so we can't rebuild the exact same package versions. This commit fixes this by adding the remaining feeds (and version) buildinfo files to the image. Signed-off-by: Xu Wang <xwang1498@gmx.com>
* base-files: diag: restore default trigger for 'boot' LEDPiotr Dymacz2020-02-241-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | For devices without a dedicated 'diag' LED, we use sometimes one of other LEDs for indicating at least 'boot', 'failsafe' and 'upgrade' stages. In some cases, at the same time these LEDs have defined default triggers in DTS using 'linux,default-trigger' property. Current 'diag' setup removes the trigger and turns off 'boot' LED after bootup. One of the examples of such device is TP-Link TL-WR841N v14 (ramips) which uses 'wlan' LED with defined 'linux,default-trigger' for 'diag': aliases { led-boot = &led_wlan; led-failsafe = &led_wlan; led-upgrade = &led_wlan; }; [...] led_wlan: wlan { label = "tl-wr841n-v14:green:wlan"; gpios = <&gpio1 9 GPIO_ACTIVE_LOW>; linux,default-trigger = "phy0tpt"; }; This patch extends 'diag.sh' and 'leds.sh' scripts to make sure default trigger defined in DTS is restored for 'diag' LED which isn't used for indicating 'running' stage. Acked-by: Adrian Schmutzler <freifunk@adrianschmutzler.de> Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
* dropbear: move failsafe code out of base-filesKyle Copperfield2020-01-151-1/+1
| | | | | | | | | | | | The sender domain has a DMARC Reject/Quarantine policy which disallows sending mailing list messages using the original "From" header. To mitigate this problem, the original message has been wrapped automatically by the mailing list software. Failsafe code of dropbear should be in the dropbear package not the base-files package. Signed-off-by: Kyle Copperfield <kmcopper@danwin1210.me>
* base-files: fix build for /sbin/pkg_checkXu Wang2020-01-141-2/+2
| | | | | | | | | | Setting CONFIG_IPK_FILES_CHECKSUMS=y causes sha256 checksum files to be included with the packages to check for corruption. This commit fixes two issues: - /sbin/pkg_check was being removed incorrectly if IPK_FILES_CHECKSUMS=y - checksums were being saved in the wrong file Signed-off-by: Xu Wang <xwang1498@gmx.com>
* base-files: move /tmp/resolv.conf.auto to /tmp/resolv.conf.d/Daniel Golle2020-01-071-1/+1
| | | | | | Having it in a directory it more friendly for mount-bind. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* base-files: sysupgrade: exit if the firmware download failedPetr Štetiar2020-01-051-1/+1
| | | | | | | | | Sysupgrade process shouldn't continue if the firmware image couldn't be downloaded. Ref: http://lists.infradead.org/pipermail/openwrt-devel/2019-December/020940.html Reported-by: Petr Novák <petrn@me.com> Signed-off-by: Petr Štetiar <ynezz@true.cz>
* base-files: config_generate: split macaddr with multiple ifacesSungbo Eo2019-11-231-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | netifd does not handle network.@device[x].name properly if it contains multiple ifaces separated by spaces. Due to this, board.d lan_mac setup does not work if multiple ifaces are set to LAN by ucidef_set_interface_lan. To fix this, create a device node for each member iface when running config_generate instead. Those are named based on the member ifname: ucidef_set_interface_lan "eth0 eth1.1" ucidef_set_interface_macaddr "lan" "yy:yy:yy:yy:yy:01" will return config device 'lan_eth0_dev' option name 'eth0' option macaddr 'yy:yy:yy:yy:yy:01' config device 'lan_eth1_1_dev' option name 'eth1.1' option macaddr 'yy:yy:yy:yy:yy:01' ref: https://github.com/openwrt/openwrt/pull/2542 Signed-off-by: Sungbo Eo <mans0n@gorani.run> [always use new scheme, extend description, change commit title] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* base-files: rc.common: fix missing EXTRA_HELP textsPeter Stadler2019-11-141-1/+1
| | | | | | | | | | | | | | | Commit ed5b9129d7a4 ("base-files: implement generic service_running") has added EXTRA_HELP variable, thus overriding already available EXTRA_HELP text available in other init scripts, resulting in the missing help text from services like dropbear for example. So fix this regression by appending EXTRA_HELP text provided by the other init scripts into the one provided by the script itself. Fixes: ed5b9129d7a4 ("base-files: implement generic service_running") Signed-off-by: Peter Stadler <peter.stadler@student.uibk.ac.at> [commit title/description facelift, fixes tag, fixed From:, pkg bump] Signed-off-by: Petr Štetiar <ynezz@true.cz>
* base-files: remove shebang from uci-defaults filesAdrian Schmutzler2019-11-131-1/+1
| | | | | | | | | uci-defaults are sourced and non-executable, so they do not require a shebang. While at it, apply consistent naming scheme. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* base-files: add 'wifi reconf'John Crispin2019-11-121-1/+1
| | | | | | | | Now that netifd and hostapd allow dynamic reconfiguration, add a command to trigger it. Signed-off-by: John Crispin <john@phrozen.org> Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* base-files: hotplug-call: exit success when dir is absentYousong Zhou2019-10-291-1/+1
| | | | | | | | | "block mount" invokes "hotplug-call mount". It emits the following error when mount is not present hotplug-call call failed Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* Revert "build: separate signing logic"John Crispin2019-10-211-9/+8
| | | | | | | | This reverts commit 4a45e69d190f72ed94878487b271ed7651dd9efa. This broke the buildbots Signed-off-by: John Crispin <john@phrozen.org>
* build: separate signing logicPaul Spooren2019-10-211-8/+9
| | | | | | | | | | | | | | | | This separates the options for signature creation and verification * SIGNED_PACKAGES create Packages.sig * SIGNED_IMAGES add ucert signature to created images * CHECK_SIGNATURE add verification capabilities to images * INSTALL_LOCAL_KEY add local key-build to /etc/opkg/keys Right now the buildbot.git contains some hacks to create images that have signature verification capabilities while not storing private keys on buildbot slaves. This commit allows to disable these steps for the buildbots and only perform signing on the master. Signed-off-by: Paul Spooren <mail@aparcar.org>
* build: add buildinfo files for reproducibilityPaul Spooren2019-08-131-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | generate feeds.buildinfo and version.buildinfo in build dir after containing the feed revisions (via ./scripts/feeds list -sf) as well as the current revision of buildroot (via ./scripts/getver.sh). With this information it should be possible to reproduce any build, especially the release builds. Usage would be to move feeds.buildinfo to feeds.conf and git checkout the revision hash of version.buildinfo. Content of feeds.buildinfo would look similar to this: src-git routing https://git.openwrt.org/feed/routing.git^bf475d6 src-git telephony https://git.openwrt.org/feed/telephony.git^470eb8e ... Content of version.buildinfo would look similar to this: r10203+1-c12bd3a21b Without the exact feed revision it is not possible to determine installed package versions. Also rename config.seed to config.buildinfo to follow the recommended style of https://reproducible-builds.org/docs/recording/ Signed-off-by: Paul Spooren <mail@aparcar.org>
* base-files: drop support for the platform_nand_pre_upgrade()Rafał Miłecki2019-07-221-1/+1
| | | | | | | No target uses it anymore. All code from that callback was moved into the platform_do_upgrade(). Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* base-files: don't set ARGV and ARGCRafał Miłecki2019-07-171-1/+1
| | | | | | Those are not used by any image check function anymore. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* base-files: drop support for NAND upgrade in platform_pre_upgrade()Rafał Miłecki2019-07-081-1/+1
| | | | | | | With bcm53xx switched to the new procedure there is no more need for keeping that backward compatibility code. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* base-files: drop unused jffs2_copy_config()Rafał Miłecki2019-07-081-1/+1
| | | | | | | | Its last usage was dropped back in 2013 in the commit b95bdc8ab56e ("kernel/base-files: clean up old code related to refreshing mtd partitions, it is no longer used anywhere"). Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* base-files: add network_get_uptime() to /lib/functions/network.shFlorian Eckert2019-06-291-1/+1
| | | | | | Add missing ubus api call for uptime value. Signed-off-by: Florian Eckert <fe@dev.tdt.de>
* base-files: change boot & umount STOP indexesJoseph Tingiris2019-06-241-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | This patch is in a series to allow additional STOP indexes after umount, so that other block devices may stop cleanly. boot is now STOP=90 umount is now STOP=90 After this patch series, the resulting STOP indexes in the 80s & 90s will be: STOP=85 odhcpd.init STOP=89 conntrackd.init STOP=89 log.init STOP=89 rssileds.init STOP=90 boot STOP=90 kdump.init STOP=90 network STOP=90 sysfixtime STOP=90 umount STOP=98 mdadm.init (note: will be addressed in a separate patch) Signed-off-by: Joseph Tingiris <joseph.tingiris@gmail.com> Signed-off-by: Christian Lamparter <chunkeey@gmail.com> [PKG_RELEASE is now 200]
* base-files: apply new sysctl.conf at postinstYousong Zhou2019-06-211-1/+1
| | | | | | | | | | | | | | | | This is mainly for kmod-br-netfilter. To turn off bridge-netfilter-call-xxx immediately after installation While at it - Define filelist="/usr/lib/opkg/info/${pkgname}.list" - Reuse "[ -z "$root" ]" - Grep with "-m1" Fixes FS#2300 Reported-by: Marco Sartorius <tidbits@ormoorgmen.info> Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* base-files: move urandom seed bits into separate packagePetr Štetiar2019-06-111-1/+10
| | | | | | | So it's possible to install or remove it as needed. Tested-by: Lucian Cristian <lucian.cristian@gmail.com> Signed-off-by: Petr Štetiar <ynezz@true.cz>
* base-files: config_get: prevent filename globbingGünther Kelleter2019-01-301-1/+1
| | | | | | | | | When config_get is called as "config_get section option" the option is unexpectedly globbed by the shell which differs from the way options are read to a variable with "config_get variable section option". Add another layer of double quotes to fix it. Signed-off-by: Günther Kelleter <guenther.kelleter@devolo.de>
* build: Optionally provide file checksums in package metadataMichal Hrusecky2019-01-221-0/+2
| | | | | | | This may be useful if you don't entirely trust your flash and want to be able to check for corruptions. Signed-off-by: Michal Hrusecky <Michal@Hrusecky.net>
* base-files: add network_get_metric() to /lib/functions/network.shFlorian Eckert2018-09-251-1/+1
| | | | | Signed-off-by: Florian Eckert <fe@dev.tdt.de> Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
* base-files: create /etc/ethers by defaultLuiz Angelo Daros de Luca2018-08-211-0/+1
| | | | | | | | | | | /etc/ethers is missing on /rom but always created when dnsmasq runs. It is better to have it in place and avoid an extra change in flash after firstboot. It will generate an extra /etc/ethers-opkg when it has changed. Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com> Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* base-files: introduce sysupgrade signature chain verificationDaniel Golle2018-08-081-2/+5
| | | | | | | | | Verify ucert signature chains in sysupgrade images in case ucert is installed and $CHECK_IMAGE_SIGNARURE = 1. Also make sure ucert host binary is present and generate a self-signed ucert in case $TOPDIR/key-build.ucert is missing. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* base-files: sysupgrade: abort if config backup failsAndreas Ziegler2018-08-061-1/+1
| | | | | | | Sysupgrade shouldn't proceed, if the backup of the configuration fails because tar (or gzip) exit with a non-zero code. Signed-off-by: Andreas Ziegler <dev@andreas-ziegler.de>