aboutsummaryrefslogtreecommitdiffstats
path: root/package/base-files/files/etc
Commit message (Collapse)AuthorAgeFilesLines
* base-files: call "sync" after initial setupRafał Miłecki2022-03-151-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | OpenWrt uses a lot of (b)ash scripts for initial setup. This isn't the best solution as they almost never consider syncing files / data. Still this is what we have and we need to try living with it. Without proper syncing OpenWrt can easily get into an inconsistent state on power cut. It's because: 1. Actual (flash) inode and data writes are not synchronized 2. Data writeback can take up to 30 seconds (dirty_expire_centisecs) 3. ubifs adds extra 5 seconds (dirty_writeback_centisecs) "delay" Some possible cases (examples) for new files: 1. Power cut during 5 seconds after write() can result in all data loss 2. Power cut happening between 5 and 35 seconds after write() can result in empty file (inode flushed after 5 seconds, data flush queued) Above affects e.g. uci-defaults. After executing some migration script it may get deleted (whited out) without generated data getting actually written. Power cut will result in missing data and deleted file. There are three ways of dealing with that: 1. Rewriting all user-space init to proper C with syncs 2. Trying bash hacks (like creating tmp files & moving them) 3. Adding sync and hoping for no power cut during critical section This change introduces the last solution that is the simplest. It reduces time during which things may go wrong from ~35 seconds to probably less than a second. Of course it applies only to IO operations performed before /etc/init.d/boot . It's probably the stage when the most new files get created. All later changes are usually done using smarter C apps (e.g. busybox or uci) that creates tmp files and uses rename() that is expected to be atomic. Signed-off-by: Rafał Miłecki <rafal@milecki.pl> Acked-by: Hauke Mehrtens <hauke@hauke-m.de> Acked-by: Sergey Ryazanov <ryazanov.s.a@gmail.com> (cherry picked from commit 9851d4b6ce6e89d164a04803817625a9041b060a)
* base-files: fix /tmp/TZ when zoneinfo not installedPaul Spooren2021-06-251-7/+4
| | | | | | | | | | | | | The zoneinfo packages are not installed per default so neither /tmp/localtime nor /tmp/TZ is generated. This patch mostly reverts the previous fix and instead incooperates a solution suggested by Jo. Fixes "base-files: fix zoneinfo support " 8af62ed Signed-off-by: Paul Spooren <mail@aparcar.org> (cherry picked from commit 56bdb6bb9781f8a0bbec5fc3075b9d2b8d12f9a8)
* base-files: fix zoneinfo supportRosen Penev2021-06-231-7/+9
| | | | | | | | | | | | | | | | | The system init script currently sets /tmp/localinfo when zoneinfo is populated. However, zoneinfo has spaces in it whereas the actual files have _ instead of spaces. This made the if condition never return true. Example failure when removing the if condition: /tmp/localtime -> /usr/share/zoneinfo/America/Los Angeles This file does not exist. America/Los_Angeles does. Ran through shfmt -w -ci -bn -sr -s Signed-off-by: Rosen Penev <rosenp@gmail.com> (cherry picked from commit 8af62ede189aa504135db05474d34c9f8a1ed35d)
* base-files: supress service restart of umountKarel Kočí2019-09-041-0/+5
| | | | | | | | | | Restart is in default implemented so it calls stop and start. This is pretty unsafe to call on umount service. This service should not do anything on restart the same way as on start. Only use of this service is on stop. Signed-off-by: Karel Kočí <cynerd@email.cz> (cherry picked from commit 537b801c5490a85a3ef36456b12f064fc6c665a2)
* base-files: change boot & umount STOP indexesJoseph Tingiris2019-09-042-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch is in a series to allow additional STOP indexes after umount, so that other block devices may stop cleanly. boot is now STOP=90 umount is now STOP=90 After this patch series, the resulting STOP indexes in the 80s & 90s will be: STOP=85 odhcpd.init STOP=89 conntrackd.init STOP=89 log.init STOP=89 rssileds.init STOP=90 boot STOP=90 kdump.init STOP=90 network STOP=90 sysfixtime STOP=90 umount STOP=98 mdadm.init (note: will be addressed in a separate patch) Signed-off-by: Joseph Tingiris <joseph.tingiris@gmail.com> Signed-off-by: Christian Lamparter <chunkeey@gmail.com> [PKG_RELEASE is now 200] (cherry picked from commit 04811007e53c5a5bdddbd0a00b330e12a5dbd045)
* base-files: move urandom seed bits into separate packagePetr Štetiar2019-07-221-12/+0
| | | | | | | | So it's possible to install or remove it as needed. Tested-by: Lucian Cristian <lucian.cristian@gmail.com> Signed-off-by: Petr Štetiar <ynezz@true.cz> (cherry picked from commit 27bfde9c9f789dbfabebf13047e8b042c27cdeef)
* base-files: add reboot only button handlerAlan Swanson2019-05-301-0/+12
| | | | | | | | | | | | For devices such as BTHOMEHUBV5A with both reset and restart buttons, its easily accessible restart button has been assigned to KEY_POWER power script to poweroff preventing accidental (or malicious) factory resets by KEY_RESTART reset script. However an easily accessible button immediately powering off the device is also undesirable. Fixes: FS#1965 Signed-off-by: Alan Swanson <reiver@improbability.net> Signed-off-by: Petr Štetiar <ynezz@true.cz> [long line wrap]
* base-files: add service_stopped as a post stop hookArthur Skowronek2019-05-051-0/+3
| | | | | | | | | | | | | | | | | | | | Purpose of these changes is to introduce a hook for post service shutdown in a similar fashion to the existing hook service_started. I found it to be useful to specify a hook that is called once the service has been stopped and not before the service is stopped like the stop_service hook does. The concrete use case I have for this is that I'm running a binary that takes over the hardware watchdog timer. Said binary unfortunately can not use ubus directly to tell procd to hand over the watchdog timer so this has to be done in the service file for the binary in question. In order to support a clean handover of the watchdog timer back to procd, the service init script has to dispatch the ubus invocation once the binary in question has been stopped. Signed-off-by: Arthur Skowronek <ags@digineo.de> Signed-off-by: Petr Štetiar <ynezz@true.cz> [added commit message, use the same form as other hooks]
* base-files/hotplug: fix dedicated group for tty devicesMichael Heimpold2019-04-041-1/+1
| | | | | | | | | | | | | | | | | Commit 124ab1dc0a and 5523ee3459 introduced the assignment of the group "tty" to /dev/tty* devices in order to support unprivileged user access to serial devices. However, due to an improperly rebased commit this feature broke. This patch restores the lost hunk in hotplug.json file to re-introduce this feature and also renames the existing "tty" group to "dialout" as this is the more typical name for such a group on desktop systems. Fixes: 5209cfa534 ("procd: fix hotplug.json syntax") Signed-off-by: Michael Heimpold <mhei@heimpold.de> Acked-by: Jo-Philipp Wich <jo@mein.io>
* base-files: enable BPF JIT sysctl by defaultTony Ambardar2019-02-111-0/+2
| | | | | | Set net.core.bpf_jit_enable=1 in /etc/sysctl.d/10-default.conf. Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
* procd: Add wrapper for uci_validate_section()Jeffery To2019-01-221-7/+3
| | | | | | | | | | | | | | | | | This adds a wrapper (uci_load_validate) for uci_validate_section() that allows callers (through a callback function) to access the values set by uci_validate_section(), without having to manually declare a (potentially long) list of local variables. The callback function receives two arguments when called, the config section name and the return value of uci_validate_section(). If no callback function is given, then the wrapper exits with the value returned by uci_validate_section(). This also updates several init scripts to use the new wrapper function. Signed-off-by: Jeffery To <jeffery.to@gmail.com>
* base-files: install missing /etc/iproute2/ematch_mapTony Ambardar2018-12-191-0/+8
| | | | | | | | This file is needed to properly use the tc ematch modules present in kmod-sched-core and kmod-sched. It is a read-only index file of ematch methods used only by tc. Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
* base-files: Fix netdev led triggerHauke Mehrtens2018-12-161-1/+4
| | | | | | | | | | In the upstream netdev led trigger the one mode file was replaced by 3 files named rx, tx and link. Fix the netdev trigger configuration code to use the modified API. Fixes: aa3b6a08c56 ("kernel: Replace ledtrig-netdev with upstream backport") Reported-by: Hannu Nyman <hannu.nyman@iki.fi> Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* base-files: diag.sh: Make it more generic towards DTS so it could be reusedPetr Štetiar2018-12-061-2/+48
| | | | | | | | | | | | | | | | I wanted to add status LEDs support to my imx6 based board and have found out, that I could use diag.sh script found in ramips platform, which seems to be also shared in a few other platforms: 4801276bc2078c5bcf03003c831e3b0a target/linux/ramips/base-files/etc/diag.sh 4801276bc2078c5bcf03003c831e3b0a target/linux/ipq40xx/base-files/etc/diag.sh 4801276bc2078c5bcf03003c831e3b0a target/linux/ath79/base-files/etc/diag.sh So I've extended the base diag.sh in a way, that if it detects any of the DTS LED aliases, then it would use the generic DTS set_led_state code. Signed-off-by: Petr Štetiar <ynezz@true.cz>
* base-files: fix unkillable processes after restartLinus Kardell2018-11-221-0/+1
| | | | | | | | | | | | | | | When restart is run on an init script, the script traps SIGTERM. This is done as a workaround for scripts named the same name as the program they start. In that case, the init script process will have the same name as the program process, and so when the init script runs killall, it will kill itself. So SIGTERM is trapped to make the init script unkillable. However, the trap is retained when the init script runs start, and thus processes started by restart will not respond to SIGTERM, and will thus be unkillable unless you use SIGKILL. This fixes that by removing the trap before running start. Signed-off-by: Linus Kardell <linus@telliq.com>
* base-files: make it possible to specify switch led modeChristian Lamparter2018-09-291-2/+4
| | | | | | | | | | | | | | | | | The swconfig switch led driver has the ability to switch between a "link, rx and/or tx" mode. However, this feature was not implemented in uci, the led init script and config_generate. This patch adds a seventh parameter to the ucidef_set_led_switch() function. The accepted values for this parameter are: link, rx and tx. Any permutations of these three values are supported, as long as they are properly encased with quotes. If the parameter is not specified it will default to "all" (link rx tx). Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
* base-files: /etc/services: add missing 'rpcbind' aliasAndy Walsh2018-09-101-2/+2
| | | | | | | | * add missing 'rpcbind' alias to /etc/services Allows rpcbind to open its 111 port and be reachable via lan, this is the default behaviour. Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
* base-files: provide more tolerant xterm detectionPaul Wassi2018-08-291-1/+5
| | | | | | | | Set the window title not only in "xterm", but also in e.g. "xterm-256color", "xterm-color", etc. The case statement is taken from Debian / Ubuntu. Signed-off-by: Paul Wassi <p.wassi@gmx.at>
* base-files: create /etc/ethers by defaultLuiz Angelo Daros de Luca2018-08-211-0/+6
| | | | | | | | | | | /etc/ethers is missing on /rom but always created when dnsmasq runs. It is better to have it in place and avoid an extra change in flash after firstboot. It will generate an extra /etc/ethers-opkg when it has changed. Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com> Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* base-files: fix wrong sysctl parameter orderLuiz Angelo Daros de Luca2018-07-181-1/+1
| | | | | | | | | | | Restarting service sysctl echos multiple errors like: sysctl: -e: No such file or directory After the first filename, all remaining arguments are treated as files. Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
* base-files: fix links in banner.failsafeSven Roederer2018-06-181-1/+3
| | | | | | | Update the link to the current section in the documentaion wiki. This fixes https://github.com/openwrt/packages/issues/6282 Signed-off-by: Sven Roederer <freifunk@it-solutions.geroedel.de>
* sysctl: Protect hard/symlinks by default.Rosen Penev2018-05-011-0/+3
| | | | | | | There is no usecase for not protecting symlinks that I know of in OpenWrt. Not even on desktop systems where you have multiple users with a shell. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* kernel: disable accept_ra by defaultMatthias Schiffer2018-04-171-0/+8
| | | | | | | | | | | Our commands setting accept_ra to 0 on all interfaces got lost in the transition to procd. This remained unnoticed for a long time, as we also enable forwarding on all interfaces, which prevents RA handling by default. Restore the commands, while also fixing a possible race condition in the old version. Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* base-files: move netfilter sysctl defaults to specific kmod packagesMatthias Schiffer2018-04-131-12/+0
| | | | | | | Avoid warnings when applying settings for uninstalled kmods. See also FS#1073. Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* base-files: move sysctl defaults to /etc/sysctl.d/10-default.confMatthias Schiffer2018-04-133-32/+35
| | | | Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* base-files: evaluate /etc/sysctl.d/* before /etc/sysctl.confMatthias Schiffer2018-04-132-2/+2
| | | | | | | We can use /etc/sysctl.d/* for package-supplied sysctl snippets, giving admins the option to use /etc/sysctl.conf to override settings. Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* base-files: remove /etc/uci-defaults/11_migrate-sysctlMatthias Schiffer2018-04-131-16/+0
| | | | | | | 11_migrate-sysctl has not been updated with new file hashes since 2012. Let's get rid of it. Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* base-files: tune fragment queue thresholds for available system memoryMatthias Schiffer2018-03-071-9/+20
| | | | | | | | | The default fragment low/high thresholds are 3 and 4 MB. On devices with only 32MB RAM, these settings may lead to OOM when many fragments that cannot be reassembled are received. Decrease fragment low/high thresholds to 384 and 512 kB on devices with less than 64 MB RAM. Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* base-files: fix off-by-one in counting seconds for factory resetRafał Miłecki2018-03-011-1/+1
| | | | | | | | | There was a mismatch between indicating factory reset and code actually starting it. After 5 seconds status LED started blinking rapidly letting user know it's ready to release reset button. In practice button had to stay pressed for another second in order to relly start the process. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* base-files: gpio switch: check if direction can be setMathias Kresin2018-01-181-2/+9
| | | | | | | | | | | | Obviously not all GPIO controller allow to change the direction. The issue is around since the beginning of the script but only due to the recent changes error messages are more visible. Add a check if a change of the direction is supported by the GPIO controller and fallback to setting only the value if not. Fixes: FS#1271 Signed-off-by: Mathias Kresin <dev@kresin.me>
* base-files: gpio switch: fix inverted logicMathias Kresin2018-01-181-1/+1
| | | | | | | | | GPIOs are exported as active high to the sysfs, hence the logic need to be inverted. Fixes: e66c47fb14f5 ("base-files: gpio switch: set output value with direction") Signed-off-by: Mathias Kresin <dev@kresin.me>
* base-files: gpio switch: set output value with directionMathias Kresin2018-01-091-3/+2
| | | | | | | | | | | | Use the "low" and "high" values to configure the GPIO as an output with that initial value. It ensures that the gpio doesn't have a unwanted value during the time the direction is set to ouput and the actual value is applied. We don't need to take care of the GPIO polarity for now, since our exported GPIOs are always active low. Signed-off-by: Mathias Kresin <dev@kresin.me>
* base-files: gpio_switch: start before boot state done is setMathias Kresin2018-01-091-1/+1
| | | | | | | Start gpio_switch before the boot state is set to up/initialised/done. This way the exported GPIOs are available at the time rc.local is started. Signed-off-by: Mathias Kresin <dev@kresin.me>
* base-files: protect stop and reload actions with procd_lockRoman Yeryomin2018-01-021-0/+2
| | | | | Signed-off-by: Roman Yeryomin <roman@advem.lv> Signed-off-by: Andrejs Hanins <ahanins@gmail.com>
* base-files: rc.common: fix enable() return code and logicRoman Yeryomin2018-01-021-7/+8
| | | | | | | | | | | | | | | In current state, if there is START but no STOP, enbale() will return 1 (failure), which is wrong. Moreover there is no need to check for START/STOP twice. Instead, add err variable to save success state and and return it's value. Also eliminate the need to disable() by using 'ln -sf', which will first delete the old symlink if one exists. Changes from v1: - fixed description Signed-off-by: Roman Yeryomin <roman@advem.lv>
* base-files: fix logic when to show failsafe bannerMatthias Schiffer2017-12-291-1/+1
| | | | | | Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net> Fixes: 8170f280c4 ("base-files: set FAILSAFE in /etc/profile when /tmp/.failsafe exists")
* base-files: set FAILSAFE in /etc/profile when /tmp/.failsafe existsMatthias Schiffer2017-12-291-1/+4
| | | | | | | Since dropbear clears the environment, FAILSAFE was not set as intended in failsafe mode. This also broke sysupgrade from failsafe mode over SSH. Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* merge: properly remove %n / %N referencesJo-Philipp Wich2017-12-091-2/+1
| | | | | | | | | | - use %d instead of %n for opkg feed identifiers - remove %n / %N references from version files Fixes bf5cef47b3 merge: release/banner: drop release name and update banner. Fixes FS#1213. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* merge: release/banner: drop release name and update bannerZoltan HERPAI2017-12-081-10/+8
| | | | Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
* merge: base: update base-files and basic configZoltan HERPAI2017-12-081-1/+1
| | | | Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
* procd: service_data: Support data within the service itselfPierre Lebleu2017-11-101-0/+4
| | | | | | Use the same approach than the service_triggers for the service_data. Signed-off-by: Pierre Lebleu <pme.lebleu@gmail.com>
* base-files: add interval option to netdev LED trigger configurationEdmunt Pienkowsky2017-11-031-0/+1
| | | | | | Add an uci option to set the interval parameter of the netdev trigger. Signed-off-by: Edmunt Pienkowsky <roed@onet.eu>
* basefiles: allow suid coredumpsKevin Darbyshire-Bryant2017-09-121-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Set sysctl fs.suid_dumpable = 2 This allows suid processes to dump core according to kernel.core_pattern setting. LEDE typically uses suid to drop root priviledge rather than gain it but without this setting any suid process would be unable to produce coredumps (e.g. dnsmasq) Processes still need to set a non zero core file process limit ('ulimit -c unlimited' or if procd used 'procd_set_param limits core="unlimited"') in order to produce a core. This setting removes an obscure stumbling block along the way. >From https://www.kernel.org/doc/Documentation/sysctl/fs.txt suid_dumpable: This value can be used to query and set the core dump mode for setuid or otherwise protected/tainted binaries. The modes are 0 - (default) - traditional behaviour. Any process which has changed privilege levels or is execute only will not be dumped. 1 - (debug) - all processes dump core when possible. The core dump is owned by the current user and no security is applied. This is intended for system debugging situations only. Ptrace is unchecked. This is insecure as it allows regular users to examine the memory contents of privileged processes. 2 - (suidsafe) - any binary which normally would not be dumped is dumped anyway, but only if the "core_pattern" kernel sysctl is set to either a pipe handler or a fully qualified path. (For more details on this limitation, see CVE-2006-2451.) This mode is appropriate when administrators are attempting to debug problems in a normal environment, and either have a core dump pipe handler that knows to treat privileged core dumps with care, or specific directory defined for catching core dumps. If a core dump happens without a pipe handler or fully qualifid path, a message will be emitted to syslog warning about the lack of a correct setting. Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk> Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
* base-files: add "tty" user groupJo-Philipp Wich2017-06-261-0/+1
| | | | | | | | This is needed for an upcoming change to the hotplug default rules which will cause /dev/tty* nodes to get assigned to the "tty" group in order to support unprivileged user access when needed. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* base-files: fix default procd reloadAlexandru Ardelean2017-05-201-1/+1
| | | | | | | | | | | | | | | | | | Bug introduced with 6713694. I did not count on procd handling reload as mentioned in this doc: https://wiki.openwrt.org/inbox/procd-init-scripts ``` procd_set_param file /var/etc/your_service.conf # /etc/init.d/your_service reload will restart the daemon if these files have changed procd_set_param netdev dev # likewise, except if dev's ifindex changes. procd_set_param data name=value ... # likewise, except if this data changes. ``` The service would be restarted regardless of any of those params. Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
* base-files: use restart if no reload hook for serviceAlexandru Ardelean2017-04-121-4/+3
| | | | | | | | | | | | | | | | | | | | | | | This was also working before, with a slightly different semantic. [ Original semantic ] If no reload hooks was implemented, the default one would kick in, it would return fail, and restart would happen. This would happen also in the case where a reload hook would be implemented, it would fail, and it would restart the service. [ New semantic ] The default reload hook calls restart. Services can implement their own reload. If reload fails, then the '/etc/init.d/<service> reload' would return a non-zero code, and the caller can choose a way to handle this. Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
* base-files: add submission service portLucian Cristian2017-03-111-0/+2
| | | | | | prevent postfix start failure fatal: 0.0.0.0:submission: Unrecognized service Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
* base-files: fix user creation on sysupgrade with few opkg control filesMatthias Schiffer2017-01-241-1/+1
| | | | | | | | | | | If only a single opkg control file exists (which can happen with CONFIG_CLEAN_IPKG), grep would not print the file name by default. Instead of forcing it using -H, we just switch to -l (print only file names) and get rid of the cut. Add -s to suppress an error message when no control files exist. Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* base-files: add /etc/iproute2/rt_protosHans Dedecker2017-01-181-0/+18
| | | | Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* base-files: add ARCH_PACKAGES to openwrt_release and os-releaseMatthias Schiffer2017-01-161-0/+1
| | | | | | | | | Knowing the package architecture at runtime can be useful, e.g. to configure opkg repository URLs. The value of ARCH_PACKAGES ("%A" in VERSION_SED) as added to openwrt_release (as DISTRIB_ARCH) and os-release (as LEDE_ARCH). Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>