aboutsummaryrefslogtreecommitdiffstats
path: root/package/base-files
Commit message (Collapse)AuthorAgeFilesLines
* base-files: uci-defaults: do config flush in one shotRoman Yeryomin2019-10-221-2/+1
| | | | | | | | | | | Moving a file between tmpfs and other fs is neither faster nor safer, thus no point in doing it in two steps. Use new jshn option to write output directly to file. Originally discussed here: http://lists.openwrt.org/pipermail/openwrt-devel/2017-December/010127.html Signed-off-by: Roman Yeryomin <roman@advem.lv>
* Revert "build: separate signing logic"John Crispin2019-10-211-9/+8
| | | | | | | | This reverts commit 4a45e69d190f72ed94878487b271ed7651dd9efa. This broke the buildbots Signed-off-by: John Crispin <john@phrozen.org>
* build: separate signing logicPaul Spooren2019-10-211-8/+9
| | | | | | | | | | | | | | | | This separates the options for signature creation and verification * SIGNED_PACKAGES create Packages.sig * SIGNED_IMAGES add ucert signature to created images * CHECK_SIGNATURE add verification capabilities to images * INSTALL_LOCAL_KEY add local key-build to /etc/opkg/keys Right now the buildbot.git contains some hacks to create images that have signature verification capabilities while not storing private keys on buildbot slaves. This commit allows to disable these steps for the buildbots and only perform signing on the master. Signed-off-by: Paul Spooren <mail@aparcar.org>
* treewide: use a single ath10k MAC patching function with checksumAdrian Schmutzler2019-10-151-7/+1
| | | | | | | | | | | | | | | | While all ath10k eeproms have a checksum field, so far two functions for patching ath10k MAC address have been present (and been used). This merges code to provide a single function ath10k_patch_mac in caldata.sh, having its name in accordance with ath9k functions. By doing so, correct MAC patching for current and future ath10k devices should be ensured. This patch adds checksum adjustments for several targets on ath79 and lantiq. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* treewide: move MAC address patch functions to common libraryAdrian Schmutzler2019-10-141-0/+59
| | | | | | | | | This unifies MAC address patch functions and moves them to a common script. While those were implemented differently for different targets, they all seem to do the same. The number of different variants is significantly reduced by this patch. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* treewide: move calibration data extraction function to libraryAdrian Schmutzler2019-10-131-0/+75
| | | | | | | | | | | | | | | | | This moves the almost identical calibration data extraction functions present multiple times in several targets to a single library file /lib/functions/caldata.sh. Functions are renamed with more generic names to merge different variants that only differ in their names. Most of the targets used find_mtd_chardev, while some used find_mtd_part inside the extraction code. To merge them, the more abundant version with find_mtd_chardev is used in the common code. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de> [rebase on latest master; add mpc85xx] Signed-off-by: David Bauer <mail@david-bauer.net>
* base-files: move xor() from caldata extraction to functions.shAdrian Schmutzler2019-10-131-0/+16
| | | | | | | | The xor() function is defined in each of the caldata extraction scripts for several targets. Move it to functions.sh to reduce duplicate code. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* base-files: coreutil-date breaks setting kernel timezoneVal Kulkov2019-10-121-1/+1
| | | | | | | | | | | | | | | | "coreutil-date" package from the packages feed replaces the Busybox date applet by symlinking /usr/bin/gnu-date to /bin/date. This prevents the system init script from setting kernel timezone because the GNU date utility does not provide such functionality: root@OpenWrt:~# date -k date: invalid option -- 'k' Try 'date --help' for more information. A specific reference to the Busybox date applet prevents alternative date utilities from breaking the system init script. Signed-off-by: Val Kulkov <val.kulkov@gmail.com>
* base-files: upgrade: add case to export_bootdeviceKlaus Kudielka2019-10-091-1/+13
| | | | | | | | | | | The factory uboot of the Turris Omnia boots with "root=b301", and we instruct new users to sysupgrade from there (e.g. method 1, step 7). Currently, this will fail with "Unable to determine upgrade device". Add a new case to export_bootdevice, which parses the hex argument. Fixes commit 2e5a0b81 ("mvebu: sysupgrade: sdcard: keep user added ...") Signed-off-by: Klaus Kudielka <klaus.kudielka@gmail.com>
* base-files: provide option to specify label MAC address in board.dAdrian Schmutzler2019-09-193-0/+14
| | | | | | | | | | | | | | For many devices, MAC addresses cannot be retrieved via the device tree alias. To still provide the label MAC address for those, this implements a second mechanism that will put the address into uci config. Note that this stores the actual MAC address, whereas in DTS we reference the bearing device. This is based on the work of Rosy Song <rosysong@rosinson.com> Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* base-files: add function to retrieve label MAC addressAdrian Schmutzler2019-09-191-0/+10
| | | | | | | | | | | | | | | | To refer to the MAC address on a device's label, one can specify the alias label-mac-device in the DTS which should point to the bearer of the corresponding MAC address. With the function get_mac_label, the user can retrieve then retrieve this address and use it as a value that uniquely identifies his device. This is severely helpful for several downstream functionalities, e.g. define MAC addresses of custom netifs or change the SSID to be easily recognizable. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* base-files,procd: add generic service statusLuiz Angelo Daros de Luca2019-09-151-1/+10
| | | | | | | | | | | | | | Adds a default status action for init.d scripts. procd "service status" will return: 0) for loaded services (even if disabled by conf or dead) 3) for inactive services 4) when filtering a non-existing instance Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com> [rebased, cleaned up] Signed-off-by: Petr Štetiar <ynezz@true.cz>
* base-files: implement generic service_runningPetr Štetiar2019-09-151-1/+6
| | | | | | | DRY is good, otherwise we're going to suffer with a copy&paste disease in the init scripts. Signed-off-by: Petr Štetiar <ynezz@true.cz>
* treewide: sysupgrade: use $UPGRADE_BACKUP to check for backupRafał Miłecki2019-09-113-3/+2
| | | | | | | Now that $UPGRADE_BACKUP is set conditionally there is no need to check the $UPGRADE_OPT_SAVE_CONFIG anymore. All conditions can be simplified. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* base-files: sysupgrade: pass "backup" ubus attributeRafał Miłecki2019-09-111-0/+3
| | | | | | | | This explicitly tells procd what backup file should be used during sysupgrade (if any). It's much more generic this way compared to the magic /tmp/sysupgrade.tgz file that had to be created before a call. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* base-files: validate firmware for compatibility with backupRafał Miłecki2019-09-081-0/+7
| | | | | | | | | This allows platform code to check if firmware image can be used with preserving a backup. It may be used e.g. when installing vendor firmwares that won't restore appended backup archive. Suggested-by: Luis Araneda <luaraneda@gmail.com> Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* treewide: use new procd sysupgrade $UPGRADE_BACKUP variableRafał Miłecki2019-09-052-2/+1
| | | | | | | | | | It's a variable set by procd that should replace hardcoded /tmp/sysupgrade.tgz. This change requires the most recent procd with the commit 0f3c136 ("sysupgrade: set UPGRADE_BACKUP env variable"). Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* base-files: use get_mac_binary() in mtd_get_mac_binary_ubi()Adrian Schmutzler2019-09-051-6/+1
| | | | | | | | | | | | The actual retrieval of the MAC address in mtd_get_mac_binary_ubi() is the same as in get_mac_binary(). Thus, use the latter function in the former to reduce duplicate code. This will also allow to benefit from the enhanced path check there and bring mtd_get_mac_binary_ubi() more in line with the similar mtd_get_mac_binary(). Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* base-files: fix mtd_get_mac_text not accepting hex offsetsDavid Bauer2019-09-051-1/+1
| | | | | | | | | | | The mtd_get_mac_text helper method did not support hexadecimal offset values, resulting them to break after 75bfc393ba6c ("treewide: convert MAC address location offsets to hexadecimal") This commit fixes this by evaluating the hexadecimal input, converting them to decimal. Signed-off-by: David Bauer <mail@david-bauer.net>
* treewide: don't hardcode "sysupgrade.tgz" file nameRafał Miłecki2019-09-052-1/+3
| | | | | | | | 1) Add BACKUP_FILE and use it when copying an archive to be restored after sysupgrade (on the next preinit). 2) Use CONF_TAR for copying backup prepared by the /sbin/sysupgrade Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* base-files: pass "force" parameter to the "sysupgrade" callRafał Miłecki2019-09-041-0/+3
| | | | | | | This makes sysupgrade work with the most recent procd that validates firmware before proceeding. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* base-files: use JSON for storing firmware validation infoRafał Miłecki2019-08-302-14/+73
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | So far firmware validation result was binary limited: it was either successful or not. That meant various limitations, e.g.: 1) Lack of proper feedback on validation problems 2) No way of marking firmware as totally broken (impossible to install) This change introduces JSON for storing detailed validation info. It provides a list of performed validation tests and their results. It allows marking firmware as non-forceable (broken image that can't be even forced to install). Example: { "tests": { "fwtool_signature": true, "fwtool_device_match": true }, "valid": true, "forceable": true } Implementation is based on *internal* check_image bash script that: 1) Uses existing validation functions 2) Provides helpers for setting extra validation info This allows e.g. platform_check_image() to call notify_check_broken() when needed & prevent user from bricking a device. Right now the new JSON info is used by /sbin/sysupgrade only. It still doesn't make use of "forceable" as that is planned for later development. Further plans for this feature are: 1) Expose firmware validation using some new ubus method 2) Move validation step from /sbin/sysupgrade into "sysupgrade" ubus method so: a) It's possible to safely sysupgrade using ubus only b) /sbin/sysupgrade can be more like just a CLI Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* treewide: sysupgrade: pass "save_partitions" option to the "sysupgrade" methodRafał Miłecki2019-08-222-12/+2
| | | | | | | This explicitly lets stage2 know if partitions should be preserved. No more "touch /tmp/sysupgrade.always.overwrite.bootdisk.partmap" hack. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* base-files: pass "save_config" option to the "sysupgrade" methodRafał Miłecki2019-08-224-5/+6
| | | | | | This explicitly lets stage2 know if config should be preserved. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* build: add buildinfo files for reproducibilityPaul Spooren2019-08-131-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | generate feeds.buildinfo and version.buildinfo in build dir after containing the feed revisions (via ./scripts/feeds list -sf) as well as the current revision of buildroot (via ./scripts/getver.sh). With this information it should be possible to reproduce any build, especially the release builds. Usage would be to move feeds.buildinfo to feeds.conf and git checkout the revision hash of version.buildinfo. Content of feeds.buildinfo would look similar to this: src-git routing https://git.openwrt.org/feed/routing.git^bf475d6 src-git telephony https://git.openwrt.org/feed/telephony.git^470eb8e ... Content of version.buildinfo would look similar to this: r10203+1-c12bd3a21b Without the exact feed revision it is not possible to determine installed package versions. Also rename config.seed to config.buildinfo to follow the recommended style of https://reproducible-builds.org/docs/recording/ Signed-off-by: Paul Spooren <mail@aparcar.org>
* base-files: drop support for the platform_nand_pre_upgrade()Rafał Miłecki2019-07-222-5/+1
| | | | | | | No target uses it anymore. All code from that callback was moved into the platform_do_upgrade(). Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* base-files: don't set ARGV and ARGCRafał Miłecki2019-07-173-7/+1
| | | | | | Those are not used by any image check function anymore. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* base-files: move stage2 upgrade to separated fileRafał Miłecki2019-07-114-24/+27
| | | | | | | | | do_upgrade_stage2() isn't really any common code. It isn't used anywhere except for /sbin/sysupgrade that passes it to the stage2. Moving its code to separated file also simplifies COMMAND variable. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* base-files: Fix path check in get_mac_binaryAdrian Schmutzler2019-07-091-1/+1
| | | | | | | | | Logic was inverted when changing from string check to file check. Fix it. Fixes: 8592602d0a88 ("base-files: Really check path in get_mac_binary") Reported-by: Matthias Schiffer <mschiffer@universe-factory.net> Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* base-files: drop support for NAND upgrade in platform_pre_upgrade()Rafał Miłecki2019-07-084-17/+3
| | | | | | | With bcm53xx switched to the new procedure there is no more need for keeping that backward compatibility code. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* base-files: drop unused jffs2_copy_config()Rafał Miłecki2019-07-082-11/+1
| | | | | | | | Its last usage was dropped back in 2013 in the commit b95bdc8ab56e ("kernel/base-files: clean up old code related to refreshing mtd partitions, it is no longer used anywhere"). Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* base-files: Really check path in get_mac_binaryAdrian Schmutzler2019-07-071-1/+1
| | | | | | | | Currently, path argument is only checked for being not empty. This changes behavior to actually check whether path exists. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* base-files: supress service restart of umountKarel Kočí2019-07-031-0/+5
| | | | | | | | | Restart is in default implemented so it calls stop and start. This is pretty unsafe to call on umount service. This service should not do anything on restart the same way as on start. Only use of this service is on stop. Signed-off-by: Karel Kočí <cynerd@email.cz>
* base-files: add network_get_uptime() to /lib/functions/network.shFlorian Eckert2019-06-292-1/+6
| | | | | | Add missing ubus api call for uptime value. Signed-off-by: Florian Eckert <fe@dev.tdt.de>
* base-files: use OPENWRT prefix for os-release variablesBjørn Mork2019-06-261-8/+8
| | | | | | | | | | Just stumbled across this LEDE legacy, without finding any real reason to keep it. There is a single LEDE_DEVICE_MANUFACTURER_URL dependency in the luci feed repo which needs to be syncronized. Signed-off-by: Bjørn Mork <bjorn@mork.no> [re-added missing commit message] Signed-off-by: Petr Štetiar <ynezz@true.cz>
* base-files: change boot & umount STOP indexesJoseph Tingiris2019-06-243-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | This patch is in a series to allow additional STOP indexes after umount, so that other block devices may stop cleanly. boot is now STOP=90 umount is now STOP=90 After this patch series, the resulting STOP indexes in the 80s & 90s will be: STOP=85 odhcpd.init STOP=89 conntrackd.init STOP=89 log.init STOP=89 rssileds.init STOP=90 boot STOP=90 kdump.init STOP=90 network STOP=90 sysfixtime STOP=90 umount STOP=98 mdadm.init (note: will be addressed in a separate patch) Signed-off-by: Joseph Tingiris <joseph.tingiris@gmail.com> Signed-off-by: Christian Lamparter <chunkeey@gmail.com> [PKG_RELEASE is now 200]
* base-files: apply new sysctl.conf at postinstYousong Zhou2019-06-212-14/+21
| | | | | | | | | | | | | | | | This is mainly for kmod-br-netfilter. To turn off bridge-netfilter-call-xxx immediately after installation While at it - Define filelist="/usr/lib/opkg/info/${pkgname}.list" - Reuse "[ -z "$root" ]" - Grep with "-m1" Fixes FS#2300 Reported-by: Marco Sartorius <tidbits@ormoorgmen.info> Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* base-files: fix uci led oneshot/timer triggerRobinson Wu2019-06-201-0/+1
| | | | | | | | | | | | | This patch adds a missing type property. This fixes the creation of oneshot and timer led triggers like: | ucidef_set_led_timer "system" "system" "zhuotk:green:system" "1000" "1000" from /etc/init.d/01_leds. Fixes: b06a286a4861 ("base-files: cleanup led functions in uci-defaults.sh") Signed-off-by: Robinson Wu <wurobinson@qq.com> Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
* base-files: move urandom seed bits into separate packagePetr Štetiar2019-06-114-57/+10
| | | | | | | So it's possible to install or remove it as needed. Tested-by: Lucian Cristian <lucian.cristian@gmail.com> Signed-off-by: Petr Štetiar <ynezz@true.cz>
* replace links towards lede-project.org with openwrt.orgAlexander Couzens2019-06-111-1/+1
| | | | | | | Modify VERSION_SUPPORT_URL VERSION_REPO Replace BUGS variable in toolchain/gcc/common.mk Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
* base-files: add reboot only button handlerAlan Swanson2019-05-301-0/+12
| | | | | | | | | | | | For devices such as BTHOMEHUBV5A with both reset and restart buttons, its easily accessible restart button has been assigned to KEY_POWER power script to poweroff preventing accidental (or malicious) factory resets by KEY_RESTART reset script. However an easily accessible button immediately powering off the device is also undesirable. Fixes: FS#1965 Signed-off-by: Alan Swanson <reiver@improbability.net> Signed-off-by: Petr Štetiar <ynezz@true.cz> [long line wrap]
* base-files: add support for the new ar8xxx MIB counters settingsPetr Štetiar2019-05-202-1/+17
| | | | | | | | | | | | | Commit "generic: ar8216: add mib_poll_interval switch attribute" has added mib_poll_interval global config option and commit "generic: ar8216: group MIB counters and use two basic ones only by default" has added mib_type config option. So this patch adds ucidef_set_ar8xxx_switch_mib helper function which would allow configuration of the above mentioned new switch config options. Signed-off-by: Petr Štetiar <ynezz@true.cz>
* base-files: improve lib/upgrade/common.shKlaus Kudielka2019-05-111-13/+19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Recently, upgrade device autodetection has been added to the mvebu target. This exposes some shortcomings of the generic export_bootdevice function, e.g. on the Turris Omnia: export_bootdevice silently reports the root partition to be the boot device. This makes the sysupgrade process fail at several places. Fix this by clearly distinguishing between /proc/cmdline arguments which specify the boot disk, and those which specify the root partition. Only in the latter case, strip off the partition, and do it consistently. root=PARTUUID=<pseudo PARTUUID for MBR> (any partition) and root=/dev/* (any partition) are accepted. The root of the problem is that the *existing* export_bootdevice in /lib/upgrade/common.sh behaves differently, if the kernel is booted with root=/dev/..., or if it is booted with root=PARTUUID=... In the former case, it reports back major/minor of the root partition, in the latter case it reports back major/minor of the complete boot disk. Targets, which boot with root=/dev/... *and* use export_bootdevice / export_partdevice, have added workarounds to this behaviour, by specifying *negative* increments to the export_partdevice function. Consequently, those targets have to be adapted to use positive increments, otherwise they are broken by the change to export_bootdevice. Fixes: 4e8345ff68 ("mvebu: base-files: autodetect upgrade device") Signed-off-by: Klaus Kudielka <klaus.kudielka@gmail.com> Tested-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
* base-files: add service_stopped as a post stop hookArthur Skowronek2019-05-051-0/+3
| | | | | | | | | | | | | | | | | | | | Purpose of these changes is to introduce a hook for post service shutdown in a similar fashion to the existing hook service_started. I found it to be useful to specify a hook that is called once the service has been stopped and not before the service is stopped like the stop_service hook does. The concrete use case I have for this is that I'm running a binary that takes over the hardware watchdog timer. Said binary unfortunately can not use ubus directly to tell procd to hand over the watchdog timer so this has to be done in the service file for the binary in question. In order to support a clean handover of the watchdog timer back to procd, the service init script has to dispatch the ubus invocation once the binary in question has been stopped. Signed-off-by: Arthur Skowronek <ags@digineo.de> Signed-off-by: Petr Štetiar <ynezz@true.cz> [added commit message, use the same form as other hooks]
* base-files: add leds migrationTomasz Maciej Nowak2019-04-061-0/+39
| | | | | | | | | | | Currently leds migration scripts in ar71xx and lantiq share a lot of logic and introducing leds migration to another target would mean copying this code, again. Therefore add common logic to library in base-files package. Suggested-by: Petr Štetiar <ynezz@true.cz> Signed-off-by: Petr Štetiar <ynezz@true.cz> Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
* base-files/hotplug: fix dedicated group for tty devicesMichael Heimpold2019-04-041-1/+1
| | | | | | | | | | | | | | | | | Commit 124ab1dc0a and 5523ee3459 introduced the assignment of the group "tty" to /dev/tty* devices in order to support unprivileged user access to serial devices. However, due to an improperly rebased commit this feature broke. This patch restores the lost hunk in hotplug.json file to re-introduce this feature and also renames the existing "tty" group to "dialout" as this is the more typical name for such a group on desktop systems. Fixes: 5209cfa534 ("procd: fix hotplug.json syntax") Signed-off-by: Michael Heimpold <mhei@heimpold.de> Acked-by: Jo-Philipp Wich <jo@mein.io>
* base-files: fix ucert verificationFelix Fietkau2019-02-121-1/+2
| | | | | | | | ucert needs to check the firmware part with metadata, but without the signature. Use the new fwtool mode to extract that without altering the firmware image inside the check Signed-off-by: Felix Fietkau <nbd@nbd.name>
* base-files: enable BPF JIT sysctl by defaultTony Ambardar2019-02-111-0/+2
| | | | | | Set net.core.bpf_jit_enable=1 in /etc/sysctl.d/10-default.conf. Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
* base-files: do not strip fwtool signature data during checkFelix Fietkau2019-02-091-1/+1
| | | | | | | Same reason as in commit 9808bd279927bcd2d3a78d19a55229b93bbbcf05 - sysupgrade --test must not alter the image in any way Signed-off-by: Felix Fietkau <nbd@nbd.name>
* base-files: config_get: prevent filename globbingGünther Kelleter2019-01-302-2/+2
| | | | | | | | | When config_get is called as "config_get section option" the option is unexpectedly globbed by the shell which differs from the way options are read to a variable with "config_get variable section option". Add another layer of double quotes to fix it. Signed-off-by: Günther Kelleter <guenther.kelleter@devolo.de>