Commit Graph

312 Commits (34bbbbf9c3b39e7b2d81df590aad5cdbd00280d6)

Author SHA1 Message Date
Zoltan HERPAI 34bbbbf9c3 merge: base: update base-files and basic config
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
6 years ago
Yousong Zhou b2aa820b48 base-files: fix getting gid from group_add_next
Shell function return code only has range [0, 255].  Other values will
be truncated, e.g. return 65536 will have the same effect as return 0

While at it, drop other "return $rc" where rc will almost always take
value 0 and whose value current callers actually do not check

Fixes FS#988

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
6 years ago
Edmunt Pienkowsky fdc7cc9907 base-files: add interval option to netdev LED trigger configuration
Add an uci option to set the interval parameter of the netdev trigger.

Signed-off-by: Edmunt Pienkowsky <roed@onet.eu>
6 years ago
Hauke Mehrtens 3adafda07c base-files: create /etc/config/ directory
The /bin/config_generate script and some other scripts are assuming the
/etc/config directory exists in the image. This is true in case for
example the package firewall, dropbear or dnsmasq are included, which
are adding the files under /etc/config/. Without any of these package
the system will not boot up fully because the /etc/config/ directory is
missing and some init scripts just fail.

Make sure all images with the base-files contain a /etc/config/
directory.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Acked-by: John Crispin <john@phrozen.org>
7 years ago
Hans Dedecker 400c5f03c3 base-files: fix wan6 interface config generation for pppoe
Setting ipv6 to auto in case of a pppoe interface will trigger the
creation of a dynamic wan_6 interface meaning two IPv6 interfaces
(wan6 and wan_6) will be active on top of the pppoe interface.
This leads to unpredictable behavior in the network; therefore set
ipv6 to 1 which will prevent the dynamic creation of the wan_6
interface.
Further alias the wan6 interface on top of the wan interface for pppoe
as the wan6 interface can only be started when the link local address is
ready. In case of pppoe the link local address is negotiated during the
Internet Protocol Control Protocol when the PPP link is setup meaning
all the IP address info is only available when the wan interface is up.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
7 years ago
Kevin Darbyshire-Bryant 7765e442d0 basefiles: allow suid coredumps
Set sysctl fs.suid_dumpable = 2

This allows suid processes to dump core according to kernel.core_pattern
setting.  LEDE typically uses suid to drop root priviledge rather than
gain it but without this setting any suid process would be unable to
produce coredumps (e.g. dnsmasq)

Processes still need to set a non zero core file process limit ('ulimit
-c unlimited' or if procd used 'procd_set_param limits
core="unlimited"') in order to produce a core.  This setting removes an
obscure stumbling block along the way.

>From https://www.kernel.org/doc/Documentation/sysctl/fs.txt

suid_dumpable:

This value can be used to query and set the core dump mode for setuid
or otherwise protected/tainted binaries. The modes are

0 - (default) - traditional behaviour. Any process which has changed
	privilege levels or is execute only will not be dumped.
1 - (debug) - all processes dump core when possible. The core dump is
	owned by the current user and no security is applied. This is
	intended for system debugging situations only. Ptrace is unchecked.
	This is insecure as it allows regular users to examine the memory
	contents of privileged processes.
2 - (suidsafe) - any binary which normally would not be dumped is dumped
	anyway, but only if the "core_pattern" kernel sysctl is set to
	either a pipe handler or a fully qualified path. (For more details
	on this limitation, see CVE-2006-2451.) This mode is appropriate
	when administrators are attempting to debug problems in a normal
	environment, and either have a core dump pipe handler that knows
	to treat privileged core dumps with care, or specific directory
	defined for catching core dumps. If a core dump happens without
	a pipe handler or fully qualifid path, a message will be emitted
	to syslog warning about the lack of a correct setting.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
7 years ago
Stijn Tintel ef255fc57e base-files: add /etc/profile.d to conffiles
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
7 years ago
Stijn Tintel 8446d3de05 base-files: order conffiles alphabetically
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
7 years ago
Rafał Miłecki b91a38d647 base-files: fix PKG_CONFIG_DEPENDS to include version.mk entries
Including version.mk sets PKG_CONFIG_DEPENDS to config entries used for
VERSION_SED command. We should keep these configs to make sure package
gets refreshed when needed.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
7 years ago
Yousong Zhou f334a0cdb8 base-files: allocate uid/gid starting from 65536
There already exist static assignment of uid/gid 65533 in packages feed
and we have nobody/nogroup taking 65534 as their ids.  Let's change the
pid of dynamic assignment to start from 65536 so that the two assignment
scheme will not collide with each other

While at it, fix the scan command checking existence of uid/gid

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
7 years ago
Jo-Philipp Wich 7f91cabd0d base-files: network.sh: properly report local IPv6 addresses
Rework the network_get_ipaddr6() and network_get_ipaddrs6() functions to
fetch the effective local IPv6 address of delegated prefix from the
"local-address" field instead of naively hardcoding ":1" as static suffix.

Fixes FS#829.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
7 years ago
Matthias Schiffer 393817df5d
procd: remove procd-nand package
We always want to support staged upgrades now, so it's better to include
upgraded into the main package. /lib/upgrade/nand.sh is moved to
base-files.

The procd-nand-firstboot package is removed for now, it may return later
as a separate package.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
7 years ago
Vitaly Chekryzhev 01337ba472 build: add devel option to store build config in firmware
Store config.seed in firmware /etc/build.config

Signed-off-by: Vitaly Chekryzhev <13hakta@gmail.com>
7 years ago
Hans Dedecker 5f7a081553 base-files: add /etc/iproute2/rt_protos
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
7 years ago
Felix Fietkau 84bd74057f build: use mkhash to replace various quirky md5sum/openssl calls
Signed-off-by: Felix Fietkau <nbd@nbd.name>
7 years ago
Jonas Gorski afaa34ccd7 base-files: don't modify enabled state of service on upgrade
Properly stop/start services on upgrade, but don't change the enabled
state.

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
Acked-by: Jo-Philipp Wich <jo@mein.io>
7 years ago
Felix Fietkau cc853810a4 base-files: validate metadata of sysupgrade images
Use fwtool to extract it, only require metadata to be present if the
platform sysupgrade script sets REQUIRE_IMAGE_METADATA=1

Image metadata is in JSON format and contains a list of supported
devices, along with version information that could be displayed by a UI
later before the actual upgrade happens.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
7 years ago
Florian Fainelli ef64c8694b base-files: Allow subtargets to define base-files.mk
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
8 years ago
Mathias Kresin 5fadd4397b preinit: use only the image config options
The pi_* variables and the fs_failsafe_wait_timeout variable are set by
the CONFIG_TARGET_PREINIT_* config options. No need to maintain the same
values twice.

All other fs_ variables were never used.

Signed-off-by: Mathias Kresin <dev@kresin.me>
8 years ago
Felix Fietkau 5fd2eabeb2 base-files: remove support of profile-specific base-files
It is incompatible with multi-profile builds and has not been used
in-tree anyway.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
8 years ago
Jo-Philipp Wich 8d51706616 base-files: use LEDE NTP vendor pool
The vendor NTP pool for the LEDE project got approved, so switch to it now.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
8 years ago
Daniel Dickinson f954f4337b base-files: Add standard os-release file
/etc/os-release is the standard distribution release information
file, therefore add it (and image configuration options for
fields not previously present in LEDE).  Once it is deemed
reasonable the non-standard openwrt_release, openwrt_version,
and device_info files could be removed (that is with this patch
we consider them deprecated in favour of the standard file).

Signed-off-by: Daniel Dickinson <lede@daniel.thecshore.com>
8 years ago
John Crispin 87eb8fad13 base-files: remove fstab symlink
the symlink no longer gets used since we switched to the block-mount tool.

Signed-off-by: John Crispin <john@phrozen.org>
8 years ago
Hannu Nyman df7581e4c0 base-files: increase default system log size to 64 kB
Increase the default system log buffer size
from 16 kB (built-in default in ubox logd)
to 64 kB by setting the option in /etc/config/system.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
8 years ago
John Crispin a13f47760c base-files: add a conditional dependency to lede-keyring
Signed-off-by: John Crispin <john@phrozen.org>
8 years ago
John Crispin b4e33a1c08 base-files: Allow to disable failsafe mode
Signed-off-by: Daniel Dickinson <openwrt@daniel.thecshore.com>
8 years ago
Jo-Philipp Wich 9e04019024 package: flag essential components as nonshared
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
8 years ago
John Crispin fa69553900 branding: add LEDE branding
Signed-off-by: John Crispin <blogic@openwrt.org>
8 years ago
Jo-Philipp Wich eced3b3a35 base-files: support passing mode to ucidef_set_led_netdev()
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 48806
8 years ago
Jo-Philipp Wich 117cef6d44 base-files: add netifd's default prelocal table to /etc/iproute2/rt_tables
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 48685
8 years ago
Jo-Philipp Wich cc289e0adb base-files: honor CONFIG_TARGET_INIT_PATH
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 48678
8 years ago
John Crispin 3f78186f76 base-files: allow timezone to be overriden by zonename (proper zoneinfo support)
Signed-off-by: Roman Yeryomin <roman@advem.lv>

SVN-Revision: 47980
8 years ago
Felix Fietkau ce98f1d264 base-files: drop the now unnecessary dependency on opkg/host
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 47886
8 years ago
John Crispin 2f42d9e27d base-file: remove /tmp/.jail (now useless)
Signed-off-by: Etienne CHAMPETIER <champetier.etienne@gmail.com>

SVN-Revision: 47855
8 years ago
Jo-Philipp Wich 6d3901bf76 base-files: config_generate: honour port_mask property (#20963)
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 47609
8 years ago
Felix Fietkau b61e77aedd base-files: use the correct path in case of modified preinit options
If the user sets any preinit options in .config, the wrong path may get
applied due to wrong default value in image-config.in and due to Makefile
writing also the unchanged options into 00_preinit.conf

Modify the default path in image-config.in to match the current default
path set by r47080. Also modify the fall-back default in Makefile.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>

SVN-Revision: 47590
8 years ago
Steven Barth 468c1fb320 base-files: revert to default ECN settings
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 47160
9 years ago
Steven Barth d7023fc0bc base-files: sanitize and unify $PATH
Previously init and hotplug paths were different from console.

Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 47080
9 years ago
Felix Fietkau 5da85f7a01 base-files: add a dependency on fstools
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 47066
9 years ago
Steven Barth 00045fe9d0 base-files: add /etc/iproute2/rt_tables, replace ifconfig-usage
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 46830
9 years ago
Jo-Philipp Wich 3d1890053c base-files: add /etc/hosts entries for ::1, ff02::1 and ff02::2
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 46771
9 years ago
John Crispin 3787c32183 sysctl: read settings from /etc/sysctl.d/*.conf
This changes makes it possible to store custom settings
in individual files inside the directory /etc/sysctl.d/.

Signed-off-by: Stefan Tomanek <stefan.tomanek+openwrt@wertarbyte.de>

SVN-Revision: 46239
9 years ago
Felix Fietkau beca028bd6 build: add integration for managing opkg package feed keys
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45286
9 years ago
Nicolas Thill fe46689f10 packages: use $(LN) macro, make symlinks relative
Signed-off-by: Nicolas Thill <nico@openwrt.org>

SVN-Revision: 45250
9 years ago
Nicolas Thill 11d4a00c88 base-files: add more config files to conffiles section
Signed-off-by: Nicolas Thill <nico@openwrt.org>

SVN-Revision: 45244
9 years ago
Jo-Philipp Wich e3744a7cc7 base-files: fix target/subtarget value in /etc/openwrt_release
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 44409
9 years ago
John Crispin b0d2a9e77a base-files: default_postinst() - create user:group first (resend)
create user:group before running postinst-pkg. the postinst hook might require
the user:group to already exist.

Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>

SVN-Revision: 43472
9 years ago
Nicolas Thill f4417f7ad8 package/*: replace occurences of 'ln -sf' to '$(LN)'
Signed-off-by: Nicolas Thill <nico@openwrt.org>

SVN-Revision: 43205
10 years ago
John Crispin 74a3a77bcd license info - revert r43155
turns out that r43155 adds duplicate info.

Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 43167
10 years ago
John Crispin c10d97484a Add more license tags with SPDX identifiers
Note, that licensing stuff is a nightmare: many packages does not clearly
state their licenses, and often multiple source files are simply copied
together - each with different licensing information in the file headers.

I tried hard to ensure, that the license information extracted into the OpenWRT's
makefiles fit the "spirit" of the packages, e.g. such small packages which
come without a dedicated source archive "inherites" the OpenWRT's own license
in my opinion.

However, I can not garantee that I always picked the correct information
and/or did not miss license information.

Signed-off-by: Michael Heimpold <mhei@heimpold.de>

SVN-Revision: 43155
10 years ago