Re: [PATCH] dnsmasq: procd-ujail: workaround startup failure, when leasefile location is in /tmp
On Sun, Oct 17, 2021 at 05:45:19PM +0100, Daniel Golle wrote:
> > + "because jailing /tmp does not work: choose
> > e.g. /tmp/dnsmasq/leasefile"
> > + }
> To do what you describe in the commit message it would be
> } else {
>
> I'm fine with either, just the commit message should match the code...
>
sorry, will do that and resend.
please ignore this patch for now.
thanks & bye, bastian
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[PATCH] dnsmasq: procd-ujail: workaround startup failure, when leasefile location is in /tmp
introduced with 44f694ba1bca1417d24e851c637c284f9f78c06d
("build: select procd-ujail if !SMALL_FLASH") dnsmasq fails
to startup when the leasefile is configured to be in /tmp,
which is just not suited for beeing a jail location.
Workaround this (no jailing for this file for this special case)
and show a proper information in syslog.
without this patch, the syslog shows:
Thu Oct 14 18:32:38 2021 user.err : jail:
creat(/tmp/ujail-lhNbFK/tmp/dhcp.leases) failed: Read-only file system
Thu Oct 14 18:32:38 2021 daemon.crit dnsmasq[1]: cannot open or create lease
file /tmp/dhcp.leases: Read-only file system
Thu Oct 14 18:32:38 2021 daemon.crit dnsmasq[1]: FAILED to start up
Ref: https://bugs.openwrt.org/index.php?do=details_id=4085
Acked-by: Daniel Golle
Signed-off-by: Bastian Bittorf
---
.../services/dnsmasq/files/dnsmasq.init | 19 ---
1 file changed, 16 insertions(+), 3 deletions(-)
diff --git a/package/network/services/dnsmasq/files/dnsmasq.init
b/package/network/services/dnsmasq/files/dnsmasq.init
index 3250b2179b..af2effdb26 100644
--- a/package/network/services/dnsmasq/files/dnsmasq.init
+++ b/package/network/services/dnsmasq/files/dnsmasq.init
@@ -616,7 +616,7 @@ dhcp_add() {
case $ra_management in
0)
- # SLACC with DCHP for extended options
+ # SLACC with DHCP for extended options
xappend
"--dhcp-range=$nettag::,constructor:$ifname,ra-stateless,ra-names"
;;
2)
@@ -816,7 +816,7 @@ dnsmasq_start()
{
local cfg="$1"
local disabled user_dhcpscript
- local resolvfile resolvdir localuse=0
+ local resolvfile resolvdir leasedir localuse=0
config_get_bool disabled "$cfg" disabled 0
[ "$disabled" -gt 0 ] && return 0
@@ -994,7 +994,11 @@ dnsmasq_start()
fi
config_get leasefile $cfg leasefile "/tmp/dhcp.leases"
- [ -n "$leasefile" ] && [ ! -e "$leasefile" ] && touch "$leasefile"
+ [ -n "$leasefile" ] && {
+ leasedir="$( dirname "$leasefile" )" && mkdir -p "$leasedir"
+ [ ! -e "$leasefile" ] && touch "$leasefile"
+ }
+
config_get_bool cachelocal "$cfg" cachelocal 1
config_get_bool noresolv "$cfg" noresolv 0
@@ -1154,6 +1158,15 @@ dnsmasq_start()
procd_add_jail_mount $EXTRA_MOUNT $RFC6761FILE $TRUSTANCHORSFILE
procd_add_jail_mount $dnsmasqconffile $dnsmasqconfdir $resolvdir
$user_dhcpscript
procd_add_jail_mount /etc/passwd /etc/group /etc/TZ /etc/hosts
/etc/ethers
+
+ [ -d "$leasedir" ] && {
+ [ "$leasedir" = '/tmp' ] && {
+ logger -t dnsmasq \
+ "consider using a more private directory for
leasefile" \
+ "because jailing /tmp does not work: choose
e.g. /tmp/dnsmasq/leasefile"
+ }
+ procd_add_jail_mount_rw $leasedir
+ }
procd_add_jail_mount_rw /var/run/dnsmasq/ $leasefile
procd_close_instance
--
2.30.2
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: RFC: toolchain for building eBPF modules within the OpenWrt build system
On 2021-10-04 15:20, Jo-Philipp Wich wrote: Hi Felix, I'd suggest to require a preinstalled host toolchain for the time being. How about requiring a preinstalled host toolchain by default, but building it from source on buildbot? If we rely on the toolchain on the host, the builds might vary based on the installed llvm versions and would not be properly reproducible. I'm currently writing a makefile for it and putting it in tools/ instead of toolchain/ in order to avoid unnecessary rebuilds when the configured target changes. - Felix ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: Re: [PATCH] ipq40xx: add support for GL.iNet GL-B2200
FYI Ref https://github.com/openwrt/openwrt/pull/4691 > The original patch is from and signed off by Li Zhang li.zh...@gl-inet.com > which can be seen from gl-inet@3b71749 > and > http://lists.openwrt.org/pipermail/openwrt-devel/2021-September/036363.html > > However, as of 2021-10-17, the above-mentioned patch has merge conflict with > several upstream branches, > at least master and openwrt-21.02. This commit resolves the merge conflict, > but also > ignore changes to package/libs/uclient/Makefile. > > This change has been tested by TruongSinh Tran-Nguyen i...@truongsinh.pro. > Basic Wifi functionalities work, but 8GB EMMC cannot be accessed/mounted, > potentially due to lack of his knowledge how to do so. > > Bluetooth and Zigbee have not been tested. Kind regards, Sinh TruongSinh Tran-Nguyen, PMI-ACP, PSM III, PSPO III Tech Visionary, Craftsman, Coach and Investor +1-6127-TR-SINH (+1-6127-87-7464) | @truongsinhtn Find me on LinkedIn | Twitter | Github | StackOverflow IBAN: LT76 3250 0264 6898 1177 | BIC: REVOLT21 Currently Reading Get your own email signature Kind regards, Sinh TruongSinh Tran-Nguyen, PMI-ACP, PSM III, PSPO III Tech Visionary, Craftsman, Coach and Investor +1-6127-TR-SINH (+1-6127-87-7464) | @truongsinhtn Find me on LinkedIn | Twitter | Github | StackOverflow IBAN: LT76 3250 0264 6898 1177 | BIC: REVOLT21 Currently Reading Get your own email signature On Sat, Oct 16, 2021 at 8:07 PM TruongSinh Tran-Nguyen wrote: > > This patch now has merge conflict with tag v21.02.0 > > ``` > Unmerged paths: > > (use "git add ..." to mark resolution) > > > > both modified: package/firmware/ipq-wifi/Makefile > > both modified: package/libs/uclient/Makefile > > both modified: > target/linux/ipq40xx/base-files/etc/hotplug.d/firmware/11-ath10k-caldata > > both modified: target/linux/ipq40xx/image/Makefile > > both modified: > target/linux/ipq40xx/patches-5.4/901-arm-boot-add-dts-files.patch > > > > ``` > > Kind regards, ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [PATCH] dnsmasq: procd-ujail: workaround startup failure, when leasefile location is in /tmp
On Sun, Oct 17, 2021 at 03:42:18PM +, Bastian Bittorf wrote:
> introduced with 44f694ba1bca1417d24e851c637c284f9f78c06d
> ("build: select procd-ujail if !SMALL_FLASH") dnsmasq fails
> to startup when the leasefile is configured to be in /tmp,
> which is just not suited for beeing a jail location.
>
> Workaround this (no jailing for this file for this special case)
> and show a proper information in syslog.
>
> without this patch, the syslog shows:
> Thu Oct 14 18:32:38 2021 user.err : jail:
> creat(/tmp/ujail-lhNbFK/tmp/dhcp.leases) failed: Read-only file system
> Thu Oct 14 18:32:38 2021 daemon.crit dnsmasq[1]: cannot open or create lease
> file /tmp/dhcp.leases: Read-only file system
> Thu Oct 14 18:32:38 2021 daemon.crit dnsmasq[1]: FAILED to start up
>
> Ref: https://bugs.openwrt.org/index.php?do=details_id=4085
> Acked-by: Daniel Golle
> Signed-off-by: Bastian Bittorf
> ---
> .../services/dnsmasq/files/dnsmasq.init | 19 ---
> 1 file changed, 16 insertions(+), 3 deletions(-)
>
> diff --git a/package/network/services/dnsmasq/files/dnsmasq.init
> b/package/network/services/dnsmasq/files/dnsmasq.init
> index 3250b2179b..af2effdb26 100644
> --- a/package/network/services/dnsmasq/files/dnsmasq.init
> +++ b/package/network/services/dnsmasq/files/dnsmasq.init
> @@ -616,7 +616,7 @@ dhcp_add() {
>
> case $ra_management in
> 0)
> - # SLACC with DCHP for extended options
> + # SLACC with DHCP for extended options
> xappend
> "--dhcp-range=$nettag::,constructor:$ifname,ra-stateless,ra-names"
> ;;
> 2)
> @@ -816,7 +816,7 @@ dnsmasq_start()
> {
> local cfg="$1"
> local disabled user_dhcpscript
> - local resolvfile resolvdir localuse=0
> + local resolvfile resolvdir leasedir localuse=0
>
> config_get_bool disabled "$cfg" disabled 0
> [ "$disabled" -gt 0 ] && return 0
> @@ -994,7 +994,11 @@ dnsmasq_start()
> fi
>
> config_get leasefile $cfg leasefile "/tmp/dhcp.leases"
> - [ -n "$leasefile" ] && [ ! -e "$leasefile" ] && touch "$leasefile"
> + [ -n "$leasefile" ] && {
> + leasedir="$( dirname "$leasefile" )" && mkdir -p "$leasedir"
> + [ ! -e "$leasefile" ] && touch "$leasefile"
> + }
> +
> config_get_bool cachelocal "$cfg" cachelocal 1
>
> config_get_bool noresolv "$cfg" noresolv 0
> @@ -1154,6 +1158,15 @@ dnsmasq_start()
> procd_add_jail_mount $EXTRA_MOUNT $RFC6761FILE $TRUSTANCHORSFILE
> procd_add_jail_mount $dnsmasqconffile $dnsmasqconfdir $resolvdir
> $user_dhcpscript
> procd_add_jail_mount /etc/passwd /etc/group /etc/TZ /etc/hosts
> /etc/ethers
> +
> + [ -d "$leasedir" ] && {
> + [ "$leasedir" = '/tmp' ] && {
> + logger -t dnsmasq \
> + "consider using a more private directory for
> leasefile" \
> + "because jailing /tmp does not work: choose
> e.g. /tmp/dnsmasq/leasefile"
> + }
To do what you describe in the commit message it would be
} else {
I'm fine with either, just the commit message should match the code...
> + procd_add_jail_mount_rw $leasedir
> + }
> procd_add_jail_mount_rw /var/run/dnsmasq/ $leasefile
>
> procd_close_instance
> --
> 2.30.2
>
>
> ___
> openwrt-devel mailing list
> openwrt-devel@lists.openwrt.org
> https://lists.openwrt.org/mailman/listinfo/openwrt-devel
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [PATCH] nftables: bump to 1.0.0
Hi, > Signed-off-by: Stijn Tintel Acked-by: Jo-Philipp Wich signature.asc Description: OpenPGP digital signature ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[sdwalker/sdwalker.github.io] 0869fa: This week's update
The sender domain has a DMARC Reject/Quarantine policy which disallows sending mailing list messages using the original "From" header. To mitigate this problem, the original message has been wrapped automatically by the mailing list software.--- Begin Message --- Branch: refs/heads/master Home: https://github.com/sdwalker/sdwalker.github.io Commit: 0869fae49c3f9a3d921d79e9edfe3f1218e29d6e https://github.com/sdwalker/sdwalker.github.io/commit/0869fae49c3f9a3d921d79e9edfe3f1218e29d6e Author: Stephen Walker Date: 2021-10-17 (Sun, 17 Oct 2021) Changed paths: M uscan/index-19.07.html M uscan/index-21.02.html M uscan/index.html Log Message: --- This week's update --- End Message --- ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
