Turris Build issueshttps://gitlab.nic.cz/turris/os/build/-/issues2023-08-16T11:07:21+02:00https://gitlab.nic.cz/turris/os/build/-/issues/116Installation of pkglist hardening results in router softblock2023-08-16T11:07:21+02:00Karel KociInstallation of pkglist hardening results in router softblockInstalling hardening I managed to get system to state where most of the processes were failing to run correctly. Router was clearly running but processes such as lighttpd or dnsmasq were taking together full system load and router was ac...Installing hardening I managed to get system to state where most of the processes were failing to run correctly. Router was clearly running but processes such as lighttpd or dnsmasq were taking together full system load and router was accessible only trough console. It is possible that processes as SSH were affected by that as well and something prevented them to run correctly. I had to do forced reboot (`/proc/sysrq-trigger`). After that reboot issue was gone.
I suspect that problem is with initial installation of hardening components to running system and application of them on first boot.Turris OS 5.0.1Jan PavlinecJan Pavlinechttps://gitlab.nic.cz/turris/os/build/-/issues/156ca-cert: update to new version2023-08-16T11:03:43+02:00Jan Pavlinecca-cert: update to new versionUpstream updated ca-cert we should patch that in 19.07
https://github.com/openwrt/openwrt/commit/f611b014a713d82d7c7da4c171f3aa04a8984063Upstream updated ca-cert we should patch that in 19.07
https://github.com/openwrt/openwrt/commit/f611b014a713d82d7c7da4c171f3aa04a8984063Turris OS 5.0.2Jan PavlinecJan Pavlinechttps://gitlab.nic.cz/turris/os/build/-/issues/143SSLError when using pip3 install2023-08-16T11:06:27+02:00Josef SchlehoferSSLError when using pip3 installSimilar to issue turris-os-packages#569 I am not able to use pip3 install multidict as it fails due to SSLError.
```
root@turris:~# pip3 install multidict
Collecting multidict
WARNING: Retrying (Retry(total=4, connect=None, read=None,...Similar to issue turris-os-packages#569 I am not able to use pip3 install multidict as it fails due to SSLError.
```
root@turris:~# pip3 install multidict
Collecting multidict
WARNING: Retrying (Retry(total=4, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLError(1, '[SSL: DECRYPTION_FAILED_OR_BAD_RECORD_MAC] decryption failed or bad record mac (_ssl.c:1076)'))': /simple/multidict/
WARNING: Retrying (Retry(total=3, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLError(1, '[SSL: DECRYPTION_FAILED_OR_BAD_RECORD_MAC] decryption failed or bad record mac (_ssl.c:1076)'))': /simple/multidict/
WARNING: Retrying (Retry(total=2, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLError(1, '[SSL: DECRYPTION_FAILED_OR_BAD_RECORD_MAC] decryption failed or bad record mac (_ssl.c:1076)'))': /simple/multidict/
WARNING: Retrying (Retry(total=1, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLError(1, '[SSL: DECRYPTION_FAILED_OR_BAD_RECORD_MAC] decryption failed or bad record mac (_ssl.c:1076)'))': /simple/multidict/
WARNING: Retrying (Retry(total=0, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLError(1, '[SSL: DECRYPTION_FAILED_OR_BAD_RECORD_MAC] decryption failed or bad record mac (_ssl.c:1076)'))': /simple/multidict/
Could not fetch URL https://pypi.org/simple/multidict/: There was a problem confirming the ssl certificate: HTTPSConnectionPool(host='pypi.org', port=443): Max retries exceeded with url: /simple/multidict/ (Caused by SSLError(SSLError(1, '[SSL: DECRYPTION_FAILED_OR_BAD_RECORD_MAC] decryption failed or bad record mac (_ssl.c:1076)'))) - skipping
```
This happens just on Turris 1.x. It works OOTB on Turris Omnia.Turris OS 5.0.2https://gitlab.nic.cz/turris/os/build/-/issues/114Transmission does not start through procd2023-08-16T11:03:47+02:00Stepan MocekTransmission does not start through procdAfter update from 21.1. and a reboot of Turris Omnia was the contact with Transmission lost. It does not work even with TOS 4.X.After update from 21.1. and a reboot of Turris Omnia was the contact with Transmission lost. It does not work even with TOS 4.X.Turris OS 5.0.2https://gitlab.nic.cz/turris/os/build/-/issues/158syslog-ng: fails with disabled IPv62020-06-30T14:58:17+02:00Jan Pavlinecsyslog-ng: fails with disabled IPv6reported on forum https://forum.turris.cz/t/syslog-ng-not-running-in-tos-5-0-0/13060/8
```
I guess it was caused by disabled ipv6. syslog-ng has this in config:
source net {
network(ip("::1") port(514) transport(udp) ip-protocol(6));...reported on forum https://forum.turris.cz/t/syslog-ng-not-running-in-tos-5-0-0/13060/8
```
I guess it was caused by disabled ipv6. syslog-ng has this in config:
source net {
network(ip("::1") port(514) transport(udp) ip-protocol(6));
}
which fails if ipv6 isn’t available
… after enabling ipv6 on wan interface, syslogn-ng runs.
```
Turris OS 5.0.3https://gitlab.nic.cz/turris/os/build/-/issues/149Multiple SSID does not work on SDIO Wi-Fi card2023-08-16T11:01:26+02:00Josef SchlehoferMultiple SSID does not work on SDIO Wi-Fi cardChip Marvell 88W8997 used on Wi-Fi card has some issues with Multiple SSID, which prevents using mostly Guest network.
There is a forum thread about that: https://forum.turris.cz/t/enterprise-wi-fi-does-not-work-with-mox-sdio-wi-fi/1049...Chip Marvell 88W8997 used on Wi-Fi card has some issues with Multiple SSID, which prevents using mostly Guest network.
There is a forum thread about that: https://forum.turris.cz/t/enterprise-wi-fi-does-not-work-with-mox-sdio-wi-fi/10494/3?u=pepe
However, we prepared workaround for Guest network - https://forum.turris.cz/t/guest-network-sdio-wi-fi-issue-workaround/11899 , but it was tested by just one user and this does not help if it works or not. We need better feedback on it. I think we can try to send that firmware to HBL/HBD branches to see if it is better.Turris OS 5.0.4https://gitlab.nic.cz/turris/os/build/-/issues/132Several packages are not compiled as ld cannot find -lintl2020-07-23T15:25:10+02:00Josef SchlehoferSeveral packages are not compiled as ld cannot find -lintlA few packages, which currently fails: modemmanager, gkrellmd, quasselc for all of our builds for Turris 1.x, Turris Omnia and Turris MOX.
Log:
```
/path-omnia/build/staging_dir/toolchain-arm_cortex-a9+vfpv3_gcc-7.5.0_musl_eabi/lib/gc...A few packages, which currently fails: modemmanager, gkrellmd, quasselc for all of our builds for Turris 1.x, Turris Omnia and Turris MOX.
Log:
```
/path-omnia/build/staging_dir/toolchain-arm_cortex-a9+vfpv3_gcc-7.5.0_musl_eabi/lib/gcc/arm-openwrt-linux-muslgnueabi/7.5.0/../../../../arm-openwrt-linux-muslgnueabi/bin/ld: cannot find -lintl
collect2: error: ld returned 1 exit status
Makefile:505: recipe for target 'test-qcdm' failed
make[6]: *** [test-qcdm] Error 1
make[6]: Leaving directory '/path-omnia/build/build_dir/target-arm_cortex-a9+vfpv3_musl_eabi/ModemManager-1.12.4/libqcdm/tests'
Makefile:426: recipe for target 'all-recursive' failed
make[5]: *** [all-recursive] Error 1
make[5]: Leaving directory '/path-omnia/build/build_dir/target-arm_cortex-a9+vfpv3_musl_eabi/ModemManager-1.12.4/libqcdm'
Makefile:503: recipe for target 'all-recursive' failed
make[4]: *** [all-recursive] Error 1
make[4]: Leaving directory '/path-omnia/build/build_dir/target-arm_cortex-a9+vfpv3_musl_eabi/ModemManager-1.12.4'
Makefile:435: recipe for target 'all' failed
```Turris OS 5.0.4https://gitlab.nic.cz/turris/os/build/-/issues/166collectd: Consider enabling signing/encryption support2020-08-01T18:57:35+02:00Elvenlord Elrondcollectd: Consider enabling signing/encryption supportcollectd's network plugin has the option to sign or encrypt the contents for data transfer to other collectd instances.
OpenWrt added this feature [here](https://github.com/openwrt/packages/commit/4ba4d8232d4431170faffadfa80fbb0ba76d20f...collectd's network plugin has the option to sign or encrypt the contents for data transfer to other collectd instances.
OpenWrt added this feature [here](https://github.com/openwrt/packages/commit/4ba4d8232d4431170faffadfa80fbb0ba76d20f1).
It is probably only a matter of adding `PACKAGE_COLLECTD_ENCRYPTED_NETWORK=y` to `configs/common/packages`?
Yes, this will introduce a new dependency on libgcrypt. On a small embedded platform this might be of concern. But for omnia and mox, it shouldn't be a big problem. And only people installing the network plugin will actually get that extra depeendencies. Which sounds acceptable to me.Turris OS 5.1https://gitlab.nic.cz/turris/os/build/-/issues/154"5.1" hbl Packages list asks for kernel.0 version when none exists2023-08-16T11:01:38+02:00Michael Richardson"5.1" hbl Packages list asks for kernel.0 version when none existsRunning ./generate_medkit -t mox from a checkout at:
commit 24d9b4c25b1a743bf3e6b50c0feb8865196d87b0 (HEAD -> hbl, origin/hbl)
pulls down:
https://repo.turris.cz/hbl/mox/packages/core/Packages
and complains:
ERROR:
inconsi...Running ./generate_medkit -t mox from a checkout at:
commit 24d9b4c25b1a743bf3e6b50c0feb8865196d87b0 (HEAD -> hbl, origin/hbl)
pulls down:
https://repo.turris.cz/hbl/mox/packages/core/Packages
and complains:
ERROR:
inconsistent: Package kmod-cfg80211 requires package kernel that is not available.
which I've seen this before. This is because of the .0 on line 221 of include/kernel.mk:
define Package/kmod-$(1)
TITLE:=$(TITLE)
SECTION:=kernel
CATEGORY:=Kernel modules
DESCRIPTION:=$(DESCRIPTION)
VERSION:=$(LINUX_VERSION)$(if $(PKG_VERSION),+$(PKG_VERSION))-$(if $(PKG_RELEASE),$(PKG_RELEASE),$(LINUX_RELEASE))-$(LINUX_VERMAGIC)
EXTRA_DEPENDS:=kernel (=$(LINUX_VERSION)-$(LINUX_RELEASE)-$(LINUX_VERMAGIC).0)
somewhere the kernel was intended to have a trailing .0 on it, which it does not. This is not in openwrt upstream.
Removing the .0 here fixes the package dependancy problem, but then I have to build all the packages, which as reported and acknowledged, regularly does not complete. (Yes, I finally have a minimal .config, but it may too minimal)
If one examines the above URL for the Packages file in an editor one sees:
Package: kernel
Version: 4.14.180-1-b05c242413ba31ef0a03c70a9c2877a9.11
Depends: libc
...
Package: kmod-cfg80211
Version: 4.14.180+4.19.120-1-1-b05c242413ba31ef0a03c70a9c2877a9.11
Depends: kernel (=4.14.180-1-b05c242413ba31ef0a03c70a9c2877a9.0), iw, wireless-regdbTurris OS 5.1https://gitlab.nic.cz/turris/os/build/-/issues/152Network configuration reloaded to broken wifi state when wpad is installed2021-02-16T21:49:51+01:00Karel KociNetwork configuration reloaded to broken wifi state when wpad is installedThis happens only once after boot when wpad package is reinstalled. Subsequent updates do not have the same effect.
The problem is that something triggers reload of network once files are moved to location and synced. At the same time t...This happens only once after boot when wpad package is reinstalled. Subsequent updates do not have the same effect.
The problem is that something triggers reload of network once files are moved to location and synced. At the same time this reload fails to configure correctly wifi. We can fix it by just simply reloading network service.
To compare this is end of updater's trace output till the point wifi is disconnected.
```
INFO:transaction.lua:164 (fun):Running pre-install and pre-rm scripts and merging packages to root file system
DEBUG:backend.lua:817 (pkg_merge_control):Removing previous version control file wpad.prerm
DEBUG:backend.lua:817 (pkg_merge_control):Removing previous version control file wpad.control
DEBUG:backend.lua:817 (pkg_merge_control):Removing previous version control file wpad.postinst
DEBUG:backend.lua:817 (pkg_merge_control):Removing previous version control file wpad.list
DEBUG:backend.lua:817 (pkg_merge_control):Removing previous version control file wpad.files-sha256
DEBUG:backend.lua:840 (pkg_merge_control):Putting control file files-sha256 into place
DEBUG:src/lib/interpreter.c:326 (lua_run_generic):Util command: cp -Lpf /usr/share/updater/unpacked//updater-mlalPO/control/files-sha256 /usr/lib/opkg/info//wpad.files-sha256
TRACE:src/lib/events.c:548 (run_command_a):Running command /tmp/updater-busybox-AhipiG/busybox
DEBUG:backend.lua:840 (pkg_merge_control):Putting control file prerm into place
DEBUG:src/lib/interpreter.c:326 (lua_run_generic):Util command: cp -Lpf /usr/share/updater/unpacked//updater-mlalPO/control/prerm /usr/lib/opkg/info//wpad.prerm
TRACE:src/lib/events.c:548 (run_command_a):Running command /tmp/updater-busybox-AhipiG/busybox
DEBUG:backend.lua:840 (pkg_merge_control):Putting control file postinst into place
DEBUG:src/lib/interpreter.c:326 (lua_run_generic):Util command: cp -Lpf /usr/share/updater/unpacked//updater-mlalPO/control/postinst /usr/lib/opkg/info//wpad.postinst
TRACE:src/lib/events.c:548 (run_command_a):Running command /tmp/updater-busybox-AhipiG/busybox
DEBUG:backend.lua:840 (pkg_merge_control):Putting control file control into place
DEBUG:src/lib/interpreter.c:326 (lua_run_generic):Util command: cp -Lpf /usr/share/updater/unpacked//updater-mlalPO/control/control /usr/lib/opkg/info//wpad.control
TRACE:src/lib/events.c:548 (run_command_a):Running command /tmp/updater-busybox-AhipiG/busybox
DEBUG:backend.lua:766 (pkg_merge_files):Creating dir /
DEBUG:backend.lua:766 (pkg_merge_files):Creating dir /usr
DEBUG:backend.lua:766 (pkg_merge_files):Creating dir /usr/sbin
DEBUG:backend.lua:782 (pkg_merge_files):Installing file /usr/sbin/wpa_supplicant
TRACE:src/lib/events.c:548 (run_command_a):Running command /tmp/updater-busybox-AhipiG/busybox
DEBUG:backend.lua:782 (pkg_merge_files):Installing file /usr/sbin/hostapd
TRACE:src/lib/events.c:548 (run_command_a):Running command /tmp/updater-busybox-AhipiG/busybox
DEBUG:backend.lua:782 (pkg_merge_files):Installing file /usr/sbin/wpad
TRACE:src/lib/events.c:548 (run_command_a):Running command /tmp/updater-busybox-AhipiG/busybox
TRACE:src/lib/interpreter.c:791 (lua_sync):Sync
```
This is relevant output from syslog:
```
May 27 07:26:44 mox-home updater[7070]: transaction.lua:164 (fun): Running pre-install and pre-rm scripts and merging packages to root file system
May 27 07:26:44 mox-home netifd: Network device 'wlan0' link is down
May 27 07:26:44 mox-home hostapd: wlan0: INTERFACE-DISABLED
May 27 07:26:44 mox-home kernel: [ 429.647835] br-lan: port 7(wlan0) entered disabled state
May 27 07:26:44 mox-home kernel: [ 429.697850] device wlan0 left promiscuous mode
May 27 07:26:44 mox-home kernel: [ 429.702243] br-lan: port 7(wlan0) entered disabled state
May 27 07:26:45 mox-home kernel: [ 429.994043] mwifiex_sdio mmc0:0001:1: EVENT: BT coex wlan param update
May 27 07:26:45 mox-home kernel: [ 430.004065] br-lan: port 6(wlan1) entered disabled state
May 27 07:26:45 mox-home netifd: Network device 'wlan1' link is down
May 27 07:26:45 mox-home hostapd: Failed to set beacon parameters
May 27 07:26:45 mox-home hostapd: wlan1: AP-STA-DISCONNECTED 88:ad:d2:26:0a:e8
May 27 07:26:45 mox-home hostapd: wlan1: INTERFACE-DISABLED
May 27 07:26:45 mox-home netifd: Network device 'wlang5' link is down
May 27 07:26:45 mox-home kernel: [ 430.142965] br-guest: port 2(wlang5) entered disabled state
May 27 07:26:45 mox-home kernel: [ 430.154374] device wlan1 left promiscuous mode
May 27 07:26:45 mox-home kernel: [ 430.158989] br-lan: port 6(wlan1) entered disabled state
May 27 07:26:45 mox-home hostapd: Failed to set beacon parameters
May 27 07:26:45 mox-home kernel: [ 430.317906] device wlang5 left promiscuous mode
May 27 07:26:45 mox-home kernel: [ 430.322664] br-guest: port 2(wlang5) entered disabled state
May 27 07:26:45 mox-home updater[7070]: transaction.lua:235 (fun): Removing packages and leftover files
May 27 07:26:45 mox-home updater[7070]: transaction.lua:240 (fun): Running post-install and post-rm scripts
May 27 07:26:45 mox-home updater[7070]: src/lib/logging.c:204 (log_subproc_open): Running postinst of wpad
May 27 07:26:45 mox-home netifd: Network device 'wlang2' link is down
May 27 07:26:45 mox-home kernel: [ 430.382172] br-guest: port 3(wlang2) entered disabled state
May 27 07:26:45 mox-home kernel: [ 430.419513] device wlang2 left promiscuous mode
May 27 07:26:45 mox-home kernel: [ 430.424012] br-guest: port 3(wlang2) entered disabled state
May 27 07:26:46 mox-home kernel: [ 431.016736] mwifiex_sdio mmc0:0001:1: CMD_RESP: cmd 0x20 error, result=0x1
May 27 07:26:46 mox-home mac80211: Failed command: iw phy phy1 set antenna 0xffffffff 0xffffffff
May 27 07:26:46 mox-home netifd: radio1 (7286): command failed: Not supported (-95)
May 27 07:26:46 mox-home mac80211: Failed command: iw phy phy1 set antenna_gain 0
May 27 07:26:46 mox-home hostapd: Configuration file: /var/run/hostapd-phy0.conf
May 27 07:26:46 mox-home updater[7070]: transaction.lua:254 (fun): Cleaning up control files
May 27 07:26:47 mox-home updater[7070]: src/lib/logging.c:204 (log_subproc_open): Executing postupdate hook: 20_update_alternatives.sh
May 27 07:26:47 mox-home kernel: [ 432.339540] ath10k_pci 0000:00:00.0: 10.1 wmi init: vdevs: 16 peers: 127 tid: 256
May 27 07:26:47 mox-home updater[7070]: src/lib/logging.c:204 (log_subproc_open): Executing postupdate hook: 95_schnapps.sh
May 27 07:26:47 mox-home kernel: [ 432.356834] ath10k_pci 0000:00:00.0: wmi print 'P 128 V 8 T 410'
May 27 07:26:47 mox-home kernel: [ 432.363132] ath10k_pci 0000:00:00.0: wmi print 'msdu-desc: 1424 sw-crypt: 0 ct-sta: 0'
May 27 07:26:47 mox-home kernel: [ 432.371808] ath10k_pci 0000:00:00.0: wmi print 'alloc rem: 20904 iram: 26056'
May 27 07:26:47 mox-home kernel: [ 432.438558] ath10k_pci 0000:00:00.0: pdev param 0 not supported by firmware
May 27 07:26:47 mox-home hostapd: Failed to set beacon parameters
May 27 07:26:47 mox-home kernel: [ 432.453576] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready
May 27 07:26:47 mox-home hostapd: wlan0: INTERFACE-ENABLED
May 27 07:26:47 mox-home hostapd: Failed to set beacon parameters
May 27 07:26:47 mox-home hostapd: wlan0: INTERFACE-DISABLED
May 27 07:26:47 mox-home hostapd: nl80211: Could not configure driver mode
May 27 07:26:47 mox-home hostapd: nl80211: deinit ifname=wlan0 disabled_11b_rates=0
May 27 07:26:47 mox-home hostapd: nl80211 driver initialization failed.
May 27 07:26:47 mox-home hostapd: wlan0: interface state UNINITIALIZED->DISABLED
May 27 07:26:47 mox-home hostapd: wlang5: AP-DISABLED
May 27 07:26:47 mox-home hostapd: wlang5: CTRL-EVENT-TERMINATING
May 27 07:26:47 mox-home hostapd: hostapd_free_hapd_data: Interface wlang5 wasn't started
May 27 07:26:47 mox-home hostapd: wlan0: AP-DISABLED
May 27 07:26:47 mox-home hostapd: wlan0: CTRL-EVENT-TERMINATING
May 27 07:26:47 mox-home hostapd: hostapd_free_hapd_data: Interface wlan0 wasn't started
May 27 07:26:47 mox-home kernel: [ 432.629264] IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready
May 27 07:26:47 mox-home hostapd: wlan1: INTERFACE-ENABLED
May 27 07:26:47 mox-home netifd: radio0 (7260): WARNING (wireless_add_process): executable path /usr/sbin/wpad does not match process 4048 path (/proc/4048/exe)
May 27 07:26:47 mox-home netifd: radio0 (7260): Device setup failed: HOSTAPD_START_FAILED
May 27 07:26:47 mox-home hostapd: Configuration file: /var/run/hostapd-phy1.conf
May 27 07:26:48 mox-home updater[7070]: src/lib/logging.c:204 (log_subproc_open): Executing postupdate hook: 99_approvals_cleanup
May 27 07:26:49 mox-home hostapd: Failed to set beacon parameters
May 27 07:26:49 mox-home kernel: [ 434.140903] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
May 27 07:26:49 mox-home hostapd: wlan1: INTERFACE-DISABLED
May 27 07:26:49 mox-home kernel: [ 434.160286] mwifiex_sdio mmc0:0001:1: EVENT: BT coex wlan param update
May 27 07:26:49 mox-home hostapd: wlan1: INTERFACE-ENABLED
May 27 07:26:49 mox-home kernel: [ 434.182154] IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready
May 27 07:26:50 mox-home kernel: [ 435.685405] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
May 27 07:26:50 mox-home kernel: [ 435.704431] br-lan: port 6(wlan1) entered blocking state
May 27 07:26:50 mox-home kernel: [ 435.710095] br-lan: port 6(wlan1) entered disabled state
May 27 07:26:50 mox-home kernel: [ 435.717231] device wlan1 entered promiscuous mode
May 27 07:26:50 mox-home kernel: [ 435.722846] br-lan: port 6(wlan1) entered blocking state
May 27 07:26:50 mox-home kernel: [ 435.728518] br-lan: port 6(wlan1) entered forwarding state
May 27 07:26:50 mox-home hostapd: ctrl_iface exists and seems to be in use - cannot override it
May 27 07:26:50 mox-home hostapd: Delete '/var/run/hostapd/wlan1' manually if it is not used anymore
May 27 07:26:50 mox-home hostapd: Failed to setup control interface for wlan1
May 27 07:26:50 mox-home hostapd: wlan1: Unable to setup interface.
May 27 07:26:50 mox-home hostapd: wlan1: interface state UNINITIALIZED->DISABLED
May 27 07:26:50 mox-home hostapd: wlang2: AP-DISABLED
May 27 07:26:50 mox-home hostapd: wlang2: CTRL-EVENT-TERMINATING
May 27 07:26:50 mox-home hostapd: hostapd_free_hapd_data: Interface wlang2 wasn't started
May 27 07:26:50 mox-home hostapd: wlan1: AP-DISABLED
May 27 07:26:50 mox-home hostapd: wlan1: CTRL-EVENT-TERMINATING
May 27 07:26:50 mox-home hostapd: hostapd_free_hapd_data: Interface wlan1 wasn't started
May 27 07:26:50 mox-home hostapd: nl80211: deinit ifname=wlan1 disabled_11b_rates=0
May 27 07:26:50 mox-home kernel: [ 435.767242] device wlan1 left promiscuous mode
May 27 07:26:50 mox-home kernel: [ 435.772114] br-lan: port 6(wlan1) entered disabled state
May 27 07:26:50 mox-home netifd: radio1 (7286): WARNING (wireless_add_process): executable path /usr/sbin/wpad does not match process 4425 path (/proc/4425/exe)
May 27 07:26:50 mox-home netifd: radio1 (7286): Device setup failed: HOSTAPD_START_FAILED
May 27 07:26:51 mox-home hostapd: Failed to set beacon parameters
May 27 07:26:51 mox-home hostapd: Failed to set beacon parameters
May 27 07:26:55 mox-home hostapd: Failed to set beacon parameters
```Turris OS 5.1https://gitlab.nic.cz/turris/os/build/-/issues/146Some packages have no valid architecture, ignoring2023-08-16T11:01:35+02:00Josef SchlehoferSome packages have no valid architecture, ignoringDue to change in upstream, which corrected CPU subtype. Commit: https://github.com/openwrt/openwrt/commit/67ed408af20c3b24725f051596028345497219d8
Some packages are not installed or updated. This could happen with any package.
This so ...Due to change in upstream, which corrected CPU subtype. Commit: https://github.com/openwrt/openwrt/commit/67ed408af20c3b24725f051596028345497219d8
Some packages are not installed or updated. This could happen with any package.
This so far is confirmed to be happening on these packages:
```
Package coreutils version 8.30-2.0 has no valid architecture, ignoring.
Package foris-controller version 1.0.11-3.7-1.0 has no valid architecture, ignoring.
Package libpthread version 1.1.24-2.0 has no valid architecture, ignoring.
Package xz-utils version 5.2.4-5.0 has no valid architecture, ignoring.
Package librt version 1.1.24-2.0 has no valid architecture, ignoring.
Package shadow version 4.8.1-1.0 has no valid architecture, ignoring.
Package shadow-utils version 4.8.1-1.0 has no valid architecture, ignoring.
Package ip6tables version 1.8.3-1.0 has no valid architecture, ignoring.
Package lxc version 3.0.3-1.0 has no valid architecture, ignoring.
Package busybox version 1.30.1-6 has no valid architecture, ignoring.
```
We need reinstall all packages with invalid architecture.Turris OS 5.1https://gitlab.nic.cz/turris/os/build/-/issues/127Build user and server identity in dmesg2020-07-13T14:08:41+02:00Vojtech MyslivecBuild user and server identity in dmesgThis is the first line in dmesg on:
```
[ 0.000000] Linux version 4.14.171 (beast@slave09) (gcc version 7.5.0 (OpenWrt GCC 7.5.0 e7f1313)) #0 SMP Fri Mar 6 11:05:10 2020
```
Is `beast@slave09` intended here? It should be something li...This is the first line in dmesg on:
```
[ 0.000000] Linux version 4.14.171 (beast@slave09) (gcc version 7.5.0 (OpenWrt GCC 7.5.0 e7f1313)) #0 SMP Fri Mar 6 11:05:10 2020
```
Is `beast@slave09` intended here? It should be something like `packaging@turris.cz`, shouldn't it?Turris OS 5.1https://gitlab.nic.cz/turris/os/build/-/issues/56infrequent crashes - Unable to handle kernel paging request at virtual address2020-06-29T13:28:18+02:00Ghost Userinfrequent crashes - Unable to handle kernel paging request at virtual address> {"kernel":"4.14.131","hostname":"to","system":"ARMv7 Processor rev 1 (v7l)","model":"Turris Omnia","board_name":"cznic,turris-omnia","release":{"distribution":"TurrisOS","version":"5.0-dev","revision":"202260a","target":"mvebu/cortexa9...> {"kernel":"4.14.131","hostname":"to","system":"ARMv7 Processor rev 1 (v7l)","model":"Turris Omnia","board_name":"cznic,turris-omnia","release":{"distribution":"TurrisOS","version":"5.0-dev","revision":"202260a","target":"mvebu/cortexa9","description":"TurrisOS 5.0-dev 202260a"}}
___
Observing infrequent crashes
[crash_log_1](/uploads/42611189213b46f8c3cb61f5784b104b/crash_log_1)
[crash_log_2](/uploads/267a0d45e01c6feec7ab9770ebdf0d4c/crash_log_2)
[crash_log_3](/uploads/17dd164e05e059b766c44c53126c31ea/crash_log_3)
, cannot reproduce at will, different taints but with what seems to be a common theme:
> Unable to handle kernel paging request at virtual address
> nf_conntrack_in+0xdc/0x714 [nf_conntrack]
`sysctl -a | grep track` [conntrack_kernel_parameters](/uploads/12db03bf3041f89a92e5e28cd3860dc5/conntrack_kernel_parameters)
`opkg list-installed *conntrack*`
> conntrack - 2018-05-01-88610abe-1.0
> iptables-mod-conntrack-extra - 1.8.2-3.51
> kmod-ipt-conntrack - 4.14.131-1-d7317cbbddf2a7868a9735d59f4d4520.0
> kmod-ipt-conntrack-extra - 4.14.131-1-d7317cbbddf2a7868a9735d59f4d4520.0
> kmod-nf-conntrack - 4.14.131-1-d7317cbbddf2a7868a9735d59f4d4520.0
> kmod-nf-conntrack-netlink - 4.14.131-1-d7317cbbddf2a7868a9735d59f4d4520.0
> kmod-nf-conntrack6 - 4.14.131-1-d7317cbbddf2a7868a9735d59f4d4520.0
> libnetfilter-conntrack - 2018-05-01-3ccae9f5-2.0
`lsmod | grep sch_cake`
> nf_conntrack 77824 31 sch_cake,ipt_MASQUERADE,xt_state,xt_nat,xt_helper,xt_conntrack,xt_connmark,xt_connlimit,xt_connbytes,xt_REDIRECT,xt_CT,nft_redir_ipv6,nft_redir_ipv4,nft_redir,nft_nat,nft_masq_ipv6,nft_masq_ipv4,nft_masq,nft_flow_offload,nft_ct,nf_nat_masquerade_ipv6,nf_nat_masquerade_ipv4,nf_conntrack_ipv6,nf_nat_ipv6,nf_conntrack_ipv4,nf_nat_ipv4,nf_nat_ftp,nf_nat,nf_flow_table,nf_conntrack_rtcache,nf_conntrack_ftp
> sch_cake 36864 0
`tc -s qdisc` [tc](/uploads/169deade7c6324df120707a33a047b23/tc)
___
maybe relates to what is displayed during boot
> sch_cake: Unknown symbol nf_conntrack_find_get (err 0)
> sch_cake: Unknown symbol nf_ct_get_tuplepr (err 0)
and a while later the log showing
> nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
___
probably no correlation with https://gitlab.labs.nic.cz/turris/turris-build/issues/35
___
lodged with upstream https://bugs.openwrt.org/index.php?do=details&task_id=2346Turris OS 5.1https://gitlab.nic.cz/turris/os/build/-/issues/48[lxc/lxcfs] LTS version bump 3.0.42023-08-16T11:05:41+02:00Ghost User[lxc/lxcfs] LTS version bump 3.0.4bugfix releases for the 3.0 LTS
https://github.com/lxc/lxc/releases/tag/lxc-3.0.4
https://github.com/lxc/lxcfs/releases/tag/lxcfs-3.0.4
___
could you please push it also to HBD since lxc 3.x is currently not available in that branc...bugfix releases for the 3.0 LTS
https://github.com/lxc/lxc/releases/tag/lxc-3.0.4
https://github.com/lxc/lxcfs/releases/tag/lxcfs-3.0.4
___
could you please push it also to HBD since lxc 3.x is currently not available in that branch and provides only the outdated lxc 2.x from upstream?Turris OS 5.1https://gitlab.nic.cz/turris/os/build/-/issues/43Pls include "kmod-br-netfilter" in 4.x and on2019-10-25T04:22:13+02:00Ghost UserPls include "kmod-br-netfilter" in 4.x and onThe Netfilter functionality is a part of the kernel in 3.11.4, but it is a separate module in OpenWRT 18.06 thus it is missing from 4.x. This breaks backward compatibility between releases and the users who used Netfilter might no realiz...The Netfilter functionality is a part of the kernel in 3.11.4, but it is a separate module in OpenWRT 18.06 thus it is missing from 4.x. This breaks backward compatibility between releases and the users who used Netfilter might no realize that their setup is no longer working after the upgrade.
Can you include "kmod-br-netfilter" in 4.x?
This is not a dupe of #38 as that issue can be solved in separate different ways and using netfilter is just one of them. I just wanted to make sure the addition of this module is considered independent from the guest isolation issue.Turris OS 5.1https://gitlab.nic.cz/turris/os/build/-/issues/33Kernel enable CONFIG_ADVISE_SYSCALLS2020-01-08T13:12:07+01:00Jan PavlinecKernel enable CONFIG_ADVISE_SYSCALLSThis could help run docker in lxc container
https://forum.turris.cz/t/docker-on-turris-omnia/242/15
and
https://forum.turris.cz/t/requesting-new-packages-new-versions/4187/32
Enable these kernel configs
* [ ] CONFIG_MEMCG_SWAP_ENABLED...This could help run docker in lxc container
https://forum.turris.cz/t/docker-on-turris-omnia/242/15
and
https://forum.turris.cz/t/requesting-new-packages-new-versions/4187/32
Enable these kernel configs
* [ ] CONFIG_MEMCG_SWAP_ENABLED
* [x] CONFIG_MEMCG_KMEM
* [ ] CONFIG_BLK_DEV_THROTTLING
* [ ] CONFIG_IOSCHED_CFQ
* [ ] CONFIG_CFQ_GROUP_IOSCHED
* [ ] CONFIG_CGROUP_PERF
* [ ] CONFIG_CGROUP_HUGETLB
* [ ] CONFIG_CGROUP_NET_PRIO
* [x] CONFIG_CFS_BANDWIDTH
* [x] CONFIG_FAIR_GROUP_SCHED
* [x] CONFIG_RT_GROUP_SCHEDTurris OS 5.1Jan PavlinecJan Pavlinechttps://gitlab.nic.cz/turris/os/build/-/issues/5[DOC] fix documentation after lists removal2023-08-16T11:05:51+02:00Jan Pavlinec[DOC] fix documentation after lists removal* https://doc.turris.cz/doc/cs/howto/majordomo
* https://doc.turris.cz/doc/cs/howto/webcam
* https://doc.turris.cz/doc/cs/howto/sound
* https://doc.turris.cz/doc/cs/howto/squid* https://doc.turris.cz/doc/cs/howto/majordomo
* https://doc.turris.cz/doc/cs/howto/webcam
* https://doc.turris.cz/doc/cs/howto/sound
* https://doc.turris.cz/doc/cs/howto/squidTurris OS 5.1https://gitlab.nic.cz/turris/os/build/-/issues/186`make package/name/compile` doesn't work after a successful ./compile_pkgs pr...2020-09-30T09:22:54+02:00Damian Nowak`make package/name/compile` doesn't work after a successful ./compile_pkgs prepare_toolsAs per https://gitlab.nic.cz/turris/turris-build#user-content-building-packages, after a successful `./compile_pkgs prepare_tools`, I'm expected to use `make package/name/compile`. This doesn't seem to work.
```
~/projekty/nowaker/turri...As per https://gitlab.nic.cz/turris/turris-build#user-content-building-packages, after a successful `./compile_pkgs prepare_tools`, I'm expected to use `make package/name/compile`. This doesn't seem to work.
```
~/projekty/nowaker/turris-build (git)-[hbk] % make package/https-dns-proxy/compile
make: *** No rule to make target 'package/https-dns-proxy/compile'. Stop.
```Turris OS 5.1.2https://gitlab.nic.cz/turris/os/build/-/issues/190lists: pkglist drivers do not correctly install ct-htt wifi drivers2023-08-16T11:01:13+02:00Marcela Blazkovalists: pkglist drivers do not correctly install ct-htt wifi drivers![19055908](/uploads/e991e4400f675413ea55cc0c65c015ce/19055908.png)
![19055905](/uploads/2228833525bd10ae0fa1404f6bf0143f/19055905.png)![19055908](/uploads/e991e4400f675413ea55cc0c65c015ce/19055908.png)
![19055905](/uploads/2228833525bd10ae0fa1404f6bf0143f/19055905.png)Turris OS 5.1.3https://gitlab.nic.cz/turris/os/build/-/issues/189Root password in medkit is not locked, it should be2023-08-16T11:01:17+02:00Karel KociRoot password in medkit is not locked, it should beFor some reason root password is not locked but it should be to force user to configure it trough Foris.
We should either add package that locks it on first boot or add patch to make it in default locked.For some reason root password is not locked but it should be to force user to configure it trough Foris.
We should either add package that locks it on first boot or add patch to make it in default locked.Turris OS 5.1.3