Turris OS packages issueshttps://gitlab.nic.cz/turris/os/packages/-/issues2022-11-11T18:44:12+01:00https://gitlab.nic.cz/turris/os/packages/-/issues/875foris-controller: Consider dropping the modules "-src" packages2022-11-11T18:44:12+01:00Martin Matějekforis-controller: Consider dropping the modules "-src" packagesWe don't actively use "-src" packages (e.g. `foris-controller-diagnostics-module-src`).
And they also break foris-controller in case there is just "-src" variant of packages installed, because they don't include json schema files. Just ...We don't actively use "-src" packages (e.g. `foris-controller-diagnostics-module-src`).
And they also break foris-controller in case there is just "-src" variant of packages installed, because they don't include json schema files. Just python source code from `sdist`.
---
Reference: https://forum.turris.cz/t/nefunkcni-reforis/16958/19https://gitlab.nic.cz/turris/os/packages/-/issues/847mox-a53-firmware: drop PROVIDES:=u-boot-mox2022-08-12T14:17:26+02:00Michal Vasilekmox-a53-firmware: drop PROVIDES:=u-boot-mox`PROVIDES:=u-boot-mox` is there only for backwards compatibility with packages that used this name, check which packages depend on u-boot-mox, make them refer to mox-a53-firmware directly (not through PROVIDES) and drop the PROVIDES line...`PROVIDES:=u-boot-mox` is there only for backwards compatibility with packages that used this name, check which packages depend on u-boot-mox, make them refer to mox-a53-firmware directly (not through PROVIDES) and drop the PROVIDES line from mox-a53-firmware.https://gitlab.nic.cz/turris/os/packages/-/issues/839ouidb: use full device vendor names2024-03-04T10:13:09+01:00Martin Matějekouidb: use full device vendor namesOur pre processed oui database file use only partial names - first word of the manufacture full name.
Actual notification message:
```
New device appeared on your network (MAC address aa:bb:cc:11:22:33, vendor Hewlett)
```
while ideall...Our pre processed oui database file use only partial names - first word of the manufacture full name.
Actual notification message:
```
New device appeared on your network (MAC address aa:bb:cc:11:22:33, vendor Hewlett)
```
while ideally it should look like:
```
New device appeared on your network (MAC address aa:bb:cc:11:22:33, vendor Hewlett Packard)
```
This could be most likely fixed by adjusting this regex:
https://gitlab.nic.cz/turris/os/packages/-/blob/master/utils/ouidb/Makefile#L33Turris OS 7.1.0https://gitlab.nic.cz/turris/os/packages/-/issues/791Adblock package doesn't update unblock config2021-09-03T16:33:19+02:00Vlastimil ZimaAdblock package doesn't update unblock configTo make adblock work on Turris 1.X I had to append
```
config resolver 'unbound_includes'
list include_path "/var/lib/unbound/adb_list.overall"
```
to the `/etc/config/resolver`.
I suspect that adblock can update `unbound` config, but ...To make adblock work on Turris 1.X I had to append
```
config resolver 'unbound_includes'
list include_path "/var/lib/unbound/adb_list.overall"
```
to the `/etc/config/resolver`.
I suspect that adblock can update `unbound` config, but its overridden by the `resolver-conf` anyway and thus adblock stops working.Turris OS 6.2.0https://gitlab.nic.cz/turris/os/packages/-/issues/745schnapps rollback to factory on Shield print errors2021-11-13T01:06:26+01:00Vojtech Myslivecschnapps rollback to factory on Shield print errorsSample of factory rollback from Shield's console:
```
Current state saved as snapshot number 10
Rolled back to snapshot factory
/etc/schnapps/rollback.d/10_cert-backup.sh: line 2: cert-backup: not found
Everything done, rebooting!
```
E...Sample of factory rollback from Shield's console:
```
Current state saved as snapshot number 10
Rolled back to snapshot factory
/etc/schnapps/rollback.d/10_cert-backup.sh: line 2: cert-backup: not found
Everything done, rebooting!
```
Either `schnapps` should depends on `cert-backup` or `schnapps` should handle its missing quietly/systematically.https://gitlab.nic.cz/turris/os/packages/-/issues/681knot-resolver: refactor kresd.init2020-10-20T15:20:37+02:00Jan Pavlinecknot-resolver: refactor kresd.initkresd.init should folow our requirements for shell scripts.
- fix double-quotes in variables
- fix indentation
- other issues (shellcheck)kresd.init should folow our requirements for shell scripts.
- fix double-quotes in variables
- fix indentation
- other issues (shellcheck)https://gitlab.nic.cz/turris/os/packages/-/issues/671Sentinel-firewall: move configuration from firewall section to sentinel2022-12-28T22:29:56+01:00Karel KociSentinel-firewall: move configuration from firewall section to sentinelAt the moment fw3 complains with following warnings:
```
Warning: Option @zone[1].sentinel_dynfw is unknown
Warning: Option @zone[1].sentinel_minipot is unknown
Warning: Option @zone[1].haas_proxy is unknown
Warning: Option @zone[1].sent...At the moment fw3 complains with following warnings:
```
Warning: Option @zone[1].sentinel_dynfw is unknown
Warning: Option @zone[1].sentinel_minipot is unknown
Warning: Option @zone[1].haas_proxy is unknown
Warning: Option @zone[1].sentinel_fwlogs is unknown
```
These are harmless and used by sentinel-firewall scripts but it can confuse users.
We should rather move it to sentinel config and rather link zone name from there. This requires:
* [ ] modification of code to expect config rather in sentinel configuration over firewall
* [ ] fix package to migrate existing configuration from firewall to sentinel configTurris OS 6.2.0https://gitlab.nic.cz/turris/os/packages/-/issues/670Minipot: allow separate redirect for input and forward2020-09-21T12:09:51+02:00Karel KociMinipot: allow separate redirect for input and forwardIn general deployment it is different if you are redirecting to minipot input or/and forward. We should not automatically redirect both as we do now. We should somehow let users to choose. Right now user has only option and that is to di...In general deployment it is different if you are redirecting to minipot input or/and forward. We should not automatically redirect both as we do now. We should somehow let users to choose. Right now user has only option and that is to disable minipot or to have both input and forward redirected to router itself.https://gitlab.nic.cz/turris/os/packages/-/issues/627Nexcloud database error2022-12-12T15:09:32+01:00leoprosperiNexcloud database errorAfter a brand new installation of Nextcloud 17 on Turris Omnia with v5.0.3, I saw the following warning on /nextcloud/index.php/settings/admin/overview:
> Some columns in the database are missing a conversion to big int. Due to the fact...After a brand new installation of Nextcloud 17 on Turris Omnia with v5.0.3, I saw the following warning on /nextcloud/index.php/settings/admin/overview:
> Some columns in the database are missing a conversion to big int. Due to the fact that changing column types on big tables could take some time they were not changed automatically. By running 'occ db:convert-filecache-bigint' those pending changes could be applied manually. This operation needs to be made while the instance is offline. For further details read the documentation page about this.
> mounts.storage_id
> mounts.root_id
> mounts.mount_id
Running this command cleared the issues:
`sudo -u nobody php-cli /srv/www/nextcloud/occ db:convert-filecache-bigint`Turris OS 6.1.0Michal HruseckyMichal Hruseckyhttps://gitlab.nic.cz/turris/os/packages/-/issues/623follectd package writing constantly lots of lines to syslog because of some e...2020-07-01T09:10:48+02:00Pavel Stanofollectd package writing constantly lots of lines to syslog because of some errorwhen i uninstall it it will install back with foris-controller-collectd-module
sample from logread:
```
Jun 30 13:34:22 turris collectd[7939]: Available write targets:: [none]
Jun 30 13:34:22 turris collectd[7939]: Available wri...when i uninstall it it will install back with foris-controller-collectd-module
sample from logread:
```
Jun 30 13:34:22 turris collectd[7939]: Available write targets:: [none]
Jun 30 13:34:22 turris collectd[7939]: Available write targets:: [none]
Jun 30 13:34:22 turris collectd[7939]: Available write targets:: [none]
Jun 30 13:34:22 turris collectd[7939]: Available write targets:: [none]
Jun 30 13:34:22 turris collectd[7939]: Available write targets:: [none]
Jun 30 13:34:22 turris collectd[7939]: Available write targets:: [none]
Jun 30 13:34:22 turris collectd[7939]: Available write targets:: [none]
Jun 30 13:34:22 turris collectd[7939]: Available write targets:: [none]
Jun 30 13:34:22 turris collectd[7939]: Available write targets:: [none]
Jun 30 13:34:22 turris collectd[7939]: Available write targets:: [none]
Jun 30 13:34:22 turris collectd[7939]: Available write targets:: [none]
Jun 30 13:34:22 turris collectd[7939]: Available write targets:: [none]
Jun 30 13:34:22 turris collectd[7939]: Available write targets:: [none]
Jun 30 13:34:22 turris collectd[7939]: Available write targets:: [none]
Jun 30 13:34:22 turris collectd[7939]: Available write targets:: [none]
Jun 30 13:34:22 turris collectd[7939]: Available write targets:: [none]
Jun 30 13:34:22 turris collectd[7939]: Available write targets:: [none]
Jun 30 13:34:22 turris collectd[7939]: Available write targets:: [none]
Jun 30 13:34:22 turris collectd[7939]: Available write targets:: [none]
Jun 30 13:34:22 turris collectd[7939]: Available write targets:: [none]
Jun 30 13:34:22 turris collectd[7939]: Available write targets:: [none]
Jun 30 13:34:22 turris collectd[7939]: Available write targets:: [none]
Jun 30 13:34:22 turris collectd[7939]: Available write targets:: [none]
Jun 30 13:34:22 turris collectd[7939]: Available write targets:: [none]
Jun 30 13:34:22 turris collectd[7939]: Available write targets:: [none]
Jun 30 13:34:22 turris collectd[7939]: Available write targets:: [none]
Jun 30 13:34:22 turris collectd[7939]: Available write targets:: [none]
Jun 30 13:34:22 turris collectd[7939]: Available write targets:: [none]
Jun 30 13:34:22 turris collectd[7939]: Available write targets:: [none]
Jun 30 13:34:22 turris collectd[7939]: Available write targets:: [none]
Jun 30 13:34:22 turris collectd[7939]: Available write targets:: [none]
Jun 30 13:34:22 turris collectd[7939]: Available write targets:: [none]
Jun 30 13:34:22 turris collectd[7939]: Available write targets:: [none]
Jun 30 13:34:22 turris collectd[7939]: Available write targets:: [none]
Jun 30 13:34:22 turris collectd[7939]: Available write targets:: [none]
Jun 30 13:34:22 turris collectd[7939]: Available write targets:: [none]
Jun 30 13:34:22 turris collectd[7939]: exec plugin: exec_read_one: error = exec plugin: Failed to execute ``/usr/libexec/follectd/neighbours.sh'': Exec format error
Jun 30 13:34:22 turris collectd[7939]: exec plugin: exec_read_one: error = exec plugin: Failed to execute ``/usr/libexec/follectd/neighbours.sh'': Exec format error
```Štěpán HenekŠtěpán Henekhttps://gitlab.nic.cz/turris/os/packages/-/issues/621[meta] DNS testing in reforis2021-07-15T14:10:13+02:00Jan Pavlinec[meta] DNS testing in reforisThis issue is related to our meeting about better DNS diagnostic
[check_connection](https://gitlab.labs.nic.cz/turris/turris-os-packages/-/blob/master/utils/turris-utils/files/check_connection) script should be replaced with python vers...This issue is related to our meeting about better DNS diagnostic
[check_connection](https://gitlab.labs.nic.cz/turris/turris-os-packages/-/blob/master/utils/turris-utils/files/check_connection) script should be replaced with python version which could test other DNS settings (forwarding not working, DNS hijack etc.)
This script can use some functionality from [resolver_rpcd](https://gitlab.labs.nic.cz/turris/turris-os-packages/-/blob/master/net/resolver-conf/files/resolver_rpcd.py) (see https://pypi.org/project/ubus/ and [README.md](https://gitlab.labs.nic.cz/turris/turris-os-packages/-/blob/master/net/resolver-conf/README.md)) and read setting from uci https://gitlab.labs.nic.cz/turris/pyuci [resolver configuration](https://gitlab.labs.nic.cz/turris/turris-os-packages/-/blob/master/net/resolver-conf/files/resolver-omnia-config)
Related issues/MR:
* [x] pytest-xdist MR https://gitlab.nic.cz/turris/turris-os-packages/-/issues/317 / https://github.com/openwrt/packages/pull/13010
* [ ] https://gitlab.nic.cz/turris/turris-os-packages/-/issues/620
* [ ] augeas MR https://github.com/openwrt/packages/pull/12913
* [ ] Deckard MR https://gitlab.nic.cz/turris/turris-os-packages/-/merge_requests/460
cc @pspacek @kkocihttps://gitlab.nic.cz/turris/os/packages/-/issues/27resolver: add support for ipv6 static leases2021-07-29T09:57:19+02:00Jan Pavlinecresolver: add support for ipv6 static leaseshttps://forum.turris.cz/t/kresd-ipv6-hints/3680https://forum.turris.cz/t/kresd-ipv6-hints/3680https://gitlab.nic.cz/turris/os/packages/-/issues/225Test wildcard records in the DNSSEC test2019-07-02T16:52:49+02:00Ghost UserTest wildcard records in the DNSSEC testWhen doing the connectivity test, perform some tests DNSSEC tests against wildcards or similar cornercases that are known to break from time to time.When doing the connectivity test, perform some tests DNSSEC tests against wildcards or similar cornercases that are known to break from time to time.https://gitlab.nic.cz/turris/os/packages/-/issues/20resolver-conf: Please disable open resolver in the config2021-09-08T16:18:48+02:00Ondřej Caletkaresolver-conf: Please disable open resolver in the configIn current setup, the only thing that stops TurrisOS from being an open resolver is the default firewall config. Lot of inexperienced users unintentionally enable incoming udp/53 traffic, making the router act like an open resolver.
The...In current setup, the only thing that stops TurrisOS from being an open resolver is the default firewall config. Lot of inexperienced users unintentionally enable incoming udp/53 traffic, making the router act like an open resolver.
There should be safer default in the config of DNS recursors, that would allow recursive queries only from internal network, regardless of the state of the firewall.