DDNS (HSTS) writes to mmcblk0p1, every 10 minutes


#1

So here I am again, it was quiet for some time but I had a look again at my block stats and something is writing to mmcblk0p1 every 10 minutes

Assuming it is always the same file and knowing how bad eMMC wear-leveling can be, this is not a good thing.

The file to blame is /.wget-hsts which is used to track HSTS for wget… the issuer of the wget calls is dyndns… and api.turris.cz also is included… but I would assume when the ip check on dyndns uses HSTS this file will be touched every 10 minutes…

I created a .wgetrc in / with hsts=0 in it and hope this will prevent wget from using the file every time.

This seems to work for me…


#2

Do you mean „/root/.wget-hsts“? I can‘s see any „/.wget-hsts“

I can‘t reproduce this behavior on 2 TOs, both running DynDNS using external IP check. I see „.wget-hsts“ located in /root/ but it was last modified months ago

EDIT: Though I don‘t monitor writes to eMMC, I only looked at mtime of those files

EDIT2: I use http://checkip.dyndns.com so no ssl involved. Which service do you use to check external IP? My DynDNS provider is NoIP, communication to it is set to HTTPS, I don‘t know if they use HSTS


#3

/.wget-hsts is the issue here…
and yes I can reproduce it with other dyn-DNS servers that use HSTS.


but my workaround has worked so far :slight_smile:


#4

@paja Is anyone from Turris team tracking this?


#5

this issue may affect more people as turris.cz also uses HSTS and API calls will also trigger an update of the file, whenever wget is used to access them.

But it was definitely the issue


have not had a single “unwanted” write to the mmcblk0 since.


#6

Thanks for reporting, I created issue for this https://gitlab.labs.nic.cz/turris/turris-os-packages/issues/341 .