Foris: 503 - Service Not Available

Hi,
At https://192.168.1.1/foris/config/ I am getting

503 - Service Not Available

I can connect by ssh to the terminal.

Here are few lines from https://192.168.1.1/cgi-bin/luci/admin/status/overview
Model: Turris Omnia
Firmware Version: OpenWrt omnia 15.05 r47055 / LuCI 96366054565006474c39e02dca00c9d45dcb9e15 branch (git-18.328.59464-9636605)
Kernel Version: 4.4.169-7bc33afbb1b35f5830b2b1b42c9cd8a0-2

Any idea what I should do?
Thanks,
Josef

Which version of Turris OS you have?

https://forum.test.turris.cz/t/openwrt-vulnerability-in-opkg-cve-2020-7982/12538?u=viktor

How to find it? I see:
root@turris:/# uname -a
Linux turris 4.4.169-7bc33afbb1b35f5830b2b1b42c9cd8a0-2 #1 SMP Mon Jan 14 15:04:33 CET 2019 armv7l GNU/Linux

cat /etc/turris-version

Ok, here is output:
3.11.2

You have more then year old version of TOS.

Try run

updater.sh

from command line.

updater.sh is obsoleted. Please use pkgupdate directly instead.

/# pkgupdate
WARN:Couldn’t read the status file: [string “backend”]:1195: [string “backend”]:1186: Failed to lock the lock file /var/lock/opkg.lock: Resource temporarily unavailable

Run command as root and wait.

root@turris:/# pkgupdate
WARN:Couldn’t read the status file: [string “backend”]:1195: [string “backend”]:1186: Failed to lock the lock file /var/lock/opkg.lock: Resource temporarily unavailable
line not found
line not found
line not found
ERROR:
unreachable: https://repo.turris.cz/omnia/lists/base.lua: Operation timed out after 30000 milliseconds with 0 out of 0 bytes received
line not found
line not found
line not found
ERROR:
unreachable: https://repo.turris.cz/omnia/lists/base.lua: Operation timed out after 30000 milliseconds with 0 out of 0 bytes received

I can reach URL without colon “:” from my desktop browser https://repo.turris.cz/omnia/lists/base.lua

File with script is available.

OK, thanks. How is available? Could you send it by email?

I am thinking how it could happen, that my Turris Omnia is not up to date, but there is still old Turris OS version 3.11.2. This router was long time (many months) switched off, so for long time OS was not updated. In the meantime updater.sh become probably unable to do it’s job - to update, and here we are. Of course, it’s just my guess. I can not believe coincidence with CVE-2020–7982. Oh, well…

@viktor Any idea how to upgrade to the latest version? Thx.

Did you run updater.sh or pkgupdate commands as root?

Yes, I ran updater.sh as well as pkgupdate already, see above @viktor
Could you point me to the source code of the pkgupdate, please?

Just my 5 cents: Can you check whether the date and time are set correctly on the router?

I had similar issue in the past. The date and time was out of sync due to empty onboard battery. This caused issues with the certificates and the router was unable to retrieve new updates.

I’d also try nslookup turris.cz or something. I don’t remember when new root DNSSEC keys were included in Turris OS.

This is a good point but the following report shows among other things on the lack of permissions.