Turris OS 3.11.17 is in RC

Dear Turris users,

We have just released Turris OS 3.11.17 to the RC branch.

In this release you can find mitigations in unbound, knot-resolver, and bind for NXNSAttack. Each resolver has different CVEs and if you want to read more about this issue colleagues from Knot Resolver wrote an article about that. There are security fixes for samba4, krb5 and git.

There were updated a few packages as well. For example nextcloud, btrfs-progs, sentinel-dynfw-client and updater-ng.

Changelog:
• git, samba4, krb5, unbound, knot-resolver, bind: security update
• updater-ng, nextcloud, btrfs-progs, resolver-conf: update
• python3-msgpack, sentinel-dynfw-client: update

If you want to try this release, you need to login to your router using SSH and write this command:

switch-branch RC

In this RC version, you might experience some bugs, if you find them, please let us know about them.

2 Likes

Known bugs:
- Turris 1.x - there are missing php7 packages and it will be solved with the next RC version. Fixed in RC2.

1 Like

Update OK. No problem.

1 Like

Omnia 2GB Ok (OpenVPN server, 3x LXC, SATA card, SSD + HW raid BOX)

2 Likes

TO 2GB, WiFi, simple config, unactive lxc, Ludus…
openwrt_version: 15.05
turris-version: 3.11.17, branch: rc
Update OK, reboot not required, rebooted anyhow.
Foris, LuCI didn’t load even after more than 15 mins,
Ludus loaded immediately (Win10 Pro actual, Chrome/Firefox actual)
SSH OK
On Android (Mi A1, Android 9) Ludus immediately, LuCI after more than 5 mins,
Foris never, SSH OK.

1 Like

Thanks. We are looking into it. We were able to reproduce it in some cases.

1 Like

We are releasing an RC2 version of Turris OS 3.11.17.

We managed to fix the issue, which some of you met that Foris was not loading in particular cases. There is an improvement for IPv6 detection in init script fo Knot Resolver and while at it, we noticed that it was using the path for the old version of Knot Resolver, which is also fixed.

2 Likes

Yes, Foris is back. :+1:

Mistakes with me. Turris 1.0, last RC…

Souhrn

root@turris:~# tail -n 200 /var/log/messages | grep err
2020-06-02 08:24:28 err ATLAS[5579]: And we are done
2020-06-02 08:24:28 err ATLAS[5579]: unknown keyword ‘REG_WAIT_UNTIL’ in CON_INIT_CONF (1)
2020-06-02 08:24:30 err ATLAS[5579]: unknown keyword ‘REG_WAIT_UNTIL’ in CON_INIT_CONF (2)
2020-06-02 08:24:30 err ATLAS[5579]: cat: can’t open ‘known_hosts_controllers’: No such file or directory
2020-06-02 08:24:30 err ATLAS[5579]: condmv: not moving, destination ‘/usr/libexec/atlas-probe-scripts/data/out/v6addr.txt’ exists
2020-06-02 08:24:30 err ATLAS[5579]: condmv: not moving, destination ‘/usr/libexec/atlas-probe-scripts/data/out/simpleping’ exists
2020-06-02 08:25:52 warning ucollect[15932]: epoll_wait on 4 interrupted, retry
2020-06-02 08:27:30 err ATLAS[5579]: enough space free, no need to do anything
2020-06-02 08:27:33 err ATLAS[5579]: And we are done
2020-06-02 08:27:33 err ATLAS[5579]: unknown keyword ‘REG_WAIT_UNTIL’ in CON_INIT_CONF (1)
2020-06-02 08:27:35 err ATLAS[5579]: unknown keyword ‘REG_WAIT_UNTIL’ in CON_INIT_CONF (2)
2020-06-02 08:27:35 err ATLAS[5579]: cat: can’t open ‘known_hosts_controllers’: No such file or directory
2020-06-02 08:27:35 err ATLAS[5579]: condmv: not moving, destination ‘/usr/libexec/atlas-probe-scripts/data/out/v6addr.txt’ exists
2020-06-02 08:27:35 err ATLAS[5579]: condmv: not moving, destination ‘/usr/libexec/atlas-probe-scripts/data/out/simpleping’ exists
2020-06-02 08:28:22 info dnsmasq-dhcp[9312]: DHCPACK(br-lan) 10.0.0.30 b8:27:eb:dc:63:48 RaspberryPi
2020-06-02 08:28:22 info /dhcp_host_domain_ng.py[]: DHCP add new hostname [RaspberryPi,10.0.0.30]
2020-06-02 08:30:35 err ATLAS[5579]: enough space free, no need to do anything
2020-06-02 08:30:38 err ATLAS[5579]: And we are done
2020-06-02 08:30:38 err ATLAS[5579]: unknown keyword ‘REG_WAIT_UNTIL’ in CON_INIT_CONF (1)
2020-06-02 08:30:40 err ATLAS[5579]: unknown keyword ‘REG_WAIT_UNTIL’ in CON_INIT_CONF (2)
2020-06-02 08:30:40 err ATLAS[5579]: cat: can’t open ‘known_hosts_controllers’: No such file or directory
2020-06-02 08:30:40 err ATLAS[5579]: condmv: not moving, destination ‘/usr/libexec/atlas-probe-scripts/data/out/v6addr.txt’ exists
2020-06-02 08:30:40 err ATLAS[5579]: condmv: not moving, destination ‘/usr/libexec/atlas-probe-scripts/data/out/simpleping’ exists
2020-06-02 08:33:40 err ATLAS[5579]: enough space free, no need to do anything
2020-06-02 08:33:43 err ATLAS[5579]: And we are done
2020-06-02 08:33:43 err ATLAS[5579]: unknown keyword ‘REG_WAIT_UNTIL’ in CON_INIT_CONF (1)
2020-06-02 08:33:45 err ATLAS[5579]: unknown keyword ‘REG_WAIT_UNTIL’ in CON_INIT_CONF (2)
2020-06-02 08:33:45 err ATLAS[5579]: cat: can’t open ‘known_hosts_controllers’: No such file or directory
2020-06-02 08:33:45 err ATLAS[5579]: condmv: not moving, destination ‘/usr/libexec/atlas-probe-scripts/data/out/v6addr.txt’ exists
2020-06-02 08:33:45 err ATLAS[5579]: condmv: not moving, destination ‘/usr/libexec/atlas-probe-scripts/data/out/simpleping’ exists
2020-06-02 08:36:45 err ATLAS[5579]: enough space free, no need to do anything
2020-06-02 08:36:48 err ATLAS[5579]: And we are done
2020-06-02 08:36:48 err ATLAS[5579]: unknown keyword ‘REG_WAIT_UNTIL’ in CON_INIT_CONF (1)
2020-06-02 08:36:50 err ATLAS[5579]: unknown keyword ‘REG_WAIT_UNTIL’ in CON_INIT_CONF (2)
2020-06-02 08:36:50 err ATLAS[5579]: cat: can’t open ‘known_hosts_controllers’: No such file or directory
2020-06-02 08:36:50 err ATLAS[5579]: condmv: not moving, destination ‘/usr/libexec/atlas-probe-scripts/data/out/v6addr.txt’ exists
2020-06-02 08:36:50 err ATLAS[5579]: condmv: not moving, destination ‘/usr/libexec/atlas-probe-scripts/data/out/simpleping’ exists
2020-06-02 08:39:14 err python3[7716]: ipset v6.24: Error in line 1: Element cannot be deleted from the set: it’s not added
2020-06-02 08:39:14 err python3[7716]: 2020-06-02 08:39:14,533 - WARNING - Error running ipset command: return code 1.
2020-06-02 08:39:29 err python3[7716]: ipset v6.24: Error in line 1: Element cannot be deleted from the set: it’s not added
2020-06-02 08:39:29 err python3[7716]: 2020-06-02 08:39:29,872 - WARNING - Error running ipset command: return code 1.
2020-06-02 08:39:44 err python3[7716]: ipset v6.24: Error in line 1: Element cannot be deleted from the set: it’s not added
2020-06-02 08:39:44 err python3[7716]: 2020-06-02 08:39:44,811 - WARNING - Error running ipset command: return code 1.
2020-06-02 08:39:50 err ATLAS[5579]: enough space free, no need to do anything
2020-06-02 08:39:54 err ATLAS[5579]: And we are done
2020-06-02 08:39:54 err ATLAS[5579]: unknown keyword ‘REG_WAIT_UNTIL’ in CON_INIT_CONF (1)
2020-06-02 08:39:55 err ATLAS[5579]: unknown keyword ‘REG_WAIT_UNTIL’ in CON_INIT_CONF (2)
2020-06-02 08:39:55 err ATLAS[5579]: cat: can’t open ‘known_hosts_controllers’: No such file or directory
2020-06-02 08:39:56 err ATLAS[5579]: condmv: not moving, destination ‘/usr/libexec/atlas-probe-scripts/data/out/v6addr.txt’ exists
2020-06-02 08:39:56 err ATLAS[5579]: condmv: not moving, destination ‘/usr/libexec/atlas-probe-scripts/data/out/simpleping’ exists
2020-06-02 08:40:01 err python3[7716]: ipset v6.24: Error in line 1: Element cannot be deleted from the set: it’s not added
2020-06-02 08:40:01 err python3[7716]: 2020-06-02 08:40:01,451 - WARNING - Error running ipset command: return code 1.
2020-06-02 08:40:43 err python3[7716]: ipset v6.24: Error in line 1: Element cannot be deleted from the set: it’s not added
2020-06-02 08:40:43 err python3[7716]: 2020-06-02 08:40:43,959 - WARNING - Error running ipset command: return code 1.
2020-06-02 08:42:56 err ATLAS[5579]: enough space free, no need to do anything
2020-06-02 08:42:59 err ATLAS[5579]: And we are done
2020-06-02 08:42:59 err ATLAS[5579]: unknown keyword ‘REG_WAIT_UNTIL’ in CON_INIT_CONF (1)
2020-06-02 08:43:02 err ATLAS[5579]: condmv: not moving, destination ‘/usr/libexec/atlas-probe-scripts/data/out/v6addr.txt’ exists
2020-06-02 08:43:02 err ATLAS[5579]: condmv: not moving, destination ‘/usr/libexec/atlas-probe-scripts/data/out/simpleping’ exists
2020-06-02 08:45:51 warning ucollect[15932]: epoll_wait on 4 interrupted, retry
2020-06-02 08:46:02 err ATLAS[5579]: enough space free, no need to do anything
2020-06-02 08:46:02 err ATLAS[5579]: condmv: not moving, destination ‘/usr/libexec/atlas-probe-scripts/data/out/v6addr.txt’ exists
2020-06-02 08:46:02 err ATLAS[5579]: condmv: not moving, destination ‘/usr/libexec/atlas-probe-scripts/data/out/simpleping’ exists
2020-06-02 08:47:20 err foris-controller[6703]: WARNING:turrishw:unsupported model: TURRIS
2020-06-02 08:47:25 err foris-controller[5858]: Last message ‘WARNING:turrishw:uns’ repeated 1 times, suppressed by syslog-ng on turris
2020-06-02 08:47:25 err foris-controller[6703]: WARNING:turrishw:unsupported model: TURRIS
2020-06-02 08:47:30 err foris-controller[5858]: Last message ‘WARNING:turrishw:uns’ repeated 3 times, suppressed by syslog-ng on turris
2020-06-02 08:49:02 err ATLAS[5579]: enough space free, no need to do anything
2020-06-02 08:49:02 err ATLAS[5579]: condmv: not moving, destination ‘/usr/libexec/atlas-probe-scripts/data/out/v6addr.txt’ exists
2020-06-02 08:49:02 err ATLAS[5579]: condmv: not moving, destination ‘/usr/libexec/atlas-probe-scripts/data/out/simpleping’ exists
2020-06-02 08:52:02 err ATLAS[5579]: enough space free, no need to do anything
2020-06-02 08:52:02 err ATLAS[5579]: condmv: not moving, destination ‘/usr/libexec/atlas-probe-scripts/data/out/v6addr.txt’ exists
2020-06-02 08:52:02 err ATLAS[5579]: condmv: not moving, destination ‘/usr/libexec/atlas-probe-scripts/data/out/simpleping’ exists
2020-06-02 08:55:02 err ATLAS[5579]: enough space free, no need to do anything
2020-06-02 08:55:03 err ATLAS[5579]: condmv: not moving, destination ‘/usr/libexec/atlas-probe-scripts/data/out/v6addr.txt’ exists
2020-06-02 08:55:03 err ATLAS[5579]: condmv: not moving, destination ‘/usr/libexec/atlas-probe-scripts/data/out/simpleping’ exists
2020-06-02 08:58:03 err ATLAS[5579]: enough space free, no need to do anything
2020-06-02 08:58:03 err ATLAS[5579]: condmv: not moving, destination ‘/usr/libexec/atlas-probe-scripts/data/out/v6addr.txt’ exists
2020-06-02 08:58:03 err ATLAS[5579]: condmv: not moving, destination ‘/usr/libexec/atlas-probe-scripts/data/out/simpleping’ exists

I see some ipset errors and warnings related to it:

About RIPE atlas even with these errors which does not look good at the first insights. It is running and it is reported to server, right? Similar issue was reported in Turris OS 5.0 HBT thread (need to respond there), but there is a kind of different as we haven’t touch Atlas for 3 months in Turris OS 3.x. I am not saying that we are not looking into it but update for RIPE which fix most of the issues it is on review:

1 Like

TO 2GB, WiFi, simple config, unactive lxc, Honeypot, Ludus, RIPE Atlas sw probe
Returned to TOS 3.11.16 via schnapps rollback, tried update via Foris (touching Save & update without any change), waiting for update to arrive for some time (maybe I had to wait more) I forced update via switch-branch rc… OK, reboot, and now in RC2 3.11.17 (Kernel version 4.4.199).

Foris & LuCI (all tabs), Ludus OK in Win10 Pro & Android, SSH OK.
Honeypot, Ludus, RIPE Atlas OK, running.

RC2 3.11.17
Omnia 2GB Ok (OpenVPN server, 3x LXC, SATA card, SSD + HW raid BOX) - reboot
Turris 1.0 Ok (OpenVPN client) - reboot

What means that reboot? That it is OK after reboot? It was not OK before reboot?

Sorry, post install manual rebot and testinging routers. All OK .

Released a new RC just now! What’s has been changed in RC3? There is just an updated RIPE Atlas SW Probe (+ add mention in release notes). Nothing else. Nothing more. As feedback isn’t bad, we will release it to everyone very soon once we hear some voices about the update of the RIPE Atlas probe, which should be smooth.

This isn’t normal, I’d say (notice the multitudes of commands).

# cat /etc/config/luci

Summary
config core 'main'
        option mediaurlbase '/luci-static/bootstrap'
        option resourcebase '/luci-static/resources'
        option lang 'en'

config extern 'flash_keep'
        option uci '/etc/config/'
        option dropbear '/etc/dropbear/'
        option openvpn '/etc/openvpn/'
        option passwd '/etc/passwd'
        option opkg '/etc/opkg.conf'
        option firewall '/etc/firewall.user'
        option uploads '/lib/uci/upload/'

config internal 'languages'
        option en 'English'
        option cs 'Čeština (Czech)'

config internal 'sauth'
        option sessionpath '/tmp/luci-sessions'
        option sessiontime '3600'

config internal 'ccache'
        option enable '1'

config internal 'themes'
        option Bootstrap '/luci-static/bootstrap'

config internal 'diag'
        option dns 'openwrt.org'
        option ping 'openwrt.org'
        option route 'openwrt.org'

config command
        option name 'top'
        option command 'top -n1'

config command
        option name 'reboot'
        option command 'reboot'

config command
        option name 'init 6'
        option command 'init 6'

config command
        option name 'ping'
        option param '1'
        option command 'ping -c4 '

config command
        option name 'Start resolver debugging'
        option command '/etc/resolver/resolver-debug.sh start'

config command
        option name 'Stop resolver debugging'
        option command '/etc/resolver/resolver-debug.sh stop'

config command
        option name 'Print debug log'
        option command '/etc/resolver/resolver-debug.sh print-logs'

config command
        option name 'Start resolver debugging'
        option command '/etc/resolver/resolver-debug.sh start'

config command
        option name 'Stop resolver debugging'
        option command '/etc/resolver/resolver-debug.sh stop'

config command
        option name 'Print debug log'
        option command '/etc/resolver/resolver-debug.sh print-logs'

config command
        option name 'Start resolver debugging'
        option command '/etc/resolver/resolver-debug.sh start'

config command
        option name 'Stop resolver debugging'
        option command '/etc/resolver/resolver-debug.sh stop'

config command
        option name 'Print debug log'
        option command '/etc/resolver/resolver-debug.sh print-logs'

config command
        option name 'Start resolver debugging'
        option command '/etc/resolver/resolver-debug.sh start'

config command
        option name 'Stop resolver debugging'
        option command '/etc/resolver/resolver-debug.sh stop'

config command
        option name 'Print debug log'
        option command '/etc/resolver/resolver-debug.sh print-logs'

Otherwise before the update, Foris was dead, Luci super-slow. After the update both are okay.

But I wonder how they did get wrong before, because I have update approvals enabled and there was no approval request in the last 30 days. I am on hbs branch rc. And I’m pretty sure I used either Foris or Luci last month and they worked. Is there some part of the OS (except the dynamic firewall) that circuments the updater and gets updated “silently”? I did a schnapps diff with a snapshot from 3 weeks ago, and there were changed system files (note that this is before the manually triggered update from tonight):

Summary
diff -Nru @117/etc/config/netmetr @141/etc/config/netmetr
diff -Nru @117/etc/init.d/kresd @141/etc/init.d/kresd
diff -Nru @117/etc/init.d/resolver @141/etc/init.d/resolver
diff -Nru @117/etc/init.d/sentinel-dynfw-client @141/etc/init.d/sentinel-dynfw-client
diff -Nru @117/etc/rc.d/K10sentinel-dynfw-client @141/etc/rc.d/K10sentinel-dynfw-client
diff -Nru @117/etc/rc.d/S60resolver @141/etc/rc.d/S60resolver
diff -Nru @117/etc/rc.d/S90sentinel-dynfw-client @141/etc/rc.d/S90sentinel-dynfw-client
diff -Nru @117/etc/resolver/dhcp_host_domain_ng.py @141/etc/resolver/dhcp_host_domain_ng.py
diff -Nru @117/etc/resolver/dns_servers/99_google.conf @141/etc/resolver/dns_servers/99_google.conf
diff -Nru @117/etc/root.keys @141/etc/root.keys
diff -Nru @117/etc/ssl/ca/openvpn/ca.crl @141/etc/ssl/ca/openvpn/ca.crl
diff -Nru @117/etc/ssl/ca/openvpn/crlnumber @141/etc/ssl/ca/openvpn/crlnumber
diff -Nru @117/etc/ssl/ca/openvpn/crlnumber.old @141/etc/ssl/ca/openvpn/crlnumber.old
diff -Nru @117/etc/ssl/ca/remote/ca.crl @141/etc/ssl/ca/remote/ca.crl
diff -Nru @117/etc/ssl/ca/remote/crlnumber @141/etc/ssl/ca/remote/crlnumber
diff -Nru @117/etc/ssl/ca/remote/crlnumber.old @141/etc/ssl/ca/remote/crlnumber.old
diff -Nru @117/etc/turris-version @141/etc/turris-version
diff -Nru @117/root/.bash_history @141/root/.bash_history
diff -Nru @117/root/.cache/pip/selfcheck.json @141/root/.cache/pip/selfcheck.json
diff -Nru @117/root/.config/htop/htoprc @141/root/.config/htop/htoprc
diff -Nru @117/root/.viminfo @141/root/.viminfo
diff -Nru @117/root/.wget-hsts @141/root/.wget-hsts
diff -Nru @117/root/backed-up/pip-freeze @141/root/backed-up/pip-freeze
diff -Nru @117/root/backed-up/pip3-freeze @141/root/backed-up/pip3-freeze
diff -Nru @117/run/blkid/blkid.tab @141/run/blkid/blkid.tab
diff -Nru @117/run/blkid/blkid.tab.old @141/run/blkid/blkid.tab.old
diff -Nru @117/usr/bin/sentinel-dynfw-client @141/usr/bin/sentinel-dynfw-client
diff -Nru @117/usr/lib/config.lua @141/usr/lib/config.lua
diff -Nru @117/usr/lib/distro-preconfig.lua @141/usr/lib/distro-preconfig.lua
diff -Nru @117/usr/lib/kluautil.lua @141/usr/lib/kluautil.lua
diff -Nru @117/usr/lib/kres-gen.lua @141/usr/lib/kres-gen.lua
diff -Nru @117/usr/lib/kres.lua @141/usr/lib/kres.lua
diff -Nru @117/usr/lib/kres_modules/daf/daf.js @141/usr/lib/kres_modules/daf/daf.js
diff -Nru @117/usr/lib/kres_modules/daf.lua @141/usr/lib/kres_modules/daf.lua
diff -Nru @117/usr/lib/kres_modules/detect_time_jump.lua @141/usr/lib/kres_modules/detect_time_jump.lua
diff -Nru @117/usr/lib/kres_modules/detect_time_skew.lua @141/usr/lib/kres_modules/detect_time_skew.lua
diff -Nru @117/usr/lib/kres_modules/dns64.lua @141/usr/lib/kres_modules/dns64.lua
diff -Nru @117/usr/lib/kres_modules/etcd.lua @141/usr/lib/kres_modules/etcd.lua
diff -Nru @117/usr/lib/kres_modules/experimental_dot_auth.lua @141/usr/lib/kres_modules/experimental_dot_auth.lua
diff -Nru @117/usr/lib/kres_modules/graphite.lua @141/usr/lib/kres_modules/graphite.lua
diff -Nru @117/usr/lib/kres_modules/http/LICENSE @141/usr/lib/kres_modules/http/LICENSE
diff -Nru @117/usr/lib/kres_modules/http/bootstrap-theme.min.css @141/usr/lib/kres_modules/http/bootstrap-theme.min.css
diff -Nru @117/usr/lib/kres_modules/http/bootstrap.min.css @141/usr/lib/kres_modules/http/bootstrap.min.css
diff -Nru @117/usr/lib/kres_modules/http/bootstrap.min.js @141/usr/lib/kres_modules/http/bootstrap.min.js
diff -Nru @117/usr/lib/kres_modules/http/d3.js @141/usr/lib/kres_modules/http/d3.js
diff -Nru @117/usr/lib/kres_modules/http/datamaps.world.min.js @141/usr/lib/kres_modules/http/datamaps.world.min.js
diff -Nru @117/usr/lib/kres_modules/http/dygraph.min.js @141/usr/lib/kres_modules/http/dygraph.min.js
diff -Nru @117/usr/lib/kres_modules/http/epoch.css @141/usr/lib/kres_modules/http/epoch.css
diff -Nru @117/usr/lib/kres_modules/http/epoch.js @141/usr/lib/kres_modules/http/epoch.js
diff -Nru @117/usr/lib/kres_modules/http/jquery.js @141/usr/lib/kres_modules/http/jquery.js
diff -Nru @117/usr/lib/kres_modules/http/kresd.css @141/usr/lib/kres_modules/http/kresd.css
diff -Nru @117/usr/lib/kres_modules/http/kresd.js @141/usr/lib/kres_modules/http/kresd.js
diff -Nru @117/usr/lib/kres_modules/http/main.tpl @141/usr/lib/kres_modules/http/main.tpl
diff -Nru @117/usr/lib/kres_modules/http/selectize.bootstrap3.css @141/usr/lib/kres_modules/http/selectize.bootstrap3.css
diff -Nru @117/usr/lib/kres_modules/http/selectize.bootstrap3.min.css @141/usr/lib/kres_modules/http/selectize.bootstrap3.min.css
diff -Nru @117/usr/lib/kres_modules/http/selectize.min.css @141/usr/lib/kres_modules/http/selectize.min.css
diff -Nru @117/usr/lib/kres_modules/http/selectize.min.js @141/usr/lib/kres_modules/http/selectize.min.js
diff -Nru @117/usr/lib/kres_modules/http/topojson.js @141/usr/lib/kres_modules/http/topojson.js
diff -Nru @117/usr/lib/kres_modules/http.lua @141/usr/lib/kres_modules/http.lua
diff -Nru @117/usr/lib/kres_modules/http_doh.lua @141/usr/lib/kres_modules/http_doh.lua
diff -Nru @117/usr/lib/kres_modules/http_tls_cert.lua @141/usr/lib/kres_modules/http_tls_cert.lua
diff -Nru @117/usr/lib/kres_modules/http_trace.lua @141/usr/lib/kres_modules/http_trace.lua
diff -Nru @117/usr/lib/kres_modules/policy.lua @141/usr/lib/kres_modules/policy.lua
diff -Nru @117/usr/lib/kres_modules/predict.lua @141/usr/lib/kres_modules/predict.lua
diff -Nru @117/usr/lib/kres_modules/prefill.lua @141/usr/lib/kres_modules/prefill.lua
diff -Nru @117/usr/lib/kres_modules/priming.lua @141/usr/lib/kres_modules/priming.lua
diff -Nru @117/usr/lib/kres_modules/prometheus.lua @141/usr/lib/kres_modules/prometheus.lua
diff -Nru @117/usr/lib/kres_modules/rebinding.lua @141/usr/lib/kres_modules/rebinding.lua
diff -Nru @117/usr/lib/kres_modules/renumber.lua @141/usr/lib/kres_modules/renumber.lua
diff -Nru @117/usr/lib/kres_modules/serve_stale.lua @141/usr/lib/kres_modules/serve_stale.lua
diff -Nru @117/usr/lib/kres_modules/ta_sentinel.lua @141/usr/lib/kres_modules/ta_sentinel.lua
diff -Nru @117/usr/lib/kres_modules/ta_signal_query.lua @141/usr/lib/kres_modules/ta_signal_query.lua
diff -Nru @117/usr/lib/kres_modules/ta_update.lua @141/usr/lib/kres_modules/ta_update.lua
diff -Nru @117/usr/lib/kres_modules/view.lua @141/usr/lib/kres_modules/view.lua
diff -Nru @117/usr/lib/kres_modules/watchdog.lua @141/usr/lib/kres_modules/watchdog.lua
diff -Nru @117/usr/lib/kres_modules/workarounds.lua @141/usr/lib/kres_modules/workarounds.lua
diff -Nru @117/usr/lib/opkg/status @141/usr/lib/opkg/status
diff -Nru @117/usr/lib/pkgconfig/libkres.pc @141/usr/lib/pkgconfig/libkres.pc
diff -Nru @117/usr/lib/postconfig.lua @141/usr/lib/postconfig.lua
diff -Nru @117/usr/lib/python3.6/site-packages/msgpack/__init__.py @141/usr/lib/python3.6/site-packages/msgpack/__init__.py
diff -Nru @117/usr/lib/python3.6/site-packages/msgpack/_version.py @141/usr/lib/python3.6/site-packages/msgpack/_version.py
diff -Nru @117/usr/lib/python3.6/site-packages/msgpack/exceptions.py @141/usr/lib/python3.6/site-packages/msgpack/exceptions.py
diff -Nru @117/usr/lib/python3.6/site-packages/msgpack/ext.py @141/usr/lib/python3.6/site-packages/msgpack/ext.py
diff -Nru @117/usr/lib/python3.6/site-packages/msgpack/fallback.py @141/usr/lib/python3.6/site-packages/msgpack/fallback.py
diff -Nru @117/usr/lib/python3.6/site-packages/msgpack-0.5.6-py3.6.egg-info/PKG-INFO @141/usr/lib/python3.6/site-packages/msgpack-0.5.6-py3.6.egg-info/PKG-INFO
diff -Nru @117/usr/lib/python3.6/site-packages/msgpack-0.5.6-py3.6.egg-info/SOURCES.txt @141/usr/lib/python3.6/site-packages/msgpack-0.5.6-py3.6.egg-info/SOURCES.txt
diff -Nru @117/usr/lib/python3.6/site-packages/msgpack-0.5.6-py3.6.egg-info/dependency_links.txt @141/usr/lib/python3.6/site-packages/msgpack-0.5.6-py3.6.egg-info/dependency_links.txt
diff -Nru @117/usr/lib/python3.6/site-packages/msgpack-0.5.6-py3.6.egg-info/top_level.txt @141/usr/lib/python3.6/site-packages/msgpack-0.5.6-py3.6.egg-info/top_level.txt
diff -Nru @117/usr/lib/python3.6/site-packages/msgpack-1.0.0-py3.6.egg-info/PKG-INFO @141/usr/lib/python3.6/site-packages/msgpack-1.0.0-py3.6.egg-info/PKG-INFO
diff -Nru @117/usr/lib/python3.6/site-packages/msgpack-1.0.0-py3.6.egg-info/SOURCES.txt @141/usr/lib/python3.6/site-packages/msgpack-1.0.0-py3.6.egg-info/SOURCES.txt
diff -Nru @117/usr/lib/python3.6/site-packages/msgpack-1.0.0-py3.6.egg-info/dependency_links.txt @141/usr/lib/python3.6/site-packages/msgpack-1.0.0-py3.6.egg-info/dependency_links.txt
diff -Nru @117/usr/lib/python3.6/site-packages/msgpack-1.0.0-py3.6.egg-info/top_level.txt @141/usr/lib/python3.6/site-packages/msgpack-1.0.0-py3.6.egg-info/top_level.txt
diff -Nru @117/usr/lib/python3.6/site-packages/svupdater/autorun.py @141/usr/lib/python3.6/site-packages/svupdater/autorun.py
diff -Nru @117/usr/lib/python3.6/site-packages/svupdater/branch.py @141/usr/lib/python3.6/site-packages/svupdater/branch.py
diff -Nru @117/usr/lib/python3.6/site-packages/svupdater-0.1-py3.6.egg-info/SOURCES.txt @141/usr/lib/python3.6/site-packages/svupdater-0.1-py3.6.egg-info/SOURCES.txt
diff -Nru @117/usr/lib/sandbox.lua @141/usr/lib/sandbox.lua
diff -Nru @117/usr/lib/trust_anchors.lua @141/usr/lib/trust_anchors.lua
diff -Nru @117/usr/lib/upgrade-4-to-5.lua @141/usr/lib/upgrade-4-to-5.lua
diff -Nru @117/usr/lib/zonefile.lua @141/usr/lib/zonefile.lua
diff -Nru @117/usr/libexec/rpcd/resolver_rpcd.py @141/usr/libexec/rpcd/resolver_rpcd.py
diff -Nru @117/usr/share/server-uplink/registration_code @141/usr/share/server-uplink/registration_code
diff -Nru @117/usr/share/updater/approvals @141/usr/share/updater/approvals
diff -Nru @117/usr/share/updater/need_approval @141/usr/share/updater/need_approval

The only thing I can think of is that I’d issue a manual pkgupdate before both update checks for RC1 AND RC2 occured and after they were released. It is possible I ran some manual pkgupdates, but it’d be a great coincidence to hit twice the RC release time window before my updater triggered an update approval request.

I haven’t problem with /etc/config/luci
Turris 1.0, last RC3, update OK…

Souhrn

root@turris:~# cat /etc/config/luci

config core 'main'
        option mediaurlbase '/luci-static/bootstrap'
        option resourcebase '/luci-static/resources'
        option lang 'cs'

config extern 'flash_keep'
        option uci '/etc/config/'
        option dropbear '/etc/dropbear/'
        option openvpn '/etc/openvpn/'
        option passwd '/etc/passwd'
        option opkg '/etc/opkg.conf'
        option firewall '/etc/firewall.user'
        option uploads '/lib/uci/upload/'

config internal 'languages'
        option en 'English'
        option cs 'Čeština (Czech)'

config internal 'sauth'
        option sessionpath '/tmp/luci-sessions'
        option sessiontime '3600'

config internal 'ccache'
        option enable '1'

config internal 'themes'
        option Bootstrap '/luci-static/bootstrap'

config internal 'diag'
        option dns 'openwrt.org'
        option ping 'openwrt.org'
        option route 'openwrt.org'

config command
        option param '1'
        option public '1'
        option name 'cat /var/log/messages |grep warning'
        option command 'cat /var/log/messages |grep warning'

SW ATLAS running…

root@turris:~# opkg list-installed atlas*
atlas-probe - 2.2.0-1
atlas-sw-probe - 5020-1
root@turris:~# ps | grep atlas*
 5579 root      1384 S    /bin/sh /usr/libexec/atlas-probe-scripts/bin/ATLAS
 5663 root      4432 S    /usr/libexec/atlas-probe/bin/perd -c /usr/libexec/atlas-probe-scripts/crons/main -A 9801 -P /usr/libexec/atlas-probe-scripts/run/perd-main.pid
 5665 root      4436 S    /usr/libexec/atlas-probe/bin/eperd -c /usr/libexec/atlas-probe-scripts/crons/7 -A 9807 -P /usr/libexec/atlas-probe-scripts/run/perd-7.pid.vol
 5666 root      1380 S    /bin/sh /usr/libexec/atlas-probe-scripts/bin/ATLAS
 5668 root      4428 S    /usr/libexec/atlas-probe/bin/eooqd /usr/libexec/atlas-probe-scripts/crons/oneoff -A 9809 -P /usr/libexec/atlas-probe-scripts/run/eooqd.pid.vol
19620 root      3484 S    /usr/bin/ssh -o ServerAliveInterval 60 -o StrictHostKeyChecking yes -o UserKnownHostsFile /usr/libexec/atlas-probe-scripts/.ssh/known_hosts -R
31488 root      1352 S    grep atlas*

Its running, but what status shows you the probe on Ripe Atlas website? Is it online?

Yes, everything looks fine…

Opera3

I see. It means that in Custom commands you have multiple buttons, which do the same. It is related if you have a resolver-debug package installed. But this is not a blocker for this release. We will improve it in future releases.