Turris OS 4.0 alpha5 is released!

release

#1

Dear Turris users,

We released a new alpha version of Turris OS 4.0. We appreciate any feedback for this release for Turris Omnia and Turris MOX. There a few known issues, which can be found in my second post below. We don’t advice users/owners of Turris 1.0 and Turris 1.1 to test it due to kernel issues.

Changelog

Our changes prepared by @cynerd:

  • Fixed Foris updater tab crash on new installation
  • Fixed crash when Pakon was invoked with empty database
  • libssl2 CVE fixes
  • Mozilla IOT gateway updated to 0.6.0
  • added uboot mkimage package
  • Nextcloud updated to 15.0.5
  • fixed some issues with peridot and sfp

When you’re using Turris OS 4.0, you should be updated to this version within a few hours automatically.

If there is someone who would like to give it try on Turris Omnia:
You may want to plug USB flash drive to your router and create snapshot before you start, so you can rollback anytime and/or restore your configuration very easily.

You need to proceed these two commands in CLI:

$ schnapps create pre-4.0 backup
$ schnapps export 169/mnt/backup

Assume snapshot number 169 was created and your USB flash is mounted on /mnt/backup

Then you can take another USB flash drive and put there rootfs, which you can download here and by using 4 LED (re-flash) method described in our documentation you can flash it to your router and start testing Turris OS 4.0.

We hope that you will enjoy it!
Turris Team


Turris MOX - zkušenosti
#2

Known issues:

Turris MOX specific

  • Mail notifications trough Turris servers are not supported yet, you have to use your own server for now.

Turris Omnia specific

  • Second CPU ethernet port to switch chip is disabled, only one of two ethernet ports between CPU and switch is in use.

Turris 1.x specific

  • Currently not working because of kernel issues. Please do not test this release on Turris 1.x

New notification mail server
#3

Works as advertised, since I could not resist, I ssh’d into the router and used pkgupdate -e DBG to initiate the update, which worked like charm, after the update the updater tab in foris works again. Thanks for the quick fix! You, if I might say so, rock.


#4

Just installed manually using the recovery mode and restored my configuration in Foris UI.
All is working smooth and the updater has been fixed.


#5

Installed yesterday, sfp is working again.
Great job!

MOX module A and D


#6

I can’t turn off automatic updates in Foris.
The “Package” will not start to install in Foris. Installation is performed only after pkgupdate is manually run in ssh/console.


#7
  • missing from the release notes is that SFP for the TO still requires manual intervention by changing the soft-link dtb
  • SFP module appears to be unstable. Mostly it is not working
sfp log entries

libphy: SFP I2C Bus: probed
sfp sfp: module ALLNET ALL4781 rev V3.4 sn 0000000FC9157640 dc 29-03-18
sfp sfp: unknown connector, encoding 8b10b, nominal bitrate 1.3Gbps +0% -0%
sfp sfp: 1000BaseSX+ 1000BaseLX- 1000BaseCX- 1000BaseT- 100BaseTLX- 1000BaseFX- BaseBX10- BasePX-
sfp sfp: 10GBaseSR- 10GBaseLR- 10GBaseLRM- 10GBaseER-
sfp sfp: Wavelength 0nm, fiber lengths:
sfp sfp: 9µm SM : unsupported
sfp sfp: 62.5µm MM OM1: unsupported/unspecified
sfp sfp: 50µm MM OM2: unsupported/unspecified
sfp sfp: 50µm MM OM3: unsupported/unspecified
sfp sfp: 50µm MM OM4: 2.540km
sfp sfp: Options: retimer
sfp sfp: Diagnostics:
sfp sfp: module transmit fault indicated
sfp sfp: module transmit fault recovered
sfp sfp: module transmit fault indicated
sfp sfp: module persistently indicates fault, disabling

  • only way to get SFP working via LuCI switch physical port association from eth2 to eth1 and back to eth2. After reboot SFP is not working
  • with SFP in working mode the bandwidth throughput is less in range of ~ 10% compared to TOS 3.11.3

  • Foris setup is crashing upon saving time settings (could be due to lack of internet connectivity?)
Foris crash message
remote Exception: Internal error ['uci', '-c', '/etc/config/', '-P', '/tmp/.uci-foris-controller', 'set', 'system.ntp.enabled=1']: command failed (b'uci: Invalid argument\n')('<class 'foris_controller.exceptions.UciException'>')
Remote request

{"module": "time", "action": "update_settings", "kind": "request", "data": {"city": "Berlin", "country": "DE", "region": "Europe", "timezone": "CET-1CEST,M3.5.0,M10.5.0/3", "time_settings": {"how_to_set_time": "ntp"}}}

Stack trace

Traceback (most recent call last):
  File "/usr/lib/python3.6/site-packages/foris_controller/message_router.py", line 117, in process_message
    data = module_instance.perform_action(message["action"], message.get("data", {}))
  File "/usr/lib/python3.6/site-packages/foris_controller/module_base.py", line 59, in perform_action
    res = action_function(data)
  File "/usr/lib/python3.6/site-packages/foris_controller_modules/time/__init__.py", line 59, in action_update_settings
    time,
  File "/usr/lib/python3.6/site-packages/foris_controller/utils.py", line 112, in inner
    res = func(*args, **kwargs)
  File "/usr/lib/python3.6/site-packages/foris_controller_modules/time/handlers/openwrt.py", line 67, in update_settings
    return self.uci.update_settings(region, country, city, timezone, how_to_set_time, time)
  File "/usr/lib/python3.6/site-packages/foris_controller_backends/time/__init__.py", line 102, in update_settings
    backend.set_option("system", "ntp", "enabled", store_bool(how_to_set_time == "ntp"))
  File "/usr/lib/python3.6/site-packages/foris_controller_backends/uci/__init__.py", line 200, in set_option
    self._run_uci_command("set", "%s.%s.%s=%s" % (config, section_name, option_name, value))
  File "/usr/lib/python3.6/site-packages/foris_controller_backends/uci/__init__.py", line 173, in _run_uci_command
    raise UciException(cmdline_args, stderr)
foris_controller.exceptions.UciException: ['uci', '-c', '/etc/config/', '-P', '/tmp/.uci-foris-controller', 'set', 'system.ntp.enabled=1']: command failed (b'uci: Invalid argument\n')

Environment

{'CONTENT_LENGTH': '126',
 'CONTENT_TYPE': 'application/x-www-form-urlencoded',
 'DOCUMENT_ROOT': '/www',
 'GATEWAY_INTERFACE': 'CGI/1.1',
 'HTTP_ACCEPT': 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8',
 'HTTP_ACCEPT_ENCODING': 'gzip, deflate',
 'HTTP_ACCEPT_LANGUAGE': '*',
 'HTTP_CONNECTION': 'keep-alive',
 'HTTP_CONTENT_LENGTH': '126',
 'HTTP_COOKIE': 'foris.session=9a652073e61fdd117e36ea729e2f29f1; '
                'foris.ws.session=a70582cb26f85e16f060daec3d05f43f',
 'HTTP_DNT': '1',
 'HTTP_HOST': '192.168.1.1',
 'HTTP_REFERER': 'http://192.168.1.1',
 'HTTP_UPGRADE_INSECURE_REQUESTS': '1',
 'HTTP_USER_AGENT': 'Mozilla/5.0 (X11; Linux x86_64; rv:66.0) Gecko/20100101 '
                    'Firefox/66.0',
 'PATH_INFO': '/main/time/',
 'PATH_TRANSLATED': '/www/main/time/',
 'QUERY_STRING': '',
 'REDIRECT_STATUS': '200',
 'REMOTE_ADDR': '192.168.1.224',
 'REMOTE_PORT': '7180',
 'REQUEST_METHOD': 'POST',
 'REQUEST_SCHEME': 'http',
 'REQUEST_URI': '/foris/config/main/time/',
 'SCRIPT_FILENAME': '/www/foris/config',
 'SCRIPT_NAME': '/foris/config',
 'SERVER_ADDR': '192.168.1.1',
 'SERVER_NAME': '192.168.1.1',
 'SERVER_PORT': '80',
 'SERVER_PROTOCOL': 'HTTP/1.1',
 'SERVER_SOFTWARE': 'lighttpd/1.4.50',
 'bottle.app': <bottle.Bottle object at 0x1a17e60>,
 'bottle.raw_path': '/time/',
 'bottle.request': <LocalRequest: POST http://192.168.1.1/foris/config/main/time/>,
 'bottle.request.body': <_io.BytesIO object at 0x1b9d350>,
 'bottle.request.headers': <bottle.WSGIHeaderDict object at 0x1bbf070>,
 'bottle.request.post': {'country': 'DE',
                         'csrf_token': 'xT33wMm5hU0FPUlvXmAL2xMg2GpLED0a',
                         'region': 'Europe',
                         'send': '',
                         'zonename': 'Europe/Berlin'},
 'bottle.request.urlparts': SplitResult(scheme='http', netloc='192.168.1.1', path='/foris/config/main/time/', query='', fragment=''),
 'bottle.route': <POST '/<page_name:re:.+>/' <function config_page_post at 0x1a079a0>>,
 'foris.backend': MqttSender('localhost:11883'),
 'foris.language': 'en',
 'foris.session': <foris.middleware.sessions.SessionForisProxy object at 0x1bb90f0>,
 'foris.session.data': {'_messages': [],
                        'csrf_token': 'xT33wMm5hU0FPUlvXmAL2xMg2GpLED0a',
                        'user_authenticated': True},
 'foris.session.id': '9a652073e61fdd117e36ea729e2f29f1',
 'foris.version': '99.7.5',
 'route.handle': <POST '/<page_name:re:.+>/' <function config_page_post at 0x1a079a0>>,
 'route.url_args': {'page_name': 'time'},
 'wsgi.errors': <flup.server.fcgi_base.OutputStream object at 0x1bb3a80>,
 'wsgi.input': <_io.BytesIO object at 0x1b9d350>,
 'wsgi.multiprocess': False,
 'wsgi.multithread': True,
 'wsgi.run_once': False,
 'wsgi.url_scheme': 'http',
 'wsgi.version': (1, 0)}

#8

I can confirm this, selected “Internet connection speed measurement” in foris updater, and nothing happened for a full day, at which point I took the ssh pkgupdate route, successfully.


#9

Hi,

I updated my black omnia from OS 3.x to 4.0 alpha5 and noticed some problems. I connected the omnia to the LAN side of my fritz box.

what I did:

I used the wizard in the simple GUI initially. I selected “configure as a router” in one of the first screens where I could choose between Router/NAS and other options.

I always proceeded to “next step” until I got to the time/ntp screen where I could configure the timezone, which died with a python stack trace.

I stopped using the wizard here. After that I found the following problems:

  • no internet access from LAN
  • no DNS
  • time running on UTC
  • no password on luci interface

I was able to repair some of this by the following steps:

  • add gateway address to LAN interface
  • DNS: switch of forwarding in simple GUI, using now root servers. Using CZ.nic did not work either.

I was not able to correct the time.

I managed to set a luci password, but I cannot reproduce the steps anymore. It was lots of clicking. The luci interface initially gave me always an error message when I tried to set the password.

Afterwards I found that in the firewall screen of luci were some rules active which gave me the impression that anyone from WAN could access the router http, https and ssh ports. In combination with my problems configuring a luci password this does not look ok to me.


#10

There is a bug in Foris (version 99.7.5) in the “Updater” tag.

I check “Turn automatic update off”, then confirm warning box and press the “Save” button.

My choice isn’t save and everything looks the same as before (automatic updates are enabled).

And don’t work button “Save” on this page … button only save status of the choice, bu doesn’t invoke the updater run (this action have to be done via cmd “pkgupdate”)


#11

Thank you for reporting problem with updater. It turns out that problem was in typo in routine checking if updater is enabled. This means that even if you enabled updater it was reported as disabled and to Foris as not configured. That means that you have to update manually to next 4.0 release with pkgupdate and then it should be all right.

(issue for completeness: https://gitlab.labs.nic.cz/turris/updater/supervisor/issues/7)


#12

Is current andoid app supposed to work with Remote Access? I’ve generated the token, but get "Invalid QR code!"


#13

2.4GHz is Running less stable as on Alpha-4. My iPhone XS Max is losing the Internet Connection on 2.4GHz after a while of connection. The WiFi itself stays connected but there is no possibility to reach any internal network address or Internet address. It is just loading without progress.
I had the problem also on the official 3.11.3 Version.

It seems to be that this is a general problem of openwrt and iOS devices on MAC80211 WiFi cards.
On Alpha 4 I never recognized this behavior. Did you changed something in WiFi between alpha-4 and alpha-5? Does anyone have the same problem?


#14

HAAS is choice in Foris Updater list, but doesn’t work.


#15

There is a foris bug in alpha-5. You need to install and update with luci or on terminal.


#16

I installed it by pkgupdate command on terminal … but HAAS doesn’t work anyway.

And the same problem is in Alpha6(HBK) version of TurrisOS 4.0 too …


#17

Ok, today I’ve tried 4.0 alpha (today’s current) on mSata, but I’m back on 3.11.3.
Installation was smooth, new version started without problems, but timezone setup in initial setup (and timezone tab in Foris) is not working for Europe/Warsaw (I don’t have stacktrace, if it is saved somewhere, I have access to that system).
Another problems were:

  • time limited by children, so I gave up pretty early:)
  • php-mysqlnd requires libmysql, wchich was not installed with that package (did not checked why, see previous point)
  • I was not able to start LXC Debian container because of netowork device error and legacy configuration
  • didn’t investigate too much, but packages lists in updater are very short

I think I’ll give it next try in some free time, but first problem is LXC configuration migration. Does someone have any docs on this?

Edit: I’m pretty sure that libmysqlclient required by php-mysqlnd is not available on 4.0.


#18

There is no change up to my knowledge and I have not been able to track anything in git either. Is it possible that it is outside factor?

See my previous comment. Updater is considered as disabled. It is known and will be fixed in next release.

It seems that package for some reason does not contain init script nor any other script with exception of Python module. I will look in to that. Thank you for reporting it. (https://gitlab.labs.nic.cz/turris/turris-os-packages/issues/353)

We are sorry. We know about that and it is going to be fixed with alpha6.

I am pretty much sure that it is. It is named as libmariadbclient and it provides libmysqlclient. Both opkg and updater are able to install it (opkg install libmysqlclient).

Was that old container or newly created one?


#19

Timezone: no problem, I’ll test it later.
Mysql: I did not check when I had 4.0, I did check after revert http://api.turris.cz/openwrt-repo/hbk/packages/omnia/ but I was looking for libmysqlclient.
LXC: it was an old container. I did try convert it’s config (checking it with new one), but I was unable to do that.
First: new one does not contain network configuration.
Second: I have few devices (USB) passed to LXC.

Foris and mysql are minor problems.
Most important is running my existing Debian in new LXC environment. I do not want to install it from scratch.


#20

Just so you know. You have probably encountered following error: https://gitlab.labs.nic.cz/turris/turris-os-packages/issues/354

Thank you for giving me a hint to test Debian container.