Turris OS 4.0 beta1 is released!

There is basically no documentation for umdns and nothing explains what the settings in /etc/config/umdns are supposed to achieve.
IMHO umdns does not belong in the base package, just bloats the code and consumes resources whilst likely benefiting a very few users.

1 Like

Is socat essential for any of the router functionality? Whilst being enabled in init.d to start up it is set to disabled in /etc/config/socat

config socat 'http'
	option enable '0'

and apparently not running in a vanilla installation.

If is non-essential then perhaps it could be removed from the router installation routine.

My provider doesn’t offen ipv6 now and I want to deactivate ipv6 completely. DHCP ipv6 settings are deactivated.
How can I deactivate the ipv6 local link (fe80:…) on wlan0 and wlan1 device? I didn’t found a solution that will consist after reboot.

This not really related to this topic.

Nonetheless, it would require ipv6 to be disabled in the kernel.

Somehow it is related. Since beta 1 I have an issue with ipv6. As soon as I open a website it takes 5-10s seconds until it loads. I changed several things in my general network setup like the software of my providers box, the providers contract etc.

Yesterday I identified that it is related to the ipv6 setup in OpenWRT. Probably it is just a routing error. For this reason I want to deactivate ipv6 to investigate further.

I found a solution to deactivate now ipv6 on startup.
Jut added the following to startup in Luci:

sysctl -w net.ipv6.conf.all.disable_ipv6=1 echo 1 > /proc/sys/net/ipv6/conf/all/disable_ipv6 sysctl -w net.ipv6.conf.default.disable_ipv6=1

2 Likes

In luci -> system -> software there is a bug that forces to update package lists every single time.

btrfs support for acl is not working since not compiled in kernel (lodged gitlab #384)

Trying to mount btrfs with acl results in

BTRFS error (device): support for ACL not compiled in!

gzip -cd /proc/config.gz | grep ACL

CONFIG_EXT4_FS_POSIX_ACL is not set
CONFIG_REISERFS_FS_POSIX_ACL is not set
CONFIG_JFS_POSIX_ACL is not set
CONFIG_XFS_POSIX_ACL is not set
CONFIG_BTRFS_FS_POSIX_ACL is not set
CONFIG_F2FS_FS_POSIX_ACL is not set
CONFIG_FS_POSIX_ACL=y
CONFIG_TMPFS_POSIX_ACL is not set
CONFIG_HFSPLUS_FS_POSIX_ACL is not set
CONFIG_JFFS2_FS_POSIX_ACL is not set
CONFIG_NFS_V3_ACL is not set
CONFIG_NFSD_V3_ACL is not set
CONFIG_CIFS_ACL is not set


Looks like it might become available in the next beta output.

Noticed that the CPU is spiking abnormally high (during autorefresh) when logged into LuCI pages that provide status information

That is a known problem with LuCI

Anyone using VPN policy based routing with OS 4.0 b1(@n8v8r ?) ? I updated my Turris Omnia today to 4.0b1 and installed VPN PBR and it behaves different compared to OS 3:

  • in OS3 all traffic was routed over the VPN tunnel and I had to use PBR to choose the clients that should use WAN.
  • in OS4 all traffic is routed through WAN (even though VPN tunnel is active) and I have to choose the clients that should use VPN

I do indeed. Same settings as used in TOS3.11.4, no difference in its behaviour, with wireguard as choice of VPN.

What you are describing might be due to setting of the VPN rather than VBR?

Thanks for your quick reply. Then I will have to check my VPN settings, I used the same like in OS3…

I am concerned that sysntpd is not working, both client and server.

With the client side, which is most important, there is no indication in the logs that the time is being synchronized with the specified upstream servers, e.g. via /foris/config/main/time/ > Update Time.
Is there any way via cli to run the client and see the output, could not find any documentation?

-> This been sorted after discovery of the settings from 3.11.4 copied/pasted to 4.x not working.


With the server side up/running

ss -tulpn | grep ntp

udp UNCONN 0 0 *:123 : users:((“ntpd”,pid=10918,fd=3))

ntpq -p is producing

localhost: timed out, nothing received
***Request timed out

In addition the server should not be listening globally but on dhcp_interface, if list interface is omitted then on every interface or else on the specified interface. But apparently it does not.


Not sure whether it makes difference but this node is using odhcp for ipv4 and ipv6.

consistently on every boot

[ 4.424950] libphy: mv88e6xxx SMI: probed
[ 4.429872] ------------[ cut here ]------------
[ 4.434524] WARNING: CPU: 0 PID: 1 at fs/proc/generic.c:572 remove_proc_entry+0x140/0x154
[ 4.442726] remove_proc_entry: removing non-empty directory ‘irq/58’, leaking at least ‘mv88e6xxx-g2’

[ 17.305282] random: crng init done
[ 17.308697] random: 2 urandom warning(s) missed due to ratelimiting
[ 20.699652] watchdog: watchdog0: nowayout prevents watchdog being stopped!
[ 20.699656] watchdog: watchdog0: watchdog did not stop!
[ 20.708014] watchdog: watchdog0: nowayout prevents watchdog being stopped!
[ 20.708017] watchdog: watchdog0: watchdog did not stop!

I’m facing an issue with opkg update over ssh and as well with the update on Luci.
Both showing the following error:

opkg update details
Downloading https://repo.turris.cz/hbs/omnia/packages/core/Packages.gz
Updated list of available packages in /var/opkg-lists/turrisos_core
Downloading https://repo.turris.cz/hbs/omnia/packages/core/Packages.sig
Signature file download failed.
Remove wrong Signature file.
Downloading https://repo.turris.cz/hbs/omnia/packages/base/Packages.gz
*** Failed to download the package list from https://repo.turris.cz/hbs/omnia/packages/base/Packages.gz

Downloading https://repo.turris.cz/hbs/omnia/packages/luci/Packages.gz
Updated list of available packages in /var/opkg-lists/turrisos_luci
Downloading https://repo.turris.cz/hbs/omnia/packages/luci/Packages.sig
Signature file download failed.
Remove wrong Signature file.
Downloading https://repo.turris.cz/hbs/omnia/packages/luci_theme_rosy/Packages.gz
*** Failed to download the package list from https://repo.turris.cz/hbs/omnia/packages/luci_theme_rosy/Packages.gz

Downloading https://repo.turris.cz/hbs/omnia/packages/openwisp/Packages.gz
Updated list of available packages in /var/opkg-lists/turrisos_openwisp
Downloading https://repo.turris.cz/hbs/omnia/packages/openwisp/Packages.sig
Signature file download failed.
Remove wrong Signature file.
Downloading https://repo.turris.cz/hbs/omnia/packages/packages/Packages.gz
*** Failed to download the package list from https://repo.turris.cz/hbs/omnia/packages/packages/Packages.gz

Downloading https://repo.turris.cz/hbs/omnia/packages/routing/Packages.gz
Updated list of available packages in /var/opkg-lists/turrisos_routing
Downloading https://repo.turris.cz/hbs/omnia/packages/routing/Packages.sig
Signature file download failed.
Remove wrong Signature file.
Downloading https://repo.turris.cz/hbs/omnia/packages/sidn/Packages.gz
*** Failed to download the package list from https://repo.turris.cz/hbs/omnia/packages/sidn/Packages.gz

Downloading https://repo.turris.cz/hbs/omnia/packages/telephony/Packages.gz
Updated list of available packages in /var/opkg-lists/turrisos_telephony
Downloading https://repo.turris.cz/hbs/omnia/packages/telephony/Packages.sig
Signature file download failed.
Remove wrong Signature file.
Downloading https://repo.turris.cz/hbs/omnia/packages/turrispackages/Packages.gz
*** Failed to download the package list from https://repo.turris.cz/hbs/omnia/packages/turrispackages/Packages.gz

Collected errors:

* opkg_download: Failed to download https://repo.turris.cz/hbs/omnia/packages/core/Packages.sig, wget returned 4.
* opkg_download: Check your network settings and connectivity.

 * opkg_download: Failed to download https://repo.turris.cz/hbs/omnia/packages/base/Packages.gz, wget returned 4.
 * opkg_download: Check your network settings and connectivity.

 * opkg_download: Failed to download https://repo.turris.cz/hbs/omnia/packages/luci/Packages.sig, wget returned 4.
 * opkg_download: Check your network settings and connectivity.

 * opkg_download: Failed to download https://repo.turris.cz/hbs/omnia/packages/luci_theme_rosy/Packages.gz, wget returned 4.
 * opkg_download: Check your network settings and connectivity.

 * opkg_download: Failed to download https://repo.turris.cz/hbs/omnia/packages/openwisp/Packages.sig, wget returned 4.
 * opkg_download: Check your network settings and connectivity.

 * opkg_download: Failed to download https://repo.turris.cz/hbs/omnia/packages/packages/Packages.gz, wget returned 4.
 * opkg_download: Check your network settings and connectivity.

 * opkg_download: Failed to download https://repo.turris.cz/hbs/omnia/packages/routing/Packages.sig, wget returned 4.
 * opkg_download: Check your network settings and connectivity.

 * opkg_download: Failed to download https://repo.turris.cz/hbs/omnia/packages/sidn/Packages.gz, wget returned 4.
 * opkg_download: Check your network settings and connectivity.

 * opkg_download: Failed to download https://repo.turris.cz/hbs/omnia/packages/telephony/Packages.sig, wget returned 4.
 * opkg_download: Check your network settings and connectivity.

 * opkg_download: Failed to download https://repo.turris.cz/hbs/omnia/packages/turrispackages/Packages.gz, wget returned 4.
 * opkg_download: Check your network settings and connectivity.

wget for https://repo.turris.cz/hbs/omnia/packages/base/Packages.gz on ssh connection is working

working wget example

wget https://repo.turris.cz/hbs/omnia/packages/base/Packages.gz
–2019-05-18 23:04:06-- https://repo.turris.cz/hbs/omnia/packages/base/Packages.gz
Resolving repo.turris.cz… 217.31.192.69, 2001:1488:ac15:ff80::69
Connecting to repo.turris.cz|217.31.192.69|:443… connected.
HTTP request sent, awaiting response… 200 OK
Length: 50621 (49K) [application/x-gzip]
Saving to: ‘Packages.gz’

Packages.gz 100%[==============================================================================================>] 49.43K --.-KB/s in 0.02s

2019-05-18 23:04:06 (2.42 MB/s) - ‘Packages.gz’ saved [50621/50621]

Has anyone a idea what is wrong here or how it can be resolved?

[quote=“chris-89, post:78, topic:10107”]

I’m facing an issue with opkg update over ssh and as well with the update on Luci.

Resolved: Even if IPv6 is globally deactivated opkg try to connect through IPv6 if domain provides ipv6. It was required to add “option ipv6 0” in /etc/config/network for all devices

Wait… do you say that connections through IPv6 do succeed and they serve different content? That would be just evil.

No. I was taking about the repo domain that have a ipv6 and an ipv4 record set. opkg was trying to connect through ipv6 but I could not establish connection as my provider doesn’t support it. I deactivated ipv6 some weeks ago to ensure everything is working properly but it seems that some more configurations where required to deactivate all ipv6 related things.

I installed Turris OS 4.0 on my Omnia and I am facing issue with Nextcloud (fresh installation). It seems that Nextcloud 15.0.7 is correctly installed, I can access the login screen but cannot login.
The error message after logging attempt is:

Internal Server Error
The server was unable to complete your request.
If this happens again, please send the technical details below to the server administrator.
More details can be found in the server log.

And the server log contains following error: base64_encode() expects parameter 1 to be string, null given.

Full entry form the log:
{"reqId":"T7RUw2dNNTXJ9qQPRXwG","level":3,"time":"2019-05-19T22:33:24+00:00","remoteAddr":"192.168.1.116","user":"ivanek","app":"index","method":"POST","url":
"\/nextcloud\/index.php\/login?user=ivanek","message":{"Exception":"TypeError","Message":"base64_encode() expects parameter 1 to be string, null given","Code"
:0,"Trace":[{"file":"\/srv\/www\/nextcloud\/lib\/private\/Authentication\/Token\/PublicKeyTokenProvider.php","line":242,"function":"base64_encode","args":["**
* sensitive parameter replaced ***"]},{"file":"\/srv\/www\/nextcloud\/lib\/private\/Authentication\/Token\/PublicKeyTokenProvider.php","line":309,"function":"
encryptPassword","class":"OC\\Authentication\\Token\\PublicKeyTokenProvider","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"\/srv\/www
\/nextcloud\/lib\/private\/Authentication\/Token\/PublicKeyTokenProvider.php","line":70,"function":"newToken","class":"OC\\Authentication\\Token\\PublicKeyTok
enProvider","type":"->","args":["*** sensitive parameter replaced ***","*** sensitive parameter replaced ***","*** sensitive parameter replaced ***","*** sens
itive parameter replaced ***","*** sensitive parameter replaced ***","*** sensitive parameter replaced ***","*** sensitive parameter replaced ***"]},{"file":"
\/srv\/www\/nextcloud\/lib\/private\/Authentication\/Token\/Manager.php","line":69,"function":"generateToken","class":"OC\\Authentication\\Token\\PublicKeyTok
enProvider","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"\/srv\/www\/nextcloud\/lib\/private\/User\/Session.php","line":641,"functio
n":"generateToken","class":"OC\\Authentication\\Token\\Manager","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"\/srv\/www\/nextcloud\/
core\/Controller\/LoginController.php","line":340,"function":"createSessionToken","class":"OC\\User\\Session","type":"->","args":["*** sensitive parameters re
placed ***"]},{"file":"\/srv\/www\/nextcloud\/lib\/private\/AppFramework\/Http\/Dispatcher.php","line":166,"function":"tryLogin","class":"OC\\Core\\Controller
\\LoginController","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"\/srv\/www\/nextcloud\/lib\/private\/AppFramework\/Http\/Dispatcher.
php","line":99,"function":"executeController","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->","args":[{"__class__":"OC\\Core\\Controller\\LoginContro
ller"},"tryLogin"]},{"file":"\/srv\/www\/nextcloud\/lib\/private\/AppFramework\/App.php","line":118,"function":"dispatch","class":"OC\\AppFramework\\Http\\Dis
patcher","type":"->","args":[{"__class__":"OC\\Core\\Controller\\LoginController"},"tryLogin"]},{"file":"\/srv\/www\/nextcloud\/lib\/private\/AppFramework\/Ro
uting\/RouteActionHandler.php","line":47,"function":"main","class":"OC\\AppFramework\\App","type":"::","args":["OC\\Core\\Controller\\LoginController","tryLog
in",{"__class__":"OC\\AppFramework\\DependencyInjection\\DIContainer"},{"_route":"core.login.tryLogin"}]},{"function":"__invoke","class":"OC\\AppFramework\\Ro
uting\\RouteActionHandler","type":"->","args":[{"_route":"core.login.tryLogin"}]},{"file":"\/srv\/www\/nextcloud\/lib\/private\/Route\/Router.php","line":297,
"function":"call_user_func","args":[{"__class__":"OC\\AppFramework\\Routing\\RouteActionHandler"},{"_route":"core.login.tryLogin"}]},{"file":"\/srv\/www\/next
cloud\/lib\/base.php","line":987,"function":"match","class":"OC\\Route\\Router","type":"->","args":["\/login"]},{"file":"\/srv\/www\/nextcloud\/index.php","li
ne":42,"function":"handleRequest","class":"OC","type":"::","args":[]}],"File":"\/srv\/www\/nextcloud\/lib\/private\/Authentication\/Token\/PublicKeyTokenProvi
der.php","Line":242,"CustomMessage":"--"},"userAgent":"Mozilla\/5.0 (Macintosh; Intel Mac OS X 10.14; rv:66.0) Gecko\/20100101 Firefox\/66.0","version":"15.0.
7.0"}

I have found this issue on nextcloud github but no real solution to the problem. I also tried to reset the password for the the user but login still fails. Any idea how to fix it?

I also posted the question on Nextcloud forum: https://help.nextcloud.com/t/after-fresh-installation-cannot-login/53626

added issue on gitlab #398

Despite of setting new token for haas in the https://haas.nic.cz/, the service is not running correctly (port 22 is not open on my omnia). When trying to access the honeypot from outside, I only got an error: ssh: connect to host __hidden__ port 22: Connection refused.

When starting the service manually I got these errors:

/etc/init.d/haas-proxy start
/etc/rc.common: line 1: can't create /sys/fs/cgroup/cpu/haas/cpu.cfs_period_us: Permission denied
/etc/rc.common: line 1: can't create /sys/fs/cgroup/cpu/haas/cpu.cfs_quota_us: Permission denied

Gitlab issue: #394