Turris OS 5.1.5 is released!

Dear Turris users,

It has been a pleasure to let inform you that we released Turris OS 5.1.5 from the Testing branch to the Stable branch and if you are using automatic updates, you will be updated to this version automatically. When you are not using automatic updates, you might want to check the Updater tab to approve the update.

What’s has been changed and updated in this release?
This release is based on top of the latest OpenWrt release 19.07.5.

Security updates for packages:

  • openssl (fixed CVE-2020-1971)
  • tcpdump (fixed CVE-2020-8037)
  • musl (fixed CVE-2020-28928)
  • unbound (CVE-2020-28935)
  • libexif (fixed multiple CVEs)

Bugfixes:

  • Fix for OpenVPN client when filename has multiple dots or dashes
  • Fixed bug in reForis in setting up custom mail server for notifications
  • Improvements regarding Data Collection in migration script from Turris OS 3.x
  • LuCI: fixed nslookup and luci-app-rainbow
  • AdBlock: multiple various fixes

Updated packages:

  • syslog-ng: updated to version 3.30.1
  • zerotier (it is not available for Turris MOX, it’s known bug) updated to version 1.6.2
  • kernel: updated kernel to version 4.14.212
  • miniupnpd: updated to version 2.2.0
  • nextdns: updated to version 1.9.6
  • nano: updated to version 5.4
  • Knot Resolver: updated to version 5.2.0
  • haveged: updated to version 1.9.14
  • netdata: updated to version 1.28.0
  • htop: updated to version 3.0.4
  • samba4: updated to version 4.11.17
  • haproxy: updated to version 2.0.20

Removed package:

  • noddos

We will appreciate any feedback regarding this release. If you will find any bugs in this release, please follow our documentation for getting help.

8 Likes

Known bugs:

Omnia and mox no issues. Thxs!

2 Likes

@Pepe and team, I’m not getting an approval request to upgrade to 5.1.5. I’m set up so that updates require me to approve them. looking at the syslog, I see this, could this be blocking the update?

Jan 13 17:16:32 turris updater-supervisor: Running pkgupdate
Jan 13 17:16:32 turris updater-supervisor: Traceback (most recent call last):
File "/usr/bin/updater-supervisor", line 11, in <module>
 load_entry_point('svupdater==1.3.1', 'console_scripts', 'updater-supervisor')()
File "/usr/lib/python3.7/site-packages/svupdater/__main__.py", line 103, in main
File "/usr/lib/python3.7/site-packages/svupdater/_supervisor.py", line 160, in run
File "/usr/lib/python3.7/site-packages/svupdater/_supervisor.py", line 77, in run
File "/usr/lib/python3.7/site-packages/svupdater/approvals.py", line 157, in _approved

For now, you will need to use automatic updates or delayed updates. Once it is all set and you are on Turris OS 5.1.5, you can use approvals once again. Sorry for any inconvenience caused by this.

Omnia rev. 2020, WLAN 2.4 and 5 GHz, guest WLAN, tor relay, Ubuntu LXC, OpenVPN server, Sentinel, haas-honeypot, RIPE Atlas, IPv4 and 6in4, Netmetr, Pakon, new device detection, LuCI extensions, DoT in Knot Resolver, Candelatech ath10k driver, updated and no problem.

PS: I forgot, I also use Nextcloud on an mSATA disk.

1 Like

Ok for me too, so far so good
Happy new year for all of you

2 Likes

Looks good to me. No issues found so far.

1 Like

Turris Omnia (IGG): Installed and restarted without problems, but the wget-bug still exists.
Tirrus Omnia 2020, simple setup, no additional packages: the same.

When wget is not installed - pkgupdate shows that router is up to date.
When wget is installed (previous state + opkg update + opkg install wget) - pkgupdate wants to reinstall kernel and remove wget. Removing wget does not solve the problem (it wants to reinstall kernel only).

Then, if I run update, I’m back in step no-wget.
Then pkgupdate is ok, pkgupdate + pkgupdate is ok, pkgupdate + pkgupdate + opkg update + pkgupdate is ok. Opkg install wget and I’m back in step “reinstall kernel and remove wget”.

Guys, I would like to thank all of you for such positive feedback regarding this release. It helps us these days, and we appreciate it.

@Cabal, unfortunately, I can confirm that this bug exists and can be annoying, but don’t worry. We were able to reproduce such a bug and for now, we are targetting to get it fixed in Turris OS 5.2.1. For more details, you might want to check the dedicated thread for this issue: Repeated install of packages

3 Likes

I was able to fix this issue by removing 2 files as described in:


I don’t know how much it is a hack…

Mox A and D smooth update.
Well done team!

posinst never finishes for me, it’s stuck on:

INFO:Running postinst of mwan3

It’s not new to 5.1.5. It’s always been like that for me every time there’s an mwan3 update. Nothing relevant in logread -f or pkgupdate output. The only way for me to bypass the error is to disable mwan3 altogether, run pkgupdate, and enable mwan3 again. I obviously don’t want it like that.

What can be done to resolve this problem? How to tell what exactly it’s stuck at? Alternatively, how do I tell pkgupdate to skip a certain postinst?

EDIT: It finally succeeded after like 10 minutes. Here’s the output:

INFO:Running postinst of mwan3
SQM: WARNING: Unable to get run lock - already held by 31311

The SQM thing showed only after waiting for 10 minutes. Any idea what it is? It doesn’t appear to be anything “generic” as Google never heard of anything like that, so I assume it’s a Turris thing.

Okay, so that is coming from SQM itself, because it seems to be running concurrently with itself, which is not supported. But SQM tries a few times and only if it does not succeed after 10 attempts it will print:

Giving up on getting lock after 10 attempts
This is a bug; please report it at https://github.com/tohojo/sqm-scripts/issues
Then, to re-enable sqm-scripts, manually remove $LOCKDIR

If you did not see this meessage things should be fine… If you have not actively rebooted since getting that message, could you post the output of tc -s qdisc and cat /etc/config/sqm, please just to check whether the running SQM instance matches your configuration?

P.S.: @tohojo it seems like the first report of the locking code actually triggering in real life (rare, but still worth fixing)

If it only outputs that one message, that is the locking working as intended, and there’s not much to fix (other than potentially demoting the warning to a debug log message)…

1 Like

Yes, I but if these two instances of run_sqm would have not been serialized through the locking it might have ended in an inconsistent state. So, in case I was too implicit, I agree that this seems to be a case of the locking actually working out well and solving a real-world problem :wink:
That said, still interested in hearing from @Nowaker whether SQM actually came up correctly.

Thanks a lot of your help, @moeller0 and @tohojo!

I haven’t restarted my Omnia, so here’s the output you asked for:

# tc -s qdisc
qdisc noqueue 0: dev lo root refcnt 2 
 Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0
qdisc mq 0: dev eth0 root 
 Sent 896 bytes 8 pkt (dropped 0, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0
qdisc fq_codel 0: dev eth0 parent :8 limit 10240p flows 1024 quantum 1514 target 5.0ms interval 100.0ms memory_limit 4Mb ecn 
 Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0
  maxpacket 0 drop_overlimit 0 new_flow_count 0 ecn_mark 0
  new_flows_len 0 old_flows_len 0
qdisc fq_codel 0: dev eth0 parent :7 limit 10240p flows 1024 quantum 1514 target 5.0ms interval 100.0ms memory_limit 4Mb ecn 
 Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0
  maxpacket 0 drop_overlimit 0 new_flow_count 0 ecn_mark 0
  new_flows_len 0 old_flows_len 0
qdisc fq_codel 0: dev eth0 parent :6 limit 10240p flows 1024 quantum 1514 target 5.0ms interval 100.0ms memory_limit 4Mb ecn 
 Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0
  maxpacket 0 drop_overlimit 0 new_flow_count 0 ecn_mark 0
  new_flows_len 0 old_flows_len 0
qdisc fq_codel 0: dev eth0 parent :5 limit 10240p flows 1024 quantum 1514 target 5.0ms interval 100.0ms memory_limit 4Mb ecn 
 Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0
  maxpacket 0 drop_overlimit 0 new_flow_count 0 ecn_mark 0
  new_flows_len 0 old_flows_len 0
qdisc fq_codel 0: dev eth0 parent :4 limit 10240p flows 1024 quantum 1514 target 5.0ms interval 100.0ms memory_limit 4Mb ecn 
 Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0
  maxpacket 0 drop_overlimit 0 new_flow_count 0 ecn_mark 0
  new_flows_len 0 old_flows_len 0
qdisc fq_codel 0: dev eth0 parent :3 limit 10240p flows 1024 quantum 1514 target 5.0ms interval 100.0ms memory_limit 4Mb ecn 
 Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0
  maxpacket 0 drop_overlimit 0 new_flow_count 0 ecn_mark 0
  new_flows_len 0 old_flows_len 0
qdisc fq_codel 0: dev eth0 parent :2 limit 10240p flows 1024 quantum 1514 target 5.0ms interval 100.0ms memory_limit 4Mb ecn 
 Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0
  maxpacket 0 drop_overlimit 0 new_flow_count 0 ecn_mark 0
  new_flows_len 0 old_flows_len 0
qdisc fq_codel 0: dev eth0 parent :1 limit 10240p flows 1024 quantum 1514 target 5.0ms interval 100.0ms memory_limit 4Mb ecn 
 Sent 896 bytes 8 pkt (dropped 0, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0
  maxpacket 0 drop_overlimit 0 new_flow_count 0 ecn_mark 0
  new_flows_len 0 old_flows_len 0
qdisc mq 0: dev eth1 root 
 Sent 1294976867366 bytes 1303232104 pkt (dropped 5, overlimits 0 requeues 2782676) 
 backlog 0b 0p requeues 2782676
qdisc fq_codel 0: dev eth1 parent :8 limit 10240p flows 1024 quantum 1514 target 5.0ms interval 100.0ms memory_limit 4Mb ecn 
 Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0
  maxpacket 0 drop_overlimit 0 new_flow_count 0 ecn_mark 0
  new_flows_len 0 old_flows_len 0
qdisc fq_codel 0: dev eth1 parent :7 limit 10240p flows 1024 quantum 1514 target 5.0ms interval 100.0ms memory_limit 4Mb ecn 
 Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0
  maxpacket 0 drop_overlimit 0 new_flow_count 0 ecn_mark 0
  new_flows_len 0 old_flows_len 0
qdisc fq_codel 0: dev eth1 parent :6 limit 10240p flows 1024 quantum 1514 target 5.0ms interval 100.0ms memory_limit 4Mb ecn 
 Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0
  maxpacket 0 drop_overlimit 0 new_flow_count 0 ecn_mark 0
  new_flows_len 0 old_flows_len 0
qdisc fq_codel 0: dev eth1 parent :5 limit 10240p flows 1024 quantum 1514 target 5.0ms interval 100.0ms memory_limit 4Mb ecn 
 Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0
  maxpacket 0 drop_overlimit 0 new_flow_count 0 ecn_mark 0
  new_flows_len 0 old_flows_len 0
qdisc fq_codel 0: dev eth1 parent :4 limit 10240p flows 1024 quantum 1514 target 5.0ms interval 100.0ms memory_limit 4Mb ecn 
 Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0
  maxpacket 0 drop_overlimit 0 new_flow_count 0 ecn_mark 0
  new_flows_len 0 old_flows_len 0
qdisc fq_codel 0: dev eth1 parent :3 limit 10240p flows 1024 quantum 1514 target 5.0ms interval 100.0ms memory_limit 4Mb ecn 
 Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0
  maxpacket 0 drop_overlimit 0 new_flow_count 0 ecn_mark 0
  new_flows_len 0 old_flows_len 0
qdisc fq_codel 0: dev eth1 parent :2 limit 10240p flows 1024 quantum 1514 target 5.0ms interval 100.0ms memory_limit 4Mb ecn 
 Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0
  maxpacket 0 drop_overlimit 0 new_flow_count 0 ecn_mark 0
  new_flows_len 0 old_flows_len 0
qdisc fq_codel 0: dev eth1 parent :1 limit 10240p flows 1024 quantum 1514 target 5.0ms interval 100.0ms memory_limit 4Mb ecn 
 Sent 1294976867366 bytes 1303232104 pkt (dropped 5, overlimits 0 requeues 2782676) 
 backlog 0b 0p requeues 2782676
  maxpacket 1522 drop_overlimit 0 new_flow_count 2272599 ecn_mark 0
  new_flows_len 0 old_flows_len 0
qdisc mq 0: dev eth2 root 
 Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0
qdisc fq_codel 0: dev eth2 parent :8 limit 10240p flows 1024 quantum 1514 target 5.0ms interval 100.0ms memory_limit 4Mb ecn 
 Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0
  maxpacket 0 drop_overlimit 0 new_flow_count 0 ecn_mark 0
  new_flows_len 0 old_flows_len 0
qdisc fq_codel 0: dev eth2 parent :7 limit 10240p flows 1024 quantum 1514 target 5.0ms interval 100.0ms memory_limit 4Mb ecn 
 Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0
  maxpacket 0 drop_overlimit 0 new_flow_count 0 ecn_mark 0
  new_flows_len 0 old_flows_len 0
qdisc fq_codel 0: dev eth2 parent :6 limit 10240p flows 1024 quantum 1514 target 5.0ms interval 100.0ms memory_limit 4Mb ecn 
 Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0
  maxpacket 0 drop_overlimit 0 new_flow_count 0 ecn_mark 0
  new_flows_len 0 old_flows_len 0
qdisc fq_codel 0: dev eth2 parent :5 limit 10240p flows 1024 quantum 1514 target 5.0ms interval 100.0ms memory_limit 4Mb ecn 
 Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0
  maxpacket 0 drop_overlimit 0 new_flow_count 0 ecn_mark 0
  new_flows_len 0 old_flows_len 0
qdisc fq_codel 0: dev eth2 parent :4 limit 10240p flows 1024 quantum 1514 target 5.0ms interval 100.0ms memory_limit 4Mb ecn 
 Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0
  maxpacket 0 drop_overlimit 0 new_flow_count 0 ecn_mark 0
  new_flows_len 0 old_flows_len 0
qdisc fq_codel 0: dev eth2 parent :3 limit 10240p flows 1024 quantum 1514 target 5.0ms interval 100.0ms memory_limit 4Mb ecn 
 Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0
  maxpacket 0 drop_overlimit 0 new_flow_count 0 ecn_mark 0
  new_flows_len 0 old_flows_len 0
qdisc fq_codel 0: dev eth2 parent :2 limit 10240p flows 1024 quantum 1514 target 5.0ms interval 100.0ms memory_limit 4Mb ecn 
 Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0
  maxpacket 0 drop_overlimit 0 new_flow_count 0 ecn_mark 0
  new_flows_len 0 old_flows_len 0
qdisc fq_codel 0: dev eth2 parent :1 limit 10240p flows 1024 quantum 1514 target 5.0ms interval 100.0ms memory_limit 4Mb ecn 
 Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0
  maxpacket 0 drop_overlimit 0 new_flow_count 0 ecn_mark 0
  new_flows_len 0 old_flows_len 0
qdisc noqueue 0: dev lan0 root refcnt 2 
 Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0
qdisc noqueue 0: dev lan1 root refcnt 2 
 Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0
qdisc noqueue 0: dev lan2 root refcnt 2 
 Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0
qdisc noqueue 0: dev lan3 root refcnt 2 
 Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0
qdisc noqueue 0: dev lan4 root refcnt 2 
 Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0
qdisc noqueue 0: dev br-lan root refcnt 2 
 Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0
qdisc fq_codel 0: dev wwan0 root refcnt 2 limit 10240p flows 1024 quantum 1500 target 5.0ms interval 100.0ms memory_limit 4Mb ecn 
 Sent 82220016571 bytes 362225933 pkt (dropped 1, overlimits 0 requeues 46) 
 backlog 0b 0p requeues 46
  maxpacket 1431 drop_overlimit 0 new_flow_count 11320 ecn_mark 0
  new_flows_len 0 old_flows_len 0
qdisc fq_codel 0: dev wwan1 root refcnt 2 limit 10240p flows 1024 quantum 1500 target 5.0ms interval 100.0ms memory_limit 4Mb ecn 
 Sent 36298 bytes 291 pkt (dropped 0, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0
  maxpacket 109 drop_overlimit 0 new_flow_count 1 ecn_mark 0
  new_flows_len 0 old_flows_len 0
qdisc noqueue 0: dev br-wan root refcnt 2 
 Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0
qdisc noqueue 0: dev wlan2 root refcnt 2 
 Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0
qdisc fq_codel 0: dev vypr-us root refcnt 2 limit 10240p flows 1024 quantum 1500 target 5.0ms interval 100.0ms memory_limit 4Mb ecn 
 Sent 781571851 bytes 5988913 pkt (dropped 0, overlimits 0 requeues 0) 
 backlog 0b 0p requeues 0
  maxpacket 1310 drop_overlimit 0 new_flow_count 97 ecn_mark 0
  new_flows_len 1 old_flows_len 0
# cat /etc/config/sqm
config queue 'eth1'
        option enabled '0'
        option interface 'eth1'
        option download '85000'
        option upload '10000'
        option qdisc 'fq_codel'
        option script 'simple.qos'
        option qdisc_advanced '0'
        option ingress_ecn 'ECN'
        option egress_ecn 'ECN'
        option qdisc_really_really_advanced '0'
        option itarget 'auto'
        option etarget 'auto'
        option linklayer 'none'

But I actually need to check what eth1 is… OK. It’s the LAN, I guess, given the amount of data. RX bytes:149970699095 (139.6 GiB) TX bytes:1295009404691 (1.1 TiB)

If you did not see this meessage things should be fine…

I mean, being stuck for 10 minutes is far from fine. :smiley: Should it really take this long? It was the first time it actually succeeded in front of me (read: I never had patience to wait this long). All previous times I aborted it, disabled mwan3, then ran postinsts, then reenabled it. So something isn’t right if restarting the OS gets you there 10x faster than doing it “online”.

Thanks.

Mmh, could you also post the output of:

tc -d qdisc

(Sorry for the delay).

Sure, I might have overlooked that fact, but this was just after the update, or does this happen now on each re-boot?

Well, SQM tries to not stumble over itself, but it seems something went wrong. Looking at the sqm code I would have expected SQM to try 10 times while waiting for one second, not sure how this ended up taking 10 minutes. If you can reproduce this we might have a chance figuring out what went wrong…