Turris OS 6.4.3 RC released!

miska · October 7, 2023, 7:10am

Dear Turris users,

we just released a release candidate for Turris OS 6.4.3. There are several security updates and bugfixes as usual, but there is also a little bit of new behavior.

Over the time, we have been enhancing support for various LTE cards and we plan to continue doing so. This release will actually automatically configure any LTE card it finds if there is no PIN required. Hope you will find that useful.

We are also testing a new alternative client for our Dynamic Firewall. You can enable it in package lists.

As always, we appreciate any feedback and how are the new features working for you. Full release notes follow.

New Features
• dynfw: New experimental client
• drivers: More packages are automatically installed based on devices present
• drivers: Automatic setup of supported 3/4/5G with PIN-less SIM

Updates
• kernel: update to version 5.10.194 and 5.15.130
• curl: update to version 8.3.0
• openssl: update to version 1.1.1w
• wget: update to version 1.21.4
• php8-pecl-sodium replaced with php8-mod-sodium
• msmtp: update to version 1.8.24
• omnia-mcutool: updated to version 0.2 and packaged firmware

Bug Fixes
• switch-branch: reinstall all packages when switching between branches
• schnapps: fix regexp for ssh uri
• foris-storage-plugin: explicitly add more dependencies
• resolver-conf: fix calling of script to fill entries from DHCP
• resolver-conf: fix superfluous reloads on some IPv6 networks

peci1 · October 7, 2023, 2:22pm

Thanks. Could you share a bit more info on the experimental Sentinel client?

miska · October 7, 2023, 3:04pm

It is a reimplementation of a client for Dynamic Firewall, written in C so in theory it should have a smaller memory footprint, but at the same time there is a variant with support for nftables. We are considering to switching to it as it seems Ok in current test, but we want to try some broader testing first.

jada4p · October 7, 2023, 4:11pm

MOX classic, HBK branch, .5 GB, 2x WiFi, simple config. All seems OK.

tac2 · October 7, 2023, 4:53pm

Maybe you should prepare to include curl 8.4.0 if it is not to much work. It wil include a fix for a severity high cve.
It is scheduled to be rekeased the 11th Oct.

https://curl.se/docs/releases.html

peci1 · October 8, 2023, 8:28am

6.4.2 → 6.4.3 RC1 update ok (no new problems introduced), no unintended cable/wifi or internet downtime. Restart needed.

Turris Omnia 2017, 1 GB RAM, dead eMMC, system running from mSATA SSD, original wifi cards. Storage plugin enabled, LXC containers, tor relay, USB HDD shared over samba4 and minidlna, SQM, Hardwario gateway + MQTT IoT bridge, OpenVPN, PPtP VPN, morce.

After enabling the experimental sentinel client, I see only this:

# pkgupdate 
INFO:Target Turris OS: 6.4.3
WARN:Request not satisfied to install package: sentinel-dynfw-c-client-iptables

miska · October 8, 2023, 7:18pm

Don’t worry, it is on our radar and we will update it once it is out

viktor · October 9, 2023, 1:20pm

Could you explain more please?

ljelinek · October 10, 2023, 12:46pm

omnia-mcutool v0.2 brings many new features and improvements over the older v0.1. See Commits · 0.2 · Turris / omnia-mcutool · GitLab for details. The packaged firmware is available here: Releases · Turris / HardWare / omnia_hw_ctrl · GitLab.

miska · October 10, 2023, 1:01pm

It is a tool to update and control the firmware in MCU of Turris Omnia. After the final release, we are planning to send out to the forum a short howto to help people update the firmware and get some new cool features

ljelinek · October 10, 2023, 3:01pm

After enabling the experimental sentinel client, I see only this:

It has been fixed in RC2 and the experimental client should work correctly. Please select only one of the dynfw clients. ReForis allows to check both but it will not work.

peci1 · October 11, 2023, 7:33am

There’s no RC2 my router on hbt could find. I installed RC1 and since then it reports no further updates. And I still can’t install the experimental client.

If this is a requirement, it should be explicitly mentioned in the reforis packages list page.

ljelinek · October 11, 2023, 7:55am

There’s no RC2 my router on hbt could find.

It has been released yesterday, ca. 2 hours before the final 6.4.3. Your router has probably installed only the final version.

And I still can’t install the experimental client.

Please try to remove both clients and then install the experimental one.

If this is a requirement, it should be explicitly mentioned in the reforis packages list page.

Yes, it’s true. I’ll create an issue for it.

peci1 · October 11, 2023, 9:31am

I have manually approved updates. I’ve only approved RC1. No approval request since then (even after manually clicking “Check updates” in reforis).

Thanks!

ljelinek · October 11, 2023, 11:26am

No approval request since then (even after manually clicking “Check updates” in reforis).

You probably missed the interval between RC2 and HBS. But it’s irrelevant now as RC2 became the final/stable version.

peci1 · October 11, 2023, 11:41am

I haven’t received any update notification after rc1. Neither rc2, nor stable. Is there a way to tell whether I’m on rc1 or stable now? Which package was updated in rc2?

miska · October 11, 2023, 12:28pm

The only thing that was updated in RC2 was the experimental dynfw client and how it is installed. If you didn’t installed it, then there should be no difference between RC1 and RC2 and thus no update.

viktor · October 12, 2023, 2:35pm

Great and what about u-boot update?

miska · October 13, 2023, 5:00am

There is no U-Boot update mentioned in release notes

Nones · October 13, 2023, 6:35am