TurrisOS 3.10.6 released

Dear Turris users,

we just released new version of Turris OS. As usual, it contains just bunch of fixes and few updates that seems small and isolated. Full release notes are as follows:

• kernel, tiff: security update
• openssh, nextcloud, lighttpd, libpcap, openssl, ath10k-ct, minidlna, wireguard: updates
• pakon: more robust recovery from broken database
• storage: fix support for partitionless drives
• procd: minor compatibility fixes
• lxc: more prominent warning about container usage

There is one know issue - ath10k-ct driver is not working, missing one more fix. We know about that and we will address it in next release but as it wasn’t working till now and therefor most likely everybody is using the official one, we decided to release nevertheless.

I’ve got stuff in my /srv directory individually linked to my SSD:

/srv/lxc -> /mnt/sda1/lxc
/srv/pakon -> /mnt/sda1/pakon
/srv/suricata -> /mnt/sda1/suricata

since I also save logs there, save long term statistics, etc, that are linked from elsewhere.

On updating, I got the following error notification:

Error from 2018/09/20 10:15:40
Updater selhal: Failed operations:

pakon/postinst: mv: can't rename '/srv/pakon/pakon.db.xz.tmp': No such file or directory

Command failed: Not found

I’m not sure if this is a significant error or not.

I’m having a similar issue as I too have a USB drives that gets mounted on /srv… It’s not been an issue in the past, and curious why the issue now emerges…

Here’s some details when I manually performed an update…

    INFO:Running post-install and post-rm scripts
    ...
    Output from foris-controller-storage-module.postinst:
        + [ -z ]
        + /etc/init.d/foris-controller restart
        + /etc/init.d/srv enable
        + mkdir -p /srv 
        (which seems to hang... )

I tried pressing control-C to exit the script, and then rebooted. However, some script changes did not seem to be applied as things were not fine after the reboot.

The web interface (Foris) did NOT seem to work, so I rolled-back the changes using ( schnapps rollback) and changed the update preferences configuration to Update approval needed. I’ll hold-off applying the update until the issue is resolved.

Updater error:
[string "transaction"]:317: [string "backend"]:757: Failed to stat '//srv/lxc': I/O error

I have lxc “module” enabled, but this directory hasn’t existed in my /srv for quite some time (since I don’t use containers ATM), and no previous updates had problem with that…

EDIT:
Ahh, I found out in the logs that my storage drive got remounted readonly and had some problems after the update:

err kernel[]: [2297614.655370] BTRFS error (device sda): bdev /dev/sdb errs: wr 0, rd 1481082, flush 0, corrupt 0, gen 0
err kernel[]: [2297623.740191] BTRFS error (device sda): cleaner transaction attach returned -30

What’s weird is the device sda in the log, since the device is sdb (however, for history reasons, I mount it to /mnt/sda, but that’s not a device). There is no /dev/sda device.

With latest update i cannot start foris config anymore.

My log messages contains a message about crashes:
2018-09-20 19:13:53 info procd[]: Instance lighttpd::instance1 s in a crash loop 6 crashes, 0 seconds since last crash

schnapps rollback does not solve that issue.
Can I do anything about that?

Thanks for your support.
Kind regards,
Ken

I had to manually update the lighthttpd config due to running on a non-standard port (nginx owns port 80)
To see the differences between your current config, and the new default config, you can use the following command;

diff -u /etc/lighttpd/lighttpd.conf /etc/lighttpd/lighttpd.conf-opkg

In my case, this was

# diff -u /etc/lighttpd/lighttpd.conf*
--- /etc/lighttpd/lighttpd.conf 2017-01-26 20:04:24.976738000 +0100
+++ /etc/lighttpd/lighttpd.conf-opkg    2018-09-17 20:16:18.000000000 +0200
@@ -4,26 +4,27 @@
 server.document-root        = "/www"
 server.upload-dirs          = ( "/tmp" )
 server.errorlog             = "/var/log/lighttpd/error.log"
+server.max-read-idle        = 90
 server.pid-file             = "/var/run/lighttpd.pid"
 #server.username             = "http"
 #server.groupname            = "www-data"

 index-file.names            = ( "index.php", "index.html",
                                 "index.htm", "default.htm",
-                                "index.lighttpd.html" )
+                              )

 static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )

 ### Options that are useful but not always necessary:
 #server.chroot               = "/"
-server.port                 = 8088
+#server.port                 = 81
 #server.bind                 = "localhost"
 #server.tag                  = "lighttpd"
 #server.errorlog-use-syslog  = "enable"
-#server.network-backend      = "write"
+#server.network-backend      = "writev"

 # listen on IPv6
-$SERVER["socket"] == "[::]:8088" {  }
+$SERVER["socket"] == "[::]:80" {  }

 ### Use IPv6 if available
 #include_shell "/usr/share/lighttpd/use-ipv6.pl"
@@ -31,6 +32,6 @@
 #dir-listing.encoding        = "utf-8"
 #server.dir-listing          = "enable"

-include       "/etc/lighttpd/mime.conf"
-include_shell "cat /etc/lighttpd/modules.d/*.load"
-include_shell "cat /etc/lighttpd/conf.d/*.conf"
+include "/etc/lighttpd/mime.conf"
+include "/etc/lighttpd/modules.d/*.load"
+include "/etc/lighttpd/conf.d/*.conf"

Probably was the include changes at the bottom which caused the issue in my case.

Edit:
You can use this command to find other config files which have updates, and when they changed;
find / -name '*-opkg' -exec ls -l '{}' ';'

I only changed that line : userdir.path = “public_html”
Not sure if that is the problem.

My diff looks like that:

root@turris:~# diff -u /etc/lighttpd/lighttpd.conf /etc/lighttpd/lighttpd.conf-o
pkg
--- /etc/lighttpd/lighttpd.conf	2016-11-13 20:35:09.967596785 +0100
+++ /etc/lighttpd/lighttpd.conf-opkg	2018-09-17 20:16:18.000000000 +0200
@@ -4,13 +4,14 @@
 server.document-root        = "/www"
 server.upload-dirs          = ( "/tmp" )
 server.errorlog             = "/var/log/lighttpd/error.log"
+server.max-read-idle        = 90
 server.pid-file             = "/var/run/lighttpd.pid"
 #server.username             = "http"
 #server.groupname            = "www-data"
 
 index-file.names            = ( "index.php", "index.html",
                                 "index.htm", "default.htm",
-                                "index.lighttpd.html" )
+                              )
 
@@ -20,7 +21,7 @@
 #server.bind                 = "localhost"
 #server.tag                  = "lighttpd"
 #server.errorlog-use-syslog  = "enable"
-#server.network-backend      = "write"
+#server.network-backend      = "writev"
 
 # listen on IPv6
 $SERVER["socket"] == "[::]:80" {  }
@@ -31,9 +32,6 @@
 #dir-listing.encoding        = "utf-8"
 #server.dir-listing          = "enable"
 
-userdir.path = "public_html"
-
-include       "/etc/lighttpd/mime.conf"
-include_shell "cat /etc/lighttpd/modules.d/*.load"
-include_shell "cat /etc/lighttpd/conf.d/*.conf"
-
+include "/etc/lighttpd/mime.conf"
+include "/etc/lighttpd/modules.d/*.load"
+include "/etc/lighttpd/conf.d/*.conf"

With small changes such as this, the easiest way is to use the new config, and re-apply your own changes;

/etc/lighttpd/lighttpd.conf-opkg /etc/lighttpd/lighttpd.conf
The important change here is the three include lines at the bottom.

As a side note, please use code blocks when posting code (or large amount of text), such as the diff. Edit your post, and enclose it in tripple backtics (```) for a code block, such as the one in my post.

We should probably also continue this discussion in Lighttpd not starting anymore, to avoid cluttering this one

Thank you for your support, using the original configuration did help!

I assume as soon as i edit the file by myself, the update can fail after breaking changes.

But now i know what to do fore the future, many thanks.

Kind Regards,
Ken

I’m having the same issue. I don’t recall making changes to the lighttpd.conf file, nor can I find an -opkg version of that file…?

Any suggestions?

I then tried to force install lighttpd and same issue and no -opkg version of the conf file.

Is it possible to take out this annoying email notifications when LXC are on SD card and keep it only for internal memory ? I have 2 of those anoying emails from yesterday.

Oznámení o chybách

You are running container pihole from internal memory which is not recommended and can severally damage your router! This is not covered by warranty! Please use storage module in Foris to move it somewhere else!

You are running container debian from internal memory which is not recommended and can severally damage your router! This is not covered by warranty! Please use storage module in Foris to move it somewhere else!

You are running container debian1 from internal memory which is not recommended and can severally damage your router! This is not covered by warranty! Please use storage module in Foris to move it somewhere else!

Hi,

I think just after an update lighttpd refuse to start. So I try to start it by hand and I got the following error:

root@router:/etc/lighttpd/conf.d# /usr/sbin/lighttpd -D -f /etc/lighttpd/lighttpd.conf
2018-09-20 22:12:02: (configfile.c.1231) source: cat /etc/lighttpd/conf.d/*.conf line: 5 pos: 1 invalid 
character in variable name 
2018-09-20 22:12:02: (configfile.c.1286) configfile parser failed at: (EOL) 
2018-09-20 22:12:02: (configfile.c.1289) source: /etc/lighttpd/lighttpd.conf line: 38 pos: 1 parser failed 
somehow near here: (EOL) 

Well, I don’t know in which files to look so I check all files in line 5 but I didn’t find any suspicious. Do you have an idea what to look for ?

See my reply here; TurrisOS 3.10.6 released
That looks like the exact error I was getting.

@Oddstr13

Great !!

Where did you get (slightly) detailed info about this fail? I got something similar, but only as:

Error from 2018/09/21 12:03:18
Updater selhal: Failed operations:

pakon/postinst: Command failed: Not found

No more info

EDIT:
Something very similar does opkg remove pakon:

root@omnia:/etc/config# opkg remove --force-depends pakon
Removing package pakon from root...
+ local name
+ basename //usr/lib/opkg/info/pakon
+ name=pakon
+ [ -f /usr/lib/opkg/info/pakon.prerm-pkg ]
+ . /usr/lib/opkg/info/pakon.prerm-pkg
+ /etc/init.d/pakon-monitor disable
+ /etc/init.d/pakon-monitor stop
+ /etc/init.d/pakon-handler disable
+ /etc/init.d/pakon-handler stop
+ + cat /usr/lib/opkg/info/pakon.list
grep ^/etc/init.d/
+ /etc/init.d/pakon-monitor disable
+ /etc/init.d/pakon-monitor stop
Command failed: Not found
+ /etc/init.d/pakon-handler disable
+ /etc/init.d/pakon-handler stop
Command failed: Not found
+ + cat /usr/lib/opkg/info/pakon.list
grep \.py$
+ rm -f /usr/libexec/pakon-light/domains_reapply.pyc
+ rm -f /usr/libexec/pakon-light/pakon-monitor.pyc
+ rm -f /usr/libexec/pakon-light/archive.pyc
+ rm -f /usr/libexec/pakon-light/create_db.pyc
+ rm -f /usr/libexec/pakon-light/pakon-handler.pyc
+ set +x
Not deleting modified conffile /etc/config/pakon.

This showed up in both the notifications web page and also showed up in my email notification. I just copied and pasted.

OK, I get it.

At first I thought that the pakon/postinst: Command failed: Not found is related with yours mv: can't rename ... hence my confusion.
Apparently not.

So I am receiving some errors on the router for some of the config pages, namely:

wifi:
## Remote Exception: Internal error list index out of range('<type 'exceptions.IndexError'>')

Data Collection:

## Remote Exception: Internal error ['uci', '-n', '-c', '/etc/config/', '-P', '/tmp/.uci-foris-controller', 'export', 'ucollect']: command failed (uci: Entry not found )('<class 'foris_controller.exceptions.UciException'>')

Also, list of Cloud Backups fails to load

The above was working before the update. All other tabs on the simple web admin work as expected.

I can see the wifi is working on the luci interface.

ETA: Cloud Backups now showing as is a tick against sending ucollect and firewall

Hi Oddstr13,

I see in your lighttpd config the include_shell with cat. Is it still working?
Cause my config stopped working with new lighttpd. This section is ending with error but worked for a long time without issues:

#include "/etc/lighttpd/conf.d/*.conf"
include_shell "/bin/cat $(ls /etc/lighttpd/conf.d/* | /bin/grep -v ssl)"
include "/etc/lighttpd/myconf.d/*.conf"

At manual startup breaking error is shown:

2018-09-21 20:31:28: (configfile.c.1231) source: /bin/cat $(ls /etc/lighttpd/conf.d/* | /bin/grep -v ssl) line: 5 pos: 1 invalid character in variable name
2018-09-21 20:31:28: (configfile.c.1286) configfile parser failed at: (EOL)
2018-09-21 20:31:28: (configfile.c.1289) source: /etc/lighttpd/lighttpd.conf line: 38 pos: 8 parser failed somehow near here: (EOL)

Last update caused Foris and Luci to be not accesible. I’ve checked configs , alter them (include block, writev) a bit, but still problem with parser (line 5, 233 ; eol or/and variable issue). Later i noticed that module.d folder has few files twice (just with different number prefix). Removed older ones. Still having some issues (cannot use 0.0.0.0 address) … So i removed “proxy” module and finally Foris/Luci was again up. Later in log i found some warnings about redirect/proxy modules. I was not able to find the root cause (resp. way how to fix that) …
Later i decided to rollback using schnapps and set updater to wait for confirmation.