From patchwork Wed Feb 14 15:05:19 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?b?UmFmYcWCIE1pxYJlY2tp?= X-Patchwork-Id: 1898970 X-Patchwork-Delegate: zajec5@gmail.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=ZAUj/b0d; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20230601 header.b=DgyzWrrp; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.openwrt.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org; receiver=patchwork.ozlabs.org) Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4TZhPN4BZ8z23j4 for ; Thu, 15 Feb 2024 02:07:03 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:Message-Id:Date:Subject:Cc :To:From:Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References: List-Owner; bh=5jHI+GTl07ILLctRj2Pxz5B+8eCdF3cNecxhG9+Rdo4=; b=ZAUj/b0d6pzyxL 961TTOhhJ9gev6ZrsIiz1l+z+ANU0E9FKzpF1A3/ULMvAnE+iFvbK9qTTZoHiH2K7UFtPXlqCqir5 VlBqZ31vMvt9L50qLTb/p9JEbofzWdQoREz4jl5kAJxdEtP8I3kWURWUeIqU1JoqXmFojRRixUznE DbGd9pZf+lOVkk6q3ak6zeo44jhvWIxqNQfHIvr27ZHXimGdsJP4kNJSOPhPiysGrHdf/anJ2n8pd T1Fr0W/MnuzrnEh6a9hhq5XlGa5prVM7Go0JiwuqXlvJLhqR28K02CUYM+MexoR1nQiVSEe92xyNB Z8cqEPXvqMUPC9NTinxA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux)) id 1raGpI-0000000DFcU-2az4; Wed, 14 Feb 2024 15:05:32 +0000 Received: from mail-ed1-x536.google.com ([2a00:1450:4864:20::536]) by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1raGpG-0000000DFbL-1AQW for openwrt-devel@lists.openwrt.org; Wed, 14 Feb 2024 15:05:31 +0000 Received: by mail-ed1-x536.google.com with SMTP id 4fb4d7f45d1cf-5610c233b95so6291043a12.0 for ; Wed, 14 Feb 2024 07:05:29 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1707923128; x=1708527928; darn=lists.openwrt.org; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=y3D5dNoZa1yYuSyiwWaIEOauUjSYp7mBgAgUFtz1bPg=; b=DgyzWrrpFnfIcsVKA98o9YlS9eCiSBxXpMxNnZcZdjg75GNVCXA/y/SZ4mv6RsvqWm Lk+MF1LRjwwyLbmbXXdqeHtoldAjLOsDIeIb2qIhLRxSbLc+gpEDiPh4rjIYP/JEsRJM vK6+ZNix5AYZJOOBBxtjDgsfuzxyaXGvH+8xmEHnlYF4MaMIwV7tJ3/2lKzINrLXYHfJ y1uGDJA3TOjXaq7kAGjPh+YPIEpZ9T8qmJmI7bxAYJIkP3eHs8IUExEacUNHsXPdEyeI tXG/217gIs/bEf2ee4v/ycpUuY8Sl9+tDnQkYciO3PUsr2UQigZj/2a1k9TnHsb/W7aZ P2pA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1707923128; x=1708527928; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=y3D5dNoZa1yYuSyiwWaIEOauUjSYp7mBgAgUFtz1bPg=; b=CZStVte740gPwk8RZw1y6/uptrLnkN0CQUMTPEjmKnqosCnlN42QT9zcNYYUvVxZHN EeeuwXJhJtu3Jzytjyyd9e/udJhZdJkCpc26Oe7rGRgFeDTkkCRBGMKn/VF2tbp/QfEL KGCYb0sMcPm3ZugVhy9Qo8qj0JPZ3rcOONYhQU/eg0Xesy2OpG6budKwlHt4qxR3/R2H 3ANy4IetViI1n5jSM90LsAassXUR9jhvuqPlnO3vpDOaoz2/onOJ3lAQqE7e/tP3836l zbFlJ+ZAWyGR+PWpftS2ap/zHFrM64R3Irnp0EA8FN/u0QMdYimaBsH6kjk1/ChNjZVA +ZLw== X-Gm-Message-State: AOJu0Yy9cfmv2/PKf0bnVNjpuoEejWYNTCAZoLOA8o3rLvATO2ig8PY7 IL9P/H+uhaRP8YLizfLi63vL/a54Gmy3YJZOUj6j2zWXhWhVq69Odv58ddw1 X-Google-Smtp-Source: AGHT+IF/B6Y3kb6F/Bp7nIFfquy4Pb/AjVn5diy0XhFnm1DogzAdDK2xe+8QwgiUWwpvSmjWQUtQRA== X-Received: by 2002:a17:906:b7c4:b0:a3c:660:6a52 with SMTP id fy4-20020a170906b7c400b00a3c06606a52mr2021899ejb.51.1707923128250; Wed, 14 Feb 2024 07:05:28 -0800 (PST) X-Forwarded-Encrypted: i=1; AJvYcCVHQmLTd1Tx6TwC+dAf0LbSwLkeEjJV6EnnP2dkyKvqf2d1LkOACyovS/yfNXmia6EfdKnVt8+AQjCPinR46DgbqE1LWFcxraBC+Ge5exPRoWOgmTTe46xLgtMgvj81WG7QfkBR7eIuWCzz2SMrvhWh0QXOkOGpqvN4ts9Bln68pc5XYes= Received: from localhost.lan (031011218106.poznan.vectranet.pl. [31.11.218.106]) by smtp.gmail.com with ESMTPSA id tx27-20020a1709078e9b00b00a3d4f282cb3sm596508ejc.142.2024.02.14.07.05.26 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 14 Feb 2024 07:05:27 -0800 (PST) From: =?utf-8?b?UmFmYcWCIE1pxYJlY2tp?= To: openwrt-devel@lists.openwrt.org Cc: =?utf-8?b?UmFmYcWCIE1pxYJlY2tp?= , Christian Marangi , Jo-Philipp Wich , Jonas Gorski Subject: [PATCH] base-files: sysupgrade: include uci-defaults script disabling services Date: Wed, 14 Feb 2024 16:05:19 +0100 Message-Id: <20240214150519.13304-1-zajec5@gmail.com> X-Mailer: git-send-email 2.35.3 MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240214_070530_349192_4F131BA6 X-CRM114-Status: UNSURE ( 8.32 ) X-CRM114-Notice: Please train this message. X-Spam-Score: 0.0 (/) X-Spam-Report: =?unknown-8bit?q?Spam_detection_software=2C_running_on_the_sy?= =?unknown-8bit?q?stem_=22bombadil=2Einfradead=2Eorg=22=2C?= =?unknown-8bit?q?_has_NOT_identified_this_incoming_email_as_spam=2E__The_ori?= =?unknown-8bit?q?ginal?= =?unknown-8bit?q?_message_has_been_attached_to_this_so_you_can_view_it_or_la?= =?unknown-8bit?q?bel?= =?unknown-8bit?q?_similar_future_email=2E__If_you_have_any_questions=2C_see?= =?unknown-8bit?q?_the_administrator_of_that_system_for_details=2E?= =?unknown-8bit?q?_?= =?unknown-8bit?q?_Content_preview=3A__From=3A_Rafa=C5=82_Mi=C5=82ecki_Disabl?= =?unknown-8bit?q?ed_services_should_be_kept_disabled?= =?unknown-8bit?q?_after_sysupgrade=2E_This_can_be_easily_handled_using_a_pro?= =?unknown-8bit?q?per_uci-defaults?= =?unknown-8bit?q?_script=2E_Extend_sysupgrade_to_check_for_disabled_services?= =?unknown-8bit?q?=2C_generate_uci-defaults?= =?unknown-8bit?q?_script_disabling_them_and_include_it_in_backup=2E_?= =?unknown-8bit?q?_?= =?unknown-8bit?q?_Content_analysis_details=3A___=280=2E0_points=2C_5=2E0_req?= =?unknown-8bit?q?uired=29?= =?unknown-8bit?q?_?= =?unknown-8bit?q?_pts_rule_name______________description?= =?unknown-8bit?q?_----_----------------------_------------------------------?= =?unknown-8bit?q?--------------------?= =?unknown-8bit?q?_-0=2E0_RCVD=5FIN=5FDNSWL=5FNONE_____RBL=3A_Sender_listed_a?= =?unknown-8bit?q?t_https=3A//www=2Ednswl=2Eorg/=2C_no?= =?unknown-8bit?q?_trust?= =?unknown-8bit?b?IFsyYTAwOjE0NTA6NDg2NDoyMDowOjA6MDo1MzYgbGlzdGVkIGluXQ==?= =?unknown-8bit?b?IFtsaXN0LmRuc3dsLm9yZ10=?= =?unknown-8bit?q?_-0=2E0_SPF=5FPASS_______________SPF=3A_sender_matches_SPF_?= =?unknown-8bit?q?record?= =?unknown-8bit?q?_0=2E0_SPF=5FHELO=5FNONE__________SPF=3A_HELO_does_not_publ?= =?unknown-8bit?q?ish_an_SPF_Record?= =?unknown-8bit?q?_-0=2E1_DKIM=5FVALID_____________Message_has_at_least_one_v?= =?unknown-8bit?q?alid_DKIM_or_DK_signature?= =?unknown-8bit?q?_-0=2E1_DKIM=5FVALID=5FEF__________Message_has_a_valid_DKIM?= =?unknown-8bit?q?_or_DK_signature_from?= =?unknown-8bit?q?_envelope-from_domain?= =?unknown-8bit?q?_0=2E1_DKIM=5FSIGNED____________Message_has_a_DKIM_or_DK_si?= =?unknown-8bit?q?gnature=2C_not_necessarily_valid?= =?unknown-8bit?q?_-0=2E1_DKIM=5FVALID=5FAU__________Message_has_a_valid_DKIM?= =?unknown-8bit?q?_or_DK_signature_from_author=27s?= =?unknown-8bit?q?_domain?= =?unknown-8bit?q?_0=2E0_FREEMAIL=5FFROM__________Sender_email_is_commonly_ab?= =?unknown-8bit?q?used_enduser_mail_provider?= =?unknown-8bit?q?_=5Bzajec5=28at=29gmail=2Ecom=5D?= =?unknown-8bit?q?_0=2E2_FREEMAIL=5FENVFROM=5FEND=5FDIGIT_Envelope-from_freem?= =?unknown-8bit?q?ail_username_ends_in?= =?unknown-8bit?q?_digit?= =?unknown-8bit?q?_=5Bzajec5=28at=29gmail=2Ecom=5D?= =?unknown-8bit?q?_-0=2E0_T=5FSCC=5FBODY=5FTEXT=5FLINE___No_description_avail?= =?unknown-8bit?q?able=2E?= X-BeenThere: openwrt-devel@lists.openwrt.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: OpenWrt Development List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "openwrt-devel" Errors-To: openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org From: Rafał Miłecki Disabled services should be kept disabled after sysupgrade. This can be easily handled using a proper uci-defaults script. Extend sysupgrade to check for disabled services, generate uci-defaults script disabling them and include it in backup. Cc: Christian Marangi Cc: Jo-Philipp Wich Cc: Jonas Gorski Signed-off-by: Rafał Miłecki Acked-by: Jo-Philipp Wich --- package/base-files/files/sbin/sysupgrade | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/package/base-files/files/sbin/sysupgrade b/package/base-files/files/sbin/sysupgrade index 1e09f65e07..b1ada062ed 100755 --- a/package/base-files/files/sbin/sysupgrade +++ b/package/base-files/files/sbin/sysupgrade @@ -273,6 +273,16 @@ create_backup_archive() { \) | sed -e 's,.*/,,;s/\.control /\t/' > "$dir/${INSTALLED_PACKAGES}" fi + mkdir -p $dir/etc/uci-defaults/ + touch $dir/etc/uci-defaults/10_disable_services + for service in /etc/init.d/*; do + if ! $service enabled; then + echo "$service disable" >> $dir/etc/uci-defaults/10_disable_services + fi + done + echo "exit 0" >> $dir/etc/uci-defaults/10_disable_services + echo "/etc/uci-defaults/10_disable_services" >> "$CONFFILES" + v "Saving config files..." sed -i 's/^\///' "$CONFFILES" # Drop leading slashes [ "$VERBOSE" -gt 1 ] && TAR_V="v" || TAR_V=""