projects / openwrt.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: a186028)
base-files: Allow to disable failsafe mode
authorluka <luka@3c298f89-4303-0410-b956-a3cf2f4a3e73>
Tue, 10 May 2016 22:36:27 +0000 (22:36 +0000)
committerluka <luka@3c298f89-4303-0410-b956-a3cf2f4a3e73>
Tue, 10 May 2016 22:36:27 +0000 (22:36 +0000)
Signed-off-by: Daniel Dickinson <openwrt@daniel.thecshore.com>
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@49326 3c298f89-4303-0410-b956-a3cf2f4a3e73

package/base-files/Makefile patch | blob | history
package/base-files/files/lib/preinit/10_indicate_failsafe patch | blob | history
package/base-files/files/lib/preinit/30_failsafe_wait patch | blob | history
package/base-files/files/lib/preinit/40_run_failsafe_hook patch | blob | history
package/base-files/image-config.in patch | blob | history

diff --git a/package/base-files/Makefile b/package/base-files/Makefile
index 8bb6225..08ba43c 100644 (file)
--- a/package/base-files/Makefile
+++ b/package/base-files/Makefile
@@ -17,7 +17,7 @@ PKG_FILE_DEPENDS:=$(PLATFORM_DIR)/ $(GENERIC_PLATFORM_DIR)/base-files/
 PKG_BUILD_DEPENDS:=usign/host
 PKG_LICENSE:=GPL-2.0
 
 PKG_BUILD_DEPENDS:=usign/host
 PKG_LICENSE:=GPL-2.0
 
-PKG_CONFIG_DEPENDS := CONFIG_SIGNED_PACKAGES CONFIG_TARGET_INIT_PATH
+PKG_CONFIG_DEPENDS := CONFIG_SIGNED_PACKAGES CONFIG_TARGET_INIT_PATH CONFIG_TARGET_PREINIT_DISABLE_FAILSAFE
 
 include $(INCLUDE_DIR)/package.mk
 
 
 include $(INCLUDE_DIR)/package.mk
 
@@ -81,6 +81,7 @@ define ImageConfigOptions
        echo 'pi_broadcast=$(if $(CONFIG_TARGET_PREINIT_BROADCAST),$(CONFIG_TARGET_PREINIT_BROADCAST),"192.168.1.255")' >>$(1)/lib/preinit/00_preinit.conf
        echo 'pi_preinit_net_messages="$(CONFIG_TARGET_PREINIT_SHOW_NETMSG)"' >>$(1)/lib/preinit/00_preinit.conf
        echo 'pi_preinit_no_failsafe_netmsg="$(CONFIG_TARGET_PREINIT_SUPPRESS_FAILSAFE_NETMSG)"' >>$(1)/lib/preinit/00_preinit.conf
        echo 'pi_broadcast=$(if $(CONFIG_TARGET_PREINIT_BROADCAST),$(CONFIG_TARGET_PREINIT_BROADCAST),"192.168.1.255")' >>$(1)/lib/preinit/00_preinit.conf
        echo 'pi_preinit_net_messages="$(CONFIG_TARGET_PREINIT_SHOW_NETMSG)"' >>$(1)/lib/preinit/00_preinit.conf
        echo 'pi_preinit_no_failsafe_netmsg="$(CONFIG_TARGET_PREINIT_SUPPRESS_FAILSAFE_NETMSG)"' >>$(1)/lib/preinit/00_preinit.conf
+       echo 'pi_preinit_no_failsafe="$(CONFIG_TARGET_PREINIT_DISABLE_FAILSAFE)"' >>$(1)/lib/preinit/00_preinit.conf
 endef
 endif
 
 endef
 endif
 
diff --git a/package/base-files/files/lib/preinit/10_indicate_failsafe b/package/base-files/files/lib/preinit/10_indicate_failsafe
index 6afae41..27b94c1 100644 (file)
--- a/package/base-files/files/lib/preinit/10_indicate_failsafe
+++ b/package/base-files/files/lib/preinit/10_indicate_failsafe
@@ -9,6 +9,7 @@ indicate_failsafe_led () {
 }
 
 indicate_failsafe() {
 }
 
 indicate_failsafe() {
+       [ "$pi_preinit_no_failsafe" = "y" ] && return
        echo "- failsafe -"
        preinit_net_echo "Entering Failsafe!\n"
        indicate_failsafe_led
        echo "- failsafe -"
        preinit_net_echo "Entering Failsafe!\n"
        indicate_failsafe_led
diff --git a/package/base-files/files/lib/preinit/30_failsafe_wait b/package/base-files/files/lib/preinit/30_failsafe_wait
index 3d69baf..9a34f2d 100644 (file)
--- a/package/base-files/files/lib/preinit/30_failsafe_wait
+++ b/package/base-files/files/lib/preinit/30_failsafe_wait
@@ -39,7 +39,7 @@ fs_wait_for_key () {
                rm -f $keypress_wait
        } &
 
                rm -f $keypress_wait
        } &
 
-       echo "Press the [$1] key and hit [enter] $2"
+       [ "$pi_preinit_no_failsafe" != "y" ] && echo "Press the [$1] key and hit [enter] $2"
        echo "Press the [1], [2], [3] or [4] key and hit [enter] to select the debug level"
        # if we're on the console we wait for input
        {
        echo "Press the [1], [2], [3] or [4] key and hit [enter] to select the debug level"
        # if we're on the console we wait for input
        {
@@ -82,6 +82,10 @@ fs_wait_for_key () {
 
 failsafe_wait() {
        FAILSAFE=
 
 failsafe_wait() {
        FAILSAFE=
+       [ "$pi_preinit_no_failsafe" == "y" ] && {
+               fs_wait_for_key "" "" $fs_failsafe_wait_timeout
+               return
+       }
        grep -q 'failsafe=' /proc/cmdline && FAILSAFE=true && export FAILSAFE
        if [ "$FAILSAFE" != "true" ]; then
                pi_failsafe_net_message=true
        grep -q 'failsafe=' /proc/cmdline && FAILSAFE=true && export FAILSAFE
        if [ "$FAILSAFE" != "true" ]; then
                pi_failsafe_net_message=true
diff --git a/package/base-files/files/lib/preinit/40_run_failsafe_hook b/package/base-files/files/lib/preinit/40_run_failsafe_hook
index cb43ad3..7301f77 100644 (file)
--- a/package/base-files/files/lib/preinit/40_run_failsafe_hook
+++ b/package/base-files/files/lib/preinit/40_run_failsafe_hook
@@ -3,6 +3,7 @@
 # Copyright (C) 2010 Vertical Communications
 
 run_failsafe_hook() {
 # Copyright (C) 2010 Vertical Communications
 
 run_failsafe_hook() {
+    [ "$pi_preinit_no_failsafe" = "y" ] && return
     if [ "$FAILSAFE" = "true" ]; then
        boot_run_hook failsafe
        lock -w /tmp/.failsafe
     if [ "$FAILSAFE" = "true" ]; then
        boot_run_hook failsafe
        lock -w /tmp/.failsafe
diff --git a/package/base-files/image-config.in b/package/base-files/image-config.in
index 3dfbedc..4cc835d 100644 (file)
--- a/package/base-files/image-config.in
+++ b/package/base-files/image-config.in
@@ -24,13 +24,24 @@ config TARGET_PREINIT_SUPPRESS_STDERR
                the ash shell launched by inittab will display stderr).  That's
                the same behaviour as seen in previous version of OpenWrt.
 
                the ash shell launched by inittab will display stderr).  That's
                the same behaviour as seen in previous version of OpenWrt.
 
+config TARGET_PREINIT_DISABLE_FAILSAFE
+       bool
+       prompt "Disable failsafe" if PREINITOPT
+       default n
+       help
+               Disable failsafe mode.  While it is very handy while
+               experimenting or developing it really ought to be
+               disabled in production environments as it is a major
+               security loophole.
+
 config TARGET_PREINIT_TIMEOUT
        int
 config TARGET_PREINIT_TIMEOUT
        int
-       prompt "Failsafe wait timeout" if PREINITOPT
+       prompt "Failsafe/Debug wait timeout" if PREINITOPT
        default 2
        help
        default 2
        help
-               How long to wait for failsafe mode to be entered before
-               continuing with a regular boot if failsafe not selected.
+               How long to wait for failsafe mode to be entered or for
+               a debug option to be pressed before continuing with a
+               regular boot.
 
 config TARGET_PREINIT_SHOW_NETMSG
        bool
 
 config TARGET_PREINIT_SHOW_NETMSG
        bool
@@ -45,7 +56,7 @@ config TARGET_PREINIT_SHOW_NETMSG
 
 config TARGET_PREINIT_SUPPRESS_FAILSAFE_NETMSG
        bool
 
 config TARGET_PREINIT_SUPPRESS_FAILSAFE_NETMSG
        bool
-       prompt "Suppress network message indicating failsafe" if PREINITOPT
+       prompt "Suppress network message indicating failsafe" if ( PREINITOPT && !TARGET_PREINIT_SHOW_NETMSG && !TARGET_PREINIT_DISABLE_FAILSAFE )
        default n
        help
                If "Show all preinit network messages" above is not set, then
        default n
        help
                If "Show all preinit network messages" above is not set, then
OpenWrt main development branch