On 9/27/25 19:40, Daniel Golle wrote:
On Sat, Sep 27, 2025 at 07:16:33PM +0200, Hauke Mehrtens wrote:
How well can we integrate DNS into the LuCI web interface?
Very good question. I'm not into that whole web side of things at all.
DNS is also not authenticated, it should be fine if the attacker could only
prevent the UI from showing an update notification, but it should not be
able to tell the user where to get the update.
That's what I thought: Only indicate the presence of a newer release,
not where to get it.
I think we would get some negative feedback from users when we remove apk
from the default images. We could offer an option in the ASU web interface
to remove APK.
If we have a button to generate a default image without apk in the firmware
selector UI it would be sufficient:
https://firmware-selector.openwrt.org/?version=24.10.3&target=mediatek%2Fmt7622&id=linksys_e8450
Removing it manually from the list is a bit complicated for the novice user.
On many devices the only possible outcome of trying to use the package
manager is a brick because rootfs_overlay got only 1 or 2 JFFS2 blocks
total. So even **deleting** a package would result in a brick as the
list of installed packages would be copied to the rootfs_overlay as a
consequence of *any* change...
Apart from just not installing the package manager, I believe we should
also not install 'ca-bundle' on SMALL_FLASH devices, and also select
CONFIG_CLEAN_IPKG=y by default. Together with an easy to use way to
generate and install custom ASU-generated images for such a devices the
outcome would be something much more intuitive and user-friendly than
an anyway broken package manager (opkg or apk are equally affected by
this problem, obviously).
Do we have to install luci-app-attendedsysupgrade and owut for this or is it
possible with less?
Either of the two packages is sufficient, we don't need both of them.
Should we add luci-app-attendedsysupgrade as a dependency to
luci/collections/luci/Makefile ?
I'd say yes, but that's just my opinion.
I think this is a good option.
Should we move utils/attendedsysupgrade-common from the package feed to the
main repository?
I suggest to merge the content of the utils/attendedsysuprade-common
package into base-files, as the packaging overhead is bigger than the
actual content (a single UCI configuration file).
I agree with you.
Maybe we should handle the ASU signing key a bit special.
This key is not as good protected as the other keys.
Maybe store it in /etc/opkg/asu-key/ and use this key for signature checks
initialized by the tools using ASU intentionally only.
+1 makes a lot of sense!
So to summarize:
* Add luci-app-attendedsysupgrade as a dependency to the LuCI default
collections for all builds with use LuCI.
* Add OWUT for !SMALL_FLASH
* The automatic checks for updates should be opt in, we can keep it like it
is for now and improve later.
+1
LuCi installs luci-app-attendedsysupgrade by default now, see:
https://github.com/openwrt/luci/pull/8080
Hauke
_______________________________________________
openwrt-devel mailing list
[email protected]
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
