some issues in /etc/init.d/dnsmasq

2021-08-01 Thread e9hack 

Hi,

I found a few issues in /etc/init.d/dnsmasq

- variable EXTRA_MOUNT must be reset at beginning of dnsmasq_start to avoid to 
add the previous content to the following configurations
- /dev/null must be jail mount read/write (see the next too)
- jail mount for /dev/null and /dev/random isn't necessary because it will be 
jail mount automatically
- depend on parameter ignore_hosts_dir, the host-file itself or the directory 
of the host-file must be jail mount

Regards,
Hartmut


___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel

Re: some issues in /etc/init.d/dnsmasq

2021-08-01 Thread Daniel Golle 
Hi,

On Sun, Aug 01, 2021 at 09:00:50AM +0200, e9hack wrote:
> Hi,
> 
> I found a few issues in /etc/init.d/dnsmasq
> 
> - variable EXTRA_MOUNT must be reset at beginning of dnsmasq_start to avoid 
> to add the previous content to the following configurations
> - /dev/null must be jail mount read/write (see the next too)
> - jail mount for /dev/null and /dev/random isn't necessary because it will be 
> jail mount automatically
> - depend on parameter ignore_hosts_dir, the host-file itself or the directory 
> of the host-file must be jail mount

I have addressed these isues in commit ac4e8aa2f8.

Thank you for reviewing, testing and reporting!


Cheers


Daniel

___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel

dnsmasq: rework jail mounts

2021-08-01 Thread e9hack 

Hi,

in last update of jail mounts, this part looks wrong:

--- a/package/network/services/dnsmasq/files/dnsmasq.init
+++ b/package/network/services/dnsmasq/files/dnsmasq.init
@@ -10,6 +10,7 @@ ADD_LOCAL_DOMAIN=1
 ADD_LOCAL_HOSTNAME=1
 ADD_WAN_FQDN=0
 ADD_LOCAL_FQDN=""
+EXTRA_MOUNT=""

 BASECONFIGFILE="/var/etc/dnsmasq.conf"
 BASEHOSTFILE="/tmp/hosts/dhcp"

It shall be:

--- a/package/network/services/dnsmasq/files/dnsmasq.init
+++ b/package/network/services/dnsmasq/files/dnsmasq.init
@@ -818,9 +817,10 @@ dnsmasq_start()
config_get_bool disabled "$cfg" disabled 0
[ "$disabled" -gt 0 ] && return 0

-   # reset list of DOMAINS and DNS servers (for each dnsmasq instance)
+   # reset list of DOMAINS, DNS servers and EXTRA mounts (for each dnsmasq 
instance)
DNS_SERVERS=""
DOMAIN=""
+   EXTRA_MOUNT=""
CONFIGFILE="${BASECONFIGFILE}.${cfg}"
CONFIGFILE_TMP="${CONFIGFILE}.$$"
HOSTFILE="${BASEHOSTFILE}.${cfg}"

Regards,
Hartmut







___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel

Re: dnsmasq: rework jail mounts

2021-08-01 Thread Daniel Golle 
On Sun, Aug 01, 2021 at 03:58:45PM +0200, e9hack wrote:
> Hi,
> 
> in last update of jail mounts, this part looks wrong:
> 
> --- a/package/network/services/dnsmasq/files/dnsmasq.init
> +++ b/package/network/services/dnsmasq/files/dnsmasq.init
> @@ -10,6 +10,7 @@ ADD_LOCAL_DOMAIN=1
>  ADD_LOCAL_HOSTNAME=1
>  ADD_WAN_FQDN=0
>  ADD_LOCAL_FQDN=""
> +EXTRA_MOUNT=""
> 
>  BASECONFIGFILE="/var/etc/dnsmasq.conf"
>  BASEHOSTFILE="/tmp/hosts/dhcp"
> 
> It shall be:
> 
> --- a/package/network/services/dnsmasq/files/dnsmasq.init
> +++ b/package/network/services/dnsmasq/files/dnsmasq.init
> @@ -818,9 +817,10 @@ dnsmasq_start()
> config_get_bool disabled "$cfg" disabled 0
> [ "$disabled" -gt 0 ] && return 0
> 
> -   # reset list of DOMAINS and DNS servers (for each dnsmasq instance)
> +   # reset list of DOMAINS, DNS servers and EXTRA mounts (for each 
> dnsmasq instance)
> DNS_SERVERS=""
> DOMAIN=""
> +   EXTRA_MOUNT=""
> CONFIGFILE="${BASECONFIGFILE}.${cfg}"
> CONFIGFILE_TMP="${CONFIGFILE}.$$"
> HOSTFILE="${BASEHOSTFILE}.${cfg}"

Applied your fix, thank you!

___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel

Re: SSH/MTU Issues in OpenVPN tunnel on OpenWRT 21.02 RC3

2021-08-01 Thread Federico Capoano 
I confirm that disabling lzo compression fixed it.
I also found out when I finally checked the recent changes to OpenVPN,
I should have done that sooner and will do it again next time
something like this happens.

Thanks
F.


Best regards
Federico Capoano
OpenWISP OÜ
Harjumaa, Tallinn, Sepapaja tn 6, 15551
VAT: EE101989729
openwisp.io


On Sat, Jul 31, 2021 at 8:43 PM Etienne Champetier
 wrote:
>
> Hi Federico,
>
> Le sam. 31 juil. 2021 à 20:33, Federico Capoano
>  a écrit :
> >
> > Hi everyone,
> >
> > I wrote about this issue in the forum and I was advised to post here
> > as well so I'm following the advice.
> > (Forum discussion:
> > https://forum.openwrt.org/t/ssh-mtu-issues-on-openvpn-on-openwrt-21-02-rc3-linux-kernel-5-4-132/102686).
> >
> [...]
> >
> > OpenVPN version on clients with new firmare:
> >
> > OpenVPN 2.5.3 mipsel-openwrt-linux-gnu [SSL (mbed TLS)] [LZ4] [EPOLL]
> > [MH/PKTINFO] [AEAD]
> > library versions: mbed TLS 2.16.10
> > Originally developed by James Yonan
> > Copyright (C) 2002-2021 OpenVPN Inc 
>
> openvpn-mbedtls is now build without lzo support, you can:
> 1) disable lzo on the server (actually the best thing to do IMO)
> 2) enable it in your build
> 3) use openvpn-openssl package
>
> More discussion here: https://github.com/openwrt/packages/issues/15854
>
> Best
> Etienne
>
> > OpenVPN version on clients with older firmware:
> >
> > OpenVPN 2.5.3 mipsel-openwrt-linux-gnu [SSL (mbed TLS)] [LZO] [LZ4]
> > [EPOLL] [MH/PKTINFO] [AEAD]
> > library versions: mbed TLS 2.16.10, LZO 2.10
> > Originally developed by James Yonan
> > Copyright (C) 2002-2021 OpenVPN Inc 
> >
> [...]
> >
> > Best regards
> > Federico Capoano

___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel

[sdwalker/sdwalker.github.io] 9e317a: This week's update

2021-08-01 Thread Stephen Walker via openwrt-devel 
The sender domain has a DMARC Reject/Quarantine policy which disallows
sending mailing list messages using the original "From" header.

To mitigate this problem, the original message has been wrapped
automatically by the mailing list software.--- Begin Message ---
  Branch: refs/heads/master
  Home:   https://github.com/sdwalker/sdwalker.github.io
  Commit: 9e317a7ab1d8c6e51cf8f7eafcb4867ffd17fe0a
  
https://github.com/sdwalker/sdwalker.github.io/commit/9e317a7ab1d8c6e51cf8f7eafcb4867ffd17fe0a
  Author: Stephen Walker 
  Date:   2021-08-01 (Sun, 01 Aug 2021)

  Changed paths:
M uscan/index-18.06.html
M uscan/index-19.07.html
M uscan/index-21.02.html
M uscan/index.html

  Log Message:
  ---
  This week's update



--- End Message ---
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel

Re: [PATCH] kernel: set CONFIG_RCU_FANOUT=64 for 64bit targets

2021-08-01 Thread Rui Salvaterra 
Hi, Stijn,

On Sat, 31 Jul 2021 at 11:01, Stijn Tintel  wrote:
>
> Alternatively we could disable CONFIG_RCU_EXPERT entirely. Not sure why
> it was enabled in the first place. If anyone knows, please do share.

Yes, please! Personal note, CONFIG_RCU_EXPERT is one of those things I
don't even touch. The (performance) breakage potential is big and I
really trust the defaults are sane. Just disable it.

Thanks,
Rui

___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel