Skip to content

Infix v24.08.0
Compare
Choose a tag to compare
@github-actions github-actions released this 30 Aug 16:24
· 426 commits to main since this release
v24.08.0
8a09b3e

News: this release adds full configuration support for syslog, with logging to local files, external media, remote log server, as well as support for acting as a log sink/server. External media can now be mounted automatically, very useful, not only for logging, but also for upgrading and container images.

Finally, the following consumer boards are now fully supported:

  • NanoPi R2S (ARM)
  • StarFive VisionFive2 (RISC-V)

Changes

  • Upgrade Buildroot to 2024.02.5 (LTS)
  • Upgrade Linux kernel to 6.6.46 (LTS)
  • Issue #158: enhance security of factory reset. All file content is now overwritten x3, the last time with zeroes, then removed.
    Example, on the NanoPi R2S this process takes ~30 seconds, but may take longer in setups with bigger configurations, e.g., containers
  • Issue #497: support for auto-mounting USB media. Useful for logging, upgrade, and container images. Mounted under /media/<LABEL>, where <LABEL> is the partition label(s) available on the USB media
  • Issue #503: configurable syslog support, based on IETF Syslog config draft model, includes file based logging (built-in or external media) and remote logging, as well as acting as a log sink (remote server) for syslog clients (Infix extension). Documentation available in Syslog Support
  • Issue #521: audit trail support. Logs changes to configuration, both running-config and startup-config, as well as RPCs, e.g., setting system date-time. Logs contain name of user and the action taken. Supported for CLI, NETCONF, and RESTCONF
  • Issue #545: sort loopback interface first in CLI show interfaces
  • New documentation for Ethernet interfaces: how to set speed, duplex, query status and statistics
  • Issue #587: add YANG must expressions for bridge multicast filters
  • Initial RISC-V (riscv64) support: StarFive VisionFive2
  • Massive updates to the NanoPi R2S:
    • Update Linux kernel to v6.10.3 and sync defconfig with aarch64
    • Workaround reboot command "hang" on NanoPi R2S (failure to reboot) by replacing the Rockchip watchdog driver with "softdog"
    • Update U-Boot to v2024.07, enable secure boot loading of images
    • Rename interfaces to LAN + WAN to match case and LEDs
    • Rename images to infix-r2s$ver.ext, not same as other aarch64
    • Change rootfs to squashfs for enhanced security
    • Add RAUC support to simplify device maintenance/upgrade
    • Add support for saving unique interface MAC addresses in U-Boot
    • Add support for system LEDs, see product's README
    • Add support for reset button from U-Boot, to trigger factory reset, and from Linux, to trigger reboot
    • Add static factory-config as an example
    • Full LED control, including WAN LED (link up and DHCP lease)
  • Password login can now be disabled by removing the password. Before this change only empty password disabled password login (in favor of SSH key login), removing the password locked the user completely out
  • Add LED indication on factory reset, all LEDs available in Linux /sys/class/leds are turned on while clearing writable partitions
  • CLI: improve dir and show log command user experience. List files also in user's home directory and allow displaying gzipped log files
  • Lock down CLI admin-exec to prevent unprivileged users from managing system configuration or state.
  • The local log file /var/log/syslog no longer contains debug level log messages. See /var/log/debug for all log messages

Fixes

  • Fix #274: add missing link/traffic LEDs on NanoPi R2S LAN port
  • Fix #489: ensure all patches are versioned, including Linux kernel
  • Fix #531: creating a new VLAN interface named vlanN should not set lower-layer-if to vlanN. With the vlanN pattern, only C-VLAN and VID can be inferred
  • Fix #541: make sure Frr OSPF logs are sent to syslogd and filtered to /var/log/routing for easy access from the CLI
  • Fix #542: warning message from login, cannot find pam_lastlog.so
  • Fix #570: the CLI change password command does not work
  • Fix #576: the CLI tab completion for startup-config does not work
  • Fix #585: on internal configuration database error, restart internal service sysrepo-plugind to attempt to get remote access over NETCONF and RESTCONF back to the user
  • Silence bogus sysctl warnings at boot (syslog)
  • Silence output from user group member check (sys-cli in syslog)
  • Fix annoying CLI freeze if pressing any key before initial prompt
Assets 8
Loading