From 59956f2a913e9912432536c2b8b94e7916ffe968 Mon Sep 17 00:00:00 2001 From: A Holt Date: Tue, 31 Dec 2024 22:20:48 -0500 Subject: [PATCH 001/148] default_vars.yml: Launch 8.3 Release Cycle --- vars/default_vars.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vars/default_vars.yml b/vars/default_vars.yml index 1e84fd3e0..4e61819a2 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -13,7 +13,7 @@ # IIAB (PRE-)release version number, for {{ iiab_env_file }} -iiab_base_ver: 8.2 +iiab_base_ver: 8.3 iiab_revision: 0 # 2022-06-23: ./iiab-install (with 'sudo iiab') follow the traditional linear From 8d0f45bd4d674e7583f39fbe29317d6bc2ee4020 Mon Sep 17 00:00:00 2001 From: root Date: Sun, 5 Jan 2025 16:35:38 -0500 Subject: [PATCH 002/148] Initial commit(x3) of Upload2USB stick app: 3 *.php files + UK logo --- roles/usb_lib/files/upload2usb/index.php | 50 +++++++++++++ roles/usb_lib/files/upload2usb/uk-swing.png | Bin 0 -> 4880 bytes .../usb_lib/files/upload2usb/upload-file.php | 70 ++++++++++++++++++ roles/usb_lib/files/upload2usb/upload2usb.php | 68 +++++++++++++++++ 4 files changed, 188 insertions(+) create mode 100644 roles/usb_lib/files/upload2usb/index.php create mode 100644 roles/usb_lib/files/upload2usb/uk-swing.png create mode 100644 roles/usb_lib/files/upload2usb/upload-file.php create mode 100644 roles/usb_lib/files/upload2usb/upload2usb.php diff --git a/roles/usb_lib/files/upload2usb/index.php b/roles/usb_lib/files/upload2usb/index.php new file mode 100644 index 000000000..ad4156876 --- /dev/null +++ b/roles/usb_lib/files/upload2usb/index.php @@ -0,0 +1,50 @@ + + + + + + + IIAB Homework Submission App + + + + + + + + + + +
+
+
+ +
+ +

Internet in a Box Homework Submission

+ + +

+ +
+
+ homework files have been submitted today! + +
+
+
+ + + diff --git a/roles/usb_lib/files/upload2usb/uk-swing.png b/roles/usb_lib/files/upload2usb/uk-swing.png new file mode 100644 index 0000000000000000000000000000000000000000..c5470365e784b58dde5eb8e9f2a1975621b700fc GIT binary patch literal 4880 zcma)A2UJtb77azv(4>hEDWQl6LJA550#fBsLJ2`ak(wa+kYW-bQ~^JHW{%acQBfuafYPTD+npdB#?%Xm1SqlWod6CtApplVg!KooK>_S6 zTZ(nTqVWLEZ{q-fHLC^aV@V!3khM37MxuI?$RI=8BOs)^C!V<72LL#-*naV3vH$c% zXL0FDszuk4 z{f5wD+1tZlSB!1%2m1N@p_4%V8Hh;zkrgXHFx{ODhN?oq|G^1~{O@iA!ryvQX(-&U%>FhY z6&*;%fl)Xr$&ccRW5MPAP67?@^&fb)XTB@{R@m?PB3P@VWk|uf(?}FFiR7#MUmpzw z_}}5bD!0vqL~0q~D0qJy_85gk_*P=FJB5ndR<0xahxDIo@0Q zwjVw%7KF77?%Uf>7m5J?W$XtY0p8x5f7+|x4}x!_tdl?&$STwyr;0A{*3HBv)^XWn zYNU^*voX{7Xy{haw&6qa5pFHf@|`c$VhYj593?TayBjRl3#GHN3+y8H_z3E>Qqeb6 zUNP3}4poO8KJI<%nXD{9a2GpUtf243LLHCSqj3~8yA7woPSev{)AfF<)66%_(a^{C zGif(c?@?!-rf+&JytubW2sy(o&@evpvCGF_9_doyVO(KDOyv6w_F5^vn{BQs*SqTZ zQx0x^Ut+7n+u+rOWji!l0@$iOH^?xIKDUEsj|4w6psKTBuD_rlF**5YZ%+?omyCa2 zZm#pnh)w@^*brr*3d9x-UfM7g@URuD$3&6LMFoUM9a+svz0W^!bS{a~wY#I8dx?zK22Tow&cj=Rp`5}g1VH4t{x z;p~P<^$biuPHx;cLe9Rn?;u*($ibEuXO|r#UF>|1lC$*S9G~|24YHg3GelO&5;Pb2 zsh%y&$8(nId}TxlU0ue?9Sjq`XR^g9#YL-h@rjs%@p4|?&^u8a@IBZiXpHK`n4ibdyRTrf^f!RgJL zQJu0%i9T<3_;x{Ey7r9c_?dr<+vGR zHsze5PQv$mi>HLLADcYn(7XaWjPgElVoZ~3Hnm;fmmbQhBV$^9Ek;pQBAH!7OjOh_ z=65Wi5pbnTz4|nkU zGMz`N#Qku`0d@Px@E+be*Jht<^_K2HTsbwuqKy0O>E;Zb;IQcWh8tJI0&J)J<_C)Q zY*;bgM!(V$5IF^r((|?53BAXG^T3Y|w>C&icIRD@;JQ z&=k!AiM$4zm*7R=dfL?r^&0MC@@`-%q?=F53CyUyqxA5pxiHfN#`ZR4rl(6*(NR9C5j?#nLJUGqiy>Rx8Gm)sVFwr>S%-Fn+%0CD> z-+~TOQr7e>RX}D_M+qR;%du(6v(3eyQ^+n`U%xmxzQ1|9HY|o$P0^)_G||vMJf3et zR*z1Vvo$*XQ6^XDf@$a5y`u$>`rox-afUib3;F@~x?{Ss_vMn`pA)CkU^<3wp1kpH#bQ89|8t!EMax_p5u$Yis-n#*u-nN z-*!htBl89Go-*1WL(;9|JxME?;4eW}Xwe53>Y|6h>ba zXs1bVEz;}^7j#*oo_$0d+R+>ppS~N0A>9NpC&CK?6`kO(zXHDK%}>aYa;+C$1uku= z^^CTxN)IGAPn{_)F7_*ahabQRaZREKoMqZ|3oEs4s}B_d_Al~Q-ClZcD29LL^!wDU z5v767zP0j~77D)VbK+}k)_|cA1#c&4?5S{e)$3K&V+6%lClngS5f^|wJm<3l6IM#~ zAibx>l~*dP+cHm3lJuA4=qK2aT7l$g8~zmm6+L@k*{Z=Qmur#-(P!im=i2NlVMJ^; z3EDj4U8@^O&M6U&G9i)kYGZo?B)`z?Bm^+_134*N!+m;vp_w$bYkHqz5MAMV!NR9A z4#cU$9Y`3abkW5q#YwXs`|QMMEVl!GhLP47xp|2%5K%}8>9@&eztG+%dErR!j((vh zU7G%ecQ!t_jV!s9W(|oc7BG#e1%*0-9Tf&8XBd-nlVP~lHizUJR8jTMeD7Z}<~-dl z_S!D*y~?gAM_raBUN}c6&qK* z`we{Qryl(lEVu&W9Ei9Y^YBGTYDmv$sokyPwr+Hu$)QKlJF}Li8jE~ z`G_~|i=gSkT)MbhKTxO4N<~LXobFn1Hb(Rc`^^jzuXJmQ#81qt$94~g)8S(gwf{Kz zi8&gue2#A)|9wf!7um7Iw55Trla0bH^8Gc}g@NgDnVW^WAIM5&k|q5IhP-(VLhySx zj#ebRNJs zwnhYt*$)FHj|bIfT)EPFnWtmbq2ocyEelkWGi=K%H8s^<#j$D@H`jEr*S=BDqi33T z34Tq2V_N;{*aom%YmKe}xQkrHR!MWy>xkr#|@lLB}3&L$2qpaYk&_Shvz4*}Hc68y*`XoWR@~k( zt2g)xta!tSw|TX`?rj!DoMHw()T}A(Bgr*Js(%Q)+d4EMe>CRBNM3|UvOz1GNr>FA zjviv+T;h;GPv}@zNemHspevMieviuhx=d@C&HVlW(cD-+DebxY{SrDdx7^=8FIjvU zU(kZ?Etoo(-Z{Uqdwq~2IKnKr^d2{yKT(D` zHPr7Ib?;(WTO4XDGPEvA7}K2Op|ItI^{Gm4cI^cA`wPftTTO)bbI>2?r4CCaZfPQT zpu+Z^3i)hS2iH7=6s;Jy`JT(x`2hB>n1xmV?p>qx&2?a0;mnA&Dd5y8eFehAOJ9GIhJ|9h?&z zynplN&Az5Q!Hazy=dXvn;H)f%*5=U@Vs3bOwq+PV&h{hBmrkE6Q8KCPco=-B{)rPG z?Y7KUkviS@9;M{$q778xU6AX}C%mEEIOgJAU1Meax@8ro>UUEe=4&sP%wkLg^%V%C z8Y$hU<*K-Q-?f)POtpr2&a{(wQbllkMBH~MGdcJJTynoit!N8I zU`i#W%&wQ~_v;4B-P|dkB%(}nwev(*fYBC$D<6}uc%=9P6%`fNI786Wm`$0jtB*9Q zp69#i$k=y-?kWI>GWdq>RmU%rA_q)A7VN$_1A}@#yJ=TZTIEH_DbJx)h=2mJqt9OO z(>M@1utN|kKaD*`^j;H_SY7IG1J7#n&+>Z1YL9M)WBNSmuIgE9Bv~@5){<{^c6R0q zZ%V}Oil1<9RT`KpoiH}dfBu>q4?ZdO`AW34@W@1|#9R4y^qQ8JrGEPDmOHg~aM^QM zVjUiFX69L$4_D?_XWBM@GCu5zvVVL3bB}INSAVVF+ggkZR6EsZcJD3~^CHM0wx`6% z_o^d{92v`fCy54JCS9fzANCYcip-0yBrH6k*uKeXpD>ZtN?J0pWB9IH4K>uRm{mMS zx2z=D_efn&vGi2V!9Kq{pEPI`+oq(ozcp206%ZE^xp7F9(=HpH(Pv|?*lE_$-F-U# zGryZoXZ^{p>qpEF1_$1Xtk>vp79A%CJh~%wnyheF;!99jT}@3*pTpfP+jJ4}HR%}G Wk%K$rjbygJ8krhf8kHKjMg9{3Sx(si literal 0 HcmV?d00001 diff --git a/roles/usb_lib/files/upload2usb/upload-file.php b/roles/usb_lib/files/upload2usb/upload-file.php new file mode 100644 index 000000000..e2053864e --- /dev/null +++ b/roles/usb_lib/files/upload2usb/upload-file.php @@ -0,0 +1,70 @@ + + + + + + + IIAB Homework Submission App + + + + + + + + + + +
+
+
+ + +

Internet in a Box Homework Submission

+
+ homework files have been submitted today! + +
+
+
+ + + + diff --git a/roles/usb_lib/files/upload2usb/upload2usb.php b/roles/usb_lib/files/upload2usb/upload2usb.php new file mode 100644 index 000000000..20b98e162 --- /dev/null +++ b/roles/usb_lib/files/upload2usb/upload2usb.php @@ -0,0 +1,68 @@ + 5000000) { +// $upload_msg = "Your file is too large."; +// $upload_ok = 0; +// } + +?> From 8d167ab98192454479c481d738d8b621412dcff9 Mon Sep 17 00:00:00 2001 From: avni Date: Mon, 6 Jan 2025 01:12:24 +0100 Subject: [PATCH 003/148] roles/usb_lib/tasks/install.yml: Add yaml to copy upload2usb app files to local_content folder --- roles/usb_lib/tasks/install.yml | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/roles/usb_lib/tasks/install.yml b/roles/usb_lib/tasks/install.yml index e0699a652..c26746a61 100644 --- a/roles/usb_lib/tasks/install.yml +++ b/roles/usb_lib/tasks/install.yml @@ -76,6 +76,18 @@ - { src: 'iiab-usb_lib-show-all-off', dest: '/usr/bin/', mode: '0755' } - { src: 'iiab-clean-usb.sh', dest: '/usr/sbin/', mode: '0755' } +# 2025-01-05: Copy upload2usb app files (#3875) to local_content +- name: 'Copy upload2usb app files from files/upload2usb/' + copy: + src: "{{ item }}" + dest: "{{ doc_root }}/local_content/upload2usb" # /library/www/html + owner: "{{ apache_user }}" + group: "{{ apache_user }}" + mode: "0755" + with_fileglob: + - upload2usb/* + + # 2021-03-21: If usbmount is repackaged by apt as a result of Linux kernel 5.4+ # supporting exFAT, the stanza below (might) in future no longer be needed... # SEE ALSO: https://github.com/iiab/iiab/blob/586bfc5cb1abf6b4333a21d3fa89695f115432dc/roles/2-common/tasks/packages.yml#L11-L12 From 2706381a382c8e7326adcf1ab41769f350b0b380 Mon Sep 17 00:00:00 2001 From: avni Date: Mon, 6 Jan 2025 04:46:28 +0100 Subject: [PATCH 004/148] usb_lib/tasks/install.yml: Fixing yaml so upload2usb directory is created before files are copied --- roles/usb_lib/tasks/install.yml | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/roles/usb_lib/tasks/install.yml b/roles/usb_lib/tasks/install.yml index c26746a61..e05eeefc0 100644 --- a/roles/usb_lib/tasks/install.yml +++ b/roles/usb_lib/tasks/install.yml @@ -76,14 +76,19 @@ - { src: 'iiab-usb_lib-show-all-off', dest: '/usr/bin/', mode: '0755' } - { src: 'iiab-clean-usb.sh', dest: '/usr/sbin/', mode: '0755' } -# 2025-01-05: Copy upload2usb app files (#3875) to local_content -- name: 'Copy upload2usb app files from files/upload2usb/' +- name: '2025-01-05: Add upload2usb directory to local_content' + file: + state: directory + path: "{{ doc_root }}/local_content/upload2usb" + owner: "{{ apache_user }}" + group: "{{ apache_user }}" + mode: 0755 + + +- name: '2025-01-05: Copy upload2usb app (#3875) files from files/upload2usb/ to local_content' copy: src: "{{ item }}" dest: "{{ doc_root }}/local_content/upload2usb" # /library/www/html - owner: "{{ apache_user }}" - group: "{{ apache_user }}" - mode: "0755" with_fileglob: - upload2usb/* From 99ff433a90f8d49d559d57a1540221766bb350a0 Mon Sep 17 00:00:00 2001 From: avni Date: Mon, 6 Jan 2025 04:48:19 +0100 Subject: [PATCH 005/148] usb_lib/files/upload2usb/*: renaming app to Upload To USB instead of HW Submission, other minor cleanup/styling --- roles/usb_lib/files/upload2usb/index.php | 14 +++++++------- roles/usb_lib/files/upload2usb/upload-file.php | 16 ++++++++-------- roles/usb_lib/files/upload2usb/upload2usb.php | 16 +++------------- 3 files changed, 18 insertions(+), 28 deletions(-) diff --git a/roles/usb_lib/files/upload2usb/index.php b/roles/usb_lib/files/upload2usb/index.php index ad4156876..8151458b4 100644 --- a/roles/usb_lib/files/upload2usb/index.php +++ b/roles/usb_lib/files/upload2usb/index.php @@ -16,7 +16,7 @@ $file_count = getFileCount(getTargetFolderPath(0)); - IIAB Homework Submission App + IIAB Upload to USB App @@ -31,16 +31,16 @@ $file_count = getFileCount(getTargetFolderPath(0));
-
- -

Internet in a Box Homework Submission

+ + +

Internet in a Box Upload to USB

- -

+ +


- homework files have been submitted today! + files have been uploaded today!
diff --git a/roles/usb_lib/files/upload2usb/upload-file.php b/roles/usb_lib/files/upload2usb/upload-file.php index e2053864e..ef23713ab 100644 --- a/roles/usb_lib/files/upload2usb/upload-file.php +++ b/roles/usb_lib/files/upload2usb/upload-file.php @@ -6,13 +6,13 @@ include("upload2usb.php"); -//get folder path where homework will be stored +//get folder path where file will be stored $target_folder_path = getTargetFolderPath(1); -$target_file = $target_folder_path . "/" . basename($_FILES["hw_submission"]["name"]); +$target_file = $target_folder_path . "/" . basename($_FILES["uploaded_file"]["name"]); $upload_ok = 1; $upload_msg = ""; -if(!isset($_POST["submit"]) || empty(basename($_FILES["hw_submission"]["name"]))) { +if(!isset($_POST["submit"]) || empty(basename($_FILES["uploaded_file"]["name"]))) { $upload_msg = "No file submitted."; $upload_ok = 0; } elseif (file_exists($target_file)) { @@ -26,8 +26,8 @@ if ($upload_ok == 0) { // if everything is ok, try to upload file } else { - if (move_uploaded_file($_FILES["hw_submission"]["tmp_name"], $target_file)) { - $upload_msg = "😊 ✅ Your homework file ". htmlspecialchars( basename( $_FILES["hw_submission"]["name"])). " was successfully uploaded!"; + if (move_uploaded_file($_FILES["uploaded_file"]["tmp_name"], $target_file)) { + $upload_msg = "😊 ✅ Your file ". htmlspecialchars( basename( $_FILES["uploaded_file"]["name"])). " was successfully uploaded!"; } else { $upload_msg = "❌ There was an error uploading your file. " . $upload_msg; } @@ -41,7 +41,7 @@ $file_count = getFileCount($target_folder_path) - IIAB Homework Submission App + IIAB Upload to USB App @@ -57,9 +57,9 @@ $file_count = getFileCount($target_folder_path)
-

Internet in a Box Homework Submission

+

Internet in a Box Upload to USB


- homework files have been submitted today! + files have been submitted today!
diff --git a/roles/usb_lib/files/upload2usb/upload2usb.php b/roles/usb_lib/files/upload2usb/upload2usb.php index 20b98e162..15a94290d 100644 --- a/roles/usb_lib/files/upload2usb/upload2usb.php +++ b/roles/usb_lib/files/upload2usb/upload2usb.php @@ -16,19 +16,14 @@ function getTargetUSBDriveLocation () { if (empty($removable_usb_path)) { return "/library/www/html/local_content/"; } else { - return $removable_usb_path . "/"; } - } -//returns folder path where homework will be stored, if create_folder_p = 1, it will create the folder if it doesn't exist +//returns folder path where file will be stored, if create_folder_p = 1, it will create the folder if it doesn't exist function getTargetFolderPath ($create_folder_p) { $parent_dir = getTargetUSBDriveLocation(); - - -error_log("PARENTDIR: " . $parent_dir); - +// error_log("PARENTDIR: " . $parent_dir); $today_folder_name = "UPLOADS." . date("Y-m-d"); $target_folder_path = $parent_dir . $today_folder_name; @@ -36,9 +31,7 @@ error_log("PARENTDIR: " . $parent_dir); mkdir($target_folder_path, 0777); } - return $target_folder_path; - } //return number of files within a specified folder @@ -48,19 +41,16 @@ function getFileCount ($folder_path) { //*** TODO *** check file content to see if it's unique or not function isFileContentUnique ($file) { - - } //*** TODO **** check if file exists based on file name and return unique name if does function getUniqueFileName ($filename) { - } // Check file size - we are not going to check file size for now. -// elseif ($_FILES["hw_submission"]["size"] > 5000000) { +// elseif ($_FILES["uploaded_file"]["size"] > 5000000) { // $upload_msg = "Your file is too large."; // $upload_ok = 0; // } From 8fb56561893419e08e592f954a69f4444d3c118e Mon Sep 17 00:00:00 2001 From: root Date: Sun, 5 Jan 2025 23:43:52 -0500 Subject: [PATCH 006/148] usb_lib/templates/content_dir.conf.unused: rename unused file --- .../templates/{content_dir.conf => content_dir.conf.unused} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename roles/usb_lib/templates/{content_dir.conf => content_dir.conf.unused} (100%) diff --git a/roles/usb_lib/templates/content_dir.conf b/roles/usb_lib/templates/content_dir.conf.unused similarity index 100% rename from roles/usb_lib/templates/content_dir.conf rename to roles/usb_lib/templates/content_dir.conf.unused From 1da4d45509868e5fe0fc5c6bf0ed71bf1fd9b8a1 Mon Sep 17 00:00:00 2001 From: A Holt Date: Mon, 6 Jan 2025 00:29:57 -0500 Subject: [PATCH 007/148] Update LICENSING.md --- LICENSING.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/LICENSING.md b/LICENSING.md index 33776a06e..77c1ed0b9 100644 --- a/LICENSING.md +++ b/LICENSING.md @@ -15,6 +15,6 @@ this is to include the following two lines at the top of the file: Licensed under the terms of the GNU GPL v2 or later; see LICENSE for details. All files not containing an explicit copyright notice or terms of license in -the file are Copyright © 2015-2024, Unleash Kids, and are licensed under the +the file are Copyright © 2015-2025, Unleash Kids, and are licensed under the terms of the GPLv2 license in the file named LICENSE in the root of the repository. From 956257f6cb57a7382b2bcfc2c92ebba41238a454 Mon Sep 17 00:00:00 2001 From: avni Date: Wed, 8 Jan 2025 11:45:00 +0100 Subject: [PATCH 008/148] usb_lib/upload/*.php, usb_lib/tasks/install.yml: Moving app from upload2usb/ to upload/; Fixing UK image on upload-file page; Minor formatting changes --- .../usb_lib/files/{upload2usb => upload}/index.php | 2 +- .../files/{upload2usb => upload}/uk-swing.png | Bin .../files/{upload2usb => upload}/upload-file.php | 2 +- .../files/{upload2usb => upload}/upload2usb.php | 1 + roles/usb_lib/tasks/install.yml | 10 +++++----- 5 files changed, 8 insertions(+), 7 deletions(-) rename roles/usb_lib/files/{upload2usb => upload}/index.php (96%) rename roles/usb_lib/files/{upload2usb => upload}/uk-swing.png (100%) rename roles/usb_lib/files/{upload2usb => upload}/upload-file.php (96%) rename roles/usb_lib/files/{upload2usb => upload}/upload2usb.php (96%) diff --git a/roles/usb_lib/files/upload2usb/index.php b/roles/usb_lib/files/upload/index.php similarity index 96% rename from roles/usb_lib/files/upload2usb/index.php rename to roles/usb_lib/files/upload/index.php index 8151458b4..0287e44f2 100644 --- a/roles/usb_lib/files/upload2usb/index.php +++ b/roles/usb_lib/files/upload/index.php @@ -35,7 +35,7 @@ $file_count = getFileCount(getTargetFolderPath(0));

Internet in a Box Upload to USB

- +


diff --git a/roles/usb_lib/files/upload2usb/uk-swing.png b/roles/usb_lib/files/upload/uk-swing.png similarity index 100% rename from roles/usb_lib/files/upload2usb/uk-swing.png rename to roles/usb_lib/files/upload/uk-swing.png diff --git a/roles/usb_lib/files/upload2usb/upload-file.php b/roles/usb_lib/files/upload/upload-file.php similarity index 96% rename from roles/usb_lib/files/upload2usb/upload-file.php rename to roles/usb_lib/files/upload/upload-file.php index ef23713ab..684372823 100644 --- a/roles/usb_lib/files/upload2usb/upload-file.php +++ b/roles/usb_lib/files/upload/upload-file.php @@ -56,7 +56,7 @@ $file_count = getFileCount($target_folder_path)
- +

Internet in a Box Upload to USB


files have been submitted today! diff --git a/roles/usb_lib/files/upload2usb/upload2usb.php b/roles/usb_lib/files/upload/upload2usb.php similarity index 96% rename from roles/usb_lib/files/upload2usb/upload2usb.php rename to roles/usb_lib/files/upload/upload2usb.php index 15a94290d..bd13d1f6b 100644 --- a/roles/usb_lib/files/upload2usb/upload2usb.php +++ b/roles/usb_lib/files/upload/upload2usb.php @@ -16,6 +16,7 @@ function getTargetUSBDriveLocation () { if (empty($removable_usb_path)) { return "/library/www/html/local_content/"; } else { +// error_log ("REMOVABLE USB PATH: " . $removable_usb_path); return $removable_usb_path . "/"; } } diff --git a/roles/usb_lib/tasks/install.yml b/roles/usb_lib/tasks/install.yml index e05eeefc0..de16e83a7 100644 --- a/roles/usb_lib/tasks/install.yml +++ b/roles/usb_lib/tasks/install.yml @@ -76,21 +76,21 @@ - { src: 'iiab-usb_lib-show-all-off', dest: '/usr/bin/', mode: '0755' } - { src: 'iiab-clean-usb.sh', dest: '/usr/sbin/', mode: '0755' } -- name: '2025-01-05: Add upload2usb directory to local_content' +- name: '2025-01-05: Add upload2usb app directory to local_content' file: state: directory - path: "{{ doc_root }}/local_content/upload2usb" + path: "{{ doc_root }}/local_content/upload" owner: "{{ apache_user }}" group: "{{ apache_user }}" mode: 0755 -- name: '2025-01-05: Copy upload2usb app (#3875) files from files/upload2usb/ to local_content' +- name: '2025-01-05: Copy upload2usb app (#3875) files from files/upload/ to local_content' copy: src: "{{ item }}" - dest: "{{ doc_root }}/local_content/upload2usb" # /library/www/html + dest: "{{ doc_root }}/local_content/upload" # /library/www/html with_fileglob: - - upload2usb/* + - upload/* # 2021-03-21: If usbmount is repackaged by apt as a result of Linux kernel 5.4+ From 30f940a5f4c8f13e94fbcef8591747035273a014 Mon Sep 17 00:00:00 2001 From: avni Date: Sun, 12 Jan 2025 12:04:47 +0100 Subject: [PATCH 009/148] error.php, header.php, footer.php - Add custom exception handling, header, footer; index.php, upload-file.php, upload-2-usb.php - Require exactly 1 USB stick to be inserted, allow same file name but different content (using incremental numbering), reject duplicate content, restrict file types --- roles/usb_lib/files/upload/error.php | 16 +++++ roles/usb_lib/files/upload/footer.php | 14 +++++ roles/usb_lib/files/upload/header.php | 32 ++++++++++ roles/usb_lib/files/upload/index.php | 34 ++--------- roles/usb_lib/files/upload/upload-file.php | 56 +++++++----------- roles/usb_lib/files/upload/upload2usb.php | 68 ++++++++++++++++++---- 6 files changed, 142 insertions(+), 78 deletions(-) create mode 100644 roles/usb_lib/files/upload/error.php create mode 100644 roles/usb_lib/files/upload/footer.php create mode 100644 roles/usb_lib/files/upload/header.php diff --git a/roles/usb_lib/files/upload/error.php b/roles/usb_lib/files/upload/error.php new file mode 100644 index 000000000..75d4f5a2d --- /dev/null +++ b/roles/usb_lib/files/upload/error.php @@ -0,0 +1,16 @@ + + +AN ERROR occurred! Please make sure one and ONLY one (no more, no less) removable USB stick is plugged into your Internet-in-a-Box. Reach out to TK for help if you have any questions or continue having trouble with the setup. +

+ +Share the below error message with IIAB developers at TK for debugging: +
+ + + diff --git a/roles/usb_lib/files/upload/footer.php b/roles/usb_lib/files/upload/footer.php new file mode 100644 index 000000000..2e1fef0f7 --- /dev/null +++ b/roles/usb_lib/files/upload/footer.php @@ -0,0 +1,14 @@ + + +
+
+ + + + diff --git a/roles/usb_lib/files/upload/header.php b/roles/usb_lib/files/upload/header.php new file mode 100644 index 000000000..78592e86d --- /dev/null +++ b/roles/usb_lib/files/upload/header.php @@ -0,0 +1,32 @@ + + + + + + + <?php echo $title ?> + + + + + + + + + + +
+
+
+ + +

diff --git a/roles/usb_lib/files/upload/index.php b/roles/usb_lib/files/upload/index.php index 0287e44f2..670d8499e 100644 --- a/roles/usb_lib/files/upload/index.php +++ b/roles/usb_lib/files/upload/index.php @@ -4,47 +4,21 @@ * Upload2USB App Index Page */ -include("upload2usb.php"); +$title = "IIAB Upload to USB"; +include("header.php"); //Check if folder for today exists, and get file count if it does - $file_count = getFileCount(getTargetFolderPath(0)); ?> - - - - - IIAB Upload to USB App - - - - - - - - - - -
-
-
-
- -

Internet in a Box Upload to USB

-



- files have been uploaded today! + files have been uploaded today! -
-
-
- - + \ No newline at end of file diff --git a/roles/usb_lib/files/upload/upload-file.php b/roles/usb_lib/files/upload/upload-file.php index 684372823..d86f9aa60 100644 --- a/roles/usb_lib/files/upload/upload-file.php +++ b/roles/usb_lib/files/upload/upload-file.php @@ -4,20 +4,29 @@ * Upload2USB App - Process Submission */ -include("upload2usb.php"); +$title = "IIAB Upload to USB App Results"; +include("header.php"); //get folder path where file will be stored $target_folder_path = getTargetFolderPath(1); -$target_file = $target_folder_path . "/" . basename($_FILES["uploaded_file"]["name"]); +$uploaded_filename = basename($_FILES["uploaded_file"]["name"]); +$target_file = $target_folder_path . "/" . $uploaded_filename; $upload_ok = 1; $upload_msg = ""; -if(!isset($_POST["submit"]) || empty(basename($_FILES["uploaded_file"]["name"]))) { - $upload_msg = "No file submitted."; +if(!isset($_POST["submit"]) || !is_uploaded_file($_FILES['uploaded_file']['tmp_name'])) { + $upload_msg = "No file submitted!"; + $upload_ok = 0; +} elseif (!isFileMimeTypeAcceptable($_FILES["uploaded_file"]["tmp_name"])) { + $upload_msg = "You can not upload zips, executables, xml, and other high-risk files!"; + $upload_ok = 0; +} elseif (!isFileContentUnique($target_folder_path, $_FILES["uploaded_file"]["tmp_name"])) { + $upload_msg = "This file already exists!"; $upload_ok = 0; } elseif (file_exists($target_file)) { - $upload_msg = "This file already exists."; - $upload_ok = 0; + // rename file so name is unique + $new_filename = getUniqueFileName($target_folder_path, $uploaded_filename); + $target_file = $target_folder_path . "/" . $new_filename; } // Check if $upload_ok is set to 0 by an error @@ -27,44 +36,19 @@ if ($upload_ok == 0) { // if everything is ok, try to upload file } else { if (move_uploaded_file($_FILES["uploaded_file"]["tmp_name"], $target_file)) { - $upload_msg = "😊 ✅ Your file ". htmlspecialchars( basename( $_FILES["uploaded_file"]["name"])). " was successfully uploaded!"; + $upload_msg = "😊 ✅ Your file ". htmlspecialchars( $uploaded_filename ). " was successfully uploaded!"; } else { - $upload_msg = "❌ There was an error uploading your file. " . $upload_msg; + $upload_msg = "❌ There was an error uploading your file. " . $_FILES["upload_file"]["error"] . $upload_msg; } } -$file_count = getFileCount($target_folder_path) +$file_count = getFileCount($target_folder_path); ?> - - - - - IIAB Upload to USB App - - - - - - - - - - -
-
-
- - -

Internet in a Box Upload to USB


files have been submitted today! -
-
-
- - - + + diff --git a/roles/usb_lib/files/upload/upload2usb.php b/roles/usb_lib/files/upload/upload2usb.php index bd13d1f6b..3de51297d 100644 --- a/roles/usb_lib/files/upload/upload2usb.php +++ b/roles/usb_lib/files/upload/upload2usb.php @@ -4,6 +4,12 @@ * Upload2USB App Helper Functions */ +set_exception_handler(function (Throwable $exception) { + error_log('UPLOAD2USB ERROR: ' . (string)$exception); + + include ("error.php"); +}); + //return the first removable USB drive location function getTargetUSBDriveLocation () { @@ -11,26 +17,32 @@ function getTargetUSBDriveLocation () { // lsblk --output NAME,TRAN,RM,MOUNTPOINT --pairs |grep RM=\"1\" | grep -v MOUNTPOINT=\"\" |grep -oP '[^/]MOUNTPOINT="\K[^"]*' -m 1 // lsblk --output NAME,TRAN,RM,MOUNTPOINT --pairs |grep RM=\"1\" | grep -v MOUNTPOINT=\"\" | cut -d " " -f 4 | cut -d "=" -f 2 - $removable_usb_path = trim(str_replace('"', '', shell_exec('lsblk --output NAME,TRAN,RM,MOUNTPOINT --pairs |grep RM=\"1\" | grep -v MOUNTPOINT=\"\" | cut -d " " -f 4 | cut -d "=" -f 2'))); + # error if 1<>usb sticks are installed + $rmv_usb_path_count = shell_exec('lsblk --output NAME,TRAN,RM,MOUNTPOINT --pairs |grep RM=\"1\" | grep -v MOUNTPOINT=\"\" | cut -d " " -f 4 | wc -l'); + if ($rmv_usb_path_count == 0) { + throw new RuntimeException('0 USB sticks found

'); + } elseif ($rmv_usb_path_count > 1) { + throw new RuntimeException('More than 1 USB sticks installed

'); + } - if (empty($removable_usb_path)) { - return "/library/www/html/local_content/"; + $rmv_usb_path = trim(str_replace('"', '', shell_exec('lsblk --output NAME,TRAN,RM,MOUNTPOINT --pairs |grep RM=\"1\" | grep -v MOUNTPOINT=\"\" | cut -d " " -f 4 | cut -d "=" -f 2'))); + + if (empty($rmv_usb_path)) { + throw new RuntimeException('Not able to find USB stick

'); } else { -// error_log ("REMOVABLE USB PATH: " . $removable_usb_path); - return $removable_usb_path . "/"; + return $rmv_usb_path . "/"; } } //returns folder path where file will be stored, if create_folder_p = 1, it will create the folder if it doesn't exist function getTargetFolderPath ($create_folder_p) { $parent_dir = getTargetUSBDriveLocation(); -// error_log("PARENTDIR: " . $parent_dir); + $today_folder_name = "UPLOADS." . date("Y-m-d"); $target_folder_path = $parent_dir . $today_folder_name; if (!file_exists($target_folder_path) && $create_folder_p) { - mkdir($target_folder_path, 0777); - + mkdir($target_folder_path, 0777); } return $target_folder_path; } @@ -40,15 +52,45 @@ function getFileCount ($folder_path) { return count(glob($folder_path . "/*")); } -//*** TODO *** check file content to see if it's unique or not -function isFileContentUnique ($file) { +//check if file mimetype is acceptable for upload +function isFileMimeTypeAcceptable ($file) { + $mimetype = strtolower(mime_content_type($file)); + $invalid_mimetypes_str = array ("compress", "octet", "xml", "zip"); + foreach ($invalid_mimetypes_str as $invalid_mt_str) { + if (str_contains($mimetype, $invalid_mt_str)) { + return false; + } + } + return true; } +//check file content to see if it's unique or not +function isFileContentUnique ($target_folder_path, $file) { + $file_to_upload_md5 = md5_file($file); + $usb_dir = array_diff(scandir($target_folder_path), array('..', '.')); + foreach ($usb_dir as $dir_file) { + $dir_file = $target_folder_path . "/" . $dir_file; -//*** TODO **** check if file exists based on file name and return unique name if does -function getUniqueFileName ($filename) { + if (!is_dir($dir_file)) { + $dir_file_md5 = md5_file($dir_file); + if ($file_to_upload_md5 == $dir_file_md5) { + return false; + } + } + } + return true; } +//return unique filename +function getUniqueFileName ($target_folder_path, $filename) { + $new_filename = $filename; + $counter = 1; + while (file_exists($target_folder_path . "/" . $new_filename)) { + $counter++; + $new_filename = pathinfo($filename,8) . '-'. $counter . "." . pathinfo($filename,4); + } + return $new_filename; +} // Check file size - we are not going to check file size for now. // elseif ($_FILES["uploaded_file"]["size"] > 5000000) { @@ -56,4 +98,6 @@ function getUniqueFileName ($filename) { // $upload_ok = 0; // } + + ?> From 312ddce9ecbeda749e70e9e66cc2cc5ab33363e9 Mon Sep 17 00:00:00 2001 From: avni Date: Sun, 12 Jan 2025 12:07:37 +0100 Subject: [PATCH 010/148] Adding PR number to beginning of upload2usb block --- roles/usb_lib/tasks/install.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/roles/usb_lib/tasks/install.yml b/roles/usb_lib/tasks/install.yml index de16e83a7..670c2f61a 100644 --- a/roles/usb_lib/tasks/install.yml +++ b/roles/usb_lib/tasks/install.yml @@ -76,7 +76,7 @@ - { src: 'iiab-usb_lib-show-all-off', dest: '/usr/bin/', mode: '0755' } - { src: 'iiab-clean-usb.sh', dest: '/usr/sbin/', mode: '0755' } -- name: '2025-01-05: Add upload2usb app directory to local_content' +- name: '2025-01-05: Add upload2usb app (#3875) directory to local_content' file: state: directory path: "{{ doc_root }}/local_content/upload" @@ -84,7 +84,6 @@ group: "{{ apache_user }}" mode: 0755 - - name: '2025-01-05: Copy upload2usb app (#3875) files from files/upload/ to local_content' copy: src: "{{ item }}" @@ -92,7 +91,6 @@ with_fileglob: - upload/* - # 2021-03-21: If usbmount is repackaged by apt as a result of Linux kernel 5.4+ # supporting exFAT, the stanza below (might) in future no longer be needed... # SEE ALSO: https://github.com/iiab/iiab/blob/586bfc5cb1abf6b4333a21d3fa89695f115432dc/roles/2-common/tasks/packages.yml#L11-L12 From 917c6840d69e43d16155cb0035cd91e4fcdc69a2 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Wed, 8 Jan 2025 19:26:27 -0600 Subject: [PATCH 011/148] better visual feedback when running --- roles/network/tasks/hostapd.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/network/tasks/hostapd.yml b/roles/network/tasks/hostapd.yml index 4d64bf843..afc3d701c 100644 --- a/roles/network/tasks/hostapd.yml +++ b/roles/network/tasks/hostapd.yml @@ -3,7 +3,7 @@ hostapd_enabled: False when: (not wifi_up_down and discovered_wireless_iface == iiab_wan_iface) or discovered_wireless_iface == "none" or not can_be_ap -- name: Disable the Access Point 'hostapd' service +- name: Disable the Access Point 'hostapd' service hostapd_enabled False systemd: name: hostapd enabled: no @@ -15,7 +15,7 @@ ignore_errors: True when: wifi_up_down and can_be_ap and has_wifi_gateway is defined -- name: Set Wifi Region country code for hostapd when present +- name: Set Wifi Region country to {{ REG_DOM.stdout }} for hostapd when present set_fact: host_country_code: "{{ REG_DOM.stdout }}" when: REG_DOM.stdout is defined and REG_DOM.stdout | length > 0 From 9391d37f40944de7a61efffa68c76b51b246e19f Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Thu, 9 Jan 2025 16:43:01 -0600 Subject: [PATCH 012/148] move country code detection --- roles/network/tasks/detected_network.yml | 13 +++++++++++++ roles/network/tasks/hostapd.yml | 11 ----------- 2 files changed, 13 insertions(+), 11 deletions(-) diff --git a/roles/network/tasks/detected_network.yml b/roles/network/tasks/detected_network.yml index 0fe997598..34c5ade8d 100644 --- a/roles/network/tasks/detected_network.yml +++ b/roles/network/tasks/detected_network.yml @@ -239,6 +239,17 @@ iiab_lan_iface: "{{ iiab_wireless_lan_iface }}" when: iiab_wireless_lan_iface is defined and nobridge is defined +- name: Detect WiFi country code in use + shell: iw reg get | grep country | grep -v UNSET | awk '{print $2}' | sed "s|:||" + register: REG_DOM + ignore_errors: True + when: wifi_up_down and can_be_ap and has_wifi_gateway is defined + +- name: Set Wifi Region country to {{ REG_DOM.stdout }} for hostapd when present + set_fact: + host_country_code: "{{ REG_DOM.stdout }}" + when: REG_DOM.stdout is defined and REG_DOM.stdout | length > 0 + - name: In VM disable LAN - needs local_vars entry to activate set_fact: iiab_lan_iface: none @@ -295,6 +306,8 @@ value: "{{ iiab_wan_iface }}" - option: can_be_ap value: "{{ can_be_ap }}" + - option: host_country_code_found + value: "{{ host_country_code }}" # well if there ever was a point to tell the user things are FUBAR this is it. # limit 2 network adapters wifi wired diff --git a/roles/network/tasks/hostapd.yml b/roles/network/tasks/hostapd.yml index afc3d701c..ac5df14d9 100644 --- a/roles/network/tasks/hostapd.yml +++ b/roles/network/tasks/hostapd.yml @@ -9,17 +9,6 @@ enabled: no when: not hostapd_enabled -- name: Detect WiFi country code in use - shell: iw reg get | grep country | grep -v UNSET | awk '{print $2}' | sed "s|:||" - register: REG_DOM - ignore_errors: True - when: wifi_up_down and can_be_ap and has_wifi_gateway is defined - -- name: Set Wifi Region country to {{ REG_DOM.stdout }} for hostapd when present - set_fact: - host_country_code: "{{ REG_DOM.stdout }}" - when: REG_DOM.stdout is defined and REG_DOM.stdout | length > 0 - - name: Detect current Wifi channel shell: iw {{ discovered_wireless_iface }} info | grep channel | cut -d' ' -f2 register: current_client_channel From fa8cc5637e044f4cf46ebf96c0db51e96cbf356b Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Sun, 12 Jan 2025 10:26:51 -0600 Subject: [PATCH 013/148] move channel detection also --- roles/network/tasks/detected_network.yml | 16 ++++++++++++++++ roles/network/tasks/hostapd.yml | 16 ---------------- 2 files changed, 16 insertions(+), 16 deletions(-) diff --git a/roles/network/tasks/detected_network.yml b/roles/network/tasks/detected_network.yml index 34c5ade8d..aaaf06a7e 100644 --- a/roles/network/tasks/detected_network.yml +++ b/roles/network/tasks/detected_network.yml @@ -250,6 +250,11 @@ host_country_code: "{{ REG_DOM.stdout }}" when: REG_DOM.stdout is defined and REG_DOM.stdout | length > 0 +- name: Detect current Wifi channel + shell: iw {{ discovered_wireless_iface }} info | grep channel | cut -d' ' -f2 + register: current_client_channel + when: wifi_up_down and can_be_ap and has_wifi_gateway is defined + - name: In VM disable LAN - needs local_vars entry to activate set_fact: iiab_lan_iface: none @@ -309,6 +314,17 @@ - option: host_country_code_found value: "{{ host_country_code }}" +- name: Add 'detected_network' variable 'current_client_channel_found' value if defined, to {{ iiab_ini_file }} + ini_file: + dest: "{{ iiab_ini_file }}" + section: detected_network + option: "{{ item.option }}" + value: "{{ item.value | string }}" + with_items: + - option: client_wifi_channel_found + value: "{{ current_client_channel.stdout }}" + when: current_client_channel.stdout is defined + # well if there ever was a point to tell the user things are FUBAR this is it. # limit 2 network adapters wifi wired - name: I'm not guessing declare gateway please diff --git a/roles/network/tasks/hostapd.yml b/roles/network/tasks/hostapd.yml index ac5df14d9..67e04f798 100644 --- a/roles/network/tasks/hostapd.yml +++ b/roles/network/tasks/hostapd.yml @@ -9,11 +9,6 @@ enabled: no when: not hostapd_enabled -- name: Detect current Wifi channel - shell: iw {{ discovered_wireless_iface }} info | grep channel | cut -d' ' -f2 - register: current_client_channel - when: wifi_up_down and can_be_ap and has_wifi_gateway is defined - - name: Setting WiFi channel to {{ current_client_channel.stdout }} set_fact: host_channel: "{{ current_client_channel.stdout }}" @@ -120,14 +115,3 @@ value: "{{ host_country_code }}" - option: host_channel value: "{{ host_channel }}" - -- name: Add 'network' variable 'current_client_channel' value if defined, to {{ iiab_ini_file }} - ini_file: - dest: "{{ iiab_ini_file }}" - section: network - option: "{{ item.option }}" - value: "{{ item.value | string }}" - with_items: - - option: client_wifi_channel - value: "{{ current_client_channel.stdout }}" - when: current_client_channel.stdout is defined From a9c916e2199988c63faf2c4d51449d627d0dc108 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Wed, 8 Jan 2025 19:26:32 -0600 Subject: [PATCH 014/148] dont start hostapd when no_net_restart is True --- roles/network/tasks/restart.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/network/tasks/restart.yml b/roles/network/tasks/restart.yml index ec1dda7b6..9220e2d92 100644 --- a/roles/network/tasks/restart.yml +++ b/roles/network/tasks/restart.yml @@ -28,12 +28,12 @@ state: restarted when: wifi_up_down and can_be_ap and ansible_ap0 is undefined -- name: Restart hostapd when WiFi is present but not when using WiFi as gateway with wifi_up_down False +- name: Restart hostapd when WiFi is present but not when using WiFi as gateway systemd: name: hostapd state: restarted daemon_reload: yes - when: hostapd_enabled and (wifi_up_down or not no_net_restart) + when: hostapd_enabled and not no_net_restart # 2022-07-22: @jvonau suggests commenting this out as: "we really don't touch # any of the config files... netplan.yml renames one file if it's a container @@ -107,7 +107,7 @@ systemd: name: hostapd state: restarted - when: hostapd_enabled and wifi_slave.stdout is defined and wifi_slave.stdout == 0 + when: hostapd_enabled and not no_net_restart and wifi_slave.stdout is defined and wifi_slave.stdout == 0 #both interfaces.d and systemd-networkd should have br0 available and Appliance lacks br0 #keep an eye on legacy wifi installs where br0 is present but not 'online' with an ip address From fb008640ef031e476f8b11262e8a724b4a027880 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Wed, 8 Jan 2025 23:49:37 -0600 Subject: [PATCH 015/148] deal with tailscale0 --- roles/network/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/network/defaults/main.yml b/roles/network/defaults/main.yml index 82de51aff..6b81d5a58 100644 --- a/roles/network/defaults/main.yml +++ b/roles/network/defaults/main.yml @@ -55,7 +55,7 @@ strict_networking: False iiab_demo_mode: False gui_static_wan: False wan_cidr: "" -virtual_network_devices: "-e wwlan -e ppp -e ap0 -e lo -e br0 -e tun -e br- -e docker -e bridge0 -e veth" +virtual_network_devices: "-e wwlan -e ppp -e ap0 -e lo -e br0 -e tun -e br- -e docker -e bridge0 -e veth -e tailscale0" # Set defaults for discovery process as strings wifi1: "not found-1" From e75a8e5449e58b672fa776202411ea2755406af4 Mon Sep 17 00:00:00 2001 From: tim-moody Date: Mon, 13 Jan 2025 19:43:02 -0500 Subject: [PATCH 016/148] set www_data poweroff false with rename --- roles/0-DEPRECATED-ROLES/httpd/defaults/main.yml | 2 +- roles/www_options/tasks/main.yml | 16 ++++++++-------- roles/www_options/tasks/php-settings.yml | 2 +- ...ache_poweroff.j2 => 020_www_data_poweroff.j2} | 0 vars/default_vars.yml | 4 ++-- vars/local_vars_large.yml | 4 ++-- vars/local_vars_medical.yml | 2 +- vars/local_vars_medium.yml | 4 ++-- vars/local_vars_small.yml | 4 ++-- vars/local_vars_unittest.yml | 4 ++-- 10 files changed, 21 insertions(+), 21 deletions(-) rename roles/www_options/templates/{020_apache_poweroff.j2 => 020_www_data_poweroff.j2} (100%) diff --git a/roles/0-DEPRECATED-ROLES/httpd/defaults/main.yml b/roles/0-DEPRECATED-ROLES/httpd/defaults/main.yml index e39bea703..a28c2da61 100644 --- a/roles/0-DEPRECATED-ROLES/httpd/defaults/main.yml +++ b/roles/0-DEPRECATED-ROLES/httpd/defaults/main.yml @@ -8,7 +8,7 @@ # apache_interface: 127.0.0.1 # Make this False to disable http://box/common/services/power_off.php button: -# allow_www_data_sudo: True +# allow_www_data_poweroff: False # All above are set in: github.com/iiab/iiab/blob/master/vars/default_vars.yml # If nec, change them by editing /etc/iiab/local_vars.yml prior to installing! diff --git a/roles/www_options/tasks/main.yml b/roles/www_options/tasks/main.yml index 2319c58f5..5795ea7e6 100644 --- a/roles/www_options/tasks/main.yml +++ b/roles/www_options/tasks/main.yml @@ -77,22 +77,22 @@ # COMPARE nginx_high_php_limits further above. -# 2020-03-08: DOES THE FLAG BELOW (allow_www_data_sudo) PRESUMABLY WORK +# 2020-03-08: DOES THE FLAG BELOW (allow_www_data_poweroff) PRESUMABLY WORK # WITH NGINX TOO ? (The single-click poweroff button on IIAB's home # page certainly does still work with NGINX.) -- name: Give {{ apache_user }} (per variable apache_user) permission to poweroff, installing /etc/sudoers.d/020_apache_poweroff from template +- name: Give {{ apache_user }} (per variable apache_user) permission to poweroff, installing /etc/sudoers.d/020_www_data_poweroff from template template: - src: 020_apache_poweroff.j2 - dest: /etc/sudoers.d/020_apache_poweroff + src: 020_www_data_poweroff.j2 + dest: /etc/sudoers.d/020_www_data_poweroff mode: '0440' - when: allow_www_data_sudo + when: allow_www_data_poweroff -- name: Remove {{ apache_user }} (per variable apache_user) permission to poweroff, removing /etc/sudoers.d/020_apache_poweroff +- name: Remove {{ apache_user }} (per variable apache_user) permission to poweroff, removing /etc/sudoers.d/020_www_data_poweroff file: - path: /etc/sudoers.d/020_apache_poweroff + path: /etc/sudoers.d/020_www_data_poweroff state: absent - when: not allow_www_data_sudo + when: not allow_www_data_poweroff # 2022-06-30: internet_available var removed diff --git a/roles/www_options/tasks/php-settings.yml b/roles/www_options/tasks/php-settings.yml index 184c07b21..23c85d24b 100644 --- a/roles/www_options/tasks/php-settings.yml +++ b/roles/www_options/tasks/php-settings.yml @@ -207,4 +207,4 @@ # name: php{{ php_version }}-fpm # state: restarted -# when: matomo_install or moodle_install or nextcloud_install or pbx_install or wordpress_install # 5-STANZA BLOCK ENDS. COMPARE allow_www_data_sudo conditionals below. +# when: matomo_install or moodle_install or nextcloud_install or pbx_install or wordpress_install # 5-STANZA BLOCK ENDS. COMPARE allow_www_data_poweroff conditionals below. diff --git a/roles/www_options/templates/020_apache_poweroff.j2 b/roles/www_options/templates/020_www_data_poweroff.j2 similarity index 100% rename from roles/www_options/templates/020_apache_poweroff.j2 rename to roles/www_options/templates/020_www_data_poweroff.j2 diff --git a/vars/default_vars.yml b/vars/default_vars.yml index 4e61819a2..4494cbd72 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -274,7 +274,7 @@ nginx_port: 80 nginx_interface: 0.0.0.0 nginx_conf_dir: /etc/nginx/conf.d nginx_log_dir: /var/log/nginx -# SEE BELOW: nginx_high_php_limits, allow_www_data_sudo +# SEE BELOW: nginx_high_php_limits, allow_www_data_poweroff # roles/www_base runs here (mandatory) @@ -341,7 +341,7 @@ nginx_high_php_limits: False # ALSO: ADJUST "client_max_body_size 10000M;" AS NEC, IN: /etc/nginx/server.conf # Make this True to enable http://box/js-menu/menu-files/services/power_off.php and set-server-time.php -allow_www_data_sudo: True +allow_www_data_poweroff: False apache_service: apache2 apache_user: www-data # Admin Console uses diff --git a/vars/local_vars_large.yml b/vars/local_vars_large.yml index ac2e78128..920cf7ba1 100644 --- a/vars/local_vars_large.yml +++ b/vars/local_vars_large.yml @@ -172,7 +172,7 @@ pi_swap_file_size: 1024 # roles/nginx runs here (mandatory) # roles/www_base runs here (mandatory) -# SEE BELOW: nginx_high_php_limits, allow_www_data_sudo +# SEE BELOW: nginx_high_php_limits, allow_www_data_poweroff # 4-SERVER-OPTIONS @@ -219,7 +219,7 @@ nginx_high_php_limits: False # ALSO: ADJUST "client_max_body_size 10000M;" AS NEC, IN: /etc/nginx/server.conf # Make this True to enable http://box/js-menu/menu-files/services/power_off.php and set-server-time.php -allow_www_data_sudo: True +allow_www_data_poweroff: False # Toggle iiab-refresh-wiki-docs scraping for offline docs (http://box/info) nodocs: False diff --git a/vars/local_vars_medical.yml b/vars/local_vars_medical.yml index 45d6db53f..d997362a4 100644 --- a/vars/local_vars_medical.yml +++ b/vars/local_vars_medical.yml @@ -13,7 +13,7 @@ munin_enabled: True vnstat_install: True vnstat_enabled: True usb_lib_umask0000_for_kolibri: False -allow_www_data_sudo: True +allow_www_data_poweroff: False # By default # kiwix # awstats diff --git a/vars/local_vars_medium.yml b/vars/local_vars_medium.yml index c12fcb04f..a554dc34b 100644 --- a/vars/local_vars_medium.yml +++ b/vars/local_vars_medium.yml @@ -172,7 +172,7 @@ pi_swap_file_size: 1024 # roles/nginx runs here (mandatory) # roles/www_base runs here (mandatory) -# SEE BELOW: nginx_high_php_limits, allow_www_data_sudo +# SEE BELOW: nginx_high_php_limits, allow_www_data_poweroff # 4-SERVER-OPTIONS @@ -219,7 +219,7 @@ nginx_high_php_limits: False # ALSO: ADJUST "client_max_body_size 10000M;" AS NEC, IN: /etc/nginx/server.conf # Make this True to enable http://box/js-menu/menu-files/services/power_off.php and set-server-time.php -allow_www_data_sudo: True +allow_www_data_poweroff: False # Toggle iiab-refresh-wiki-docs scraping for offline docs (http://box/info) nodocs: False diff --git a/vars/local_vars_small.yml b/vars/local_vars_small.yml index 88253e035..8689b3ae9 100644 --- a/vars/local_vars_small.yml +++ b/vars/local_vars_small.yml @@ -172,7 +172,7 @@ pi_swap_file_size: 1024 # roles/nginx runs here (mandatory) # roles/www_base runs here (mandatory) -# SEE BELOW: nginx_high_php_limits, allow_www_data_sudo +# SEE BELOW: nginx_high_php_limits, allow_www_data_poweroff # 4-SERVER-OPTIONS @@ -219,7 +219,7 @@ nginx_high_php_limits: False # ALSO: ADJUST "client_max_body_size 10000M;" AS NEC, IN: /etc/nginx/server.conf # Make this True to enable http://box/js-menu/menu-files/services/power_off.php and set-server-time.php -allow_www_data_sudo: True +allow_www_data_poweroff: False # Toggle iiab-refresh-wiki-docs scraping for offline docs (http://box/info) nodocs: False diff --git a/vars/local_vars_unittest.yml b/vars/local_vars_unittest.yml index 39d8cf05c..30720a49e 100644 --- a/vars/local_vars_unittest.yml +++ b/vars/local_vars_unittest.yml @@ -178,7 +178,7 @@ pi_swap_file_size: 1024 # roles/nginx runs here (mandatory) # roles/www_base runs here (mandatory) -# SEE BELOW: nginx_high_php_limits, allow_www_data_sudo +# SEE BELOW: nginx_high_php_limits, allow_www_data_poweroff # 4-SERVER-OPTIONS @@ -225,7 +225,7 @@ nginx_high_php_limits: False # ALSO: ADJUST "client_max_body_size 10000M;" AS NEC, IN: /etc/nginx/server.conf # Make this True to enable http://box/js-menu/menu-files/services/power_off.php and set-server-time.php -allow_www_data_sudo: True +allow_www_data_poweroff: False # Toggle iiab-refresh-wiki-docs scraping for offline docs (http://box/info) nodocs: True From 2981a7deaa5df95dfc5064e68c84901ac2a4a1c0 Mon Sep 17 00:00:00 2001 From: A Holt Date: Mon, 13 Jan 2025 22:19:43 -0500 Subject: [PATCH 017/148] hostapd.yml: "Disable the Access Point 'hostapd' service if hostapd_enabled False" --- roles/network/tasks/hostapd.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/network/tasks/hostapd.yml b/roles/network/tasks/hostapd.yml index 67e04f798..c845bd637 100644 --- a/roles/network/tasks/hostapd.yml +++ b/roles/network/tasks/hostapd.yml @@ -3,7 +3,7 @@ hostapd_enabled: False when: (not wifi_up_down and discovered_wireless_iface == iiab_wan_iface) or discovered_wireless_iface == "none" or not can_be_ap -- name: Disable the Access Point 'hostapd' service hostapd_enabled False +- name: Disable the Access Point 'hostapd' service if hostapd_enabled False systemd: name: hostapd enabled: no From a16be49be576b2f059a384c895c32ae3bd02b9dd Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Wed, 15 Jan 2025 03:16:16 -0600 Subject: [PATCH 018/148] add recording of firmware selection and force wifi_up_down false when required --- roles/network/tasks/detected_network.yml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/roles/network/tasks/detected_network.yml b/roles/network/tasks/detected_network.yml index aaaf06a7e..bd657010b 100644 --- a/roles/network/tasks/detected_network.yml +++ b/roles/network/tasks/detected_network.yml @@ -255,6 +255,11 @@ register: current_client_channel when: wifi_up_down and can_be_ap and has_wifi_gateway is defined +- name: Forcing wifi_up_down to False based on firmware selection "24" + set_fact: + wifi_up_down: False + when: rpi3bplus_rpi4_wifi_firmware == "24" + - name: In VM disable LAN - needs local_vars entry to activate set_fact: iiab_lan_iface: none @@ -313,6 +318,10 @@ value: "{{ can_be_ap }}" - option: host_country_code_found value: "{{ host_country_code }}" + - option: firmware_option_1 + value: "{{ rpi3bplus_rpi4_wifi_firmware }}" + - option: firmware_option_2 + value: "{{ rpizerow_rpi3_wifi_firmware }}" - name: Add 'detected_network' variable 'current_client_channel_found' value if defined, to {{ iiab_ini_file }} ini_file: From 3bb41e2e07fbc0d40027e1b2e0eabd38640549d1 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Wed, 15 Jan 2025 03:17:01 -0600 Subject: [PATCH 019/148] move firmware replacement --- roles/network/tasks/main.yml | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/roles/network/tasks/main.yml b/roles/network/tasks/main.yml index 7e2f1eabb..221ea61b6 100644 --- a/roles/network/tasks/main.yml +++ b/roles/network/tasks/main.yml @@ -1,8 +1,3 @@ -- name: Select RPi firmware mode - include_role: - name: firmware - when: rpi_model != "none" - - name: detected_network include_tasks: detected_network.yml @@ -108,6 +103,10 @@ # end block when: network_installed is defined and network_enabled +- name: Select RPi firmware mode + include_role: + name: firmware + when: rpi_model != "none" - name: Create {{ iiab_etc_path }}/install-flags/iiab-network-complete on second pass of network role. file: From d52fe013cd07b8bef45d070237c535ec72861f37 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Thu, 16 Jan 2025 07:07:51 -0600 Subject: [PATCH 020/148] don't restart wpa_supplicant when network_manager_active is set --- roles/network/tasks/restart.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/network/tasks/restart.yml b/roles/network/tasks/restart.yml index 9220e2d92..5902f5d50 100644 --- a/roles/network/tasks/restart.yml +++ b/roles/network/tasks/restart.yml @@ -12,7 +12,7 @@ state: restarted with_items: - wpa_supplicant - when: wifi_up_down and hostapd_enabled + when: wifi_up_down and hostapd_enabled and not network_manager_active - name: Enable & Restart networkd-dispatcher.service systemd: From ca22622c7d30b4981f4ebfe679bbd6d8d1aac777 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 16 Jan 2025 09:51:32 -0500 Subject: [PATCH 021/148] detected_network.yml: Record WiFi firmware vars (43430 & 43455) --- roles/network/tasks/detected_network.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/network/tasks/detected_network.yml b/roles/network/tasks/detected_network.yml index bd657010b..ba104f5d6 100644 --- a/roles/network/tasks/detected_network.yml +++ b/roles/network/tasks/detected_network.yml @@ -318,10 +318,10 @@ value: "{{ can_be_ap }}" - option: host_country_code_found value: "{{ host_country_code }}" - - option: firmware_option_1 - value: "{{ rpi3bplus_rpi4_wifi_firmware }}" - - option: firmware_option_2 - value: "{{ rpizerow_rpi3_wifi_firmware }}" + - option: wifi_firmware_43430 + value: "{{ rpizerow_rpi3_wifi_firmware }}" + - option: wifi_firmware_43455 + value: "{{ rpi3bplus_rpi4_wifi_firmware }}" - name: Add 'detected_network' variable 'current_client_channel_found' value if defined, to {{ iiab_ini_file }} ini_file: From a5e90f65111f11d2976a861bcf43e44499460643 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 16 Jan 2025 09:54:44 -0500 Subject: [PATCH 022/148] network/tasks/main.yml: Blank line --- roles/network/tasks/main.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/network/tasks/main.yml b/roles/network/tasks/main.yml index 221ea61b6..bb05482f5 100644 --- a/roles/network/tasks/main.yml +++ b/roles/network/tasks/main.yml @@ -108,6 +108,7 @@ name: firmware when: rpi_model != "none" + - name: Create {{ iiab_etc_path }}/install-flags/iiab-network-complete on second pass of network role. file: path: "{{ iiab_etc_path }}/install-flags/iiab-network-complete" From f8b743dafc003cecb57043eea42295ddf12649d3 Mon Sep 17 00:00:00 2001 From: avni Date: Fri, 17 Jan 2025 09:34:15 +0100 Subject: [PATCH 023/148] error.php, index.php, upload-file.php, upload2usb.php: Updating error message to refer to FAQs, titles to be more succinct, adding exception when directory can't be created. --- roles/usb_lib/files/upload/error.php | 4 ++-- roles/usb_lib/files/upload/index.php | 2 +- roles/usb_lib/files/upload/upload-file.php | 2 +- roles/usb_lib/files/upload/upload2usb.php | 8 ++++---- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/roles/usb_lib/files/upload/error.php b/roles/usb_lib/files/upload/error.php index 75d4f5a2d..c5210d229 100644 --- a/roles/usb_lib/files/upload/error.php +++ b/roles/usb_lib/files/upload/error.php @@ -6,10 +6,10 @@ ?> -AN ERROR occurred! Please make sure one and ONLY one (no more, no less) removable USB stick is plugged into your Internet-in-a-Box. Reach out to TK for help if you have any questions or continue having trouble with the setup. +ERROR: Please make sure one and ONLY one (no more, no less) removable USB stick is plugged into your Internet-in-a-Box. Please see IIAB FAQs for additional support: FAQ #4 - Can teachers display their own content?, FAQ #49 - What are the best places for community support?. +

-Share the below error message with IIAB developers at TK for debugging:
diff --git a/roles/usb_lib/files/upload/index.php b/roles/usb_lib/files/upload/index.php index 670d8499e..e77b079ff 100644 --- a/roles/usb_lib/files/upload/index.php +++ b/roles/usb_lib/files/upload/index.php @@ -4,7 +4,7 @@ * Upload2USB App Index Page */ -$title = "IIAB Upload to USB"; +$title = "Upload to USB"; include("header.php"); //Check if folder for today exists, and get file count if it does diff --git a/roles/usb_lib/files/upload/upload-file.php b/roles/usb_lib/files/upload/upload-file.php index d86f9aa60..0d132d1d3 100644 --- a/roles/usb_lib/files/upload/upload-file.php +++ b/roles/usb_lib/files/upload/upload-file.php @@ -4,7 +4,7 @@ * Upload2USB App - Process Submission */ -$title = "IIAB Upload to USB App Results"; +$title = "Upload to USB Results"; include("header.php"); //get folder path where file will be stored diff --git a/roles/usb_lib/files/upload/upload2usb.php b/roles/usb_lib/files/upload/upload2usb.php index 3de51297d..31623ea6f 100644 --- a/roles/usb_lib/files/upload/upload2usb.php +++ b/roles/usb_lib/files/upload/upload2usb.php @@ -20,15 +20,15 @@ function getTargetUSBDriveLocation () { # error if 1<>usb sticks are installed $rmv_usb_path_count = shell_exec('lsblk --output NAME,TRAN,RM,MOUNTPOINT --pairs |grep RM=\"1\" | grep -v MOUNTPOINT=\"\" | cut -d " " -f 4 | wc -l'); if ($rmv_usb_path_count == 0) { - throw new RuntimeException('0 USB sticks found

'); + throw new RuntimeException('0 USB sticks found.

'); } elseif ($rmv_usb_path_count > 1) { - throw new RuntimeException('More than 1 USB sticks installed

'); + throw new RuntimeException('More than 1 USB sticks installed.

'); } $rmv_usb_path = trim(str_replace('"', '', shell_exec('lsblk --output NAME,TRAN,RM,MOUNTPOINT --pairs |grep RM=\"1\" | grep -v MOUNTPOINT=\"\" | cut -d " " -f 4 | cut -d "=" -f 2'))); if (empty($rmv_usb_path)) { - throw new RuntimeException('Not able to find USB stick

'); + throw new RuntimeException('Not able to find USB stick.

'); } else { return $rmv_usb_path . "/"; } @@ -42,7 +42,7 @@ function getTargetFolderPath ($create_folder_p) { $target_folder_path = $parent_dir . $today_folder_name; if (!file_exists($target_folder_path) && $create_folder_p) { - mkdir($target_folder_path, 0777); + mkdir($target_folder_path, 0777) or throw new RuntimeException("Not able to create upload directory.
Make sure 'usb_lib_umask0000_for_kolibri' is set to 'True'.

"); } return $target_folder_path; } From ebbe9c066e8bb5e45cea30cca956c0eb82efaf96 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 17 Jan 2025 10:16:37 -0500 Subject: [PATCH 024/148] iiab-diagnostics: wpa_supplicant, NetworkManager, dmesg | grep Firmware --- scripts/iiab-diagnostics | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/scripts/iiab-diagnostics b/scripts/iiab-diagnostics index 47a1ae015..248cbb70d 100755 --- a/scripts/iiab-diagnostics +++ b/scripts/iiab-diagnostics @@ -219,11 +219,14 @@ cat_cmd 'iw list' 'List capabilities of all wireless devices' cat_cmd 'systemctl status hostapd' 'Downstream Wi-Fi: Is hostapd running?' cat_cmd 'ls -l /etc/wpa_supplicant' 'Upstream Wi-Fi' cat_cmd 'ps -AH' 'Process hierarchy: staging of hostapd & wpa_supplicant?' +cat_cmd 'journalctl -b | grep wpa_supplicant' 'wpa_supplicant log since boot' +cat_cmd 'journalctl -b | grep NetworkManager' 'NetworkManager log since boot' #cat_cmd 'dmesg | grep brcm' 'Diagnostic messages: RPi Wi-Fi firmware' -cat_cmd 'dmesg | grep -i -e 80211 -e 802\.11 -e wireless -e wifi -e wlan -e broadcom -e brcm -e bcm -e realtek | head -100' 'Wi-Fi firmware/driver msgs' -cat_cmd 'lspci -nn' 'Devices on PCI buses' +cat_cmd 'dmesg | grep Firmware' '(Wi-Fi) firmware boot diagnostics' cat_cmd 'ls -l /lib/firmware/cypress/*43430*' 'RPi Zero W & 3 WiFi firmware' cat_cmd 'ls -l /lib/firmware/cypress/*43455*' 'RPi 3 B+ & 4 WiFi firmware' +cat_cmd 'dmesg | grep -i -e 80211 -e 802\.11 -e wireless -e wifi -e wlan -e broadcom -e brcm -e bcm -e realtek | head -100' 'Wi-Fi firmware/driver msgs' +cat_cmd 'lspci -nn' 'Devices on PCI buses' cat_cmd 'env' 'Environment variables' cat_cmd 'node -v' 'Node.js version' cat_cmd 'npm -v' 'npm version' From 59f1d1b090e11e8c9c0bdecc31fcd7de551d56ff Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 17 Jan 2025 10:23:36 -0500 Subject: [PATCH 025/148] iiab-diagnostics: rpi-eeprom-update to show bootloader version --- scripts/iiab-diagnostics | 1 + 1 file changed, 1 insertion(+) diff --git a/scripts/iiab-diagnostics b/scripts/iiab-diagnostics index 248cbb70d..d1e6e0b2b 100755 --- a/scripts/iiab-diagnostics +++ b/scripts/iiab-diagnostics @@ -195,6 +195,7 @@ echo -e "\n\n\n\n4. OUTPUT OF COMMANDS\n" >> $outfile cat_cmd 'uname -a' 'Linux kernel' cat_cmd 'free' 'RAM memory' cat_cmd 'lscpu' 'CPU details' +cat_cmd 'rpi-eeprom-update' 'RPi Bootloader EEPROM' cat_cmd 'df -h' 'Disk usage' cat_cmd 'df -ah' 'Disk usage detail' cat_cmd 'lsblk' 'Partition mount points' From 720e328ab6c35167b7cbbd02b528a75fd9ef61c6 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 17 Jan 2025 10:55:43 -0500 Subject: [PATCH 026/148] iiab-diagnostics: Cap NetworkManager logging at 100 lines for now --- scripts/iiab-diagnostics | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/iiab-diagnostics b/scripts/iiab-diagnostics index d1e6e0b2b..51063f9f7 100755 --- a/scripts/iiab-diagnostics +++ b/scripts/iiab-diagnostics @@ -221,7 +221,7 @@ cat_cmd 'systemctl status hostapd' 'Downstream Wi-Fi: Is hostapd running?' cat_cmd 'ls -l /etc/wpa_supplicant' 'Upstream Wi-Fi' cat_cmd 'ps -AH' 'Process hierarchy: staging of hostapd & wpa_supplicant?' cat_cmd 'journalctl -b | grep wpa_supplicant' 'wpa_supplicant log since boot' -cat_cmd 'journalctl -b | grep NetworkManager' 'NetworkManager log since boot' +cat_cmd 'journalctl -b | grep NetworkManager | head -100' 'NetworkManager log since boot' #cat_cmd 'dmesg | grep brcm' 'Diagnostic messages: RPi Wi-Fi firmware' cat_cmd 'dmesg | grep Firmware' '(Wi-Fi) firmware boot diagnostics' cat_cmd 'ls -l /lib/firmware/cypress/*43430*' 'RPi Zero W & 3 WiFi firmware' From d09842245b16b2baa8d64e02c5aaabb8d2693e78 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 17 Jan 2025 13:09:48 -0500 Subject: [PATCH 027/148] iiab-diagnostics: Clarify RPi WiFi firmware / HW models --- scripts/iiab-diagnostics | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/iiab-diagnostics b/scripts/iiab-diagnostics index 51063f9f7..273bdd495 100755 --- a/scripts/iiab-diagnostics +++ b/scripts/iiab-diagnostics @@ -224,8 +224,8 @@ cat_cmd 'journalctl -b | grep wpa_supplicant' 'wpa_supplicant log since boot' cat_cmd 'journalctl -b | grep NetworkManager | head -100' 'NetworkManager log since boot' #cat_cmd 'dmesg | grep brcm' 'Diagnostic messages: RPi Wi-Fi firmware' cat_cmd 'dmesg | grep Firmware' '(Wi-Fi) firmware boot diagnostics' -cat_cmd 'ls -l /lib/firmware/cypress/*43430*' 'RPi Zero W & 3 WiFi firmware' -cat_cmd 'ls -l /lib/firmware/cypress/*43455*' 'RPi 3 B+ & 4 WiFi firmware' +cat_cmd 'ls -l /lib/firmware/cypress/*43430*' 'WiFi firmware for: RPi Zero W, Zero 2 W & 3' +cat_cmd 'ls -l /lib/firmware/cypress/*43455*' 'WiFi firmware for: RPi 3 B+, 4, 5 & 500' cat_cmd 'dmesg | grep -i -e 80211 -e 802\.11 -e wireless -e wifi -e wlan -e broadcom -e brcm -e bcm -e realtek | head -100' 'Wi-Fi firmware/driver msgs' cat_cmd 'lspci -nn' 'Devices on PCI buses' cat_cmd 'env' 'Environment variables' From 271da50114dfc80f983d513cb3597c4e12f683ea Mon Sep 17 00:00:00 2001 From: avni Date: Fri, 17 Jan 2025 23:03:01 +0100 Subject: [PATCH 028/148] upload-file.php: Allow upload of redundant files --- roles/usb_lib/files/upload/upload-file.php | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/roles/usb_lib/files/upload/upload-file.php b/roles/usb_lib/files/upload/upload-file.php index 0d132d1d3..0b92ee4e5 100644 --- a/roles/usb_lib/files/upload/upload-file.php +++ b/roles/usb_lib/files/upload/upload-file.php @@ -20,15 +20,17 @@ if(!isset($_POST["submit"]) || !is_uploaded_file($_FILES['uploaded_file']['tmp_n } elseif (!isFileMimeTypeAcceptable($_FILES["uploaded_file"]["tmp_name"])) { $upload_msg = "You can not upload zips, executables, xml, and other high-risk files!"; $upload_ok = 0; -} elseif (!isFileContentUnique($target_folder_path, $_FILES["uploaded_file"]["tmp_name"])) { - $upload_msg = "This file already exists!"; - $upload_ok = 0; } elseif (file_exists($target_file)) { // rename file so name is unique $new_filename = getUniqueFileName($target_folder_path, $uploaded_filename); $target_file = $target_folder_path . "/" . $new_filename; } +#elseif (!isFileContentUnique($target_folder_path, $_FILES["uploaded_file"]["tmp_name"])) { +# $upload_msg = "This file already exists!"; +# $upload_ok = 0; +#} + // Check if $upload_ok is set to 0 by an error if ($upload_ok == 0) { $upload_msg = "❌ Your file was not uploaded. " . $upload_msg; From a81856db5d3f056c781478cacd09e6157627c6bc Mon Sep 17 00:00:00 2001 From: root Date: Sat, 18 Jan 2025 00:09:09 -0500 Subject: [PATCH 029/148] iiab-diagnostics: Cleaner output if COMMAND NOT FOUND --- scripts/iiab-diagnostics | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/scripts/iiab-diagnostics b/scripts/iiab-diagnostics index 273bdd495..eae728eac 100755 --- a/scripts/iiab-diagnostics +++ b/scripts/iiab-diagnostics @@ -101,10 +101,18 @@ function cat_cmd() { # $1 = command + params, $2 = explanation spc_params=$(echo "$1" | sed 's/^\s*\S\S*\s*/ /;s/\s*$//') # Drop command on left; Keep a single space + params on right; RTrim #spc_params=$(echo "$1" | sed 's/^\s*\S*//;s/\s*$//;s/^\s\s*/ /') # LTrim + drop original path + command on left; RTrim; Compress whitespace in between #spc_params=$(echo "$1" | sed 's/^[[:blank:]]*[^[:blank:]]*//;s/[[:blank:]]*$//;s/^[[:blank:]][[:blank:]]*/ /') # Equivalent (POSIX compliant) - if [[ $2 == "" ]]; then - echo "COMMAND: $path_cmd$spc_params" >> $outfile + if [[ $path_cmd == "" ]]; then + if [[ $2 == "" ]]; then + echo "COMMAND: $1" >> $outfile + else + echo "COMMAND: $1 # $2" >> $outfile + fi else - echo "COMMAND: $path_cmd$spc_params # $2" >> $outfile + if [[ $2 == "" ]]; then + echo "COMMAND: $path_cmd$spc_params" >> $outfile + else + echo "COMMAND: $path_cmd$spc_params # $2" >> $outfile + fi fi echo >> $outfile if [[ $path_cmd == "" ]]; then From 803197e8179774ebf67a21b3680af29fccf4862e Mon Sep 17 00:00:00 2001 From: root Date: Sat, 18 Jan 2025 00:23:47 -0500 Subject: [PATCH 030/148] iiab-diagnostics.README.md: Update key line numbers --- scripts/iiab-diagnostics.README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/iiab-diagnostics.README.md b/scripts/iiab-diagnostics.README.md index fa6c560e5..8e60124a3 100644 --- a/scripts/iiab-diagnostics.README.md +++ b/scripts/iiab-diagnostics.README.md @@ -66,4 +66,4 @@ But first off, the file is compiled by harvesting 1 + 6 kinds of things: ## Source Code -Please look over the bottom of [iiab-diagnostics](iiab-diagnostics) (lines 127-256 especially) to learn more about which common IIAB files and commands make this rapid troubleshooting possible. +Please look over the bottom of [iiab-diagnostics](iiab-diagnostics) (lines 135-268 especially) to learn more about which common IIAB files and commands make this rapid troubleshooting possible. From d6b7114afc168989202e18f02d6a16c2b3ebd2c5 Mon Sep 17 00:00:00 2001 From: root Date: Sat, 18 Jan 2025 01:35:36 -0500 Subject: [PATCH 031/148] CI: Revert ARM tests to run on Ubuntu 22.04 for now --- .github/workflows/30min-iiab-test-install-deb12-on-rpi3.yml | 2 +- ...aspios.yml => 30min-iiab-test-install-raspios-on-zero2w.yml} | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) rename .github/workflows/{30min-iiab-test-install-raspios.yml => 30min-iiab-test-install-raspios-on-zero2w.yml} (99%) diff --git a/.github/workflows/30min-iiab-test-install-deb12-on-rpi3.yml b/.github/workflows/30min-iiab-test-install-deb12-on-rpi3.yml index 9940b2781..403b1e7a7 100644 --- a/.github/workflows/30min-iiab-test-install-deb12-on-rpi3.yml +++ b/.github/workflows/30min-iiab-test-install-deb12-on-rpi3.yml @@ -18,7 +18,7 @@ on: [push, pull_request, workflow_dispatch] jobs: test-install: - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 strategy: matrix: arch: [debian12] diff --git a/.github/workflows/30min-iiab-test-install-raspios.yml b/.github/workflows/30min-iiab-test-install-raspios-on-zero2w.yml similarity index 99% rename from .github/workflows/30min-iiab-test-install-raspios.yml rename to .github/workflows/30min-iiab-test-install-raspios-on-zero2w.yml index ea89758ed..9a51536ab 100644 --- a/.github/workflows/30min-iiab-test-install-raspios.yml +++ b/.github/workflows/30min-iiab-test-install-raspios-on-zero2w.yml @@ -18,7 +18,7 @@ on: [push, pull_request, workflow_dispatch] jobs: test-install: - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 strategy: matrix: arch: [aarch64] #[zero_raspbian, zero_raspios, zero2_raspios, aarch64] From 66fd7fad394c5fee13e4572647fb029823179bc8 Mon Sep 17 00:00:00 2001 From: root Date: Sat, 18 Jan 2025 01:46:50 -0500 Subject: [PATCH 032/148] Cleaner 30min-iiab-test-install-raspios-on-zero2w.yml --- .../30min-iiab-test-install-raspios-on-zero2w.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/30min-iiab-test-install-raspios-on-zero2w.yml b/.github/workflows/30min-iiab-test-install-raspios-on-zero2w.yml index 9a51536ab..63105bd68 100644 --- a/.github/workflows/30min-iiab-test-install-raspios-on-zero2w.yml +++ b/.github/workflows/30min-iiab-test-install-raspios-on-zero2w.yml @@ -1,4 +1,4 @@ -name: '"30 min" IIAB test install raspios' +name: '"30 min" IIAB test install raspios on zero2w' # run-name: ${{ github.actor }} is testing out GitHub Actions 🚀 # https://michaelcurrin.github.io/dev-cheatsheets/cheatsheets/ci-cd/github-actions/triggers.html @@ -65,13 +65,13 @@ jobs: uname -a # uname -srm whoami # Typically 'root' instead of 'runner' pwd # /home/runner/work/iiab/iiab == $GITHUB_WORKSPACE == ${{ github.workspace }} - sudo apt-get update -y --allow-releaseinfo-change - sudo apt-get install --no-install-recommends -y git + apt-get update -y --allow-releaseinfo-change + apt-get install --no-install-recommends -y git ls /opt/iiab/iiab - sudo mkdir /etc/iiab - sudo cp /opt/iiab/iiab/vars/local_vars_none.yml /etc/iiab/local_vars.yml - sudo /opt/iiab/iiab/scripts/ansible - sudo ./iiab-install + mkdir /etc/iiab + cp /opt/iiab/iiab/vars/local_vars_none.yml /etc/iiab/local_vars.yml + /opt/iiab/iiab/scripts/ansible + ./iiab-install cd /opt/iiab/iiab iiab-summary cat /etc/iiab/iiab_state.yml From 6f63de16223a3bcae3003972c664f120de103221 Mon Sep 17 00:00:00 2001 From: root Date: Sat, 18 Jan 2025 02:42:28 -0500 Subject: [PATCH 033/148] Clarify & tighten up all 3 GHA workflow names (titles) --- .github/workflows/10min-iiab-test-install.yml | 2 +- .github/workflows/30min-iiab-test-install-deb12-on-rpi3.yml | 2 +- .github/workflows/30min-iiab-test-install-raspios-on-zero2w.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/10min-iiab-test-install.yml b/.github/workflows/10min-iiab-test-install.yml index 24dfc6c79..d2b8bd056 100644 --- a/.github/workflows/10min-iiab-test-install.yml +++ b/.github/workflows/10min-iiab-test-install.yml @@ -1,4 +1,4 @@ -name: '"10 min" IIAB test install' +name: '"10 min" IIAB on Ubuntu 24.04 on x86-64' # run-name: ${{ github.actor }} is testing out GitHub Actions 🚀 # https://michaelcurrin.github.io/dev-cheatsheets/cheatsheets/ci-cd/github-actions/triggers.html diff --git a/.github/workflows/30min-iiab-test-install-deb12-on-rpi3.yml b/.github/workflows/30min-iiab-test-install-deb12-on-rpi3.yml index 403b1e7a7..a8703346e 100644 --- a/.github/workflows/30min-iiab-test-install-deb12-on-rpi3.yml +++ b/.github/workflows/30min-iiab-test-install-deb12-on-rpi3.yml @@ -1,4 +1,4 @@ -name: '"30 min" IIAB test install deb12 on rpi3' +name: '"30 min" IIAB on Debian 12 on RPi 3' # run-name: ${{ github.actor }} is testing out GitHub Actions 🚀 # https://michaelcurrin.github.io/dev-cheatsheets/cheatsheets/ci-cd/github-actions/triggers.html diff --git a/.github/workflows/30min-iiab-test-install-raspios-on-zero2w.yml b/.github/workflows/30min-iiab-test-install-raspios-on-zero2w.yml index 63105bd68..9b521fee6 100644 --- a/.github/workflows/30min-iiab-test-install-raspios-on-zero2w.yml +++ b/.github/workflows/30min-iiab-test-install-raspios-on-zero2w.yml @@ -1,4 +1,4 @@ -name: '"30 min" IIAB test install raspios on zero2w' +name: '"30 min" IIAB on RasPiOS on Zero 2 W' # run-name: ${{ github.actor }} is testing out GitHub Actions 🚀 # https://michaelcurrin.github.io/dev-cheatsheets/cheatsheets/ci-cd/github-actions/triggers.html From f60a61ea4bfa1f83ef74d6fdd43e1303f1763303 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Sat, 18 Jan 2025 14:04:33 -0600 Subject: [PATCH 034/148] replace is_raspbian with dhcpcd_result == enabled --- roles/network/templates/hostapd/iiab-hotspot-off | 4 ++-- roles/network/templates/hostapd/iiab-hotspot-on | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/network/templates/hostapd/iiab-hotspot-off b/roles/network/templates/hostapd/iiab-hotspot-off index 25a5053be..fb45603a6 100755 --- a/roles/network/templates/hostapd/iiab-hotspot-off +++ b/roles/network/templates/hostapd/iiab-hotspot-off @@ -14,7 +14,7 @@ echo " IIAB hotspot access point Disabled" #exit 0 {% else %} echo " IIAB hotspot access point Disabled" -{% if is_raspbian %} +{% if dhcpcd_result == "enabled" %} # hotspot-off before ap0_updown sed -i "s/^denyinterfaces/#denyinterfaces/" /etc/dhcpcd.conf #systemctl disable dnsmasq @@ -37,7 +37,7 @@ fi echo -e "\nIf you're enabling upstream WiFi, please reboot now.\n" #exit 0 {% endif %} -#is_raspbian +#if dhcpcd_result == "enabled" {% endif %} #wifi_up_down {% endif %} diff --git a/roles/network/templates/hostapd/iiab-hotspot-on b/roles/network/templates/hostapd/iiab-hotspot-on index 03ca2d4ae..35ccc7adf 100755 --- a/roles/network/templates/hostapd/iiab-hotspot-on +++ b/roles/network/templates/hostapd/iiab-hotspot-on @@ -16,7 +16,7 @@ systemctl enable hostapd systemctl enable iiab-wifi-test.service #exit 0 {% else %} -{% if is_raspbian %} +{% if dhcpcd_result == "enabled" %} # just do what we have always done in hotspot-on cp -f /etc/hostapd/hostapd.conf.iiab /etc/hostapd/hostapd.conf sed -i "s/^#denyinterfaces/denyinterfaces/" /etc/dhcpcd.conf @@ -44,7 +44,7 @@ fi systemctl enable hostapd #exit 0 {% endif %} -#is_raspbian +#if dhcpcd_result == "enabled" {% endif %} #wifi_up_down {% endif %} From 9426e6ac98802ebbfdd8a2c74d964a9a6f0b5293 Mon Sep 17 00:00:00 2001 From: avni Date: Sun, 19 Jan 2025 08:21:27 +0100 Subject: [PATCH 035/148] upload-file.php: throw error when user uploads a file that has the same content and name as an already uploaded file on the same day. --- roles/usb_lib/files/upload/upload-file.php | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/roles/usb_lib/files/upload/upload-file.php b/roles/usb_lib/files/upload/upload-file.php index 0b92ee4e5..510a308ab 100644 --- a/roles/usb_lib/files/upload/upload-file.php +++ b/roles/usb_lib/files/upload/upload-file.php @@ -21,15 +21,16 @@ if(!isset($_POST["submit"]) || !is_uploaded_file($_FILES['uploaded_file']['tmp_n $upload_msg = "You can not upload zips, executables, xml, and other high-risk files!"; $upload_ok = 0; } elseif (file_exists($target_file)) { - // rename file so name is unique - $new_filename = getUniqueFileName($target_folder_path, $uploaded_filename); - $target_file = $target_folder_path . "/" . $new_filename; -} -#elseif (!isFileContentUnique($target_folder_path, $_FILES["uploaded_file"]["tmp_name"])) { -# $upload_msg = "This file already exists!"; -# $upload_ok = 0; -#} + if (!isFileContentUnique($target_folder_path, $_FILES["uploaded_file"]["tmp_name"])) { + $upload_msg = "This file already exists!"; + $upload_ok = 0; + } else { + // rename file so name is unique + $new_filename = getUniqueFileName($target_folder_path, $uploaded_filename); + $target_file = $target_folder_path . "/" . $new_filename; + } +} // Check if $upload_ok is set to 0 by an error if ($upload_ok == 0) { From e4bdc4ddabc50ef89bfafe6c112c367076b5956f Mon Sep 17 00:00:00 2001 From: avni Date: Sun, 19 Jan 2025 09:04:01 +0100 Subject: [PATCH 036/148] install.yml: add comment that usb_lib_umask0000_for_kolibri must be set to true in order to write to USB sticks. --- roles/usb_lib/tasks/install.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/usb_lib/tasks/install.yml b/roles/usb_lib/tasks/install.yml index 670c2f61a..94d9b5e9a 100644 --- a/roles/usb_lib/tasks/install.yml +++ b/roles/usb_lib/tasks/install.yml @@ -7,6 +7,7 @@ # https://github.com/rbrito/usbmount/blob/master/README.md (2018-08-10) # https://github.com/rbrito/usbmount/blob/master/usbmount.conf (2010-04-25) +# usb_lib_umask0000_for_kolibri (in /etc/iiab/local_vars.yml) must be set to true in order to be able to write to mounted USB sticks - name: Record (initial) disk space used shell: df -B1 --output=used / | tail -1 From 0994a5786d87b96f56cfdd4461725caa1a29108d Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Mon, 20 Jan 2025 08:27:49 -0600 Subject: [PATCH 037/148] detect Firmware rejected country setting --- roles/network/defaults/main.yml | 1 + roles/network/tasks/detected_network.yml | 26 +++++++++++++++++++++--- 2 files changed, 24 insertions(+), 3 deletions(-) diff --git a/roles/network/defaults/main.yml b/roles/network/defaults/main.yml index 6b81d5a58..100b1f6ff 100644 --- a/roles/network/defaults/main.yml +++ b/roles/network/defaults/main.yml @@ -71,6 +71,7 @@ iiab_lan_iface: none discovered_lan_iface: none discovered_wired_iface: none discovered_wireless_iface: none +host_country_code_found: unset # Red Hat #iiab_wired_lan_iface: "none" diff --git a/roles/network/tasks/detected_network.yml b/roles/network/tasks/detected_network.yml index ba104f5d6..f75ad3f06 100644 --- a/roles/network/tasks/detected_network.yml +++ b/roles/network/tasks/detected_network.yml @@ -243,12 +243,16 @@ shell: iw reg get | grep country | grep -v UNSET | awk '{print $2}' | sed "s|:||" register: REG_DOM ignore_errors: True - when: wifi_up_down and can_be_ap and has_wifi_gateway is defined + +- name: Set host_country_code_found + set_fact: + host_country_code_found: "{{ REG_DOM.stdout }}" + when: REG_DOM.stdout is defined and REG_DOM.stdout | length > 0 - name: Set Wifi Region country to {{ REG_DOM.stdout }} for hostapd when present set_fact: host_country_code: "{{ REG_DOM.stdout }}" - when: REG_DOM.stdout is defined and REG_DOM.stdout | length > 0 + when: REG_DOM.stdout is defined and REG_DOM.stdout | length > 0 and wifi_up_down and can_be_ap and has_wifi_gateway is defined - name: Detect current Wifi channel shell: iw {{ discovered_wireless_iface }} info | grep channel | cut -d' ' -f2 @@ -260,6 +264,11 @@ wifi_up_down: False when: rpi3bplus_rpi4_wifi_firmware == "24" +- name: Detect "Firmware rejected country setting" in dmesg + shell: dmesg | grep ieee80211 | grep "Firmware rejected country setting" + register: FW_rejected_country + ignore_errors: True + - name: In VM disable LAN - needs local_vars entry to activate set_fact: iiab_lan_iface: none @@ -317,7 +326,7 @@ - option: can_be_ap value: "{{ can_be_ap }}" - option: host_country_code_found - value: "{{ host_country_code }}" + value: "{{ host_country_code_found }}" - option: wifi_firmware_43430 value: "{{ rpizerow_rpi3_wifi_firmware }}" - option: wifi_firmware_43455 @@ -334,6 +343,17 @@ value: "{{ current_client_channel.stdout }}" when: current_client_channel.stdout is defined +- name: Add 'detected_network' variable 'FW_rejected_country' value if defined, to {{ iiab_ini_file }} + ini_file: + dest: "{{ iiab_ini_file }}" + section: detected_network + option: "{{ item.option }}" + value: "{{ item.value | string }}" + with_items: + - option: FW_rejected_country + value: "{{ host_country_code_found }}" + when: FW_rejected_country.stdout is defined + # well if there ever was a point to tell the user things are FUBAR this is it. # limit 2 network adapters wifi wired - name: I'm not guessing declare gateway please From f15a50610ee446ed966eeb95c65f5678d5eaf9a2 Mon Sep 17 00:00:00 2001 From: avni Date: Wed, 22 Jan 2025 05:18:41 +0100 Subject: [PATCH 038/148] install.yml: Adding instructions on how to unmount and mount drive manually if writing to the USB stick still doesn't work. --- roles/usb_lib/tasks/install.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/usb_lib/tasks/install.yml b/roles/usb_lib/tasks/install.yml index 94d9b5e9a..181bd8819 100644 --- a/roles/usb_lib/tasks/install.yml +++ b/roles/usb_lib/tasks/install.yml @@ -8,6 +8,7 @@ # https://github.com/rbrito/usbmount/blob/master/usbmount.conf (2010-04-25) # usb_lib_umask0000_for_kolibri (in /etc/iiab/local_vars.yml) must be set to true in order to be able to write to mounted USB sticks +# If you are still not able to write to a mounted USB stick, you can unmount the drive (sudo umount ) and then remount it setting umask to 0000 manually (sudo mount -o umask=0000 ). - name: Record (initial) disk space used shell: df -B1 --output=used / | tail -1 From 0caa16491df4df543e94813bad138e48ed65aac6 Mon Sep 17 00:00:00 2001 From: Avni Khatri/Fein Date: Tue, 21 Jan 2025 23:27:45 -0500 Subject: [PATCH 039/148] install.yml: adding e.g. to make clear that variable doesn't have to be in local_vars.yml" roles/usb_lib/tasks/install.yml Co-authored-by: A Holt --- roles/usb_lib/tasks/install.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/usb_lib/tasks/install.yml b/roles/usb_lib/tasks/install.yml index 94d9b5e9a..f5172b190 100644 --- a/roles/usb_lib/tasks/install.yml +++ b/roles/usb_lib/tasks/install.yml @@ -7,7 +7,7 @@ # https://github.com/rbrito/usbmount/blob/master/README.md (2018-08-10) # https://github.com/rbrito/usbmount/blob/master/usbmount.conf (2010-04-25) -# usb_lib_umask0000_for_kolibri (in /etc/iiab/local_vars.yml) must be set to true in order to be able to write to mounted USB sticks +# usb_lib_umask0000_for_kolibri (e.g. in /etc/iiab/local_vars.yml) must be set to true in order to be able to write to mounted USB sticks - name: Record (initial) disk space used shell: df -B1 --output=used / | tail -1 From f79a43e305675ae2178266921573f72be0d98f98 Mon Sep 17 00:00:00 2001 From: avni Date: Wed, 22 Jan 2025 10:16:21 +0100 Subject: [PATCH 040/148] install.yml: merging comments related to usb_lib_umask0000_for_kolibri --- roles/usb_lib/tasks/install.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/roles/usb_lib/tasks/install.yml b/roles/usb_lib/tasks/install.yml index afc36e4f8..e435719dc 100644 --- a/roles/usb_lib/tasks/install.yml +++ b/roles/usb_lib/tasks/install.yml @@ -7,8 +7,7 @@ # https://github.com/rbrito/usbmount/blob/master/README.md (2018-08-10) # https://github.com/rbrito/usbmount/blob/master/usbmount.conf (2010-04-25) - -# usb_lib_umask0000_for_kolibri (e.g. in /etc/iiab/local_vars.yml) must be set to true in order to be able to write to mounted USB sticks +# usb_lib_umask0000_for_kolibri (e.g., in /etc/iiab/local_vars.yml) must be set to true in order to be able to write to mounted USB sticks # If you are still not able to write to a mounted USB stick, you can unmount the drive (sudo umount ) and then remount it setting umask to 0000 manually (sudo mount -o umask=0000 ). From 335d8ad4c1551db1725b0532b815f387e3899177 Mon Sep 17 00:00:00 2001 From: avni Date: Wed, 22 Jan 2025 10:22:38 +0100 Subject: [PATCH 041/148] nginx/templates/iiab.conf.j2, usb_lib/files/upload/button.html: Adding button to upload2usb app on every usb/ directory listing page. --- roles/nginx/templates/iiab.conf.j2 | 2 ++ roles/usb_lib/files/upload/button.html | 19 +++++++++++++++++++ 2 files changed, 21 insertions(+) create mode 100644 roles/usb_lib/files/upload/button.html diff --git a/roles/nginx/templates/iiab.conf.j2 b/roles/nginx/templates/iiab.conf.j2 index df2fc6a94..e25a2b08c 100644 --- a/roles/nginx/templates/iiab.conf.j2 +++ b/roles/nginx/templates/iiab.conf.j2 @@ -5,10 +5,12 @@ location / { location /usb { alias /library/www/html/local_content/; fancyindex on; # autoindex on; + add_before_body /usb/upload/button.html; } location /local_content/ { fancyindex on; # autoindex on; + add_before_body /usb/upload/button.html; } location /info { diff --git a/roles/usb_lib/files/upload/button.html b/roles/usb_lib/files/upload/button.html new file mode 100644 index 000000000..276baa839 --- /dev/null +++ b/roles/usb_lib/files/upload/button.html @@ -0,0 +1,19 @@ + +Upload to USB From 01baaa661a7e274c451198ab80b3bacdb3bb1411 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 22 Jan 2025 16:53:44 -0500 Subject: [PATCH 042/148] iiab-diagnostics: Refine 3+ 'sudo dmesg | grep ...' cmds --- scripts/iiab-diagnostics | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/scripts/iiab-diagnostics b/scripts/iiab-diagnostics index eae728eac..6f93f0359 100755 --- a/scripts/iiab-diagnostics +++ b/scripts/iiab-diagnostics @@ -201,6 +201,7 @@ cat_dir /etc/netplan # Redacts most passwords above echo -e "\n 4. Output of Commands:\n" echo -e "\n\n\n\n4. OUTPUT OF COMMANDS\n" >> $outfile cat_cmd 'uname -a' 'Linux kernel' +cat_cmd 'sudo dmesg | grep -i "command line:"' 'Kernel boot parameters' cat_cmd 'free' 'RAM memory' cat_cmd 'lscpu' 'CPU details' cat_cmd 'rpi-eeprom-update' 'RPi Bootloader EEPROM' @@ -230,11 +231,11 @@ cat_cmd 'ls -l /etc/wpa_supplicant' 'Upstream Wi-Fi' cat_cmd 'ps -AH' 'Process hierarchy: staging of hostapd & wpa_supplicant?' cat_cmd 'journalctl -b | grep wpa_supplicant' 'wpa_supplicant log since boot' cat_cmd 'journalctl -b | grep NetworkManager | head -100' 'NetworkManager log since boot' -#cat_cmd 'dmesg | grep brcm' 'Diagnostic messages: RPi Wi-Fi firmware' -cat_cmd 'dmesg | grep Firmware' '(Wi-Fi) firmware boot diagnostics' +#cat_cmd 'sudo dmesg | grep brcm' 'Diagnostic messages: RPi Wi-Fi firmware' +cat_cmd 'sudo dmesg | grep Firmware:' '(Wi-Fi) firmware boot diagnostics' cat_cmd 'ls -l /lib/firmware/cypress/*43430*' 'WiFi firmware for: RPi Zero W, Zero 2 W & 3' cat_cmd 'ls -l /lib/firmware/cypress/*43455*' 'WiFi firmware for: RPi 3 B+, 4, 5 & 500' -cat_cmd 'dmesg | grep -i -e 80211 -e 802\.11 -e wireless -e wifi -e wlan -e broadcom -e brcm -e bcm -e realtek | head -100' 'Wi-Fi firmware/driver msgs' +cat_cmd 'sudo dmesg | grep -i -e 80211 -e 802\.11 -e wireless -e wifi -e wlan -e broadcom -e brcm -e bcm -e realtek | head -100' 'Wi-Fi firmware/driver msgs' cat_cmd 'lspci -nn' 'Devices on PCI buses' cat_cmd 'env' 'Environment variables' cat_cmd 'node -v' 'Node.js version' From 765e1cd4b1060d787e7b580e2368e3701eac9c98 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 22 Jan 2025 17:42:56 -0500 Subject: [PATCH 043/148] iiab-diagnostics: Use sudo with journalctl (in all 6 cases_ --- scripts/iiab-diagnostics | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/scripts/iiab-diagnostics b/scripts/iiab-diagnostics index 6f93f0359..ca1ee4d67 100755 --- a/scripts/iiab-diagnostics +++ b/scripts/iiab-diagnostics @@ -229,8 +229,8 @@ cat_cmd 'iw list' 'List capabilities of all wireless devices' cat_cmd 'systemctl status hostapd' 'Downstream Wi-Fi: Is hostapd running?' cat_cmd 'ls -l /etc/wpa_supplicant' 'Upstream Wi-Fi' cat_cmd 'ps -AH' 'Process hierarchy: staging of hostapd & wpa_supplicant?' -cat_cmd 'journalctl -b | grep wpa_supplicant' 'wpa_supplicant log since boot' -cat_cmd 'journalctl -b | grep NetworkManager | head -100' 'NetworkManager log since boot' +cat_cmd 'sudo journalctl -b | grep wpa_supplicant' 'wpa_supplicant log since boot' +cat_cmd 'sudo journalctl -b | grep NetworkManager | head -100' 'NetworkManager log since boot' #cat_cmd 'sudo dmesg | grep brcm' 'Diagnostic messages: RPi Wi-Fi firmware' cat_cmd 'sudo dmesg | grep Firmware:' '(Wi-Fi) firmware boot diagnostics' cat_cmd 'ls -l /lib/firmware/cypress/*43430*' 'WiFi firmware for: RPi Zero W, Zero 2 W & 3' @@ -245,10 +245,10 @@ cat_cmd 'cd /usr/local/calibre-web-py3; sudo git log --graph --oneline --decorat cat_cmd 'sudo lb --version' 'xklb version' cat_cmd 'sudo yt-dlp --version' 'yt-dlp version' cat_cmd 'systemctl status calibre-web' 'Is Calibre-Web running?' -cat_cmd 'journalctl -u calibre-web | tail -100' 'Calibre-Web systemd log' +cat_cmd 'sudo journalctl -u calibre-web | tail -100' 'Calibre-Web systemd log' cat_tail /var/log/calibre-web.log 100 cat_tail /var/log/xklb.log 300 -cat_cmd 'journalctl -t IIAB-CMDSRV' 'Admin Console CMDSRV log' +cat_cmd 'sudo journalctl -t IIAB-CMDSRV' 'Admin Console CMDSRV log' #cat_cmd 'ansible localhost -m setup 2>/dev/null' 'All Ansible facts' # For cleaner scraping of Ansible vars, consider "./runrole all-vars /tmp/all-ansible-vars" 27-31 lines above? echo -e "\n 5. Firewall Rules:\n" From 89a06d6e5e5706a81faf5345acc7cb8bef785a84 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 22 Jan 2025 18:26:43 -0500 Subject: [PATCH 044/148] Update iiab-diagnostics.README.md for PR #3909 --- scripts/iiab-diagnostics.README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/iiab-diagnostics.README.md b/scripts/iiab-diagnostics.README.md index 8e60124a3..f766e922e 100644 --- a/scripts/iiab-diagnostics.README.md +++ b/scripts/iiab-diagnostics.README.md @@ -66,4 +66,4 @@ But first off, the file is compiled by harvesting 1 + 6 kinds of things: ## Source Code -Please look over the bottom of [iiab-diagnostics](iiab-diagnostics) (lines 135-268 especially) to learn more about which common IIAB files and commands make this rapid troubleshooting possible. +Please look over the bottom of [iiab-diagnostics](iiab-diagnostics) (lines 135-269 especially) to learn more about which common IIAB files and commands make this rapid troubleshooting possible. From ad175fb3caf50a66935afbcef7616ea18affff56 Mon Sep 17 00:00:00 2001 From: avni Date: Thu, 23 Jan 2025 06:19:13 +0100 Subject: [PATCH 045/148] index.php, upload-file.php: change 'submit' to 'upload' in user-facing text --- roles/usb_lib/files/upload/index.php | 2 +- roles/usb_lib/files/upload/upload-file.php | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/usb_lib/files/upload/index.php b/roles/usb_lib/files/upload/index.php index e77b079ff..6eab98dbf 100644 --- a/roles/usb_lib/files/upload/index.php +++ b/roles/usb_lib/files/upload/index.php @@ -15,7 +15,7 @@ $file_count = getFileCount(getTargetFolderPath(0));



- +

files have been uploaded today! diff --git a/roles/usb_lib/files/upload/upload-file.php b/roles/usb_lib/files/upload/upload-file.php index 510a308ab..a3c6e9674 100644 --- a/roles/usb_lib/files/upload/upload-file.php +++ b/roles/usb_lib/files/upload/upload-file.php @@ -15,10 +15,10 @@ $upload_ok = 1; $upload_msg = ""; if(!isset($_POST["submit"]) || !is_uploaded_file($_FILES['uploaded_file']['tmp_name'])) { - $upload_msg = "No file submitted!"; + $upload_msg = "No file uploaded!"; $upload_ok = 0; } elseif (!isFileMimeTypeAcceptable($_FILES["uploaded_file"]["tmp_name"])) { - $upload_msg = "You can not upload zips, executables, xml, and other high-risk files!"; + $upload_msg = "You cannot upload zips, executables, xml, or binary files!"; $upload_ok = 0; } elseif (file_exists($target_file)) { @@ -50,7 +50,7 @@ $file_count = getFileCount($target_folder_path); ?>
- files have been submitted today! + files have been uploaded today! From 91533f5fb3eb4a4e2eda0d807cfacbb6cec8b7a1 Mon Sep 17 00:00:00 2001 From: avni Date: Thu, 23 Jan 2025 06:19:25 +0100 Subject: [PATCH 046/148] iiab.conf.j2: modify config to route /usb/upload/*.php to the upload2usb app! --- roles/nginx/templates/iiab.conf.j2 | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/roles/nginx/templates/iiab.conf.j2 b/roles/nginx/templates/iiab.conf.j2 index e25a2b08c..e3fdee774 100644 --- a/roles/nginx/templates/iiab.conf.j2 +++ b/roles/nginx/templates/iiab.conf.j2 @@ -5,7 +5,20 @@ location / { location /usb { alias /library/www/html/local_content/; fancyindex on; # autoindex on; - add_before_body /usb/upload/button.html; + add_before_body /usb/upload/button.html; +} + +location ~ ^/usb/upload/(.*)\.php$ { + alias /library/www/html/local_content/upload/$1.php; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $remote_addr; + proxy_set_header Host $host; + fastcgi_pass php; + fastcgi_index index.php; + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param SCRIPT_NAME $fastcgi_script_name; + include fastcgi_params; } location /local_content/ { From 68dafdbc399bd493bee8cd5b2c6a55cb707e9846 Mon Sep 17 00:00:00 2001 From: avni Date: Thu, 23 Jan 2025 06:27:32 +0100 Subject: [PATCH 047/148] button.html: change button href to point to /usb/upload instead of /local_content/upload --- roles/usb_lib/files/upload/button.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/usb_lib/files/upload/button.html b/roles/usb_lib/files/upload/button.html index 276baa839..658f74fb2 100644 --- a/roles/usb_lib/files/upload/button.html +++ b/roles/usb_lib/files/upload/button.html @@ -16,4 +16,4 @@ color: #ddd; } -Upload to USB +Upload to USB From 6dfda009e424dbdcb4531433c2d752364cd2edf7 Mon Sep 17 00:00:00 2001 From: avni Date: Thu, 23 Jan 2025 06:51:43 +0100 Subject: [PATCH 048/148] upload2usb.php: allow all word files, be more specific about xml mimetypes; log error message if user uploads invalid mimetype --- roles/usb_lib/files/upload/upload2usb.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/roles/usb_lib/files/upload/upload2usb.php b/roles/usb_lib/files/upload/upload2usb.php index 31623ea6f..f2b3aa883 100644 --- a/roles/usb_lib/files/upload/upload2usb.php +++ b/roles/usb_lib/files/upload/upload2usb.php @@ -55,9 +55,10 @@ function getFileCount ($folder_path) { //check if file mimetype is acceptable for upload function isFileMimeTypeAcceptable ($file) { $mimetype = strtolower(mime_content_type($file)); - $invalid_mimetypes_str = array ("compress", "octet", "xml", "zip"); + $invalid_mimetypes_str = array ("compress", "image/svg+xml", "octet", "text/xml", "xhtml+xml", "zip"); foreach ($invalid_mimetypes_str as $invalid_mt_str) { if (str_contains($mimetype, $invalid_mt_str)) { + error_log('UPLOAD2USB ERROR - MIMETYPE: ' . $mimetype); return false; } } From 0cc63d8895dd6b07dcee71a61db2c3dbd8304151 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Thu, 23 Jan 2025 02:38:56 -0600 Subject: [PATCH 049/148] detect cmdline country code passed --- roles/network/tasks/detected_network.yml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/roles/network/tasks/detected_network.yml b/roles/network/tasks/detected_network.yml index f75ad3f06..5e95182d3 100644 --- a/roles/network/tasks/detected_network.yml +++ b/roles/network/tasks/detected_network.yml @@ -269,6 +269,11 @@ register: FW_rejected_country ignore_errors: True +- name: Detect country code passed from cmdline + shell: dmesg | awk -F cfg80211.ieee80211_regdom= '{print $2}' + register: cmdline_country_code + ignore_errors: True + - name: In VM disable LAN - needs local_vars entry to activate set_fact: iiab_lan_iface: none @@ -351,7 +356,7 @@ value: "{{ item.value | string }}" with_items: - option: FW_rejected_country - value: "{{ host_country_code_found }}" + value: "{{ cmdline_country_code }}" when: FW_rejected_country.stdout is defined # well if there ever was a point to tell the user things are FUBAR this is it. From eb21c8654aa4a24d6be41e9dab43f35609c5ba03 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Thu, 23 Jan 2025 06:45:38 -0600 Subject: [PATCH 050/148] UNSET --- roles/network/defaults/main.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/roles/network/defaults/main.yml b/roles/network/defaults/main.yml index 100b1f6ff..593f14922 100644 --- a/roles/network/defaults/main.yml +++ b/roles/network/defaults/main.yml @@ -71,7 +71,8 @@ iiab_lan_iface: none discovered_lan_iface: none discovered_wired_iface: none discovered_wireless_iface: none -host_country_code_found: unset +# use the same case as what `iw reg get` would return with 00 present +host_country_code_found: UNSET # Red Hat #iiab_wired_lan_iface: "none" From 999127339102c443a6d2ed9a7612f5ea2a552b73 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Thu, 23 Jan 2025 12:36:55 -0600 Subject: [PATCH 051/148] grep & stdout --- roles/network/tasks/detected_network.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/network/tasks/detected_network.yml b/roles/network/tasks/detected_network.yml index 5e95182d3..e4ec63bd8 100644 --- a/roles/network/tasks/detected_network.yml +++ b/roles/network/tasks/detected_network.yml @@ -269,8 +269,8 @@ register: FW_rejected_country ignore_errors: True -- name: Detect country code passed from cmdline - shell: dmesg | awk -F cfg80211.ieee80211_regdom= '{print $2}' +- name: Detect country code passed from cmdline in dmesg + shell: dmesg | grep ieee80211 | awk -F cfg80211.ieee80211_regdom= '{print $2}' register: cmdline_country_code ignore_errors: True @@ -356,7 +356,7 @@ value: "{{ item.value | string }}" with_items: - option: FW_rejected_country - value: "{{ cmdline_country_code }}" + value: "{{ cmdline_country_code.stdout }}" when: FW_rejected_country.stdout is defined # well if there ever was a point to tell the user things are FUBAR this is it. From dcc9862527f92153ba90affaabdfdc436eb7722f Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Thu, 23 Jan 2025 15:36:19 -0600 Subject: [PATCH 052/148] use systemd-udev-trigger.service --- roles/usb_lib/templates/usbmount@.service.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/usb_lib/templates/usbmount@.service.j2 b/roles/usb_lib/templates/usbmount@.service.j2 index 34d75d9f3..52da18ba5 100644 --- a/roles/usb_lib/templates/usbmount@.service.j2 +++ b/roles/usb_lib/templates/usbmount@.service.j2 @@ -1,7 +1,7 @@ [Unit] BindTo=%i.device After=%i.device -After=rc-local.service +After=systemd-udev-trigger.service [Service] #Type=oneshot From e319b394e87177ccf440d62077c9baab2fee735f Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Fri, 24 Jan 2025 08:14:42 -0600 Subject: [PATCH 053/148] Update roles/network/tasks/detected_network.yml future proof Co-authored-by: A Holt --- roles/network/tasks/detected_network.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/network/tasks/detected_network.yml b/roles/network/tasks/detected_network.yml index e4ec63bd8..a5fc5eaf0 100644 --- a/roles/network/tasks/detected_network.yml +++ b/roles/network/tasks/detected_network.yml @@ -270,7 +270,7 @@ ignore_errors: True - name: Detect country code passed from cmdline in dmesg - shell: dmesg | grep ieee80211 | awk -F cfg80211.ieee80211_regdom= '{print $2}' + shell: dmesg | grep -m1 'cfg80211\.ieee80211_regdom=' | awk -F 'cfg80211\.ieee80211_regdom=' '{print $2}' register: cmdline_country_code ignore_errors: True From eecf6f83064c3eda3c5574711720b2d28fd6a4d9 Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 24 Jan 2025 10:06:30 -0500 Subject: [PATCH 054/148] Wifi Country Code might in the middle of dmesg line (not on the right) --- roles/network/tasks/detected_network.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/network/tasks/detected_network.yml b/roles/network/tasks/detected_network.yml index a5fc5eaf0..1663f8c39 100644 --- a/roles/network/tasks/detected_network.yml +++ b/roles/network/tasks/detected_network.yml @@ -270,7 +270,7 @@ ignore_errors: True - name: Detect country code passed from cmdline in dmesg - shell: dmesg | grep -m1 'cfg80211\.ieee80211_regdom=' | awk -F 'cfg80211\.ieee80211_regdom=' '{print $2}' + shell: dmesg | grep -om1 'cfg80211\.ieee80211_regdom=\S*' | cut -d= -f2 register: cmdline_country_code ignore_errors: True From 3b9edfdfc0282cb2218bdcb3a3147302991b50a7 Mon Sep 17 00:00:00 2001 From: avni Date: Sat, 25 Jan 2025 07:13:09 +0100 Subject: [PATCH 055/148] multiple files in vars/ and usb_lib/: rename usb_lib_umask0000_for_kolibri to usb_lib_writable_sticks so it is more generally applicable --- roles/usb_lib/README.rst | 2 +- roles/usb_lib/defaults/main.yml | 4 ++-- roles/usb_lib/files/upload/upload2usb.php | 2 +- roles/usb_lib/tasks/install.yml | 2 +- roles/usb_lib/tasks/main.yml | 14 +++++++------- vars/default_vars.yml | 4 ++-- vars/local_vars_large.yml | 4 ++-- vars/local_vars_medical.yml | 2 +- vars/local_vars_medium.yml | 4 ++-- vars/local_vars_small.yml | 4 ++-- vars/local_vars_unittest.yml | 2 +- 11 files changed, 22 insertions(+), 22 deletions(-) diff --git a/roles/usb_lib/README.rst b/roles/usb_lib/README.rst index 22fd711d2..54d9714ca 100644 --- a/roles/usb_lib/README.rst +++ b/roles/usb_lib/README.rst @@ -20,7 +20,7 @@ Automount is handled by usbmount, and scripts in this role look in the root of t USB drives must be formatted with one of the filesystems listed under "FILESYSTEMS=" at ``/etc/usbmount/usbmount.conf`` — these are specified on/around Line 76 of: `/opt/iiab/iiab/roles/usb_lib/tasks/install.yml `_ -IIAB will generally mount USB drives 'rw' allowing root to both read and write to them. In addition, in March 2021 (`PR #2715 `_) Kolibri exports were enabled by also giving non-root users read and write access to VFAT/FAT32, NTFS and exFAT USB drives, using ``umask=0000`` (in /etc/usbmount/usbmount.conf) to override the ``umask=0022`` default. If however you prefer to restore usbmount's default, set ``usb_lib_umask0000_for_kolibri: False`` in `/etc/iiab/local_vars.yml `_ (preferably do this prior to installing IIAB). +IIAB will generally mount USB drives 'rw' allowing root to both read and write to them. In addition, in March 2021 (`PR #2715 `_) Kolibri and other app exports were enabled by also giving non-root users read and write access to VFAT/FAT32, NTFS and exFAT USB drives, using ``umask=0000`` (in /etc/usbmount/usbmount.conf) to override the ``umask=0022`` default. If, however, you prefer to restore usbmount's default, set ``usb_lib_writable_sticks: False`` in `/etc/iiab/local_vars.yml `_ (preferably do this prior to installing IIAB). Official `usbmount 0.0.22 (2011-08-08) `_ documentation: diff --git a/roles/usb_lib/defaults/main.yml b/roles/usb_lib/defaults/main.yml index 2a4b19308..c53591f8f 100644 --- a/roles/usb_lib/defaults/main.yml +++ b/roles/usb_lib/defaults/main.yml @@ -5,8 +5,8 @@ # iiab_usb_lib_show_all: True # Set umask=0000 for VFAT, NTFS and exFAT in /etc/usbmount/usbmount.conf so -# Kolibri can export & import channels to USB sticks/drive: -# usb_lib_umask0000_for_kolibri: True +# Kolibri, upload2usb, and other apps can export & import channels to USB sticks/drive: +# usb_lib_writable_sticks: True # All above are set in: github.com/iiab/iiab/blob/master/vars/default_vars.yml # If nec, change them by editing /etc/iiab/local_vars.yml prior to installing! diff --git a/roles/usb_lib/files/upload/upload2usb.php b/roles/usb_lib/files/upload/upload2usb.php index f2b3aa883..cfd87775f 100644 --- a/roles/usb_lib/files/upload/upload2usb.php +++ b/roles/usb_lib/files/upload/upload2usb.php @@ -42,7 +42,7 @@ function getTargetFolderPath ($create_folder_p) { $target_folder_path = $parent_dir . $today_folder_name; if (!file_exists($target_folder_path) && $create_folder_p) { - mkdir($target_folder_path, 0777) or throw new RuntimeException("Not able to create upload directory.
Make sure 'usb_lib_umask0000_for_kolibri' is set to 'True'.

"); + mkdir($target_folder_path, 0777) or throw new RuntimeException("Not able to create upload directory.
Make sure 'usb_lib_writable_sticks' is set to 'True'.

"); } return $target_folder_path; } diff --git a/roles/usb_lib/tasks/install.yml b/roles/usb_lib/tasks/install.yml index e435719dc..4e40a99eb 100644 --- a/roles/usb_lib/tasks/install.yml +++ b/roles/usb_lib/tasks/install.yml @@ -7,7 +7,7 @@ # https://github.com/rbrito/usbmount/blob/master/README.md (2018-08-10) # https://github.com/rbrito/usbmount/blob/master/usbmount.conf (2010-04-25) -# usb_lib_umask0000_for_kolibri (e.g., in /etc/iiab/local_vars.yml) must be set to true in order to be able to write to mounted USB sticks +# usb_lib_writable_sticks (e.g., in /etc/iiab/local_vars.yml) must be set to true in order to be able to write to mounted USB sticks # If you are still not able to write to a mounted USB stick, you can unmount the drive (sudo umount ) and then remount it setting umask to 0000 manually (sudo mount -o umask=0000 ). diff --git a/roles/usb_lib/tasks/main.yml b/roles/usb_lib/tasks/main.yml index 7836f2d3a..52d192da8 100644 --- a/roles/usb_lib/tasks/main.yml +++ b/roles/usb_lib/tasks/main.yml @@ -32,28 +32,28 @@ # If setup.yml becomes the norm in future, put the 2-3 stanzas below in there: -- name: "Set 'umask=0000' for {VFAT/FAT32, NTFS, exFAT} using var FS_MOUNTOPTIONS in /etc/usbmount/usbmount.conf, so Kolibri exports work" +- name: "Set 'umask=0000' for {VFAT/FAT32, NTFS, exFAT} using var FS_MOUNTOPTIONS in /etc/usbmount/usbmount.conf, so Kolibri, upload2usb, and other app exports work" lineinfile: regexp: '^FS_MOUNTOPTIONS=.*' line: 'FS_MOUNTOPTIONS="-fstype=vfat,umask=0000 -fstype=ntfs,umask=0000 -fstype=exfat,umask=0000"' path: /etc/usbmount/usbmount.conf - when: usb_lib_umask0000_for_kolibri + when: usb_lib_writable_sticks # Setting 'umask=0000' for all filesystems: (much the same thing as above, as # the mount command does not use this umask setting for filesystems like ext4) -#- name: "Add ',umask=0000' to MOUNTOPTIONS var in /etc/usbmount/usbmount.conf, so Kolibri exports work" +#- name: "Add ',umask=0000' to MOUNTOPTIONS var in /etc/usbmount/usbmount.conf, so Kolibri, upload2usb, and other app exports work" # lineinfile: # regexp: '^MOUNTOPTIONS=.*' # line: 'MOUNTOPTIONS="sync,noexec,nodev,noatime,nodiratime,umask=0000"' # path: /etc/usbmount/usbmount.conf -# when: usb_lib_umask0000_for_kolibri +# when: usb_lib_writable_sticks - name: 'Set FS_MOUNTOPTIONS="" in /etc/usbmount/usbmount.conf, e.g. if Kolibri will not be used' lineinfile: regexp: '^FS_MOUNTOPTIONS=.*' line: 'FS_MOUNTOPTIONS=""' # Restore apt pkg default, e.g. for runrole path: /etc/usbmount/usbmount.conf - when: not usb_lib_umask0000_for_kolibri + when: not usb_lib_writable_sticks - name: Enable/Disable/Restart NGINX @@ -88,5 +88,5 @@ value: "{{ usb_lib_install }}" - option: usb_lib_enabled value: "{{ usb_lib_enabled }}" - - option: usb_lib_umask0000_for_kolibri - value: "{{ usb_lib_umask0000_for_kolibri }}" + - option: usb_lib_writable_sticks + value: "{{ usb_lib_writable_sticks }}" diff --git a/vars/default_vars.yml b/vars/default_vars.yml index 4494cbd72..11ed238a7 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -310,8 +310,8 @@ usb_lib_enabled: True # Show entire contents of USB sticks/drives (at http://box/usb) iiab_usb_lib_show_all: True # Set umask=0000 for VFAT, NTFS and exFAT in /etc/usbmount/usbmount.conf so -# Kolibri can export & import channels to USB sticks/drive: -usb_lib_umask0000_for_kolibri: True +# Kolibri, upload2usb, and other apps can export & import channels to USB sticks/drive: +usb_lib_writable_sticks: True systemd_location: /lib/systemd/system # 2-common iiab-startup also uses # Common UNIX Printing System (CUPS) diff --git a/vars/local_vars_large.yml b/vars/local_vars_large.yml index 920cf7ba1..91b744051 100644 --- a/vars/local_vars_large.yml +++ b/vars/local_vars_large.yml @@ -195,8 +195,8 @@ bluetooth_term_enabled: False # Show entire contents of USB sticks/drives (at http://box/usb) iiab_usb_lib_show_all: True # Set umask=0000 for VFAT, NTFS and exFAT in /etc/usbmount/usbmount.conf so -# Kolibri can export & import channels to USB sticks/drive: -usb_lib_umask0000_for_kolibri: True +# Kolibri, upload2usb, and other apps can export & import channels to USB sticks/drive: +usb_lib_writable_sticks: True # Common UNIX Printing System (CUPS) cups_install: True diff --git a/vars/local_vars_medical.yml b/vars/local_vars_medical.yml index d997362a4..445c9bb2f 100644 --- a/vars/local_vars_medical.yml +++ b/vars/local_vars_medical.yml @@ -12,7 +12,7 @@ munin_install: True munin_enabled: True vnstat_install: True vnstat_enabled: True -usb_lib_umask0000_for_kolibri: False +usb_lib_writable_sticks: False allow_www_data_poweroff: False # By default # kiwix diff --git a/vars/local_vars_medium.yml b/vars/local_vars_medium.yml index a554dc34b..f55dd8ce8 100644 --- a/vars/local_vars_medium.yml +++ b/vars/local_vars_medium.yml @@ -195,8 +195,8 @@ bluetooth_term_enabled: False # Show entire contents of USB sticks/drives (at http://box/usb) iiab_usb_lib_show_all: True # Set umask=0000 for VFAT, NTFS and exFAT in /etc/usbmount/usbmount.conf so -# Kolibri can export & import channels to USB sticks/drive: -usb_lib_umask0000_for_kolibri: True +# Kolibri, upload2usb, and other apps can export & import channels to USB sticks/drive: +usb_lib_writable_sticks: True # Common UNIX Printing System (CUPS) cups_install: False diff --git a/vars/local_vars_small.yml b/vars/local_vars_small.yml index 8689b3ae9..5cfa34bec 100644 --- a/vars/local_vars_small.yml +++ b/vars/local_vars_small.yml @@ -195,8 +195,8 @@ bluetooth_term_enabled: False # Show entire contents of USB sticks/drives (at http://box/usb) iiab_usb_lib_show_all: True # Set umask=0000 for VFAT, NTFS and exFAT in /etc/usbmount/usbmount.conf so -# Kolibri can export & import channels to USB sticks/drive: -usb_lib_umask0000_for_kolibri: True +# Kolibri, upload2usb, and other apps can export & import channels to USB sticks/drive: +usb_lib_writable_sticks: True # Common UNIX Printing System (CUPS) cups_install: False diff --git a/vars/local_vars_unittest.yml b/vars/local_vars_unittest.yml index 30720a49e..89accf217 100644 --- a/vars/local_vars_unittest.yml +++ b/vars/local_vars_unittest.yml @@ -202,7 +202,7 @@ bluetooth_term_enabled: False iiab_usb_lib_show_all: True # Set umask=0000 for VFAT, NTFS and exFAT in /etc/usbmount/usbmount.conf so # Kolibri can export & import channels to USB sticks/drive: -usb_lib_umask0000_for_kolibri: True +usb_lib_writable_sticks: True # Common UNIX Printing System (CUPS) cups_install: False From 286890b0d097e84ab404e8f40dc25432f3009d6d Mon Sep 17 00:00:00 2001 From: avni Date: Sat, 25 Jan 2025 08:14:44 +0100 Subject: [PATCH 056/148] error.php: updating FAQ reference to refer to new upload2usb-specific FAQ. --- roles/usb_lib/files/upload/error.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/roles/usb_lib/files/upload/error.php b/roles/usb_lib/files/upload/error.php index c5210d229..2e51003e0 100644 --- a/roles/usb_lib/files/upload/error.php +++ b/roles/usb_lib/files/upload/error.php @@ -5,8 +5,7 @@ */ ?> - -ERROR: Please make sure one and ONLY one (no more, no less) removable USB stick is plugged into your Internet-in-a-Box. Please see IIAB FAQs for additional support: FAQ #4 - Can teachers display their own content?, FAQ #49 - What are the best places for community support?. +ERROR: Please make sure one and ONLY one (no more, no less) removable USB stick is plugged into your Internet-in-a-Box. Please see IIAB FAQ, Can students upload their own work?, for additional support.

From 44e2772ccc4eec963ed610f0b94cde422a990b71 Mon Sep 17 00:00:00 2001 From: avni Date: Sat, 25 Jan 2025 09:44:02 -0500 Subject: [PATCH 057/148] Update README to clarify Kolibri exports --- roles/usb_lib/README.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/usb_lib/README.rst b/roles/usb_lib/README.rst index 54d9714ca..bb8b82e4e 100644 --- a/roles/usb_lib/README.rst +++ b/roles/usb_lib/README.rst @@ -20,7 +20,7 @@ Automount is handled by usbmount, and scripts in this role look in the root of t USB drives must be formatted with one of the filesystems listed under "FILESYSTEMS=" at ``/etc/usbmount/usbmount.conf`` — these are specified on/around Line 76 of: `/opt/iiab/iiab/roles/usb_lib/tasks/install.yml `_ -IIAB will generally mount USB drives 'rw' allowing root to both read and write to them. In addition, in March 2021 (`PR #2715 `_) Kolibri and other app exports were enabled by also giving non-root users read and write access to VFAT/FAT32, NTFS and exFAT USB drives, using ``umask=0000`` (in /etc/usbmount/usbmount.conf) to override the ``umask=0022`` default. If, however, you prefer to restore usbmount's default, set ``usb_lib_writable_sticks: False`` in `/etc/iiab/local_vars.yml `_ (preferably do this prior to installing IIAB). +IIAB will generally mount USB drives 'rw' allowing root to both read and write to them. In addition, in March 2021 (`PR #2715 `_) Kolibri exports were enabled by also giving non-root users read and write access to VFAT/FAT32, NTFS and exFAT USB drives, using ``umask=0000`` (in /etc/usbmount/usbmount.conf) to override the ``umask=0022`` default. If, however, you prefer to restore usbmount's default, set ``usb_lib_writable_sticks: False`` in `/etc/iiab/local_vars.yml `_ (preferably do this prior to installing IIAB). Official `usbmount 0.0.22 (2011-08-08) `_ documentation: From 7c2f0c9c6ef42ef2ffe44f230d8245555d7de979 Mon Sep 17 00:00:00 2001 From: avni Date: Sat, 25 Jan 2025 21:30:36 +0100 Subject: [PATCH 058/148] usb_lib/*, vars/*: prevent Cheating (Copying) of homeworks, when teacher creates 'PUBLIC' folder on their USB stick --- roles/usb_lib/files/upload/error.php | 2 +- roles/usb_lib/tasks/install.yml | 6 +- roles/usb_lib/tasks/main.yml | 11 +-- roles/usb_lib/tasks/nginx.yml | 32 +++++---- roles/usb_lib/templates/iiab-clean-usb.sh | 4 +- ...l-off => iiab-usb_lib-show-all-off.unused} | 0 ...all-on => iiab-usb_lib-show-all-on.unused} | 0 .../usb_lib/templates/mount.d/70-usb-library | 72 ------------------- .../templates/mount.d/70-usb-library.j2 | 45 ++++++++++++ .../70-usb-library | 4 +- vars/default_vars.yml | 3 +- vars/local_vars_large.yml | 3 +- vars/local_vars_medium.yml | 3 +- vars/local_vars_small.yml | 3 +- vars/local_vars_unittest.yml | 3 +- 15 files changed, 85 insertions(+), 106 deletions(-) rename roles/usb_lib/templates/{iiab-usb_lib-show-all-off => iiab-usb_lib-show-all-off.unused} (100%) rename roles/usb_lib/templates/{iiab-usb_lib-show-all-on => iiab-usb_lib-show-all-on.unused} (100%) delete mode 100644 roles/usb_lib/templates/mount.d/70-usb-library create mode 100644 roles/usb_lib/templates/mount.d/70-usb-library.j2 rename roles/usb_lib/templates/{umount.d => umount.d.unused}/70-usb-library (75%) diff --git a/roles/usb_lib/files/upload/error.php b/roles/usb_lib/files/upload/error.php index 2e51003e0..46dd0e667 100644 --- a/roles/usb_lib/files/upload/error.php +++ b/roles/usb_lib/files/upload/error.php @@ -5,7 +5,7 @@ */ ?> -ERROR: Please make sure one and ONLY one (no more, no less) removable USB stick is plugged into your Internet-in-a-Box. Please see IIAB FAQ, Can students upload their own work?, for additional support. +ERROR: Please make sure one and ONLY one (no more, no less) removable USB stick is plugged into your Internet-in-a-Box. Please see IIAB FAQ, "Can students upload their own work?", for additional support.

diff --git a/roles/usb_lib/tasks/install.yml b/roles/usb_lib/tasks/install.yml index e435719dc..f4c5d671e 100644 --- a/roles/usb_lib/tasks/install.yml +++ b/roles/usb_lib/tasks/install.yml @@ -67,7 +67,7 @@ group: "{{ apache_user }}" # 2020-02-13: changed from iiab_admin_user, after discussion on weekly call (#1228, #2222) mode: 0775 -- name: 'Install from template: /etc/udev/rules.d/usbmount.rules, /etc/systemd/system/usbmount@.service, /usr/bin/iiab-usb_lib-show-all-on, /usr/bin/iiab-usb_lib-show-all-off, /usr/sbin/iiab-clean-usb.sh' +- name: 'Install from template: /etc/udev/rules.d/usbmount.rules, /etc/systemd/system/usbmount@.service, /usr/sbin/iiab-clean-usb.sh' template: src: "{{ item.src }}" dest: "{{ item.dest }}" @@ -75,8 +75,6 @@ with_items: - { src: 'usbmount.rules.j2', dest: '/etc/udev/rules.d/usbmount.rules', mode: '0644' } - { src: 'usbmount@.service.j2', dest: '/etc/systemd/system/usbmount@.service', mode: '0644' } - - { src: 'iiab-usb_lib-show-all-on', dest: '/usr/bin/', mode: '0755' } - - { src: 'iiab-usb_lib-show-all-off', dest: '/usr/bin/', mode: '0755' } - { src: 'iiab-clean-usb.sh', dest: '/usr/sbin/', mode: '0755' } - name: '2025-01-05: Add upload2usb app (#3875) directory to local_content' @@ -90,7 +88,7 @@ - name: '2025-01-05: Copy upload2usb app (#3875) files from files/upload/ to local_content' copy: src: "{{ item }}" - dest: "{{ doc_root }}/local_content/upload" # /library/www/html + dest: "{{ doc_root }}/local_content/upload/" # /library/www/html with_fileglob: - upload/* diff --git a/roles/usb_lib/tasks/main.yml b/roles/usb_lib/tasks/main.yml index 7836f2d3a..af9d22790 100644 --- a/roles/usb_lib/tasks/main.yml +++ b/roles/usb_lib/tasks/main.yml @@ -66,11 +66,12 @@ path: /etc/usbmount/mount.d/00_create_model_symlink state: absent -- name: Put variable in iiab.env that enables display of content at root of USB - lineinfile: - path: "{{ iiab_env_file }}" - regexp: "^IIAB_USB_LIB_SHOW_ALL.*" - line: "IIAB_USB_LIB_SHOW_ALL={{ iiab_usb_lib_show_all }}" +# 20250125: using existence of PUBLIC folder on USB stick in lieu of this env variable. +#- name: Put variable in iiab.env that enables display of content at root of USB +# lineinfile: +# path: "{{ iiab_env_file }}" +# regexp: "^IIAB_USB_LIB_SHOW_ALL.*" +# line: "IIAB_USB_LIB_SHOW_ALL={{ iiab_usb_lib_show_all }}" - name: Add 'usb_lib' variable values to {{ iiab_ini_file }} diff --git a/roles/usb_lib/tasks/nginx.yml b/roles/usb_lib/tasks/nginx.yml index 7e572142a..1e6be6d21 100644 --- a/roles/usb_lib/tasks/nginx.yml +++ b/roles/usb_lib/tasks/nginx.yml @@ -1,20 +1,21 @@ - name: Install /etc/usbmount/mount.d/70-usb-library from template, if usb_lib_enabled template: - src: mount.d/70-usb-library - dest: /etc/usbmount/mount.d/ + src: mount.d/70-usb-library.j2 + dest: /etc/usbmount/mount.d/70-usb-library owner: root group: root mode: '0751' when: usb_lib_enabled -- name: Install /etc/usbmount/umount.d/70-usb-library from template, if usb_lib_enabled - template: - src: umount.d/70-usb-library - dest: /etc/usbmount/umount.d - owner: root - group: root - mode: '0751' - when: usb_lib_enabled +# 20250125: commenting out stale file, superseded by iiab-clean-usb.sh +# - name: Install /etc/usbmount/umount.d/70-usb-library from template, if usb_lib_enabled +# template: +# src: umount.d/70-usb-library +# dest: /etc/usbmount/umount.d +# owner: root +# group: root +# mode: '0751' +# when: usb_lib_enabled - name: Remove /etc/usbmount/mount.d/70-usb-library if not usb_lib_enabled file: @@ -22,11 +23,12 @@ state: absent when: not usb_lib_enabled -- name: Remove /etc/usbmount/umount.d/70-usb-library if not usb_lib_enabled - file: - path: /etc/usbmount/umount.d/70-usb-library - state: absent - when: not usb_lib_enabled +# 20250125: commenting out stale file, superseded by iiab-clean-usb.sh +# - name: Remove /etc/usbmount/umount.d/70-usb-library if not usb_lib_enabled +# file: +# path: /etc/usbmount/umount.d/70-usb-library +# state: absent +# when: not usb_lib_enabled - name: Restart 'nginx' systemd service systemd: diff --git a/roles/usb_lib/templates/iiab-clean-usb.sh b/roles/usb_lib/templates/iiab-clean-usb.sh index a1876551c..56d63292d 100644 --- a/roles/usb_lib/templates/iiab-clean-usb.sh +++ b/roles/usb_lib/templates/iiab-clean-usb.sh @@ -5,10 +5,10 @@ DEVICE=`echo $@ | sed -s 's|-|/|'` MNT_POINT=`findmnt -n /$DEVICE | awk '{print $1}'` CONTENT_LINK_USB=`basename $MNT_POINT | awk '{print toupper($0)}'` CONTENT_LINK="/library/www/html/local_content/$CONTENT_LINK_USB" -logger -p user.notice -t "usbmount" -- "Attempting to remove link $CONTENT_LINK." +logger -p user.notice -t "usb_lib (iiab-clean-usb.sh)" -- "Attempting to remove link $CONTENT_LINK." if [ -L $CONTENT_LINK ]; then /bin/rm $CONTENT_LINK - logger -p user.notice -t "usbmount" -- "$CONTENT_LINK removed." + logger -p user.notice -t "usb_lib (iiab-clean-usb.sh)" -- "$CONTENT_LINK removed." fi diff --git a/roles/usb_lib/templates/iiab-usb_lib-show-all-off b/roles/usb_lib/templates/iiab-usb_lib-show-all-off.unused similarity index 100% rename from roles/usb_lib/templates/iiab-usb_lib-show-all-off rename to roles/usb_lib/templates/iiab-usb_lib-show-all-off.unused diff --git a/roles/usb_lib/templates/iiab-usb_lib-show-all-on b/roles/usb_lib/templates/iiab-usb_lib-show-all-on.unused similarity index 100% rename from roles/usb_lib/templates/iiab-usb_lib-show-all-on rename to roles/usb_lib/templates/iiab-usb_lib-show-all-on.unused diff --git a/roles/usb_lib/templates/mount.d/70-usb-library b/roles/usb_lib/templates/mount.d/70-usb-library deleted file mode 100644 index 5b9cfefe8..000000000 --- a/roles/usb_lib/templates/mount.d/70-usb-library +++ /dev/null @@ -1,72 +0,0 @@ -#!/bin/bash -# Create symlink in DocumentRoot/content to autmounted usb drive -# -# based on a similar script in the xs-rsync package -# by Martin Langhoff -# -# and the adaptation for xs-activity-server by Douglas Bagnall -# -# -# by Tim Moody tim@timmoody.com - -source {{ iiab_env_file }} -case $IIAB_USB_LIB_SHOW_ALL in -'True'|'true'|'TRUE') - logger -p user.notice -t "70-usb-library" -- "Display entire USB drive is True. Checking for rootfs or /library on $UM_MOUNTPOINT." - # regularize the variable - IIAB_USB_LIB_SHOW_ALL=True - ;; -*) - logger -p user.notice -t "70-usb-library" -- "Looking for /share, /Share, /Piratebox/Share, /USB, or /usb on $UM_MOUNTPOINT." - ;; -esac - -VERBOSE=yes - -SHARE_DIR="" -# Only show content if in these directories - -if [ -d $UM_MOUNTPOINT/share ]; then - SHARE_DIR="$UM_MOUNTPOINT/share" -fi -if [ -d $UM_MOUNTPOINT/Share ]; then - SHARE_DIR="$UM_MOUNTPOINT/Share" -fi -if [ -d $UM_MOUNTPOINT/Piratebox/Share ]; then - SHARE_DIR="$UM_MOUNTPOINT/Piratebox/Share" -fi -if [ -d $UM_MOUNTPOINT/USB ]; then - SHARE_DIR="$UM_MOUNTPOINT/USB" -fi -if [ -d $UM_MOUNTPOINT/usb ]; then - SHARE_DIR="$UM_MOUNTPOINT/usb" -fi - -if [ "$IIAB_USB_LIB_SHOW_ALL" == "True" ]; then - UM_DEV=`findmnt $UM_MOUNTPOINT | grep / | awk '{print $2}'` - LIB_DEV=`findmnt /library | grep / | awk '{print $2}' |awk -F '[' '{print $1}'` - ROOT_DEV=`findmnt / | grep / | awk '{print $2}'` - if [ "$UM_DEV" == "$LIB_DEV" ]; then - logger -p user.notice -t "70-usb-library" -- "skipping $UM_MOUNTPOINT containing /library" - #echo "lib on dev" - elif [ "$UM_DEV" == "$ROOT_DEV" ]; then - logger -p user.notice -t "70-usb-library" -- "skipping $UM_MOUNTPOINT containing rootfs" - #echo "rootfs on dev" - else - SHARE_DIR="$UM_MOUNTPOINT" - fi -fi - -if [ ! -z "$SHARE_DIR" ]; then - logger -p user.notice -t "70-usb-library" -- "Found Share Directory $SHARE_DIR." -else - logger -p user.notice -t "70-usb-library" -- "did not find /share, /Share, /Piratebox/Share, /USB, or /usb on USB" -fi - - -if [ "$SHARE_DIR" != "" ];then - CONTENT_LINK_USB=`basename $UM_MOUNTPOINT | awk '{print toupper($0)}'` - CONTENT_LINK="{{ doc_root }}/local_content/$CONTENT_LINK_USB" - logger -p user.notice -t "70-usb-library" -- "Creating link to $CONTENT_LINK." - ln -s $SHARE_DIR $CONTENT_LINK -fi diff --git a/roles/usb_lib/templates/mount.d/70-usb-library.j2 b/roles/usb_lib/templates/mount.d/70-usb-library.j2 new file mode 100644 index 000000000..d124e79c0 --- /dev/null +++ b/roles/usb_lib/templates/mount.d/70-usb-library.j2 @@ -0,0 +1,45 @@ +#!/bin/bash +# Create symlink in DocumentRoot/content to automounted usb drive +# +# based on a similar script in the xs-rsync package +# by Martin Langhoff +# +# and the adaptation for xs-activity-server by Douglas Bagnall +# +# +# by Tim Moody tim@timmoody.com + +VERBOSE=yes + +# UM_MOUNTPOINT and UM_DEVICE are documented at: https://github.com/rbrito/usbmount#hook-scripts +SHARE_DIR=$UM_MOUNTPOINT +if [ -d $UM_MOUNTPOINT/PUBLIC ]; then + SHARE_DIR="$UM_MOUNTPOINT/PUBLIC" + logger -p user.notice -t "usb_lib (70-usb-library)" -- "Found /PUBLIC on $UM_MOUNTPOINT" +else + logger -p user.notice -t "usb_lib (70-usb-library)" -- "Did not find /PUBLIC on $UM_MOUNTPOINT" +fi + +LIB_DEV=`findmnt /library | grep / | awk '{print $2}' | awk -F '[' '{print $1}'` +ROOT_DEV=`findmnt / | grep / | awk '{print $2}'` +BOOT_DEV=`findmnt /boot | grep / | awk '{print $2}'` +BOOTFW_DEV=`findmnt /boot/firmware | grep / | awk '{print $2}'` +if [ "$UM_DEVICE" == "$LIB_DEV" ]; then + logger -p user.notice -t "usb_lib (70-usb-library)" -- "Skipping $UM_MOUNTPOINT containing /library" + exit +elif [ "$UM_DEVICE" == "$ROOT_DEV" ]; then + logger -p user.notice -t "usb_lib (70-usb-library)" -- "Skipping $UM_MOUNTPOINT containing rootfs" + exit +elif [ "$UM_DEVICE" == "$BOOT_DEV" ]; then + logger -p user.notice -t "usb_lib (70-usb-library)" -- "Skipping $UM_MOUNTPOINT containing /boot" + exit +elif [ "$UM_DEVICE" == "$BOOTFW_DEV" ]; then + logger -p user.notice -t "usb_lib (70-usb-library)" -- "Skipping $UM_MOUNTPOINT containing /boot/firmware" + exit +fi + +CONTENT_LINK_USB=`basename $UM_MOUNTPOINT | awk '{print toupper($0)}'` +CONTENT_LINK="{{ doc_root }}/local_content/$CONTENT_LINK_USB" +logger -p user.notice -t "usb_lib (70-usb-library)" -- "Creating link from $SHARE_DIR to $CONTENT_LINK" +ln -s $SHARE_DIR $CONTENT_LINK + diff --git a/roles/usb_lib/templates/umount.d/70-usb-library b/roles/usb_lib/templates/umount.d.unused/70-usb-library similarity index 75% rename from roles/usb_lib/templates/umount.d/70-usb-library rename to roles/usb_lib/templates/umount.d.unused/70-usb-library index 5af914c01..d8e095008 100644 --- a/roles/usb_lib/templates/umount.d/70-usb-library +++ b/roles/usb_lib/templates/umount.d.unused/70-usb-library @@ -12,7 +12,7 @@ CONTENT_LINK_USB=`basename $UM_MOUNTPOINT | awk '{print toupper($0)}'` CONTENT_LINK="{{ doc_root }}/local_content/$CONTENT_LINK_USB" -logger -p user.notice -t "70-usb-library" -- "Attempting to remove link $CONTENT_LINK." +logger -p user.notice -t "usb_lib (70-usb-library)" -- "Attempting to remove link $CONTENT_LINK." if [ -L $CONTENT_LINK ]; then {% if is_debuntu %} @@ -20,5 +20,5 @@ if [ -L $CONTENT_LINK ]; then {% else %} /usr/bin/rm -f $CONTENT_LINK {% endif %} - logger -p user.notice -t "70-usb-library" -- "$CONTENT_LINK removed." + logger -p user.notice -t "usb_lib (70-usb-library)" -- "$CONTENT_LINK removed." fi diff --git a/vars/default_vars.yml b/vars/default_vars.yml index 4494cbd72..c42a4ca99 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -308,7 +308,8 @@ bluetooth_term_enabled: False usb_lib_install: True usb_lib_enabled: True # Show entire contents of USB sticks/drives (at http://box/usb) -iiab_usb_lib_show_all: True +# 20250125: using existence of PUBLIC folder on USB stick in lieu of this env variable. +# iiab_usb_lib_show_all: True # Set umask=0000 for VFAT, NTFS and exFAT in /etc/usbmount/usbmount.conf so # Kolibri can export & import channels to USB sticks/drive: usb_lib_umask0000_for_kolibri: True diff --git a/vars/local_vars_large.yml b/vars/local_vars_large.yml index 920cf7ba1..c84b30736 100644 --- a/vars/local_vars_large.yml +++ b/vars/local_vars_large.yml @@ -193,7 +193,8 @@ bluetooth_enabled: False bluetooth_term_enabled: False # Show entire contents of USB sticks/drives (at http://box/usb) -iiab_usb_lib_show_all: True +# 20250125: using existence of PUBLIC folder on USB stick in lieu of this env variable. +# iiab_usb_lib_show_all: True # Set umask=0000 for VFAT, NTFS and exFAT in /etc/usbmount/usbmount.conf so # Kolibri can export & import channels to USB sticks/drive: usb_lib_umask0000_for_kolibri: True diff --git a/vars/local_vars_medium.yml b/vars/local_vars_medium.yml index a554dc34b..ff46f8a9b 100644 --- a/vars/local_vars_medium.yml +++ b/vars/local_vars_medium.yml @@ -193,7 +193,8 @@ bluetooth_enabled: False bluetooth_term_enabled: False # Show entire contents of USB sticks/drives (at http://box/usb) -iiab_usb_lib_show_all: True +# 20250125: using existence of PUBLIC folder on USB stick in lieu of this env variable. +# iiab_usb_lib_show_all: True # Set umask=0000 for VFAT, NTFS and exFAT in /etc/usbmount/usbmount.conf so # Kolibri can export & import channels to USB sticks/drive: usb_lib_umask0000_for_kolibri: True diff --git a/vars/local_vars_small.yml b/vars/local_vars_small.yml index 8689b3ae9..1190ec377 100644 --- a/vars/local_vars_small.yml +++ b/vars/local_vars_small.yml @@ -193,7 +193,8 @@ bluetooth_enabled: False bluetooth_term_enabled: False # Show entire contents of USB sticks/drives (at http://box/usb) -iiab_usb_lib_show_all: True +# 20250125: using existence of PUBLIC folder on USB stick in lieu of this env variable. +# iiab_usb_lib_show_all: True # Set umask=0000 for VFAT, NTFS and exFAT in /etc/usbmount/usbmount.conf so # Kolibri can export & import channels to USB sticks/drive: usb_lib_umask0000_for_kolibri: True diff --git a/vars/local_vars_unittest.yml b/vars/local_vars_unittest.yml index 30720a49e..744148cc0 100644 --- a/vars/local_vars_unittest.yml +++ b/vars/local_vars_unittest.yml @@ -199,7 +199,8 @@ bluetooth_enabled: False bluetooth_term_enabled: False # Show entire contents of USB sticks/drives (at http://box/usb) -iiab_usb_lib_show_all: True +# 20250125: using existence of PUBLIC folder on USB stick in lieu of this env variable. +# iiab_usb_lib_show_all: True # Set umask=0000 for VFAT, NTFS and exFAT in /etc/usbmount/usbmount.conf so # Kolibri can export & import channels to USB sticks/drive: usb_lib_umask0000_for_kolibri: True From fe633b2cd72d55b0266c19e37cb3253033185fe7 Mon Sep 17 00:00:00 2001 From: root Date: Sat, 25 Jan 2025 15:36:05 -0500 Subject: [PATCH 059/148] Upload2USB initial doc cleanup --- roles/usb_lib/README.rst | 32 +++++++++++++++----------------- roles/usb_lib/defaults/main.yml | 4 ++-- roles/usb_lib/tasks/main.yml | 4 ++-- vars/default_vars.yml | 6 ++---- vars/local_vars_large.yml | 6 ++---- vars/local_vars_medium.yml | 6 ++---- vars/local_vars_small.yml | 6 ++---- vars/local_vars_unittest.yml | 6 ++---- 8 files changed, 29 insertions(+), 41 deletions(-) diff --git a/roles/usb_lib/README.rst b/roles/usb_lib/README.rst index bb8b82e4e..33d93e2dc 100644 --- a/roles/usb_lib/README.rst +++ b/roles/usb_lib/README.rst @@ -2,30 +2,28 @@ usb_lib README ============== -**PLEASE SEE "Can teachers display their own content?" WITHIN https://FAQ.IIAB.IO FOR UP-TO-DATE DOCUMENTATION.** +**PLEASE SEE** `"Can teachers display their own content?" `_ **AND** `"Can students upload their own work?" `_ **WITHIN https://FAQ.IIAB.IO FOR UP-TO-DATE DOCUMENTATION!** -This role implements functionality similar to LibraryBox, to mount "teacher content" from USB drives. +This role (1) implements functionality similar to LibraryBox, to mount "teacher content" from USB sticks / drives for students, and (2) allows students to upload their work to the teacher's USB stick / drive: -Users should have nearly immediate access to this "teacher content" (on all inserted USB drives) by browsing to http://box/usb +#. Students should have nearly immediate access to "teacher content" (on all inserted USB sticks) by browsing to http://box/usb. +#. Students can also click the "Upload to USB" button on top of this same page (http://box/usb), to upload their work to the teacher's USB stick. (FYI student uploads appear in folders like ``UPLOADS.YYYY-MM-DD`` within the root of the teacher's USB stick). -Automount is handled by usbmount, and scripts in this role look in the root of the mounted drive for... +As of January 2025, automount is handled by usbmount: (`devmon included with udevil `_ might be considered in future) -* /usb -* /USB -* /share -* /Share -* /Piratebox/Share +* A script in this role (/etc/usbmount/mount.d/70-usb-library) looks in the root of the mounted USB stick for folder /PUBLIC and if found, creates a symlink of the form /library/www/html/local_content/USBn pointing to /media/usbn/PUBLIC — where n is generally one of {0, 1, 2, 3, 4, 5, 6, 7}. *RESULT: Only documents within /PUBLIC are browsable by students.* This option is very useful to **prevent students from copying uploaded homework!** +* If however folder /PUBLIC is not found, the symlink is created to the root of the mounted USB stick. *RESULT: EVERYTHING on the USB stick is browsable by students — just like with a traditional community bulletin board.* This option is very useful when students are uploading artwork, photo essays, personal audio recordings and **science projects that are intended to be shared!** -...and if found, creates a symlink of the form /library/www/html/local_content/USBn pointing to /media/usbn — where n is generally one of {0, 1, 2, 3, 4, 5, 6, 7}. +Technical Details: -USB drives must be formatted with one of the filesystems listed under "FILESYSTEMS=" at ``/etc/usbmount/usbmount.conf`` — these are specified on/around Line 76 of: `/opt/iiab/iiab/roles/usb_lib/tasks/install.yml `_ +* USB sticks / drives must be formatted with one of the filesystems listed under "FILESYSTEMS=" at ``/etc/usbmount/usbmount.conf`` — these are specified on/around Line 100 of: `/opt/iiab/iiab/roles/usb_lib/tasks/install.yml `_ -IIAB will generally mount USB drives 'rw' allowing root to both read and write to them. In addition, in March 2021 (`PR #2715 `_) Kolibri exports were enabled by also giving non-root users read and write access to VFAT/FAT32, NTFS and exFAT USB drives, using ``umask=0000`` (in /etc/usbmount/usbmount.conf) to override the ``umask=0022`` default. If, however, you prefer to restore usbmount's default, set ``usb_lib_writable_sticks: False`` in `/etc/iiab/local_vars.yml `_ (preferably do this prior to installing IIAB). +* IIAB will generally mount USB sticks / drives 'rw' allowing root to both read and write to them. In addition, in March 2021 (`PR #2715 `_) Kolibri exports were enabled by also giving non-root users read and write access to VFAT/FAT32, NTFS and exFAT USB sticks, using ``umask=0000`` (in /etc/usbmount/usbmount.conf) to override the ``umask=0022`` default. This ``umask=0000`` is also required for students to upload to the teachers's VFAT/FAT32, NTFS and exFAT USB sticks, as introduced in January 2025 (`PR #3875 `_). If, however, you prefer to restore usbmount's default, set ``usb_lib_writable_sticks: False`` in `/etc/iiab/local_vars.yml `_ — please do this prior to installing IIAB — so you don't have to run: ``cd /opt/iiab/iiab ; ./runrole --reinstall usb_lib`` -Official `usbmount 0.0.22 (2011-08-08) `_ documentation: +* Official `usbmount 0.0.22 (2011-08-08) `_ documentation: -* https://github.com/hfuchs/usbmount/blob/master/README (2010-08-11) -* https://github.com/rbrito/usbmount/blob/master/README.md (2018-08-10) -* https://github.com/rbrito/usbmount/blob/master/usbmount.conf (2010-04-25) + * https://github.com/hfuchs/usbmount/blob/master/README (2010-08-11) + * https://github.com/rbrito/usbmount/blob/master/README.md (2018-08-10) + * https://github.com/rbrito/usbmount/blob/master/usbmount.conf (2010-04-25) -Legacy warning: There is also a patch for problems with automount on Fedora 21+. Please note that as of 4.1.8-200.fc22.x86_64 not all USB drives will mount, even with this patch. +* Dev Notes at the top of: https://github.com/iiab/iiab/blob/master/roles/usb_lib/tasks/install.yml diff --git a/roles/usb_lib/defaults/main.yml b/roles/usb_lib/defaults/main.yml index c53591f8f..427a26ea7 100644 --- a/roles/usb_lib/defaults/main.yml +++ b/roles/usb_lib/defaults/main.yml @@ -4,8 +4,8 @@ # Show entire contents of USB sticks/drives (at http://box/usb) # iiab_usb_lib_show_all: True -# Set umask=0000 for VFAT, NTFS and exFAT in /etc/usbmount/usbmount.conf so -# Kolibri, upload2usb, and other apps can export & import channels to USB sticks/drive: +# Set umask=0000 for VFAT, NTFS and exFAT in /etc/usbmount/usbmount.conf for +# Kolibri exports, and student uploads to teacher's USB stick (http://box/usb) # usb_lib_writable_sticks: True # All above are set in: github.com/iiab/iiab/blob/master/vars/default_vars.yml diff --git a/roles/usb_lib/tasks/main.yml b/roles/usb_lib/tasks/main.yml index 52d192da8..ab6f0f19e 100644 --- a/roles/usb_lib/tasks/main.yml +++ b/roles/usb_lib/tasks/main.yml @@ -32,7 +32,7 @@ # If setup.yml becomes the norm in future, put the 2-3 stanzas below in there: -- name: "Set 'umask=0000' for {VFAT/FAT32, NTFS, exFAT} using var FS_MOUNTOPTIONS in /etc/usbmount/usbmount.conf, so Kolibri, upload2usb, and other app exports work" +- name: "Set 'umask=0000' for {VFAT/FAT32, NTFS, exFAT} using var FS_MOUNTOPTIONS in /etc/usbmount/usbmount.conf -- for Kolibri exports AND student uploads to teacher's USB stick (using http://box/usb)" lineinfile: regexp: '^FS_MOUNTOPTIONS=.*' line: 'FS_MOUNTOPTIONS="-fstype=vfat,umask=0000 -fstype=ntfs,umask=0000 -fstype=exfat,umask=0000"' @@ -41,7 +41,7 @@ # Setting 'umask=0000' for all filesystems: (much the same thing as above, as # the mount command does not use this umask setting for filesystems like ext4) -#- name: "Add ',umask=0000' to MOUNTOPTIONS var in /etc/usbmount/usbmount.conf, so Kolibri, upload2usb, and other app exports work" +#- name: "Add ',umask=0000' to MOUNTOPTIONS var in /etc/usbmount/usbmount.conf, so Kolibri exports work" # lineinfile: # regexp: '^MOUNTOPTIONS=.*' # line: 'MOUNTOPTIONS="sync,noexec,nodev,noatime,nodiratime,umask=0000"' diff --git a/vars/default_vars.yml b/vars/default_vars.yml index 11ed238a7..a45384e1e 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -307,10 +307,8 @@ bluetooth_term_enabled: False # USB_LIB usb_lib_install: True usb_lib_enabled: True -# Show entire contents of USB sticks/drives (at http://box/usb) -iiab_usb_lib_show_all: True -# Set umask=0000 for VFAT, NTFS and exFAT in /etc/usbmount/usbmount.conf so -# Kolibri, upload2usb, and other apps can export & import channels to USB sticks/drive: +# Set umask=0000 for VFAT, NTFS and exFAT in /etc/usbmount/usbmount.conf for +# Kolibri exports, and student uploads to teacher's USB stick (http://box/usb) usb_lib_writable_sticks: True systemd_location: /lib/systemd/system # 2-common iiab-startup also uses diff --git a/vars/local_vars_large.yml b/vars/local_vars_large.yml index 91b744051..7228bb506 100644 --- a/vars/local_vars_large.yml +++ b/vars/local_vars_large.yml @@ -192,10 +192,8 @@ bluetooth_install: True bluetooth_enabled: False bluetooth_term_enabled: False -# Show entire contents of USB sticks/drives (at http://box/usb) -iiab_usb_lib_show_all: True -# Set umask=0000 for VFAT, NTFS and exFAT in /etc/usbmount/usbmount.conf so -# Kolibri, upload2usb, and other apps can export & import channels to USB sticks/drive: +# Set umask=0000 for VFAT, NTFS and exFAT in /etc/usbmount/usbmount.conf for +# Kolibri exports, and student uploads to teacher's USB stick (http://box/usb) usb_lib_writable_sticks: True # Common UNIX Printing System (CUPS) diff --git a/vars/local_vars_medium.yml b/vars/local_vars_medium.yml index f55dd8ce8..153401d26 100644 --- a/vars/local_vars_medium.yml +++ b/vars/local_vars_medium.yml @@ -192,10 +192,8 @@ bluetooth_install: True bluetooth_enabled: False bluetooth_term_enabled: False -# Show entire contents of USB sticks/drives (at http://box/usb) -iiab_usb_lib_show_all: True -# Set umask=0000 for VFAT, NTFS and exFAT in /etc/usbmount/usbmount.conf so -# Kolibri, upload2usb, and other apps can export & import channels to USB sticks/drive: +# Set umask=0000 for VFAT, NTFS and exFAT in /etc/usbmount/usbmount.conf for +# Kolibri exports, and student uploads to teacher's USB stick (http://box/usb) usb_lib_writable_sticks: True # Common UNIX Printing System (CUPS) diff --git a/vars/local_vars_small.yml b/vars/local_vars_small.yml index 5cfa34bec..b17fcc9ae 100644 --- a/vars/local_vars_small.yml +++ b/vars/local_vars_small.yml @@ -192,10 +192,8 @@ bluetooth_install: True bluetooth_enabled: False bluetooth_term_enabled: False -# Show entire contents of USB sticks/drives (at http://box/usb) -iiab_usb_lib_show_all: True -# Set umask=0000 for VFAT, NTFS and exFAT in /etc/usbmount/usbmount.conf so -# Kolibri, upload2usb, and other apps can export & import channels to USB sticks/drive: +# Set umask=0000 for VFAT, NTFS and exFAT in /etc/usbmount/usbmount.conf for +# Kolibri exports, and student uploads to teacher's USB stick (http://box/usb) usb_lib_writable_sticks: True # Common UNIX Printing System (CUPS) diff --git a/vars/local_vars_unittest.yml b/vars/local_vars_unittest.yml index 89accf217..840d0d9b8 100644 --- a/vars/local_vars_unittest.yml +++ b/vars/local_vars_unittest.yml @@ -198,10 +198,8 @@ bluetooth_install: False bluetooth_enabled: False bluetooth_term_enabled: False -# Show entire contents of USB sticks/drives (at http://box/usb) -iiab_usb_lib_show_all: True -# Set umask=0000 for VFAT, NTFS and exFAT in /etc/usbmount/usbmount.conf so -# Kolibri can export & import channels to USB sticks/drive: +# Set umask=0000 for VFAT, NTFS and exFAT in /etc/usbmount/usbmount.conf for +# Kolibri exports, and student uploads to teacher's USB stick (http://box/usb) usb_lib_writable_sticks: True # Common UNIX Printing System (CUPS) From d15493b399553f519a55beed5d11848e8907af83 Mon Sep 17 00:00:00 2001 From: root Date: Sat, 25 Jan 2025 15:47:56 -0500 Subject: [PATCH 060/148] Begin to remove iiab_usb_lib_show_all and IIAB_USB_LIB_SHOW_ALL --- roles/usb_lib/defaults/main.yml | 3 --- roles/usb_lib/tasks/main.yml | 6 ------ 2 files changed, 9 deletions(-) diff --git a/roles/usb_lib/defaults/main.yml b/roles/usb_lib/defaults/main.yml index 427a26ea7..f7cbf10b6 100644 --- a/roles/usb_lib/defaults/main.yml +++ b/roles/usb_lib/defaults/main.yml @@ -1,9 +1,6 @@ # usb_lib_install: True # usb_lib_enabled: True -# Show entire contents of USB sticks/drives (at http://box/usb) -# iiab_usb_lib_show_all: True - # Set umask=0000 for VFAT, NTFS and exFAT in /etc/usbmount/usbmount.conf for # Kolibri exports, and student uploads to teacher's USB stick (http://box/usb) # usb_lib_writable_sticks: True diff --git a/roles/usb_lib/tasks/main.yml b/roles/usb_lib/tasks/main.yml index ab6f0f19e..023b714a7 100644 --- a/roles/usb_lib/tasks/main.yml +++ b/roles/usb_lib/tasks/main.yml @@ -66,12 +66,6 @@ path: /etc/usbmount/mount.d/00_create_model_symlink state: absent -- name: Put variable in iiab.env that enables display of content at root of USB - lineinfile: - path: "{{ iiab_env_file }}" - regexp: "^IIAB_USB_LIB_SHOW_ALL.*" - line: "IIAB_USB_LIB_SHOW_ALL={{ iiab_usb_lib_show_all }}" - - name: Add 'usb_lib' variable values to {{ iiab_ini_file }} ini_file: From 6562a4a12d4067858b962802aaad696af5fd8e41 Mon Sep 17 00:00:00 2001 From: avni Date: Sat, 25 Jan 2025 16:02:01 -0500 Subject: [PATCH 061/148] 70-usb-library.j2: remove blank at EOF Co-authored-by: A Holt --- roles/usb_lib/templates/mount.d/70-usb-library.j2 | 1 - 1 file changed, 1 deletion(-) diff --git a/roles/usb_lib/templates/mount.d/70-usb-library.j2 b/roles/usb_lib/templates/mount.d/70-usb-library.j2 index d124e79c0..7e52c0329 100644 --- a/roles/usb_lib/templates/mount.d/70-usb-library.j2 +++ b/roles/usb_lib/templates/mount.d/70-usb-library.j2 @@ -42,4 +42,3 @@ CONTENT_LINK_USB=`basename $UM_MOUNTPOINT | awk '{print toupper($0)}'` CONTENT_LINK="{{ doc_root }}/local_content/$CONTENT_LINK_USB" logger -p user.notice -t "usb_lib (70-usb-library)" -- "Creating link from $SHARE_DIR to $CONTENT_LINK" ln -s $SHARE_DIR $CONTENT_LINK - From 13f5227824fd15bd4ed95e08f1d48b7a9de495e4 Mon Sep 17 00:00:00 2001 From: avni Date: Sat, 25 Jan 2025 22:39:00 +0100 Subject: [PATCH 062/148] vars/local_vars*, vars/default_vars.yml, roles/usb_lib/tasks/main.yml: reverting comment of iiab_usb_lib_show_all --- roles/usb_lib/tasks/main.yml | 11 +++++------ vars/default_vars.yml | 3 +-- vars/local_vars_large.yml | 3 +-- vars/local_vars_medium.yml | 3 +-- vars/local_vars_small.yml | 3 +-- vars/local_vars_unittest.yml | 3 +-- 6 files changed, 10 insertions(+), 16 deletions(-) diff --git a/roles/usb_lib/tasks/main.yml b/roles/usb_lib/tasks/main.yml index af9d22790..7836f2d3a 100644 --- a/roles/usb_lib/tasks/main.yml +++ b/roles/usb_lib/tasks/main.yml @@ -66,12 +66,11 @@ path: /etc/usbmount/mount.d/00_create_model_symlink state: absent -# 20250125: using existence of PUBLIC folder on USB stick in lieu of this env variable. -#- name: Put variable in iiab.env that enables display of content at root of USB -# lineinfile: -# path: "{{ iiab_env_file }}" -# regexp: "^IIAB_USB_LIB_SHOW_ALL.*" -# line: "IIAB_USB_LIB_SHOW_ALL={{ iiab_usb_lib_show_all }}" +- name: Put variable in iiab.env that enables display of content at root of USB + lineinfile: + path: "{{ iiab_env_file }}" + regexp: "^IIAB_USB_LIB_SHOW_ALL.*" + line: "IIAB_USB_LIB_SHOW_ALL={{ iiab_usb_lib_show_all }}" - name: Add 'usb_lib' variable values to {{ iiab_ini_file }} diff --git a/vars/default_vars.yml b/vars/default_vars.yml index c42a4ca99..4494cbd72 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -308,8 +308,7 @@ bluetooth_term_enabled: False usb_lib_install: True usb_lib_enabled: True # Show entire contents of USB sticks/drives (at http://box/usb) -# 20250125: using existence of PUBLIC folder on USB stick in lieu of this env variable. -# iiab_usb_lib_show_all: True +iiab_usb_lib_show_all: True # Set umask=0000 for VFAT, NTFS and exFAT in /etc/usbmount/usbmount.conf so # Kolibri can export & import channels to USB sticks/drive: usb_lib_umask0000_for_kolibri: True diff --git a/vars/local_vars_large.yml b/vars/local_vars_large.yml index c84b30736..920cf7ba1 100644 --- a/vars/local_vars_large.yml +++ b/vars/local_vars_large.yml @@ -193,8 +193,7 @@ bluetooth_enabled: False bluetooth_term_enabled: False # Show entire contents of USB sticks/drives (at http://box/usb) -# 20250125: using existence of PUBLIC folder on USB stick in lieu of this env variable. -# iiab_usb_lib_show_all: True +iiab_usb_lib_show_all: True # Set umask=0000 for VFAT, NTFS and exFAT in /etc/usbmount/usbmount.conf so # Kolibri can export & import channels to USB sticks/drive: usb_lib_umask0000_for_kolibri: True diff --git a/vars/local_vars_medium.yml b/vars/local_vars_medium.yml index ff46f8a9b..a554dc34b 100644 --- a/vars/local_vars_medium.yml +++ b/vars/local_vars_medium.yml @@ -193,8 +193,7 @@ bluetooth_enabled: False bluetooth_term_enabled: False # Show entire contents of USB sticks/drives (at http://box/usb) -# 20250125: using existence of PUBLIC folder on USB stick in lieu of this env variable. -# iiab_usb_lib_show_all: True +iiab_usb_lib_show_all: True # Set umask=0000 for VFAT, NTFS and exFAT in /etc/usbmount/usbmount.conf so # Kolibri can export & import channels to USB sticks/drive: usb_lib_umask0000_for_kolibri: True diff --git a/vars/local_vars_small.yml b/vars/local_vars_small.yml index 1190ec377..8689b3ae9 100644 --- a/vars/local_vars_small.yml +++ b/vars/local_vars_small.yml @@ -193,8 +193,7 @@ bluetooth_enabled: False bluetooth_term_enabled: False # Show entire contents of USB sticks/drives (at http://box/usb) -# 20250125: using existence of PUBLIC folder on USB stick in lieu of this env variable. -# iiab_usb_lib_show_all: True +iiab_usb_lib_show_all: True # Set umask=0000 for VFAT, NTFS and exFAT in /etc/usbmount/usbmount.conf so # Kolibri can export & import channels to USB sticks/drive: usb_lib_umask0000_for_kolibri: True diff --git a/vars/local_vars_unittest.yml b/vars/local_vars_unittest.yml index 744148cc0..30720a49e 100644 --- a/vars/local_vars_unittest.yml +++ b/vars/local_vars_unittest.yml @@ -199,8 +199,7 @@ bluetooth_enabled: False bluetooth_term_enabled: False # Show entire contents of USB sticks/drives (at http://box/usb) -# 20250125: using existence of PUBLIC folder on USB stick in lieu of this env variable. -# iiab_usb_lib_show_all: True +iiab_usb_lib_show_all: True # Set umask=0000 for VFAT, NTFS and exFAT in /etc/usbmount/usbmount.conf so # Kolibri can export & import channels to USB sticks/drive: usb_lib_umask0000_for_kolibri: True From f9538a48340fe97ee373dd30418eeec2cdc132b5 Mon Sep 17 00:00:00 2001 From: avni Date: Sat, 25 Jan 2025 17:04:46 -0500 Subject: [PATCH 063/148] mount.d/70-usb-library.j2: move lib/root/boot check above check for PUBLIC dir Co-authored-by: A Holt --- .../templates/mount.d/70-usb-library.j2 | 23 ++++++++++--------- 1 file changed, 12 insertions(+), 11 deletions(-) diff --git a/roles/usb_lib/templates/mount.d/70-usb-library.j2 b/roles/usb_lib/templates/mount.d/70-usb-library.j2 index 7e52c0329..f0d41f22d 100644 --- a/roles/usb_lib/templates/mount.d/70-usb-library.j2 +++ b/roles/usb_lib/templates/mount.d/70-usb-library.j2 @@ -12,18 +12,11 @@ VERBOSE=yes # UM_MOUNTPOINT and UM_DEVICE are documented at: https://github.com/rbrito/usbmount#hook-scripts -SHARE_DIR=$UM_MOUNTPOINT -if [ -d $UM_MOUNTPOINT/PUBLIC ]; then - SHARE_DIR="$UM_MOUNTPOINT/PUBLIC" - logger -p user.notice -t "usb_lib (70-usb-library)" -- "Found /PUBLIC on $UM_MOUNTPOINT" -else - logger -p user.notice -t "usb_lib (70-usb-library)" -- "Did not find /PUBLIC on $UM_MOUNTPOINT" -fi -LIB_DEV=`findmnt /library | grep / | awk '{print $2}' | awk -F '[' '{print $1}'` -ROOT_DEV=`findmnt / | grep / | awk '{print $2}'` -BOOT_DEV=`findmnt /boot | grep / | awk '{print $2}'` -BOOTFW_DEV=`findmnt /boot/firmware | grep / | awk '{print $2}'` +LIB_DEV=$(findmnt -no source /library | cut -d '[' -f 1) +ROOT_DEV=$(findmnt -no source /) +BOOT_DEV=$(findmnt -no source /boot) +BOOTFW_DEV=$(findmnt -no source /boot/firmware) if [ "$UM_DEVICE" == "$LIB_DEV" ]; then logger -p user.notice -t "usb_lib (70-usb-library)" -- "Skipping $UM_MOUNTPOINT containing /library" exit @@ -38,6 +31,14 @@ elif [ "$UM_DEVICE" == "$BOOTFW_DEV" ]; then exit fi +if [ -d $UM_MOUNTPOINT/PUBLIC ]; then + SHARE_DIR=$UM_MOUNTPOINT/PUBLIC + logger -p user.notice -t "usb_lib (70-usb-library)" -- "Found /PUBLIC on $UM_MOUNTPOINT" +else + SHARE_DIR=$UM_MOUNTPOINT + logger -p user.notice -t "usb_lib (70-usb-library)" -- "Did not find /PUBLIC on $UM_MOUNTPOINT" +fi + CONTENT_LINK_USB=`basename $UM_MOUNTPOINT | awk '{print toupper($0)}'` CONTENT_LINK="{{ doc_root }}/local_content/$CONTENT_LINK_USB" logger -p user.notice -t "usb_lib (70-usb-library)" -- "Creating link from $SHARE_DIR to $CONTENT_LINK" From 18c5fe711d147fff379d5823e03698117e4838d4 Mon Sep 17 00:00:00 2001 From: avni Date: Sat, 25 Jan 2025 17:30:14 -0500 Subject: [PATCH 064/148] Update roles/usb_lib/templates/mount.d/70-usb-library.j2 Add thanks and reference to PR #3254 Co-authored-by: A Holt --- roles/usb_lib/templates/mount.d/70-usb-library.j2 | 2 ++ 1 file changed, 2 insertions(+) diff --git a/roles/usb_lib/templates/mount.d/70-usb-library.j2 b/roles/usb_lib/templates/mount.d/70-usb-library.j2 index f0d41f22d..6e167656c 100644 --- a/roles/usb_lib/templates/mount.d/70-usb-library.j2 +++ b/roles/usb_lib/templates/mount.d/70-usb-library.j2 @@ -13,6 +13,8 @@ VERBOSE=yes # UM_MOUNTPOINT and UM_DEVICE are documented at: https://github.com/rbrito/usbmount#hook-scripts +# 2022-06-16 better security thanks to @tim-moody and @jvonau: +# https://github.com/iiab/iiab/pull/3254 LIB_DEV=$(findmnt -no source /library | cut -d '[' -f 1) ROOT_DEV=$(findmnt -no source /) BOOT_DEV=$(findmnt -no source /boot) From 64756b6772d64ae7465ad292b2cde93f068a647e Mon Sep 17 00:00:00 2001 From: avni Date: Sat, 25 Jan 2025 17:35:43 -0500 Subject: [PATCH 065/148] Update roles/usb_lib/templates/mount.d/70-usb-library.j2 Add thanks and reference to PR #3254 Co-authored-by: A Holt --- roles/usb_lib/templates/mount.d/70-usb-library.j2 | 2 ++ 1 file changed, 2 insertions(+) diff --git a/roles/usb_lib/templates/mount.d/70-usb-library.j2 b/roles/usb_lib/templates/mount.d/70-usb-library.j2 index 6e167656c..2d77abceb 100644 --- a/roles/usb_lib/templates/mount.d/70-usb-library.j2 +++ b/roles/usb_lib/templates/mount.d/70-usb-library.j2 @@ -13,6 +13,8 @@ VERBOSE=yes # UM_MOUNTPOINT and UM_DEVICE are documented at: https://github.com/rbrito/usbmount#hook-scripts +# 2022-06-16 better security thanks to @tim-moody and @jvonau: +# https://github.com/iiab/iiab/pull/3254 # 2022-06-16 better security thanks to @tim-moody and @jvonau: # https://github.com/iiab/iiab/pull/3254 LIB_DEV=$(findmnt -no source /library | cut -d '[' -f 1) From 2462bba6f5ad2745bb56deb4d69487d5df3dceb2 Mon Sep 17 00:00:00 2001 From: avni Date: Sat, 25 Jan 2025 17:45:11 -0500 Subject: [PATCH 066/148] 70-usb-library.j2: Fix symlink from/to in comment Thank you! Co-authored-by: A Holt --- roles/usb_lib/templates/mount.d/70-usb-library.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/usb_lib/templates/mount.d/70-usb-library.j2 b/roles/usb_lib/templates/mount.d/70-usb-library.j2 index 2d77abceb..1c05f001c 100644 --- a/roles/usb_lib/templates/mount.d/70-usb-library.j2 +++ b/roles/usb_lib/templates/mount.d/70-usb-library.j2 @@ -45,5 +45,5 @@ fi CONTENT_LINK_USB=`basename $UM_MOUNTPOINT | awk '{print toupper($0)}'` CONTENT_LINK="{{ doc_root }}/local_content/$CONTENT_LINK_USB" -logger -p user.notice -t "usb_lib (70-usb-library)" -- "Creating link from $SHARE_DIR to $CONTENT_LINK" +logger -p user.notice -t "usb_lib (70-usb-library)" -- "Creating link from $CONTENT_LINK to $SHARE_DIR" ln -s $SHARE_DIR $CONTENT_LINK From 427dc57ed0b9563b52ae8d4c1b14649d769fe8bc Mon Sep 17 00:00:00 2001 From: avni Date: Sat, 25 Jan 2025 17:45:54 -0500 Subject: [PATCH 067/148] 70-usb-library.j2: revert duplicate comment Revert duplicate comment Co-authored-by: A Holt --- roles/usb_lib/templates/mount.d/70-usb-library.j2 | 2 -- 1 file changed, 2 deletions(-) diff --git a/roles/usb_lib/templates/mount.d/70-usb-library.j2 b/roles/usb_lib/templates/mount.d/70-usb-library.j2 index 1c05f001c..850693a1c 100644 --- a/roles/usb_lib/templates/mount.d/70-usb-library.j2 +++ b/roles/usb_lib/templates/mount.d/70-usb-library.j2 @@ -13,8 +13,6 @@ VERBOSE=yes # UM_MOUNTPOINT and UM_DEVICE are documented at: https://github.com/rbrito/usbmount#hook-scripts -# 2022-06-16 better security thanks to @tim-moody and @jvonau: -# https://github.com/iiab/iiab/pull/3254 # 2022-06-16 better security thanks to @tim-moody and @jvonau: # https://github.com/iiab/iiab/pull/3254 LIB_DEV=$(findmnt -no source /library | cut -d '[' -f 1) From d0a00da60127fddb52aaa6715e9d6df09dcde8e8 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 25 Jan 2025 20:08:37 -0500 Subject: [PATCH 068/148] usb_lib/README.rst: Clarify usbmount supported filesystems line --- roles/usb_lib/README.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/usb_lib/README.rst b/roles/usb_lib/README.rst index 33d93e2dc..e51db625a 100644 --- a/roles/usb_lib/README.rst +++ b/roles/usb_lib/README.rst @@ -16,7 +16,7 @@ As of January 2025, automount is handled by usbmount: (`devmon included with ude Technical Details: -* USB sticks / drives must be formatted with one of the filesystems listed under "FILESYSTEMS=" at ``/etc/usbmount/usbmount.conf`` — these are specified on/around Line 100 of: `/opt/iiab/iiab/roles/usb_lib/tasks/install.yml `_ +* USB sticks / drives must be formatted with one of the filesystems listed under "FILESYSTEMS=" at ``/etc/usbmount/usbmount.conf`` — these are specified on/around Line 103 of: `/opt/iiab/iiab/roles/usb_lib/tasks/install.yml `_ * IIAB will generally mount USB sticks / drives 'rw' allowing root to both read and write to them. In addition, in March 2021 (`PR #2715 `_) Kolibri exports were enabled by also giving non-root users read and write access to VFAT/FAT32, NTFS and exFAT USB sticks, using ``umask=0000`` (in /etc/usbmount/usbmount.conf) to override the ``umask=0022`` default. This ``umask=0000`` is also required for students to upload to the teachers's VFAT/FAT32, NTFS and exFAT USB sticks, as introduced in January 2025 (`PR #3875 `_). If, however, you prefer to restore usbmount's default, set ``usb_lib_writable_sticks: False`` in `/etc/iiab/local_vars.yml `_ — please do this prior to installing IIAB — so you don't have to run: ``cd /opt/iiab/iiab ; ./runrole --reinstall usb_lib`` From 2401ff3d60aa2ee14c9c6f7deceb8dd287072c78 Mon Sep 17 00:00:00 2001 From: avni Date: Sat, 25 Jan 2025 20:49:12 -0500 Subject: [PATCH 069/148] 70-usb-library.j2: Add additional logging of lib/root/boot mount points Co-authored-by: A Holt --- roles/usb_lib/templates/mount.d/70-usb-library.j2 | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/roles/usb_lib/templates/mount.d/70-usb-library.j2 b/roles/usb_lib/templates/mount.d/70-usb-library.j2 index 850693a1c..7f63f3ea5 100644 --- a/roles/usb_lib/templates/mount.d/70-usb-library.j2 +++ b/roles/usb_lib/templates/mount.d/70-usb-library.j2 @@ -19,6 +19,12 @@ LIB_DEV=$(findmnt -no source /library | cut -d '[' -f 1) ROOT_DEV=$(findmnt -no source /) BOOT_DEV=$(findmnt -no source /boot) BOOTFW_DEV=$(findmnt -no source /boot/firmware) +# Verbose logging to illuminate occasional boot bugginess: +logger -t "usb_lib (70-usb-library)" "UM_DEVICE is: $UM_DEVICE" +logger -t "usb_lib (70-usb-library)" "LIB_DEV is: $LIB_DEV" +logger -t "usb_lib (70-usb-library)" "ROOT_DEV is: $ROOT_DEV" +logger -t "usb_lib (70-usb-library)" "BOOT_DEV is: $BOOT_DEV" +logger -t "usb_lib (70-usb-library)" "BOOTFW_DEV is: $BOOTFW_DEV" if [ "$UM_DEVICE" == "$LIB_DEV" ]; then logger -p user.notice -t "usb_lib (70-usb-library)" -- "Skipping $UM_MOUNTPOINT containing /library" exit From cd160da6799c7bc425e2088d94285c75b8e98246 Mon Sep 17 00:00:00 2001 From: avni Date: Sat, 25 Jan 2025 20:52:04 -0500 Subject: [PATCH 070/148] 70-usb-library.j2: syntax change to CONTENT_LINK_USB var Co-authored-by: A Holt --- roles/usb_lib/templates/mount.d/70-usb-library.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/usb_lib/templates/mount.d/70-usb-library.j2 b/roles/usb_lib/templates/mount.d/70-usb-library.j2 index 7f63f3ea5..3f29c7f45 100644 --- a/roles/usb_lib/templates/mount.d/70-usb-library.j2 +++ b/roles/usb_lib/templates/mount.d/70-usb-library.j2 @@ -47,7 +47,7 @@ else logger -p user.notice -t "usb_lib (70-usb-library)" -- "Did not find /PUBLIC on $UM_MOUNTPOINT" fi -CONTENT_LINK_USB=`basename $UM_MOUNTPOINT | awk '{print toupper($0)}'` +CONTENT_LINK_USB=$(basename $UM_MOUNTPOINT | awk '{print toupper($0)}') CONTENT_LINK="{{ doc_root }}/local_content/$CONTENT_LINK_USB" logger -p user.notice -t "usb_lib (70-usb-library)" -- "Creating link from $CONTENT_LINK to $SHARE_DIR" ln -s $SHARE_DIR $CONTENT_LINK From 425cbf494cf79c59c9518e341dc5cd86f3c19f59 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 25 Jan 2025 20:54:32 -0500 Subject: [PATCH 071/148] iiab-clean-usb.sh: $() instead of `` for command substitution --- roles/usb_lib/templates/iiab-clean-usb.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/usb_lib/templates/iiab-clean-usb.sh b/roles/usb_lib/templates/iiab-clean-usb.sh index 56d63292d..dcdf987d3 100644 --- a/roles/usb_lib/templates/iiab-clean-usb.sh +++ b/roles/usb_lib/templates/iiab-clean-usb.sh @@ -1,9 +1,9 @@ #!/bin/bash # Remove symlink in /library/content to automounted usb drive # -DEVICE=`echo $@ | sed -s 's|-|/|'` -MNT_POINT=`findmnt -n /$DEVICE | awk '{print $1}'` -CONTENT_LINK_USB=`basename $MNT_POINT | awk '{print toupper($0)}'` +DEVICE=$(echo $@ | sed -s 's|-|/|') +MNT_POINT=$(findmnt -n /$DEVICE | awk '{print $1}') +CONTENT_LINK_USB=$(basename $MNT_POINT | awk '{print toupper($0)}') CONTENT_LINK="/library/www/html/local_content/$CONTENT_LINK_USB" logger -p user.notice -t "usb_lib (iiab-clean-usb.sh)" -- "Attempting to remove link $CONTENT_LINK." From 27e286b8aeff45f9b564e9e72fa236bd47e4ab00 Mon Sep 17 00:00:00 2001 From: avni Date: Sat, 25 Jan 2025 20:55:13 -0500 Subject: [PATCH 072/148] 70-usb-library.j2: comm Co-authored-by: A Holt --- roles/usb_lib/templates/mount.d/70-usb-library.j2 | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/roles/usb_lib/templates/mount.d/70-usb-library.j2 b/roles/usb_lib/templates/mount.d/70-usb-library.j2 index 3f29c7f45..8b54568c6 100644 --- a/roles/usb_lib/templates/mount.d/70-usb-library.j2 +++ b/roles/usb_lib/templates/mount.d/70-usb-library.j2 @@ -9,7 +9,8 @@ # # by Tim Moody tim@timmoody.com -VERBOSE=yes +# Better to set this in /etc/usbmount/usbmount.conf +# VERBOSE=yes # UM_MOUNTPOINT and UM_DEVICE are documented at: https://github.com/rbrito/usbmount#hook-scripts From 920235d54ccbb5219898bc2bbf47712d5131c36e Mon Sep 17 00:00:00 2001 From: avni Date: Sun, 26 Jan 2025 04:41:10 +0100 Subject: [PATCH 073/148] 70-usb-library.j2: use findmnt instead of UM_DEVICE from usbmount to find device given the missing leading /; adding comment about public folder --- .../usb_lib/templates/mount.d/70-usb-library.j2 | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/roles/usb_lib/templates/mount.d/70-usb-library.j2 b/roles/usb_lib/templates/mount.d/70-usb-library.j2 index 8b54568c6..164d66598 100644 --- a/roles/usb_lib/templates/mount.d/70-usb-library.j2 +++ b/roles/usb_lib/templates/mount.d/70-usb-library.j2 @@ -12,7 +12,8 @@ # Better to set this in /etc/usbmount/usbmount.conf # VERBOSE=yes -# UM_MOUNTPOINT and UM_DEVICE are documented at: https://github.com/rbrito/usbmount#hook-scripts +# UM_MOUNTPOINT is documented at: https://github.com/rbrito/usbmount#hook-scripts +UM_DEV=$(findmnt -no source $UM_MOUNTPOINT) # 2022-06-16 better security thanks to @tim-moody and @jvonau: # https://github.com/iiab/iiab/pull/3254 @@ -20,26 +21,29 @@ LIB_DEV=$(findmnt -no source /library | cut -d '[' -f 1) ROOT_DEV=$(findmnt -no source /) BOOT_DEV=$(findmnt -no source /boot) BOOTFW_DEV=$(findmnt -no source /boot/firmware) + # Verbose logging to illuminate occasional boot bugginess: -logger -t "usb_lib (70-usb-library)" "UM_DEVICE is: $UM_DEVICE" +logger -t "usb_lib (70-usb-library)" "UM_DEV is: $UM_DEV" logger -t "usb_lib (70-usb-library)" "LIB_DEV is: $LIB_DEV" logger -t "usb_lib (70-usb-library)" "ROOT_DEV is: $ROOT_DEV" logger -t "usb_lib (70-usb-library)" "BOOT_DEV is: $BOOT_DEV" logger -t "usb_lib (70-usb-library)" "BOOTFW_DEV is: $BOOTFW_DEV" -if [ "$UM_DEVICE" == "$LIB_DEV" ]; then + +if [ "$UM_DEV" == "$LIB_DEV" ]; then logger -p user.notice -t "usb_lib (70-usb-library)" -- "Skipping $UM_MOUNTPOINT containing /library" exit -elif [ "$UM_DEVICE" == "$ROOT_DEV" ]; then +elif [ "$UM_DEV" == "$ROOT_DEV" ]; then logger -p user.notice -t "usb_lib (70-usb-library)" -- "Skipping $UM_MOUNTPOINT containing rootfs" exit -elif [ "$UM_DEVICE" == "$BOOT_DEV" ]; then +elif [ "$UM_DEV" == "$BOOT_DEV" ]; then logger -p user.notice -t "usb_lib (70-usb-library)" -- "Skipping $UM_MOUNTPOINT containing /boot" exit -elif [ "$UM_DEVICE" == "$BOOTFW_DEV" ]; then +elif [ "$UM_DEV" == "$BOOTFW_DEV" ]; then logger -p user.notice -t "usb_lib (70-usb-library)" -- "Skipping $UM_MOUNTPOINT containing /boot/firmware" exit fi +# 2025-01-25: check for existence of PUBLIC folder on USB stick to determine if all stick content is public or private if [ -d $UM_MOUNTPOINT/PUBLIC ]; then SHARE_DIR=$UM_MOUNTPOINT/PUBLIC logger -p user.notice -t "usb_lib (70-usb-library)" -- "Found /PUBLIC on $UM_MOUNTPOINT" From 5663a84d276c26ea1b8644133b9f9e0bd3bc69cb Mon Sep 17 00:00:00 2001 From: avni Date: Sat, 25 Jan 2025 23:57:27 -0500 Subject: [PATCH 074/148] 70-usb-library.j2: update comment explaining PUBLIC folder better (from @holta) Co-authored-by: A Holt --- roles/usb_lib/templates/mount.d/70-usb-library.j2 | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/roles/usb_lib/templates/mount.d/70-usb-library.j2 b/roles/usb_lib/templates/mount.d/70-usb-library.j2 index 164d66598..803313f7e 100644 --- a/roles/usb_lib/templates/mount.d/70-usb-library.j2 +++ b/roles/usb_lib/templates/mount.d/70-usb-library.j2 @@ -43,7 +43,9 @@ elif [ "$UM_DEV" == "$BOOTFW_DEV" ]; then exit fi -# 2025-01-25: check for existence of PUBLIC folder on USB stick to determine if all stick content is public or private +# 2025-01-25: Check for existence of folder PUBLIC on USB stick: if found, the stick will not be completely browsable. +# Teachers can set their stick for 1 of 2 two "personalities" — students can either upload "confidential homework" or +# "public artwork" — as summarized here: https://github.com/iiab/iiab/blob/master/roles/usb_lib/README.rst if [ -d $UM_MOUNTPOINT/PUBLIC ]; then SHARE_DIR=$UM_MOUNTPOINT/PUBLIC logger -p user.notice -t "usb_lib (70-usb-library)" -- "Found /PUBLIC on $UM_MOUNTPOINT" From d4e66748f34f2932588ad14e31857658c47f01c0 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sun, 26 Jan 2025 00:42:32 -0500 Subject: [PATCH 075/148] usb_lib/install.yml: Clarify usb_lib_writable_sticks and umask=0000 --- roles/usb_lib/tasks/install.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/usb_lib/tasks/install.yml b/roles/usb_lib/tasks/install.yml index 4e40a99eb..2fb9bd2a6 100644 --- a/roles/usb_lib/tasks/install.yml +++ b/roles/usb_lib/tasks/install.yml @@ -7,8 +7,8 @@ # https://github.com/rbrito/usbmount/blob/master/README.md (2018-08-10) # https://github.com/rbrito/usbmount/blob/master/usbmount.conf (2010-04-25) -# usb_lib_writable_sticks (e.g., in /etc/iiab/local_vars.yml) must be set to true in order to be able to write to mounted USB sticks -# If you are still not able to write to a mounted USB stick, you can unmount the drive (sudo umount ) and then remount it setting umask to 0000 manually (sudo mount -o umask=0000 ). +# usb_lib_writable_sticks (e.g., in /etc/iiab/local_vars.yml) must be set to true in order for non-root users to be able to write to VFAT/FAT32, NTFS and exFAT USB sticks. +# If you are still not able to write to a mounted USB stick, try unmounting the drive (sudo umount ) and then remount it setting umask to 0000 manually (sudo mount -o umask=0000 ). - name: Record (initial) disk space used From cea4cac7f23f9a2edb673f46b5f78c8ffd7a1e3d Mon Sep 17 00:00:00 2001 From: A Holt Date: Sun, 26 Jan 2025 09:28:48 -0500 Subject: [PATCH 076/148] Clarify reset of FS_MOUNTOPTIONS in /etc/usbmount/usbmount.conf, if usb_lib_writable_sticks False --- roles/usb_lib/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/usb_lib/tasks/main.yml b/roles/usb_lib/tasks/main.yml index 023b714a7..fdd7a2751 100644 --- a/roles/usb_lib/tasks/main.yml +++ b/roles/usb_lib/tasks/main.yml @@ -48,7 +48,7 @@ # path: /etc/usbmount/usbmount.conf # when: usb_lib_writable_sticks -- name: 'Set FS_MOUNTOPTIONS="" in /etc/usbmount/usbmount.conf, e.g. if Kolibri will not be used' +- name: 'Set FS_MOUNTOPTIONS="" in /etc/usbmount/usbmount.conf -- e.g. Kolibri exports AND student uploads to teacher's USB stick are not needed' lineinfile: regexp: '^FS_MOUNTOPTIONS=.*' line: 'FS_MOUNTOPTIONS=""' # Restore apt pkg default, e.g. for runrole From 7812edfed0ce091cdf1ac99eeed73707fb29df90 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sun, 26 Jan 2025 09:32:49 -0500 Subject: [PATCH 077/148] Fix 2 typos (explanation of when: not usb_lib_writable_sticks) --- roles/usb_lib/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/usb_lib/tasks/main.yml b/roles/usb_lib/tasks/main.yml index fdd7a2751..4def69c4f 100644 --- a/roles/usb_lib/tasks/main.yml +++ b/roles/usb_lib/tasks/main.yml @@ -48,7 +48,7 @@ # path: /etc/usbmount/usbmount.conf # when: usb_lib_writable_sticks -- name: 'Set FS_MOUNTOPTIONS="" in /etc/usbmount/usbmount.conf -- e.g. Kolibri exports AND student uploads to teacher's USB stick are not needed' +- name: 'Set FS_MOUNTOPTIONS="" in /etc/usbmount/usbmount.conf -- e.g. if Kolibri exports AND student uploads to teacher USB stick are not needed' lineinfile: regexp: '^FS_MOUNTOPTIONS=.*' line: 'FS_MOUNTOPTIONS=""' # Restore apt pkg default, e.g. for runrole From 1795276b20694af9eb69d784570c775890add10c Mon Sep 17 00:00:00 2001 From: avni Date: Sun, 26 Jan 2025 16:36:43 +0100 Subject: [PATCH 078/148] upload/upload-file.php: fix var name bug and add better error handling --- roles/usb_lib/files/upload/upload-file.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/roles/usb_lib/files/upload/upload-file.php b/roles/usb_lib/files/upload/upload-file.php index a3c6e9674..8c81c731d 100644 --- a/roles/usb_lib/files/upload/upload-file.php +++ b/roles/usb_lib/files/upload/upload-file.php @@ -41,7 +41,8 @@ if ($upload_ok == 0) { if (move_uploaded_file($_FILES["uploaded_file"]["tmp_name"], $target_file)) { $upload_msg = "😊 ✅ Your file ". htmlspecialchars( $uploaded_filename ). " was successfully uploaded!"; } else { - $upload_msg = "❌ There was an error uploading your file. " . $_FILES["upload_file"]["error"] . $upload_msg; + $upload_ok = 0; + throw new RuntimeException('There was an error uploading your file.

'); } } From fb07b9e3e531915bc6f84c47092d63e7e2fd14a4 Mon Sep 17 00:00:00 2001 From: root Date: Sun, 26 Jan 2025 21:18:30 -0500 Subject: [PATCH 079/148] nginx/templates/iiab.conf.j2, usb_lib/files/upload/header.php, usb_lib/tasks/install.yml: move app out of local_content and into /library/www/html/ --- roles/nginx/templates/iiab.conf.j2 | 8 ++++---- roles/usb_lib/files/upload/button.html | 2 +- roles/usb_lib/tasks/install.yml | 8 ++++---- 3 files changed, 9 insertions(+), 9 deletions(-) diff --git a/roles/nginx/templates/iiab.conf.j2 b/roles/nginx/templates/iiab.conf.j2 index e3fdee774..20773967f 100644 --- a/roles/nginx/templates/iiab.conf.j2 +++ b/roles/nginx/templates/iiab.conf.j2 @@ -5,11 +5,11 @@ location / { location /usb { alias /library/www/html/local_content/; fancyindex on; # autoindex on; - add_before_body /usb/upload/button.html; + add_before_body /upload2usb/button.html; } -location ~ ^/usb/upload/(.*)\.php$ { - alias /library/www/html/local_content/upload/$1.php; +location ~ ^/upload2usb/(.*)\.php$ { + alias /library/www/html/upload2usb/$1.php; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header Host $host; @@ -23,7 +23,7 @@ location ~ ^/usb/upload/(.*)\.php$ { location /local_content/ { fancyindex on; # autoindex on; - add_before_body /usb/upload/button.html; + add_before_body /upload2usb/button.html; } location /info { diff --git a/roles/usb_lib/files/upload/button.html b/roles/usb_lib/files/upload/button.html index 658f74fb2..52cc493ce 100644 --- a/roles/usb_lib/files/upload/button.html +++ b/roles/usb_lib/files/upload/button.html @@ -16,4 +16,4 @@ color: #ddd; } -Upload to USB +Upload to USB diff --git a/roles/usb_lib/tasks/install.yml b/roles/usb_lib/tasks/install.yml index e435719dc..98606005f 100644 --- a/roles/usb_lib/tasks/install.yml +++ b/roles/usb_lib/tasks/install.yml @@ -79,18 +79,18 @@ - { src: 'iiab-usb_lib-show-all-off', dest: '/usr/bin/', mode: '0755' } - { src: 'iiab-clean-usb.sh', dest: '/usr/sbin/', mode: '0755' } -- name: '2025-01-05: Add upload2usb app (#3875) directory to local_content' +- name: '2025-01-05: Add upload2usb app (#3875) directory to doc_root' file: state: directory - path: "{{ doc_root }}/local_content/upload" + path: "{{ doc_root }}/upload2usb" owner: "{{ apache_user }}" group: "{{ apache_user }}" mode: 0755 -- name: '2025-01-05: Copy upload2usb app (#3875) files from files/upload/ to local_content' +- name: '2025-01-05: Copy upload2usb app (#3875) files from files/upload/ to upload2usb' copy: src: "{{ item }}" - dest: "{{ doc_root }}/local_content/upload" # /library/www/html + dest: "{{ doc_root }}/upload2usb" # /library/www/html with_fileglob: - upload/* From 48f4fc56f8bb2913746c00c861716ea81bd2bd1e Mon Sep 17 00:00:00 2001 From: root Date: Sun, 26 Jan 2025 21:20:12 -0500 Subject: [PATCH 080/148] usb_lib/files/upload/header.php: link swing image back to upload2usb main page --- roles/usb_lib/files/upload/header.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/usb_lib/files/upload/header.php b/roles/usb_lib/files/upload/header.php index 78592e86d..fc8218800 100644 --- a/roles/usb_lib/files/upload/header.php +++ b/roles/usb_lib/files/upload/header.php @@ -28,5 +28,5 @@ include("upload2usb.php");
- +

From c49c7b0d8d6f8b4c86161f1497894852e4df89e8 Mon Sep 17 00:00:00 2001 From: root Date: Sun, 26 Jan 2025 21:26:16 -0500 Subject: [PATCH 081/148] usb_lib/files/upload/upload2usb.php: allow zip files given some MacOS files, e.g., Pages files, have a mimetype of application/aip --- roles/usb_lib/files/upload/upload2usb.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/usb_lib/files/upload/upload2usb.php b/roles/usb_lib/files/upload/upload2usb.php index f2b3aa883..b1ce329fc 100644 --- a/roles/usb_lib/files/upload/upload2usb.php +++ b/roles/usb_lib/files/upload/upload2usb.php @@ -55,7 +55,7 @@ function getFileCount ($folder_path) { //check if file mimetype is acceptable for upload function isFileMimeTypeAcceptable ($file) { $mimetype = strtolower(mime_content_type($file)); - $invalid_mimetypes_str = array ("compress", "image/svg+xml", "octet", "text/xml", "xhtml+xml", "zip"); + $invalid_mimetypes_str = array ("compress", "image/svg+xml", "octet", "text/xml", "xhtml+xml"); foreach ($invalid_mimetypes_str as $invalid_mt_str) { if (str_contains($mimetype, $invalid_mt_str)) { error_log('UPLOAD2USB ERROR - MIMETYPE: ' . $mimetype); From 765d7854c3d9ab0c26f7d5c585065c834b28a2ac Mon Sep 17 00:00:00 2001 From: A Holt Date: Mon, 27 Jan 2025 15:45:34 -0500 Subject: [PATCH 082/148] Recommend ansible-core 2.18.2 --- scripts/ansible | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/ansible b/scripts/ansible index 968819464..c5ab3e074 100755 --- a/scripts/ansible +++ b/scripts/ansible @@ -7,8 +7,8 @@ # https://github.com/iiab/iiab/wiki/Technical-Contributors-Guide#female_detective-understanding-ansible APT_PATH=/usr/bin # Avoids problematic /usr/local/bin/apt on Linux Mint -CURR_VER=undefined # Ansible version you have installed, e.g. [core 2.18.1] -GOOD_VER=2.18.1 # Orig for 'yum install [rpm]' & XO laptops (pip install) +CURR_VER=undefined # Ansible version you have installed, e.g. [core 2.18.2] +GOOD_VER=2.18.2 # Orig for 'yum install [rpm]' & XO laptops (pip install) # 2021-06-22: The apt approach (with PPA source in /etc/apt/sources.list.d/ and # .gpg key etc) are commented out with ### below. Associated guidance/comments From 00d45099eada43798be62125ec497f05ded1f000 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Tue, 28 Jan 2025 11:23:29 -0600 Subject: [PATCH 083/148] 1520 --- roles/network/tasks/NM-debian.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/network/tasks/NM-debian.yml b/roles/network/tasks/NM-debian.yml index 9cb2cf1db..a0af7adcc 100644 --- a/roles/network/tasks/NM-debian.yml +++ b/roles/network/tasks/NM-debian.yml @@ -78,7 +78,7 @@ - name: Reload systemd systemd: daemon_reload: yes - when: not iiab_lan_iface == "br0" + when: not no_net_restart or not iiab_lan_iface == "br0" - name: Restart the NetworkManager service systemd: From 16b745d7341451482488bc19ae7be95ba93979fd Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 29 Jan 2025 00:42:08 -0500 Subject: [PATCH 084/148] iiab-diagnostics: 3 commands to record locale info --- scripts/iiab-diagnostics | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/scripts/iiab-diagnostics b/scripts/iiab-diagnostics index ca1ee4d67..51a7d6797 100755 --- a/scripts/iiab-diagnostics +++ b/scripts/iiab-diagnostics @@ -162,17 +162,20 @@ for f in "$@"; do done if [ $# -eq 0 ]; then - echo -e " 2. Regular Files:\n" + echo -e " 2. Regular Files etc:\n" else - echo -e "\n 2. Regular Files:\n" + echo -e "\n 2. Regular Files etc:\n" fi -echo -e "\n\n\n2. REGULAR FILES\n" >> $outfile +echo -e "\n\n\n2. REGULAR FILES ETC\n" >> $outfile #cat_file /dev/sda # Device "file" test #cat_file /nonsense # Non-existence test #cat_file /opt/iiab/iiab # Directory test #cat_file /tmp/empty-file # Empty file test #cat_file /usr/bin/iiab-support-on # Symlink test cat_file /.iiab-image +cat_file /etc/default/locale +cat_cmd 'localectl' 'Locale settings' +cat_cmd 'locale -a' 'Available locales' cat_file /etc/iiab/iiab.env cat_file /etc/iiab/iiab.ini cat_file /etc/iiab/local_vars.yml # Redacts most passwords above From 18efafc23e19aaedc6b273bc878749c12e772c76 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 29 Jan 2025 00:53:18 -0500 Subject: [PATCH 085/148] iiab-diagnostics.README.md: Update lines numbers --- scripts/iiab-diagnostics.README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/iiab-diagnostics.README.md b/scripts/iiab-diagnostics.README.md index f766e922e..d11c13720 100644 --- a/scripts/iiab-diagnostics.README.md +++ b/scripts/iiab-diagnostics.README.md @@ -66,4 +66,4 @@ But first off, the file is compiled by harvesting 1 + 6 kinds of things: ## Source Code -Please look over the bottom of [iiab-diagnostics](iiab-diagnostics) (lines 135-269 especially) to learn more about which common IIAB files and commands make this rapid troubleshooting possible. +Please look over the bottom of [iiab-diagnostics](iiab-diagnostics) (lines 135-272 especially) to learn more about which common IIAB files and commands make this rapid troubleshooting possible. From 957cf6976ae773a907c5849f150c74b14831dd3f Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 29 Jan 2025 01:20:22 -0500 Subject: [PATCH 086/148] PHP defaults TOO LOW, so run www_options/tasks/php-settings.yml every time --- roles/www_options/tasks/main.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/roles/www_options/tasks/main.yml b/roles/www_options/tasks/main.yml index 5795ea7e6..f157abb26 100644 --- a/roles/www_options/tasks/main.yml +++ b/roles/www_options/tasks/main.yml @@ -69,7 +69,8 @@ # WordPress) so './runrole ' and similar are fully self-sufficient! - name: "Run php-settings.yml -- allows post-install toggling of nginx_high_php_limits in /etc/iiab/local_vars.yml -- if you run './runrole www_options'" include_tasks: php-settings.yml - when: nginx_high_php_limits or matomo_install or moodle_install or nextcloud_install or pbx_install or wordpress_install + # 2025-01-29: PHP's own defaults (presumably from the 1990s?) were Way Too Low -- for usb-lib's upload2usb, and in general -- so let's run php-settings.yml every time! + # when: nginx_high_php_limits or matomo_install or moodle_install or nextcloud_install or pbx_install or wordpress_install # 'Is a "Rapid Power Off" button possible for low-electricity environments?' From 668d57cb977fada20e6535aa07e111c80faa27dd Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 29 Jan 2025 02:26:49 -0500 Subject: [PATCH 087/148] php-settings.yml; Fix typo in TZ explanation (PR #3927, GHA) --- roles/www_options/tasks/php-settings.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/www_options/tasks/php-settings.yml b/roles/www_options/tasks/php-settings.yml index 23c85d24b..de8326d67 100644 --- a/roles/www_options/tasks/php-settings.yml +++ b/roles/www_options/tasks/php-settings.yml @@ -21,7 +21,7 @@ # # This takes care of essentially everything (e.g. output "America/New_York") # by checking (1) symlink /etc/localtime then (2) text file /etc/timezone if -# nec, then (3) if neither exist, "UTC" is declated (correctly!) Potential +# nec, then (3) if neither exist, "UTC" is declared (correctly!) Potential # drawback: timedatectl is not easily usable within chroot environments. - name: Extract Time Zone from symlink /etc/localtime &/or text file /etc/timezone (or lack thereof!) From 4da759a84b9913a04186c97c4e30c73cbf4784a8 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 29 Jan 2025 03:43:03 -0500 Subject: [PATCH 088/148] php-settings.yml: Note lack of systemd on chroot GHA runners for RPi --- roles/www_options/tasks/php-settings.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/roles/www_options/tasks/php-settings.yml b/roles/www_options/tasks/php-settings.yml index de8326d67..adedee11b 100644 --- a/roles/www_options/tasks/php-settings.yml +++ b/roles/www_options/tasks/php-settings.yml @@ -24,6 +24,12 @@ # nec, then (3) if neither exist, "UTC" is declared (correctly!) Potential # drawback: timedatectl is not easily usable within chroot environments. +# 2025-01-29: Current GitHub Actions chroot environments for RPi (using guyot/arm-runner-action@v2) surface this error, after PR #3927 mainlined php-settings.yml... +# "System has not been booted with systemd as init system (PID 1). Can't operate.\nFailed to connect to bus: Host is down" +# ...which might be mitigated in 2 ways: +# 1) Try spawning these "guyot/arm-runner-action@v2" GHA workflows with... use_systemd_nspawn: true +# 2) Weaken timedatectl command just below, trying this instead... shell: readlink /etc/localtime | sed 's#^/usr/share/zoneinfo/##' + - name: Extract Time Zone from symlink /etc/localtime &/or text file /etc/timezone (or lack thereof!) command: timedatectl show -p Timezone --value register: tz_cli From 519daacc2af19bf3848c9f7926fec241400bbe85 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 29 Jan 2025 11:05:07 -0500 Subject: [PATCH 089/148] iiab-network: Run Ansible with --extra-vars "{\"skip_role_on_error\":false}" --- iiab-network | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/iiab-network b/iiab-network index 5dc831b8e..c888c27bf 100755 --- a/iiab-network +++ b/iiab-network @@ -42,7 +42,7 @@ fi echo "Ansible will now run iiab-network.yml -- log file is iiab-network.log" Start=`date` ansible -m setup -i ansible_hosts localhost --connection=local | grep python -ansible-playbook -i ansible_hosts iiab-network.yml --connection=local +ansible-playbook -i ansible_hosts iiab-network.yml --extra-vars "{\"skip_role_on_error\":false}" --connection=local End=`date` From 4e7541fc1ea055487faac67336bcc04a05af79b6 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 29 Jan 2025 14:00:56 -0500 Subject: [PATCH 090/148] usb_lib/README.rst: Punctuation cleanup & link to PR #3916 WIP --- roles/usb_lib/README.rst | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/roles/usb_lib/README.rst b/roles/usb_lib/README.rst index e51db625a..da2564f36 100644 --- a/roles/usb_lib/README.rst +++ b/roles/usb_lib/README.rst @@ -18,7 +18,7 @@ Technical Details: * USB sticks / drives must be formatted with one of the filesystems listed under "FILESYSTEMS=" at ``/etc/usbmount/usbmount.conf`` — these are specified on/around Line 103 of: `/opt/iiab/iiab/roles/usb_lib/tasks/install.yml `_ -* IIAB will generally mount USB sticks / drives 'rw' allowing root to both read and write to them. In addition, in March 2021 (`PR #2715 `_) Kolibri exports were enabled by also giving non-root users read and write access to VFAT/FAT32, NTFS and exFAT USB sticks, using ``umask=0000`` (in /etc/usbmount/usbmount.conf) to override the ``umask=0022`` default. This ``umask=0000`` is also required for students to upload to the teachers's VFAT/FAT32, NTFS and exFAT USB sticks, as introduced in January 2025 (`PR #3875 `_). If, however, you prefer to restore usbmount's default, set ``usb_lib_writable_sticks: False`` in `/etc/iiab/local_vars.yml `_ — please do this prior to installing IIAB — so you don't have to run: ``cd /opt/iiab/iiab ; ./runrole --reinstall usb_lib`` +* IIAB will generally mount USB sticks / drives 'rw' allowing root to both read and write to them. In addition, in March 2021 (`PR #2715 `_) Kolibri exports were enabled, by also giving non-root users read and write access to VFAT/FAT32, NTFS and exFAT USB sticks — using ``umask=0000`` (in /etc/usbmount/usbmount.conf) to override the ``umask=0022`` default. This ``umask=0000`` is also required for students to upload to the teachers's VFAT/FAT32, NTFS and exFAT USB sticks, as introduced in January 2025 (`PR #3875 `_). If, however, you prefer to restore usbmount's default, set ``usb_lib_writable_sticks: False`` in `/etc/iiab/local_vars.yml `_ — please do this prior to installing IIAB — so you don't have to run: ``cd /opt/iiab/iiab ; ./runrole --reinstall usb_lib`` * Official `usbmount 0.0.22 (2011-08-08) `_ documentation: @@ -27,3 +27,5 @@ Technical Details: * https://github.com/rbrito/usbmount/blob/master/usbmount.conf (2010-04-25) * Dev Notes at the top of: https://github.com/iiab/iiab/blob/master/roles/usb_lib/tasks/install.yml + + * January 2025 work to improve automount reliability during boot: `PR #3916 `_ From 6c5b4c35ecf7cf2601004f49aabf158de591c705 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Thu, 30 Jan 2025 12:24:44 -0600 Subject: [PATCH 091/148] delay hostapd to allow ap0 to stabilize --- roles/network/tasks/restart.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/roles/network/tasks/restart.yml b/roles/network/tasks/restart.yml index 5902f5d50..d5de9e27d 100644 --- a/roles/network/tasks/restart.yml +++ b/roles/network/tasks/restart.yml @@ -28,6 +28,10 @@ state: restarted when: wifi_up_down and can_be_ap and ansible_ap0 is undefined +- name: Waiting {{ hostapd_wait }} seconds for network to stabilize for ap0 + shell: sleep {{ hostapd_wait }} + when: ansible_ap0 is undefined + - name: Restart hostapd when WiFi is present but not when using WiFi as gateway systemd: name: hostapd From 57fa6bb08f6ba6a392351556a8c91eae9a8d64da Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Sat, 25 Jan 2025 14:53:50 -0600 Subject: [PATCH 092/148] Files from usbmount_0.0.22_all.deb --- roles/usb_lib/files/usbmount/copyright | 17 ++ roles/usb_lib/files/usbmount/usbmount | 210 +++++++++++++++++++++ roles/usb_lib/files/usbmount/usbmount.conf | 53 ++++++ roles/usb_lib/tasks/install.yml | 15 +- roles/usb_lib/templates/usbmount.rules.j2 | 6 +- 5 files changed, 295 insertions(+), 6 deletions(-) create mode 100644 roles/usb_lib/files/usbmount/copyright create mode 100644 roles/usb_lib/files/usbmount/usbmount create mode 100644 roles/usb_lib/files/usbmount/usbmount.conf diff --git a/roles/usb_lib/files/usbmount/copyright b/roles/usb_lib/files/usbmount/copyright new file mode 100644 index 000000000..75fae2dde --- /dev/null +++ b/roles/usb_lib/files/usbmount/copyright @@ -0,0 +1,17 @@ +Format: http://dep.debian.net/deps/dep5/ +Upstream-Name: usbmount +Upstream-Contact: Martin Dickopp , Rogério Brito +Source: git://git.debian.org/usbmount/usbmount.git + +Files: * +Copyright: 2004-2007, Martin Dickopp + 2008-2011, Rogério Brito +License: BSD-2 + This package is free software; the copyright holder gives unlimited + permission to copy and/or distribute it, with or without + modifications, as long as this notice is preserved. + . + This package is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY, to the extent permitted by law; without + even the implied warranty of MERCHANTABILITY or FITNESS FOR A + PARTICULAR PURPOSE. diff --git a/roles/usb_lib/files/usbmount/usbmount b/roles/usb_lib/files/usbmount/usbmount new file mode 100644 index 000000000..75f249ab6 --- /dev/null +++ b/roles/usb_lib/files/usbmount/usbmount @@ -0,0 +1,210 @@ +#!/bin/sh +# This script mounts USB mass storage devices when they are plugged in +# and unmounts them when they are removed. +# Copyright © 2004, 2005 Martin Dickopp +# Copyright © 2008, 2009, 2010 Rogério Theodoro de Brito +# +# This file is free software; the copyright holder gives unlimited +# permission to copy and/or distribute it, with or without +# modifications, as long as this notice is preserved. +# +# This file is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. +# +set -e +exec > /dev/null 2>&1 + +###################################################################### +# Auxiliary functions + +# Log a string via the syslog facility. +log() +{ + if [ $1 != debug ] || expr "$VERBOSE" : "[yY]" > /dev/null; then + logger -p user.$1 -t "usbmount[$$]" -- "$2" + fi +} + + +# Test if the first parameter is in the list given by the second +# parameter. +in_list() +{ + for v in $2; do + [ "$1" != "$v" ] || return 0 + done + return 1 +} + + +###################################################################### +# Main program + +# Default values for configuration variables. +ENABLED=1 +MOUNTPOINTS= +FILESYSTEMS= +MOUNTOPTIONS= +FS_MOUNTOPTIONS= +VERBOSE=no + +if [ -r /etc/usbmount/usbmount.conf ]; then + . /etc/usbmount/usbmount.conf + log debug "loaded usbmount configurations" +fi + +if [ "${ENABLED:-1}" -eq 0 ]; then + log info "usbmount is disabled, see /etc/usbmount/usbmount.conf" + exit 0 +fi + +if [ ! -x /sbin/blkid ]; then + log err "cannot execute /sbin/blkid" + exit 1 +fi + +# Per Policy 9.3.2, directories under /var/run have to be created +# after every reboot. +if [ ! -e /var/run/usbmount ]; then + mkdir -p /var/run/usbmount + log debug "creating /var/run/usbmount directory" +fi + +umask 022 + + +if [ "$1" = add ]; then + + # Acquire lock. + log debug "trying to acquire lock /var/run/usbmount/.mount.lock" + lockfile-create --retry 3 /var/run/usbmount/.mount || \ + { log err "cannot acquire lock /var/run/usbmount/.mount.lock"; exit 1; } + trap '( lockfile-remove /var/run/usbmount/.mount )' 0 + log debug "acquired lock /var/run/usbmount/.mount.lock" + + # Grab device information from device and "divide it" + # FIXME: improvement: implement mounting by label (notice that labels + # can contain spaces, which makes things a little bit less comfortable). + DEVINFO=$(/sbin/blkid -p $DEVNAME) + FSTYPE=$(echo "$DEVINFO" | sed 's/.*[[:blank:]]TYPE="\([^"]*\)".*/\1/g; s/[[:blank:]]*//g;') + UUID=$(echo "$DEVINFO" | sed 's/.*[[:blank:]]UUID="\([^"]*\)".*/\1/g; s/[[:blank:]]*//g;') + USAGE=$(echo "$DEVINFO" | sed 's/.*[[:blank:]]USAGE="\([^"]*\)".*/\1/g; s/[[:blank:]]*//g;') + + if ! echo $USAGE | egrep -q "(filesystem|disklabel)"; then + log info "$DEVNAME does not contain a filesystem or disklabel" + exit 1 + fi + + # Try to use specifications in /etc/fstab first. + if egrep -q "^[[:blank:]]*$DEVNAME" /etc/fstab; then + log info "executing command: mount $DEVNAME" + mount $DEVNAME || log err "mount by DEVNAME with $DEVNAME wasn't successful; return code $?" + + elif grep -q "^[[:blank:]]*UUID=$UUID" /etc/fstab; then + log info "executing command: mount -U $UUID" + mount -U $UUID || log err "mount by UUID with $UUID wasn't successful; return code $?" + + else + log debug "$DEVNAME contains filesystem type $FSTYPE" + + fstype=$FSTYPE + # Test if the filesystem type is in the list of filesystem + # types to mount. + if in_list "$fstype" "$FILESYSTEMS"; then + # Search an available mountpoint. + for v in $MOUNTPOINTS; do + if [ -d "$v" ] && ! grep -q "^[^ ][^ ]* *$v " /proc/mounts; then + mountpoint="$v" + log debug "mountpoint $mountpoint is available for $DEVNAME" + break + fi + done + if [ -n "$mountpoint" ]; then + # Determine mount options. + options= + for v in $FS_MOUNTOPTIONS; do + if expr "$v" : "-fstype=$fstype,."; then + options="$(echo "$v" | sed 's/^[^,]*,//')" + break + fi + done + if [ -n "$MOUNTOPTIONS" ]; then + options="$MOUNTOPTIONS${options:+,$options}" + fi + + # Mount the filesystem. + log info "executing command: mount -t$fstype ${options:+-o$options} $DEVNAME $mountpoint" + mount "-t$fstype" "${options:+-o$options}" "$DEVNAME" "$mountpoint" + + # Determine vendor and model. + vendor= + if [ -r "/sys$DEVPATH/device/vendor" ]; then + vendor="`cat \"/sys$DEVPATH/device/vendor\"`" + elif [ -r "/sys$DEVPATH/../device/vendor" ]; then + vendor="`cat \"/sys$DEVPATH/../device/vendor\"`" + elif [ -r "/sys$DEVPATH/device/../manufacturer" ]; then + vendor="`cat \"/sys$DEVPATH/device/../manufacturer\"`" + elif [ -r "/sys$DEVPATH/../device/../manufacturer" ]; then + vendor="`cat \"/sys$DEVPATH/../device/../manufacturer\"`" + fi + vendor="$(echo "$vendor" | sed 's/^[[:blank:]]\+//; s/[[:blank:]]\+$//')" + + model= + if [ -r "/sys$DEVPATH/device/model" ]; then + model="`cat \"/sys$DEVPATH/device/model\"`" + elif [ -r "/sys$DEVPATH/../device/model" ]; then + model="`cat \"/sys$DEVPATH/../device/model\"`" + elif [ -r "/sys$DEVPATH/device/../product" ]; then + model="`cat \"/sys$DEVPATH/device/../product\"`" + elif [ -r "/sys$DEVPATH/../device/../product" ]; then + model="`cat \"/sys$DEVPATH/../device/../product\"`" + fi + model="$(echo "$model" | sed 's/^[[:blank:]]\+//; s/[[:blank:]]\+$//')" + + # Run hook scripts; ignore errors. + export UM_DEVICE="$DEVNAME" + export UM_MOUNTPOINT="$mountpoint" + export UM_FILESYSTEM="$fstype" + export UM_MOUNTOPTIONS="$options" + export UM_VENDOR="$vendor" + export UM_MODEL="$model" + log info "executing command: run-parts /etc/usbmount/mount.d" + run-parts /etc/usbmount/mount.d || : + else + # No suitable mount point found. + log warning "no mountpoint found for $DEVNAME" + exit 1 + fi + fi + fi +elif [ "$1" = remove ]; then + + # A block or partition device has been removed. + # Test if it is mounted. + while read device mountpoint fstype remainder; do + if [ "$DEVNAME" = "$device" ]; then + # If the mountpoint and filesystem type are maintained by + # this script, unmount the filesystem. + if in_list "$mountpoint" "$MOUNTPOINTS" && + in_list "$fstype" "$FILESYSTEMS"; then + log info "executing command: umount -l $mountpoint" + umount -l "$mountpoint" + + # Run hook scripts; ignore errors. + export UM_DEVICE="$DEVNAME" + export UM_MOUNTPOINT="$mountpoint" + export UM_FILESYSTEM="$fstype" + log info "executing command: run-parts /etc/usbmount/umount.d" + run-parts /etc/usbmount/umount.d || : + fi + break + fi + done < /proc/mounts +else + log err "unexpected: action '$1'" + exit 1 +fi + +log debug "usbmount execution finished" diff --git a/roles/usb_lib/files/usbmount/usbmount.conf b/roles/usb_lib/files/usbmount/usbmount.conf new file mode 100644 index 000000000..97f7ccc20 --- /dev/null +++ b/roles/usb_lib/files/usbmount/usbmount.conf @@ -0,0 +1,53 @@ +# Configuration file for the usbmount package, which mounts removable +# storage devices when they are plugged in and unmounts them when they +# are removed. + +# Change to zero to disable usbmount +ENABLED=1 + +# Mountpoints: These directories are eligible as mointpoints for +# removable storage devices. A newly plugged in device is mounted on +# the first directory in this list that exists and on which nothing is +# mounted yet. +MOUNTPOINTS="/media/usb0 /media/usb1 /media/usb2 /media/usb3 + /media/usb4 /media/usb5 /media/usb6 /media/usb7" + +# Filesystem types: removable storage devices are only mounted if they +# contain a filesystem type which is in this list. +FILESYSTEMS="vfat ext2 ext3 ext4 hfsplus" + +############################################################################# +# WARNING! # +# # +# The "sync" option may not be a good choice to use with flash drives, as # +# it forces a greater amount of writing operating on the drive. This makes # +# the writing speed considerably lower and also leads to a faster wear out # +# of the disk. # +# # +# If you omit it, don't forget to use the command "sync" to synchronize the # +# data on your disk before removing the drive or you may experience data # +# loss. # +# # +# It is highly recommended that you use the pumount command (as a regular # +# user) before unplugging the device. It makes calling the "sync" command # +# and mounting with the sync option unnecessary---this is similar to other # +# operating system's "safely disconnect the device" option. # +############################################################################# +# Mount options: Options passed to the mount command with the -o flag. +# See the warning above regarding removing "sync" from the options. +MOUNTOPTIONS="sync,noexec,nodev,noatime,nodiratime" + +# Filesystem type specific mount options: This variable contains a space +# separated list of strings, each which the form "-fstype=TYPE,OPTIONS". +# +# If a filesystem with a type listed here is mounted, the corresponding +# options are appended to those specificed in the MOUNTOPTIONS variable. +# +# For example, "-fstype=vfat,gid=floppy,dmask=0007,fmask=0117" would add +# the options "gid=floppy,dmask=0007,fmask=0117" when a vfat filesystem +# is mounted. +FS_MOUNTOPTIONS="" + +# If set to "yes", more information will be logged via the syslog +# facility. +VERBOSE=no diff --git a/roles/usb_lib/tasks/install.yml b/roles/usb_lib/tasks/install.yml index ba8b3a164..d8a13e945 100644 --- a/roles/usb_lib/tasks/install.yml +++ b/roles/usb_lib/tasks/install.yml @@ -67,7 +67,18 @@ group: "{{ apache_user }}" # 2020-02-13: changed from iiab_admin_user, after discussion on weekly call (#1228, #2222) mode: 0775 -- name: 'Install from template: /etc/udev/rules.d/usbmount.rules, /etc/systemd/system/usbmount@.service, /usr/sbin/iiab-clean-usb.sh' +- name: Setup directories for usbmount + file: + path: "{{ item }}" + # owner: root + # group: root + # mode: '0755' + state: directory + with_items: + - /etc/usbmount/mount.d + - /etc/usbmount/umount.d + +- name: 'Install from template: /etc/udev/rules.d/usbmount.rules, /etc/systemd/system/usbmount@.service, /usr/bin/iiab-usb_lib-show-all-on, /usr/bin/iiab-usb_lib-show-all-off, /usr/sbin/iiab-clean-usb.sh' template: src: "{{ item.src }}" dest: "{{ item.dest }}" @@ -82,7 +93,7 @@ state: directory path: "{{ doc_root }}/upload2usb" owner: "{{ apache_user }}" - group: "{{ apache_user }}" + group: "{{ apache_user }}" mode: 0755 - name: '2025-01-05: Copy upload2usb app (#3875) files from files/upload/ into {{ doc_root }}/upload2usb/' diff --git a/roles/usb_lib/templates/usbmount.rules.j2 b/roles/usb_lib/templates/usbmount.rules.j2 index 564186c5a..939a31041 100644 --- a/roles/usb_lib/templates/usbmount.rules.j2 +++ b/roles/usb_lib/templates/usbmount.rules.j2 @@ -1,5 +1,3 @@ -KERNEL=="sd*", DRIVERS=="sbp2", ACTION=="add", PROGRAM="/bin/systemd-escape -p --template=usbmount@.service $env{DEVNAME}", ENV{SYSTEMD_WANTS}+="%c" -KERNEL=="sd*", SUBSYSTEMS=="usb", ACTION=="add", PROGRAM="/bin/systemd-escape -p --template=usbmount@.service $env{DEVNAME}", ENV{SYSTEMD_WANTS}+="%c" -KERNEL=="ub*", SUBSYSTEMS=="usb", ACTION=="add", PROGRAM="/bin/systemd-escape -p --template=usbmount@.service $env{DEVNAME}", ENV{SYSTEMD_WANTS}+="%c" -KERNEL=="sd*", SUBSYSTEMS=="usb", ACTION=="remove", PROGRAM="/usr/share/usbmount/usbmount remove" +ACTION=="add", SUBSYSTEMS=="usb", SUBSYSTEM=="block", ENV{ID_FS_USAGE}=="filesystem" PROGRAM="/bin/systemd-escape -p --template=usbmount@.service $env{DEVNAME}", ENV{SYSTEMD_WANTS}+="%c" +ACTION=="remove", SUBSYSTEMS=="usb", SUBSYSTEM=="block", ENV{ID_FS_USAGE}=="filesystem" PROGRAM="/bin/systemd-escape -p /usr/share/usbmount/usbmount remove" From 229a913ba4f370cc78bbbefa1abb4f61b8f8df79 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Sat, 25 Jan 2025 15:29:35 -0600 Subject: [PATCH 093/148] filesystems supported --- roles/usb_lib/files/usbmount/usbmount.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/usb_lib/files/usbmount/usbmount.conf b/roles/usb_lib/files/usbmount/usbmount.conf index 97f7ccc20..c92ced73d 100644 --- a/roles/usb_lib/files/usbmount/usbmount.conf +++ b/roles/usb_lib/files/usbmount/usbmount.conf @@ -14,7 +14,7 @@ MOUNTPOINTS="/media/usb0 /media/usb1 /media/usb2 /media/usb3 # Filesystem types: removable storage devices are only mounted if they # contain a filesystem type which is in this list. -FILESYSTEMS="vfat ext2 ext3 ext4 hfsplus" +FILESYSTEMS="vfat ext2 ext3 ext4 hfsplus exfat fuseblk ntfs" ############################################################################# # WARNING! # From 36485a109d167465f7f38b996d94749d8a661de0 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Sat, 25 Jan 2025 15:30:36 -0600 Subject: [PATCH 094/148] turn on debug --- roles/usb_lib/files/usbmount/usbmount.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/usb_lib/files/usbmount/usbmount.conf b/roles/usb_lib/files/usbmount/usbmount.conf index c92ced73d..7bd194873 100644 --- a/roles/usb_lib/files/usbmount/usbmount.conf +++ b/roles/usb_lib/files/usbmount/usbmount.conf @@ -50,4 +50,4 @@ FS_MOUNTOPTIONS="" # If set to "yes", more information will be logged via the syslog # facility. -VERBOSE=no +VERBOSE=yes From a5af8c89d4370a83891de10a647a128ea6a941a6 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Sat, 25 Jan 2025 15:36:56 -0600 Subject: [PATCH 095/148] move mkdir and copyright --- roles/usb_lib/files/usbmount/usbmount | 24 +++++++++++++----------- 1 file changed, 13 insertions(+), 11 deletions(-) diff --git a/roles/usb_lib/files/usbmount/usbmount b/roles/usb_lib/files/usbmount/usbmount index 75f249ab6..e144c46d3 100644 --- a/roles/usb_lib/files/usbmount/usbmount +++ b/roles/usb_lib/files/usbmount/usbmount @@ -3,6 +3,7 @@ # and unmounts them when they are removed. # Copyright © 2004, 2005 Martin Dickopp # Copyright © 2008, 2009, 2010 Rogério Theodoro de Brito +# Copyright © 2025, Jerry Vonau # # This file is free software; the copyright holder gives unlimited # permission to copy and/or distribute it, with or without @@ -12,7 +13,7 @@ # but WITHOUT ANY WARRANTY, to the extent permitted by law; without # even the implied warranty of MERCHANTABILITY or FITNESS FOR A # PARTICULAR PURPOSE. -# +# Add web link to copyright notice help in iiab on github set -e exec > /dev/null 2>&1 @@ -65,18 +66,19 @@ if [ ! -x /sbin/blkid ]; then exit 1 fi -# Per Policy 9.3.2, directories under /var/run have to be created -# after every reboot. -if [ ! -e /var/run/usbmount ]; then - mkdir -p /var/run/usbmount - log debug "creating /var/run/usbmount directory" -fi - -umask 022 - - if [ "$1" = add ]; then + # Per Policy 9.3.2, directories under /var/run have to be created + # after every reboot. + if [ ! -e /var/run/usbmount ]; then + mkdir -p /var/run/usbmount + log debug "creating /var/run/usbmount directory" + else + log debug "/var/run/usbmount exists" + fi + + umask 022 + # Acquire lock. log debug "trying to acquire lock /var/run/usbmount/.mount.lock" lockfile-create --retry 3 /var/run/usbmount/.mount || \ From f58ef267681da61f52eb3df0263802cc2934fa9b Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Sat, 25 Jan 2025 15:39:08 -0600 Subject: [PATCH 096/148] just exit to quite down systemd logging of umount failed on stuff we don't care about --- roles/usb_lib/files/usbmount/usbmount | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/usb_lib/files/usbmount/usbmount b/roles/usb_lib/files/usbmount/usbmount index e144c46d3..cd4d50ae6 100644 --- a/roles/usb_lib/files/usbmount/usbmount +++ b/roles/usb_lib/files/usbmount/usbmount @@ -96,7 +96,7 @@ if [ "$1" = add ]; then if ! echo $USAGE | egrep -q "(filesystem|disklabel)"; then log info "$DEVNAME does not contain a filesystem or disklabel" - exit 1 + exit fi # Try to use specifications in /etc/fstab first. From 60ca24d63a820d4e36b7b16853e3c451d7e5a93e Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Sat, 25 Jan 2025 16:37:22 -0600 Subject: [PATCH 097/148] replace deb with local files --- roles/usb_lib/tasks/install.yml | 36 +++++++++++++++++++++------------ 1 file changed, 23 insertions(+), 13 deletions(-) diff --git a/roles/usb_lib/tasks/install.yml b/roles/usb_lib/tasks/install.yml index d8a13e945..02e55b36b 100644 --- a/roles/usb_lib/tasks/install.yml +++ b/roles/usb_lib/tasks/install.yml @@ -47,10 +47,10 @@ when: udev_unit.stat.exists is defined and udev_unit.stat.exists # http://raspbian.raspberrypi.org/raspbian/pool/main/u/usbmount/usbmount_0.0.22_all.deb -- name: Install {{ iiab_download_url }}/usbmount_0.0.22_all.deb, no longer supported by {RasPiOS, Debian, Ubuntu} - apt: - deb: "{{ iiab_download_url }}/usbmount_0.0.22_all.deb" - # when: is_debian +#- name: Install {{ iiab_download_url }}/usbmount_0.0.22_all.deb, no longer supported by {RasPiOS, Debian, Ubuntu} +# apt: +# deb: "{{ iiab_download_url }}/usbmount_0.0.22_all.deb" +# # when: is_debian # check status of usbmount on mintlinux - should be ok Ubuntu variant # - name: Install usbmount from OS repo for Ubuntu variants @@ -73,11 +73,21 @@ # owner: root # group: root # mode: '0755' + mode: 0644 state: directory with_items: - /etc/usbmount/mount.d - /etc/usbmount/umount.d +- name: '2025-01-25: Copy files from files/usbmount to filesystem' + copy: + src: "{{ item.src }}" + dest: "{{ item.dest }}" + mode: "{{ item.mode }}" + with_items: + - { src: 'usbmount/usbmount.conf', dest: '/etc/usbmount/', mode: '0644' } + - { src: 'usbmount/usbmount', dest: '/usr/local/sbin/', mode: '0755' } + - name: 'Install from template: /etc/udev/rules.d/usbmount.rules, /etc/systemd/system/usbmount@.service, /usr/bin/iiab-usb_lib-show-all-on, /usr/bin/iiab-usb_lib-show-all-off, /usr/sbin/iiab-clean-usb.sh' template: src: "{{ item.src }}" @@ -106,16 +116,16 @@ # 2021-03-21: If usbmount is repackaged by apt as a result of Linux kernel 5.4+ # supporting exFAT, the stanza below (might) in future no longer be needed... # SEE ALSO: https://github.com/iiab/iiab/blob/586bfc5cb1abf6b4333a21d3fa89695f115432dc/roles/2-common/tasks/packages.yml#L11-L12 -- name: Add ' exfat fuseblk ntfs' to FILESYSTEMS var in /etc/usbmount/usbmount.conf - lineinfile: - regexp: '^FILESYSTEMS=.*' - line: 'FILESYSTEMS="vfat ext2 ext3 ext4 hfsplus exfat fuseblk ntfs"' - path: /etc/usbmount/usbmount.conf +#- name: Add ' exfat fuseblk ntfs' to FILESYSTEMS var in /etc/usbmount/usbmount.conf +# lineinfile: +# regexp: '^FILESYSTEMS=.*' +# line: 'FILESYSTEMS="vfat ext2 ext3 ext4 hfsplus exfat fuseblk ntfs"' +# path: /etc/usbmount/usbmount.conf -- name: Remove /etc/usbmount/mount.d/00_create_model_symlink - file: - path: /etc/usbmount/mount.d/00_create_model_symlink - state: absent +#- name: Remove /etc/usbmount/mount.d/00_create_model_symlink +# file: +# path: /etc/usbmount/mount.d/00_create_model_symlink +# state: absent # RECORD 'USB_LIB' AS INSTALLED From 257dc008ec6502f5c355e484f24c54d277093bfd Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Sat, 25 Jan 2025 16:56:21 -0600 Subject: [PATCH 098/148] bump number of lock tries --- roles/usb_lib/files/usbmount/usbmount | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/usb_lib/files/usbmount/usbmount b/roles/usb_lib/files/usbmount/usbmount index cd4d50ae6..b1abf49cb 100644 --- a/roles/usb_lib/files/usbmount/usbmount +++ b/roles/usb_lib/files/usbmount/usbmount @@ -81,7 +81,7 @@ if [ "$1" = add ]; then # Acquire lock. log debug "trying to acquire lock /var/run/usbmount/.mount.lock" - lockfile-create --retry 3 /var/run/usbmount/.mount || \ + lockfile-create --retry 6 /var/run/usbmount/.mount || \ { log err "cannot acquire lock /var/run/usbmount/.mount.lock"; exit 1; } trap '( lockfile-remove /var/run/usbmount/.mount )' 0 log debug "acquired lock /var/run/usbmount/.mount.lock" From 640ab00d26d73d3e825098713ddfe402d8edbdcd Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Sat, 25 Jan 2025 17:05:03 -0600 Subject: [PATCH 099/148] update iiab-clean-usb.sh --- roles/usb_lib/tasks/install.yml | 2 +- roles/usb_lib/templates/usbmount@.service.j2 | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/usb_lib/tasks/install.yml b/roles/usb_lib/tasks/install.yml index 02e55b36b..daf0fcc96 100644 --- a/roles/usb_lib/tasks/install.yml +++ b/roles/usb_lib/tasks/install.yml @@ -96,7 +96,7 @@ with_items: - { src: 'usbmount.rules.j2', dest: '/etc/udev/rules.d/usbmount.rules', mode: '0644' } - { src: 'usbmount@.service.j2', dest: '/etc/systemd/system/usbmount@.service', mode: '0644' } - - { src: 'iiab-clean-usb.sh', dest: '/usr/sbin/', mode: '0755' } + - { src: 'iiab-clean-usb.sh', dest: '/usr/local/sbin/', mode: '0755' } - name: '2025-01-05: Add upload2usb app (#3875) directory to doc_root' file: diff --git a/roles/usb_lib/templates/usbmount@.service.j2 b/roles/usb_lib/templates/usbmount@.service.j2 index 52da18ba5..0671ce296 100644 --- a/roles/usb_lib/templates/usbmount@.service.j2 +++ b/roles/usb_lib/templates/usbmount@.service.j2 @@ -7,8 +7,8 @@ After=systemd-udev-trigger.service #Type=oneshot TimeoutStartSec=0 Environment=DEVNAME=%I -ExecStart=/usr/share/usbmount/usbmount add -ExecStop=/usr/sbin/iiab-clean-usb.sh %I +ExecStart=/usr/local/sbin/usbmount add +ExecStop=/usr/local/sbin/iiab-clean-usb.sh %I ExecStopPost=/bin/umount /%I RemainAfterExit=yes From 34b4a8a7ad74a26a5cfca397a0ed94dcd325bd7f Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Sat, 25 Jan 2025 17:17:04 -0600 Subject: [PATCH 100/148] ConditionPathExists=/var/run --- roles/usb_lib/templates/usbmount@.service.j2 | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/usb_lib/templates/usbmount@.service.j2 b/roles/usb_lib/templates/usbmount@.service.j2 index 0671ce296..dca318ac7 100644 --- a/roles/usb_lib/templates/usbmount@.service.j2 +++ b/roles/usb_lib/templates/usbmount@.service.j2 @@ -2,6 +2,7 @@ BindTo=%i.device After=%i.device After=systemd-udev-trigger.service +ConditionPathExists=/var/run [Service] #Type=oneshot From e6051088fcebfff891c2b1bab7c5be8620759406 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Sun, 26 Jan 2025 08:34:46 -0600 Subject: [PATCH 101/148] RuntimeDirectory=usbmount --- roles/usb_lib/templates/usbmount@.service.j2 | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/usb_lib/templates/usbmount@.service.j2 b/roles/usb_lib/templates/usbmount@.service.j2 index dca318ac7..2dc0177c0 100644 --- a/roles/usb_lib/templates/usbmount@.service.j2 +++ b/roles/usb_lib/templates/usbmount@.service.j2 @@ -12,4 +12,5 @@ ExecStart=/usr/local/sbin/usbmount add ExecStop=/usr/local/sbin/iiab-clean-usb.sh %I ExecStopPost=/bin/umount /%I RemainAfterExit=yes +RuntimeDirectory=usbmount From 76d5b5fc1780322bf6db0aba217e59de795f99e5 Mon Sep 17 00:00:00 2001 From: root Date: Wed, 29 Jan 2025 06:00:07 -0500 Subject: [PATCH 102/148] usb_lib: Minor whitespace typos --- roles/usb_lib/tasks/install.yml | 2 +- roles/usb_lib/templates/usbmount@.service.j2 | 1 - 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/roles/usb_lib/tasks/install.yml b/roles/usb_lib/tasks/install.yml index daf0fcc96..6c7660748 100644 --- a/roles/usb_lib/tasks/install.yml +++ b/roles/usb_lib/tasks/install.yml @@ -59,7 +59,7 @@ # state: present # when: is_ubuntu -- name: Add dir {{ doc_root }}/local_content, where USB drive links can appear (0775) +- name: Add dir {{ doc_root }}/local_content, where USB drive links can appear (0775) owned by {{ apache_user }}:{{ apache_user }} file: state: directory path: "{{ doc_root }}/local_content" diff --git a/roles/usb_lib/templates/usbmount@.service.j2 b/roles/usb_lib/templates/usbmount@.service.j2 index 2dc0177c0..6cf1f990b 100644 --- a/roles/usb_lib/templates/usbmount@.service.j2 +++ b/roles/usb_lib/templates/usbmount@.service.j2 @@ -13,4 +13,3 @@ ExecStop=/usr/local/sbin/iiab-clean-usb.sh %I ExecStopPost=/bin/umount /%I RemainAfterExit=yes RuntimeDirectory=usbmount - From 190d66409f0265c81548584e9b52c28a5f6d1c48 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Wed, 29 Jan 2025 08:59:24 -0600 Subject: [PATCH 103/148] Update roles/usb_lib/templates/iiab-clean-usb.sh to restore previous search-ability Co-authored-by: A Holt --- roles/usb_lib/templates/iiab-clean-usb.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/usb_lib/templates/iiab-clean-usb.sh b/roles/usb_lib/templates/iiab-clean-usb.sh index dcdf987d3..2223c15a5 100644 --- a/roles/usb_lib/templates/iiab-clean-usb.sh +++ b/roles/usb_lib/templates/iiab-clean-usb.sh @@ -5,7 +5,7 @@ DEVICE=$(echo $@ | sed -s 's|-|/|') MNT_POINT=$(findmnt -n /$DEVICE | awk '{print $1}') CONTENT_LINK_USB=$(basename $MNT_POINT | awk '{print toupper($0)}') CONTENT_LINK="/library/www/html/local_content/$CONTENT_LINK_USB" -logger -p user.notice -t "usb_lib (iiab-clean-usb.sh)" -- "Attempting to remove link $CONTENT_LINK." +logger -p user.notice -t "usb_lib (iiab-clean-usb.sh)" -- "Attempting to remove link $CONTENT_LINK, as auto-created earlier by usbmount." if [ -L $CONTENT_LINK ]; then /bin/rm $CONTENT_LINK From daa3deb034c661000025321efcd07eb01983a67f Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Wed, 29 Jan 2025 08:59:49 -0600 Subject: [PATCH 104/148] Update roles/usb_lib/templates/iiab-clean-usb.sh to restore previous search-ability Co-authored-by: A Holt --- roles/usb_lib/templates/iiab-clean-usb.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/usb_lib/templates/iiab-clean-usb.sh b/roles/usb_lib/templates/iiab-clean-usb.sh index 2223c15a5..c04c8c5f7 100644 --- a/roles/usb_lib/templates/iiab-clean-usb.sh +++ b/roles/usb_lib/templates/iiab-clean-usb.sh @@ -9,6 +9,6 @@ logger -p user.notice -t "usb_lib (iiab-clean-usb.sh)" -- "Attempting to remove if [ -L $CONTENT_LINK ]; then /bin/rm $CONTENT_LINK - logger -p user.notice -t "usb_lib (iiab-clean-usb.sh)" -- "$CONTENT_LINK removed." + logger -p user.notice -t "usb_lib (iiab-clean-usb.sh)" -- "$CONTENT_LINK removed, as auto-created earlier by usbmount." fi From eca12605b91148c8c0f109b39ee8833e083eb8ce Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Thu, 30 Jan 2025 03:19:31 -0600 Subject: [PATCH 105/148] forgot the dependencies --- roles/usb_lib/tasks/install.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/roles/usb_lib/tasks/install.yml b/roles/usb_lib/tasks/install.yml index 6c7660748..a4f608698 100644 --- a/roles/usb_lib/tasks/install.yml +++ b/roles/usb_lib/tasks/install.yml @@ -52,12 +52,12 @@ # deb: "{{ iiab_download_url }}/usbmount_0.0.22_all.deb" # # when: is_debian -# check status of usbmount on mintlinux - should be ok Ubuntu variant -# - name: Install usbmount from OS repo for Ubuntu variants -# package: -# name: usbmount -# state: present -# when: is_ubuntu +- name: Install lockfile-progs util-linux for usbmount from OS repo + package: + name: + - lockfile-progs + - util-linux + state: present - name: Add dir {{ doc_root }}/local_content, where USB drive links can appear (0775) owned by {{ apache_user }}:{{ apache_user }} file: From 0dec3fe8108f52832b9398e329119920a3ba5a96 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Thu, 30 Jan 2025 09:52:41 -0600 Subject: [PATCH 106/148] indent --- roles/usb_lib/tasks/install.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/usb_lib/tasks/install.yml b/roles/usb_lib/tasks/install.yml index a4f608698..ac444d05f 100644 --- a/roles/usb_lib/tasks/install.yml +++ b/roles/usb_lib/tasks/install.yml @@ -55,8 +55,8 @@ - name: Install lockfile-progs util-linux for usbmount from OS repo package: name: - - lockfile-progs - - util-linux + - lockfile-progs + - util-linux state: present - name: Add dir {{ doc_root }}/local_content, where USB drive links can appear (0775) owned by {{ apache_user }}:{{ apache_user }} From 78924e84bab6118d2333995b403058adb9b9209a Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Thu, 30 Jan 2025 11:59:15 -0600 Subject: [PATCH 107/148] create /media/usb0-7 --- roles/usb_lib/tasks/install.yml | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/roles/usb_lib/tasks/install.yml b/roles/usb_lib/tasks/install.yml index ac444d05f..bd4d4ab7f 100644 --- a/roles/usb_lib/tasks/install.yml +++ b/roles/usb_lib/tasks/install.yml @@ -67,7 +67,7 @@ group: "{{ apache_user }}" # 2020-02-13: changed from iiab_admin_user, after discussion on weekly call (#1228, #2222) mode: 0775 -- name: Setup directories for usbmount +- name: Set up dirs /etc/usbmount/mount.d, /etc/usbmount/umount.d, and /media/usb0-7 file: path: "{{ item }}" # owner: root @@ -78,6 +78,14 @@ with_items: - /etc/usbmount/mount.d - /etc/usbmount/umount.d + - /media/usb0 + - /media/usb1 + - /media/usb2 + - /media/usb3 + - /media/usb4 + - /media/usb5 + - /media/usb6 + - /media/usb7 - name: '2025-01-25: Copy files from files/usbmount to filesystem' copy: From 97eeae48455c6950b01bccb35859990306c02eac Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Thu, 30 Jan 2025 14:07:51 -0600 Subject: [PATCH 108/148] wording --- roles/usb_lib/tasks/install.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/usb_lib/tasks/install.yml b/roles/usb_lib/tasks/install.yml index bd4d4ab7f..2993865fd 100644 --- a/roles/usb_lib/tasks/install.yml +++ b/roles/usb_lib/tasks/install.yml @@ -67,7 +67,7 @@ group: "{{ apache_user }}" # 2020-02-13: changed from iiab_admin_user, after discussion on weekly call (#1228, #2222) mode: 0775 -- name: Set up dirs /etc/usbmount/mount.d, /etc/usbmount/umount.d, and /media/usb0-7 +- name: Set up dirs /etc/usbmount/mount.d, /etc/usbmount/umount.d, /media/usb0-7 file: path: "{{ item }}" # owner: root @@ -96,7 +96,7 @@ - { src: 'usbmount/usbmount.conf', dest: '/etc/usbmount/', mode: '0644' } - { src: 'usbmount/usbmount', dest: '/usr/local/sbin/', mode: '0755' } -- name: 'Install from template: /etc/udev/rules.d/usbmount.rules, /etc/systemd/system/usbmount@.service, /usr/bin/iiab-usb_lib-show-all-on, /usr/bin/iiab-usb_lib-show-all-off, /usr/sbin/iiab-clean-usb.sh' +- name: 'Install from template: /etc/udev/rules.d/usbmount.rules, /etc/systemd/system/usbmount@.service, /usr/sbin/iiab-clean-usb.sh' template: src: "{{ item.src }}" dest: "{{ item.dest }}" From 80bdfc677e6845aa6f86b1e0adbcbf4642da2186 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Thu, 30 Jan 2025 14:13:26 -0600 Subject: [PATCH 109/148] Update roles/usb_lib/tasks/install.yml missed during rebase Co-authored-by: A Holt --- roles/usb_lib/tasks/install.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/usb_lib/tasks/install.yml b/roles/usb_lib/tasks/install.yml index 2993865fd..77abac259 100644 --- a/roles/usb_lib/tasks/install.yml +++ b/roles/usb_lib/tasks/install.yml @@ -96,7 +96,7 @@ - { src: 'usbmount/usbmount.conf', dest: '/etc/usbmount/', mode: '0644' } - { src: 'usbmount/usbmount', dest: '/usr/local/sbin/', mode: '0755' } -- name: 'Install from template: /etc/udev/rules.d/usbmount.rules, /etc/systemd/system/usbmount@.service, /usr/sbin/iiab-clean-usb.sh' +- name: 'Install from template: /etc/udev/rules.d/usbmount.rules, /etc/systemd/system/usbmount@.service, /usr/local/sbin/iiab-clean-usb.sh' template: src: "{{ item.src }}" dest: "{{ item.dest }}" From 6b4b94dae2081ffab88339479d3a147faf83071e Mon Sep 17 00:00:00 2001 From: root Date: Fri, 31 Jan 2025 01:41:23 -0500 Subject: [PATCH 110/148] usb_lib / usbmount: Refine, lint, clarify --- .../files/{upload => upload2usb}/button.html | 0 .../files/{upload => upload2usb}/error.php | 0 .../files/{upload => upload2usb}/footer.php | 0 .../files/{upload => upload2usb}/header.php | 0 .../files/{upload => upload2usb}/index.php | 0 .../files/{upload => upload2usb}/uk-swing.png | Bin .../{upload => upload2usb}/upload-file.php | 0 .../{upload => upload2usb}/upload2usb.php | 0 roles/usb_lib/tasks/install.yml | 23 ++++++++---------- roles/usb_lib/templates/iiab-clean-usb.sh | 16 ++++++------ .../templates/mount.d/70-usb-library.j2 | 16 ++++++------ 11 files changed, 26 insertions(+), 29 deletions(-) rename roles/usb_lib/files/{upload => upload2usb}/button.html (100%) rename roles/usb_lib/files/{upload => upload2usb}/error.php (100%) rename roles/usb_lib/files/{upload => upload2usb}/footer.php (100%) rename roles/usb_lib/files/{upload => upload2usb}/header.php (100%) rename roles/usb_lib/files/{upload => upload2usb}/index.php (100%) rename roles/usb_lib/files/{upload => upload2usb}/uk-swing.png (100%) rename roles/usb_lib/files/{upload => upload2usb}/upload-file.php (100%) rename roles/usb_lib/files/{upload => upload2usb}/upload2usb.php (100%) diff --git a/roles/usb_lib/files/upload/button.html b/roles/usb_lib/files/upload2usb/button.html similarity index 100% rename from roles/usb_lib/files/upload/button.html rename to roles/usb_lib/files/upload2usb/button.html diff --git a/roles/usb_lib/files/upload/error.php b/roles/usb_lib/files/upload2usb/error.php similarity index 100% rename from roles/usb_lib/files/upload/error.php rename to roles/usb_lib/files/upload2usb/error.php diff --git a/roles/usb_lib/files/upload/footer.php b/roles/usb_lib/files/upload2usb/footer.php similarity index 100% rename from roles/usb_lib/files/upload/footer.php rename to roles/usb_lib/files/upload2usb/footer.php diff --git a/roles/usb_lib/files/upload/header.php b/roles/usb_lib/files/upload2usb/header.php similarity index 100% rename from roles/usb_lib/files/upload/header.php rename to roles/usb_lib/files/upload2usb/header.php diff --git a/roles/usb_lib/files/upload/index.php b/roles/usb_lib/files/upload2usb/index.php similarity index 100% rename from roles/usb_lib/files/upload/index.php rename to roles/usb_lib/files/upload2usb/index.php diff --git a/roles/usb_lib/files/upload/uk-swing.png b/roles/usb_lib/files/upload2usb/uk-swing.png similarity index 100% rename from roles/usb_lib/files/upload/uk-swing.png rename to roles/usb_lib/files/upload2usb/uk-swing.png diff --git a/roles/usb_lib/files/upload/upload-file.php b/roles/usb_lib/files/upload2usb/upload-file.php similarity index 100% rename from roles/usb_lib/files/upload/upload-file.php rename to roles/usb_lib/files/upload2usb/upload-file.php diff --git a/roles/usb_lib/files/upload/upload2usb.php b/roles/usb_lib/files/upload2usb/upload2usb.php similarity index 100% rename from roles/usb_lib/files/upload/upload2usb.php rename to roles/usb_lib/files/upload2usb/upload2usb.php diff --git a/roles/usb_lib/tasks/install.yml b/roles/usb_lib/tasks/install.yml index 77abac259..107ae9a4c 100644 --- a/roles/usb_lib/tasks/install.yml +++ b/roles/usb_lib/tasks/install.yml @@ -52,7 +52,7 @@ # deb: "{{ iiab_download_url }}/usbmount_0.0.22_all.deb" # # when: is_debian -- name: Install lockfile-progs util-linux for usbmount from OS repo +- name: Install lockfile-progs and util-linux for usbmount from OS repo package: name: - lockfile-progs @@ -62,19 +62,16 @@ - name: Add dir {{ doc_root }}/local_content, where USB drive links can appear (0775) owned by {{ apache_user }}:{{ apache_user }} file: state: directory - path: "{{ doc_root }}/local_content" - owner: "{{ apache_user }}" + path: "{{ doc_root }}/local_content" # /library/www/html + owner: "{{ apache_user }}" # www-data group: "{{ apache_user }}" # 2020-02-13: changed from iiab_admin_user, after discussion on weekly call (#1228, #2222) mode: 0775 - name: Set up dirs /etc/usbmount/mount.d, /etc/usbmount/umount.d, /media/usb0-7 file: - path: "{{ item }}" - # owner: root - # group: root - # mode: '0755' - mode: 0644 state: directory + path: "{{ item }}" + mode: 0755 with_items: - /etc/usbmount/mount.d - /etc/usbmount/umount.d @@ -87,7 +84,7 @@ - /media/usb6 - /media/usb7 -- name: '2025-01-25: Copy files from files/usbmount to filesystem' +- name: Copy files from files/usbmount to filesystem copy: src: "{{ item.src }}" dest: "{{ item.dest }}" @@ -106,7 +103,7 @@ - { src: 'usbmount@.service.j2', dest: '/etc/systemd/system/usbmount@.service', mode: '0644' } - { src: 'iiab-clean-usb.sh', dest: '/usr/local/sbin/', mode: '0755' } -- name: '2025-01-05: Add upload2usb app (#3875) directory to doc_root' +- name: Add dir {{ doc_root }}/upload2usb (0775) owned by {{ apache_user }}:{{ apache_user }} file: state: directory path: "{{ doc_root }}/upload2usb" @@ -114,12 +111,12 @@ group: "{{ apache_user }}" mode: 0755 -- name: '2025-01-05: Copy upload2usb app (#3875) files from files/upload/ into {{ doc_root }}/upload2usb/' +- name: Copy files from files/upload2usb/ into {{ doc_root }}/upload2usb/ copy: src: "{{ item }}" - dest: "{{ doc_root }}/upload2usb/" # /library/www/html + dest: "{{ doc_root }}/upload2usb/" with_fileglob: - - upload/* + - upload2usb/* # 2021-03-21: If usbmount is repackaged by apt as a result of Linux kernel 5.4+ # supporting exFAT, the stanza below (might) in future no longer be needed... diff --git a/roles/usb_lib/templates/iiab-clean-usb.sh b/roles/usb_lib/templates/iiab-clean-usb.sh index c04c8c5f7..360d737f4 100644 --- a/roles/usb_lib/templates/iiab-clean-usb.sh +++ b/roles/usb_lib/templates/iiab-clean-usb.sh @@ -1,14 +1,14 @@ #!/bin/bash -# Remove symlink in /library/content to automounted usb drive -# -DEVICE=$(echo $@ | sed -s 's|-|/|') -MNT_POINT=$(findmnt -n /$DEVICE | awk '{print $1}') +# Remove symlink in /library/www/html/local_content to automounted USB drive + +DEVICE="/$(echo $1 | sed 's|-|/|')" +MNT_POINT=$(findmnt -no target $DEVICE) CONTENT_LINK_USB=$(basename $MNT_POINT | awk '{print toupper($0)}') CONTENT_LINK="/library/www/html/local_content/$CONTENT_LINK_USB" -logger -p user.notice -t "usb_lib (iiab-clean-usb.sh)" -- "Attempting to remove link $CONTENT_LINK, as auto-created earlier by usbmount." + +logger -t "usb_lib (iiab-clean-usb.sh)" "Attempting to remove symlink $CONTENT_LINK, as auto-created earlier by usbmount." if [ -L $CONTENT_LINK ]; then - /bin/rm $CONTENT_LINK - logger -p user.notice -t "usb_lib (iiab-clean-usb.sh)" -- "$CONTENT_LINK removed, as auto-created earlier by usbmount." + /usr/bin/rm $CONTENT_LINK + logger -t "usb_lib (iiab-clean-usb.sh)" "Symlink $CONTENT_LINK removed, as auto-created earlier by usbmount." fi - diff --git a/roles/usb_lib/templates/mount.d/70-usb-library.j2 b/roles/usb_lib/templates/mount.d/70-usb-library.j2 index 803313f7e..62d15b27a 100644 --- a/roles/usb_lib/templates/mount.d/70-usb-library.j2 +++ b/roles/usb_lib/templates/mount.d/70-usb-library.j2 @@ -30,16 +30,16 @@ logger -t "usb_lib (70-usb-library)" "BOOT_DEV is: $BOOT_DEV" logger -t "usb_lib (70-usb-library)" "BOOTFW_DEV is: $BOOTFW_DEV" if [ "$UM_DEV" == "$LIB_DEV" ]; then - logger -p user.notice -t "usb_lib (70-usb-library)" -- "Skipping $UM_MOUNTPOINT containing /library" + logger -t "usb_lib (70-usb-library)" "Skipping $UM_MOUNTPOINT containing /library" exit elif [ "$UM_DEV" == "$ROOT_DEV" ]; then - logger -p user.notice -t "usb_lib (70-usb-library)" -- "Skipping $UM_MOUNTPOINT containing rootfs" + logger -t "usb_lib (70-usb-library)" "Skipping $UM_MOUNTPOINT containing rootfs" exit elif [ "$UM_DEV" == "$BOOT_DEV" ]; then - logger -p user.notice -t "usb_lib (70-usb-library)" -- "Skipping $UM_MOUNTPOINT containing /boot" + logger -t "usb_lib (70-usb-library)" "Skipping $UM_MOUNTPOINT containing /boot" exit elif [ "$UM_DEV" == "$BOOTFW_DEV" ]; then - logger -p user.notice -t "usb_lib (70-usb-library)" -- "Skipping $UM_MOUNTPOINT containing /boot/firmware" + logger -t "usb_lib (70-usb-library)" "Skipping $UM_MOUNTPOINT containing /boot/firmware" exit fi @@ -48,13 +48,13 @@ fi # "public artwork" — as summarized here: https://github.com/iiab/iiab/blob/master/roles/usb_lib/README.rst if [ -d $UM_MOUNTPOINT/PUBLIC ]; then SHARE_DIR=$UM_MOUNTPOINT/PUBLIC - logger -p user.notice -t "usb_lib (70-usb-library)" -- "Found /PUBLIC on $UM_MOUNTPOINT" + logger -t "usb_lib (70-usb-library)" "Found /PUBLIC on $UM_MOUNTPOINT" else SHARE_DIR=$UM_MOUNTPOINT - logger -p user.notice -t "usb_lib (70-usb-library)" -- "Did not find /PUBLIC on $UM_MOUNTPOINT" + logger -t "usb_lib (70-usb-library)" "Did not find /PUBLIC on $UM_MOUNTPOINT" fi CONTENT_LINK_USB=$(basename $UM_MOUNTPOINT | awk '{print toupper($0)}') CONTENT_LINK="{{ doc_root }}/local_content/$CONTENT_LINK_USB" -logger -p user.notice -t "usb_lib (70-usb-library)" -- "Creating link from $CONTENT_LINK to $SHARE_DIR" -ln -s $SHARE_DIR $CONTENT_LINK +logger -t "usb_lib (70-usb-library)" "Creating link from $CONTENT_LINK to $SHARE_DIR" +ln -sf $SHARE_DIR $CONTENT_LINK From 3077a39cd607c9d4b034aa6802c2ebbd7bd3ecb6 Mon Sep 17 00:00:00 2001 From: root Date: Fri, 31 Jan 2025 03:45:23 -0500 Subject: [PATCH 111/148] Invert rejected country red error; Clarify 3 channel/country vars for iiab.ini --- roles/network/tasks/detected_network.yml | 34 +++++++++++++----------- 1 file changed, 18 insertions(+), 16 deletions(-) diff --git a/roles/network/tasks/detected_network.yml b/roles/network/tasks/detected_network.yml index 1663f8c39..c72028d53 100644 --- a/roles/network/tasks/detected_network.yml +++ b/roles/network/tasks/detected_network.yml @@ -264,8 +264,8 @@ wifi_up_down: False when: rpi3bplus_rpi4_wifi_firmware == "24" -- name: Detect "Firmware rejected country setting" in dmesg - shell: dmesg | grep ieee80211 | grep "Firmware rejected country setting" +- name: Detect "Firmware rejected country setting" in dmesg (invert return code, for intentional red error) + shell: '! dmesg | grep ieee80211 | grep "Firmware rejected country setting"' register: FW_rejected_country ignore_errors: True @@ -337,27 +337,29 @@ - option: wifi_firmware_43455 value: "{{ rpi3bplus_rpi4_wifi_firmware }}" -- name: Add 'detected_network' variable 'current_client_channel_found' value if defined, to {{ iiab_ini_file }} +- name: Add 'detected_network' variable 'current_client_channel_found' stdout value ({{ current_client_channel.stdout }}) if defined and non-empty, to {{ iiab_ini_file }} ini_file: dest: "{{ iiab_ini_file }}" section: detected_network - option: "{{ item.option }}" - value: "{{ item.value | string }}" - with_items: - - option: client_wifi_channel_found - value: "{{ current_client_channel.stdout }}" - when: current_client_channel.stdout is defined + option: client_wifi_channel_found + value: "{{ current_client_channel.stdout }}" + when: current_client_channel.stdout is defined and current_client_channel.stdout != "" -- name: Add 'detected_network' variable 'FW_rejected_country' value if defined, to {{ iiab_ini_file }} +- name: Add 'detected_network' variable 'FW_rejected_country' stdout value ({{ FW_rejected_country.stdout }}) if defined and non-empty, to {{ iiab_ini_file }} ini_file: dest: "{{ iiab_ini_file }}" section: detected_network - option: "{{ item.option }}" - value: "{{ item.value | string }}" - with_items: - - option: FW_rejected_country - value: "{{ cmdline_country_code.stdout }}" - when: FW_rejected_country.stdout is defined + option: FW_rejected_country + value: "{{ FW_rejected_country.stdout }}" + when: FW_rejected_country.stdout is defined and FW_rejected_country.stdout != "" + +- name: Add 'detected_network' variable 'cmdline_country_code' stdout value ({{ cmdline_country_code.stdout }}) if defined and non-empty, to {{ iiab_ini_file }} + ini_file: + dest: "{{ iiab_ini_file }}" + section: detected_network + option: cmdline_country_code + value: "{{ cmdline_country_code.stdout }}" + when: cmdline_country_code.stdout is defined and cmdline_country_code.stdout != "" # well if there ever was a point to tell the user things are FUBAR this is it. # limit 2 network adapters wifi wired From b6b2f3a0d771a0e84bf931f2aec6341985b30caa Mon Sep 17 00:00:00 2001 From: A Holt Date: Fri, 31 Jan 2025 04:24:07 -0500 Subject: [PATCH 112/148] usbmount copyright URL clarifs for PR #3929 --- roles/usb_lib/files/usbmount/usbmount | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/roles/usb_lib/files/usbmount/usbmount b/roles/usb_lib/files/usbmount/usbmount index b1abf49cb..7541b5335 100644 --- a/roles/usb_lib/files/usbmount/usbmount +++ b/roles/usb_lib/files/usbmount/usbmount @@ -13,7 +13,8 @@ # but WITHOUT ANY WARRANTY, to the extent permitted by law; without # even the implied warranty of MERCHANTABILITY or FITNESS FOR A # PARTICULAR PURPOSE. -# Add web link to copyright notice help in iiab on github +# https://github.com/iiab/iiab/blob/master/roles/usb_lib/files/usbmount/copyright +# https://github.com/rbrito/usbmount/blob/master/debian/copyright set -e exec > /dev/null 2>&1 From c975dd21fce3227e7d54413eecb91b198caa178d Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 1 Feb 2025 00:35:54 -0500 Subject: [PATCH 113/148] php-settings.yml: TZ hack that avoids systemd, for GHA --- roles/www_options/tasks/php-settings.yml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/roles/www_options/tasks/php-settings.yml b/roles/www_options/tasks/php-settings.yml index adedee11b..4693db885 100644 --- a/roles/www_options/tasks/php-settings.yml +++ b/roles/www_options/tasks/php-settings.yml @@ -30,8 +30,10 @@ # 1) Try spawning these "guyot/arm-runner-action@v2" GHA workflows with... use_systemd_nspawn: true # 2) Weaken timedatectl command just below, trying this instead... shell: readlink /etc/localtime | sed 's#^/usr/share/zoneinfo/##' -- name: Extract Time Zone from symlink /etc/localtime &/or text file /etc/timezone (or lack thereof!) - command: timedatectl show -p Timezone --value +#- name: Extract Time Zone from symlink /etc/localtime &/or text file /etc/timezone (or lack thereof!) +# command: timedatectl show -p Timezone --value +- name: Extract Time Zone from symlink /etc/localtime, or declare UTC + shell: tmp=$(readlink /etc/localtime) && echo $tmp | sed 's|^/usr/share/zoneinfo/||' || echo UTC register: tz_cli - name: Store 'date.timezone = {{ tz_cli.stdout }}' (from above) in /etc/php/{{ php_version }}/fpm/php.ini and /etc/php/{{ php_version }}/cli/php.ini From f22ba85c49f9cfa7b890db9a362e1ad21511d481 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 1 Feb 2025 00:54:47 -0500 Subject: [PATCH 114/148] php-settings.yml: More complete shell hack, equiv to timedatectl --- roles/www_options/tasks/php-settings.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/www_options/tasks/php-settings.yml b/roles/www_options/tasks/php-settings.yml index 4693db885..7109ccfeb 100644 --- a/roles/www_options/tasks/php-settings.yml +++ b/roles/www_options/tasks/php-settings.yml @@ -30,10 +30,10 @@ # 1) Try spawning these "guyot/arm-runner-action@v2" GHA workflows with... use_systemd_nspawn: true # 2) Weaken timedatectl command just below, trying this instead... shell: readlink /etc/localtime | sed 's#^/usr/share/zoneinfo/##' -#- name: Extract Time Zone from symlink /etc/localtime &/or text file /etc/timezone (or lack thereof!) -# command: timedatectl show -p Timezone --value -- name: Extract Time Zone from symlink /etc/localtime, or declare UTC - shell: tmp=$(readlink /etc/localtime) && echo $tmp | sed 's|^/usr/share/zoneinfo/||' || echo UTC +- name: Extract Time Zone from symlink /etc/localtime, text file /etc/timezone, or if all else fails declare Etc/UTC + # command: timedatectl show -p Timezone --value + # 2025-02-01: "guyot/arm-runner-action@v2" GHA workflows don't seem to work with "use_systemd_nspawn: true", so hack in the equivalent of timedatectl... + shell: tmp=$(readlink /etc/localtime) && echo $tmp | sed 's|^/usr/share/zoneinfo/||' || cat /etc/timezone || echo Etc/UTC register: tz_cli - name: Store 'date.timezone = {{ tz_cli.stdout }}' (from above) in /etc/php/{{ php_version }}/fpm/php.ini and /etc/php/{{ php_version }}/cli/php.ini From fb787e0649cd1817d0e4bef0e2025e6353a91906 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 1 Feb 2025 01:24:47 -0500 Subject: [PATCH 115/148] Update USB_LIB description for iiab.ini --- roles/usb_lib/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/usb_lib/tasks/main.yml b/roles/usb_lib/tasks/main.yml index 4def69c4f..4d2710874 100644 --- a/roles/usb_lib/tasks/main.yml +++ b/roles/usb_lib/tasks/main.yml @@ -77,7 +77,7 @@ - option: name value: USB_LIB - option: description - value: '"USB_LIB automounts Teacher Content on USB drives to /library/www/html/local_content, so students can browse it almost immediately at http://box/usb"' + value: '"USB_LIB automounts Teacher Content on USB sticks to /library/www/html/local_content, so students can browse the USB AND upload their work to the USB, all at http://box/usb"' - option: usb_lib_install value: "{{ usb_lib_install }}" - option: usb_lib_enabled From 8eed5e3face334dca474063043b07fbd63915f8c Mon Sep 17 00:00:00 2001 From: root Date: Sun, 2 Feb 2025 20:44:02 +0000 Subject: [PATCH 116/148] usb_lib/README.rst, usb_lib/tasks/install.yml: Add docs on how to disable Desktop auto-mount functionality on RPi Desktop; other minor doc cleanup --- roles/usb_lib/README.rst | 3 +++ roles/usb_lib/tasks/install.yml | 7 ++++--- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/roles/usb_lib/README.rst b/roles/usb_lib/README.rst index da2564f36..aa5409d90 100644 --- a/roles/usb_lib/README.rst +++ b/roles/usb_lib/README.rst @@ -20,6 +20,9 @@ Technical Details: * IIAB will generally mount USB sticks / drives 'rw' allowing root to both read and write to them. In addition, in March 2021 (`PR #2715 `_) Kolibri exports were enabled, by also giving non-root users read and write access to VFAT/FAT32, NTFS and exFAT USB sticks — using ``umask=0000`` (in /etc/usbmount/usbmount.conf) to override the ``umask=0022`` default. This ``umask=0000`` is also required for students to upload to the teachers's VFAT/FAT32, NTFS and exFAT USB sticks, as introduced in January 2025 (`PR #3875 `_). If, however, you prefer to restore usbmount's default, set ``usb_lib_writable_sticks: False`` in `/etc/iiab/local_vars.yml `_ — please do this prior to installing IIAB — so you don't have to run: ``cd /opt/iiab/iiab ; ./runrole --reinstall usb_lib`` +* If you are using a Desktop install of Raspberry Pi OS (vs Lite, for example) for your IIAB, USB sticks will be mounted twice by default, once by usbmount and once by the desktop. You must disable the auto-mount function in the Desktop in order to use the "Upload to USB" functionality, which allows students to upload their work to your USB stick. To disable the auto-mount function, in the File Manager (pcmanfm), go to Edit → Preferences → Volume Management, and uncheck "Mount removable media automatically when they are inserted". + + * Official `usbmount 0.0.22 (2011-08-08) `_ documentation: * https://github.com/hfuchs/usbmount/blob/master/README (2010-08-11) diff --git a/roles/usb_lib/tasks/install.yml b/roles/usb_lib/tasks/install.yml index 107ae9a4c..35f533652 100644 --- a/roles/usb_lib/tasks/install.yml +++ b/roles/usb_lib/tasks/install.yml @@ -7,9 +7,10 @@ # https://github.com/rbrito/usbmount/blob/master/README.md (2018-08-10) # https://github.com/rbrito/usbmount/blob/master/usbmount.conf (2010-04-25) -# usb_lib_writable_sticks (e.g., in /etc/iiab/local_vars.yml) must be set to true in order for non-root users to be able to write to VFAT/FAT32, NTFS and exFAT USB sticks. -# If you are still not able to write to a mounted USB stick, try unmounting the drive (sudo umount ) and then remount it setting umask to 0000 manually (sudo mount -o umask=0000 ). - +# The variable, usb_lib_writable_sticks (e.g., in /etc/iiab/local_vars.yml), must be set to true +# in order for non-root users to be able to write to VFAT/FAT32, NTFS and exFAT USB sticks. +# If you are still not able to write to a mounted USB stick, try unmounting the drive +# (sudo umount ) and then remount it setting umask to 0000 manually (sudo mount -o umask=0000 ). - name: Record (initial) disk space used shell: df -B1 --output=used / | tail -1 From 38a860d3c5734b361f2a898e74809fcd84b7a3e4 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sun, 2 Feb 2025 16:12:11 -0500 Subject: [PATCH 117/148] Update usb_lib/README.rst --- roles/usb_lib/README.rst | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/roles/usb_lib/README.rst b/roles/usb_lib/README.rst index aa5409d90..e874e9525 100644 --- a/roles/usb_lib/README.rst +++ b/roles/usb_lib/README.rst @@ -16,13 +16,12 @@ As of January 2025, automount is handled by usbmount: (`devmon included with ude Technical Details: -* USB sticks / drives must be formatted with one of the filesystems listed under "FILESYSTEMS=" at ``/etc/usbmount/usbmount.conf`` — these are specified on/around Line 103 of: `/opt/iiab/iiab/roles/usb_lib/tasks/install.yml `_ +* USB sticks / drives must be formatted with one of the filesystems listed under "FILESYSTEMS=" at ``/etc/usbmount/usbmount.conf`` — these are specified on/around Line 17 of: `/opt/iiab/iiab/roles/usb_lib/files/usbmount/usbmount.conf `_ + +* If you are using a Graphical Desktop version of Raspberry Pi OS (vs Lite, for example) for your IIAB, USB sticks will be mounted twice by default, once by usbmount and once by the desktop. You must disable the automount function in the Desktop in order to use the "Upload to USB" functionality, which allows students to upload their work to your USB stick. To disable the automount function, in the File Manager (pcmanfm), go to Edit → Preferences → Volume Management, and uncheck "Mount removable media automatically when they are inserted". * IIAB will generally mount USB sticks / drives 'rw' allowing root to both read and write to them. In addition, in March 2021 (`PR #2715 `_) Kolibri exports were enabled, by also giving non-root users read and write access to VFAT/FAT32, NTFS and exFAT USB sticks — using ``umask=0000`` (in /etc/usbmount/usbmount.conf) to override the ``umask=0022`` default. This ``umask=0000`` is also required for students to upload to the teachers's VFAT/FAT32, NTFS and exFAT USB sticks, as introduced in January 2025 (`PR #3875 `_). If, however, you prefer to restore usbmount's default, set ``usb_lib_writable_sticks: False`` in `/etc/iiab/local_vars.yml `_ — please do this prior to installing IIAB — so you don't have to run: ``cd /opt/iiab/iiab ; ./runrole --reinstall usb_lib`` -* If you are using a Desktop install of Raspberry Pi OS (vs Lite, for example) for your IIAB, USB sticks will be mounted twice by default, once by usbmount and once by the desktop. You must disable the auto-mount function in the Desktop in order to use the "Upload to USB" functionality, which allows students to upload their work to your USB stick. To disable the auto-mount function, in the File Manager (pcmanfm), go to Edit → Preferences → Volume Management, and uncheck "Mount removable media automatically when they are inserted". - - * Official `usbmount 0.0.22 (2011-08-08) `_ documentation: * https://github.com/hfuchs/usbmount/blob/master/README (2010-08-11) From 3596963d5cfdf547f8c777e161d320eaf7ef90b7 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sun, 2 Feb 2025 16:22:38 -0500 Subject: [PATCH 118/148] Further update usb_lib/README.rst --- roles/usb_lib/README.rst | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/roles/usb_lib/README.rst b/roles/usb_lib/README.rst index e874e9525..b7536387c 100644 --- a/roles/usb_lib/README.rst +++ b/roles/usb_lib/README.rst @@ -18,7 +18,9 @@ Technical Details: * USB sticks / drives must be formatted with one of the filesystems listed under "FILESYSTEMS=" at ``/etc/usbmount/usbmount.conf`` — these are specified on/around Line 17 of: `/opt/iiab/iiab/roles/usb_lib/files/usbmount/usbmount.conf `_ -* If you are using a Graphical Desktop version of Raspberry Pi OS (vs Lite, for example) for your IIAB, USB sticks will be mounted twice by default, once by usbmount and once by the desktop. You must disable the automount function in the Desktop in order to use the "Upload to USB" functionality, which allows students to upload their work to your USB stick. To disable the automount function, in the File Manager (pcmanfm), go to Edit → Preferences → Volume Management, and uncheck "Mount removable media automatically when they are inserted". +* If your IIAB was built on a Graphical Desktop OS (instead of a headless OS, like Raspberry Pi OS Lite), USB sticks will problematically be mounted twice by default, once by usbmount and once by the desktop. You must disable the automount function in the Desktop in order to use the "Upload to USB" functionality, which allows students to upload their work to your USB stick. + + * EXAMPLE: To disable Desktop automount within "Raspberry Pi OS with desktop", go to File Manager (pcmanfm) → Edit → Preferences → Volume Management, and uncheck "Mount removable media automatically when they are inserted". * IIAB will generally mount USB sticks / drives 'rw' allowing root to both read and write to them. In addition, in March 2021 (`PR #2715 `_) Kolibri exports were enabled, by also giving non-root users read and write access to VFAT/FAT32, NTFS and exFAT USB sticks — using ``umask=0000`` (in /etc/usbmount/usbmount.conf) to override the ``umask=0022`` default. This ``umask=0000`` is also required for students to upload to the teachers's VFAT/FAT32, NTFS and exFAT USB sticks, as introduced in January 2025 (`PR #3875 `_). If, however, you prefer to restore usbmount's default, set ``usb_lib_writable_sticks: False`` in `/etc/iiab/local_vars.yml `_ — please do this prior to installing IIAB — so you don't have to run: ``cd /opt/iiab/iiab ; ./runrole --reinstall usb_lib`` From c2c36b178edc71d103b34e1f991c9cf75af7f667 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 6 Feb 2025 08:07:00 -0600 Subject: [PATCH 119/148] iiab-check-firmware: Mention 'sudo iiab-network' --- roles/firmware/templates/iiab-check-firmware | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/firmware/templates/iiab-check-firmware b/roles/firmware/templates/iiab-check-firmware index b2f7a1cce..f10cd752b 100644 --- a/roles/firmware/templates/iiab-check-firmware +++ b/roles/firmware/templates/iiab-check-firmware @@ -60,7 +60,7 @@ else echo -e " cd /opt/iiab/iiab" echo -e " sudo iiab-hotspot-off # NO LONGER NEC? eg to restore 'wifi_up_down: True'" echo -e " sudo ./runrole --reinstall firmware" - echo -e " sudo ./iiab-network # SOMETIMES NECESSARY" + echo -e " sudo iiab-network # SOMETIMES NECESSARY" echo -e " sudo iiab-hotspot-on # NO LONGER NEC? eg to restore 'wifi_up_down: True'" echo -e " sudo reboot\n" #echo From 2398313918991a755c25c4d8789aacf48bfa3aae Mon Sep 17 00:00:00 2001 From: A Holt Date: Tue, 11 Feb 2025 03:13:51 -0500 Subject: [PATCH 120/148] 70-usb-library.j2: Forcibly delete e.g. stale /library/www/html/local_content/USB0 --- roles/usb_lib/templates/mount.d/70-usb-library.j2 | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/roles/usb_lib/templates/mount.d/70-usb-library.j2 b/roles/usb_lib/templates/mount.d/70-usb-library.j2 index 62d15b27a..441cebb74 100644 --- a/roles/usb_lib/templates/mount.d/70-usb-library.j2 +++ b/roles/usb_lib/templates/mount.d/70-usb-library.j2 @@ -57,4 +57,7 @@ fi CONTENT_LINK_USB=$(basename $UM_MOUNTPOINT | awk '{print toupper($0)}') CONTENT_LINK="{{ doc_root }}/local_content/$CONTENT_LINK_USB" logger -t "usb_lib (70-usb-library)" "Creating link from $CONTENT_LINK to $SHARE_DIR" -ln -sf $SHARE_DIR $CONTENT_LINK +# 'rm -rf' even stronger than 'ln -nsf' and 'ln -Tsf' +# https://serverfault.com/questions/147787/how-to-update-a-symbolic-link-target-ln-f-s-not-working/522483#522483 +rm -rf $CONTENT_LINK +ln -s $SHARE_DIR $CONTENT_LINK From 94ca58aa0cad87225ee39bf55bdc3de298521700 Mon Sep 17 00:00:00 2001 From: A Holt Date: Tue, 11 Feb 2025 03:45:52 -0500 Subject: [PATCH 121/148] 70-usb-library.j2: Cleaner logging & error handling (e.g. exit code 1) --- roles/usb_lib/templates/mount.d/70-usb-library.j2 | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/roles/usb_lib/templates/mount.d/70-usb-library.j2 b/roles/usb_lib/templates/mount.d/70-usb-library.j2 index 441cebb74..89dfea840 100644 --- a/roles/usb_lib/templates/mount.d/70-usb-library.j2 +++ b/roles/usb_lib/templates/mount.d/70-usb-library.j2 @@ -31,16 +31,16 @@ logger -t "usb_lib (70-usb-library)" "BOOTFW_DEV is: $BOOTFW_DEV" if [ "$UM_DEV" == "$LIB_DEV" ]; then logger -t "usb_lib (70-usb-library)" "Skipping $UM_MOUNTPOINT containing /library" - exit + exit 1 elif [ "$UM_DEV" == "$ROOT_DEV" ]; then logger -t "usb_lib (70-usb-library)" "Skipping $UM_MOUNTPOINT containing rootfs" - exit + exit 1 elif [ "$UM_DEV" == "$BOOT_DEV" ]; then logger -t "usb_lib (70-usb-library)" "Skipping $UM_MOUNTPOINT containing /boot" - exit + exit 1 elif [ "$UM_DEV" == "$BOOTFW_DEV" ]; then logger -t "usb_lib (70-usb-library)" "Skipping $UM_MOUNTPOINT containing /boot/firmware" - exit + exit 1 fi # 2025-01-25: Check for existence of folder PUBLIC on USB stick: if found, the stick will not be completely browsable. @@ -55,9 +55,13 @@ else fi CONTENT_LINK_USB=$(basename $UM_MOUNTPOINT | awk '{print toupper($0)}') +if [ -z "$CONTENT_LINK_USB" ]; then + logger -t "usb_lib (70-usb-library)" "ERROR: Var CONTENT_LINK_USB is empty ("rm -rf /library/www/html/local_content/" might be dangerous!)" + exit 1 +fi CONTENT_LINK="{{ doc_root }}/local_content/$CONTENT_LINK_USB" -logger -t "usb_lib (70-usb-library)" "Creating link from $CONTENT_LINK to $SHARE_DIR" # 'rm -rf' even stronger than 'ln -nsf' and 'ln -Tsf' # https://serverfault.com/questions/147787/how-to-update-a-symbolic-link-target-ln-f-s-not-working/522483#522483 +logger -t "usb_lib (70-usb-library)" "Creating link from $CONTENT_LINK to $SHARE_DIR" rm -rf $CONTENT_LINK ln -s $SHARE_DIR $CONTENT_LINK From 1ec743a65428cd307b0fb951e5525b5d2a805cee Mon Sep 17 00:00:00 2001 From: A Holt Date: Tue, 11 Feb 2025 10:42:05 -0500 Subject: [PATCH 122/148] 70-usb-library.j2: Fix logger string quotation marks --- roles/usb_lib/templates/mount.d/70-usb-library.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/usb_lib/templates/mount.d/70-usb-library.j2 b/roles/usb_lib/templates/mount.d/70-usb-library.j2 index 89dfea840..8263bde1f 100644 --- a/roles/usb_lib/templates/mount.d/70-usb-library.j2 +++ b/roles/usb_lib/templates/mount.d/70-usb-library.j2 @@ -56,7 +56,7 @@ fi CONTENT_LINK_USB=$(basename $UM_MOUNTPOINT | awk '{print toupper($0)}') if [ -z "$CONTENT_LINK_USB" ]; then - logger -t "usb_lib (70-usb-library)" "ERROR: Var CONTENT_LINK_USB is empty ("rm -rf /library/www/html/local_content/" might be dangerous!)" + logger -t "usb_lib (70-usb-library)" 'ERROR: Var CONTENT_LINK_USB is empty ("rm -rf /library/www/html/local_content/" would be dangerous!)' exit 1 fi CONTENT_LINK="{{ doc_root }}/local_content/$CONTENT_LINK_USB" From 9bc2006ba3ea40dead77090d40808dc680474447 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Tue, 11 Feb 2025 16:25:06 -0600 Subject: [PATCH 123/148] exclude usb based device that host usbbooted filesytems --- roles/usb_lib/files/usbmount/usbmount | 39 ++++++++++++++++++++------- 1 file changed, 29 insertions(+), 10 deletions(-) diff --git a/roles/usb_lib/files/usbmount/usbmount b/roles/usb_lib/files/usbmount/usbmount index 7541b5335..284069a19 100644 --- a/roles/usb_lib/files/usbmount/usbmount +++ b/roles/usb_lib/files/usbmount/usbmount @@ -96,22 +96,41 @@ if [ "$1" = add ]; then USAGE=$(echo "$DEVINFO" | sed 's/.*[[:blank:]]USAGE="\([^"]*\)".*/\1/g; s/[[:blank:]]*//g;') if ! echo $USAGE | egrep -q "(filesystem|disklabel)"; then - log info "$DEVNAME does not contain a filesystem or disklabel" + log info "/$DEVNAME does not contain a filesystem or disklabel" exit fi - # Try to use specifications in /etc/fstab first. + log debug "DEVNAME /$DEVNAME" + BOOTFW_DEV=$(/usr/bin/findmnt -no source /boot/firmware) + log debug "BOOTFW_DEV $BOOTFW_DEV" + if [ $BOOTFW_DEV = /$DEVNAME ]; then + log debug "/$DEVNAME contains filesystem type $FSTYPE" + log debug "skipping BOOTFS_DEV $BOOTFS_DEV mounted at /boot/firmware" + exit + fi + ROOT_DEV=$(/usr/bin/findmnt -no source /) + log debug "ROOT_DEV $ROOT_DEV" + if [ $ROOT_DEV = /$DEVNAME ]; then + log debug "/$DEVNAME contains filesystem type $FSTYPE" + log debug "skipping ROOT_DEV $ROOT_DEV mounted at /" + exit + fi + BOOT_DEV=$(/usr/bin/findmnt -no source /boot) + log debug "BOOT_DEV $BOOT_DEV" + if [ $BOOT_DEV = /$DEVNAME ]; then + log debug "skipping BOOTFS_DEV $BOOT_DEV mount as /boot" + exit + fi + + # Try to use specifications in /etc/fstab to skip. if egrep -q "^[[:blank:]]*$DEVNAME" /etc/fstab; then - log info "executing command: mount $DEVNAME" - mount $DEVNAME || log err "mount by DEVNAME with $DEVNAME wasn't successful; return code $?" - + log debug "skipping /$DEVNAME exit" + exit elif grep -q "^[[:blank:]]*UUID=$UUID" /etc/fstab; then - log info "executing command: mount -U $UUID" - mount -U $UUID || log err "mount by UUID with $UUID wasn't successful; return code $?" - + log debug "skipping $UUID" + exit else - log debug "$DEVNAME contains filesystem type $FSTYPE" - + log debug "/$DEVNAME contains filesystem type $FSTYPE" fstype=$FSTYPE # Test if the filesystem type is in the list of filesystem # types to mount. From fda19ad7f95a25acb8d369e39a4c1ed742422a7b Mon Sep 17 00:00:00 2001 From: root Date: Wed, 12 Feb 2025 02:18:16 -0500 Subject: [PATCH 124/148] upload2usb/header.php: update swing logo to point to /usb/ instead of /upload2usb/ --- roles/usb_lib/files/upload2usb/header.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/usb_lib/files/upload2usb/header.php b/roles/usb_lib/files/upload2usb/header.php index fc8218800..ef75c2c01 100644 --- a/roles/usb_lib/files/upload2usb/header.php +++ b/roles/usb_lib/files/upload2usb/header.php @@ -28,5 +28,5 @@ include("upload2usb.php");
- +

From 759126414edeb21a6cd0445f1d5d3237db1efffe Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Wed, 12 Feb 2025 10:26:21 -0600 Subject: [PATCH 125/148] #set -e, lockfile-remove, typo, missing debug line --- roles/usb_lib/files/usbmount/usbmount | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/roles/usb_lib/files/usbmount/usbmount b/roles/usb_lib/files/usbmount/usbmount index 284069a19..3a4e26c29 100644 --- a/roles/usb_lib/files/usbmount/usbmount +++ b/roles/usb_lib/files/usbmount/usbmount @@ -15,7 +15,7 @@ # PARTICULAR PURPOSE. # https://github.com/iiab/iiab/blob/master/roles/usb_lib/files/usbmount/copyright # https://github.com/rbrito/usbmount/blob/master/debian/copyright -set -e +#set -e exec > /dev/null 2>&1 ###################################################################### @@ -106,6 +106,7 @@ if [ "$1" = add ]; then if [ $BOOTFW_DEV = /$DEVNAME ]; then log debug "/$DEVNAME contains filesystem type $FSTYPE" log debug "skipping BOOTFS_DEV $BOOTFS_DEV mounted at /boot/firmware" + lockfile-remove /var/run/usbmount/.mount exit fi ROOT_DEV=$(/usr/bin/findmnt -no source /) @@ -113,12 +114,15 @@ if [ "$1" = add ]; then if [ $ROOT_DEV = /$DEVNAME ]; then log debug "/$DEVNAME contains filesystem type $FSTYPE" log debug "skipping ROOT_DEV $ROOT_DEV mounted at /" + lockfile-remove /var/run/usbmount/.mount exit fi BOOT_DEV=$(/usr/bin/findmnt -no source /boot) log debug "BOOT_DEV $BOOT_DEV" if [ $BOOT_DEV = /$DEVNAME ]; then - log debug "skipping BOOTFS_DEV $BOOT_DEV mount as /boot" + log debug "/$DEVNAME contains filesystem type $FSTYPE" + log debug "skipping BOOT_DEV $BOOT_DEV mount as /boot" + lockfile-remove /var/run/usbmount/.mount exit fi From 9a95a046c4bd16c88ea29b092e49917d120cc95e Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Wed, 12 Feb 2025 10:36:22 -0600 Subject: [PATCH 126/148] lockfile-remove for fstab check --- roles/usb_lib/files/usbmount/usbmount | 2 ++ 1 file changed, 2 insertions(+) diff --git a/roles/usb_lib/files/usbmount/usbmount b/roles/usb_lib/files/usbmount/usbmount index 3a4e26c29..939a76c45 100644 --- a/roles/usb_lib/files/usbmount/usbmount +++ b/roles/usb_lib/files/usbmount/usbmount @@ -129,9 +129,11 @@ if [ "$1" = add ]; then # Try to use specifications in /etc/fstab to skip. if egrep -q "^[[:blank:]]*$DEVNAME" /etc/fstab; then log debug "skipping /$DEVNAME exit" + lockfile-remove /var/run/usbmount/.mount exit elif grep -q "^[[:blank:]]*UUID=$UUID" /etc/fstab; then log debug "skipping $UUID" + lockfile-remove /var/run/usbmount/.mount exit else log debug "/$DEVNAME contains filesystem type $FSTYPE" From 52da42c14638e2ab2816a6af958e0f7bf981cb31 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Wed, 12 Feb 2025 11:19:54 -0600 Subject: [PATCH 127/148] touchups and ordering --- roles/usb_lib/files/usbmount/usbmount | 36 ++++++++++++--------------- 1 file changed, 16 insertions(+), 20 deletions(-) diff --git a/roles/usb_lib/files/usbmount/usbmount b/roles/usb_lib/files/usbmount/usbmount index 939a76c45..08b9e81c3 100644 --- a/roles/usb_lib/files/usbmount/usbmount +++ b/roles/usb_lib/files/usbmount/usbmount @@ -96,34 +96,30 @@ if [ "$1" = add ]; then USAGE=$(echo "$DEVINFO" | sed 's/.*[[:blank:]]USAGE="\([^"]*\)".*/\1/g; s/[[:blank:]]*//g;') if ! echo $USAGE | egrep -q "(filesystem|disklabel)"; then - log info "/$DEVNAME does not contain a filesystem or disklabel" + log debug "/$DEVNAME does not contain a filesystem or disklabel" exit fi - log debug "DEVNAME /$DEVNAME" + log debug "/$DEVNAME contains filesystem type $FSTYPE" BOOTFW_DEV=$(/usr/bin/findmnt -no source /boot/firmware) log debug "BOOTFW_DEV $BOOTFW_DEV" - if [ $BOOTFW_DEV = /$DEVNAME ]; then - log debug "/$DEVNAME contains filesystem type $FSTYPE" - log debug "skipping BOOTFS_DEV $BOOTFS_DEV mounted at /boot/firmware" - lockfile-remove /var/run/usbmount/.mount - exit - fi ROOT_DEV=$(/usr/bin/findmnt -no source /) log debug "ROOT_DEV $ROOT_DEV" - if [ $ROOT_DEV = /$DEVNAME ]; then - log debug "/$DEVNAME contains filesystem type $FSTYPE" - log debug "skipping ROOT_DEV $ROOT_DEV mounted at /" - lockfile-remove /var/run/usbmount/.mount - exit - fi BOOT_DEV=$(/usr/bin/findmnt -no source /boot) log debug "BOOT_DEV $BOOT_DEV" - if [ $BOOT_DEV = /$DEVNAME ]; then - log debug "/$DEVNAME contains filesystem type $FSTYPE" - log debug "skipping BOOT_DEV $BOOT_DEV mount as /boot" - lockfile-remove /var/run/usbmount/.mount - exit + + if [ $BOOTFW_DEV = /$DEVNAME ]; then + log debug "skipping BOOTFS_DEV $BOOTFS_DEV mounted at /boot/firmware" + lockfile-remove /var/run/usbmount/.mount + exit + elif [ $ROOT_DEV = /$DEVNAME ]; then + log debug "skipping ROOT_DEV $ROOT_DEV mounted at /" + lockfile-remove /var/run/usbmount/.mount + exit + elif [ $BOOT_DEV = /$DEVNAME ]; then + log debug "skipping BOOT_DEV $BOOT_DEV mount as /boot" + lockfile-remove /var/run/usbmount/.mount + exit fi # Try to use specifications in /etc/fstab to skip. @@ -145,7 +141,7 @@ if [ "$1" = add ]; then for v in $MOUNTPOINTS; do if [ -d "$v" ] && ! grep -q "^[^ ][^ ]* *$v " /proc/mounts; then mountpoint="$v" - log debug "mountpoint $mountpoint is available for $DEVNAME" + log debug "mountpoint $mountpoint is available for /$DEVNAME" break fi done From bd8c131ef667fd7e9c8eec674ad051872862c328 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Wed, 12 Feb 2025 11:45:04 -0600 Subject: [PATCH 128/148] clearer dependencies --- roles/usb_lib/tasks/install.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/usb_lib/tasks/install.yml b/roles/usb_lib/tasks/install.yml index 35f533652..660df7eb2 100644 --- a/roles/usb_lib/tasks/install.yml +++ b/roles/usb_lib/tasks/install.yml @@ -53,7 +53,7 @@ # deb: "{{ iiab_download_url }}/usbmount_0.0.22_all.deb" # # when: is_debian -- name: Install lockfile-progs and util-linux for usbmount from OS repo +- name: Install lockfile-progs and util-linux (findmnt blkid) for usbmount from OS repo package: name: - lockfile-progs From ebceb4a6ac970c00a22a2a4255e927695f158f52 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Wed, 12 Feb 2025 13:28:05 -0600 Subject: [PATCH 129/148] upload2usb.php add 'grep media' to device filter --- roles/usb_lib/files/upload2usb/upload2usb.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/usb_lib/files/upload2usb/upload2usb.php b/roles/usb_lib/files/upload2usb/upload2usb.php index 38b5e0c86..643a46ed4 100644 --- a/roles/usb_lib/files/upload2usb/upload2usb.php +++ b/roles/usb_lib/files/upload2usb/upload2usb.php @@ -18,7 +18,7 @@ function getTargetUSBDriveLocation () { // lsblk --output NAME,TRAN,RM,MOUNTPOINT --pairs |grep RM=\"1\" | grep -v MOUNTPOINT=\"\" | cut -d " " -f 4 | cut -d "=" -f 2 # error if 1<>usb sticks are installed - $rmv_usb_path_count = shell_exec('lsblk --output NAME,TRAN,RM,MOUNTPOINT --pairs |grep RM=\"1\" | grep -v MOUNTPOINT=\"\" | cut -d " " -f 4 | wc -l'); + $rmv_usb_path_count = shell_exec('lsblk --output NAME,TRAN,RM,MOUNTPOINT --pairs |grep RM=\"1\" | grep -v MOUNTPOINT=\"\" | cut -d " " -f 4 | grep media | wc -l'); if ($rmv_usb_path_count == 0) { throw new RuntimeException('0 USB sticks found.

'); } elseif ($rmv_usb_path_count > 1) { From a96b46c22320876021ec336efb991f3c91576304 Mon Sep 17 00:00:00 2001 From: root Date: Thu, 13 Feb 2025 15:50:02 -0500 Subject: [PATCH 130/148] upload2usb/upload2usb.php: using existence of /media to determine if a USB stick is mounted or not for both count and upload location; changing tabs to spaces for the whole file --- roles/usb_lib/files/upload2usb/upload2usb.php | 91 +++++++++---------- 1 file changed, 44 insertions(+), 47 deletions(-) diff --git a/roles/usb_lib/files/upload2usb/upload2usb.php b/roles/usb_lib/files/upload2usb/upload2usb.php index 643a46ed4..555a40f5a 100644 --- a/roles/usb_lib/files/upload2usb/upload2usb.php +++ b/roles/usb_lib/files/upload2usb/upload2usb.php @@ -10,27 +10,25 @@ set_exception_handler(function (Throwable $exception) { include ("error.php"); }); - //return the first removable USB drive location function getTargetUSBDriveLocation () { - // Get the first removal USB drive using - // lsblk --output NAME,TRAN,RM,MOUNTPOINT --pairs |grep RM=\"1\" | grep -v MOUNTPOINT=\"\" |grep -oP '[^/]MOUNTPOINT="\K[^"]*' -m 1 - // lsblk --output NAME,TRAN,RM,MOUNTPOINT --pairs |grep RM=\"1\" | grep -v MOUNTPOINT=\"\" | cut -d " " -f 4 | cut -d "=" -f 2 + // Get the count of storage mounted at /media, and error if there is <>1 otherwise return upload path - # error if 1<>usb sticks are installed - $rmv_usb_path_count = shell_exec('lsblk --output NAME,TRAN,RM,MOUNTPOINT --pairs |grep RM=\"1\" | grep -v MOUNTPOINT=\"\" | cut -d " " -f 4 | grep media | wc -l'); - if ($rmv_usb_path_count == 0) { - throw new RuntimeException('0 USB sticks found.

'); - } elseif ($rmv_usb_path_count > 1) { - throw new RuntimeException('More than 1 USB sticks installed.

'); - } + # error if 1<>usb sticks are installed + $rmv_usb_path_count = shell_exec('lsblk --output NAME,TRAN,RM,MOUNTPOINT --pairs | cut -d " " -f 4 | grep "^MOUNTPOINT=\"/media" | wc -l'); - $rmv_usb_path = trim(str_replace('"', '', shell_exec('lsblk --output NAME,TRAN,RM,MOUNTPOINT --pairs |grep RM=\"1\" | grep -v MOUNTPOINT=\"\" | cut -d " " -f 4 | cut -d "=" -f 2'))); + if ($rmv_usb_path_count == 0) { + throw new RuntimeException('0 USB sticks found.

'); + } elseif ($rmv_usb_path_count > 1) { + throw new RuntimeException('More than 1 USB sticks installed.

'); + } + + $rmv_usb_path = trim(str_replace('"', '', shell_exec('lsblk --output NAME,TRAN,RM,MOUNTPOINT --pairs | cut -d " " -f 4 | grep "^MOUNTPOINT=\"/media" | cut -d "=" -f 2'))); if (empty($rmv_usb_path)) { - throw new RuntimeException('Not able to find USB stick.

'); + throw new RuntimeException('Not able to find USB stick.

'); } else { - return $rmv_usb_path . "/"; + return $rmv_usb_path . "/"; } } @@ -42,55 +40,55 @@ function getTargetFolderPath ($create_folder_p) { $target_folder_path = $parent_dir . $today_folder_name; if (!file_exists($target_folder_path) && $create_folder_p) { - mkdir($target_folder_path, 0777) or throw new RuntimeException("Not able to create upload directory.
Make sure 'usb_lib_writable_sticks' is set to 'True'.

"); - } - return $target_folder_path; + mkdir($target_folder_path, 0777) or throw new RuntimeException("Not able to create upload directory.
Make sure 'usb_lib_writable_sticks' is set to 'True'.

"); + } + return $target_folder_path; } //return number of files within a specified folder function getFileCount ($folder_path) { - return count(glob($folder_path . "/*")); + return count(glob($folder_path . "/*")); } //check if file mimetype is acceptable for upload function isFileMimeTypeAcceptable ($file) { - $mimetype = strtolower(mime_content_type($file)); - $invalid_mimetypes_str = array ("compress", "image/svg+xml", "octet", "text/xml", "xhtml+xml"); - foreach ($invalid_mimetypes_str as $invalid_mt_str) { - if (str_contains($mimetype, $invalid_mt_str)) { - error_log('UPLOAD2USB ERROR - MIMETYPE: ' . $mimetype); - return false; - } - } - return true; + $mimetype = strtolower(mime_content_type($file)); + $invalid_mimetypes_str = array ("compress", "image/svg+xml", "octet", "text/xml", "xhtml+xml"); + foreach ($invalid_mimetypes_str as $invalid_mt_str) { + if (str_contains($mimetype, $invalid_mt_str)) { + error_log('UPLOAD2USB ERROR - MIMETYPE: ' . $mimetype); + return false; + } + } + return true; } //check file content to see if it's unique or not function isFileContentUnique ($target_folder_path, $file) { - $file_to_upload_md5 = md5_file($file); - $usb_dir = array_diff(scandir($target_folder_path), array('..', '.')); - foreach ($usb_dir as $dir_file) { - $dir_file = $target_folder_path . "/" . $dir_file; + $file_to_upload_md5 = md5_file($file); + $usb_dir = array_diff(scandir($target_folder_path), array('..', '.')); + foreach ($usb_dir as $dir_file) { + $dir_file = $target_folder_path . "/" . $dir_file; - if (!is_dir($dir_file)) { - $dir_file_md5 = md5_file($dir_file); - if ($file_to_upload_md5 == $dir_file_md5) { - return false; - } - } - } - return true; + if (!is_dir($dir_file)) { + $dir_file_md5 = md5_file($dir_file); + if ($file_to_upload_md5 == $dir_file_md5) { + return false; + } + } + } + return true; } //return unique filename function getUniqueFileName ($target_folder_path, $filename) { - $new_filename = $filename; - $counter = 1; - while (file_exists($target_folder_path . "/" . $new_filename)) { - $counter++; - $new_filename = pathinfo($filename,8) . '-'. $counter . "." . pathinfo($filename,4); - } - return $new_filename; + $new_filename = $filename; + $counter = 1; + while (file_exists($target_folder_path . "/" . $new_filename)) { + $counter++; + $new_filename = pathinfo($filename,8) . '-'. $counter . "." . pathinfo($filename,4); + } + return $new_filename; } // Check file size - we are not going to check file size for now. @@ -100,5 +98,4 @@ function getUniqueFileName ($target_folder_path, $filename) { // } - ?> From fe6516b2e953682b59a2c7bb0940b0ebff8bc44a Mon Sep 17 00:00:00 2001 From: avni Date: Fri, 14 Feb 2025 15:56:09 -0500 Subject: [PATCH 131/148] Add lockfile removal before exit in usbmount script per Jerry's recommendation. Add lockfile removal before exit in usbmount script per Jerry's recommendation. Also adjusted spacing! Read up on file locking a bit: - https://www.baeldung.com/linux/file-locking - https://linux.die.net/man/1/lockfile-create --- roles/usb_lib/files/usbmount/usbmount | 175 +++++++++++++------------- 1 file changed, 88 insertions(+), 87 deletions(-) diff --git a/roles/usb_lib/files/usbmount/usbmount b/roles/usb_lib/files/usbmount/usbmount index 08b9e81c3..8104564e7 100644 --- a/roles/usb_lib/files/usbmount/usbmount +++ b/roles/usb_lib/files/usbmount/usbmount @@ -96,8 +96,9 @@ if [ "$1" = add ]; then USAGE=$(echo "$DEVINFO" | sed 's/.*[[:blank:]]USAGE="\([^"]*\)".*/\1/g; s/[[:blank:]]*//g;') if ! echo $USAGE | egrep -q "(filesystem|disklabel)"; then - log debug "/$DEVNAME does not contain a filesystem or disklabel" - exit + log debug "/$DEVNAME does not contain a filesystem or disklabel" + lockfile-remove /var/run/usbmount/.mount + exit fi log debug "/$DEVNAME contains filesystem type $FSTYPE" @@ -109,7 +110,7 @@ if [ "$1" = add ]; then log debug "BOOT_DEV $BOOT_DEV" if [ $BOOTFW_DEV = /$DEVNAME ]; then - log debug "skipping BOOTFS_DEV $BOOTFS_DEV mounted at /boot/firmware" + log debug "skipping BOOTFS_DEV $BOOTFS_DEV mounted at /boot/firmware" lockfile-remove /var/run/usbmount/.mount exit elif [ $ROOT_DEV = /$DEVNAME ]; then @@ -124,107 +125,107 @@ if [ "$1" = add ]; then # Try to use specifications in /etc/fstab to skip. if egrep -q "^[[:blank:]]*$DEVNAME" /etc/fstab; then - log debug "skipping /$DEVNAME exit" - lockfile-remove /var/run/usbmount/.mount - exit + log debug "skipping /$DEVNAME exit" + lockfile-remove /var/run/usbmount/.mount + exit elif grep -q "^[[:blank:]]*UUID=$UUID" /etc/fstab; then - log debug "skipping $UUID" - lockfile-remove /var/run/usbmount/.mount + log debug "skipping $UUID" + lockfile-remove /var/run/usbmount/.mount exit else - log debug "/$DEVNAME contains filesystem type $FSTYPE" - fstype=$FSTYPE - # Test if the filesystem type is in the list of filesystem - # types to mount. - if in_list "$fstype" "$FILESYSTEMS"; then - # Search an available mountpoint. - for v in $MOUNTPOINTS; do - if [ -d "$v" ] && ! grep -q "^[^ ][^ ]* *$v " /proc/mounts; then - mountpoint="$v" - log debug "mountpoint $mountpoint is available for /$DEVNAME" - break - fi - done - if [ -n "$mountpoint" ]; then - # Determine mount options. - options= - for v in $FS_MOUNTOPTIONS; do - if expr "$v" : "-fstype=$fstype,."; then - options="$(echo "$v" | sed 's/^[^,]*,//')" - break - fi - done - if [ -n "$MOUNTOPTIONS" ]; then - options="$MOUNTOPTIONS${options:+,$options}" - fi + log debug "/$DEVNAME contains filesystem type $FSTYPE" + fstype=$FSTYPE + # Test if the filesystem type is in the list of filesystem + # types to mount. + if in_list "$fstype" "$FILESYSTEMS"; then + # Search an available mountpoint. + for v in $MOUNTPOINTS; do + if [ -d "$v" ] && ! grep -q "^[^ ][^ ]* *$v " /proc/mounts; then + mountpoint="$v" + log debug "mountpoint $mountpoint is available for /$DEVNAME" + break + fi + done + if [ -n "$mountpoint" ]; then + # Determine mount options. + options= + for v in $FS_MOUNTOPTIONS; do + if expr "$v" : "-fstype=$fstype,."; then + options="$(echo "$v" | sed 's/^[^,]*,//')" + break + fi + done + if [ -n "$MOUNTOPTIONS" ]; then + options="$MOUNTOPTIONS${options:+,$options}" + fi - # Mount the filesystem. - log info "executing command: mount -t$fstype ${options:+-o$options} $DEVNAME $mountpoint" - mount "-t$fstype" "${options:+-o$options}" "$DEVNAME" "$mountpoint" + # Mount the filesystem. + log info "executing command: mount -t$fstype ${options:+-o$options} $DEVNAME $mountpoint" + mount "-t$fstype" "${options:+-o$options}" "$DEVNAME" "$mountpoint" - # Determine vendor and model. - vendor= - if [ -r "/sys$DEVPATH/device/vendor" ]; then - vendor="`cat \"/sys$DEVPATH/device/vendor\"`" - elif [ -r "/sys$DEVPATH/../device/vendor" ]; then - vendor="`cat \"/sys$DEVPATH/../device/vendor\"`" - elif [ -r "/sys$DEVPATH/device/../manufacturer" ]; then - vendor="`cat \"/sys$DEVPATH/device/../manufacturer\"`" - elif [ -r "/sys$DEVPATH/../device/../manufacturer" ]; then - vendor="`cat \"/sys$DEVPATH/../device/../manufacturer\"`" - fi - vendor="$(echo "$vendor" | sed 's/^[[:blank:]]\+//; s/[[:blank:]]\+$//')" + # Determine vendor and model. + vendor= + if [ -r "/sys$DEVPATH/device/vendor" ]; then + vendor="`cat \"/sys$DEVPATH/device/vendor\"`" + elif [ -r "/sys$DEVPATH/../device/vendor" ]; then + vendor="`cat \"/sys$DEVPATH/../device/vendor\"`" + elif [ -r "/sys$DEVPATH/device/../manufacturer" ]; then + vendor="`cat \"/sys$DEVPATH/device/../manufacturer\"`" + elif [ -r "/sys$DEVPATH/../device/../manufacturer" ]; then + vendor="`cat \"/sys$DEVPATH/../device/../manufacturer\"`" + fi + vendor="$(echo "$vendor" | sed 's/^[[:blank:]]\+//; s/[[:blank:]]\+$//')" - model= - if [ -r "/sys$DEVPATH/device/model" ]; then - model="`cat \"/sys$DEVPATH/device/model\"`" - elif [ -r "/sys$DEVPATH/../device/model" ]; then - model="`cat \"/sys$DEVPATH/../device/model\"`" - elif [ -r "/sys$DEVPATH/device/../product" ]; then - model="`cat \"/sys$DEVPATH/device/../product\"`" - elif [ -r "/sys$DEVPATH/../device/../product" ]; then - model="`cat \"/sys$DEVPATH/../device/../product\"`" - fi - model="$(echo "$model" | sed 's/^[[:blank:]]\+//; s/[[:blank:]]\+$//')" + model= + if [ -r "/sys$DEVPATH/device/model" ]; then + model="`cat \"/sys$DEVPATH/device/model\"`" + elif [ -r "/sys$DEVPATH/../device/model" ]; then + model="`cat \"/sys$DEVPATH/../device/model\"`" + elif [ -r "/sys$DEVPATH/device/../product" ]; then + model="`cat \"/sys$DEVPATH/device/../product\"`" + elif [ -r "/sys$DEVPATH/../device/../product" ]; then + model="`cat \"/sys$DEVPATH/../device/../product\"`" + fi + model="$(echo "$model" | sed 's/^[[:blank:]]\+//; s/[[:blank:]]\+$//')" - # Run hook scripts; ignore errors. - export UM_DEVICE="$DEVNAME" - export UM_MOUNTPOINT="$mountpoint" - export UM_FILESYSTEM="$fstype" - export UM_MOUNTOPTIONS="$options" - export UM_VENDOR="$vendor" - export UM_MODEL="$model" - log info "executing command: run-parts /etc/usbmount/mount.d" - run-parts /etc/usbmount/mount.d || : - else - # No suitable mount point found. - log warning "no mountpoint found for $DEVNAME" - exit 1 - fi + # Run hook scripts; ignore errors. + export UM_DEVICE="$DEVNAME" + export UM_MOUNTPOINT="$mountpoint" + export UM_FILESYSTEM="$fstype" + export UM_MOUNTOPTIONS="$options" + export UM_VENDOR="$vendor" + export UM_MODEL="$model" + log info "executing command: run-parts /etc/usbmount/mount.d" + run-parts /etc/usbmount/mount.d || : + else + # No suitable mount point found. + log warning "no mountpoint found for $DEVNAME" + exit 1 + fi fi - fi +fi elif [ "$1" = remove ]; then # A block or partition device has been removed. # Test if it is mounted. while read device mountpoint fstype remainder; do - if [ "$DEVNAME" = "$device" ]; then + if [ "$DEVNAME" = "$device" ]; then # If the mountpoint and filesystem type are maintained by # this script, unmount the filesystem. if in_list "$mountpoint" "$MOUNTPOINTS" && - in_list "$fstype" "$FILESYSTEMS"; then - log info "executing command: umount -l $mountpoint" - umount -l "$mountpoint" + in_list "$fstype" "$FILESYSTEMS"; then + log info "executing command: umount -l $mountpoint" + umount -l "$mountpoint" - # Run hook scripts; ignore errors. - export UM_DEVICE="$DEVNAME" - export UM_MOUNTPOINT="$mountpoint" - export UM_FILESYSTEM="$fstype" - log info "executing command: run-parts /etc/usbmount/umount.d" - run-parts /etc/usbmount/umount.d || : - fi - break - fi + # Run hook scripts; ignore errors. + export UM_DEVICE="$DEVNAME" + export UM_MOUNTPOINT="$mountpoint" + export UM_FILESYSTEM="$fstype" + log info "executing command: run-parts /etc/usbmount/umount.d" + run-parts /etc/usbmount/umount.d || : + fi + break + fi done < /proc/mounts else log err "unexpected: action '$1'" From f52b3908218f38e2b4b62d05e7ececb74c133eda Mon Sep 17 00:00:00 2001 From: root Date: Sat, 15 Feb 2025 18:36:28 +0000 Subject: [PATCH 132/148] usb_lib/tasks/main.yml: updating USB_LIB description to be more clear about the two-way information/data exchange between teachers and students --- roles/usb_lib/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/usb_lib/tasks/main.yml b/roles/usb_lib/tasks/main.yml index 4d2710874..0c4e3c1c4 100644 --- a/roles/usb_lib/tasks/main.yml +++ b/roles/usb_lib/tasks/main.yml @@ -77,7 +77,7 @@ - option: name value: USB_LIB - option: description - value: '"USB_LIB automounts Teacher Content on USB sticks to /library/www/html/local_content, so students can browse the USB AND upload their work to the USB, all at http://box/usb"' + value: '"USB_LIB (1) automounts teacher content on USB sticks to /library/www/html/local_content, so students can browse the USB; AND (2) allows students to upload their work to USB sticks / drives, all from http://box/usb"' - option: usb_lib_install value: "{{ usb_lib_install }}" - option: usb_lib_enabled From e80b912eeab2c0173f16e6f85229ccc73b4990af Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 15 Feb 2025 15:12:20 -0500 Subject: [PATCH 133/148] usb_lib/tasks/main.yml: Tiny comment update RE: iiab.conf.j2 --- roles/usb_lib/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/usb_lib/tasks/main.yml b/roles/usb_lib/tasks/main.yml index 0c4e3c1c4..ee4bd18ea 100644 --- a/roles/usb_lib/tasks/main.yml +++ b/roles/usb_lib/tasks/main.yml @@ -1,7 +1,7 @@ # TO DO: (2020-02-13) # - Look at analogous NGINX logic for http://box/usb in # nginx/templates/iiab.conf.j2 and make that visually meaningful for teachers: -# https://github.com/iiab/iiab/blob/master/roles/nginx/templates/iiab.conf.j2#L5-L8 +# https://github.com/iiab/iiab/blob/master/roles/nginx/templates/iiab.conf.j2#L5-L9 # "How do i fail a task in Ansible if the variable contains a boolean value? From 66a35ee9508925ac11bf3aa0b47ebb2a3811d165 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Sun, 16 Feb 2025 02:42:17 -0600 Subject: [PATCH 134/148] jupyterhub drop --system-site-packages --- roles/jupyterhub/tasks/install.yml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/roles/jupyterhub/tasks/install.yml b/roles/jupyterhub/tasks/install.yml index 4e23f9ccc..d4d9d99e8 100644 --- a/roles/jupyterhub/tasks/install.yml +++ b/roles/jupyterhub/tasks/install.yml @@ -51,7 +51,8 @@ - jupyterhub virtualenv: "{{ jupyterhub_venv }}" # /opt/iiab/jupyterhub virtualenv_site_packages: no - virtualenv_command: python3 -m venv --system-site-packages "{{ jupyterhub_venv }}" # 2021-07-29: This works on RasPiOS 10, Debian 11, Ubuntu 20.04 and Mint 20 -- however if you absolutely must use the older Debian 10 -- you can work around errors "can't find Rust compiler" and "This package requires Rust >=1.41.0" if you (1) revert this line to 'virtualenv_command: virtualenv' AND (2) uncomment the line just below + virtualenv_command: python3 -m venv "{{ jupyterhub_venv }}" # 2025-02-16 + #virtualenv_command: python3 -m venv --system-site-packages "{{ jupyterhub_venv }}" # 2021-07-29: This works on RasPiOS 10, Debian 11, Ubuntu 20.04 and Mint 20 -- however if you absolutely must use the older Debian 10 -- you can work around errors "can't find Rust compiler" and "This package requires Rust >=1.41.0" if you (1) revert this line to 'virtualenv_command: virtualenv' AND (2) uncomment the line just below #virtualenv_python: python3 # 2021-07-29: Was needed when above line was 'virtualenv_command: virtualenv' (generally for Python 2) extra_args: "--no-cache-dir --prefer-binary" # 2021-11-30, 2022-07-07: The "--pre" flag had earlier been needed, for beta-like pre-releases of JupyterHub 2.0.0 @@ -68,7 +69,8 @@ - ipywidgets virtualenv: "{{ jupyterhub_venv }}" virtualenv_site_packages: no - virtualenv_command: python3 -m venv --system-site-packages "{{ jupyterhub_venv }}" + virtualenv_command: python3 -m venv "{{ jupyterhub_venv }}" # 2025-02-16 + #virtualenv_command: python3 -m venv --system-site-packages "{{ jupyterhub_venv }}" extra_args: "--no-cache-dir --prefer-binary" # 2023-10-01: Lifesaver when recent wheels (e.g. piwheels.org) are inevitably not yet built! SEE #3560 - name: "Install from template: {{ jupyterhub_venv }}/etc/jupyterhub/jupyterhub_config.py" From 2ef96ad0ff6601d80d16c3da494d690e5fc2517f Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Sun, 16 Feb 2025 02:49:09 -0600 Subject: [PATCH 135/148] jupyterhub drop python3-psutil --- roles/jupyterhub/tasks/install.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/jupyterhub/tasks/install.yml b/roles/jupyterhub/tasks/install.yml index d4d9d99e8..d55fdf696 100644 --- a/roles/jupyterhub/tasks/install.yml +++ b/roles/jupyterhub/tasks/install.yml @@ -17,11 +17,11 @@ shell: df -B1 --output=used / | tail -1 register: df1 - -- name: "Install package: python3-psutil" - package: - name: python3-psutil - state: present +# 2025-02-16 +#- name: "Install package: python3-psutil" +# package: +# name: python3-psutil +# state: present - name: Remove previous virtual environment {{ jupyterhub_venv }} file: From bbdd45365d1c457f709e30bbac47f397b3f809a1 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Sun, 16 Feb 2025 12:36:27 -0600 Subject: [PATCH 136/148] update ansible.cfg for use with python3.13 --- ansible.cfg | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible.cfg b/ansible.cfg index 4030a931e..deb5328ed 100644 --- a/ansible.cfg +++ b/ansible.cfg @@ -5,4 +5,4 @@ # Disallowed by Ansible 2.11+ -- see https://docs.ansible.com/ansible/devel/porting_guides/porting_guide_2.7.html#using-a-loop-on-a-package-module-via-squash-actions #squash_actions = apk, apt, dnf, homebrew, openbsd_pkg, pacman, pkgng, yum, zypper, package [defaults] -interpreter_python=/usr/bin/python3 +interpreter_python=/usr/local/ansible/bin/python3 From f16bd2a6b5674027f9262a100a639cccc2aed5d9 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sun, 16 Feb 2025 15:02:50 -0500 Subject: [PATCH 137/148] jupyterhub/tasks/install.yml touchup: Comment out `virtualenv_site_packages: no` as tested on PR #3948 --- roles/jupyterhub/tasks/install.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/jupyterhub/tasks/install.yml b/roles/jupyterhub/tasks/install.yml index d55fdf696..b6f6c4c83 100644 --- a/roles/jupyterhub/tasks/install.yml +++ b/roles/jupyterhub/tasks/install.yml @@ -50,7 +50,7 @@ - wheel - jupyterhub virtualenv: "{{ jupyterhub_venv }}" # /opt/iiab/jupyterhub - virtualenv_site_packages: no + #virtualenv_site_packages: no virtualenv_command: python3 -m venv "{{ jupyterhub_venv }}" # 2025-02-16 #virtualenv_command: python3 -m venv --system-site-packages "{{ jupyterhub_venv }}" # 2021-07-29: This works on RasPiOS 10, Debian 11, Ubuntu 20.04 and Mint 20 -- however if you absolutely must use the older Debian 10 -- you can work around errors "can't find Rust compiler" and "This package requires Rust >=1.41.0" if you (1) revert this line to 'virtualenv_command: virtualenv' AND (2) uncomment the line just below #virtualenv_python: python3 # 2021-07-29: Was needed when above line was 'virtualenv_command: virtualenv' (generally for Python 2) @@ -68,7 +68,7 @@ - jupyterhub-systemdspawner - ipywidgets virtualenv: "{{ jupyterhub_venv }}" - virtualenv_site_packages: no + #virtualenv_site_packages: no virtualenv_command: python3 -m venv "{{ jupyterhub_venv }}" # 2025-02-16 #virtualenv_command: python3 -m venv --system-site-packages "{{ jupyterhub_venv }}" extra_args: "--no-cache-dir --prefer-binary" # 2023-10-01: Lifesaver when recent wheels (e.g. piwheels.org) are inevitably not yet built! SEE #3560 From d1dd071c814f560e5bee73784a2b45e7c893372f Mon Sep 17 00:00:00 2001 From: A Holt Date: Sun, 16 Feb 2025 22:02:54 -0500 Subject: [PATCH 138/148] jupyterhub/tasks/install.yml: Mention disk footprint is ~316 MB --- roles/jupyterhub/tasks/install.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/jupyterhub/tasks/install.yml b/roles/jupyterhub/tasks/install.yml index b6f6c4c83..57a503014 100644 --- a/roles/jupyterhub/tasks/install.yml +++ b/roles/jupyterhub/tasks/install.yml @@ -43,7 +43,7 @@ global: yes state: latest -- name: "pip install 3 packages into virtual environment: {{ jupyterhub_venv }} (~326 MB total, after 2 Ansible calls)" +- name: "pip install 3 packages into virtual environment: {{ jupyterhub_venv }} (~316 MB total, after 2 Ansible calls)" pip: name: - pip From 957a89d67ca182ce0c2660b0ce14d8aa32527a1d Mon Sep 17 00:00:00 2001 From: root Date: Mon, 17 Feb 2025 01:59:15 -0500 Subject: [PATCH 139/148] pip install {pymysql,psycopg,passlib} to Ansible venv, on demand --- roles/munin/tasks/install.yml | 10 ++++++++-- roles/mysql/tasks/install.yml | 10 ++++++++-- roles/postgresql/tasks/install.yml | 10 ++++++++-- 3 files changed, 24 insertions(+), 6 deletions(-) diff --git a/roles/munin/tasks/install.yml b/roles/munin/tasks/install.yml index 3895b7bf9..89fe254cf 100644 --- a/roles/munin/tasks/install.yml +++ b/roles/munin/tasks/install.yml @@ -9,7 +9,7 @@ name: net.ipv6.conf.all.disable_ipv6 value: 0 -- name: "Install 5 packages: libcgi-fast-perl, munin, munin-node, munin-plugins-extra, python3-passlib" +- name: "Install 4 packages: libcgi-fast-perl, munin, munin-node, munin-plugins-extra" package: name: #- libapache2-mod-fcgid @@ -17,9 +17,15 @@ - munin - munin-node - munin-plugins-extra - - python3-passlib # For Ansible module 'htpasswd' in Ansible collection community.general -- used just below + #- python3-passlib # For Ansible module 'htpasswd' in Ansible collection community.general -- used just below state: present +- name: pip install 'passlib' into venv /usr/local/ansible -- for Ansible module 'htpasswd' in Ansible collection community.general -- used just below + pip: + name: passlib + virtualenv: /usr/local/ansible + extra_args: "--upgrade --no-cache-dir --prefer-binary" # 2023-10-01: Lifesaver when recent wheels (e.g. piwheels.org) are inevitably not yet built! SEE #3560 + # SEE ALSO roles/network/tasks/install.yml - name: RESTORE net.ipv6.conf.all.disable_ipv6 to 1 in /etc/sysctl.conf for #3434 sysctl: diff --git a/roles/mysql/tasks/install.yml b/roles/mysql/tasks/install.yml index 87bcd9c1a..5bcfbb9bd 100644 --- a/roles/mysql/tasks/install.yml +++ b/roles/mysql/tasks/install.yml @@ -3,16 +3,22 @@ register: df1 -- name: 'Install MySQL packages: mariadb-server, mariadb-client, php{{ php_version }}-mysql, python3-pymysql' +- name: 'Install MySQL packages: mariadb-server, mariadb-client, php{{ php_version }}-mysql' package: name: - mariadb-server - mariadb-client #- php{{ php_version }}-common # Auto-installed as an apt dependency. REGARDLESS: php{{ php_version }}-common superset php{{ php_version }}-cli is auto-installed by php{{ php_version }}-fpm in nginx/tasks/install.yml - php{{ php_version }}-mysql # Likewise installed in nextcloud/tasks/install.yml, pbx/tasks/freepbx.yml, wordpress/tasks/install.yml - - python3-pymysql # For Ansible modules {mysql_db, mysql_user} in Ansible collection community.mysql -- used in MySQL roles {mediawiki, nextcloud, wordpress} and possibly {elgg, pbx} + #- python3-pymysql # For Ansible modules {mysql_db, mysql_user} in Ansible collection community.mysql -- used in MySQL roles {mediawiki, nextcloud, wordpress} and possibly {elgg, pbx} state: present +- name: pip install 'pymysql' into venv /usr/local/ansible -- for Ansible modules {mysql_db, mysql_user} in Ansible collection community.mysql -- used in roles {mediawiki, nextcloud, wordpress, matomo, pbx} + pip: + name: pymysql + virtualenv: /usr/local/ansible + extra_args: "--upgrade --no-cache-dir --prefer-binary" # 2023-10-01: Lifesaver when recent wheels (e.g. piwheels.org) are inevitably not yet built! SEE #3560 + # 2020-07-11: 10 PHP package installs moved to roles/www_base/tasks/main.yml # php{{ php_version }}-sqlite3 install moved to roles/osm-vector-maps/tasks/install.yml diff --git a/roles/postgresql/tasks/install.yml b/roles/postgresql/tasks/install.yml index f07cf943d..04c6c41d2 100644 --- a/roles/postgresql/tasks/install.yml +++ b/roles/postgresql/tasks/install.yml @@ -3,14 +3,20 @@ register: df1 -- name: 'Install packages: postgresql, postgresql-client, python3-psycopg2' +- name: 'Install packages: postgresql, postgresql-client' package: name: - postgresql - postgresql-client - - python3-psycopg2 # For Ansible modules {postgresql_db, postgresql_user} in Ansible collection community.postgresql -- used in moodle/tasks/install.yml + #- python3-psycopg2 # For Ansible modules {postgresql_db, postgresql_user} in Ansible collection community.postgresql -- used in moodle/tasks/install.yml state: present +- name: pip install 'psycopg' into venv /usr/local/ansible -- for Ansible modules {postgresql_db, postgresql_user} in Ansible collection community.postgresql -- used in moodle/tasks/install.yml + pip: + name: psycopg + virtualenv: /usr/local/ansible + extra_args: "--upgrade --no-cache-dir --prefer-binary" # 2023-10-01: Lifesaver when recent wheels (e.g. piwheels.org) are inevitably not yet built! SEE #3560 + - name: Run shell command "pg_config --version" to extract MAJOR version number -- strip off MINOR/PATCH version number(s) shell: pg_config --version | sed 's/^[^0-9]*//; s/[^0-9].*//' register: pg_config_version From 36e43227752d9d013a6f2a04f36dee2fe9d27ff3 Mon Sep 17 00:00:00 2001 From: A Holt Date: Mon, 17 Feb 2025 03:56:40 -0500 Subject: [PATCH 140/148] mysql/tasks/install.yml: Respect original typography 'PyMySQL' --- roles/mysql/tasks/install.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/mysql/tasks/install.yml b/roles/mysql/tasks/install.yml index 5bcfbb9bd..1b8a04388 100644 --- a/roles/mysql/tasks/install.yml +++ b/roles/mysql/tasks/install.yml @@ -13,9 +13,9 @@ #- python3-pymysql # For Ansible modules {mysql_db, mysql_user} in Ansible collection community.mysql -- used in MySQL roles {mediawiki, nextcloud, wordpress} and possibly {elgg, pbx} state: present -- name: pip install 'pymysql' into venv /usr/local/ansible -- for Ansible modules {mysql_db, mysql_user} in Ansible collection community.mysql -- used in roles {mediawiki, nextcloud, wordpress, matomo, pbx} +- name: pip install 'PyMySQL' into venv /usr/local/ansible -- for Ansible modules {mysql_db, mysql_user} in Ansible collection community.mysql -- used in roles {mediawiki, nextcloud, wordpress, matomo, pbx} pip: - name: pymysql + name: PyMySQL virtualenv: /usr/local/ansible extra_args: "--upgrade --no-cache-dir --prefer-binary" # 2023-10-01: Lifesaver when recent wheels (e.g. piwheels.org) are inevitably not yet built! SEE #3560 From 96324233d8b33afcf03ef93b219d755472113f29 Mon Sep 17 00:00:00 2001 From: A Holt Date: Mon, 17 Feb 2025 04:21:44 -0500 Subject: [PATCH 141/148] Clarify PR #3950: 'pip install psycopg' is NEW "Psycopg 3" for PostgreSQL --- roles/postgresql/tasks/install.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/postgresql/tasks/install.yml b/roles/postgresql/tasks/install.yml index 04c6c41d2..ce14600c5 100644 --- a/roles/postgresql/tasks/install.yml +++ b/roles/postgresql/tasks/install.yml @@ -11,7 +11,7 @@ #- python3-psycopg2 # For Ansible modules {postgresql_db, postgresql_user} in Ansible collection community.postgresql -- used in moodle/tasks/install.yml state: present -- name: pip install 'psycopg' into venv /usr/local/ansible -- for Ansible modules {postgresql_db, postgresql_user} in Ansible collection community.postgresql -- used in moodle/tasks/install.yml +- name: pip install 'psycopg' (NEW Psycopg 3) into venv /usr/local/ansible -- for Ansible modules {postgresql_db, postgresql_user} in Ansible collection community.postgresql -- used in moodle/tasks/install.yml pip: name: psycopg virtualenv: /usr/local/ansible From 1308fb86708c00b4f7ac49c24e8cd1f515dfc4dd Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 19 Feb 2025 15:21:00 -0500 Subject: [PATCH 142/148] Update Nextcloud 30.0.6 disk footprint sizes --- roles/nextcloud/tasks/install.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/nextcloud/tasks/install.yml b/roles/nextcloud/tasks/install.yml index d0588aac9..2fae98551 100644 --- a/roles/nextcloud/tasks/install.yml +++ b/roles/nextcloud/tasks/install.yml @@ -131,7 +131,7 @@ # nextcloud_dl_url: https://download.nextcloud.com/server/releases/latest-25.tar.bz2 # when: php_version is version('8.0', '<') -- name: Unarchive {{ nextcloud_dl_url }} (~180 MB) to {{ nextcloud_root_dir }} (~687 MB initially, sometimes ~721 MB later, {{ apache_user }}:{{ apache_user }}) +- name: Unarchive {{ nextcloud_dl_url }} (~183 MB) to {{ nextcloud_root_dir }} (~707 MB initially, sometimes ~741 MB later, {{ apache_user }}:{{ apache_user }}) unarchive: remote_src: yes # Overwrite even if "already exists on the target" src: "{{ nextcloud_dl_url }}" From 6d5fcdbcc288c68da89821441253393f869ed0aa Mon Sep 17 00:00:00 2001 From: A Holt Date: Mon, 24 Feb 2025 18:25:07 -0600 Subject: [PATCH 143/148] Recommend ansible-core 2.18.3 --- scripts/ansible | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/ansible b/scripts/ansible index c5ab3e074..22c8cbacd 100755 --- a/scripts/ansible +++ b/scripts/ansible @@ -7,8 +7,8 @@ # https://github.com/iiab/iiab/wiki/Technical-Contributors-Guide#female_detective-understanding-ansible APT_PATH=/usr/bin # Avoids problematic /usr/local/bin/apt on Linux Mint -CURR_VER=undefined # Ansible version you have installed, e.g. [core 2.18.2] -GOOD_VER=2.18.2 # Orig for 'yum install [rpm]' & XO laptops (pip install) +CURR_VER=undefined # Ansible version you have installed, e.g. [core 2.18.3] +GOOD_VER=2.18.3 # Orig for 'yum install [rpm]' & XO laptops (pip install) # 2021-06-22: The apt approach (with PPA source in /etc/apt/sources.list.d/ and # .gpg key etc) are commented out with ### below. Associated guidance/comments From 89b1487dc2849dd70fd01e7bf68067a4c777e5e7 Mon Sep 17 00:00:00 2001 From: A Holt Date: Thu, 27 Feb 2025 15:40:39 -0500 Subject: [PATCH 144/148] Update Nextcloud 31.0.0 disk footprint sizes --- roles/nextcloud/tasks/install.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/nextcloud/tasks/install.yml b/roles/nextcloud/tasks/install.yml index 2fae98551..37429ea0e 100644 --- a/roles/nextcloud/tasks/install.yml +++ b/roles/nextcloud/tasks/install.yml @@ -131,7 +131,7 @@ # nextcloud_dl_url: https://download.nextcloud.com/server/releases/latest-25.tar.bz2 # when: php_version is version('8.0', '<') -- name: Unarchive {{ nextcloud_dl_url }} (~183 MB) to {{ nextcloud_root_dir }} (~707 MB initially, sometimes ~741 MB later, {{ apache_user }}:{{ apache_user }}) +- name: Unarchive {{ nextcloud_dl_url }} (~216 MB) to {{ nextcloud_root_dir }} (~844 MB initially, sometimes ~878 MB later, {{ apache_user }}:{{ apache_user }}) unarchive: remote_src: yes # Overwrite even if "already exists on the target" src: "{{ nextcloud_dl_url }}" From 2461a8fde39fcf4d399f40c6ef342d34d0ceb6c4 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 1 Mar 2025 11:41:34 -0500 Subject: [PATCH 145/148] iiab-diagnostics: Also record /etc/locale.conf --- scripts/iiab-diagnostics | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/scripts/iiab-diagnostics b/scripts/iiab-diagnostics index 51a7d6797..383f714e9 100755 --- a/scripts/iiab-diagnostics +++ b/scripts/iiab-diagnostics @@ -173,7 +173,8 @@ echo -e "\n\n\n2. REGULAR FILES ETC\n" >> $outfile #cat_file /tmp/empty-file # Empty file test #cat_file /usr/bin/iiab-support-on # Symlink test cat_file /.iiab-image -cat_file /etc/default/locale +cat_file /etc/default/locale 'e.g. on Debian 12' +cat_file /etc/locale.conf 'e.g. on Debian 13' cat_cmd 'localectl' 'Locale settings' cat_cmd 'locale -a' 'Available locales' cat_file /etc/iiab/iiab.env From ac12c6db0b2da14247bde6d2859a4ca6347b73d0 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 1 Mar 2025 11:42:37 -0500 Subject: [PATCH 146/148] iiab-diagnostics.README.md: Update line number --- scripts/iiab-diagnostics.README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/iiab-diagnostics.README.md b/scripts/iiab-diagnostics.README.md index d11c13720..7c064b757 100644 --- a/scripts/iiab-diagnostics.README.md +++ b/scripts/iiab-diagnostics.README.md @@ -66,4 +66,4 @@ But first off, the file is compiled by harvesting 1 + 6 kinds of things: ## Source Code -Please look over the bottom of [iiab-diagnostics](iiab-diagnostics) (lines 135-272 especially) to learn more about which common IIAB files and commands make this rapid troubleshooting possible. +Please look over the bottom of [iiab-diagnostics](iiab-diagnostics) (lines 135-273 especially) to learn more about which common IIAB files and commands make this rapid troubleshooting possible. From cb42942699f2b4cfe6485ea5a0bbc8c853abd412 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 1 Mar 2025 11:46:21 -0500 Subject: [PATCH 147/148] iiab-diagnostics: Clarify that Ubuntu too uses /etc/locale.conf --- scripts/iiab-diagnostics | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/iiab-diagnostics b/scripts/iiab-diagnostics index 383f714e9..ae7376648 100755 --- a/scripts/iiab-diagnostics +++ b/scripts/iiab-diagnostics @@ -174,7 +174,7 @@ echo -e "\n\n\n2. REGULAR FILES ETC\n" >> $outfile #cat_file /usr/bin/iiab-support-on # Symlink test cat_file /.iiab-image cat_file /etc/default/locale 'e.g. on Debian 12' -cat_file /etc/locale.conf 'e.g. on Debian 13' +cat_file /etc/locale.conf 'e.g. on Debian 13+ and Ubuntu' cat_cmd 'localectl' 'Locale settings' cat_cmd 'locale -a' 'Available locales' cat_file /etc/iiab/iiab.env From 96ddd6620d8601c54d0d729c7d07c9725b2442d0 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 1 Mar 2025 11:51:09 -0500 Subject: [PATCH 148/148] iiab-diagnostics: Fix comments --- scripts/iiab-diagnostics | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/scripts/iiab-diagnostics b/scripts/iiab-diagnostics index ae7376648..193ba4fc7 100755 --- a/scripts/iiab-diagnostics +++ b/scripts/iiab-diagnostics @@ -173,13 +173,13 @@ echo -e "\n\n\n2. REGULAR FILES ETC\n" >> $outfile #cat_file /tmp/empty-file # Empty file test #cat_file /usr/bin/iiab-support-on # Symlink test cat_file /.iiab-image -cat_file /etc/default/locale 'e.g. on Debian 12' -cat_file /etc/locale.conf 'e.g. on Debian 13+ and Ubuntu' +cat_file /etc/default/locale # e.g. on Debian 12 +cat_file /etc/locale.conf # e.g. on Debian 13+ and Ubuntu cat_cmd 'localectl' 'Locale settings' cat_cmd 'locale -a' 'Available locales' cat_file /etc/iiab/iiab.env cat_file /etc/iiab/iiab.ini -cat_file /etc/iiab/local_vars.yml # Redacts most passwords above +cat_file /etc/iiab/local_vars.yml # Redacts most passwords above cat_file /etc/iiab/iiab_state.yml cat_file /etc/resolv.conf cat_file /etc/network/interfaces