User Tools

Site Tools


doc:howto:notuci.config

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
doc:howto:notuci.config [2013/05/02 12:03]
ponschab Fixed which files are kept by default
doc:howto:notuci.config [2015/11/16 20:39] (current)
tmomas [/etc/sysupgrade.conf] Formatting corrected
Line 1: Line 1:
 +====== NotUCI Configuration ======
 +A lot of stuff can (and therefore should be) configured with [[doc:UCI]] via any of its interfaces. This page concerns itself with everything built into OpenWrt that cannot be configured with UCI. Note that most third party applications,​ installed with [[doc:​techref:​opkg|opkg]] or otherwise, typically also have their own configuration methods. Users experienced with GNU/Linux distribution will know all of this by heart. For beginners this should be useful.
  
 +
 +===== /etc/TZ =====
 +Merely a symlink to ''​TZ -> /​tmp/​TZ''​ which is being created and configured with UCI in ''​[[doc/​uci/​system|/​etc/​config/​system]]''​
 +
 +===== /etc/banner =====
 +| <​code>​
 +  _______ ​                    ​________ ​       __
 + ​| ​      ​|.-----.-----.-----.| ​ |  |  |.----.| ​ |_
 + ​| ​  ​- ​  ​|| ​ _  |  -__|     ​|| ​ |  |  ||   ​_|| ​  _|
 + ​|_______|| ​  ​__|_____|__|__||________||__| ​ |____|
 +          |__| W I R E L E S S   F R E E D O M
 + ​ATTITUDE ADJUSTMENT (bleeding edge, r26290) ----------
 +  * 1/4 oz Vodka      Pour all ingredents into mixing
 +  * 1/4 oz Gin        tin with ice, strain into glass.
 +  * 1/4 oz Amaretto
 +  * 1/4 oz Triple sec
 +  * 1/4 oz Peach schnapps
 +  * 1/4 oz Sour mix
 +  * 1 splash Cranberry juice
 + ​-----------------------------------------------------
 +</​code>​ |
 +
 +===== /​etc/​crontabs/​root (cronjob aka crontab) =====
 +
 +See [[cron]] for documentation and examples on crontabs.
 +===== /​etc/​iproute2/​rt_tables =====
 +This is the configuration file for the routing. See [[http://​linux.die.net/​man/​8/​ip|man ip]] and [[wp>​iproute2]].
 +<​code>​
 +#
 +# reserved values
 +#
 +255     local
 +254     main
 +253     ​default
 +0       ​unspec
 +#
 +# local
 +#
 +#1      inr.ruhep
 +</​code>​
 +
 +===== /​etc/​diag.sh =====
 +===== /​etc/​dnsmasq.conf =====
 +->​[[doc:​howto:​dhcp.dnsmasq#​Configuration]]
 +
 +===== /etc/ethers =====
 +->​[[doc:​howto:​dhcp.dnsmasq#​Configuration]]
 +
 +===== /​etc/​firewall.user =====
 +Is being called by ''​[[doc:​uci:​firewall|/​etc/​config/​firewall]]''​. Both files are not executed when booting into [[doc:​howto:​generic.failsafe|failsafe mode]]. You can populate this file with help of [[doc:​howto:​netfilter#​Configuration|netfilter]]-article.
 +
 +===== /etc/fstab =====
 +Merely a [[wp>​Symlink#​POSIX_and_Unix-like_operating_systems|symlink]] to ''​fstab -> /​tmp/​fstab''​ which is being created and configured by UCI in ''​[[doc/​uci/​fstab|/​etc/​config/​fstab]]''​
 +
 +[[http://​linux.die.net/​man/​5/​fstab|manpage fstab]], [[wp>​fstab]]
 +
 +===== /​etc/​functions.sh =====
 +''​[[https://​dev.openwrt.org/​browser/​trunk/​package/​base-files/​files/​etc/​functions.sh|/​etc/​functions.sh]]''​ does stuff FIXME
 +
 +===== /​etc/​fw_env.config =====
 +-> [[doc:​techref:​bootloader:​uboot.config]]
 +
 +===== /etc/group =====
 +''​[[https://​dev.openwrt.org/​browser/​trunk/​package/​base-files/​files/​etc/​group|/​etc/​group]]''​ is an ASCII file which defines the groups to which users belong to. See [[http://​linux.die.net/​man/​5/​group|man group]]
 +
 +===== /etc/hosts =====
 +On top of IP addresses we use hostnames to refer to devices in the network. As there are FQDN, so are internal hostnames. Edit the file ''/​etc/​hosts'':​
 +
 +<​code>​
 +192.168.1.1 ​   openwrt ​ openwrt.
 +192.168.1.1 ​   name1  name1.
 +192.168.1.1 ​   name2  name2.
 +192.168.1.2 ​   user1  user1.
 +192.168.1.254 ​ dockstar ​ dockstar.
 +</​code>​
 +
 +After rebooting you can address your network devices not only by their IPs, but by their names. e.g. %%[http://​openwrt.lan] or [smb://​dockstar.lan]%% etc.
 +
 +The UCI method for setting the hostname of the OpenWrt system itself is via ''​[[doc/​uci/​system|/​etc/​config/​system]]'':​
 +
 +<​code>​
 +  config system
 +  option hostname lila
 +</​code>​
 +
 +
 +===== /​etc/​hosts.allow =====
 +[[http://​linux.die.net/​man/​5/​hosts.allow|man hosts.allow]] or [[man>​hosts.allow]]
 +
 +===== /​etc/​hosts.deny =====
 +[[http://​linux.die.net/​man/​5/​hosts.deny|man hosts.deny]] or [[man>​hosts.deny]]
 +
 +===== /​etc/​hotplug2-common.rules =====
 +===== /​etc/​hotplug2-init.rules =====
 +===== /​etc/​hotplug2.rules =====
 +===== /​etc/​init.d/​rcS =====
 +This get's executed by ''​init''​ every boot: [[doc:​techref:​process.boot#​init]]
 +<​code>​
 +#!/bin/sh
 +# Copyright (C) 2006 OpenWrt.org
 +
 +run_scripts() {
 +        for i in /​etc/​rc.d/​$1*;​ do
 +                [ -x $i ] && $i $2 2>&1
 +        done | $LOGGER
 +}
 +
 +system_config() {
 +        config_get_bool foreground $1 foreground 0
 +}
 +
 +LOGGER="​cat"​
 +[ -x /​usr/​bin/​logger ] && LOGGER="​logger -s -p 6 -t sysinit"​
 +
 +. /​etc/​functions.sh
 +
 +config_load system
 +config_foreach system_config system
 +
 +if [ "​$1"​ = "​S"​ -a "​$foreground"​ != "​1"​ ]; then
 +        run_scripts "​$1"​ "​$2"​ &
 +else
 +        run_scripts "​$1"​ "​$2"​
 +fi
 +</​code>​
 +
 +
 +
 +===== /​etc/​inittab =====
 +<​del>​[[http://​linux.die.net/​man/​5/​inittab]]</​del>​
 +[[http://​git.busybox.net/​busybox/​tree/​examples/​inittab]] <<== This is it.
 +<​code>​
 +::​sysinit:/​etc/​init.d/​rcS S boot
 +::​shutdown:/​etc/​init.d/​rcS K shutdown
 +tts/​0::​askfirst:/​bin/​ash --login
 +ttyS0::​askfirst:/​bin/​ash --login
 +tty1::​askfirst:/​bin/​ash --login
 +</​code>​
 +
 +===== /etc/mtab =====
 +[[wp>​mtab]],​ -> [[doc:​techref:​filesystems]],​ ->​[[doc:​techref:​flash.layout]],​ [[wp>​procfs]],​ [[wp>​sysfs]],​ [[wp>​devpts]]
 +
 +<​code>​
 +rootfs / rootfs rw 0 0
 +/dev/root /rom squashfs ro,relatime 0 0
 +proc /proc proc rw,noatime 0 0
 +sysfs /sys sysfs rw,noatime 0 0
 +tmpfs /tmp tmpfs rw,​nosuid,​nodev,​noatime 0 0
 +tmpfs /dev tmpfs rw,​noatime,​size=512k,​mode=755 0 0
 +devpts /dev/pts devpts rw,​noatime,​mode=600 0 0
 +/​dev/​mtdblock3 /overlay jffs2 rw,noatime 0 0
 +overlayfs:/​overlay / overlayfs rw,noatime 0 0
 +debugfs /​sys/​kernel/​debug debugfs rw,relatime 0 0
 +none /​proc/​bus/​usb usbfs rw,relatime 0 0
 +</​code>​
 +
 +===== /​etc/​ntp.conf =====
 +===== /​etc/​opkg.conf =====
 +->​[[doc:​techref:​opkg]]
 +
 +===== /etc/passwd =====
 +-> [[http://​linux.die.net/​man/​5/​passwd|manpage passwd]]
 +
 +
 +===== /​etc/​preinit =====
 +In OpenWrt the Kernel is executed by the [[doc:​techref:​bootloader]] with the option ''​init=/​etc/​preinit''​ (instead of the usual ''​init=/​sbin/​init''​). So the Kernel executes ''​[[https://​dev.openwrt.org/​browser/​trunk/​package/​base-files/​files/​etc/​preinit|/​etc/​preinit]]''​ which itself calls upon:
 +  * ''​[[https://​dev.openwrt.org/​browser/​trunk/​package/​base-files/​files/​etc/​functions.sh|/​etc/​functions.sh]]''​
 +  * ''​[[https://​dev.openwrt.org/​browser/​trunk/​package/​base-files/​files/​lib/​functions/​boot.sh|lib/​functions/​boot.sh]]''​
 +
 +-> [[doc:​techref:​process.boot]] should bring some clarity into this matter
 +
 +<​code>​
 +#!/bin/sh
 +
 +export PATH=/​bin:/​sbin:/​usr/​bin:/​usr/​sbin
 +. /​etc/​diag.sh
 +
 +pi_ifname=
 +pi_ip=192.168.1.1
 +pi_broadcast=192.168.1.255
 +pi_netmask=255.255.255.0
 +
 +fs_failsafe_ifname=
 +fs_failsafe_ip=192.168.1.1
 +fs_failsafe_broadcast=192.168.1.255
 +fs_failsafe_netmask=255.255.255.0
 +
 +fs_failsafe_wait_timeout=2
 +
 +pi_suppress_stderr="​y"​
 +pi_init_suppress_stderr="​y"​
 +pi_init_path="/​bin:/​sbin:/​usr/​bin:/​usr/​sbin"​
 +pi_init_cmd="/​sbin/​init"​
 +
 +. /​etc/​functions.sh
 +. /​lib/​functions/​boot.sh
 +
 +boot_hook_init preinit_essential
 +boot_hook_init preinit_main
 +boot_hook_init failsafe
 +boot_hook_init initramfs
 +boot_hook_init preinit_mount_root
 +
 +for pi_source_file in /​lib/​preinit/​*;​ do
 +    . $pi_source_file
 +done
 +
 +boot_run_hook preinit_essential
 +
 +pi_mount_skip_next=false
 +pi_jffs2_mount_success=false
 +pi_failsafe_net_message=false
 +
 +boot_run_hook preinit_main
 +</​code>​
 +
 +===== /​etc/​profile =====
 +<code bash>
 +#!/bin/sh
 +[ -f /etc/banner ] && cat /etc/banner
 +
 +export PATH=/​bin:/​sbin:/​usr/​bin:/​usr/​sbin
 +export HOME=$(grep -e "​^${USER:​-root}:"​ /etc/passwd | cut -d ":"​ -f 6)
 +export HOME=${HOME:​-/​root}
 +export PS1="​\[\033[4;​44;​1;​35m\]\u@\h:​\w$\[\033[0m\] "
 +
 +[ -x /bin/more ] || alias more=less
 +[ -x /​usr/​bin/​vim ] && alias vi=vim || alias vim=vi
 +
 +[ -z "​$KSH_VERSION"​ -o \! -s /etc/mkshrc ] || . /etc/mkshrc
 +
 +[ -x /sbin/arp ] || arp() { cat /​proc/​net/​arp;​ }
 +[ -z /bin/ldd ] || ldd() { LD_TRACE_LOADED_OBJECTS=1 $*; }
 +</​code>​
 +
 +===== /​etc/​protocols =====
 +[[man>​protocols]] ''​[[https://​dev.openwrt.org/​browser/​trunk/​package/​base-files/​files/​etc/​protocols|/​etc/​protocols]]''​
 +
 +===== /​etc/​rc.common =====
 +''​[[https://​dev.openwrt.org/​browser/​trunk/​package/​base-files/​files/​etc/​rc.common|/​etc/​rc.common]]''​
 +
 +Part of the [[wp>​Shebang (Unix)]] of many shell scripts in ''/​etc/​init.d''​. It checks the start scripts for mistakes. E.g. since [[https://​dev.openwrt.org/​changeset/​27797|R27797]] it checks whether //"​start"//​ and //"​stop"//​ are defined.
 +
 +===== /​etc/​rc.local =====
 +This file gets executed by ''​[[https://​dev.openwrt.org/​browser/​trunk/​package/​base-files/​files/​etc/​init.d/​done|/​etc/​rc.d/​S95done]]''​ on every boot up. You should treat this file as a shell script.
 +
 +<​code>​
 +# Put your custom commands here that should be executed once
 +# the system init finished. By default this file does nothing.
 +
 +exit 0
 +</​code>​
 +
 +===== /​etc/​resolv.conf =====
 +A symlink to ''​resolv.conf -> /​tmp/​resolv.conf''​
 +
 +[[http://​linux.die.net/​man/​5/​resolv.conf|man resolv.conf]]
 +
 +===== /​etc/​services =====
 +[[man>​services]]
 +
 +===== /etc/shells =====
 +[[man>​shells]]
 +
 +===== /​etc/​sysctl.conf =====
 +''​[[https://​dev.openwrt.org/​browser/​trunk/​package/​base-files/​files/​etc/​sysctl.conf|/​etc/​sysctl.conf]]''​ gets called every boot up by ''​[[https://​dev.openwrt.org/​browser/​trunk/​package/​base-files/​files/​etc/​init.d/​sysctl|/​etc/​rc.d/​S99sysctl]]''​
 +->​[[http://​linux.die.net/​man/​5/​sysctl.conf|manpage sysctl.conf]]\\
 +->​[[http://​www.frozentux.net/​ipsysctl-tutorial/​ipsysctl-tutorial.html]] for Kernel 2.4!\\
 +
 +<​code>​
 +kernel.panic=3
 +net.ipv4.conf.default.arp_ignore=1
 +net.ipv4.conf.all.arp_ignore=1
 +net.ipv4.ip_forward=1
 +net.ipv4.icmp_echo_ignore_broadcasts=1
 +net.ipv4.icmp_ignore_bogus_error_responses=1
 +net.ipv4.tcp_ecn=0
 +net.ipv4.tcp_fin_timeout=30
 +net.ipv4.tcp_keepalive_time=120
 +net.ipv4.tcp_syncookies=1
 +net.ipv4.tcp_timestamps=0
 +net.core.netdev_max_backlog=30
 +net.netfilter.nf_conntrack_checksum=0
 +net.ipv4.netfilter.ip_conntrack_checksum=0
 +net.ipv4.netfilter.ip_conntrack_max=16384
 +net.ipv4.netfilter.ip_conntrack_tcp_timeout_established=3600
 +net.ipv4.netfilter.ip_conntrack_udp_timeout=60
 +net.ipv4.netfilter.ip_conntrack_udp_timeout_stream=180
 +net.ipv6.conf.all.forwarding=1
 +
 +# disable bridge firewalling by default
 +net.bridge.bridge-nf-call-arptables=0
 +net.bridge.bridge-nf-call-ip6tables=0
 +net.bridge.bridge-nf-call-iptables=0
 +</​code>​
 +
 +
 +===== /​etc/​sysupgrade.conf =====
 +-> [[doc:​howto:​generic.sysupgrade]]
 +<​code>​
 +## This file contains files and directories that should
 +## be preserved during an upgrade.
 +
 +# /​etc/​example.conf
 +# /​etc/​openvpn/​
 +/etc/config
 +/​etc/​profile
 +/​etc/​firewall.user
 +/​etc/​TC_hfsc.sh
 +/​etc/​hotplug.d/​iface/​30-trafficc
 +/​etc/​init.d/​trafficc
 +/root
 +/​etc/​crontabs/​root
 +</​code>​
 +Files listed by ''​opkg list-changed-conffiles''​ and files listed in ''/​lib/​upgrade/​keep.d/​*''​ (eg. ''​[[https://​dev.openwrt.org/​browser/​trunk/​package/​base-files/​files/​lib/​upgrade/​keep.d/​base-files-essential|base-file-essential]]''​) will be always kept.