From 07b7c642de304392e034e035e4c39ccfe1f8c78d Mon Sep 17 00:00:00 2001 From: Daniel Nilsson Date: Wed, 1 May 2024 22:17:43 +0200 Subject: [PATCH] luci-app-lxc: remove bypassing GPG validation Since https://github.com/lxc/lxc/commit/58520263041b6864cadad96278848f9b8ce78ee9 which is part of LXC 5.0, not being able to bypass GPG validation anymore has been enforced by upstream in lxc-download. When LXC was bumped to 5.0.1 in https://github.com/openwrt/packages/commit/d957a2293b2a21b1edca1aa92e141bad8292251a this broke passing the --no-validate option to lxc-download, which resulted in getting the output of the --help command line option as the RPC output of lxc-download as it doesn't understand the --no-validate option. This in turn broke the string parsing for compatible distributions and their versions. To solve this, this commit removes the --no-validate option entirely as it has been removed by upstream. Signed-off-by: Daniel Nilsson --- .../luci-app-lxc/luasrc/controller/lxc.lua | 20 ++++--------------- .../luci-app-lxc/luasrc/model/cbi/lxc.lua | 5 ----- 2 files changed, 4 insertions(+), 21 deletions(-) diff --git a/applications/luci-app-lxc/luasrc/controller/lxc.lua b/applications/luci-app-lxc/luasrc/controller/lxc.lua index 6fa1add0f8..1682def279 100644 --- a/applications/luci-app-lxc/luasrc/controller/lxc.lua +++ b/applications/luci-app-lxc/luasrc/controller/lxc.lua @@ -55,11 +55,10 @@ end function lxc_get_downloadable() local target = lxc_get_arch_target(url) - local ssl_status = lxc_get_ssl_status() local templates = {} - local f = io.popen('sh /usr/share/lxc/templates/lxc-download --list %s --server %s 2>/dev/null' - %{ ssl_status, url }, 'r') + local f = io.popen('sh /usr/share/lxc/templates/lxc-download --list --server %s 2>/dev/null' + %{ url }, 'r') local line for line in f:lines() do local dist, version, dist_target = line:match("^(%S+)%s+(%S+)%s+(%S+)%s+default%s+%S+$") @@ -80,10 +79,9 @@ function lxc_create(lxc_name, lxc_template) return end - local ssl_status = lxc_get_ssl_status() local lxc_dist, lxc_release = lxc_template:match("^(.+):(.+)$") - luci.sys.call('/usr/bin/lxc-create --quiet --name %s --bdev best --template download -- --dist %s --release %s --arch %s --server %s %s' - %{ lxc_name, lxc_dist, lxc_release, lxc_get_arch_target(url), url, ssl_status }) + luci.sys.call('/usr/bin/lxc-create --quiet --name %s --bdev best --template download -- --dist %s --release %s --arch %s --server %s' + %{ lxc_name, lxc_dist, lxc_release, lxc_get_arch_target(url), url }) while (nx.fs.access(path .. lxc_name .. "/partial")) do nx.nanosleep(1) @@ -180,13 +178,3 @@ function lxc_get_arch_target(url) end return target end - -function lxc_get_ssl_status() - local ssl_enabled = uci:get("lxc", "lxc", "ssl_enabled") - local ssl_status = "--no-validate" - - if ssl_enabled and ssl_enabled == "1" then - ssl_status = "" - end - return ssl_status -end diff --git a/applications/luci-app-lxc/luasrc/model/cbi/lxc.lua b/applications/luci-app-lxc/luasrc/model/cbi/lxc.lua index 2987fced13..df3f79ec48 100644 --- a/applications/luci-app-lxc/luasrc/model/cbi/lxc.lua +++ b/applications/luci-app-lxc/luasrc/model/cbi/lxc.lua @@ -28,11 +28,6 @@ o1:value("repo.turris.cz/lxc", "repo.turris.cz/lxc (SSL req.)") o1.default = "images.linuxcontainers.org" o1.rmempty = false -o2 = s:option(Flag, "ssl_enabled", translate("Enable SSL"), - translate("Enable optional SSL encryption support. This requires additional packages like 'wget', 'ca-certificates', 'gnupg' and 'gnupg-utils'.")) -o2.default = o2.disabled -o2.rmempty = false - o3 = s:option(Value, "min_space", translate("Free Space Threshold"), translate("Minimum required free space for LXC Container creation in KB")) o3.default = "100000" -- 2.30.2