procd, branch master

jail: make /dev/tty accessible by others

2026-05-04T11:29:42Z

Required for e.g. `scp`, which fails otherwise: debug1: read_passphrase: can't open /dev/tty: Permission denied Signed-off-by: Andre Heider

jail: fix reading the oci device gid value

2026-05-04T11:29:02Z

Fix the typo to properly set the device group in the container namespace. Signed-off-by: Andre Heider

jail: mount tools used by dhcp.sh in the netifd jail

2026-05-04T11:28:59Z

./dhcp.sh: eval: line 33: md5sum: not found ./dhcp.sh: eval: line 33: cut: not found ./dhcp.sh: eval: line 107: /sbin/uci: not found Signed-off-by: Andre Heider

instance: disable console logging

2026-05-04T11:28:32Z

This spams the logs with every in- and outcoming byte. Signed-off-by: Andre Heider

jail: mount ucode related bits into netifd jail

2026-05-04T11:28:32Z

netifd gained ucode support, mount the required pieces to fix the errors: daemon.crit netifd: Error loading ucode script: Syntax error: Unable to resolve path for module 'uci' In line 1, byte 27: `import * as uci from "uci";` Near here ----------------^ Syntax error: Unable to resolve path for module 'uloop' In line 2, byte 31: `import * as uloop from "uloop";` Near here --------------------^ Syntax error: Unable to resolve path for module 'ubus' In line 3, byte 32: `import * as libubus from "ubus";` Near here ---------------------^ Syntax error: Unable to resolve path for module 'fs' In line 4, byte 37: `import { access, dirname } from "fs";` Near here --------------------------^ Signed-off-by: Andre Heider

jail: mount /lib/config into netifd jail

2026-03-24T23:48:23Z

The DHCP and DHCPv6 protocol scripts in netifd source /lib/config/uci.sh during initialization. Without /lib/config/uci.sh bind-mounted into the jail, the netifd instance running inside a container's network namespace fails to start the DHCP client: ./dhcp.sh: .: line 8: can't open '/lib/config/uci.sh' ./dhcpv6.sh: .: line 5: can't open '/lib/config/uci.sh' Add /lib/config/uci.sh to the jail netifd mount list alongside the existing /lib/functions and /lib/functions.sh entries. Signed-off-by: Paul Spooren Signed-off-by: Daniel Golle

instance: don't print error in case cgroups are disabled

2026-03-13T22:32:39Z

cgroups aren't enabled on targets with small_flash, which currently means that the user is bothered with noisy warning messages because the instance cgroup cannot be created. Silently skip cgroups setup if not supported by the kernel, as it was before commit 7e5b324 ("instance: check length of names when creating cgroups"). Fixes: #33 Fixes: 7e5b324 ("instance: check length of names when creating cgroups") Signed-off-by: Daniel Golle

instance: use positive error numbers for strerror()

2026-03-13T22:32:36Z

strerror() expects positive error numbers, but instance_add_cgroup() returns negative errors. Invert the error value, so strerror becomes meaningful. Fixes: 7e5b324 ("instance: check length of names when creating cgroups") Signed-off-by: Daniel Golle

service: fix use-after-free in per-instance set_data handler

2026-03-11T17:27:53Z

service_handle_set_data() filled the instance data list with pointers directly into the ubus request message buffer. After the handler returned, ubus freed that buffer, leaving dangling pointers that caused a crash when instance_dump() later iterated the list. Fix this by duplicating the blob data with blob_memdup(), mirroring what service_update_data() already does for service-level data. Signed-off-by: Felix Fietkau

rcS: allow overriding init.d/rc.d paths

2026-02-20T21:55:59Z

Introduce -I and -R arguments which can be used to override the paths /etc/init.d and /etc/rc.d, allowing for some runlevel-like usecases. This will be used in Gluon [1] to support a 'config mode', which is currently realized using a downstream patch. [1] https://github.com/freifunk-gluon/gluon Signed-off-by: Nora Schiffer