Safe and secure software updates for embedded Linux
system.conf
and root=
in the kernel commandline.
Systems using rauc.slot=<bootname>
or bootchooser.active=<bootname>
are not affected.
See issue #1360 for more details.Contributions from: Enrico Jörns
Full Changelog: https://github.com/rauc/rauc/compare/v1.11.2...v1.11.3
rauc info
when used with streaming.rauc info
. This avoids a nbd server failed
message.Contributions from: Enrico Jörns
Full Changelog: https://github.com/rauc/rauc/compare/v1.11.1...v1.11.2
rauc staus mark-*
.rauc.external
kernel command-line flag.codesign
certificate purpose.pre-install
hook implementation.Contributions from: Arseniy Lartsev, Enrico Jörns, Jan Lübbe
Full Changelog: https://github.com/rauc/rauc/compare/v1.11...v1.11.1
boot_id
.--ignore-image=<slotclass>
option to keep images as they are when using rauc convert
. This can be used to exclude some images (such as bootloaders) from the casync conversion./run/rauc/slots/active
. This should avoid the need for parsing rauc status
output in some cases.get-current
to the custom bootloader backend. (by Angelo Compagnucci)resign
and replace-signature
for encrypted bundles.rauc status
output when no slot is activated (instead of printing null
).[!NOTE] We don't consider the details of the new log events fixed yet, so please use them as a preview and for testing. In a future release, they will be documented in a journald message catalog.
--no-verify
for rauc resign
, to allow omitting the keyring.asan
option to the qemu-test
script to allow running with address sanitizer.qemu-test
startup.CONFIG_DM_CRYPT
as a required kernel config option for encrypted bundles. (by Angelo Compagnucci)-Dhtmldocs=true
) (by Emil Velikov)Contributions from: Angelo Compagnucci (@angeloc), Emil Velikov (@evelikov), Enrico Jörns (@ejoerns), Jan Lübbe (@jluebbe), René Fischer (@securitykernel), Roland Hieber (@rohieb), Thomas Kilian (@BigPapa314), Uwe Kleine-König (@ukleinek), Zygmunt Krynicki (@zyga)
Full Changelog: https://github.com/rauc/rauc/compare/v1.10.1...v1.11
--with-streaming_user
configure option.meson compile -C build
for old meson versions.Contributions from: David Runge (@dvzrv), Enrico Jörns (@ejoerns), Hans Christian Lonstad (@hcl-dr), Jan Lübbe (@jluebbe), Roland Hieber (@rohieb), Stephan Wurm (@swaeberle), Ulrich Ölmann (@OnkelUlla)
Full Changelog: https://github.com/rauc/rauc/compare/v1.10...v1.10.1
rauc info
also in human-readable form.rauc info
and via the InspectBundle D-Bus method.rauc info
that matches the InspectBundle D-Bus method structure.rauc-service.sh
rauc extract
with an existing output directory.off64_t
with _FILE_OFFSET_BITS=64
. (by Christian Hohnstädt)system.conf
-defined handlers.--key
argument (used to set the decryption key) to help and man page.g_ptr_array_find
and g_autolist
. Debian buster, Ubuntu bionic and Yocto dunfell have newer versions already.statusfile
option. (by Ulrich Ölmann)Contributions from: Christian Hitz (@chhitz), Christian Hohnstädt (@chris2511), Christian Meusel (@sirhcel), Enrico Jörns (@ejoerns), Jan Lübbe (@jluebbe), Lars Pöschel (@poeschel), René Fischer (@securitykernel), Stefan Wahren (@lategoodbye), Ulrich Ölmann (@OnkelUlla), @b4yuan
Full Changelog: https://github.com/rauc/rauc/compare/v1.9...v1.10
InspectBundle
D-Bus method, which takes the same bundle access options as the existing InstallBundle
method. This makes it possible to inspect bundles stored on HTTP servers which need authentication. It returns information from the manifest as a nested dictionary (for now, this is only compatible
, version
, description
and build
), but can be extended as needed. (by Stefan Ursella)rauc info
and rauc status
. This can be used to identify a specific bundle.boot-attempts
in the system.conf
).autogen.sh
to generate it. To simplify the migration, we also provide a -autotools
archive variant which is generated using autotool's make dist
(and does not contain the meson build support).--intermediate
option to the subcommand level and update the manual page.boot-attempts
configuration.Contributions from: Christian Meusel (@sirhcel), Enrico Jörns (@ejoerns), Jan Lübbe (@jluebbe), Jung-Te Hsieh (@jungte), Stefan Ursella (@stefanu21), Ulrich Ölmann (@OnkelUlla), Uwe Kleine-König (@ukleinek)
Full Changelog: https://github.com/rauc/rauc/compare/v1.8...v1.9
casync extract
. (by Ludovico de Nittis)RAUC_KEY_PASSPHRASE
). (by Marc Kleine-Budde)meta.<label>
sections in the manifest. The meta.<label>
sections are intended to provide a forwards-compatible way to add data to the manifest which is not interpreted by RAUC in any way. Currently, they are just ignored when reading a manifest. In future releases, they will be accessible via rauc info
, the D-Bus API and in hooks/handlers.boot-mbr-switch
slots.Contributions from: Ahmad Fatoum, Enrico Jörns, Jan Lübbe, Jonas Licht, Ludovico de Nittis, Marc Kleine-Budde, Marcus Hoffmann, Matthias Fend, Morgan Bengtsson, Ulrich Ölmann, Uwe Kleine-König
Full Changelog: https://github.com/rauc/rauc/compare/v1.7...v1.8
verity
and crypt
formats. This avoids the need for a temporary bundle storage location and prepares for more efficient incremental updates. See the documentation for details.crypt
format). This is useful when bundles contain confidential data and are not otherwise protected during transport (for example, via HTTP, unauthenticated HTTPS or USB storage). See the documentation for details.rauc status --output-format=json
). This is only enabled when built with glib 2.68 or newer. (by Ludovico de Nittis)--trust-environment
option to rauc extract
and rauc extract-signature
.Contributions from: Bastian Krause, Fabrice Fontaine, Ludovico de Nittis, Michael Riesch, Sean Nyekjaer, Steven Rau, Thomas Petazzoni, Thorsten Scherer, Uwe Kleine-König, Zygmunt Krynicki
Full Changelog: https://github.com/rauc/rauc/compare/v1.6...v1.7
RAUC_IMAGE_SIZE
. (by Marcel Hellwig)systemd.verity_root_data=
to find the booted slot. (by Arnaud Rebillout)boot-*
slot types. (by Bastian Krause)rauc mount
command to allow inspection of bundles without extraction.install
slot hook.resign
and info
commands to ignore expired certificates (--no-check-time
). (by Michael Heimpold)convert
command to disable the concurrent access checks for plain bundles (--trust-environment
).system.conf
loading according to the use-cases of the different commands.boot-*
slot types. (by Bastian Krause)mkfs.vfat
.system.conf
.boot-mbr/gpt-switch
slot types.Contributions from: Ahmad Fatoum, Alexander Dahl, Arnaud Rebillout, Bastian Krause, Christian Hitz, Christoph Steiger, Daniel Mack, Enrico Jörns, Fabian Büttner, Holger Assmann, Ian Abbott, Jan Lübbe, Jean-Pierre Geslin, Ladislav Michl, Livio Bieri, Ludovico de Nittis, Marcel Hellwig, Michael Heimpold, Michael Tretter, Omer Akram, Pascal Huerst, Richard Forro, Roland Hieber, Rouven Czerwinski, Sijmen Huizenga, Taras Zaporozhets, Vivien Didelot, Vyacheslav Yurkov
Full Changelog: https://github.com/rauc/rauc/compare/v1.5.1...v1.6