Firmware update from SSH

I’ve got a custom firmware image that I’d like to push to a number of remote X750s. To do so, I have a cronjob that runs on each device to periodically check a database to see if a new firmware update is available, and if so, downloads the new image to /tmp/firmware.img, and validates checksum.

But from there, all of my attempts at scripting sysupgrade to preserve config settings and packages have failed. The sysupgrade command is executed, it appears to start, the ssh session is closed and then… nothing happens. I can immediately log back in via SSH and the device never restarts or applies the firmware update. These X750s don’t appear to have UART, so I’m unable to see what’s happening from any sysupgrade error log entries once the SSH session is closed.

When I flash using the GL UI, the image works as intended, both when preserving config/packages, and when overwriting. The same is true if I manually place the firmware.img file in the /tmp directory, and then call /api/firmware/update, everything works properly both when keepconfig=true and when keepconfig=false.

Is there a way I can call this process from CLI so it can be scripted to run via cron instead of through the UI or the API?

You can update your scripts to use the API here:

First you upload with the command above, then you start the upgrade:

Your cronjob can just do that instead of trying to rewrite what the api is already doing.

That would be ideal. But in order for the script to use the API, it needs to have the valid GL UI password. What happens when the remote user changes the password? Can the hashed GL password from $(uci show glconfig.general.password) be used to obtain an API token?

Otherwise, if the API is forwarding parameters posted to /firmware/upgrade to a script that resides somewhere on the device, I could also just pass those same parameters directly from the cronjob script. Just need to know where it is.

@alzhao @luochongjun @lancer

Calling the crew for that info :stuck_out_tongue:

@Johnex thank you!


The sysupgrade script will close all shell sessions. So you need to put your program in the background for execution. Thanks.

@lancer of course! Why didn’t I think of that?!
Thanks for your assistance.

sysupgrade will also kill everything but itself and its parents and effectively do a pivot_root, so don’t expect anything you’re running to be running after the flash begins. See the contents of /lib/upgrade/ for some more details.