I’ve got a custom firmware image that I’d like to push to a number of remote X750s. To do so, I have a cronjob that runs on each device to periodically check a database to see if a new firmware update is available, and if so, downloads the new image to /tmp/firmware.img, and validates checksum.
But from there, all of my attempts at scripting sysupgrade to preserve config settings and packages have failed. The sysupgrade command is executed, it appears to start, the ssh session is closed and then… nothing happens. I can immediately log back in via SSH and the device never restarts or applies the firmware update. These X750s don’t appear to have UART, so I’m unable to see what’s happening from any sysupgrade error log entries once the SSH session is closed.
When I flash using the GL UI, the image works as intended, both when preserving config/packages, and when overwriting. The same is true if I manually place the firmware.img file in the /tmp directory, and then call /api/firmware/update, everything works properly both when keepconfig=true and when keepconfig=false.
Is there a way I can call this process from CLI so it can be scripted to run via cron instead of through the UI or the API?
That would be ideal. But in order for the script to use the API, it needs to have the valid GL UI password. What happens when the remote user changes the password? Can the hashed GL password from $(uci show glconfig.general.password) be used to obtain an API token?
Otherwise, if the API is forwarding parameters posted to /firmware/upgrade to a script that resides somewhere on the device, I could also just pass those same parameters directly from the cronjob script. Just need to know where it is.
sysupgrade will also kill everything but itself and its parents and effectively do a pivot_root, so don’t expect anything you’re running to be running after the flash begins. See the contents of /lib/upgrade/ for some more details.