rauc-hawkbit-updater v1.0 Released
Back in 2018, rauc-hawkbit-updater was started by Prevas A/S as a C/GLib port of our rauc-hawkbit Python prototype (also called RAUC hawkBit Client) that was mainly developed for showcases and to serve as a demonstration and evaluation platform for others.
rauc-hawkbit-updater instead is explicitly developed with real-world use cases in mind. Just as its earlier Python counterpart, it operates on the target as an interface between RAUC, the embedded Linux update framework, and hawkBit, an OTA roll-out backend framework.
Since its first incarnation in 2018, rauc-hawkbit-updater's code was refactored, bugs were fixed, and features were added. With the addition of a test suite that was capable of performing interaction tests with actual hawkBit test instances, the project got more mature and, with the beginning of 2020, rauc-hawkbit-updater was finally moved to the RAUC GitHub organization under the maintenance of Lasse Klok Mikkelsen (Prevas A/S).
We won't stop here. A whole bunch of feature pull requests are already queued up, i.e.:
- HTTP retry handling
- Resuming interrupted downloads
- Support for action cancellation
So if you are interested in managing your embedded system's updates with RAUC and hawkBit, make sure to check it out.
Wonder How To Get Started?
- Set up a hawkBit instance (e.g. via docker)
- Set up RAUC for your target
- Cross compile rauc-hawkbit-updater for your target (a Yocto recipe for this is available in meta-rauc)
- Provide a configuration file that points to your rauc-hawkbit-updater instance
- Start the rauc-hawkbit-updater daemon on your target to let it authenticate and poll for updates
For more details follow our Quickstart guide and the documentation. You're invited to join the community, discuss and contribute! Either via matrix channel #rauc or on GitHub Issues, Pull requests or Discussions.
Finally, we would like to thank the folks from Prevas A/S for starting this project and making it open source under LGPL-2.1, and especially to Prevas' Lasse Klok Mikkelsen, the lead maintainer until the v1.0 release. Starting with v1.0, the project will now be primarily maintained by the Pengutronix developers Bastian Krause and Enrico Jörns.
Eingebettete Systeme und IoT-Geräte robust und sicher im Feld updaten zu können ist heute eine Kernanforderung jedes Produkts. Das Update-Framework RAUC ist die Basis für eine moderne und zukunftsfähige Lösung. In diesem Showcase zeigen wir die Grundprinzipien eines ausfallsicheren Update-Systems und wie Sie dieses mit Unterstützung von Pengutronix für Ihre Plattform realisieren können.
OTA field updates are a common requirement in modern embedded device deployments. The larger the amount of devices to control, the more important is having a good infrastructure that is reliable in updating and smart in rolling out the software.
This release fixes a vulnerability in RAUC that can be exploited under certain circumstances to achieve a local privilege escalation. It provides both a mitigation for the vulnerability when using the existing bundle format as well as a new bundle format that uses dm-verity to continuously authenticate the update data while it is installed.
It's been 3 weeks ago now since the tag for RAUC 1.4 was created. But it is vacation time and so we have a good excuse for communicating things with some delay. Fortunately, the media team is back now and so also those of you who haven't noticed the new release yet will be informed about notable changes.