From 1776b8f50b173b49ca7ce3ab917de4493ae36ff6 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 27 Sep 2024 17:13:32 +0200 Subject: backup-partition: give warning on lock in device-mode RouterOS 7.17beta2 introduced some extra security measures, including some to prevent downgrade attacks for the installation. Thus switching partitions (which can hold quite old installations) is denied by device-mode now by default. Warn about that... https://help.mikrotik.com/docs/display/ROS/Device-mode --- backup-partition.rsc | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/backup-partition.rsc b/backup-partition.rsc index 51df454..56738ba 100644 --- a/backup-partition.rsc +++ b/backup-partition.rsc @@ -19,6 +19,7 @@ :global PackagesUpdateBackupFailure; :global LogPrint; + :global RequiredRouterOS; :global ScriptFromTerminal; :global ScriptLock; :global VersionToNum; @@ -59,6 +60,12 @@ :error false; } + :if ([ $RequiredRouterOS $ScriptName "7.17beta2" false ] = true && \ + ([ /system/device-mode/get ]->"partitions") != true) do={ + $LogPrint warning $ScriptName \ + ("The device mode has locked switching partitions! You will need physical access!"); + } + :local FallbackToName [ /partitions/get $ActiveRunning fallback-to ]; :local FallbackTo [ /partition/find where name=$FallbackToName !active ]; -- cgit v1.2.3-70-g09d2