]>
git.ipfire.org Git - ipfire-2.x.git/blob - config/rootfiles/core/172/update.sh
2 ############################################################################
4 # This file is part of the IPFire Firewall. #
6 # IPFire is free software; you can redistribute it and/or modify #
7 # it under the terms of the GNU General Public License as published by #
8 # the Free Software Foundation; either version 3 of the License, or #
9 # (at your option) any later version. #
11 # IPFire is distributed in the hope that it will be useful, #
12 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
13 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
14 # GNU General Public License for more details. #
16 # You should have received a copy of the GNU General Public License #
17 # along with IPFire; if not, write to the Free Software #
18 # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
20 # Copyright (C) 2022 IPFire-Team <info@ipfire.org>. #
22 ############################################################################
24 .
/opt
/pakfire
/lib
/functions.sh
25 /usr
/local
/bin
/backupctrl exclude
>/dev
/null
2>&1
29 # Remove old core updates from pakfire cache to save space...
30 for (( i
=1; i
<=$core; i
++ )); do
31 rm -f /var
/cache
/pakfire
/core-upgrade-
*-$i.ipfire
35 /etc
/rc.d
/init.d
/ipsec stop
36 /usr
/local
/bin
/openvpnctrl
-k
37 /usr
/local
/bin
/openvpnctrl
-kn2n
38 /etc
/rc.d
/init.d
/sshd stop
39 /etc
/rc.d
/init.d
/unbound stop
43 /etc
/strongswan.d
/scepclient.conf \
45 /usr
/lib
/libbind9-9.16
.33.so \
46 /usr
/lib
/libdns-9.16
.33.so \
47 /usr
/lib
/libexpat.so
.1.8.9 \
48 /usr
/lib
/libirs-9.16
.33.so \
49 /usr
/lib
/libisc-9.16
.33.so \
50 /usr
/lib
/libisccc-9.16
.33.so \
51 /usr
/lib
/libisccfg-9.16
.33.so \
52 /usr
/lib
/libns-9.16
.33.so \
53 /usr
/lib
/libunbound.so
.8.1.1* \
54 /usr
/lib
/libxml2.so
.2.9.
* \
55 /usr
/lib
/python3.10
/ensurepip
/_bundled
/pip-21
* \
56 /usr
/lib
/python3.10
/ensurepip
/_bundled
/setuptools-5
* \
57 /usr
/lib
/python3.10
/lib2to
3/Grammar3.10.
* \
58 /usr
/lib
/python3.10
/lib2to
3/PatternGrammar3.10.
* \
59 /usr
/lib
/python3.10
/site-packages
/pip-21.
* \
60 /usr
/lib
/python3.10
/site-packages
/pip
/_internal
/utils
/parallel.py \
61 /usr
/lib
/python3.10
/site-packages
/pip
/_internal
/utils
/pkg_resources.py \
62 /usr
/lib
/python3.10
/site-packages
/pip
/_vendor
/appdirs.py \
63 /usr
/lib
/python3.10
/site-packages
/pip
/_vendor
/chardet
/compat.py \
64 /usr
/lib
/python3.10
/site-packages
/pip
/_vendor
/distlib
/_backport \
65 /usr
/lib
/python3.10
/site-packages
/pip
/_vendor
/distro.py \
66 /usr
/lib
/python3.10
/site-packages
/pip
/_vendor
/html5lib \
67 /usr
/lib
/python3.10
/site-packages
/pip
/_vendor
/msgpack
/_version.py \
68 /usr
/lib
/python3.10
/site-packages
/pip
/_vendor
/progress \
69 /usr
/lib
/python3.10
/site-packages
/pip
/_vendor
/pyparsing.py \
70 /usr
/lib
/python3.10
/site-packages
/pip
/_vendor
/urllib
3/packages
/ssl_match_hostname \
71 /usr
/lib
/python3.10
/site-packages
/pkg_resources
/_vendor
/packaging
/_compat.py \
72 /usr
/lib
/python3.10
/site-packages
/pkg_resources
/_vendor
/packaging
/_typing.py \
73 /usr
/lib
/python3.10
/site-packages
/pkg_resources
/_vendor
/pyparsing.py \
74 /usr
/lib
/python3.10
/site-packages
/pkg_resources
/tests
/data \
75 /usr
/lib
/python3.10
/site-packages
/setuptools-5
* \
76 /usr
/lib
/python3.10
/site-packages
/setuptools
/_distutils
/py35compat.py \
77 /usr
/lib
/python3.10
/site-packages
/setuptools
/_vendor
/packaging
/_compat.py \
78 /usr
/lib
/python3.10
/site-packages
/setuptools
/_vendor
/packaging
/_typing.py \
79 /usr
/lib
/python3.10
/site-packages
/setuptools
/_vendor
/pyparsing.py \
80 /usr
/lib
/python3.10
/site-packages
/setuptools
/config.py \
81 /usr
/lib
/python3.10
/site-packages
/setuptools_rust
/utils.py \
82 /usr
/libexec
/ipsec
/scepclient \
83 /var
/ipfire
/ca
/dh1024.pem
85 # Remove powertop add-on, if installed
86 if [ -e "/opt/pakfire/db/installed/meta-powertop" ]; then
87 for i
in $
(</opt
/pakfire
/db
/rootfiles
/powertop
); do
92 /opt
/pakfire
/db
/installed
/meta-powertop \
93 /opt
/pakfire
/db
/meta
/meta-powertop \
94 /opt
/pakfire
/db
/rootfiles
/powertop
99 # update linker config
102 # Update Language cache
103 /usr
/local
/bin
/update-lang-cache
106 /usr
/local
/bin
/filesystem-cleanup
108 # Apply local configuration to sshd_config
109 /usr
/local
/bin
/sshctrl
111 # Correct permissions of some library files
112 chown
-Rv root
:root
/var
/ipfire
/connscheduler
/lib.pl
/var
/ipfire
/updatexlrator
/updxlrator-lib.pl
/var
/ipfire
/menu.d
/*
114 # Replace existing OpenVPN Diffie-Hellman parameter by ffdhe4096, as specified in RFC 7919
115 if [ -f /var
/ipfire
/ovpn
/server.conf
]; then
116 sed -i 's|/var/ipfire/ovpn/ca/dh1024.pem|/etc/ssl/ffdhe4096.pem|' /var
/ipfire
/ovpn
/server.conf
119 if [ -f "/var/ipfire/ovpn/n2nconf/*/*.conf" ]; then
120 sed -i 's|/var/ipfire/ovpn/ca/dh1024.pem|/etc/ssl/ffdhe4096.pem|' /var
/ipfire
/ovpn
/n2nconf
/*/*.conf
124 /etc
/init.d
/unbound start
125 if grep -q "ENABLE_SSH=on" /var
/ipfire
/remote
/settings
; then
126 /etc
/init.d
/sshd start
128 if grep -q "ENABLED=on" /var
/ipfire
/ovpn
/settings
; then
129 /usr
/local
/bin
/openvpnctrl
-s
130 /usr
/local
/bin
/openvpnctrl
-sn2n
132 if grep -q "ENABLED=on" /var
/ipfire
/vpn
/settings
; then
133 /etc
/init.d
/ipsec start
136 # This update needs a reboot...
137 touch /var
/run
/need_reboot
140 /etc
/init.d
/fireinfo start
143 # Update grub config to display new core version
144 if [ -e /boot
/grub
/grub.cfg
]; then
145 grub-mkconfig
-o /boot
/grub
/grub.cfg
150 # Don't report the exitcode last command