]>
git.ipfire.org Git - ipfire-2.x.git/blob - config/rootfiles/oldcore/183/update.sh
2 ############################################################################
4 # This file is part of the IPFire Firewall. #
6 # IPFire is free software; you can redistribute it and/or modify #
7 # it under the terms of the GNU General Public License as published by #
8 # the Free Software Foundation; either version 3 of the License, or #
9 # (at your option) any later version. #
11 # IPFire is distributed in the hope that it will be useful, #
12 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
13 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
14 # GNU General Public License for more details. #
16 # You should have received a copy of the GNU General Public License #
17 # along with IPFire; if not, write to the Free Software #
18 # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
20 # Copyright (C) 2024 IPFire-Team <info@ipfire.org>. #
22 ############################################################################
24 .
/opt
/pakfire
/lib
/functions.sh
25 /usr
/local
/bin
/backupctrl exclude
>/dev
/null
2>&1
30 # Set last succesfull installed core.
31 echo $
(($core-1)) > /opt
/pakfire
/db
/core
/mine
32 # force fsck at next boot, this may fix free space on xfs
34 # don't start pakfire again at error
35 killall
-KILL pak_update
36 /usr
/bin
/logger
-p syslog.emerg
-t ipfire \
37 "core-update-${core}: $1"
41 # Remove old core updates from pakfire cache to save space...
42 for (( i
=1; i
<=$core; i
++ )); do
43 rm -f /var
/cache
/pakfire
/core-upgrade-
*-$i.ipfire
47 /etc
/rc.d
/init.d
/ipsec stop
48 /etc
/rc.d
/init.d
/apache stop
49 /etc
/rc.d
/init.d
/sshd stop
53 # Backup uEnv.txt if exist
54 if [ -e /boot
/uEnv.txt
]; then
55 cp -vf /boot
/uEnv.txt
/boot
/uEnv.txt.org
58 # Do some sanity checks prior to the kernel update
64 exit_with_error
"ERROR cannot update. No IPFire Kernel." 1
68 # Check diskspace on root and size of boot
69 ROOTSPACE
=$
( df
/ -Pk |
sed "s| * | |g" | cut
-d" " -f4 |
tail -n 1 )
70 if [ $ROOTSPACE -lt 200000 ]; then
71 exit_with_error
"ERROR cannot update because not enough free space on root." 2
73 BOOTSIZE
=$
( df
/boot
-Pk |
sed "s| * | |g" | cut
-d" " -f2 |
tail -n 1 )
74 if [ $BOOTSIZE -lt 100000 ]; then
75 exit_with_error
"ERROR cannot update. BOOT partition is to small." 3
78 # Remove the old kernel
96 /etc
/fonts
/conf.d
/10-sub-pixel-rgb.conf \
97 /srv
/web
/ipfire
/html
/themes
/ipfire
/images \
98 /usr
/lib
/libbind9-9.16
.44.so \
99 /usr
/lib
/libdns-9.16
.44.so \
100 /usr
/lib
/libirs-9.16
.44.so \
101 /usr
/lib
/libisc-9.16
.44.so \
102 /usr
/lib
/libisccc-9.16
.44.so \
103 /usr
/lib
/libisccfg-9.16
.44.so \
104 /usr
/lib
/libns-9.16
.44.so \
105 /usr
/lib
/libxml2.so
.2.11*
107 # update linker config
110 # Update Language cache
111 /usr
/local
/bin
/update-lang-cache
114 /usr
/local
/bin
/filesystem-cleanup
119 # Apply local configuration to sshd_config
120 /usr
/local
/bin
/sshctrl
122 # Fix permissions of /etc/sudoers.d/
123 chmod -v 750 /etc
/sudoers.d
124 chmod -v 640 /etc
/sudoers.d
/*
126 # Check apache rsa key and replace if it is too small
127 KEYSIZE
=$
(openssl rsa
-in /etc
/httpd
/server.key
-text -noout |
sed -n 's/Private-Key:\ (\(.*\)\ bit.*/\1/p')
128 if [ $KEYSIZE \
< 2048 ]; then
129 echo "Generating new HTTPS RSA server key (this will take a moment)..."
130 openssl genrsa
-out /etc
/httpd
/server.key
4096 &>/dev
/null
131 chmod 600 /etc
/httpd
/server.key
132 sed "s/HOSTNAME/`hostname -f`/" < /etc
/certparams | \
133 openssl req
-new -key /etc
/httpd
/server.key \
134 -out /etc
/httpd
/server.csr
&>/dev
/null
135 openssl x509
-req -days 999999 -sha256 \
136 -in /etc
/httpd
/server.csr \
137 -signkey /etc
/httpd
/server.key \
138 -out /etc
/httpd
/server.crt
&>/dev
/null
142 /etc
/rc.d
/init.d
/apache start
143 if grep -q "ENABLE_SSH=on" /var
/ipfire
/remote
/settings
; then
144 /etc
/init.d
/sshd start
146 if grep -q "ENABLED=on" /var
/ipfire
/vpn
/settings
; then
147 /etc
/rc.d
/init.d
/ipsec start
149 /etc
/init.d
/suricata restart
151 # Rebuild initial ramdisks
152 dracut
--regenerate-all --force
154 case "$(uname -m)" in
156 mkimage
-A arm64
-T ramdisk
-C lzma
-d /boot
/initramfs-
${KVER}-ipfire.img
/boot
/uInit-
${KVER}-ipfire
157 # dont remove initramfs because grub need this to boot.
161 # Upadate Kernel version in uEnv.txt
162 if [ -e /boot
/uEnv.txt
]; then
163 sed -i -e "s/KVER=.*/KVER=${KVER}/g" /boot
/uEnv.txt
166 # Call user update script (needed for some ARM boards)
167 if [ -e /boot
/pakfire-kernel-update
]; then
168 /boot
/pakfire-kernel-update
${KVER}
171 # This update needs a reboot...
172 touch /var
/run
/need_reboot
175 /etc
/init.d
/fireinfo start
178 # Update grub config to display new core version
179 if [ -e /boot
/grub
/grub.cfg
]; then
180 /usr
/bin
/install-bootloader
185 # Don't report the exitcode last command