]>
Commit | Line | Data |
---|---|---|
b5ef99df MT |
1 | #!/bin/bash |
2 | ############################################################################ | |
3 | # # | |
4 | # This file is part of the IPFire Firewall. # | |
5 | # # | |
6 | # IPFire is free software; you can redistribute it and/or modify # | |
7 | # it under the terms of the GNU General Public License as published by # | |
8 | # the Free Software Foundation; either version 3 of the License, or # | |
9 | # (at your option) any later version. # | |
10 | # # | |
11 | # IPFire is distributed in the hope that it will be useful, # | |
12 | # but WITHOUT ANY WARRANTY; without even the implied warranty of # | |
13 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # | |
14 | # GNU General Public License for more details. # | |
15 | # # | |
16 | # You should have received a copy of the GNU General Public License # | |
17 | # along with IPFire; if not, write to the Free Software # | |
18 | # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # | |
19 | # # | |
20 | # Copyright (C) 2019 IPFire-Team <info@ipfire.org>. # | |
21 | # # | |
22 | ############################################################################ | |
23 | # | |
24 | . /opt/pakfire/lib/functions.sh | |
25 | /usr/local/bin/backupctrl exclude >/dev/null 2>&1 | |
26 | ||
4f30ce49 | 27 | core=131 |
b5ef99df | 28 | |
83c956c3 AF |
29 | exit_with_error() { |
30 | # Set last succesfull installed core. | |
31 | echo $(($core-1)) > /opt/pakfire/db/core/mine | |
32 | # don't start pakfire again at error | |
33 | killall -KILL pak_update | |
34 | /usr/bin/logger -p syslog.emerg -t ipfire \ | |
35 | "core-update-${core}: $1" | |
36 | exit $2 | |
37 | } | |
38 | ||
b5ef99df MT |
39 | # Remove old core updates from pakfire cache to save space... |
40 | for (( i=1; i<=$core; i++ )); do | |
41 | rm -f /var/cache/pakfire/core-upgrade-*-$i.ipfire | |
42 | done | |
43 | ||
83c956c3 AF |
44 | KVER="xxxKVERxxx" |
45 | ||
46 | # Backup uEnv.txt if exist | |
47 | if [ -e /boot/uEnv.txt ]; then | |
48 | cp -vf /boot/uEnv.txt /boot/uEnv.txt.org | |
49 | fi | |
50 | ||
51 | # Do some sanity checks. | |
52 | case $(uname -r) in | |
53 | *-ipfire*) | |
54 | # Ok. | |
55 | ;; | |
56 | *) | |
57 | exit_with_error "ERROR cannot update. No IPFire Kernel." 1 | |
58 | ;; | |
59 | esac | |
60 | ||
61 | # Check diskspace on root | |
62 | ROOTSPACE=`df / -Pk | sed "s| * | |g" | cut -d" " -f4 | tail -n 1` | |
63 | ||
64 | if [ $ROOTSPACE -lt 80000 ]; then | |
65 | exit_with_error "ERROR cannot update because not enough free space on root." 2 | |
66 | exit 2 | |
67 | fi | |
68 | ||
69 | # Remove the old kernel | |
70 | rm -rf /boot/System.map-* | |
71 | rm -rf /boot/config-* | |
72 | rm -rf /boot/ipfirerd-* | |
73 | rm -rf /boot/initramfs-* | |
74 | rm -rf /boot/vmlinuz-* | |
75 | rm -rf /boot/uImage-*-ipfire-* | |
76 | rm -rf /boot/zImage-*-ipfire-* | |
77 | rm -rf /boot/uInit-*-ipfire-* | |
78 | rm -rf /boot/dtb-*-ipfire-* | |
79 | rm -rf /lib/modules | |
80 | rm -f /etc/sysconfig/lm_sensors | |
81 | ||
b5ef99df | 82 | # Stop services |
f9219b91 MT |
83 | /etc/init.d/snort stop |
84 | if [ -e "/etc/init.d/suricata" ]; then | |
85 | /etc/init.d/suricata stop | |
86 | fi | |
b5ef99df | 87 | |
f9219b91 MT |
88 | # Rename snort user to suricata |
89 | if getent group snort &>/dev/null; then | |
90 | groupmod -n suricata snort | |
91 | fi | |
92 | ||
93 | if getent passwd snort &>/dev/null; then | |
94 | usermod -l suricata -c "Suricata" \ | |
95 | -d /var/log/suricata snort | |
96 | fi | |
b5ef99df MT |
97 | |
98 | # Extract files | |
99 | extract_files | |
100 | ||
101 | # update linker config | |
102 | ldconfig | |
103 | ||
104 | # Update Language cache | |
105 | /usr/local/bin/update-lang-cache | |
106 | ||
f9219b91 MT |
107 | # Migrate snort configuration to suricata |
108 | /usr/sbin/convert-snort | |
109 | ||
b60fd7a3 SS |
110 | # Remove files |
111 | rm -rfv \ | |
112 | /etc/rc.d/rc*.d/*snort \ | |
113 | /etc/rc.d/init.d/networking/red.up/23-RS-snort \ | |
114 | /etc/snort \ | |
115 | /usr/bin/daq-modules-config \ | |
116 | /usr/bin/u2boat \ | |
117 | /usr/bin/u2spewfoo \ | |
118 | /usr/lib/daq \ | |
119 | /usr/lib/snort \ | |
120 | /usr/lib/libdaq.so* \ | |
121 | /usr/lib/libsfbpf.so* \ | |
122 | /usr/local/bin/snortctl \ | |
123 | /usr/sbin/snort \ | |
124 | /var/ipfire/snort | |
125 | ||
b5ef99df | 126 | # Start services |
ef1cb803 | 127 | /etc/init.d/apache restart |
f9219b91 MT |
128 | /etc/init.d/collectd restart |
129 | /etc/init.d/firewall restart | |
a46903cc | 130 | /etc/init.d/unbound restart |
f9219b91 | 131 | /etc/init.d/suricata start |
b5ef99df | 132 | |
5f9bf17d AF |
133 | # Update pakfire database |
134 | /usr/local/bin/pakfire update --force | |
135 | ||
0265f51e AF |
136 | # Search sensors again after reboot into the new kernel |
137 | rm -f /etc/sysconfig/lm_sensors | |
138 | ||
83c956c3 AF |
139 | # Upadate Kernel version uEnv.txt |
140 | if [ -e /boot/uEnv.txt ]; then | |
141 | sed -i -e "s/KVER=.*/KVER=${KVER}/g" /boot/uEnv.txt | |
142 | fi | |
143 | ||
144 | # call user update script (needed for some arm boards) | |
145 | if [ -e /boot/pakfire-kernel-update ]; then | |
146 | /boot/pakfire-kernel-update ${KVER} | |
147 | fi | |
148 | ||
149 | case "$(uname -m)" in | |
150 | i?86) | |
151 | # Force (re)install pae kernel if pae is supported | |
152 | rm -rf /opt/pakfire/db/installed/meta-linux-pae | |
153 | rm -rf /opt/pakfire/db/rootfiles/linux-pae | |
154 | if [ ! "$(grep "^flags.* pae " /proc/cpuinfo)" == "" ]; then | |
155 | ROOTSPACE=`df / -Pk | sed "s| * | |g" | cut -d" " -f4 | tail -n 1` | |
156 | BOOTSPACE=`df /boot -Pk | sed "s| * | |g" | cut -d" " -f4 | tail -n 1` | |
157 | if [ $BOOTSPACE -lt 22000 -o $ROOTSPACE -lt 120000 ]; then | |
158 | /usr/bin/logger -p syslog.emerg -t ipfire \ | |
159 | "core-update-${core}: WARNING not enough space for pae kernel." | |
160 | touch /var/run/need_reboot | |
161 | else | |
162 | echo "Name: linux-pae" > /opt/pakfire/db/installed/meta-linux-pae | |
163 | echo "ProgVersion: 0" >> /opt/pakfire/db/installed/meta-linux-pae | |
164 | echo "Release: 0" >> /opt/pakfire/db/installed/meta-linux-pae | |
165 | fi | |
166 | else | |
167 | touch /var/run/need_reboot | |
168 | fi | |
169 | ;; | |
170 | *) | |
171 | # This update needs a reboot... | |
172 | touch /var/run/need_reboot | |
173 | ;; | |
174 | esac | |
b5ef99df MT |
175 | |
176 | # Finish | |
177 | /etc/init.d/fireinfo start | |
178 | sendprofile | |
179 | ||
180 | # Update grub config to display new core version | |
181 | if [ -e /boot/grub/grub.cfg ]; then | |
182 | grub-mkconfig -o /boot/grub/grub.cfg | |
183 | fi | |
184 | ||
185 | sync | |
186 | ||
187 | # Don't report the exitcode last command | |
188 | exit 0 |