]>
Commit | Line | Data |
---|---|---|
67eff38d PM |
1 | #!/bin/bash |
2 | ############################################################################ | |
3 | # # | |
4 | # This file is part of the IPFire Firewall. # | |
5 | # # | |
6 | # IPFire is free software; you can redistribute it and/or modify # | |
7 | # it under the terms of the GNU General Public License as published by # | |
8 | # the Free Software Foundation; either version 3 of the License, or # | |
9 | # (at your option) any later version. # | |
10 | # # | |
11 | # IPFire is distributed in the hope that it will be useful, # | |
12 | # but WITHOUT ANY WARRANTY; without even the implied warranty of # | |
13 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # | |
14 | # GNU General Public License for more details. # | |
15 | # # | |
16 | # You should have received a copy of the GNU General Public License # | |
17 | # along with IPFire; if not, write to the Free Software # | |
18 | # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # | |
19 | # # | |
20 | # Copyright (C) 2022 IPFire-Team <info@ipfire.org>. # | |
21 | # # | |
22 | ############################################################################ | |
23 | # | |
24 | . /opt/pakfire/lib/functions.sh | |
25 | /usr/local/bin/backupctrl exclude >/dev/null 2>&1 | |
26 | ||
27 | core=171 | |
28 | ||
42368583 PM |
29 | exit_with_error() { |
30 | # Set last succesfull installed core. | |
31 | echo $(($core-1)) > /opt/pakfire/db/core/mine | |
32 | # force fsck at next boot, this may fix free space on xfs | |
33 | touch /forcefsck | |
34 | # don't start pakfire again at error | |
35 | killall -KILL pak_update | |
36 | /usr/bin/logger -p syslog.emerg -t ipfire \ | |
37 | "core-update-${core}: $1" | |
38 | exit $2 | |
39 | } | |
40 | ||
67eff38d PM |
41 | # Remove old core updates from pakfire cache to save space... |
42 | for (( i=1; i<=$core; i++ )); do | |
43 | rm -f /var/cache/pakfire/core-upgrade-*-$i.ipfire | |
44 | done | |
45 | ||
46 | # Stop services | |
79fb0874 | 47 | /etc/rc.d/init.d/apache stop |
64fc1360 | 48 | /etc/rc.d/init.d/unbound stop |
ddbc886c | 49 | /etc/rc.d/init.d/squid stop |
492c9fb6 PM |
50 | /usr/local/bin/openvpnctrl -k |
51 | /usr/local/bin/openvpnctrl -kn2n | |
78ba0514 | 52 | /etc/rc.d/init.d/ipsec stop |
415afe55 | 53 | /etc/rc.d/init.d/suricata stop |
b029818d | 54 | /etc/rc.d/init.d/collectd stop |
67eff38d | 55 | |
42368583 PM |
56 | KVER="xxxKVERxxx" |
57 | ||
58 | # Backup uEnv.txt if exist | |
59 | if [ -e /boot/uEnv.txt ]; then | |
60 | cp -vf /boot/uEnv.txt /boot/uEnv.txt.org | |
61 | fi | |
62 | ||
63 | # Do some sanity checks prior to the kernel update | |
64 | case $(uname -r) in | |
65 | *-ipfire*) | |
66 | # Ok. | |
67 | ;; | |
68 | *) | |
69 | exit_with_error "ERROR cannot update. No IPFire Kernel." 1 | |
70 | ;; | |
71 | esac | |
72 | ||
73 | # Check diskspace on root | |
74 | ROOTSPACE=`df / -Pk | sed "s| * | |g" | cut -d" " -f4 | tail -n 1` | |
75 | ||
76 | if [ $ROOTSPACE -lt 100000 ]; then | |
77 | exit_with_error "ERROR cannot update because not enough free space on root." 2 | |
78 | exit 2 | |
79 | fi | |
80 | ||
81 | # Remove the old kernel | |
82 | rm -rvf \ | |
83 | /boot/System.map-* \ | |
84 | /boot/config-* \ | |
85 | /boot/ipfirerd-* \ | |
86 | /boot/initramfs-* \ | |
87 | /boot/vmlinuz-* \ | |
88 | /boot/uImage-* \ | |
89 | /boot/zImage-* \ | |
90 | /boot/uInit-* \ | |
91 | /boot/dtb-* \ | |
92 | /lib/modules | |
93 | ||
67eff38d | 94 | # Remove files |
41a518ae | 95 | rm -rvf \ |
3b01f08a PM |
96 | /lib/firmware/3com/3C359.bin \ |
97 | /lib/firmware/TDA7706_OM_v2.5.1_boot.txt \ | |
98 | /lib/firmware/TDA7706_OM_v3.0.2_boot.txt \ | |
99 | /lib/firmware/atmsar11.fw \ | |
100 | /lib/firmware/bnx2/bnx2-mips-06-4.6.16.fw \ | |
101 | /lib/firmware/bnx2/bnx2-mips-06-5.0.0.j3.fw \ | |
102 | /lib/firmware/bnx2/bnx2-mips-06-5.0.0.j6.fw \ | |
103 | /lib/firmware/bnx2/bnx2-mips-06-6.0.15.fw \ | |
104 | /lib/firmware/bnx2/bnx2-mips-06-6.2.1.fw \ | |
105 | /lib/firmware/bnx2/bnx2-mips-09-4.6.17.fw \ | |
106 | /lib/firmware/bnx2/bnx2-mips-09-5.0.0.j15.fw \ | |
107 | /lib/firmware/bnx2/bnx2-mips-09-5.0.0.j3.fw \ | |
108 | /lib/firmware/bnx2/bnx2-mips-09-5.0.0.j9.fw \ | |
109 | /lib/firmware/bnx2/bnx2-mips-09-6.0.17.fw \ | |
110 | /lib/firmware/bnx2/bnx2-mips-09-6.2.1.fw \ | |
111 | /lib/firmware/bnx2/bnx2-mips-09-6.2.1a.fw \ | |
112 | /lib/firmware/bnx2/bnx2-rv2p-06-4.6.16.fw \ | |
113 | /lib/firmware/bnx2/bnx2-rv2p-06-5.0.0.j3.fw \ | |
114 | /lib/firmware/bnx2/bnx2-rv2p-09-4.6.15.fw \ | |
115 | /lib/firmware/bnx2/bnx2-rv2p-09-5.0.0.j10.fw \ | |
116 | /lib/firmware/bnx2/bnx2-rv2p-09-5.0.0.j3.fw \ | |
117 | /lib/firmware/bnx2/bnx2-rv2p-09ax-5.0.0.j10.fw \ | |
118 | /lib/firmware/bnx2/bnx2-rv2p-09ax-5.0.0.j3.fw \ | |
119 | /lib/firmware/bnx2x-e1-4.8.53.0.fw \ | |
120 | /lib/firmware/bnx2x-e1-5.2.13.0.fw \ | |
121 | /lib/firmware/bnx2x-e1-5.2.7.0.fw \ | |
122 | /lib/firmware/bnx2x-e1h-4.8.53.0.fw \ | |
123 | /lib/firmware/bnx2x-e1h-5.2.13.0.fw \ | |
124 | /lib/firmware/bnx2x-e1h-5.2.7.0.fw \ | |
125 | /lib/firmware/bnx2x/bnx2x-e1-6.0.34.0.fw \ | |
126 | /lib/firmware/bnx2x/bnx2x-e1-6.2.5.0.fw \ | |
127 | /lib/firmware/bnx2x/bnx2x-e1-6.2.9.0.fw \ | |
128 | /lib/firmware/bnx2x/bnx2x-e1-7.0.20.0.fw \ | |
129 | /lib/firmware/bnx2x/bnx2x-e1-7.0.23.0.fw \ | |
130 | /lib/firmware/bnx2x/bnx2x-e1-7.0.29.0.fw \ | |
131 | /lib/firmware/bnx2x/bnx2x-e1-7.10.51.0.fw \ | |
132 | /lib/firmware/bnx2x/bnx2x-e1-7.12.30.0.fw \ | |
133 | /lib/firmware/bnx2x/bnx2x-e1-7.2.16.0.fw \ | |
134 | /lib/firmware/bnx2x/bnx2x-e1-7.2.51.0.fw \ | |
135 | /lib/firmware/bnx2x/bnx2x-e1-7.8.17.0.fw \ | |
136 | /lib/firmware/bnx2x/bnx2x-e1-7.8.19.0.fw \ | |
137 | /lib/firmware/bnx2x/bnx2x-e1-7.8.2.0.fw \ | |
138 | /lib/firmware/bnx2x/bnx2x-e1h-6.0.34.0.fw \ | |
139 | /lib/firmware/bnx2x/bnx2x-e1h-6.2.5.0.fw \ | |
140 | /lib/firmware/bnx2x/bnx2x-e1h-6.2.9.0.fw \ | |
141 | /lib/firmware/bnx2x/bnx2x-e1h-7.0.20.0.fw \ | |
142 | /lib/firmware/bnx2x/bnx2x-e1h-7.0.23.0.fw \ | |
143 | /lib/firmware/bnx2x/bnx2x-e1h-7.0.29.0.fw \ | |
144 | /lib/firmware/bnx2x/bnx2x-e1h-7.10.51.0.fw \ | |
145 | /lib/firmware/bnx2x/bnx2x-e1h-7.12.30.0.fw \ | |
146 | /lib/firmware/bnx2x/bnx2x-e1h-7.2.16.0.fw \ | |
147 | /lib/firmware/bnx2x/bnx2x-e1h-7.2.51.0.fw \ | |
148 | /lib/firmware/bnx2x/bnx2x-e1h-7.8.17.0.fw \ | |
149 | /lib/firmware/bnx2x/bnx2x-e1h-7.8.19.0.fw \ | |
150 | /lib/firmware/bnx2x/bnx2x-e1h-7.8.2.0.fw \ | |
151 | /lib/firmware/bnx2x/bnx2x-e2-6.0.34.0.fw \ | |
152 | /lib/firmware/bnx2x/bnx2x-e2-6.2.5.0.fw \ | |
153 | /lib/firmware/bnx2x/bnx2x-e2-6.2.9.0.fw \ | |
154 | /lib/firmware/bnx2x/bnx2x-e2-7.0.20.0.fw \ | |
155 | /lib/firmware/bnx2x/bnx2x-e2-7.0.23.0.fw \ | |
156 | /lib/firmware/bnx2x/bnx2x-e2-7.0.29.0.fw \ | |
157 | /lib/firmware/bnx2x/bnx2x-e2-7.10.51.0.fw \ | |
158 | /lib/firmware/bnx2x/bnx2x-e2-7.12.30.0.fw \ | |
159 | /lib/firmware/bnx2x/bnx2x-e2-7.2.16.0.fw \ | |
160 | /lib/firmware/bnx2x/bnx2x-e2-7.2.51.0.fw \ | |
161 | /lib/firmware/bnx2x/bnx2x-e2-7.8.17.0.fw \ | |
162 | /lib/firmware/bnx2x/bnx2x-e2-7.8.19.0.fw \ | |
163 | /lib/firmware/bnx2x/bnx2x-e2-7.8.2.0.fw \ | |
164 | /lib/firmware/cbfw-3.2.1.1.bin \ | |
165 | /lib/firmware/cbfw-3.2.3.0.bin \ | |
166 | /lib/firmware/ct2fw-3.2.1.1.bin \ | |
167 | /lib/firmware/ct2fw-3.2.3.0.bin \ | |
168 | /lib/firmware/ctfw-3.2.1.1.bin \ | |
169 | /lib/firmware/ctfw-3.2.3.0.bin \ | |
170 | /lib/firmware/intel/ice/ddp/ice-1.3.28.0.pkg \ | |
8f312961 | 171 | /lib/firmware/intel/ibt-* \ |
3b01f08a | 172 | /lib/firmware/intelliport2.bin \ |
d62babe0 | 173 | /lib/firmware/LICENCE* \ |
8f312961 PM |
174 | /lib/firmware/mediatek/BT_RAM_CODE_MT7922_1_1_hdr.bin \ |
175 | /lib/firmware/mediatek/BT_RAM_CODE_MT7961_1_2_hdr.bin \ | |
3b01f08a | 176 | /lib/firmware/tr_smctr.bin \ |
41a518ae | 177 | /usr/bin/perl5.32* \ |
8f4b4833 | 178 | /usr/lib/libbfd-2.37.so \ |
4c4953a0 | 179 | /usr/lib/libbind9-9.16.31.so \ |
80305dd4 | 180 | /usr/lib/libbind9-9.16.32.so \ |
d62babe0 | 181 | /usr/lib/libdns-9.16.2* \ |
4c4953a0 | 182 | /usr/lib/libdns-9.16.31.so \ |
80305dd4 | 183 | /usr/lib/libdns-9.16.32.so \ |
1564096b PM |
184 | /usr/lib/libefiboot.so.1.37 \ |
185 | /usr/lib/libefivar.so.1.37 \ | |
1c154e51 | 186 | /usr/lib/libexpat.so.1.8.8 \ |
c6e683d0 | 187 | /usr/lib/libhogweed.so.6.4 \ |
4c4953a0 | 188 | /usr/lib/libirs-9.16.31.so \ |
80305dd4 | 189 | /usr/lib/libirs-9.16.32.so \ |
4c4953a0 | 190 | /usr/lib/libisc-9.16.31.so \ |
80305dd4 | 191 | /usr/lib/libisc-9.16.32.so \ |
4c4953a0 | 192 | /usr/lib/libisccc-9.16.31.so \ |
80305dd4 | 193 | /usr/lib/libisccc-9.16.32.so \ |
4c4953a0 | 194 | /usr/lib/libisccfg-9.16.31.so \ |
80305dd4 | 195 | /usr/lib/libisccfg-9.16.32.so \ |
c6e683d0 | 196 | /usr/lib/libnettle.so.8.4 \ |
4c4953a0 | 197 | /usr/lib/libns-9.16.31.so \ |
80305dd4 | 198 | /usr/lib/libns-9.16.32.so \ |
d62babe0 | 199 | /usr/lib/libopcodes-2.36* \ |
8f4b4833 | 200 | /usr/lib/libopcodes-2.37.so \ |
64fc1360 | 201 | /usr/lib/libunbound.so.8.1.18 \ |
41a518ae | 202 | /usr/lib/perl5/5.32* \ |
d62babe0 | 203 | /usr/lib/perl5/site_perl/5.32* \ |
c309bdcf | 204 | /usr/share/man/* \ |
d62babe0 PM |
205 | /usr/share/usb_modeswitch/1004:61aa \ |
206 | /usr/share/usb_modeswitch/12d1:\#android \ | |
207 | /usr/share/usb_modeswitch/12d1:\#linux \ | |
208 | /usr/share/usb_modeswitch/19d2:\#linux \ | |
c153f735 | 209 | /sbin/tipc \ |
d62babe0 | 210 | /srv/web/ipfire/html/themes/ipfire/include/css/style-rounded.css |
67eff38d PM |
211 | |
212 | # Extract files | |
213 | extract_files | |
214 | ||
215 | # update linker config | |
216 | ldconfig | |
217 | ||
218 | # Update Language cache | |
219 | /usr/local/bin/update-lang-cache | |
220 | ||
221 | # Filesytem cleanup | |
222 | /usr/local/bin/filesystem-cleanup | |
223 | ||
c073cb7f PM |
224 | # Rebuild fcrontab from scratch |
225 | /usr/bin/fcrontab -z | |
226 | ||
520d2144 PM |
227 | # Fix backup file permissions |
228 | chown -v root:root /var/ipfire/backup/{in,ex}clude* | |
229 | ||
67eff38d | 230 | # Start services |
b029818d | 231 | /etc/rc.d/init.d/collectd start |
415afe55 | 232 | if grep -q "ENABLE_IDS=on" /var/ipfire/suricata/settings; then |
2f0fb449 PM |
233 | /etc/rc.d/init.d/suricata start |
234 | fi | |
64fc1360 | 235 | /etc/rc.d/init.d/unbound start |
79fb0874 | 236 | /etc/rc.d/init.d/apache start |
3ce996ff | 237 | if grep -q "ENABLED=on" /var/ipfire/ovpn/settings; then |
492c9fb6 PM |
238 | /usr/local/bin/openvpnctrl -s |
239 | /usr/local/bin/openvpnctrl -sn2n | |
3ce996ff | 240 | fi |
78ba0514 PM |
241 | if grep -q "ENABLED=on" /var/ipfire/vpn/settings; then |
242 | /etc/init.d/ipsec start | |
243 | fi | |
492c9fb6 | 244 | if [ -f /var/ipfire/proxy/enable ]; then |
3ce996ff PM |
245 | /etc/init.d/squid start |
246 | fi | |
247 | ||
42368583 PM |
248 | # Regenerate all initrds |
249 | dracut --regenerate-all --force | |
250 | case "$(uname -m)" in | |
251 | armv*) | |
252 | mkimage -A arm -T ramdisk -C lzma -d /boot/initramfs-${KVER}-ipfire.img /boot/uInit-${KVER}-ipfire | |
253 | rm /boot/initramfs-${KVER}-ipfire.img | |
254 | ;; | |
255 | aarch64) | |
256 | mkimage -A arm64 -T ramdisk -C lzma -d /boot/initramfs-${KVER}-ipfire.img /boot/uInit-${KVER}-ipfire | |
257 | # dont remove initramfs because grub need this to boot. | |
258 | ;; | |
259 | esac | |
260 | ||
67eff38d | 261 | # This update needs a reboot... |
0892c58e | 262 | touch /var/run/need_reboot |
67eff38d | 263 | |
42368583 PM |
264 | # remove lm_sensor config after collectd was started |
265 | # to reserch sensors at next boot with updated kernel | |
266 | rm -f /etc/sysconfig/lm_sensors | |
267 | ||
268 | # Upadate Kernel version in uEnv.txt | |
269 | if [ -e /boot/uEnv.txt ]; then | |
270 | sed -i -e "s/KVER=.*/KVER=${KVER}/g" /boot/uEnv.txt | |
271 | fi | |
272 | ||
273 | # Call user update script (needed for some ARM boards) | |
274 | if [ -e /boot/pakfire-kernel-update ]; then | |
275 | /boot/pakfire-kernel-update ${KVER} | |
276 | fi | |
277 | ||
67eff38d PM |
278 | # Finish |
279 | /etc/init.d/fireinfo start | |
280 | sendprofile | |
281 | ||
282 | # Update grub config to display new core version | |
283 | if [ -e /boot/grub/grub.cfg ]; then | |
284 | grub-mkconfig -o /boot/grub/grub.cfg | |
285 | fi | |
286 | ||
287 | sync | |
288 | ||
289 | # Don't report the exitcode last command | |
290 | exit 0 |