]>
Commit | Line | Data |
---|---|---|
0778b991 AF |
1 | #!/bin/bash |
2 | ############################################################################ | |
3 | # # | |
4 | # This file is part of the IPFire Firewall. # | |
5 | # # | |
6 | # IPFire is free software; you can redistribute it and/or modify # | |
7 | # it under the terms of the GNU General Public License as published by # | |
8 | # the Free Software Foundation; either version 3 of the License, or # | |
9 | # (at your option) any later version. # | |
10 | # # | |
11 | # IPFire is distributed in the hope that it will be useful, # | |
12 | # but WITHOUT ANY WARRANTY; without even the implied warranty of # | |
13 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # | |
14 | # GNU General Public License for more details. # | |
15 | # # | |
16 | # You should have received a copy of the GNU General Public License # | |
17 | # along with IPFire; if not, write to the Free Software # | |
18 | # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # | |
19 | # # | |
20 | # Copyright (C) 2014 IPFire-Team <info@ipfire.org>. # | |
21 | # # | |
22 | ############################################################################ | |
23 | # | |
24 | . /opt/pakfire/lib/functions.sh | |
25 | /usr/local/bin/backupctrl exclude >/dev/null 2>&1 | |
26 | ||
27 | ||
28 | function find_device() { | |
29 | local mountpoint="${1}" | |
30 | ||
31 | local root | |
32 | local dev mp fs flags rest | |
33 | while read -r dev mp fs flags rest; do | |
34 | # Skip unwanted entries | |
35 | [ "${dev}" = "rootfs" ] && continue | |
36 | ||
37 | if [ "${mp}" = "${mountpoint}" ] && [ -b "${dev}" ]; then | |
38 | root="$(basename "${dev}")" | |
39 | break | |
40 | fi | |
41 | done < /proc/mounts | |
42 | ||
43 | # Get the actual device from the partition that holds / | |
44 | while [ -n "${root}" ]; do | |
45 | if [ -e "/sys/block/${root}" ]; then | |
46 | echo "${root}" | |
47 | return 0 | |
48 | fi | |
49 | ||
50 | # Remove last character | |
51 | root="${root::-1}" | |
52 | done | |
53 | ||
54 | return 1 | |
55 | } | |
56 | ||
57 | ||
58 | # | |
59 | # Remove old core updates from pakfire cache to save space... | |
60 | core=90 | |
61 | for (( i=1; i<=${core}; i++ )) | |
62 | do | |
63 | rm -f /var/cache/pakfire/core-upgrade-*-$i.ipfire | |
64 | done | |
65 | ||
66 | # | |
67 | # Do some sanity checks. | |
68 | case $(uname -r) in | |
69 | *-ipfire-versatile ) | |
70 | /usr/bin/logger -p syslog.emerg -t ipfire \ | |
71 | "core-update-${core}: ERROR cannot update. versatile support is dropped." | |
72 | # Report no error to pakfire. So it does not try to install it again. | |
73 | exit 0 | |
74 | ;; | |
75 | *-ipfire* ) | |
76 | # Ok. | |
77 | ;; | |
78 | * ) | |
79 | /usr/bin/logger -p syslog.emerg -t ipfire \ | |
80 | "core-update-${core}: ERROR cannot update. No IPFire Kernel." | |
81 | exit 1 | |
82 | ;; | |
83 | esac | |
84 | ||
85 | ||
86 | # | |
87 | # | |
88 | KVER="xxxKVERxxx" | |
89 | ||
90 | # Check diskspace on root | |
91 | ROOTSPACE=`df / -Pk | sed "s| * | |g" | cut -d" " -f4 | tail -n 1` | |
92 | ||
93 | if [ $ROOTSPACE -lt 100000 ]; then | |
94 | /usr/bin/logger -p syslog.emerg -t ipfire \ | |
95 | "core-update-${core}: ERROR cannot update because not enough free space on root." | |
96 | exit 2 | |
97 | fi | |
98 | ||
99 | ||
100 | echo | |
101 | echo Update Kernel to $KVER ... | |
102 | # | |
103 | # Remove old kernel, configs, initrd, modules, dtb's ... | |
104 | # | |
105 | rm -rf /boot/System.map-* | |
106 | rm -rf /boot/config-* | |
107 | rm -rf /boot/ipfirerd-* | |
108 | rm -rf /boot/initramfs-* | |
109 | rm -rf /boot/vmlinuz-* | |
110 | rm -rf /boot/uImage-ipfire-* | |
111 | rm -rf /boot/uInit-ipfire-* | |
112 | rm -rf /boot/dtb-*-ipfire-* | |
113 | rm -rf /lib/modules | |
114 | ||
115 | case "$(uname -m)" in | |
116 | armv*) | |
117 | # Backup uEnv.txt if exist | |
118 | if [ -e /boot/uEnv.txt ]; then | |
119 | cp -vf /boot/uEnv.txt /boot/uEnv.txt.org | |
120 | fi | |
121 | ||
122 | # work around the u-boot folder detection bug | |
123 | mkdir -pv /boot/dtb-$KVER-ipfire-kirkwood | |
124 | mkdir -pv /boot/dtb-$KVER-ipfire-multi | |
125 | ;; | |
126 | esac | |
127 | ||
128 | # | |
129 | #Stop services | |
130 | /etc/init.d/snort stop | |
131 | /etc/init.d/squid stop | |
132 | /etc/init.d/ipsec stop | |
133 | /etc/init.d/apache stop | |
134 | ||
359efc4b SS |
135 | # Drop old flag icons, before extracting the new ones. |
136 | rm /srv/web/ipfire/html/images/flags/* | |
137 | ||
0778b991 AF |
138 | # |
139 | #Extract files | |
140 | tar xavf /opt/pakfire/tmp/files* --no-overwrite-dir -p --numeric-owner -C / | |
141 | ||
ba837e88 AF |
142 | # |
143 | # restart init because glibc was updated. | |
144 | telinit u | |
145 | ||
45ff420e MT |
146 | # Remove old openssl libraries |
147 | rm -vf /usr/lib/libcrypto.so.0.9.8 /usr/lib/libssl.so.0.9.8 | |
148 | ||
0778b991 AF |
149 | # Check diskspace on boot |
150 | BOOTSPACE=`df /boot -Pk | sed "s| * | |g" | cut -d" " -f4 | tail -n 1` | |
151 | ||
152 | if [ $BOOTSPACE -lt 1000 ]; then | |
153 | case $(uname -r) in | |
154 | *-ipfire-kirkwood ) | |
155 | # Special handling for old kirkwood images. | |
156 | # (install only kirkwood kernel) | |
157 | rm -rf /boot/* | |
158 | # work around the u-boot folder detection bug | |
159 | mkdir -pv /boot/dtb-$KVER-ipfire-kirkwood | |
160 | tar xavf /opt/pakfire/tmp/files* --no-overwrite-dir -p \ | |
161 | --numeric-owner -C / --wildcards 'boot/*-kirkwood*' | |
162 | ;; | |
163 | * ) | |
164 | /usr/bin/logger -p syslog.emerg -t ipfire \ | |
165 | "core-update-${core}: FATAL-ERROR space run out on boot. System is not bootable..." | |
166 | /etc/init.d/apache start | |
167 | exit 4 | |
168 | ;; | |
169 | esac | |
170 | fi | |
171 | ||
46d3a4cb SS |
172 | # Create GeoIP related files if they do not exist yet. |
173 | if [ ! -e "/var/ipfire/firewall/geoipblock" ]; then | |
174 | touch /var/ipfire/firewall/geoipblock | |
175 | chown nobody:nobody /var/ipfire/firewall/geoipblock | |
176 | ||
177 | # Insert default value into file. | |
178 | echo "GEOIPBLOCK_ENABLED=off" >> /var/ipfire/firewall/geoipblock | |
179 | fi | |
180 | if [ ! -e "/var/ipfire/fwhosts/customgeoipgrp" ]; then | |
181 | touch /var/ipfire/fwhosts/customgeoipgrp | |
182 | chown nobody:nobody /var/ipfire/fwhosts/customgeoipgrp | |
183 | fi | |
184 | ||
0a11f876 | 185 | #Fix BUG10812 (openvpn server.conf has wrong collectd logfile path) |
69a419b1 | 186 | if grep -q "status /var/log/ovpnserver.log 30" /var/ipfire/ovpn/server.conf; then |
0a11f876 AM |
187 | sed -i "s/\/var\/log\/ovpnserver.log 30/\/var\/run\/ovpnserver.log 30/" /var/ipfire/ovpn/server.conf |
188 | fi | |
189 | ||
46d3a4cb SS |
190 | # Download/Update GeoIP databases. |
191 | /usr/local/bin/xt_geoip_update | |
192 | ||
db5b5de9 SS |
193 | # Update crontab |
194 | grep -q /usr/local/bin/xt_geoip_update /var/spool/cron/root.orig || cat <<EOF >> /var/spool/cron/root.orig | |
195 | ||
196 | # Update GeoIP database once a month. | |
197 | %monthly,random * * * [ -f "/var/ipfire/red/active" ] && /usr/local/bin/xt_geoip_update >/dev/null 2>&1 | |
198 | EOF | |
199 | ||
200 | fcrontab -z &>/dev/null | |
201 | ||
e798fee7 SS |
202 | # Generate ddns configuration file |
203 | sudo -u nobody /srv/web/ipfire/cgi-bin/ddns.cgi | |
db5b5de9 | 204 | |
0ee35ce0 MT |
205 | # Regenerate IPsec configuration |
206 | sudo -u nobody /srv/web/ipfire/cgi-bin/vpnmain.cgi | |
207 | ||
0778b991 AF |
208 | # Update Language cache |
209 | perl -e "require '/var/ipfire/lang.pl'; &Lang::BuildCacheLang" | |
210 | ||
51ff5115 MT |
211 | # Remove old udev configuration |
212 | rm -vf /etc/udev/rules.d/30-persistent-network.rules | |
213 | ||
49d769c6 AF |
214 | # Remove pids from dhcp client because it hang at normal shutdown |
215 | # so let the sysvinit kill it | |
216 | rm -f /run/dhcpcd-*.pid | |
217 | ||
0778b991 AF |
218 | # |
219 | # Start services | |
220 | # | |
221 | /etc/init.d/apache start | |
222 | /etc/init.d/squid start | |
223 | /etc/init.d/snort start | |
224 | if [ `grep "ENABLED=on" /var/ipfire/vpn/settings` ]; then | |
225 | /etc/init.d/ipsec start | |
226 | fi | |
227 | ||
228 | case "$(uname -m)" in | |
229 | i?86) | |
230 | case "$(find_device "/")" in | |
231 | xvd* ) | |
232 | echo Skip remove grub2 files, because pygrub fail. | |
233 | rm -f /boot/grub/* | |
234 | echo config will recreated by linux-pae install. | |
235 | ;; | |
236 | * ) | |
237 | # | |
238 | # Update to GRUB2 config | |
239 | # | |
240 | grub-mkconfig > /boot/grub/grub.cfg | |
241 | ;; | |
242 | esac | |
243 | esac | |
244 | ||
898474e6 AF |
245 | # Upadate Kernel version uEnv.txt |
246 | if [ -e /boot/uEnv.txt ]; then | |
247 | sed -i -e "s/KVER=.*/KVER=${KVER}/g" /boot/uEnv.txt | |
248 | fi | |
249 | ||
58efaf8e AF |
250 | # call user update script (needed for some arm boards) |
251 | if [ -e /boot/pakfire-kernel-update ]; then | |
086eb9b5 | 252 | /boot/pakfire-kernel-update ${KVER} |
58efaf8e AF |
253 | fi |
254 | ||
255 | ||
0778b991 | 256 | # Force (re)install pae kernel if pae is supported |
5f51d103 | 257 | rm -rf /opt/pakfire/db/installed/meta-linux-pae |
0778b991 AF |
258 | if [ ! "$(grep "^flags.* pae " /proc/cpuinfo)" == "" ]; then |
259 | ROOTSPACE=`df / -Pk | sed "s| * | |g" | cut -d" " -f4 | tail -n 1` | |
260 | BOOTSPACE=`df /boot -Pk | sed "s| * | |g" | cut -d" " -f4 | tail -n 1` | |
261 | if [ $BOOTSPACE -lt 12000 -o $ROOTSPACE -lt 90000 ]; then | |
262 | /usr/bin/logger -p syslog.emerg -t ipfire \ | |
263 | "core-update-${core}: WARNING not enough space for pae kernel." | |
264 | else | |
265 | echo "Name: linux-pae" > /opt/pakfire/db/installed/meta-linux-pae | |
266 | echo "ProgVersion: 0" >> /opt/pakfire/db/installed/meta-linux-pae | |
267 | echo "Release: 0" >> /opt/pakfire/db/installed/meta-linux-pae | |
e35d81be | 268 | # rm -f /opt/pakfire/db/meta/meta-linux-pae 2>&1 > /dev/null |
0778b991 AF |
269 | fi |
270 | fi | |
271 | ||
272 | # | |
273 | # After pakfire has ended run it again and update the lists and do upgrade | |
274 | # | |
275 | echo '#!/bin/bash' > /tmp/pak_update | |
276 | echo 'while [ "$(ps -A | grep " update.sh")" != "" ]; do' >> /tmp/pak_update | |
277 | echo ' sleep 1' >> /tmp/pak_update | |
278 | echo 'done' >> /tmp/pak_update | |
279 | echo 'while [ "$(ps -A | grep " pakfire")" != "" ]; do' >> /tmp/pak_update | |
280 | echo ' sleep 1' >> /tmp/pak_update | |
281 | echo 'done' >> /tmp/pak_update | |
282 | echo '/opt/pakfire/pakfire update -y --force' >> /tmp/pak_update | |
283 | echo '/opt/pakfire/pakfire upgrade -y' >> /tmp/pak_update | |
284 | echo '/opt/pakfire/pakfire upgrade -y' >> /tmp/pak_update | |
285 | echo '/opt/pakfire/pakfire upgrade -y' >> /tmp/pak_update | |
286 | echo '/usr/bin/logger -p syslog.emerg -t ipfire "Core-upgrade finished. If you use a customized grub/uboot config"' >> /tmp/pak_update | |
287 | echo '/usr/bin/logger -p syslog.emerg -t ipfire "Check it before reboot !!!"' >> /tmp/pak_update | |
288 | echo '/usr/bin/logger -p syslog.emerg -t ipfire " *** Please reboot... *** "' >> /tmp/pak_update | |
289 | echo 'touch /var/run/need_reboot ' >> /tmp/pak_update | |
290 | # | |
291 | killall -KILL pak_update | |
292 | chmod +x /tmp/pak_update | |
293 | /tmp/pak_update & | |
294 | ||
295 | sync | |
296 | ||
297 | # | |
298 | #Finish | |
299 | ( | |
300 | /etc/init.d/fireinfo start | |
301 | sendprofile | |
302 | ) >/dev/null 2>&1 & | |
303 | ||
304 | echo | |
305 | echo Please wait until pakfire has ended... | |
306 | echo | |
307 | ||
308 | # Don't report the exitcode last command | |
309 | exit 0 | |
310 |