]>
Commit | Line | Data |
---|---|---|
4335a594 AF |
1 | #!/bin/bash |
2 | ############################################################################ | |
3 | # # | |
4 | # This file is part of the IPFire Firewall. # | |
5 | # # | |
6 | # IPFire is free software; you can redistribute it and/or modify # | |
7 | # it under the terms of the GNU General Public License as published by # | |
8 | # the Free Software Foundation; either version 3 of the License, or # | |
9 | # (at your option) any later version. # | |
10 | # # | |
11 | # IPFire is distributed in the hope that it will be useful, # | |
12 | # but WITHOUT ANY WARRANTY; without even the implied warranty of # | |
13 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # | |
14 | # GNU General Public License for more details. # | |
15 | # # | |
16 | # You should have received a copy of the GNU General Public License # | |
17 | # along with IPFire; if not, write to the Free Software # | |
18 | # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # | |
19 | # # | |
20 | # Copyright (C) 2010 IPFire-Team <info@ipfire.org>. # | |
21 | # # | |
22 | ############################################################################ | |
23 | # | |
24 | . /opt/pakfire/lib/functions.sh | |
25 | /usr/local/bin/backupctrl exclude >/dev/null 2>&1 | |
26 | # | |
c8783a6a AF |
27 | OLDVERSION=`grep "version = " /opt/pakfire/etc/pakfire.conf | cut -d'"' -f2` |
28 | # | |
29 | # Test if we running on xen | |
30 | # | |
31 | uname -r | grep "ipfire-xen"; | |
32 | if [ ${?} = 0 ]; then | |
33 | #Xen Kernel is active | |
34 | NEWVERSION="2.7-xen" | |
35 | else | |
36 | #Normal Kernel | |
37 | NEWVERSION="2.7" | |
38 | fi | |
39 | # | |
de167abd | 40 | KVER="2.6.32.15" |
4335a594 AF |
41 | ROOT=`grep "root=" /boot/grub/grub.conf | cut -d"=" -f2 | cut -d" " -f1 | tail -n 1` |
42 | MOUNT=`grep "kernel" /boot/grub/grub.conf | tail -n 1` | |
43 | # Nur den letzten Parameter verwenden | |
44 | echo $MOUNT > /dev/null | |
45 | MOUNT=$_ | |
46 | if [ ! $MOUNT == "rw" ]; then | |
47 | MOUNT="ro" | |
48 | fi | |
49 | # | |
50 | # check if we the backup file already exist | |
51 | if [ -e /var/ipfire/backup/core-upgrade_$KVER.tar.bz2 ]; then | |
52 | echo Moving backup to backup-old ... | |
53 | mv -f /var/ipfire/backup/core-upgrade_$KVER.tar.bz2 \ | |
54 | /var/ipfire/backup/core-upgrade_$KVER-old.tar.bz2 | |
55 | fi | |
56 | echo First we made a backup of all files that was inside of the | |
57 | echo update archive. This may take a while ... | |
58 | # Add some files that are not in the package to backup | |
59 | echo lib/modules >> /opt/pakfire/tmp/ROOTFILES | |
60 | echo boot >> /opt/pakfire/tmp/ROOTFILES | |
61 | echo etc/sysconfig/lm_sensors >> /opt/pakfire/tmp/ROOTFILES | |
618097cb AF |
62 | echo usr/lib/ipsec >> /opt/pakfire/tmp/ROOTFILES |
63 | echo usr/libexec/ipsec >> /opt/pakfire/tmp/ROOTFILES | |
87af024a AF |
64 | # exclude squid cache from backup |
65 | sed -i -e "s|^var/log/cache|#var/log/cache|g" /opt/pakfire/tmp/ROOTFILES | |
66 | # Backup the files | |
4335a594 AF |
67 | tar cjvf /var/ipfire/backup/core-upgrade_$KVER.tar.bz2 \ |
68 | -C / -T /opt/pakfire/tmp/ROOTFILES --exclude='#*' > /dev/null 2>&1 | |
c131aeaf AF |
69 | |
70 | # | |
71 | # Stop Sevices | |
72 | # | |
73 | /etc/init.d/collectd stop | |
74 | /etc/init.d/squid stop | |
75 | /etc/init.d/ipsec stop | |
8dc25f04 | 76 | /etc/init.d/snort stop |
c131aeaf | 77 | |
4335a594 AF |
78 | echo |
79 | echo Update Kernel to $KVER ... | |
80 | # Remove old kernel, configs, initrd, modules ... | |
81 | # | |
82 | rm -rf /boot/System.map-* | |
83 | rm -rf /boot/config-* | |
84 | rm -rf /boot/ipfirerd-* | |
85 | rm -rf /boot/vmlinuz-* | |
4335a594 | 86 | rm -rf /lib/modules/*-ipfire |
de167abd AF |
87 | # Don't remove all old xen modules. Kernel may stored outside. |
88 | # only from 2.6.27.25 and 31 | |
89 | rm -rf /lib/modules/2.6.27.25-ipfire-xen | |
90 | rm -rf /lib/modules/2.6.27.31-ipfire-xen | |
4335a594 | 91 | # |
b151637d | 92 | # remove openswan libs ... |
4335a594 | 93 | # |
b151637d AF |
94 | rm -rf /usr/lib/ipsec |
95 | rm -rf /usr/libexec/ipsec | |
b86d9c0a | 96 | # |
8dc25f04 | 97 | # old snort libs and rules ... |
b86d9c0a AF |
98 | # |
99 | rm -rf /usr/lib/snort_* | |
8dc25f04 | 100 | rm -rf /etc/snort |
b29c22a4 AF |
101 | # |
102 | # mISDN Files that was moved to sbin | |
103 | # | |
104 | rm -rf /usr/bin/misdn_rename | |
105 | rm -rf /usr/bin/misdn_cleanl2 | |
4335a594 AF |
106 | # |
107 | # Backup grub.conf | |
108 | # | |
109 | cp -vf /boot/grub/grub.conf /boot/grub/grub.conf.org | |
110 | # | |
d2d2da10 AF |
111 | # Stop sysklogd |
112 | /etc/init.d/sysklogd stop | |
113 | # | |
4335a594 AF |
114 | # Unpack the updated files |
115 | # | |
116 | echo | |
117 | echo Unpack the updated files ... | |
118 | # | |
119 | tar xvf /opt/pakfire/tmp/files --preserve --numeric-owner -C / \ | |
120 | --no-overwrite-dir | |
121 | # | |
96667929 | 122 | # Start sysklogd |
d2d2da10 | 123 | /etc/init.d/sysklogd start |
d2d2da10 | 124 | # |
4335a594 AF |
125 | # Modify grub.conf |
126 | # | |
127 | echo | |
128 | echo Update grub configuration ... | |
129 | sed -i "s|ROOT|$ROOT|g" /boot/grub/grub.conf | |
130 | sed -i "s|KVER|$KVER|g" /boot/grub/grub.conf | |
131 | sed -i "s|MOUNT|$MOUNT|g" /boot/grub/grub.conf | |
132 | ||
133 | if [ "$(grep "^serial" /boot/grub/grub.conf.org)" == "" ]; then | |
134 | echo "grub use default console ..." | |
135 | else | |
136 | echo "grub use serial console ..." | |
137 | sed -i -e "s|splashimage|#splashimage|g" /boot/grub/grub.conf | |
138 | sed -i -e "s|#serial|serial|g" /boot/grub/grub.conf | |
139 | sed -i -e "s|#terminal|terminal|g" /boot/grub/grub.conf | |
140 | sed -i -e "s| panic=10 | console=ttyS0,38400n8 panic=10 |g" /boot/grub/grub.conf | |
141 | fi | |
142 | # | |
143 | # Made emergency - initramdisk | |
144 | # | |
145 | echo | |
146 | echo Create new Initramdisks ... | |
147 | cp -f /etc/mkinitcpio.conf /etc/mkinitcpio.conf.org | |
148 | sed -i "s| autodetect | |g" /etc/mkinitcpio.conf | |
149 | mkinitcpio -k $KVER-ipfire -g /boot/ipfirerd-$KVER-emergency.img | |
150 | cp -f /etc/mkinitcpio.conf.org /etc/mkinitcpio.conf | |
151 | # | |
152 | # Made initramdisk | |
153 | # | |
154 | if [ "${ROOT:0:7}" == "/dev/sd" ]; then | |
155 | # Remove ide hook if root is on sda | |
156 | sed -i "s| ide | |g" /etc/mkinitcpio.conf | |
157 | else | |
158 | if [ "${ROOT:0:7}" == "/dev/hd" ]; then | |
159 | # Remove pata & sata hook if root is on hda | |
160 | sed -i "s| pata | |g" /etc/mkinitcpio.conf | |
161 | sed -i "s| sata | |g" /etc/mkinitcpio.conf | |
162 | fi | |
163 | fi | |
164 | mkinitcpio -k $KVER-ipfire -g /boot/ipfirerd-$KVER.img | |
165 | # | |
166 | # ReInstall grub | |
167 | # | |
168 | grub-install --no-floppy ${ROOT::`expr length $ROOT`-1} --recheck | |
169 | # | |
170 | # Rebuild Language | |
171 | # | |
172 | perl -e "require '/var/ipfire/lang.pl'; &Lang::BuildCacheLang" | |
173 | # | |
d7cd8ad9 CS |
174 | # Cleanup Collectd statistics... |
175 | # | |
176 | PRECLEAN=`du -sh /var/log/rrd/collectd` | |
177 | # | |
178 | rm -rf /var/log/rrd*/collectd/localhost/processes-*/ps_count* | |
179 | rm -rf /var/log/rrd*/collectd/localhost/processes-*/ps_pagefaults* | |
180 | rm -rf /var/log/rrd*/collectd/localhost/processes-*/ps_stacksize* | |
181 | rm -rf /var/log/rrd*/collectd/localhost/processes-*/ps_state* | |
182 | rm -rf /var/log/rrd*/collectd/localhost/processes-*/ps_vm* | |
183 | # | |
184 | rm -rf /var/log/rrd*/collectd/localhost/interface/if_errors* | |
185 | rm -rf /var/log/rrd*/collectd/localhost/interface/if_packets* | |
186 | # | |
187 | rm -rf /var/log/rrd*/collectd/localhost/disk-*/disk_merged* | |
188 | rm -rf /var/log/rrd*/collectd/localhost/disk-*/disk_ops* | |
189 | rm -rf /var/log/rrd*/collectd/localhost/disk-*/disk_time* | |
48cad624 AF |
190 | # |
191 | rm -rf /var/log/rrd*/collectd/localhost/iptables-filter-INPUT/*-DROP_Wirelessinput* | |
192 | rm -rf /var/log/rrd*/collectd/localhost/iptables-filter-FORWARD/*-DROP_Wirelessforward* | |
193 | rm -rf /var/log/rrd*/collectd/localhost/iptables-filter-OUTGOINGFW | |
d7cd8ad9 CS |
194 | POSTCLEAN=`du -sh /var/log/rrd/collectd` |
195 | # | |
196 | echo Cleaned up collectd directory from $PRECLEAN to $POSTCLEAN size. | |
197 | # | |
d2d2da10 AF |
198 | # Start collectd |
199 | /etc/init.d/collectd start | |
200 | # | |
201 | # Delete old lm-sensor modullist to force search at next boot | |
202 | # | |
203 | rm -rf /etc/sysconfig/lm_sensors | |
204 | # | |
58fcc270 AF |
205 | # USB Modeswitch conf now called setup, rename ... |
206 | # | |
618097cb | 207 | if [ -e /etc/usb_modeswitch.conf ]; then |
58fcc270 | 208 | mv -f /etc/usb_modeswitch.conf /etc/usb_modeswitch.setup |
618097cb | 209 | fi |
58fcc270 | 210 | # |
618097cb AF |
211 | # rebuild qosscript if enabled... |
212 | if [ -e /var/ipfire/qos/enable ]; then | |
213 | /usr/local/bin/qosctrl stop | |
7d3d5dbd | 214 | /usr/local/bin/qosctrl generate |
618097cb AF |
215 | /usr/local/bin/qosctrl start |
216 | fi | |
4335a594 AF |
217 | # |
218 | # | |
e3c5d22a AF |
219 | # convert ipsec.conf from openswan to strongswan... |
220 | mv /var/ipfire/vpn/ipsec.conf /var/ipfire/vpn/ipsec.conf.org | |
221 | cat /var/ipfire/vpn/ipsec.conf.org | \ | |
222 | grep -v "disablearrivalcheck=" | \ | |
63249c67 | 223 | grep -v "klipsdebug=" | \ |
e3c5d22a | 224 | grep -v "leftfirewall=" | \ |
b2d5dd6d | 225 | grep -v "lefthostaccess=" | \ |
e3c5d22a AF |
226 | grep -v "charonstart=" | \ |
227 | grep -v "aggrmode=" > /var/ipfire/vpn/ipsec.conf | |
228 | sed -i "s|ipsec[0-9]=||g" /var/ipfire/vpn/ipsec.conf | |
63249c67 AF |
229 | sed -i "s|nat_t ||g" /var/ipfire/vpn/ipsec.conf |
230 | sed -i "s|klips ||g" /var/ipfire/vpn/ipsec.conf | |
b2d5dd6d | 231 | sed -i "s|^conn [A-Za-z].*$|&\n\tleftfirewall=yes\n\tlefthostaccess=yes|g" /var/ipfire/vpn/ipsec.conf |
e3c5d22a AF |
232 | sed -i "s|^config setup$|&\n\tcharonstart=no|g" /var/ipfire/vpn/ipsec.conf |
233 | chown nobody:nobody /var/ipfire/vpn/ipsec.conf | |
234 | chmod 644 /var/ipfire/vpn/ipsec.conf | |
4335a594 | 235 | # |
d2d2da10 AF |
236 | # Add cryptodev to /etc/sysconfig/modules |
237 | mv /etc/sysconfig/modules /etc/sysconfig/modules.org | |
238 | cat /etc/sysconfig/modules.org | \ | |
239 | grep -v "cryptodev" | \ | |
240 | grep -v "# End /etc/sysconfig/modules" > /etc/sysconfig/modules | |
241 | echo "" >> /etc/sysconfig/modules | |
242 | echo "### cryptodev" >> /etc/sysconfig/modules | |
243 | echo "#" >> /etc/sysconfig/modules | |
244 | echo "cryptodev" >> /etc/sysconfig/modules | |
245 | echo "" >> /etc/sysconfig/modules | |
246 | echo "# End /etc/sysconfig/modules" >> /etc/sysconfig/modules | |
247 | chmod 644 /etc/sysconfig/modules | |
c8783a6a AF |
248 | # Change version of Pakfire.conf |
249 | # | |
250 | sed -i "s|$OLDVERSION|$NEWVERSION|g" /opt/pakfire/etc/pakfire.conf | |
4335a594 | 251 | # |
f9677eea AF |
252 | # After pakfire has ended run it again and update the lists and do upgrade |
253 | # | |
00d59063 AF |
254 | echo '#!/bin/bash' > /tmp/pak_update |
255 | echo 'while [ "$(ps -A | grep " update.sh")" != "" ]; do' >> /tmp/pak_update | |
256 | echo ' sleep 1' >> /tmp/pak_update | |
257 | echo 'done' >> /tmp/pak_update | |
258 | echo 'while [ "$(ps -A | grep " pakfire")" != "" ]; do' >> /tmp/pak_update | |
259 | echo ' sleep 1' >> /tmp/pak_update | |
260 | echo 'done' >> /tmp/pak_update | |
261 | echo '/opt/pakfire/pakfire update -y --force' >> /tmp/pak_update | |
262 | echo '/opt/pakfire/pakfire upgrade -y' >> /tmp/pak_update | |
263 | echo '/opt/pakfire/pakfire upgrade -y' >> /tmp/pak_update | |
264 | echo '/opt/pakfire/pakfire upgrade -y' >> /tmp/pak_update | |
265 | echo '/usr/bin/logger -p syslog.emerg -t core-upgrade-38 "Upgrade finished. If you use a customized grub.cfg"' >> /tmp/pak_update | |
266 | echo '/usr/bin/logger -p syslog.emerg -t core-upgrade-38 "Check it before reboot !!!"' >> /tmp/pak_update | |
267 | echo '/usr/bin/logger -p syslog.emerg -t core-upgrade-38 " *** Please reboot... *** "' >> /tmp/pak_update | |
268 | # | |
269 | chmod +x /tmp/pak_update | |
270 | /tmp/pak_update & | |
f9677eea | 271 | # |
96667929 AF |
272 | # Start squid |
273 | /etc/init.d/squid start | |
274 | # | |
f9677eea AF |
275 | echo |
276 | echo Please wait until pakfire has ended... | |
277 | echo |