]>
Commit | Line | Data |
---|---|---|
82979dec SS |
1 | #!/usr/bin/perl |
2 | ############################################################################### | |
3 | # # | |
4 | # IPFire.org - A linux based firewall # | |
5 | # Copyright (C) 2018 IPFire Team <info@ipfire.org> # | |
6 | # # | |
7 | # This program is free software: you can redistribute it and/or modify # | |
8 | # it under the terms of the GNU General Public License as published by # | |
9 | # the Free Software Foundation, either version 3 of the License, or # | |
10 | # (at your option) any later version. # | |
11 | # # | |
12 | # This program is distributed in the hope that it will be useful, # | |
13 | # but WITHOUT ANY WARRANTY; without even the implied warranty of # | |
14 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # | |
15 | # GNU General Public License for more details. # | |
16 | # # | |
17 | # You should have received a copy of the GNU General Public License # | |
18 | # along with this program. If not, see <http://www.gnu.org/licenses/>. # | |
19 | # # | |
20 | ############################################################################### | |
21 | ||
22 | use strict; | |
72ab7196 | 23 | use POSIX; |
82979dec SS |
24 | |
25 | require '/var/ipfire/general-functions.pl'; | |
26 | require "${General::swroot}/ids-functions.pl"; | |
27 | require "${General::swroot}/lang.pl"; | |
28 | ||
72ab7196 SS |
29 | # The user and group name as which this script should be run. |
30 | my $run_as = 'nobody'; | |
31 | ||
32 | # Get user and group id of the user. | |
33 | my ( $uid, $gid ) = ( getpwnam $run_as )[ 2, 3 ]; | |
34 | ||
35 | # Check if the script currently runs as root. | |
36 | if ( $> == 0 ) { | |
37 | # Drop privileges and switch to the specified user and group. | |
38 | POSIX::setgid( $gid ); | |
39 | POSIX::setuid( $uid ); | |
40 | } | |
41 | ||
82979dec SS |
42 | # Check if the red device is active. |
43 | unless (-e "${General::swroot}/red/active") { | |
44 | # Store notice in the syslog. | |
45 | &IDS::_log_to_syslog("The system is offline."); | |
46 | ||
47 | # Store error message for displaying in the WUI. | |
d6f725e1 | 48 | &IDS::_store_error_message("$Lang::tr{'could not download latest updates'} - $Lang::tr{'system is offline'}"); |
82979dec SS |
49 | |
50 | # Exit. | |
51 | exit 0; | |
52 | } | |
53 | ||
54 | # Check if enought free disk space is availabe. | |
55 | if(&IDS::checkdiskspace()) { | |
56 | # Store the error message for displaying in the WUI. | |
57 | &IDS::_store_error_message("$Lang::tr{'not enough disk space'}"); | |
58 | ||
59 | # Exit. | |
60 | exit 0; | |
61 | } | |
62 | ||
5206a335 SS |
63 | # Lock the IDS page. |
64 | &IDS::lock_ids_page(); | |
65 | ||
82979dec SS |
66 | # Call the download function and gather the new ruleset. |
67 | if(&IDS::downloadruleset()) { | |
68 | # Store error message for displaying in the WUI. | |
69 | &IDS::_store_error_message("$Lang::tr{'could not download latest updates'}"); | |
70 | ||
84227f7a SS |
71 | # Unlock the IDS page. |
72 | &IDS::unlock_ids_page(); | |
73 | ||
82979dec SS |
74 | # Exit. |
75 | exit 0; | |
76 | } | |
77 | ||
50b35e0f SS |
78 | # Set correct ownership for the downloaded tarball. |
79 | &IDS::set_ownership("$IDS::rulestarball"); | |
80 | ||
82979dec SS |
81 | # Call oinkmaster to alter the ruleset. |
82 | &IDS::oinkmaster(); | |
83 | ||
ca8c9210 SS |
84 | # Set correct ownership for the rulesdir and files. |
85 | &IDS::set_ownership("$IDS::rulespath"); | |
86 | ||
5206a335 SS |
87 | # Unlock the IDS page. |
88 | &IDS::unlock_ids_page(); | |
89 | ||
82979dec SS |
90 | # Check if the IDS is running. |
91 | if(&IDS::ids_is_running()) { | |
92 | # Call suricatactrl to perform a reload. | |
93 | &IDS::call_suricatactrl("reload"); | |
94 | } | |
95 | ||
96 | 1; |