core=167
+exit_with_error() {
+ # Set last succesfull installed core.
+ echo $(($core-1)) > /opt/pakfire/db/core/mine
+ # force fsck at next boot, this may fix free space on xfs
+ touch /forcefsck
+ # don't start pakfire again at error
+ killall -KILL pak_update
+ /usr/bin/logger -p syslog.emerg -t ipfire \
+ "core-update-${core}: $1"
+ exit $2
+}
+
# Remove old core updates from pakfire cache to save space...
for (( i=1; i<=$core; i++ )); do
rm -f /var/cache/pakfire/core-upgrade-*-$i.ipfire
done
+
+KVER="xxxKVERxxx"
+
+# Backup uEnv.txt if exist
+if [ -e /boot/uEnv.txt ]; then
+ cp -vf /boot/uEnv.txt /boot/uEnv.txt.org
+fi
+
+# Do some sanity checks.
+case $(uname -r) in
+ *-ipfire*)
+ # Ok.
+ ;;
+ *)
+ exit_with_error "ERROR cannot update. No IPFire Kernel." 1
+ ;;
+esac
+
+# Check diskspace on root
+ROOTSPACE=`df / -Pk | sed "s| * | |g" | cut -d" " -f4 | tail -n 1`
+
+if [ $ROOTSPACE -lt 100000 ]; then
+ exit_with_error "ERROR cannot update because not enough free space on root." 2
+ exit 2
+fi
+
+# Remove the old kernel
+rm -rf /boot/System.map-*
+rm -rf /boot/config-*
+rm -rf /boot/ipfirerd-*
+rm -rf /boot/initramfs-*
+rm -rf /boot/vmlinuz-*
+rm -rf /boot/uImage-*
+rm -rf /boot/zImage-*
+rm -rf /boot/uInit-*
+rm -rf /boot/dtb-*
+rm -rf /lib/modules
+
# Remove files
rm -rvf \
/bin/setserial \
/usr/lib/libxslt.so \
/usr/lib/pango \
/usr/lib/perl5/site_perl/5.30.0 \
- /usr/lib/perl5/site_perl/5.32.1/Net/IP.pm \
/usr/lib/python3.8/ensurepip/_bundled/pip-19.2.3-py2.py3-none-any.whl \
/usr/lib/python3.8/idlelib/Icons/idle.icns \
/usr/lib/python3.8/lib2to3/Grammar3.8.1.final.0.pickle \
/usr/lib/tdbcpostgres1.1.2 \
/usr/lib/thread2.8.6 \
/usr/libexec/xtables-addons \
+ /usr/local/bin/convert-ovpn \
/usr/local/bin/ovpn-ccd-convert \
/usr/local/bin/rebuild-initrd \
/usr/local/bin/xt_geoip_build \
/usr/share/zoneinfo/US/Pacific-New \
/var/lib/GeoIP
-# Delete old 2007 Pakfire key from GPG keyring
-GNUPGHOME="/opt/pakfire/etc/.gnupg" gpg --batch --yes --delete-keys 179740DC4D8C47DC63C099C74BDE364C64D96617
-
# Stop services
/etc/init.d/ipsec stop
# update linker config
ldconfig
+# Delete old 2007 Pakfire key from GPG keyring
+GNUPGHOME="/opt/pakfire/etc/.gnupg" gpg --batch --yes --delete-keys 179740DC4D8C47DC63C099C74BDE364C64D96617
+
# Add new 2022 Pakfire key to GPG keyring
GNUPGHOME="/opt/pakfire/etc/.gnupg" gpg --import /opt/pakfire/pakfire-2022.key
# Regenerate all initrds
dracut --regenerate-all --force
+# Export the location database again and reload the firewall engine
+/usr/local/bin/update-location-database
+
# Rebuild IPS rules
perl -e "require '/var/ipfire/ids-functions.pl'; &IDS::oinkmaster();"
/etc/init.d/suricata reload
+# Apply sysctl changes
+/etc/init.d/sysctl start
+
+# Apply local configuration to sshd_config
+/usr/local/bin/sshctrl
+
# Start services
/etc/init.d/apache restart
/etc/init.d/sshd restart
/opt/pakfire/db/rootfiles/nano
fi
+# remove lm_sensor config after collectd was started
+# to reserch sensors at next boot with updated kernel
+rm -f /etc/sysconfig/lm_sensors
+
+# Upadate Kernel version uEnv.txt
+if [ -e /boot/uEnv.txt ]; then
+ sed -i -e "s/KVER=.*/KVER=${KVER}/g" /boot/uEnv.txt
+fi
+
+# call user update script (needed for some arm boards)
+if [ -e /boot/pakfire-kernel-update ]; then
+ /boot/pakfire-kernel-update ${KVER}
+fi
+
# This update needs a reboot...
touch /var/run/need_reboot