[ipfire-2.x.git] / config / rootfiles / oldcore / 100 / update.sh

#!/bin/bash
############################################################################
#                                                                          #
# This file is part of the IPFire Firewall.                                #
#                                                                          #
# IPFire is free software; you can redistribute it and/or modify           #
# it under the terms of the GNU General Public License as published by     #
# the Free Software Foundation; either version 3 of the License, or        #
# (at your option) any later version.                                      #
#                                                                          #
# IPFire is distributed in the hope that it will be useful,                #
# but WITHOUT ANY WARRANTY; without even the implied warranty of           #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the            #
# GNU General Public License for more details.                             #
#                                                                          #
# You should have received a copy of the GNU General Public License        #
# along with IPFire; if not, write to the Free Software                    #
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307 USA #
#                                                                          #
# Copyright (C) 2016 IPFire-Team <info@ipfire.org>.                        #
#                                                                          #
############################################################################
#
. /opt/pakfire/lib/functions.sh
/usr/local/bin/backupctrl exclude >/dev/null 2>&1

function find_device() {
	local mountpoint="${1}"

	local root
	local dev mp fs flags rest
	while read -r dev mp fs flags rest; do
		# Skip unwanted entries
		[ "${dev}" = "rootfs" ] && continue

		if [ "${mp}" = "${mountpoint}" ] && [ -b "${dev}" ]; then
			root="$(basename "${dev}")"
			break
		fi
	done < /proc/mounts

	# Get the actual device from the partition that holds /
	while [ -n "${root}" ]; do
		if [ -e "/sys/block/${root}" ]; then
			echo "${root}"
			return 0
		fi

		# Remove last character
		root="${root::-1}"
	done

	return 1
}


core=100

function exit_with_error() {
	# Set last succesfull installed core.
	echo $(($core-1)) > /opt/pakfire/db/core/mine
	/usr/bin/logger -p syslog.emerg -t ipfire \
		"core-update-${core}: $1"
	exit $2
}

# Remove old core updates from pakfire cache to save space...
for (( i=1; i<=$core; i++ ))
do
	rm -f /var/cache/pakfire/core-upgrade-*-$i.ipfire
done

#
# Do some sanity checks.
case $(uname -r) in
	*-ipfire* )
		# Ok.
		;;
	* )
		exit_with_error "ERROR cannot update. No IPFire Kernel." 1
	;;
esac


#
#
KVER="xxxKVERxxx"

# Check diskspace on root
ROOTSPACE=`df / -Pk | sed "s| * | |g" | cut -d" " -f4 | tail -n 1`

if [ $ROOTSPACE -lt 100000 ]; then
	exit_with_error "ERROR cannot update because not enough free space on root." 2
	exit 2
fi

echo
echo Update Kernel to $KVER ...
#
# Remove old kernel, configs, initrd, modules, dtb's ...
#
rm -rf /boot/System.map-*
rm -rf /boot/config-*
rm -rf /boot/ipfirerd-*
rm -rf /boot/initramfs-*
rm -rf /boot/vmlinuz-*
rm -rf /boot/uImage-ipfire-*
rm -rf /boot/zImage-ipfire-*
rm -rf /boot/uInit-ipfire-*
rm -rf /boot/dtb-*-ipfire-*
rm -rf /lib/modules

case "$(uname -m)" in
	armv*)
		# Backup uEnv.txt if exist
		if [ -e /boot/uEnv.txt ]; then
			cp -vf /boot/uEnv.txt /boot/uEnv.txt.org
		fi

		# work around the u-boot folder detection bug
		mkdir -pv /boot/dtb-$KVER-ipfire-kirkwood
		mkdir -pv /boot/dtb-$KVER-ipfire-multi
		touch /boot/uImage-ipfire-kirkwood
		touch /boot/zImage-ipfire-multi
		touch /boot/uIinit-ipfire-kirkwood
		touch /boot/uIinit-ipfire-multi
		;;
esac

# Stop services
/etc/init.d/snort stop
/etc/init.d/squid stop
/etc/init.d/dnsmasq stop
/etc/init.d/ipsec stop
/etc/init.d/ntp stop
/etc/init.d/apache stop


# Extract files
tar xavf /opt/pakfire/tmp/files* --no-overwrite-dir -p --numeric-owner -C /

# update linker config
ldconfig

# Check diskspace on boot
BOOTSPACE=`df /boot -Pk | sed "s| * | |g" | cut -d" " -f4 | tail -n 1`

if [ $BOOTSPACE -lt 1000 ]; then
	case $(uname -r) in
		*-ipfire-kirkwood )
			# Special handling for old kirkwood images.
			# (install only kirkwood kernel)
			rm -rf /boot/*
			# work around the u-boot folder detection bug
			mkdir -pv /boot/dtb-$KVER-ipfire-kirkwood
			tar xavf /opt/pakfire/tmp/files* --no-overwrite-dir -p \
				--numeric-owner -C / --wildcards 'boot/*-kirkwood*'
			;;
		* )
			/etc/init.d/apache start
			exit_with_error "FATAL-ERROR space run out on boot. System is not bootable..." 4
			;;
	esac
fi

# restart init because the glibc was updated.
telinit u

# Fix hardening flags in grub
paxctl -mpexs /usr/bin/grub-script-check

# Regenerate IPsec configuration
sudo -u nobody /srv/web/ipfire/cgi-bin/vpnmain.cgi

# Update Language cache
/usr/local/bin/update-lang-cache

#
# Start services
#
/etc/init.d/apache start
/etc/init.d/ntp start
/etc/init.d/dnsmasq start
/etc/init.d/sshd restart
/etc/init.d/squid start
/etc/init.d/snort start
if [ `grep "ENABLED=on" /var/ipfire/vpn/settings` ]; then
	/etc/init.d/ipsec start
fi

# Delete old QoS enabled indicator
rm -f /var/ipfire/qos/enable

# Upadate Kernel version uEnv.txt
if [ -e /boot/uEnv.txt ]; then
	sed -i -e "s/KVER=.*/KVER=${KVER}/g" /boot/uEnv.txt
fi

# call user update script (needed for some arm boards)
if [ -e /boot/pakfire-kernel-update ]; then
	/boot/pakfire-kernel-update ${KVER}
fi

case "$(uname -m)" in
	i?86)
		# Force (re)install pae kernel if pae is supported
		rm -rf /opt/pakfire/db/installed/meta-linux-pae
		if [ ! "$(grep "^flags.* pae " /proc/cpuinfo)" == "" ]; then
			ROOTSPACE=`df / -Pk | sed "s| * | |g" | cut -d" " -f4 | tail -n 1`
			BOOTSPACE=`df /boot -Pk | sed "s| * | |g" | cut -d" " -f4 | tail -n 1`
			if [ $BOOTSPACE -lt 12000 -o $ROOTSPACE -lt 90000 ]; then
				/usr/bin/logger -p syslog.emerg -t ipfire \
				"core-update-${core}: WARNING not enough space for pae kernel."
			else
				echo "Name: linux-pae" > /opt/pakfire/db/installed/meta-linux-pae
				echo "ProgVersion: 0" >> /opt/pakfire/db/installed/meta-linux-pae
				echo "Release: 0"     >> /opt/pakfire/db/installed/meta-linux-pae
			fi
		fi
		;;
esac
#
# After pakfire has ended run it again and update the lists and do upgrade
#
echo '#!/bin/bash'                                        >  /tmp/pak_update
echo 'while [ "$(ps -A | grep " update.sh")" != "" ]; do' >> /tmp/pak_update
echo '    sleep 1'                                        >> /tmp/pak_update
echo 'done'                                               >> /tmp/pak_update
echo 'while [ "$(ps -A | grep " pakfire")" != "" ]; do'   >> /tmp/pak_update
echo '    sleep 1'                                        >> /tmp/pak_update
echo 'done'                                               >> /tmp/pak_update
echo '/opt/pakfire/pakfire update -y --force'             >> /tmp/pak_update
echo '/opt/pakfire/pakfire upgrade -y'                    >> /tmp/pak_update
echo '/opt/pakfire/pakfire upgrade -y'                    >> /tmp/pak_update
echo '/opt/pakfire/pakfire upgrade -y'                    >> /tmp/pak_update
echo '/usr/bin/logger -p syslog.emerg -t ipfire "Core-upgrade finished. If you use a customized grub/uboot config"' >> /tmp/pak_update
echo '/usr/bin/logger -p syslog.emerg -t ipfire "Check it before reboot !!!"' >> /tmp/pak_update
echo '/usr/bin/logger -p syslog.emerg -t ipfire " *** Please reboot... *** "' >> /tmp/pak_update
echo 'touch /var/run/need_reboot ' >> /tmp/pak_update
#
killall -KILL pak_update
chmod +x /tmp/pak_update
/tmp/pak_update &

sync

# This update need a reboot...
touch /var/run/need_reboot

# Finish
/etc/init.d/fireinfo start
sendprofile
# Update grub config to display new core version
if [ -e /boot/grub/grub.cfg ]; then
	grub-mkconfig -o /boot/grub/grub.cfg
fi
sync

# Don't report the exitcode last command
exit 0
Commit	Line	Data
d31345a5 MT	1	#!/bin/bash
	2	############################################################################
	3	# #
	4	# This file is part of the IPFire Firewall. #
	5	# #
	6	# IPFire is free software; you can redistribute it and/or modify #
	7	# it under the terms of the GNU General Public License as published by #
	8	# the Free Software Foundation; either version 3 of the License, or #
	9	# (at your option) any later version. #
	10	# #
	11	# IPFire is distributed in the hope that it will be useful, #
	12	# but WITHOUT ANY WARRANTY; without even the implied warranty of #
	13	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
	14	# GNU General Public License for more details. #
	15	# #
	16	# You should have received a copy of the GNU General Public License #
	17	# along with IPFire; if not, write to the Free Software #
	18	# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
	19	# #
879458d4	20	# Copyright (C) 2016 IPFire-Team <info@ipfire.org>. #
d31345a5 MT	21	# #
	22	############################################################################
	23	#
	24	. /opt/pakfire/lib/functions.sh
	25	/usr/local/bin/backupctrl exclude >/dev/null 2>&1
	26
88cc9909 AF	27	function find_device() {
	28	local mountpoint="${1}"
	29
	30	local root
	31	local dev mp fs flags rest
	32	while read -r dev mp fs flags rest; do
	33	# Skip unwanted entries
	34	[ "${dev}" = "rootfs" ] && continue
	35
	36	if [ "${mp}" = "${mountpoint}" ] && [ -b "${dev}" ]; then
	37	root="$(basename "${dev}")"
	38	break
	39	fi
	40	done < /proc/mounts
	41
	42	# Get the actual device from the partition that holds /
	43	while [ -n "${root}" ]; do
	44	if [ -e "/sys/block/${root}" ]; then
	45	echo "${root}"
	46	return 0
	47	fi
	48
	49	# Remove last character
	50	root="${root::-1}"
	51	done
	52
	53	return 1
	54	}
	55
	56
5f39eb21	57	core=100
f83c5053 AF	58
	59	function exit_with_error() {
	60	# Set last succesfull installed core.
	61	echo $(($core-1)) > /opt/pakfire/db/core/mine
	62	/usr/bin/logger -p syslog.emerg -t ipfire \
	63	"core-update-${core}: $1"
	64	exit $2
	65	}
	66
	67	# Remove old core updates from pakfire cache to save space...
d31345a5 MT	68	for (( i=1; i<=$core; i++ ))
	69	do
	70	rm -f /var/cache/pakfire/core-upgrade-*-$i.ipfire
	71	done
	72
88cc9909 AF	73	#
	74	# Do some sanity checks.
	75	case $(uname -r) in
	76	-ipfire )
	77	# Ok.
	78	;;
	79	* )
	80	exit_with_error "ERROR cannot update. No IPFire Kernel." 1
	81	;;
	82	esac
	83
	84
	85	#
	86	#
	87	KVER="xxxKVERxxx"
	88
	89	# Check diskspace on root
	90	ROOTSPACE=`df / -Pk \| sed "s\| * \| \|g" \| cut -d" " -f4 \| tail -n 1`
	91
	92	if [ $ROOTSPACE -lt 100000 ]; then
	93	exit_with_error "ERROR cannot update because not enough free space on root." 2
	94	exit 2
	95	fi
	96
	97	echo
	98	echo Update Kernel to $KVER ...
	99	#
	100	# Remove old kernel, configs, initrd, modules, dtb's ...
	101	#
	102	rm -rf /boot/System.map-*
	103	rm -rf /boot/config-*
	104	rm -rf /boot/ipfirerd-*
	105	rm -rf /boot/initramfs-*
	106	rm -rf /boot/vmlinuz-*
	107	rm -rf /boot/uImage-ipfire-*
f08c1447	108	rm -rf /boot/zImage-ipfire-*
88cc9909 AF	109	rm -rf /boot/uInit-ipfire-*
	110	rm -rf /boot/dtb--ipfire-
	111	rm -rf /lib/modules
	112
	113	case "$(uname -m)" in
	114	armv*)
	115	# Backup uEnv.txt if exist
	116	if [ -e /boot/uEnv.txt ]; then
	117	cp -vf /boot/uEnv.txt /boot/uEnv.txt.org
	118	fi
	119
	120	# work around the u-boot folder detection bug
	121	mkdir -pv /boot/dtb-$KVER-ipfire-kirkwood
	122	mkdir -pv /boot/dtb-$KVER-ipfire-multi
f08c1447 AF	123	touch /boot/uImage-ipfire-kirkwood
	124	touch /boot/zImage-ipfire-multi
	125	touch /boot/uIinit-ipfire-kirkwood
	126	touch /boot/uIinit-ipfire-multi
88cc9909 AF	127	;;
	128	esac
	129
d31345a5	130	# Stop services
88cc9909	131	/etc/init.d/snort stop
02a60a9b	132	/etc/init.d/squid stop
21ac6368	133	/etc/init.d/dnsmasq stop
88cc9909 AF	134	/etc/init.d/ipsec stop
	135	/etc/init.d/ntp stop
	136	/etc/init.d/apache stop
	137
d31345a5 MT	138
d31345a5 MT	139	# Extract files
88cc9909 AF	140	tar xavf /opt/pakfire/tmp/files* --no-overwrite-dir -p --numeric-owner -C /
88cc9909 AF	141
7940649e AF	142	# update linker config
7940649e AF	143	ldconfig
88cc9909 AF	144
	145	# Check diskspace on boot
	146	BOOTSPACE=`df /boot -Pk \| sed "s\| * \| \|g" \| cut -d" " -f4 \| tail -n 1`
	147
	148	if [ $BOOTSPACE -lt 1000 ]; then
	149	case $(uname -r) in
	150	*-ipfire-kirkwood )
	151	# Special handling for old kirkwood images.
	152	# (install only kirkwood kernel)
	153	rm -rf /boot/*
	154	# work around the u-boot folder detection bug
	155	mkdir -pv /boot/dtb-$KVER-ipfire-kirkwood
	156	tar xavf /opt/pakfire/tmp/files* --no-overwrite-dir -p \
	157	--numeric-owner -C / --wildcards 'boot/-kirkwood'
	158	;;
	159	* )
	160	/etc/init.d/apache start
	161	exit_with_error "FATAL-ERROR space run out on boot. System is not bootable..." 4
	162	;;
	163	esac
	164	fi
d31345a5	165
593e2eeb AF	166	# restart init because the glibc was updated.
	167	telinit u
	168
b75b6382 MT	169	# Fix hardening flags in grub
	170	paxctl -mpexs /usr/bin/grub-script-check
	171
88cc9909 AF	172	# Regenerate IPsec configuration
	173	sudo -u nobody /srv/web/ipfire/cgi-bin/vpnmain.cgi
	174
d31345a5	175	# Update Language cache
88cc9909	176	/usr/local/bin/update-lang-cache
d31345a5	177
88cc9909	178	#
d31345a5	179	# Start services
88cc9909 AF	180	#
	181	/etc/init.d/apache start
	182	/etc/init.d/ntp start
21ac6368	183	/etc/init.d/dnsmasq start
037cf8d2	184	/etc/init.d/sshd restart
02a60a9b	185	/etc/init.d/squid start
88cc9909 AF	186	/etc/init.d/snort start
	187	if [ `grep "ENABLED=on" /var/ipfire/vpn/settings` ]; then
	188	/etc/init.d/ipsec start
	189	fi
d31345a5	190
b0a014b7 MT	191	# Delete old QoS enabled indicator
	192	rm -f /var/ipfire/qos/enable
	193
88cc9909 AF	194	# Upadate Kernel version uEnv.txt
	195	if [ -e /boot/uEnv.txt ]; then
	196	sed -i -e "s/KVER=.*/KVER=${KVER}/g" /boot/uEnv.txt
	197	fi
	198
	199	# call user update script (needed for some arm boards)
	200	if [ -e /boot/pakfire-kernel-update ]; then
	201	/boot/pakfire-kernel-update ${KVER}
	202	fi
	203
	204	case "$(uname -m)" in
	205	i?86)
	206	# Force (re)install pae kernel if pae is supported
	207	rm -rf /opt/pakfire/db/installed/meta-linux-pae
	208	if [ ! "$(grep "^flags.* pae " /proc/cpuinfo)" == "" ]; then
	209	ROOTSPACE=`df / -Pk \| sed "s\| * \| \|g" \| cut -d" " -f4 \| tail -n 1`
	210	BOOTSPACE=`df /boot -Pk \| sed "s\| * \| \|g" \| cut -d" " -f4 \| tail -n 1`
	211	if [ $BOOTSPACE -lt 12000 -o $ROOTSPACE -lt 90000 ]; then
	212	/usr/bin/logger -p syslog.emerg -t ipfire \
	213	"core-update-${core}: WARNING not enough space for pae kernel."
	214	else
	215	echo "Name: linux-pae" > /opt/pakfire/db/installed/meta-linux-pae
	216	echo "ProgVersion: 0" >> /opt/pakfire/db/installed/meta-linux-pae
	217	echo "Release: 0" >> /opt/pakfire/db/installed/meta-linux-pae
	218	fi
	219	fi
	220	;;
	221	esac
	222	#
	223	# After pakfire has ended run it again and update the lists and do upgrade
	224	#
	225	echo '#!/bin/bash' > /tmp/pak_update
	226	echo 'while [ "$(ps -A \| grep " update.sh")" != "" ]; do' >> /tmp/pak_update
	227	echo ' sleep 1' >> /tmp/pak_update
	228	echo 'done' >> /tmp/pak_update
	229	echo 'while [ "$(ps -A \| grep " pakfire")" != "" ]; do' >> /tmp/pak_update
	230	echo ' sleep 1' >> /tmp/pak_update
	231	echo 'done' >> /tmp/pak_update
	232	echo '/opt/pakfire/pakfire update -y --force' >> /tmp/pak_update
	233	echo '/opt/pakfire/pakfire upgrade -y' >> /tmp/pak_update
	234	echo '/opt/pakfire/pakfire upgrade -y' >> /tmp/pak_update
	235	echo '/opt/pakfire/pakfire upgrade -y' >> /tmp/pak_update
	236	echo '/usr/bin/logger -p syslog.emerg -t ipfire "Core-upgrade finished. If you use a customized grub/uboot config"' >> /tmp/pak_update
	237	echo '/usr/bin/logger -p syslog.emerg -t ipfire "Check it before reboot !!!"' >> /tmp/pak_update
	238	echo '/usr/bin/logger -p syslog.emerg -t ipfire " * Please reboot... * "' >> /tmp/pak_update
	239	echo 'touch /var/run/need_reboot ' >> /tmp/pak_update
	240	#
	241	killall -KILL pak_update
	242	chmod +x /tmp/pak_update
	243	/tmp/pak_update &
	244
	245	sync
	246
d31345a5	247	# This update need a reboot...
88cc9909	248	touch /var/run/need_reboot
d31345a5 MT	249
	250	# Finish
	251	/etc/init.d/fireinfo start
	252	sendprofile
	253	# Update grub config to display new core version
	254	if [ -e /boot/grub/grub.cfg ]; then
	255	grub-mkconfig -o /boot/grub/grub.cfg
	256	fi
	257	sync
	258
	259	# Don't report the exitcode last command
	260	exit 0