]>
Commit | Line | Data |
---|---|---|
d31345a5 MT |
1 | #!/bin/bash |
2 | ############################################################################ | |
3 | # # | |
4 | # This file is part of the IPFire Firewall. # | |
5 | # # | |
6 | # IPFire is free software; you can redistribute it and/or modify # | |
7 | # it under the terms of the GNU General Public License as published by # | |
8 | # the Free Software Foundation; either version 3 of the License, or # | |
9 | # (at your option) any later version. # | |
10 | # # | |
11 | # IPFire is distributed in the hope that it will be useful, # | |
12 | # but WITHOUT ANY WARRANTY; without even the implied warranty of # | |
13 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # | |
14 | # GNU General Public License for more details. # | |
15 | # # | |
16 | # You should have received a copy of the GNU General Public License # | |
17 | # along with IPFire; if not, write to the Free Software # | |
18 | # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # | |
19 | # # | |
879458d4 | 20 | # Copyright (C) 2016 IPFire-Team <info@ipfire.org>. # |
d31345a5 MT |
21 | # # |
22 | ############################################################################ | |
23 | # | |
24 | . /opt/pakfire/lib/functions.sh | |
25 | /usr/local/bin/backupctrl exclude >/dev/null 2>&1 | |
26 | ||
88cc9909 AF |
27 | function find_device() { |
28 | local mountpoint="${1}" | |
29 | ||
30 | local root | |
31 | local dev mp fs flags rest | |
32 | while read -r dev mp fs flags rest; do | |
33 | # Skip unwanted entries | |
34 | [ "${dev}" = "rootfs" ] && continue | |
35 | ||
36 | if [ "${mp}" = "${mountpoint}" ] && [ -b "${dev}" ]; then | |
37 | root="$(basename "${dev}")" | |
38 | break | |
39 | fi | |
40 | done < /proc/mounts | |
41 | ||
42 | # Get the actual device from the partition that holds / | |
43 | while [ -n "${root}" ]; do | |
44 | if [ -e "/sys/block/${root}" ]; then | |
45 | echo "${root}" | |
46 | return 0 | |
47 | fi | |
48 | ||
49 | # Remove last character | |
50 | root="${root::-1}" | |
51 | done | |
52 | ||
53 | return 1 | |
54 | } | |
55 | ||
56 | ||
5f39eb21 | 57 | core=100 |
f83c5053 AF |
58 | |
59 | function exit_with_error() { | |
60 | # Set last succesfull installed core. | |
61 | echo $(($core-1)) > /opt/pakfire/db/core/mine | |
62 | /usr/bin/logger -p syslog.emerg -t ipfire \ | |
63 | "core-update-${core}: $1" | |
64 | exit $2 | |
65 | } | |
66 | ||
67 | # Remove old core updates from pakfire cache to save space... | |
d31345a5 MT |
68 | for (( i=1; i<=$core; i++ )) |
69 | do | |
70 | rm -f /var/cache/pakfire/core-upgrade-*-$i.ipfire | |
71 | done | |
72 | ||
88cc9909 AF |
73 | # |
74 | # Do some sanity checks. | |
75 | case $(uname -r) in | |
76 | *-ipfire* ) | |
77 | # Ok. | |
78 | ;; | |
79 | * ) | |
80 | exit_with_error "ERROR cannot update. No IPFire Kernel." 1 | |
81 | ;; | |
82 | esac | |
83 | ||
84 | ||
85 | # | |
86 | # | |
87 | KVER="xxxKVERxxx" | |
88 | ||
89 | # Check diskspace on root | |
90 | ROOTSPACE=`df / -Pk | sed "s| * | |g" | cut -d" " -f4 | tail -n 1` | |
91 | ||
92 | if [ $ROOTSPACE -lt 100000 ]; then | |
93 | exit_with_error "ERROR cannot update because not enough free space on root." 2 | |
94 | exit 2 | |
95 | fi | |
96 | ||
97 | echo | |
98 | echo Update Kernel to $KVER ... | |
99 | # | |
100 | # Remove old kernel, configs, initrd, modules, dtb's ... | |
101 | # | |
102 | rm -rf /boot/System.map-* | |
103 | rm -rf /boot/config-* | |
104 | rm -rf /boot/ipfirerd-* | |
105 | rm -rf /boot/initramfs-* | |
106 | rm -rf /boot/vmlinuz-* | |
107 | rm -rf /boot/uImage-ipfire-* | |
f08c1447 | 108 | rm -rf /boot/zImage-ipfire-* |
88cc9909 AF |
109 | rm -rf /boot/uInit-ipfire-* |
110 | rm -rf /boot/dtb-*-ipfire-* | |
111 | rm -rf /lib/modules | |
112 | ||
113 | case "$(uname -m)" in | |
114 | armv*) | |
115 | # Backup uEnv.txt if exist | |
116 | if [ -e /boot/uEnv.txt ]; then | |
117 | cp -vf /boot/uEnv.txt /boot/uEnv.txt.org | |
118 | fi | |
119 | ||
120 | # work around the u-boot folder detection bug | |
121 | mkdir -pv /boot/dtb-$KVER-ipfire-kirkwood | |
122 | mkdir -pv /boot/dtb-$KVER-ipfire-multi | |
f08c1447 AF |
123 | touch /boot/uImage-ipfire-kirkwood |
124 | touch /boot/zImage-ipfire-multi | |
125 | touch /boot/uIinit-ipfire-kirkwood | |
126 | touch /boot/uIinit-ipfire-multi | |
88cc9909 AF |
127 | ;; |
128 | esac | |
129 | ||
d31345a5 | 130 | # Stop services |
88cc9909 | 131 | /etc/init.d/snort stop |
02a60a9b | 132 | /etc/init.d/squid stop |
21ac6368 | 133 | /etc/init.d/dnsmasq stop |
88cc9909 AF |
134 | /etc/init.d/ipsec stop |
135 | /etc/init.d/ntp stop | |
136 | /etc/init.d/apache stop | |
137 | ||
d31345a5 MT |
138 | |
139 | # Extract files | |
88cc9909 AF |
140 | tar xavf /opt/pakfire/tmp/files* --no-overwrite-dir -p --numeric-owner -C / |
141 | ||
7940649e AF |
142 | # update linker config |
143 | ldconfig | |
88cc9909 AF |
144 | |
145 | # Check diskspace on boot | |
146 | BOOTSPACE=`df /boot -Pk | sed "s| * | |g" | cut -d" " -f4 | tail -n 1` | |
147 | ||
148 | if [ $BOOTSPACE -lt 1000 ]; then | |
149 | case $(uname -r) in | |
150 | *-ipfire-kirkwood ) | |
151 | # Special handling for old kirkwood images. | |
152 | # (install only kirkwood kernel) | |
153 | rm -rf /boot/* | |
154 | # work around the u-boot folder detection bug | |
155 | mkdir -pv /boot/dtb-$KVER-ipfire-kirkwood | |
156 | tar xavf /opt/pakfire/tmp/files* --no-overwrite-dir -p \ | |
157 | --numeric-owner -C / --wildcards 'boot/*-kirkwood*' | |
158 | ;; | |
159 | * ) | |
160 | /etc/init.d/apache start | |
161 | exit_with_error "FATAL-ERROR space run out on boot. System is not bootable..." 4 | |
162 | ;; | |
163 | esac | |
164 | fi | |
d31345a5 | 165 | |
593e2eeb AF |
166 | # restart init because the glibc was updated. |
167 | telinit u | |
168 | ||
b75b6382 MT |
169 | # Fix hardening flags in grub |
170 | paxctl -mpexs /usr/bin/grub-script-check | |
171 | ||
88cc9909 AF |
172 | # Regenerate IPsec configuration |
173 | sudo -u nobody /srv/web/ipfire/cgi-bin/vpnmain.cgi | |
174 | ||
d31345a5 | 175 | # Update Language cache |
88cc9909 | 176 | /usr/local/bin/update-lang-cache |
d31345a5 | 177 | |
88cc9909 | 178 | # |
d31345a5 | 179 | # Start services |
88cc9909 AF |
180 | # |
181 | /etc/init.d/apache start | |
182 | /etc/init.d/ntp start | |
21ac6368 | 183 | /etc/init.d/dnsmasq start |
037cf8d2 | 184 | /etc/init.d/sshd restart |
02a60a9b | 185 | /etc/init.d/squid start |
88cc9909 AF |
186 | /etc/init.d/snort start |
187 | if [ `grep "ENABLED=on" /var/ipfire/vpn/settings` ]; then | |
188 | /etc/init.d/ipsec start | |
189 | fi | |
d31345a5 | 190 | |
b0a014b7 MT |
191 | # Delete old QoS enabled indicator |
192 | rm -f /var/ipfire/qos/enable | |
193 | ||
88cc9909 AF |
194 | # Upadate Kernel version uEnv.txt |
195 | if [ -e /boot/uEnv.txt ]; then | |
196 | sed -i -e "s/KVER=.*/KVER=${KVER}/g" /boot/uEnv.txt | |
197 | fi | |
198 | ||
199 | # call user update script (needed for some arm boards) | |
200 | if [ -e /boot/pakfire-kernel-update ]; then | |
201 | /boot/pakfire-kernel-update ${KVER} | |
202 | fi | |
203 | ||
204 | case "$(uname -m)" in | |
205 | i?86) | |
206 | # Force (re)install pae kernel if pae is supported | |
207 | rm -rf /opt/pakfire/db/installed/meta-linux-pae | |
208 | if [ ! "$(grep "^flags.* pae " /proc/cpuinfo)" == "" ]; then | |
209 | ROOTSPACE=`df / -Pk | sed "s| * | |g" | cut -d" " -f4 | tail -n 1` | |
210 | BOOTSPACE=`df /boot -Pk | sed "s| * | |g" | cut -d" " -f4 | tail -n 1` | |
211 | if [ $BOOTSPACE -lt 12000 -o $ROOTSPACE -lt 90000 ]; then | |
212 | /usr/bin/logger -p syslog.emerg -t ipfire \ | |
213 | "core-update-${core}: WARNING not enough space for pae kernel." | |
214 | else | |
215 | echo "Name: linux-pae" > /opt/pakfire/db/installed/meta-linux-pae | |
216 | echo "ProgVersion: 0" >> /opt/pakfire/db/installed/meta-linux-pae | |
217 | echo "Release: 0" >> /opt/pakfire/db/installed/meta-linux-pae | |
218 | fi | |
219 | fi | |
220 | ;; | |
221 | esac | |
222 | # | |
223 | # After pakfire has ended run it again and update the lists and do upgrade | |
224 | # | |
225 | echo '#!/bin/bash' > /tmp/pak_update | |
226 | echo 'while [ "$(ps -A | grep " update.sh")" != "" ]; do' >> /tmp/pak_update | |
227 | echo ' sleep 1' >> /tmp/pak_update | |
228 | echo 'done' >> /tmp/pak_update | |
229 | echo 'while [ "$(ps -A | grep " pakfire")" != "" ]; do' >> /tmp/pak_update | |
230 | echo ' sleep 1' >> /tmp/pak_update | |
231 | echo 'done' >> /tmp/pak_update | |
232 | echo '/opt/pakfire/pakfire update -y --force' >> /tmp/pak_update | |
233 | echo '/opt/pakfire/pakfire upgrade -y' >> /tmp/pak_update | |
234 | echo '/opt/pakfire/pakfire upgrade -y' >> /tmp/pak_update | |
235 | echo '/opt/pakfire/pakfire upgrade -y' >> /tmp/pak_update | |
236 | echo '/usr/bin/logger -p syslog.emerg -t ipfire "Core-upgrade finished. If you use a customized grub/uboot config"' >> /tmp/pak_update | |
237 | echo '/usr/bin/logger -p syslog.emerg -t ipfire "Check it before reboot !!!"' >> /tmp/pak_update | |
238 | echo '/usr/bin/logger -p syslog.emerg -t ipfire " *** Please reboot... *** "' >> /tmp/pak_update | |
239 | echo 'touch /var/run/need_reboot ' >> /tmp/pak_update | |
240 | # | |
241 | killall -KILL pak_update | |
242 | chmod +x /tmp/pak_update | |
243 | /tmp/pak_update & | |
244 | ||
245 | sync | |
246 | ||
d31345a5 | 247 | # This update need a reboot... |
88cc9909 | 248 | touch /var/run/need_reboot |
d31345a5 MT |
249 | |
250 | # Finish | |
251 | /etc/init.d/fireinfo start | |
252 | sendprofile | |
253 | # Update grub config to display new core version | |
254 | if [ -e /boot/grub/grub.cfg ]; then | |
255 | grub-mkconfig -o /boot/grub/grub.cfg | |
256 | fi | |
257 | sync | |
258 | ||
259 | # Don't report the exitcode last command | |
260 | exit 0 |