2 ############################################################################
4 # This file is part of the IPFire Firewall. #
6 # IPFire is free software; you can redistribute it and/or modify #
7 # it under the terms of the GNU General Public License as published by #
8 # the Free Software Foundation; either version 3 of the License, or #
9 # (at your option) any later version. #
11 # IPFire is distributed in the hope that it will be useful, #
12 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
13 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
14 # GNU General Public License for more details. #
16 # You should have received a copy of the GNU General Public License #
17 # along with IPFire; if not, write to the Free Software #
18 # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
20 # Copyright (C) 2022 IPFire-Team <info@ipfire.org>. #
22 ############################################################################
24 .
/opt
/pakfire
/lib
/functions.sh
25 /usr
/local
/bin
/backupctrl exclude
>/dev
/null
2>&1
30 # Set last succesfull installed core.
31 echo $
(($core-1)) > /opt
/pakfire
/db
/core
/mine
32 # force fsck at next boot, this may fix free space on xfs
34 # don't start pakfire again at error
35 killall
-KILL pak_update
36 /usr
/bin
/logger
-p syslog.emerg
-t ipfire \
37 "core-update-${core}: $1"
41 # Remove old core updates from pakfire cache to save space...
42 for (( i
=1; i
<=$core; i
++ )); do
43 rm -f /var
/cache
/pakfire
/core-upgrade-
*-$i.ipfire
49 # Backup uEnv.txt if exist
50 if [ -e /boot
/uEnv.txt
]; then
51 cp -vf /boot
/uEnv.txt
/boot
/uEnv.txt.org
54 # Do some sanity checks.
60 exit_with_error
"ERROR cannot update. No IPFire Kernel." 1
64 # Check diskspace on root
65 ROOTSPACE
=`df / -Pk | sed "s| * | |g" | cut -d" " -f4 | tail -n 1`
67 if [ $ROOTSPACE -lt 100000 ]; then
68 exit_with_error
"ERROR cannot update because not enough free space on root." 2
72 # Remove the old kernel
73 rm -rf /boot
/System.map-
*
75 rm -rf /boot
/ipfirerd-
*
76 rm -rf /boot
/initramfs-
*
77 rm -rf /boot
/vmlinuz-
*
88 /etc
/fonts
/conf.d
/30-urw-aliases.conf \
90 /etc
/rc.d
/init.d
/networking
/red.up
/99-geoip-database \
91 /etc
/udev
/rules.d
/99-fuse.rules \
92 /lib
/firmware
/amd-ucode
/microcode_amd.bin.asc \
93 /lib
/firmware
/amd-ucode
/microcode_amd_fam15h.bin.asc \
94 /lib
/firmware
/amd-ucode
/microcode_amd_fam16h.bin.asc \
95 /lib
/firmware
/amd-ucode
/microcode_amd_fam17h.bin.asc \
96 /lib
/firmware
/ath10k
/QCA4019
/hw1.0
/notice_ath10k_firmware-5.txt \
97 /lib
/firmware
/ath10k
/QCA6174
/hw2.1
/notice_ath10k_firmware-5.txt \
98 /lib
/firmware
/ath10k
/QCA6174
/hw3.0
/notice_ath10k_firmware-4.txt \
99 /lib
/firmware
/ath10k
/QCA6174
/hw3.0
/notice_ath10k_firmware-6.txt \
100 /lib
/firmware
/ath10k
/QCA9377
/hw1.0
/notice_ath10k_firmware-5.txt \
101 /lib
/firmware
/ath10k
/QCA9377
/hw1.0
/notice_ath10k_firmware-6.txt \
102 /lib
/firmware
/ath10k
/QCA9887
/hw1.0
/notice_ath10k_firmware-5.txt \
103 /lib
/firmware
/ath10k
/QCA9888
/hw2.0
/notice_ath10k_firmware-5.txt \
104 /lib
/firmware
/ath10k
/QCA988X
/hw2.0
/notice_ath10k_firmware-4.txt \
105 /lib
/firmware
/ath10k
/QCA988X
/hw2.0
/notice_ath10k_firmware-5.txt \
106 /lib
/firmware
/ath10k
/QCA9984
/hw1.0
/notice_ath10k_firmware-5.txt \
107 /lib
/firmware
/ath10k
/QCA99X
0/hw2.0
/notice_ath10k_firmware-5.txt \
108 /lib
/firmware
/atusb
/ChangeLog \
109 /lib
/firmware
/check_whence.py \
110 /lib
/firmware
/cis
/src \
111 /lib
/firmware
/copy-firmware.sh \
112 /lib
/firmware
/cxgb
4/t4fw-1.20
.8.0.bin \
113 /lib
/firmware
/cxgb
4/t4fw-1.24
.3.0.bin \
114 /lib
/firmware
/cxgb
4/t5fw-1.20
.8.0.bin \
115 /lib
/firmware
/cxgb
4/t5fw-1.24
.3.0.bin \
116 /lib
/firmware
/cxgb
4/t6fw-1.20
.8.0.bin \
117 /lib
/firmware
/cxgb
4/t6fw-1.24
.3.0.bin \
118 /lib
/firmware
/GPL-2 \
119 /lib
/firmware
/GPL-3 \
120 /lib
/firmware
/isci
/README \
121 /lib
/firmware
/LICENCE.
* \
122 /lib
/firmware
/Makefile \
123 /lib
/firmware
/mellanox
/ \
124 /lib
/firmware
/mrvl
/prestera
/ \
125 /lib
/firmware
/qca
/NOTICE.txt \
126 /lib
/firmware
/qcom
/NOTICE.txt \
127 /lib
/firmware
/qcom
/sdm845
/ \
128 /lib
/firmware
/qcom
/sm8250 \
129 /lib
/firmware
/README \
130 /lib
/firmware
/WHENCE \
131 /lib
/kbd
/keymaps
/i386
/qwerty
/fi-latin1.map.gz \
132 /lib
/kbd
/keymaps
/i386
/qwerty
/fi-latin9.map.gz \
137 /lib
/libhistory.so
.5 \
138 /lib
/libhistory.so
.5.2 \
140 /lib
/libip4tc.so
.0.1.0 \
142 /lib
/libip6tc.so
.0.1.0 \
145 /lib
/libiptc.so
.0.0.0 \
146 /lib
/libnss_nis-2.31.so \
147 /lib
/libnss_nisplus-2.31.so \
148 /lib
/libnss_nisplus.so
.2 \
149 /lib
/libnss_nis.so
.2 \
150 /lib
/libproc-3.2
.8.so \
151 /lib
/libreadline.so
.5 \
152 /lib
/libreadline.so
.5.2 \
155 /lib
/libsysfs.so
.1.0.3 \
156 /lib
/udev
/bluetooth_serial \
157 /lib
/udev
/rules.d
/24-bluetooth.rules \
158 /lib
/xtables
/libxt_IMQ.so \
159 /opt
/pakfire
/pakfire-2007.key \
163 /sbin
/xfs_scrub_all \
164 /srv
/web
/ipfire
/cgi-bin
/bluetooth.cgi \
165 /usr
/bin
/ez-ipupdate \
166 /usr
/bin
/fusermount \
167 /usr
/bin
/gawk-5.1
.0 \
172 /usr
/bin
/pango-querymodules \
173 /usr
/bin
/perl5.30
.0 \
174 /usr
/bin
/setlogcons \
175 /usr
/bin
/setvesablank \
177 /usr
/bin
/ulockmgr_server \
178 /usr
/include
/python2.7 \
181 /usr
/lib
/findutils
/bigram \
182 /usr
/lib
/findutils
/code \
183 /usr
/lib
/gawk
/testext.so \
185 /usr
/lib
/libasan.so
.5 \
186 /usr
/lib
/libasan.so
.5.0.0 \
187 /usr
/lib
/libbfd-2.32.so \
188 /usr
/lib
/libbfd-2.34.so \
189 /usr
/lib
/libbfd-2.35
.1.so \
190 /usr
/lib
/libbind9-9.16
.22.so \
191 /usr
/lib
/libbind9-9.16
.26.so \
192 /usr
/lib
/libbind9.so
.161 \
193 /usr
/lib
/libbind9.so
.161.0.4 \
194 /usr
/lib
/libblkid.so \
195 /usr
/lib
/libdns-9.16
.22.so \
196 /usr
/lib
/libdns-9.16
.26.so \
197 /usr
/lib
/libdnssec.so
.7 \
198 /usr
/lib
/libdnssec.so
.7.0.0 \
199 /usr
/lib
/libdns.so.
* \
200 /usr
/lib
/libevent-2.1.so
.6 \
201 /usr
/lib
/libevent-2.1.so
.6.0.2 \
202 /usr
/lib
/libevent_core-2.1.so
.6 \
203 /usr
/lib
/libevent_core-2.1.so
.6.0.2 \
204 /usr
/lib
/libevent_extra-2.1.so
.6 \
205 /usr
/lib
/libevent_extra-2.1.so
.6.0.2 \
206 /usr
/lib
/libevent_openssl-2.1.so
.6 \
207 /usr
/lib
/libevent_openssl-2.1.so
.6.0.2 \
208 /usr
/lib
/libevent_openssl.so \
209 /usr
/lib
/libevent_pthreads-2.1.so
.6 \
210 /usr
/lib
/libevent_pthreads-2.1.so
.6.0.2 \
211 /usr
/lib
/libevent_pthreads.so \
212 /usr
/lib
/libexpat.so \
213 /usr
/lib
/libexslt.so \
214 /usr
/lib
/libffi.so
.6 \
215 /usr
/lib
/libffi.so
.6.0.4 \
216 /usr
/lib
/libffi.so
.7 \
217 /usr
/lib
/libffi.so
.7.1.0 \
218 /usr
/lib
/libfuse.so \
219 /usr
/lib
/libfuse.so
.2 \
220 /usr
/lib
/libfuse.so
.2.9.7 \
221 /usr
/lib
/libgdbm_compat.so \
222 /usr
/lib
/libgdbm_compat.so
.3 \
223 /usr
/lib
/libgdbm_compat.so
.3.0.0 \
224 /usr
/lib
/libgdbm.so \
225 /usr
/lib
/libgdbm.so
.3 \
226 /usr
/lib
/libgdbm.so
.3.0.0 \
228 /usr
/lib
/libgd.so
.2 \
229 /usr
/lib
/libgd.so
.2.0.0 \
230 /usr
/lib
/libgettextlib-0.19
.8.1.so \
231 /usr
/lib
/libgettextsrc-0.19
.8.1.so \
232 /usr
/lib
/libhistory.so
.6 \
233 /usr
/lib
/libhistory.so
.6.3 \
234 /usr
/lib
/libhogweed.so
.5 \
235 /usr
/lib
/libhogweed.so
.5.0 \
237 /usr
/lib
/libidn.so
.11 \
238 /usr
/lib
/libidn.so
.11.6.18 \
239 /usr
/lib
/libirs-9.16
.22.so \
240 /usr
/lib
/libisc-9.16
.22.so \
241 /usr
/lib
/libisc-9.16
.26.so \
242 /usr
/lib
/libisccc-9.16
.22.so \
243 /usr
/lib
/libisccc-9.16
.26.so \
244 /usr
/lib
/libisccc.so
.161 \
245 /usr
/lib
/libisccc.so
.161.0.1 \
246 /usr
/lib
/libisccfg-9.16
.22.so \
247 /usr
/lib
/libisccfg-9.16
.26.so \
248 /usr
/lib
/libisccfg.so
.163 \
249 /usr
/lib
/libisccfg.so
.163.0.8 \
250 /usr
/lib
/libisc.so
.1100 \
251 /usr
/lib
/libisc.so
.1100.3.2 \
252 /usr
/lib
/libisc.so
.1104 \
253 /usr
/lib
/libisc.so
.1104.0.0 \
254 /usr
/lib
/libisc.so
.1105 \
255 /usr
/lib
/libisc.so
.1105.1.1 \
256 /usr
/lib
/libisc.so
.1107 \
257 /usr
/lib
/libisc.so
.1107.0.5 \
258 /usr
/lib
/libixml.so \
259 /usr
/lib
/libknot.so
.10 \
260 /usr
/lib
/libknot.so
.10.0.0 \
261 /usr
/lib
/libknot.so
.11 \
262 /usr
/lib
/libknot.so
.11.0.0 \
263 /usr
/lib
/libknot.so
.9 \
264 /usr
/lib
/libknot.so
.9.0.0 \
265 /usr
/lib
/liblber-2.3.so
.0 \
266 /usr
/lib
/liblber-2.3.so
.0.2.8 \
267 /usr
/lib
/libldap-2.3.so
.0 \
268 /usr
/lib
/libldap-2.3.so
.0.2.8 \
269 /usr
/lib
/libldap_r-2.3.so
.0 \
270 /usr
/lib
/libldap_r-2.3.so
.0.2.8 \
271 /usr
/lib
/libloc.so
.0 \
272 /usr
/lib
/libloc.so
.0.0.0 \
273 /usr
/lib
/liblua-5.3.so \
275 /usr
/lib
/liblwres.so
.161 \
276 /usr
/lib
/liblwres.so
.161.0.4 \
277 /usr
/lib
/libmpfr.so
.4 \
278 /usr
/lib
/libmpfr.so
.4.1.5 \
279 /usr
/lib
/libmpx.so
.2 \
280 /usr
/lib
/libmpx.so
.2.0.1 \
281 /usr
/lib
/libmpxwrappers.so
.2 \
282 /usr
/lib
/libmpxwrappers.so
.2.0.1 \
283 /usr
/lib
/libnettle.so
.7 \
284 /usr
/lib
/libnettle.so
.7.0 \
285 /usr
/lib
/libns-9.16
.22.so \
286 /usr
/lib
/libns-9.16
.26.so \
287 /usr
/lib
/libopcodes-2.32.so \
288 /usr
/lib
/libopcodes-2.34.so \
289 /usr
/lib
/libopcodes-2.35
.1.so \
290 /usr
/lib
/libpcre2-posix.so
.2 \
291 /usr
/lib
/libpcre2-posix.so
.2.0.3 \
292 /usr
/lib
/libpng12.so \
293 /usr
/lib
/libpng12.so
.0 \
294 /usr
/lib
/libpng12.so
.0.57.0 \
295 /usr
/lib
/libpng.so
.3 \
296 /usr
/lib
/libpng.so
.3.57.0 \
297 /usr
/lib
/libpoppler.so
.100 \
298 /usr
/lib
/libpoppler.so
.100.0.0 \
299 /usr
/lib
/libpoppler.so
.110 \
300 /usr
/lib
/libpoppler.so
.110.0.0 \
301 /usr
/lib
/libpoppler.so
.111 \
302 /usr
/lib
/libpoppler.so
.111.0.0 \
303 /usr
/lib
/libpoppler.so
.66 \
304 /usr
/lib
/libpoppler.so
.66.0.0 \
305 /usr
/lib
/libqpdf.so
.17 \
306 /usr
/lib
/libqpdf.so
.17.0.0 \
307 /usr
/lib
/libreadline.so
.6 \
308 /usr
/lib
/libreadline.so
.6.3 \
309 /usr
/lib
/librrd.so
.8.2.1 \
310 /usr
/lib
/libsensors.so
.4 \
311 /usr
/lib
/libsensors.so
.4.4.0 \
312 /usr
/lib
/libsqlite3.so \
313 /usr
/lib
/libthreadutil.so \
314 /usr
/lib
/libthreadutil.so
.6 \
315 /usr
/lib
/libthreadutil.so
.6.0.3 \
316 /usr
/lib
/libulockmgr.so \
317 /usr
/lib
/libulockmgr.so
.1 \
318 /usr
/lib
/libulockmgr.so
.1.0.1 \
319 /usr
/lib
/libupnp.so \
320 /usr
/lib
/libuuid.so \
321 /usr
/lib
/libxml2.so \
322 /usr
/lib
/libxslt.so \
324 /usr
/lib
/perl
5/site_perl
/5.30.0 \
325 /usr
/lib
/python3.8
/ensurepip
/_bundled
/pip-19.2
.3-py2.py3-none-any.whl \
326 /usr
/lib
/python3.8
/idlelib
/Icons
/idle.icns \
327 /usr
/lib
/python3.8
/lib2to
3/Grammar3.8
.1.final
.0.pickle \
328 /usr
/lib
/python3.8
/lib2to
3/PatternGrammar3.8
.1.final
.0.pickle \
329 /usr
/lib
/sqlite3.34
.0 \
330 /usr
/lib
/squid
/basic_nis_auth \
331 /usr
/lib
/squid
/ext_time_quota_acl \
332 /usr
/lib
/tcl
8/8.4/platform-1.0
.14.tm \
333 /usr
/lib
/tcl
8/8.4/platform-1.0
.15.tm \
334 /usr
/lib
/tcl
8/8.5/msgcat-1.6
.0.tm \
335 /usr
/lib
/tcl
8/8.5/tcltest-2.4
.0.tm \
336 /usr
/lib
/tcl
8/8.6/http-2.8
.9.tm \
337 /usr
/lib
/tcl
8/8.6/tdbc
/sqlite3-1.0
.4.tm \
338 /usr
/lib
/tcl
8/8.6/tdbc
/sqlite3-1.1
.2.tm \
340 /usr
/lib
/tdbcmysql1.1
.2 \
341 /usr
/lib
/tdbcodbc1.1
.2 \
342 /usr
/lib
/tdbcpostgres1.1
.2 \
343 /usr
/lib
/thread2.8
.6 \
344 /usr
/libexec
/xtables-addons \
345 /usr
/local
/bin
/convert-ovpn \
346 /usr
/local
/bin
/ovpn-ccd-convert \
347 /usr
/local
/bin
/rebuild-initrd \
348 /usr
/local
/bin
/xt_geoip_build \
349 /usr
/local
/bin
/xt_geoip_update \
353 /usr
/sbin
/update-usbids.sh \
355 /usr
/share
/doc
/fireinfo \
357 /usr
/share
/zoneinfo
/posix
/US
/Pacific-New \
358 /usr
/share
/zoneinfo
/right
/US
/Pacific-New \
359 /usr
/share
/zoneinfo
/US
/Pacific-New \
363 /etc
/init.d
/ipsec stop
368 # update linker config
371 # Delete old 2007 Pakfire key from GPG keyring
372 GNUPGHOME
="/opt/pakfire/etc/.gnupg" gpg
--batch --yes --delete-keys 179740DC4D8C47DC63C099C74BDE364C64D96617
374 # Add new 2022 Pakfire key to GPG keyring
375 GNUPGHOME
="/opt/pakfire/etc/.gnupg" gpg
--import /opt
/pakfire
/pakfire-2022.key
377 # Update Language cache
378 /usr
/local
/bin
/update-lang-cache
381 /usr
/local
/bin
/filesystem-cleanup
383 # Hardlink any identical files to save space
384 hardlink
-c -vv /lib
/firmware
386 # Regenerate all initrds
387 dracut
--regenerate-all --force
389 # Replace /etc/mtab by symlink as mount no longer writes it
391 ln -vs /proc
/self
/mounts
/etc
/mtab
393 # Export the location database again and reload the firewall engine
394 /usr
/local
/bin
/update-location-database
397 perl
-e "require '/var/ipfire/ids-functions.pl'; &IDS::oinkmaster();"
398 /etc
/init.d
/suricata reload
400 # Apply sysctl changes
401 /etc
/init.d
/sysctl start
403 # Apply local configuration to sshd_config
404 /usr
/local
/bin
/sshctrl
407 /etc
/init.d
/apache restart
408 /etc
/init.d
/sshd restart
409 if grep -q "ENABLED=on" /var
/ipfire
/vpn
/settings
; then
410 /etc
/init.d
/ipsec start
413 # Nano is now part of the core system, remove Pakfire metadata for it
414 if [ -e "/opt/pakfire/db/installed/meta-nano" ] && [ -e "/opt/pakfire/db/meta/meta-nano" ]; then
416 /opt
/pakfire
/db
/installed
/meta-nano \
417 /opt
/pakfire
/db
/meta
/meta-nano \
418 /opt
/pakfire
/db
/rootfiles
/nano
421 # remove lm_sensor config after collectd was started
422 # to reserch sensors at next boot with updated kernel
423 rm -f /etc
/sysconfig
/lm_sensors
425 # Upadate Kernel version uEnv.txt
426 if [ -e /boot
/uEnv.txt
]; then
427 sed -i -e "s/KVER=.*/KVER=${KVER}/g" /boot
/uEnv.txt
430 # call user update script (needed for some arm boards)
431 if [ -e /boot
/pakfire-kernel-update
]; then
432 /boot
/pakfire-kernel-update
${KVER}
435 # This update needs a reboot...
436 touch /var
/run
/need_reboot
439 /etc
/init.d
/fireinfo start
442 # Update grub config to display new core version
443 if [ -e /boot
/grub
/grub.cfg
]; then
444 grub-mkconfig
-o /boot
/grub
/grub.cfg
449 # Don't report the exitcode last command