core60: add strongswan security update. core60 v2.11-core60
authorArne Fitzenreiter <arne_f@ipfire.org>
Fri, 1 Jun 2012 10:54:24 +0000 (12:54 +0200)
committerArne Fitzenreiter <arne_f@ipfire.org>
Fri, 1 Jun 2012 10:54:24 +0000 (12:54 +0200)
config/rootfiles/core/60/exclude [new file with mode: 0644]
config/rootfiles/core/60/filelists/files [new file with mode: 0644]
config/rootfiles/core/60/filelists/strongswan [new symlink]
config/rootfiles/core/60/meta [new file with mode: 0644]
config/rootfiles/core/60/update.sh [new file with mode: 0644]
make.sh

diff --git a/config/rootfiles/core/60/exclude b/config/rootfiles/core/60/exclude
new file mode 100644 (file)
index 0000000..7360266
--- /dev/null
@@ -0,0 +1,12 @@
+srv/web/ipfire/html/proxy.pac
+etc/udev/rules.d/30-persistent-network.rules
+etc/ipsec.conf
+etc/ipsec.secrets
+etc/ipsec.user.conf
+etc/ipsec.user.secrets
+var/updatecache
+etc/localtime
+var/ipfire/ovpn
+etc/ssh/ssh_config
+etc/ssh/sshd_config
+etc/ssl/openssl.cnf
diff --git a/config/rootfiles/core/60/filelists/files b/config/rootfiles/core/60/filelists/files
new file mode 100644 (file)
index 0000000..409e5fe
--- /dev/null
@@ -0,0 +1,2 @@
+etc/system-release
+etc/issue
diff --git a/config/rootfiles/core/60/filelists/strongswan b/config/rootfiles/core/60/filelists/strongswan
new file mode 120000 (symlink)
index 0000000..90c727e
--- /dev/null
@@ -0,0 +1 @@
+../../../common/strongswan
\ No newline at end of file
diff --git a/config/rootfiles/core/60/meta b/config/rootfiles/core/60/meta
new file mode 100644 (file)
index 0000000..d547fa8
--- /dev/null
@@ -0,0 +1 @@
+DEPS=""
diff --git a/config/rootfiles/core/60/update.sh b/config/rootfiles/core/60/update.sh
new file mode 100644 (file)
index 0000000..5aaa23e
--- /dev/null
@@ -0,0 +1,83 @@
+#!/bin/bash
+############################################################################
+#                                                                          #
+# This file is part of the IPFire Firewall.                                #
+#                                                                          #
+# IPFire is free software; you can redistribute it and/or modify           #
+# it under the terms of the GNU General Public License as published by     #
+# the Free Software Foundation; either version 3 of the License, or        #
+# (at your option) any later version.                                      #
+#                                                                          #
+# IPFire is distributed in the hope that it will be useful,                #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of           #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the            #
+# GNU General Public License for more details.                             #
+#                                                                          #
+# You should have received a copy of the GNU General Public License        #
+# along with IPFire; if not, write to the Free Software                    #
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307 USA #
+#                                                                          #
+# Copyright (C) 2012 IPFire-Team <info@ipfire.org>.                        #
+#                                                                          #
+############################################################################
+#
+. /opt/pakfire/lib/functions.sh
+/usr/local/bin/backupctrl exclude >/dev/null 2>&1
+
+#
+# Remove old core updates from pakfire cache to save space...
+core=60
+for (( i=1; i<=$core; i++ ))
+do
+       rm -f /var/cache/pakfire/core-upgrade-*-$i.ipfire
+done
+
+#
+#Stop services
+/etc/init.d/ipsec stop
+
+#
+#Extract files
+extract_files
+#
+#Start services
+if [ `grep "ENABLED=on" /var/ipfire/vpn/settings` ]; then
+       /etc/init.d/ipsec start
+fi
+
+#
+#Update Language cache
+#perl -e "require '/var/ipfire/lang.pl'; &Lang::BuildCacheLang"
+
+#Rebuild module dep's
+#arch=`uname -m`
+#if [ ${arch::3} == "arm" ]; then
+#      depmod -a 2.6.32.45-ipfire-versatile >/dev/null 2>&1
+#      depmod -a 2.6.32.45-ipfire-kirkwood >/dev/null 2>&1
+#else
+#      depmod -a 2.6.32.45-ipfire     >/dev/null 2>&1
+#      depmod -a 2.6.32.45-ipfire-pae >/dev/null 2>&1
+#      depmod -a 2.6.32.45-ipfire-xen >/dev/null 2>&1
+#fi
+
+
+#Rebuild initrd's because some compat-wireless modules are inside
+#/sbin/dracut --force --verbose /boot/ipfirerd-2.6.32.45.img 2.6.32.45-ipfire
+#if [ -e /boot/ipfirerd-2.6.32.45-pae.img ]; then
+#/sbin/dracut --force --verbose /boot/ipfirerd-2.6.32.45-pae.img 2.6.32.45-ipfire-pae
+#fi
+#if [ -e /boot/ipfirerd-2.6.32.45-xen.img ]; then
+#/sbin/dracut --force --verbose /boot/ipfirerd-2.6.32.45-xen.img 2.6.32.45-ipfire-xen
+#fi
+
+sync
+
+# This update need a reboot...
+#touch /var/run/need_reboot
+
+#
+#Finish
+/etc/init.d/fireinfo start
+sendprofile
+#Don't report the exitcode last command
+exit 0
diff --git a/make.sh b/make.sh
index 3b447c8..6b1c93d 100755 (executable)
--- a/make.sh
+++ b/make.sh
@@ -25,8 +25,8 @@
 NAME="IPFire"                                                  # Software name
 SNAME="ipfire"                                                 # Short name
 VERSION="2.11"                                                 # Version number
-CORE="59"                                                      # Core Level (Filename)
-PAKFIRE_CORE="59"                                              # Core Level (PAKFIRE)
+CORE="60"                                                      # Core Level (Filename)
+PAKFIRE_CORE="60"                                              # Core Level (PAKFIRE)
 GIT_BRANCH=`git status | head -n1 | cut -d" " -f4`             # Git Branch
 SLOGAN="www.ipfire.org"                                                # Software slogan
 CONFIG_ROOT=/var/ipfire                                                # Configuration rootdir