From 0778b991c9e9a12ab4eee66c5846d56a708a5418 Mon Sep 17 00:00:00 2001 From: Arne Fitzenreiter Date: Tue, 14 Apr 2015 10:27:17 +0200 Subject: [PATCH] start core90. --- config/rootfiles/core/90/exclude | 26 ++ config/rootfiles/core/90/filelists/apache2 | 1 + .../core/90/filelists/armv5tel/linux-kirkwood | 1 + .../core/90/filelists/armv5tel/linux-multi | 1 + .../core/90/filelists/armv5tel/linux-rpi | 1 + config/rootfiles/core/90/filelists/curl | 1 + config/rootfiles/core/90/filelists/cyrus-sasl | 1 + config/rootfiles/core/90/filelists/dhcp | 1 + config/rootfiles/core/90/filelists/dhcpcd | 1 + config/rootfiles/core/90/filelists/dracut | 1 + config/rootfiles/core/90/filelists/expat | 1 + config/rootfiles/core/90/filelists/files | 7 + config/rootfiles/core/90/filelists/groff | 1 + config/rootfiles/core/90/filelists/i586/acpid | 1 + config/rootfiles/core/90/filelists/i586/linux | 1 + .../core/90/filelists/i586/linux-initrd | 1 + config/rootfiles/core/90/filelists/iputils | 1 + config/rootfiles/core/90/filelists/libjpeg | 1 + config/rootfiles/core/90/filelists/logrotate | 1 + config/rootfiles/core/90/filelists/logwatch | 1 + config/rootfiles/core/90/filelists/openssl | 1 + config/rootfiles/core/90/filelists/strongswan | 1 + config/rootfiles/core/90/filelists/udev | 1 + .../core/90/filelists/wpa_supplicant | 1 + config/rootfiles/core/90/meta | 1 + config/rootfiles/core/90/update.sh | 248 ++++++++++++++++++ make.sh | 4 +- 27 files changed, 306 insertions(+), 2 deletions(-) create mode 100644 config/rootfiles/core/90/exclude create mode 120000 config/rootfiles/core/90/filelists/apache2 create mode 120000 config/rootfiles/core/90/filelists/armv5tel/linux-kirkwood create mode 120000 config/rootfiles/core/90/filelists/armv5tel/linux-multi create mode 120000 config/rootfiles/core/90/filelists/armv5tel/linux-rpi create mode 120000 config/rootfiles/core/90/filelists/curl create mode 120000 config/rootfiles/core/90/filelists/cyrus-sasl create mode 120000 config/rootfiles/core/90/filelists/dhcp create mode 120000 config/rootfiles/core/90/filelists/dhcpcd create mode 120000 config/rootfiles/core/90/filelists/dracut create mode 120000 config/rootfiles/core/90/filelists/expat create mode 100644 config/rootfiles/core/90/filelists/files create mode 120000 config/rootfiles/core/90/filelists/groff create mode 120000 config/rootfiles/core/90/filelists/i586/acpid create mode 120000 config/rootfiles/core/90/filelists/i586/linux create mode 120000 config/rootfiles/core/90/filelists/i586/linux-initrd create mode 120000 config/rootfiles/core/90/filelists/iputils create mode 120000 config/rootfiles/core/90/filelists/libjpeg create mode 120000 config/rootfiles/core/90/filelists/logrotate create mode 120000 config/rootfiles/core/90/filelists/logwatch create mode 120000 config/rootfiles/core/90/filelists/openssl create mode 120000 config/rootfiles/core/90/filelists/strongswan create mode 120000 config/rootfiles/core/90/filelists/udev create mode 120000 config/rootfiles/core/90/filelists/wpa_supplicant create mode 100644 config/rootfiles/core/90/meta create mode 100644 config/rootfiles/core/90/update.sh diff --git a/config/rootfiles/core/90/exclude b/config/rootfiles/core/90/exclude new file mode 100644 index 0000000000..5be5371aaf --- /dev/null +++ b/config/rootfiles/core/90/exclude @@ -0,0 +1,26 @@ +boot/config.txt +etc/collectd.custom +etc/ipsec.conf +etc/ipsec.secrets +etc/ipsec.user.conf +etc/ipsec.user.secrets +etc/localtime +etc/rc.d/rcsysinit.d/S19checkfstab +etc/rc.d/rcsysinit.d/S70console +etc/shadow +etc/ssh/ssh_config +etc/ssh/sshd_config +etc/ssl/openssl.cnf +etc/sudoers +etc/sysconfig/firewall.local +etc/sysconfig/modules +etc/sysconfig/rc.local +etc/udev/rules.d/30-persistent-network.rules +srv/web/ipfire/html/proxy.pac +var/ipfire/time +var/ipfire/ovpn/ccd.conf +var/ipfire/ovpn/ccdroute +var/ipfire/ovpn/ccdroute2 +var/log/cache +var/state/dhcp/dhcpd.leases +var/updatecache diff --git a/config/rootfiles/core/90/filelists/apache2 b/config/rootfiles/core/90/filelists/apache2 new file mode 120000 index 0000000000..eef95efa72 --- /dev/null +++ b/config/rootfiles/core/90/filelists/apache2 @@ -0,0 +1 @@ +../../../common/apache2 \ No newline at end of file diff --git a/config/rootfiles/core/90/filelists/armv5tel/linux-kirkwood b/config/rootfiles/core/90/filelists/armv5tel/linux-kirkwood new file mode 120000 index 0000000000..72171071e6 --- /dev/null +++ b/config/rootfiles/core/90/filelists/armv5tel/linux-kirkwood @@ -0,0 +1 @@ +../../../../common/armv5tel/linux-kirkwood \ No newline at end of file diff --git a/config/rootfiles/core/90/filelists/armv5tel/linux-multi b/config/rootfiles/core/90/filelists/armv5tel/linux-multi new file mode 120000 index 0000000000..204eb4c437 --- /dev/null +++ b/config/rootfiles/core/90/filelists/armv5tel/linux-multi @@ -0,0 +1 @@ +../../../../common/armv5tel/linux-multi \ No newline at end of file diff --git a/config/rootfiles/core/90/filelists/armv5tel/linux-rpi b/config/rootfiles/core/90/filelists/armv5tel/linux-rpi new file mode 120000 index 0000000000..a651a498fe --- /dev/null +++ b/config/rootfiles/core/90/filelists/armv5tel/linux-rpi @@ -0,0 +1 @@ +../../../../common/armv5tel/linux-rpi \ No newline at end of file diff --git a/config/rootfiles/core/90/filelists/curl b/config/rootfiles/core/90/filelists/curl new file mode 120000 index 0000000000..4b84bef53a --- /dev/null +++ b/config/rootfiles/core/90/filelists/curl @@ -0,0 +1 @@ +../../../common/curl \ No newline at end of file diff --git a/config/rootfiles/core/90/filelists/cyrus-sasl b/config/rootfiles/core/90/filelists/cyrus-sasl new file mode 120000 index 0000000000..bb51b4c92c --- /dev/null +++ b/config/rootfiles/core/90/filelists/cyrus-sasl @@ -0,0 +1 @@ +../../../common/cyrus-sasl \ No newline at end of file diff --git a/config/rootfiles/core/90/filelists/dhcp b/config/rootfiles/core/90/filelists/dhcp new file mode 120000 index 0000000000..32d8da443d --- /dev/null +++ b/config/rootfiles/core/90/filelists/dhcp @@ -0,0 +1 @@ +../../../common/dhcp \ No newline at end of file diff --git a/config/rootfiles/core/90/filelists/dhcpcd b/config/rootfiles/core/90/filelists/dhcpcd new file mode 120000 index 0000000000..1e799dabb4 --- /dev/null +++ b/config/rootfiles/core/90/filelists/dhcpcd @@ -0,0 +1 @@ +../../../common/dhcpcd \ No newline at end of file diff --git a/config/rootfiles/core/90/filelists/dracut b/config/rootfiles/core/90/filelists/dracut new file mode 120000 index 0000000000..160869946d --- /dev/null +++ b/config/rootfiles/core/90/filelists/dracut @@ -0,0 +1 @@ +../../../common/dracut \ No newline at end of file diff --git a/config/rootfiles/core/90/filelists/expat b/config/rootfiles/core/90/filelists/expat new file mode 120000 index 0000000000..e1923cf639 --- /dev/null +++ b/config/rootfiles/core/90/filelists/expat @@ -0,0 +1 @@ +../../../common/expat \ No newline at end of file diff --git a/config/rootfiles/core/90/filelists/files b/config/rootfiles/core/90/filelists/files new file mode 100644 index 0000000000..2ef5ded31f --- /dev/null +++ b/config/rootfiles/core/90/filelists/files @@ -0,0 +1,7 @@ +etc/system-release +etc/issue +etc/rc.d/init.d/network-trigger +etc/rc.d/rcsysinit.d/S90network-trigger +usr/lib/firewall/rules.pl +var/ipfire/backup/include +var/ipfire/langs diff --git a/config/rootfiles/core/90/filelists/groff b/config/rootfiles/core/90/filelists/groff new file mode 120000 index 0000000000..232291e521 --- /dev/null +++ b/config/rootfiles/core/90/filelists/groff @@ -0,0 +1 @@ +../../../common/groff \ No newline at end of file diff --git a/config/rootfiles/core/90/filelists/i586/acpid b/config/rootfiles/core/90/filelists/i586/acpid new file mode 120000 index 0000000000..21d36ee1dd --- /dev/null +++ b/config/rootfiles/core/90/filelists/i586/acpid @@ -0,0 +1 @@ +../../../../common/i586/acpid \ No newline at end of file diff --git a/config/rootfiles/core/90/filelists/i586/linux b/config/rootfiles/core/90/filelists/i586/linux new file mode 120000 index 0000000000..693ec4bbf9 --- /dev/null +++ b/config/rootfiles/core/90/filelists/i586/linux @@ -0,0 +1 @@ +../../../../common/i586/linux \ No newline at end of file diff --git a/config/rootfiles/core/90/filelists/i586/linux-initrd b/config/rootfiles/core/90/filelists/i586/linux-initrd new file mode 120000 index 0000000000..32a03e6a90 --- /dev/null +++ b/config/rootfiles/core/90/filelists/i586/linux-initrd @@ -0,0 +1 @@ +../../../../common/i586/linux-initrd \ No newline at end of file diff --git a/config/rootfiles/core/90/filelists/iputils b/config/rootfiles/core/90/filelists/iputils new file mode 120000 index 0000000000..361c28f71a --- /dev/null +++ b/config/rootfiles/core/90/filelists/iputils @@ -0,0 +1 @@ +../../../common/iputils \ No newline at end of file diff --git a/config/rootfiles/core/90/filelists/libjpeg b/config/rootfiles/core/90/filelists/libjpeg new file mode 120000 index 0000000000..3b1a782fb1 --- /dev/null +++ b/config/rootfiles/core/90/filelists/libjpeg @@ -0,0 +1 @@ +../../../common/libjpeg \ No newline at end of file diff --git a/config/rootfiles/core/90/filelists/logrotate b/config/rootfiles/core/90/filelists/logrotate new file mode 120000 index 0000000000..bc192c05db --- /dev/null +++ b/config/rootfiles/core/90/filelists/logrotate @@ -0,0 +1 @@ +../../../common/logrotate \ No newline at end of file diff --git a/config/rootfiles/core/90/filelists/logwatch b/config/rootfiles/core/90/filelists/logwatch new file mode 120000 index 0000000000..f14eabda99 --- /dev/null +++ b/config/rootfiles/core/90/filelists/logwatch @@ -0,0 +1 @@ +../../../common/logwatch \ No newline at end of file diff --git a/config/rootfiles/core/90/filelists/openssl b/config/rootfiles/core/90/filelists/openssl new file mode 120000 index 0000000000..e011a9266c --- /dev/null +++ b/config/rootfiles/core/90/filelists/openssl @@ -0,0 +1 @@ +../../../common/openssl \ No newline at end of file diff --git a/config/rootfiles/core/90/filelists/strongswan b/config/rootfiles/core/90/filelists/strongswan new file mode 120000 index 0000000000..90c727e265 --- /dev/null +++ b/config/rootfiles/core/90/filelists/strongswan @@ -0,0 +1 @@ +../../../common/strongswan \ No newline at end of file diff --git a/config/rootfiles/core/90/filelists/udev b/config/rootfiles/core/90/filelists/udev new file mode 120000 index 0000000000..e967a1c925 --- /dev/null +++ b/config/rootfiles/core/90/filelists/udev @@ -0,0 +1 @@ +../../../common/udev \ No newline at end of file diff --git a/config/rootfiles/core/90/filelists/wpa_supplicant b/config/rootfiles/core/90/filelists/wpa_supplicant new file mode 120000 index 0000000000..1d04c03c01 --- /dev/null +++ b/config/rootfiles/core/90/filelists/wpa_supplicant @@ -0,0 +1 @@ +../../../common/wpa_supplicant \ No newline at end of file diff --git a/config/rootfiles/core/90/meta b/config/rootfiles/core/90/meta new file mode 100644 index 0000000000..d547fa86fa --- /dev/null +++ b/config/rootfiles/core/90/meta @@ -0,0 +1 @@ +DEPS="" diff --git a/config/rootfiles/core/90/update.sh b/config/rootfiles/core/90/update.sh new file mode 100644 index 0000000000..6af052c0be --- /dev/null +++ b/config/rootfiles/core/90/update.sh @@ -0,0 +1,248 @@ +#!/bin/bash +############################################################################ +# # +# This file is part of the IPFire Firewall. # +# # +# IPFire is free software; you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation; either version 3 of the License, or # +# (at your option) any later version. # +# # +# IPFire is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with IPFire; if not, write to the Free Software # +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # +# # +# Copyright (C) 2014 IPFire-Team . # +# # +############################################################################ +# +. /opt/pakfire/lib/functions.sh +/usr/local/bin/backupctrl exclude >/dev/null 2>&1 + + +function find_device() { + local mountpoint="${1}" + + local root + local dev mp fs flags rest + while read -r dev mp fs flags rest; do + # Skip unwanted entries + [ "${dev}" = "rootfs" ] && continue + + if [ "${mp}" = "${mountpoint}" ] && [ -b "${dev}" ]; then + root="$(basename "${dev}")" + break + fi + done < /proc/mounts + + # Get the actual device from the partition that holds / + while [ -n "${root}" ]; do + if [ -e "/sys/block/${root}" ]; then + echo "${root}" + return 0 + fi + + # Remove last character + root="${root::-1}" + done + + return 1 +} + + +# +# Remove old core updates from pakfire cache to save space... +core=90 +for (( i=1; i<=${core}; i++ )) +do + rm -f /var/cache/pakfire/core-upgrade-*-$i.ipfire +done + +# +# Do some sanity checks. +case $(uname -r) in + *-ipfire-versatile ) + /usr/bin/logger -p syslog.emerg -t ipfire \ + "core-update-${core}: ERROR cannot update. versatile support is dropped." + # Report no error to pakfire. So it does not try to install it again. + exit 0 + ;; + *-ipfire* ) + # Ok. + ;; + * ) + /usr/bin/logger -p syslog.emerg -t ipfire \ + "core-update-${core}: ERROR cannot update. No IPFire Kernel." + exit 1 + ;; +esac + + +# +# +KVER="xxxKVERxxx" + +# Check diskspace on root +ROOTSPACE=`df / -Pk | sed "s| * | |g" | cut -d" " -f4 | tail -n 1` + +if [ $ROOTSPACE -lt 100000 ]; then + /usr/bin/logger -p syslog.emerg -t ipfire \ + "core-update-${core}: ERROR cannot update because not enough free space on root." + exit 2 +fi + + +echo +echo Update Kernel to $KVER ... +# +# Remove old kernel, configs, initrd, modules, dtb's ... +# +rm -rf /boot/System.map-* +rm -rf /boot/config-* +rm -rf /boot/ipfirerd-* +rm -rf /boot/initramfs-* +rm -rf /boot/vmlinuz-* +rm -rf /boot/uImage-ipfire-* +rm -rf /boot/uInit-ipfire-* +rm -rf /boot/dtb-*-ipfire-* +rm -rf /lib/modules + +case "$(uname -m)" in + armv*) + # Backup uEnv.txt if exist + if [ -e /boot/uEnv.txt ]; then + cp -vf /boot/uEnv.txt /boot/uEnv.txt.org + fi + + # work around the u-boot folder detection bug + mkdir -pv /boot/dtb-$KVER-ipfire-kirkwood + mkdir -pv /boot/dtb-$KVER-ipfire-multi + ;; +esac + +# +#Stop services +/etc/init.d/snort stop +/etc/init.d/squid stop +/etc/init.d/ipsec stop +/etc/init.d/apache stop + +# +#Extract files +tar xavf /opt/pakfire/tmp/files* --no-overwrite-dir -p --numeric-owner -C / + +# Check diskspace on boot +BOOTSPACE=`df /boot -Pk | sed "s| * | |g" | cut -d" " -f4 | tail -n 1` + +if [ $BOOTSPACE -lt 1000 ]; then + case $(uname -r) in + *-ipfire-kirkwood ) + # Special handling for old kirkwood images. + # (install only kirkwood kernel) + rm -rf /boot/* + # work around the u-boot folder detection bug + mkdir -pv /boot/dtb-$KVER-ipfire-kirkwood + tar xavf /opt/pakfire/tmp/files* --no-overwrite-dir -p \ + --numeric-owner -C / --wildcards 'boot/*-kirkwood*' + ;; + * ) + /usr/bin/logger -p syslog.emerg -t ipfire \ + "core-update-${core}: FATAL-ERROR space run out on boot. System is not bootable..." + /etc/init.d/apache start + exit 4 + ;; + esac +fi + +# Update Language cache +perl -e "require '/var/ipfire/lang.pl'; &Lang::BuildCacheLang" + +# +# Start services +# +/etc/init.d/apache start +/etc/init.d/squid start +/etc/init.d/snort start +if [ `grep "ENABLED=on" /var/ipfire/vpn/settings` ]; then + /etc/init.d/ipsec start +fi + +case "$(uname -m)" in + i?86) + case "$(find_device "/")" in + xvd* ) + echo Skip remove grub2 files, because pygrub fail. + rm -f /boot/grub/* + echo config will recreated by linux-pae install. + ;; + * ) + # + # Update to GRUB2 config + # + grub-mkconfig > /boot/grub/grub.cfg + ;; + esac +esac + +# Force (re)install pae kernel if pae is supported +rm -rf /opt/pakfire/db/*/meta-linux-pae +if [ ! "$(grep "^flags.* pae " /proc/cpuinfo)" == "" ]; then + ROOTSPACE=`df / -Pk | sed "s| * | |g" | cut -d" " -f4 | tail -n 1` + BOOTSPACE=`df /boot -Pk | sed "s| * | |g" | cut -d" " -f4 | tail -n 1` + if [ $BOOTSPACE -lt 12000 -o $ROOTSPACE -lt 90000 ]; then + /usr/bin/logger -p syslog.emerg -t ipfire \ + "core-update-${core}: WARNING not enough space for pae kernel." + else + echo "Name: linux-pae" > /opt/pakfire/db/installed/meta-linux-pae + echo "ProgVersion: 0" >> /opt/pakfire/db/installed/meta-linux-pae + echo "Release: 0" >> /opt/pakfire/db/installed/meta-linux-pae + echo "Name: linux-pae" > /opt/pakfire/db/meta/meta-linux-pae + echo "ProgVersion: 0" >> /opt/pakfire/db/meta/meta-linux-pae + echo "Release: 0" >> /opt/pakfire/db/meta/meta-linux-pae + fi +fi + +# +# After pakfire has ended run it again and update the lists and do upgrade +# +echo '#!/bin/bash' > /tmp/pak_update +echo 'while [ "$(ps -A | grep " update.sh")" != "" ]; do' >> /tmp/pak_update +echo ' sleep 1' >> /tmp/pak_update +echo 'done' >> /tmp/pak_update +echo 'while [ "$(ps -A | grep " pakfire")" != "" ]; do' >> /tmp/pak_update +echo ' sleep 1' >> /tmp/pak_update +echo 'done' >> /tmp/pak_update +echo '/opt/pakfire/pakfire update -y --force' >> /tmp/pak_update +echo '/opt/pakfire/pakfire upgrade -y' >> /tmp/pak_update +echo '/opt/pakfire/pakfire upgrade -y' >> /tmp/pak_update +echo '/opt/pakfire/pakfire upgrade -y' >> /tmp/pak_update +echo '/usr/bin/logger -p syslog.emerg -t ipfire "Core-upgrade finished. If you use a customized grub/uboot config"' >> /tmp/pak_update +echo '/usr/bin/logger -p syslog.emerg -t ipfire "Check it before reboot !!!"' >> /tmp/pak_update +echo '/usr/bin/logger -p syslog.emerg -t ipfire " *** Please reboot... *** "' >> /tmp/pak_update +echo 'touch /var/run/need_reboot ' >> /tmp/pak_update +# +killall -KILL pak_update +chmod +x /tmp/pak_update +/tmp/pak_update & + +sync + +# +#Finish +( + /etc/init.d/fireinfo start + sendprofile +) >/dev/null 2>&1 & + +echo +echo Please wait until pakfire has ended... +echo + +# Don't report the exitcode last command +exit 0 + diff --git a/make.sh b/make.sh index 0326a90648..316917e0b3 100755 --- a/make.sh +++ b/make.sh @@ -17,7 +17,7 @@ # along with IPFire; if not, write to the Free Software # # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # # # -# Copyright (C) 2007-2014 IPFire Team . # +# Copyright (C) 2007-2015 IPFire Team . # # # ############################################################################ # @@ -25,7 +25,7 @@ NAME="IPFire" # Software name SNAME="ipfire" # Short name VERSION="2.17" # Version number -CORE="89" # Core Level (Filename) +CORE="90" # Core Level (Filename) PAKFIRE_CORE="89" # Core Level (PAKFIRE) GIT_BRANCH=`git rev-parse --abbrev-ref HEAD` # Git Branch SLOGAN="www.ipfire.org" # Software slogan -- 2.39.2