From 5a9039f1322e6354d48f13a92b84c68201a37a4e Mon Sep 17 00:00:00 2001
From: Arne Fitzenreiter <arne_f@ipfire.org>
Date: Wed, 17 Feb 2016 13:52:51 +0100
Subject: [PATCH] core98: new update with glibc security fixes.

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
---
 config/rootfiles/core/98/exclude              | 25 ++++++
 .../core/98/filelists/armv5tel/glibc          |  1 +
 config/rootfiles/core/98/filelists/files      |  2 +
 config/rootfiles/core/98/filelists/i586/glibc |  1 +
 .../rootfiles/core/98/filelists/x86_64/glibc  |  1 +
 config/rootfiles/core/98/meta                 |  1 +
 config/rootfiles/core/98/update.sh            | 83 +++++++++++++++++++
 make.sh                                       |  6 +-
 8 files changed, 117 insertions(+), 3 deletions(-)
 create mode 100644 config/rootfiles/core/98/exclude
 create mode 120000 config/rootfiles/core/98/filelists/armv5tel/glibc
 create mode 100644 config/rootfiles/core/98/filelists/files
 create mode 120000 config/rootfiles/core/98/filelists/i586/glibc
 create mode 120000 config/rootfiles/core/98/filelists/x86_64/glibc
 create mode 100644 config/rootfiles/core/98/meta
 create mode 100644 config/rootfiles/core/98/update.sh

diff --git a/config/rootfiles/core/98/exclude b/config/rootfiles/core/98/exclude
new file mode 100644
index 0000000000..d87f175b5f
--- /dev/null
+++ b/config/rootfiles/core/98/exclude
@@ -0,0 +1,25 @@
+boot/config.txt
+etc/alternatives
+etc/collectd.custom
+etc/ipsec.conf
+etc/ipsec.secrets
+etc/ipsec.user.conf
+etc/ipsec.user.secrets
+etc/localtime
+etc/shadow
+etc/snort/snort.conf
+etc/ssh/ssh_config
+etc/ssh/sshd_config
+etc/ssl/openssl.cnf
+etc/sudoers
+etc/sysconfig/firewall.local
+etc/sysconfig/rc.local
+etc/udev/rules.d/30-persistent-network.rules
+srv/web/ipfire/html/proxy.pac
+var/ipfire/dma
+var/ipfire/time
+var/ipfire/ovpn
+var/lib/alternatives
+var/log/cache
+var/state/dhcp/dhcpd.leases
+var/updatecache
diff --git a/config/rootfiles/core/98/filelists/armv5tel/glibc b/config/rootfiles/core/98/filelists/armv5tel/glibc
new file mode 120000
index 0000000000..4c70d724b4
--- /dev/null
+++ b/config/rootfiles/core/98/filelists/armv5tel/glibc
@@ -0,0 +1 @@
+../../../../common/armv5tel/glibc
\ No newline at end of file
diff --git a/config/rootfiles/core/98/filelists/files b/config/rootfiles/core/98/filelists/files
new file mode 100644
index 0000000000..409e5fe8ac
--- /dev/null
+++ b/config/rootfiles/core/98/filelists/files
@@ -0,0 +1,2 @@
+etc/system-release
+etc/issue
diff --git a/config/rootfiles/core/98/filelists/i586/glibc b/config/rootfiles/core/98/filelists/i586/glibc
new file mode 120000
index 0000000000..943021f19a
--- /dev/null
+++ b/config/rootfiles/core/98/filelists/i586/glibc
@@ -0,0 +1 @@
+../../../../common/i586/glibc
\ No newline at end of file
diff --git a/config/rootfiles/core/98/filelists/x86_64/glibc b/config/rootfiles/core/98/filelists/x86_64/glibc
new file mode 120000
index 0000000000..1119099669
--- /dev/null
+++ b/config/rootfiles/core/98/filelists/x86_64/glibc
@@ -0,0 +1 @@
+../../../../common/x86_64/glibc
\ No newline at end of file
diff --git a/config/rootfiles/core/98/meta b/config/rootfiles/core/98/meta
new file mode 100644
index 0000000000..d547fa86fa
--- /dev/null
+++ b/config/rootfiles/core/98/meta
@@ -0,0 +1 @@
+DEPS=""
diff --git a/config/rootfiles/core/98/update.sh b/config/rootfiles/core/98/update.sh
new file mode 100644
index 0000000000..ec9c1aaa69
--- /dev/null
+++ b/config/rootfiles/core/98/update.sh
@@ -0,0 +1,83 @@
+#!/bin/bash
+############################################################################
+#                                                                          #
+# This file is part of the IPFire Firewall.                                #
+#                                                                          #
+# IPFire is free software; you can redistribute it and/or modify           #
+# it under the terms of the GNU General Public License as published by     #
+# the Free Software Foundation; either version 3 of the License, or        #
+# (at your option) any later version.                                      #
+#                                                                          #
+# IPFire is distributed in the hope that it will be useful,                #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of           #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the            #
+# GNU General Public License for more details.                             #
+#                                                                          #
+# You should have received a copy of the GNU General Public License        #
+# along with IPFire; if not, write to the Free Software                    #
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307 USA #
+#                                                                          #
+# Copyright (C) 2016 IPFire-Team <info@ipfire.org>.                        #
+#                                                                          #
+############################################################################
+#
+. /opt/pakfire/lib/functions.sh
+/usr/local/bin/backupctrl exclude >/dev/null 2>&1
+
+# Remove old core updates from pakfire cache to save space...
+core=98
+for (( i=1; i<=$core; i++ ))
+do
+	rm -f /var/cache/pakfire/core-upgrade-*-$i.ipfire
+done
+
+# Stop services
+
+# Extract files
+extract_files
+
+# Bugfixes for core96 updater bugs...
+if [ -e /boot/grub/grub.conf ]; then
+	# legacy grub config on xen or citrix conflicts with grub2 config
+	rm /boot/grub/grub.cfg
+fi
+
+if [ -e /boot/grub/grub.cfg ]; then
+	# test if serial console is enabled
+	grep "^7:2345" /etc/inittab > /dev/null
+	if [ "${?}" == "0" ]; then
+		# Fix grub config for serial console
+		sed -i /etc/default/grub \
+			-e "s|\"panic=10\"|\"panic=10 console=ttyS0,115200n8\"|g"
+		sed -i /etc/default/grub \
+			-e "s|^GRUB_TERMINAL=.*||g"
+		sed -i /etc/default/grub \
+			-e "s|^GRUB_SERIAL_COMMAND=.*||g"
+		echo "GRUB_TERMINAL=\"serial\"" >> /etc/default/grub
+		echo "GRUB_SERIAL_COMMAND=\"serial --unit=0 --speed=115200\"" >> /etc/default/grub
+	fi
+fi
+
+
+# Update Language cache
+# /usr/local/bin/update-lang-cache
+
+# restart init after glibc update
+telinit u
+
+# Start services
+
+# This update need a reboot...
+touch /var/run/need_reboot
+
+# Finish
+/etc/init.d/fireinfo start
+sendprofile
+# Update grub config to display new core version
+if [ -e /boot/grub/grub.cfg ]; then
+	grub-mkconfig -o /boot/grub/grub.cfg
+fi
+sync
+
+# Don't report the exitcode last command
+exit 0
diff --git a/make.sh b/make.sh
index ed071c8f55..9f119bf3f0 100755
--- a/make.sh
+++ b/make.sh
@@ -17,7 +17,7 @@
 # along with IPFire; if not, write to the Free Software                    #
 # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307 USA #
 #                                                                          #
-# Copyright (C) 2007-2015 IPFire Team <info@ipfire.org>.                   #
+# Copyright (C) 2007-2016 IPFire Team <info@ipfire.org>.                   #
 #                                                                          #
 ############################################################################
 #
@@ -25,8 +25,8 @@
 NAME="IPFire"							# Software name
 SNAME="ipfire"							# Short name
 VERSION="2.17"							# Version number
-CORE="97"							# Core Level (Filename)
-PAKFIRE_CORE="97"						# Core Level (PAKFIRE)
+CORE="98"							# Core Level (Filename)
+PAKFIRE_CORE="98"						# Core Level (PAKFIRE)
 GIT_BRANCH=`git rev-parse --abbrev-ref HEAD`			# Git Branch
 SLOGAN="www.ipfire.org"						# Software slogan
 CONFIG_ROOT=/var/ipfire						# Configuration rootdir
-- 
2.39.2