updater: fix ipsec start if it is disabled.

[people/pmueller/ipfire-2.x.git] / config / rootfiles / core / 44 / update.sh

diff --git a/config/rootfiles/core/44/update.sh b/config/rootfiles/core/44/update.sh
index 3c52e013555b12bcf0b7d7c70b749aa54df80fb3..10964407b7a9bafc12ab4ae58ddf85baa78cd567 100644 (file)
--- a/config/rootfiles/core/44/update.sh
+++ b/config/rootfiles/core/44/update.sh
@@ -24,7 +24,7 @@
 . /opt/pakfire/lib/functions.sh
 /usr/local/bin/backupctrl exclude >/dev/null 2>&1
 #
-KVER="2.6.32.26"
+KVER="2.6.32.27"
 MOUNT=`grep "kernel" /boot/grub/grub.conf | tail -n 1`
 # Nur den letzten Parameter verwenden
 echo $MOUNT > /dev/null
@@ -52,6 +52,9 @@ echo etc/mkinitcpio.d >> /opt/pakfire/tmp/ROOTFILES
 echo lib/initcpio >> /opt/pakfire/tmp/ROOTFILES
 echo sbin/mkinitcpio >> /opt/pakfire/tmp/ROOTFILES
 echo usr/bin/iw >> /opt/pakfire/tmp/ROOTFILES
+echo etc/snort >> /opt/pakfire/tmp/ROOTFILES
+echo usr/lib/snort_* >> /opt/pakfire/tmp/ROOTFILES
+echo usr/lib/squid >> /opt/pakfire/tmp/ROOTFILES
 
 # Backup the files
 tar cjvf /var/ipfire/backup/core-upgrade_$KVER.tar.bz2 \
@@ -76,6 +79,21 @@ rm -rf /usr/bin/iw
 # Backup grub.conf
 #
 cp -vf /boot/grub/grub.conf /boot/grub/grub.conf.org
+
+#
+# Stop services to save memory
+#
+/etc/init.d/snort stop
+/etc/init.d/squid stop
+/etc/init.d/ipsec stop
+
+#
+#
+# Remove old snort...
+rm -rf /etc/snort
+rm -rf /usr/lib/snort_*
+# Remove old squid...
+rm -rf /usr/lib/squid
 #
 # Unpack the updated files
 #
@@ -85,11 +103,8 @@ echo Unpack the updated files ...
 tar xvf /opt/pakfire/tmp/files --preserve --numeric-owner -C / \
        --no-overwrite-dir
 
-#
-# Stop services to save memory
-#
-/etc/init.d/snort stop
-/etc/init.d/squid stop
+# Remove old pakfire cronjob.
+rm -f /etc/fcron.daily/pakfire-update
 
 # Convert /etc/fstab entries to UUID ...
 #
@@ -151,11 +166,56 @@ if [ ! -z $SWAP ]; then
        echo "WARNING! swap not found!!!"
 fi
 
+#new strongswan need keyexchange=ikev1 because this is not default anymore
+mv /var/ipfire/vpn/ipsec.conf /var/ipfire/vpn/ipsec.conf.org
+grep -v "keyexchange=ikev1" /var/ipfire/vpn/ipsec.conf.org > /var/ipfire/vpn/ipsec.conf
+sed -i "s|^conn [A-Za-z].*$|&\n\tkeyexchange=ikev1|g" /var/ipfire/vpn/ipsec.conf
+chown nobody:nobody /var/ipfire/vpn/ipsec.conf
+
+#new squid has some changed options. Build a basic config to be able start squid.
+mv /var/ipfire/proxy/squid.conf /var/ipfire/proxy/squid.conf.org
+grep -v "header_access " /var/ipfire/proxy/squid.conf.org | \
+grep -v "error_directory " | \
+grep -v "cache_dir null" | \
+grep -v "reply_body_max_size 0" > /var/ipfire/proxy/squid.conf
+echo >> /var/ipfire/proxy/squid.conf
+echo error_directory /etc/squid/errors >> /var/ipfire/proxy/squid.conf
+chown nobody:nobody /var/ipfire/proxy/squid.conf
+
+#Convert extrahd entries to UUID
+cp -f /var/ipfire/extrahd/devices /var/ipfire/extrahd/devices.org
+while read entry
+do
+       device=`echo $entry | cut -f1 -d";"`
+       uuid=`blkid  -c /dev/null -s UUID -o value /dev/$device`
+       if [ ! -z $uuid ]; then
+               sed -i -e "s|$device|UUID=$uuid|g" /var/ipfire/extrahd/devices
+               sed -i -e "s|/dev/$device|UUID=$uuid|g" /var/ipfire/extrahd/fstab
+               sed -i -e "s|/dev/$device|UUID=$uuid|g" /etc/fstab
+       fi
+done < /var/ipfire/extrahd/devices.org
+
 #
 # Start services
 #
 /etc/init.d/squid start
 /etc/init.d/snort start
+if [ `grep "ENABLED=on" /var/ipfire/vpn/settings` ]; then
+       /etc/init.d/ipsec start
+fi
+
+# Add pakfire and fireinfo cronjobs...
+grep -v "# fireinfo" /var/spool/cron/root.orig |
+grep -v "/usr/bin/sendprofile" |
+grep -v "# pakfire" |
+grep -v "/usr/local/bin/pakfire" > /var/tmp/root.tmp
+echo "" >> /var/tmp/root.tmp
+echo "# fireinfo" >> /var/tmp/root.tmp
+echo "%nightly,random * 23-4 /usr/bin/sendprofile >/dev/null 2>&1" >> /var/tmp/root.tmp
+echo "" >> /var/tmp/root.tmp
+echo "# pakfire" >> /var/tmp/root.tmp
+echo "%nightly,random * 23-4 /usr/local/bin/pakfire update >/dev/null 2>&1" >> /var/tmp/root.tmp
+fcrontab /var/tmp/root.tmp
 
 #
 # Modify grub.conf
@@ -198,6 +258,33 @@ perl -e "require '/var/ipfire/lang.pl'; &Lang::BuildCacheLang"
 # Delete old lm-sensor modullist to force search at next boot
 #
 rm -rf /etc/sysconfig/lm_sensors
-/usr/bin/logger -p syslog.emerg -t kernel "Upgrade finished. If you use a customized grub.cfg"
-/usr/bin/logger -p syslog.emerg -t kernel "Check it before reboot !!!"
-/usr/bin/logger -p syslog.emerg -t kernel " *** Please reboot... *** "
+#
+# Change version of Pakfire.conf
+#
+OLDVERSION=`grep "version = " /opt/pakfire/etc/pakfire.conf | cut -d'"' -f2`
+NEWVERSION="2.9"
+sed -i "s|$OLDVERSION|$NEWVERSION|g" /opt/pakfire/etc/pakfire.conf
+#
+# After pakfire has ended run it again and update the lists and do upgrade
+#
+echo '#!/bin/bash'                                        >  /tmp/pak_update
+echo 'while [ "$(ps -A | grep " update.sh")" != "" ]; do' >> /tmp/pak_update
+echo '    sleep 1'                                        >> /tmp/pak_update
+echo 'done'                                               >> /tmp/pak_update
+echo 'while [ "$(ps -A | grep " pakfire")" != "" ]; do'   >> /tmp/pak_update
+echo '    sleep 1'                                        >> /tmp/pak_update
+echo 'done'                                               >> /tmp/pak_update
+echo '/opt/pakfire/pakfire update -y --force'             >> /tmp/pak_update
+echo '/opt/pakfire/pakfire upgrade -y'                    >> /tmp/pak_update
+echo '/opt/pakfire/pakfire upgrade -y'                    >> /tmp/pak_update
+echo '/opt/pakfire/pakfire upgrade -y'                    >> /tmp/pak_update
+echo '/usr/bin/logger -p syslog.emerg -t core-upgrade-44 "Upgrade finished. If you use a customized grub.cfg"' >> /tmp/pak_update
+echo '/usr/bin/logger -p syslog.emerg -t core-upgrade-44 "Check it before reboot !!!"' >> /tmp/pak_update
+echo '/usr/bin/logger -p syslog.emerg -t core-upgrade-44 " *** Please reboot... *** "' >> /tmp/pak_update
+echo 'touch /var/run/need_reboot ' >> /tmp/pak_update
+#
+chmod +x /tmp/pak_update
+/tmp/pak_update &
+echo
+echo Please wait until pakfire has ended...
+echo