X-Git-Url: http://git.ipfire.org/?p=people%2Fpmueller%2Fipfire-2.x.git;a=blobdiff_plain;f=config%2Frootfiles%2Fcore%2F38%2Fupdate.sh;h=dc643fe56acc785a2385787ebf15086283c52d58;hp=e4843b8058a9f2feed257de25efa8d2ed71d943b;hb=d3f1f999278eedff0e1fa3ac7303ee711e93f0e1;hpb=fb5d2ce172b7621f235576cdf566d656692670b1 diff --git a/config/rootfiles/core/38/update.sh b/config/rootfiles/core/38/update.sh index e4843b8058..dc643fe56a 100644 --- a/config/rootfiles/core/38/update.sh +++ b/config/rootfiles/core/38/update.sh @@ -24,7 +24,20 @@ . /opt/pakfire/lib/functions.sh /usr/local/bin/backupctrl exclude >/dev/null 2>&1 # -KVER="2.6.32.12" +OLDVERSION=`grep "version = " /opt/pakfire/etc/pakfire.conf | cut -d'"' -f2` +# +# Test if we running on xen +# +uname -r | grep "ipfire-xen"; +if [ ${?} = 0 ]; then + #Xen Kernel is active + NEWVERSION="2.7-xen" +else + #Normal Kernel + NEWVERSION="2.7" +fi +# +KVER="2.6.32.15" ROOT=`grep "root=" /boot/grub/grub.conf | cut -d"=" -f2 | cut -d" " -f1 | tail -n 1` MOUNT=`grep "kernel" /boot/grub/grub.conf | tail -n 1` # Nur den letzten Parameter verwenden @@ -46,11 +59,22 @@ echo update archive. This may take a while ... echo lib/modules >> /opt/pakfire/tmp/ROOTFILES echo boot >> /opt/pakfire/tmp/ROOTFILES echo etc/sysconfig/lm_sensors >> /opt/pakfire/tmp/ROOTFILES -# -# Todo: add openswan libs for backup ... -# +echo usr/lib/ipsec >> /opt/pakfire/tmp/ROOTFILES +echo usr/libexec/ipsec >> /opt/pakfire/tmp/ROOTFILES +# exclude squid cache from backup +sed -i -e "s|^var/log/cache|#var/log/cache|g" /opt/pakfire/tmp/ROOTFILES +# Backup the files tar cjvf /var/ipfire/backup/core-upgrade_$KVER.tar.bz2 \ -C / -T /opt/pakfire/tmp/ROOTFILES --exclude='#*' > /dev/null 2>&1 + +# +# Stop Sevices +# +/etc/init.d/collectd stop +/etc/init.d/squid stop +/etc/init.d/ipsec stop +/etc/init.d/snort stop + echo echo Update Kernel to $KVER ... # Remove old kernel, configs, initrd, modules ... @@ -59,23 +83,34 @@ rm -rf /boot/System.map-* rm -rf /boot/config-* rm -rf /boot/ipfirerd-* rm -rf /boot/vmlinuz-* -# Don't remove old xen modules. Kernel may stored outside. rm -rf /lib/modules/*-ipfire +# Don't remove all old xen modules. Kernel may stored outside. +# only from 2.6.27.25 and 31 +rm -rf /lib/modules/2.6.27.25-ipfire-xen +rm -rf /lib/modules/2.6.27.31-ipfire-xen # -# Todo: remove openswan libs ... +# remove openswan libs ... # - +rm -rf /usr/lib/ipsec +rm -rf /usr/libexec/ipsec # -# Stop Sevices +# old snort libs and rules ... # -/etc/init.d/collectd stop -/etc/init.d/squid stop - +rm -rf /usr/lib/snort_* +rm -rf /etc/snort +# +# mISDN Files that was moved to sbin +# +rm -rf /usr/bin/misdn_rename +rm -rf /usr/bin/misdn_cleanl2 # # Backup grub.conf # cp -vf /boot/grub/grub.conf /boot/grub/grub.conf.org # +# Stop sysklogd +/etc/init.d/sysklogd stop +# # Unpack the updated files # echo @@ -84,6 +119,9 @@ echo Unpack the updated files ... tar xvf /opt/pakfire/tmp/files --preserve --numeric-owner -C / \ --no-overwrite-dir # +# Start sysklogd +/etc/init.d/sysklogd start +# # Modify grub.conf # echo @@ -133,10 +171,6 @@ grub-install --no-floppy ${ROOT::`expr length $ROOT`-1} --recheck # perl -e "require '/var/ipfire/lang.pl'; &Lang::BuildCacheLang" # -# Delete old lm-sensor modullist... -# -rm -rf /etc/sysconfig/lm_sensors -# # Cleanup Collectd statistics... # PRECLEAN=`du -sh /var/log/rrd/collectd` @@ -153,22 +187,91 @@ rm -rf /var/log/rrd*/collectd/localhost/interface/if_packets* rm -rf /var/log/rrd*/collectd/localhost/disk-*/disk_merged* rm -rf /var/log/rrd*/collectd/localhost/disk-*/disk_ops* rm -rf /var/log/rrd*/collectd/localhost/disk-*/disk_time* +# +rm -rf /var/log/rrd*/collectd/localhost/iptables-filter-INPUT/*-DROP_Wirelessinput* +rm -rf /var/log/rrd*/collectd/localhost/iptables-filter-FORWARD/*-DROP_Wirelessforward* +rm -rf /var/log/rrd*/collectd/localhost/iptables-filter-OUTGOINGFW POSTCLEAN=`du -sh /var/log/rrd/collectd` # echo Cleaned up collectd directory from $PRECLEAN to $POSTCLEAN size. # +# Start collectd +/etc/init.d/collectd start # -# Todo: rebuild qosscript if enabled... +# Delete old lm-sensor modullist to force search at next boot +# +rm -rf /etc/sysconfig/lm_sensors # +# USB Modeswitch conf now called setup, rename ... # -# Todo convert ipsec.conf from open to strongswan... +if [ -e /etc/usb_modeswitch.conf ]; then +mv -f /etc/usb_modeswitch.conf /etc/usb_modeswitch.setup +fi # +# rebuild qosscript if enabled... +if [ -e /var/ipfire/qos/enable ]; then + /usr/local/bin/qosctrl stop + /usr/local/bin/qosctrl generate + /usr/local/bin/qosctrl start +fi # -# Start Sevices # +# convert ipsec.conf from openswan to strongswan... +mv /var/ipfire/vpn/ipsec.conf /var/ipfire/vpn/ipsec.conf.org +cat /var/ipfire/vpn/ipsec.conf.org | \ +grep -v "disablearrivalcheck=" | \ +grep -v "klipsdebug=" | \ +grep -v "leftfirewall=" | \ +grep -v "lefthostaccess=" | \ +grep -v "charonstart=" | \ +grep -v "aggrmode=" > /var/ipfire/vpn/ipsec.conf +sed -i "s|ipsec[0-9]=||g" /var/ipfire/vpn/ipsec.conf +sed -i "s|nat_t ||g" /var/ipfire/vpn/ipsec.conf +sed -i "s|klips ||g" /var/ipfire/vpn/ipsec.conf +sed -i "s|^conn [A-Za-z].*$|&\n\tleftfirewall=yes\n\tlefthostaccess=yes|g" /var/ipfire/vpn/ipsec.conf +sed -i "s|^config setup$|&\n\tcharonstart=no|g" /var/ipfire/vpn/ipsec.conf +chown nobody:nobody /var/ipfire/vpn/ipsec.conf +chmod 644 /var/ipfire/vpn/ipsec.conf +# +# Add cryptodev to /etc/sysconfig/modules +mv /etc/sysconfig/modules /etc/sysconfig/modules.org +cat /etc/sysconfig/modules.org | \ +grep -v "cryptodev" | \ +grep -v "# End /etc/sysconfig/modules" > /etc/sysconfig/modules +echo "" >> /etc/sysconfig/modules +echo "### cryptodev" >> /etc/sysconfig/modules +echo "#" >> /etc/sysconfig/modules +echo "cryptodev" >> /etc/sysconfig/modules +echo "" >> /etc/sysconfig/modules +echo "# End /etc/sysconfig/modules" >> /etc/sysconfig/modules +chmod 644 /etc/sysconfig/modules +# Change version of Pakfire.conf +# +sed -i "s|$OLDVERSION|$NEWVERSION|g" /opt/pakfire/etc/pakfire.conf +# +# After pakfire has ended run it again and update the lists and do upgrade +# +echo '#!/bin/bash' > /tmp/pak_update +echo 'while [ "$(ps -A | grep " update.sh")" != "" ]; do' >> /tmp/pak_update +echo ' sleep 1' >> /tmp/pak_update +echo 'done' >> /tmp/pak_update +echo 'while [ "$(ps -A | grep " pakfire")" != "" ]; do' >> /tmp/pak_update +echo ' sleep 1' >> /tmp/pak_update +echo 'done' >> /tmp/pak_update +echo '/opt/pakfire/pakfire update -y --force' >> /tmp/pak_update +echo '/opt/pakfire/pakfire upgrade -y' >> /tmp/pak_update +echo '/opt/pakfire/pakfire upgrade -y' >> /tmp/pak_update +echo '/opt/pakfire/pakfire upgrade -y' >> /tmp/pak_update +echo '/usr/bin/logger -p syslog.emerg -t core-upgrade-38 "Upgrade finished. If you use a customized grub.cfg"' >> /tmp/pak_update +echo '/usr/bin/logger -p syslog.emerg -t core-upgrade-38 "Check it before reboot !!!"' >> /tmp/pak_update +echo '/usr/bin/logger -p syslog.emerg -t core-upgrade-38 " *** Please reboot... *** "' >> /tmp/pak_update +# +chmod +x /tmp/pak_update +/tmp/pak_update & +# +# Start squid /etc/init.d/squid start # -# This core-update need a reboot -/usr/bin/logger -p syslog.emerg -t core-upgrade-38 "Upgrade finished. If you use a customized grub.cfg" -/usr/bin/logger -p syslog.emerg -t core-upgrade-38 "Check it before reboot !!!" -/usr/bin/logger -p syslog.emerg -t core-upgrade-38 " *** Please reboot... *** " +echo +echo Please wait until pakfire has ended... +echo