#
#
-KVER="3.10.27"
+KVER="xxxKVERxxx"
MOUNT=`grep "kernel" /boot/grub/grub.conf 2>/dev/null | tail -n 1 `
# Nur den letzten Parameter verwenden
echo $MOUNT > /dev/null
add_to_backup etc/inittab
add_to_backup etc/fstab
add_to_backup usr/share/usb_modeswitch
+add_to_backup etc/rc.d/init.d/networking/red.down/99-D-dialctrl.pl
+add_to_backup etc/rc.d/init.d/networking/red.up/99-U-dialctrl.pl
+add_to_backup usr/local/bin/dialctrl.pl
# Backup the files
tar cJvf /var/ipfire/backup/core-upgrade${core}_${KVER}.tar.xz \
# Remove old usb_modeswitch_data
rm -rf /usr/share/usb_modeswitch
+# Remove old tzdata
+rm -rf /usr/share/zoneinfo
+
+# Remove dialctrl.pl script
+rm -f \
+ /etc/rc.d/init.d/networking/red.down/99-D-dialctrl.pl \
+ /etc/rc.d/init.d/networking/red.up/99-U-dialctrl.pl \
+ /usr/local/bin/dialctrl.pl
#
# Remove old udev rules.
mkdir -p /var/ipfire/firewall
mkdir -p /var/ipfire/fwhosts
+# Remove old ntp binaries
+rm -f /usr/sbin/ntp-keygen
+rm -f /usr/sbin/ntp-wait
+rm -f /usr/sbin/ntpq
+rm -f /usr/sbin/ntptime
+rm -f /usr/sbin/ntptrace
+rm -f /usr/sbin/tickadj
+
+# Remove old firewall helper link
+rm -f /etc/rc.d/init.d/networking/red.up/22-forwardfwctrl
+
#
#Extract files
tar xavf /opt/pakfire/tmp/files* --no-overwrite-dir -p --numeric-owner -C /
rm -f /etc/rc.d/init.d/networking/red.up/22-outgoingfwctrl
rm -f /etc/rc.d/init.d/networking/red.up/25-portfw
rm -f /etc/rc.d/init.d/networking/red.up/26-xtaccess
+rm -f /etc/rc.d/rcsysinit.d/S90sysctl
# Remove old firewallscripts
rm -f /usr/local/bin/setportfw
touch /var/ipfire/firewall/config
touch /var/ipfire/firewall/input
touch /var/ipfire/firewall/outgoing
-touch /var/ipfire/firewall/p2protocols
touch /var/ipfire/firewall/settings
touch /var/ipfire/fwhosts/customhosts
touch /var/ipfire/fwhosts/customnetworks
# Remove old firewall configuration files
rm -rf /var/ipfire/{dmzholes,portfw,outgoing,xtaccess}
+# In previously released IPFire versions the DROPOUTPUT and DROPINPUT
+# option have two identical lines in the optionsfw/settings file as long as
+# the user hasn't done any changes on the WUI.
+#
+# To prevent from any kind of side effects we are going to solve this issue now.
+
+# Fix doubble enties of DROPOUTPUT when the default settings are still in use
+# (the save button on the WUI page never has been clicked) or convert to the
+# new option name required by the firewall of IPFire 2.15.
+
+optionsfw_file="/var/ipfire/optionsfw/settings"
+
+if [ $(grep -c "DROPOUTPUT" ${optionsfw_file}) -gt 1 ] ; then
+
+ # Drop all DROPUTPUT entries.
+ sed -e "/DROPOUTPUT/d" -i ${optionsfw_file}
+
+ # Add default line for new option.
+ echo "DROPOUTGOING=on" >> ${optionsfw_file}
+else
+
+ # Convert option name to new format.
+ sed -e "s/DROPOUTPUT/DROPOUTGOING/g" -i ${optionsfw_file}
+fi
+
+# Fix doubble enties of DROPINPUT when the default settings are still in use
+# (the save button on the WUI page never has been clicked).
+if [ $(grep -c "DROPINPUT" ${optionsfw_file}) -gt 1 ] ; then
+
+ # We only can remove all entries with an defined string.
+ sed -e "/DROPINPUT/d" -i ${optionsfw_file}
+
+ # Afterwards we have to add the required string with the default
+ # value again.
+ echo "DROPINPUT=on" >> ${optionsfw_file}
+fi
+
+# Add strings and default values for new options of the firewall.
+echo "DROPFORWARD=on" >> ${optionsfw_file}
+echo "FWPOLICY=DROP" >> ${optionsfw_file}
+echo "FWPOLICY1=DROP" >> ${optionsfw_file}
+echo "FWPOLICY2=DROP" >> ${optionsfw_file}
+echo "DROPSAMBA=off" >> ${optionsfw_file}
+echo "DROPPROXY=off" >> ${optionsfw_file}
+echo "SHOWREMARK=on" >> ${optionsfw_file}
+echo "SHOWCOLORS=on" >> ${optionsfw_file}
+echo "SHOWTABLES=off" >> ${optionsfw_file}
+echo "SHOWDROPDOWN=off" >> ${optionsfw_file}
+echo "DROPWIRELESSINPUT=on" >> ${optionsfw_file}
+echo "DROPWIRELESSFORWARD=on" >> ${optionsfw_file}
+
+unset optionsfw_file
+
# Convert inittab and fstab
sed -i -e "s/tty1 9600$/tty1 9600 --noclear/g" /etc/inittab
+sed -i -e "s/xvc0 9600$/xvc0 9600 --noclear/g" /etc/inittab
sed -i -e "s/^proc/#proc/g" /etc/fstab
sed -i -e "s/^sysfs/#sysfs/g" /etc/fstab
sed -i -e "s/^devpts/#devpts/g" /etc/fstab
/usr/local/bin/qosctrl start
fi
+# Update crontab
+cat <<EOF >> /var/spool/cron/root.orig
+
+# Re-read firewall rules every Sunday in March, October and November to take care of daylight saving time
+00 3 * 3 0 /usr/local/bin/timezone-transition /usr/local/bin/firewallctrl
+00 2 * 10-11 0 /usr/local/bin/timezone-transition /usr/local/bin/firewallctrl
+EOF
+fcrontab -z &>/dev/null
+
case $(uname -m) in
i?86 )
echo "Name: linux-pae" > /opt/pakfire/db/installed/meta-linux-pae
echo "ProgVersion: 0" >> /opt/pakfire/db/installed/meta-linux-pae
echo "Release: 0" >> /opt/pakfire/db/installed/meta-linux-pae
+ echo "Name: linux-pae" > /opt/pakfire/db/meta/meta-linux-pae
+ echo "ProgVersion: 0" >> /opt/pakfire/db/meta/meta-linux-pae
+ echo "Release: 0" >> /opt/pakfire/db/meta/meta-linux-pae
fi
fi
echo "Name: linux-xen" > /opt/pakfire/db/installed/meta-linux-xen
echo "ProgVersion: 0" >> /opt/pakfire/db/installed/meta-linux-xen
echo "Release: 0" >> /opt/pakfire/db/installed/meta-linux-xen
+ echo "Name: linux-xen" > /opt/pakfire/db/meta/meta-linux-xen
+ echo "ProgVersion: 0" >> /opt/pakfire/db/meta/meta-linux-xen
+ echo "Release: 0" >> /opt/pakfire/db/meta/meta-linux-xen
# Add xvc0 to /etc/securetty
echo "xvc0" >> /etc/securetty
fi
echo '/usr/bin/logger -p syslog.emerg -t ipfire " *** Please reboot... *** "' >> /tmp/pak_update
echo 'touch /var/run/need_reboot ' >> /tmp/pak_update
#
+killall -KILL pak_update
chmod +x /tmp/pak_update
/tmp/pak_update &
projects / people / teissler / ipfire-2.x.git / blobdiff