This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree".
The branch, master has been updated via a65b9c3268ffacc27e703025ffd246e95f906a79 (commit) via f891fd74bdc6e12f0a69a554d4a00ad5c8687803 (commit) from 34a5f039399d782e090be2fa42604de9380ccaec (commit)
Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below.
- Log ----------------------------------------------------------------- commit a65b9c3268ffacc27e703025ffd246e95f906a79 Author: Arne Fitzenreiter arne_f@ipfire.org Date: Fri Jun 6 10:17:54 2014 +0200
core78 -> core79: to insert openssl security update.
-----------------------------------------------------------------------
Summary of changes: config/rootfiles/core/{78 => 79}/exclude | 0 config/rootfiles/core/{78 => 79}/filelists/armv5tel/linux-kirkwood | 0 config/rootfiles/core/{78 => 79}/filelists/armv5tel/linux-multi | 0 config/rootfiles/core/{78 => 79}/filelists/armv5tel/linux-rpi | 0 config/rootfiles/core/{78 => 79}/filelists/daq | 0 config/rootfiles/core/{78 => 79}/filelists/files | 2 +- config/rootfiles/core/{78 => 79}/filelists/hostname | 0 config/rootfiles/core/{78 => 79}/filelists/i586/grub | 0 config/rootfiles/core/{78 => 79}/filelists/i586/linux | 0 config/rootfiles/core/{78 => 79}/filelists/i586/syslinux | 0 config/rootfiles/core/{77 => 79}/filelists/openssh | 0 config/rootfiles/core/{77 => 79}/filelists/openssl | 0 config/rootfiles/core/{78 => 79}/filelists/openvpn | 0 config/rootfiles/core/{78 => 79}/filelists/perl-Device-Modem | 0 config/rootfiles/core/{78 => 79}/filelists/perl-Device-SerialPort | 0 config/rootfiles/core/{78 => 79}/filelists/ppp | 0 config/rootfiles/core/{78 => 79}/filelists/snort | 0 config/rootfiles/core/{78 => 79}/filelists/squid | 0 config/rootfiles/core/{78 => 79}/filelists/sudo | 0 config/rootfiles/core/{78 => 79}/filelists/vnstat | 0 config/rootfiles/core/{78 => 79}/meta | 0 config/rootfiles/core/{78 => 79}/update.sh | 2 +- make.sh | 4 ++-- 23 files changed, 4 insertions(+), 4 deletions(-) rename config/rootfiles/core/{78 => 79}/exclude (100%) rename config/rootfiles/core/{78 => 79}/filelists/armv5tel/linux-kirkwood (100%) rename config/rootfiles/core/{78 => 79}/filelists/armv5tel/linux-multi (100%) rename config/rootfiles/core/{78 => 79}/filelists/armv5tel/linux-rpi (100%) rename config/rootfiles/core/{78 => 79}/filelists/daq (100%) rename config/rootfiles/core/{78 => 79}/filelists/files (96%) rename config/rootfiles/core/{78 => 79}/filelists/hostname (100%) rename config/rootfiles/core/{78 => 79}/filelists/i586/grub (100%) rename config/rootfiles/core/{78 => 79}/filelists/i586/linux (100%) rename config/rootfiles/core/{78 => 79}/filelists/i586/syslinux (100%) copy config/rootfiles/core/{77 => 79}/filelists/openssh (100%) copy config/rootfiles/core/{77 => 79}/filelists/openssl (100%) rename config/rootfiles/core/{78 => 79}/filelists/openvpn (100%) rename config/rootfiles/core/{78 => 79}/filelists/perl-Device-Modem (100%) rename config/rootfiles/core/{78 => 79}/filelists/perl-Device-SerialPort (100%) rename config/rootfiles/core/{78 => 79}/filelists/ppp (100%) rename config/rootfiles/core/{78 => 79}/filelists/snort (100%) rename config/rootfiles/core/{78 => 79}/filelists/squid (100%) rename config/rootfiles/core/{78 => 79}/filelists/sudo (100%) rename config/rootfiles/core/{78 => 79}/filelists/vnstat (100%) rename config/rootfiles/core/{78 => 79}/meta (100%) rename config/rootfiles/core/{78 => 79}/update.sh (99%)
Difference in files: diff --git a/config/rootfiles/core/78/exclude b/config/rootfiles/core/78/exclude deleted file mode 100644 index 18e9b4d..0000000 --- a/config/rootfiles/core/78/exclude +++ /dev/null @@ -1,20 +0,0 @@ -boot/config.txt -etc/collectd.custom -etc/ipsec.conf -etc/ipsec.secrets -etc/ipsec.user.conf -etc/ipsec.user.secrets -etc/localtime -etc/shadow -etc/ssh/ssh_config -etc/ssh/sshd_config -etc/ssl/openssl.cnf -etc/sudoers -etc/sysconfig/firewall.local -etc/sysconfig/rc.local -etc/udev/rules.d/30-persistent-network.rules -srv/web/ipfire/html/proxy.pac -var/ipfire/ovpn -var/log/cache -var/state/dhcp/dhcpd.leases -var/updatecache diff --git a/config/rootfiles/core/78/filelists/armv5tel/linux-kirkwood b/config/rootfiles/core/78/filelists/armv5tel/linux-kirkwood deleted file mode 120000 index 7217107..0000000 --- a/config/rootfiles/core/78/filelists/armv5tel/linux-kirkwood +++ /dev/null @@ -1 +0,0 @@ -../../../../common/armv5tel/linux-kirkwood \ No newline at end of file diff --git a/config/rootfiles/core/78/filelists/armv5tel/linux-multi b/config/rootfiles/core/78/filelists/armv5tel/linux-multi deleted file mode 120000 index 204eb4c..0000000 --- a/config/rootfiles/core/78/filelists/armv5tel/linux-multi +++ /dev/null @@ -1 +0,0 @@ -../../../../common/armv5tel/linux-multi \ No newline at end of file diff --git a/config/rootfiles/core/78/filelists/armv5tel/linux-rpi b/config/rootfiles/core/78/filelists/armv5tel/linux-rpi deleted file mode 120000 index a651a49..0000000 --- a/config/rootfiles/core/78/filelists/armv5tel/linux-rpi +++ /dev/null @@ -1 +0,0 @@ -../../../../common/armv5tel/linux-rpi \ No newline at end of file diff --git a/config/rootfiles/core/78/filelists/daq b/config/rootfiles/core/78/filelists/daq deleted file mode 120000 index d0e0956..0000000 --- a/config/rootfiles/core/78/filelists/daq +++ /dev/null @@ -1 +0,0 @@ -../../../common/daq \ No newline at end of file diff --git a/config/rootfiles/core/78/filelists/files b/config/rootfiles/core/78/filelists/files deleted file mode 100644 index c0fa689..0000000 --- a/config/rootfiles/core/78/filelists/files +++ /dev/null @@ -1,23 +0,0 @@ -etc/system-release -etc/issue -etc/rc.d/init.d/sshd -srv/web/ipfire/cgi-bin/ddns.cgi -srv/web/ipfire/cgi-bin/ids.cgi -srv/web/ipfire/cgi-bin/logs.cgi/firewalllogcountry.dat -srv/web/ipfire/cgi-bin/logs.cgi/showrequestfromcountry.dat -srv/web/ipfire/cgi-bin/modem-status.cgi -srv/web/ipfire/cgi-bin/ovpnmain.cgi -srv/web/ipfire/cgi-bin/pppsetup.cgi -srv/web/ipfire/cgi-bin/proxy.cgi -srv/web/ipfire/html/themes/ipfire/include/functions.pl -usr/bin/squidGuard -usr/sbin/firewall_policy -usr/sbin/redirect_wrapper -usr/sbin/updxlrator -usr/local/bin/setddns.pl -var/ipfire/header.pl -var/ipfire/langs -var/ipfire/menu.d/20-status.menu -var/ipfire/menu.d/70-log.menu -var/ipfire/modem-lib.pl -var/ipfire/ovpn/openssl/ovpn.cnf diff --git a/config/rootfiles/core/78/filelists/hostname b/config/rootfiles/core/78/filelists/hostname deleted file mode 120000 index 2a96fdd..0000000 --- a/config/rootfiles/core/78/filelists/hostname +++ /dev/null @@ -1 +0,0 @@ -../../../common/hostname \ No newline at end of file diff --git a/config/rootfiles/core/78/filelists/i586/grub b/config/rootfiles/core/78/filelists/i586/grub deleted file mode 120000 index feb236a..0000000 --- a/config/rootfiles/core/78/filelists/i586/grub +++ /dev/null @@ -1 +0,0 @@ -../../../../common/i586/grub \ No newline at end of file diff --git a/config/rootfiles/core/78/filelists/i586/linux b/config/rootfiles/core/78/filelists/i586/linux deleted file mode 120000 index 693ec4b..0000000 --- a/config/rootfiles/core/78/filelists/i586/linux +++ /dev/null @@ -1 +0,0 @@ -../../../../common/i586/linux \ No newline at end of file diff --git a/config/rootfiles/core/78/filelists/i586/syslinux b/config/rootfiles/core/78/filelists/i586/syslinux deleted file mode 120000 index 74a776d..0000000 --- a/config/rootfiles/core/78/filelists/i586/syslinux +++ /dev/null @@ -1 +0,0 @@ -../../../../common/i586/syslinux \ No newline at end of file diff --git a/config/rootfiles/core/78/filelists/openvpn b/config/rootfiles/core/78/filelists/openvpn deleted file mode 120000 index 493f3f7..0000000 --- a/config/rootfiles/core/78/filelists/openvpn +++ /dev/null @@ -1 +0,0 @@ -../../../common/openvpn \ No newline at end of file diff --git a/config/rootfiles/core/78/filelists/perl-Device-Modem b/config/rootfiles/core/78/filelists/perl-Device-Modem deleted file mode 120000 index ea70f08..0000000 --- a/config/rootfiles/core/78/filelists/perl-Device-Modem +++ /dev/null @@ -1 +0,0 @@ -../../../common/perl-Device-Modem \ No newline at end of file diff --git a/config/rootfiles/core/78/filelists/perl-Device-SerialPort b/config/rootfiles/core/78/filelists/perl-Device-SerialPort deleted file mode 120000 index 2eb1527..0000000 --- a/config/rootfiles/core/78/filelists/perl-Device-SerialPort +++ /dev/null @@ -1 +0,0 @@ -../../../common/perl-Device-SerialPort \ No newline at end of file diff --git a/config/rootfiles/core/78/filelists/ppp b/config/rootfiles/core/78/filelists/ppp deleted file mode 120000 index 4844a9b..0000000 --- a/config/rootfiles/core/78/filelists/ppp +++ /dev/null @@ -1 +0,0 @@ -../../../common/ppp \ No newline at end of file diff --git a/config/rootfiles/core/78/filelists/snort b/config/rootfiles/core/78/filelists/snort deleted file mode 120000 index 9406ce0..0000000 --- a/config/rootfiles/core/78/filelists/snort +++ /dev/null @@ -1 +0,0 @@ -../../../common/snort \ No newline at end of file diff --git a/config/rootfiles/core/78/filelists/squid b/config/rootfiles/core/78/filelists/squid deleted file mode 120000 index 2dc8372..0000000 --- a/config/rootfiles/core/78/filelists/squid +++ /dev/null @@ -1 +0,0 @@ -../../../common/squid \ No newline at end of file diff --git a/config/rootfiles/core/78/filelists/sudo b/config/rootfiles/core/78/filelists/sudo deleted file mode 120000 index 0d3c45e..0000000 --- a/config/rootfiles/core/78/filelists/sudo +++ /dev/null @@ -1 +0,0 @@ -../../../common/sudo \ No newline at end of file diff --git a/config/rootfiles/core/78/filelists/vnstat b/config/rootfiles/core/78/filelists/vnstat deleted file mode 120000 index 2e2e610..0000000 --- a/config/rootfiles/core/78/filelists/vnstat +++ /dev/null @@ -1 +0,0 @@ -../../../common/vnstat \ No newline at end of file diff --git a/config/rootfiles/core/78/meta b/config/rootfiles/core/78/meta deleted file mode 100644 index d547fa8..0000000 --- a/config/rootfiles/core/78/meta +++ /dev/null @@ -1 +0,0 @@ -DEPS="" diff --git a/config/rootfiles/core/78/update.sh b/config/rootfiles/core/78/update.sh deleted file mode 100644 index f3e0593..0000000 --- a/config/rootfiles/core/78/update.sh +++ /dev/null @@ -1,299 +0,0 @@ -#!/bin/bash -############################################################################ -# # -# This file is part of the IPFire Firewall. # -# # -# IPFire is free software; you can redistribute it and/or modify # -# it under the terms of the GNU General Public License as published by # -# the Free Software Foundation; either version 3 of the License, or # -# (at your option) any later version. # -# # -# IPFire is distributed in the hope that it will be useful, # -# but WITHOUT ANY WARRANTY; without even the implied warranty of # -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # -# GNU General Public License for more details. # -# # -# You should have received a copy of the GNU General Public License # -# along with IPFire; if not, write to the Free Software # -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # -# # -# Copyright (C) 2014 IPFire-Team info@ipfire.org. # -# # -############################################################################ -# -. /opt/pakfire/lib/functions.sh -/usr/local/bin/backupctrl exclude >/dev/null 2>&1 - -function add_to_backup () -{ - # Add path to ROOTFILES but remove old entries to prevent double - # files in the tar - grep -v "^$1" /opt/pakfire/tmp/ROOTFILES > /opt/pakfire/tmp/ROOTFILES.tmp - mv /opt/pakfire/tmp/ROOTFILES.tmp /opt/pakfire/tmp/ROOTFILES - echo $1 >> /opt/pakfire/tmp/ROOTFILES -} - -# -# Remove old core updates from pakfire cache to save space... -core=78 -for (( i=1; i<=${core}; i++ )) -do - rm -f /var/cache/pakfire/core-upgrade-*-$i.ipfire -done - -# -# Do some sanity checks. -case $(uname -r) in - *-ipfire-versatile ) - /usr/bin/logger -p syslog.emerg -t ipfire \ - "core-update-${core}: ERROR cannot update. versatile support is dropped." - # Report no error to pakfire. So it does not try to install it again. - exit 0 - ;; - *-ipfire-xen ) - BOOTSIZE=`df /boot -Pk | sed "s| * | |g" | cut -d" " -f2 | tail -n 1` - if [ $BOOTSIZE -lt 28000 ]; then - /usr/bin/logger -p syslog.emerg -t ipfire \ - "core-update-${core}: ERROR cannot update because not enough space on boot." - exit 2 - fi - ;; - *-ipfire* ) - # Ok. - ;; - * ) - /usr/bin/logger -p syslog.emerg -t ipfire \ - "core-update-${core}: ERROR cannot update. No IPFire Kernel." - exit 1 - ;; -esac - - -# -# -KVER="xxxKVERxxx" -MOUNT=`grep "kernel" /boot/grub/grub.conf 2>/dev/null | tail -n 1 ` -# Nur den letzten Parameter verwenden -echo $MOUNT > /dev/null -MOUNT=$_ -if [ ! $MOUNT == "rw" ]; then - MOUNT="ro" -fi - -# -# check if we the backup file already exist -if [ -e /var/ipfire/backup/core-upgrade${core}_${KVER}.tar.xz ]; then - echo Moving backup to backup-old ... - mv -f /var/ipfire/backup/core-upgrade${core}_${KVER}.tar.xz \ - /var/ipfire/backup/core-upgrade${core}_${KVER}-old.tar.xz -fi -echo First we made a backup of all files that was inside of the -echo update archive. This may take a while ... -# Add some files that are not in the package to backup -add_to_backup lib/modules -add_to_backup boot - -# Backup the files -tar cJvf /var/ipfire/backup/core-upgrade${core}_${KVER}.tar.xz \ - -C / -T /opt/pakfire/tmp/ROOTFILES --exclude='#*' --exclude='/var/cache' > /dev/null 2>&1 - -# Check diskspace on root -ROOTSPACE=`df / -Pk | sed "s| * | |g" | cut -d" " -f4 | tail -n 1` - -if [ $ROOTSPACE -lt 100000 ]; then - /usr/bin/logger -p syslog.emerg -t ipfire \ - "core-update-${core}: ERROR cannot update because not enough free space on root." - exit 2 -fi - - -echo -echo Update Kernel to $KVER ... -# -# Remove old kernel, configs, initrd, modules ... -# -rm -rf /boot/System.map-* -rm -rf /boot/config-* -rm -rf /boot/ipfirerd-* -rm -rf /boot/vmlinuz-* -rm -rf /boot/uImage-ipfire-* -rm -rf /boot/uInit-ipfire-* -rm -rf /lib/modules - -case $(uname -m) in - i?86 ) - # - # Backup grub.conf - # - cp -vf /boot/grub/grub.conf /boot/grub/grub.conf.org - ;; -esac -# -#Stop services -/etc/init.d/snort stop -/etc/init.d/squid stop -/etc/init.d/ipsec stop -/etc/init.d/apache stop - -# rename /etc/modprobe.d files -for i in $(find /etc/modprobe.d/* | grep -v ".conf"); do - mv $i $i.conf -done - -# -#Extract files -tar xavf /opt/pakfire/tmp/files* --no-overwrite-dir -p --numeric-owner -C / - -# Check diskspace on boot -BOOTSPACE=`df /boot -Pk | sed "s| * | |g" | cut -d" " -f4 | tail -n 1` - -if [ $BOOTSPACE -lt 1000 ]; then - case $(uname -r) in - *-ipfire-kirkwood ) - # Special handling for old kirkwood images. - # (install only kirkwood kernel) - rm -rf /boot/* - tar xavf /opt/pakfire/tmp/files* --no-overwrite-dir -p \ - --numeric-owner -C / --wildcards 'boot/*-kirkwood*' - ;; - * ) - /usr/bin/logger -p syslog.emerg -t ipfire \ - "core-update-${core}: FATAL-ERROR space run out on boot. System is not bootable..." - /etc/init.d/apache start - exit 4 - ;; - esac -fi - -# Update ping -rm -f /bin/ping -ln -sf ../usr/bin/ping /bin/ping -chmod 4755 /usr/bin/ping - -# Update Language cache -perl -e "require '/var/ipfire/lang.pl'; &Lang::BuildCacheLang" - -# Add nobody to group dialout -usermod -a -G dialout nobody - -# -# Start services -# -/etc/init.d/apache start -/etc/init.d/squid start -/etc/init.d/snort start -if [ `grep "ENABLED=on" /var/ipfire/vpn/settings` ]; then - /etc/init.d/ipsec start -fi - -case $(uname -m) in - i?86 ) - # - # Modify grub.conf - # - echo - echo Update grub configuration ... - ROOT=`mount | grep " / " | cut -d" " -f1` - - if [ ! -z $ROOT ]; then - ROOTUUID=`blkid -c /dev/null -sUUID $ROOT | cut -d'"' -f2` - fi - - if [ ! -z $ROOTUUID ]; then - sed -i "s|ROOT|UUID=$ROOTUUID|g" /boot/grub/grub.conf - else - sed -i "s|ROOT|$ROOT|g" /boot/grub/grub.conf - fi - sed -i "s|KVER|$KVER|g" /boot/grub/grub.conf - sed -i "s|MOUNT|$MOUNT|g" /boot/grub/grub.conf - - if [ "$(grep "^serial" /boot/grub/grub.conf.org)" == "" ]; then - echo "grub use default console ..." - else - echo "grub use serial console ..." - sed -i -e "s|splashimage|#splashimage|g" /boot/grub/grub.conf - sed -i -e "s|#serial|serial|g" /boot/grub/grub.conf - sed -i -e "s|#terminal|terminal|g" /boot/grub/grub.conf - sed -i -e "s| panic=10 | console=ttyS0,115200n8 panic=10 |g" /boot/grub/grub.conf - fi - - # - # ReInstall grub - # - echo "(hd0) ${ROOT::`expr length $ROOT`-1}" > /boot/grub/device.map - grub-install --no-floppy ${ROOT::`expr length $ROOT`-1} - ;; -esac - - -# Force (re)install pae kernel if pae is supported -rm -rf /opt/pakfire/db/*/meta-linux-pae -if [ ! "$(grep "^flags.* pae " /proc/cpuinfo)" == "" ]; then - ROOTSPACE=`df / -Pk | sed "s| * | |g" | cut -d" " -f4 | tail -n 1` - BOOTSPACE=`df /boot -Pk | sed "s| * | |g" | cut -d" " -f4 | tail -n 1` - if [ $BOOTSPACE -lt 12000 -o $ROOTSPACE -lt 90000 ]; then - /usr/bin/logger -p syslog.emerg -t ipfire \ - "core-update-${core}: WARNING not enough space for pae kernel." - else - echo "Name: linux-pae" > /opt/pakfire/db/installed/meta-linux-pae - echo "ProgVersion: 0" >> /opt/pakfire/db/installed/meta-linux-pae - echo "Release: 0" >> /opt/pakfire/db/installed/meta-linux-pae - echo "Name: linux-pae" > /opt/pakfire/db/meta/meta-linux-pae - echo "ProgVersion: 0" >> /opt/pakfire/db/meta/meta-linux-pae - echo "Release: 0" >> /opt/pakfire/db/meta/meta-linux-pae - fi -fi - -# Force reinstall xen kernel if it was installed -if [ -e "/opt/pakfire/db/installed/meta-linux-xen" ]; then - echo "Name: linux-xen" > /opt/pakfire/db/installed/meta-linux-xen - echo "ProgVersion: 0" >> /opt/pakfire/db/installed/meta-linux-xen - echo "Release: 0" >> /opt/pakfire/db/installed/meta-linux-xen - echo "Name: linux-xen" > /opt/pakfire/db/meta/meta-linux-xen - echo "ProgVersion: 0" >> /opt/pakfire/db/meta/meta-linux-xen - echo "Release: 0" >> /opt/pakfire/db/meta/meta-linux-xen - # Add xvc0 to /etc/securetty - echo "xvc0" >> /etc/securetty -fi - -# -# After pakfire has ended run it again and update the lists and do upgrade -# -echo '#!/bin/bash' > /tmp/pak_update -echo 'while [ "$(ps -A | grep " update.sh")" != "" ]; do' >> /tmp/pak_update -echo ' sleep 1' >> /tmp/pak_update -echo 'done' >> /tmp/pak_update -echo 'while [ "$(ps -A | grep " pakfire")" != "" ]; do' >> /tmp/pak_update -echo ' sleep 1' >> /tmp/pak_update -echo 'done' >> /tmp/pak_update -echo '/opt/pakfire/pakfire update -y --force' >> /tmp/pak_update -echo '/opt/pakfire/pakfire upgrade -y' >> /tmp/pak_update -echo '/opt/pakfire/pakfire upgrade -y' >> /tmp/pak_update -echo '/opt/pakfire/pakfire upgrade -y' >> /tmp/pak_update -echo '/usr/bin/logger -p syslog.emerg -t ipfire "Core-upgrade finished. If you use a customized grub.cfg"' >> /tmp/pak_update -echo '/usr/bin/logger -p syslog.emerg -t ipfire "Check it before reboot !!!"' >> /tmp/pak_update -echo '/usr/bin/logger -p syslog.emerg -t ipfire " *** Please reboot... *** "' >> /tmp/pak_update -echo 'touch /var/run/need_reboot ' >> /tmp/pak_update -# -killall -KILL pak_update -chmod +x /tmp/pak_update -/tmp/pak_update & - -sync - -# -#Finish -( - /etc/init.d/fireinfo start - sendprofile -) >/dev/null 2>&1 & - -# Update Package list for addon installation -/opt/pakfire/pakfire update -y --force - -echo -echo Please wait until pakfire has ended... -echo -#Don't report the exitcode last command -exit 0 - diff --git a/config/rootfiles/core/79/exclude b/config/rootfiles/core/79/exclude new file mode 100644 index 0000000..18e9b4d --- /dev/null +++ b/config/rootfiles/core/79/exclude @@ -0,0 +1,20 @@ +boot/config.txt +etc/collectd.custom +etc/ipsec.conf +etc/ipsec.secrets +etc/ipsec.user.conf +etc/ipsec.user.secrets +etc/localtime +etc/shadow +etc/ssh/ssh_config +etc/ssh/sshd_config +etc/ssl/openssl.cnf +etc/sudoers +etc/sysconfig/firewall.local +etc/sysconfig/rc.local +etc/udev/rules.d/30-persistent-network.rules +srv/web/ipfire/html/proxy.pac +var/ipfire/ovpn +var/log/cache +var/state/dhcp/dhcpd.leases +var/updatecache diff --git a/config/rootfiles/core/79/filelists/armv5tel/linux-kirkwood b/config/rootfiles/core/79/filelists/armv5tel/linux-kirkwood new file mode 120000 index 0000000..7217107 --- /dev/null +++ b/config/rootfiles/core/79/filelists/armv5tel/linux-kirkwood @@ -0,0 +1 @@ +../../../../common/armv5tel/linux-kirkwood \ No newline at end of file diff --git a/config/rootfiles/core/79/filelists/armv5tel/linux-multi b/config/rootfiles/core/79/filelists/armv5tel/linux-multi new file mode 120000 index 0000000..204eb4c --- /dev/null +++ b/config/rootfiles/core/79/filelists/armv5tel/linux-multi @@ -0,0 +1 @@ +../../../../common/armv5tel/linux-multi \ No newline at end of file diff --git a/config/rootfiles/core/79/filelists/armv5tel/linux-rpi b/config/rootfiles/core/79/filelists/armv5tel/linux-rpi new file mode 120000 index 0000000..a651a49 --- /dev/null +++ b/config/rootfiles/core/79/filelists/armv5tel/linux-rpi @@ -0,0 +1 @@ +../../../../common/armv5tel/linux-rpi \ No newline at end of file diff --git a/config/rootfiles/core/79/filelists/daq b/config/rootfiles/core/79/filelists/daq new file mode 120000 index 0000000..d0e0956 --- /dev/null +++ b/config/rootfiles/core/79/filelists/daq @@ -0,0 +1 @@ +../../../common/daq \ No newline at end of file diff --git a/config/rootfiles/core/79/filelists/files b/config/rootfiles/core/79/filelists/files new file mode 100644 index 0000000..bda32bc --- /dev/null +++ b/config/rootfiles/core/79/filelists/files @@ -0,0 +1,23 @@ +etc/system-release +etc/issue +etc/rc.d/init.d/sshd +srv/web/ipfire/cgi-bin/ddns.cgi +srv/web/ipfire/cgi-bin/ids.cgi +srv/web/ipfire/cgi-bin/logs.cgi/firewalllogcountry.dat +srv/web/ipfire/cgi-bin/logs.cgi/showrequestfromcountry.dat +srv/web/ipfire/cgi-bin/modem-status.cgi +srv/web/ipfire/cgi-bin/ovpnmain.cgi +srv/web/ipfire/cgi-bin/pppsetup.cgi +srv/web/ipfire/cgi-bin/proxy.cgi +srv/web/ipfire/html/themes/ipfire/include/functions.pl +usr/bin/squidGuard +usr/sbin/firewall-policy +usr/sbin/redirect_wrapper +usr/sbin/updxlrator +usr/local/bin/setddns.pl +var/ipfire/header.pl +var/ipfire/langs +var/ipfire/menu.d/20-status.menu +var/ipfire/menu.d/70-log.menu +var/ipfire/modem-lib.pl +var/ipfire/ovpn/openssl/ovpn.cnf diff --git a/config/rootfiles/core/79/filelists/hostname b/config/rootfiles/core/79/filelists/hostname new file mode 120000 index 0000000..2a96fdd --- /dev/null +++ b/config/rootfiles/core/79/filelists/hostname @@ -0,0 +1 @@ +../../../common/hostname \ No newline at end of file diff --git a/config/rootfiles/core/79/filelists/i586/grub b/config/rootfiles/core/79/filelists/i586/grub new file mode 120000 index 0000000..feb236a --- /dev/null +++ b/config/rootfiles/core/79/filelists/i586/grub @@ -0,0 +1 @@ +../../../../common/i586/grub \ No newline at end of file diff --git a/config/rootfiles/core/79/filelists/i586/linux b/config/rootfiles/core/79/filelists/i586/linux new file mode 120000 index 0000000..693ec4b --- /dev/null +++ b/config/rootfiles/core/79/filelists/i586/linux @@ -0,0 +1 @@ +../../../../common/i586/linux \ No newline at end of file diff --git a/config/rootfiles/core/79/filelists/i586/syslinux b/config/rootfiles/core/79/filelists/i586/syslinux new file mode 120000 index 0000000..74a776d --- /dev/null +++ b/config/rootfiles/core/79/filelists/i586/syslinux @@ -0,0 +1 @@ +../../../../common/i586/syslinux \ No newline at end of file diff --git a/config/rootfiles/core/79/filelists/openssh b/config/rootfiles/core/79/filelists/openssh new file mode 120000 index 0000000..d8c77fd --- /dev/null +++ b/config/rootfiles/core/79/filelists/openssh @@ -0,0 +1 @@ +../../../common/openssh \ No newline at end of file diff --git a/config/rootfiles/core/79/filelists/openssl b/config/rootfiles/core/79/filelists/openssl new file mode 120000 index 0000000..e011a92 --- /dev/null +++ b/config/rootfiles/core/79/filelists/openssl @@ -0,0 +1 @@ +../../../common/openssl \ No newline at end of file diff --git a/config/rootfiles/core/79/filelists/openvpn b/config/rootfiles/core/79/filelists/openvpn new file mode 120000 index 0000000..493f3f7 --- /dev/null +++ b/config/rootfiles/core/79/filelists/openvpn @@ -0,0 +1 @@ +../../../common/openvpn \ No newline at end of file diff --git a/config/rootfiles/core/79/filelists/perl-Device-Modem b/config/rootfiles/core/79/filelists/perl-Device-Modem new file mode 120000 index 0000000..ea70f08 --- /dev/null +++ b/config/rootfiles/core/79/filelists/perl-Device-Modem @@ -0,0 +1 @@ +../../../common/perl-Device-Modem \ No newline at end of file diff --git a/config/rootfiles/core/79/filelists/perl-Device-SerialPort b/config/rootfiles/core/79/filelists/perl-Device-SerialPort new file mode 120000 index 0000000..2eb1527 --- /dev/null +++ b/config/rootfiles/core/79/filelists/perl-Device-SerialPort @@ -0,0 +1 @@ +../../../common/perl-Device-SerialPort \ No newline at end of file diff --git a/config/rootfiles/core/79/filelists/ppp b/config/rootfiles/core/79/filelists/ppp new file mode 120000 index 0000000..4844a9b --- /dev/null +++ b/config/rootfiles/core/79/filelists/ppp @@ -0,0 +1 @@ +../../../common/ppp \ No newline at end of file diff --git a/config/rootfiles/core/79/filelists/snort b/config/rootfiles/core/79/filelists/snort new file mode 120000 index 0000000..9406ce0 --- /dev/null +++ b/config/rootfiles/core/79/filelists/snort @@ -0,0 +1 @@ +../../../common/snort \ No newline at end of file diff --git a/config/rootfiles/core/79/filelists/squid b/config/rootfiles/core/79/filelists/squid new file mode 120000 index 0000000..2dc8372 --- /dev/null +++ b/config/rootfiles/core/79/filelists/squid @@ -0,0 +1 @@ +../../../common/squid \ No newline at end of file diff --git a/config/rootfiles/core/79/filelists/sudo b/config/rootfiles/core/79/filelists/sudo new file mode 120000 index 0000000..0d3c45e --- /dev/null +++ b/config/rootfiles/core/79/filelists/sudo @@ -0,0 +1 @@ +../../../common/sudo \ No newline at end of file diff --git a/config/rootfiles/core/79/filelists/vnstat b/config/rootfiles/core/79/filelists/vnstat new file mode 120000 index 0000000..2e2e610 --- /dev/null +++ b/config/rootfiles/core/79/filelists/vnstat @@ -0,0 +1 @@ +../../../common/vnstat \ No newline at end of file diff --git a/config/rootfiles/core/79/meta b/config/rootfiles/core/79/meta new file mode 100644 index 0000000..d547fa8 --- /dev/null +++ b/config/rootfiles/core/79/meta @@ -0,0 +1 @@ +DEPS="" diff --git a/config/rootfiles/core/79/update.sh b/config/rootfiles/core/79/update.sh new file mode 100644 index 0000000..2085d43 --- /dev/null +++ b/config/rootfiles/core/79/update.sh @@ -0,0 +1,299 @@ +#!/bin/bash +############################################################################ +# # +# This file is part of the IPFire Firewall. # +# # +# IPFire is free software; you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation; either version 3 of the License, or # +# (at your option) any later version. # +# # +# IPFire is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with IPFire; if not, write to the Free Software # +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # +# # +# Copyright (C) 2014 IPFire-Team info@ipfire.org. # +# # +############################################################################ +# +. /opt/pakfire/lib/functions.sh +/usr/local/bin/backupctrl exclude >/dev/null 2>&1 + +function add_to_backup () +{ + # Add path to ROOTFILES but remove old entries to prevent double + # files in the tar + grep -v "^$1" /opt/pakfire/tmp/ROOTFILES > /opt/pakfire/tmp/ROOTFILES.tmp + mv /opt/pakfire/tmp/ROOTFILES.tmp /opt/pakfire/tmp/ROOTFILES + echo $1 >> /opt/pakfire/tmp/ROOTFILES +} + +# +# Remove old core updates from pakfire cache to save space... +core=79 +for (( i=1; i<=${core}; i++ )) +do + rm -f /var/cache/pakfire/core-upgrade-*-$i.ipfire +done + +# +# Do some sanity checks. +case $(uname -r) in + *-ipfire-versatile ) + /usr/bin/logger -p syslog.emerg -t ipfire \ + "core-update-${core}: ERROR cannot update. versatile support is dropped." + # Report no error to pakfire. So it does not try to install it again. + exit 0 + ;; + *-ipfire-xen ) + BOOTSIZE=`df /boot -Pk | sed "s| * | |g" | cut -d" " -f2 | tail -n 1` + if [ $BOOTSIZE -lt 28000 ]; then + /usr/bin/logger -p syslog.emerg -t ipfire \ + "core-update-${core}: ERROR cannot update because not enough space on boot." + exit 2 + fi + ;; + *-ipfire* ) + # Ok. + ;; + * ) + /usr/bin/logger -p syslog.emerg -t ipfire \ + "core-update-${core}: ERROR cannot update. No IPFire Kernel." + exit 1 + ;; +esac + + +# +# +KVER="xxxKVERxxx" +MOUNT=`grep "kernel" /boot/grub/grub.conf 2>/dev/null | tail -n 1 ` +# Nur den letzten Parameter verwenden +echo $MOUNT > /dev/null +MOUNT=$_ +if [ ! $MOUNT == "rw" ]; then + MOUNT="ro" +fi + +# +# check if we the backup file already exist +if [ -e /var/ipfire/backup/core-upgrade${core}_${KVER}.tar.xz ]; then + echo Moving backup to backup-old ... + mv -f /var/ipfire/backup/core-upgrade${core}_${KVER}.tar.xz \ + /var/ipfire/backup/core-upgrade${core}_${KVER}-old.tar.xz +fi +echo First we made a backup of all files that was inside of the +echo update archive. This may take a while ... +# Add some files that are not in the package to backup +add_to_backup lib/modules +add_to_backup boot + +# Backup the files +tar cJvf /var/ipfire/backup/core-upgrade${core}_${KVER}.tar.xz \ + -C / -T /opt/pakfire/tmp/ROOTFILES --exclude='#*' --exclude='/var/cache' > /dev/null 2>&1 + +# Check diskspace on root +ROOTSPACE=`df / -Pk | sed "s| * | |g" | cut -d" " -f4 | tail -n 1` + +if [ $ROOTSPACE -lt 100000 ]; then + /usr/bin/logger -p syslog.emerg -t ipfire \ + "core-update-${core}: ERROR cannot update because not enough free space on root." + exit 2 +fi + + +echo +echo Update Kernel to $KVER ... +# +# Remove old kernel, configs, initrd, modules ... +# +rm -rf /boot/System.map-* +rm -rf /boot/config-* +rm -rf /boot/ipfirerd-* +rm -rf /boot/vmlinuz-* +rm -rf /boot/uImage-ipfire-* +rm -rf /boot/uInit-ipfire-* +rm -rf /lib/modules + +case $(uname -m) in + i?86 ) + # + # Backup grub.conf + # + cp -vf /boot/grub/grub.conf /boot/grub/grub.conf.org + ;; +esac +# +#Stop services +/etc/init.d/snort stop +/etc/init.d/squid stop +/etc/init.d/ipsec stop +/etc/init.d/apache stop + +# rename /etc/modprobe.d files +for i in $(find /etc/modprobe.d/* | grep -v ".conf"); do + mv $i $i.conf +done + +# +#Extract files +tar xavf /opt/pakfire/tmp/files* --no-overwrite-dir -p --numeric-owner -C / + +# Check diskspace on boot +BOOTSPACE=`df /boot -Pk | sed "s| * | |g" | cut -d" " -f4 | tail -n 1` + +if [ $BOOTSPACE -lt 1000 ]; then + case $(uname -r) in + *-ipfire-kirkwood ) + # Special handling for old kirkwood images. + # (install only kirkwood kernel) + rm -rf /boot/* + tar xavf /opt/pakfire/tmp/files* --no-overwrite-dir -p \ + --numeric-owner -C / --wildcards 'boot/*-kirkwood*' + ;; + * ) + /usr/bin/logger -p syslog.emerg -t ipfire \ + "core-update-${core}: FATAL-ERROR space run out on boot. System is not bootable..." + /etc/init.d/apache start + exit 4 + ;; + esac +fi + +# Update ping +rm -f /bin/ping +ln -sf ../usr/bin/ping /bin/ping +chmod 4755 /usr/bin/ping + +# Update Language cache +perl -e "require '/var/ipfire/lang.pl'; &Lang::BuildCacheLang" + +# Add nobody to group dialout +usermod -a -G dialout nobody + +# +# Start services +# +/etc/init.d/apache start +/etc/init.d/squid start +/etc/init.d/snort start +if [ `grep "ENABLED=on" /var/ipfire/vpn/settings` ]; then + /etc/init.d/ipsec start +fi + +case $(uname -m) in + i?86 ) + # + # Modify grub.conf + # + echo + echo Update grub configuration ... + ROOT=`mount | grep " / " | cut -d" " -f1` + + if [ ! -z $ROOT ]; then + ROOTUUID=`blkid -c /dev/null -sUUID $ROOT | cut -d'"' -f2` + fi + + if [ ! -z $ROOTUUID ]; then + sed -i "s|ROOT|UUID=$ROOTUUID|g" /boot/grub/grub.conf + else + sed -i "s|ROOT|$ROOT|g" /boot/grub/grub.conf + fi + sed -i "s|KVER|$KVER|g" /boot/grub/grub.conf + sed -i "s|MOUNT|$MOUNT|g" /boot/grub/grub.conf + + if [ "$(grep "^serial" /boot/grub/grub.conf.org)" == "" ]; then + echo "grub use default console ..." + else + echo "grub use serial console ..." + sed -i -e "s|splashimage|#splashimage|g" /boot/grub/grub.conf + sed -i -e "s|#serial|serial|g" /boot/grub/grub.conf + sed -i -e "s|#terminal|terminal|g" /boot/grub/grub.conf + sed -i -e "s| panic=10 | console=ttyS0,115200n8 panic=10 |g" /boot/grub/grub.conf + fi + + # + # ReInstall grub + # + echo "(hd0) ${ROOT::`expr length $ROOT`-1}" > /boot/grub/device.map + grub-install --no-floppy ${ROOT::`expr length $ROOT`-1} + ;; +esac + + +# Force (re)install pae kernel if pae is supported +rm -rf /opt/pakfire/db/*/meta-linux-pae +if [ ! "$(grep "^flags.* pae " /proc/cpuinfo)" == "" ]; then + ROOTSPACE=`df / -Pk | sed "s| * | |g" | cut -d" " -f4 | tail -n 1` + BOOTSPACE=`df /boot -Pk | sed "s| * | |g" | cut -d" " -f4 | tail -n 1` + if [ $BOOTSPACE -lt 12000 -o $ROOTSPACE -lt 90000 ]; then + /usr/bin/logger -p syslog.emerg -t ipfire \ + "core-update-${core}: WARNING not enough space for pae kernel." + else + echo "Name: linux-pae" > /opt/pakfire/db/installed/meta-linux-pae + echo "ProgVersion: 0" >> /opt/pakfire/db/installed/meta-linux-pae + echo "Release: 0" >> /opt/pakfire/db/installed/meta-linux-pae + echo "Name: linux-pae" > /opt/pakfire/db/meta/meta-linux-pae + echo "ProgVersion: 0" >> /opt/pakfire/db/meta/meta-linux-pae + echo "Release: 0" >> /opt/pakfire/db/meta/meta-linux-pae + fi +fi + +# Force reinstall xen kernel if it was installed +if [ -e "/opt/pakfire/db/installed/meta-linux-xen" ]; then + echo "Name: linux-xen" > /opt/pakfire/db/installed/meta-linux-xen + echo "ProgVersion: 0" >> /opt/pakfire/db/installed/meta-linux-xen + echo "Release: 0" >> /opt/pakfire/db/installed/meta-linux-xen + echo "Name: linux-xen" > /opt/pakfire/db/meta/meta-linux-xen + echo "ProgVersion: 0" >> /opt/pakfire/db/meta/meta-linux-xen + echo "Release: 0" >> /opt/pakfire/db/meta/meta-linux-xen + # Add xvc0 to /etc/securetty + echo "xvc0" >> /etc/securetty +fi + +# +# After pakfire has ended run it again and update the lists and do upgrade +# +echo '#!/bin/bash' > /tmp/pak_update +echo 'while [ "$(ps -A | grep " update.sh")" != "" ]; do' >> /tmp/pak_update +echo ' sleep 1' >> /tmp/pak_update +echo 'done' >> /tmp/pak_update +echo 'while [ "$(ps -A | grep " pakfire")" != "" ]; do' >> /tmp/pak_update +echo ' sleep 1' >> /tmp/pak_update +echo 'done' >> /tmp/pak_update +echo '/opt/pakfire/pakfire update -y --force' >> /tmp/pak_update +echo '/opt/pakfire/pakfire upgrade -y' >> /tmp/pak_update +echo '/opt/pakfire/pakfire upgrade -y' >> /tmp/pak_update +echo '/opt/pakfire/pakfire upgrade -y' >> /tmp/pak_update +echo '/usr/bin/logger -p syslog.emerg -t ipfire "Core-upgrade finished. If you use a customized grub.cfg"' >> /tmp/pak_update +echo '/usr/bin/logger -p syslog.emerg -t ipfire "Check it before reboot !!!"' >> /tmp/pak_update +echo '/usr/bin/logger -p syslog.emerg -t ipfire " *** Please reboot... *** "' >> /tmp/pak_update +echo 'touch /var/run/need_reboot ' >> /tmp/pak_update +# +killall -KILL pak_update +chmod +x /tmp/pak_update +/tmp/pak_update & + +sync + +# +#Finish +( + /etc/init.d/fireinfo start + sendprofile +) >/dev/null 2>&1 & + +# Update Package list for addon installation +/opt/pakfire/pakfire update -y --force + +echo +echo Please wait until pakfire has ended... +echo +#Don't report the exitcode last command +exit 0 + diff --git a/make.sh b/make.sh index c170076..1c10f32 100755 --- a/make.sh +++ b/make.sh @@ -25,8 +25,8 @@ NAME="IPFire" # Software name SNAME="ipfire" # Short name VERSION="2.15" # Version number -CORE="78" # Core Level (Filename) -PAKFIRE_CORE="78" # Core Level (PAKFIRE) +CORE="79" # Core Level (Filename) +PAKFIRE_CORE="79" # Core Level (PAKFIRE) GIT_BRANCH=`git rev-parse --abbrev-ref HEAD` # Git Branch SLOGAN="www.ipfire.org" # Software slogan CONFIG_ROOT=/var/ipfire # Configuration rootdir
hooks/post-receive -- IPFire 2.x development tree