Skip to content

O
OpnSense
Commit cd4c883a authored by Franco Fichtner's avatar Franco Fichtner
Browse files
Options

firmware: merge assorted improvements from master 

o Mirror/flavour settings now in firmware section
o Proper locking layer to prevent parallel invokes
o Can reattach to running background update
o Can even GUI-attach to cron job or console update

(cherry picked from commit 70998ed9)
(cherry picked from commit 2e10248c)
(cherry picked from commit 5a3a3a84)
(cherry picked from commit d2471552)
(cherry picked from commit 96be50d4)
(cherry picked from commit 9f7e1b89)
(cherry picked from commit 2fe4dce1)
(cherry picked from commit 419d6d72)
(cherry picked from commit eb7a9a31)
(cherry picked from commit 4dde2392)
(cherry picked from commit 951a2984)
(cherry picked from commit b891dc9f)
(cherry picked from commit d46366d2)
(cherry picked from commit 3201c221)
parent f8ee6f63
Hide whitespace changes
Inline Side-by-side
Showing with 494 additions and 222 deletions
Makefile
View file @ cd4c883a
......@@ -78,6 +78,7 @@ CORE_DEPENDS?= apinger \
filterdns \
filterlog \
ifinfo \
flock \
flowd \
igmpproxy \
isc-dhcp43-client \
......
src/etc/inc/system.inc
View file @ cd4c883a
......@@ -243,39 +243,6 @@ function get_country_codes()
return $dn_cc;
}
function get_firmware_mirrors()
{
$mirrors = array();
$mirrors['default'] = '(default)';
$mirrors['https://opnsense.aivian.org'] = 'Aivian (Shaoxing, CN)';
$mirrors['https://mirror.auf-feindgebiet.de/opnsense'] = 'auf-feindgebiet.de (Karlsruhe, DE)';
$mirrors['https://opnsense.c0urier.net'] = 'c0urier.net (Lund, SE)';
$mirrors['https://fleximus.org/mirror/opnsense'] = 'Fleximus (Roubaix, FR)';
$mirrors['http://mirror.ams1.nl.leaseweb.net/opnsense'] = 'LeaseWeb (Amsterdam, NL)';
$mirrors['http://mirror.fra10.de.leaseweb.net/opnsense'] = 'LeaseWeb (Frankfurt, DE)';
$mirrors['http://mirror.sfo12.us.leaseweb.net/opnsense'] = 'LeaseWeb (San Francisco, US)';
$mirrors['http://mirror.wdc1.us.leaseweb.net/opnsense'] = 'LeaseWeb (Washington, D.C., US)';
$mirrors['http://mirrors.nycbug.org/pub/opnsense'] = 'NYC*BUG (New York, US)';
$mirrors['http://pkg.opnsense.org'] = 'OPNsense (Amsterdam, NL)';
$mirrors['http://mirror.ragenetwork.de/opnsense'] = 'RageNetwork (Munich, DE)';
$mirrors['http://mirrors.supranet.net/pub/opnsense'] = 'Supranet Communications (Middleton, US)';
$mirrors['http://mirror.wjcomms.co.uk/opnsense'] = 'WJComms (London, GB)';
return $mirrors;
}
function get_firmware_flavours()
{
$flavours = array();
$flavours['default'] = '(default)';
$flavours['libressl'] = 'LibreSSL';
$flavours['latest'] = 'OpenSSL';
return $flavours;
}
function get_zoneinfo()
{
$zones = timezone_identifiers_list(DateTimeZone::ALL ^ DateTimeZone::UTC);
......@@ -1420,16 +1387,16 @@ function system_firmware_configure()
$origin_conf = '/usr/local/etc/pkg/repos/origin.conf';
copy("${origin_conf}.sample", $origin_conf);
if (isset($config['system']['firmware']['mirror'])) {
configd_run('firmware mirror ' . escapeshellarg(
str_replace('/', '\/', $config['system']['firmware']['mirror'])
));
if (!empty($config['system']['firmware']['mirror'])) {
mwexecf("/usr/local/sbin/opnsense-update %s %s",
array("-sm", str_replace('/', '\/', $config['system']['firmware']['mirror']))
);
}
if (isset($config['system']['firmware']['flavour'])) {
configd_run('firmware flavour ' . escapeshellarg(
str_replace('/', '\/', $osabi . '/' . $config['system']['firmware']['flavour'])
));
if (!empty($config['system']['firmware']['flavour'])) {
mwexecf("/usr/local/sbin/opnsense-update %s %s",
array("-sn", str_replace('/', '\/', $osabi . '/' . $config['system']['firmware']['flavour']))
);
}
}
......
src/etc/rc.configure_firmware 0 → 100755
View file @ cd4c883a
#!/usr/local/bin/php
<?php
/*
Copyright (C) 2016 Franco Fichtner <franco@opnsense.org>
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
1. Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
*/
require_once 'config.inc';
require_once 'util.inc';
require_once 'system.inc';
system_firmware_configure();
src/etc/rc.firmware
View file @ cd4c883a
#!/bin/sh
# Copyright (c) 2015-2016 Franco Fichtner <franco@opnsense.org>
# Copyright (c) 2016 Franco Fichtner <franco@opnsense.org>
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
......@@ -25,21 +25,16 @@
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
# SUCH DAMAGE.
set -e
LOCKFILE="/tmp/pkg_upgrade.progress"
FLOCK="/usr/local/bin/flock"
ARGS="-n -o ${LOCKFILE}"
# upgrade all packages if possible
opnsense-update -p
echo
# trigger a webgui restart to cope with changes
/usr/local/etc/rc.restart_webgui
echo
if [ ! -f ${FLOCK} ]; then
# backwards-compat to be removed post-16.7
/usr/local/etc/rc.firmware.subr "${@}"
exit 0
fi
# if we can update base, we'll do that as well
if opnsense-update -c; then
if opnsense-update -bk; then
/usr/local/etc/rc.reboot
fi
if ! ${FLOCK} ${ARGS} /usr/local/etc/rc.firmware.subr "${@}"; then
echo "A firmware update is currently in progress."
fi
src/etc/rc.firmware.subr 0 → 100755
View file @ cd4c883a
#!/bin/sh
# Copyright (c) 2015-2016 Franco Fichtner <franco@opnsense.org>
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
#
# 1. Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
#
# 2. Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions and the following disclaimer in the
# documentation and/or other materials provided with the distribution.
#
# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
# SUCH DAMAGE.
set -e
LOCKFILE="/tmp/pkg_upgrade.progress"
TEE="/usr/bin/tee -a"
: > ${LOCKFILE}
echo "***GOT REQUEST TO UPGRADE: all***" >> ${LOCKFILE}
# upgrade all packages if possible
opnsense-update -p 2>&1 | ${TEE} ${LOCKFILE}
# trigger a webgui restart to cope with changes
/usr/local/etc/rc.restart_webgui 2>&1 | ${TEE} ${LOCKFILE}
# if we can update base, we'll do that as well
if opnsense-update -c; then
if opnsense-update -bk 2>&1 | ${TEE} ${LOCKFILE}; then
echo '***REBOOT***' >> ${LOCKFILE}
sleep 5
/usr/local/etc/rc.reboot
fi
fi
echo '***DONE***' >> ${LOCKFILE}
src/opnsense/mvc/app/controllers/OPNsense/Core/Api/FirmwareController.php
View file @ cd4c883a
......@@ -32,6 +32,7 @@ namespace OPNsense\Core\Api;
use \OPNsense\Base\ApiControllerBase;
use \OPNsense\Core\Backend;
use \OPNsense\Core\Config;
/**
* Class FirmwareController
......@@ -316,6 +317,19 @@ class FirmwareController extends ApiControllerBase
return $response;
}
/**
* retrieve exectution status
*/
public function runningAction()
{
$backend = new Backend();
$result = array(
'status' => trim($backend->configdRun('firmware running'))
);
return $result;
}
/**
* retrieve upgrade status (and log file of current process)
*/
......@@ -371,4 +385,92 @@ class FirmwareController extends ApiControllerBase
return $response;
}
/**
* list firmware mirror and flavour options
* @return array
*/
public function getFirmwareOptionsAction()
{
// todo: we might want to move these into configuration files later
$mirrors = array();
$mirrors[''] = '(default)';
$mirrors['https://opnsense.aivian.org'] = 'Aivian (Shaoxing, CN)';
$mirrors['https://mirror.auf-feindgebiet.de/opnsense'] = 'auf-feindgebiet.de (Karlsruhe, DE)';
$mirrors['https://opnsense.c0urier.net'] = 'c0urier.net (Lund, SE)';
$mirrors['https://fleximus.org/mirror/opnsense'] = 'Fleximus (Roubaix, FR)';
$mirrors['http://mirror.ams1.nl.leaseweb.net/opnsense'] = 'LeaseWeb (Amsterdam, NL)';
$mirrors['http://mirror.fra10.de.leaseweb.net/opnsense'] = 'LeaseWeb (Frankfurt, DE)';
$mirrors['http://mirror.sfo12.us.leaseweb.net/opnsense'] = 'LeaseWeb (San Francisco, US)';
$mirrors['http://mirror.wdc1.us.leaseweb.net/opnsense'] = 'LeaseWeb (Washington, D.C., US)';
$mirrors['http://mirrors.nycbug.org/pub/opnsense'] = 'NYC*BUG (New York, US)';
$mirrors['http://pkg.opnsense.org'] = 'OPNsense (Amsterdam, NL)';
$mirrors['http://mirror.ragenetwork.de/opnsense'] = 'RageNetwork (Munich, DE)';
$mirrors['http://mirrors.supranet.net/pub/opnsense'] = 'Supranet Communications (Middleton, US)';
$mirrors['http://mirror.wjcomms.co.uk/opnsense'] = 'WJComms (London, GB)';
$flavours = array();
$flavours[''] = '(default)';
$flavours['libressl'] = 'LibreSSL';
$flavours['latest'] = 'OpenSSL';
return array("mirrors"=>$mirrors, "flavours" => $flavours);
}
/**
* retrieve current firmware configuration options
* @return array
*/
function getFirmwareConfigAction()
{
$result = array();
$result['mirror'] = '';
$result['flavour'] = '';
if (!empty(Config::getInstance()->object()->system->firmware->mirror)) {
$result['mirror'] = (string)Config::getInstance()->object()->system->firmware->mirror;
}
if (!empty(Config::getInstance()->object()->system->firmware->flavour)) {
$result['flavour'] = (string)Config::getInstance()->object()->system->firmware->flavour;
}
return $result;
}
/**
* set firmware configuration options
* @return array status
*/
function setFirmwareConfigAction()
{
$response = array("status" => "failure");
if ($this->request->isPost()) {
$response['status'] = 'ok';
$selectedMirror = filter_var($this->request->getPost("mirror", null, ""), FILTER_SANITIZE_URL);
$selectedFlavour = filter_var($this->request->getPost("flavour", null, ""), FILTER_SANITIZE_URL);
// config data without model, prepare xml structure and write data
if (!isset(Config::getInstance()->object()->system->firmware)) {
Config::getInstance()->object()->system->addChild('firmware');
}
if (!isset(Config::getInstance()->object()->system->firmware->mirror)) {
Config::getInstance()->object()->system->firmware->addChild('mirror');
}
Config::getInstance()->object()->system->firmware->mirror = $selectedMirror;
if (!isset(Config::getInstance()->object()->system->firmware->flavour)) {
Config::getInstance()->object()->system->firmware->addChild('flavour');
}
Config::getInstance()->object()->system->firmware->flavour = $selectedFlavour;
Config::getInstance()->save();
$backend = new Backend();
$backend->configdRun("firmware configure");
}
return $response;
}
}
src/opnsense/mvc/app/views/OPNsense/Core/firmware.volt
View file @ cd4c883a
......@@ -85,7 +85,8 @@ POSSIBILITY OF SUCH DAMAGE.
*/
function upgrade(){
$('#progresstab > a').tab('show');
$('#updatestatus').html("{{ lang._('Upgrading... (do not leave this page while upgrade is in progress)') }}");
$('#updatestatus').html("{{ lang._('Upgrading...') }}");
$("#upgrade").attr("style","");
$("#upgrade_progress").addClass("fa fa-spinner fa-pulse");
ajaxCall('/api/core/firmware/upgrade',{upgrade:$.upgrade_action},function() {
......@@ -102,7 +103,7 @@ POSSIBILITY OF SUCH DAMAGE.
function action(pkg_act, pkg_name)
{
$('#progresstab > a').tab('show');
$('#updatestatus').html("{{ lang._('Executing... (do not leave this page while execute is in progress)') }}");
$('#updatestatus').html("{{ lang._('Executing...') }}");
ajaxCall('/api/core/firmware/'+pkg_act+'/'+pkg_name,{},function() {
$('#updatelist').empty();
......@@ -136,7 +137,6 @@ POSSIBILITY OF SUCH DAMAGE.
}]
});
} else {
upgrade();
}
......@@ -178,7 +178,7 @@ POSSIBILITY OF SUCH DAMAGE.
"{{ lang._('The upgrade has finished and your device is being rebooted at the moment, please wait...') }}" +
' <i class="fa fa-cog fa-spin"></i>'
);
setTimeout(rebootWait, 30000);
setTimeout(rebootWait, 45000);
},
});
} else {
......@@ -288,14 +288,98 @@ POSSIBILITY OF SUCH DAMAGE.
if ($('#message').html() != '') {
$('#message').attr('style', '');
}
// repopulate package information
packagesInfo();
// dashboard link: run check automatically
if (window.location.hash == '#checkupdate') {
updateStatus();
}
});
ajaxGet('/api/core/firmware/running',{},function(data, status) {
// if action is already running reattach now...
if (data['status'] == 'busy') {
upgrade();
// dashboard link: run check automatically
} else if (window.location.hash == '#checkupdate') {
updateStatus();
}
});
// handle firmware config options
ajaxGet('/api/core/firmware/getFirmwareOptions',{},function(firmwareoptions, status) {
ajaxGet('/api/core/firmware/getFirmwareConfig',{},function(firmwareconfig, status) {
var other_selected = true;
$.each(firmwareoptions.mirrors, function(key, value) {
var selected = false;
if ((key != "" && firmwareconfig['mirror'].indexOf(key) == 0) || key == firmwareconfig['mirror']) {
selected = true;
other_selected = false;
}
$("#firmware_mirror").append($("<option/>")
.attr("value",key)
.text(value)
.prop('selected', selected)
);
});
$("#firmware_mirror").prepend($("<option/>")
.attr("value", firmwareconfig['mirror'])
.text("(other)")
.data("other", 1)
.prop('selected', other_selected)
);
$("#firmware_mirror").selectpicker('refresh');
$("#firmware_mirror").change();
other_selected = true;
$.each(firmwareoptions.flavours, function(key, value) {
var selected = false;
if (key == firmwareconfig['flavour']) {
selected = true;
other_selected = false;
}
$("#firmware_flavour").append($("<option/>")
.attr("value",key)
.text(value)
.prop('selected', selected)
);
});
$("#firmware_flavour").prepend($("<option/>")
.attr("value",firmwareconfig['flavour'])
.text("(other)")
.data("other", 1)
.prop('selected', other_selected)
);
$("#firmware_flavour").selectpicker('refresh');
$("#firmware_flavour").change();
});
});
$("#firmware_mirror").change(function(){
$("#firmware_mirror_value").val($(this).val());
if ($(this).find(':selected').data("other") == 1) {
$("#firmware_mirror_other").show();
} else {
$("#firmware_mirror_other").hide();
}
});
$("#firmware_flavour").change(function() {
$("#firmware_flavour_value").val($(this).val());
if ($(this).find(':selected').data("other") == 1) {
$("#firmware_flavour_other").show();
} else {
$("#firmware_flavour_other").hide();
}
});
$("#change_mirror").click(function(){
$("#change_mirror_progress").addClass("fa fa-spinner fa-pulse");
var confopt = {};
confopt.mirror = $("#firmware_mirror_value").val()
confopt.flavour = $("#firmware_flavour_value").val()
ajaxCall(url='/api/core/firmware/setFirmwareConfig',sendData=confopt, callback=function(data,status) {
$("#change_mirror_progress").removeClass("fa fa-spinner fa-pulse");
});
});
});
</script>
<div class="container-fluid">
......@@ -310,13 +394,64 @@ POSSIBILITY OF SUCH DAMAGE.
<div class="row">
<div class="col-md-12" id="content">
<ul class="nav nav-tabs" data-tabs="tabs">
<li id="packagestab" class="active"><a data-toggle="tab" href="#packages">{{ lang._('Packages') }}</a></li>
<li id="settingstab" class="active"><a data-toggle="tab" href="#settings">{{ lang._('Settings') }}</a></li>
<li id="packagestab"><a data-toggle="tab" href="#packages">{{ lang._('Packages') }}</a></li>
<li id="plugintab"><a data-toggle="tab" href="#plugins">{{ lang._('Plugins') }}</a></li>
<li id="updatetab"><a data-toggle="tab" href="#updates">{{ lang._('Updates') }}</a></li>
<li id="progresstab"><a data-toggle="tab" href="#progress">{{ lang._('Progress') }}</a></li>
</ul>
<div class="tab-content content-box tab-content">
<div id="packages" class="tab-pane fade in active">
<div id="settings" class="tab-pane fade in active">
<table class="table table-striped table-responsive">
<tbody>
<tr>
<td style="width: 150px;"><a id="help_for_mirror" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> {{ lang._('Firmware Mirror') }}</td>
<td>
<select class="selectpicker" id="firmware_mirror">
</select>
<div style="display:none;" id="firmware_mirror_other">
<input type="text" id="firmware_mirror_value">
</div>
<div class="hidden" for="help_for_mirror">
<strong>
{{ lang._("Select an alternate firmware mirror.") }}
</strong>
</div>
</td>
<td></td>
</tr>
<tr>
<td><a id="help_for_flavour" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> {{ lang._('Firmware Flavour') }}</td>
<td>
<select class="selectpicker" id="firmware_flavour">
</select>
<div style="display:none;" id="firmware_flavour_other">
<input type="text" id="firmware_flavour_value">
</div>
<div class="hidden" for="help_for_flavour">
<strong>
{{ lang._("Select the firmware cryptography flavour.") }}
</strong>
</div>
</td>
<td></td>
</tr>
<tr>
<td></td>
<td>
<button class="btn btn-primary" id="change_mirror" type="button"><b>{{ lang._('Save') }}</b><i id="change_mirror_progress" class=""></i></button>
</td>
<td></td>
</tr>
<tr>
<td colspan="3">
{{ lang._('In order to apply these settings a firmware update must be performed after save, which can include a reboot of the system.') }}
</td>
</tr>
</tbody>
</table>
</div>
<div id="packages" class="tab-pane fade in">
<table class="table table-striped table-condensed table-responsive" id="packageslist">
</table>
</div>
......
src/opnsense/scripts/firmware/hotfix.sh
View file @ cd4c883a
......@@ -25,17 +25,11 @@
# POSSIBILITY OF SUCH DAMAGE.
PKG_PROGRESS_FILE=/tmp/pkg_upgrade.progress
PATCHES=${1}
# Check if another pkg process is already running
# (not strictly necessary, but we're modifying pkg files)
if [ -n "$(pgrep pkg)" ]; then
exit 0
fi
PATCH=${1}
# Truncate upgrade progress file
: > ${PKG_PROGRESS_FILE}
echo "***GOT REQUEST TO HOTFIX: ${PATCHES}***" >> ${PKG_PROGRESS_FILE}
/usr/local/sbin/opnsense-patch ${PATCHES} >> ${PKG_PROGRESS_FILE} 2>&1
echo "***GOT REQUEST TO HOTFIX: ${PATCH}***" >> ${PKG_PROGRESS_FILE}
/usr/local/sbin/opnsense-patch ${PATCH} >> ${PKG_PROGRESS_FILE} 2>&1
echo '***DONE***' >> ${PKG_PROGRESS_FILE}
src/opnsense/scripts/firmware/install.sh
View file @ cd4c883a
......@@ -28,11 +28,6 @@
PKG_PROGRESS_FILE=/tmp/pkg_upgrade.progress
PACKAGE=$1
# Check if another pkg process is already running
if [ -n "$(pgrep pkg)" ]; then
exit 0
fi
# Truncate upgrade progress file
: > ${PKG_PROGRESS_FILE}
......
src/opnsense/scripts/firmware/launcher.sh 0 → 100755
View file @ cd4c883a
#!/bin/sh
# Copyright (C) 2016 Franco Fichtner <franco@opnsense.org>
# All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
#
# 1. Redistributions of source code must retain the above copyright notice,
# this list of conditions and the following disclaimer.
#
# 2. Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions and the following disclaimer in the
# documentation and/or other materials provided with the distribution.
#
# THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
# INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
# AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
# AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
# POSSIBILITY OF SUCH DAMAGE.
BASEDIR="/usr/local/opnsense/scripts/firmware"
LOCKFILE="/tmp/pkg_upgrade.progress"
FLOCK="/usr/local/bin/flock -n -o"
COMMANDS="
hotfix
install
lock
reinstall
remove
unlock
upgrade
"
SELECTED=${1}
ARGUMENT=${2}
for COMMAND in ${COMMANDS}; do
if [ "${SELECTED}" != ${COMMAND} ]; then
continue
fi
if [ -n "$(pgrep pkg)" ]; then
break
fi
${FLOCK} ${LOCKFILE} ${BASEDIR}/${COMMAND}.sh ${ARGUMENT}
done
src/opnsense/scripts/firmware/lock.sh
View file @ cd4c883a
......@@ -28,11 +28,6 @@
PKG_PROGRESS_FILE=/tmp/pkg_upgrade.progress
PACKAGE=$1
# Check if another pkg process is already running
if [ -n "$(pgrep pkg)" ]; then
exit 0
fi
# Truncate upgrade progress file
: > ${PKG_PROGRESS_FILE}
......
src/opnsense/scripts/firmware/reinstall.sh
View file @ cd4c883a
......@@ -28,11 +28,6 @@
PKG_PROGRESS_FILE=/tmp/pkg_upgrade.progress
PACKAGE=$1
# Check if another pkg process is already running
if [ -n "$(pgrep pkg)" ]; then
exit 0
fi
# Truncate upgrade progress file
: > ${PKG_PROGRESS_FILE}
......
src/opnsense/scripts/firmware/remove.sh
View file @ cd4c883a
......@@ -28,11 +28,6 @@
PKG_PROGRESS_FILE=/tmp/pkg_upgrade.progress
PACKAGE=$1
# Check if another pkg process is already running
if [ -n "$(pgrep pkg)" ]; then
exit 0
fi
# Truncate upgrade progress file
: > ${PKG_PROGRESS_FILE}
......
src/opnsense/scripts/firmware/running.sh 0 → 100755
View file @ cd4c883a
#!/bin/sh
# Copyright (C) 2016 Franco Fichtner <franco@opnsense.org>
# All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
#
# 1. Redistributions of source code must retain the above copyright notice,
# this list of conditions and the following disclaimer.
#
# 2. Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions and the following disclaimer in the
# documentation and/or other materials provided with the distribution.
#
# THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
# INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
# AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
# AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
# POSSIBILITY OF SUCH DAMAGE.
LOCKFILE="/tmp/pkg_upgrade.progress"
FLOCK="/usr/local/bin/flock"
if [ ! -f ${FLOCK} ]; then
# backwards-compat
echo "ready"
exit 0
fi
touch ${LOCKFILE}
(
if ${FLOCK} -n 9; then
echo "ready"
else
echo "busy"
fi
) 9< ${LOCKFILE}
src/opnsense/scripts/firmware/unlock.sh
View file @ cd4c883a
......@@ -28,11 +28,6 @@
PKG_PROGRESS_FILE=/tmp/pkg_upgrade.progress
PACKAGE=$1
# Check if another pkg process is already running
if [ -n "$(pgrep pkg)" ]; then
exit 0
fi
# Truncate upgrade progress file
: > ${PKG_PROGRESS_FILE}
......
src/opnsense/scripts/firmware/upgrade.sh
View file @ cd4c883a
......@@ -29,11 +29,6 @@ PKG_PROGRESS_FILE=/tmp/pkg_upgrade.progress
PACKAGE=$1
REBOOT=
# Check if another pkg process is already running
if [ -n "$(pgrep pkg)" ]; then
exit 0
fi
# Truncate upgrade progress file
: > ${PKG_PROGRESS_FILE}
......
src/opnsense/service/conf/actions.d/actions_firmware.conf
View file @ cd4c883a
......@@ -2,44 +2,56 @@
command:/usr/local/opnsense/scripts/firmware/check.sh
parameters:
type:script_output
message:retrieve package status
message:retrieve firmware update status
[running]
command:/usr/local/opnsense/scripts/firmware/running.sh
parameters:
type:script_output
message:retrieve firmware execution status
[upgrade]
command: /usr/sbin/daemon -f /usr/local/opnsense/scripts/firmware/upgrade.sh
command: /usr/sbin/daemon -f /usr/local/opnsense/scripts/firmware/launcher.sh upgrade
parameters:%s
type:script
message:upgrading %s
[reinstall]
command: /usr/sbin/daemon -f /usr/local/opnsense/scripts/firmware/reinstall.sh
command: /usr/sbin/daemon -f /usr/local/opnsense/scripts/firmware/launcher.sh reinstall
parameters:%s
type:script
message: reinstalling firmware package %s
[lock]
command: /usr/sbin/daemon -f /usr/local/opnsense/scripts/firmware/lock.sh
command: /usr/sbin/daemon -f /usr/local/opnsense/scripts/firmware/launcher.sh lock
parameters:%s
type:script
message: locking firmware package %s
[unlock]
command: /usr/sbin/daemon -f /usr/local/opnsense/scripts/firmware/unlock.sh
command: /usr/sbin/daemon -f /usr/local/opnsense/scripts/firmware/launcher.sh unlock
parameters:%s
type:script
message: unlocking firmware package %s
[install]
command: /usr/sbin/daemon -f /usr/local/opnsense/scripts/firmware/install.sh
command: /usr/sbin/daemon -f /usr/local/opnsense/scripts/firmware/launcher.sh install
parameters:%s
type:script
message: installing firmware package %s
[remove]
command: /usr/sbin/daemon -f /usr/local/opnsense/scripts/firmware/remove.sh
command: /usr/sbin/daemon -f /usr/local/opnsense/scripts/firmware/launcher.sh remove
parameters:%s
type:script
message: remove firmware package %s
[hotfix]
command: /usr/sbin/daemon -f /usr/local/opnsense/scripts/firmware/launcher.sh hotfix
parameters:%s
type:script
message:issued firmware hotfix for %s
[status]
command: /usr/bin/touch /tmp/pkg_upgrade.progress 2>&1; /bin/cat /tmp/pkg_upgrade.progress 2>&1
parameters:
......@@ -58,17 +70,11 @@ parameters:
type:script_output
message:view remote packages
[mirror]
command:/usr/local/sbin/opnsense-update -sm
parameters:%s
type:script
message:switching firmware mirror to %s
[flavour]
command:/usr/local/sbin/opnsense-update -sn
parameters:%s
[configure]
command:/usr/local/etc/rc.configure_firmware
parameters:
type:script
message:switching firmware flavour to %s
message:update firmware configuration
[reboot]
command:/usr/local/etc/rc.reboot
......@@ -82,12 +88,6 @@ parameters:
type:script
message:issued firmware power off
[hotfix]
command:/usr/local/opnsense/scripts/firmware/hotfix.sh
parameters:%s
type:script
message:issued firmware hotfix for %s
[auto-update]
command:/usr/local/etc/rc.firmware
description:Automatic firmware update
......
src/www/system_general.php
View file @ cd4c883a
......@@ -60,8 +60,6 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
$pconfig['theme'] = null;
$pconfig['language'] = null;
$pconfig['timezone'] = "Etc/UTC";
$pconfig['mirror'] = 'default';
$pconfig['flavour'] = 'default';
$pconfig['prefer_ipv4'] = isset($config['system']['prefer_ipv4']);
$pconfig['gw_switch_default'] = isset($config['system']['gw_switch_default']);
$pconfig['hostname'] = $config['system']['hostname'];
......@@ -89,14 +87,6 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
$pconfig['language'] = $config['system']['language'];
}
$pconfig['dnslocalhost'] = isset($config['system']['dnslocalhost']);
if (isset($config['system']['firmware']['mirror'])) {
$pconfig['mirror'] = $config['system']['firmware']['mirror'];
}
if (isset($config['system']['firmware']['flavour'])) {
$pconfig['flavour'] = $config['system']['firmware']['flavour'];
}
} elseif ($_SERVER['REQUEST_METHOD'] === 'POST') {
if (isset($_POST['timezone']) && $pconfig['timezone'] <> $_POST['timezone']) {
filter_pflog_start();
......@@ -167,26 +157,6 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
set_language();
}
if (!isset($config['system']['firmware'])) {
$config['system']['firmware'] = array();
}
if ($pconfig['mirror'] == 'default') {
if (isset($config['system']['firmware']['mirror'])) {
/* default does not set anything for backwards compat */
unset($config['system']['firmware']['mirror']);
}
} else {
$config['system']['firmware']['mirror'] = $pconfig['mirror'];
}
if ($pconfig['flavour'] == 'default') {
if (isset($config['system']['firmware']['flavour'])) {
/* default does not set anything for backwards compat */
unset($config['system']['firmware']['flavour']);
}
} else {
$config['system']['firmware']['flavour'] = $pconfig['flavour'];
}
if (!empty($pconfig['prefer_ipv4'])) {
$config['system']['prefer_ipv4'] = true;
} elseif (isset($config['system']['prefer_ipv4'])) {
......@@ -273,7 +243,6 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
services_dnsmasq_configure();
services_unbound_configure();
system_timezone_configure();
system_firmware_configure();
if ($olddnsallowoverride != $config['system']['dnsallowoverride']) {
configd_run("dns reload");
......@@ -358,9 +327,6 @@ include("head.inc");
</div>
</td>
</tr>
<tr>
<th colspan="2" valign="top" class="listtopic"><?=gettext("Firmware"); ?></th>
</tr>
<tr>
<td><a id="help_for_language" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Language");?></td>
<td>
......@@ -401,46 +367,31 @@ include("head.inc");
</td>
</tr>
<tr>
<td><a id="help_for_mirror" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Firmware Mirror"); ?></td>
<th colspan="2" valign="top" class="listtopic"><?=gettext("Networking"); ?></th>
</tr>
<tr>
<td><a id="help_for_prefer_ipv4" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Prefer IPv4 over IPv6"); ?></td>
<td>
<select name="mirror" class="selectpicker" data-size="10" data-width="auto">
<?php
foreach (get_firmware_mirrors() as $mcode => $mdesc):?>
<option value="<?=$mcode;?>" <?=$mcode == $pconfig['mirror'] ? "selected=\"selected\"":"";?>>
<?=$mdesc;?>
</option>
<?php
endforeach;?>
</select>
<div class="hidden" for="help_for_mirror">
<strong>
<?=gettext("Select an alternate firmware mirror."); ?>
</strong>
<input name="prefer_ipv4" type="checkbox" id="prefer_ipv4" value="yes" <?= !empty($pconfig['prefer_ipv4']) ? "checked=\"checked\"" : "";?> />
<strong><?=gettext("Prefer to use IPv4 even if IPv6 is available"); ?></strong>
<div class="hidden" for="help_for_prefer_ipv4">
<?=gettext("By default, if a hostname resolves IPv6 and IPv4 addresses ".
"IPv6 will be used, if you check this option, IPv4 will be " .
"used instead of IPv6."); ?>
</div>
</td>
</tr>
<tr>
<td><a id="help_for_flavour" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Firmware Flavour"); ?></td>
<td width="78%" class="vtable">
<select name="flavour" class="selectpicker" data-size="10" data-style="btn-default" data-width="auto">
<?php
foreach (get_firmware_flavours() as $fcode => $fdesc):?>
<option value="<?=$fcode;?>" <?=$fcode == $pconfig['flavour'] ? "selected=\"selected\"" : "" ;?>>
<?=$fdesc;?>
</option>
<?php
endforeach;?>
</select>
<div class="hidden" for="help_for_flavour">
<strong>
<?=gettext("Select the firmware cryptography flavour."); ?>
</strong>
<td><a id="help_for_gw_switch_default" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Gateway switching");?> </td>
<td>
<input name="gw_switch_default" type="checkbox" id="gw_switch_default" value="yes" <?= !empty($pconfig['gw_switch_default']) ? "checked=\"checked\"" : "";?> />
<strong><?=gettext("Allow default gateway switching"); ?></strong><br />
<div class="hidden" for="help_for_gw_switch_default">
<?=gettext("If the link where the default gateway resides fails " .
"switch the default gateway to another available one."); ?>
</div>
</td>
</tr>
<tr>
<th colspan="2" valign="top" class="listtopic"><?=gettext("Name resolution"); ?></th>
</tr>
<tr>
<td><a id="help_for_dnsservers" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("DNS servers"); ?></td>
<td>
......@@ -520,32 +471,6 @@ include("head.inc");
</div>
</td>
</tr>
<tr>
<th colspan="2" valign="top" class="listtopic"><?=gettext("Networking"); ?></th>
</tr>
<tr>
<td><a id="help_for_prefer_ipv4" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Prefer IPv4 over IPv6"); ?></td>
<td>
<input name="prefer_ipv4" type="checkbox" id="prefer_ipv4" value="yes" <?= !empty($pconfig['prefer_ipv4']) ? "checked=\"checked\"" : "";?> />
<strong><?=gettext("Prefer to use IPv4 even if IPv6 is available"); ?></strong>
<div class="hidden" for="help_for_prefer_ipv4">
<?=gettext("By default, if a hostname resolves IPv6 and IPv4 addresses ".
"IPv6 will be used, if you check this option, IPv4 will be " .
"used instead of IPv6."); ?>
</div>
</td>
</tr>
<tr>
<td><a id="help_for_gw_switch_default" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Gateway switching");?> </td>
<td>
<input name="gw_switch_default" type="checkbox" id="gw_switch_default" value="yes" <?= !empty($pconfig['gw_switch_default']) ? "checked=\"checked\"" : "";?> />
<strong><?=gettext("Allow default gateway switching"); ?></strong><br />
<div class="hidden" for="help_for_gw_switch_default">
<?=gettext("If the link where the default gateway resides fails " .
"switch the default gateway to another available one."); ?>
</div>
</td>
</tr>
<tr>
<td></td>
<td>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Technounit-GROUP 2023