#!/bin/sh # originally part of m0n0wall (http://neon1.net/m0n0wall) # Copyright (C) 2005-2009 Scott Ullrich <sullrich@pfsense.org>. # Copyright (C) 2003 Manuel Kasper <mk@neon1.net>. # All rights reserved. # mount /cf /usr/local/etc/rc.conf_mount_rw # Reset file(s) echo "" >/conf/upgrade_log.txt echo "" >/conf/firmware_update_misc_log.txt echo "" >/conf/fdisk_upgrade_log.txt exec 3>&2 2>>/conf/firmware_update_misc_log.txt export ACTION=$1 export IMG=$2 if [ $# -eq 3 ]; then export CUSTOMIMG=$3 fi if [ $ACTION != "upgrade" ]; then /sbin/umount -f /ftmp > /dev/null 2>&1 fi file_notice() { /usr/local/bin/php -q -d auto_prepend_file=config.inc <<ENDOFF <?php require_once("globals.inc"); require_once("functions.inc"); file_notice("$1", "$2", "$1", ""); ?> ENDOFF } output_env_to_log() { date >> /conf/upgrade_log.txt echo "" >> /conf/upgrade_log.txt ls -lah /dev/ >> /conf/upgrade_log.txt echo "" >> /conf/upgrade_log.txt ls -lah $IMG >> /conf/upgrade_log.txt echo "" >> /conf/upgrade_log.txt md5 $IMG >> /conf/upgrade_log.txt echo "" >> /conf/upgrade_log.txt mount >> /conf/upgrade_log.txt echo "" >> /conf/upgrade_log.txt top >> /conf/upgrade_log.txt echo "" >> /conf/upgrade_log.txt } backup_chflags() { TOPROCESS="bin lib libexec sbin usr" for files in $TOPROCESS; do /usr/sbin/mtree -Pcp /${files} | bzip2 -9 > /tmp/chflags.dist.${files}.bz2 2>> /conf/upgrade_log.txt done } restore_chflags() { TOPROCESS="bin lib libexec sbin usr" for files in $TOPROCESS; do cd / && /usr/bin/bzcat /tmp/chflags.dist.${files}.bz2 | /usr/sbin/mtree -PU -p /${files} >> /conf/upgrade_log.txt 2>&1 done } remove_chflags() { TOPROCESS="bin lib libexec sbin usr" for files in $TOPROCESS; do /bin/chflags -R noschg /${files} /bin/chmod -R u+rw /${files} done } case $ACTION in pfSenseupgrade) # Sanity check - bail early if there's no firmware file! if [ ! -r $IMG ]; then echo "2nd parameter has not been passed or file does not exist. Exiting." >> /conf/upgrade_log.txt 2>&1 /usr/local/etc/rc.conf_mount_ro exit fi # wait 1 seconds before beginning sleep 1 # Log that we are really doing a pfSense upgrade echo "" >> /conf/upgrade_log.txt echo "pfSenseupgrade upgrade starting" >> /conf/upgrade_log.txt echo "" >> /conf/upgrade_log.txt touch /var/run/firmwarelock.dirty if [ -f /tmp/perform_full_backup.txt ]; then echo "Performing full backup" >> /conf/upgrade_log.txt /usr/local/etc/rc.create_full_backup rm /tmp/perform_full_backup.txt fi touch /conf/upgrade_log.txt echo "" >> /conf/upgrade_log.txt # Output environment information to log file output_env_to_log backup_chflags remove_chflags # Do we have a pre-upgrade hook in the update file? if [ `tar tvzf $IMG | grep /tmp/pre_upgrade_command | wc -l` -gt 0 ]; then tar xzvf $IMG -C / ./tmp/pre_upgrade_command >> /conf/upgrade_log.txt 2>&1 chmod a+rx /tmp/pre_upgrade_command >> /conf/upgrade_log.txt 2>&1 sh /tmp/pre_upgrade_command >> /conf/upgrade_log.txt 2>&1 fi echo "Firmware upgrade in progress..." >> /conf/upgrade_log.txt 2>&1 echo "Firmware upgrade in progress..." | wall /usr/local/etc/rc.notify_message -e -g -m "Firmware upgrade in progress..." # backup config [ -d /tmp/configbak ] && rm -rf /tmp/configbak /bin/mkdir -p /tmp/configbak cp -Rp /conf/* /tmp/configbak 2>/dev/null # Remove logs from backup dir to avoid clobbering upon restore. rm /tmp/configbak/*_log.txt 2>/dev/null # tar explode image onto hd ps -a | grep "configd" | awk '{print $1;}' | kill -9 echo "Installing $IMG." >> /conf/upgrade_log.txt 2>&1 cd / && /usr/bin/tar --exclude=./dev -xzUPf $IMG >> /conf/upgrade_log.txt 2>&1 /usr/local/opnsense/service/configd.py echo "Image installed $IMG." >> /conf/upgrade_log.txt 2>&1 # process custom image if its passed if [ $# -eq 3 ]; then if [ -f $CUSTOMIMG ]; then echo "Custom image $CUSTOMIMG found." >> /conf/upgrade_log.txt 2>&1 echo "Custom image ($CUSTOMIMG) found." >> /conf/upgrade_log.txt 2>&1 PWD_DIR=`pwd` cd / && /usr/bin/tar xzPUf $CUSTOMIMG >> /conf/upgrade_log.txt 2>&1 cd $PWD_DIR echo "Custom image $CUSTOMIMG installed." >> /conf/upgrade_log.txt 2>&1 fi fi # restore config cp -Rp /tmp/configbak/* /conf 2>/dev/null # restore /etc symlinks rm /etc/hosts ln -s /var/etc/hosts /etc/hosts restore_chflags # Remove upgrade file rm -f $IMG if [ -e /etc/init_bootloader.sh ]; then if [ ! -x /etc/init_bootloader.sh ]; then chmod ug+x /etc/init_bootloader.sh fi /etc/init_bootloader.sh >> /conf/upgrade_log.txt 2>&1 fi # If /tmp/post_upgrade_command exists after update # then execute the command. if [ -f /tmp/post_upgrade_command ]; then if [ ! -x /tmp/post_upgrade_command ]; then chmod ug+x /tmp/post_upgrade_command fi /tmp/post_upgrade_command >> /conf/upgrade_log.txt 2>&1 fi date >> /conf/upgrade_log.txt echo "" >> /conf/upgrade_log.txt # remount /cf ro /usr/local/etc/rc.conf_mount_ro # release the firmware lock rm -f /var/run/firmwarelock.dirty rm -f /var/run/firmware.lock /bin/sync echo "Firmware upgrade is complete. Rebooting in 10 seconds." >> /conf/upgrade_log.txt 2>&1 echo "Firmware upgrade is complete. Rebooting in 10 seconds." | wall /usr/local/etc/rc.notify_message -e -g -m "Firmware upgrade is complete. Rebooting in 10 seconds." # Sleep and allow disks to catch up sleep 10 # If the archive has unpacked a file called # /tmp/no_upgrade_reboot_required then do # not reboot after upgrade. if [ -f /tmp/no_upgrade_reboot_required ]; then rm /tmp/no_upgrade_reboot_required else . /usr/local/etc/rc.reboot fi ;; esac