Project

General

Profile

Download (14.5 KB) Statistics
| Branch: | Tag: | Revision:
1
#!/bin/sh
2

    
3
# /etc/rc.firmware
4
# originally part of m0n0wall (http://neon1.net/m0n0wall)
5
# Copyright (C) 2005-2009 Scott Ullrich <sullrich@pfsense.org>.
6
# Copyright (C) 2003 Manuel Kasper <mk@neon1.net>.
7
# All rights reserved.
8

    
9
# mount /cf
10
/etc/rc.conf_mount_rw
11

    
12
exec 3>&2 2>>/conf/firmware_update_misc.log
13

    
14
export ACTION=$1
15
export IMG=$2
16
if [ $# -eq 3 ]; then
17
	export CUSTOMIMG=$3
18
fi
19

    
20
if [ $ACTION != "upgrade" ]; then
21
	/sbin/umount -f /ftmp > /dev/null 2>&1
22
fi
23

    
24
file_notice() {
25
	/usr/local/bin/php -q -d auto_prepend_file=config.inc <<ENDOFF
26
	<?php
27
		require_once("globals.inc");		
28
		require_once("functions.inc");
29
		file_notice("$1", "$2", "$1", "");
30
	?>
31
ENDOFF
32
}
33

    
34
output_env_to_log() {
35
	date >> /conf/upgrade_log.txt
36
	echo "" >> /conf/upgrade_log.txt
37
	
38
	ls -lah /dev/ >> /conf/upgrade_log.txt
39
	echo "" >> /conf/upgrade_log.txt
40

    
41
	ls -lah $IMG >> /conf/upgrade_log.txt
42
	echo "" >> /conf/upgrade_log.txt
43

    
44
	md5 $IMG >> /conf/upgrade_log.txt
45
	echo "" >> /conf/upgrade_log.txt
46

    
47
	mount >> /conf/upgrade_log.txt
48
	echo "" >> /conf/upgrade_log.txt
49

    
50
	top >> /conf/upgrade_log.txt
51
	echo "" >> /conf/upgrade_log.txt
52
}
53

    
54
backup_chflags() {
55
	TOPROCESS="bin lib libexec sbin usr"
56
	for files in $TOPROCESS; do
57
		/usr/sbin/mtree -Pcp /${files} | bzip2 -9 > /tmp/chflags.dist.${files}.bz2 >> /conf/upgrade_log.txt 2>&1
58
	done
59
}
60

    
61
restore_chflags() {
62
	TOPROCESS="bin lib libexec sbin usr"
63
	for files in $TOPROCESS; do
64
		cd / && /usr/bin/bzcat /tmp/chflags.dist.${files}.bz2 | /usr/sbin/mtree -PU -p /${files} >> /conf/upgrade_log.txt 2>&1
65
	done
66
}
67

    
68
remove_chflags() {
69
	TOPROCESS="bin lib libexec sbin usr"
70
	for files in $TOPROCESS; do
71
		/bin/chflags -R noschg /${files}
72
		/bin/chmod -R u+rw /${files}
73
	done
74
}
75

    
76
binary_update() {
77
	TGZ=$1
78
	ERR_F="/tmp/bdiff.log"
79
	rm ${ERR_F} 2>/dev/null
80
	/bin/mkdir /tmp/patched /tmp/patches 2>>${ERR_F}
81
	backup_chflags
82
	remove_chflags
83
	cd /tmp/patches
84
	for i in `/usr/bin/tar tvzf $TGZ | egrep -v "(^d|_md5)" | nawk '{print $9;}'`;
85
	 do
86
	   FILE=`basename ${i}`
87
	   echo "Working on ${i}"
88
	   # Untar patch file and md5 files
89
	   /usr/bin/tar xzf ${TGZ} ${i} ${i}.old_file_md5 ${i}.new_patch_md5 ${i}.new_file_md5 2>>${ERR_F}
90

    
91
	   # Apply patch - oldfile newfile patchfile
92
	   /usr/local/bin/bspatch /${i} /tmp/patched/${FILE} /tmp/patches/${i} 2>>${ERR_F}
93

    
94
	   OLD_FILE_MD5=`cat /tmp/patches/${i}.old_file_md5 2>/dev/null`
95
	   NEW_PATCH_MD5=`cat /tmp/patches/${i}.new_patch_md5 2>/dev/null`
96
	   NEW_FILE_MD5=`cat /tmp/patches/${i}.new_file_md5 2>/dev/null`
97
	   PATCHED_MD5=`/sbin/md5 -q /tmp/patched/${FILE} 2>/dev/null`
98

    
99
	   if [ "$PATCHED_MD5" = "$NEW_PATCH_MD5" ]; then
100
		/usr/bin/install -S  /tmp/patched/${FILE} /${i}
101
	   else
102
		#echo "${i} file does not match intended final md5."
103
		echo "${i} file does not match intended final md5." >> ${ERR_F}
104
	   fi
105

    
106
	   /bin/rm /tmp/patched/${FILE} >> ${ERR_F}
107
	   /bin/rm /tmp/patches/${i} >> ${ERR_F}
108
	   /bin/rm /tmp/patches/${i}.* >> ${ERR_F}
109
	done
110
	/bin/rm -rf /tmp/patched /tmp/patches >> ${ERR_F}
111
	restore_chflags
112
}
113

    
114
case $ACTION in
115
enable)
116
	touch /conf/upgrade_log.txt
117
	echo "" >> /conf/upgrade_log.txt
118
	echo "Enable" >> /conf/upgrade_log.txt
119
	echo "" >> /conf/upgrade_log.txt		
120
	;;
121
auto)
122
	touch /var/run/firmwarelock.dirty
123
	backup_chflags
124
	remove_chflags
125
	/etc/rc.firmware_auto
126
	restore_chflags
127
	;;
128
pfSenseNanoBSDupgrade)
129

    
130
	# Sanity check - bail early if there's no firmware file!
131
	if [ ! -r $IMG ]; then
132
		echo "2nd parameter has not been passed or file does not exist. Exiting." >> /conf/upgrade_log.txt 2>&1
133
		/etc/rc.conf_mount_ro
134
		exit 1
135
	fi
136

    
137
	# Prevent full upgrade file from being used to upgrade
138
	if [ `echo $IMG | grep "full"` ]; then
139
		echo "You cannot use a full file for upgrade.  Please use a file labeled upgrade."
140
		file_notice "NanoBSDUpgradeFailure" "You have attemped to use a full NanoBSD installation file as an upgrade.  Please use a NanoBSD file labeled 'upgrade' instead."
141
		/etc/rc.conf_mount_ro		
142
		exit 1
143
	fi
144

    
145
	touch /var/run/firmwarelock.dirty
146

    
147
	echo "NanoBSD Firmware upgrade in progress..."  >> /conf/upgrade_log.txt 2>&1
148
	echo "NanoBSD Firmware upgrade in progress..." | wall
149

    
150
	# backup config
151
	/bin/mkdir -p /tmp/configbak
152
	cp -p /conf/* /tmp/configbak 2>/dev/null
153

    
154
	touch /conf/upgrade_log.txt
155
	echo "" >> /conf/upgrade_log.txt
156

    
157
	echo "Installing $IMG." >> /conf/upgrade_log.txt 2>&1
158
	echo "Installing $IMG." >> /conf/upgrade_log.txt
159

    
160
	# resolve glabel label that we booted from
161
	BOOT_DEVICE=`/sbin/mount | /usr/bin/grep pfsense | /usr/bin/cut -d'/' -f4 | /usr/bin/cut -d' ' -f1`
162
	# resolve glabel to the real boot dev entry
163
	REAL_BOOT_DEVICE=`/sbin/glabel list | /usr/bin/grep -B2 ufs/${BOOT_DEVICE} | /usr/bin/head -n 1 | /usr/bin/cut -f3 -d' '`
164
	# grab the boot device, example ad1, ad0
165
	BOOT_DRIVE=`/sbin/glabel list | /usr/bin/grep -B2 ufs/pfsense | /usr/bin/head -n 1 | /usr/bin/cut -f3 -d' ' | /usr/bin/cut -d's' -f1`
166
	# test the slice.  if we are on slice 1 we need to flash 2 and vica versa
167
	if [ `echo $REAL_BOOT_DEVICE | /usr/bin/grep "s1"` ]; then 
168
		SLICE="2"
169
		OLDSLICE="1"
170
		TOFLASH="${BOOT_DRIVE}s${SLICE}"
171
		COMPLETE_PATH="${BOOT_DRIVE}s${SLICE}a"
172
		GLABEL_SLICE="pfsense1"
173
		UFS_ID="1"
174
		OLD_UFS_ID="0"
175
	else
176
		SLICE="1"
177
		OLDSLICE="2"		
178
		TOFLASH="${BOOT_DRIVE}s${SLICE}"
179
		COMPLETE_PATH="${BOOT_DRIVE}s${SLICE}a"
180
		GLABEL_SLICE="pfsense0"
181
		UFS_ID="0"
182
		OLD_UFS_ID="1"
183
	fi
184

    
185
	# Output specifc information that this script is using
186
	echo "SLICE $SLICE" >> /conf/upgrade_log.txt
187
	echo "OLDSLICE $OLDSLICE" >> /conf/upgrade_log.txt
188
	echo "TOFLASH $TOFLASH" >> /conf/upgrade_log.txt
189
	echo "COMPLETE_PATH $COMPLETE_PATH" >> /conf/upgrade_log.txt
190
	echo "GLABEL_SLICE $GLABEL_SLICE" >> /conf/upgrade_log.txt
191

    
192
	# Output environment information to log file
193
	output_env_to_log
194
	
195
	# Grab a before upgrade look at fdisk
196
	echo "" >> /conf/upgrade_log.txt
197
	echo "Before upgrade fdisk/bsdlabel" >> /conf/upgrade_log.txt
198
	fdisk $BOOT_DRIVE >> /conf/upgrade_log.txt
199
	fdisk $BOOT_DRIVEs1 >> /conf/upgrade_log.txt
200
	fdisk $BOOT_DRIVEs1a >> /conf/upgrade_log.txt
201
	fdisk $BOOT_DRIVEs2 >> /conf/upgrade_log.txt
202
	fdisk $BOOT_DRIVEs2a >> /conf/upgrade_log.txt		
203
	fdisk $BOOT_DRIVEs3 >> /conf/upgrade_log.txt
204
	bsdlabel -A $BOOT_DRIVEs1 >> /conf/upgrade_log.txt
205
	bsdlabel -A $BOOT_DRIVEs2 >> /conf/upgrade_log.txt
206
	bsdlabel -A $BOOT_DRIVEs3 >> /conf/upgrade_log.txt
207
	echo "---------------------------------------------------------------" >> /conf/upgrade_log.txt
208
	echo "" >> /conf/upgrade_log.txt
209
	
210
	# Log that we are really doing a NanoBSD upgrade
211
	echo "" >> /conf/upgrade_log.txt
212
	echo "NanoBSD upgrade starting" >> /conf/upgrade_log.txt
213
	echo "" >> /conf/upgrade_log.txt
214
	
215
	# Foot shooting is fun!
216
	echo "" >> /conf/upgrade_log.txt
217
	echo "/sbin/sysctl kern.geom.debugflags=16" >> /conf/upgrade_log.txt
218
	/sbin/sysctl kern.geom.debugflags=16 >> /conf/upgrade_log.txt 2>&1
219

    
220
	# Remove TOFLASH and get ready for new flash image
221
	echo "" >> /conf/upgrade_log.txt
222
	echo "dd if=/dev/zero of=/dev/${TOFLASH} bs=1m count=1" >> /conf/upgrade_log.txt	
223
	dd if=/dev/zero of=/dev/${TOFLASH} bs=1m count=1 >> /conf/upgrade_log.txt 2>&1
224

    
225
	# Stream gzipped image to dd and explode image to new area
226
	echo "" >> /conf/upgrade_log.txt
227
	echo "/usr/bin/gzcat $IMG | /bin/dd of=/dev/${TOFLASH} bs=16k" >> /conf/upgrade_log.txt
228
	/usr/bin/gzcat $IMG | /bin/dd of=/dev/${TOFLASH} bs=16k >> /conf/upgrade_log.txt 2>&1
229

    
230
	# Grab a after upgrade look at fdisk
231
	echo "" >> /conf/upgrade_log.txt
232
	echo "After upgrade fdisk/bsdlabel" >> /conf/upgrade_log.txt
233
	fdisk $BOOT_DRIVE >> /conf/upgrade_log.txt
234
	fdisk $BOOT_DRIVEs1 >> /conf/upgrade_log.txt
235
	fdisk $BOOT_DRIVEs1a >> /conf/upgrade_log.txt
236
	fdisk $BOOT_DRIVEs2 >> /conf/upgrade_log.txt
237
	fdisk $BOOT_DRIVEs2a >> /conf/upgrade_log.txt		
238
	fdisk $BOOT_DRIVEs3 >> /conf/upgrade_log.txt
239
	bsdlabel -A $BOOT_DRIVEs1 >> /conf/upgrade_log.txt
240
	bsdlabel -A $BOOT_DRIVEs2 >> /conf/upgrade_log.txt
241
	bsdlabel -A $BOOT_DRIVEs3 >> /conf/upgrade_log.txt
242
	echo "---------------------------------------------------------------" >> /conf/upgrade_log.txt
243
	echo "" >> /conf/upgrade_log.txt
244
	
245
	# Ensure that our new system is sound and bail if it is not and file a notice
246
	echo "" >> /conf/upgrade_log.txt
247
	echo "/sbin/fsck_ffs -y /dev/$COMPLETE_PATH" >> /conf/upgrade_log.txt
248
	/sbin/fsck_ffs -y /dev/$COMPLETE_PATH >> /conf/upgrade_log.txt 2>&1
249
	if [ $? != 0 ]; then
250
		file_notice "UpgradeFailure" "{\$g['product_name']} upgrade has failed.   Your system has been left in a usable state."
251
		rm /var/run/firmwarelock.dirty
252
		/etc/rc.conf_mount_ro		
253
		exit 1
254
	fi
255

    
256
	# Add back the corresponding glabel
257
	echo "" >> /conf/upgrade_log.txt
258
	echo "/sbin/tunefs -L ${GLABEL_SLICE} /dev/$COMPLETE_PATH" >> /conf/upgrade_log.txt
259
	/sbin/tunefs -L ${GLABEL_SLICE} /dev/$COMPLETE_PATH >> /conf/upgrade_log.txt 2>&1
260

    
261
	# restore config
262
	cp -p /tmp/configbak/* /conf 2>/dev/null
263

    
264
	# Remove upgrade file
265
	rm -f $IMG
266

    
267
	# Mount newly prepared slice
268
	mkdir /tmp/$GLABEL_SLICE
269
	mount /dev/ufs/$GLABEL_SLICE /tmp/$GLABEL_SLICE
270

    
271
	# If /tmp/$GLABEL_SLICE/tmp/post_upgrade_command exists 
272
	# after update then execute the command.
273
	if [ -f /tmp/$GLABEL_SLICE/tmp/post_upgrade_command ]; then
274
		sh /tmp/$GLABEL_SLICE/tmp/post_upgrade_command >> /conf/upgrade_log.txt 2>&1
275
	fi
276

    
277
	# Update fstab
278
	cp /etc/fstab /tmp/$GLABEL_SLICE/etc/fstab
279
	sed -i "" "s/pfsense${OLD_UFS_ID}/pfsense${UFS_ID}/g" /tmp/$GLABEL_SLICE/etc/fstab
280
	if [ $? != 0 ]; then
281
		echo "Something went wrong when trying to update the fstab entry.  Aborting upgrade."
282
		file_notice "UpgradeFailure" "Something went wrong when trying to update the fstab entry.  Aborting upgrade."
283
		rm /var/run/firmwarelock.dirty
284
		umount /tmp/$GLABEL_SLICE
285
		/etc/rc.conf_mount_ro
286
		exit 1
287
	fi
288
	echo "" >> /conf/upgrade_log.txt
289
	cat /tmp/$GLABEL_SLICE/etc/fstab >> /conf/upgrade_log.txt
290

    
291
	# Unmount newly prepared slice
292
	umount /tmp/$GLABEL_SLICE
293

    
294
	# Set active mount slice in fdisk
295
	echo "" >> /conf/upgrade_log.txt
296
	echo "gpart set -a active -i ${SLICE} ${BOOT_DRIVE}" >> /conf/upgrade_log.txt
297
	gpart set -a active -i ${SLICE} ${BOOT_DRIVE}
298

    
299
	# Set active boot source
300
	echo "" >> /conf/upgrade_log.txt
301
	echo "/usr/sbin/boot0cfg -s ${SLICE} -v /dev/${BOOT_DRIVE}" >> /conf/upgrade_log.txt
302
	/usr/sbin/boot0cfg -s ${SLICE} -v /dev/${BOOT_DRIVE} >> /conf/upgrade_log.txt 2>&1
303

    
304
	# Grab a final look at fdisk
305
	echo "" >> /conf/upgrade_log.txt
306
	echo "Final upgrade fdisk/bsdlabel" >> /conf/upgrade_log.txt
307
	fdisk $BOOT_DRIVE >> /conf/upgrade_log.txt
308
	fdisk $BOOT_DRIVEs1 >> /conf/upgrade_log.txt
309
	fdisk $BOOT_DRIVEs1a >> /conf/upgrade_log.txt
310
	fdisk $BOOT_DRIVEs2 >> /conf/upgrade_log.txt
311
	fdisk $BOOT_DRIVEs2a >> /conf/upgrade_log.txt		
312
	fdisk $BOOT_DRIVEs3 >> /conf/upgrade_log.txt
313
	bsdlabel -A $BOOT_DRIVEs1 >> /conf/upgrade_log.txt
314
	bsdlabel -A $BOOT_DRIVEs2 >> /conf/upgrade_log.txt
315
	bsdlabel -A $BOOT_DRIVEs3 >> /conf/upgrade_log.txt
316
	echo "---------------------------------------------------------------" >> /conf/upgrade_log.txt
317
	echo "" >> /conf/upgrade_log.txt
318

    
319
	# Remove extra stuff
320
	rm -rf /etc/rc.conf
321
	rm -rf /etc/motd
322
	rm -rf /usr/savecore/*
323

    
324
	date >> /conf/upgrade_log.txt
325
	echo "" >> /conf/upgrade_log.txt
326

    
327
	# Trigger a package reinstallation on reobot
328
	touch /conf/needs_package_sync
329

    
330
	# Enough fun for now.
331
	echo "" >> /conf/upgrade_log.txt
332
	echo "/sbin/sysctl kern.geom.debugflags=0" >> /conf/upgrade_log.txt
333
	/sbin/sysctl kern.geom.debugflags=0 >> /conf/upgrade_log.txt 2>&1
334

    
335
	# remount /cf ro
336
	/etc/rc.conf_mount_ro
337
	/bin/sync
338

    
339
	sleep 10
340

    
341
	rm -f /var/run/firmwarelock.dirty
342
	sh /etc/rc.reboot
343

    
344
	;;
345
pfSenseupgrade)
346

    
347
	# Sanity check - bail early if there's no firmware file!
348
	if [ ! -r $IMG ]; then
349
		echo "2nd parameter has not been passed or file does not exist. Exiting." >> /conf/upgrade_log.txt 2>&1
350
		/etc/rc.conf_mount_ro
351
		exit
352
	fi
353

    
354
	# wait 1 seconds before beginning
355
	sleep 1
356

    
357
	# Log that we are really doing a NanoBSD upgrade
358
	echo "" >> /conf/upgrade_log.txt
359
	echo "NanoBSD upgrade starting" >> /conf/upgrade_log.txt
360
	echo "" >> /conf/upgrade_log.txt
361

    
362
	touch /var/run/firmwarelock.dirty
363

    
364
	touch /conf/upgrade_log.txt
365
	echo "" >> /conf/upgrade_log.txt
366

    
367
	# Output environment information to log file
368
	output_env_to_log
369

    
370
	backup_chflags
371
	remove_chflags
372

    
373
	# Do we have a pre-upgrade hook in the update file?
374
	if [ `tar tvzf $IMG | grep /tmp/pre_upgrade_command | wc -l` -gt 0 ]; then 
375
		tar xzvf $IMG -C / ./tmp/pre_upgrade_command >> /conf/upgrade_log.txt 2>&1
376
		chmod a+rx /tmp/pre_upgrade_command >> /conf/upgrade_log.txt 2>&1
377
		sh /tmp/pre_upgrade_command >> /conf/upgrade_log.txt 2>&1
378
	fi
379

    
380
	echo "Firmware upgrade in progress..."  >> /conf/upgrade_log.txt 2>&1
381
	echo "Firmware upgrade in progress..."  | wall
382

    
383
	# backup config
384
	/bin/mkdir -p /tmp/configbak
385
	cp -p /conf/* /tmp/configbak 2>/dev/null
386

    
387
	# tar explode image onto hd
388
	echo "Installing $IMG." >> /conf/upgrade_log.txt 2>&1
389
	cd / && /usr/bin/tar xzUPf $IMG >> /conf/upgrade_log.txt 2>&1
390
	/usr/bin/find / -name CVS -exec rm -fr {} \;
391
	echo "Image installed $IMG." >> /conf/upgrade_log.txt 2>&1
392

    
393
    # process custom image if its passed
394
    if [ $# -eq 3 ]; then
395
	    if [ -f $CUSTOMIMG ]; then
396
	        echo "Custom image $CUSTOMIMG found." >> /conf/upgrade_log.txt 2>&1
397
	        echo "Custom image ($CUSTOMIMG) found." >> /conf/upgrade_log.txt 2>&1
398
	        PWD_DIR=`pwd`
399
	        cd / && /usr/bin/tar xzPUf $CUSTOMIMG >> /conf/upgrade_log.txt 2>&1
400
	        cd $PWD_DIR
401
	        echo "Custom image $CUSTOMIMG installed." >> /conf/upgrade_log.txt 2>&1
402
	    fi
403
    fi
404

    
405
	# restore config
406
	cp -p /tmp/configbak/* /conf 2>/dev/null
407

    
408
	# restore /etc symlinks
409
	rm /etc/hosts
410
	ln -s /var/etc/hosts /etc/hosts
411

    
412
	restore_chflags
413

    
414
	# Remove upgrade file
415
	rm -f $IMG
416

    
417
	if [ -e /etc/init_bootloader.sh ]; then
418
		sh /etc/init_bootloader.sh >> /conf/upgrade_log.txt 2>&1
419
	fi
420

    
421
	# If /tmp/post_upgrade_command exists after update
422
	# then execute the command.
423
	if [ -f /tmp/post_upgrade_command ]; then
424
		sh /tmp/post_upgrade_command >> /conf/upgrade_log.txt 2>&1
425
	fi
426

    
427
	# remove unused files
428
	rm -rf /etc/rc.conf
429
	rm -rf /etc/motd
430
	rm -rf /usr/savecore/*
431

    
432
	date >> /conf/upgrade_log.txt
433
	echo "" >> /conf/upgrade_log.txt
434

    
435
	# remount /cf ro
436
	/etc/rc.conf_mount_ro
437

    
438
	# release the firmware lock
439
	rm -f /var/run/firmwarelock.dirty
440
	/bin/sync
441

    
442
	# Sleep and allow disks to catch up
443
	sleep 10
444

    
445
	# If the archive has unpacked a file called
446
	# /tmp/no_upgrade_reboot_required then do
447
	# not reboot after upgrade.
448
	if [ -f /tmp/no_upgrade_reboot_required ]; then
449
		rm /tmp/no_upgrade_reboot_required
450
	else
451
		rm -f /var/run/config.lock
452
		sh /etc/rc.reboot
453
	fi
454

    
455
	;;
456
delta_update)
457
	touch /var/run/firmwarelock.dirty
458
	backup_chflags
459
	remove_chflags
460
	binary_update $IMG
461
	restore_chflags
462
	rm -rf /etc/rc.conf
463
	rm -rf /etc/motd
464
	find / -name CVS -type d -exec rm {} \;
465
	rm -rf /usr/savecore/*
466
	/etc/rc.conf_mount_ro
467
	/sbin/umount -f /cf 2>/dev/null
468
	/sbin/mount -r /cf 2>/dev/null
469
	/sbin/umount -f / 2>/dev/null
470
	/sbin/mount -r / 2>/dev/null
471
	if [ -e /etc/init_bootloader.sh ]; then
472
		sh /etc/init_bootloader.sh
473
	fi
474

    
475
	;;
476
esac
477

    
478

    
(44-44/87)