/src/etc/pfSense-rc - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/src/etc/pfSense-rc @ 41a5ff1d

1	5b237745	Scott Ullrich	#!/bin/sh
2	ac24dc24	Renato Botelho	#
3			# pfSense-rc
4			#
5			# part of pfSense (https://www.pfsense.org)
6	81299b5c	Renato Botelho	# Copyright (c) 2004-2016 Rubicon Communications, LLC (Netgate)
7	ac24dc24	Renato Botelho	# All rights reserved.
8			#
9	e5cd29a0	Scott Ullrich	# originally based on m0n0wall (http://neon1.net/m0n0wall)
10	c5d81585	Renato Botelho	# Copyright (c) 2003-2004 Manuel Kasper <mk@neon1.net>.
11	5b237745	Scott Ullrich	# All rights reserved.
12	ac24dc24	Renato Botelho	#
13	b12ea3fb	Renato Botelho	# Licensed under the Apache License, Version 2.0 (the "License");
14			# you may not use this file except in compliance with the License.
15			# You may obtain a copy of the License at
16	ac24dc24	Renato Botelho	#
17	b12ea3fb	Renato Botelho	# http://www.apache.org/licenses/LICENSE-2.0
18	ac24dc24	Renato Botelho	#
19	b12ea3fb	Renato Botelho	# Unless required by applicable law or agreed to in writing, software
20			# distributed under the License is distributed on an "AS IS" BASIS,
21			# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
22			# See the License for the specific language governing permissions and
23			# limitations under the License.
24	d8a2ce2c	Scott Ullrich
25			#/bin/stty status '^T'
26			#/bin/stty susp '^-' intr '^-' quit '^-'
27
28			#trap : 2
29			#trap : 3
30	5b237745	Scott Ullrich
31			HOME=/
32	ce823053	Scott Ullrich	PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin
33	5b237745	Scott Ullrich	export HOME PATH
34
35	842878b5	Scott Ullrich	# Set our current version
36	e8d0903d	Ermal	version=`/bin/cat /etc/version`
37	842878b5	Scott Ullrich
38	5a0235ca	Renato Botelho	# Version patch
39			version_patch="0"
40			if [ -f /etc/version.patch ]; then
41			version_patch=`/bin/cat /etc/version.patch`
42			fi
43
44			if [ "${version_patch}" = "0" ]; then
45			version_patch=""
46			else
47			version_patch=" (Patch ${version_patch})"
48			fi
49
50	e4121dde	Renato Botelho	# Read product_name from $g, defaults to pfSense
51			# Use php -n here because we are not ready to load extensions yet
52			product=$(/usr/local/bin/php -n /usr/local/sbin/read_global_var product_name pfSense)
53	c580e34c	Renato Botelho
54	e5323cca	jim-p	# Setup dumpdev/ddb/savecore"
55			echo "Configuring crash dumps..."
56	dc61252a	Renato Botelho	/etc/rc.dumpon
57	e5323cca	jim-p
58	dc61252a	Renato Botelho	# Setup ddb on all platforms.
59	6346f188	jim-p	if [ ! -z "`sysctl -Nq debug.ddb.scripting.scripts`" ]; then
60	a7d88d2c	Renato Botelho	/sbin/ddb /etc/${product}-ddb.conf
61	6346f188	jim-p	fi
62
63	411f439a	Renato Botelho	fsck_forced_iterations=`/bin/kenv -q pfsense.fsck.force`
64	92a78939	jim-p	if [ ! -z "${fsck_forced_iterations}" ]; then
65			echo "Forcing filesystem check (${fsck_forced_iterations} times)..."
66			while [ ${fsck_forced_iterations} -gt 0 ]; do
67	cc82c328	Renato Botelho	/sbin/fsck -y -t ufs
68	92a78939	jim-p	fsck_forced_iterations=$((fsck_forced_iterations - 1))
69			done
70			fi
71
72			if [ -e /root/force_growfs ]; then
73			/etc/rc.d/growfs onestart
74	302c005e	Ermal	fi
75
76	60f164f3	Renato Botelho	FSCK_ACTION_NEEDED=0
77	cc82c328	Renato Botelho	/sbin/fsck -p
78	60f164f3	Renato Botelho	case $? in
79			0)
80			echo "Filesystems are clean, continuing..."
81			echo "Mounting filesystems..."
82			;;
83			8)
84			echo "Preen mode recommended running a check that will be performed now."
85			FSCK_ACTION_NEEDED=1
86			;;
87			*)
88			echo "Stopping boot is recommended because filesystem manual action is needed, nevertheless automated repair of the filesystem will be attempted."
89			FSCK_ACTION_NEEDED=1
90			;;
91			esac
92
93			if [ ${FSCK_ACTION_NEEDED} = 1 ]; then
94			echo "WARNING: Trying to recover filesystem from inconsistency..."
95	cc82c328	Renato Botelho	/sbin/fsck -y -t ufs
96	60f164f3	Renato Botelho	fi
97	842878b5	Scott Ullrich
98	60f164f3	Renato Botelho	/sbin/mount -a 2>/dev/null
99			mount_rc=$?
100			attempts=0
101	cc82c328	Renato Botelho	while [ ${mount_rc} -ne 0 -a ${attempts} -lt 10 ]; do
102			/sbin/fsck -y -t ufs
103	f2e36920	Ermal LUÇI	/sbin/mount -a 2>/dev/null
104			mount_rc=$?
105	60f164f3	Renato Botelho	attempts=$((attempts+1))
106			done
107	217935fe	Ermal LUÇI
108	cc82c328	Renato Botelho	if [ ${mount_rc} -ne 0 ]; then
109			echo "ERROR: Impossible to mount filesystem, use interactive shell to attempt to recover it"
110			/bin/sh
111			/sbin/reboot
112			fi
113
114	b712dd52	Renato Botelho	# Handle ZFS read-only case
115			/sbin/kldstat -qm zfs
116			if [ $? -eq 0 ]; then
117			ZFSFSAVAILABLE=$(/sbin/zfs mount 2>/dev/null \| wc -l)
118			if [ $ZFSFSAVAILABLE -eq 0 ]; then
119			/sbin/kldunload zfs
120			elif [ -f /usr/bin/grep ]; then
121			ZFSROOT=`/sbin/zfs mount \| /usr/bin/grep ' /$' \| /usr/bin/cut -d ' ' -f 1`
122			if [ "$ZFSROOT" != "" ]; then
123			/sbin/zfs set readonly=off $ZFSROOT
124			fi
125			fi
126			fi
127
128	60f164f3	Renato Botelho	# If /conf is a directory, convert it to a symlink to /cf/conf
129			if [ -d "/conf" ]; then
130			# If item is not a symlink then rm and recreate
131			CONFPOINTSTO=`readlink /conf`
132			if ! test "x$CONFPOINTSTO" = "x/cf/conf"; then
133			/bin/rm -rf /conf
134			/bin/ln -s /cf/conf /conf
135	c4995e62	Chris Buechler	fi
136	60f164f3	Renato Botelho	fi
137	efc0e29a	jim-p
138	60f164f3	Renato Botelho	USE_MFS_TMPVAR=$(/usr/local/sbin/read_xml_tag.sh boolean system/use_mfs_tmpvar)
139			unset MOVE_PKG_DATA
140	dc61252a	Renato Botelho	# If use MFS var is disabled, move files back to place
141			if [ "${USE_MFS_TMPVAR}" != "true" -a -f /root/var/db/pkg/local.sqlite ]; then
142			MOVE_PKG_DATA=1
143			rm -rf /var/db/pkg 2>/dev/null
144			rm -rf /var/cache/pkg 2>/dev/null
145	9bf6cdc1	Renato Botelho	mv -f /root/var/db/pkg /var/db
146			mv -f /root/var/cache/pkg /var/cache
147	dc61252a	Renato Botelho	# If use MFS var is enabled, move files to a safe place
148			elif [ "${USE_MFS_TMPVAR}" = "true" -a -f /var/db/pkg/local.sqlite ]; then
149	60f164f3	Renato Botelho	MOVE_PKG_DATA=1
150	9bf6cdc1	Renato Botelho	rm -rf /root/var/db/pkg 2>/dev/null
151			rm -rf /root/var/cache/pkg 2>/dev/null
152	dc61252a	Renato Botelho	/bin/mkdir -p /root/var/db /root/var/cache
153	9bf6cdc1	Renato Botelho	mv -f /var/db/pkg /root/var/db
154			mv -f /var/cache/pkg /root/var/cache
155	60f164f3	Renato Botelho	fi
156	e7c1f181	Renato Botelho
157	dc61252a	Renato Botelho	if [ "${USE_MFS_TMPVAR}" = "true" ]; then
158	60f164f3	Renato Botelho	/etc/rc.embedded
159			fi
160	e7c1f181	Renato Botelho
161	60f164f3	Renato Botelho	if [ -n "${MOVE_PKG_DATA}" -o "${USE_MFS_TMPVAR}" = "true" ]; then
162			/bin/mkdir -p /var/db /var/cache
163			ln -sf ../../root/var/db/pkg /var/db/pkg
164			ln -sf ../../root/var/cache/pkg /var/cache/pkg
165	c4995e62	Chris Buechler	fi
166
167	029d6129	NOYB	# Restore contents of the RAM disk store
168			/etc/rc.restore_ramdisk_store
169
170	9235b25e	Renato Botelho	# Make sure /home exists
171			[ -d /home ] \
172			\|\| mkdir /home
173
174	990fa101	jim-p	/bin/rm -f /root/force_fsck
175	2085c6de	jim-p	/bin/rm -f /root/TRIM_set
176			/bin/rm -f /root/TRIM_unset
177
178	92ac3b3d	jim-p	# Disable APM on ATA drives. Leaving this on will kill drives long-term, especially laptop drives, by generating excessive Load Cycles.
179	06fd1952	Ermal	if [ -f /etc/rc.disable_hdd_apm ]; then
180			/etc/rc.disable_hdd_apm
181			fi
182	92ac3b3d	jim-p
183	6990ad35	Phil Davis	# Eject CD devices on 3G modems
184	2f8782fe	smos	MANUFACTURER="huawei\|zte"
185			CDDEVICE=`dmesg \|egrep -ie "($MANUFACTURER)" \| awk -F: '/cd/ {print $1}'`
186			if [ "$CDDEVICE" != "" ]; then
187			cdcontrol -f /dev/"$CDDEVICE" eject
188			fi
189	793d3c96	smos
190	e4121dde	Renato Botelho	# Use php -n here because we are not ready to load extensions yet
191			varrunpath=$(/usr/local/bin/php -n /usr/local/sbin/read_global_var varrun_path "/var/run")
192	3d7639eb	Scott Ullrich
193	dc61252a	Renato Botelho	if [ "${USE_MFS_TMPVAR}" != "true" ]; then
194	7d3be92f	Ermal	/sbin/mdmfs -S -M -s 4m md $varrunpath
195			fi
196
197	1c44a77d	Scott Ullrich	echo
198	dd6c64d8	Renato Botelho	cat /usr/local/share/pfSense/ascii-art/pfsense-logo-small.txt
199	1c44a77d	Scott Ullrich	echo
200			echo
201	3f4a0df9	Renato Botelho	echo "Welcome to ${product} ${version}${version_patch}..."
202	1c44a77d	Scott Ullrich	echo
203
204	6fa9f38c	Renato Botelho	/sbin/conscontrol mute off >/dev/null
205	d5f60dba	Scott Ullrich
206	dc61252a	Renato Botelho	SWAPDEVICE=`/bin/cat /etc/fstab \| /usr/bin/grep swap \| /usr/bin/cut -f1`
207			/sbin/swapon -a 2>/dev/null >/dev/null
208			/etc/rc.savecore
209	5621d2d5	Scott Ullrich
210	080b4ce1	Ermal	# make some directories in /var
211	b6355bdc	jim-p	/bin/mkdir -p $varrunpath /var/log /var/etc /var/db/entropy /var/db/rrd /var/at/jobs/ /var/empty /var/log/nginx 2>/dev/null
212	c01bdca9	Renato Botelho	chmod 0555 /var/empty
213	080b4ce1	Ermal	/bin/rm -rf $varrunpath/*
214
215	9e9bc51c	Ermal	# Cleanup configuration files from previous instance
216			/bin/rm -rf /var/etc/*
217
218	96fcf698	Renato Botelho	# Workaround for ipsec symlinks, otherwise it's going to break
219			# strongswan pkg upgrade
220
221			if [ -L /usr/local/etc/ipsec.d ]; then
222			rm -f /usr/local/etc/ipsec.d
223			fi
224			if [ -L /usr/local/etc/ipsec.conf ]; then
225			rm -f /usr/local/etc/ipsec.conf
226			fi
227	47220a8c	Renato Botelho	if [ -L /usr/local/etc/strongswan.d ]; then
228			rm -f /usr/local/etc/strongswan.d
229			fi
230	96fcf698	Renato Botelho	if [ -L /usr/local/etc/strongswan.conf ]; then
231			rm -f /usr/local/etc/strongswan.conf
232			fi
233
234	fc84b222	Renato Botelho	# Remove deprecated symlinks - #5538
235			for f in /etc/hosts \
236			/etc/resolv.conf \
237			/etc/resolvconf.conf \
238			/etc/syslog.conf; do
239			if [ -L "${f}" ]; then
240			rm -f ${f}
241	9e9bc51c	Ermal	fi
242	fc84b222	Renato Botelho	done
243	30501526	Warren Baker
244	4be3f6cf	Seth Mos	# Make sure our /tmp is 777 + Sticky
245	e8d0903d	Ermal	/bin/chmod 1777 /tmp
246	0652f3ae	Seth Mos
247	6484bb83	Scott Ullrich	if [ ! -L /etc/dhclient.conf ]; then
248	e173dd74	Phil Davis	/bin/rm -rf /etc/dhclient.conf
249	6484bb83	Scott Ullrich	fi
250	c8fcdb2f	Scott Ullrich
251	544156a7	Scott Ullrich	if [ ! -d /var/tmp ]; then
252	e8d0903d	Ermal	/bin/mkdir -p /var/tmp
253	544156a7	Scott Ullrich	fi
254	fc1caa41	Renato Botelho	# Make sure our /var/tmp is 777 + Sticky
255			/bin/chmod 1777 /tmp
256	4aa70cd8	Scott Ullrich
257	5b237745	Scott Ullrich	set -T
258			trap "echo 'Reboot interrupted'; exit 1" 3
259
260	2e269da2	Scott Ullrich	echo -n "."
261	a5c36eb2	Renato Botelho	DISABLESYSLOGCLOG=$(/usr/local/sbin/read_xml_tag.sh boolean system/disablesyslogclog)
262	8acd1331	jim-p	LOG_FILES="system filter dhcpd vpn poes l2tps openvpn portalauth ipsec ppp relayd wireless nginx ntpd gateways resolver routing"
263	c7a3356e	jim-p
264	a5c36eb2	Renato Botelho	DEFAULT_LOG_FILE_SIZE=$(/usr/local/sbin/read_xml_tag.sh string syslog/logfilesize)
265			DEFAULT_LOG_FILE_SIZE=${DEFAULT_LOG_FILE_SIZE:-"511488"}
266	c7a3356e	jim-p
267	973b2663	Ermal	for logfile in $LOG_FILES; do
268	a5c36eb2	Renato Botelho	if [ "$DISABLESYSLOGCLOG" = "true" ]; then
269	973b2663	Ermal	/usr/bin/touch /var/log/$logfile.log
270	e173dd74	Phil Davis	else
271	973b2663	Ermal	if [ ! -f /var/log/$logfile.log ]; then
272	41df62c1	jim-p	/usr/local/sbin/clog -i -s ${DEFAULT_LOG_FILE_SIZE} /var/log/$logfile.log
273	e8197e56	Ermal	fi
274	e173dd74	Phil Davis	fi
275	973b2663	Ermal	done
276
277	41df62c1	jim-p	# change permissions on newly created log files.
278	e8d0903d	Ermal	/bin/chmod 0600 /var/log/*.log
279	8d418ca9	Scott Ullrich
280	2e269da2	Scott Ullrich	echo -n "."
281	6fa9f38c	Renato Botelho	DEVFS=`/sbin/mount \| /usr/bin/grep devfs \| /usr/bin/wc -l \| /usr/bin/cut -d" " -f8`
282			if [ "$DEVFS" = "0" ]; then
283			mount_devfs devfs /dev
284	f93c5384	Scott Ullrich	fi
285	5b237745	Scott Ullrich
286			# Create an initial utmp file
287	7d3be92f	Ermal	cd $varrunpath && /bin/cp /dev/null utmp && /bin/chmod 644 utmp
288	5b237745	Scott Ullrich
289	2e269da2	Scott Ullrich	echo -n "."
290	6fe4f291	Scott Ullrich	/sbin/ldconfig -elf /usr/lib /usr/local/lib /lib
291	05dd0c32	Ermal	/etc/rc.d/ldconfig start 2>/dev/null
292	c268f10f	Scott Ullrich
293	6fa9f38c	Renato Botelho	# Launching kbdmux(4)
294			if [ -f "/dev/kbdmux0" ]; then
295			echo -n "."
296			/usr/sbin/kbdcontrol -k /dev/kbdmux0 < /dev/console
297			[ -c "/dev/atkbd0" ] && kbdcontrol -a atkbd0 < /dev/console
298			[ -c "/dev/ukbd0" ] && kbdcontrol -a ukbd0 < /dev/console
299			fi
300	4e7b2b27	Scott Ullrich
301	6fa9f38c	Renato Botelho	# Fire up unionfs if mount points exist.
302			if [ -f /dist/uniondirs ]; then
303			echo -n "."
304			/etc/rc.d/unionfs start
305	b1ce7649	Scott Ullrich	fi
306	fa8f44ce	Scott Ullrich
307	2e269da2	Scott Ullrich	echo "done."
308	deff30cd	Scott Ullrich
309	ad0d7518	Scott Ullrich	# Recreate capabilities DB
310	416e6432	Ermal	/usr/bin/cap_mkdb /etc/login.conf
311	ad0d7518	Scott Ullrich
312	a5733f63	Renato Botelho	# Second upgrade stage
313			/usr/local/sbin/${product}-upgrade -y -b 2
314	842fc1e2	Renato Botelho
315	4ecaca5b	Renato Botelho	# Copy default openssl config file
316			[ -d /etc/ssl ] \
317			\|\| mkdir -p /etc/ssl
318			[ -f /usr/local/share/${product}/ssl/openssl.cnf ] \
319			&& cp -f /usr/local/share/${product}/ssl/openssl.cnf /etc/ssl
320	5051739d	Renato Botelho	mkdir -p /usr/local/openssl >/dev/null 2>&1
321			ln -sf /etc/ssl/openssl.cnf \
322			/usr/local/openssl/openssl.cnf
323	4ecaca5b	Renato Botelho
324	40e46009	Scott Ullrich	# Run the php.ini setup file and populate
325	3646fbcb	Renato Botelho	# /usr/local/etc/php.ini
326	aa840cf9	Scott Ullrich	/etc/rc.php_ini_setup 2>/tmp/php_errors.txt
327	3646fbcb	Renato Botelho	/usr/local/sbin/php-fpm -c /usr/local/etc/php.ini -y /usr/local/lib/php-fpm.conf -RD 2>&1 >/dev/null
328	0cf5aa69	Scott Ullrich
329	dc61252a	Renato Botelho	# Launch external configuration loader
330			/usr/local/sbin/fcgicli -f /etc/ecl.php
331	206f684d	Scott Ullrich
332	490615d3	Scott Ullrich	if [ -f /etc/rc.custom_boot_early ]; then
333			/bin/echo -n "Launching /etc/rc.custom_boot_early...";
334			/etc/rc.custom_boot_early
335			echo "Done"
336			fi
337
338	4aea91d8	Ermal	export fcgipath=/var/run/php-fpm.socket
339	01599e5e	Ermal	/usr/bin/nice -n20 /usr/local/sbin/check_reload_status
340	e8d0903d	Ermal
341	b406ae66	Scott Ullrich	# let the PHP-based configuration subsystem set up the system now
342	8e2eb65e	Scott Ullrich	echo -n "Launching the init system..."
343	e8d0903d	Ermal	/bin/rm -f /cf/conf/backup/backup.cache
344			/usr/bin/touch $varrunpath/booting
345	217935fe	Ermal LUÇI
346	ce9056f6	Renato Botelho	# Copy custom logo over if it's present
347			if [ -d /usr/local/share/${product}/custom_logos ]; then
348			cp -f /usr/local/share/${product}/custom_logos/*png \
349			/usr/local/www
350			fi
351
352	b406ae66	Scott Ullrich	/etc/rc.bootup
353
354	f658bac7	Ermal LUÇI	# /etc/rc.bootup unset $g['booting'], and removes file
355			# Be sure the file is removed to not create troubles after
356			if [ -f $varrunpath/booting ]; then
357			/bin/rm $varrunpath/booting
358			fi
359	5551d818	Renato Botelho
360	0c5e431d	Scott Ullrich	echo -n "Starting CRON... "
361	ea83ac64	Scott Ullrich	cd /tmp && /usr/sbin/cron -s 2>/dev/null
362	0c5e431d	Scott Ullrich	echo "done."
363	3e08b3c1	Scott Ullrich
364	5be5825e	Scott Ullrich	# Start packages
365	1590947b	Ermal	/usr/local/sbin/fcgicli -f /etc/rc.start_packages
366	3bd1bd72	Scott Ullrich
367	e8d0903d	Ermal	/bin/rm -rf /usr/local/pkg/pf/CVS
368	bc086d51	Scott Ullrich
369	0092b3bd	mgrooms	# Start ping handler every 240 seconds
370	7d3be92f	Ermal	/usr/local/bin/minicron 240 $varrunpath/ping_hosts.pid /usr/local/bin/ping_hosts.sh
371	f2025e91	Scott Ullrich
372	0092b3bd	mgrooms	# Start account expire handler every hour
373	1590947b	Ermal	/usr/local/bin/minicron 3600 $varrunpath/expire_accounts.pid '/usr/local/sbin/fcgicli -f /etc/rc.expireaccounts'
374	0092b3bd	mgrooms
375	f6ba4bd1	Scott Ullrich	# Start alias url updater every 24 hours
376	1590947b	Ermal	/usr/local/bin/minicron 86400 $varrunpath/update_alias_url_data.pid '/usr/local/sbin/fcgicli -f /etc/rc.update_alias_url_data'
377	f6ba4bd1	Scott Ullrich
378	c432da9c	Scott Ullrich	/bin/chmod a+rw /tmp/.
379	b569598b	Scott Ullrich
380	52398a6b	jim-p	# Check for GEOM mirrors
381			GMIRROR_STATUS=`/sbin/gmirror status`
382			if [ "${GMIRROR_STATUS}" != "" ]; then
383			# Using a flag file at bootup saves an expensive exec/check on each page load.
384			/usr/bin/touch /var/run/gmirror_active
385			# Setup monitoring/notifications
386			/usr/local/bin/minicron 60 /var/run/gmirror_status_check.pid /usr/local/sbin/gmirror_status_check.php
387			fi
388
389	a5733f63	Renato Botelho	/usr/local/sbin/${product}-upgrade -y -b 3
390
391	dcafc712	Adam Gibson	# Log product version to syslog
392	4982e61e	Adam Gibson	BUILDTIME=`cat /etc/version.buildtime`
393			ARCH=`uname -m`
394	dc61252a	Renato Botelho	echo "$product ${version}${version_patch} $ARCH $BUILDTIME"
395	4982e61e	Adam Gibson
396	e393a4a8	Scott Ullrich	echo "Bootup complete"
397	1ba9533c	Scott Ullrich
398	2d4be1c5	Scott Ullrich	/usr/local/bin/beep.sh start 2>&1 >/dev/null
399	e393a4a8	Scott Ullrich
400	4171fa68	Scott Ullrich	# Reset the cache. read-only requires this.
401	7734aea6	Andrew Thompson	/bin/rm -f /tmp/config.cache
402	4171fa68	Scott Ullrich
403	d35cf0de	Scott Ullrich	exit 0

Project

General

Profile

pfSense