|
1
|
#!/bin/sh
|
|
2
|
|
|
3
|
# /etc/rc - master bootup script, invokes php setup
|
|
4
|
# part of pfSense by Scott Ullrich
|
|
5
|
# Copyright (C) 2004 Scott Ullrich, All rights reserved.
|
|
6
|
# originally based on m0n0wall (http://neon1.net/m0n0wall)
|
|
7
|
# Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
|
|
8
|
# All rights reserved.
|
|
9
|
|
|
10
|
#/bin/stty status '^T'
|
|
11
|
#/bin/stty susp '^-' intr '^-' quit '^-'
|
|
12
|
|
|
13
|
#trap : 2
|
|
14
|
#trap : 3
|
|
15
|
|
|
16
|
# Set our operating platform
|
|
17
|
PLATFORM=`/bin/cat /etc/platform`
|
|
18
|
|
|
19
|
HOME=/
|
|
20
|
PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin
|
|
21
|
export HOME PATH
|
|
22
|
|
|
23
|
# Set our current version
|
|
24
|
version=`/bin/cat /etc/version`
|
|
25
|
|
|
26
|
if [ "$PLATFORM" = "cdrom" ]; then
|
|
27
|
/etc/rc.cdrom
|
|
28
|
fi
|
|
29
|
|
|
30
|
if [ "$PLATFORM" = "embedded" ]; then
|
|
31
|
/etc/rc.embedded
|
|
32
|
fi
|
|
33
|
|
|
34
|
if [ "$PLATFORM" = "nanobsd" ]; then
|
|
35
|
/etc/rc.embedded
|
|
36
|
fi
|
|
37
|
|
|
38
|
if [ "$PLATFORM" = "pfSense" ]; then
|
|
39
|
mdmfs -S -M -s 4m md /var/run
|
|
40
|
fi
|
|
41
|
|
|
42
|
product=`/bin/cat /etc/inc/globals.inc | /usr/bin/grep product_name | /usr/bin/cut -d'"' -f4`
|
|
43
|
hideplatform=`cat /etc/inc/globals.inc | grep hideplatform | wc -l`
|
|
44
|
|
|
45
|
if [ "$hideplatform" -gt "0" ]; then
|
|
46
|
platformbanner="" # hide the platform
|
|
47
|
else
|
|
48
|
platformbanner=" on the '${PLATFORM}' platform"
|
|
49
|
fi
|
|
50
|
|
|
51
|
echo
|
|
52
|
cat /etc/ascii-art/pfsense-logo-small.txt
|
|
53
|
echo
|
|
54
|
echo
|
|
55
|
echo "Welcome to ${product} ${version}${platformbanner}..."
|
|
56
|
echo
|
|
57
|
|
|
58
|
# Enable console output if its muted.
|
|
59
|
/sbin/conscontrol mute off >/dev/null
|
|
60
|
|
|
61
|
# Mount memory file system if it exists
|
|
62
|
echo -n "Mounting filesystems..."
|
|
63
|
/sbin/mount -a
|
|
64
|
|
|
65
|
# Mount /. If it fails run a fsck.
|
|
66
|
if [ ! "$PLATFORM" = "cdrom" ] ; then
|
|
67
|
/sbin/mount -uw / || (/sbin/fsck -fy; /sbin/mount -uw /)
|
|
68
|
|
|
69
|
# If /conf is a directory, convert it to a symlink
|
|
70
|
# to /cf/conf
|
|
71
|
if [ -d "/conf" ]; then
|
|
72
|
# If item is not a symlink then rm and recreate
|
|
73
|
CONFPOINTSTO=`readlink /conf`
|
|
74
|
if ! test "x$CONFPOINTSTO" = "x/cf/conf"; then
|
|
75
|
rm -rf /conf
|
|
76
|
ln -s /cf/conf /conf
|
|
77
|
fi
|
|
78
|
fi
|
|
79
|
fi
|
|
80
|
|
|
81
|
# Check to see if a compact flash mountpoint exists
|
|
82
|
# If it fails to mount then run a fsck -fy
|
|
83
|
if grep -q cf /etc/fstab; then
|
|
84
|
/sbin/mount -uw /cf || \
|
|
85
|
(/sbin/umount /cf; /sbin/fsck -fy /cf; /sbin/mount -w /cf)
|
|
86
|
fi
|
|
87
|
|
|
88
|
if [ "$PLATFORM" = "cdrom" ] ; then
|
|
89
|
# do nothing for cdrom platform
|
|
90
|
elif [ "$PLATFORM" = "embedded" ] ; then
|
|
91
|
# do nothing for embedded platform
|
|
92
|
elif [ "$PLATFORM" = "nanobsd" ] ; then
|
|
93
|
# Ensure that packages can be persistent across reboots
|
|
94
|
/bin/mkdir -p /root/var/db/pkg
|
|
95
|
rm -rf /var/db/pkg
|
|
96
|
ln -s /root/var/db/pkg/ /var/db/pkg
|
|
97
|
else
|
|
98
|
SWAPDEVICE=`cat /etc/fstab | grep swap | cut -f1`
|
|
99
|
/sbin/swapon -a 2>/dev/null >/dev/null
|
|
100
|
fi
|
|
101
|
echo " done."
|
|
102
|
|
|
103
|
echo -n "Creating symlinks..."
|
|
104
|
# Make sure symlink is correct on embedded
|
|
105
|
if [ "$PLATFORM" = "embedded" ] ; then
|
|
106
|
rm /conf
|
|
107
|
ln -s /cf/conf/ /conf
|
|
108
|
fi
|
|
109
|
|
|
110
|
# Make sure symlink is correct on embedded
|
|
111
|
if [ "$PLATFORM" = "nanobsd" ] ; then
|
|
112
|
rm /conf
|
|
113
|
ln -s /cf/conf/ /conf
|
|
114
|
fi
|
|
115
|
|
|
116
|
# Repair symlinks if they are broken
|
|
117
|
if [ ! -L /etc/syslog.conf ]; then
|
|
118
|
rm -rf /etc/syslog.conf
|
|
119
|
ln -s /var/etc/syslog.conf /etc/syslog.conf
|
|
120
|
fi
|
|
121
|
|
|
122
|
# Repair symlinks if they are broken
|
|
123
|
if [ ! -L /etc/hosts ]; then
|
|
124
|
rm -rf /etc/hosts
|
|
125
|
ln -s /var/etc/hosts /etc/hosts
|
|
126
|
fi
|
|
127
|
|
|
128
|
if [ ! -L /etc/resolv.conf ]; then
|
|
129
|
rm -rf /etc/resolv.conf
|
|
130
|
ln -s /var/etc/resolv.conf /etc/resolv.conf
|
|
131
|
fi
|
|
132
|
|
|
133
|
# Setup compatibility link for packages that
|
|
134
|
# have trouble overriding the PREFIX configure
|
|
135
|
# argument since we build our packages in a
|
|
136
|
# seperated PREFIX area
|
|
137
|
# Only create if symlink does not exist.
|
|
138
|
if [ ! -h /tmp/tmp ]; then
|
|
139
|
ln -hfs / /tmp/tmp
|
|
140
|
fi
|
|
141
|
|
|
142
|
# Make sure our /tmp is 777 + Sticky
|
|
143
|
chmod 1777 /tmp
|
|
144
|
|
|
145
|
# Malloc debugging check
|
|
146
|
if [ ! -L /etc/malloc.conf ]; then
|
|
147
|
ln -s aj /etc/malloc.conf
|
|
148
|
fi
|
|
149
|
|
|
150
|
if [ ! -L /etc/dhclient.conf ]; then
|
|
151
|
rm -rf /etc/dhclient.conf
|
|
152
|
fi
|
|
153
|
|
|
154
|
if [ ! -L /etc/sasyncd.conf ]; then
|
|
155
|
mkdir -p /var/etc/
|
|
156
|
touch /var/etc/sasyncd.conf
|
|
157
|
rm -rf /etc/sasyncd.conf
|
|
158
|
ln -s /var/etc/sasyncd.conf /etc/sasyncd.conf
|
|
159
|
chown root:wheel /var/etc/sasyncd.conf
|
|
160
|
chmod 0600 /var/etc/sasyncd.conf
|
|
161
|
fi
|
|
162
|
|
|
163
|
[ ! -d /var/tmp ] || mkdir -p /var/tmp 2>/dev/null
|
|
164
|
|
|
165
|
[ ! -d /cf/conf/backup/ ] || mkdir -p /cf/conf/backup/ 2>/dev/null
|
|
166
|
|
|
167
|
[ ! -f /var/db/ez-ipupdate.cache ] || touch /var/db/ez-ipupdate.cache 2>/dev/null
|
|
168
|
|
|
169
|
set -T
|
|
170
|
trap "echo 'Reboot interrupted'; exit 1" 3
|
|
171
|
|
|
172
|
# Remove old nameserver resolution files
|
|
173
|
rm -f /var/etc/nameserver*
|
|
174
|
|
|
175
|
# Create uploadbar tmp directory
|
|
176
|
mkdir -p /tmp/uploadbar
|
|
177
|
chmod 777 /tmp/uploadbar
|
|
178
|
|
|
179
|
# make some directories in /var
|
|
180
|
mkdir -p /var/run /var/log /var/etc /var/db/entropy /var/at/jobs/ /var/empty 2>/dev/null
|
|
181
|
rm /var/log/* 2>/dev/null
|
|
182
|
rm -rf /var/run/*
|
|
183
|
|
|
184
|
echo -n "."
|
|
185
|
# generate circular logfiles
|
|
186
|
if [ ! "$PLATFORM" = "cdrom" ]; then
|
|
187
|
clog -i -s 512144 /var/log/system.log
|
|
188
|
clog -i -s 512144 /var/log/filter.log
|
|
189
|
clog -i -s 65535 /var/log/dhcpd.log
|
|
190
|
clog -i -s 65535 /var/log/vpn.log
|
|
191
|
clog -i -s 65535 /var/log/openvpn.log
|
|
192
|
clog -i -s 65535 /var/log/portalauth.log
|
|
193
|
clog -i -s 65535 /var/log/ipsec.log
|
|
194
|
clog -i -s 65535 /var/log/slbd.log
|
|
195
|
clog -i -s 65535 /var/log/lighttpd.log
|
|
196
|
clog -i -s 65535 /var/log/ntpd.log
|
|
197
|
else
|
|
198
|
clog -i -s 65535 /var/log/system.log
|
|
199
|
clog -i -s 65535 /var/log/filter.log
|
|
200
|
clog -i -s 65535 /var/log/dhcpd.log
|
|
201
|
clog -i -s 65535 /var/log/vpn.log
|
|
202
|
clog -i -s 65535 /var/log/openvpn.log
|
|
203
|
clog -i -s 65535 /var/log/portalauth.log
|
|
204
|
clog -i -s 65535 /var/log/ipsec.log
|
|
205
|
clog -i -s 65535 /var/log/slbd.log
|
|
206
|
clog -i -s 65535 /var/log/ntpd.log
|
|
207
|
fi
|
|
208
|
|
|
209
|
# change permissions on newly created clog files.
|
|
210
|
chmod 0600 /var/log/system.log /var/log/filter.log /var/log/dhcpd.log /var/log/vpn.log /var/log/portalauth.log /var/log/slbd.log
|
|
211
|
|
|
212
|
echo -n "."
|
|
213
|
DEVFS=`mount | grep devfs | wc -l | cut -d" " -f8`
|
|
214
|
if [ "$DEVFS" = "0" ]; then
|
|
215
|
mount_devfs devfs /dev
|
|
216
|
fi
|
|
217
|
|
|
218
|
# Create an initial utmp file
|
|
219
|
cd /var/run && cp /dev/null utmp && chmod 644 utmp
|
|
220
|
|
|
221
|
echo -n "."
|
|
222
|
/sbin/ldconfig -elf /usr/lib /usr/local/lib /lib
|
|
223
|
|
|
224
|
# Make sure /etc/rc.conf doesn't exist.
|
|
225
|
if [ -f /etc/rc.conf ]; then
|
|
226
|
rm -rf /etc/rc.conf
|
|
227
|
fi
|
|
228
|
|
|
229
|
# Launching kbdmux(4)
|
|
230
|
if [ -f "/dev/kbdmux0" ]; then
|
|
231
|
echo -n "."
|
|
232
|
kbdcontrol -k /dev/kbdmux0 < /dev/console
|
|
233
|
[ -c "/dev/atkbd0" ] && kbdcontrol -a atkbd0 < /dev/console
|
|
234
|
[ -c "/dev/ukbd0" ] && kbdcontrol -a ukbd0 < /dev/console
|
|
235
|
fi
|
|
236
|
|
|
237
|
# Fire up unionfs if mount points exist.
|
|
238
|
if [ -f /dist/uniondirs ]; then
|
|
239
|
echo -n "."
|
|
240
|
/etc/rc.d/unionfs start
|
|
241
|
fi
|
|
242
|
|
|
243
|
echo "done."
|
|
244
|
|
|
245
|
# Recreate capabilities DB
|
|
246
|
cap_mkdb /etc/login.conf
|
|
247
|
|
|
248
|
if [ "$PLATFORM" = "nanobsd" -o "$PLATFORM" = "embedded" ]; then
|
|
249
|
upload_tmp_dir="/root"
|
|
250
|
else
|
|
251
|
upload_tmp_dir="/tmp"
|
|
252
|
fi
|
|
253
|
|
|
254
|
if [ "$PLATFORM" != "cdrom" ]; then
|
|
255
|
# Populate a dummy php.ini to avoid
|
|
256
|
# the file being clobbered and the firewall
|
|
257
|
# not being able to boot back up.
|
|
258
|
cat >/usr/local/lib/php.ini <<EOF
|
|
259
|
output_buffering = "0"
|
|
260
|
expose_php = Off
|
|
261
|
implicit_flush = true
|
|
262
|
magic_quotes_gpc = Off
|
|
263
|
max_execution_time = 99999999
|
|
264
|
max_input_time = 99999999
|
|
265
|
register_argc_argv = On
|
|
266
|
file_uploads = On
|
|
267
|
upload_tmp_dir = ${upload_tmp_dir}
|
|
268
|
upload_max_filesize = 90M
|
|
269
|
post_max_size = 90M
|
|
270
|
html_errors = Off
|
|
271
|
include_path = ".:/etc/inc:/usr/local/www:/usr/local/captiveportal:/usr/local/pkg"
|
|
272
|
apc.enabled="1"
|
|
273
|
apc.enable_cli="1"
|
|
274
|
apc.shm_size="30"
|
|
275
|
extension_dir=/usr/local/lib/php/extensions/no-debug-non-zts-20020429/
|
|
276
|
extension=apc.so
|
|
277
|
extension=bcmath.so
|
|
278
|
extension=ctype.so
|
|
279
|
extension=curl.so
|
|
280
|
extension=mbstring.so
|
|
281
|
extension=overload.so
|
|
282
|
extension=pcntl.so
|
|
283
|
extension=pcre.so
|
|
284
|
extension=posix.so
|
|
285
|
extension=radius.so
|
|
286
|
extension=readline.so
|
|
287
|
extension=session.so
|
|
288
|
extension=sysvsem.so
|
|
289
|
extension=tokenizer.so
|
|
290
|
extension=xml.so
|
|
291
|
|
|
292
|
EOF
|
|
293
|
fi
|
|
294
|
|
|
295
|
rm -f /cf/conf/backup/backup.cache
|
|
296
|
|
|
297
|
# Copy php.ini to alternate location after generation
|
|
298
|
cp /usr/local/lib/php.ini /usr/local/etc/php.ini
|
|
299
|
|
|
300
|
# let the PHP-based configuration subsystem set up the system now
|
|
301
|
echo -n "Launching the init system..."
|
|
302
|
/etc/rc.bootup
|
|
303
|
|
|
304
|
# If a shell was selected from recovery
|
|
305
|
# console then just drop to the shell now.
|
|
306
|
if [ -f "/tmp/donotbootup" ]; then
|
|
307
|
echo "Dropping to recovery shell."
|
|
308
|
exit 0
|
|
309
|
fi
|
|
310
|
|
|
311
|
echo -n "Starting CRON... "
|
|
312
|
cd /tmp && /usr/sbin/cron -s 2>/dev/null
|
|
313
|
echo "done."
|
|
314
|
|
|
315
|
# Start packages
|
|
316
|
/etc/rc.start_packages
|
|
317
|
|
|
318
|
rm -rf /usr/local/pkg/pf/CVS
|
|
319
|
|
|
320
|
# Remove stale files that have already been processed by bootup
|
|
321
|
# scripts
|
|
322
|
rm -f /tmp/filter_dirty
|
|
323
|
rm -f /tmp/rc.linkup
|
|
324
|
nohup /usr/bin/nice -n20 /usr/local/sbin/check_reload_status &
|
|
325
|
|
|
326
|
# Start ping handler for every 240 seconds
|
|
327
|
minicron 240 /var/run/ping_hosts.pid /usr/local/bin/ping_hosts.sh
|
|
328
|
|
|
329
|
/usr/local/bin/beep.sh start 2>&1 >/dev/null
|
|
330
|
|
|
331
|
# Reset the cache. read-only requires this.
|
|
332
|
rm /tmp/config.cache
|
|
333
|
|
|
334
|
/etc/rc.conf_mount_ro
|
|
335
|
|
|
336
|
echo "Bootup complete"
|
|
337
|
|
|
338
|
exit 0
|