| 1 |
e5aeaeb6
|
jim-p
|
#!/bin/sh
|
| 2 |
396a2796
|
jim-p
|
# part of pfSense (https://www.pfsense.org)
|
| 3 |
a68f7a3d
|
Luiz Otavio O Souza
|
# Copyright (c) 2017-2024 Rubicon Communications, LLC (Netgate)
|
| 4 |
e5aeaeb6
|
jim-p
|
# All rights reserved.
|
| 5 |
|
|
#
|
| 6 |
396a2796
|
jim-p
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
| 7 |
|
|
# you may not use this file except in compliance with the License.
|
| 8 |
|
|
# You may obtain a copy of the License at
|
| 9 |
e5aeaeb6
|
jim-p
|
#
|
| 10 |
396a2796
|
jim-p
|
# http://www.apache.org/licenses/LICENSE-2.0
|
| 11 |
|
|
#
|
| 12 |
|
|
# Unless required by applicable law or agreed to in writing, software
|
| 13 |
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
| 14 |
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
| 15 |
|
|
# See the License for the specific language governing permissions and
|
| 16 |
|
|
# limitations under the License.
|
| 17 |
e5aeaeb6
|
jim-p
|
#
|
| 18 |
|
|
# $FreeBSD$
|
| 19 |
|
|
|
| 20 |
|
|
# Recover config.xml
|
| 21 |
|
|
|
| 22 |
|
|
# Create a mount point and a place to store the recovered configuration
|
| 23 |
|
|
recovery_mount=/tmp/mnt_recovery
|
| 24 |
|
|
recovery_dir=/tmp/recovered_config
|
| 25 |
|
|
mkdir -p ${recovery_mount}
|
| 26 |
|
|
mkdir -p ${recovery_dir}
|
| 27 |
|
|
|
| 28 |
|
|
# Find list of potential target disks, which must be FreeBSD and either UFS or ZFS
|
| 29 |
|
|
target_disks=`/sbin/gpart show -p | /usr/bin/awk '/(freebsd-ufs|freebsd-zfs)/ {print $3;}'`
|
| 30 |
|
|
|
| 31 |
|
|
target_list=""
|
| 32 |
|
|
for try_device in ${target_disks} ; do
|
| 33 |
|
|
# Add filesystem details (type and size)
|
| 34 |
|
|
fs_details="`/sbin/gpart show -p | /usr/bin/grep \"[[:space:]]${try_device}[[:space:]]\" | /usr/bin/awk '{print $4, $5;}'`"
|
| 35 |
|
|
|
| 36 |
|
|
# Add this disk to the list of potential targets
|
| 37 |
|
|
target_list="${target_list} \"${try_device}\" \"${fs_details}\""
|
| 38 |
|
|
done
|
| 39 |
|
|
|
| 40 |
|
|
# Display a menu with all of the disk choices located above
|
| 41 |
|
|
if [ -n "${target_list}" ]; then
|
| 42 |
|
|
exec 3>&1
|
| 43 |
c0cacc1f
|
Kristof Provost
|
recover_disk_choice=`echo ${target_list} | xargs -o bsddialog --backtitle "pfSense Installer" \
|
| 44 |
4ebb9c8d
|
Viktor G
|
--title "Recover config.xml and SSH keys" \
|
| 45 |
e5aeaeb6
|
jim-p
|
--menu "Select the partition containing config.xml" \
|
| 46 |
|
|
0 0 0 2>&1 1>&3` || exit 1
|
| 47 |
|
|
exec 3>&-
|
| 48 |
|
|
else
|
| 49 |
|
|
echo "No suitable disk partitions found."
|
| 50 |
|
|
fi
|
| 51 |
|
|
|
| 52 |
|
|
recover_disk=${recover_disk_choice}
|
| 53 |
|
|
|
| 54 |
|
|
# If the user made a choice, try to recover
|
| 55 |
|
|
if [ -n "${recover_disk}" ] ; then
|
| 56 |
|
|
# Find the filesystem type of the selected partition
|
| 57 |
|
|
fs_type="`/sbin/gpart show -p | /usr/bin/grep \"[[:space:]]${recover_disk}[[:space:]]\" | /usr/bin/awk '{print $4;}'`"
|
| 58 |
|
|
# Remove "freebsd-", leaving us with either "ufs" or "zfs".
|
| 59 |
|
|
fs_type=${fs_type#freebsd-}
|
| 60 |
|
|
|
| 61 |
|
|
echo "Attempting to recover config.xml from ${recover_disk}."
|
| 62 |
|
|
if [ "${fs_type}" == "ufs" ]; then
|
| 63 |
|
|
# UFS Recovery, attempt to mount but also attempt cleanup if it fails.
|
| 64 |
|
|
|
| 65 |
|
|
mount_command="/sbin/mount -t ${fs_type} /dev/${recover_disk} ${recovery_mount}"
|
| 66 |
|
|
${mount_command} 2>/dev/null
|
| 67 |
|
|
mount_rc=$?
|
| 68 |
|
|
attempts=0
|
| 69 |
|
|
|
| 70 |
4864d7f6
|
Josh Soref
|
# Try to run fsck up to 10 times and remount, in case the partition is dirty and needs cleanup
|
| 71 |
e5aeaeb6
|
jim-p
|
while [ ${mount_rc} -ne 0 -a ${attempts} -lt 10 ]; do
|
| 72 |
|
|
echo "Unable to mount ${recover_disk}, running a disk check and retrying."
|
| 73 |
|
|
/sbin/fsck -y -t ${fs_type} ${recover_disk}
|
| 74 |
|
|
${mount_command} 2>/dev/null
|
| 75 |
|
|
mount_rc=$?
|
| 76 |
|
|
attempts=$((attempts+1))
|
| 77 |
|
|
done
|
| 78 |
|
|
if [ ${mount_rc} -ne 0 ]; then
|
| 79 |
|
|
echo "Unable to mount ${recover_disk} for config.xml recovery."
|
| 80 |
|
|
exit 1
|
| 81 |
|
|
fi
|
| 82 |
|
|
else
|
| 83 |
|
|
# ZFS Recovery works different than UFS, needs special handling
|
| 84 |
|
|
if [ "${fs_type}" == "zfs" ]; then
|
| 85 |
|
|
# Load KLD for ZFS support
|
| 86 |
|
|
/sbin/kldload zfs
|
| 87 |
c5eea399
|
jim-p
|
|
| 88 |
|
|
# Import pool with alternate mount.
|
| 89 |
|
|
if /sbin/zpool import | /usr/bin/awk '/pool:/ {print $2}' | /usr/bin/grep -q pfSense; then
|
| 90 |
|
|
# If the pool name is pfSense, it's the new style layout
|
| 91 |
|
|
pool_name="pfSense"
|
| 92 |
|
|
else
|
| 93 |
|
|
# Old pool name
|
| 94 |
|
|
pool_name="zroot"
|
| 95 |
|
|
fi
|
| 96 |
|
|
|
| 97 |
|
|
/sbin/zpool import -R ${recovery_mount} -f ${pool_name}
|
| 98 |
d440bb6a
|
jim-p
|
zpool_import=$?
|
| 99 |
|
|
if [ ${zpool_import} -eq 0 ]; then
|
| 100 |
|
|
# Mount the default root directory of the previous install
|
| 101 |
c5eea399
|
jim-p
|
# to get /etc for SSH keys (new and old) and config.xml (old)
|
| 102 |
|
|
/sbin/mount -t zfs ${pool_name}/ROOT/default ${recovery_mount}
|
| 103 |
|
|
|
| 104 |
|
|
if [ ! -d ${recovery_mount}/cf/conf ]; then
|
| 105 |
|
|
# New layout has /cf as its own dataset and doesn't need its
|
| 106 |
|
|
# root mounted manually to reach it, but it may not be mounted
|
| 107 |
|
|
# automatically
|
| 108 |
|
|
unmount_cf="yes"
|
| 109 |
|
|
/bin/mkdir -p ${recovery_mount}/cf
|
| 110 |
|
|
/sbin/mount -t zfs ${pool_name}/ROOT/default/cf ${recovery_mount}/cf
|
| 111 |
|
|
fi
|
| 112 |
d440bb6a
|
jim-p
|
fi
|
| 113 |
e5aeaeb6
|
jim-p
|
fi
|
| 114 |
|
|
fi
|
| 115 |
|
|
|
| 116 |
|
|
# In either FS type case, the previous root is now mounted under ${recovery_mount}, so check for a config
|
| 117 |
|
|
if [ -r ${recovery_mount}/cf/conf/config.xml -a -s ${recovery_mount}/cf/conf/config.xml ]; then
|
| 118 |
|
|
/bin/cp ${recovery_mount}/cf/conf/config.xml ${recovery_dir}/config.xml
|
| 119 |
|
|
echo "Recovered config.xml from ${recover_disk}, stored in ${recovery_dir}."
|
| 120 |
c5eea399
|
jim-p
|
else
|
| 121 |
|
|
echo "${recover_disk} does not contain a readable config.xml for recovery."
|
| 122 |
|
|
fi
|
| 123 |
|
|
|
| 124 |
|
|
if [ -d ${recovery_mount}/etc/ssh ]; then
|
| 125 |
|
|
for keytype in rsa ed25519; do
|
| 126 |
|
|
if [ -s ${recovery_mount}/etc/ssh/ssh_host_${keytype}_key -a -s ${recovery_mount}/etc/ssh/ssh_host_${keytype}_key.pub ]; then
|
| 127 |
4ebb9c8d
|
Viktor G
|
/bin/cp ${recovery_mount}/etc/ssh/ssh_host_${keytype}_key ${recovery_dir}/ssh_host_${keytype}_key
|
| 128 |
|
|
/bin/cp ${recovery_mount}/etc/ssh/ssh_host_${keytype}_key.pub ${recovery_dir}/ssh_host_${keytype}_key.pub
|
| 129 |
|
|
echo "Recovered ${keytype} SSH key from ${recover_disk}, stored in ${recovery_dir}."
|
| 130 |
|
|
fi
|
| 131 |
|
|
done
|
| 132 |
e5aeaeb6
|
jim-p
|
fi
|
| 133 |
|
|
|
| 134 |
|
|
# Cleanup. Unmount the disk partition.
|
| 135 |
c5eea399
|
jim-p
|
if [ -n "${unmount_cf}" ]; then
|
| 136 |
|
|
/sbin/umount ${recovery_mount}/cf 2>/dev/null
|
| 137 |
|
|
fi
|
| 138 |
|
|
/sbin/umount ${recovery_mount} 2>/dev/null
|
| 139 |
e5aeaeb6
|
jim-p
|
|
| 140 |
|
|
# ZFS cleanup, export the pool and then unload ZFS KLD.
|
| 141 |
|
|
if [ "${fs_type}" == "zfs" ]; then
|
| 142 |
c5eea399
|
jim-p
|
/sbin/zpool export -f ${pool_name}
|
| 143 |
e5aeaeb6
|
jim-p
|
/sbin/kldunload zfs
|
| 144 |
|
|
fi
|
| 145 |
|
|
fi
|