/src/etc/pfSense-rc - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/src/etc/pfSense-rc @ ffcb4247

1	5b237745	Scott Ullrich	#!/bin/sh
2	ac24dc24	Renato Botelho	#
3			# pfSense-rc
4			#
5			# part of pfSense (https://www.pfsense.org)
6	38809d47	Renato Botelho do Couto	# Copyright (c) 2004-2013 BSD Perimeter
7			# Copyright (c) 2013-2016 Electric Sheep Fencing
8	402c98a2	Reid Linnemann	# Copyright (c) 2014-2023 Rubicon Communications, LLC (Netgate)
9	ac24dc24	Renato Botelho	# All rights reserved.
10			#
11	e5cd29a0	Scott Ullrich	# originally based on m0n0wall (http://neon1.net/m0n0wall)
12	c5d81585	Renato Botelho	# Copyright (c) 2003-2004 Manuel Kasper <mk@neon1.net>.
13	5b237745	Scott Ullrich	# All rights reserved.
14	ac24dc24	Renato Botelho	#
15	b12ea3fb	Renato Botelho	# Licensed under the Apache License, Version 2.0 (the "License");
16			# you may not use this file except in compliance with the License.
17			# You may obtain a copy of the License at
18	ac24dc24	Renato Botelho	#
19	b12ea3fb	Renato Botelho	# http://www.apache.org/licenses/LICENSE-2.0
20	ac24dc24	Renato Botelho	#
21	b12ea3fb	Renato Botelho	# Unless required by applicable law or agreed to in writing, software
22			# distributed under the License is distributed on an "AS IS" BASIS,
23			# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
24			# See the License for the specific language governing permissions and
25			# limitations under the License.
26	d8a2ce2c	Scott Ullrich
27			#/bin/stty status '^T'
28			#/bin/stty susp '^-' intr '^-' quit '^-'
29
30			#trap : 2
31			#trap : 3
32	5b237745	Scott Ullrich
33			HOME=/
34	ce823053	Scott Ullrich	PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin
35	5b237745	Scott Ullrich	export HOME PATH
36
37	55f81e30	Phil Davis	get_version ()
38			{
39			# Set our current version
40			version=`/bin/cat /etc/version`
41
42			# Version patch
43			version_patch="0"
44			if [ -f /etc/version.patch ]; then
45			version_patch=`/bin/cat /etc/version.patch`
46			fi
47	842878b5	Scott Ullrich
48	55f81e30	Phil Davis	if [ "${version_patch}" = "0" ]; then
49			version_patch=""
50			else
51			version_patch=" (Patch ${version_patch})"
52			fi
53			}
54	5a0235ca	Renato Botelho
55	55f81e30	Phil Davis	get_version
56	5a0235ca	Renato Botelho
57	b4a6c702	Christian McDonald	# Read product_name from $g, defaults to pfSense
58			# Use php -n here because we are not ready to load extensions yet
59			product_name=$(/usr/local/bin/php -n /usr/local/sbin/read_global_var product_name pfSense)
60			product_label=$(/usr/local/bin/php -n /usr/local/sbin/read_global_var product_label pfSense)
61
62	e5323cca	jim-p	# Setup dumpdev/ddb/savecore"
63			echo "Configuring crash dumps..."
64	dc61252a	Renato Botelho	/etc/rc.dumpon
65	e5323cca	jim-p
66	92a78939	jim-p	if [ -e /root/force_growfs ]; then
67	f1f9d341	Brad Davis	/sbin/gpart show mmcsd0 2> /dev/null \| grep -q freebsd-zfs
68	662693da	Brad Davis	if [ $? -eq 0 ]; then
69	53af9233	Brad Davis	/sbin/zpool status pfSense \| grep -q mmcsd0 > /dev/null
70			if [ $? -eq 0 ]; then
71			echo "Clearing ZFS label before expanding"
72			/sbin/zpool labelclear /dev/mmcsd0
73			fi
74	662693da	Brad Davis	fi
75	92a78939	jim-p	/etc/rc.d/growfs onestart
76	302c005e	Ermal	fi
77
78	1b21bfdb	Luiz Souza	#
79	286cd231	Luiz Souza	# The file system needs to be unmounted to guarantee a clean operation of fsck.
80			# Pending changes can keep the file system dirty until all the cached data is
81			# flushed to the disk.
82			#
83			/sbin/mount -ur /
84	1b21bfdb	Luiz Souza
85			fsck_forced_iterations=`/bin/kenv -q pfsense.fsck.force`
86			if [ ! -z "${fsck_forced_iterations}" ]; then
87			echo "Forcing filesystem check (${fsck_forced_iterations} times)..."
88			while [ ${fsck_forced_iterations} -gt 0 ]; do
89	8d90b875	Luiz Souza	/sbin/fsck -fy -t ufs
90	1b21bfdb	Luiz Souza	fsck_forced_iterations=$((fsck_forced_iterations - 1))
91			done
92			fi
93
94	3f9f1892	Renato Botelho do Couto	fsck_fix_flag_file="/.fix_for_SA-19-10.ufs"
95
96	73730497	Renato Botelho do Couto	# Apply fix for https://www.freebsd.org/security/advisories/FreeBSD-SA-19:10.ufs.asc
97	1a72011e	Renato Botelho do Couto	unset fsck_fix_applied
98	3f9f1892	Renato Botelho do Couto	unset skip_fsck_fix
99			unset fsck_fix_count
100			if [ -f ${fsck_fix_flag_file} ]; then
101			if ! awk '{print $3}' /etc/fstab \| grep -q ufs; then
102			echo "Fix for FreeBSD-SA-19:10.ufs is not needed in this system"
103			skip_fsck_fix=1
104			else
105			fsck_fix_count=$(cat ${fsck_fix_flag_file})
106			echo "Applying fix for FreeBSD-SA-19:10.ufs"
107			/sbin/fsck -t ufs -f -p -T ufs:-z >/dev/null 2>&1
108			if [ $? -eq 0 ]; then
109			fsck_fix_applied=1
110			fi
111	1a72011e	Renato Botelho do Couto	fi
112	73730497	Renato Botelho do Couto	fi
113
114	3f9f1892	Renato Botelho do Couto	# Set it to 0 if it's empty
115			fsck_fix_count=${fsck_fix_count:-0}
116
117	60f164f3	Renato Botelho	FSCK_ACTION_NEEDED=0
118	cc82c328	Renato Botelho	/sbin/fsck -p
119	60f164f3	Renato Botelho	case $? in
120			0)
121			echo "Filesystems are clean, continuing..."
122			echo "Mounting filesystems..."
123			;;
124	feeb0581	Renato Botelho	8\|16)
125	60f164f3	Renato Botelho	echo "Preen mode recommended running a check that will be performed now."
126			FSCK_ACTION_NEEDED=1
127			;;
128			*)
129			echo "Stopping boot is recommended because filesystem manual action is needed, nevertheless automated repair of the filesystem will be attempted."
130			FSCK_ACTION_NEEDED=1
131			;;
132			esac
133
134			if [ ${FSCK_ACTION_NEEDED} = 1 ]; then
135			echo "WARNING: Trying to recover filesystem from inconsistency..."
136	8d90b875	Luiz Souza	/sbin/fsck -fy -t ufs
137	60f164f3	Renato Botelho	fi
138	842878b5	Scott Ullrich
139	60f164f3	Renato Botelho	/sbin/mount -a 2>/dev/null
140			mount_rc=$?
141			attempts=0
142	cc82c328	Renato Botelho	while [ ${mount_rc} -ne 0 -a ${attempts} -lt 10 ]; do
143	8d90b875	Luiz Souza	/sbin/fsck -fy -t ufs
144	f2e36920	Ermal LUÇI	/sbin/mount -a 2>/dev/null
145			mount_rc=$?
146	60f164f3	Renato Botelho	attempts=$((attempts+1))
147			done
148	217935fe	Ermal LUÇI
149	cc82c328	Renato Botelho	if [ ${mount_rc} -ne 0 ]; then
150			echo "ERROR: Impossible to mount filesystem, use interactive shell to attempt to recover it"
151			/bin/sh
152			/sbin/reboot
153			fi
154
155	262e6900	Christian McDonald	. /etc/rc.ramdisk_functions.sh
156
157	b712dd52	Renato Botelho	# Handle ZFS read-only case
158	fcf164d6	Renato Botelho	unset USE_ZFS
159			if /sbin/kldstat -qm zfs; then
160	b712dd52	Renato Botelho	ZFSFSAVAILABLE=$(/sbin/zfs mount 2>/dev/null \| wc -l)
161			if [ $ZFSFSAVAILABLE -eq 0 ]; then
162			/sbin/kldunload zfs
163	fcf164d6	Renato Botelho	else
164			USE_ZFS=1
165			ZFSROOT=$(/sbin/zfs mount \| /usr/bin/awk '$2 == "/" {print $1}')
166			if [ -n "$ZFSROOT" ]; then
167	b712dd52	Renato Botelho	/sbin/zfs set readonly=off $ZFSROOT
168			fi
169	fcf164d6	Renato Botelho	/sbin/zfs mount -a
170	635dcc69	jim-p	# If /bootpool is present, then there is an additional zfs pool to import
171			# See https://redmine.pfsense.org/issues/8063
172			if [ -d /bootpool ]; then
173			/sbin/zpool import -f bootpool
174			fi
175	db6e63dd	Christian McDonald	# We need to handle ZFS boot environments here
176	262e6900	Christian McDonald	_be_mount_zfs
177	b712dd52	Renato Botelho	fi
178			fi
179
180	60f164f3	Renato Botelho	# If /conf is a directory, convert it to a symlink to /cf/conf
181			if [ -d "/conf" ]; then
182			# If item is not a symlink then rm and recreate
183			CONFPOINTSTO=`readlink /conf`
184			if ! test "x$CONFPOINTSTO" = "x/cf/conf"; then
185			/bin/rm -rf /conf
186			/bin/ln -s /cf/conf /conf
187	c4995e62	Chris Buechler	fi
188	60f164f3	Renato Botelho	fi
189	efc0e29a	jim-p
190	42ed3b9d	Jim Pingle	# Sanity check the clock
191			/etc/rc.checkclock
192
193	82bf21fc	jim-p	# Check if RAM disks are enabled, store for repeated use
194			if ramdisk_check_enabled; then
195			USE_RAMDISK=true
196	60f164f3	Renato Botelho	fi
197	e7c1f181	Renato Botelho
198	262e6900	Christian McDonald	# Relocate pkgdb on UFS based on desired RAM disk settings
199			if [ -z "${USE_ZFS}" ]; then
200			ramdisk_relocate_pkgdb_all
201			fi
202	5d81840b	Renato Botelho
203	82bf21fc	jim-p	# Dismount /tmp and /var on ZFS if using RAM disks and they are separate volumes
204			if [ -n "${USE_ZFS}" -a -n "${USE_RAMDISK}" ]; then
205	262e6900	Christian McDonald	ramdisk_fixup_zfs_unmount
206	5d81840b	Renato Botelho	fi
207
208	82bf21fc	jim-p	# Attempt to create and mount RAM disks
209			if [ -n "${USE_RAMDISK}" ]; then
210	60f164f3	Renato Botelho	/etc/rc.embedded
211	b4a6c702	Christian McDonald	# Remount the correct subordinate ZFS datasets to ensure they are used properly
212			if [ -n "${USE_ZFS}" ]; then
213			_be_mount_zfs
214			fi
215	60f164f3	Renato Botelho	fi
216	e7c1f181	Renato Botelho
217	262e6900	Christian McDonald	# If RAM disks are active, make symlinks for pkg database on UFS
218	82bf21fc	jim-p	if [ -n "${USE_RAMDISK}" -o -n "${MOVE_PKG_DATA}" ]; then
219	262e6900	Christian McDonald	if [ -z "${USE_ZFS}" ]; then
220			ramdisk_link_pkgdb
221			fi
222	82bf21fc	jim-p	fi
223
224			# If activating RAM disks failed, then undo some of the above actions
225			if [ -n "${USE_RAMDISK}" ] && ramdisk_failed; then
226	262e6900	Christian McDonald	ramdisk_fixup_zfs_mount
227			if [ -z "${USE_ZFS}" ]; then
228			ramdisk_relocate_pkgdb disk
229			fi
230	82bf21fc	jim-p	else
231			ramdisk_reset_status
232	c4995e62	Chris Buechler	fi
233
234	05871043	jim-p	# Setup ddb on all platforms.
235			if [ ! -z "`sysctl -Nq debug.ddb.scripting.scripts`" ]; then
236	573ec19d	Renato Botelho do Couto	/sbin/ddb /etc/${product_name}-ddb.conf
237	05871043	jim-p	fi
238
239	029d6129	NOYB	# Restore contents of the RAM disk store
240			/etc/rc.restore_ramdisk_store
241
242	9235b25e	Renato Botelho	# Make sure /home exists
243			[ -d /home ] \
244			\|\| mkdir /home
245
246	990fa101	jim-p	/bin/rm -f /root/force_fsck
247	e9034b15	Renato Botelho	/bin/rm -f /root/force_growfs
248	2085c6de	jim-p	/bin/rm -f /root/TRIM_set
249			/bin/rm -f /root/TRIM_unset
250
251	92ac3b3d	jim-p	# Disable APM on ATA drives. Leaving this on will kill drives long-term, especially laptop drives, by generating excessive Load Cycles.
252	06fd1952	Ermal	if [ -f /etc/rc.disable_hdd_apm ]; then
253			/etc/rc.disable_hdd_apm
254			fi
255	92ac3b3d	jim-p
256	6990ad35	Phil Davis	# Eject CD devices on 3G modems
257	2f8782fe	smos	MANUFACTURER="huawei\|zte"
258			CDDEVICE=`dmesg \|egrep -ie "($MANUFACTURER)" \| awk -F: '/cd/ {print $1}'`
259			if [ "$CDDEVICE" != "" ]; then
260			cdcontrol -f /dev/"$CDDEVICE" eject
261			fi
262	793d3c96	smos
263	e4121dde	Renato Botelho	# Use php -n here because we are not ready to load extensions yet
264			varrunpath=$(/usr/local/bin/php -n /usr/local/sbin/read_global_var varrun_path "/var/run")
265	3d7639eb	Scott Ullrich
266	82bf21fc	jim-p	if ! ramdisk_is_active; then
267	3ff300c6	jim-p	/sbin/mount -o rw,size=4m,mode=1777 -t tmpfs tmpfs $varrunpath
268	7d3be92f	Ermal	fi
269
270	1c44a77d	Scott Ullrich	echo
271	dd6c64d8	Renato Botelho	cat /usr/local/share/pfSense/ascii-art/pfsense-logo-small.txt
272	1c44a77d	Scott Ullrich	echo
273			echo
274	573ec19d	Renato Botelho do Couto	echo "Welcome to ${product_label} ${version}${version_patch}..."
275	1c44a77d	Scott Ullrich	echo
276
277	6fa9f38c	Renato Botelho	/sbin/conscontrol mute off >/dev/null
278	d5f60dba	Scott Ullrich
279	d36e5a49	jim-p	SWAPDEVICE=`/bin/cat /etc/fstab \| /usr/bin/grep swap \| /usr/bin/cut -f1 \| /usr/bin/head -n 1`
280	d988e0bb	Luiz Souza	if [ -n "${SWAPDEVICE}" ]; then
281	d36e5a49	jim-p	/bin/rm -f /tmp/fstab.swap
282			if ! [ -c ${SWAPDEVICE} ]; then
283	14d47037	jim-p	# Keep the original device, in case it is special, such as encrypted+mirrored zfs swap
284			echo "${SWAPDEVICE} none swap sw 0 0" >> /tmp/fstab.swap
285			# The swap device in fstab does not exist, look for other valid entries and update fstab
286			for SWAPLABEL in /dev/label/swap* /dev/mirror/swap*; do
287			if [ -c ${SWAPLABEL} ]; then
288			echo "${SWAPLABEL} none swap sw 0 0" >> /tmp/fstab.swap
289			fi
290	d36e5a49	jim-p	done
291			else
292			/bin/cp /etc/fstab /tmp/fstab.swap
293			fi
294			/sbin/swapon -F /tmp/fstab.swap -a 2>/dev/null >/dev/null
295	d988e0bb	Luiz Souza	/etc/rc.savecore
296			fi
297	5621d2d5	Scott Ullrich
298	080b4ce1	Ermal	# make some directories in /var
299	b6355bdc	jim-p	/bin/mkdir -p $varrunpath /var/log /var/etc /var/db/entropy /var/db/rrd /var/at/jobs/ /var/empty /var/log/nginx 2>/dev/null
300	3e20b9ca	Phil Davis
301			# turn off the immutable flag, set /var/empty to read-only, make it immutable again
302			chflags noschg /var/empty
303	c01bdca9	Renato Botelho	chmod 0555 /var/empty
304	3e20b9ca	Phil Davis	chflags schg /var/empty
305
306	080b4ce1	Ermal	/bin/rm -rf $varrunpath/*
307
308	9e9bc51c	Ermal	# Cleanup configuration files from previous instance
309			/bin/rm -rf /var/etc/*
310
311	96fcf698	Renato Botelho	# Workaround for ipsec symlinks, otherwise it's going to break
312			# strongswan pkg upgrade
313
314			if [ -L /usr/local/etc/ipsec.d ]; then
315			rm -f /usr/local/etc/ipsec.d
316			fi
317			if [ -L /usr/local/etc/ipsec.conf ]; then
318			rm -f /usr/local/etc/ipsec.conf
319			fi
320	47220a8c	Renato Botelho	if [ -L /usr/local/etc/strongswan.d ]; then
321			rm -f /usr/local/etc/strongswan.d
322			fi
323	96fcf698	Renato Botelho	if [ -L /usr/local/etc/strongswan.conf ]; then
324			rm -f /usr/local/etc/strongswan.conf
325			fi
326
327	fc84b222	Renato Botelho	# Remove deprecated symlinks - #5538
328			for f in /etc/hosts \
329			/etc/resolv.conf \
330			/etc/resolvconf.conf \
331			/etc/syslog.conf; do
332			if [ -L "${f}" ]; then
333			rm -f ${f}
334	9e9bc51c	Ermal	fi
335	fc84b222	Renato Botelho	done
336	30501526	Warren Baker
337	4be3f6cf	Seth Mos	# Make sure our /tmp is 777 + Sticky
338	e8d0903d	Ermal	/bin/chmod 1777 /tmp
339	0652f3ae	Seth Mos
340	6484bb83	Scott Ullrich	if [ ! -L /etc/dhclient.conf ]; then
341	e173dd74	Phil Davis	/bin/rm -rf /etc/dhclient.conf
342	6484bb83	Scott Ullrich	fi
343	c8fcdb2f	Scott Ullrich
344	544156a7	Scott Ullrich	if [ ! -d /var/tmp ]; then
345	e8d0903d	Ermal	/bin/mkdir -p /var/tmp
346	544156a7	Scott Ullrich	fi
347	fc1caa41	Renato Botelho	# Make sure our /var/tmp is 777 + Sticky
348	bc8eedaa	Renato Botelho	/bin/chmod 1777 /var/tmp
349	4aa70cd8	Scott Ullrich
350	5b237745	Scott Ullrich	set -T
351			trap "echo 'Reboot interrupted'; exit 1" 3
352
353	2e269da2	Scott Ullrich	echo -n "."
354	49967ae7	jim-p	LOG_FILES="system filter dhcpd vpn poes l2tps openvpn auth portalauth ipsec ppp wireless nginx ntpd gateways resolver routing"
355	c7a3356e	jim-p
356	973b2663	Ermal	for logfile in $LOG_FILES; do
357	f9e8c833	jim-p	/usr/bin/touch /var/log/${logfile}.log
358	973b2663	Ermal	done
359
360	41df62c1	jim-p	# change permissions on newly created log files.
361	e8d0903d	Ermal	/bin/chmod 0600 /var/log/*.log
362	8d418ca9	Scott Ullrich
363	2e269da2	Scott Ullrich	echo -n "."
364	6fa9f38c	Renato Botelho	DEVFS=`/sbin/mount \| /usr/bin/grep devfs \| /usr/bin/wc -l \| /usr/bin/cut -d" " -f8`
365			if [ "$DEVFS" = "0" ]; then
366			mount_devfs devfs /dev
367	f93c5384	Scott Ullrich	fi
368	5b237745	Scott Ullrich
369			# Create an initial utmp file
370	7d3be92f	Ermal	cd $varrunpath && /bin/cp /dev/null utmp && /bin/chmod 644 utmp
371	5b237745	Scott Ullrich
372	2e269da2	Scott Ullrich	echo -n "."
373	6fe4f291	Scott Ullrich	/sbin/ldconfig -elf /usr/lib /usr/local/lib /lib
374	05dd0c32	Ermal	/etc/rc.d/ldconfig start 2>/dev/null
375	c268f10f	Scott Ullrich
376	6fa9f38c	Renato Botelho	# Launching kbdmux(4)
377			if [ -f "/dev/kbdmux0" ]; then
378			echo -n "."
379			/usr/sbin/kbdcontrol -k /dev/kbdmux0 < /dev/console
380			[ -c "/dev/atkbd0" ] && kbdcontrol -a atkbd0 < /dev/console
381			[ -c "/dev/ukbd0" ] && kbdcontrol -a ukbd0 < /dev/console
382			fi
383	4e7b2b27	Scott Ullrich
384	6fa9f38c	Renato Botelho	# Fire up unionfs if mount points exist.
385			if [ -f /dist/uniondirs ]; then
386			echo -n "."
387			/etc/rc.d/unionfs start
388	b1ce7649	Scott Ullrich	fi
389	fa8f44ce	Scott Ullrich
390	2e269da2	Scott Ullrich	echo "done."
391	deff30cd	Scott Ullrich
392	ad0d7518	Scott Ullrich	# Recreate capabilities DB
393	416e6432	Ermal	/usr/bin/cap_mkdb /etc/login.conf
394	ad0d7518	Scott Ullrich
395	10511c3b	Renato Botelho	if [ -f /cf/conf/needs_package_sync ]; then
396	5f1becd8	Renato Botelho	skip_packages=1
397	747b31dc	Renato Botelho	fi
398
399	a5733f63	Renato Botelho	# Second upgrade stage
400	5f1becd8	Renato Botelho	[ -z "$skip_packages" ] \
401	573ec19d	Renato Botelho do Couto	&& /usr/local/sbin/${product_name}-upgrade -y -U -b 2
402	842fc1e2	Renato Botelho
403	b8fd0558	Steve Beaver	# Copy default openssl config file and Netgate CA
404	4ecaca5b	Renato Botelho	[ -d /etc/ssl ] \
405			\|\| mkdir -p /etc/ssl
406	573ec19d	Renato Botelho do Couto	[ -f /usr/local/share/${product_name}/ssl/openssl.cnf ] \
407			&& cp -f /usr/local/share/${product_name}/ssl/openssl.cnf /etc/ssl
408	5051739d	Renato Botelho	mkdir -p /usr/local/openssl >/dev/null 2>&1
409			ln -sf /etc/ssl/openssl.cnf \
410			/usr/local/openssl/openssl.cnf
411	4ecaca5b	Renato Botelho
412	b8fd0558	Steve Beaver	[ -f /usr/local/share/${product_name}/ssl/netgate-ca.pem ] \
413			&& cp -f /usr/local/share/${product_name}/ssl/netgate-ca.pem /etc/ssl
414
415	40e46009	Scott Ullrich	# Run the php.ini setup file and populate
416	3646fbcb	Renato Botelho	# /usr/local/etc/php.ini
417	aa840cf9	Scott Ullrich	/etc/rc.php_ini_setup 2>/tmp/php_errors.txt
418	3646fbcb	Renato Botelho	/usr/local/sbin/php-fpm -c /usr/local/etc/php.ini -y /usr/local/lib/php-fpm.conf -RD 2>&1 >/dev/null
419	0cf5aa69	Scott Ullrich
420	dc61252a	Renato Botelho	# Launch external configuration loader
421	f976cb6a	Viktor G	/etc/rc.ecl
422	206f684d	Scott Ullrich
423	490615d3	Scott Ullrich	if [ -f /etc/rc.custom_boot_early ]; then
424			/bin/echo -n "Launching /etc/rc.custom_boot_early...";
425			/etc/rc.custom_boot_early
426			echo "Done"
427			fi
428
429	4aea91d8	Ermal	export fcgipath=/var/run/php-fpm.socket
430	01599e5e	Ermal	/usr/bin/nice -n20 /usr/local/sbin/check_reload_status
431	e8d0903d	Ermal
432	b406ae66	Scott Ullrich	# let the PHP-based configuration subsystem set up the system now
433	8e2eb65e	Scott Ullrich	echo -n "Launching the init system..."
434	e8d0903d	Ermal	/bin/rm -f /cf/conf/backup/backup.cache
435			/usr/bin/touch $varrunpath/booting
436	217935fe	Ermal LUÇI
437	ce9056f6	Renato Botelho	# Copy custom logo over if it's present
438	573ec19d	Renato Botelho do Couto	if [ -d /usr/local/share/${product_name}/custom_logos ]; then
439			cp -f /usr/local/share/${product_name}/custom_logos/*svg \
440	ce9056f6	Renato Botelho	/usr/local/www
441	573ec19d	Renato Botelho do Couto	cp -f /usr/local/share/${product_name}/custom_logos/*css \
442	c8735982	Renato Botelho	/usr/local/www/css
443	ce9056f6	Renato Botelho	fi
444
445	1b20a4a6	Renato Botelho	# Apply CPU microcode update
446			[ -x /usr/local/etc/rc.d/microcode_update ] \
447			&& /usr/local/etc/rc.d/microcode_update onestart
448
449	0f880c80	Renato Botelho do Couto	if [ -n "${skip_fsck_fix}" ]; then
450			rm -f ${fsck_fix_flag_file}
451			elif [ -f ${fsck_fix_flag_file} ]; then
452			# fsck fix already applied
453			if [ -n "${fsck_fix_applied}" ]; then
454			touch /cf/conf/applied_fix_for_SA-19-10.ufs
455			rm -f ${fsck_fix_flag_file}
456			elif [ ${fsck_fix_count} -ge 3 ]; then
457			echo "ERROR: fsck fix for SA-19-10 failed to apply..."
458			sleep 5
459			rm -f ${fsck_fix_flag_file}
460			else
461			# if / is UFS, reroot instead of reboot
462			root_fstype=$(mount -p / \| awk '{print $3}')
463			unset reroot
464			if [ "${root_fstype}" = "ufs" ]; then
465			reroot="-r"
466			fi
467
468			# fsck fix failed, increment escape counter to avoid infinite
469			# loop on a system with a broken filesystem
470			fsck_fix_count=$((fsck_fix_count+1))
471
472			echo "${fsck_fix_count}" > ${fsck_fix_flag_file}
473
474			# fsck binary was old and didn't have -z option, then reboot
475			# and run again
476			echo "fsck needs to run to fix SA-10-10. Rebooting..."
477			/etc/rc.reboot ${reroot}
478			exit 0
479			fi
480			fi
481
482	b406ae66	Scott Ullrich	/etc/rc.bootup
483
484	f658bac7	Ermal LUÇI	# /etc/rc.bootup unset $g['booting'], and removes file
485			# Be sure the file is removed to not create troubles after
486			if [ -f $varrunpath/booting ]; then
487			/bin/rm $varrunpath/booting
488			fi
489	5551d818	Renato Botelho
490	e53c0bf4	Renato Botelho do Couto	if [ -n "${USE_ZFS}" ]; then
491	e804230c	Brad Davis	# Create ZFS reservation
492			if [ ! -f /.no_zfs_reservation ]; then
493	56b1a253	Brad Davis	zpool list -o name pfSense > /dev/null 2>&1 && ZPOOL=pfSense
494			zpool list -o name zroot > /dev/null 2>&1 && ZPOOL=zroot
495			if [ -n "${ZPOOL}" ]; then
496			zfs list -Hp -o name -t filesystem \| grep -q ${ZPOOL}/reservation
497			if [ $? -ne 0 ]; then
498			AVAIL=$( zfs list -Hpo avail ${ZPOOL} )
499			RESSIZE=$( zfs list -Hpo avail,used ${ZPOOL} \| awk -v CONVFMT='%.0f' '{printf ( $1 + $2 ) * 0.1 "\n"}' )
500			if [ $(( ${AVAIL} / 2 )) -gt ${RESSIZE} ]; then
501			logger "Creating ZFS reservation of ${RESSIZE} bytes on ${ZPOOL}"
502			zfs create -o reservation=${RESSIZE} ${ZPOOL}/reservation
503			else
504			logger "Not enough space to create reservation on ${ZPOOL}; ${AVAIL} / 2 is not greater than ${RESSIZE} bytes"
505			fi
506	e804230c	Brad Davis	fi
507			fi
508			fi
509			fi
510
511	0c5e431d	Scott Ullrich	echo -n "Starting CRON... "
512	ea83ac64	Scott Ullrich	cd /tmp && /usr/sbin/cron -s 2>/dev/null
513	0c5e431d	Scott Ullrich	echo "done."
514	3e08b3c1	Scott Ullrich
515	e8d0903d	Ermal	/bin/rm -rf /usr/local/pkg/pf/CVS
516	bc086d51	Scott Ullrich
517	0092b3bd	mgrooms	# Start ping handler every 240 seconds
518	7d3be92f	Ermal	/usr/local/bin/minicron 240 $varrunpath/ping_hosts.pid /usr/local/bin/ping_hosts.sh
519	f2025e91	Scott Ullrich
520	a3d2c861	jim-p	# Start IPsec keep alive handler every 300 seconds
521			/usr/local/bin/minicron 300 $varrunpath/ipsec_keepalive.pid /usr/local/bin/ipsec_keepalive.php
522
523	0092b3bd	mgrooms	# Start account expire handler every hour
524	1590947b	Ermal	/usr/local/bin/minicron 3600 $varrunpath/expire_accounts.pid '/usr/local/sbin/fcgicli -f /etc/rc.expireaccounts'
525	0092b3bd	mgrooms
526	f6ba4bd1	Scott Ullrich	# Start alias url updater every 24 hours
527	1590947b	Ermal	/usr/local/bin/minicron 86400 $varrunpath/update_alias_url_data.pid '/usr/local/sbin/fcgicli -f /etc/rc.update_alias_url_data'
528	f6ba4bd1	Scott Ullrich
529	c432da9c	Scott Ullrich	/bin/chmod a+rw /tmp/.
530	b569598b	Scott Ullrich
531	52398a6b	jim-p	# Check for GEOM mirrors
532			GMIRROR_STATUS=`/sbin/gmirror status`
533			if [ "${GMIRROR_STATUS}" != "" ]; then
534			# Using a flag file at bootup saves an expensive exec/check on each page load.
535			/usr/bin/touch /var/run/gmirror_active
536			# Setup monitoring/notifications
537			/usr/local/bin/minicron 60 /var/run/gmirror_status_check.pid /usr/local/sbin/gmirror_status_check.php
538			fi
539
540	5f1becd8	Renato Botelho	[ -z "$skip_packages" ] \
541	573ec19d	Renato Botelho do Couto	&& /usr/local/sbin/${product_name}-upgrade -y -U -b 3
542	a5733f63	Renato Botelho
543	6f2bad18	Renato Botelho	# Start packages
544	5f1becd8	Renato Botelho	[ -z "$skip_packages" ] \
545			&& /usr/local/sbin/fcgicli -f /etc/rc.start_packages
546	6f2bad18	Renato Botelho
547	e506cc8a	Renato Botelho	# Update pkg metadata
548			/etc/rc.update_pkg_metadata now
549
550	dcafc712	Adam Gibson	# Log product version to syslog
551	55f81e30	Phil Davis	get_version
552	4982e61e	Adam Gibson	BUILDTIME=`cat /etc/version.buildtime`
553			ARCH=`uname -m`
554	573ec19d	Renato Botelho do Couto	echo "$product_label ${version}${version_patch} $ARCH $BUILDTIME"
555	4982e61e	Adam Gibson
556	e393a4a8	Scott Ullrich	echo "Bootup complete"
557	9b738be9	jim-p	echo "Bootup complete" \| /usr/bin/logger
558	1ba9533c	Scott Ullrich
559	2d4be1c5	Scott Ullrich	/usr/local/bin/beep.sh start 2>&1 >/dev/null
560	e393a4a8	Scott Ullrich
561	4171fa68	Scott Ullrich	# Reset the cache. read-only requires this.
562	7734aea6	Andrew Thompson	/bin/rm -f /tmp/config.cache
563	4171fa68	Scott Ullrich
564	d35cf0de	Scott Ullrich	exit 0

Project

General

Profile

pfSense