webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-18 23:12:59 +02:00
Code Issues Packages Projects Releases Wiki Activity

Move all initscripts for the system to src/initscripts/system

Browse Source 
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
This commit is contained in:
Jonatan Schlag
2017-02-22 11:54:00 +01:00
parent c6060f2dcf
commit 33f53d55cc
53 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

44
src/initscripts/system/acpid Normal file
View File

@@ -0,0 +1,44 @@
#!/bin/sh
########################################################################
# Begin $rc_base/init.d/acpid
#
# Description : ACPI daemon init script
#
########################################################################
. /etc/sysconfig/rc
. ${rc_functions}
# Test if ACPI is present
if [ ! -d /proc/acpi ]; then
exit 0
fi
case "${1}" in
start)
boot_mesg "Starting ACPI daemon..."
loadproc /usr/sbin/acpid
;;
stop)
boot_mesg "Stopping ACPI daemon..."
killproc /usr/sbin/acpid
;;
restart)
${0} stop
sleep 1
${0} start
;;
status)
statusproc /usr/sbin/acpid
;;
*)
echo "Usage: ${0} {start|stop|restart|status}"
exit 1
;;
esac
# End $rc_base/init.d/acpid

55
src/initscripts/system/apache Normal file
View File

@@ -0,0 +1,55 @@
#!/bin/sh
# Begin $rc_base/init.d/apache
# Based on sysklogd script from LFS-3.1 and earlier.
# Rewritten by Gerard Beekmans - gerard@linuxfromscratch.org
. /etc/sysconfig/rc
. $rc_functions
case "$1" in
start)
if [ -f /etc/httpd/server.key -a -f /etc/httpd/server.crt -a -f /etc/httpd/server.csr ]; then
/usr/local/bin/httpscert read >/dev/null 2>&1
else
boot_mesg "Generating HTTPS host certificate (may take a couple of minutes)..."
/usr/local/bin/httpscert new >/dev/null 2>&1
evaluate_retval
# Make sure that the key is written to disk.
sync
fi
boot_mesg "Starting Apache daemon..."
/usr/sbin/apachectl -k start
evaluate_retval
;;
stop)
boot_mesg "Stopping Apache daemon..."
/usr/sbin/apachectl -k stop
evaluate_retval
;;
restart)
boot_mesg "Restarting Apache daemon..."
/usr/sbin/apachectl -k restart
evaluate_retval
;;
reload)
boot_mesg "Reloading Apache daemon..."
/usr/sbin/apachectl -k graceful
evaluate_retval
;;
status)
statusproc /usr/sbin/httpd
;;
*)
echo "Usage: $0 {start|stop|restart|status}"
exit 1
;;
esac
# End $rc_base/init.d/apache

58
src/initscripts/system/beep Normal file
View File

@@ -0,0 +1,58 @@
#!/bin/sh
########################################################################
# Begin $rc_base/init.d/beep
#
# Description : Plays a short melody when system goes up or down
#
# Authors : Michael Tremer - mitch@ipfire.org
#
# Version : 01.00
#
# Notes :
#
########################################################################
. /etc/sysconfig/rc
. ${rc_functions}
LENGTH=40
play () {
beep -l $LENGTH -f $1 2> /dev/null
}
case "${1}" in
start)
for i in 440 466 494 523 554 587 622 659 698 740 764 831 880; do
play $i
done
;;
stop)
for i in 880 831 764 740 698 659 622 587 554 532 494 466 440; do
play $i
done
;;
up)
for i in 440 622 880; do
play $i
done
;;
down)
for i in 880 622 440; do
play $i
done
;;
*)
echo "Usage: ${0} {start|stop|up|down}"
exit 1
;;
esac
# End $rc_base/init.d/beep

129
src/initscripts/system/checkfs Normal file
View File

@@ -0,0 +1,129 @@
#!/bin/sh
########################################################################
# Begin $rc_base/init.d/checkfs
#
# Description : File System Check
#
# Authors : Gerard Beekmans - gerard@linuxfromscratch.org
# A. Luebke - luebke@users.sourceforge.net
#
# Version : 00.00
#
# Notes :
#
# Based on checkfs script from LFS-3.1 and earlier.
#
# From man fsck
# 0 - No errors
# 1 - File system errors corrected
# 2 - System should be rebooted
# 4 - File system errors left uncorrected
# 8 - Operational error
# 16 - Usage or syntax error
# 32 - Fsck canceled by user request
# 128 - Shared library error
#
#########################################################################
. /etc/sysconfig/rc
. ${rc_functions}
case "${1}" in
start)
if [ -f /fastboot ]; then
boot_mesg -n "/fastboot found, will not perform" ${INFO}
boot_mesg " file system checks as requested."
echo_ok
exit 0
fi
boot_mesg "Mounting root file system in read-only mode..."
mount -n -o remount,ro / >/dev/null
evaluate_retval
if [ ${?} != 0 ]; then
echo_failure
boot_mesg -n "FAILURE:\n\nCannot check root" ${FAILURE}
boot_mesg -n " filesystem because it could not be mounted"
boot_mesg -n " in read-only mode.\n\nAfter you"
boot_mesg -n " press Enter, this system will be"
boot_mesg -n " halted and powered off."
boot_mesg -n "\n\nPress enter to continue or wait a minute..." ${INFO}
boot_mesg "" ${NORMAL}
read -t 60 ENTER
${rc_base}/init.d/halt stop
fi
if [ -f /forcefsck ]; then
boot_mesg -n "/forcefsck found, forcing file" ${INFO}
boot_mesg " system checks as requested."
echo_ok
options="-f"
else
options=""
fi
boot_mesg "Checking file systems..."
# Note: -a option used to be -p; but this fails e.g.
# on fsck.minix
fsck ${options} -a -A -C -T 2>/dev/null
error_value=${?}
if [ "${error_value}" = 0 ]; then
echo_ok
fi
if [ "${error_value}" = 1 ]; then
echo_warning
boot_mesg -n "WARNING:\n\nFile system errors" ${WARNING}
boot_mesg -n " were found and have been corrected."
boot_mesg -n " You may want to double-check that"
boot_mesg -n " everything was fixed properly."
boot_mesg "" ${NORMAL}
fi
if [ "${error_value}" = 2 -o "${error_value}" = 3 ]; then
echo_warning
boot_mesg -n "WARNING:\n\nFile system errors" ${WARNING}
boot_mesg -n " were found and have been been"
boot_mesg -n " corrected, but the nature of the"
boot_mesg -n " errors require this system to be"
boot_mesg -n " rebooted.\n\nAfter you press enter,"
boot_mesg -n " this system will be rebooted"
boot_mesg -n "\n\nPress Enter to continue or wait a minute..." ${INFO}
boot_mesg "" ${NORMAL}
read -t 60 ENTER
reboot -f
fi
if [ "${error_value}" -gt 3 -a "${error_value}" -lt 16 ]; then
echo_failure
sleep 2
boot_mesg -n "FAILURE:\n\nFile system errors" ${FAILURE}
boot_mesg -n " were encountered that could not be"
boot_mesg -n " fixed automatically. This system"
boot_mesg -n " cannot continue to boot and will"
boot_mesg -n " therefore be halted until those"
boot_mesg -n " errors are fixed manually by a"
boot_mesg -n " System Administrator.\n\n"
boot_mesg "" ${NORMAL}
sulogin
reboot -f
fi
if [ "${error_value}" -ge 16 ]; then
echo_failure
boot_mesg -n "FAILURE:\n\nUnexpected Failure" ${FAILURE}
boot_mesg -n " running fsck. Exited with error"
boot_mesg -n " code: ${error_value}."
boot_mesg "" ${NORMAL}
exit ${error_value}
fi
;;
*)
echo "Usage: ${0} {start}"
exit 1
;;
esac
# End $rc_base/init.d/checkfs

157
src/initscripts/system/cleanfs Normal file
View File

@@ -0,0 +1,157 @@
#!/bin/sh
########################################################################
# Begin $rc_base/init.d/cleanfs
#
# Description : Clean file system
#
# Authors : Gerard Beekmans - gerard@linuxfromscratch.org
#
# Version : 00.00
#
# Notes :
#
########################################################################
. /etc/sysconfig/rc
. ${rc_functions}
# Function to create files/directory on boot.
create_files() {
# Read in the configuration file.
exec 9>&0 < /etc/sysconfig/createfiles
while read name type perm usr grp dtype maj min junk
do
# Ignore comments and blank lines.
case "${name}" in
""|\#*) continue ;;
esac
# Ignore existing files.
if [ ! -e "${name}" ]; then
# Create stuff based on its type.
case "${type}" in
dir)
mkdir "${name}"
;;
file)
:> "${name}"
;;
dev)
case "${dtype}" in
char)
mknod "${name}" c ${maj} ${min}
;;
block)
mknod "${name}" b ${maj} ${min}
;;
pipe)
mknod "${name}" p
;;
*)
boot_mesg -n "\nUnknown device type: ${dtype}" ${WARNING}
boot_mesg "" ${NORMAL}
;;
esac
;;
*)
boot_mesg -n "\nUnknown type: ${type}" ${WARNING}
boot_mesg "" ${NORMAL}
continue
;;
esac
# Set up the permissions, too.
chown ${usr}:${grp} "${name}"
chmod ${perm} "${name}"
fi
done
exec 0>&9 9>&-
}
case "${1}" in
start)
if [[ ! -L "/var/run" ]]; then
boot_mesg "Repair /var/run symlink to /run..."
mv -u /var/run/* /run/ 2>&1 > /dev/null
rm -rf /var/run
ln -s ../run /var/run
fi
#
# create some folders
#
if [ ! -e /var/lock/subsys ]; then
mkdir -p /var/lock/subsys
fi
if [ ! -e /var/lock/time ]; then
mkdir -p /var/lock/time
chown nobody.root /var/lock/time
fi
if [ ! -e /var/run/clamav ]; then
mkdir -p /var/run/clamav
chown clamav:clamav /var/run/clamav
fi
if [ ! -e /var/run/cups ]; then
mkdir -p /var/run/cups
fi
if [ ! -e /var/run/dbus ]; then
mkdir -p /var/run/dbus
fi
if [ ! -e /var/run/mysql ]; then
mkdir -p /var/run/mysql
chown mysql:mysql /var/run/mysql
fi
if [ ! -e /var/run/saslauthd ]; then
mkdir -p /var/run/saslauthd
fi
if [ ! -e /var/log/vnstat ]; then
mkdir -p /var/log/vnstat
fi
boot_mesg -n "Cleaning file systems:" ${INFO}
boot_mesg -n " /tmp" ${NORMAL}
cd /tmp &&
find . -xdev -mindepth 1 ! -name lost+found \
-delete || failed=1
boot_mesg -n " /var/ipfire/dhcp" ${NORMAL}
cd /var/ipfire/dhcpc/ && find . -name "*.pid" -exec rm -f {} \; || failed=1
cd /var/ipfire/dhcpc/ && find . -name "*.cache" -exec rm -f {} \; || failed=1
cd /var/ipfire/dhcpc/ && find . -name "*.info" -exec rm -f {} \; || failed=1
boot_mesg -n " /var/ipfire/red" ${NORMAL}
cd /var/ipfire/red/ && find . -name active -exec rm -f {} \; || failed=1
boot_mesg -n " /var/lock" ${NORMAL}
cd /var/lock &&
find . -type f ! -newer /proc -exec rm -f {} \; || failed=1
boot_mesg -n " /var/log/updatexlrator" ${NORMAL}
rm -f /var/log/updatexlrator/checkdeaddl.lck
boot_mesg " /var/run" ${NORMAL}
cd /var/run &&
find . ! -type d ! -name utmp ! -newer /proc \
-exec rm -f {} \; || failed=1
> /var/run/utmp
if grep -q '^utmp:' /etc/group ; then
chmod 664 /var/run/utmp
chgrp utmp /var/run/utmp
fi
(exit ${failed})
evaluate_retval
if egrep -qv '^(#|$)' /etc/sysconfig/createfiles 2>/dev/null; then
boot_mesg "Creating files and directories..."
create_files
evaluate_retval
fi
;;
*)
echo "Usage: ${0} {start}"
exit 1
;;
esac
# End $rc_base/init.d/cleanfs

140
src/initscripts/system/collectd Normal file
View File

@@ -0,0 +1,140 @@
#!/bin/sh
# Begin $rc_base/init.d/collecd
. /etc/sysconfig/rc
. $rc_functions
eval $(/usr/local/bin/readhash /var/ipfire/main/settings)
if [ "$RRDLOG" = '' ]; then
RRDLOG=/var/log/rrd
fi
case "$1" in
start)
if use_ramdisk; then
boot_mesg "Mounting RRD ramdisk..."
mount_ramdisk "${RRDLOG}"
evaluate_retval
fi
# If run from init and collectd alrady started then exit silent
if [ "$(basename $0)" != "collectd" ]; then
if [ "$(ps -A | grep " collectd$")" != "" ]; then
exit 0
fi
fi
# ARM does not support to scan for sensors. In that case,
# we create an empty configuration file.
machine=$(uname -m)
if [ "${machine:0:3}" = "arm" ]; then
touch /etc/sysconfig/lm_sensors
fi
# At first run search for sensors with sensors-detect
if [ ! -e /etc/sysconfig/lm_sensors ]; then
boot_mesg "Searching for Sensors..."
# pre scan and try to load modules
"yes" | /usr/sbin/sensors-detect > /dev/null
if [ -e /etc/sysconfig/lm_sensors ]; then
# Module load
. /etc/sysconfig/lm_sensors
for modul in $BUS_MODULES $HWMON_MODULES ; do
modprobe $modul > /dev/null 2>&1;
done
fi
# Final scan
"yes" | /usr/sbin/sensors-detect > /dev/null
evaluate_retval
if [ ! -e /etc/sysconfig/lm_sensors ]; then
echo "#No Sensors detected " > /etc/sysconfig/lm_sensors
fi
fi
# Load sensor modules only first start
if [ ! -e /var/lock/sensors_modules ]; then
touch /var/lock/sensors_modules
boot_mesg -n "Loading Sensor Modules: "
. /etc/sysconfig/lm_sensors
for modul in $BUS_MODULES $HWMON_MODULES ; do
modprobe $modul > /dev/null 2>&1;
if [ ${?} = 0 ]; then
boot_mesg -n "$SUCCESS$modul$NORMAL ";
else
boot_mesg -n "$WARNING$modul$NORMAL ";
fi
done
boot_mesg;
echo_ok;
fi
# Enable sensors plugin if sensors found
if [ "$( sensors 2>&1 | grep 'No sensors found!' | wc -l )" == "1" ]; then
sed -i -e "s|^LoadPlugin sensors|#LoadPlugin sensors|g" /etc/collectd.conf
else
sed -i -e "s|^#LoadPlugin sensors|LoadPlugin sensors|g" /etc/collectd.conf
fi
# Enable thermal plugin if thermal_zone found
if [ ! -e /sys/class/thermal/thermal_zone0 ]; then
sed -i -e 's|^include "/etc/collectd.thermal"$|#include "/etc/collectd.thermal"|g' /etc/collectd.conf
else
sed -i -e 's|^#include "/etc/collectd.thermal"$|include "/etc/collectd.thermal"|g' /etc/collectd.conf
fi
# Enable swap plugin if swap found
if [ "$(swapon -s | wc -l)" == "0" ]; then
sed -i -e "s|^LoadPlugin swap|#LoadPlugin swap|g" /etc/collectd.conf
else
sed -i -e "s|^#LoadPlugin swap|LoadPlugin swap|g" /etc/collectd.conf
fi
# sync after config update...
sync
if [ $(date +%Y) -gt 2011 ]; then
boot_mesg "Starting Collection daemon..."
/usr/sbin/collectd -C /etc/collectd.conf
evaluate_retval
else
boot_mesg "collectd: cannot start with incorrect time ($(date))."
echo_warning;
fi
;;
stop)
boot_mesg "Stopping Collection daemon..."
killproc /usr/sbin/collectd
evaluate_retval
# Umount the ramdisk (if any)
umount_ramdisk "${RRDLOG}"
;;
restart)
${0} stop
sleep 1
${0} start
;;
status)
statusproc /usr/sbin/collectd
;;
backup)
# Backup all data if ramdisk is used
if mountpoint "${RRDLOG}" &>/dev/null; then
${0} restart
fi
;;
*)
echo "Usage: $0 {start|stop|restart|status|backup}"
exit 1
;;
esac
# End $rc_base/init.d/collectd

102
src/initscripts/system/connectd Normal file
View File

@@ -0,0 +1,102 @@
#!/bin/bash
#
. /etc/sysconfig/rc
. ${rc_functions}
# Stop if nothing is configured
if [ ! -s "/var/ipfire/ppp/settings" ];then
exit 0
fi
eval $(/usr/local/bin/readhash /var/ipfire/ppp/settings)
MAX=160
ATTEMPTS=0
COUNT=0
if [ ! $HOLDOFF ]; then
HOLDOFF=30
fi
if [ "$RECONNECTION" = "dialondemand" ]; then
exit 0
fi
msg_log () {
logger -t $(basename $0)[$$] $*
}
msg_log "Connectd ($1) started with PID $$"
if [ -s "/var/ipfire/red/keepconnected" ]; then
ATTEMPTS=$(cat /var/ipfire/red/keepconnected)
else
echo "0" > /var/ipfire/red/keepconnected
fi
case "$1" in
start)
boot_mesg "Starting connection daemon..."
echo_ok
while [ "$COUNT" -lt "$MAX" ]; do
if [ ! -e "/var/ipfire/red/keepconnected" ]; then
# User pressed disconnect in gui
msg_log "Stopping by user request. Exiting."
/etc/rc.d/init.d/network stop red
exit 0
fi
if [ -e "/var/ipfire/red/active" ]; then
# Successfully connected in time
echo "0" > /var/ipfire/red/keepconnected
msg_log "System is online. Exiting."; exit 0
fi
if ( ! ps ax | grep -q [p]ppd ); then
msg_log "No pppd is running. Trying reconnect."
break # because pppd died
fi
sleep 5
(( COUNT+=1 ))
done
/etc/rc.d/init.d/network stop red
(( ATTEMPTS+=1 ))
msg_log "Reconnecting: Attempt ${ATTEMPTS} of ${MAXRETRIES}"
if [ "${ATTEMPTS}" -ge "${MAXRETRIES}" ]; then
echo "0" > /var/ipfire/red/keepconnected
if [ "$BACKUPPROFILE" != '' ]; then
rm -f /var/ipfire/ppp/settings
cp "/var/ipfire/ppp/settings-${BACKUPPROFILE}" /var/ipfire/ppp/settings
msg_log "Switched to backup profile ${BACKUPPROFILE}"
# to be shure the right secrets are used
eval $(/usr/local/bin/readhash /var/ipfire/ppp/settings-${BACKUPPROFILE})
echo "'$USERNAME' * '$PASSWORD'" > /var/ipfire/ppp/secrets
else
msg_log "No backup profile given. Exiting."
exit 0
fi
else
echo $ATTEMPTS > /var/ipfire/red/keepconnected
sleep ${HOLDOFF}
fi
/etc/rc.d/init.d/network start red >/dev/tty12 2>&1 </dev/tty12 &
;;
reconnect)
while ( ps ax | grep -q [p]ppd ); do
msg_log "There is a pppd still running. Waiting 2 seconds for exit."
sleep 2
done
/etc/rc.d/init.d/network restart red
;;
*)
echo "Usage: $0 {start|reconnect}"
exit 1
;;
esac
msg_log "Exiting gracefully connectd with PID $$."

100
src/initscripts/system/console Normal file
View File

@@ -0,0 +1,100 @@
#!/bin/sh
########################################################################
# Begin $rc_base/init.d/console
#
# Description : Sets keymap and screen font
#
# Authors : Gerard Beekmans - gerard@linuxfromscratch.org
# Alexander E. Patrakov
#
# Version : 00.03
#
# Notes :
#
########################################################################
. /etc/sysconfig/rc
. ${rc_functions}
eval $(/usr/local/bin/readhash /var/ipfire/main/settings)
FONT="latarcyrheb-sun16"
KEYMAP_CORRECTIONS="euro2"
UNICODE="1"
BROKEN_COMPOSE="0"
is_true() {
[ "$1" = "1" ] || [ "$1" = "yes" ] || [ "$1" = "true" ]
}
failed=0
trap failed=1 ERR
case "${1}" in
start)
boot_mesg "Setting up Linux console..."
# There should be no bogus failures below this line!
# Figure out if a framebuffer console is used
[ -d /sys/class/graphics/fb0 ] && USE_FB=1 || USE_FB=0
# Figure out the command to set the console into the
# desired mode
is_true "${UNICODE}" &&
MODE_COMMAND="echo -en '\033%G' && kbd_mode -u" ||
MODE_COMMAND="echo -en '\033%@\033(K' && kbd_mode -a"
# On framebuffer consoles, font has to be set for each vt in
# UTF-8 mode. This doesn't hurt in non-UTF-8 mode also.
! is_true "${USE_FB}" || [ -z "${FONT}" ] ||
MODE_COMMAND="${MODE_COMMAND} && setfont ${FONT}"
# Apply that command to all consoles mentioned in
# /etc/inittab. Important: in the UTF-8 mode this should
# happen before setfont, otherwise a kernel bug will
# show up and the unicode map of the font will not be
# used.
# FIXME: Fedora Core also initializes two spare consoles
# - do we want that?
for TTY in `grep '^[^#].*respawn:/sbin/agetty' /etc/inittab |
grep -o '\btty[[:digit:]]*\b'`
do
openvt -f -w -c ${TTY#tty} -- \
/bin/sh -c "${MODE_COMMAND}" 2>/dev/null
done
# Set the font (if not already set above) and the keymap
is_true "${USE_FB}" || [ -z "${FONT}" ] || setfont $FONT
[ -z "${KEYMAP}" ] || loadkeys ${KEYMAP} &>/dev/null
[ -z "${KEYMAP_CORRECTIONS}" ] ||
loadkeys ${KEYMAP_CORRECTIONS} &>/dev/null
# Linux kernel generates wrong bytes when composing
# in Unicode mode. That's why we disable dead keys in Unicode
# mode by default. If you need them, download and apply
# http://www.linuxfromscratch.org/~alexander/patches/linux-2.6.12.5-utf8_input-2.patch
# After patching, add "-m charset_of_your_keymap" to the FONT
# variable and set BROKEN_COMPOSE=false
# in /etc/sysconfig/console
[ -n "$BROKEN_COMPOSE" ] || BROKEN_COMPOSE="$UNICODE"
! is_true "$BROKEN_COMPOSE" ||
echo "" | loadkeys -c &>/dev/null
# Convert the keymap from $LEGACY_CHARSET to UTF-8
[ -z "$LEGACY_CHARSET" ] ||
dumpkeys -c "$LEGACY_CHARSET" | loadkeys -u &>/dev/null
# If any of the commands above failed, the trap at the
# top would set $failed to 1
( exit $failed )
evaluate_retval
;;
*)
echo $"Usage:" "${0} {start}"
exit 1
;;
esac
# End $rc_base/init.d/console

89
src/initscripts/system/dhcp Normal file
View File

@@ -0,0 +1,89 @@
#!/bin/sh
# Begin $rc_base/init.d/dhcp
# Based on sysklogd script from LFS-3.1 and earlier.
# Rewritten by Gerard Beekmans - gerard@linuxfromscratch.org
# Modified for IPFire by Michael Tremer - mitch@ipfire.org
. /etc/sysconfig/rc
. $rc_functions
eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings)
eval $(/usr/local/bin/readhash /var/ipfire/dhcp/settings)
function flush_chains() {
iptables -F DHCPGREENINPUT
iptables -F DHCPGREENOUTPUT
iptables -F DHCPBLUEINPUT
iptables -F DHCPBLUEOUTPUT
}
case "$1" in
start)
flush_chains
if [ -n "${GREEN_DEV}" -a -e "/var/ipfire/dhcp/enable_green" ]; then
devices="${GREEN_DEV}"
iptables -A DHCPGREENINPUT -i "${GREEN_DEV}" -j DHCPINPUT
iptables -A DHCPGREENOUTPUT -o "${GREEN_DEV}" -j DHCPOUTPUT
fi
if [ -n "${BLUE_DEV}" -a -e "/var/ipfire/dhcp/enable_blue" ]; then
devices+=" ${BLUE_DEV}"
iptables -A DHCPBLUEINPUT -i "${BLUE_DEV}" -j DHCPINPUT
iptables -A DHCPBLUEOUTPUT -o "${BLUE_DEV}" -j DHCPOUTPUT
fi
boot_mesg "Starting DHCP Server..."
loadproc /usr/sbin/dhcpd -q ${devices}
# Start Unbound DHCP Lease Bridge unless RFC2136 is used
if [ "${DNS_UPDATE_ENABLED}" != on ]; then
boot_mesg "Starting Unbound DHCP Leases Bridge..."
loadproc /usr/sbin/unbound-dhcp-leases-bridge -d
fi
(sleep 5 && chmod 644 /var/run/dhcpd.pid) & # Fix because silly dhcpd creates its pid with mode 640
;;
stop)
flush_chains
boot_mesg "Stopping DHCP Server..."
killproc -p /var/run/dhcpd.pid /usr/sbin/dhcpd
if [ "$(ps -A | grep " dhcpd")" != "" ] ; then
# if fail use the hard way ...
boot_mesg "Killing DHCP Server..."
killall -w -s KILL /usr/sbin/dhcpd > /dev/null 2>&1
rm -f /var/run/dhcpd.pid > /dev/null 2>&1
echo_ok;
fi
boot_mesg "Stopping Unbound DHCP Leases Bridge..."
killproc /usr/sbin/unbound-dhcp-leases-bridge
;;
reload)
boot_mesg "Reloading DHCP Server..."
reloadproc /usr/sbin/dhcpd
;;
restart)
$0 stop
sleep 1
$0 start
;;
status)
statusproc /usr/sbin/dhcpd
statusproc /usr/sbin/unbound-dhcp-leases-bridge
;;
*)
echo "Usage: $0 {start|stop|reload|restart|status}"
exit 1
;;
esac
# End $rc_base/init.d/dhcp

53
src/initscripts/system/dhcrelay Normal file
View File

@@ -0,0 +1,53 @@
#!/bin/sh
########################################################################
# Begin $rc_base/init.d/dhcrelay
#
# Description : The DHCP Relay Daemon
#
########################################################################
. /etc/sysconfig/rc
. ${rc_functions}
CONFIG_FILE="/var/ipfire/dhcp/relay"
if [ -r "${CONFIG_FILE}" ]; then
eval $(/usr/local/bin/readhash ${CONFIG_FILE})
fi
ARGS="-q"
for interface in ${INTERFACES}; do
ARGS="${ARGS} -i ${interface}"
done
ARGS="${ARGS} ${SERVERS}"
case "${1}" in
start)
boot_mesg "Starting DHCP Relay..."
loadproc /usr/sbin/dhcrelay ${ARGS}
;;
stop)
boot_mesg "Stopping DHCP Relay..."
killproc -p /var/run/dhcrelay.pid /usr/sbin/dhcrelay
;;
restart)
${0} stop
sleep 1
${0} start
;;
status)
statusproc /usr/sbin/dhcrelay
;;
*)
echo "Usage: ${0} {start|stop|restart|status}"
exit 1
;;
esac
# End $rc_base/init.d/dhcrelay

41
src/initscripts/system/fcron Normal file
View File

@@ -0,0 +1,41 @@
#!/bin/sh
# Begin $rc_base/init.d/fcron
# Based on sysklogd script from LFS-3.1 and earlier.
# Rewritten by Gerard Beekmans - gerard@linuxfromscratch.org
#$LastChangedBy: bdubbs $
#$Date: 2005-08-01 14:29:19 -0500 (Mon, 01 Aug 2005) $
. /etc/sysconfig/rc
. $rc_functions
case "$1" in
start)
boot_mesg "Starting fcron..."
loadproc /usr/sbin/fcron -y
# remove -y to reenable fcron logging
;;
stop)
boot_mesg "Stopping fcron..."
killproc /usr/sbin/fcron
;;
restart)
$0 stop
sleep 1
$0 start
;;
status)
statusproc /usr/sbin/fcron
;;
*)
echo "Usage: $0 {start|stop|restart|status}"
exit 1
;;
esac
# End $rc_base/init.d/fcron

37
src/initscripts/system/fireinfo Normal file
View File

@@ -0,0 +1,37 @@
#!/bin/sh
########################################################################
# Begin $rc_base/init.d/fireinfo
#
# Description : Fireinfo profile generator
#
# Authors : IPFire Team
#
# Notes : This script saves the fireinfo profile to a file which
# is needed to show that information on the webinterface.
# No data is sent to the server.
#
########################################################################
. /etc/sysconfig/rc
. ${rc_functions}
case "${1}" in
start)
mkdir -p /var/ipfire/fireinfo 2>/dev/null
# Generate Pakfire uuid if not present
if [ ! -e /opt/pakfire/db/uuid ]; then
uuidgen > /opt/pakfire/db/uuid
fi
sendprofile --public-id > /var/ipfire/fireinfo/public_id
sendprofile --dump > /var/ipfire/fireinfo/profile
;;
*)
echo "Usage: ${0} {start}"
exit 1
;;
esac
# End $rc_base/init.d/fireinfo

496
src/initscripts/system/firewall Normal file
View File

@@ -0,0 +1,496 @@
#!/bin/sh
. /etc/sysconfig/rc
. ${rc_functions}
eval $(/usr/local/bin/readhash /var/ipfire/ppp/settings)
eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings)
eval $(/usr/local/bin/readhash /var/ipfire/optionsfw/settings)
IFACE=`/bin/cat /var/ipfire/red/iface 2> /dev/null | /usr/bin/tr -d '\012'`
if [ -f /var/ipfire/red/device ]; then
DEVICE=`/bin/cat /var/ipfire/red/device 2> /dev/null | /usr/bin/tr -d '\012'`
fi
function iptables() {
/sbin/iptables --wait "$@"
}
iptables_init() {
# Flush all rules and delete all custom chains
iptables -F
iptables -t nat -F
iptables -t mangle -F
iptables -t raw -F
iptables -X
iptables -t nat -X
iptables -t mangle -X
iptables -t raw -X
# Set up policies
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT
# Empty LOG_DROP and LOG_REJECT chains
iptables -N LOG_DROP
iptables -A LOG_DROP -m limit --limit 10/minute -j LOG
iptables -A LOG_DROP -j DROP
iptables -N LOG_REJECT
iptables -A LOG_REJECT -m limit --limit 10/minute -j LOG
iptables -A LOG_REJECT -j REJECT
# This chain will log, then DROPs packets with certain bad combinations
# of flags might indicate a port-scan attempt (xmas, null, etc)
iptables -N PSCAN
if [ "$DROPPORTSCAN" == "on" ]; then
iptables -A PSCAN -p tcp -m limit --limit 10/minute -j LOG --log-prefix "DROP_TCP Scan " -m comment --comment "DROP_TCP PScan"
iptables -A PSCAN -p udp -m limit --limit 10/minute -j LOG --log-prefix "DROP_UDP Scan " -m comment --comment "DROP_UDP PScan"
iptables -A PSCAN -p icmp -m limit --limit 10/minute -j LOG --log-prefix "DROP_ICMP Scan " -m comment --comment "DROP_ICMP PScan"
iptables -A PSCAN -f -m limit --limit 10/minute -j LOG --log-prefix "DROP_FRAG Scan " -m comment --comment "DROP_FRAG PScan"
fi
iptables -A PSCAN -j DROP -m comment --comment "DROP_PScan"
# New tcp packets without SYN set - could well be an obscure type of port scan
# that's not covered above, may just be a broken windows machine
iptables -N NEWNOTSYN
if [ "$DROPNEWNOTSYN" == "on" ]; then
iptables -A NEWNOTSYN -m limit --limit 10/minute -j LOG --log-prefix "DROP_NEWNOTSYN "
fi
iptables -A NEWNOTSYN -j DROP -m comment --comment "DROP_NEWNOTSYN"
# Chain to contain all the rules relating to bad TCP flags
iptables -N BADTCP
# Don't check loopback
iptables -A BADTCP -i lo -j RETURN
# Disallow packets frequently used by port-scanners
# NMAP FIN/URG/PSH (XMAS scan)
iptables -A BADTCP -p tcp --tcp-flags ALL FIN,URG,PSH -j PSCAN
# SYN/RST/ACK/FIN/URG
iptables -A BADTCP -p tcp --tcp-flags ALL SYN,RST,ACK,FIN,URG -j PSCAN
# ALL/ALL
iptables -A BADTCP -p tcp --tcp-flags ALL ALL -j PSCAN
# FIN Stealth
iptables -A BADTCP -p tcp --tcp-flags ALL FIN -j PSCAN
# SYN/RST (also catches xmas variants that set SYN+RST+...)
iptables -A BADTCP -p tcp --tcp-flags SYN,RST SYN,RST -j PSCAN
# SYN/FIN (QueSO or nmap OS probe)
iptables -A BADTCP -p tcp --tcp-flags SYN,FIN SYN,FIN -j PSCAN
# Null
iptables -A BADTCP -p tcp --tcp-flags ALL NONE -j PSCAN
# NEW TCP without SYN
iptables -A BADTCP -p tcp ! --syn -m conntrack --ctstate NEW -j NEWNOTSYN
iptables -A INPUT -p tcp -j BADTCP
iptables -A FORWARD -p tcp -j BADTCP
# Connection tracking chains
iptables -N CONNTRACK
iptables -A CONNTRACK -m conntrack --ctstate ESTABLISHED -j ACCEPT
iptables -A CONNTRACK -m conntrack --ctstate INVALID -j DROP
iptables -A CONNTRACK -p icmp -m conntrack --ctstate RELATED -j ACCEPT
iptables -t raw -N CONNTRACK
iptables -t raw -A PREROUTING -j CONNTRACK
# Conntrack helpers (https://home.regit.org/netfilter-en/secure-use-of-helpers/)
# SIP
if [ "${CONNTRACK_SIP}" = "on" ]; then
modprobe nf_nat_sip
iptables -A CONNTRACK -m conntrack --ctstate RELATED \
-m helper --helper sip -j ACCEPT
for proto in udp tcp; do
iptables -t raw -A CONNTRACK -p "${proto}" --dport 5060 -j CT --helper sip
done
fi
# H.323
if [ "${CONNTRACK_H323}" = "on" ]; then
modprobe nf_nat_h323
iptables -A CONNTRACK -m conntrack --ctstate RELATED \
-m helper --helper h323 -j ACCEPT
# Gatekeeper RAS
iptables -t raw -A CONNTRACK -p udp --dport 1719 -j CT --helper RAS
# Q.931
iptables -t raw -A CONNTRACK -p tcp --dport 1720 -j CT --helper Q.931
fi
# FTP
if [ "${CONNTRACK_FTP}" = "on" ]; then
modprobe nf_nat_ftp
iptables -A CONNTRACK -m conntrack --ctstate RELATED \
-m helper --helper ftp -p tcp --dport 1024: -j ACCEPT
iptables -t raw -A CONNTRACK -p tcp --dport 21 -j CT --helper ftp
fi
# PPTP
if [ "${CONNTRACK_PPTP}" = "on" ]; then
modprobe nf_nat_pptp
iptables -A CONNTRACK -m conntrack --ctstate RELATED \
-m helper --helper pptp -j ACCEPT
iptables -t raw -A CONNTRACK -p tcp --dport 1723 -j CT --helper pptp
fi
# TFTP
if [ "${CONNTRACK_TFTP}" = "on" ]; then
modprobe nf_nat_tftp
iptables -A CONNTRACK -m conntrack --ctstate RELATED \
-m helper --helper tftp -j ACCEPT
iptables -t raw -A CONNTRACK -p udp --dport 69 -j CT --helper tftp
fi
# IRC
if [ "${CONNTRACK_IRC}" = "on" ]; then
modprobe nf_nat_irc
iptables -A CONNTRACK -m conntrack --ctstate RELATED \
-m helper --helper irc -j ACCEPT
iptables -t raw -A CONNTRACK -p tcp --dport 6667 -j CT --helper irc
fi
# Amanda
if [ "${CONNTRACK_AMANDA}" = "on" ]; then
modprobe nf_nat_amanda
iptables -A CONNTRACK -m conntrack --ctstate RELATED \
-m helper --helper amanda -j ACCEPT
iptables -t raw -A CONNTRACK -p tcp -j CT --helper amanda
fi
# Fix for braindead ISP's
iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
# CUSTOM chains, can be used by the users themselves
iptables -N CUSTOMINPUT
iptables -A INPUT -j CUSTOMINPUT
iptables -N CUSTOMFORWARD
iptables -A FORWARD -j CUSTOMFORWARD
iptables -N CUSTOMOUTPUT
iptables -A OUTPUT -j CUSTOMOUTPUT
iptables -t nat -N CUSTOMPREROUTING
iptables -t nat -A PREROUTING -j CUSTOMPREROUTING
iptables -t nat -N CUSTOMPOSTROUTING
iptables -t nat -A POSTROUTING -j CUSTOMPOSTROUTING
# P2PBLOCK
iptables -N P2PBLOCK
iptables -A INPUT -j P2PBLOCK
iptables -A FORWARD -j P2PBLOCK
iptables -A OUTPUT -j P2PBLOCK
# Guardian (IPS) chains
iptables -N GUARDIAN
iptables -A INPUT -j GUARDIAN
iptables -A FORWARD -j GUARDIAN
# Block non-established IPsec networks
iptables -N IPSECBLOCK
iptables -A FORWARD -m policy --dir out --pol none -j IPSECBLOCK
iptables -A OUTPUT -m policy --dir out --pol none -j IPSECBLOCK
# Block OpenVPN transfer networks
iptables -N OVPNBLOCK
iptables -A INPUT -i tun+ -j OVPNBLOCK
iptables -A FORWARD -i tun+ -j OVPNBLOCK
iptables -A FORWARD -o tun+ -j OVPNBLOCK
# OpenVPN transfer network translation
iptables -t nat -N OVPNNAT
iptables -t nat -A POSTROUTING -j OVPNNAT
# IPTV chains for IGMPPROXY
iptables -N IPTVINPUT
iptables -A INPUT -j IPTVINPUT
iptables -N IPTVFORWARD
iptables -A FORWARD -j IPTVFORWARD
# Allow to ping the firewall.
iptables -N ICMPINPUT
iptables -A INPUT -j ICMPINPUT
iptables -A ICMPINPUT -p icmp --icmp-type 8 -j ACCEPT
# Accept everything on loopback
iptables -N LOOPBACK
iptables -A LOOPBACK -i lo -j ACCEPT
iptables -A LOOPBACK -o lo -j ACCEPT
# Filter all packets with loopback addresses on non-loopback interfaces.
iptables -A LOOPBACK -s 127.0.0.0/8 -j DROP
iptables -A LOOPBACK -d 127.0.0.0/8 -j DROP
for i in INPUT FORWARD OUTPUT; do
iptables -A ${i} -j LOOPBACK
done
# Accept everything connected
for i in INPUT FORWARD OUTPUT; do
iptables -A ${i} -j CONNTRACK
done
# Allow DHCP
iptables -N DHCPINPUT
iptables -A DHCPINPUT -p udp --sport 68 --dport 67 -j ACCEPT
iptables -A DHCPINPUT -p tcp --sport 68 --dport 67 -j ACCEPT
iptables -N DHCPOUTPUT
iptables -A DHCPOUTPUT -p udp --sport 67 --dport 68 -j ACCEPT
iptables -A DHCPOUTPUT -p tcp --sport 67 --dport 68 -j ACCEPT
# Allow DHCP on GREEN
iptables -N DHCPGREENINPUT
iptables -N DHCPGREENOUTPUT
if [ -n "${GREEN_DEV}" ]; then
iptables -A INPUT -i "${GREEN_DEV}" -j DHCPGREENINPUT
iptables -A OUTPUT -o "${GREEN_DEV}" -j DHCPGREENOUTPUT
fi
# allow DHCP on BLUE to be turned on/off
iptables -N DHCPBLUEINPUT
iptables -N DHCPBLUEOUTPUT
if [ -n "${BLUE_DEV}" ]; then
iptables -A INPUT -i "${BLUE_DEV}" -j DHCPBLUEINPUT
iptables -A OUTPUT -o "${BLUE_DEV}" -j DHCPBLUEOUTPUT
fi
# GeoIP block
iptables -N GEOIPBLOCK
iptables -A INPUT -j GEOIPBLOCK
iptables -A FORWARD -j GEOIPBLOCK
# trafic from ipsecX/TUN/TAP interfaces, before "-i GREEN_DEV" accept everything
iptables -N IPSECINPUT
iptables -N IPSECFORWARD
iptables -N IPSECOUTPUT
iptables -A INPUT -j IPSECINPUT
iptables -A FORWARD -j IPSECFORWARD
iptables -A OUTPUT -j IPSECOUTPUT
iptables -t nat -N IPSECNAT
iptables -t nat -A POSTROUTING -j IPSECNAT
# localhost and ethernet.
# Always allow accessing the web GUI from GREEN.
iptables -N GUIINPUT
iptables -A INPUT -j GUIINPUT
iptables -A GUIINPUT -i "${GREEN_DEV}" -p tcp --dport 444 -j ACCEPT
# WIRELESS chains
iptables -N WIRELESSINPUT
iptables -A INPUT -m conntrack --ctstate NEW -j WIRELESSINPUT
iptables -N WIRELESSFORWARD
iptables -A FORWARD -m conntrack --ctstate NEW -j WIRELESSFORWARD
# OpenVPN
iptables -N OVPNINPUT
iptables -A INPUT -j OVPNINPUT
# TOR
iptables -N TOR_INPUT
iptables -A INPUT -j TOR_INPUT
# Jump into the actual firewall ruleset.
iptables -N INPUTFW
iptables -A INPUT -j INPUTFW
iptables -N OUTGOINGFW
iptables -A OUTPUT -j OUTGOINGFW
iptables -N FORWARDFW
iptables -A FORWARD -j FORWARDFW
# SNAT rules
iptables -t nat -N NAT_SOURCE
iptables -t nat -A POSTROUTING -j NAT_SOURCE
# Custom prerouting chains (for transparent proxy)
iptables -t nat -N SQUID
iptables -t nat -A PREROUTING -j SQUID
# DNAT rules
iptables -t nat -N NAT_DESTINATION
iptables -t nat -A PREROUTING -j NAT_DESTINATION
iptables -t nat -A OUTPUT -j NAT_DESTINATION
iptables -t mangle -N NAT_DESTINATION
iptables -t mangle -A PREROUTING -j NAT_DESTINATION
iptables -t nat -N NAT_DESTINATION_FIX
iptables -t nat -A POSTROUTING -j NAT_DESTINATION_FIX
iptables -t nat -A NAT_DESTINATION_FIX \
-m mark --mark 1 -j SNAT --to-source "${GREEN_ADDRESS}"
if [ -n "${BLUE_ADDRESS}" ]; then
iptables -t nat -A NAT_DESTINATION_FIX \
-m mark --mark 2 -j SNAT --to-source "${BLUE_ADDRESS}"
fi
if [ -n "${ORANGE_ADDRESS}" ]; then
iptables -t nat -A NAT_DESTINATION_FIX \
-m mark --mark 3 -j SNAT --to-source "${ORANGE_ADDRESS}"
fi
# upnp chain for our upnp daemon
iptables -t nat -N UPNPFW
iptables -t nat -A PREROUTING -j UPNPFW
iptables -N UPNPFW
iptables -A FORWARD -m conntrack --ctstate NEW -j UPNPFW
# RED chain, used for the red interface
iptables -N REDINPUT
iptables -A INPUT -j REDINPUT
iptables -N REDFORWARD
iptables -A FORWARD -j REDFORWARD
iptables -t nat -N REDNAT
iptables -t nat -A POSTROUTING -j REDNAT
# Populate IPsec block chain
/usr/lib/firewall/ipsec-block
# Apply OpenVPN firewall rules
/usr/local/bin/openvpnctrl --firewall-rules
# run wirelessctrl
/usr/local/bin/wirelessctrl
# POLICY CHAIN
iptables -N POLICYIN
iptables -A INPUT -j POLICYIN
iptables -N POLICYFWD
iptables -A FORWARD -j POLICYFWD
iptables -N POLICYOUT
iptables -A OUTPUT -j POLICYOUT
# Initialize firewall policies.
/usr/sbin/firewall-policy
# Install firewall rules for the red interface.
iptables_red_up
# If red has not been brought up yet, we will
# add the blocking rules for MASQUERADE
if [ ! -e "/var/ipfire/red/active" ]; then
iptables_red_down
fi
}
iptables_red_up() {
iptables -F REDINPUT
iptables -F REDFORWARD
iptables -t nat -F REDNAT
# PPPoE / PPTP Device
if [ "$IFACE" != "" ]; then
# PPPoE / PPTP
if [ "$DEVICE" != "" ]; then
iptables -A REDINPUT -i $DEVICE -j ACCEPT
fi
if [ "$RED_TYPE" == "PPTP" -o "$RED_TYPE" == "PPPOE" ]; then
if [ "$RED_DEV" != "" ]; then
iptables -A REDINPUT -i $RED_DEV -j ACCEPT
fi
fi
fi
# PPTP over DHCP
if [ "$DEVICE" != "" -a "$TYPE" == "PPTP" -a "$METHOD" == "DHCP" ]; then
iptables -A REDINPUT -p tcp --source-port 67 --destination-port 68 -i $DEVICE -j ACCEPT
iptables -A REDINPUT -p udp --source-port 67 --destination-port 68 -i $DEVICE -j ACCEPT
fi
# Orange pinholes
if [ "$ORANGE_DEV" != "" ]; then
# This rule enables a host on ORANGE network to connect to the outside
# (only if we have a red connection)
if [ "$IFACE" != "" ]; then
iptables -A REDFORWARD -i $ORANGE_DEV -o $IFACE -j ACCEPT
fi
fi
if [ "$IFACE" != "" -a -f /var/ipfire/red/active ]; then
# DHCP
if [ "$RED_DEV" != "" -a "$RED_TYPE" == "DHCP" ]; then
iptables -A REDINPUT -p tcp --source-port 67 --destination-port 68 -i $IFACE -j ACCEPT
iptables -A REDINPUT -p udp --source-port 67 --destination-port 68 -i $IFACE -j ACCEPT
fi
if [ "$METHOD" == "DHCP" -a "$PROTOCOL" == "RFC1483" ]; then
iptables -A REDINPUT -p tcp --source-port 67 --destination-port 68 -i $IFACE -j ACCEPT
iptables -A REDINPUT -p udp --source-port 67 --destination-port 68 -i $IFACE -j ACCEPT
fi
# Outgoing masquerading (don't masqerade IPSEC (mark 50))
iptables -t nat -A REDNAT -m mark --mark 50 -o $IFACE -j RETURN
if [ "${IFACE}" = "${GREEN_DEV}" ]; then
iptables -t nat -A REDNAT -i "${GREEN_DEV}" -o "${IFACE}" -j RETURN
fi
local NO_MASQ_NETWORKS
if [ "${MASQUERADE_GREEN}" = "off" ]; then
NO_MASQ_NETWORKS="${NO_MASQ_NETWORKS} ${GREEN_NETADDRESS}/${GREEN_NETMASK}"
fi
if [ "${MASQUERADE_BLUE}" = "off" ]; then
NO_MASQ_NETWORKS="${NO_MASQ_NETWORKS} ${BLUE_NETADDRESS}/${BLUE_NETMASK}"
fi
if [ "${MASQUERADE_ORANGE}" = "off" ]; then
NO_MASQ_NETWORKS="${NO_MASQ_NETWORKS} ${ORANGE_NETADDRESS}/${ORANGE_NETMASK}"
fi
local network
for network in ${NO_MASQ_NETWORKS}; do
iptables -t nat -A REDNAT -s "${network}" -o "${IFACE}" -j RETURN
done
# Masquerade everything else
iptables -t nat -A REDNAT -o $IFACE -j MASQUERADE
fi
# Reload all rules.
/usr/local/bin/firewallctrl
}
iptables_red_down() {
# Prohibit packets to reach the masquerading rule
# while the wan interface is down - this is required to
# circumvent udp related NAT issues
# http://forum.ipfire.org/index.php?topic=11127.0
if [ -n "${IFACE}" ]; then
iptables -F REDFORWARD
iptables -A REDFORWARD -o "${IFACE}" -j DROP
fi
# Reload all rules.
/usr/local/bin/firewallctrl
}
# See how we were called.
case "$1" in
start)
boot_mesg "Setting up firewall"
iptables_init
evaluate_retval
;;
reload|up)
boot_mesg "Reloading firewall"
iptables_red_up
evaluate_retval
;;
down)
boot_mesg "Disabling firewall access to RED"
iptables_red_down
evaluate_retval
;;
restart)
$0 start
;;
*)
echo "Usage: $0 {start|reload|restart}"
exit 1
;;
esac
exit 0

53
src/initscripts/system/firstsetup Normal file
View File

@@ -0,0 +1,53 @@
#!/bin/bash
# Exit if firstsetup was already done...
if [ -e /var/ipfire/main/firstsetup_ok ]; then
exit 0;
fi
# Edit the serial console entry at /etc/inittab matching to console parameter.
ser_console() {
while test x"$1" != x
do
case $1 in
console=*)
scon=${1##console=};
sed -i -e "s|^7:2345:respawn:/sbin/agetty.*|7:2345:respawn:/sbin/agetty ${scon%%,*} ${scon##*,}|g" /etc/inittab
shift
;;
*)
shift
;;
esac
done
}
cmdline=`cat /proc/cmdline`
ser_console $cmdline
# reload inittab
/sbin/init q
#
/etc/init.d/sysklogd start
export LANG=en_US.utf8
/usr/sbin/setup /dev/tty2 INSTALL
if [ "${?}" == "1" ]; then
echo Setup not finished. Rebooting ...
reboot -f
fi
# plan install pae kernel at next pakfire update if pae is supported
if [ ! "$(grep "^flags.* pae " /proc/cpuinfo)" == "" ]; then
if [ ! -e /opt/pakfire/db/installed/meta-linux-pae ]; then
echo "Name: linux-pae" > /opt/pakfire/db/installed/meta-linux-pae
echo "ProgVersion: 0" >> /opt/pakfire/db/installed/meta-linux-pae
echo "Release: 0" >> /opt/pakfire/db/installed/meta-linux-pae
fi
fi
echo Restarting udev...
killall udevd
/sbin/udevadm hwdb --update
/sbin/udevd --daemon
/sbin/udevadm trigger
/sbin/udevadm settle
/etc/init.d/sysklogd stop
touch /var/ipfire/main/firstsetup_ok

46
src/initscripts/system/fsresize Normal file
View File

@@ -0,0 +1,46 @@
#!/bin/sh
########################################################################
# Begin $rc_base/init.d/fsresize
#
# Description : Resize the root filesystem in the background
#
# Authors : Arne Fitzenreiter - arne_f@ipfire.org
#
# Version : 1.01
#
# Notes :
#
########################################################################
. /etc/sysconfig/rc
. ${rc_functions}
case "${1}" in
start)
if [ -e "/.resizefs" ]; then
boot_mesg "Re-sizing root partition..."
# Find root device
mount | while read -r dev tmp1 mountpoint tmp2; do
# Skip generic entries
[ "${dev}" = "rootfs" ] && continue
if [ "${mountpoint}" = "/" ]; then
# Resize filesystem
resize2fs -p "${dev}"
# Remove marker
rm -f /.resizefs
break
fi
done
fi
;;
*)
echo "Usage: ${0} {start}"
exit 1
;;
esac
# End $rc_base/init.d/26fsresize

787
src/initscripts/system/functions Normal file
View File

@@ -0,0 +1,787 @@
#!/bin/sh
########################################################################
# Begin $rc_base/init.d/functions
#
# Description : Run Level Control Functions
#
# Authors : Gerard Beekmans - gerard@linuxfromscratch.org
#
# Version : 00.00
#
# Notes : With code based on Matthias Benkmann's simpleinit-msb
# http://winterdrache.de/linux/newboot/index.html
#
########################################################################
## Environmental setup
# Setup default values for environment
umask 022
export PATH="/bin:/usr/bin:/sbin:/usr/sbin"
# Signal sent to running processes to refresh their configuration
RELOADSIG="HUP"
# Number of seconds between STOPSIG and FALLBACK when stopping processes
KILLDELAY="10"
## Screen Dimensions
# Find current screen size
if [ -z "${COLUMNS}" ]; then
COLUMNS=$(stty size 2>/dev/null)
COLUMNS=${COLUMNS##* }
fi
# When using remote connections, such as a serial port, stty size returns 0
if [ "${COLUMNS}" = "0" ]; then
COLUMNS=80
fi
## Measurements for positioning result messages
COL=$((${COLUMNS} - 8))
WCOL=$((${COL} - 2))
## Set Cursor Position Commands, used via echo -e
SET_COL="\\033[${COL}G" # at the $COL char
SET_WCOL="\\033[${WCOL}G" # at the $WCOL char
CURS_UP="\\033[1A\\033[0G" # Up one line, at the 0'th char
## Set color commands, used via echo -e
# Please consult `man console_codes for more information
# under the "ECMA-48 Set Graphics Rendition" section
#
# Warning: when switching from a 8bit to a 9bit font,
# the linux console will reinterpret the bold (1;) to
# the top 256 glyphs of the 9bit font. This does
# not affect framebuffer consoles
NORMAL="\\033[0;39m" # Standard console grey
SUCCESS="\\033[1;32m" # Success is green
WARNING="\\033[1;33m" # Warnings are yellow
FAILURE="\\033[1;31m" # Failures are red
INFO="\\033[1;36m" # Information is light cyan
BRACKET="\\033[1;34m" # Brackets are blue
STRING_LENGTH="0" # the length of the current message
#*******************************************************************************
# Function - boot_mesg()
#
# Purpose: Sending information from bootup scripts to the console
#
# Inputs: $1 is the message
# $2 is the colorcode for the console
#
# Outputs: Standard Output
#
# Dependencies: - sed for parsing strings.
# - grep for counting string length.
#
# Todo:
#*******************************************************************************
boot_mesg()
{
local ECHOPARM=""
while true
do
case "${1}" in
-n)
ECHOPARM=" -n "
shift 1
;;
-*)
echo "Unknown Option: ${1}"
return 1
;;
*)
break
;;
esac
done
## Figure out the length of what is to be printed to be used
## for warning messges.
STRING_LENGTH="`echo "${1}" | sed \
-e 's,.,.,g' -e 'l 1' | grep -c \$`"
# Print the message to the screen
echo ${ECHOPARM} -e "${2}${1}"
}
boot_mesg_flush()
{
# Reset STRING_LENGTH for next message
STRING_LENGTH="0"
}
boot_log()
{
# Left in for backwards compatibility
echo -n ""
}
echo_ok()
{
echo -n -e "${CURS_UP}${SET_COL}${BRACKET}[${SUCCESS} OK ${BRACKET}]"
echo -e "${NORMAL}"
boot_mesg_flush
}
echo_failure()
{
echo -n -e "${CURS_UP}${SET_COL}${BRACKET}[${FAILURE} FAIL ${BRACKET}]"
echo -e "${NORMAL}"
boot_mesg_flush
}
echo_warning()
{
echo -n -e "${CURS_UP}${SET_COL}${BRACKET}[${WARNING} WARN ${BRACKET}]"
echo -e "${NORMAL}"
boot_mesg_flush
}
print_error_msg()
{
echo_failure
# $i is inherited by the rc script
boot_mesg -n "FAILURE:\n\nYou should not be reading this error message.\n\n" ${FAILURE}
boot_mesg -n " It means that an unforeseen error took"
boot_mesg -n " place in ${i}, which exited with a return value of"
boot_mesg " ${error_value}.\n"
boot_mesg_flush
boot_mesg -n "If you're able to track this"
boot_mesg -n " error down to a bug in one of the files provided by"
boot_mesg -n " ipfire, please be so kind to inform us at"
boot_mesg " info@ipfire.org.\n"
boot_mesg_flush
boot_mesg -n "Press Enter to continue or wait a minute..." ${INFO}
boot_mesg "" ${NORMAL}
read -t 60 ENTER
}
check_script_status()
{
# $i is inherited by the rc script
if [ ! -f ${i} ]; then
boot_mesg "${i} is not a valid symlink." ${WARNING}
echo_warning
continue
fi
if [ ! -x ${i} ]; then
boot_mesg "${i} is not executable, skipping." ${WARNING}
echo_warning
continue
fi
}
evaluate_retval()
{
error_value="${?}"
if [ ${error_value} = 0 ]; then
echo_ok
else
echo_failure
fi
# This prevents the 'An Unexpected Error Has Occurred' from trivial
# errors.
return 0
}
print_status()
{
if [ "${#}" = "0" ]; then
echo "Usage: ${0} {success|warning|failure}"
return 1
fi
case "${1}" in
success)
echo_ok
;;
warning)
# Leave this extra case in because old scripts
# may call it this way.
case "${2}" in
running)
echo -e -n "${CURS_UP}"
echo -e -n "\\033[${STRING_LENGTH}G "
boot_mesg "Already running." ${WARNING}
echo_warning
;;
not_running)
echo -e -n "${CURS_UP}"
echo -e -n "\\033[${STRING_LENGTH}G "
boot_mesg "Not running." ${WARNING}
echo_warning
;;
not_available)
echo -e -n "${CURS_UP}"
echo -e -n "\\033[${STRING_LENGTH}G "
boot_mesg "Not available." ${WARNING}
echo_warning
;;
*)
# This is how it is supposed to
# be called
echo_warning
;;
esac
;;
failure)
echo_failure
;;
esac
}
reloadproc()
{
if [ "${#}" = "0" ]; then
echo "Usage: reloadproc [{program}]"
exit 1
fi
getpids "${1}"
if [ -n "${pidlist}" ]; then
failure="0"
for pid in ${pidlist}
do
kill -"${RELOADSIG}" "${pid}" || failure="1"
done
(exit ${failure})
evaluate_retval
else
boot_mesg "Process ${1} not running." ${WARNING}
echo_warning
fi
}
statusproc()
{
if [ "${#}" = "0" ]
then
echo "Usage: statusproc {program}"
exit 1
fi
getpids "${1}"
if [ -n "${pidlist}" ]; then
echo -e "${INFO}${base} is running with Process"\
"ID(s) ${pidlist}.${NORMAL}"
else
if [ -n "${base}" -a -e "/var/run/${base}.pid" ]; then
echo -e "${WARNING}${1} is not running but"\
"/var/run/${base}.pid exists.${NORMAL}"
else
if [ -n "${PIDFILE}" -a -e "${PIDFILE}" ]; then
echo -e "${WARNING}${1} is not running"\
"but ${PIDFILE} exists.${NORMAL}"
else
echo -e "${INFO}${1} is not running.${NORMAL}"
fi
fi
fi
}
# The below functions are documented in the LSB-generic 2.1.0
#*******************************************************************************
# Function - pidofproc [-s] [-p pidfile] pathname
#
# Purpose: This function returns one or more pid(s) for a particular daemon
#
# Inputs: -p pidfile, use the specified pidfile instead of pidof
# pathname, path to the specified program
#
# Outputs: return 0 - Success, pid's in stdout
# return 1 - Program is dead, pidfile exists
# return 2 - Invalid or excessive number of arguments,
# warning in stdout
# return 3 - Program is not running
#
# Dependencies: pidof, echo, head
#
# Todo: Remove dependency on head
# This depreciates getpids
# Test changes to pidof
#
#*******************************************************************************
pidofproc()
{
local pidfile=""
local lpids=""
local silent=""
pidlist=""
while true
do
case "${1}" in
-p)
pidfile="${2}"
shift 2
;;
-s)
# Added for legacy opperation of getpids
# eliminates several '> /dev/null'
silent="1"
shift 1
;;
-*)
log_failure_msg "Unknown Option: ${1}"
return 2
;;
*)
break
;;
esac
done
if [ "${#}" != "1" ]; then
shift 1
log_failure_msg "Usage: pidofproc [-s] [-p pidfile] pathname"
return 2
fi
if [ -n "${pidfile}" ]; then
if [ ! -r "${pidfile}" ]; then
return 3 # Program is not running
fi
lpids=`head -n 1 ${pidfile}`
for pid in ${lpids}
do
if [ "${pid}" -ne "$$" -a "${pid}" -ne "${PPID}" ]; then
kill -0 "${pid}" > /dev/null &&
pidlist="${pidlist} ${pid}"
fi
if [ "${silent}" -ne "1" ]; then
echo "${pidlist}"
fi
test -z "${pidlist}" &&
# Program is dead, pidfile exists
return 1
# else
return 0
done
else
pidlist=`pidof -o $$ -o $PPID -x "$1"`
if [ "x${silent}" != "x1" ]; then
echo "${pidlist}"
fi
# Get provide correct running status
if [ -n "${pidlist}" ]; then
return 0
else
return 3
fi
fi
if [ "$?" != "0" ]; then
return 3 # Program is not running
fi
}
# This will ensure compatibility with previous LFS Bootscripts
getpids()
{
if [ -z "${PIDFILE}" ]; then
pidofproc -s -p "${PIDFILE}" $@
else
pidofproc -s $@
fi
base="${1##*/}"
}
#*******************************************************************************
# Function - loadproc [-f] [-n nicelevel] [-p pidfile] pathname [args]
#
# Purpose: This runs the specified program as a daemon
#
# Inputs: -f, run the program even if it is already running
# -n nicelevel, specifies a nice level. See nice(1).
# -p pidfile, uses the specified pidfile
# pathname, pathname to the specified program
# args, arguments to pass to specified program
#
# Outputs: return 0 - Success
# return 2 - Invalid of excessive number of arguments,
# warning in stdout
# return 4 - Program or service status is unknown
#
# Dependencies: nice
#
# Todo: LSB says this should be called start_daemon
# LSB does not say that it should call evaluate_retval
# It checks for PIDFILE, which is deprecated.
# Will be removed after BLFS 6.0
# loadproc returns 0 if program is already running, not LSB compliant
#
#*******************************************************************************
loadproc()
{
local pidfile=""
local forcestart=""
local nicelevel=""
# This will ensure compatibility with previous LFS Bootscripts
if [ -n "${PIDFILE}" ]; then
pidfile="${PIDFILE}"
fi
while true
do
case "${1}" in
-f)
forcestart="1"
shift 1
;;
-n)
nicelevel="${2}"
shift 2
;;
-p)
pidfile="${2}"
shift 2
;;
-*)
log_failure_msg "Unknown Option: ${1}"
return 2 #invalid or excess argument(s)
;;
*)
break
;;
esac
done
if [ "${#}" = "0" ]; then
log_failure_msg "Usage: loadproc [-f] [-n nicelevel] [-p pidfile] pathname [args]"
return 2 #invalid or excess argument(s)
fi
if [ -z "${forcestart}" ]; then
if [ -z "${pidfile}" ]; then
pidofproc -s "${1}"
else
pidofproc -s -p "${pidfile}" "${1}"
fi
case "${?}" in
0)
log_warning_msg "Unable to continue: ${1} is running"
return 0 # 4
;;
1)
log_warning_msg "Unable to continue: ${pidfile} exists"
return 0 # 4
;;
3)
;;
*)
log_failure_msg "Unknown error code from pidofproc: ${?}"
return 4
;;
esac
fi
local cmd="${@}"
if [ -n "${nicelevel}" ]; then
cmd="nice -n "${nicelevel}" ${cmd}"
fi
${cmd}
evaluate_retval # This is "Probably" not LSB compliant, but required to be compatible with older bootscripts
return 0
}
#*******************************************************************************
# Function - killproc [-p pidfile] pathname [signal]
#
# Purpose:
#
# Inputs: -p pidfile, uses the specified pidfile
# pathname, pathname to the specified program
# signal, send this signal to pathname
#
# Outputs: return 0 - Success
# return 2 - Invalid of excessive number of arguments,
# warning in stdout
# return 4 - Unknown Status
#
# Dependencies: kill
#
# Todo: LSB does not say that it should call evaluate_retval
# It checks for PIDFILE, which is deprecated.
# Will be removed after BLFS 6.0
#
#*******************************************************************************
killproc()
{
local pidfile=""
local killsig=""
pidlist=""
# This will ensure compatibility with previous LFS Bootscripts
if [ -n "${PIDFILE}" ]; then
pidfile="${PIDFILE}"
fi
while true
do
case "${1}" in
-p)
pidfile="${2}"
shift 2
;;
-*)
log_failure_msg "Unknown Option: ${1}"
return 2
;;
*)
break
;;
esac
done
if [ "${#}" = "2" ]; then
killsig="${2}"
elif [ "${#}" != "1" ]; then
shift 2
log_failure_msg "Usage: killproc [-p pidfile] pathname [signal]"
return 2
fi
if [ -z "${pidfile}" ]; then
pidofproc -s "${1}"
else
pidofproc -s -p "${pidfile}" "${1}"
fi
# Change....
if [ -n "${pidlist}" ]; then
for pid in ${pidlist}
do
kill -${killsig:-TERM} ${pid} 2>/dev/null
if [ -z "${killsig}" ]; then
# Wait up to 3 seconds, for ${pid} to terminate
local dtime=${KILLDELAY}
while [ "${dtime}" != "0" ]
do
kill -0 ${pid} 2>/dev/null || break
sleep 1
dtime=$(( ${dtime} - 1))
done
# If ${pid} is still running, kill it
kill -0 ${pid} 2>/dev/null && kill -KILL ${pid} 2>/dev/null
fi
done
if [ -z "${killsig}" ]; then
pidofproc -s "${1}"
# Program was terminated
if [ "$?" != "0" ]; then
# Pidfile Exists
if [ -f "${pidfile}" ]; then
rm -f "${pidfile}"
fi
echo_ok
return 0
else # Program is still running
echo_failure
return 4 # Unknown Status
fi
else
if [ -z "${pidfile}" ]; then
pidofproc -s "${1}"
else
pidofproc -s -p "${pidfile}" "${1}"
fi
fi
evaluate_retval # This is "Probably" not LSB compliant, but required to be compatible with older bootscripts
else
print_status warning not_running
fi
}
#*******************************************************************************
# Function - log_success_msg "message"
#
# Purpose: Print a success message
#
# Inputs: $@ - Message
#
# Outputs: Text output to screen
#
# Dependencies: echo
#
# Todo: logging
#
#*******************************************************************************
log_success_msg()
{
echo -n -e "${BOOTMESG_PREFIX}${@}"
echo -e "${SET_COL}""${BRACKET}""[""${SUCCESS}"" OK ""${BRACKET}""]""${NORMAL}"
return 0
}
#*******************************************************************************
# Function - log_failure_msg "message"
#
# Purpose: Print a failure message
#
# Inputs: $@ - Message
#
# Outputs: Text output to screen
#
# Dependencies: echo
#
# Todo: logging
#
#*******************************************************************************
log_failure_msg() {
echo -n -e "${BOOTMESG_PREFIX}${@}"
echo -e "${SET_COL}""${BRACKET}""[""${FAILURE}"" FAIL ""${BRACKET}""]""${NORMAL}"
return 0
}
#*******************************************************************************
# Function - log_warning_msg "message"
#
# Purpose: print a warning message
#
# Inputs: $@ - Message
#
# Outputs: Text output to screen
#
# Dependencies: echo
#
# Todo: logging
#
#*******************************************************************************
log_warning_msg() {
echo -n -e "${BOOTMESG_PREFIX}${@}"
echo -e "${SET_COL}""${BRACKET}""[""${WARNING}"" WARN ""${BRACKET}""]""${NORMAL}"
return 0
}
run_subdir() {
DIR=$1
for i in $(ls -v ${DIR}* 2> /dev/null); do
check_script_status
OUT=$(echo $(basename ${i}) | awk -F- '{ print $2 }')
case "$OUT" in
S) ${i} start ;;
K) ${i} stop ;;
RS) ${i} restart ;;
RL) ${i} reload ;;
U) ${i} up ;;
D) ${i} down ;;
*) ${i} ;;
esac
done
}
mem_amount() {
local pagesize="$(getconf PAGESIZE)"
local pages="$(getconf _PHYS_PAGES)"
echo "$(( ${pagesize} * ${pages} / 1024 / 1024 ))"
}
use_ramdisk() {
eval $(/usr/local/bin/readhash /etc/sysconfig/ramdisk)
case "${RAMDISK_MODE}" in
# Don't use ramdisk
0)
return 1
;;
# Always use ramdisk
1)
return 0
;;
# Automatic mode - use ramdisk if sufficient
# memory is available
2)
local mem_avail="$(mem_amount)"
if [ ${mem_avail} -ge 400 ]; then
return 0
else
return 1
fi
;;
# Fail for everything else
*)
return 2
;;
esac
}
mount_ramdisk() {
local path="${1}"
local path_tmpfs="${path}.tmpfs"
# Check if the ramdisk is already mounted
if mountpoint "${path}" &>/dev/null; then
return 0
fi
# Create ramdisk
mkdir -p "${path_tmpfs}"
mount -t tmpfs none "${path_tmpfs}"
# Restore ramdisk content
cp -pR ${path}/* "${path_tmpfs}"
# Move ramdisk to final destination
mount --move "${path_tmpfs}" "${path}"
rm -rf "${path_tmpfs}"
}
umount_ramdisk() {
local path="${1}"
local path_tmpfs="${path}.tmpfs"
# Check if a ramdisk is actually mounted
if ! mountpoint "${path}" &>/dev/null; then
return 0
fi
# Move the ramdisk
mkdir -p "${path_tmpfs}"
mount --move "${path}" "${path_tmpfs}"
# Backup ramdisk content
cp -pR ${path_tmpfs}/* "${path}"
# Destroy the ramdisk
umount "${path_tmpfs}"
rm -rf "${path_tmpfs}"
}
# End $rc_base/init.d/functions

42
src/initscripts/system/halt Normal file
View File

@@ -0,0 +1,42 @@
#!/bin/sh
########################################################################
# Begin $rc_base/init.d/halt
#
# Description : Halt Script
#
# Authors : Gerard Beekmans - gerard@linuxfromscratch.org
#
# Version : 00.00
#
# Notes :
#
########################################################################
. /etc/sysconfig/rc
. ${rc_functions}
case "${1}" in
stop)
sync && sync
boot_mesg "Remount root readonly..."
mount -f -o remount,ro / > /dev/null 2>&1
evaluate_retval
boot_mesg "Prepare for halt..."
sleep 2
#Disable all leds at shutdown
for led in $(ls /sys/class/leds); do
echo "none" > /sys/class/leds/$led/trigger
echo "0" > /sys/class/leds/$led/brightness
done
halt -d -f -i -p
;;
*)
echo "Usage: {stop}"
exit 1
;;
esac
# End $rc_base/init.d/halt

2
src/initscripts/system/ipsec Normal file
View File

@@ -0,0 +1,2 @@
#!/bin/sh
ipsec $*

155
src/initscripts/system/leds Normal file
View File

@@ -0,0 +1,155 @@
#!/bin/sh
########################################################################
# Begin $rc_base/init.d/leds
#
# Description : Script to setup leds at boot.
#
########################################################################
. /etc/sysconfig/rc
. ${rc_functions}
if [ -e /etc/init.d/leds.user ]; then
/etc/init.d/leds.user $*
exit ${?}
fi
# Load ethernet settings
eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings)
case "${RED_TYPE}" in
PPPOE)
RED_DEV="ppp0"
;;
esac
# setup_netdev_trigger LED DEVICE MODE
setup_netdev_trigger ()
{
if [ -d "/sys/class/leds/$1" ]; then
modprobe -q ledtrig-netdev 2>&1 > /dev/null
echo "netdev" > /sys/class/leds/$1/trigger
echo "$2" > /sys/class/leds/$1/device_name
echo "$3 $4" > /sys/class/leds/$1/mode
fi
}
# setup_netdev_trigger LED
setup_heartbeat_trigger ()
{
if [ -d "/sys/class/leds/$1" ]; then
modprobe -q ledtrig-heartbeat 2>&1 > /dev/null
echo "heartbeat" > /sys/class/leds/$1/trigger
fi
}
# disable_led_trigger LED
disable_led_trigger ()
{
if [ -d "/sys/class/leds/$1" ]; then
echo "none" > /sys/class/leds/$1/trigger
echo "0" > /sys/class/leds/$1/brightness
fi
}
# enable LED
enable_led ()
{
if [ -d "/sys/class/leds/$1" ]; then
echo "1" > /sys/class/leds/$1/brightness
fi
}
case "${1}" in
start)
# Alix LED start
setup_heartbeat_trigger alix:1
setup_netdev_trigger alix:2 ${RED_DEV} rx
setup_netdev_trigger alix:3 ${RED_DEV} tx
# Apu LED start
setup_heartbeat_trigger apu:1
setup_netdev_trigger apu:2 ${RED_DEV} rx
setup_netdev_trigger apu:3 ${RED_DEV} tx
# Geos LED start
setup_heartbeat_trigger geos:1
setup_netdev_trigger geos:2 ${RED_DEV} rx
setup_netdev_trigger geos:3 ${RED_DEV} tx
# Dreamplug
setup_netdev_trigger dreamplug:green:wlan ${GREEN_DEV} tx rx
setup_netdev_trigger dreamplug:blue:wlanap ${BLUE_DEV} tx rx
setup_netdev_trigger dreamplug:blue:bluetooth ${RED_DEV} tx rx
# Iomega iConnect start
setup_heartbeat_trigger iconnect:blue:otb
setup_netdev_trigger iconnect:blue:power ${RED_DEV} rx
setup_netdev_trigger iconnect:red:power ${RED_DEV} tx
setup_netdev_trigger iconnect:blue:usb_2 ${GREEN_DEV} tx rx
setup_netdev_trigger iconnect:blue:usb_3 ${BLUE_DEV} tx rx
setup_netdev_trigger iconnect:blue:usb_4 ${ORANGE_DEV} tx rx
# ICY Box LED start
setup_netdev_trigger nas6210:red:power ${RED_DEV} tx rx
setup_netdev_trigger nas6210:red:usb_copy ${GREEN_DEV} tx rx
# Mirabox start
setup_heartbeat_trigger mirabox:green:pwr
setup_netdev_trigger mirabox:green:stat ${GREEN_DEV} tx rx
setup_netdev_trigger mirabox:blue:stat ${BLUE_DEV} tx rx
exit 0
;;
stop)
# Alix LED stop
disable_led_trigger alix:1
enable_led alix:1
disable_led_trigger alix:2
disable_led_trigger alix:3
# Apu LED stop
disable_led_trigger apu:1
enable_led apu:1
disable_led_trigger apu:2
disable_led_trigger apu:3
# Geos LED stop
disable_led_trigger geos:1
enable_led geos:1
disable_led_trigger geos:2
disable_led_trigger geos:3
# Dreamplug
disable_led_trigger dreamplug:green:wlan
disable_led_trigger dreamplug:blue:wlanap
disable_led_trigger dreamplug:blue:bluetooth
# Iomega iConnect stop (heartbeat will leave on)
disable_led_trigger iconnect:blue:power
disable_led_trigger iconnect:red:power
disable_led_trigger iconnect:blue:usb_2
disable_led_trigger iconnect:blue:usb_3
disable_led_trigger iconnect:blue:usb_4
# ICY Box LED stop
disable_led_trigger nas6210:red:power
disable_led_trigger nas6210:red:usb_copy
# Mirabox stop
disable_led_trigger mirabox:green:pwr
enable_led mirabox:green:pwr
disable_led_trigger mirabox:green:stat
disable_led_trigger mirabox:blue:stat
exit 0
;;
*)
echo "Usage: ${0} {start|stop}"
exit 1
;;
esac
# End $rc_base/init.d/leds

71
src/initscripts/system/localnet Normal file
View File

@@ -0,0 +1,71 @@
#!/bin/sh
########################################################################
# Begin $rc_base/init.d/localnet
#
# Description : Loopback device
#
# Authors : Gerard Beekmans - gerard@linuxfromscratch.org
#
# Version : 00.00
#
# Notes :
#
########################################################################
. /etc/sysconfig/rc
. ${rc_functions}
write_resolv_conf() {
(
[ -n "${DOMAINNAME}" ] && echo "search ${DOMAINNAME}"
echo "nameserver 127.0.0.1"
) > /etc/resolv.conf
}
case "${1}" in
start)
eval $(/usr/local/bin/readhash /var/ipfire/main/settings)
boot_mesg "Bringing up the loopback interface..."
ip addr add 127.0.0.1/8 label lo dev lo
ip link set lo up
evaluate_retval
boot_mesg "Setting hostname to ${HOSTNAME}..."
hostname ${HOSTNAME}
evaluate_retval
if [ -z "$DOMAINNAME" ]; then
boot_mesg "Setting domainname to ${DOMAINNAME}..."
domainname ${DOMAINNAME}
evaluate_retval
fi
# Update resolv.conf
write_resolv_conf
;;
stop)
boot_mesg "Bringing down the loopback interface..."
ip link set lo down
evaluate_retval
;;
restart)
${0} stop
sleep 1
${0} start
;;
status)
eval $(/usr/local/bin/readhash /var/ipfire/main/settings)
echo "Hostname is: $(hostname)"
ip link show lo
;;
*)
echo "Usage: ${0} {start|stop|restart|status}"
exit 1
;;
esac
# End $rc_base/init.d/localnet

68
src/initscripts/system/mISDN Normal file
View File

@@ -0,0 +1,68 @@
#!/bin/sh
########################################################################
# Begin $rc_base/init.d/mISDN
#
# Description : Start mISDN v2
#
# Authors : Arne Fitzenreiter - arne_f@ipfire.org
#
# Version : 01.00
#
# Notes :
#
########################################################################
. /etc/sysconfig/rc
. ${rc_functions}
case "${1}" in
start)
boot_mesg "Starting mISDNv2 ... "
# load mISDN modules
for module in mISDN_core hfcpci hfcsusb hfcmulti avmfritz speedfax mISDNinfineon xhfc; do
modprobe $module > /dev/null 2>&1;
done
modprobe mISDN_dsp
modprobe mISDN_dsp_oslec
if [ ${?} = 0 ]; then
echo_ok;
else
echo_failure;
fi
exit 0;
;;
stop)
boot_mesg "Stopping mISDNv2 ... "
# unload mISDN hardware modules
for module in mISDN_dsp_oslec mISDN_dsp hfcpci hfcsusb hfcmulti avmfritz speedfax mISDNinfineon xhfc mISDNipac mISDNisar; do
rmmod $module > /dev/null 2>&1;
done
rmmod mISDN_core > /dev/null 2>&1
echo_ok;
exit 0;
;;
config)
boot_mesg "mISDNv2 - config not needed!"
exit 0;
;;
scan)
boot_mesg "mISDNv2 - scan not supported!"
exit 0;
;;
*)
echo "Usage: ${0} {start}{stop}"
exit 1
;;
esac
# End $rc_base/init.d/mISDN

83
src/initscripts/system/modules Normal file
View File

@@ -0,0 +1,83 @@
#!/bin/sh
########################################################################
# Begin $rc_base/init.d/modules
#
# Description : Module auto-loading script
#
# Authors : Zack Winkles
#
# Version : 00.00
#
# Notes :
#
########################################################################
. /etc/sysconfig/rc
. ${rc_functions}
# Assure that the kernel has module support.
[ -e /proc/ksyms -o -e /proc/modules ] || exit 0
case "${1}" in
start)
# If proc is mounted, find the current kernel
# message level
if [ -f /proc/sys/kernel/printk ]; then
prev_msg=`cat /proc/sys/kernel/printk | \
sed 'l 1' | sed -n '2~0p' | \
sed 's/\\\//'`
else
prev_msg="6"
fi
# Now set the message level to 1 so not to make too
# much noise when loading modules
dmesg -n 1
# Only try to load modules if the user has actually given us
# some modules to load.
if egrep -qv '^(#|$)' /etc/sysconfig/modules 2>/dev/null
then
# Read in the configuration file.
exec 9>&0 < /etc/sysconfig/modules
boot_mesg -n "Loading modules:" ${INFO}
while read module args
do
# Ignore comments and blank lines.
case "${module}" in
""|\#*) continue ;;
esac
# Attempt to load the module, making
# sure to pass any arguments provided.
modprobe ${module} ${args} &>/dev/null
# Print the module name if successful,
# otherwise take note.
if [ ${?} -eq 0 ]; then
boot_mesg -n " ${module}" ${NORMAL}
fi
done
boot_mesg "" ${NORMAL}
# Print a message about successfully loaded
# modules on the correct line.
echo_ok
exec 0>&9 9>&-
fi
# Set the kernel message level back to it's previous value.
dmesg -n "${prev_msg}"
;;
*)
echo "Usage: ${0} {start}"
exit 1
;;
esac
# End $rc_base/init.d/modules

57
src/initscripts/system/mountfs Normal file
View File

@@ -0,0 +1,57 @@
#!/bin/sh
########################################################################
# Begin $rc_base/init.d/mountfs
#
# Description : File System Mount Script
#
# Authors : Gerard Beekmans - gerard@linuxfromscratch.org
#
# Version : 00.00
#
# Notes :
#
########################################################################
. /etc/sysconfig/rc
. ${rc_functions}
case "${1}" in
start)
boot_mesg "Remounting root file system in read-write mode..."
mount -n -o remount,rw / &>/dev/null
evaluate_retval
# Remove fsck-related file system watermarks.
rm -f /fastboot /forcefsck
boot_mesg "Create /etc/mtab..."
> /etc/mtab
mount -f / || failed=1
(exit ${failed})
evaluate_retval
# This will mount all filesystems that do not have _netdev in
# their option list. _netdev denotes a network filesystem.
boot_mesg "Mounting remaining file systems..."
mount -a -O no_netdev &>/dev/null
evaluate_retval
;;
stop)
boot_mesg "Syncing discs..."
sync && sync
sleep 2
sync && sync
evaluate_retval
boot_mesg "Unmounting all other currently mounted file systems..."
umount -a -d -r &>/dev/null
evaluate_retval
;;
*)
echo "Usage: ${0} {start|stop}"
exit 1
;;
esac
# End $rc_base/init.d/mountfs

49
src/initscripts/system/mountkernfs Normal file
View File

@@ -0,0 +1,49 @@
#!/bin/sh
########################################################################
# Begin $rc_base/init.d/mountkernfs
#
# Description : Mount proc and sysfs
#
# Authors : Gerard Beekmans - gerard@linuxfromscratch.org
#
# Version : 00.00
#
# Notes :
#
########################################################################
. /etc/sysconfig/rc
. ${rc_functions}
case "${1}" in
start)
boot_mesg -n "Mounting kernel-based file systems:" ${INFO}
if ! mountpoint /proc &> /dev/null; then
boot_mesg -n " /proc" ${NORMAL}
mount -n -t proc /proc /proc || failed=1
fi
if ! mountpoint /sys &> /dev/null; then
boot_mesg -n " /sys" ${NORMAL}
mount -n -t sysfs /sys /sys || failed=1
fi
if ! mountpoint /run &> /dev/null; then
boot_mesg -n " /run" ${NORMAL}
mount -n -t tmpfs -o nosuid,nodev,mode=755,size=8M /run /run || failed=1
fi
boot_mesg "" ${NORMAL}
(exit ${failed})
evaluate_retval
;;
*)
echo "Usage: ${0} {start}"
exit 1
;;
esac
# End $rc_base/init.d/mountkernfs

33
src/initscripts/system/mounttmpfs Normal file
View File

@@ -0,0 +1,33 @@
#!/bin/sh
########################################################################
# Begin $rc_base/init.d/mounttmpfs
#
# Description : Mount tmpfses
#
########################################################################
. /etc/sysconfig/rc
. ${rc_functions}
case "${1}" in
start)
boot_mesg -n "Mounting ramdisk file systems:" ${INFO}
if ! mountpoint /var/lock &>/dev/null; then
boot_mesg -n " /var/lock" ${NORMAL}
mount -n -t tmpfs -o nosuid,nodev,size=8M /var/lock /var/lock || failed=1
fi
boot_mesg "" ${NORMAL}
(exit ${failed})
evaluate_retval
;;
*)
echo "Usage: ${0} {start}"
exit 1
;;
esac
# End $rc_base/init.d/mounttmpfs

109
src/initscripts/system/network Normal file
View File

@@ -0,0 +1,109 @@
#!/bin/sh
########################################################################
# Begin $rc_base/init.d/network
#
# Description : Network Control Script
#
# Authors : Michael Tremer - mitch@ipfire.org
#
# Version : 01.00
#
# Notes : Written for IPFire by its team
#
########################################################################
. /etc/sysconfig/rc
. ${rc_functions}
eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings)
DO="${1}"
shift
if [ -n "${1}" ]; then
ALL=0
for i in green red blue orange; do
eval "${i}=0"
done
else
ALL=1
for i in green red blue orange; do
eval "${i}=1"
done
fi
while [ ! $# = 0 ]; do
for i in green red blue orange; do
if [ "${i}" == "${1}" ]; then
eval "${i}=1"
shift
fi
done
done
case "${DO}" in
start)
# Starting interfaces...
# GREEN
[ "$green" == "1" ] && /etc/rc.d/init.d/networking/green start
# BLUE
[ "$blue" == "1" ] && [ "$CONFIG_TYPE" = "3" -o "$CONFIG_TYPE" = "4" ] && \
/etc/rc.d/init.d/networking/blue start
# ORANGE
[ "$orange" == "1" ] && [ "$CONFIG_TYPE" = "2" -o "$CONFIG_TYPE" = "4" ] && \
/etc/rc.d/init.d/networking/orange start
# RED
if [ "$red" == "1" ]; then
if [ "$CONFIG_TYPE" = "1" -o "$CONFIG_TYPE" = "2" -o "$CONFIG_TYPE" = "3" -o "$CONFIG_TYPE" = "4" ]; then
# Remove possible leftover files
rm -f /var/ipfire/red/{active,device,dial-on-demand,dns1,dns2,local-ipaddress,remote-ipaddress,resolv.conf}
[ "$AUTOCONNECT" == "off" ] || /etc/rc.d/init.d/networking/red start
fi
fi
/etc/rc.d/init.d/static-routes start
;;
stop)
# Stopping interfaces...
# GREEN
[ "$green" == "1" ] && /etc/rc.d/init.d/networking/green stop
# BLUE
[ "$blue" == "1" ] && [ "$CONFIG_TYPE" = "3" -o "$CONFIG_TYPE" = "4" ] && \
/etc/rc.d/init.d/networking/blue stop
# ORANGE
[ "$orange" == "1" ] && [ "$CONFIG_TYPE" = "2" -o "$CONFIG_TYPE" = "4" ] && \
/etc/rc.d/init.d/networking/orange stop
# RED
if [ "$red" == "1" ]; then
if [ "$CONFIG_TYPE" = "1" -o "$CONFIG_TYPE" = "2" -o "$CONFIG_TYPE" = "3" -o "$CONFIG_TYPE" = "4" ]; then
/etc/rc.d/init.d/networking/red stop
fi
fi
exit 0
;;
restart)
for i in green red blue orange; do
if [ "${!i}" == "1" ]; then
ARGS+=" ${i}"
fi
done
${0} stop ${ARGS}
sleep 1
${0} start ${ARGS}
;;
*)
echo "Usage: ${0} {start|stop|restart} [device(s)]"
exit 1
;;
esac
# End /etc/rc.d/init.d/network

22
src/initscripts/system/network-trigger Normal file
View File

@@ -0,0 +1,22 @@
#!/bin/sh
########################################################################
# Begin $rc_base/init.d/network-trigger
########################################################################
. /etc/sysconfig/rc
. ${rc_functions}
case "${1}" in
start)
boot_mesg "Triggering network devices..."
udevadm trigger --action="add" --subsystem-match="net"
evaluate_retval
;;
*)
echo "Usage: ${0} {start}"
exit 1
;;
esac
# End $rc_base/init.d/network-trigger

70
src/initscripts/system/ntp Normal file
View File

@@ -0,0 +1,70 @@
#!/bin/sh
# Begin $rc_base/init.d/ntp
. /etc/sysconfig/rc
. $rc_functions
eval $(/usr/local/bin/readhash /var/ipfire/time/settings)
case "$1" in
start)
if [ "$ENABLESETONBOOT" == "on" ]; then
boot_mesg -n "Setting time on boot..."
pidof wpa_supplicant dhcpcd 2>&1 > /dev/null
if [ "${?}" == "0" ]; then
if [ ! -e /var/ipfire/red/active ]; then
boot_mesg ""
boot_mesg -n "Waiting for red connection"
for (( i=30; i>1; i-- )) do
if [ -e /var/ipfire/red/active ]; then
break;
fi
boot_mesg -n "."
sleep 2
done
sleep 5
fi
fi
if [ -e /var/ipfire/red/active ]; then
boot_mesg ""
host ping.ipfire.org > /dev/null 2>&1
if [ "${?}" != "0" ]; then
boot_mesg "DNS not work ... init with ntp.ipfire.org at 81.3.27.46 ..."
loadproc /usr/local/bin/settime 81.3.27.46
boot_mesg "Setting time on boot..."
fi
loadproc /usr/local/bin/settime $(cat /var/ipfire/time/settime.conf)
else
boot_mesg " ERROR! Not online!"
echo_warning
fi
fi
boot_mesg "Starting ntpd..."
loadproc /usr/bin/ntpd -Ap /var/run/ntpd.pid
;;
stop)
boot_mesg "Stopping ntpd..."
killproc /usr/bin/ntpd
;;
restart)
$0 stop
sleep 1
$0 start
;;
status)
statusproc /usr/bin/ntpd
;;
*)
echo "Usage: $0 {start|stop|restart|status}"
exit 1
;;
esac
# End $rc_base/init.d/ntp

75
src/initscripts/system/partresize Normal file
View File

@@ -0,0 +1,75 @@
#!/bin/sh
########################################################################
# Begin $rc_base/init.d/partresize
#
# Description : Resize the root partition to the drivesize
#
# Authors : Arne Fitzenreiter - arne_f@ipfire.org
#
# Version : 1.04
#
# Notes :
#
########################################################################
. /etc/sysconfig/rc
. ${rc_functions}
case "${1}" in
start)
if [ -e "/.partresize" ]; then
boot_mesg "Mounting root file system in read/write mode ..."
mount -o remount,rw / > /dev/null
evaluate_retval
boot_mesg "Create /etc/mtab..."
> /etc/mtab
mount -f / || failed=1
(exit ${failed})
evaluate_retval
# Detect device
mount | while read -r dev tmp1 mountpoint tmp2; do
[ "${dev}" = "rootfs" ] && continue
if [ "${mountpoint}" = "/" ]; then
# Find root partition number
part_num="${dev: -1}"
# Find path to the root device
root_dev="${dev::-1}"
if [ ! -b "${dev::-1}" -a "${root_dev: -1}" = "p" ]; then
root_dev="${dev::-2}"
fi
boot_mesg "Growing root partition to maximum size..."
echo -e ',+' | sfdisk --no-reread -f -N${part_num} "${root_dev}" 2>/dev/null
# Update c,h,s values of the boot partition...
if [ ${part_num} -ne 1 -a -b "${root_dev}1" ]; then
echo -e ',' | sfdisk --no-reread -f -N1 ${DRV} &> /dev/null
fi
# The filesystem should be resized after
# this operation
touch /.resizefs
# Remove marker
rm -f /.partresize
# Reboot
boot_mesg "Rebooting system..."
mount -o remount,ro / &>/dev/null
sleep 15
reboot -f
fi
done
fi
;;
*)
echo "Usage: ${0} {start}"
exit 1
;;
esac
# End $rc_base/init.d/partresize

35
src/initscripts/system/random Normal file
View File

@@ -0,0 +1,35 @@
#!/bin/sh
# Begin $rc_base/init.d/random
# Based on sysklogd script from LFS-3.1 and earlier.
# Rewritten by Gerard Beekmans - gerard@linuxfromscratch.org
# Random script elements by Larry Lawrence
. /etc/sysconfig/rc
. $rc_functions
case "$1" in
start)
boot_mesg "Initializing kernel random number generator..."
if [ -f /var/tmp/random-seed ]; then
/bin/cat /var/tmp/random-seed >/dev/urandom
fi
/bin/dd if=/dev/urandom of=/var/tmp/random-seed \
count=4 &>/dev/null
evaluate_retval
;;
stop)
boot_mesg "Saving random seed..."
/bin/dd if=/dev/urandom of=/var/tmp/random-seed \
count=4 &>/dev/null
evaluate_retval
;;
*)
echo "Usage: $0 {start|stop}"
exit 1
;;
esac
# End $rc_base/init.d/random

103
src/initscripts/system/rc Normal file
View File

@@ -0,0 +1,103 @@
#!/bin/sh
########################################################################
# Begin $rc_base/init.d/rc
#
# Description : Main Run Level Control Script
#
# Authors : Gerard Beekmans - gerard@linuxfromscratch.org
#
# Version : 00.00
#
# Notes :
#
########################################################################
. /etc/sysconfig/rc
. ${rc_functions}
# This sets a few default terminal options.
stty sane
# These 3 signals will not cause our script to exit
trap "" INT QUIT TSTP
[ "${1}" != "" ] && runlevel=${1}
if [ "${runlevel}" = "" ]; then
echo "Usage: ${0} <runlevel>" >&2
exit 1
fi
previous=${PREVLEVEL}
[ "${previous}" = "" ] && previous=N
if [ ! -d ${rc_base}/rc${runlevel}.d ]; then
boot_mesg "${rc_base}/rc${runlevel}.d does not exist." ${WARNING}
boot_mesg_flush
exit 1
fi
# Attempt to stop all service started by previous runlevel,
# and killed in this runlevel
if [ "${previous}" != "N" ]; then
for i in $(ls -v ${rc_base}/rc${runlevel}.d/K* 2> /dev/null)
do
check_script_status
suffix=${i#$rc_base/rc$runlevel.d/K[0-9][0-9]}
prev_start=$rc_base/rc$previous.d/S[0-9][0-9]$suffix
sysinit_start=$rc_base/rcsysinit.d/S[0-9][0-9]$suffix
if [ "${runlevel}" != "0" ] && [ "${runlevel}" != "6" ]; then
if [ ! -f ${prev_start} ] && [ ! -f ${sysinit_start} ]; then
boot_mesg -n "WARNING:\n\n${i} can't be" ${WARNING}
boot_mesg -n " executed because it was not"
boot_mesg -n " not started in the previous"
boot_mesg -n " runlevel (${previous})."
boot_mesg "" ${NORMAL}
boot_mesg_flush
continue
fi
fi
${i} stop
error_value=${?}
if [ "${error_value}" != "0" ]; then
print_error_msg
fi
done
fi
#Start all functions in this runlevel
for i in $( ls -v ${rc_base}/rc${runlevel}.d/S* 2> /dev/null)
do
suffix=${i#$rc_base/rc$runlevel.d/S[0-9][0-9]}
# Skip if initscript is disabled at bootprompt
grep "skipinit=$suffix" /proc/cmdline >/dev/null 2>&1 && continue
if [ "${previous}" != "N" ]; then
stop=$rc_base/rc$runlevel.d/K[0-9][0-9]$suffix
prev_start=$rc_base/rc$previous.d/S[0-9][0-9]$suffix
[ -f ${prev_start} ] && [ ! -f ${stop} ] && continue
fi
check_script_status
case ${runlevel} in
0|6)
${i} stop
;;
*)
${i} start
;;
esac
error_value=${?}
if [ "${error_value}" != "0" ]; then
print_error_msg
fi
done
# End $rc_base/init.d/rc

36
src/initscripts/system/reboot Normal file
View File

@@ -0,0 +1,36 @@
#!/bin/sh
########################################################################
# Begin $rc_base/init.d/reboot
#
# Description : Reboot Scripts
#
# Authors : Gerard Beekmans - gerard@linuxfromscratch.org
#
# Version : 00.00
#
# Notes :
#
########################################################################
. /etc/sysconfig/rc
. ${rc_functions}
case "${1}" in
stop)
sync && sync
boot_mesg "Remount root readonly..."
mount -f -o remount,ro / > /dev/null 2>&1
evaluate_retval
boot_mesg "Prepare for reboot..."
sleep 2
reboot -d -f -i
;;
*)
echo "Usage: ${0} {stop}"
exit 1
;;
esac
# End $rc_base/init.d/reboot

65
src/initscripts/system/rngd Normal file
View File

@@ -0,0 +1,65 @@
#!/bin/sh
########################################################################
# Begin $rc_base/init.d/rngd
#
# Description : Random Number Generator Daemon
#
# Authors : Michael Tremer <michael.tremer@ipfire.org>
#
########################################################################
. /etc/sysconfig/rc
. ${rc_functions}
function has_rdrand() {
grep -q "rdrand" /proc/cpuinfo
}
function has_hwrng() {
[ -e "/dev/hwrng" ]
}
case "${1}" in
start)
if ! has_hwrng && ! has_rdrand; then
boot_mesg "No Hardware Random Number Generator found..."
echo_warning
exit 0
fi
boot_mesg "Starting Random Number Generator Daemon..."
if pidofproc /usr/sbin/rngd &>/dev/null; then
# Is already running.
echo_ok
else
loadproc /usr/sbin/rngd --no-tpm=1
fi
;;
stop)
boot_mesg "Stopping Random Number Generator Daemon..."
killproc -p /var/run/rngd.pid /usr/sbin/rngd
;;
restart)
${0} stop
sleep 1
${0} start
;;
status)
statusproc /usr/sbin/rngd
;;
udev-event)
$0 restart &>/dev/null
;;
*)
echo "Usage: ${0} {start|stop|restart|status}"
exit 1
;;
esac
# End $rc_base/init.d/rngd

52
src/initscripts/system/sendsignals Normal file
View File

@@ -0,0 +1,52 @@
#!/bin/sh
########################################################################
# Begin $rc_base/init.d/sendsignals
#
# Description : Sendsignals Script
#
# Authors : Gerard Beekmans - gerard@linuxfromscratch.org
#
# Version : 00.00
#
# Notes :
#
########################################################################
. /etc/sysconfig/rc
. ${rc_functions}
case "${1}" in
stop)
boot_mesg "Sending all processes the TERM signal..." ${WARN}
killall5 -15
error_value=${?}
sleep ${KILLDELAY}
if [ "${error_value}" = 0 -o "${error_value}" = 2 ]; then
echo_ok
else
echo_failure
fi
boot_mesg "Sending all processes the KILL signal..." ${ERR}
killall5 -9
error_value=${?}
sleep ${KILLDELAY}
if [ "${error_value}" = 0 -o "${error_value}" = 2 ]; then
echo_ok
else
echo_failure
fi
;;
*)
echo "Usage: ${0} {stop}"
exit 1
;;
esac
# End $rc_base/init.d/sendsignals

59
src/initscripts/system/setclock Normal file
View File

@@ -0,0 +1,59 @@
#!/bin/sh
########################################################################
# Begin $rc_base/init.d/setclock
#
# Description : Setting Linux Clock
#
# Authors : Gerard Beekmans - gerard@linuxfromscratch.org
#
# Version : 00.00
#
# Notes :
#
########################################################################
. /etc/sysconfig/rc
. ${rc_functions}
CLOCKPARAMS=
case ${1} in
start)
boot_mesg "Setting system clock..."
# udev not create the rtc symlink if rtc is in the kernel
if [ ! -e /dev/rtc ]; then
if [ -e /dev/rtc0 ]; then
ln -s rtc0 /dev/rtc
fi
fi
hwclock --hctosys ${CLOCKPARAMS} &>/dev/null
date
if [ -e /var/log/messages ]; then
LOGTIMESTAMP=`stat --format "%y" /var/log/messages`
LOGTIME=`date +%s -d "$LOGTIMESTAMP"`
SYSTIME=`date +%s`
if [ $SYSTIME -lt $LOGTIME ]; then
boot_mesg "Warning! clock runs later than last log access. Check battery/rtc!"
date -s "$LOGTIMESTAMP"
echo_warning;
else
echo_ok;
fi
fi
;;
stop)
boot_mesg "Setting hardware clock..."
hwclock --systohc ${CLOCKPARAMS} &>/dev/null
evaluate_retval
;;
*)
echo "Usage: ${0} {start} {stop}"
;;
esac

28
src/initscripts/system/smartenabler Normal file
View File

@@ -0,0 +1,28 @@
#!/bin/sh
# Begin $rc_base/init.d/smartenabler
. /etc/sysconfig/rc
. $rc_functions
case "$1" in
start)
boot_mesg -n "Enabling S.M.A.R.T.: ";
for disk in `ls -1 /sys/block | grep -E '^sd' | sort | uniq`; do
/usr/sbin/smartctl --smart=on /dev/$disk > /dev/nul;
if [ ${?} = 0 ]; then
boot_mesg -n "$SUCCESS$disk$NORMAL ";
else
boot_mesg -n "$WARNING$disk$NORMAL ";
fi
done
boot_mesg;
echo_ok;
;;
*)
echo "Usage: $0 {start}"
exit 1
;;
esac
# End $rc_base/init.d/smartenabler

146
src/initscripts/system/snort Normal file
View File

@@ -0,0 +1,146 @@
#!/bin/sh
########################################################################
# Begin $rc_base/init.d/snort
#
# Description : Snort Initscript
#
# Authors : Michael Tremer for ipfire.org - mitch@ipfire.org
#
# Version : 01.00
#
# Notes :
#
########################################################################
. /etc/sysconfig/rc
. ${rc_functions}
PATH=/usr/local/sbin:/usr/local/bin:/bin:/usr/bin:/sbin:/usr/sbin; export PATH
eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings)
eval $(/usr/local/bin/readhash /var/ipfire/snort/settings)
ALIASFILE="/var/ipfire/ethernet/aliases"
case "$1" in
start)
if [ "$BLUE_NETADDRESS" ]; then
BLUE_NET="$BLUE_NETADDRESS/$BLUE_NETMASK,"
BLUE_IP="$BLUE_ADDRESS,"
fi
if [ "$ORANGE_NETADDRESS" ]; then
ORANGE_NET="$ORANGE_NETADDRESS/$ORANGE_NETMASK,"
ORANGE_IP="$ORANGE_ADDRESS,"
fi
if [ "$ENABLE_SNORT_ORANGE" == "on" ]; then
DEVICES+="$ORANGE_DEV "
HOMENET+="$ORANGE_IP"
else
HOMENET+="$ORANGE_NET"
fi
if [ "$ENABLE_SNORT_BLUE" == "on" ]; then
DEVICES+="$BLUE_DEV "
HOMENET+="$BLUE_IP"
else
HOMENET+="$BLUE_NET"
fi
if [ "$ENABLE_SNORT_GREEN" == "on" ]; then
DEVICES+="$GREEN_DEV "
HOMENET+="$GREEN_ADDRESS,"
else
HOMENET+="$GREEN_NETADDRESS/$GREEN_NETMASK,"
fi
if [ "$ENABLE_SNORT" == "on" ]; then
DEVICES+=`cat /var/ipfire/red/iface 2>/dev/null`
LOCAL_IP=`cat /var/ipfire/red/local-ipaddress 2>/dev/null`
if [ "$LOCAL_IP" ]; then
HOMENET+="$LOCAL_IP,"
fi
# Check if the red device is set to static and
# any aliases have been configured.
if [ "${RED_TYPE}" == "STATIC" ] && [ -s "${ALIASFILE}" ]; then
# Read in aliases file.
while IFS="," read -r address mode remark; do
# Check if the alias is enabled.
[ "${mode}" = "on" ] || continue
# Add alias to the list of HOMENET addresses.
HOMENET+="${address},"
done < "${ALIASFILE}"
fi
fi
HOMENET+="127.0.0.1"
echo "ipvar HOME_NET [$HOMENET]" > /etc/snort/vars
DNS1=`cat /var/ipfire/red/dns1 2>/dev/null`
DNS2=`cat /var/ipfire/red/dns2 2>/dev/null`
if [ "$DNS2" ]; then
echo "ipvar DNS_SERVERS [$DNS1,$DNS2]" >> /etc/snort/vars
else
echo "ipvar DNS_SERVERS $DNS1" >> /etc/snort/vars
fi
for DEVICE in $DEVICES; do
boot_mesg "Starting Intrusion Detection System on $DEVICE..."
/usr/sbin/snort -c /etc/snort/snort.conf -i $DEVICE -D -l /var/log/snort --create-pidfile --nolock-pidfile --pid-path /var/run
evaluate_retval
sleep 1
chmod 644 /var/run/snort_$DEVICE.pid
done
;;
stop)
DEVICES=""
if [ -r /var/run/snort_$BLUE_DEV.pid ]; then
DEVICES+="$BLUE_DEV "
fi
if [ -r /var/run/snort_$GREEN_DEV.pid ]; then
DEVICES+="$GREEN_DEV "
fi
if [ -r /var/run/snort_$ORANGE_DEV.pid ]; then
DEVICES+="$ORANGE_DEV "
fi
RED=`cat /var/ipfire/red/iface 2>/dev/null`
if [ -r /var/run/snort_$RED.pid ]; then
DEVICES+=`cat /var/ipfire/red/iface 2>/dev/null`
fi
for DEVICE in $DEVICES; do
boot_mesg "Stopping Intrusion Detection System on $DEVICE..."
killproc -p /var/run/snort_$DEVICE.pid /var/run
done
rm /var/run/snort_* >/dev/null 2>/dev/null
# Don't report returncode of rm if snort was not started
exit 0
;;
status)
statusproc /usr/sbin/snort
;;
restart)
$0 stop
$0 start
;;
*)
echo "Usage: $0 {start|stop|restart|status}"
exit 1
;;
esac
chmod 644 /var/log/snort/* 2>/dev/null
# End $rc_base/init.d/snort

178
src/initscripts/system/squid Normal file
View File

@@ -0,0 +1,178 @@
#!/bin/sh
# Begin $rc_base/init.d/squid
. /etc/sysconfig/rc
. $rc_functions
chown -R squid:squid /var/log/squid
chown -R squid:squid /var/log/squidGuard
transparent() {
DEVICE=$1
eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings)
eval $(/usr/local/bin/readhash /var/ipfire/proxy/settings)
# If the proxy port is not set we set the default to 800.
if [ -z "${TRANSPARENT_PORT}" ]; then
TRANSPARENT_PORT=800
fi
LOCALIP=`cat /var/ipfire/red/local-ipaddress | tr -d \n`
if [ -z $LOCALIP ]; then
boot_mesg "Couldn't read local-ipaddress" ${FAILURE}
exit 1
fi
COUNT=1
FILE=/var/ipfire/vpn/config
while read LINE; do
let COUNT=$COUNT+1
CONN_TYPE=`echo "$LINE" | awk -F, '{ print $5 }'`
if [ "$CONN_TYPE" != "net" ]; then
continue
fi
iptables -t nat -A SQUID -i $1 -p tcp -d `echo "$LINE" | awk -F, '{ print $13 }'` --dport 80 -j RETURN
done < $FILE
if [ "$RED_TYPE" == "STATIC" ]; then
iptables -t nat -A SQUID -i $1 -p tcp -d $RED_NETADDRESS/$RED_NETMASK --dport 80 -j RETURN
fi
iptables -t nat -A SQUID -i $1 -p tcp -d $LOCALIP --dport 80 -j RETURN
iptables -t nat -A SQUID -i $1 -p tcp --dport 80 -j REDIRECT --to-port "${TRANSPARENT_PORT}"
}
case "$1" in
start)
getpids "squid"
if [ -n "${pidlist}" ]; then
echo -e "Squid is already running with Process"\
"ID(s) ${pidlist}.${NORMAL}"
evaluate_retval
exit
fi
eval $(/usr/local/bin/readhash /var/ipfire/proxy/advanced/settings)
eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings)
if [ -e /var/ipfire/proxy/enable -o -e /var/ipfire/proxy/enable_blue ]; then
# Add Address to errorpage stylesheet
sed "s|XXXhostXXX|$GREEN_ADDRESS|g" /var/ipfire/proxy/errorpage-$ERR_DESIGN.css > \
/etc/squid/errorpage.css
boot_mesg "Creating Squid swap directories..."
/usr/sbin/squid -z >/dev/null 2>&1
evaluate_retval
# Make sure, that the process above has finished.
counter=5
while [ ${counter} -gt 0 ]; do
if pidofproc -s /usr/sbin/squid; then
sleep 1
else
break
fi
done
boot_mesg "Starting Squid Proxy Server..."
loadproc /usr/sbin/squid
fi
if [ -e /var/ipfire/proxy/transparent ]; then
transparent $GREEN_DEV
fi
if [ -e /var/ipfire/proxy/transparent_blue ]; then
transparent $BLUE_DEV
fi
;;
stop)
iptables -t nat -F SQUID
if [ -e /var/run/squid.pid ]; then
boot_mesg -n "Stopping Squid Proxy Server (this may take up to a few minutes)..."
squid -k shutdown >/dev/null 2>&1
# If some squid processes are still running, wait up to 360 seconds
# before we go on to kill the remaining process(es) and delete damaged
# '/var/log/cache/swap.state'.
n=0
while squid -k check &>/dev/null && [ $n -lt 360 ]; do
# Print a dot every 6 seconds
[ $(( ${n} % 6 )) -eq 0 ] && boot_mesg -n .
n=$(( ${n} + 1 ))
sleep 1
done
boot_mesg "" # end line
# If (squid-1) is still running, kill all squid processes
if squid -k check &>/dev/null || pgrep -fl "(squid-1)" >/dev/null 2>&1; then
killproc /usr/sbin/squid >/dev/null
echo_failure
# Remove damaged journal of cache index
rm -f /var/log/cache/swap.state
boot_mesg -n "WARNING: squid could not be gracefully shut down." ${WARNING}
boot_mesg -n " The cache index was damaged and has been removed."
boot_mesg -n " The cache data has not been lost and the index will be"
boot_mesg -n " recreated at the next start."
boot_mesg "" ${NORMAL}
echo_warning
else
logger -t squid "squid shutdown time: ${n} seconds"
echo_ok
fi
# Kill any redirector processes that might have been left running
killproc /usr/bin/squidGuard >/dev/null &
killproc /usr/sbin/updxlrator >/dev/null &
killproc /usr/bin/squidclamav >/dev/null &
killproc /usr/sbin/redirect_wrapper >/dev/null &
wait
fi
# Trash remain pid file from squid.
rm -f /var/run/squid.pid
;;
restart)
$0 stop
sleep 5
$0 start
;;
reconfigure)
/usr/sbin/squid -k reconfigure
;;
status)
statusproc /usr/sbin/squid
statusproc /usr/lib/squid/unlinkd
;;
flush)
$0 stop
rm -rf /var/log/cache/*
sleep 1
$0 start
;;
setperms)
chown -R nobody.squid /var/updatecache/
;;
*)
echo "Usage: $0 {start|stop|restart|status|flush}"
exit 1
;;
esac
# End $rc_base/init.d/squid

64
src/initscripts/system/sshd Normal file
View File

@@ -0,0 +1,64 @@
#!/bin/sh
# Begin $rc_base/init.d/sshd
# Based on sysklogd script from LFS-3.1 and earlier.
# Rewritten by Gerard Beekmans - gerard@linuxfromscratch.org
#$LastChangedBy: bdubbs $
#$Date: 2006-04-15 17:34:16 -0500 (Sat, 15 Apr 2006) $
. /etc/sysconfig/rc
. $rc_functions
case "$1" in
start)
for algo in rsa ecdsa ed25519; do
keyfile="/etc/ssh/ssh_host_${algo}_key"
# If the key already exists, there is nothing to do.
[ -e "${keyfile}" ] && continue
boot_mesg "Generating SSH key (${algo})..."
ssh-keygen -qf "${keyfile}" -N '' -t ${algo}
evaluate_retval
done
[ -e "/var/ipfire/remote/enablessh" ] || exit 0 # SSH is not enabled
boot_mesg "Starting SSH Server..."
loadproc /usr/sbin/sshd
# Also prevent ssh from being killed by out of memory conditions
(
sleep 3
pid=$(cat /var/run/sshd.pid 2>/dev/null)
[ -n "${pid}" ] && echo "-16" > "/proc/${pid}/oom_score_adj"
) &
;;
stop)
boot_mesg "Stopping SSH Server..."
killproc /usr/sbin/sshd
;;
reload)
boot_mesg "Reloading SSH Server..."
reloadproc /usr/sbin/sshd
;;
restart)
$0 stop
sleep 1
$0 start
;;
status)
statusproc /usr/sbin/sshd
;;
*)
echo "Usage: $0 {start|stop|reload|restart|status}"
exit 1
;;
esac
# End $rc_base/init.d/sshd

67
src/initscripts/system/static-routes Normal file
View File

@@ -0,0 +1,67 @@
#!/bin/bash
. /etc/sysconfig/rc
. ${rc_functions}
function init_table() {
# Check if table does already exist. If not we add it.
if (ip rule | grep -q "static" >/dev/null 2>&1); then
return
fi
ip rule add table static
}
function create_all_routes() {
local file=${1}
shift
# Remote all routes.
ip route flush table static >/dev/null 2>&1
local status
local network
local gateway
local remark
# Read all routes from the configuration file and add the enabled ones
# immediately.
while IFS=, read status network gateway remark; do
[ "${status}" = "on" ] || continue
if [ -z "${network}" -o -z "${gateway}" ]; then
# Silently skipping invalid routes.
continue
fi
ip route add ${network} via ${gateway} table static proto static
done < ${file}
}
CONFIGFILE="/var/ipfire/main/routing"
case "${1}" in
start)
boot_mesg "Adding static routes..."
# First, initialize the table
init_table
# Add all routes
create_all_routes ${CONFIGFILE}
evaluate_retval
;;
stop)
boot_mesg "Removing static routes..."
ip route flush table static >/dev/null 2>&1
evaluate_retval
;;
*)
echo "Usage: ${0} {start|stop}"
exit 1
;;
esac

50
src/initscripts/system/swap Normal file
View File

@@ -0,0 +1,50 @@
#!/bin/sh
########################################################################
# Begin $rc_base/init.d/swap
#
# Description : Swap Control Script
#
# Authors : Gerard Beekmans - gerard@linuxfromscratch.org
#
# Version : 00.00
#
# Notes :
#
########################################################################
. /etc/sysconfig/rc
. ${rc_functions}
case "${1}" in
start)
boot_mesg "Activating all swap files/partitions..."
swapon -a
evaluate_retval
;;
stop)
boot_mesg "Deactivating all swap files/partitions..."
swapoff -a
evaluate_retval
;;
restart)
${0} stop
sleep 1
${0} start
;;
status)
boot_mesg "Retrieving swap status." ${INFO}
echo_ok
echo
swapon -s
;;
*)
echo "Usage: ${0} {start|stop|restart|status}"
exit 1
;;
esac
# End $rc_base/init.d/swap

79
src/initscripts/system/swconfig Normal file
View File

@@ -0,0 +1,79 @@
#!/bin/sh
########################################################################
# Begin $rc_base/init.d/swconfig
#
# Description : Script to setup lan switch.
# don't edit this script! If you want change the functions
# create an own script called swconfig.user
########################################################################
. /etc/sysconfig/rc
. ${rc_functions}
if [ -e /etc/init.d/swconfig.user ]; then
/etc/init.d/swconfig.user $*
exit ${?}
fi
if [ -e /var/ipfire/ethernet/swconfig_mac ]; then
SWMAC=`cat /var/ipfire/ethernet/swconfig_mac`
else
# Generate a random local administrated mac address for vlan swconfig.
SWMAC=`printf "%1x2:%02x:%02x:%02x:%02x" $[RANDOM%16] $[RANDOM%256] $[RANDOM%256] $[RANDOM%256] $[RANDOM%256]`
echo $SWMAC > /var/ipfire/ethernet/swconfig_mac
fi
case "${1}" in
start)
case `cat /proc/device-tree/model 2>/dev/null` in
"Lamobo-R1")
#
# Lamobo R1 aka BPi R1 Routerboard
#
# Speaker | LAN1 | LAN2 | LAN3 | LAN4 || LAN5 | HDMI
# SW-Port | P2 | P1 | P0 | P4 || P3 |
# VLAN | 11 | 12 | 13 | 14 ||ALL(t)|
#
# Switch-Port P8 - ALL(t) boards internal CPU Port
#
device=`ls /sys/class/net/*/device/stmmac-0* | head -1 | cut -d/ -f5`
ip link set $device up
boot_mesg "Configure vlan-switch on $device ..."
# Reset switch, counter and enable vlan mode
swconfig dev $device set reset 1
swconfig dev $device set reset_mib 1
swconfig dev $device set enable_vlan 1
# configure vlans
swconfig dev $device vlan 11 set ports "2 3t 8t"
swconfig dev $device vlan 12 set ports "1 3t 8t"
swconfig dev $device vlan 13 set ports "0 3t 8t"
swconfig dev $device vlan 14 set ports "4 3t 8t"
# activate new config
swconfig dev $device set apply 1
# create interfaces for the vlan's
modprobe 8021q
vconfig add $device 11
vconfig add $device 12
vconfig add $device 13
vconfig add $device 14
# set local mac addresses.
ip link set dev $device.11 address $SWMAC:11
ip link set dev $device.12 address $SWMAC:12
ip link set dev $device.13 address $SWMAC:13
ip link set dev $device.14 address $SWMAC:14
# need to restart udev...
killall udevd
/etc/init.d/udev start
;;
esac
exit 0
;;
*)
echo "Usage: ${0} {start}"
exit 1
;;
esac
# End $rc_base/init.d/swconfig

39
src/initscripts/system/sysctl Normal file
View File

@@ -0,0 +1,39 @@
#!/bin/sh
########################################################################
# Begin $rc_base/init.d/sysctl
#
# Description : File uses /etc/sysctl.conf to set kernel runtime
# parameters
#
# Authors : Nathan Coulson (nathan@linuxfromscratch.org)
# Matthew Burgress (matthew@linuxfromscratch.org)
#
# Version : 00.00
#
# Notes :
#
########################################################################
. /etc/sysconfig/rc
. ${rc_functions}
case "${1}" in
start)
if [ -f "/etc/sysctl.conf" ]; then
boot_mesg "Setting kernel runtime parameters..."
sysctl -q -p
evaluate_retval
fi
;;
status)
sysctl -a
;;
*)
echo "Usage: ${0} {start|status}"
exit 1
;;
esac
# End $rc_base/init.d/sysctl

63
src/initscripts/system/sysklogd Normal file
View File

@@ -0,0 +1,63 @@
#!/bin/sh
########################################################################
# Begin $rc_base/init.d/sysklogd
#
# Description : Sysklogd loader
#
# Authors : Gerard Beekmans - gerard@linuxfromscratch.org
#
# Version : 00.00
#
# Notes :
#
########################################################################
. /etc/sysconfig/rc
. ${rc_functions}
case "${1}" in
start)
boot_mesg "Starting kernel log daemon..."
loadproc klogd -c 1
boot_mesg "Starting system log daemon..."
loadproc syslogd -m 0
boot_mesg "Saving Bootlog..."
if [ -e /var/log/bootlog ]; then
mv -f /var/log/bootlog /var/log/bootlog.old
fi
dmesg -c > /var/log/bootlog
evaluate_retval
;;
stop)
boot_mesg "Stopping kernel log daemon..."
killproc klogd
boot_mesg "Stopping system log daemon..."
killproc syslogd
;;
reload)
boot_mesg "Reloading system log daemon config file..."
reloadproc syslogd 1
;;
restart)
${0} stop
sleep 1
${0} start
;;
status)
statusproc syslogd
statusproc klogd
;;
*)
echo "Usage: ${0} {start|stop|reload|restart|status}"
exit 1
;;
esac
# End $rc_base/init.d/sysklogd

50
src/initscripts/system/template Normal file
View File

@@ -0,0 +1,50 @@
#!/bin/sh
########################################################################
# Begin $rc_base/init.d/
#
# Description :
#
# Authors :
#
# Version : 00.00
#
# Notes :
#
########################################################################
. /etc/sysconfig/rc
. ${rc_functions}
case "${1}" in
start)
boot_mesg "Starting..."
loadproc
;;
stop)
boot_mesg "Stopping..."
killproc
;;
reload)
boot_mesg "Reloading..."
reloadproc
;;
restart)
${0} stop
sleep 1
${0} start
;;
status)
statusproc
;;
*)
echo "Usage: ${0} {start|stop|reload|restart|status}"
exit 1
;;
esac
# End $rc_base/init.d/

81
src/initscripts/system/udev Normal file
View File

@@ -0,0 +1,81 @@
#!/bin/sh
########################################################################
# Begin $rc_base/init.d/udev
#
# Description : Udev cold-plugging script
#
# Authors : Zack Winkles, Alexander E. Patrakov
#
# Version : 00.02
#
# Notes :
#
########################################################################
. /etc/sysconfig/rc
. ${rc_functions}
case "${1}" in
start)
boot_mesg "Populating /dev with device nodes..."
if ! grep -q '[[:space:]]sysfs' /proc/mounts; then
echo_failure
boot_mesg -n "FAILURE:\n\nUnable to create" ${FAILURE}
boot_mesg -n " devices without a SysFS filesystem"
boot_mesg -n "\n\nAfter you press Enter, this system"
boot_mesg -n " will be halted and powered off."
boot_mesg -n "\n\nPress Enter to continue..." ${INFO}
boot_mesg "" ${NORMAL}
read ENTER
/etc/rc.d/init.d/halt stop
fi
if ! grep -q '[[:space:]]/dev' /proc/mounts; then
echo_failure
boot_mesg -n "FAILURE:\n\nKernel has no devtmpfs/mount" ${FAILURE}
boot_mesg -n " support but this is needed for udev."
boot_mesg -n "\n\nAfter you press Enter, this system"
boot_mesg -n " will be halted and powered off."
boot_mesg -n "\n\nPress Enter to continue..." ${INFO}
boot_mesg "" ${NORMAL}
read ENTER
/etc/rc.d/init.d/halt stop
fi
if ! grep -q '[[:space:]]/dev/shm' /proc/mounts; then
mkdir -p /dev/shm
mount -t tmpfs tmpfs /dev/shm
fi
if ! grep -q '[[:space:]]/dev/pts' /proc/mounts; then
mkdir -p /dev/pts
mount -t devpts devpts -o gid=5,mode=620 /dev/pts
fi
# Udev handles uevents itself, so we don't need to have
# the kernel call out to any binary in response to them
echo > /proc/sys/kernel/hotplug
# Copy static device nodes to /dev
cp -a /lib/udev/devices/* /dev
# Start the udev daemon to continually watch for, and act on,
# uevents
/sbin/udevd --daemon
# Now traverse /sys in order to "coldplug" devices that have
# already been discovered
/bin/udevadm trigger --action=add
# Now wait for udevd to process the uevents we triggered
/bin/udevadm settle
evaluate_retval
;;
*)
echo "Usage ${0} {start}"
exit 1
;;
esac
# End $rc_base/init.d/udev

39
src/initscripts/system/udev_retry Normal file
View File

@@ -0,0 +1,39 @@
#!/bin/sh
########################################################################
# Begin $rc_base/init.d/udev_retry
#
# Description : Udev cold-plugging script (retry)
#
# Authors : Alexander E. Patrakov
#
# Version : 00.02
#
# Notes :
#
########################################################################
. /etc/sysconfig/rc
. ${rc_functions}
case "${1}" in
start)
boot_mesg "Retrying failed uevents, if any..."
# Re-trigger the failed uevents in hope they will succeed now
# If there are none, the "No such file or directory" error
# goes to /dev/null
for file in /dev/.udev/failed/*/uevent ; do
echo "add" >"${file}"
done 2>/dev/null
# Now wait for udevd to process the uevents we triggered
/bin/udevadm settle
evaluate_retval
;;
*)
echo "Usage ${0} {start}"
exit 1
;;
esac
# End $rc_base/init.d/udev_retry

471
src/initscripts/system/unbound Normal file
View File

@@ -0,0 +1,471 @@
#!/bin/sh
# Begin $rc_base/init.d/unbound
# Description : Unbound DNS resolver boot script for IPfire
# Author : Marcel Lorenz <marcel.lorenz@ipfire.org>
. /etc/sysconfig/rc
. ${rc_functions}
TEST_DOMAIN="ipfire.org"
# This domain will never validate
TEST_DOMAIN_FAIL="dnssec-failed.org"
INSECURE_ZONES=
USE_FORWARDERS=1
# Cache any local zones for 60 seconds
LOCAL_TTL=60
# EDNS buffer size
EDNS_DEFAULT_BUFFER_SIZE=4096
# Load optional configuration
[ -e "/etc/sysconfig/unbound" ] && . /etc/sysconfig/unbound
function cidr() {
local cidr nbits IFS;
IFS=. read -r i1 i2 i3 i4 <<< ${1}
IFS=. read -r m1 m2 m3 m4 <<< ${2}
cidr=$(printf "%d.%d.%d.%d\n" "$((i1 & m1))" "$((i2 & m2))" "$((i3 & m3))" "$((i4 & m4))")
nbits=0
IFS=.
for dec in $2 ; do
case $dec in
255) let nbits+=8;;
254) let nbits+=7;;
252) let nbits+=6;;
248) let nbits+=5;;
240) let nbits+=4;;
224) let nbits+=3;;
192) let nbits+=2;;
128) let nbits+=1;;
0);;
*) echo "Error: $dec is not recognised"; exit 1
esac
done
echo "${cidr}/${nbits}"
}
ip_address_revptr() {
local addr=${1}
local a1 a2 a3 a4
IFS=. read -r a1 a2 a3 a4 <<< ${addr}
echo "${a4}.${a3}.${a2}.${a1}.in-addr.arpa"
}
read_name_servers() {
local i
for i in 1 2; do
echo "$(</var/ipfire/red/dns${i})"
done | xargs echo
}
config_header() {
echo "# This file is automatically generated and any changes"
echo "# will be overwritten. DO NOT EDIT!"
echo
}
update_forwarders() {
if [ "${USE_FORWARDERS}" = "1" -a -e "/var/ipfire/red/active" ]; then
local forwarders
local broken_forwarders
local ns
for ns in $(read_name_servers); do
test_name_server ${ns} &>/dev/null
case "$?" in
# Only use DNSSEC-validating or DNSSEC-aware name servers
0|2)
forwarders="${forwarders} ${ns}"
;;
*)
broken_forwarders="${broken_forwarders} ${ns}"
;;
esac
done
# Determine EDNS buffer size
local new_edns_buffer_size=${EDNS_DEFAULT_BUFFER_SIZE}
for ns in ${forwarders}; do
local edns_buffer_size=$(ns_determine_edns_buffer_size ${ns})
if [ -n "${edns_buffer_size}" ]; then
if [ ${edns_buffer_size} -lt ${new_edns_buffer_size} ]; then
new_edns_buffer_size=${edns_buffer_size}
fi
fi
done
if [ ${new_edns_buffer_size} -lt ${EDNS_DEFAULT_BUFFER_SIZE} ]; then
boot_mesg "EDNS buffer size reduced to ${new_edns_buffer_size}" ${WARNING}
echo_warning
unbound-control -q set_option edns-buffer-size: ${new_edns_buffer_size}
fi
# Show warning for any broken upstream name servers
if [ -n "${broken_forwarders}" ]; then
boot_mesg "Ignoring broken upstream name server(s): ${broken_forwarders:1}" ${WARNING}
echo_warning
fi
if [ -n "${broken_forwarders}" -a -z "${forwarders}" ]; then
boot_mesg "Falling back to recursor mode" ${WARNING}
echo_warning
elif [ -n "${forwarders}" ]; then
boot_mesg "Configuring upstream name server(s): ${forwarders:1}" ${INFO}
echo_ok
echo "${forwarders}" > /var/ipfire/red/dns
unbound-control -q forward ${forwarders}
return 0
fi
fi
# If forwarders cannot be used we run in recursor mode
echo "local recursor" > /var/ipfire/red/dns
unbound-control -q forward off
}
own_hostname() {
local hostname=$(hostname -f)
# 1.1.1.1 is reserved for unused green, skip this
if [ -n "${GREEN_ADDRESS}" -a "${GREEN_ADDRESS}" != "1.1.1.1" ]; then
unbound-control -q local_data "${hostname} ${LOCAL_TTL} IN A ${GREEN_ADDRESS}"
fi
local address
for address in ${GREEN_ADDRESS} ${BLUE_ADDRESS} ${ORANGE_ADDRESS}; do
[ -n "${address}" ] || continue
[ "${address}" = "1.1.1.1" ] && continue
address=$(ip_address_revptr ${address})
unbound-control -q local_data "${address} ${LOCAL_TTL} IN PTR ${hostname}"
done
}
update_hosts() {
local enabled address hostname domainname
while IFS="," read -r enabled address hostname domainname; do
[ "${enabled}" = "on" ] || continue
# Build FQDN
local fqdn="${hostname}.${domainname}"
unbound-control -q local_data "${fqdn} ${LOCAL_TTL} IN A ${address}"
# Skip reverse resolution if the address equals the GREEN address
[ "${address}" = "${GREEN_ADDRESS}" ] && continue
# Add RDNS
address=$(ip_address_revptr ${address})
unbound-control -q local_data "${address} ${LOCAL_TTL} IN PTR ${fqdn}"
done < /var/ipfire/main/hosts
}
write_forward_conf() {
(
config_header
local insecure_zones="${INSECURE_ZONES}"
local enabled zone server remark
while IFS="," read -r enabled zone server remark; do
# Line must be enabled.
[ "${enabled}" = "on" ] || continue
# Zones that end with .local are commonly used for internal
# zones and therefore not signed
case "${zone}" in
*.local)
insecure_zones="${insecure_zones} ${zone}"
;;
esac
echo "forward-zone:"
echo " name: ${zone}"
echo " forward-addr: ${server}"
echo
done < /var/ipfire/dnsforward/config
if [ -n "${insecure_zones}" ]; then
echo "server:"
for zone in ${insecure_zones}; do
echo " domain-insecure: ${zone}"
done
fi
) > /etc/unbound/forward.conf
}
write_tuning_conf() {
# https://www.unbound.net/documentation/howto_optimise.html
# Determine number of online processors
local processors=$(getconf _NPROCESSORS_ONLN)
# Determine number of slabs
local slabs=1
while [ ${slabs} -lt ${processors} ]; do
slabs=$(( ${slabs} * 2 ))
done
# Determine amount of system memory
local mem=$(get_memory_amount)
# In the worst case scenario, unbound can use double the
# amount of memory allocated to a cache due to malloc overhead
# Large systems with more than 2GB of RAM
if [ ${mem} -ge 2048 ]; then
mem=128
# Small systems with less than 256MB of RAM
elif [ ${mem} -le 256 ]; then
mem=8
# Everything else
else
mem=32
fi
(
config_header
# We run one thread per processor
echo "num-threads: ${processors}"
# Adjust number of slabs
echo "infra-cache-slabs: ${slabs}"
echo "key-cache-slabs: ${slabs}"
echo "msg-cache-slabs: ${slabs}"
echo "rrset-cache-slabs: ${slabs}"
# Slice up the cache
echo "rrset-cache-size: $(( ${mem} / 2 ))m"
echo "msg-cache-size: $(( ${mem} / 4 ))m"
echo "key-cache-size: $(( ${mem} / 4 ))m"
) > /etc/unbound/tuning.conf
}
get_memory_amount() {
local key val unit
while read -r key val unit; do
case "${key}" in
MemTotal:*)
# Convert to MB
echo "$(( ${val} / 1024 ))"
break
;;
esac
done < /proc/meminfo
}
test_name_server() {
local ns=${1}
local args
# Return codes:
# 0 DNSSEC validating
# 1 Error: unreachable, etc.
# 2 DNSSEC aware
# 3 NOT DNSSEC-aware
# Exit when the server is not reachable
ns_is_online ${ns} || return 1
# Determine the maximum edns buffer size that works
local edns_buffer_size=$(ns_determine_edns_buffer_size ${ns})
if [ -n "${edns_buffer_size}" ]; then
args="${args} +bufsize=${edns_buffer_size}"
fi
local errors
for rr in DNSKEY DS RRSIG; do
if ! ns_forwards_${rr} ${ns} ${args}; then
errors="${errors} ${rr}"
fi
done
if [ -n "${errors}" ]; then
echo >&2 "Unable to retrieve the following resource records from ${ns}: ${errors:1}"
return 3
fi
if ns_is_validating ${ns} ${args}; then
# Return 0 if validating
return 0
else
# Is DNSSEC-aware
return 2
fi
}
# Sends an A query to the nameserver w/o DNSSEC
ns_is_online() {
local ns=${1}
shift
dig @${ns} +nodnssec A ${TEST_DOMAIN} $@ >/dev/null
}
# Resolving ${TEST_DOMAIN_FAIL} will fail if the nameserver is validating
ns_is_validating() {
local ns=${1}
shift
dig @${ns} A ${TEST_DOMAIN_FAIL} $@ | grep -q SERVFAIL
}
# Checks if we can retrieve the DNSKEY for this domain.
# dig will print the SOA if nothing was found
ns_forwards_DNSKEY() {
local ns=${1}
shift
dig @${ns} DNSKEY ${TEST_DOMAIN} $@ | grep -qv SOA
}
ns_forwards_DS() {
local ns=${1}
shift
dig @${ns} DS ${TEST_DOMAIN} $@ | grep -qv SOA
}
ns_forwards_RRSIG() {
local ns=${1}
shift
dig @${ns} +dnssec A ${TEST_DOMAIN} $@ | grep -q RRSIG
}
ns_supports_tcp() {
local ns=${1}
shift
dig @${ns} +tcp A ${TEST_DOMAIN} $@ >/dev/null || return 1
}
ns_determine_edns_buffer_size() {
local ns=${1}
shift
local b
for b in 4096 2048 1500 1480 1464 1400 1280 512; do
if dig @${ns} +dnssec +bufsize=${b} A ${TEST_DOMAIN} $@ >/dev/null; then
echo "${b}"
return 0
fi
done
return 1
}
case "$1" in
start)
# Print a nicer messagen when unbound is already running
if pidofproc -s unbound; then
statusproc /usr/sbin/unbound
exit 0
fi
eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings)
# Create control keys at first run
if [ ! -r "/etc/unbound/unbound_control.key" ]; then
unbound-control-setup -d /etc/unbound &>/dev/null
fi
# Update configuration files
write_tuning_conf
write_forward_conf
boot_mesg "Starting Unbound DNS Proxy..."
loadproc /usr/sbin/unbound || exit $?
# Make own hostname resolveable
own_hostname
# Update any known forwarding name servers
update_forwarders
# Update hosts
update_hosts
;;
stop)
boot_mesg "Stopping Unbound DNS Proxy..."
killproc /usr/sbin/unbound
;;
restart)
$0 stop
sleep 1
$0 start
;;
status)
statusproc /usr/sbin/unbound
;;
update-forwarders)
# Do not try updating forwarders when unbound is not running
if ! pgrep unbound &>/dev/null; then
exit 0
fi
update_forwarders
;;
test-name-server)
ns=${2}
test_name_server ${ns}
ret=${?}
case "${ret}" in
0)
echo "${ns} is validating"
;;
2)
echo "${ns} is DNSSEC-aware"
;;
3)
echo "${ns} is NOT DNSSEC-aware"
;;
*)
echo "Test failed for an unknown reason"
exit ${ret}
;;
esac
if ns_supports_tcp ${ns}; then
echo "${ns} supports TCP fallback"
else
echo "${ns} does not support TCP fallback"
fi
edns_buffer_size=$(ns_determine_edns_buffer_size ${ns})
if [ -n "${edns_buffer_size}" ]; then
echo "EDNS buffer size for ${ns}: ${edns_buffer_size}"
fi
exit ${ret}
;;
*)
echo "Usage: $0 {start|stop|restart|status|update-forwarders|test-name-server}"
exit 1
;;
esac
# End $rc_base/init.d/unbound

55
src/initscripts/system/upnpd Normal file
View File

@@ -0,0 +1,55 @@
#!/bin/sh
########################################################################
# Begin $rc_base/init.d/
#
# Description : UPnP Starter
#
# Authors : Michael Tremer
#
# Version : 01.00
#
# Notes : for www.ipfire.org - GPLv2
#
########################################################################
. /etc/sysconfig/rc
. ${rc_functions}
# defaults
ALLOW_MULTICAST=no
# configuration
eval $(/usr/local/bin/readhash /var/ipfire/upnp/settings)
case "$1" in
start)
boot_mesg "Starting Universal Plug'n'Play daemon..."
loadproc /usr/sbin/upnpd $EXTIFACE $INTIFACE
evaluate_retval
[ "$ALLOW_MULTICAST" != "no" ] && route add -net 239.0.0.0 netmask 255.0.0.0 $INTIFACE
;;
stop)
boot_mesg "Stopping Universal Plug'n'Play daemon..."
killproc /usr/sbin/upnpd
evaluate_retval
[ "$ALLOW_MULTICAST" != "no" ] && route del -net 239.0.0.0 netmask 255.0.0.0 $INTIFACE
;;
restart)
${0} stop
sleep 1
${0} start
;;
status)
statusproc
;;
*)
echo "Usage: ${0} {start|stop|reload|restart|status}"
exit 1
;;
esac
# End $rc_base/init.d/

38
src/initscripts/system/vnstat Executable file
View File

@@ -0,0 +1,38 @@
#!/bin/sh
# Begin $rc_base/init.d/vnstat
. /etc/sysconfig/rc
. $rc_functions
eval $(/usr/local/bin/readhash /var/ipfire/main/settings)
if [ "$VNSTATLOG" = '' ]; then
VNSTATLOG=/var/log/vnstat
fi
case "$1" in
start)
if use_ramdisk; then
boot_mesg "Mounting vnstat ramdisk..."
mount_ramdisk "${VNSTATLOG}"
evaluate_retval
fi
;;
stop)
umount_ramdisk "${VNSTATLOG}"
;;
backup)
# Backup all data if ramdisk is used
if mountpoint "${RRDLOG}" &>/dev/null; then
${0} restart
fi
;;
*)
echo "Usage: $0 {start|stop|backup}"
exit 1
;;
esac
# End $rc_base/init.d/vnstat

51
src/initscripts/system/waitdrives Normal file
View File

@@ -0,0 +1,51 @@
#!/bin/sh
########################################################################
# Begin $rc_base/init.d/waitdrives
#
# Description : Wait for drives before fscheck/mount
#
# Authors : Arne Fitzenreiter - arne_f@ipfire.org
#
# Version : 00.00
#
# Notes :
#
########################################################################
. /etc/sysconfig/rc
. ${rc_functions}
check_drives () {
drives_ready="1";
for drive in $drives; do
if [ `blkid | grep $drive | wc -l` == 0 ]; then
drives_ready="0";
fi
done
}
case "${1}" in
start)
drives=`grep "^UUID=" /etc/fstab | cut -f1 | cut -d" " -f1 | cut -d"=" -f2`;
check_drives;
if [ "$drives_ready" == "0" ]; then
boot_mesg -n "Wait for devices used in fstab "
for (( i=1; i<30; i++)) do
check_drives;
if [ "$drives_ready" == "1" ]; then
break;
fi
boot_mesg -n "."
sleep 1
done
fi
exit 0;
;;
*)
echo "Usage: ${0} {start}"
exit 1
;;
esac
# End $rc_base/init.d/waitdrives

283
src/initscripts/system/wlanclient Normal file
View File

@@ -0,0 +1,283 @@
#!/bin/sh
########################################################################
# Begin $rc_base/init.d/wlan_client
#
# Description : Wireless client initscript
#
########################################################################
. /etc/sysconfig/rc
. ${rc_functions}
eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings)
WIRELESS_CONFIG="/var/ipfire/ethernet/wireless"
function device_is_wireless() {
local device=${1}
if [ -d "/sys/class/net/${device}/wireless" ]; then
return 0
fi
return 1
}
function wpa_supplicant_make_config() {
local device=${1}
local config=${2}
shift 2
# Check if device is wireless.
local wireless="false"
if device_is_wireless ${device}; then
wireless="true"
fi
# Write a configuration file header.
(
echo "#"
echo "# THIS FILE IS AUTOMATICALLY GENERATED AND"
echo "# ANY CUSTOM CHANGES WILL BE OVERWRITTEN!"
echo "#"
echo
echo "ctrl_interface=/var/run/wpa_supplicant"
echo
) > ${config}
local items=0
local line
while IFS="," read -ra line; do
# Skip commented lines.
[ "${line:0:1}" = "#" ] && continue
# Skip disabled entries.
[ "${line[2]}" = "on" ] || continue
wpa_supplicant_config_line \
${device} ${config} \
--wireless="${wireless}" \
--mode="${line[3]}" \
--wpa-mode="${line[4]}" \
--ssid="${line[5]}" \
--psk="${line[6]}" \
--priority="${line[7]}"
items=$(( ${items} + 1 ))
done < ${WIRELESS_CONFIG}
# Return exit code 2, when there are no entries in the
# configuration file.
if [ "${items}" = "0" ]; then
return 2
fi
return 0
}
function wpa_supplicant_config_line() {
local device=${1}
local config=${2}
shift 2
local auth_alg
local proto
local key_mgmt
local pairwise
local group
local mode
local priority
local psk
local ssid
local wep_tx_keyidx
local wep_key0
local wireless="true"
local wpa_mode
while [ $# -gt 0 ]; do
case "${1}" in
--mode=*)
mode=${1#--mode=}
;;
--priority=*)
priority=${1#--priority=}
;;
--psk=*)
psk=${1#--psk=}
;;
--ssid=*)
ssid=${1#--ssid=}
;;
--wireless=*)
wireless=${1#--wireless=}
;;
--wpa-mode=*)
wpa_mode=${1#--wpa-mode=}
;;
esac
shift
done
case "${mode}" in
WPA2)
auth_alg="OPEN"
proto="RSN"
key_mgmt="WPA-PSK"
;;
WPA)
auth_alg="OPEN"
proto="WPA"
key_mgmt="WPA-PSK"
;;
WEP)
auth_alg="SHARED"
key_mgmt="NONE"
wep_tx_keyidx=0
wep_key0=${psk}
psk=""
;;
NONE)
auth_alg="OPEN"
key_mgmt="NONE"
;;
*)
# Unsupported mode.
return 1
;;
esac
if [ "${mode}" = "WPA" -o "${mode}" = "WPA2" ]; then
case "${wpa_mode}" in
CCMP-CCMP)
pairwise="CCMP"
group="CCMP"
;;
CCMP-TKIP)
pairwise="CCMP"
group="TKIP"
;;
TKIP-TKIP)
pairwise="TKIP"
group="TKIP"
;;
*)
pairwise="CCMP TKIP"
group="CCMP TKIP"
;;
esac
fi
(
echo "network={"
if [ -n "${ssid}" ]; then
echo " ssid=\"${ssid}\""
fi
if [ "${wireless}" = "true" ]; then
echo " scan_ssid=1"
fi
if [ -n "${auth_alg}" ]; then
echo " auth_alg=${auth_alg}"
fi
if [ -n "${key_mgmt}" ]; then
echo " key_mgmt=${key_mgmt}"
fi
if [ -n "${psk}" ]; then
echo " psk=\"${psk}\""
fi
if [ -n "${wep_tx_keyidx}" ]; then
echo " wep_tx_keyidx=${wep_tx_keyidx}"
fi
if [ -n "${wep_key0}" ]; then
echo " wep_key0=\"${wep_key0}\""
fi
if [ -n "${proto}" ]; then
echo " proto=${proto}"
fi
if [ -n "${pairwise}" -a -n "${group}" ]; then
echo " pairwise=${pairwise}"
echo " group=${group}"
fi
if [ -n "${priority}" ]; then
echo " priority=${priority}"
fi
echo "}"
echo
) >> ${config}
}
function wpa_supplicant_start() {
local device=${1}
local config="/etc/wpa_supplicant.conf"
# Write configuration file.
wpa_supplicant_make_config ${device} ${config}
[ $? -eq 0 ] || return 0
# Build wpa_supplicant command line.
local wpa_suppl_cmd="wpa_supplicant -B -qqq -i${device} -c${config}"
if device_is_wireless ${device}; then
wpa_suppl_cmd="${wpa_suppl_cmd} -Dwext"
else
wpa_suppl_cmd="${wpa_suppl_cmd} -Dwired"
fi
# Run the shiz.
boot_mesg "Starting wireless client on ${RED_DEV}..."
loadproc ${wpa_suppl_cmd}
# Run wpa_cli to handle reconnection events.
boot_mesg "Starting wireless event handler on ${RED_DEV}..."
wpa_cli -B -a /etc/rc.d/init.d/networking/wpa_supplicant.exe
}
function wpa_supplicant_stop() {
boot_mesg "Stopping wireless event handler on ${RED_DEV}..."
killproc wpa_cli
# wpa_cli does not send a disconnect event when get stopped.
# So we manually have to send it to the wpa_supplicant.exe.
/etc/rc.d/init.d/networking/wpa_supplicant.exe "${RED_DEV}" DISCONNECTED
boot_mesg "Stopping wireless client on ${RED_DEV}..."
killproc wpa_supplicant
# Tidy up /tmp directory.
rm -f /tmp/wpa_ctrl_*
}
case "${1}" in
start)
if [ -n "${RED_DEV}" ] && device_is_wireless ${RED_DEV}; then
wpa_supplicant_start ${RED_DEV}
fi
;;
stop)
if [ -n "${RED_DEV}" ] && device_is_wireless ${RED_DEV}; then
wpa_supplicant_stop
fi
;;
restart)
${0} stop
sleep 1
${0} start
;;
status)
statusproc wpa_supplicant
;;
*)
echo "Usage: ${0} {start|stop|restart|status}"
exit 1
;;
esac
# End $rc_base/init.d/wlan_client