From 1a7db134068cc0ed6e599413090b18fa19743142 Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Fri, 26 Oct 2018 11:23:55 +0000 Subject: [PATCH 01/12] json-c: New package Signed-off-by: Michael Tremer --- config/rootfiles/common/json-c | 21 +++++++++ lfs/json-c | 80 ++++++++++++++++++++++++++++++++++ make.sh | 2 + 3 files changed, 103 insertions(+) create mode 100644 config/rootfiles/common/json-c create mode 100644 lfs/json-c diff --git a/config/rootfiles/common/json-c b/config/rootfiles/common/json-c new file mode 100644 index 000000000..6be4bbe68 --- /dev/null +++ b/config/rootfiles/common/json-c @@ -0,0 +1,21 @@ +#usr/include/json-c +#usr/include/json-c/arraylist.h +#usr/include/json-c/bits.h +#usr/include/json-c/debug.h +#usr/include/json-c/json.h +#usr/include/json-c/json_c_version.h +#usr/include/json-c/json_config.h +#usr/include/json-c/json_inttypes.h +#usr/include/json-c/json_object.h +#usr/include/json-c/json_object_iterator.h +#usr/include/json-c/json_pointer.h +#usr/include/json-c/json_tokener.h +#usr/include/json-c/json_util.h +#usr/include/json-c/json_visit.h +#usr/include/json-c/linkhash.h +#usr/include/json-c/printbuf.h +#usr/lib/libjson-c.la +#usr/lib/libjson-c.so +usr/lib/libjson-c.so.4 +usr/lib/libjson-c.so.4.0.0 +#usr/lib/pkgconfig/json-c.pc diff --git a/lfs/json-c b/lfs/json-c new file mode 100644 index 000000000..51a20ccbf --- /dev/null +++ b/lfs/json-c @@ -0,0 +1,80 @@ +############################################################################### +# # +# IPFire.org - A linux based firewall # +# Copyright (C) 2007-2018 IPFire Team # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see . # +# # +############################################################################### + +############################################################################### +# Definitions +############################################################################### + +include Config + +VER = 0.13.1 + +THISAPP = json-c-$(VER) +DL_FILE = $(THISAPP).tar.gz +DL_FROM = $(URL_IPFIRE) +DIR_APP = $(DIR_SRC)/$(THISAPP) +TARGET = $(DIR_INFO)/$(THISAPP) + +############################################################################### +# Top-level Rules +############################################################################### + +objects = $(DL_FILE) + +$(DL_FILE) = $(DL_FROM)/$(DL_FILE) + +$(DL_FILE)_MD5 = 04969ad59cc37bddd83741a08b98f350 + +install : $(TARGET) + +check : $(patsubst %,$(DIR_CHK)/%,$(objects)) + +download :$(patsubst %,$(DIR_DL)/%,$(objects)) + +md5 : $(subst %,%_MD5,$(objects)) + +dist: + @$(PAK) + +############################################################################### +# Downloading, checking, md5sum +############################################################################### + +$(patsubst %,$(DIR_CHK)/%,$(objects)) : + @$(CHECK) + +$(patsubst %,$(DIR_DL)/%,$(objects)) : + @$(LOAD) + +$(subst %,%_MD5,$(objects)) : + @$(MD5) + +############################################################################### +# Installation Details +############################################################################### + +$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) + @$(PREBUILD) + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE) + cd $(DIR_APP) && ./configure --prefix=/usr --disable-static + cd $(DIR_APP) && make $(MAKETUNING) + cd $(DIR_APP) && make install + @rm -rf $(DIR_APP) + @$(POSTBUILD) diff --git a/make.sh b/make.sh index d8b7856cb..47e8f3fc1 100755 --- a/make.sh +++ b/make.sh @@ -1176,6 +1176,7 @@ buildipfire() { lfsmake2 libgcrypt lfsmake2 libassuan lfsmake2 nettle + lfsmake2 json-c lfsmake2 libevent lfsmake2 libevent2 lfsmake2 expat @@ -1555,6 +1556,7 @@ buildipfire() { lfsmake2 lua lfsmake2 dnsdist lfsmake2 bird + lfsmake2 frr lfsmake2 dmidecode lfsmake2 mcelog lfsmake2 rtpproxy From feaa3d91bdd88683a433287f8be9277691e09a4c Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Mon, 29 Oct 2018 11:43:04 +0000 Subject: [PATCH 02/12] frr: New package Signed-off-by: Michael Tremer --- config/rootfiles/packages/frr | 127 ++++++++++++++++++++++++++++++++++ lfs/frr | 106 ++++++++++++++++++++++++++++ 2 files changed, 233 insertions(+) create mode 100644 config/rootfiles/packages/frr create mode 100644 lfs/frr diff --git a/config/rootfiles/packages/frr b/config/rootfiles/packages/frr new file mode 100644 index 000000000..845fea3c4 --- /dev/null +++ b/config/rootfiles/packages/frr @@ -0,0 +1,127 @@ +#etc/frr +etc/frr/bgpd.conf.sample +etc/frr/bgpd.conf.sample2 +etc/frr/bgpd.conf.vnc.sample +etc/frr/ospfd.conf.sample +etc/frr/ripngd.conf.sample +etc/frr/staticd.conf.sample +etc/frr/vtysh.conf.sample +etc/frr/zebra.conf.sample +usr/bin/bgp_btoa +usr/bin/vtysh +#usr/include/frr +#usr/include/frr/bfd.h +#usr/include/frr/bitfield.h +#usr/include/frr/buffer.h +#usr/include/frr/checksum.h +#usr/include/frr/command.h +#usr/include/frr/command_graph.h +#usr/include/frr/command_match.h +#usr/include/frr/compiler.h +#usr/include/frr/csv.h +#usr/include/frr/debug.h +#usr/include/frr/distribute.h +#usr/include/frr/eigrpd +#usr/include/frr/eigrpd/eigrp_dump.h +#usr/include/frr/eigrpd/eigrp_topology.h +#usr/include/frr/eigrpd/eigrpd.h +#usr/include/frr/event_counter.h +#usr/include/frr/ferr.h +#usr/include/frr/fifo.h +#usr/include/frr/filter.h +#usr/include/frr/freebsd-queue.h +#usr/include/frr/frr_pthread.h +#usr/include/frr/frratomic.h +#usr/include/frr/frrstr.h +#usr/include/frr/getopt.h +#usr/include/frr/graph.h +#usr/include/frr/hash.h +#usr/include/frr/hook.h +#usr/include/frr/if.h +#usr/include/frr/if_rmap.h +#usr/include/frr/imsg.h +#usr/include/frr/ipaddr.h +#usr/include/frr/jhash.h +#usr/include/frr/json.h +#usr/include/frr/keychain.h +#usr/include/frr/lib_errors.h +#usr/include/frr/libfrr.h +#usr/include/frr/libospf.h +#usr/include/frr/linklist.h +#usr/include/frr/log.h +#usr/include/frr/logicalrouter.h +#usr/include/frr/md5.h +#usr/include/frr/memory.h +#usr/include/frr/memory_vty.h +#usr/include/frr/module.h +#usr/include/frr/monotime.h +#usr/include/frr/mpls.h +#usr/include/frr/network.h +#usr/include/frr/nexthop.h +#usr/include/frr/nexthop_group.h +#usr/include/frr/ns.h +#usr/include/frr/openbsd-queue.h +#usr/include/frr/openbsd-tree.h +#usr/include/frr/ospfd +#usr/include/frr/ospfd/ospf_api.h +#usr/include/frr/ospfd/ospf_asbr.h +#usr/include/frr/ospfd/ospf_dump.h +#usr/include/frr/ospfd/ospf_dump_api.h +#usr/include/frr/ospfd/ospf_ism.h +#usr/include/frr/ospfd/ospf_lsa.h +#usr/include/frr/ospfd/ospf_lsdb.h +#usr/include/frr/ospfd/ospf_nsm.h +#usr/include/frr/ospfd/ospf_opaque.h +#usr/include/frr/ospfd/ospfd.h +#usr/include/frr/pbr.h +#usr/include/frr/plist.h +#usr/include/frr/pqueue.h +#usr/include/frr/prefix.h +#usr/include/frr/privs.h +#usr/include/frr/ptm_lib.h +#usr/include/frr/pw.h +#usr/include/frr/qobj.h +#usr/include/frr/queue.h +#usr/include/frr/ringbuf.h +#usr/include/frr/route_types.h +#usr/include/frr/routemap.h +#usr/include/frr/sbuf.h +#usr/include/frr/sha256.h +#usr/include/frr/sigevent.h +#usr/include/frr/skiplist.h +#usr/include/frr/sockopt.h +#usr/include/frr/sockunion.h +#usr/include/frr/spf_backoff.h +#usr/include/frr/srcdest_table.h +#usr/include/frr/stream.h +#usr/include/frr/systemd.h +#usr/include/frr/table.h +#usr/include/frr/termtable.h +#usr/include/frr/thread.h +#usr/include/frr/vector.h +#usr/include/frr/version.h +#usr/include/frr/vlan.h +#usr/include/frr/vrf.h +#usr/include/frr/vrf_int.h +#usr/include/frr/vty.h +#usr/include/frr/vxlan.h +#usr/include/frr/wheel.h +#usr/include/frr/workqueue.h +#usr/include/frr/zassert.h +#usr/include/frr/zclient.h +#usr/include/frr/zebra.h +#usr/lib/libfrr.a +#usr/lib/libfrr.la +#usr/lib/libfrr.so +usr/lib/libfrr.so.0 +usr/lib/libfrr.so.0.0.0 +usr/sbin/bgpd +usr/sbin/frr +usr/sbin/frr-reload +usr/sbin/frr-reload.py +usr/sbin/ospfd +usr/sbin/rfptest +usr/sbin/ssd +usr/sbin/staticd +usr/sbin/watchfrr +usr/sbin/zebra diff --git a/lfs/frr b/lfs/frr new file mode 100644 index 000000000..756b87729 --- /dev/null +++ b/lfs/frr @@ -0,0 +1,106 @@ +############################################################################### +# # +# IPFire.org - A linux based firewall # +# Copyright (C) 2007-2018 IPFire Team # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see . # +# # +############################################################################### + +############################################################################### +# Definitions +############################################################################### + +include Config + +VER = 6.0 + +THISAPP = frr-$(VER) +DL_FILE = $(THISAPP).tar.xz +DL_FROM = $(URL_IPFIRE) +DIR_APP = $(DIR_SRC)/$(THISAPP) +TARGET = $(DIR_INFO)/$(THISAPP) +PROG = frr +PAK_VER = 1 + +DEPS = "" + +############################################################################### +# Top-level Rules +############################################################################### + +objects = $(DL_FILE) + +$(DL_FILE) = $(DL_FROM)/$(DL_FILE) + +$(DL_FILE)_MD5 = d725c08e0093f58e5fcac0969c781813 + +install : $(TARGET) + +check : $(patsubst %,$(DIR_CHK)/%,$(objects)) + +download :$(patsubst %,$(DIR_DL)/%,$(objects)) + +md5 : $(subst %,%_MD5,$(objects)) + +dist: + @$(PAK) + +############################################################################### +# Downloading, checking, md5sum +############################################################################### + +$(patsubst %,$(DIR_CHK)/%,$(objects)) : + @$(CHECK) + +$(patsubst %,$(DIR_DL)/%,$(objects)) : + @$(LOAD) + +$(subst %,%_MD5,$(objects)) : + @$(MD5) + +############################################################################### +# Installation Details +############################################################################### + +$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) + @$(PREBUILD) + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE) + cd $(DIR_APP) && ./configure \ + --prefix=/usr \ + --sysconfdir=/etc/frr \ + --localstatedir=/var/run/frr \ + --enable-user="frr" \ + --enable-group="frr" \ + --enable-vty-group="frrvty" \ + --enable-multipath=64 \ + --disable-doc \ + --disable-babeld \ + --disable-bfdd \ + --disable-eigrpd \ + --disable-irdp \ + --disable-isisd \ + --disable-ldpd \ + --disable-nhrpd \ + --disable-ospf6d \ + --disable-ospfapi \ + --disable-pbrd \ + --disable-pimd \ + --disable-ripd \ + --disable-ripngd + cd $(DIR_APP) && make $(MAKETUNING) + cd $(DIR_APP) && make install + @rm -rf $(DIR_APP) + @$(POSTBUILD) + From a90f7faf78e8d7a4220d4be51f6eb1b3f726e657 Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Tue, 30 Oct 2018 17:20:37 +0000 Subject: [PATCH 03/12] frr: Install users and make backup when package is installed/uinstalled Signed-off-by: Michael Tremer --- src/paks/frr/install.sh | 45 +++++++++++++++++++++++++++++++++++++++ src/paks/frr/uninstall.sh | 35 ++++++++++++++++++++++++++++++ src/paks/frr/update.sh | 26 ++++++++++++++++++++++ 3 files changed, 106 insertions(+) create mode 100644 src/paks/frr/install.sh create mode 100644 src/paks/frr/uninstall.sh create mode 100644 src/paks/frr/update.sh diff --git a/src/paks/frr/install.sh b/src/paks/frr/install.sh new file mode 100644 index 000000000..60d77a015 --- /dev/null +++ b/src/paks/frr/install.sh @@ -0,0 +1,45 @@ +#!/bin/bash +############################################################################ +# # +# This file is part of the IPFire Firewall. # +# # +# IPFire is free software; you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation; either version 2 of the License, or # +# (at your option) any later version. # +# # +# IPFire is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with IPFire; if not, write to the Free Software # +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # +# # +# Copyright (C) 2007 IPFire-Team . # +# # +############################################################################ +# +. /opt/pakfire/lib/functions.sh + +if ! getent group frr &>/dev/null; then + groupadd -r frr +fi + +if ! getent group frrvty &>/dev/null; then + groupadd -r frrvty +fi + +if ! getent passwd frr &>/dev/null; then + useradd -r frr -g frr -s /bin/false -b /var/empty -G frrvty +fi + +# Extract files +extract_files + +# Restore any backups +restore_backup "${NAME}" + +# Start services +start_service "${NAME}" diff --git a/src/paks/frr/uninstall.sh b/src/paks/frr/uninstall.sh new file mode 100644 index 000000000..49e3fdd7d --- /dev/null +++ b/src/paks/frr/uninstall.sh @@ -0,0 +1,35 @@ +#!/bin/bash +############################################################################ +# # +# This file is part of the IPFire Firewall. # +# # +# IPFire is free software; you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation; either version 2 of the License, or # +# (at your option) any later version. # +# # +# IPFire is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with IPFire; if not, write to the Free Software # +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # +# # +# Copyright (C) 2007 IPFire-Team . # +# # +############################################################################ +# +. /opt/pakfire/lib/functions.sh + +# Stop services +stop_service "${NAME}" + +# Create backup +extract_backup_includes +make_backup "${NAME}" + +# Remove all files +rm -rfv /etc/rc.d/rc*.d/*frr +remove_files diff --git a/src/paks/frr/update.sh b/src/paks/frr/update.sh new file mode 100644 index 000000000..89c40d0d7 --- /dev/null +++ b/src/paks/frr/update.sh @@ -0,0 +1,26 @@ +#!/bin/bash +############################################################################ +# # +# This file is part of the IPFire Firewall. # +# # +# IPFire is free software; you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation; either version 2 of the License, or # +# (at your option) any later version. # +# # +# IPFire is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with IPFire; if not, write to the Free Software # +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # +# # +# Copyright (C) 2007 IPFire-Team . # +# # +############################################################################ +# +. /opt/pakfire/lib/functions.sh +./uninstall.sh +./install.sh From ebd6fe2b50a4f51a93475fc33f385b5477480a43 Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Tue, 30 Oct 2018 17:24:34 +0000 Subject: [PATCH 04/12] frr: Add initscript Signed-off-by: Michael Tremer --- config/rootfiles/packages/frr | 1 + lfs/frr | 4 +++ src/initscripts/packages/frr | 54 +++++++++++++++++++++++++++++++++++ src/paks/frr/install.sh | 7 +++++ 4 files changed, 66 insertions(+) create mode 100755 src/initscripts/packages/frr diff --git a/config/rootfiles/packages/frr b/config/rootfiles/packages/frr index 845fea3c4..5db055de6 100644 --- a/config/rootfiles/packages/frr +++ b/config/rootfiles/packages/frr @@ -7,6 +7,7 @@ etc/frr/ripngd.conf.sample etc/frr/staticd.conf.sample etc/frr/vtysh.conf.sample etc/frr/zebra.conf.sample +etc/rc.d/init.d/frr usr/bin/bgp_btoa usr/bin/vtysh #usr/include/frr diff --git a/lfs/frr b/lfs/frr index 756b87729..c90340fed 100644 --- a/lfs/frr +++ b/lfs/frr @@ -101,6 +101,10 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) --disable-ripngd cd $(DIR_APP) && make $(MAKETUNING) cd $(DIR_APP) && make install + + # Install initscript + $(call INSTALL_INITSCRIPT,frr) + @rm -rf $(DIR_APP) @$(POSTBUILD) diff --git a/src/initscripts/packages/frr b/src/initscripts/packages/frr new file mode 100755 index 000000000..9ebb5f85b --- /dev/null +++ b/src/initscripts/packages/frr @@ -0,0 +1,54 @@ +#!/bin/sh +######################################################################## +# Begin $rc_base/init.d/frr +# +# Description : FRRouting Suite +# +######################################################################## + +. /etc/sysconfig/rc +. ${rc_functions} + +DAEMONS="zebra bgpd ospfd staticd" + +case "${1}" in + start) + for daemon in ${DAEMONS}; do + if [ -f "/etc/frr/${daemon}.conf" ]; then + boot_mesg "Starting FRRouting ${daemon}..." + loadproc "/usr/sbin/${daemon}" --daemon + fi + done + ;; + + stop) + for daemon in ${DAEMONS}; do + boot_mesg "Stopping FRRouting ${daemon}..." + killproc "/usr/sbin/${daemon}" + done + ;; + + reload) + boot_mesg "Reloading FRRouting..." + reloadproc /usr/sbin/frr-reload + ;; + + restart) + ${0} stop + sleep 1 + ${0} start + ;; + + status) + for daemon in ${DAEMONS}; do + statusproc "/usr/sbin/${daemon}" + done + ;; + + *) + echo "Usage: ${0} {start|stop|reload|restart|status}" + exit 1 + ;; +esac + +# End $rc_base/init.d/frr diff --git a/src/paks/frr/install.sh b/src/paks/frr/install.sh index 60d77a015..7e0222246 100644 --- a/src/paks/frr/install.sh +++ b/src/paks/frr/install.sh @@ -43,3 +43,10 @@ restore_backup "${NAME}" # Start services start_service "${NAME}" + +# Enable autostart +ln -svf ../init.d/frr /etc/rc.d/rc0.d/K40frr +ln -svf ../init.d/frr /etc/rc.d/rc3.d/S50frr +ln -svf ../init.d/frr /etc/rc.d/rc6.d/K40frr + +exit 0 From e1def10e29c8fedcf9357c2a7919ff9e3b70611a Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Tue, 30 Oct 2018 17:32:48 +0000 Subject: [PATCH 05/12] frr: Set configuration file permissions correctly Signed-off-by: Michael Tremer --- src/initscripts/packages/frr | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/src/initscripts/packages/frr b/src/initscripts/packages/frr index 9ebb5f85b..5fa4e9fa8 100755 --- a/src/initscripts/packages/frr +++ b/src/initscripts/packages/frr @@ -13,8 +13,17 @@ DAEMONS="zebra bgpd ospfd staticd" case "${1}" in start) + # Fix permissions of configuration directory + if [ -d "/etc/frr" ]; then + chown root.frr /etc/frr + chmod 775 /etc/frr + fi + for daemon in ${DAEMONS}; do if [ -f "/etc/frr/${daemon}.conf" ]; then + # Set permissions + chown frr.frr "/etc/frr/${daemon}.conf" + boot_mesg "Starting FRRouting ${daemon}..." loadproc "/usr/sbin/${daemon}" --daemon fi From 58e0aa18cca8e690e720376913fd71582689eb26 Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Wed, 31 Oct 2018 09:30:20 +0000 Subject: [PATCH 06/12] frr: Add backup include file Signed-off-by: Michael Tremer --- config/backup/includes/frr | 1 + config/rootfiles/packages/frr | 1 + lfs/frr | 4 ++++ 3 files changed, 6 insertions(+) create mode 100644 config/backup/includes/frr diff --git a/config/backup/includes/frr b/config/backup/includes/frr new file mode 100644 index 000000000..ca74d4891 --- /dev/null +++ b/config/backup/includes/frr @@ -0,0 +1 @@ +/etc/frr diff --git a/config/rootfiles/packages/frr b/config/rootfiles/packages/frr index 5db055de6..8aafc7c6c 100644 --- a/config/rootfiles/packages/frr +++ b/config/rootfiles/packages/frr @@ -126,3 +126,4 @@ usr/sbin/ssd usr/sbin/staticd usr/sbin/watchfrr usr/sbin/zebra +var/ipfire/backup/addons/includes/frr diff --git a/lfs/frr b/lfs/frr index c90340fed..a14dc5981 100644 --- a/lfs/frr +++ b/lfs/frr @@ -102,6 +102,10 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) cd $(DIR_APP) && make $(MAKETUNING) cd $(DIR_APP) && make install + # Install backup include + install -v -m 644 $(DIR_SRC)/config/backup/includes/frr \ + /var/ipfire/backup/addons/includes/frr + # Install initscript $(call INSTALL_INITSCRIPT,frr) From 0faf9c7869cfca07dc51f297ba8f7b16623c3469 Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Wed, 31 Oct 2018 09:32:01 +0000 Subject: [PATCH 07/12] core125: Ship JSON-C Signed-off-by: Michael Tremer --- config/rootfiles/core/125/filelists/json-c | 1 + 1 file changed, 1 insertion(+) create mode 120000 config/rootfiles/core/125/filelists/json-c diff --git a/config/rootfiles/core/125/filelists/json-c b/config/rootfiles/core/125/filelists/json-c new file mode 120000 index 000000000..2da263e3d --- /dev/null +++ b/config/rootfiles/core/125/filelists/json-c @@ -0,0 +1 @@ +../../../common/json-c \ No newline at end of file From b3cc1932e4afe74f450d3c05d630da16af5b3846 Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Wed, 31 Oct 2018 10:56:24 +0000 Subject: [PATCH 08/12] Rootfile update Signed-off-by: Michael Tremer --- config/rootfiles/common/bison | 2 ++ config/rootfiles/common/kmod | 3 +++ config/rootfiles/packages/nfs | 19 +++++++++++++++++++ 3 files changed, 24 insertions(+) diff --git a/config/rootfiles/common/bison b/config/rootfiles/common/bison index 2ecfc75fb..d56db029e 100644 --- a/config/rootfiles/common/bison +++ b/config/rootfiles/common/bison @@ -51,6 +51,8 @@ #usr/share/locale/ast #usr/share/locale/ast/LC_MESSAGES #usr/share/locale/ast/LC_MESSAGES/bison-runtime.mo +#usr/share/locale/ca/LC_MESSAGES/bison-runtime.mo +#usr/share/locale/ca/LC_MESSAGES/bison.mo #usr/share/locale/da/LC_MESSAGES/bison-runtime.mo #usr/share/locale/da/LC_MESSAGES/bison.mo #usr/share/locale/de/LC_MESSAGES/bison-runtime.mo diff --git a/config/rootfiles/common/kmod b/config/rootfiles/common/kmod index b3d45e25d..4c9b448f7 100644 --- a/config/rootfiles/common/kmod +++ b/config/rootfiles/common/kmod @@ -5,7 +5,10 @@ sbin/lsmod sbin/modinfo sbin/modprobe sbin/rmmod +#usr/include/libkmod.h +#usr/lib/libkmod.la #usr/lib/libkmod.so usr/lib/libkmod.so.2 usr/lib/libkmod.so.2.3.3 +#usr/lib/pkgconfig/libkmod.pc #usr/share/bash-completion/completions/kmod diff --git a/config/rootfiles/packages/nfs b/config/rootfiles/packages/nfs index 048762650..f2637fec2 100644 --- a/config/rootfiles/packages/nfs +++ b/config/rootfiles/packages/nfs @@ -5,9 +5,26 @@ sbin/nfsdcltrack sbin/osd_login sbin/umount.nfs sbin/umount.nfs4 +#usr/include/nfsidmap.h #usr/include/nfsidmap_plugin.h +#usr/lib/libnfsidmap +#usr/lib/libnfsidmap.a +#usr/lib/libnfsidmap.la +#usr/lib/libnfsidmap.so +usr/lib/libnfsidmap.so.0 +usr/lib/libnfsidmap.so.0.3.0 usr/lib/libnfsidmap.so.1 usr/lib/libnfsidmap.so.1.0.0 +#usr/lib/libnfsidmap/nsswitch.a +#usr/lib/libnfsidmap/nsswitch.la +usr/lib/libnfsidmap/nsswitch.so +#usr/lib/libnfsidmap/static.a +#usr/lib/libnfsidmap/static.la +usr/lib/libnfsidmap/static.so +#usr/lib/libnfsidmap/umich_ldap.a +#usr/lib/libnfsidmap/umich_ldap.la +usr/lib/libnfsidmap/umich_ldap.so +#usr/lib/pkgconfig/libnfsidmap.pc usr/sbin/exportfs usr/sbin/mountstats usr/sbin/nfsconf @@ -22,7 +39,9 @@ usr/sbin/rpcdebug usr/sbin/showmount usr/sbin/sm-notify usr/sbin/start-statd +#usr/share/man/man3/nfs4_uid_to_name.3 #usr/share/man/man5/exports.5 +#usr/share/man/man5/idmapd.conf.5 #usr/share/man/man5/nfs.5 #usr/share/man/man5/nfs.conf.5 #usr/share/man/man5/nfsmount.conf.5 From 33d20027679cc4a51a9d4f39160fa972b2b08fac Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Wed, 31 Oct 2018 12:08:57 +0000 Subject: [PATCH 09/12] backup: Include custom include/exclude files Signed-off-by: Michael Tremer --- config/backup/include | 2 ++ 1 file changed, 2 insertions(+) diff --git a/config/backup/include b/config/backup/include index 6982b1c92..da8954b83 100644 --- a/config/backup/include +++ b/config/backup/include @@ -23,6 +23,8 @@ /root/.gitconfig /root/.ssh /var/ipfire/auth/users +/var/ipfire/backup/exclude.user +/var/ipfire/backup/include.user /var/ipfire/captive/* /var/ipfire/*/*.conf /var/ipfire/*/config From ac1fc6ea5ea8dcfe30e5a47560ae4fb9210a2053 Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Wed, 31 Oct 2018 12:10:18 +0000 Subject: [PATCH 10/12] backup: Include addon backups in main backup Signed-off-by: Michael Tremer --- config/backup/include | 1 + 1 file changed, 1 insertion(+) diff --git a/config/backup/include b/config/backup/include index da8954b83..75bd85807 100644 --- a/config/backup/include +++ b/config/backup/include @@ -23,6 +23,7 @@ /root/.gitconfig /root/.ssh /var/ipfire/auth/users +/var/ipfire/backup/addons/backup /var/ipfire/backup/exclude.user /var/ipfire/backup/include.user /var/ipfire/captive/* From c81dffc942d95005f40d2db4c99139e139cd41bb Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Wed, 31 Oct 2018 12:55:55 +0000 Subject: [PATCH 11/12] core125: Ship updated backup include Signed-off-by: Michael Tremer --- config/rootfiles/core/125/filelists/files | 1 + 1 file changed, 1 insertion(+) diff --git a/config/rootfiles/core/125/filelists/files b/config/rootfiles/core/125/filelists/files index f2afb62fb..d019c0c0a 100644 --- a/config/rootfiles/core/125/filelists/files +++ b/config/rootfiles/core/125/filelists/files @@ -7,4 +7,5 @@ srv/web/ipfire/cgi-bin/hardwaregraphs.cgi srv/web/ipfire/cgi-bin/media.cgi srv/web/ipfire/cgi-bin/pakfire.cgi usr/local/bin/makegraphs +var/ipfire/backup/include var/ipfire/langs From c7b7a70deba70d6952898f4183c96d8ef8a91373 Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Wed, 31 Oct 2018 14:21:41 +0000 Subject: [PATCH 12/12] backup: Rewrite backup script The old script was quite messy and written in perl although it was only calling shell commands. This version is now written in shell although keeping the .pl file suffix and is a drop-in replacement. Signed-off-by: Michael Tremer --- config/backup/backup.pl | 331 +++++++++++++--------- config/rootfiles/core/125/filelists/files | 1 + 2 files changed, 192 insertions(+), 140 deletions(-) diff --git a/config/backup/backup.pl b/config/backup/backup.pl index ce8911635..ddf2bf2b1 100644 --- a/config/backup/backup.pl +++ b/config/backup/backup.pl @@ -1,4 +1,4 @@ -#!/usr/bin/perl +#!/bin/bash ############################################################################### # # # IPFire.org - A linux based firewall # @@ -19,148 +19,199 @@ # # ############################################################################### -require '/var/ipfire/general-functions.pl'; -require "${General::swroot}/lang.pl"; -require "${General::swroot}/header.pl"; -use File::Path; -my $debug = 1; -my @include = ""; -my ($Sekunden, $Minuten, $Stunden, $Monatstag, $Monat, $Jahr, $Wochentag, $Jahrestag, $Sommerzeit) = localtime(time); -$Jahr = $Jahr + 1900;$Monat = $Monat + 1; -$Monat = sprintf("%02d", $Monat); -$Monatstag = sprintf("%02d", $Monatstag); -$Stunden = sprintf("%02d", $Stunden); -$Minuten = sprintf("%02d", $Minuten); +NOW="$(date "+%Y-%m-%d-%H:%M")" -if (($ARGV[0] eq 'include') || ($ARGV[0] eq 'iso')) { - &createinclude; - my @files = `find / -name *.log* 2>/dev/null`; - foreach (@files){ - push(@include,$_); - } - my @files = `find /var/log/ -name *messages* 2>/dev/null`; - foreach (@files){ - push(@include,$_); - } - open(DATEI, ">/tmp/include") || die "Could not save temp include file"; - print DATEI @include; - print "/var/log/messages"; - close(DATEI); - system("tar -cvzf /var/ipfire/backup/$Jahr$Monat$Monatstag-$Stunden$Minuten.ipf --exclude-from='/var/ipfire/backup/exclude' --exclude-from='/var/ipfire/backup/exclude.user' --files-from='/tmp/include' --files-from='/var/ipfire/backup/include.user'"); - system("rm /tmp/include"); - if ($ARGV[0] eq 'iso') { - system("/usr/local/bin/backupiso $Jahr$Monat$Monatstag-$Stunden$Minuten &"); - } -} -elsif ($ARGV[0] eq 'exclude') { - &createinclude; - open(DATEI, ">/tmp/include") || die "Could not save temp include file"; - print DATEI @include; - close(DATEI); - system("tar -cvzf /var/ipfire/backup/$Jahr$Monat$Monatstag-$Stunden$Minuten.ipf --exclude-from='/var/ipfire/backup/exclude' --exclude-from='/var/ipfire/backup/exclude.user' --files-from='/tmp/include' --files-from='/var/ipfire/backup/include.user'"); - system("rm /tmp/include"); -} -elsif ($ARGV[0] eq 'restore') { - system("cd / && tar -xvz -p -f /tmp/restore.ipf"); - #Here some converter scripts to correct old Backups (before core 65) - system("/usr/sbin/ovpn-ccd-convert"); - #OUTGOINGFW CONVERTER - if( -d "${General::swroot}/outgoing"){ - if( -f "${General::swroot}/firewall/config" ){ - unlink("${General::swroot}/firewall/config"); - system("touch ${General::swroot}/firewall/config"); - chown 99,99,"${General::swroot}/firewall/config"; - } - if( -f "${General::swroot}/firewall/outgoing" ){ - unlink("${General::swroot}/firewall/outgoing"); - system("touch ${General::swroot}/firewall/outgoing"); - chown 99,99,"${General::swroot}/firewall/outgoing"; - } - unlink("${General::swroot}/fwhosts/customgroups"); - unlink("${General::swroot}/fwhosts/customhosts"); - unlink("${General::swroot}/fwhosts/customgroups"); - unlink("${General::swroot}/fwhosts/customnetworks"); - unlink("${General::swroot}/fwhosts/customservicegrp"); - unlink("${General::swroot}/fwhosts/customnetworks"); - system("touch ${General::swroot}/fwhosts/customgroups"); - system("touch ${General::swroot}/fwhosts/customhosts"); - system("touch ${General::swroot}/fwhosts/customnetworks"); - system("touch ${General::swroot}/fwhosts/customservicegrp"); - #START CONVERTER "OUTGOINGFW" - system("/usr/sbin/convert-outgoingfw"); - chown 99,99,"${General::swroot}/fwhosts/customgroups"; - chown 99,99,"${General::swroot}/fwhosts/customhosts"; - chown 99,99,"${General::swroot}/fwhosts/customnetworks"; - chown 99,99,"${General::swroot}/fwhosts/customservicegrp"; - #START CONVERTER "OUTGOINGFW" - rmtree("${General::swroot}/outgoing"); - } - #XTACCESS CONVERTER - if( -d "${General::swroot}/xtaccess"){ - if( -f "${General::swroot}/firewall/input" ){ - unlink("${General::swroot}/firewall/input"); - system("touch ${General::swroot}/firewall/input"); - } - #START CONVERTER "XTACCESS" - system("/usr/sbin/convert-xtaccess"); - chown 99,99,"${General::swroot}/firewall/input"; - rmtree("${General::swroot}/xtaccess"); - } - #DMZ-HOLES CONVERTER - if( -d "${General::swroot}/dmzholes" || -d "${General::swroot}/portfw"){ - if( -f "${General::swroot}/firewall/config" ){ - unlink("${General::swroot}/firewall/config"); - system("touch ${General::swroot}/firewall/config"); - } - #START CONVERTER "DMZ-HOLES" - system("/usr/sbin/convert-dmz"); - chown 99,99,"${General::swroot}/firewall/config"; - rmtree("${General::swroot}/dmzholes"); - } - #PORTFORWARD CONVERTER - if( -d "${General::swroot}/portfw"){ - #START CONVERTER "PORTFW" - system("/usr/sbin/convert-portfw"); - rmtree("${General::swroot}/portfw"); - } - system("/usr/local/bin/firewallctrl"); +list_addons() { + local file + for file in /var/ipfire/backup/addons/includes/*; do + if [ -f "${file}" ]; then + basename "${file}" + fi + done - # Convert old OpenVPN CCD files (CN change, core 75). - system("/usr/local/bin/convert-ovpn"); -} -elsif ($ARGV[0] eq 'restoreaddon') { - if ( -e "/tmp/$ARGV[1]" ){system("mv /tmp/$ARGV[1] /var/ipfire/backup/addons/backup/$ARGV[1]");} - system("cd / && tar -xvz -p -f /var/ipfire/backup/addons/backup/$ARGV[1]"); -} -elsif ($ARGV[0] eq 'cli') { - system("tar -cvzf /var/ipfire/backup/$Jahr$Monat$Monatstag-$Stunden$Minuten-$ARGV[1].ipf --files-from='$ARGV[2]' --exclude-from='$ARGV[3]'"); -} -elsif ($ARGV[0] eq 'addonbackup') { - system("tar -cvzf /var/ipfire/backup/addons/backup/$ARGV[1].ipf --files-from='/var/ipfire/backup/addons/includes/$ARGV[1]'"); -} -elsif ($ARGV[0] =~ /\.(iso|ipf)$/ ) { - unlink("$ARGV[0]"); -} -elsif ($ARGV[0] eq '') { - printf "No argument given, please use \n" -} -elsif ($ARGV[0] eq 'makedirs') { - system("mkdir -p /var/ipfire/backup/addons"); - system("mkdir -p /var/ipfire/backup/addons/backup"); - system("mkdir -p /var/ipfire/backup/addons/includes"); + return 0 } -sub createinclude(){ +process_includes() { + local include - open(DATEI, "<${General::swroot}/backup/include") || die "Can not open include file"; - my @Zeilen = ; - close(DATEI); - - foreach (@Zeilen){ - chomp($_); - my @files = `find $_ -maxdepth 0 2>/dev/null`; - foreach (@files){ - push(@include,$_); - } - } + for include in $@; do + local file + while read -r file; do + while read file; do + if [ -e "${file}" ]; then + echo "${file}" + fi + done <<< ${file} + done < "${include}" + done | sort -u } + +make_backup() { + local filename="${1}" + shift + + # Backup all addons first + local addon + for addon in $(list_addons); do + make_addon_backup "${addon}" + done + + tar cvzf "${filename}" \ + --exclude-from="/var/ipfire/backup/exclude" \ + --exclude-from="/var/ipfire/backup/exclude.user" \ + $(process_includes "/var/ipfire/backup/include" "/var/ipfire/backup/include.user") \ + "$@" + + return 0 +} + +restore_backup() { + local filename="${1}" + + tar xvzpf "${filename}" -C / + + # Run converters + + # Outgoing Firewall + if [ -d "/var/ipfire/outgoing" ]; then + # Reset files + local file + for file in /var/ipfire/firewall/{config,outgoing} \ + /var/ipfire/fwhosts/custom{hosts,groups,networks}; do + : > "${file}" + chown nobody:nobody "${file}" + done + + # Run converter + convert-outgoingfw + + # Remove old configuration + rm -rf "/var/ipfire/outgoing" + fi + + # External Access + if [ -d "/var/ipfire/xtaccess" ]; then + : > /var/ipfire/firewall/config + chown nobody:nobody "/var/ipfire/firewall/config" + + # Run converter + convert-xtaccess + + # Remove old configuration + rm -rf "/var/ipfire/xtaccess" + fi + + # DMZ Holes + if [ -d "/var/ipfire/dmzholes" ] || [ -d "/var/ipfire/portfw" ]; then + : > /var/ipfire/firewall/config + chown nobody:nobody "/var/ipfire/firewall/config" + + # Run converter + convert-dmz + + # Remove old configuration + rm -rf "/var/ipfire/dmzholes" + fi + + # Port Forwardings + if [ -d "/var/ipfire/portfw" ]; then + # Run converter + convert-portfw + + # Remove old configuration + rm -rf "/var/ipfire/portfw" + fi + + # Reload firewall + firewallctrl + + # Convert old OpenVPN CCD files (CN change, Core Update 75) + convert-ovpn + + return 0 +} + +find_logfiles() { + local filelist=( /var/log/messages* /var/log/*.log /var/log/**/*.log ) + + echo "${filelist[@]}" +} + +make_addon_backup() { + local name="${1}" + shift + + if [ ! -f "/var/ipfire/backup/addons/includes/${name}" ]; then + echo "${name} does not have any backup includes" >&2 + return 1 + fi + + local filename="/var/ipfire/backup/addons/backup/${name}.ipf" + + tar cvzf "${filename}" \ + $(process_includes "/var/ipfire/backup/addons/includes/${name}") +} + +restore_addon_backup() { + local name="${1}" + + if [ -d "/tmp/${name}.ipf" ]; then + mv "/tmp/${name}.ipf" "/var/ipfire/backup/addons/backup/${name}.ipf" + fi + + tar xvzpf "/var/ipfire/backup/addons/backup/${name}.ipf" -C / +} + +main() { + local command="${1}" + shift + + # Desired backup filename + local filename="/var/ipfire/backup/${NOW}.ipf" + + case "${command}" in + include) + make_backup "${filename}" $(find_logfiles) + ;; + + exclude) + make_backup "${filename}" + ;; + + restore) + restore_backup "/tmp/restore.ipf" + ;; + + addonbackup) + make_addon_backup "$@" + ;; + + restoreaddon) + restore_addon_backup "${1/.ipf/}" + ;; + + iso) + if make_backup "${filename}"; then + /usr/local/bin/backupiso "${NOW}" & + fi + ;; + + makedirs) + mkdir -p /var/ipfire/backup/addons/{backup,includes} + ;; + + /var/ipfire/backup/*.ipf|/var/ipfire/backup/addons/backup/*.ipf|/var/tmp/backupiso/*.iso) + unlink "${command}" + ;; + + *) + echo "${0}: [include|exclude|restore|addonbackup |restoreaddon |iso]" >&2 + return 2 + ;; + esac + + return $? +} + +main "$@" || exit $? diff --git a/config/rootfiles/core/125/filelists/files b/config/rootfiles/core/125/filelists/files index d019c0c0a..59de43460 100644 --- a/config/rootfiles/core/125/filelists/files +++ b/config/rootfiles/core/125/filelists/files @@ -7,5 +7,6 @@ srv/web/ipfire/cgi-bin/hardwaregraphs.cgi srv/web/ipfire/cgi-bin/media.cgi srv/web/ipfire/cgi-bin/pakfire.cgi usr/local/bin/makegraphs +var/ipfire/backup/bin/backup.pl var/ipfire/backup/include var/ipfire/langs