From c42def9fa3e71c13b4e2d2862cb1e41bb650c6d9 Mon Sep 17 00:00:00 2001 From: Franco Fichtner Date: Thu, 10 Oct 2024 08:46:11 +0200 Subject: [PATCH] firmware: clean up code duplication using config.sh Also provide an env_init() call for internal launcher commands to set up relevant things.We do this to move the special libfetch handling into the locked spot underneath the launcher.sh invoke. --- plist | 1 + src/opnsense/scripts/firmware/check.sh | 7 +-- src/opnsense/scripts/firmware/config.sh | 66 +++++++++++++++++++++ src/opnsense/scripts/firmware/connection.sh | 3 +- src/opnsense/scripts/firmware/health.sh | 7 +-- src/opnsense/scripts/firmware/install.sh | 4 +- src/opnsense/scripts/firmware/launcher.sh | 22 +------ src/opnsense/scripts/firmware/lock.sh | 3 +- src/opnsense/scripts/firmware/read.sh | 2 +- src/opnsense/scripts/firmware/reinstall.sh | 3 +- src/opnsense/scripts/firmware/remove.sh | 3 +- src/opnsense/scripts/firmware/resync.sh | 2 +- src/opnsense/scripts/firmware/running.sh | 3 +- src/opnsense/scripts/firmware/security.sh | 3 +- src/opnsense/scripts/firmware/sync.sh | 2 +- src/opnsense/scripts/firmware/sync.subr.sh | 4 +- src/opnsense/scripts/firmware/unlock.sh | 3 +- src/opnsense/scripts/firmware/update.sh | 16 +++-- src/opnsense/scripts/firmware/upgrade.sh | 4 +- 19 files changed, 101 insertions(+), 57 deletions(-) create mode 100755 src/opnsense/scripts/firmware/config.sh diff --git a/plist b/plist index 5f429fa81..45e10c7b7 100644 --- a/plist +++ b/plist @@ -1054,6 +1054,7 @@ /usr/local/opnsense/scripts/filter/update_tables.py /usr/local/opnsense/scripts/firmware/changelog.sh /usr/local/opnsense/scripts/firmware/check.sh +/usr/local/opnsense/scripts/firmware/config.sh /usr/local/opnsense/scripts/firmware/connection.sh /usr/local/opnsense/scripts/firmware/health.sh /usr/local/opnsense/scripts/firmware/hostnames.sh diff --git a/src/opnsense/scripts/firmware/check.sh b/src/opnsense/scripts/firmware/check.sh index e897bac88..36a1bd054 100755 --- a/src/opnsense/scripts/firmware/check.sh +++ b/src/opnsense/scripts/firmware/check.sh @@ -37,12 +37,11 @@ # downgrade_packages: array with { name: , current_version: , new_version: } # upgrade_packages: array with { name: , current_version: , new_version: } -JSONFILE="/tmp/pkg_upgrade.json" -LOCKFILE="/tmp/pkg_upgrade.progress" -OUTFILE="/tmp/pkg_update.out" -TEE="/usr/bin/tee -a" +. /usr/local/opnsense/scripts/firmware/config.sh LICENSEFILE="/usr/local/opnsense/version/core.license" +JSONFILE="/tmp/pkg_upgrade.json" +OUTFILE="/tmp/pkg_update.out" CUSTOMPKG=${1} diff --git a/src/opnsense/scripts/firmware/config.sh b/src/opnsense/scripts/firmware/config.sh new file mode 100755 index 000000000..181ba8f15 --- /dev/null +++ b/src/opnsense/scripts/firmware/config.sh @@ -0,0 +1,66 @@ +#!/bin/sh + +# Copyright (C) 2024 Franco Fichtner +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are met: +# +# 1. Redistributions of source code must retain the above copyright notice, +# this list of conditions and the following disclaimer. +# +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, +# INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY +# AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, +# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. + +# source of common configuration related subroutines and variables + +LOCKFILE=${LOCKFILE:-/tmp/pkg_upgrade.progress} +BASEDIR="/usr/local/opnsense/scripts/firmware" +PIPEFILE="/tmp/pkg_upgrade.pipe" +FLOCK="/usr/local/bin/flock" +SELF=$(basename ${0%.sh}) +TEE="/usr/bin/tee -a" +PRODUCT="OPNsense" + +# accepted commands for launcher.sh +COMMANDS=" +changelog +check +connection +health +install +lock +reinstall +remove +resync +security +sync +unlock +update +upgrade +" + +# initialize environment to operate in +env_init() +{ + # XXX move modifications to this spot +} + +for COMMAND in ${COMMANDS}; do + if [ "${SELF}" = ${COMMAND} ]; then + env_init + break; + fi +done diff --git a/src/opnsense/scripts/firmware/connection.sh b/src/opnsense/scripts/firmware/connection.sh index 4c2b264df..6c30616f5 100755 --- a/src/opnsense/scripts/firmware/connection.sh +++ b/src/opnsense/scripts/firmware/connection.sh @@ -24,8 +24,7 @@ # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE # POSSIBILITY OF SUCH DAMAGE. -LOCKFILE="/tmp/pkg_upgrade.progress" -TEE="/usr/bin/tee -a" +. /usr/local/opnsense/scripts/firmware/config.sh : > ${LOCKFILE} diff --git a/src/opnsense/scripts/firmware/health.sh b/src/opnsense/scripts/firmware/health.sh index d885cb97d..ca0977752 100755 --- a/src/opnsense/scripts/firmware/health.sh +++ b/src/opnsense/scripts/firmware/health.sh @@ -24,11 +24,10 @@ # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE # POSSIBILITY OF SUCH DAMAGE. -LOCKFILE="/tmp/pkg_upgrade.progress" -MTREE="mtree -e -p /" -PRODUCT="OPNsense" -TEE="/usr/bin/tee -a" +. /usr/local/opnsense/scripts/firmware/config.sh + TMPFILE=/tmp/pkg_check.exclude +MTREE="mtree -e -p /" : > ${LOCKFILE} diff --git a/src/opnsense/scripts/firmware/install.sh b/src/opnsense/scripts/firmware/install.sh index 5bbe6e3a0..70612dda8 100755 --- a/src/opnsense/scripts/firmware/install.sh +++ b/src/opnsense/scripts/firmware/install.sh @@ -25,9 +25,9 @@ # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE # POSSIBILITY OF SUCH DAMAGE. -LOCKFILE=${LOCKFILE:-/tmp/pkg_upgrade.progress} +. /usr/local/opnsense/scripts/firmware/config.sh + PACKAGE=${1} -TEE="/usr/bin/tee -a" : > ${LOCKFILE} diff --git a/src/opnsense/scripts/firmware/launcher.sh b/src/opnsense/scripts/firmware/launcher.sh index e8b354087..9a2ae6b79 100755 --- a/src/opnsense/scripts/firmware/launcher.sh +++ b/src/opnsense/scripts/firmware/launcher.sh @@ -24,25 +24,7 @@ # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE # POSSIBILITY OF SUCH DAMAGE. -BASEDIR="/usr/local/opnsense/scripts/firmware" -LOCKFILE="/tmp/pkg_upgrade.progress" -FLOCK="/usr/local/bin/flock -n -o" -COMMANDS=" -changelog -check -connection -health -install -lock -reinstall -remove -resync -security -sync -unlock -update -upgrade -" +. /usr/local/opnsense/scripts/firmware/config.sh DO_RANDOM= DO_SCRIPT= @@ -129,7 +111,7 @@ if [ -n "$(opnsense-update -x)" ]; then fi if [ -z "${DO_UNLOCKED}" ]; then - ${FLOCK} ${LOCKFILE} ${COMMAND} "${@}" + ${FLOCK} -n -o ${LOCKFILE} ${COMMAND} "${@}" else env LOCKFILE=/dev/null ${COMMAND} "${@}" fi diff --git a/src/opnsense/scripts/firmware/lock.sh b/src/opnsense/scripts/firmware/lock.sh index c92ba7918..6b513fa9d 100755 --- a/src/opnsense/scripts/firmware/lock.sh +++ b/src/opnsense/scripts/firmware/lock.sh @@ -25,7 +25,8 @@ # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE # POSSIBILITY OF SUCH DAMAGE. -LOCKFILE=/tmp/pkg_upgrade.progress +. /usr/local/opnsense/scripts/firmware/config.sh + PACKAGE=${1} : > ${LOCKFILE} diff --git a/src/opnsense/scripts/firmware/read.sh b/src/opnsense/scripts/firmware/read.sh index 934b065b1..c0f648696 100755 --- a/src/opnsense/scripts/firmware/read.sh +++ b/src/opnsense/scripts/firmware/read.sh @@ -24,7 +24,7 @@ # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE # POSSIBILITY OF SUCH DAMAGE. -LOCKFILE="/tmp/pkg_upgrade.progress" +. /usr/local/opnsense/scripts/firmware/config.sh if [ -f ${LOCKFILE} ]; then cat ${LOCKFILE} | sed -E 's:/[a-z0-9]{8}(-[a-z0-9]{4}){3}-[a-z0-9]{12}/:/${SUBSCRIPTION}/:gi' diff --git a/src/opnsense/scripts/firmware/reinstall.sh b/src/opnsense/scripts/firmware/reinstall.sh index c8955bc16..c0deff0d2 100755 --- a/src/opnsense/scripts/firmware/reinstall.sh +++ b/src/opnsense/scripts/firmware/reinstall.sh @@ -25,7 +25,8 @@ # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE # POSSIBILITY OF SUCH DAMAGE. -LOCKFILE=/tmp/pkg_upgrade.progress +. /usr/local/opnsense/scripts/firmware/config.sh + PACKAGE=${1} REBOOT= diff --git a/src/opnsense/scripts/firmware/remove.sh b/src/opnsense/scripts/firmware/remove.sh index 470fd7946..80e446842 100755 --- a/src/opnsense/scripts/firmware/remove.sh +++ b/src/opnsense/scripts/firmware/remove.sh @@ -25,7 +25,8 @@ # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE # POSSIBILITY OF SUCH DAMAGE. -LOCKFILE=/tmp/pkg_upgrade.progress +. /usr/local/opnsense/scripts/firmware/config.sh + PACKAGE=${1} : > ${LOCKFILE} diff --git a/src/opnsense/scripts/firmware/resync.sh b/src/opnsense/scripts/firmware/resync.sh index f767853f3..c49add26e 100755 --- a/src/opnsense/scripts/firmware/resync.sh +++ b/src/opnsense/scripts/firmware/resync.sh @@ -24,7 +24,7 @@ # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE # POSSIBILITY OF SUCH DAMAGE. -LOCKFILE=/tmp/pkg_upgrade.progress +. /usr/local/opnsense/scripts/firmware/config.sh : > ${LOCKFILE} diff --git a/src/opnsense/scripts/firmware/running.sh b/src/opnsense/scripts/firmware/running.sh index d881a7177..3d92ab47f 100755 --- a/src/opnsense/scripts/firmware/running.sh +++ b/src/opnsense/scripts/firmware/running.sh @@ -24,8 +24,7 @@ # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE # POSSIBILITY OF SUCH DAMAGE. -LOCKFILE="/tmp/pkg_upgrade.progress" -FLOCK="/usr/local/bin/flock" +. /usr/local/opnsense/scripts/firmware/config.sh touch ${LOCKFILE} diff --git a/src/opnsense/scripts/firmware/security.sh b/src/opnsense/scripts/firmware/security.sh index 1442b580b..485eba4df 100755 --- a/src/opnsense/scripts/firmware/security.sh +++ b/src/opnsense/scripts/firmware/security.sh @@ -24,8 +24,7 @@ # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE # POSSIBILITY OF SUCH DAMAGE. -LOCKFILE="/tmp/pkg_upgrade.progress" -TEE="/usr/bin/tee -a" +. /usr/local/opnsense/scripts/firmware/config.sh : > ${LOCKFILE} diff --git a/src/opnsense/scripts/firmware/sync.sh b/src/opnsense/scripts/firmware/sync.sh index 8108c950f..e791c26c4 100755 --- a/src/opnsense/scripts/firmware/sync.sh +++ b/src/opnsense/scripts/firmware/sync.sh @@ -25,7 +25,7 @@ # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE # POSSIBILITY OF SUCH DAMAGE. -LOCKFILE=/tmp/pkg_upgrade.progress +. /usr/local/opnsense/scripts/firmware/config.sh : > ${LOCKFILE} diff --git a/src/opnsense/scripts/firmware/sync.subr.sh b/src/opnsense/scripts/firmware/sync.subr.sh index cc4f0d412..1e5be1022 100755 --- a/src/opnsense/scripts/firmware/sync.subr.sh +++ b/src/opnsense/scripts/firmware/sync.subr.sh @@ -24,9 +24,9 @@ # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE # POSSIBILITY OF SUCH DAMAGE. -LOCKFILE="/tmp/pkg_upgrade.progress" +. /usr/local/opnsense/scripts/firmware/config.sh + MUSTCHECK="yes" -TEE="/usr/bin/tee -a" for PACKAGE in $(/usr/local/sbin/pluginctl -g system.firmware.plugins | \ /usr/bin/sed 's/,/ /g'); do diff --git a/src/opnsense/scripts/firmware/unlock.sh b/src/opnsense/scripts/firmware/unlock.sh index 337fdc7ac..7158b97c0 100755 --- a/src/opnsense/scripts/firmware/unlock.sh +++ b/src/opnsense/scripts/firmware/unlock.sh @@ -25,7 +25,8 @@ # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE # POSSIBILITY OF SUCH DAMAGE. -LOCKFILE=/tmp/pkg_upgrade.progress +. /usr/local/opnsense/scripts/firmware/config.sh + PACKAGE=${1} : > ${LOCKFILE} diff --git a/src/opnsense/scripts/firmware/update.sh b/src/opnsense/scripts/firmware/update.sh index bff139c27..b59ce9a63 100755 --- a/src/opnsense/scripts/firmware/update.sh +++ b/src/opnsense/scripts/firmware/update.sh @@ -25,12 +25,10 @@ # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE # POSSIBILITY OF SUCH DAMAGE. -CMD=${1} -LOCKFILE="/tmp/pkg_upgrade.progress" -PIPEFILE="/tmp/pkg_upgrade.pipe" -TEE="/usr/bin/tee -a" +. /usr/local/opnsense/scripts/firmware/config.sh -DO_FORCE= +CMD=${1} +FORCE= : > ${LOCKFILE} rm -f ${PIPEFILE} @@ -41,7 +39,7 @@ echo "Currently running $(opnsense-version) at $(date)" >> ${LOCKFILE} # figure out if we are crossing ABIs if [ "$(opnsense-version -a)" != "$(opnsense-version -x)" ]; then - DO_FORCE="-f" + FORCE="-f" fi # figure out the release type from config @@ -55,7 +53,7 @@ ALWAYS_REBOOT=$(/usr/local/sbin/pluginctl -g system.firmware.reboot) PKGS_HASH=$(pkg query %n-%v 2> /dev/null | sha256) # upgrade all packages if possible -(opnsense-update ${DO_FORCE} -pt "opnsense${SUFFIX}" 2>&1) | ${TEE} ${LOCKFILE} +(opnsense-update ${FORCE} -pt "opnsense${SUFFIX}" 2>&1) | ${TEE} ${LOCKFILE} # restart the web server (/usr/local/etc/rc.restart_webgui 2>&1) | ${TEE} ${LOCKFILE} @@ -67,9 +65,9 @@ fi # if we can update base, we'll do that as well ${TEE} ${LOCKFILE} < ${PIPEFILE} & -if opnsense-update ${DO_FORCE} -bk -c > ${PIPEFILE} 2>&1; then +if opnsense-update ${FORCE} -bk -c > ${PIPEFILE} 2>&1; then ${TEE} ${LOCKFILE} < ${PIPEFILE} & - if opnsense-update ${DO_FORCE} -bk > ${PIPEFILE} 2>&1; then + if opnsense-update ${FORCE} -bk > ${PIPEFILE} 2>&1; then echo '***REBOOT***' >> ${LOCKFILE} sleep 5 /usr/local/etc/rc.reboot diff --git a/src/opnsense/scripts/firmware/upgrade.sh b/src/opnsense/scripts/firmware/upgrade.sh index c4c641ba2..b349a3d7c 100755 --- a/src/opnsense/scripts/firmware/upgrade.sh +++ b/src/opnsense/scripts/firmware/upgrade.sh @@ -25,9 +25,7 @@ # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE # POSSIBILITY OF SUCH DAMAGE. -LOCKFILE="/tmp/pkg_upgrade.progress" -PIPEFILE="/tmp/pkg_upgrade.pipe" -TEE="/usr/bin/tee -a" +. /usr/local/opnsense/scripts/firmware/config.sh : > ${LOCKFILE} rm -f ${PIPEFILE}