diff options
40 files changed, 6 insertions, 173 deletions
diff --git a/src/etc/inc/auth.inc b/src/etc/inc/auth.inc index 20d8a35..5d20fc3 100644 --- a/src/etc/inc/auth.inc +++ b/src/etc/inc/auth.inc @@ -370,7 +370,6 @@ function local_backed($username, $passwd) { function local_sync_accounts() { global $debug, $config; - conf_mount_rw(); /* remove local users to avoid uid conflicts */ $fd = popen("/usr/sbin/pw usershow -a", "r"); @@ -444,7 +443,6 @@ function local_sync_accounts() { } } - conf_mount_ro(); } @@ -456,7 +454,6 @@ function local_user_set(& $user) { return; } - conf_mount_rw(); $home_base = "/home/"; $user_uid = $user['uid']; @@ -578,7 +575,6 @@ function local_user_set(& $user) { $un = $lock_account ? "" : "un"; exec("/usr/sbin/pw {$un}lock " . escapeshellarg($user_name) . " -q 2>/dev/null"); - conf_mount_ro(); } function local_user_del($user) { diff --git a/src/etc/inc/captiveportal.inc b/src/etc/inc/captiveportal.inc index f06f36c..f6b3efe 100644 --- a/src/etc/inc/captiveportal.inc +++ b/src/etc/inc/captiveportal.inc @@ -1547,7 +1547,6 @@ function captiveportal_write_elements() { } if (is_array($cpcfg['element'])) { - conf_mount_rw(); foreach ($cpcfg['element'] as $data) { /* Do not attempt to decode or write out empty files. */ if (empty($data['content']) || empty(base64_decode($data['content']))) { @@ -1561,7 +1560,6 @@ function captiveportal_write_elements() { @symlink("{$g['captiveportal_element_path']}/{$data['name']}", "{$g['captiveportal_path']}/{$data['name']}"); } } - conf_mount_ro(); } return 0; diff --git a/src/etc/inc/config.inc b/src/etc/inc/config.inc index f074ac7..ae1dc22 100644 --- a/src/etc/inc/config.inc +++ b/src/etc/inc/config.inc @@ -83,9 +83,7 @@ if (platform_booting(true)) { if (!config_validate("{$g['conf_path']}/config.xml")) { log_error(gettext("ERROR! Could not convert m0n0wall -> pfsense in config.xml")); } - conf_mount_rw(); file_put_contents("/cf/conf/config.xml", $config_contents); - conf_mount_ro(); } unset($config_contents); } diff --git a/src/etc/inc/config.lib.inc b/src/etc/inc/config.lib.inc index d2e5a19..d14f17c 100644 --- a/src/etc/inc/config.lib.inc +++ b/src/etc/inc/config.lib.inc @@ -200,7 +200,6 @@ function restore_backup($file) { global $g; if (file_exists($file)) { - conf_mount_rw(); unlink_if_exists("{$g['tmp_path']}/config.cache"); copy("$file", "/cf/conf/config.xml"); pfSense_fsync("/cf/conf/config.xml"); @@ -208,7 +207,6 @@ function restore_backup($file) { disable_security_checks(); log_error(sprintf(gettext('%1$s is restoring the configuration %2$s'), $g['product_name'], $file)); file_notice("config.xml", sprintf(gettext('%1$s is restoring the configuration %2$s'), $g['product_name'], $file), "pfSenseConfigurator", ""); - conf_mount_ro(); } } @@ -459,7 +457,6 @@ function write_config($desc="Unknown", $backup = true, $write_config_only = fals $config['revision'] = make_config_revision_entry($desc); - conf_mount_rw(); $lockkey = lock('config', LOCK_EX); /* generate configuration XML */ @@ -499,16 +496,11 @@ function write_config($desc="Unknown", $backup = true, $write_config_only = fals unlock($lockkey); if ($write_config_only) { - /* tell kernel to sync fs data */ - conf_mount_ro(); return $config; } unlink_if_exists("/usr/local/pkg/pf/carp_sync_client.php"); - /* tell kernel to sync fs data */ - conf_mount_ro(); - /* sync carp entries to other firewalls */ carp_sync_client(); @@ -529,7 +521,6 @@ function write_config($desc="Unknown", $backup = true, $write_config_only = fals function reset_factory_defaults($lock = false, $reboot_required = true) { global $g; - conf_mount_rw(); /* Remove all additional packages */ mwexec("/bin/sh /usr/local/sbin/{$g['product_name']}-upgrade " . @@ -569,7 +560,6 @@ function reset_factory_defaults($lock = false, $reboot_required = true) { if (!$lock) { unlock($lockkey); } - conf_mount_ro(); setup_serial_port(); return 0; } @@ -583,7 +573,6 @@ function config_restore($conffile) { backup_config(); - conf_mount_rw(); $lockkey = lock('config', LOCK_EX); @@ -596,7 +585,6 @@ function config_restore($conffile) { $config = parse_config(true); - conf_mount_ro(); write_config(sprintf(gettext("Reverted to %s."), array_pop(explode("/", $conffile))), false); @@ -620,7 +608,6 @@ function config_install($conffile) { log_error(gettext("Installing configuration ....")); } - conf_mount_rw(); $lockkey = lock('config', LOCK_EX); copy($conffile, "{$g['conf_path']}/config.xml"); @@ -633,7 +620,6 @@ function config_install($conffile) { } unlock($lockkey); - conf_mount_ro(); return 0; } @@ -699,7 +685,6 @@ function cleanup_backupcache($lock = false) { $lockkey = lock('config'); } - conf_mount_rw(); $backups = get_backups(); if ($backups) { @@ -771,7 +756,6 @@ function cleanup_backupcache($lock = false) { fwrite($bakout, serialize($tocache)); fclose($bakout); pfSense_fsync("{$g['cf_conf_path']}/backup/backup.cache"); - conf_mount_ro(); if (!$lock) { unlock($lockkey); @@ -799,7 +783,6 @@ function get_backups() { function backup_config() { global $config, $g; - conf_mount_rw(); /* Create backup directory if needed */ safe_mkdir("{$g['cf_conf_path']}/backup"); @@ -830,7 +813,6 @@ function backup_config() { fclose($bakout); pfSense_fsync("{$g['cf_conf_path']}/backup/backup.cache"); - conf_mount_ro(); return true; } diff --git a/src/etc/inc/dyndns.class b/src/etc/inc/dyndns.class index 548b251..059cb1f 100644 --- a/src/etc/inc/dyndns.class +++ b/src/etc/inc/dyndns.class @@ -1458,7 +1458,6 @@ if ($successful_update == true) { /* Write WAN IP to cache file */ $wan_ip = $this->_checkIP(); - conf_mount_rw(); if ($this->_useIPv6 == false && $wan_ip > 0) { $currentTime = time(); notify_all_remote(sprintf(gettext('DynDNS updated IP Address on %1$s (%2$s) to %3$s'), convert_real_interface_to_friendly_descr($this->_if), $this->_if, $wan_ip)); @@ -1475,7 +1474,6 @@ } else { @unlink($this->_cacheFile_v6); } - conf_mount_ro(); } $this->status = $status; log_error($status); @@ -1558,10 +1556,8 @@ $initial = false; $log_error .= sprintf(gettext("Cached IPv6: %s"), $cacheIP); } else { - conf_mount_rw(); $cacheIP = '::'; @file_put_contents($this->_cacheFile, "::|{$currentTime}"); - conf_mount_ro(); $cacheTime = $currentTime; $initial = true; $log_error .= gettext("No Cached IPv6 found."); @@ -1574,10 +1570,8 @@ $initial = false; $log_error .= sprintf(gettext("Cached IP: %s"), $cacheIP); } else { - conf_mount_rw(); $cacheIP = '0.0.0.0'; @file_put_contents($this->_cacheFile, "0.0.0.0:{$currentTime}"); - conf_mount_ro(); $cacheTime = $currentTime; $initial = true; $log_error .= gettext("No Cached IP found."); @@ -1634,11 +1628,9 @@ return; } $string = date('m-d-y h:i:s').' - ('.$this->_debugID.') - ['.$this->_dnsService.'] - '.$data."\n"; - conf_mount_rw(); $file = fopen($this->_debugFile, 'a'); fwrite($file, $string); fclose($file); - conf_mount_ro(); } function _checkIP() { global $debug; diff --git a/src/etc/inc/filter.inc b/src/etc/inc/filter.inc index 5408ae6..96607af 100644 --- a/src/etc/inc/filter.inc +++ b/src/etc/inc/filter.inc @@ -730,14 +730,12 @@ function filter_generate_aliases() { $aliases .= "table <snort2c>\n"; $aliases .= "table <virusprot>\n"; if (!file_exists("/etc/bogons") || !file_exists("/etc/bogonsv6")) { - conf_mount_rw(); if (!file_exists("/etc/bogons")) { @file_put_contents("/etc/bogons", ""); } if (!file_exists("/etc/bogonsv6")) { @file_put_contents("/etc/bogonsv6", ""); } - conf_mount_ro(); } $aliases .= "table <bogons> persist file \"/etc/bogons\"\n"; if (is_bogonsv6_used()) { diff --git a/src/etc/inc/interfaces.inc b/src/etc/inc/interfaces.inc index 749d930..b73ed7c 100644 --- a/src/etc/inc/interfaces.inc +++ b/src/etc/inc/interfaces.inc @@ -1995,15 +1995,11 @@ EOD; // Create the uptime log if requested and if it doesn't exist already, or delete it if it is no longer requested. if (isset($ppp['uptime'])) { if (!file_exists("/conf/{$pppif}.log")) { - conf_mount_rw(); file_put_contents("/conf/{$pppif}.log", ''); - conf_mount_ro(); } } else { if (file_exists("/conf/{$pppif}.log")) { - conf_mount_rw(); @unlink("/conf/{$pppif}.log"); - conf_mount_ro(); } } @@ -2706,7 +2702,6 @@ function interface_wireless_configure($if, &$wl, &$wlcfg) { mwexec(kill_wpasupplicant("{$if}")); /* generate wpa_supplicant/hostap config if wpa is enabled */ - conf_mount_rw(); switch ($wlcfg['mode']) { case 'bss': @@ -2859,7 +2854,6 @@ EOD; } fclose($fd_set); - conf_mount_ro(); /* Making sure regulatory settings have actually changed * before applying, because changing them requires bringing diff --git a/src/etc/inc/pfsense-utils.inc b/src/etc/inc/pfsense-utils.inc index c258f1f..17dc051 100644 --- a/src/etc/inc/pfsense-utils.inc +++ b/src/etc/inc/pfsense-utils.inc @@ -788,7 +788,6 @@ function backup_config_section($section_name) { */ function restore_config_section($section_name, $new_contents) { global $config, $g; - conf_mount_rw(); $fout = fopen("{$g['tmp_path']}/tmpxml", "w"); fwrite($fout, $new_contents); fclose($fout); @@ -816,7 +815,6 @@ function restore_config_section($section_name, $new_contents) { } write_config(sprintf(gettext("Restored %s of config file (maybe from CARP partner)"), $section_name)); disable_security_checks(); - conf_mount_ro(); return true; } @@ -828,7 +826,6 @@ function restore_config_section($section_name, $new_contents) { */ function merge_config_section($section_name, $new_contents) { global $config; - conf_mount_rw(); $fname = get_tmp_filename(); $fout = fopen($fname, "w"); fwrite($fout, $new_contents); @@ -838,7 +835,6 @@ function merge_config_section($section_name, $new_contents) { unlink($fname); write_config(sprintf(gettext("Restored %s of config file (maybe from CARP partner)"), $section_name)); disable_security_checks(); - conf_mount_ro(); return; } @@ -1057,10 +1053,8 @@ function reload_all_sync() { system_ntp_configure(); /* sync pw database */ - conf_mount_rw(); unlink_if_exists("/etc/spwd.db.tmp"); mwexec("/usr/sbin/pwd_mkdb -d /etc/ /etc/master.passwd"); - conf_mount_ro(); /* restart sshd */ send_event("service restart sshd"); @@ -1071,7 +1065,6 @@ function reload_all_sync() { function setup_serial_port($when = "save", $path = "") { global $g, $config; - conf_mount_rw(); $ttys_file = "{$path}/etc/ttys"; $boot_config_file = "{$path}/boot.config"; $loader_conf_file = "{$path}/boot/loader.conf"; @@ -1197,7 +1190,6 @@ function setup_serial_port($when = "save", $path = "") { reload_ttys(); } - conf_mount_ro(); return; } @@ -2372,7 +2364,6 @@ function process_alias_urltable($name, $type, $url, $freq, $forceupdate=false, $ $forceupdate) { // Try to fetch the URL supplied - conf_mount_rw(); unlink_if_exists($tmp_urltable_filename); $verify_ssl = isset($config['system']['checkaliasesurlcert']); if (download_file($url, $tmp_urltable_filename, $verify_ssl)) { @@ -2403,10 +2394,8 @@ function process_alias_urltable($name, $type, $url, $freq, $forceupdate=false, $ if (!$validateonly) { touch($urltable_filename); } - conf_mount_ro(); return false; } - conf_mount_ro(); return true; } else { // File exists, and it doesn't need to be updated. @@ -2464,7 +2453,6 @@ function nanobsd_switch_boot_slice() { $ATOFLASH = "{$BOOT_DRIVE}s{$ASLICE}"; $ACOMPLETE_PATH = "{$BOOT_DRIVE}s{$ASLICE}a"; $ABOOTFLASH = "{$BOOT_DRIVE}s{$AOLDSLICE}"; - conf_mount_rw(); set_single_sysctl("kern.geom.debugflags", "16"); exec("/sbin/gpart set -a active -i {$ASLICE} {$BOOT_DRIVE}"); exec("/usr/sbin/boot0cfg -s {$ASLICE} -v /dev/{$BOOT_DRIVE}"); @@ -2474,7 +2462,6 @@ function nanobsd_switch_boot_slice() { nanobsd_update_fstab($AGLABEL_SLICE, $ACOMPLETE_PATH, $AOLD_UFS_ID, $AUFS_ID); } set_single_sysctl("kern.geom.debugflags", "0"); - conf_mount_ro(); } function nanobsd_clone_slice() { global $SLICE, $OLDSLICE, $TOFLASH, $COMPLETE_PATH, $COMPLETE_BOOT_PATH; diff --git a/src/etc/inc/pkg-utils.inc b/src/etc/inc/pkg-utils.inc index ad16d71..d498511 100644 --- a/src/etc/inc/pkg-utils.inc +++ b/src/etc/inc/pkg-utils.inc @@ -124,14 +124,12 @@ function pkg_call($params, $mute = false, $extra_env = array()) { 2 => array("pipe", "w") /* stderr */ ); - conf_mount_rw(); pkg_debug("pkg_call(): {$params}\n"); $process = proc_open("/usr/sbin/pkg {$params}", $descriptorspec, $pipes, '/', pkg_env($extra_env)); if (!is_resource($process)) { - conf_mount_ro(); return false; } @@ -172,7 +170,6 @@ function pkg_call($params, $mute = false, $extra_env = array()) { fclose($pipes[2]); proc_close($process); - conf_mount_ro(); $rc = $status['exitcode']; @@ -209,14 +206,12 @@ function pkg_exec($params, &$stdout, &$stderr, $extra_env = array()) { 2 => array("pipe", "w") /* stderr */ ); - conf_mount_rw(); pkg_debug("pkg_exec(): {$params}\n"); $process = proc_open("/usr/sbin/pkg {$params}", $descriptorspec, $pipes, '/', pkg_env($extra_env)); if (!is_resource($process)) { - conf_mount_ro(); return -1; } @@ -232,7 +227,6 @@ function pkg_exec($params, &$stdout, &$stderr, $extra_env = array()) { } fclose($pipes[2]); - conf_mount_ro(); return proc_close($process); } @@ -493,7 +487,6 @@ function resync_all_package_configs($show_message = false) { echo "Syncing packages:"; } - conf_mount_rw(); foreach ($config['installedpackages']['package'] as $idx => $package) { if (empty($package['name'])) { @@ -514,7 +507,6 @@ function resync_all_package_configs($show_message = false) { } @unlink("/conf/needs_package_sync"); - conf_mount_ro(); } function uninstall_package($package_name) { @@ -673,7 +665,6 @@ function install_package_xml($package_name) { } /* safe side. Write config below will send to ro again. */ - conf_mount_rw(); pkg_debug(gettext("Beginning package installation.") . "\n"); log_error(sprintf(gettext('Beginning package installation for %s .'), $pkg_info['name'])); @@ -692,7 +683,6 @@ function install_package_xml($package_name) { } unlink_if_exists('/conf/needs_package_sync'); write_config(sprintf(gettext("Intermediate config write during package install for %s."), $pkg_info['name'])); - conf_mount_ro(); update_status($to_output); if (($pkgid = get_package_id($package_name)) == -1) { @@ -822,14 +812,12 @@ function install_package_xml($package_name) { function delete_package_xml($package_name, $when = "post-deinstall") { global $g, $config, $pkg_interface; - conf_mount_rw(); $pkgid = get_package_id($package_name); if ($pkgid == -1) { update_status(sprintf(gettext("The %s package is not installed.%sDeletion aborted."), $package_name, "\n\n")); ob_flush(); sleep(1); - conf_mount_ro(); return; } pkg_debug(sprintf(gettext("Removing %s package... "), $package_name)); @@ -952,7 +940,6 @@ function delete_package_xml($package_name, $when = "post-deinstall") { system_syslogd_start(); } - conf_mount_ro(); } /* diff --git a/src/etc/inc/services.inc b/src/etc/inc/services.inc index b5adc7f..600b03b 100644 --- a/src/etc/inc/services.inc +++ b/src/etc/inc/services.inc @@ -2585,7 +2585,6 @@ EOD; $maxCacheAgeSecs = 25 * 24 * 60 * 60; $need_update = false; - conf_mount_rw(); /* Update IPv4 if we have it. */ if (is_ipaddrv4($wanip) && $dnsupdate['recordtype'] != "AAAA") { if (($wanip != $cachedipv4) || (($currentTime - $cacheTimev4) > $maxCacheAgeSecs) || $forced) { @@ -2617,7 +2616,6 @@ EOD; } else { @unlink("{$cacheFile}.ipv6"); } - conf_mount_ro(); $upinst .= "\n"; /* mind that trailing newline! */ @@ -2647,7 +2645,6 @@ EOD; function configure_cron() { global $g, $config; - conf_mount_rw(); /* preserve existing crontab entries */ $crontab_contents = file("/etc/crontab", FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES); @@ -2703,7 +2700,6 @@ function configure_cron() { sigkillbypid("{$g['varrun_path']}/cron.pid", "HUP"); } - conf_mount_ro(); } function upnp_action ($action) { diff --git a/src/etc/inc/system.inc b/src/etc/inc/system.inc index f25a861..1f4a2de 100644 --- a/src/etc/inc/system.inc +++ b/src/etc/inc/system.inc @@ -1489,11 +1489,9 @@ function system_timezone_configure() { /* extract appropriate timezone file */ $timezone = (isset($syscfg['timezone']) ? $syscfg['timezone'] : $g['default_timezone']); - conf_mount_rw(); /* DO NOT remove \n otherwise tzsetup will fail */ @file_put_contents("/var/db/zoneinfo", $timezone . "\n"); mwexec("/usr/sbin/tzsetup -r"); - conf_mount_ro(); if (platform_booting()) { echo gettext("done.") . "\n"; @@ -1509,7 +1507,6 @@ function system_ntp_setup_gps($serialport) { return false; } - conf_mount_rw(); // Create symlink that ntpd requires unlink_if_exists($gps_device); @symlink($serialport, $gps_device); @@ -1554,7 +1551,6 @@ function system_ntp_setup_gps($serialport) { @file_put_contents("/etc/remote", "gps0:dv={$serialport}:br#{$gpsbaud}:pa=none:\n", FILE_APPEND); } - conf_mount_ro(); return true; } @@ -1569,12 +1565,10 @@ function system_ntp_setup_pps($serialport) { return false; } - conf_mount_rw(); // Create symlink that ntpd requires unlink_if_exists($pps_device); @symlink($serialport, $pps_device); - conf_mount_ro(); return true; } diff --git a/src/etc/inc/upgrade_config.inc b/src/etc/inc/upgrade_config.inc index 06734ff..a0f6b67 100644 --- a/src/etc/inc/upgrade_config.inc +++ b/src/etc/inc/upgrade_config.inc @@ -2193,7 +2193,7 @@ function upgrade_054_to_055() { } /* Let's save the RRD graphs after we run enable RRD graphing */ /* The function will restore the rrd.tgz so we will save it after */ - exec("cd /; LANG=C NO_REMOUNT=1 RRDDBPATH='{$rrddbpath}' CF_CONF_PATH='{$g['cf_conf_path']}' /etc/rc.backup_rrd.sh"); + exec("cd /; LANG=C RRDDBPATH='{$rrddbpath}' CF_CONF_PATH='{$g['cf_conf_path']}' /etc/rc.backup_rrd.sh"); unlink_if_exists("{$g['vardb_path']}/rrd/*.xml"); if (platform_booting()) { echo "Updating configuration..."; @@ -2927,7 +2927,7 @@ function upgrade_080_to_081() { } /* Let's save the RRD graphs after we run enable RRD graphing */ /* The function will restore the rrd.tgz so we will save it after */ - exec("cd /; LANG=C NO_REMOUNT=1 RRDDBPATH='{$rrddbpath}' CF_CONF_PATH='{$g['cf_conf_path']}' /etc/rc.backup_rrd.sh"); + exec("cd /; LANG=C RRDDBPATH='{$rrddbpath}' CF_CONF_PATH='{$g['cf_conf_path']}' /etc/rc.backup_rrd.sh"); if (platform_booting()) { echo "Updating configuration..."; } @@ -3286,7 +3286,7 @@ function upgrade_095_to_096() { } /* Let's save the RRD graphs after we run enable RRD graphing */ /* The function will restore the rrd.tgz so we will save it after */ - exec("cd /; LANG=C NO_REMOUNT=1 RRDDBPATH='{$rrddbpath}' CF_CONF_PATH='{$g['cf_conf_path']}' /etc/rc.backup_rrd.sh"); + exec("cd /; LANG=C RRDDBPATH='{$rrddbpath}' CF_CONF_PATH='{$g['cf_conf_path']}' /etc/rc.backup_rrd.sh"); } function upgrade_096_to_097() { @@ -4673,7 +4673,7 @@ function upgrade_145_to_146() { } /* Let's save the RRD graphs after we run enable RRD graphing */ /* The function will restore the rrd.tgz so we will save it after */ - exec("cd /; LANG=C NO_REMOUNT=1 RRDDBPATH='{$rrddbpath}' CF_CONF_PATH='{$g['cf_conf_path']}' /etc/rc.backup_rrd.sh"); + exec("cd /; LANG=C RRDDBPATH='{$rrddbpath}' CF_CONF_PATH='{$g['cf_conf_path']}' /etc/rc.backup_rrd.sh"); } function upgrade_bgpd_146_to_147() { diff --git a/src/etc/inc/vpn.inc b/src/etc/inc/vpn.inc index 29655cb..9217cc2 100644 --- a/src/etc/inc/vpn.inc +++ b/src/etc/inc/vpn.inc @@ -199,17 +199,14 @@ function vpn_ipsec_configure($restart = false) { if (!file_exists("/usr/local/etc/ipsec.d") || !is_link("/usr/local/etc/ipsec.d")) { - conf_mount_rw(); if (file_exists("/usr/local/etc/ipsec.d")) { rmdir_recursive("/usr/local/etc/ipsec.d"); } @symlink("{$g['varetc_path']}/ipsec/ipsec.d", "/usr/local/etc/ipsec.d"); - conf_mount_ro(); } if (!file_exists("{$g['varetc_path']}/etc/strongswan.d") || !is_link("{$g['varetc_path']}/etc/strongswan.d")) { - conf_mount_rw(); if (is_link("{$g['varetc_path']}/etc/strongswan.d")) { @unlink("{$g['varetc_path']}/etc/strongswan.d"); } else { @@ -217,23 +214,18 @@ function vpn_ipsec_configure($restart = false) { } @symlink("/usr/local/etc/strongswan.d", "{$g['varetc_path']}/ipsec/strongswan.d"); - conf_mount_ro(); } if (!file_exists("/usr/local/etc/strongswan.conf") || !is_link("/usr/local/etc/strongswan.conf")) { - conf_mount_rw(); @unlink("/usr/local/etc/strongswan.conf"); @symlink("{$g['varetc_path']}/ipsec/strongswan.conf", "/usr/local/etc/strongswan.conf"); - conf_mount_ro(); } if (!file_exists("/usr/local/etc/ipsec.conf") || !is_link("/usr/local/etc/ipsec.conf")) { - conf_mount_rw(); @unlink("/usr/local/etc/ipsec.conf"); @symlink("{$g['varetc_path']}/ipsec/ipsec.conf", "/usr/local/etc/ipsec.conf"); - conf_mount_ro(); } if (platform_booting()) { diff --git a/src/etc/phpshellsessions/gitsync b/src/etc/phpshellsessions/gitsync index 522ba2b..04f70c5 100644 --- a/src/etc/phpshellsessions/gitsync +++ b/src/etc/phpshellsessions/gitsync @@ -153,7 +153,6 @@ function run_cmds($cmds) { } unlink_if_exists("/tmp/config.cache"); -conf_mount_rw(); if (!file_exists($GIT_BIN)) { require_once("pkg-utils.inc"); @@ -258,7 +257,6 @@ if (!$found) { } if (!$found) { echo "\nNo valid branch found. Exiting.\n\n"; - conf_mount_ro(); exit; } } @@ -305,13 +303,11 @@ if (!$args[0] && !$upgrading) { if ($branch == "RESTORE" && $g['platform'] == $g['product_name']) { if (!file_exists("/root/cvssync_backup.tgz")) { echo "Sorry, we could not find a previous CVSSync backup file.\n"; - conf_mount_ro(); exit(); } echo "===> Restoring previous CVSSync backup... Please wait...\n"; exec("tar Uxpf /root/cvssync_backup.tgz -C /"); post_cvssync_commands(); - conf_mount_ro(); exit(); } else { $nobackup = true; // do not backup embedded @@ -370,7 +366,6 @@ foreach ($merge_repos as $merge_repo) { if ($ret <> 0) { echo "\nMerge failed. Aborting sync.\n\n"; run_cmds($git_cmd); - conf_mount_ro(); exit; } } @@ -526,4 +521,3 @@ if (!$upgrading) { echo "Your system is now sync'd.\n\n"; } -conf_mount_ro(); diff --git a/src/etc/rc.backup_aliastables.sh b/src/etc/rc.backup_aliastables.sh index dfc8b72..7999b0a 100755 --- a/src/etc/rc.backup_aliastables.sh +++ b/src/etc/rc.backup_aliastables.sh @@ -7,8 +7,6 @@ # Save the alias tables database to the RAM disk store. if [ -d "${DBPATH}" ]; then - [ -z "$NO_REMOUNT" ] && /etc/rc.conf_mount_rw - if [ ! -d "${RAM_Disk_Store}" ]; then mkdir -p "${RAM_Disk_Store}" fi @@ -19,6 +17,4 @@ if [ -d "${DBPATH}" ]; then cd / && /usr/bin/tar -czf "${RAM_Disk_Store}/${filename}.tgz" -C / "${DBPATH}/${filename}" fi done - - [ -z "$NO_REMOUNT" ] && /etc/rc.conf_mount_ro fi diff --git a/src/etc/rc.backup_dhcpleases.sh b/src/etc/rc.backup_dhcpleases.sh index 73f83a8..7a8e741 100755 --- a/src/etc/rc.backup_dhcpleases.sh +++ b/src/etc/rc.backup_dhcpleases.sh @@ -2,7 +2,5 @@ # Save the DHCP lease database to the config path. if [ -d "/var/dhcpd/var/db" ]; then - /etc/rc.conf_mount_rw cd / && tar -czf /cf/conf/dhcpleases.tgz -C / var/dhcpd/var/db/ - /etc/rc.conf_mount_ro fi diff --git a/src/etc/rc.backup_rrd.sh b/src/etc/rc.backup_rrd.sh index c14ffc7..7914bd1 100755 --- a/src/etc/rc.backup_rrd.sh +++ b/src/etc/rc.backup_rrd.sh @@ -5,7 +5,6 @@ # Save the rrd databases to the config path. if [ -d "${RRDDBPATH}" ]; then - [ -z "$NO_REMOUNT" ] && /etc/rc.conf_mount_rw [ -f "${CF_CONF_PATH}/rrd.tgz" ] && /bin/rm -f "${CF_CONF_PATH}"/rrd.tgz tgzlist="" @@ -22,6 +21,5 @@ if [ -d "${RRDDBPATH}" ]; then cd / && /usr/bin/tar -czf "${CF_CONF_PATH}/rrd.tgz" ${tgzlist} /bin/rm -f "${RRDDBPATH}"/*.tgz fi - [ -z "$NO_REMOUNT" ] && /etc/rc.conf_mount_ro fi diff --git a/src/etc/rc.bootup b/src/etc/rc.bootup index 134bb20..45adad7 100755 --- a/src/etc/rc.bootup +++ b/src/etc/rc.bootup @@ -73,7 +73,6 @@ $physmem = $memory[0]; $realmem = $memory[1]; echo " done.\n"; -conf_mount_rw(); /* save dmesg output to file */ system_dmesg_save(); @@ -389,6 +388,5 @@ if ($ipsec_dynamic_hosts || !empty($filterdns)) { led_normalize(); -conf_mount_ro(); ?> diff --git a/src/etc/rc.conf_mount_ro b/src/etc/rc.conf_mount_ro index 3ea8fa2..9c8b903 100755 --- a/src/etc/rc.conf_mount_ro +++ b/src/etc/rc.conf_mount_ro @@ -20,8 +20,6 @@ * limitations under the License. */ -require_once("config.inc"); - -conf_mount_ro(); +/* Do nothing */ ?> diff --git a/src/etc/rc.conf_mount_rw b/src/etc/rc.conf_mount_rw index a760ac4..0910720 100755 --- a/src/etc/rc.conf_mount_rw +++ b/src/etc/rc.conf_mount_rw @@ -20,8 +20,6 @@ * limitations under the License. */ -require_once("config.inc"); - -conf_mount_rw(); +/* Do nothing */ ?> diff --git a/src/etc/rc.initial.toggle_sshd b/src/etc/rc.initial.toggle_sshd index 33524cc..59699c9 100755 --- a/src/etc/rc.initial.toggle_sshd +++ b/src/etc/rc.initial.toggle_sshd @@ -25,7 +25,6 @@ require_once("config.inc"); require_once("functions.inc"); require_once("filter.inc"); -conf_mount_rw(); $fp = fopen('php://stdin', 'r'); @@ -63,4 +62,3 @@ if (isset($config['system']['enablesshd'])) { fclose($fp); -conf_mount_ro(); diff --git a/src/etc/rc.php-fpm_restart b/src/etc/rc.php-fpm_restart index 0c0b270..3af827e 100755 --- a/src/etc/rc.php-fpm_restart +++ b/src/etc/rc.php-fpm_restart @@ -28,7 +28,6 @@ sleep 2 # Run the php.ini setup file and populate # /usr/local/etc/php.ini -/etc/rc.conf_mount_rw /etc/rc.php_ini_setup 2>/tmp/php_errors.txt /bin/rm -f /var/run/php-fpm.pid 2>/dev/null /bin/rm -f /var/run/php-fpm.socket 2>/dev/null @@ -37,7 +36,6 @@ if [ -f /tmp/xmlrpc.lock ]; then echo ">>> Found XMLRPC lock. Removing." | /usr/bin/logger -p daemon.info -i -t rc.php-fpm_restart rm /tmp/xmlrpc.lock fi -/etc/rc.conf_mount_ro echo ">>> Restarting php-fpm" | /usr/bin/logger -p daemon.info -i -t rc.php-fpm_restart echo ">>> Starting php-fpm" /usr/local/sbin/php-fpm -c /usr/local/etc/php.ini -y /usr/local/lib/php-fpm.conf -RD 2>&1 >/dev/null diff --git a/src/etc/rc.restore_config_backup b/src/etc/rc.restore_config_backup index 31dbfa3..f9237e6 100755 --- a/src/etc/rc.restore_config_backup +++ b/src/etc/rc.restore_config_backup @@ -91,7 +91,6 @@ function restore_history_backup($number) { echo gettext("Y/N?") . " : "; $confirm = strtoupper(chop(fgets($fp))); if ($confirm == gettext("Y")) { - conf_mount_rw(); if (config_restore($g['conf_path'] . '/backup/config-' . $thisbackup['time'] . '.xml') == 0) { echo "\n"; echo sprintf(gettext('Successfully reverted to timestamp %1$s with description "%2$s".'), date(gettext("n/j/y H:i:s"), $thisbackup['time']), $thisbackup['description']); @@ -99,7 +98,6 @@ function restore_history_backup($number) { } else { echo gettext("Unable to revert to the selected configuration.") . "\n"; } - conf_mount_ro(); } else { echo gettext("Restore cancelled.") . "\n"; } diff --git a/src/etc/rc.update_bogons.sh b/src/etc/rc.update_bogons.sh index 02115e1..bcb8654 100755 --- a/src/etc/rc.update_bogons.sh +++ b/src/etc/rc.update_bogons.sh @@ -106,9 +106,6 @@ BOGON_V6_CKSUM=`/usr/bin/fetch -T 30 -q -o - "${v6urlcksum}" | awk '{ print $4 } ON_DISK_V6_CKSUM=`md5 /tmp/bogonsv6 | awk '{ print $4 }'` if [ "$BOGON_V4_CKSUM" = "$ON_DISK_V4_CKSUM" ] || [ "$BOGON_V6_CKSUM" = "$ON_DISK_V6_CKSUM" ]; then - # At least one of the downloaded checksums matches, so mount RW - /etc/rc.conf_mount_rw - ENTRIES_MAX=`pfctl -s memory | awk '/table-entries/ { print $4 }'` if [ "$BOGON_V4_CKSUM" = "$ON_DISK_V4_CKSUM" ]; then @@ -154,9 +151,6 @@ if [ "$BOGON_V4_CKSUM" = "$ON_DISK_V4_CKSUM" ] || [ "$BOGON_V6_CKSUM" = "$ON_DIS echo "Could not download ${v6url} (checksum mismatch)" | logger checksum_error="true" fi - - # We mounted RW, so switch back to RO - /etc/rc.conf_mount_ro fi if [ "$checksum_error" != "" ]; then diff --git a/src/etc/sshd b/src/etc/sshd index d4864e9..48959b9 100755 --- a/src/etc/sshd +++ b/src/etc/sshd @@ -30,11 +30,6 @@ if (!isset($config['system']['enablesshd'])) { return; } -/* are we already running? if not, do conf_mount_rw(), otherwise it should already be rw */ -if (!is_subsystem_dirty('sshdkeys')) { - conf_mount_rw(); -} - $sshConfigDir = "/etc/ssh"; $keys = array( @@ -198,6 +193,5 @@ if ($g['platform'] == "nanobsd") { } $_gb = exec("/bin/cp -p {$sshConfigDir}/ssh_host* /conf/sshd"); } -conf_mount_ro(); unset($keys, $keyfiles); ?> diff --git a/src/usr/local/sbin/pfSsh.php b/src/usr/local/sbin/pfSsh.php index 8c49c67..c91ab7e 100755 --- a/src/usr/local/sbin/pfSsh.php +++ b/src/usr/local/sbin/pfSsh.php @@ -269,7 +269,6 @@ while ($shell_active == true) { fwrite($recording_fd, $playbackbuffer); fclose($recording_fd); $command = ""; - conf_mount_ro(); echo "Recording stopped.\n"; $recording = false; } else { @@ -293,7 +292,6 @@ while ($shell_active == true) { $command = ""; } else { /* time to record */ - conf_mount_rw(); safe_mkdir("/etc/phpshellsessions"); $recording_fn = basename($command_split[1]); $recording_fd = fopen("/etc/phpshellsessions/{$recording_fn}","w"); diff --git a/src/usr/local/sbin/ppp-log-uptime.sh b/src/usr/local/sbin/ppp-log-uptime.sh index 53f301c..d853675 100755 --- a/src/usr/local/sbin/ppp-log-uptime.sh +++ b/src/usr/local/sbin/ppp-log-uptime.sh @@ -19,6 +19,4 @@ # limitations under the License. #write the uptime in seconds to the persistent log in /conf/ -/etc/rc.conf_mount_rw /bin/echo `date -j +%Y.%m.%d-%H:%M:%S` $1 >> /conf/$2.log -/etc/rc.conf_mount_ro diff --git a/src/usr/local/www/diag_backup.php b/src/usr/local/www/diag_backup.php index db38df1..bd3de22 100644 --- a/src/usr/local/www/diag_backup.php +++ b/src/usr/local/www/diag_backup.php @@ -164,9 +164,7 @@ function check_and_returnif_section_exists($section) { if ($_POST['apply']) { ob_flush(); flush(); - conf_mount_rw(); clear_subsystem_dirty("restore"); - conf_mount_ro(); exit; } @@ -311,7 +309,6 @@ if ($_POST) { write_config(); add_base_packages_menu_items(); convert_config(); - conf_mount_ro(); } filter_configure(); $savemsg = gettext("The configuration area has been restored. The firewall may need to be rebooted."); @@ -325,7 +322,6 @@ if ($_POST) { file_put_contents($_FILES['conffile']['tmp_name'], $data); if (config_install($_FILES['conffile']['tmp_name']) == 0) { /* this will be picked up by /index.php */ - conf_mount_rw(); mark_subsystem_dirty("restore"); touch("/conf/needs_package_sync_after_reboot"); /* remove cache, we will force a config reboot */ @@ -349,7 +345,6 @@ if ($_POST) { write_config(); add_base_packages_menu_items(); convert_config(); - conf_mount_ro(); } if ($m0n0wall_upgrade == true) { if ($config['system']['gateway'] <> "") { @@ -411,7 +406,6 @@ if ($_POST) { write_config(); add_base_packages_menu_items(); convert_config(); - conf_mount_ro(); $savemsg = gettext("The m0n0wall configuration has been restored and upgraded to pfSense."); mark_subsystem_dirty("restore"); } diff --git a/src/usr/local/www/diag_command.php b/src/usr/local/www/diag_command.php index 8ab67a2..a2de181 100644 --- a/src/usr/local/www/diag_command.php +++ b/src/usr/local/www/diag_command.php @@ -61,7 +61,6 @@ if ($_POST['submit'] == "DOWNLOAD" && file_exists($_POST['dlPath'])) { } if ($_POST) { - conf_mount_rw(); } // Function: is Blank @@ -324,5 +323,4 @@ if ($_POST['submit'] == "EXEC" && !isBlank($_POST['txtCommand'])):?> include("foot.inc"); if ($_POST) { - conf_mount_ro(); } diff --git a/src/usr/local/www/diag_confbak.php b/src/usr/local/www/diag_confbak.php index d97ca17..390f295 100644 --- a/src/usr/local/www/diag_confbak.php +++ b/src/usr/local/www/diag_confbak.php @@ -44,7 +44,6 @@ if (isset($_POST['backupcount'])) { return; } - conf_mount_rw(); $confvers = unserialize(file_get_contents($g['cf_conf_path'] . '/backup/backup.cache')); if ($_GET['newver'] != "") { @@ -58,7 +57,6 @@ if (isset($_POST['backupcount'])) { unlink_if_exists($g['conf_path'] . '/backup/config-' . $_GET['rmver'] . '.xml'); $savemsg = sprintf(gettext('Deleted backup with timestamp %1$s and description "%2$s".'), date(gettext("n/j/y H:i:s"), $_GET['rmver']), htmlspecialchars($confvers[$_GET['rmver']]['description'])); } - conf_mount_ro(); } if ($_GET['getcfg'] != "") { diff --git a/src/usr/local/www/diag_edit.php b/src/usr/local/www/diag_edit.php index c419136..10964ea 100644 --- a/src/usr/local/www/diag_edit.php +++ b/src/usr/local/www/diag_edit.php @@ -65,10 +65,8 @@ if ($_POST['action']) { print_info_box(gettext("No file name specified."), 'danger'); print('|'); } else { - conf_mount_rw(); $_POST['data'] = str_replace("\r", "", base64_decode($_POST['data'])); $ret = file_put_contents($_POST['file'], $_POST['data']); - conf_mount_ro(); if ($_POST['file'] == "/conf/config.xml" || $_POST['file'] == "/cf/conf/config.xml") { if (file_exists("/tmp/config.cache")) { unlink("/tmp/config.cache"); diff --git a/src/usr/local/www/diag_packet_capture.php b/src/usr/local/www/diag_packet_capture.php index 099906b..5b15ada 100644 --- a/src/usr/local/www/diag_packet_capture.php +++ b/src/usr/local/www/diag_packet_capture.php @@ -188,7 +188,6 @@ if ($_POST) { if (!count($input_errors)) { $do_tcpdump = true; - conf_mount_rw(); if ($_POST['promiscuous']) { //if promiscuous mode is checked @@ -491,7 +490,6 @@ if ($do_tcpdump) : system("/usr/sbin/tcpdump {$disabledns} {$detail_args} {$iscarp} -r {$fp}{$fn}"); print('</textarea>'); - conf_mount_ro(); ?> </div> </div> diff --git a/src/usr/local/www/index.php b/src/usr/local/www/index.php index d1a5ed32..460ddbd 100644 --- a/src/usr/local/www/index.php +++ b/src/usr/local/www/index.php @@ -165,9 +165,7 @@ if (file_exists('/conf/needs_package_sync')) { } } } else { - conf_mount_rw(); @unlink('/conf/needs_package_sync'); - conf_mount_ro(); } } diff --git a/src/usr/local/www/interfaces.php b/src/usr/local/www/interfaces.php index b976c2a..9ee3a12 100644 --- a/src/usr/local/www/interfaces.php +++ b/src/usr/local/www/interfaces.php @@ -467,7 +467,6 @@ if ($_POST['apply']) { } else { $pconfig['track6-prefix-id'] = 0; } - conf_mount_rw(); /* filter out spaces from descriptions */ $_POST['descr'] = remove_bad_chars($_POST['descr']); @@ -1392,7 +1391,6 @@ if ($_POST['apply']) { handle_wireless_post(); } - conf_mount_ro(); write_config(); if (file_exists("{$g['tmp_path']}/.interfaces.apply")) { diff --git a/src/usr/local/www/services_captiveportal_filemanager.php b/src/usr/local/www/services_captiveportal_filemanager.php index 1f4e93e..e4fc420 100644 --- a/src/usr/local/www/services_captiveportal_filemanager.php +++ b/src/usr/local/www/services_captiveportal_filemanager.php @@ -120,10 +120,8 @@ if ($_POST) { } } } else if (($_GET['act'] == "del") && !empty($cpzone) && $a_element[$_GET['id']]) { - conf_mount_rw(); @unlink("{$g['captiveportal_element_path']}/" . $a_element[$_GET['id']]['name']); @unlink("{$g['captiveportal_path']}/" . $a_element[$_GET['id']]['name']); - conf_mount_ro(); unset($a_element[$_GET['id']]); write_config(); header("Location: services_captiveportal_filemanager.php?zone={$cpzone}"); diff --git a/src/usr/local/www/system_advanced_admin.php b/src/usr/local/www/system_advanced_admin.php index 01527c8..b7207c4 100644 --- a/src/usr/local/www/system_advanced_admin.php +++ b/src/usr/local/www/system_advanced_admin.php @@ -270,7 +270,6 @@ if ($_POST) { $savemsg .= sprintf("<br />" . gettext("One moment...redirecting to %s in 20 seconds."), $url); } - conf_mount_rw(); setup_serial_port(); // Restart DNS in case dns rebinding toggled if (isset($config['dnsmasq']['enable'])) { @@ -278,7 +277,6 @@ if ($_POST) { } elseif (isset($config['unbound']['enable'])) { services_unbound_configure(); } - conf_mount_ro(); } } diff --git a/src/usr/local/www/system_groupmanager.php b/src/usr/local/www/system_groupmanager.php index 6668e57..d103863 100644 --- a/src/usr/local/www/system_groupmanager.php +++ b/src/usr/local/www/system_groupmanager.php @@ -73,9 +73,7 @@ if ($act == "delgroup") { exit; } - conf_mount_rw(); local_group_del($a_group[$id]); - conf_mount_ro(); $groupdeleted = $a_group[$id]['name']; unset($a_group[$id]); write_config(); @@ -124,9 +122,7 @@ if (isset($_GET['dellall_x'])) { if (!empty($del_groups)) { foreach ($del_groups as $groupid) { if (isset($a_group[$groupid]) && $a_group[$groupid]['scope'] != "system") { - conf_mount_rw(); local_group_del($a_group[$groupid]); - conf_mount_ro(); unset($a_group[$groupid]); } } @@ -203,9 +199,7 @@ if (isset($_POST['save'])) { admin_groups_sort(); - conf_mount_rw(); local_group_set($group); - conf_mount_ro(); /* Refresh users in this group since their privileges may have changed. */ if (is_array($group['member'])) { diff --git a/src/usr/local/www/system_usermanager.php b/src/usr/local/www/system_usermanager.php index 8baa028..07565e4 100644 --- a/src/usr/local/www/system_usermanager.php +++ b/src/usr/local/www/system_usermanager.php @@ -91,9 +91,7 @@ if ($_GET['act'] == "deluser") { if ($_GET['username'] == $_SESSION['Username']) { $delete_errors[] = sprintf(gettext("Cannot delete user %s because you are currently logged in as that user."), $_GET['username']); } else { - conf_mount_rw(); local_user_del($a_user[$id]); - conf_mount_ro(); $userdeleted = $a_user[$id]['name']; unset($a_user[$id]); write_config(); @@ -122,12 +120,10 @@ if (isset($_POST['dellall'])) { if ($a_user[$userid]['name'] == $_SESSION['Username']) { $delete_errors[] = sprintf(gettext("Cannot delete user %s because you are currently logged in as that user."), $a_user[$userid]['name']); } else { - conf_mount_rw(); $deleted_users = $deleted_users . $comma . $a_user[$userid]['name']; $comma = ", "; $deleted_count++; local_user_del($a_user[$userid]); - conf_mount_ro(); unset($a_user[$userid]); } } else { @@ -276,7 +272,6 @@ if ($_POST['save']) { if (!$input_errors) { - conf_mount_rw(); $userent = array(); if (isset($id) && $a_user[$id]) { $userent = $a_user[$id]; @@ -427,7 +422,6 @@ if ($_POST['save']) { run_plugins("/etc/inc/privhooks"); } - conf_mount_ro(); pfSenseHeader("system_usermanager.php"); } diff --git a/src/usr/local/www/system_usermanager_addprivs.php b/src/usr/local/www/system_usermanager_addprivs.php index 96a3225..ee6d416 100644 --- a/src/usr/local/www/system_usermanager_addprivs.php +++ b/src/usr/local/www/system_usermanager_addprivs.php @@ -60,7 +60,6 @@ uasort($spriv_list, "admusercmp"); if ($_POST) { - conf_mount_rw(); unset($input_errors); $pconfig = $_POST; @@ -87,14 +86,12 @@ if ($_POST) { local_user_set($a_user); $retval = write_config(); $savemsg = get_std_save_message($retval); - conf_mount_ro(); post_redirect("system_usermanager.php", array('act' => 'edit', 'userid' => $userid)); exit; } - conf_mount_ro(); } function build_priv_list() { diff --git a/src/usr/local/www/wizards/setup_wizard.xml b/src/usr/local/www/wizards/setup_wizard.xml index ecacf64..a9df30c 100644 --- a/src/usr/local/www/wizards/setup_wizard.xml +++ b/src/usr/local/www/wizards/setup_wizard.xml @@ -34,9 +34,7 @@ </field> </fields> <stepbeforeformdisplay> - conf_mount_rw(); unlink_if_exists('/conf/trigger_initial_wizard'); - conf_mount_ro(); </stepbeforeformdisplay> </step> <step> |