diff options
Diffstat (limited to 'src/etc/rc')
-rwxr-xr-x | src/etc/rc | 439 |
1 files changed, 439 insertions, 0 deletions
diff --git a/src/etc/rc b/src/etc/rc new file mode 100755 index 0000000..1215883 --- /dev/null +++ b/src/etc/rc @@ -0,0 +1,439 @@ +#!/bin/sh + +# $Id$ + +# /etc/rc - master bootup script, invokes php setup +# part of pfSense by Scott Ullrich +# Copyright (C) 2004-2010 Scott Ullrich, All rights reserved. +# originally based on m0n0wall (http://neon1.net/m0n0wall) +# Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>. +# All rights reserved. + +#/bin/stty status '^T' +#/bin/stty susp '^-' intr '^-' quit '^-' + +#trap : 2 +#trap : 3 + +HOME=/ +PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin +export HOME PATH + +# Set our operating platform +PLATFORM=`/bin/cat /etc/platform` + +# Set our current version +version=`/bin/cat /etc/version` + +# Setup dumpdev/ddb/savecore" +echo "Configuring crash dumps..." +if [ "$PLATFORM" = "pfSense" ]; then + /etc/rc.dumpon +fi + +# Setup ddb on all platforms. On full install it will save the dump, on NanoBSD it will print to console and auto-reboot. +if [ ! -z "`sysctl -Nq debug.ddb.scripting.scripts`" ]; then + /sbin/ddb /etc/ddb.conf +fi + +if [ -e /root/force_fsck ]; then + echo "Forcing filesystem(s) check..." + /sbin/fsck -y -F -t ufs +fi + +if [ ! "${PLATFORM}" = "cdrom" ]; then + /sbin/fsck -p -F + FSCK_ACTION_NEEDED=0 + case $? in + 0) + echo "Filesystems are clean, continuing..." + echo "Mounting filesystems..." + ;; + 8) + echo "Preen mode recommended running a check that will be performed now." + FSCK_ACTION_NEEDED=1 + ;; + *) + echo "Stopping boot is recommended due to filesystem manual action needed, nevertheless it will be tried to repair the filesystem." + FSCK_ACTION_NEEDED=1 + ;; + esac + + if [ ${FSCK_ACTION_NEEDED} = 1 ]; then + echo "WARNING: Trying to recover filesystem from inconsistency..." + /sbin/fsck -yF + fi + + /sbin/mount -a 2>/dev/null + mount_rc=$? + attempts=0 + while [ ${mount_rc} -ne 0 -a ${attempts} -lt 3 ]; do + /sbin/fsck -yF + /sbin/mount -a 2>/dev/null + mount_rc=$? + attempts=$((attempts+1)) + done + + if [ "${PLATFORM}" = "nanobsd" ]; then + # XXX This script does need all filesystems rw!!!! + # Put this workaround for now until better ways are found. + /sbin/mount -u -w -o sync,noatime / + /sbin/mount -u -w -o sync,noatime /cf + fi + + # If /conf is a directory, convert it to a symlink to /cf/conf + if [ -d "/conf" ]; then + # If item is not a symlink then rm and recreate + CONFPOINTSTO=`readlink /conf` + if ! test "x$CONFPOINTSTO" = "x/cf/conf"; then + /bin/rm -rf /conf + /bin/ln -s /cf/conf /conf + fi + fi + + USE_MFS_TMPVAR=`/usr/bin/grep -c use_mfs_tmpvar /cf/conf/config.xml` + if [ "${PLATFORM}" = "nanobsd" ] || [ ${USE_MFS_TMPVAR} -gt 0 ]; then + /etc/rc.embedded + fi +fi + +/bin/rm -f /root/force_fsck +/bin/rm -f /root/TRIM_set +/bin/rm -f /root/TRIM_unset + +if [ "${PLATFORM}" = "nanobsd" ]; then + /sbin/kldstat -qm zfs + if [ $? -eq 0 ]; then + /sbin/kldunload zfs + fi +elif [ "$PLATFORM" = "pfSense" ]; then + # Handle ZFS read-only case + /sbin/kldstat -qm zfs + if [ $? -eq 0 ]; then + ZFSFSAVAILABLE=$(/sbin/zfs mount 2>/dev/null | wc -l) + if [ $ZFSFSAVAILABLE -eq 0 ]; then + /sbin/kldunload zfs + elif [ -f /usr/bin/grep ]; then + ZFSROOT=`/sbin/zfs mount | /usr/bin/grep ' /$' | /usr/bin/cut -d ' ' -f 1` + if [ "$ZFSROOT" != "" ]; then + /sbin/zfs set readonly=off $ZFSROOT + fi + fi + fi +elif [ "${PLATFORM}" = "cdrom" ]; then + /etc/rc.cdrom +fi + +# Disable APM on ATA drives. Leaving this on will kill drives long-term, especially laptop drives, by generating excessive Load Cycles. +if [ -f /etc/rc.disable_hdd_apm ]; then + /etc/rc.disable_hdd_apm +fi + +#Eject CD devices on 3G modems +MANUFACTURER="huawei|zte" +CDDEVICE=`dmesg |egrep -ie "($MANUFACTURER)" | awk -F: '/cd/ {print $1}'` +if [ "$CDDEVICE" != "" ]; then + cdcontrol -f /dev/"$CDDEVICE" eject +fi + +product=`/usr/bin/grep product_name /etc/inc/globals.inc | /usr/bin/cut -d'"' -f4` +hideplatform=`/usr/bin/grep hideplatform /etc/inc/globals.inc | /usr/bin/wc -l` +varrunpath=`/usr/bin/grep varrun_path /etc/inc/globals.inc | /usr/bin/cut -d'"' -f4` + +if [ "$PLATFORM" = "pfSense" ] && [ ${USE_MFS_TMPVAR} -eq 0 ]; then + /sbin/mdmfs -S -M -s 4m md $varrunpath +fi + +if [ "$hideplatform" -gt "0" ]; then + platformbanner="" # hide the platform +else + platformbanner=" on the '${PLATFORM}' platform" +fi + +echo +cat /etc/ascii-art/pfsense-logo-small.txt +echo +echo +echo "Welcome to ${product} ${version} ${platformbanner} ..." +echo + +/sbin/conscontrol mute off >/dev/null + +if [ "$PLATFORM" = "cdrom" ] ; then + # do nothing for cdrom platform +elif [ "$PLATFORM" = "nanobsd" ] || [ ${USE_MFS_TMPVAR} -gt 0 ]; then + # Ensure that old-style PKG packages can be persistent across reboots + /bin/mkdir -p /root/var/db/pkg + /bin/rm -rf /var/db/pkg + /bin/ln -s /root/var/db/pkg/ /var/db/pkg + # Ensure that PBI packages can be persistent across reboots + /bin/mkdir -p /root/var/db/pbi + /bin/rm -rf /var/db/pbi + /bin/ln -s /root/var/db/pbi/ /var/db/pbi +else + SWAPDEVICE=`/bin/cat /etc/fstab | /usr/bin/grep swap | /usr/bin/cut -f1` + /sbin/swapon -a 2>/dev/null >/dev/null + /etc/rc.savecore + + if [ -d /root/var/db/pkg ]; then + # User must have just disabled RAM disks, move these back into place. + /bin/mkdir -p /var/db/pkg + /bin/mv /root/var/db/pkg /var/db/pkg + /bin/mkdir -p /var/db/pbi + /bin/mv /root/var/db/pbi /var/db/pbi + fi +fi + +# Copy PBI keys +if ls /usr/local/share/pbi-keys/*.ssl >/dev/null 2>&1; then + if [ ! -d "/var/db/pbi/keys" ]; then + mkdir -p /var/db/pbi/keys + fi + cp -f /usr/local/share/pbi-keys/*.ssl /var/db/pbi/keys +fi + +if [ "$PLATFORM" = "cdrom" ] ; then + echo -n "Mounting unionfs directories..." + /bin/mkdir /tmp/unionfs + /bin/mkdir /tmp/unionfs/usr + /bin/mkdir /tmp/unionfs/root + /bin/mkdir /tmp/unionfs/sbin + /bin/mkdir /tmp/unionfs/bin + /bin/mkdir /tmp/unionfs/boot + /bin/mkdir /tmp/unionfs/confdefault + /sbin/mount_unionfs /tmp/unionfs/usr /usr/ + /sbin/mount_unionfs /tmp/unionfs/root /root/ + /sbin/mount_unionfs /tmp/unionfs/bin /bin/ + /sbin/mount_unionfs /tmp/unionfs/sbin /sbin/ + /sbin/mount_unionfs /tmp/unionfs/boot /boot/ + /sbin/mount_unionfs /tmp/unionfs/confdefault /conf.default/ + echo "done." +fi + +# make some directories in /var +/bin/mkdir -p $varrunpath /var/log /var/etc /var/db/entropy /var/db/rrd /var/at/jobs/ /var/empty 2>/dev/null +/bin/rm -rf $varrunpath/* +if [ "$PLATFORM" != "pfSense" ]; then + /bin/rm /var/log/* 2>/dev/null +fi + +# Cleanup configuration files from previous instance +/bin/rm -rf /var/etc/* + +echo -n "Creating symlinks..." +# Repair symlinks if they are broken +if [ -f /etc/newsyslog.conf ]; then + /bin/rm -f /etc/newsyslog.conf +fi +if [ ! -L /etc/syslog.conf ]; then + /bin/rm -rf /etc/syslog.conf + if [ ! -f /var/etc/syslog.conf ]; then + touch /var/etc/syslog.conf + fi + /bin/ln -s /var/etc/syslog.conf /etc/syslog.conf +fi + +# Repair symlinks if they are broken +if [ ! -L /etc/hosts ]; then + /bin/rm -rf /etc/hosts + /bin/ln -s /var/etc/hosts /etc/hosts +fi + +if [ ! -L /etc/resolv.conf ]; then + /bin/rm -rf /etc/resolv.conf + /bin/ln -s /var/etc/resolv.conf /etc/resolv.conf +fi + +if [ ! -L /etc/resolvconf.conf ]; then + /bin/rm -rf /etc/resolvconf.conf + /bin/ln -s /var/etc/resolvconf.conf /etc/resolvconf.conf +fi + +# Setup compatibility link for packages that +# have trouble overriding the PREFIX configure +# argument since we build our packages in a +# separated PREFIX area +# Only create if symlink does not exist. +if [ ! -h /tmp/tmp ]; then + /bin/ln -hfs / /tmp/tmp +fi + +# Make sure our /tmp is 777 + Sticky +if [ ! "$PLATFORM" = "cdrom" ] ; then + /bin/rm -rf /tmp/* +fi +/bin/chmod 1777 /tmp + +if [ ! "$PLATFORM" = "cdrom" ] ; then + # Malloc debugging check + if [ -L /etc/malloc.conf ]; then + #ln -s aj /etc/malloc.conf + /bin/rm /etc/malloc.conf + fi +fi + +if [ ! -L /etc/dhclient.conf ]; then + /bin/rm -rf /etc/dhclient.conf +fi + +if [ ! -d /var/tmp ]; then + /bin/mkdir -p /var/tmp +fi + +if [ ! -d /cf/conf/backup/ ]; then + /bin/mkdir -p /cf/conf/backup/ +fi + +set -T +trap "echo 'Reboot interrupted'; exit 1" 3 + +# Remove old nameserver resolution files +/bin/rm -f /var/etc/nameserver* + +echo -n "." +DISABLESYSLOGCLOG=`/usr/bin/grep -c disablesyslogclog /cf/conf/config.xml` +ENABLEFIFOLOG=`/usr/bin/grep -c usefifolog /cf/conf/config.xml` +LOG_FILES="system filter dhcpd vpn pptps poes l2tps openvpn portalauth ipsec ppp relayd wireless lighttpd ntpd gateways resolver routing" + +DEFAULT_LOG_FILE_SIZE=`/usr/local/bin/xmllint --xpath 'string(//pfsense/syslog/logfilesize)' /conf/config.xml` +if [ ! ${DEFAULT_LOG_FILE_SIZE} ]; then + DEFAULT_LOG_FILE_SIZE=511488 +fi + +for logfile in $LOG_FILES; do + if [ "$DISABLESYSLOGCLOG" -gt "0" ]; then + /usr/bin/touch /var/log/$logfile.log + else + if [ ! -f /var/log/$logfile.log ]; then + if [ "$ENABLEFIFOLOG" -gt "0" ]; then + # generate fifolog files + /usr/sbin/fifolog_create -s ${DEFAULT_LOG_FILE_SIZE} /var/log/$logfile.log + else + /usr/local/sbin/clog -i -s ${DEFAULT_LOG_FILE_SIZE} /var/log/$logfile.log + fi + fi + fi +done + +# change permissions on newly created fifolog files. +/bin/chmod 0600 /var/log/*.log + +echo -n "." +DEVFS=`/sbin/mount | /usr/bin/grep devfs | /usr/bin/wc -l | /usr/bin/cut -d" " -f8` +if [ "$DEVFS" = "0" ]; then + mount_devfs devfs /dev +fi + +# Create an initial utmp file +cd $varrunpath && /bin/cp /dev/null utmp && /bin/chmod 644 utmp + +echo -n "." +/sbin/ldconfig -elf /usr/lib /usr/local/lib /lib +/etc/rc.d/ldconfig start 2>/dev/null + +# Launching kbdmux(4) +if [ -f "/dev/kbdmux0" ]; then + echo -n "." + /usr/sbin/kbdcontrol -k /dev/kbdmux0 < /dev/console + [ -c "/dev/atkbd0" ] && kbdcontrol -a atkbd0 < /dev/console + [ -c "/dev/ukbd0" ] && kbdcontrol -a ukbd0 < /dev/console +fi + +# Fire up unionfs if mount points exist. +if [ -f /dist/uniondirs ]; then + echo -n "." + /etc/rc.d/unionfs start +fi + +echo "done." + +# Recreate capabilities DB +/usr/bin/cap_mkdb /etc/login.conf + +# Run the php.ini setup file and populate +# /usr/local/etc/php.ini and /usr/local/lib/php.ini +/etc/rc.php_ini_setup 2>/tmp/php_errors.txt +/usr/local/sbin/php-fpm -c /usr/local/lib/php.ini -y /usr/local/lib/php-fpm.conf -RD 2>&1 >/dev/null + +# Launch external configuration loader for supported platforms +if [ "$PLATFORM" = "nanobsd" ]; then + /usr/local/sbin/fcgicli -f /etc/ecl.php +fi + +# Launch external configuration loader for supported platforms +if [ "$PLATFORM" = "pfSense" ]; then + /usr/local/sbin/fcgicli -f /etc/ecl.php +fi + +if [ -f /etc/rc.custom_boot_early ]; then + /bin/echo -n "Launching /etc/rc.custom_boot_early..."; + /etc/rc.custom_boot_early + echo "Done" +fi + +export fcgipath=/var/run/php-fpm.socket +/usr/bin/nice -n20 /usr/local/sbin/check_reload_status + +# let the PHP-based configuration subsystem set up the system now +echo -n "Launching the init system..." +/bin/rm -f /cf/conf/backup/backup.cache +/bin/rm -f /root/lighttpd* +/usr/bin/touch $varrunpath/booting + +if [ "${PLATFORM}" = "nanobsd" ]; then + # XXX This script does need all filesystems rw!!!! + # Put this workaround for now until better ways are found. + /sbin/mount -u -f -r -o sync,noatime / + /sbin/mount -u -f -r -o sync,noatime /cf +fi + +/etc/rc.bootup + +# /etc/rc.bootup unset $g['booting'], and removes file +# Be sure the file is removed to not create troubles after +if [ -f $varrunpath/booting ]; then + /bin/rm $varrunpath/booting +fi + +echo -n "Starting CRON... " +cd /tmp && /usr/sbin/cron -s 2>/dev/null +echo "done." + +# Start packages +/usr/local/sbin/fcgicli -f /etc/rc.start_packages + +/bin/rm -rf /usr/local/pkg/pf/CVS + +# Start ping handler every 240 seconds +/usr/local/bin/minicron 240 $varrunpath/ping_hosts.pid /usr/local/bin/ping_hosts.sh + +# Start account expire handler every hour +/usr/local/bin/minicron 3600 $varrunpath/expire_accounts.pid '/usr/local/sbin/fcgicli -f /etc/rc.expireaccounts' + +# Start alias url updater every 24 hours +/usr/local/bin/minicron 86400 $varrunpath/update_alias_url_data.pid '/usr/local/sbin/fcgicli -f /etc/rc.update_alias_url_data' + +/bin/chmod a+rw /tmp/. + +# Check for GEOM mirrors +GMIRROR_STATUS=`/sbin/gmirror status` +if [ "${GMIRROR_STATUS}" != "" ]; then + # Using a flag file at bootup saves an expensive exec/check on each page load. + /usr/bin/touch /var/run/gmirror_active + # Setup monitoring/notifications + /usr/local/bin/minicron 60 /var/run/gmirror_status_check.pid /usr/local/sbin/gmirror_status_check.php +fi + +# Log product version to syslog +BUILDTIME=`cat /etc/version.buildtime` +ARCH=`uname -m` +echo "$product ($PLATFORM) $version $ARCH $BUILDTIME" + +echo "Bootup complete" + +/usr/local/bin/beep.sh start 2>&1 >/dev/null + +# Reset the cache. read-only requires this. +/bin/rm -f /tmp/config.cache + +exit 0 |