diff options
Diffstat (limited to 'config')
48 files changed, 625 insertions, 1065 deletions
diff --git a/config/apcupsd/apcupsd.inc b/config/apcupsd/apcupsd.inc index 2b166994..e3b9b587 100644 --- a/config/apcupsd/apcupsd.inc +++ b/config/apcupsd/apcupsd.inc @@ -40,7 +40,6 @@ function php_install_apcupsd() { function php_deinstall_apcupsd() { global $config, $g; - conf_mount_rw(); $pfs_version = substr(trim(file_get_contents("/etc/version")), 0, 3); if ($pfs_version == "2.1" || $pfs_version == "2.2") { define('APCUPSD_BASE', '/usr/pbi/apcupsd-' . php_uname("m")); @@ -48,7 +47,6 @@ function php_deinstall_apcupsd() { define('APCUPSD_BASE', '/usr/local'); } - exec("/usr/bin/killall apcupsd"); unlink_if_exists(APCUPSD_BASE . "/etc/rc.d/apcupsd.sh"); unlink_if_exists(APCUPSD_BASE . "/etc/apcupsd/apcupsd.conf"); unlink_if_exists("/var/log/apcupsd/apcupsd.log"); @@ -61,7 +59,6 @@ function php_deinstall_apcupsd() { exec("/bin/rm -rf /var/run/apcupsd/"); } - conf_mount_ro(); } function validate_input_apcupsd($post, &$input_errors) { diff --git a/config/asterisk/asterisk.inc b/config/asterisk/asterisk.inc index 22a7b96c..ed835b25 100644 --- a/config/asterisk/asterisk.inc +++ b/config/asterisk/asterisk.inc @@ -42,11 +42,6 @@ function asterisk_install() { sync_package_asterisk(); } -function asterisk_deinstall() { - stop_service("asterisk"); - unlink_if_exists("/usr/local/etc/rc.d/asterisk.sh"); -} - function sync_package_asterisk() { conf_mount_rw(); diff --git a/config/asterisk/asterisk.xml b/config/asterisk/asterisk.xml index 2eef359f..97c2e26f 100644 --- a/config/asterisk/asterisk.xml +++ b/config/asterisk/asterisk.xml @@ -84,9 +84,6 @@ <custom_php_install_command> asterisk_install(); </custom_php_install_command> - <custom_php_deinstall_command> - asterisk_deinstall(); - </custom_php_deinstall_command> <custom_php_resync_config_command> sync_package_asterisk(); </custom_php_resync_config_command> diff --git a/config/avahi/avahi.inc b/config/avahi/avahi.inc index 7d69af78..4c824e71 100644 --- a/config/avahi/avahi.inc +++ b/config/avahi/avahi.inc @@ -36,8 +36,6 @@ if ($pfs_version == "2.1" || $pfs_version == "2.2") { } function avahi_install() { - conf_mount_rw(); - if (!file_exists('/usr/local/etc/gnome.subr')) { @symlink(AVAHI_BASE . '/etc/gnome.subr', '/usr/local/etc/gnome.subr'); } @@ -49,21 +47,10 @@ function avahi_install() { if (!exec("/usr/sbin/pw groupshow avahi")) { exec("/usr/sbin/pw groupadd avahi -g 558"); } - - conf_mount_ro(); } function avahi_deinstall() { - conf_mount_rw(); - - // Stop services and remove created rc script and symlink - if (is_process_running("avahi-daemon")) { - exec("/usr/bin/killall -9 avahi-daemon"); - } - if (is_process_running("dbus-daemon")) { - exec("/usr/bin/killall -9 dbus-daemon"); - } - unlink_if_exists("/usr/local/etc/rc.d/avahi-daemon.sh"); + // Remove created symlink unlink_if_exists("/usr/local/etc/gnome.subr"); // Remove created users and groups if they exist @@ -73,8 +60,6 @@ function avahi_deinstall() { if (exec("/usr/sbin/pw usershow avahi")) { exec("/usr/sbin/pw userdel avahi"); } - - conf_mount_ro(); } function avahi_write_config() { diff --git a/config/backup/backup.inc b/config/backup/backup.inc index 1a5eeab1..f77b5865 100644 --- a/config/backup/backup.inc +++ b/config/backup/backup.inc @@ -47,11 +47,9 @@ function backup_sync_package() { } function backup_install_command() { - conf_mount_rw(); // Create the backup directory safe_mkdir("/root/backup/"); backup_sync_package(); - conf_mount_ro(); } ?> diff --git a/config/bacula-client/bacula-client.inc b/config/bacula-client/bacula-client.inc index 07be3067..397cf7a4 100644 --- a/config/bacula-client/bacula-client.inc +++ b/config/bacula-client/bacula-client.inc @@ -44,15 +44,8 @@ function baculaclient_custom_php_install_command() { } function baculaclient_custom_php_deinstall_command(){ - conf_mount_rw(); - // Delete our config file unlink_if_exists(BACULA_LOCALBASE . "/etc/bacula/bacula-fd.conf"); - // Stop service and delete our rc file - stop_service("bacula-client"); - unlink_if_exists(BACULA_STARTUP_SCRIPT); - - conf_mount_ro(); } function baculaclient_custom_php_write_config(){ diff --git a/config/bacula-client/bacula-client.xml b/config/bacula-client/bacula-client.xml index ce07e77e..cbfe8757 100644 --- a/config/bacula-client/bacula-client.xml +++ b/config/bacula-client/bacula-client.xml @@ -150,6 +150,9 @@ <custom_php_install_command> baculaclient_custom_php_install_command(); </custom_php_install_command> + <custom_php_deinstall_command> + baculaclient_custom_php_deinstall_command(); + </custom_php_deinstall_command> <custom_php_resync_config_command> baculaclient_custom_php_write_config(); </custom_php_resync_config_command> diff --git a/config/bandwidthd/bandwidthd.inc b/config/bandwidthd/bandwidthd.inc index 9364cbbc..0029a05d 100644 --- a/config/bandwidthd/bandwidthd.inc +++ b/config/bandwidthd/bandwidthd.inc @@ -45,13 +45,10 @@ switch ($pfs_version) { } function bandwidthd_install_deinstall() { - conf_mount_rw(); - stop_service("bandwidthd"); mwexec("/bin/rm -rf " . PKG_BANDWIDTHD_BASE . "/htdocs"); mwexec("/bin/rm -f /usr/local/www/bandwidthd"); // Remove the cron job, if it is there install_cron_job("/bin/kill -HUP `cat /var/run/bandwidthd.pid`", false); - conf_mount_ro(); } function bandwidthd_install_config() { diff --git a/config/cron/cron.inc b/config/cron/cron.inc index 7a7a8993..645575d9 100644 --- a/config/cron/cron.inc +++ b/config/cron/cron.inc @@ -40,7 +40,6 @@ function cron_sync_package() { } function cron_install_command() { - conf_mount_rw(); // Clean up possible lingering garbage after previous package versions unlink_if_exists("/usr/local/etc/rc.d/cron.sh"); cron_sync_package(); diff --git a/config/freeradius2/freeradius.inc b/config/freeradius2/freeradius.inc index 8472ea5e..6d626e3a 100644 --- a/config/freeradius2/freeradius.inc +++ b/config/freeradius2/freeradius.inc @@ -90,8 +90,7 @@ function freeradius_deinstall_command() { function freeradius_install_command() { global $config, $frlib; - conf_mount_rw(); - + // We create here different folders for different counters. @mkdir("/var/log/radacct/datacounter/daily", 0755, true); @mkdir("/var/log/radacct/datacounter/weekly", 0755, true); @@ -186,7 +185,6 @@ SERVICENAME="radiusd" EOD; $rcfile['stop'] = FREERADIUS_ETC . '/rc.d/radiusd onestop'; write_rcfile($rcfile); - conf_mount_ro(); start_service("radiusd"); } diff --git a/config/haproxy-devel/pkg/haproxy.inc b/config/haproxy-devel/pkg/haproxy.inc index de1963b0..e9bdbf47 100644 --- a/config/haproxy-devel/pkg/haproxy.inc +++ b/config/haproxy-devel/pkg/haproxy.inc @@ -380,10 +380,6 @@ function haproxy_custom_php_install_command() { $static_output .= "HAProxy, running haproxy_custom_php_install_command()\n"; update_output_window($static_output); - $static_output .= "HAProxy, conf_mount_rw\n"; - update_output_window($static_output); - conf_mount_rw(); - $pf_version=substr(trim(file_get_contents("/etc/version")),0,3); if ($pf_version == "2.1" || $pf_version == "2.2") $haproxy_binary = "/usr/pbi/haproxy-devel-" . php_uname("m") . "/sbin/haproxy"; @@ -488,10 +484,6 @@ EOD; require_once('haproxy_upgrade_config.inc'); haproxy_upgrade_config(); - $static_output .= "HAProxy, conf_mount_ro\n"; - update_output_window($static_output); - conf_mount_ro(); - $static_output .= "HAProxy, starting haproxy (if previously enabled)\n"; update_output_window($static_output); haproxy_check_run(1); diff --git a/config/haproxy-legacy/haproxy.inc b/config/haproxy-legacy/haproxy.inc index 9058b4a6..55b86882 100644 --- a/config/haproxy-legacy/haproxy.inc +++ b/config/haproxy-legacy/haproxy.inc @@ -69,7 +69,6 @@ function migrate_old_sync_config(){ } function haproxy_custom_php_install_command() { global $g, $config; - conf_mount_rw(); $haproxy = <<<EOD #!/bin/sh @@ -118,7 +117,6 @@ EOD; fclose($fd); exec("chmod a+rx /usr/local/etc/rc.d/haproxy.sh"); migrate_old_sync_config(); - conf_mount_ro(); exec("/usr/local/etc/rc.d/haproxy.sh start"); } diff --git a/config/haproxy-legacy/haproxy.xml b/config/haproxy-legacy/haproxy.xml index 8892c77c..99345ac5 100644 --- a/config/haproxy-legacy/haproxy.xml +++ b/config/haproxy-legacy/haproxy.xml @@ -109,7 +109,6 @@ /* included in package install $freebsdv=trim(`uname -r | cut -d'.' -f1`); - conf_mount_rw(); `fetch -q -o /usr/local/sbin/ https://packages.pfsense.org/packages/config/haproxy-legacy/binaries{$freebsdv}/haproxy`; exec("chmod a+rx /usr/local/sbin/haproxy"); */ @@ -120,4 +119,4 @@ </custom_php_deinstall_command> <custom_php_command_before_form> </custom_php_command_before_form> -</packagegui>
\ No newline at end of file +</packagegui> diff --git a/config/haproxy/haproxy.inc b/config/haproxy/haproxy.inc index 6d4ba0e5..7ededa97 100644 --- a/config/haproxy/haproxy.inc +++ b/config/haproxy/haproxy.inc @@ -73,7 +73,6 @@ function haproxy_custom_php_deinstall_command() { function haproxy_custom_php_install_command() { global $g, $config; - conf_mount_rw(); $haproxy = <<<EOD #!/bin/sh @@ -228,8 +227,6 @@ EOD; write_config(); } - conf_mount_ro(); - exec("/usr/local/etc/rc.d/haproxy.sh start"); } diff --git a/config/haproxy/haproxy.xml b/config/haproxy/haproxy.xml index 3be05802..ac8a35f2 100644 --- a/config/haproxy/haproxy.xml +++ b/config/haproxy/haproxy.xml @@ -89,17 +89,10 @@ <chmod>077</chmod> <item>https://packages.pfsense.org/packages/config/haproxy/haproxy_pool_edit.php</item> </additional_files_needed> - <custom_delete_php_command> - </custom_delete_php_command> - <custom_add_php_command> - </custom_add_php_command> - <custom_php_resync_config_command> - </custom_php_resync_config_command> <custom_php_install_command> /* included in package install $freebsdv=trim(`uname -r | cut -d'.' -f1`); - conf_mount_rw(); `fetch -q -o /usr/local/sbin/ https://packages.pfsense.org/packages/config/haproxy/binaries{$freebsdv}/haproxy`; exec("chmod a+rx /usr/local/sbin/haproxy"); */ @@ -108,6 +101,4 @@ <custom_php_deinstall_command> haproxy_custom_php_deinstall_command(); </custom_php_deinstall_command> - <custom_php_command_before_form> - </custom_php_command_before_form> </packagegui> diff --git a/config/haproxy1_5/pkg/haproxy.inc b/config/haproxy1_5/pkg/haproxy.inc index eceef783..8ba7e437 100644 --- a/config/haproxy1_5/pkg/haproxy.inc +++ b/config/haproxy1_5/pkg/haproxy.inc @@ -360,10 +360,6 @@ function haproxy_custom_php_install_command() { $static_output .= "HAProxy, running haproxy_custom_php_install_command()\n"; update_output_window($static_output); - $static_output .= "HAProxy, conf_mount_rw\n"; - update_output_window($static_output); - conf_mount_rw(); - $pf_version=substr(trim(file_get_contents("/etc/version")),0,3); if ($pf_version == "2.1" || $pf_version == "2.2") $haproxy_binary = "/usr/pbi/haproxy-devel-" . php_uname("m") . "/sbin/haproxy"; @@ -468,10 +464,6 @@ EOD; require_once('haproxy_upgrade_config.inc'); haproxy_upgrade_config(); - $static_output .= "HAProxy, conf_mount_ro\n"; - update_output_window($static_output); - conf_mount_ro(); - $static_output .= "HAProxy, starting haproxy (if previously enabled)\n"; update_output_window($static_output); haproxy_check_run(1); diff --git a/config/ipguard/ipguard.inc b/config/ipguard/ipguard.inc index 1891b24b..53284c96 100644 --- a/config/ipguard/ipguard.inc +++ b/config/ipguard/ipguard.inc @@ -1,88 +1,81 @@ <?php - -/* ========================================================================== */ -/* - ipguard.inc - part of the ipguard package for pfSense (http://www.pfSense.com) - Copyright (C) 2012 Marcello Coutinho - All rights reserved. - - Based on m0n0wall (http://m0n0.ch/wall) - Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>. - All rights reserved. - */ -/* ========================================================================== */ /* - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. - */ -/* ========================================================================== */ - require_once("config.inc"); - require_once("util.inc"); - -function ipguard_custom_php_deinstall_command(){ - global $g, $config; - - conf_mount_rw(); - + ipguard.inc + part of pfSense (https://www.pfSense.org/) + Copyright (C) 2012 Marcello Coutinho + Copyright (C) 2015 ESF, LLC + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ +require_once("config.inc"); +require_once("util.inc"); + +function ipguard_custom_php_deinstall_command() { stop_service('ipguard'); - $ipguard_sh_file = "/usr/local/etc/rc.d/ipguard.sh"; - if (is_file($ipguard_sh_file)) - chmod($ipguard_sh_file,0444); - - conf_mount_ro(); - } + unlink_if_exists("/usr/local/etc/rc.d/ipguard.sh"); + $files = glob("/usr/local/etc/ipguard_*.conf"); + unlink_if_exists($files); +} -function ipguard_custom_php_write_config(){ +function ipguard_custom_php_write_config() { global $g, $config; - - # detect boot process - if (is_array($_POST)){ - if (!preg_match("/\w+/",$_POST['__csrf_magic'])) - return; - } - - if (is_array($config['installedpackages']['ipguard']['config'])){ + /* Detect boot process and do nothing */ + if (platform_booting()) { + return; + } + + if (is_array($config['installedpackages']['ipguard']['config'])) { // Read config $new_config=array(); - foreach ($config['installedpackages']['ipguard']['config'] as $ipguard){ - if ($ipguard['enable'] && $ipguard['interface'] && $ipguard['mac'] && $ipguard['ip']){ - $new_config[$ipguard['interface']].= "{$ipguard['mac']} {$ipguard['ip']} {$ipguard['description']}\n"; + foreach ($config['installedpackages']['ipguard']['config'] as $ipguard) { + if ($ipguard['enable'] && $ipguard['interface'] && $ipguard['mac'] && $ipguard['ip']) { + $new_config[$ipguard['interface']] .= "{$ipguard['mac']} {$ipguard['ip']} {$ipguard['description']}\n"; } } } - //Save /etc/ssh/ipguard_extra - $script="/usr/local/etc/rc.d/ipguard.sh"; $start=""; $stop="pkill -anx ipguard"; conf_mount_rw(); - if (count ($new_config) > 0 && $ipguard['enable']){ - foreach ($new_config as $key => $value){ - $conf_file="/usr/local/etc/ipguard_{$key}.conf"; - file_put_contents($conf_file,$value,LOCK_EX); - $config_file=file_put_contents($conf_file,$new_config[$key],LOCK_EX); - $iface=convert_friendly_interface_to_real_interface_name($key); - $start.="/usr/local/sbin/ipguard -l /var/log/ipguard_{$key}.log -p /var/run/ipguard_{$key}.pid -f {$conf_file} -u 300 -z {$iface}\n\t"; + /* Create rc script and restart service if ipguard is enabled */ + if (count($new_config) > 0 && $ipguard['enable']) { + foreach ($new_config as $key => $value) { + $conf_file = "/usr/local/etc/ipguard_{$key}.conf"; + file_put_contents($conf_file, $value, LOCK_EX); + $config_file = file_put_contents($conf_file, $new_config[$key], LOCK_EX); + /* Hack around PBI stupidity; ipguard does not find its own conf files otherwise */ + $pfs_version = substr(trim(file_get_contents("/etc/version")), 0, 3); + if ($pfs_version == "2.2") { + $conf_file_link = "/usr/pbi/ipguard-" . php_uname("m") . "/local/etc/ipguard_{$key}.conf"; + /* Better recreate this every time just in case users shuffle interfaces assignment somehow */ + if (is_link($conf_file_link)) { + unlink($conf_file_link); + } + symlink($conf_file, $conf_file_link); + } + $iface = convert_friendly_interface_to_real_interface_name($key); + $start .= "/usr/local/sbin/ipguard -l /var/log/ipguard_{$key}.log -p /var/run/ipguard_{$key}.pid -f {$conf_file} -u 300 -z {$iface}\n\t"; } write_rcfile(array( 'file' => 'ipguard.sh', @@ -90,38 +83,36 @@ function ipguard_custom_php_write_config(){ 'stop' => $stop )); restart_service('ipguard'); - - } - else{ - #remove config files + + } else { + /* Otherwise, stop the service and remove rc script */ stop_service('ipguard'); - $ipguard_sh_file = "/usr/local/etc/rc.d/ipguard.sh"; - if (is_file($ipguard_sh_file)) - chmod($ipguard_sh_file,0444); + unlink_if_exists("/usr/local/etc/rc.d/ipguard.sh"); + } - // Mount Read-only conf_mount_ro(); - - //sync config with other pfsense servers + + /* Sync config with other pfSense servers */ ipguard_sync_on_changes(); - } +} /* Uses XMLRPC to synchronize the changes to a remote node */ function ipguard_sync_on_changes() { global $config, $g; - + if (is_array($config['installedpackages']['ipguardsync'])) { - if ($config['installedpackages']['ipguardsync']['config'][0]['synconchanges']) { - log_error("[ipguard] xmlrpc sync is starting."); - foreach ($config['installedpackages']['ipguardsync']['config'] as $rs ){ - foreach($rs['row'] as $sh){ + if ($config['installedpackages']['ipguardsync']['config'][0]['synconchanges']) { + log_error("[ipguard] XMLRPC sync is starting."); + foreach ($config['installedpackages']['ipguardsync']['config'] as $rs ) { + foreach ($rs['row'] as $sh) { $sync_to_ip = $sh['ipaddress']; $password = $sh['password']; - if($password && $sync_to_ip) + if ($password && $sync_to_ip) { ipguard_do_xmlrpc_sync($sync_to_ip, $password); + } } } - log_error("[ipguard] xmlrpc sync is ending."); + log_error("[ipguard] XMLRPC sync is ending."); } } } @@ -130,53 +121,57 @@ function ipguard_sync_on_changes() { function ipguard_do_xmlrpc_sync($sync_to_ip, $password) { global $config, $g; - if(!$password) + if (!$password) { return; + } - if(!$sync_to_ip) + if (!$sync_to_ip) { return; + } - $username='admin'; + $username = 'admin'; $xmlrpc_sync_neighbor = $sync_to_ip; - if($config['system']['webgui']['protocol'] != "") { + if ($config['system']['webgui']['protocol'] != "") { $synchronizetoip = $config['system']['webgui']['protocol']; $synchronizetoip .= "://"; - } - $port = $config['system']['webgui']['port']; - /* if port is empty lets rely on the protocol selection */ - if($port == "") { - if($config['system']['webgui']['protocol'] == "http") + } + $port = $config['system']['webgui']['port']; + /* If port is empty, let's rely on the protocol selection */ + if ($port == "") { + if ($config['system']['webgui']['protocol'] == "http") { $port = "80"; - else + } else { $port = "443"; - } + } + } $synchronizetoip .= $sync_to_ip; /* xml will hold the sections to sync */ $xml = array(); $xml['ipguard'] = $config['installedpackages']['ipguard']; - /* assemble xmlrpc payload */ + /* Assemble XMLRPC payload */ $params = array( XML_RPC_encode($password), XML_RPC_encode($xml) ); - /* set a few variables needed for sync code borrowed from filter.inc */ + /* Set a few variables needed for sync code; borrowed from filter.inc */ $url = $synchronizetoip; log_error("Beginning ipguard XMLRPC sync to {$url}:{$port}."); $method = 'pfsense.merge_installedpackages_section_xmlrpc'; $msg = new XML_RPC_Message($method, $params); $cli = new XML_RPC_Client('/xmlrpc.php', $url, $port); $cli->setCredentials($username, $password); - if($g['debug']) + if ($g['debug']) { $cli->setDebug(1); + } /* send our XMLRPC message and timeout after 250 seconds */ $resp = $cli->send($msg, "250"); - if(!$resp) { + if (!$resp) { $error = "A communications error occurred while attempting ipguard XMLRPC sync with {$url}:{$port}."; log_error($error); file_notice("sync_settings", $error, "ipguard Settings Sync", ""); - } elseif($resp->faultCode()) { + } elseif ($resp->faultCode()) { $cli->setDebug(1); $resp = $cli->send($msg, "250"); $error = "An error code was received while attempting ipguard XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString(); @@ -185,27 +180,27 @@ function ipguard_do_xmlrpc_sync($sync_to_ip, $password) { } else { log_error("ipguard XMLRPC sync successfully completed with {$url}:{$port}."); } - + /* tell ipguard to reload our settings on the destination sync host. */ $method = 'pfsense.exec_php'; - $execcmd = "require_once('/usr/local/pkg/ipguard.inc');\n"; + $execcmd = "require_once('/usr/local/pkg/ipguard.inc');\n"; $execcmd .= "ipguard_custom_php_write_config();"; /* assemble xmlrpc payload */ $params = array( XML_RPC_encode($password), XML_RPC_encode($execcmd) ); - + log_error("ipguard XMLRPC reload data {$url}:{$port}."); $msg = new XML_RPC_Message($method, $params); $cli = new XML_RPC_Client('/xmlrpc.php', $url, $port); $cli->setCredentials($username, $password); $resp = $cli->send($msg, "250"); - if(!$resp) { + if (!$resp) { $error = "A communications error occurred while attempting ipguard XMLRPC sync with {$url}:{$port} (pfsense.exec_php)."; log_error($error); file_notice("sync_settings", $error, "ipguard Settings Sync", ""); - } elseif($resp->faultCode()) { + } elseif ($resp->faultCode()) { $cli->setDebug(1); $resp = $cli->send($msg, "250"); $error = "An error code was received while attempting ipguard XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString(); @@ -215,4 +210,5 @@ function ipguard_do_xmlrpc_sync($sync_to_ip, $password) { log_error("ipguard XMLRPC reload data success with {$url}:{$port} (pfsense.exec_php)."); } } - ?>
\ No newline at end of file + +?> diff --git a/config/ipguard/ipguard.xml b/config/ipguard/ipguard.xml index 74b58f86..2b13e7e0 100644 --- a/config/ipguard/ipguard.xml +++ b/config/ipguard/ipguard.xml @@ -1,55 +1,55 @@ <?xml version="1.0" encoding="utf-8" ?> +<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd"> +<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?> <packagegui> -<copyright> - <![CDATA[ + <copyright> +<![CDATA[ /* $Id$ */ -/* ========================================================================== */ +/* ====================================================================================== */ /* - ipguard.xml - part of the ipguard package for pfSense (http://www.pfSense.com) - Copyright (C) 2012 Marcello Coutinho - All rights reserved. - - Based on m0n0wall (http://m0n0.ch/wall) - Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>. - All rights reserved. - */ -/* ========================================================================== */ + ipguard.xml + part of pfSense (https://www.pfSense.org/) + Copyright (C) 2012 Marcello Coutinho + Copyright (C) 2015 ESF, LLC + All rights reserved. +*/ +/* ====================================================================================== */ /* - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. - */ -/* ========================================================================== */ - ]]> - </copyright> + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ +/* ====================================================================================== */ + ]]> + </copyright> <name>ipguard</name> - <version>1.0</version> - <title>Ipguard</title> - <description>Ipguard macs/ip</description> + <version>0.1.1</version> + <title>Firewall: IPguard</title> + <description>IPguard MACs/IP</description> <savetext>Save</savetext> <include_file>/usr/local/pkg/ipguard.inc</include_file> <menu> - <name>Ipguard</name> - <tooltiptext>Tool designed to protect LAN IP address space by ARP spoofing</tooltiptext> + <name>IPguard</name> + <tooltiptext>Tool designed to protect LAN IP address space by ARP spoofing.</tooltiptext> <section>Firewall</section> <url>/pkg.php?xml=ipguard.xml</url> </menu> @@ -57,17 +57,15 @@ <name>ipguard</name> <rcfile>ipguard.sh</rcfile> <executable>ipguard</executable> - <description>Tool designed to protect LAN IP address space by ARP spoofing.</description> + <description>IPguard ARP Spoofing Daemon</description> </service> <configpath>installedpackages->package->ipguard</configpath> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> - <chmod>755</chmod> <item>https://packages.pfsense.org/packages/config/ipguard/ipguard.inc</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> - <chmod>755</chmod> <item>https://packages.pfsense.org/packages/config/ipguard/ipguard_sync.xml</item> </additional_files_needed> <tabs> @@ -92,11 +90,11 @@ <fieldname>interface</fieldname> </columnitem> <columnitem> - <fielddescr>Mac Address</fielddescr> + <fielddescr>MAC Address</fielddescr> <fieldname>mac</fieldname> </columnitem> <columnitem> - <fielddescr>Ip Address(es)</fielddescr> + <fielddescr>IP Address(es)</fielddescr> <fieldname>ip</fieldname> </columnitem> <columnitem> @@ -104,43 +102,53 @@ <fieldname>description</fieldname> </columnitem> <movable>on</movable> - <description><![CDATA[If firewall receives traffic with MAC/IP pair not listed here, it will send ARP reply with configured fake address.<br>This will prevent not permitted host from working properly in the specified ethernet segment.]]></description> + <description> + <![CDATA[ + If firewall receives traffic with MAC/IP pair not listed here, it will send ARP reply with configured fake address.<br /> + This will prevent not permitted host from working properly in the specified ethernet segment. + ]]> + </description> </adddeleteeditpagefields> <fields> <field> <type>listtopic</type> - <name>Ipguard Options</name> + <name>IPguard Options</name> <fieldname>temp</fieldname> </field> <field> - <fielddescr>sortable</fielddescr> - <fieldname>sortable</fieldname> - <display_maximum_rows>20</display_maximum_rows> - <type>sorting</type> - <include_filtering_inputbox/> - <sortablefields> - <item> - <name>Mac Address</name> - <fieldname>mac</fieldname> - <regex>/%FILTERTEXT%/i</regex> - </item> - <item> - <name>Ip Address</name> - <fieldname>ip</fieldname> - <regex>/%FILTERTEXT%/i</regex> - </item> - </sortablefields> + <fielddescr>sortable</fielddescr> + <fieldname>sortable</fieldname> + <display_maximum_rows>20</display_maximum_rows> + <type>sorting</type> + <include_filtering_inputbox/> + <sortablefields> + <item> + <name>MAC Address</name> + <fieldname>mac</fieldname> + <regex>/%FILTERTEXT%/i</regex> + </item> + <item> + <name>IP Address</name> + <fieldname>ip</fieldname> + <regex>/%FILTERTEXT%/i</regex> + </item> + </sortablefields> </field> <field> - <fielddescr>Enable</fielddescr> + <fielddescr>Enable</fielddescr> <fieldname>enable</fieldname> <type>checkbox</type> - <description><![CDATA[Enable this mac rule.<br><strong>Important Note:</strong> Always create rules for pfsense mac and ip address to avoid denying access to pfsense gui.]]></description> + <description> + <![CDATA[ + Enable this MAC rule.<br /> + <strong>Important Note:</strong> Always create rules for pfSense MAC and IP address to avoid denying access to pfFense GUI! + ]]> + </description> </field> <field> <fielddescr>Interface</fielddescr> <fieldname>interface</fieldname> - <description>The interface on which ipguard server will check this mac</description> + <description>The interface on which IPguard server will check this MAC.</description> <type>interfaces_selection</type> <required/> <default_value>lan</default_value> @@ -148,39 +156,44 @@ <field> <fielddescr>Description</fielddescr> <fieldname>description</fieldname> - <description>Describe this mac rule.</description> + <description>Describe this MAC rule.</description> <type>input</type> <size>50</size> <required/> </field> <field> - <fielddescr>Mac address</fielddescr> + <fielddescr>MAC Address</fielddescr> <fieldname>mac</fieldname> - <description><![CDATA[Insert mac address you want to filter.<br> - <strong>To include a permit rule, use mac=00:00:00:00:00:00</strong>]]></description> + <description> + <![CDATA[ + Insert MAC address you want to filter.<br /> + <strong>To include a permit rule, use MAC 00:00:00:00:00:00</strong> + ]]> + </description> <type>input</type> <size>25</size> <required/> </field> <field> - <fielddescr>Ip address</fielddescr> + <fielddescr>IP Address</fielddescr> <fieldname>ip</fieldname> - <description><![CDATA[Insert ip address, hostname or network cidr you want to apply on this ipguard rule.<br> - <strong>To include a permit rule, use your lan cidr or 0.0.0.0</strong>]]></description> + <description> + <![CDATA[ + Insert IP address, hostname or network CIDR you want to apply on this IPguard rule.<br> + <strong>To include a permit rule, use your LAN CIDR or 0.0.0.0</strong> + ]]> + </description> <type>input</type> <size>40</size> <required/> </field> </fields> - <custom_delete_php_command> ipguard_custom_php_write_config(); </custom_delete_php_command> <custom_add_php_command> ipguard_custom_php_write_config(); </custom_add_php_command> - <custom_php_install_command> - </custom_php_install_command> <custom_php_deinstall_command> ipguard_custom_php_deinstall_command(); </custom_php_deinstall_command> @@ -190,5 +203,4 @@ <custom_php_command_before_form> unset($_POST['temp']); </custom_php_command_before_form> - -</packagegui>
\ No newline at end of file +</packagegui> diff --git a/config/ipguard/ipguard_sync.xml b/config/ipguard/ipguard_sync.xml index 0b5ffecb..609dd6ca 100755 --- a/config/ipguard/ipguard_sync.xml +++ b/config/ipguard/ipguard_sync.xml @@ -1,49 +1,49 @@ <?xml version="1.0" encoding="utf-8" ?> -<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd"> -<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?> +<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd"> +<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?> <packagegui> <copyright> - <![CDATA[ +<![CDATA[ /* $Id$ */ -/* ========================================================================== */ +/* ====================================================================================== */ /* - ipguard_sync.xml - part of the ipguard package for pfSense (http://www.pfSense.com) - Copyright (C) 2012 Marcello Coutinho - All rights reserved. - */ -/* ========================================================================== */ + ipguard_sync.xml + part of pfSense (https://www.pfSense.org/) + Copyright (C) 2012 Marcello Coutinho + Copyright (C) 2015 ESF, LLC + All rights reserved. +*/ +/* ====================================================================================== */ /* - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. - */ -/* ========================================================================== */ + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ +/* ====================================================================================== */ ]]> </copyright> - <description>Describe your package here</description> - <requirements>Describe your package requirements here</requirements> - <faq>Currently there are no FAQ items provided.</faq> <name>ipguardsync</name> - <version>1.0</version> - <title>Ipguard - Sync</title> + <version>0.1.1</version> + <title>IPguard - Sync</title> <include_file>/usr/local/pkg/ipguard.inc</include_file> <tabs> <tab> @@ -89,8 +89,6 @@ </rowhelper> </field> </fields> - <custom_php_validation_command> - </custom_php_validation_command> <custom_php_resync_config_command> ipguard_custom_php_write_config(); </custom_php_resync_config_command> diff --git a/config/notes/notes.inc b/config/notes/notes.inc deleted file mode 100644 index ddc54a3f..00000000 --- a/config/notes/notes.inc +++ /dev/null @@ -1,37 +0,0 @@ -<?php -/* - notes.inc - part of pfSense (https://www.pfSense.org/) - Copyright (C) 2008 Mark J Crane - Copyright (C) 2015 ESF, LLC - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ -function notes_deinstall_command() { - conf_mount_rw(); - unlink_if_exists("/usr/local/pkg/notes.xml"); - unlink_if_exists("/usr/local/pkg/notes.inc"); - conf_mount_ro(); -} - -?> diff --git a/config/notes/notes.xml b/config/notes/notes.xml index e74a76f1..03c0a01a 100644 --- a/config/notes/notes.xml +++ b/config/notes/notes.xml @@ -45,7 +45,6 @@ <name>Notes</name> <version>0.2.6</version> <title>Settings</title> - <include_file>/usr/local/pkg/notes.inc</include_file> <menu> <name>Notes</name> <tooltiptext>Notes.</tooltiptext> @@ -61,10 +60,6 @@ </tab> </tabs> <configpath>installedpackages->package->$packagename->configuration->notes</configpath> - <additional_files_needed> - <prefix>/usr/local/pkg/</prefix> - <item>https://packages.pfsense.org/packages/config/notes/notes.inc</item> - </additional_files_needed> <adddeleteeditpagefields> <columnitem> <fielddescr>Title</fielddescr> @@ -103,7 +98,4 @@ <rows>20</rows> </field> </fields> - <custom_php_deinstall_command> - notes_deinstall_command(); - </custom_php_deinstall_command> </packagegui> diff --git a/config/nrpe2/nrpe2.inc b/config/nrpe2/nrpe2.inc index b5e6a7d9..08aeb5c4 100644 --- a/config/nrpe2/nrpe2.inc +++ b/config/nrpe2/nrpe2.inc @@ -51,7 +51,6 @@ define('NRPE_RCFILE', '/usr/local/etc/rc.d/nrpe2.sh'); function nrpe2_custom_php_install_command() { global $g, $config; - conf_mount_rw(); $NRPE_BASE = NRPE_BASE; $NRPE_CONFIG_DIR = NRPE_CONFIG_DIR; @@ -159,14 +158,6 @@ EOD; fclose($fd); chmod(NRPE_RCFILE, 0755); - conf_mount_ro(); -} - -function nrpe2_custom_php_deinstall_command() { - global $g, $config; - conf_mount_rw(); - - conf_mount_ro(); } function nrpe2_custom_php_write_config() { diff --git a/config/nrpe2/nrpe2.xml b/config/nrpe2/nrpe2.xml index 1204e8ec..f70835c3 100644 --- a/config/nrpe2/nrpe2.xml +++ b/config/nrpe2/nrpe2.xml @@ -179,7 +179,6 @@ nrpe2_custom_php_service(); </custom_php_install_command> <custom_php_deinstall_command> - nrpe2_custom_php_deinstall_command(); nrpe2_custom_php_write_config(); </custom_php_deinstall_command> <custom_php_resync_config_command> diff --git a/config/ntop2/ntop.xml b/config/ntop2/ntop.xml index 57354f61..6ba86525 100644 --- a/config/ntop2/ntop.xml +++ b/config/ntop2/ntop.xml @@ -160,9 +160,6 @@ <custom_php_install_command> sync_package_ntop(); </custom_php_install_command> - <custom_php_deinstall_command> - exec("rm /usr/local/etc/rc.d/ntop*"); - </custom_php_deinstall_command> <custom_php_validation_command> <![CDATA[ if ($_POST) { diff --git a/config/nut/nut.inc b/config/nut/nut.inc index 6467ec13..71b06932 100644 --- a/config/nut/nut.inc +++ b/config/nut/nut.inc @@ -156,9 +156,6 @@ } function deinstall_package_nut() { - stop_service("nut"); - - unlink_if_exists(NUT_RCFILE); unlink_if_exists(NUT_DIR.'/upsmon.conf'); unlink_if_exists(NUT_DIR.'/ups.conf'); unlink_if_exists(NUT_DIR.'/upsd.conf'); diff --git a/config/open-vm-tools_2/open-vm-tools.inc b/config/open-vm-tools_2/open-vm-tools.inc index f005074e..02449a1d 100644 --- a/config/open-vm-tools_2/open-vm-tools.inc +++ b/config/open-vm-tools_2/open-vm-tools.inc @@ -27,20 +27,14 @@ POSSIBILITY OF SUCH DAMAGE. */ function open_vm_tools_deinstall() { - conf_mount_rw(); - stop_service("vmware-guestd"); - unlink_if_exists("/usr/local/etc/rc.d/vmware-guestd.sh"); unlink_if_exists("/usr/local/etc/rc.d/vmware-kmod.sh"); unlink_if_exists("/boot/kernel/vmblock.ko"); unlink_if_exists("/boot/kernel/vmhgfs.ko"); unlink_if_exists("/boot/kernel/vmmemctl.ko"); unlink_if_exists("/boot/kernel/vmxnet.ko"); - conf_mount_ro(); } function open_vm_tools_install() { - conf_mount_rw(); - // Clean up old .ko files if they exist unlink_if_exists("/boot/kernel/vmblock.ko"); unlink_if_exists("/boot/kernel/vmhgfs.ko"); diff --git a/config/openbgpd/openbgpd.inc b/config/openbgpd/openbgpd.inc index 038ffa11..102c937d 100644 --- a/config/openbgpd/openbgpd.inc +++ b/config/openbgpd/openbgpd.inc @@ -319,14 +319,6 @@ function openbgpd_put_raw_config($conffile) { } } -function deinstall_openbgpd() { - global $config, $g; - - exec("rm /usr/local/etc/rc.d/bgpd.sh"); - exec("rm /usr/local/www/openbgpd_status.php"); - exec("killall bgpd"); -} - function check_group_usage($groupname) { global $config, $g; diff --git a/config/openbgpd/openbgpd.xml b/config/openbgpd/openbgpd.xml index 83e0122c..07810c0c 100644 --- a/config/openbgpd/openbgpd.xml +++ b/config/openbgpd/openbgpd.xml @@ -182,9 +182,6 @@ </rowhelper> </field> </fields> - <custom_php_deinstall_command> - deinstall_openbgpd(); - </custom_php_deinstall_command> <custom_php_resync_config_command> openbgpd_install_conf(); </custom_php_resync_config_command> diff --git a/config/openbgpd/openbgpd_groups.xml b/config/openbgpd/openbgpd_groups.xml index f43ab466..3ece75f2 100644 --- a/config/openbgpd/openbgpd_groups.xml +++ b/config/openbgpd/openbgpd_groups.xml @@ -105,9 +105,6 @@ <size>80</size> </field> </fields> - <custom_php_deinstall_command> - deinstall_openbgpd(); - </custom_php_deinstall_command> <custom_php_resync_config_command> openbgpd_install_conf(); </custom_php_resync_config_command> diff --git a/config/openvpn-client-export/openvpn-client-export.inc b/config/openvpn-client-export/openvpn-client-export.inc index 963a2604..4dbc7302 100755 --- a/config/openvpn-client-export/openvpn-client-export.inc +++ b/config/openvpn-client-export/openvpn-client-export.inc @@ -62,18 +62,7 @@ function openvpn_client_export_install() { } function openvpn_client_export_deinstall() { - global $current_openvpn_version; - conf_mount_rw(); - $phpfile = "vpn_openvpn_export.php"; - $phpfile2 = "vpn_openvpn_export_shared.php"; - $ovpndir = "/usr/local/share/openvpn"; - $workdir = "{$ovpndir}/client-export"; - - unlink_if_exists("/usr/local/www/{$phpfile}"); - unlink_if_exists("/usr/local/www/{$phpfile2}"); - unlink_if_exists("/usr/local/pkg/openvpn-client-export-{$current_openvpn_version}.tgz"); - exec("/bin/rm -r {$workdir}"); - conf_mount_ro(); + exec("/bin/rm -r /usr/local/share/openvpn/client-export"); } function openvpn_client_export_prefix($srvid, $usrid = null, $crtid = null) { diff --git a/config/phpservice/phpservice.inc b/config/phpservice/phpservice.inc index cffdb09f..d04e021a 100644 --- a/config/phpservice/phpservice.inc +++ b/config/phpservice/phpservice.inc @@ -104,7 +104,6 @@ EOF; } function phpservice_install_command() { - conf_mount_rw(); write_rcfile(array( "file" => "phpservice.sh", "start" => "/usr/local/bin/php /usr/local/pkg/phpservice.php >> /var/log/phpservice.log &", @@ -112,15 +111,6 @@ function phpservice_install_command() { ) ); phpservice_sync_package(); - conf_mount_ro(); -} - - -function phpservice_deinstall_command() { - conf_mount_rw(); - stop_service("phpservice"); - unlink_if_exists("/usr/local/etc/rc.d/phpservice.sh"); - conf_mount_ro(); } ?> diff --git a/config/phpservice/phpservice.xml b/config/phpservice/phpservice.xml index e437be20..6bada596 100644 --- a/config/phpservice/phpservice.xml +++ b/config/phpservice/phpservice.xml @@ -81,7 +81,4 @@ <custom_php_install_command> phpservice_install_command(); </custom_php_install_command> - <custom_php_deinstall_command> - phpservice_deinstall_command(); - </custom_php_deinstall_command> </packagegui> diff --git a/config/routed/routed.inc b/config/routed/routed.inc index 471c2772..3bcef0aa 100644 --- a/config/routed/routed.inc +++ b/config/routed/routed.inc @@ -105,21 +105,17 @@ function setup_etc_gateways($iface="", $mode="") { } function routed_install_command() { - conf_mount_rw(); write_rcfile(array( "file" => "routed.sh", "start" => "/usr/bin/nohup /sbin/routed > /dev/null 2>&1 &", "stop" => "/bin/pkill routed" ) ); - conf_mount_ro(); } function routed_deinstall_command() { stop_service("routed"); - conf_mount_rw(); unlink_if_exists("/usr/local/etc/rc.d/routed.sh"); - conf_mount_ro(); } ?> diff --git a/config/shellcmd/shellcmd.inc b/config/shellcmd/shellcmd.inc index 04cbf3d6..113b645c 100644 --- a/config/shellcmd/shellcmd.inc +++ b/config/shellcmd/shellcmd.inc @@ -1,14 +1,11 @@ <?php -/* $Id$ */ -/* -/* ========================================================================== */ -/* - shellcmd.inc - Copyright (C) 2008 Mark J Crane - All rights reserved. - */ -/* ========================================================================== */ /* + shellcmd.inc + part of pfSense (https://www.pfSense.org/) + Copyright (C) 2008 Mark J Crane + Copyright (C) 2015 ESF, LLC + All rights reserved. + Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: @@ -30,58 +27,278 @@ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ +function shellcmd_install_command() { + global $config; + + /* Remove garbage left over by previous broken package versions */ + unlink_if_exists("/usr/local/etc/rc.d/shellcmd.sh"); + if (is_dir("/usr/local/www/packages/shellcmd")) { + mwexec("/bin/rm -rf /usr/local/www/packages/shellcmd/"); + } + + shellcmd_import_config(); + shellcmd_sync_package(); + +} + -require_once("services.inc"); - -if (!function_exists("pkg_is_service_running")) { - function pkg_is_service_running($servicename) - { - exec("/bin/ps ax | awk '{ print $5 }'", $psout); - array_shift($psout); - foreach($psout as $line) { - $ps[] = trim(array_pop(explode(' ', array_pop(explode('/', $line))))); - } - if(is_service_running($servicename, $ps) or is_process_running($servicename) ) { - return true; - } - else { - return false; - } +function shellcmd_delete_php_command() { + global $config; + + /* When 'Delete item' is clicked in Shellcmd Settings */ + if ($_GET['act'] == "del") { + + /* System earlyshellcmd commands */ + $a_earlyshellcmd = &$config['system']['earlyshellcmd']; + if (!is_array($a_earlyshellcmd)) { + $a_earlyshellcmd = array(); + } + /* Shellcmd package commands */ + $a_shellcmd_config = &$config['installedpackages']['shellcmdsettings']['config']; + if (!is_array($a_shellcmd_config)) { + $a_shellcmd_config = array(); + } + + /* First check for a couple of special cases that we do NOT want deleted */ + /* TODO: Create a function for these checks */ + $pkg = ''; + /* pfBlockerNG - function to restore archived aliastables on nanobsd (see pfblockerng.inc) */ + $pfbcmd = "/usr/local/pkg/pfblockerng/pfblockerng.sh"; + /* If the entry exists in system config ... */ + if (in_array($pfbcmd, $a_earlyshellcmd)) { + $cnta = 0; + /* ... but does not exist in package config ... */ + foreach ($a_shellcmd_config as $item => $value) { + if (in_array($pfbcmd, $value)) { + $cnta++; + } + } + /* ... the user has deleted this protected entry. */ + if ($cnta === 0) { + $pkg .= "[pfBlockerNG]"; + /* Force reimport. */ + shellcmd_forced_restore($pkg); + } + } + /* System Patches auto-apply patch feature (see patches.inc) */ + $spcmd = "/usr/local/bin/php -f /usr/local/bin/apply_patches.php"; + if (in_array($spcmd, $a_earlyshellcmd)) { + $cntb = 0; + foreach ($a_shellcmd_config as $item => $value) { + if (in_array($spcmd, $value)) { + $cntb++; + } + } + if ($cntb === 0) { + $pkg .= "[System Patches]"; + shellcmd_forced_restore($pkg); + } + } + + /* Otherwise, sync package and system configuration normally */ + shellcmd_sync_package(); } } -function shellcmd_sync_package() -{ - global $config; - //synch shellcmd tab - //configure_shellcmd(); - //$handle = popen("/usr/local/etc/rc.d/shellcmd.sh stop", "r"); - //pclose($handle); - //$handle = popen("/usr/local/etc/rc.d/shellcmd.sh start", "r"); - //pclose($handle); +/* Force restore of protected (early)shellcmds from system config */ +function shellcmd_forced_restore($pkg) { + log_error("[shellcmd] Refused to delete {$pkg} earlyshellcmd. Use {$pkg} to configure this entry."); + shellcmd_import_config(); + write_config("[shellcmd] Restore of {$pkg} earlyshellcmd forced."); + /* Send the user back to settings */ + header("Location: pkg.php?xml=shellcmd.xml"); + exit; } - -function shellcmd_install_command() -{ +function shellcmd_sync_package() { global $config; conf_mount_rw(); - shellcmd_sync_package(); - conf_mount_ro(); + + $cmd = ''; + $cmdtype = ''; + $a_shellcmd = array(); + $a_earlyshellcmd = array(); + /* afterfilterchangeshellcmd is NOT treated as an array, it's a string! */ + /* See /etc/inc/xmlparse.inc and /etc/inc/xmlreader.inc */ + $afterfilterchangeshellcmd = ''; + $a_shellcmd_config = &$config['installedpackages']['shellcmdsettings']['config']; + if (!is_array($a_shellcmd_config)) { + $a_shellcmd_config = array(); + } + $i = 0; + /* When an item is added to shellcmd package configuration, make sure */ + /* we add corresponding entry to $config['system'] as well */ + foreach ($a_shellcmd_config as $item) { + /* Get the command from package configuration here */ + $cmd = $a_shellcmd_config[$i]['cmd']; + /* Lets see what type of command we are adding first... */ + $cmdtype = $a_shellcmd_config[$i]['cmdtype']; + /* shellcmd */ + if ($cmdtype == "shellcmd") { + $a_shellcmd[] = $cmd; + $i++; + /* earlyshellcmd */ + } elseif ($cmdtype == "earlyshellcmd") { + $a_earlyshellcmd[] = $cmd; + $i++; + /* afterfilterchangeshellcmd */ + } elseif ($cmdtype == "afterfilterchangeshellcmd") { + $afterfilterchangeshellcmd = $cmd; + $i++; + /* Either disabled, or possibly someone messing with config.xml manually?! */ + } else { + $i++; + } + } + + /* Write the new system configuration to config.xml from scratch when done */ + unset($config['system']['shellcmd']); + $config['system']['shellcmd'] = $a_shellcmd; + unset($config['system']['earlyshellcmd']); + $config['system']['earlyshellcmd'] = $a_earlyshellcmd; + unset($config['system']['afterfilterchangeshellcmd']); + $config['system']['afterfilterchangeshellcmd'] = $afterfilterchangeshellcmd; + write_config("[shellcmd] Successfully (re)synced shellcmd configuration."); } -function shellcmd_deinstall_command() -{ +function shellcmd_import_config() { + global $config; - conf_mount_rw(); - $handle = popen("/usr/local/etc/rc.d/shellcmd.sh stop", "r"); - //unlink_if_exists("/usr/local/etc/rc.d/shellcmd.sh"); - conf_mount_ro(); + $shellcmd_config = &$config['installedpackages']['shellcmdsettings']['config']; + if (!is_array($shellcmd_config)) { + $shellcmd_config = array(); + } + + $i = 0; + + /* First, preserve any disabled items */ + $a_shellcmd_config = &$shellcmd_config; + foreach ($a_shellcmd_config as $item => $value) { + $cmd = $value['cmd']; + $cmdtype = $value['cmdtype']; + $description = $value['description']; + if ($cmdtype == "disabled") { + $shellcmd_config[$i]['cmd'] = $cmd; + $shellcmd_config[$i]['cmdtype'] = "disabled"; + $shellcmd_config[$i]['description'] = $description ?: "Imported disabled item ({$i})"; + $i++; + } + } + + /* Import earlyshellcmd entries which were either created by previous package versions, */ + /* or manually, or added by some other package(s) (if there are any in config.xml) */ + /* Two currently known special cases are handled here - System Patches and pfBlockerNG */ + if (is_array($config['system']['earlyshellcmd'])) { + $earlyshellcmds = &$config['system']['earlyshellcmd']; + $pfbcmd = "/usr/local/pkg/pfblockerng/pfblockerng.sh"; + $spcmd = "/usr/local/bin/php -f /usr/local/bin/apply_patches.php"; + foreach ($earlyshellcmds as $earlyshellcmd) { + /* pfBlockerNG - function to restore archived aliastables on nanobsd (see pfblockerng.inc) */ + if (stristr($earlyshellcmd, "{$pfbcmd}")) { + $shellcmd_config[$i]['cmd'] = $earlyshellcmd; + $shellcmd_config[$i]['cmdtype'] = "earlyshellcmd"; + $shellcmd_config[$i]['description'] = "pfBlockerNG default earlyshellcmd. DO NOT EDIT/DELETE!"; + $i++; + /* System Patches auto-apply patch feature (see patches.inc) */ + } elseif (stristr($earlyshellcmd, "{$spcmd}")) { + $shellcmd_config[$i]['cmd'] = $earlyshellcmd; + $shellcmd_config[$i]['cmdtype'] = "earlyshellcmd"; + $shellcmd_config[$i]['description'] = "System Patches default earlyshellcmd. DO NOT EDIT/DELETE!"; + $i++; + /* Other manually added earlyshellcmd entries */ + } else { + $shellcmd_config[$i]['cmd'] = $earlyshellcmd; + $shellcmd_config[$i]['cmdtype'] = "earlyshellcmd"; + $shellcmd_config[$i]['description'] = $shellcmd_config[$i]['description'] ?: "Imported earlyshellcmd ({$i})"; + $i++; + } + + } + } + /* Import shellcmd entries which were created manually (if there are any in config.xml) */ + if (is_array($config['system']['shellcmd'])) { + $shellcmds = &$config['system']['shellcmd']; + foreach ($shellcmds as $shellcmd) { + $shellcmd_config[$i]['cmd'] = $shellcmd; + $shellcmd_config[$i]['cmdtype'] = "shellcmd"; + $shellcmd_config[$i]['description'] = $shellcmd_config[$i]['description'] ?: "Imported shellcmd ({$i})"; + $i++; + } + } + + /* Import afterfilterchangeshellcmd entry which was created manually (if there is any in config.xml) */ + /* afterfilterchangeshellcmd is NOT treated as an array, it's a string! See /etc/inc/xmlparse.inc and /etc/inc/xmlreader.inc */ + if ($config['system']['afterfilterchangeshellcmd'] != '') { + $shellcmd_config[$i]['cmd'] = $config['system']['afterfilterchangeshellcmd']; + $shellcmd_config[$i]['cmdtype'] = "afterfilterchangeshellcmd"; + $shellcmd_config[$i]['description'] = $shellcmd_config[$i]['description'] ?: "Imported afterfilterchangeshellcmd"; + $i++; + } + + /* Write the new config.xml when import is finished */ + write_config("[shellcmd] Successfully imported package configuration from config.xml."); + +} + +function shellcmd_validate_input($post, &$input_errors) { + global $config; + $a_shellcmd = &$config['system']['shellcmd']; + if (!is_array($a_shellcmd)) { + $a_shellcmd = array(); + } + $a_earlyshellcmd = &$config['system']['earlyshellcmd']; + if (!is_array($a_earlyshellcmd)) { + $a_earlyshellcmd = array(); + } + $a_shellcmd_config = &$config['installedpackages']['shellcmdsettings']['config']; + if (!is_array($a_shellcmd_config)) { + $a_shellcmd_config = array(); + } + /* afterfilterchangeshellcmd is NOT an array */ + $afterfilterchangeshellcmd = $config['system']['afterfilterchangeshellcmd']; + + /* Make sure we don't add the same command twice as it's just pointless */ + if (($post['cmd']) != '') { + $id = $post['id']; + if ($post['cmdtype'] == "shellcmd") { + if (in_array($post['cmd'], $a_shellcmd)) { + /* Allow changing description */ + if ((($post['cmd']) == $a_shellcmd_config[$id]['cmd']) && (($post['cmdtype']) == $a_shellcmd_config[$id]['cmdtype'])) { + return; + } else { + $input_errors[] = "{$post['cmd']} already exists as shellcmd."; + } + } + } + if ($post['cmdtype'] == "earlyshellcmd") { + if (in_array($post['cmd'], $a_earlyshellcmd)) { + /* Allow changing description */ + if ((($post['cmd']) == $a_shellcmd_config[$id]['cmd']) && (($post['cmdtype']) == $a_shellcmd_config[$id]['cmdtype'])) { + return; + } else { + $input_errors[] = "{$post['cmd']} already exists as earlyshellcmd."; + } + } + } + /* Only ONE item of this type may be configured */ + if ($post['cmdtype'] == "afterfilterchangeshellcmd") { + // Not yet configured, OK + if ($afterfilterchangeshellcmd == '') { + return; + // Allow changing description + } elseif ((($post['cmd']) == $a_shellcmd_config[$id]['cmd']) && (($post['cmdtype']) == $a_shellcmd_config[$id]['cmdtype'])) { + return; + // Tired of input validation... Needs something better in future. + } else { + $input_errors[] = "Only ONE afterfilterchangeshellcmd may be configured! Delete the existing entry and try again!"; + } + } + } } diff --git a/config/shellcmd/shellcmd.php b/config/shellcmd/shellcmd.php deleted file mode 100644 index fd386910..00000000 --- a/config/shellcmd/shellcmd.php +++ /dev/null @@ -1,179 +0,0 @@ -<?php -/* $Id$ */ -/* - shellcmd.php - Copyright (C) 2008 Mark J Crane - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ - -require("guiconfig.inc"); -require("/usr/local/pkg/shellcmd.inc"); - -$a_earlyshellcmd = &$config['system']['earlyshellcmd']; -$a_shellcmd = &$config['system']['shellcmd']; -//$a_afterfilterchangeshellcmd = &$config['system']['afterfilterchangeshellcmd']; - -include("head.inc"); - -?> - - -<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> -<?php include("fbegin.inc"); ?> -<p class="pgtitle">Shellcmd: Settings</p> - -<div id="mainlevel"> -<table width="100%" border="0" cellpadding="0" cellspacing="0"> -<tr><td class="tabnavtbl"> -<?php - - $tab_array = array(); - $tab_array[] = array(gettext("Settings"), false, "/packages/shellcmd/shellcmd.php"); - display_top_tabs($tab_array); - -?> -</td></tr> -</table> - -<table width="100%" border="0" cellpadding="0" cellspacing="0"> - <tr> - <td class="tabcont" > - -<form action="shellcmd.php" method="post" name="iform" id="iform"> -<?php - -//if ($savemsg) print_info_box($savemsg); -//if (file_exists($d_hostsdirty_path)): echo"<p>"; -//print_info_box_np("This is an info box."); -//echo"<br />"; -//endif; - -?> - <table width="100%" border="0" cellpadding="6" cellspacing="0"> - <tr> - <td><p><!--<span class="vexpl"><span class="red"><strong>shellcmd<br></strong></span>--> - The shellcmd utility is used to manage commands on system startup. - <br /><br /> - <!--For more information see: <a href='http://www.' target='_blank'>http://www.</a>--> - </p></td> - </tr> - </table> - <br /> - - <table width="100%" border="0" cellpadding="0" cellspacing="0"> - <tr> - <td width="50%" class="listhdrr">Command</td> - <td width="30%" class="listhdrr">Type</td> - <td width="10%" class="list"> - - <table border="0" cellspacing="0" cellpadding="1"> - <tr> - <td width="17"></td> - <td valign="middle"><a href="shellcmd_edit.php"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0"></a></td> - </tr> - </table> - - </td> - </tr> - - -<?php - - $categories = array("earlyshellcmd","shellcmd"); - //$categories = array("earlyshellcmd","shellcmd","afterfilterchangeshellcmd"); - - foreach ($categories as $category) { - $i = 0; - // dynamically create the category config name - $category_config = "a_".$category; - if (count($$category_config) > 0) { - foreach ($$category_config as $ent) { - // previous versions of shellcmd stored the command in an additional <command>-xmltag, this unnests this for backwards compatibility - if (is_array($ent)) { $ent = $ent['command']; } - - echo " <tr>\n"; - echo " <td class=\"listr\" ondblclick=\"document.location='shellcmd_edit.php?t=".$category."&id=".$i."';\">\n"; - echo " ".$ent."\n"; - echo " </td>\n"; - echo " <td class=\"listbg\" ondblclick=\"document.location='shellcmd_edit.php?t=".$category."&id=".$i."';\">\n"; - echo " ".$category."\n"; - echo " </td>\n"; - echo " <td valign=\"middle\" nowrap class=\"list\">\n"; - echo " <table border=\"0\" cellspacing=\"0\" cellpadding=\"1\">\n"; - echo " <tr>\n"; - echo " <td valign=\"middle\"><a href=\"shellcmd_edit.php?t=".$category."&id=".$i."\"><img src=\"/themes/".$g['theme']."/images/icons/icon_e.gif\" width=\"17\" height=\"17\" border=\"0\"></a></td>\n"; - echo " <td><a href=\"shellcmd_edit.php?t=".$category."&type=cmd&act=del&id=".$i."\" onclick=\"return confirm('Do you really want to delete this?')\"><img src=\"/themes/".$g['theme']."/images/icons/icon_x.gif\" width=\"17\" height=\"17\" border=\"0\"></a></td>\n"; - echo " </tr>\n"; - echo " </table>\n"; - echo " </td>\n"; - echo " </tr>"; - $i++; - } - } - } - - -?> - - <tr> - <td class="list" colspan="2"></td> - <td class="list"> - <table border="0" cellspacing="0" cellpadding="1"> - <tr> - <td width="17"></td> - <td valign="middle"><a href="shellcmd_edit.php"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0"></a></td> - </tr> - </table> - </td> - </tr> - - - <tr> - <td class="list" colspan="3"></td> - <td class="list"></td> - </tr> - </table> - -</form> - - -<br> -<br> -<br> -<br> -<br> -<br> -<br> -<br> - -</td> -</tr> -</table> - -</div> - - -<?php include("fend.inc"); ?> -</body> -</html> diff --git a/config/shellcmd/shellcmd.xml b/config/shellcmd/shellcmd.xml index 094c3d30..f6b34ee4 100644 --- a/config/shellcmd/shellcmd.xml +++ b/config/shellcmd/shellcmd.xml @@ -1,115 +1,157 @@ <?xml version="1.0" encoding="utf-8" ?> -<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd"> -<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?> +<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd"> +<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?> <packagegui> - <copyright> - <![CDATA[ + <copyright> +<![CDATA[ /* $Id$ */ -/* ========================================================================== */ +/* ====================================================================================== */ /* - shellcmd.xml - Copyright (C) 2008 Mark J Crane - All rights reserved. - */ -/* ========================================================================== */ + shellcmd.xml + part of pfSense (https://www.pfSense.org/) + Copyright (C) 2008 Mark J Crane + Copyright (C) 2015 ESF, LLC + All rights reserved. +*/ +/* ====================================================================================== */ /* - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. - */ -/* ========================================================================== */ - ]]> - </copyright> - <description>Shellcmd</description> - <requirements>Describe your package requirements here</requirements> - <faq>Currently there are no FAQ items provided.</faq> + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ +/* ====================================================================================== */ + ]]> + </copyright> <name>Shellcmd Settings</name> - <version>0.4</version> - <title>Settings</title> + <version>1.0</version> + <title>Shellcmd Settings</title> <include_file>/usr/local/pkg/shellcmd.inc</include_file> + <aftersaveredirect>/pkg.php?xml=shellcmd.xml</aftersaveredirect> + <addedit_string>[shellcmd] Successfully created/modified custom (early)shellcmd.</addedit_string> + <delete_string>[shellcmd] Successfully deleted custom (early)shellcmd.</delete_string> <menu> <name>Shellcmd</name> - <tooltiptext>shellcmd settings.</tooltiptext> <section>Services</section> <configfile>shellcmd.xml</configfile> - <url>/packages/shellcmd/shellcmd.php</url> + <url>/pkg.php?xml=shellcmd.xml</url> </menu> <tabs> <tab> <text>Settings</text> - <url>/pkg_edit.php?xml=shellcmd.xml&id=0</url> + <url>/pkg.php?xml=shellcmd.xml</url> <active/> </tab> - <tab> - <text>Settings</text> - <url>/packages/shellcmd/shellcmd.php</url> - <active/> - </tab> </tabs> - <configpath>installedpackages->package->$packagename->configuration->shellcmd</configpath> + <configpath>['installedpackages']['shellcmdsettings']['config']</configpath> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> - <chmod>0755</chmod> - <item>https://packages.pfsense.org/packages/config/shellcmd/shellcmd.xml</item> - </additional_files_needed> - <additional_files_needed> - <prefix>/usr/local/pkg/</prefix> - <chmod>0755</chmod> <item>https://packages.pfsense.org/packages/config/shellcmd/shellcmd.inc</item> </additional_files_needed> - <additional_files_needed> - <prefix>/usr/local/www/packages/shellcmd/</prefix> - <chmod>0755</chmod> - <item>https://packages.pfsense.org/packages/config/shellcmd/shellcmd.php</item> - </additional_files_needed> - <additional_files_needed> - <prefix>/usr/local/www/packages/shellcmd/</prefix> - <chmod>0755</chmod> - <item>https://packages.pfsense.org/packages/config/shellcmd/shellcmd_edit.php</item> - </additional_files_needed> + <adddeleteeditpagefields> + <columnitem> + <fielddescr>Command</fielddescr> + <fieldname>cmd</fieldname> + </columnitem> + <columnitem> + <fielddescr>Shellcmd Type</fielddescr> + <fieldname>cmdtype</fieldname> + </columnitem> + <columnitem> + <fielddescr>Description</fielddescr> + <fieldname>description</fieldname> + </columnitem> + <addtext>Add a new (early)shellcmd entry</addtext> + <edittext>Edit this (early)shellcmd entry</edittext> + <deletetext>Delete this (early)shellcmd entry</deletetext> + </adddeleteeditpagefields> <fields> <field> - <fielddescr>Variable One</fielddescr> - <fieldname>var1</fieldname> - <description>Enter the variable one here.</description> + <type>listtopic</type> + <fieldname>none</fieldname> + <name>Shellcmd Configuration</name> + </field> + <field> + <fielddescr>Command</fielddescr> + <fieldname>cmd</fieldname> <type>input</type> + <size>60</size> + <description>Enter the command to run.</description> + <required/> + </field> + <field> + <fielddescr>Shellcmd Type</fielddescr> + <fieldname>cmdtype</fieldname> + <type>select</type> + <options> + <option> + <name>shellcmd</name> + <value>shellcmd</value> + </option> + <option> + <name>earlyshellcmd</name> + <value>earlyshellcmd</value> + </option> + <option> + <name>afterfilterchangeshellcmd</name> + <value>afterfilterchangeshellcmd</value> + </option> + <option> + <name>disabled</name> + <value>disabled</value> + </option> + </options> + <description> + <![CDATA[ + Choose the shellcmd type.<br /><br /> + <strong>shellcmd</strong> will run the command specified towards the end of the boot process.<br /> + <strong>earlyshellcmd</strong> will run the command specified at the beginning of the boot process.<br /> + <strong>afterfilterchangeshellcmd</strong> will run after each filter_configure() call. + See <a href="https://github.com/pfsense/pfsense/blob/master/etc/inc/filter.inc">filter.inc source code</a> for "documentation". + <span class="errmsg">N.B.: Only one entry of this type can be configured!</span><br /> + <strong>disabled</strong> will save the command in package configuration but it will NOT run on boot.<br /><br /> + See <a href="https://doc.pfsense.org/index.php/Executing_commands_at_boot_time">Executing commands at boot time</a> for detailed explanation. + ]]> + </description> + <required/> </field> <field> - <fielddescr>Variable Two</fielddescr> - <fieldname>var1</fieldname> - <description>Enter the variable one here.</description> + <fielddescr>Description</fielddescr> + <fieldname>description</fieldname> + <description>Enter a description for this command.</description> <type>input</type> + <typehint>(This is for your reference only.)</typehint> + <size>60</size> </field> - </fields> - <custom_add_php_command> - </custom_add_php_command> + </fields> + <custom_php_install_command> + shellcmd_import_config(); + </custom_php_install_command> <custom_php_resync_config_command> shellcmd_sync_package(); </custom_php_resync_config_command> - <custom_delete_php_command> - shellcmd_sync_package(); + <custom_delete_php_command> + shellcmd_delete_php_command(); </custom_delete_php_command> - <custom_php_install_command> - shellcmd_install_command(); - </custom_php_install_command> - <custom_php_deinstall_command> - shellcmd_deinstall_command(); - </custom_php_deinstall_command> + <custom_php_validation_command> + shellcmd_validate_input($_POST, $input_errors); + </custom_php_validation_command> </packagegui> diff --git a/config/shellcmd/shellcmd_edit.php b/config/shellcmd/shellcmd_edit.php deleted file mode 100644 index 5ae466d5..00000000 --- a/config/shellcmd/shellcmd_edit.php +++ /dev/null @@ -1,303 +0,0 @@ -<?php -/* $Id$ */ -/* - - shellcmd_edit.php - Copyright (C) 2008 Mark J Crane - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ - -require("guiconfig.inc"); -require("/usr/local/pkg/shellcmd.inc"); - - -$id = $_GET['id']; -if (strlen($_POST['id'])>0) { - $id = $_POST['id']; -} - -$type = $_GET['t']; -if (strlen($_POST['t'])>0) { - $type = $_POST['t']; -} - -if ($_GET['act'] == "del") { - if ($_GET['type'] == 'cmd') { - - switch (htmlspecialchars($type)) { - case "earlyshellcmd": - $a_earlyshellcmd = &$config['system']['earlyshellcmd']; - unset($a_earlyshellcmd[$_GET['id']]); - write_config(); - shellcmd_sync_package(); - header("Location: shellcmd.php"); - exit; - break; - case "shellcmd": - $a_shellcmd = &$config['system']['shellcmd']; - unset($a_shellcmd[$_GET['id']]); - write_config(); - shellcmd_sync_package(); - header("Location: shellcmd.php"); - exit; - break; - case "afterfilterchangeshellcmd": - // $a_afterfilterchangeshellcmd = &$config['system']['afterfilterchangeshellcmd']; - // unset($a_afterfilterchangeshellcmd[$_GET['id']]); - // write_config(); - // shellcmd_sync_package(); - // header("Location: shellcmd.php"); - // exit; - break; - default: - break; - } - - } -} - -//get value for the form edit value -if (strlen($id) > 0) { - - switch (htmlspecialchars($type)) { - case "earlyshellcmd": - $a_earlyshellcmd = &$config['system']['earlyshellcmd']; - if ($a_earlyshellcmd[$id]) { - $pconfig['command'] = $a_earlyshellcmd[$id]; - } - break; - case "shellcmd": - $a_shellcmd = &$config['system']['shellcmd']; - if ($a_shellcmd[$id]) { - $pconfig['command'] = $a_shellcmd[$id]; - } - break; - case "afterfilterchangeshellcmd": - //$a_afterfilterchangeshellcmd = &$config['system']['afterfilterchangeshellcmd']; - //if ($a_afterfilterchangeshellcmd[$id]) { - // $pconfig['command'] = $a_afterfilterchangeshellcmd[$id]; - //} - break; - default: - break; - } - - // previous version of shellcmd wrapped all commands in a <command>-xmltag, unnesting this for backwards compatibility - if (is_array($pconfig['command'])) $pconfig['command'] = $pconfig['command']['command']; - -} - -if ($_POST) { - - unset($input_errors); - - if (!$input_errors) { - if (strlen($_POST['command']) > 0) { - - $ent = $_POST['command']; - - if (strlen($id)>0) { - //update - - switch (htmlspecialchars($type)) { - case "earlyshellcmd": - $a_earlyshellcmd = &$config['system']['earlyshellcmd']; - if ($a_earlyshellcmd[$id]) { - $a_earlyshellcmd[$id] = $ent; - } - break; - case "shellcmd": - $a_shellcmd = &$config['system']['shellcmd']; - if ($a_shellcmd[$id]) { - $a_shellcmd[$id] = $ent; - } - break; - case "afterfilterchangeshellcmd": - //$a_afterfilterchangeshellcmd = &$config['system']['afterfilterchangeshellcmd']; - //if ($a_afterfilterchangeshellcmd[$id]) { - // $a_afterfilterchangeshellcmd[$id] = $ent; - //} - break; - default: - break; - } - - } - else { - //add - switch (htmlspecialchars($type)) { - case "earlyshellcmd": - $a_earlyshellcmd = &$config['system']['earlyshellcmd']; - $a_earlyshellcmd[] = $ent; - break; - case "shellcmd": - $a_shellcmd = &$config['system']['shellcmd']; - $a_shellcmd[] = $ent; - break; - case "afterfilterchangeshellcmd": - //$a_afterfilterchangeshellcmd = &$config['system']['afterfilterchangeshellcmd']; - //$a_afterfilterchangeshellcmd[] = $ent; - break; - default: - break; - } - - } - - write_config(); - shellcmd_sync_package(); - } - - header("Location: shellcmd.php"); - exit; - } -} - -include("head.inc"); - -?> - -<script type="text/javascript" language="JavaScript"> - -function show_advanced_config() { - document.getElementById("showadvancedbox").innerHTML=''; - aodiv = document.getElementById('showadvanced'); - aodiv.style.display = "block"; -</script> - -<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> -<?php include("fbegin.inc"); ?> -<p class="pgtitle">Shellcmd: Edit</p> -<?php if ($input_errors) print_input_errors($input_errors); ?> - -<div id="mainlevel"> -<table width="100%" border="0" cellpadding="0" cellspacing="0"> -<tr><td class="tabnavtbl"> -<?php - - $tab_array = array(); - $tab_array[] = array(gettext("Settings"), false, "/packages/shellcmd/shellcmd.php"); - display_top_tabs($tab_array); - -?> -</td></tr> -</table> -<table width="100%" border="0" cellpadding="0" cellspacing="0"> - <tr> - <td class="tabcont" > - - <!-- - <table width="100%" border="0" cellpadding="6" cellspacing="0"> - <tr> - <td><p><span class="vexpl"><span class="red"><strong>shellcmd<br> - </strong></span> - </p></td> - </tr> - </table> - --> - <br /> - - - <form action="shellcmd_edit.php" method="post" name="iform" id="iform"> - <table width="100%" border="0" cellpadding="6" cellspacing="0"> - <tr> - <td width="25%" valign="top" class="vncellreq">Command</td> - <td width="75%" class="vtable"> - <input name="command" type="text" class="formfld" id="command" size="40" value="<?=htmlspecialchars($pconfig['command']);?>"> - </td> - </tr> - - <tr> - <td width="25%" valign="top" class="vncellreq">Type</td> - <td width="75%" class="vtable"> - <?php - echo " <select name='t' class='formfld'>\n"; - echo " <option></option>\n"; - switch (htmlspecialchars($type)) { - case "earlyshellcmd": - echo " <option value='earlyshellcmd' selected='yes'>earlyshellcmd</option>\n"; - echo " <option value='shellcmd'>shellcmd</option>\n"; - //echo " <option value='afterfilterchangeshellcmd'>afterfilterchangeshellcmd</option>\n"; - break; - case "shellcmd": - echo " <option value='earlyshellcmd'>earlyshellcmd</option>\n"; - echo " <option value='shellcmd' selected='yes'>shellcmd</option>\n"; - //echo " <option value='afterfilterchangeshellcmd'>afterfilterchangeshellcmd</option>\n"; - break; - case "afterfilterchangeshellcmd": - //echo " <option value='earlyshellcmd'>earlyshellcmd</option>\n"; - //echo " <option value='shellcmd'>shellcmd</option>\n"; - //echo " <option value='afterfilterchangeshellcmd' selected='yes'>afterfilterchangeshellcmd</option>\n"; - break; - default: - echo " <option value=''></option>\n"; - echo " <option value='earlyshellcmd'>earlyshellcmd</option>\n"; - echo " <option value='shellcmd'>shellcmd</option>\n"; - //echo " <option value='afterfilterchangeshellcmd'>afterfilterchangeshellcmd</option>\n"; - break; - } - echo " </select>\n"; - ?> - </td> - </tr> - - - <!-- - <tr> - <td width="25%" valign="top" class="vncellreq">Description</td> - <td width="75%" class="vtable"> - <input name="description" type="text" class="formfld" id="description" size="40" value="<?=htmlspecialchars($pconfig['description']);?>"> - <br><span class="vexpl">Enter the description here.<br></span> - </td> - </tr> - --> - - <tr> - <td valign="top"> </td> - <td> - <?php if (strlen($id)>0) { ?> - <input name="id" type="hidden" value="<?=$id;?>"> - <?php }; ?> - <input name="Submit" type="submit" class="formbtn" value="Save"> <input class="formbtn" type="button" value="Cancel" onclick="history.back()"> - </td> - </tr> - </table> - </form> - - <br> - <br> - <br> - <br> - <br> - <br> - - </td> - </tr> -</table> - -</div> - -<?php include("fend.inc"); ?> -</body> -</html> diff --git a/config/snort/snort.inc b/config/snort/snort.inc index fb8cd9d8..b7d4299e 100755 --- a/config/snort/snort.inc +++ b/config/snort/snort.inc @@ -3748,8 +3748,8 @@ function snort_sync_on_changes() { $syncdownloadrules = $snort_sync['vardownloadrules']; switch ($synconchanges){ case "manual": - if (is_array($snort_sync[row])){ - $rs=$snort_sync[row]; + if (is_array($snort_sync['row'])){ + $rs=$snort_sync['row']; } else{ log_error("[snort] xmlrpc sync is enabled but there are no hosts configured as replication targets."); @@ -3757,8 +3757,8 @@ function snort_sync_on_changes() { } break; case "auto": - if (is_array($config['installedpackages']['carpsettings']) && is_array($config['installedpackages']['carpsettings']['config'])){ - $system_carp=$config['installedpackages']['carpsettings']['config'][0]; + if (is_array($config['hasync'])) { + $system_carp=$config['hasync']; $rs[0]['varsyncipaddress']=$system_carp['synchronizetoip']; $rs[0]['varsyncusername']=$system_carp['username']; $rs[0]['varsyncpassword']=$system_carp['password']; diff --git a/config/snort/snort.xml b/config/snort/snort.xml index b8444009..18e6ef20 100755 --- a/config/snort/snort.xml +++ b/config/snort/snort.xml @@ -45,7 +45,7 @@ </copyright> <description>Snort IDS/IPS Package</description> <name>Snort</name> - <version>3.2.7</version> + <version>3.2.8</version> <title>Services: Snort IDS</title> <include_file>/usr/local/pkg/snort/snort.inc</include_file> <menu> diff --git a/config/spamd/spamd.inc b/config/spamd/spamd.inc index a7be4587..a72d8770 100644 --- a/config/spamd/spamd.inc +++ b/config/spamd/spamd.inc @@ -284,22 +284,14 @@ function custom_php_install_command() { global $config, $g; system("touch /var/db/whitelist.txt"); system("touch /var/db/blacklist.txt"); - sync_package_spamd(); - conf_mount_rw(); exec("/usr/sbin/pw usermod _spamd -g proxy -G _spamd,proxy"); - exec("/bin/cp /usr/local/etc/spamd/spamd.conf.sample /usr/local/etc/spamd/spamd.conf"); - conf_mount_ro(); + sync_package_spamd(); } function custom_php_deinstall_command() { global $config, $g; - conf_mount_rw(); - exec("killall -9 spamd"); unlink_if_exists("/usr/local/pkg/pf/spamd_rules.php"); - unlink_if_exists("/usr/local/www/spamd_rules.php"); - unlink_if_exists("/usr/local/etc/rc.d/spamd.sh"); spamd_install_cron(false); - conf_mount_ro(); filter_configure(); } diff --git a/config/sshdcond/sshdcond.inc b/config/sshdcond/sshdcond.inc index 12af3551..c7c19291 100644 --- a/config/sshdcond/sshdcond.inc +++ b/config/sshdcond/sshdcond.inc @@ -39,29 +39,23 @@ function restart_sshd() { function sshdcond_custom_php_install_command() { global $g, $config; - conf_mount_rw(); - /* We need to generate an outfile for our extra commands. The patched g_szSSHDFileGenerate php file then reads and appends that config. */ $fd = fopen("/etc/ssh/sshd_extra", 'w'); fclose($fd); - conf_mount_ro(); } function sshdcond_custom_php_deinstall_command() { global $g, $config; - conf_mount_rw(); - /* Delete our config file. */ unlink_if_exists("/etc/ssh/sshd_extra"); /* Re-run sshd config generation script. */ restart_sshd(); - conf_mount_ro(); } function sshdcond_custom_php_write_config() { diff --git a/config/stunnel/stunnel.inc b/config/stunnel/stunnel.inc index 4398a0dc..7f3f9338 100644 --- a/config/stunnel/stunnel.inc +++ b/config/stunnel/stunnel.inc @@ -218,7 +218,6 @@ function stunnel_install() { write_rcfile($_rcfile); unlink_if_exists("/usr/local/etc/rc.d/stunnel"); - conf_mount_rw(); $fout = fopen(STUNNEL_ETCDIR . "/stunnel.conf","w"); fwrite($fout, "cert = " . STUNNEL_ETCDIR . "/stunnel.pem \n"); fwrite($fout, "chroot = /var/tmp/stunnel \n"); @@ -234,7 +233,6 @@ function stunnel_install() { } } fclose($fout); - conf_mount_ro(); } function stunnel_deinstall() { diff --git a/config/syslog-ng/syslog-ng.inc b/config/syslog-ng/syslog-ng.inc index f0c17ff1..57a94f96 100644 --- a/config/syslog-ng/syslog-ng.inc +++ b/config/syslog-ng/syslog-ng.inc @@ -52,7 +52,6 @@ function syslogng_get_real_interface_address($interface) { } function syslogng_install_command() { - conf_mount_rw(); if (is_link("/usr/local/lib/syslog-ng")) { unlink("/usr/local/lib/syslog-ng"); } @@ -60,20 +59,15 @@ function syslogng_install_command() { @symlink(SYSLOGNG_BASEDIR . "local/lib/syslog-ng", "/usr/local/lib/syslog-ng"); } syslogng_install_cron(true); - conf_mount_ro(); syslogng_resync(); } function syslogng_deinstall_command() { - conf_mount_rw(); - service_stop("syslog-ng"); - unlink_if_exists("/usr/local/etc/rc.d/syslog-ng.sh"); if (is_link("/usr/local/lib/syslog-ng")) unlink("/usr/local/lib/syslog-ng"); syslogng_install_cron(false); unlink_if_exists("/usr/local/etc/logrotate.conf"); unlink_if_exists("/usr/local/etc/syslog-ng.conf"); - conf_mount_ro(); filter_configure(); } diff --git a/config/tftp2/tftp.inc b/config/tftp2/tftp.inc index a2b7d1e3..67054619 100644 --- a/config/tftp2/tftp.inc +++ b/config/tftp2/tftp.inc @@ -45,7 +45,6 @@ function tftp_install_command() { $tftpbackup = "/root/backup/tftp.bak.tgz"; // Create the directories if required - conf_mount_rw(); safe_mkdir("{$tftpdir}", 0777); safe_mkdir("/root/backup/"); @@ -55,14 +54,11 @@ function tftp_install_command() { system("/bin/chmod -R 0744 {$tftpdir}/*"); unset($tftpbackup); } - conf_mount_ro(); } function tftp_deinstall_command() { - conf_mount_rw(); unlink_if_exists("/usr/local/etc/rc.d/tftp.sh"); unlink_if_exists("/tmp/pkg_mgr_tftp.log"); - conf_mount_ro(); } function tftp_generate_rules($type) { diff --git a/config/vhosts/vhosts.inc b/config/vhosts/vhosts.inc index cf2f97b8..7ac027b9 100644 --- a/config/vhosts/vhosts.inc +++ b/config/vhosts/vhosts.inc @@ -622,7 +622,6 @@ EOF; function vhosts_install_command() { global $config; - conf_mount_rw(); safe_mkdir("/usr/local/vhosts/"); write_rcfile(array( @@ -637,13 +636,9 @@ function vhosts_install_command() { function vhosts_deinstall_command() { - conf_mount_rw(); - stop_service("vhosts-http"); - unlink_if_exists("/usr/local/etc/rc.d/vhosts-http.sh"); exec("/bin/rm -f /usr/local/etc/rc.d/vhosts*"); exec("/bin/rm -f /var/etc/vhosts*"); exec("/bin/rm -rf /usr/local/www/packages/vhosts"); - conf_mount_ro(); } ?> diff --git a/config/vnstat2/vnstat2.inc b/config/vnstat2/vnstat2.inc index 89a8b7c2..86a95346 100644 --- a/config/vnstat2/vnstat2.inc +++ b/config/vnstat2/vnstat2.inc @@ -30,7 +30,6 @@ require_once("util.inc"); function vnstat_install_deinstall() { - conf_mount_rw(); global $config; // Remove Vnstat package and files exec("/bin/rm -d -R /usr/local/www/vnstat2"); @@ -39,7 +38,6 @@ function vnstat_install_deinstall() { exec("/bin/rm /usr/local/etc/vnstat.conf"); // Remove vnstat cron entry from config.xml vnstat2_install_cron(false); - conf_mount_ro(); } function vnstat2_install_cron($vnstat_cron_value) { diff --git a/config/zabbix-agent-lts/zabbix-agent-lts.inc b/config/zabbix-agent-lts/zabbix-agent-lts.inc index 7eb7c564..ddf04f6f 100644 --- a/config/zabbix-agent-lts/zabbix-agent-lts.inc +++ b/config/zabbix-agent-lts/zabbix-agent-lts.inc @@ -41,10 +41,6 @@ if ($pf_version == "2.1" || $pf_version == "2.2") { } function php_deinstall_zabbix_agent_lts() { - conf_mount_rw(); - - stop_service("zabbix_agentd_lts"); - unlink_if_exists(ZABBIX_AGENT_BASE . "/etc/rc.d/zabbix_agentd_lts.sh"); unlink_if_exists(ZABBIX_AGENT_BASE . "/etc/zabbix22/zabbix_agentd.conf"); unlink_if_exists("/var/log/zabbix-agent-lts/zabbix_agentd_lts.log"); unlink_if_exists("/var/run/zabbix-agent-lts/zabbix_agentd_lts.pid"); @@ -55,8 +51,6 @@ function php_deinstall_zabbix_agent_lts() { if (is_dir("/var/run/zabbix-agent-lts")) { mwexec("/bin/rm -rf /var/run/zabbix-agent-lts/"); } - - conf_mount_ro(); } function validate_input_zabbix_agent_lts($post, &$input_errors) { diff --git a/config/zabbix-proxy-lts/zabbix-proxy-lts.inc b/config/zabbix-proxy-lts/zabbix-proxy-lts.inc index f1b877b5..39ef4f2b 100644 --- a/config/zabbix-proxy-lts/zabbix-proxy-lts.inc +++ b/config/zabbix-proxy-lts/zabbix-proxy-lts.inc @@ -41,10 +41,6 @@ if ($pf_version == "2.1" || $pf_version == "2.2") { } function php_deinstall_zabbix_proxy_lts() { - conf_mount_rw(); - - stop_service("zabbix_proxy_lts"); - unlink_if_exists(ZABBIX_PROXY_BASE . "/etc/rc.d/zabbix_proxy_lts.sh"); unlink_if_exists(ZABBIX_PROXY_BASE . "/etc/zabbix22/zabbix_proxy_lts.conf"); unlink_if_exists("/var/log/zabbix-proxy-lts/zabbix_proxy_lts.log"); unlink_if_exists("/var/run/zabbix-proxy-lts/zabbix_proxy_lts.pid"); @@ -58,8 +54,6 @@ function php_deinstall_zabbix_proxy_lts() { if (is_dir("/var/db/zabbix-proxy-lts")) { mwexec("/bin/rm -rf /var/db/zabbix-proxy-lts/"); } - - conf_mount_ro(); } function validate_input_zabbix_proxy_lts($post, &$input_errors) { |