[v3] configroot: Create "settings" and "modify" files for ipblocklist
Commit Message
The third version of this patch conducts the necessary changes in
configroot. Previously, they took place in ipblocklist itself, which
would have caused user settings to be overwritten, should ipblocklist be
shipped in future Core Updates.
Fixes: #12917
Cc: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
---
config/rootfiles/common/configroot | 1 +
config/rootfiles/core/170/update.sh | 4 ++++
lfs/configroot | 6 +++---
3 files changed, 8 insertions(+), 3 deletions(-)
Comments
Acked-by: Stefan Schantl <stefan.schantl@ipfire.org>
Am 1. September 2022 22:30:46 schrieb Peter Müller <peter.mueller@ipfire.org>:
> The third version of this patch conducts the necessary changes in
> configroot. Previously, they took place in ipblocklist itself, which
> would have caused user settings to be overwritten, should ipblocklist be
> shipped in future Core Updates.
>
> Fixes: #12917
> Cc: Stefan Schantl <stefan.schantl@ipfire.org>
> Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
> ---
> config/rootfiles/common/configroot | 1 +
> config/rootfiles/core/170/update.sh | 4 ++++
> lfs/configroot | 6 +++---
> 3 files changed, 8 insertions(+), 3 deletions(-)
>
> diff --git a/config/rootfiles/common/configroot
> b/config/rootfiles/common/configroot
> index 088e87f5b..4d631cea5 100644
> --- a/config/rootfiles/common/configroot
> +++ b/config/rootfiles/common/configroot
> @@ -83,6 +83,7 @@ var/ipfire/location-functions.pl
> var/ipfire/ids-functions.pl
> var/ipfire/ipblocklist-functions.pl
> var/ipfire/ipblocklist
> +#var/ipfire/ipblocklist/modified
> #var/ipfire/ipblocklist/settings
> var/ipfire/isdn
> #var/ipfire/isdn/settings
> diff --git a/config/rootfiles/core/170/update.sh
> b/config/rootfiles/core/170/update.sh
> index b6b66f3f1..9d16f4a32 100644
> --- a/config/rootfiles/core/170/update.sh
> +++ b/config/rootfiles/core/170/update.sh
> @@ -164,6 +164,10 @@ ldconfig
> mkdir -pv /var/lib/ipblocklist
> chown nobody:nobody /var/lib/ipblocklist
>
> +# Create necessary files for IPBlocklist and set their ownership
> accordingly (#12917)
> +touch /var/ipfire/ipblocklist/{settings,modified}
> +chown nobody:nobody /var/ipfire/ipblocklist/{settings,modified}
> +
> # Rebuild fcrontab from scratch
> /usr/bin/fcrontab -z
>
> diff --git a/lfs/configroot b/lfs/configroot
> index 5565bd344..31b9a9463 100644
> --- a/lfs/configroot
> +++ b/lfs/configroot
> @@ -1,7 +1,7 @@
> ###############################################################################
> # #
> # IPFire.org - A linux based firewall #
> -# Copyright (C) 2007-2021 IPFire Team <info@ipfire.org>
> #
> +# Copyright (C) 2007-2022 IPFire Team <info@ipfire.org>
> #
> # #
> # This program is free software: you can redistribute it and/or modify #
> # it under the terms of the GNU General Public License as published by #
> @@ -65,8 +65,8 @@ $(TARGET) :
> captive/settings captive/agb.txt captive/clients captive/voucher_out
> certs/index.txt certs/index.txt.attr ddns/config ddns/settings ddns/ipcache
> dhcp/settings \
> dhcp/fixleases dhcp/advoptions dhcp/dhcpd.conf.local dns/settings
> dns/servers dnsforward/config ethernet/aliases ethernet/settings
> ethernet/known_nics ethernet/scanned_nics \
> ethernet/wireless extrahd/scan extrahd/devices extrahd/partitions
> extrahd/settings firewall/settings firewall/config firewall/locationblock
> firewall/input firewall/outgoing \
> - fwhosts/customnetworks fwhosts/customhosts fwhosts/customgroups
> fwhosts/customservicegrp fwhosts/customlocationgrp fwlogs/ipsettings
> fwlogs/portsettings ipblocklist/settings \
> - isdn/settings mac/settings main/hosts main/routing main/security
> main/settings optionsfw/settings \
> + fwhosts/customnetworks fwhosts/customhosts fwhosts/customgroups
> fwhosts/customservicegrp fwhosts/customlocationgrp fwlogs/ipsettings
> fwlogs/portsettings ipblocklist/modified \
> + ipblocklist/settings isdn/settings mac/settings main/hosts
> main/routing main/security main/settings optionsfw/settings \
> ovpn/ccd.conf ovpn/ccdroute ovpn/ccdroute2 pakfire/settings
> portfw/config ppp/settings-1 ppp/settings-2 ppp/settings-3 ppp/settings-4 \
> ppp/settings-5 ppp/settings proxy/settings proxy/squid.conf
> proxy/advanced/settings proxy/advanced/cre/enable remote/settings
> qos/settings qos/classes qos/subclasses qos/level7config qos/portconfig \
> qos/tosconfig suricata/settings vpn/config vpn/settings vpn/ipsec.conf \
> --
> 2.35.3
@@ -83,6 +83,7 @@ var/ipfire/location-functions.pl
var/ipfire/ids-functions.pl
var/ipfire/ipblocklist-functions.pl
var/ipfire/ipblocklist
+#var/ipfire/ipblocklist/modified
#var/ipfire/ipblocklist/settings
var/ipfire/isdn
#var/ipfire/isdn/settings
@@ -164,6 +164,10 @@ ldconfig
mkdir -pv /var/lib/ipblocklist
chown nobody:nobody /var/lib/ipblocklist
+# Create necessary files for IPBlocklist and set their ownership accordingly (#12917)
+touch /var/ipfire/ipblocklist/{settings,modified}
+chown nobody:nobody /var/ipfire/ipblocklist/{settings,modified}
+
# Rebuild fcrontab from scratch
/usr/bin/fcrontab -z
@@ -1,7 +1,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2021 IPFire Team <info@ipfire.org> #
+# Copyright (C) 2007-2022 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -65,8 +65,8 @@ $(TARGET) :
captive/settings captive/agb.txt captive/clients captive/voucher_out certs/index.txt certs/index.txt.attr ddns/config ddns/settings ddns/ipcache dhcp/settings \
dhcp/fixleases dhcp/advoptions dhcp/dhcpd.conf.local dns/settings dns/servers dnsforward/config ethernet/aliases ethernet/settings ethernet/known_nics ethernet/scanned_nics \
ethernet/wireless extrahd/scan extrahd/devices extrahd/partitions extrahd/settings firewall/settings firewall/config firewall/locationblock firewall/input firewall/outgoing \
- fwhosts/customnetworks fwhosts/customhosts fwhosts/customgroups fwhosts/customservicegrp fwhosts/customlocationgrp fwlogs/ipsettings fwlogs/portsettings ipblocklist/settings \
- isdn/settings mac/settings main/hosts main/routing main/security main/settings optionsfw/settings \
+ fwhosts/customnetworks fwhosts/customhosts fwhosts/customgroups fwhosts/customservicegrp fwhosts/customlocationgrp fwlogs/ipsettings fwlogs/portsettings ipblocklist/modified \
+ ipblocklist/settings isdn/settings mac/settings main/hosts main/routing main/security main/settings optionsfw/settings \
ovpn/ccd.conf ovpn/ccdroute ovpn/ccdroute2 pakfire/settings portfw/config ppp/settings-1 ppp/settings-2 ppp/settings-3 ppp/settings-4 \
ppp/settings-5 ppp/settings proxy/settings proxy/squid.conf proxy/advanced/settings proxy/advanced/cre/enable remote/settings qos/settings qos/classes qos/subclasses qos/level7config qos/portconfig \
qos/tosconfig suricata/settings vpn/config vpn/settings vpn/ipsec.conf \