Core Update 179: Only start services if they are enabled
Commit Message
Doing so avoids situations where a service is started without being
configured to do so, thus reducing the potential for confusion and
exposure of services not intended to be exposed by the user.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
---
config/rootfiles/core/179/update.sh | 10 +++++++---
1 file changed, 7 insertions(+), 3 deletions(-)
Comments
Hello,
> On 23 Aug 2023, at 15:43, Peter Müller <peter.mueller@ipfire.org> wrote:
>
> Doing so avoids situations where a service is started without being
> configured to do so, thus reducing the potential for confusion and
> exposure of services not intended to be exposed by the user.
>
> Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
> ---
> config/rootfiles/core/179/update.sh | 10 +++++++---
> 1 file changed, 7 insertions(+), 3 deletions(-)
>
> diff --git a/config/rootfiles/core/179/update.sh b/config/rootfiles/core/179/update.sh
> index 636792d82..df89d702e 100644
> --- a/config/rootfiles/core/179/update.sh
> +++ b/config/rootfiles/core/179/update.sh
> @@ -86,9 +86,13 @@ migrate_extrahd
>
> # Start services
> /etc/init.d/udev restart
> -/etc/init.d/squid restart
> -/usr/local/bin/openvpnctrl -s
> -/usr/local/bin/openvpnctrl -sn2n
> +if [ -f /var/ipfire/proxy/enable ]; then
> + /etc/init.d/squid restart
> +fi
> +if grep -q "ENABLED=on" /var/ipfire/ovpn/settings; then
> + /usr/local/bin/openvpnctrl -s
> + /usr/local/bin/openvpnctrl -sn2n
> +fi
This is slightly incorrect, because you are checking if the RW service is running. That is not required to use a N2N connection.
I merged this patch and moved the -sn2n command back.
Best,
-Michael
>
> # This update needs a reboot...
> touch /var/run/need_reboot
> --
> 2.35.3
>
@@ -86,9 +86,13 @@ migrate_extrahd
# Start services
/etc/init.d/udev restart
-/etc/init.d/squid restart
-/usr/local/bin/openvpnctrl -s
-/usr/local/bin/openvpnctrl -sn2n
+if [ -f /var/ipfire/proxy/enable ]; then
+ /etc/init.d/squid restart
+fi
+if grep -q "ENABLED=on" /var/ipfire/ovpn/settings; then
+ /usr/local/bin/openvpnctrl -s
+ /usr/local/bin/openvpnctrl -sn2n
+fi
# This update needs a reboot...
touch /var/run/need_reboot