onkelbeh/fwbuilder
1
0
Fork 0
mirror of https://github.com/fwbuilder/fwbuilder synced 2026-03-25 12:47:44 +01:00
Code Issues Releases Wiki Activity

see #2129

Browse Source 
deprecate "test install" function. We have decided to deprecate test install because it is rather heavy-handed on Linux and PIX where it reboots the firewall and plain does not work on *BSD.
This commit is contained in:
Vadim Kurland 2011-02-22 15:12:26 -08:00
parent e84751e95c
commit 7bf0f8a4f4
28 changed files with 76 additions and 496 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
doc/ChangeLog
View File

@ -1,3 +1,10 @@
2011-02-22 Vadim Kurland <vadim@netcitadel.com>
* instOptionsDialog.cpp (instOptionsDialog): fixes #2129
'deprecate "test install" function'. We have decided to deprecate
test install because it is rather heavy-handed on Linux and PIX
where it reboots the firewall and plain does not work on *BSD.
2011-02-21 vadim <vadim@netcitadel.com>
* PolicyCompiler_ipt.cpp (processNext): fixes #2008 "option

46
src/libgui/FirewallInstaller.cpp
View File

@ -708,10 +708,15 @@ QString FirewallInstaller::getActivationCmd()
Configlet configlet(host_os, os_family, configlet_name);
configlet.removeComments();
configlet.collapseEmptyStrings(true);
configlet.setVariable("test", cnf->testRun);
configlet.setVariable("run", ! cnf->testRun);
configlet.setVariable("with_rollback", cnf->rollback);
configlet.setVariable("no_rollback", ! cnf->rollback);
// test run and rollback were deprecated in 4.2.0. On Linux, BSD
// and PIX rollback was implemented by rebooting firewall which is
// too heavy-handed and it did not work on BSD at all.
configlet.setVariable("test", false);
configlet.setVariable("run", true);
configlet.setVariable("with_rollback", false);
configlet.setVariable("no_rollback", true);
configlet.setVariable("with_compression", cnf->compressScript);
configlet.setVariable("no_compression", ! cnf->compressScript);
@ -763,50 +768,21 @@ void FirewallInstaller::replaceMacrosInCommand(Configlet *conf)
conf->setVariable("fwbprompt", fwb_prompt);
conf->setVariable("fwdir", cnf->fwdir);
conf->setVariable("fwscript", fwbscript);
conf->setVariable("rbtimeout", cnf->rollbackTime);
conf->setVariable("rbtimeout_sec", cnf->rollbackTime * 60);
}
/*
* Takes destination directory defined in the configlet (or XML
* resource file) and substitutes {{$fwbdir}} macro with
* @fwdir. Returned directory path always ends with separator ("/")
*
* Main purpose of this method is to get the right directory depending
* on the setting of the "test install" option. In case of test
* install we copy all files into a different directory and run them
* from there. The directory is defined in the resource (or configlet)
* file.
* Returned directory path always ends with separator ("/")
*/
QString FirewallInstaller::getDestinationDir(const QString &fwdir)
{
QString dir = "";
if (cnf->testRun)
{
string optpath = "activation/fwdir_test/";
dir = Resources::getTargetOptionStr(cnf->fwobj->getStr("host_OS"),
optpath).c_str();
// need to trim dir because it picks up '\n' and possibly spaces
// from XML element body text formatting
dir = dir.trimmed();
}
QString dir = fwdir;
if (fwbdebug)
qDebug() << "FirewallInstaller::getDestinationDir: "
<< "destination directory=" << dir
<< "cnf->fwdir=" << cnf->fwdir;
// dir can contain macro %FWDIR% which should be replaced with cnf->fwdir
// empty dir is equivalent to just the value of cnf->fwdir
if (!dir.isEmpty())
dir.replace("{{$fwdir}}", fwdir);
else
dir = fwdir;
if (!dir.endsWith(QDir::separator())) return dir + "/";
return dir;
}

23
src/libgui/FirewallInstallerCisco.cpp
View File

@ -212,10 +212,15 @@ void FirewallInstallerCisco::activatePolicy(const QString&, const QString&)
Configlet pre_config(host_os, os_family, "installer_commands_pre_config");
pre_config.removeComments();
pre_config.setVariable("test", cnf->testRun);
pre_config.setVariable("run", ! cnf->testRun);
pre_config.setVariable("schedule_rollback", cnf->rollback);
pre_config.setVariable("cancel_rollback", cnf->cancelRollbackIfSuccess);
// test run and rollback were deprecated in 4.2.0. On Linux, BSD
// and PIX rollback was implemented by rebooting firewall which is
// too heavy-handed and it did not work on BSD at all.
pre_config.setVariable("test", false);
pre_config.setVariable("run", true);
pre_config.setVariable("schedule_rollback", false);
pre_config.setVariable("cancel_rollback", false);
pre_config.setVariable("save_standby", cnf->saveStandby);
pre_config.setVariable("version_lt_124", version_lt_124);
pre_config.setVariable("version_ge_124", version_ge_124);
@ -224,10 +229,12 @@ void FirewallInstallerCisco::activatePolicy(const QString&, const QString&)
Configlet post_config(host_os, os_family, "installer_commands_post_config");
post_config.removeComments();
post_config.setVariable("test", cnf->testRun);
post_config.setVariable("run", ! cnf->testRun);
post_config.setVariable("schedule_rollback", cnf->rollback);
post_config.setVariable("cancel_rollback", cnf->cancelRollbackIfSuccess);
post_config.setVariable("test", false);
post_config.setVariable("run", true);
post_config.setVariable("schedule_rollback", false);
post_config.setVariable("cancel_rollback", false);
post_config.setVariable("save_standby", cnf->saveStandby);
post_config.setVariable("version_lt_124", version_lt_124);
post_config.setVariable("version_ge_124", version_ge_124);

23
src/libgui/FirewallInstallerProcurve.cpp
View File

@ -182,20 +182,27 @@ void FirewallInstallerProcurve::activatePolicy(const QString&, const QString&)
Configlet pre_config(host_os, os_family, "installer_commands_pre_config");
pre_config.removeComments();
pre_config.setVariable("test", cnf->testRun);
pre_config.setVariable("run", ! cnf->testRun);
pre_config.setVariable("schedule_rollback", cnf->rollback);
pre_config.setVariable("cancel_rollback", cnf->cancelRollbackIfSuccess);
// test run and rollback were deprecated in 4.2.0. On Linux, BSD
// and PIX rollback was implemented by rebooting firewall which is
// too heavy-handed and it did not work on BSD at all.
pre_config.setVariable("test", false);
pre_config.setVariable("run", true);
pre_config.setVariable("schedule_rollback", false);
pre_config.setVariable("cancel_rollback", false);
pre_config.setVariable("save_standby", cnf->saveStandby);
replaceMacrosInCommand(&pre_config);
Configlet post_config(host_os, os_family, "installer_commands_post_config");
post_config.removeComments();
post_config.setVariable("test", cnf->testRun);
post_config.setVariable("run", ! cnf->testRun);
post_config.setVariable("schedule_rollback", cnf->rollback);
post_config.setVariable("cancel_rollback", cnf->cancelRollbackIfSuccess);
post_config.setVariable("test", false);
post_config.setVariable("run", true);
post_config.setVariable("schedule_rollback", false);
post_config.setVariable("cancel_rollback", false);
post_config.setVariable("save_standby", cnf->saveStandby);
replaceMacrosInCommand(&post_config);

2
src/libgui/SSHSession.cpp
View File

@ -101,7 +101,6 @@ SSHSession::SSHSession(QWidget *_par,
backup=false;
incremental=false;
dry_run=false;
testRun=false;
stripComments = false;
wdir="";
script="";
@ -239,7 +238,6 @@ void SSHSession::setOptions(instConf *cnf)
//setIncr(cnf->incremental);
setDryRun(cnf->dry_run);
setSaveStandby(cnf->saveStandby);
setTestRun(cnf->testRun);
setStripComments(cnf->stripComments);
setWDir(cnf->wdir);
setScript(cnf->script);

2
src/libgui/SSHSession.h
View File

@ -108,7 +108,6 @@ class SSHSession : public QObject {
bool dry_run;
bool saveStandby;
bool stripComments;
bool testRun;
QString wdir;
QString script;
QString backupFile;
@ -191,7 +190,6 @@ public:
void setIncr(bool f) { incremental=f; }
void setDryRun(bool f) { dry_run=f; }
void setSaveStandby(bool f) { saveStandby=f; }
void setTestRun(bool f) { testRun=f; }
void setStripComments(bool f) { stripComments=f; }
void setWDir(const QString &wd) { wdir=wd; }
void setScript(const QString &cf) { script=cf; }

14
src/libgui/instConf.cpp
View File

@ -53,17 +53,11 @@ instConf::instConf()
QString instConf::getCmdFromResource(const QString &resource_name)
{
if (fwbdebug)
qDebug() << QString("instConf::getCmdFromResource testRun=%1 resource_name=%2")
.arg(testRun).arg(resource_name);
qDebug() << QString("instConf::getCmdFromResource resource_name=%1")
.arg(resource_name);
string optpath_root = "activation/reg_user/";
string optpath;
if (testRun)
optpath_root = optpath_root + "test";
else
optpath_root = optpath_root + "run";
optpath = optpath_root + "/" + resource_name.toAscii().constData();
string optpath_root = "activation/reg_user/run/";
string optpath = optpath_root + resource_name.toStdString();
QString cmd = Resources::getTargetOptionStr(fwobj->getStr("host_OS"),
optpath).c_str();
cmd = cmd.trimmed();

5
src/libgui/instConf.h
View File

@ -48,9 +48,6 @@ class instConf {
bool stripComments;
bool compressScript;
bool copyFWB;
bool testRun;
bool rollback;
bool cancelRollbackIfSuccess;
bool saveStandby;
bool batchInstall;
bool useSCPForRouter; // use scp for cisco ios, pix and hp procurve
@ -67,8 +64,6 @@ class instConf {
QString sshArgs;
QString scpArgs;
QString fwdir;
int rollbackTime;
QString rollbackTimeUnit;
libfwbuilder::Firewall *fwobj;

4
src/libgui/instDialog.cpp
View File

@ -611,10 +611,6 @@ int instDialog::findFilesToInspect(QStringList &files)
return files.size();
}
void instDialog::testRunRequested()
{
}
struct CaseInsensitiveComparison :
public std::binary_function<libfwbuilder::FWObject*, libfwbuilder::FWObject*, bool>
{

2
src/libgui/instDialog.h
View File

@ -245,8 +245,6 @@ public slots:
void finishClicked();
void cancelClicked();
void testRunRequested();
void addToLog(const QString &buf);
void updateProgressBar(int n,bool setsize);

22
src/libgui/instDialog_ui_ops.cpp
View File

@ -475,17 +475,9 @@ void instDialog::storeInstallerOptions()
st->setValue(SETTINGS_PATH_PREFIX"/Installer/dryrun" ,cnf.dry_run);
st->setValue(SETTINGS_PATH_PREFIX"/Installer/quiet", cnf.quiet);
st->setValue(SETTINGS_PATH_PREFIX"/Installer/verbose", cnf.verbose);
st->setValue(SETTINGS_PATH_PREFIX"/Installer/stripComments",
cnf.stripComments);
st->setValue(SETTINGS_PATH_PREFIX"/Installer/compressScript",
cnf.compressScript);
st->setValue(SETTINGS_PATH_PREFIX"/Installer/stripComments", cnf.stripComments);
st->setValue(SETTINGS_PATH_PREFIX"/Installer/compressScript", cnf.compressScript);
st->setValue(SETTINGS_PATH_PREFIX"/Installer/copyFWB", cnf.copyFWB);
st->setValue(SETTINGS_PATH_PREFIX"/Installer/testRun", cnf.testRun);
st->setValue(SETTINGS_PATH_PREFIX"/Installer/rollback", cnf.rollback);
st->setValue(SETTINGS_PATH_PREFIX"/Installer/rollbackTime",
cnf.rollbackTime);
st->setValue(SETTINGS_PATH_PREFIX"/Installer/canceRollbackIfSuccess",
cnf.cancelRollbackIfSuccess);
}
void instDialog::summary()
@ -1146,11 +1138,6 @@ void instDialog::readInstallerOptionsFromSettings()
cnf.stripComments = st->value(SETTINGS_PATH_PREFIX"/Installer/stripComments").toBool();
cnf.compressScript = st->value(SETTINGS_PATH_PREFIX"/Installer/compressScript").toBool();
cnf.copyFWB = st->value(SETTINGS_PATH_PREFIX"/Installer/copyFWB").toBool();
cnf.testRun = st->value(SETTINGS_PATH_PREFIX"/Installer/testRun").toBool();
cnf.rollback = st->value(SETTINGS_PATH_PREFIX"/Installer/rollback").toBool();
cnf.rollbackTime = st->value(SETTINGS_PATH_PREFIX"/Installer/rollbackTime").toInt();
cnf.cancelRollbackIfSuccess =
st->value(SETTINGS_PATH_PREFIX"/Installer/canceRollbackIfSuccess").toBool();
}
void instDialog::readInstallerOptionsFromFirewallObject(Firewall *fw)
@ -1327,11 +1314,6 @@ void instDialog::readInstallerOptionsFromDialog(Firewall *fw,
cnf.stripComments = dlg->m_dialog->stripComments->isChecked();
cnf.compressScript= dlg->m_dialog->compressScript->isChecked();
cnf.copyFWB = dlg->m_dialog->copyFWB->isChecked();
cnf.testRun = dlg->m_dialog->testRun->isChecked();
cnf.rollback = dlg->m_dialog->rollback->isChecked();
cnf.rollbackTime = dlg->m_dialog->rollbackTime->value();
cnf.cancelRollbackIfSuccess =
dlg->m_dialog->cancelRollbackIfSuccess->isChecked();
dlg->savePassword();
storeInstallerOptions();

41
src/libgui/instOptionsDialog.cpp
View File

@ -103,10 +103,6 @@ instOptionsDialog::instOptionsDialog(QWidget *parent, instConf *_cnf, bool cance
m_dialog->stripComments->setChecked( cnf->stripComments );
m_dialog->compressScript->setChecked( cnf->compressScript );
m_dialog->copyFWB->setChecked( cnf->copyFWB );
m_dialog->testRun->setChecked( cnf->testRun );
m_dialog->rollback->setChecked( cnf->rollback );
m_dialog->rollbackTime->setValue( cnf->rollbackTime );
m_dialog->cancelRollbackIfSuccess->setChecked( cnf->cancelRollbackIfSuccess );
// If we have user name, bring focus to the password input field
// if we do not have user name, focus goes to the user name field
@ -117,10 +113,6 @@ instOptionsDialog::instOptionsDialog(QWidget *parent, instConf *_cnf, bool cance
if (cnf->batchInstall)
{
//m_dialog->copyFWB->hide();
m_dialog->rollback->hide();
m_dialog->rollbackTime->hide();
m_dialog->rollbackTimeUnit->hide();
m_dialog->cancelRollbackIfSuccess->hide();
m_dialog->PIXgroupBox->hide();
m_dialog->backupConfigFile->hide();
m_dialog->backupConfigFileLbl->hide();
@ -141,36 +133,14 @@ instOptionsDialog::instOptionsDialog(QWidget *parent, instConf *_cnf, bool cance
platform=="procurve_acl" )
{
m_dialog->copyFWB->hide();
if (platform == "iosacl")
{
if (XMLTools::version_compare(version, "12.4") >= 0)
{
m_dialog->rollback->setText("Schedule roll back using EEM in ");
m_dialog->cancelRollbackIfSuccess->setText(
"Cancel rollback if policy activation was successfull");
} else
{
m_dialog->rollback->setText("Schedule reboot in ");
m_dialog->cancelRollbackIfSuccess->setText(
"Cancel reboot if policy activation was successfull");
}
}
m_dialog->PIXgroupBox->hide();
} else
{
m_dialog->rollback->setText("Schedule reboot in ");
m_dialog->cancelRollbackIfSuccess->setText(
"Cancel reboot if policy activation was successfull");
m_dialog->epwd->hide();
m_dialog->epwdLbl->hide();
m_dialog->PIXgroupBox->hide();
m_dialog->test->hide(); // dry run option
// cancelling rollback at the end of activation is currently
// only supported on pix,fwsm and ios
m_dialog->cancelRollbackIfSuccess->hide();
}
}
@ -183,7 +153,6 @@ instOptionsDialog::instOptionsDialog(QWidget *parent, instConf *_cnf, bool cance
m_dialog->PIXgroupBox->adjustSize();
m_dialog->generalOptionsBox->adjustSize();
m_dialog->testOptionsBox->adjustSize();
m_dialog->mainBox->adjustSize();
adjustSize();
@ -207,8 +176,6 @@ instOptionsDialog::instOptionsDialog(QWidget *parent, instConf *_cnf, bool cance
.arg(bfr.top()).arg(bfr.bottom());
}
testModeToggled();
//resize( minimumSizeHint() );
//adjustSize();
@ -250,11 +217,3 @@ void instOptionsDialog::cancelAll()
this->done(-1);
}
void instOptionsDialog::testModeToggled()
{
m_dialog->rollback->setEnabled(m_dialog->testRun->isChecked());
m_dialog->rollbackTime->setEnabled(m_dialog->testRun->isChecked());
if ( ! m_dialog->testRun->isChecked()) m_dialog->rollback->setChecked(false);
}

8
src/libgui/instOptionsDialog.h
View File

@ -34,12 +34,13 @@ class instConf;
class instOptionsDialog : public QDialog
{
Q_OBJECT
private:
Q_OBJECT;
private:
int delta_y;
instConf *cnf;
public:
public:
instOptionsDialog(QWidget *parent, instConf *_cnf, bool cancelAllVisible = true);
~instOptionsDialog();
@ -53,7 +54,6 @@ class instOptionsDialog : public QDialog
public slots:
void cancelAll();
void testModeToggled();
};
#endif

128
src/libgui/instoptionsdialog_q.ui
View File

@ -6,8 +6,8 @@
<rect>
<x>0</x>
<y>0</y>
<width>616</width>
<height>754</height>
<width>626</width>
<height>676</height>
</rect>
</property>
<property name="sizePolicy">
@ -336,110 +336,6 @@ the firewall in the &quot;advanced&quot; settings dialog of the firewall object.
</widget>
</item>
<item row="4" column="0" colspan="2">
<widget class="QFrame" name="testOptionsBox">
<property name="sizePolicy">
<sizepolicy hsizetype="Preferred" vsizetype="Fixed">
<horstretch>0</horstretch>
<verstretch>0</verstretch>
</sizepolicy>
</property>
<property name="frameShape">
<enum>QFrame::NoFrame</enum>
</property>
<property name="frameShadow">
<enum>QFrame::Plain</enum>
</property>
<layout class="QGridLayout">
<item row="2" column="2">
<widget class="QLabel" name="rollbackTimeUnit">
<property name="text">
<string>min</string>
</property>
<property name="wordWrap">
<bool>false</bool>
</property>
</widget>
</item>
<item row="2" column="1">
<widget class="QSpinBox" name="rollbackTime">
<property name="maximum">
<number>99999</number>
</property>
</widget>
</item>
<item row="2" column="3" colspan="2">
<spacer>
<property name="orientation">
<enum>Qt::Vertical</enum>
</property>
<property name="sizeType">
<enum>QSizePolicy::Expanding</enum>
</property>
<property name="sizeHint" stdset="0">
<size>
<width>140</width>
<height>20</height>
</size>
</property>
</spacer>
</item>
<item row="1" column="0" colspan="4">
<widget class="QCheckBox" name="testRun">
<property name="text">
<string>Test run: run the script on the firewall but do not store it permanently.</string>
</property>
</widget>
</item>
<item row="1" column="4">
<spacer>
<property name="orientation">
<enum>Qt::Vertical</enum>
</property>
<property name="sizeType">
<enum>QSizePolicy::Expanding</enum>
</property>
<property name="sizeHint" stdset="0">
<size>
<width>30</width>
<height>20</height>
</size>
</property>
</spacer>
</item>
<item row="2" column="0">
<widget class="QCheckBox" name="rollback">
<property name="toolTip">
<string>Rebooting the firewall will restore its original policy. To cancel reboot, install the policy with &quot;test run&quot; option turned off</string>
</property>
<property name="text">
<string>Schedule reboot in </string>
</property>
</widget>
</item>
<item row="0" column="0" colspan="5">
<widget class="QLabel" name="textLabel1">
<property name="text">
<string>If you install the policy in test mode, it will not be saved permanently, so you can revert to the last working configuration by rebooting the firewall</string>
</property>
<property name="alignment">
<set>Qt::AlignVCenter</set>
</property>
<property name="wordWrap">
<bool>true</bool>
</property>
</widget>
</item>
<item row="3" column="0" colspan="5">
<widget class="QCheckBox" name="cancelRollbackIfSuccess">
<property name="text">
<string>Cancel reboot if policy activation was successfull</string>
</property>
</widget>
</item>
</layout>
</widget>
</item>
<item row="5" column="0" colspan="2">
<spacer name="verticalSpacer">
<property name="orientation">
<enum>Qt::Vertical</enum>
@ -531,10 +427,6 @@ the firewall in the &quot;advanced&quot; settings dialog of the firewall object.
<tabstop>stripComments</tabstop>
<tabstop>compressScript</tabstop>
<tabstop>copyFWB</tabstop>
<tabstop>testRun</tabstop>
<tabstop>rollback</tabstop>
<tabstop>rollbackTime</tabstop>
<tabstop>cancelRollbackIfSuccess</tabstop>
<tabstop>okButton</tabstop>
<tabstop>cancelButton</tabstop>
</tabstops>
@ -588,22 +480,6 @@ the firewall in the &quot;advanced&quot; settings dialog of the firewall object.
</hint>
</hints>
</connection>
<connection>
<sender>testRun</sender>
<signal>toggled(bool)</signal>
<receiver>instOptionsDialog_q</receiver>
<slot>testModeToggled()</slot>
<hints>
<hint type="sourcelabel">
<x>255</x>
<y>567</y>
</hint>
<hint type="destinationlabel">
<x>307</x>
<y>376</y>
</hint>
</hints>
</connection>
</connections>
<slots>
<slot>cancelAll()</slot>

23
src/res/configlets/dd-wrt-jffs/installer_commands_root
View File

@ -23,27 +23,6 @@ chmod +x {{$fwdir}}/{{$fwscript}};
/usr/sbin/nvram unset rc_firewall;
/usr/sbin/nvram set rc_firewall="{{$fwdir}}/{{$fwscript}}";
/usr/sbin/nvram commit;
sh {{$fwdir}}/{{$fwscript}} && ( test -f /var/run/shutdown.pid && shutdown -c; echo 'Policy activated' )
sh {{$fwdir}}/{{$fwscript}} && echo 'Policy activated'
{{endif}}
{{if test}}
## sudo -b runs process in the background. Useful, even if this is executed as root
{{if with_rollback}}
echo '{{$fwbprompt}}';
cp /tmp/crontab /tmp/crontab.o;
echo '* * * * * root cat /tmp/crontab.o > /tmp/crontab; reboot -d{{$rbtimeout_sec}}' >> /tmp/crontab;
chmod +x /tmp/{{$fwscript}};
sh /tmp/{{$fwscript}} && echo 'Policy activated'
{{endif}}
{{if no_rollback}}
echo '{{$fwbprompt}}';
chmod +x /tmp/{{$fwscript}};
sh /tmp/{{$fwscript}} && echo 'Policy activated'
{{endif}}
{{endif}}

21
src/res/configlets/dd-wrt-nvram/installer_commands_root
View File

@ -40,7 +40,7 @@ echo "Saving data to flash memory";
echo "Flash memory:";
/usr/sbin/nvram show >/dev/null;
echo "Activating policy";
/usr/sbin/nvram get fwb|uudecode|gzip -dc|sh && (killall reboot;echo 'Policy activated')
/usr/sbin/nvram get fwb|uudecode|gzip -dc|sh && echo 'Policy activated'
{{endif}}
{{if no_compression}}
@ -55,27 +55,10 @@ echo "Saving data to flash memory";
echo "Flash memory:";
/usr/sbin/nvram show >/dev/null;
echo "Activating policy";
/usr/sbin/nvram get fwb|sh && (killall reboot; echo 'Policy activated')
/usr/sbin/nvram get fwb|sh && echo 'Policy activated'
{{endif}}
{{endif}}
{{if test}}
{{if with_rollback}}
echo '{{$fwbprompt}}';
cp /tmp/crontab /tmp/crontab.o;
echo '* * * * * root cat /tmp/crontab.o > /tmp/crontab; reboot -d{{$rbtimeout_sec}}' >> /tmp/crontab;
sh /tmp/{{$fwscript}} && echo 'Policy activated'
{{endif}}
{{if no_rollback}}
echo '{{$fwbprompt}}'; sh /tmp/{{$fwscript}} && echo 'Policy activated'
{{endif}}
{{endif}}

10
src/res/configlets/freebsd/installer_commands_reg_user
View File

@ -29,13 +29,5 @@
## race condition which breaks installation process.
{{if run}} echo '{{$fwbprompt}}'; chmod +x {{$fwdir}}/{{$fwscript}}; sudo -S {{$fwdir}}/{{$fwscript}} && ( sudo -S pkill shutdown; echo 'Policy activated'; sleep 2; echo) {{endif}}
{{if test}}
{{if with_rollback}} echo '{{$fwbprompt}}'; chmod +x {{$fwdir}}/tmp/{{$fwscript}}; sudo -S /sbin/shutdown -r +{{$rbtimeout}}; sudo -S {{$fwdir}}/tmp/{{$fwscript}} && (echo 'Policy activated'; sleep 2; echo) {{endif}}
{{if no_rollback}} echo '{{$fwbprompt}}'; chmod +x {{$fwdir}}/tmp/{{$fwscript}}; sudo -S {{$fwdir}}/tmp/{{$fwscript}} && (echo 'Policy activated'; sleep 2; echo) {{endif}}
{{endif}}
echo '{{$fwbprompt}}'; chmod +x {{$fwdir}}/{{$fwscript}}; sudo -S {{$fwdir}}/{{$fwscript}} && ( echo 'Policy activated'; sleep 2; echo)

23
src/res/configlets/freebsd/installer_commands_root
View File

@ -25,28 +25,7 @@
## See #1368 for the explanation of the need for the "sleep2; echo" commands
{{if run}}
echo '{{$fwbprompt}}';
chmod +x {{$fwdir}}/{{$fwscript}};
sh {{$fwdir}}/{{$fwscript}} && ( pkill shutdown; echo 'Policy activated'; sleep 2; echo)
{{endif}}
{{if test}}
{{if with_rollback}}
echo '{{$fwbprompt}}';
/sbin/shutdown -r +{{$rbtimeout}}
chmod +x {{$fwdir}}/{{$fwscript}};
sh {{$fwdir}}/tmp/{{$fwscript}} && ( echo 'Policy activated'; sleep 2; echo )
{{endif}}
{{if no_rollback}}
echo '{{$fwbprompt}}';
chmod +x {{$fwdir}}/{{$fwscript}};
sh {{$fwdir}}/tmp/{{$fwscript}} && ( echo 'Policy activated'; sleep 2; echo )
{{endif}}
{{endif}}
sh {{$fwdir}}/{{$fwscript}} && ( echo 'Policy activated'; sleep 2; echo)

10
src/res/configlets/linux24/installer_commands_reg_user
View File

@ -20,13 +20,5 @@
## on the input of sudo and other commands. This creates difficult to catch
## race condition which breaks installation process.
{{if run}} echo '{{$fwbprompt}}'; chmod +x {{$fwdir}}/{{$fwscript}}; sudo -S {{$fwdir}}/{{$fwscript}} && ( test -f /var/run/shutdown.pid && sudo -S shutdown -c; echo 'Policy activated' ) {{endif}}
{{if test}}
{{if with_rollback}} echo '{{$fwbprompt}}'; sudo -S -b /sbin/shutdown -r +{{$rbtimeout}} chmod +x {{$fwdir}}/tmp/{{$fwscript}}; sudo -S {{$fwdir}}/tmp/{{$fwscript}} && echo 'Policy activated' {{endif}}
{{if no_rollback}} echo '{{$fwbprompt}}'; chmod +x {{$fwdir}}/tmp/{{$fwscript}}; sudo -S {{$fwdir}}/tmp/{{$fwscript}} && echo 'Policy activated' {{endif}}
{{endif}}
echo '{{$fwbprompt}}'; chmod +x {{$fwdir}}/{{$fwscript}}; sudo -S {{$fwdir}}/{{$fwscript}} && echo 'Policy activated'

13
src/res/configlets/linux24/installer_commands_root
View File

@ -20,17 +20,6 @@
{{if run}}
echo '{{$fwbprompt}}';
chmod +x {{$fwdir}}/{{$fwscript}};
sh {{$fwdir}}/{{$fwscript}} && ( test -f /var/run/shutdown.pid && shutdown -c; echo 'Policy activated' )
sh {{$fwdir}}/{{$fwscript}} && echo 'Policy activated'
{{endif}}
{{if test}}
## sudo -b runs process in the background. Useful, even if this is executed as root
{{if with_rollback}} echo '{{$fwbprompt}}'; sudo -S -b /sbin/shutdown -r +{{$rbtimeout}} chmod +x {{$fwdir}}/tmp/{{$fwscript}}; sh {{$fwdir}}/tmp/{{$fwscript}} && echo 'Policy activated' {{endif}}
{{if no_rollback}} echo '{{$fwbprompt}}'; chmod +x {{$fwdir}}/tmp/{{$fwscript}}; sh {{$fwdir}}/tmp/{{$fwscript}} && echo 'Policy activated' {{endif}}
{{endif}}

12
src/res/configlets/macosx/installer_commands_reg_user
View File

@ -28,15 +28,5 @@
## race condition which breaks installation process.
{{if run}} echo '{{$fwbprompt}}'; chmod +x {{$fwdir}}/{{$fwscript}}; sudo -S {{$fwdir}}/{{$fwscript}} && (ps ax|awk '/shutdown/ && !/awk/ {printf "sudo -S kill %d\n",$1;}'|sh; echo 'Policy activated') {{endif}}
{{if test}}
{{if with_rollback}} echo '{{$fwbprompt}}'; chmod +x {{$fwdir}}/tmp/{{$fwscript}}; sudo -S /sbin/shutdown -r +{{$rbtimeout}}; sudo -S {{$fwdir}}/tmp/{{$fwscript}} && echo 'Policy activated' {{endif}}
{{if no_rollback}} echo '{{$fwbprompt}}'; chmod +x {{$fwdir}}/tmp/{{$fwscript}}; sudo -S {{$fwdir}}/tmp/{{$fwscript}} && echo 'Policy activated' {{endif}}
{{endif}}
echo '{{$fwbprompt}}'; chmod +x {{$fwdir}}/{{$fwscript}}; sudo -S {{$fwdir}}/{{$fwscript}} && echo 'Policy activated'

21
src/res/configlets/macosx/installer_commands_root
View File

@ -26,25 +26,6 @@
{{if run}}
echo '{{$fwbprompt}}';
chmod +x {{$fwdir}}/{{$fwscript}};
sh {{$fwdir}}/{{$fwscript}} && (ps ax|awk '/shutdown/ && \!/awk/ {printf "kill %d\n",$1;}'|sh; echo 'Policy activated')
sh {{$fwdir}}/{{$fwscript}} && echo 'Policy activated'
{{endif}}
{{if test}}
{{if with_rollback}}
echo '{{$fwbprompt}}';
/sbin/shutdown -r +{{$rbtimeout}}
chmod +x {{$fwdir}}/{{$fwscript}};
sh {{$fwdir}}/tmp/{{$fwscript}} && echo 'Policy activated'
{{endif}}
{{if no_rollback}}
echo '{{$fwbprompt}}';
chmod +x {{$fwdir}}/{{$fwscript}};
sh {{$fwdir}}/tmp/{{$fwscript}} && echo 'Policy activated'
{{endif}}
{{endif}}

10
src/res/configlets/openbsd/installer_commands_reg_user
View File

@ -30,13 +30,5 @@
## on the input of sudo and other commands. This creates difficult to catch
## race condition which breaks installation process.
{{if run}} echo '{{$fwbprompt}}'; chmod +x {{$fwdir}}/{{$fwscript}}; sudo -S {{$fwdir}}/{{$fwscript}} && (sudo -S pkill shutdown; echo 'Policy activated'; sleep 2; echo) {{endif}}
{{if test}}
{{if with_rollback}} echo '{{$fwbprompt}}'; chmod +x {{$fwdir}}/tmp/{{$fwscript}}; sudo -S /sbin/shutdown -r +{{$rbtimeout}}; sudo -S {{$fwdir}}/tmp/{{$fwscript}} && (echo 'Policy activated'; sleep 2; echo) {{endif}}
{{if no_rollback}} echo '{{$fwbprompt}}'; chmod +x {{$fwdir}}/tmp/{{$fwscript}}; sudo -S {{$fwdir}}/tmp/{{$fwscript}} && (echo 'Policy activated'; sleep 2; echo) {{endif}}
{{endif}}
echo '{{$fwbprompt}}'; chmod +x {{$fwdir}}/{{$fwscript}}; sudo -S {{$fwdir}}/{{$fwscript}} && (echo 'Policy activated'; sleep 2; echo)

23
src/res/configlets/openbsd/installer_commands_root
View File

@ -25,28 +25,7 @@
## See #1368 for the explanation of the need for the "sleep2; echo" commands
{{if run}}
echo '{{$fwbprompt}}';
chmod +x {{$fwdir}}/{{$fwscript}};
sh {{$fwdir}}/{{$fwscript}} && ( pkill shutdown; echo 'Policy activated'; sleep 2; echo )
{{endif}}
{{if test}}
{{if with_rollback}}
echo '{{$fwbprompt}}';
/sbin/shutdown -r +{{$rbtimeout}}
chmod +x {{$fwdir}}/tmp/{{$fwscript}};
sh {{$fwdir}}/tmp/{{$fwscript}} && (echo 'Policy activated'; sleep 2; echo )
{{endif}}
{{if no_rollback}}
echo '{{$fwbprompt}}';
chmod +x {{$fwdir}}/tmp/{{$fwscript}};
sh {{$fwdir}}/tmp/{{$fwscript}} && (echo 'Policy activated'; sleep 2; echo )
{{endif}}
{{endif}}
sh {{$fwdir}}/{{$fwscript}} && ( echo 'Policy activated'; sleep 2; echo )

24
src/res/configlets/openwrt/installer_commands_root
View File

@ -17,29 +17,7 @@
##
{{if run}}
echo '{{$fwbprompt}}';
chmod +x {{$fwdir}}/{{$fwscript}};
{{$fwdir}}/{{$fwscript}} start && ( killall -q -9 reboot; echo 'Policy activated' )
{{endif}}
{{if test}}
{{if with_rollback}}
echo '{{$fwbprompt}}';
echo '* * * * * rm /etc/crontabs/root; reboot -d{{$rbtimeout_sec}}' > /etc/crontabs/root
chmod 0600 /etc/crontabs/root
chmod +x /tmp/{{$fwscript}};
/tmp/{{$fwscript}} start && echo 'Policy activated'
{{endif}}
{{if no_rollback}}
echo '{{$fwbprompt}}';
chmod +x /tmp/{{$fwscript}};
/tmp/{{$fwscript}} start && echo 'Policy activated'
{{endif}}
{{endif}}
{{$fwdir}}/{{$fwscript}} start && echo 'Policy activated'

10
src/res/configlets/solaris/installer_commands_reg_user
View File

@ -29,13 +29,5 @@
## race condition which breaks installation process.
{{if run}} echo '{{$fwbprompt}}'; chmod +x {{$fwdir}}/{{$fwscript}}; sudo -S {{$fwdir}}/{{$fwscript}} && sudo -S pkill shutdown; echo 'Policy activated' {{endif}}
{{if test}}
{{if with_rollback}} echo '{{$fwbprompt}}'; chmod +x {{$fwdir}}/tmp/{{$fwscript}}; echo 'sudo -S /sbin/shutdown -y -i6 -g{{$rbtimeout_sec}} &' | sh; sudo -S {{$fwdir}}/tmp/{{$fwscript}} && echo 'Policy activated' {{endif}}
{{if no_rollback}} echo '{{$fwbprompt}}'; chmod +x {{$fwdir}}/tmp/{{$fwscript}}; sudo -S {{$fwdir}}/tmp/{{$fwscript}} && echo 'Policy activated' {{endif}}
{{endif}}
echo '{{$fwbprompt}}'; chmod +x {{$fwdir}}/{{$fwscript}}; sudo -S {{$fwdir}}/{{$fwscript}} && echo 'Policy activated'

23
src/res/configlets/solaris/installer_commands_root
View File

@ -24,28 +24,7 @@
##
{{if run}}
echo '{{$fwbprompt}}';
chmod +x {{$fwdir}}/{{$fwscript}};
sh {{$fwdir}}/{{$fwscript}} && ( pkill shutdown; echo 'Policy activated' )
{{endif}}
{{if test}}
{{if with_rollback}}
echo '{{$fwbprompt}}';
echo '/sbin/shutdown -y -i6 -g{{$rbtimeout}} &' | sh;
chmod +x {{$fwdir}}/{{$fwscript}};
sh {{$fwdir}}/tmp/{{$fwscript}} && echo 'Policy activated'
{{endif}}
{{if no_rollback}}
echo '{{$fwbprompt}}';
chmod +x {{$fwdir}}/{{$fwscript}};
sh {{$fwdir}}/tmp/{{$fwscript}} && echo 'Policy activated'
{{endif}}
{{endif}}
sh {{$fwdir}}/{{$fwscript}} && echo 'Policy activated'

22
src/res/configlets/sveasoft/installer_commands_root
View File

@ -40,7 +40,7 @@ echo "Saving data to flash memory";
echo "Flash memory:";
/usr/sbin/nvram show >/dev/null;
echo "Activating policy";
/usr/sbin/nvram get fwb|uudecode|gzip -dc|sh && (killall reboot;echo 'Policy activated')
/usr/sbin/nvram get fwb|uudecode|gzip -dc|sh && echo 'Policy activated'
{{endif}}
{{if no_compression}}
@ -55,27 +55,9 @@ echo "Saving data to flash memory";
echo "Flash memory:";
/usr/sbin/nvram show >/dev/null;
echo "Activating policy";
/usr/sbin/nvram get fwb|sh && (killall reboot; echo 'Policy activated')
/usr/sbin/nvram get fwb|sh && echo 'Policy activated'
{{endif}}
{{endif}}
{{if test}}
{{if with_rollback}}
echo '{{$fwbprompt}}';
cp /tmp/crontab /tmp/crontab.o;
echo '* * * * * root cat /tmp/crontab.o > /tmp/crontab; reboot -d{{$rbtimeout_sec}}' >> /tmp/crontab;
sh /tmp/{{$fwscript}} && echo 'Policy activated'
{{endif}}
{{if no_rollback}}
echo '{{$fwbprompt}}'; sh /tmp/{{$fwscript}} && echo 'Policy activated'
{{endif}}
{{endif}}