From 553699921a06d7915a9f85c12deeb4b24ed543cd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Martin=20H=C3=BCbner?= Date: Wed, 22 May 2024 15:53:29 +0200 Subject: [PATCH] falter-berlin-autoupdate: Add custom-config detection MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit When updating nodes automatically, we want to detect custom changes made by the user. As nodes may brake when using non-standard config and updating, we want to avoid updating on these nodes. Signed-off-by: Martin Hübner --- packages/falter-berlin-autoupdate/Makefile | 1 + .../files/autoupdate.conf | 3 ++ .../files/autoupdate.sh | 18 +++++++++ .../files/lib_autoupdate.sh | 37 +++++++++++++++++++ .../files/zz-autoupdate_diff.sh | 28 ++++++++++++++ 5 files changed, 87 insertions(+) create mode 100644 packages/falter-berlin-autoupdate/files/zz-autoupdate_diff.sh diff --git a/packages/falter-berlin-autoupdate/Makefile b/packages/falter-berlin-autoupdate/Makefile index e3ae780f..9f938b29 100644 --- a/packages/falter-berlin-autoupdate/Makefile +++ b/packages/falter-berlin-autoupdate/Makefile @@ -59,6 +59,7 @@ define Package/falter-berlin-autoupdate/install $(CP) ./files/lib_autoupdate.sh $(1)/lib/autoupdate/lib_autoupdate.sh $(INSTALL_DIR) $(1)/etc/uci-defaults $(CP) ./files/post-inst.sh $(1)/etc/uci-defaults/90_autoupdate-post-inst.sh + $(CP) ./files/zz-autoupdate_diff.sh $(1)/etc/uci-defaults/zz-autoupdate_diff.sh endef define Package/falter-berlin-autoupdate-keys/install diff --git a/packages/falter-berlin-autoupdate/files/autoupdate.conf b/packages/falter-berlin-autoupdate/files/autoupdate.conf index ab28e923..eb2cb5df 100644 --- a/packages/falter-berlin-autoupdate/files/autoupdate.conf +++ b/packages/falter-berlin-autoupdate/files/autoupdate.conf @@ -3,3 +3,6 @@ config generic cfg option selector_fqdn 'selector.berlin.freifunk.net' option minimum_certs 3 option disabled 0 + option ignore_mod 0 + option mod_warning 0 + option no_autou_avail 0 diff --git a/packages/falter-berlin-autoupdate/files/autoupdate.sh b/packages/falter-berlin-autoupdate/files/autoupdate.sh index 4c03f3e7..2f261e57 100755 --- a/packages/falter-berlin-autoupdate/files/autoupdate.sh +++ b/packages/falter-berlin-autoupdate/files/autoupdate.sh @@ -172,6 +172,24 @@ else log "latest release is $latest_release" fi +if [ -z "$OPT_FORCE" ]; then + detect_custom_config "/etc/autoupdate/cheksums" + retval=$? + if [ $retval = 2 ]; then + log "You customized the configuration of your system since the first wizard run." + log "This can lead to incompabilities in the update process. Please consider" + log "updating manually." + exit 2 + elif [ $retval = 1 ]; then + log "There were no checksums of your config files, to compare with. We were not" + log "able to detect, wether your config is customized. Please consider updating" + log "manually." + exit 2 + else + log "Config wasn't modified since wizard run". + fi +fi + ################## # Update-stuff diff --git a/packages/falter-berlin-autoupdate/files/lib_autoupdate.sh b/packages/falter-berlin-autoupdate/files/lib_autoupdate.sh index 4821dff8..17c12e95 100755 --- a/packages/falter-berlin-autoupdate/files/lib_autoupdate.sh +++ b/packages/falter-berlin-autoupdate/files/lib_autoupdate.sh @@ -15,6 +15,8 @@ # shellcheck disable=SC2059 # FW_SERVER_URL isn't mispelled, but a global variable defined in autoupdate.sh # shellcheck disable=SC2153 +# file names will not contain whispaces... +# shellcheck disable=SC2044 # Those dependencies aren't available for CI checking. # shellcheck source=/dev/null @@ -68,6 +70,41 @@ read_latest_stable() { return $? } +detect_custom_config() { + # Doing updates on highly customized systems can fail. Detect these systems + # by comparing hashes. + local path_config_chcksums="$1" + local files_different=0 + local differing_files="" + + if ! [ -d "$path_config_chcksums" ]; then + # there are no checksums to compare against. + return 1 + fi + + for file in $(find "$path_config_chcksums" -type f); do + # slice the prefix away, where checksums got stored + config_file="/$(echo "$file" | cut -d'/' -f5-)" + # check, if config file at /etc/config still exists + if [ -f "$config_file" ]; then + curr_chksum=$(md5sum "$config_file"| cut -d' ' -f1) + stored_checksum=$(cat "$file") + if [ "$curr_chksum" != "$stored_checksum" ]; then + differing_files="$differing_files $file" + files_different=2 + fi + else + continue + fi + done + + if [ $files_different != 0 ]; then + log "Found differing files: $differing_files" + fi + + return $files_different +} + get_firmware_flavour() { # echos the freifunk-berlin firmware flavour like # tunneldigger, notunnel, ... diff --git a/packages/falter-berlin-autoupdate/files/zz-autoupdate_diff.sh b/packages/falter-berlin-autoupdate/files/zz-autoupdate_diff.sh new file mode 100644 index 00000000..c5726d83 --- /dev/null +++ b/packages/falter-berlin-autoupdate/files/zz-autoupdate_diff.sh @@ -0,0 +1,28 @@ +#!/bin/ash + +# After everything on the router was configured, this script gets run for gene- +# rating checksums of all config files. Autoupdate uses this, to detect custom +# setups and refuse an automatic update then. This can be overirdden in user +# settings. + +# filenames will not contain spaces. Thus keeping the for-loop simple for +# better maintainability +# shellcheck disable=SC2044 + +# don't run ssid_changer, if the wizard wasn't run yet. +if [ ! -f /etc/config/ffwizard ]; then + log "ffwizard didn't run yet. Cancelling scripts run." + exit 1 +fi + +watch_dirs="/etc/config/" +chksum_dir="/etc/autoupdate/cheksums" + +for dir in $watch_dirs; do + mkdir -p "$chksum_dir""$dir" + # filename will not contain spaces. + for file in $(find "$dir" -type f); do + md5=$(md5sum "$file" | cut -d' ' -f 1) + echo "$md5" > "$chksum_dir""$file" + done +done