mirror of
https://github.com/pi-hole/pi-hole
synced 2024-11-18 06:08:21 +00:00
Merge pull request #1925 from pi-hole/feature/installtweaks
Install log security
This commit is contained in:
commit
49b3f82675
@ -2,7 +2,7 @@
|
|||||||
# shellcheck disable=SC1090
|
# shellcheck disable=SC1090
|
||||||
|
|
||||||
# Pi-hole: A black hole for Internet advertisements
|
# Pi-hole: A black hole for Internet advertisements
|
||||||
# (c) 2017 Pi-hole, LLC (https://pi-hole.net)
|
# (c) 2017-2018 Pi-hole, LLC (https://pi-hole.net)
|
||||||
# Network-wide ad blocking via your own hardware.
|
# Network-wide ad blocking via your own hardware.
|
||||||
#
|
#
|
||||||
# Installs and Updates Pi-hole
|
# Installs and Updates Pi-hole
|
||||||
@ -14,7 +14,7 @@
|
|||||||
#
|
#
|
||||||
# Install with this command (from your Linux machine):
|
# Install with this command (from your Linux machine):
|
||||||
#
|
#
|
||||||
# curl -L install.pi-hole.net | bash
|
# curl -sSL https://install.pi-hole.net | bash
|
||||||
|
|
||||||
# -e option instructs bash to immediately exit if any command [1] has a non-zero exit status
|
# -e option instructs bash to immediately exit if any command [1] has a non-zero exit status
|
||||||
# We do not want users to end up with a partially working install, so we exit the script
|
# We do not want users to end up with a partially working install, so we exit the script
|
||||||
@ -28,9 +28,8 @@ set -e
|
|||||||
# Local variables will be in lowercase and will exist only within functions
|
# Local variables will be in lowercase and will exist only within functions
|
||||||
# It's still a work in progress, so you may see some variance in this guideline until it is complete
|
# It's still a work in progress, so you may see some variance in this guideline until it is complete
|
||||||
|
|
||||||
# We write to a temporary file before moving the log to the pihole folder
|
# Location for final installation log storage
|
||||||
tmpLog=/tmp/pihole-install.log
|
installLogLoc=/etc/pihole/install.log
|
||||||
instalLogLoc=/etc/pihole/install.log
|
|
||||||
# This is an important file as it contains information specific to the machine it's being installed on
|
# This is an important file as it contains information specific to the machine it's being installed on
|
||||||
setupVars=/etc/pihole/setupVars.conf
|
setupVars=/etc/pihole/setupVars.conf
|
||||||
# Pi-hole uses lighttpd as a Web server, and this is the config file for it
|
# Pi-hole uses lighttpd as a Web server, and this is the config file for it
|
||||||
@ -1891,14 +1890,28 @@ FTLdetect() {
|
|||||||
# Install FTL
|
# Install FTL
|
||||||
FTLinstall "${binary}" || return 1
|
FTLinstall "${binary}" || return 1
|
||||||
fi
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
make_temporary_log() {
|
||||||
|
# Create a random temporary file for the log
|
||||||
|
TEMPLOG=$(mktemp /tmp/pihole_temp.XXXXXX)
|
||||||
|
# Open handle 3 for templog
|
||||||
|
# https://stackoverflow.com/questions/18460186/writing-outputs-to-log-file-and-console
|
||||||
|
exec 3>"$TEMPLOG"
|
||||||
|
# Delete templog, but allow for addressing via file handle
|
||||||
|
# This lets us write to the log without having a temporary file on the drive, which
|
||||||
|
# is meant to be a security measure so there is not a lingering file on the drive during the install process
|
||||||
|
rm "$TEMPLOG"
|
||||||
|
}
|
||||||
|
|
||||||
|
copy_to_install_log() {
|
||||||
|
# Copy the contents of file descriptor 3 into the install log
|
||||||
|
# Since we use color codes such as '\e[1;33m', they should be removed
|
||||||
|
sed 's/\[[0-9;]\{1,5\}m//g' < /proc/$$/fd/3 > "${installLogLoc}"
|
||||||
}
|
}
|
||||||
|
|
||||||
main() {
|
main() {
|
||||||
######## FIRST CHECK ########
|
######## FIRST CHECK ########
|
||||||
# Show the Pi-hole logo so people know it's genuine since the logo and name are trademarked
|
|
||||||
show_ascii_berry
|
|
||||||
# Must be root to install
|
# Must be root to install
|
||||||
local str="Root user check"
|
local str="Root user check"
|
||||||
echo ""
|
echo ""
|
||||||
@ -1907,6 +1920,9 @@ main() {
|
|||||||
if [[ "${EUID}" -eq 0 ]]; then
|
if [[ "${EUID}" -eq 0 ]]; then
|
||||||
# they are root and all is good
|
# they are root and all is good
|
||||||
echo -e " ${TICK} ${str}"
|
echo -e " ${TICK} ${str}"
|
||||||
|
# Show the Pi-hole logo so people know it's genuine since the logo and name are trademarked
|
||||||
|
show_ascii_berry
|
||||||
|
make_temporary_log
|
||||||
# Otherwise,
|
# Otherwise,
|
||||||
else
|
else
|
||||||
# They do not have enough privileges, so let the user know
|
# They do not have enough privileges, so let the user know
|
||||||
@ -2031,7 +2047,7 @@ main() {
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
# Install and log everything to a file
|
# Install and log everything to a file
|
||||||
installPihole | tee ${tmpLog}
|
installPihole | tee -a /proc/$$/fd/3
|
||||||
else
|
else
|
||||||
# Source ${setupVars} to use predefined user variables in the functions
|
# Source ${setupVars} to use predefined user variables in the functions
|
||||||
source ${setupVars}
|
source ${setupVars}
|
||||||
@ -2057,12 +2073,11 @@ main() {
|
|||||||
# Value will either be 1, if true, or 0
|
# Value will either be 1, if true, or 0
|
||||||
LIGHTTPD_ENABLED=$(service lighttpd status | awk '/Loaded:/ {print $0}' | grep -c 'enabled' || true)
|
LIGHTTPD_ENABLED=$(service lighttpd status | awk '/Loaded:/ {print $0}' | grep -c 'enabled' || true)
|
||||||
fi
|
fi
|
||||||
|
updatePihole | tee -a /proc/$$/fd/3
|
||||||
updatePihole | tee ${tmpLog}
|
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Move the log file into /etc/pihole for storage
|
# Copy the temp log file into final log location for storage
|
||||||
mv ${tmpLog} ${instalLogLoc}
|
copy_to_install_log
|
||||||
|
|
||||||
if [[ "${INSTALL_WEB}" == true ]]; then
|
if [[ "${INSTALL_WEB}" == true ]]; then
|
||||||
# Add password to web UI if there is none
|
# Add password to web UI if there is none
|
||||||
@ -2139,7 +2154,7 @@ main() {
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
# Display where the log file is
|
# Display where the log file is
|
||||||
echo -e "\\n ${INFO} The install log is located at: /etc/pihole/install.log
|
echo -e "\\n ${INFO} The install log is located at: ${installLogLoc}
|
||||||
${COL_LIGHT_GREEN}${INSTALL_TYPE} Complete! ${COL_NC}"
|
${COL_LIGHT_GREEN}${INSTALL_TYPE} Complete! ${COL_NC}"
|
||||||
|
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user