From a3cc5df317ffeec2b6bf78d37e075f33aeb0f79c Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Thu, 16 Dec 2021 11:19:11 -0800 Subject: [PATCH 001/110] Configure stale action (#4269) * Configure stale action * [skip ci] Update .github/workflows/stale.yml * Update .github/workflows/stale.yml --- .github/workflows/stale.yml | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 .github/workflows/stale.yml diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml new file mode 100644 index 00000000..1c1c47a1 --- /dev/null +++ b/.github/workflows/stale.yml @@ -0,0 +1,24 @@ +name: Mark stale issues + +on: + schedule: + - cron: '30 * * * *' + +jobs: + stale: + + runs-on: ubuntu-latest + permissions: + issues: write + + steps: + - uses: actions/stale@v4 + with: + repo-token: ${{ secrets.GITHUB_TOKEN }} + debug-only: true + days-before-stale: 30 + days-before-close: 5 + stale-issue-message: 'This issue is stale because it has been open 30 days with no activity. Please comment or update this issue or it will be closed in 5 days.' + stale-issue-label: 'Submitter Attention Required' + exempt-issue-labels: 'pinned, Fixed in next release, Bug: Confirmed' + exempt-all-issue-assignees: true From 0e359a6321ff77581795a1fb76e20773ca30d81d Mon Sep 17 00:00:00 2001 From: yubiuser Date: Tue, 4 Jan 2022 09:40:07 +0100 Subject: [PATCH 002/110] Set dnsmasq interface listening by default to local (#4509) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- automated install/basic-install.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index e3a9764f..5f69eb73 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1731,7 +1731,7 @@ finalExports() { # If the setup variable file exists, if [[ -e "${setupVars}" ]]; then # update the variables in the file - sed -i.update.bak '/PIHOLE_INTERFACE/d;/IPV4_ADDRESS/d;/IPV6_ADDRESS/d;/PIHOLE_DNS_1\b/d;/PIHOLE_DNS_2\b/d;/QUERY_LOGGING/d;/INSTALL_WEB_SERVER/d;/INSTALL_WEB_INTERFACE/d;/LIGHTTPD_ENABLED/d;/CACHE_SIZE/d;/DNS_FQDN_REQUIRED/d;/DNS_BOGUS_PRIV/d;' "${setupVars}" + sed -i.update.bak '/PIHOLE_INTERFACE/d;/IPV4_ADDRESS/d;/IPV6_ADDRESS/d;/PIHOLE_DNS_1\b/d;/PIHOLE_DNS_2\b/d;/QUERY_LOGGING/d;/INSTALL_WEB_SERVER/d;/INSTALL_WEB_INTERFACE/d;/LIGHTTPD_ENABLED/d;/CACHE_SIZE/d;/DNS_FQDN_REQUIRED/d;/DNS_BOGUS_PRIV/d;/DNSMASQ_LISTENING/d;' "${setupVars}" fi # echo the information to the user { @@ -1747,6 +1747,7 @@ finalExports() { echo "CACHE_SIZE=${CACHE_SIZE}" echo "DNS_FQDN_REQUIRED=${DNS_FQDN_REQUIRED:-true}" echo "DNS_BOGUS_PRIV=${DNS_BOGUS_PRIV:-true}" + echo "DNSMASQ_LISTENING=${DNSMASQ_LISTENING:-local}" }>> "${setupVars}" chmod 644 "${setupVars}" From 241e53ed454ab6a1ee02b071da848390d2b8c55e Mon Sep 17 00:00:00 2001 From: yubiuser Date: Tue, 4 Jan 2022 20:06:41 +0100 Subject: [PATCH 003/110] Skip debug upload question if called from web interface (#4494) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Skip debug upload question if called from web interface Signed-off-by: Christian König * Suppress upload error if users opt-out from uploading from web interface Signed-off-by: Christian König * Fix and reverse logic Signed-off-by: Christian König * Remove addtional space Signed-off-by: Christian König * Include reviewer's comment :D Co-authored-by: Adam Warner Co-authored-by: Adam Warner --- advanced/Scripts/piholeDebug.sh | 36 ++++++++++++++++++++------------- 1 file changed, 22 insertions(+), 14 deletions(-) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index 3ac63e80..62e2732d 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -1386,9 +1386,9 @@ upload_to_tricorder() { log_write "${TICK} ${COL_GREEN}** FINISHED DEBUGGING! **${COL_NC}\\n" # Provide information on what they should do with their token - log_write " * The debug log can be uploaded to tricorder.pi-hole.net for sharing with developers only." + log_write " * The debug log can be uploaded to tricorder.pi-hole.net for sharing with developers only." - # If pihole -d is running automatically (usually through the dashboard) + # If pihole -d is running automatically if [[ "${AUTOMATED}" ]]; then # let the user know log_write "${INFO} Debug script running in automated mode" @@ -1396,16 +1396,19 @@ upload_to_tricorder() { curl_to_tricorder # If we're not running in automated mode, else - echo "" - # give the user a choice of uploading it or not - # Users can review the log file locally (or the output of the script since they are the same) and try to self-diagnose their problem - read -r -p "[?] Would you like to upload the log? [y/N] " response - case ${response} in - # If they say yes, run our function for uploading the log - [yY][eE][sS]|[yY]) curl_to_tricorder;; - # If they choose no, just exit out of the script - *) log_write " * Log will ${COL_GREEN}NOT${COL_NC} be uploaded to tricorder.\\n * A local copy of the debug log can be found at: ${COL_CYAN}${PIHOLE_DEBUG_LOG}${COL_NC}\\n";exit; - esac + # if not being called from the web interface + if [[ ! "${WEBCALL}" ]]; then + echo "" + # give the user a choice of uploading it or not + # Users can review the log file locally (or the output of the script since they are the same) and try to self-diagnose their problem + read -r -p "[?] Would you like to upload the log? [y/N] " response + case ${response} in + # If they say yes, run our function for uploading the log + [yY][eE][sS]|[yY]) curl_to_tricorder;; + # If they choose no, just exit out of the script + *) log_write " * Log will ${COL_GREEN}NOT${COL_NC} be uploaded to tricorder.\\n * A local copy of the debug log can be found at: ${COL_CYAN}${PIHOLE_DEBUG_LOG}${COL_NC}\\n";exit; + esac + fi fi # Check if tricorder.pi-hole.net is reachable and provide token # along with some additional useful information @@ -1425,8 +1428,13 @@ upload_to_tricorder() { # If no token was generated else # Show an error and some help instructions - log_write "${CROSS} ${COL_RED}There was an error uploading your debug log.${COL_NC}" - log_write " * Please try again or contact the Pi-hole team for assistance." + # Skip this if being called from web interface and autmatic mode was not chosen (users opt-out to upload) + if [[ "${WEBCALL}" ]] && [[ ! "${AUTOMATED}" ]]; then + : + else + log_write "${CROSS} ${COL_RED}There was an error uploading your debug log.${COL_NC}" + log_write " * Please try again or contact the Pi-hole team for assistance." + fi fi # Finally, show where the log file is no matter the outcome of the function so users can look at it log_write " * A local copy of the debug log can be found at: ${COL_CYAN}${PIHOLE_DEBUG_LOG}${COL_NC}\\n" From c6a2a6f7398cd35e89f0d444a047644e7688aa73 Mon Sep 17 00:00:00 2001 From: yubiuser Date: Tue, 4 Jan 2022 20:09:30 +0100 Subject: [PATCH 004/110] Install pihole-FTL.conf template on fresh installation (#4496) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- advanced/Templates/pihole-FTL.conf | 2 ++ automated install/basic-install.sh | 4 ++-- 2 files changed, 4 insertions(+), 2 deletions(-) create mode 100644 advanced/Templates/pihole-FTL.conf diff --git a/advanced/Templates/pihole-FTL.conf b/advanced/Templates/pihole-FTL.conf new file mode 100644 index 00000000..269fcf9d --- /dev/null +++ b/advanced/Templates/pihole-FTL.conf @@ -0,0 +1,2 @@ +#; Pi-hole FTL config file +#; Comments should start with #; to avoid issues with PHP and bash reading this file diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 5f69eb73..465c8cc1 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1299,10 +1299,10 @@ installConfigs() { echo "${DNS_SERVERS}" > "${PI_HOLE_CONFIG_DIR}/dns-servers.conf" chmod 644 "${PI_HOLE_CONFIG_DIR}/dns-servers.conf" - # Install empty file if it does not exist + # Install template file if it does not exist if [[ ! -r "${PI_HOLE_CONFIG_DIR}/pihole-FTL.conf" ]]; then install -d -m 0755 ${PI_HOLE_CONFIG_DIR} - if ! install -o pihole -m 664 /dev/null "${PI_HOLE_CONFIG_DIR}/pihole-FTL.conf" &>/dev/null; then + if ! install -T -o pihole -m 664 "${PI_HOLE_LOCAL_REPO}/advanced/Templates/pihole-FTL.conf" "${PI_HOLE_CONFIG_DIR}/pihole-FTL.conf" &>/dev/null; then printf " %bError: Unable to initialize configuration file %s/pihole-FTL.conf\\n" "${COL_LIGHT_RED}" "${PI_HOLE_CONFIG_DIR}" return 1 fi From 7807a93e10f114982a31d8d224827b8e14846dec Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Tue, 4 Jan 2022 21:46:06 +0000 Subject: [PATCH 005/110] If PIHOLE_DOCKER_TAG is set, then include that info in the debug run (#4515) Signed-off-by: Adam Warner --- advanced/Scripts/piholeDebug.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index 62e2732d..ef85ed10 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -467,6 +467,9 @@ diagnose_operating_system() { # Display the current test that is running echo_current_diagnostic "Operating system" + # If the PIHOLE_DOCKER_TAG variable is set, include this information in the debug output + [ -n "${PIHOLE_DOCKER_TAG}" ] && log_write "${INFO} Pi-hole Docker Container: ${PIHOLE_DOCKER_TAG}" + # If there is a /etc/*release file, it's probably a supported operating system, so we can if ls /etc/*release 1> /dev/null 2>&1; then # display the attributes to the user from the function made earlier From 5823f5e254e33c3f6b5d1dcd1a94564c67fe3f0d Mon Sep 17 00:00:00 2001 From: DL6ER Date: Wed, 5 Jan 2022 17:41:46 +0100 Subject: [PATCH 006/110] Use ss instead of lsof (#4518) * Use ss instead of lsof for pihole status checks Signed-off-by: DL6ER * Use ss FILTER instead of piping into bash Signed-off-by: DL6ER * Use ss in debug log generation Signed-off-by: DL6ER * Remove lsof from dependencies Signed-off-by: DL6ER --- advanced/Scripts/piholeDebug.sh | 26 +++++++++++--------------- automated install/basic-install.sh | 4 ++-- pihole | 14 ++++++++------ 3 files changed, 21 insertions(+), 23 deletions(-) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index ef85ed10..dc4a2729 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -733,11 +733,11 @@ compare_port_to_service_assigned() { # If the service is a Pi-hole service, highlight it in green if [[ "${service_name}" == "${expected_service}" ]]; then - log_write "[${COL_GREEN}${port}${COL_NC}] is in use by ${COL_GREEN}${service_name}${COL_NC}" + log_write "${TICK} ${COL_GREEN}${port}${COL_NC} is in use by ${COL_GREEN}${service_name}${COL_NC}" # Otherwise, else # Show the service name in red since it's non-standard - log_write "[${COL_RED}${port}${COL_NC}] is in use by ${COL_RED}${service_name}${COL_NC} (${FAQ_HARDWARE_REQUIREMENTS_PORTS})" + log_write "${CROSS} ${COL_RED}${port}${COL_NC} is in use by ${COL_RED}${service_name}${COL_NC} (${FAQ_HARDWARE_REQUIREMENTS_PORTS})" fi } @@ -753,32 +753,28 @@ check_required_ports() { # Sort the addresses and remove duplicates while IFS= read -r line; do ports_in_use+=( "$line" ) - done < <( lsof -iTCP -sTCP:LISTEN -P -n +c 10 ) + done < <( ss --listening --numeric --tcp --udp --processes --oneline --no-header ) # Now that we have the values stored, for i in "${!ports_in_use[@]}"; do # loop through them and assign some local variables local service_name - service_name=$(echo "${ports_in_use[$i]}" | awk '{print $1}') + service_name=$(echo "${ports_in_use[$i]}" | awk '{gsub(/users:\(\("/,"",$7);gsub(/".*/,"",$7);print $7}') local protocol_type - protocol_type=$(echo "${ports_in_use[$i]}" | awk '{print $5}') + protocol_type=$(echo "${ports_in_use[$i]}" | awk '{print $1}') local port_number - port_number="$(echo "${ports_in_use[$i]}" | awk '{print $9}')" + port_number="$(echo "${ports_in_use[$i]}" | awk '{print $5}')" # | awk '{gsub(/^.*:/,"",$5);print $5}') - # Skip the line if it's the titles of the columns the lsof command produces - if [[ "${service_name}" == COMMAND ]]; then - continue - fi # Use a case statement to determine if the right services are using the right ports - case "$(echo "$port_number" | rev | cut -d: -f1 | rev)" in - 53) compare_port_to_service_assigned "${resolver}" "${service_name}" 53 + case "$(echo "${port_number}" | rev | cut -d: -f1 | rev)" in + 53) compare_port_to_service_assigned "${resolver}" "${service_name}" "${protocol_type}:${port_number}" ;; - 80) compare_port_to_service_assigned "${web_server}" "${service_name}" 80 + 80) compare_port_to_service_assigned "${web_server}" "${service_name}" "${protocol_type}:${port_number}" ;; - 4711) compare_port_to_service_assigned "${ftl}" "${service_name}" 4711 + 4711) compare_port_to_service_assigned "${ftl}" "${service_name}" "${protocol_type}:${port_number}" ;; # If it's not a default port that Pi-hole needs, just print it out for the user to see - *) log_write "${port_number} ${service_name} (${protocol_type})"; + *) log_write " ${protocol_type}:${port_number} is in use by ${service_name:=}"; esac done } diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 465c8cc1..3780f7b0 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -287,7 +287,7 @@ package_manager_detect() { # Packages required to run this install script (stored as an array) INSTALLER_DEPS=(git iproute2 whiptail ca-certificates) # Packages required to run Pi-hole (stored as an array) - PIHOLE_DEPS=(cron curl iputils-ping lsof psmisc sudo unzip idn2 sqlite3 libcap2-bin dns-root-data libcap2 netcat) + PIHOLE_DEPS=(cron curl iputils-ping psmisc sudo unzip idn2 sqlite3 libcap2-bin dns-root-data libcap2 netcat) # Packages required for the Web admin interface (stored as an array) # It's useful to separate this from Pi-hole, since the two repos are also setup separately PIHOLE_WEB_DEPS=(lighttpd "${phpVer}-common" "${phpVer}-cgi" "${phpVer}-sqlite3" "${phpVer}-xml" "${phpVer}-intl") @@ -332,7 +332,7 @@ package_manager_detect() { PKG_COUNT="${PKG_MANAGER} check-update | egrep '(.i686|.x86|.noarch|.arm|.src)' | wc -l" OS_CHECK_DEPS=(grep bind-utils) INSTALLER_DEPS=(git iproute newt procps-ng which chkconfig ca-certificates) - PIHOLE_DEPS=(cronie curl findutils sudo unzip libidn2 psmisc sqlite libcap lsof nmap-ncat) + PIHOLE_DEPS=(cronie curl findutils sudo unzip libidn2 psmisc sqlite libcap nmap-ncat) PIHOLE_WEB_DEPS=(lighttpd lighttpd-fastcgi php-common php-cli php-pdo php-xml php-json php-intl) LIGHTTPD_USER="lighttpd" LIGHTTPD_GROUP="lighttpd" diff --git a/pihole b/pihole index cd18b273..8af47dc8 100755 --- a/pihole +++ b/pihole @@ -283,26 +283,29 @@ Options: } analyze_ports() { + local lv4 lv6 port=${1} # FTL is listening at least on at least one port when this # function is getting called # Check individual address family/protocol combinations # For a healthy Pi-hole, they should all be up (nothing printed) - if grep -q "IPv4.*UDP" <<< "${1}"; then + lv4="$(ss --ipv4 --listening --numeric --tcp --udp src :${port})" + if grep -q "udp " <<< "${lv4}"; then echo -e " ${TICK} UDP (IPv4)" else echo -e " ${CROSS} UDP (IPv4)" fi - if grep -q "IPv4.*TCP" <<< "${1}"; then + if grep -q "tcp " <<< "${lv4}"; then echo -e " ${TICK} TCP (IPv4)" else echo -e " ${CROSS} TCP (IPv4)" fi - if grep -q "IPv6.*UDP" <<< "${1}"; then + lv6="$(ss --ipv6 --listening --numeric --tcp --udp src :${port})" + if grep -q "udp " <<< "${lv6}"; then echo -e " ${TICK} UDP (IPv6)" else echo -e " ${CROSS} UDP (IPv6)" fi - if grep -q "IPv6.*TCP" <<< "${1}"; then + if grep -q "tcp " <<< "${lv6}"; then echo -e " ${TICK} TCP (IPv6)" else echo -e " ${CROSS} TCP (IPv6)" @@ -324,7 +327,6 @@ statusFunc() { else #get the port pihole-FTL is listening on by using FTL's telnet API port="$(echo ">dns-port >quit" | nc 127.0.0.1 4711)" - listening="$(lsof -Pni:${port})" if [[ "${port}" == "0" ]]; then case "${1}" in "web") echo "-1";; @@ -334,7 +336,7 @@ statusFunc() { else if [[ "${1}" != "web" ]]; then echo -e " ${TICK} FTL is listening on port ${port}" - analyze_ports "${listening}" + analyze_ports "${port}" fi fi fi From 81698ef1eda51533366161fa23b23cac638b1b0c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Wed, 5 Jan 2022 21:09:57 +0100 Subject: [PATCH 007/110] Fix Pi-hole status in chronometer MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- advanced/Scripts/chronometer.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/Scripts/chronometer.sh b/advanced/Scripts/chronometer.sh index 312c484f..fddb3936 100755 --- a/advanced/Scripts/chronometer.sh +++ b/advanced/Scripts/chronometer.sh @@ -357,7 +357,7 @@ get_sys_stats() { ram_used="${ram_raw[1]}" ram_total="${ram_raw[2]}" - if [[ "$(pihole status web 2> /dev/null)" == "1" ]]; then + if [[ "$(pihole status web 2> /dev/null)" -ge "1" ]]; then ph_status="${COL_LIGHT_GREEN}Active" else ph_status="${COL_LIGHT_RED}Offline" From c2080324b75487cb1130dec5f3450f57c3d62ad7 Mon Sep 17 00:00:00 2001 From: MichaIng Date: Fri, 7 Jan 2022 18:55:15 +0100 Subject: [PATCH 008/110] Install netcat-openbsd as dependency explicitly Since Debian Stretch and Ubuntu Bionic, the "netcat" package is a transitional dummy package which pulls in "netcat-traditional" on Debian Stretch+Buster and Ubuntu Bionic, and "netcat-openbsd" on Debian Bullseye, Ubuntu Focal and up. On Debian Bookworm (testing), however, the "netcat" package has been removed during the last 3 days at time or writing, so that it fails do be installed. While "netcat-traditional" and "netcat-openbsd" both "Provides: netcat", since it's two alternatives, APT does not automatically pick one but aborts, and the only solution is to install one explicitly. While this is likely a temporary state of the Debian testing suite, having a closer look at the two alternatives shows that "netcat-openbsd" is a much more actively maintained newer version with additional support for IPv6, proxies, and UNIX sockets, which is likely the reason for the gradual transition via meta package from "netcat-traditional" to "netcat-openbsd". This commit hence consequently follows this aim by skipping the transitional dummy package and installing "netcat-openbsd" explicitly as dependency, to avoid any possible errors like the one which occurs currently on Bookworm. Both packages can be installed concurrently and do no conflict, but are managed via dpkg's "update-alternatives". For reference: - https://packages.debian.org/netcat - https://packages.ubuntu.com/netcat Signed-off-by: MichaIng --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 3780f7b0..6591634e 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -287,7 +287,7 @@ package_manager_detect() { # Packages required to run this install script (stored as an array) INSTALLER_DEPS=(git iproute2 whiptail ca-certificates) # Packages required to run Pi-hole (stored as an array) - PIHOLE_DEPS=(cron curl iputils-ping psmisc sudo unzip idn2 sqlite3 libcap2-bin dns-root-data libcap2 netcat) + PIHOLE_DEPS=(cron curl iputils-ping psmisc sudo unzip idn2 sqlite3 libcap2-bin dns-root-data libcap2 netcat-openbsd) # Packages required for the Web admin interface (stored as an array) # It's useful to separate this from Pi-hole, since the two repos are also setup separately PIHOLE_WEB_DEPS=(lighttpd "${phpVer}-common" "${phpVer}-cgi" "${phpVer}-sqlite3" "${phpVer}-xml" "${phpVer}-intl") From bfd9fe80ef91237726e99d1462f98e68148f5b3b Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Sat, 8 Jan 2022 01:42:35 -0800 Subject: [PATCH 009/110] Remove debug from Stale Put Stale in to action. --- .github/workflows/stale.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index 1c1c47a1..f98dcc2e 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -2,7 +2,8 @@ name: Mark stale issues on: schedule: - - cron: '30 * * * *' + - cron: '0 * * * *' + workflow_dispatch: jobs: stale: @@ -15,7 +16,6 @@ jobs: - uses: actions/stale@v4 with: repo-token: ${{ secrets.GITHUB_TOKEN }} - debug-only: true days-before-stale: 30 days-before-close: 5 stale-issue-message: 'This issue is stale because it has been open 30 days with no activity. Please comment or update this issue or it will be closed in 5 days.' From 3097c8fbdc431aed44e83f5e8116f2bc9242ecfd Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Sat, 8 Jan 2022 12:57:49 +0000 Subject: [PATCH 010/110] Skip the required ports check if installed in docker container. Unpriv'ed containers do not have access to the information required to resolve the service name listening - and the container should not start if there was a port conflict anyway (#4536) Signed-off-by: Adam Warner --- advanced/Scripts/piholeDebug.sh | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index dc4a2729..77e348c9 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -787,7 +787,9 @@ check_networking() { detect_ip_addresses "6" ping_gateway "4" ping_gateway "6" - check_required_ports + # Skip the following check if installed in docker container. Unpriv'ed containers do not have access to the information required + # to resolve the service name listening - and the container should not start if there was a port conflict anyway + [ -z "${PIHOLE_DOCKER_TAG}" ] && check_required_ports } check_x_headers() { From ce86157067b4de06462f6d220aba03f7b93adaa6 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sat, 8 Jan 2022 14:15:26 +0100 Subject: [PATCH 011/110] Fix gravity in case there are no adlists at all or all are disabled (#4535) Signed-off-by: DL6ER --- gravity.sh | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/gravity.sh b/gravity.sh index a6ab3c86..2f24fbdb 100755 --- a/gravity.sh +++ b/gravity.sh @@ -402,14 +402,12 @@ gravity_DownloadBlocklists() { )" local str="Pulling blocklist source list into range" + echo -e "${OVER} ${TICK} ${str}" - if [[ -n "${sources[*]}" ]] && [[ -n "${sourceDomains[*]}" ]]; then - echo -e "${OVER} ${TICK} ${str}" - else - echo -e "${OVER} ${CROSS} ${str}" + if [[ -z "${sources[*]}" ]] || [[ -z "${sourceDomains[*]}" ]]; then echo -e " ${INFO} No source list found, or it is empty" echo "" - return 1 + unset sources fi local url domain agent cmd_ext str target compression From a65a841c56ecce666499b20ad557c330e1c5b89b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Sun, 9 Jan 2022 07:13:51 +0100 Subject: [PATCH 012/110] Remove oneline from ss call MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- advanced/Scripts/piholeDebug.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index 77e348c9..ac4d45e2 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -753,7 +753,7 @@ check_required_ports() { # Sort the addresses and remove duplicates while IFS= read -r line; do ports_in_use+=( "$line" ) - done < <( ss --listening --numeric --tcp --udp --processes --oneline --no-header ) + done < <( ss --listening --numeric --tcp --udp --processes --no-header ) # Now that we have the values stored, for i in "${!ports_in_use[@]}"; do From b20b38d44fcabf685a8cd78dfee181c97e1eb6ce Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sun, 9 Jan 2022 11:31:47 +0100 Subject: [PATCH 013/110] Include ip addr show and ip route show for us to help with local-service issues (where hops-away is measured) Signed-off-by: DL6ER --- advanced/Scripts/piholeDebug.sh | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index 77e348c9..51220833 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -779,6 +779,21 @@ check_required_ports() { done } +ip_command() { + # Obtain and log information from "ip XYZ show" commands + echo_current_diagnostic "${2}" + local entries=() + mapfile -t entries < <(ip "${1}" show) + for line in "${entries[@]}"; do + log_write " ${line}" + done +} + +check_ip_command() { + ip_command "addr" "Network interfaces and addresses" + ip_command "route" "Network routing table" +} + check_networking() { # Runs through several of the functions made earlier; we just clump them # together since they are all related to the networking aspect of things @@ -1454,6 +1469,7 @@ check_selinux check_firewalld processor_check disk_usage +check_ip_command check_networking check_name_resolution check_dhcp_servers From f1245685dc394f4bea75a7d4a14ce55f17fbb834 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Mon, 10 Jan 2022 20:07:44 +0000 Subject: [PATCH 014/110] Add action to automatically sync master to dev when code is pushed to master Add in a release.yml to ignore github-actions author when auto-generating release notes Signed-off-by: Adam Warner --- .github/release.yml | 7 +++++++ .github/workflows/sync-back-to-dev.yml | 28 ++++++++++++++++++++++++++ 2 files changed, 35 insertions(+) create mode 100644 .github/release.yml create mode 100644 .github/workflows/sync-back-to-dev.yml diff --git a/.github/release.yml b/.github/release.yml new file mode 100644 index 00000000..2e8776e9 --- /dev/null +++ b/.github/release.yml @@ -0,0 +1,7 @@ +changelog: + exclude: + labels: + - internal + authors: + - dependabot + - github-actions diff --git a/.github/workflows/sync-back-to-dev.yml b/.github/workflows/sync-back-to-dev.yml new file mode 100644 index 00000000..819e9d24 --- /dev/null +++ b/.github/workflows/sync-back-to-dev.yml @@ -0,0 +1,28 @@ +name: Sync Back to Development + +on: + push: + branches: + - master + +jobs: + sync-branches: + runs-on: ubuntu-latest + name: Syncing branches + steps: + - name: Checkout + uses: actions/checkout@v2 + - name: Opening pull request + id: pull + uses: tretuna/sync-branches@1.4.0 + with: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + FROM_BRANCH: 'master' + TO_BRANCH: 'development' + CONTENT_COMPARISON: true + - name: Label the pull request to ignore for release note generation + uses: actions-ecosystem/action-add-labels@v1 + with: + labels: internal + repo: ${{ github.repository }} + number: ${{ steps.pull.outputs.PULL_REQUEST_NUMBER }} From 3260cb40b569d84f25a269a8b53bd1c52d6ba963 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Tue, 11 Jan 2022 19:15:30 +0000 Subject: [PATCH 015/110] ops per run -> 300 for stale Signed-off-by: Adam Warner --- .github/workflows/stale.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index f98dcc2e..5a13b7f5 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -22,3 +22,4 @@ jobs: stale-issue-label: 'Submitter Attention Required' exempt-issue-labels: 'pinned, Fixed in next release, Bug: Confirmed' exempt-all-issue-assignees: true + operations-per-run: 300 From ed6b85241bb820644c1c7c922a587fd3a0b3f89d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Lukas=20Schl=C3=B6tterer?= <80917404+lschloetterer@users.noreply.github.com> Date: Wed, 12 Jan 2022 09:23:13 +0100 Subject: [PATCH 016/110] use sed substitute instead of delete and append (#4555) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * use sed substitute instead of delete and append doesn't move the line to the end of the file, instead keeps the order of the lines in setupVars.conf intact Signed-off-by: Lukas Schlötterer <80917404+lschloetterer@users.noreply.github.com> * Match start of line as suggested in the review Signed-off-by: Lukas Schlötterer <80917404+lschloetterer@users.noreply.github.com> Co-authored-by: yubiuser Co-authored-by: yubiuser --- pihole | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/pihole b/pihole index 8af47dc8..ddb8c707 100755 --- a/pihole +++ b/pihole @@ -223,8 +223,7 @@ Time: fi local str="Pi-hole Disabled" - sed -i "/BLOCKING_ENABLED=/d" "${setupVars}" - echo "BLOCKING_ENABLED=false" >> "${setupVars}" + sed -i "s/^BLOCKING_ENABLED=true/BLOCKING_ENABLED=false/" "${setupVars}" fi else # Enable Pi-hole @@ -236,8 +235,7 @@ Time: echo -e " ${INFO} Enabling blocking" local str="Pi-hole Enabled" - sed -i "/BLOCKING_ENABLED=/d" "${setupVars}" - echo "BLOCKING_ENABLED=true" >> "${setupVars}" + sed -i "s/^BLOCKING_ENABLED=false/BLOCKING_ENABLED=true/" "${setupVars}" fi restartDNS reload-lists From 57ba60ce54991c3be9ce745f781eddb2de417b40 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Thu, 13 Jan 2022 09:13:40 +0100 Subject: [PATCH 017/110] Change the exemption issue label pinned to internal for stale issues MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- .github/workflows/stale.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index 5a13b7f5..c2b19cf3 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -20,6 +20,6 @@ jobs: days-before-close: 5 stale-issue-message: 'This issue is stale because it has been open 30 days with no activity. Please comment or update this issue or it will be closed in 5 days.' stale-issue-label: 'Submitter Attention Required' - exempt-issue-labels: 'pinned, Fixed in next release, Bug: Confirmed' + exempt-issue-labels: 'internal, Fixed in next release, Bug: Confirmed' exempt-all-issue-assignees: true operations-per-run: 300 From cdde832ed373dc418e95823f65a5eba2233d93af Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Thu, 13 Jan 2022 09:16:31 +0100 Subject: [PATCH 018/110] Some use uppercase some don't... MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- .github/workflows/stale.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index c2b19cf3..fc78e820 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -20,6 +20,6 @@ jobs: days-before-close: 5 stale-issue-message: 'This issue is stale because it has been open 30 days with no activity. Please comment or update this issue or it will be closed in 5 days.' stale-issue-label: 'Submitter Attention Required' - exempt-issue-labels: 'internal, Fixed in next release, Bug: Confirmed' + exempt-issue-labels: 'Internal, Fixed in next release, Bug: Confirmed' exempt-all-issue-assignees: true operations-per-run: 300 From 6ead24b3157ae379e018d7a5e893ebc757b458a8 Mon Sep 17 00:00:00 2001 From: RD WebDesign Date: Fri, 14 Jan 2022 13:00:34 -0300 Subject: [PATCH 019/110] Move space into variable (#4562) Signed-off-by: rdwebdesign --- advanced/Scripts/query.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/advanced/Scripts/query.sh b/advanced/Scripts/query.sh index 0fd9871a..9ddfdc62 100755 --- a/advanced/Scripts/query.sh +++ b/advanced/Scripts/query.sh @@ -233,7 +233,7 @@ for result in "${results[@]}"; do adlistAddress="${extra/|*/}" extra="${extra#*|}" if [[ "${extra}" == "0" ]]; then - extra="(disabled)" + extra=" (disabled)" else extra="" fi @@ -241,7 +241,7 @@ for result in "${results[@]}"; do if [[ -n "${blockpage}" ]]; then echo "0 ${adlistAddress}" elif [[ -n "${exact}" ]]; then - echo " - ${adlistAddress} ${extra}" + echo " - ${adlistAddress}${extra}" else if [[ ! "${adlistAddress}" == "${adlistAddress_prev:-}" ]]; then count="" @@ -256,7 +256,7 @@ for result in "${results[@]}"; do [[ "${count}" -gt "${max_count}" ]] && continue echo " ${COL_GRAY}Over ${count} results found, skipping rest of file${COL_NC}" else - echo " ${match} ${extra}" + echo " ${match}${extra}" fi fi done From 7aa28e4a3aa27a3cfdb5e495969fb4c9f923af5f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Sat, 22 Jan 2022 22:09:15 +0100 Subject: [PATCH 020/110] Do a full fetch MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- advanced/Scripts/update.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/Scripts/update.sh b/advanced/Scripts/update.sh index d18d2e78..9da85c89 100755 --- a/advanced/Scripts/update.sh +++ b/advanced/Scripts/update.sh @@ -41,7 +41,7 @@ GitCheckUpdateAvail() { cd "${directory}" || return # Fetch latest changes in this repo - git fetch --tags --quiet origin + git fetch --quiet origin # Check current branch. If it is master, then check for the latest available tag instead of latest commit. curBranch=$(git rev-parse --abbrev-ref HEAD) From bad6d8a59e6617ab0fa1fab4606579324fd64475 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Lukas=20Schl=C3=B6tterer?= <80917404+lschloetterer@users.noreply.github.com> Date: Fri, 28 Jan 2022 16:26:57 +0100 Subject: [PATCH 021/110] add parameter to set filename for teleporter MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Make it possible to write pihole -a -t myname.tar.gz to configure the filename however you want Signed-off-by: Lukas Schlötterer <80917404+lschloetterer@users.noreply.github.com> --- advanced/Scripts/webpage.sh | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index 4f44eca8..d823a7c1 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -640,12 +640,17 @@ Interfaces: } Teleporter() { - local datetimestamp - local host - datetimestamp=$(date "+%Y-%m-%d_%H-%M-%S") - host=$(hostname) - host="${host//./_}" - php /var/www/html/admin/scripts/pi-hole/php/teleporter.php > "pi-hole-${host:-noname}-teleporter_${datetimestamp}.tar.gz" + local filename + filename="${args[2]}" + if [[ -z "${filename}" ]]; then + local datetimestamp + local host + datetimestamp=$(date "+%Y-%m-%d_%H-%M-%S") + host=$(hostname) + host="${host//./_}" + filename="pi-hole-${host:-noname}-teleporter_${datetimestamp}.tar.gz" + fi + php /var/www/html/admin/scripts/pi-hole/php/teleporter.php > "${filename}" } checkDomain() From f0f5cc52d9bd7bb542a9735bdcb489152da05826 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sat, 29 Jan 2022 22:39:45 +0100 Subject: [PATCH 022/110] Use internal SQLite3 engine in more places in gravity.sh Signed-off-by: DL6ER --- gravity.sh | 34 +++++++++++++++++----------------- 1 file changed, 17 insertions(+), 17 deletions(-) diff --git a/gravity.sh b/gravity.sh index 2f24fbdb..ad0ba9a0 100755 --- a/gravity.sh +++ b/gravity.sh @@ -73,9 +73,9 @@ if [[ -r "${piholeDir}/pihole.conf" ]]; then echo -e " ${COL_LIGHT_RED}Ignoring overrides specified within pihole.conf! ${COL_NC}" fi -# Generate new sqlite3 file from schema template +# Generate new SQLite3 file from schema template generate_gravity_database() { - if ! sqlite3 "${gravityDBfile}" < "${gravityDBschema}"; then + if ! pihole-FTL sqlite3 "${gravityDBfile}" < "${gravityDBschema}"; then echo -e " ${CROSS} Unable to create ${gravityDBfile}" return 1 fi @@ -90,7 +90,7 @@ gravity_swap_databases() { echo -ne " ${INFO} ${str}..." # The index is intentionally not UNIQUE as poor quality adlists may contain domains more than once - output=$( { sqlite3 "${gravityTEMPfile}" "CREATE INDEX idx_gravity ON gravity (domain, adlist_id);"; } 2>&1 ) + output=$( { pihole-FTL sqlite3 "${gravityTEMPfile}" "CREATE INDEX idx_gravity ON gravity (domain, adlist_id);"; } 2>&1 ) status="$?" if [[ "${status}" -ne 0 ]]; then @@ -136,7 +136,7 @@ gravity_swap_databases() { # Update timestamp when the gravity table was last updated successfully update_gravity_timestamp() { - output=$( { printf ".timeout 30000\\nINSERT OR REPLACE INTO info (property,value) values ('updated',cast(strftime('%%s', 'now') as int));" | sqlite3 "${gravityDBfile}"; } 2>&1 ) + output=$( { printf ".timeout 30000\\nINSERT OR REPLACE INTO info (property,value) values ('updated',cast(strftime('%%s', 'now') as int));" | pihole-FTL sqlite3 "${gravityDBfile}"; } 2>&1 ) status="$?" if [[ "${status}" -ne 0 ]]; then @@ -177,7 +177,7 @@ database_table_from_file() { # Get MAX(id) from domainlist when INSERTing into this table if [[ "${table}" == "domainlist" ]]; then - rowid="$(sqlite3 "${gravityDBfile}" "SELECT MAX(id) FROM domainlist;")" + rowid="$(pihole-FTL sqlite3 "${gravityDBfile}" "SELECT MAX(id) FROM domainlist;")" if [[ -z "$rowid" ]]; then rowid=0 fi @@ -207,7 +207,7 @@ database_table_from_file() { # Store domains in database table specified by ${table} # Use printf as .mode and .import need to be on separate lines # see https://unix.stackexchange.com/a/445615/83260 - output=$( { printf ".timeout 30000\\n.mode csv\\n.import \"%s\" %s\\n" "${tmpFile}" "${table}" | sqlite3 "${gravityDBfile}"; } 2>&1 ) + output=$( { printf ".timeout 30000\\n.mode csv\\n.import \"%s\" %s\\n" "${tmpFile}" "${table}" | pihole-FTL sqlite3 "${gravityDBfile}"; } 2>&1 ) status="$?" if [[ "${status}" -ne 0 ]]; then @@ -227,7 +227,7 @@ database_table_from_file() { # Update timestamp of last update of this list. We store this in the "old" database as all values in the new database will later be overwritten database_adlist_updated() { - output=$( { printf ".timeout 30000\\nUPDATE adlist SET date_updated = (cast(strftime('%%s', 'now') as int)) WHERE id = %i;\\n" "${1}" | sqlite3 "${gravityDBfile}"; } 2>&1 ) + output=$( { printf ".timeout 30000\\nUPDATE adlist SET date_updated = (cast(strftime('%%s', 'now') as int)) WHERE id = %i;\\n" "${1}" | pihole-FTL sqlite3 "${gravityDBfile}"; } 2>&1 ) status="$?" if [[ "${status}" -ne 0 ]]; then @@ -238,7 +238,7 @@ database_adlist_updated() { # Check if a column with name ${2} exists in gravity table with name ${1} gravity_column_exists() { - output=$( { printf ".timeout 30000\\nSELECT EXISTS(SELECT * FROM pragma_table_info('%s') WHERE name='%s');\\n" "${1}" "${2}" | sqlite3 "${gravityDBfile}"; } 2>&1 ) + output=$( { printf ".timeout 30000\\nSELECT EXISTS(SELECT * FROM pragma_table_info('%s') WHERE name='%s');\\n" "${1}" "${2}" | pihole-FTL sqlite3 "${gravityDBfile}"; } 2>&1 ) if [[ "${output}" == "1" ]]; then return 0 # Bash 0 is success fi @@ -253,7 +253,7 @@ database_adlist_number() { return; fi - output=$( { printf ".timeout 30000\\nUPDATE adlist SET number = %i, invalid_domains = %i WHERE id = %i;\\n" "${num_source_lines}" "${num_invalid}" "${1}" | sqlite3 "${gravityDBfile}"; } 2>&1 ) + output=$( { printf ".timeout 30000\\nUPDATE adlist SET number = %i, invalid_domains = %i WHERE id = %i;\\n" "${num_source_lines}" "${num_invalid}" "${1}" | pihole-FTL sqlite3 "${gravityDBfile}"; } 2>&1 ) status="$?" if [[ "${status}" -ne 0 ]]; then @@ -269,7 +269,7 @@ database_adlist_status() { return; fi - output=$( { printf ".timeout 30000\\nUPDATE adlist SET status = %i WHERE id = %i;\\n" "${2}" "${1}" | sqlite3 "${gravityDBfile}"; } 2>&1 ) + output=$( { printf ".timeout 30000\\nUPDATE adlist SET status = %i WHERE id = %i;\\n" "${2}" "${1}" | pihole-FTL sqlite3 "${gravityDBfile}"; } 2>&1 ) status="$?" if [[ "${status}" -ne 0 ]]; then @@ -386,9 +386,9 @@ gravity_DownloadBlocklists() { fi # Retrieve source URLs from gravity database - # We source only enabled adlists, sqlite3 stores boolean values as 0 (false) or 1 (true) - mapfile -t sources <<< "$(sqlite3 "${gravityDBfile}" "SELECT address FROM vw_adlist;" 2> /dev/null)" - mapfile -t sourceIDs <<< "$(sqlite3 "${gravityDBfile}" "SELECT id FROM vw_adlist;" 2> /dev/null)" + # We source only enabled adlists, SQLite3 stores boolean values as 0 (false) or 1 (true) + mapfile -t sources <<< "$(pihole-FTL sqlite3 "${gravityDBfile}" "SELECT address FROM vw_adlist;" 2> /dev/null)" + mapfile -t sourceIDs <<< "$(pihole-FTL sqlite3 "${gravityDBfile}" "SELECT id FROM vw_adlist;" 2> /dev/null)" # Parse source domains from $sources mapfile -t sourceDomains <<< "$( @@ -417,7 +417,7 @@ gravity_DownloadBlocklists() { str="Preparing new gravity database" echo -ne " ${INFO} ${str}..." rm "${gravityTEMPfile}" > /dev/null 2>&1 - output=$( { sqlite3 "${gravityTEMPfile}" < "${gravityDBschema}"; } 2>&1 ) + output=$( { pihole-FTL sqlite3 "${gravityTEMPfile}" < "${gravityDBschema}"; } 2>&1 ) status="$?" if [[ "${status}" -ne 0 ]]; then @@ -782,12 +782,12 @@ gravity_Table_Count() { local table="${1}" local str="${2}" local num - num="$(sqlite3 "${gravityDBfile}" "SELECT COUNT(*) FROM ${table};")" + num="$(pihole-FTL sqlite3 "${gravityDBfile}" "SELECT COUNT(*) FROM ${table};")" if [[ "${table}" == "vw_gravity" ]]; then local unique - unique="$(sqlite3 "${gravityDBfile}" "SELECT COUNT(DISTINCT domain) FROM ${table};")" + unique="$(pihole-FTL sqlite3 "${gravityDBfile}" "SELECT COUNT(DISTINCT domain) FROM ${table};")" echo -e " ${INFO} Number of ${str}: ${num} (${COL_BOLD}${unique} unique domains${COL_NC})" - sqlite3 "${gravityDBfile}" "INSERT OR REPLACE INTO info (property,value) VALUES ('gravity_count',${unique});" + pihole-FTL sqlite3 "${gravityDBfile}" "INSERT OR REPLACE INTO info (property,value) VALUES ('gravity_count',${unique});" else echo -e " ${INFO} Number of ${str}: ${num}" fi From 534f9a63bf0db0493d929d3737f48712ef99a495 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sun, 30 Jan 2022 10:36:20 +0100 Subject: [PATCH 023/110] Copy database tables earlier into the new gravity database to avoid foreign key contraint violations when adding gravity entries refering to an empty adlist table Signed-off-by: DL6ER --- gravity.sh | 47 ++++++++++++++++++++++++++++------------------- 1 file changed, 28 insertions(+), 19 deletions(-) diff --git a/gravity.sh b/gravity.sh index ad0ba9a0..ac2fca1b 100755 --- a/gravity.sh +++ b/gravity.sh @@ -85,7 +85,7 @@ generate_gravity_database() { # Copy data from old to new database file and swap them gravity_swap_databases() { - local str copyGravity + local str copyGravity oldAvail str="Building tree" echo -ne " ${INFO} ${str}..." @@ -102,22 +102,6 @@ gravity_swap_databases() { str="Swapping databases" echo -ne " ${INFO} ${str}..." - # Gravity copying SQL script - copyGravity="$(cat "${gravityDBcopy}")" - if [[ "${gravityDBfile}" != "${gravityDBfile_default}" ]]; then - # Replace default gravity script location by custom location - copyGravity="${copyGravity//"${gravityDBfile_default}"/"${gravityDBfile}"}" - fi - - output=$( { sqlite3 "${gravityTEMPfile}" <<< "${copyGravity}"; } 2>&1 ) - status="$?" - - if [[ "${status}" -ne 0 ]]; then - echo -e "\\n ${CROSS} Unable to copy data from ${gravityDBfile} to ${gravityTEMPfile}\\n ${output}" - return 1 - fi - echo -e "${OVER} ${TICK} ${str}" - # Swap databases and remove or conditionally rename old database # Number of available blocks on disk availableBlocks=$(stat -f --format "%a" "${gravityDIR}") @@ -125,13 +109,19 @@ gravity_swap_databases() { gravityBlocks=$(stat --format "%b" ${gravityDBfile}) # Only keep the old database if available disk space is at least twice the size of the existing gravity.db. # Better be safe than sorry... + oldAvail=false if [ "${availableBlocks}" -gt "$((gravityBlocks * 2))" ] && [ -f "${gravityDBfile}" ]; then - echo -e " ${TICK} The old database remains available." + oldAvail=true mv "${gravityDBfile}" "${gravityOLDfile}" else rm "${gravityDBfile}" fi mv "${gravityTEMPfile}" "${gravityDBfile}" + echo -e "${OVER} ${TICK} ${str}" + + if [ oldAvail ]; then + echo -e " ${TICK} The old database remains available." + fi } # Update timestamp when the gravity table was last updated successfully @@ -475,9 +465,28 @@ gravity_DownloadBlocklists() { echo "" done + str="Creating new gravity databases" + echo -ne " ${INFO} ${str}..." + + # Gravity copying SQL script + copyGravity="$(cat "${gravityDBcopy}")" + if [[ "${gravityDBfile}" != "${gravityDBfile_default}" ]]; then + # Replace default gravity script location by custom location + copyGravity="${copyGravity//"${gravityDBfile_default}"/"${gravityDBfile}"}" + fi + + output=$( { pihole-FTL sqlite3 "${gravityTEMPfile}" <<< "${copyGravity}"; } 2>&1 ) + status="$?" + + if [[ "${status}" -ne 0 ]]; then + echo -e "\\n ${CROSS} Unable to copy data from ${gravityDBfile} to ${gravityTEMPfile}\\n ${output}" + return 1 + fi + echo -e "${OVER} ${TICK} ${str}" + str="Storing downloaded domains in new gravity database" echo -ne " ${INFO} ${str}..." - output=$( { printf ".timeout 30000\\n.mode csv\\n.import \"%s\" gravity\\n" "${target}" | sqlite3 "${gravityTEMPfile}"; } 2>&1 ) + output=$( { printf ".timeout 30000\\n.mode csv\\n.import \"%s\" gravity\\n" "${target}" | pihole-FTL sqlite3 "${gravityTEMPfile}"; } 2>&1 ) status="$?" if [[ "${status}" -ne 0 ]]; then From 5bb79de70b73662e03772564f5f242b216f85bf5 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sun, 30 Jan 2022 10:38:24 +0100 Subject: [PATCH 024/110] Clean possible leftovers in domainlist_by_group, adlist_by_group, and client_by_group before copying from database base to avoid foreign key violations. Signed-off-by: DL6ER --- advanced/Templates/gravity_copy.sql | 3 +++ 1 file changed, 3 insertions(+) diff --git a/advanced/Templates/gravity_copy.sql b/advanced/Templates/gravity_copy.sql index 4a2a9b22..a927dd8d 100644 --- a/advanced/Templates/gravity_copy.sql +++ b/advanced/Templates/gravity_copy.sql @@ -12,14 +12,17 @@ INSERT OR REPLACE INTO "group" SELECT * FROM OLD."group"; INSERT OR REPLACE INTO domain_audit SELECT * FROM OLD.domain_audit; INSERT OR REPLACE INTO domainlist SELECT * FROM OLD.domainlist; +DELETE FROM domainlist_by_group WHERE domainlist_id NOT IN (SELECT id FROM domainlist); INSERT OR REPLACE INTO domainlist_by_group SELECT * FROM OLD.domainlist_by_group; INSERT OR REPLACE INTO adlist SELECT * FROM OLD.adlist; +DELETE FROM adlist_by_group WHERE adlist_id NOT IN (SELECT id FROM adlist); INSERT OR REPLACE INTO adlist_by_group SELECT * FROM OLD.adlist_by_group; INSERT OR REPLACE INTO info SELECT * FROM OLD.info; INSERT OR REPLACE INTO client SELECT * FROM OLD.client; +DELETE FROM client_by_group WHERE client_id NOT IN (SELECT id FROM client); INSERT OR REPLACE INTO client_by_group SELECT * FROM OLD.client_by_group; From 8cbffa179d589cd3b6d5501733d2a634ff83cad1 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sun, 30 Jan 2022 10:42:13 +0100 Subject: [PATCH 025/110] Replace remaining sqlite3 calls by calls to our embedded pihole-FTL sqlite3 engine and remove sqlite3 as dependency in the installer. Signed-off-by: DL6ER --- .../Scripts/database_migration/gravity-db.sh | 30 +++++++++---------- advanced/Scripts/list.sh | 20 ++++++------- advanced/Scripts/piholeARPTable.sh | 4 +-- advanced/Scripts/piholeDebug.sh | 10 +++---- advanced/Scripts/piholeLogFlush.sh | 2 +- advanced/Scripts/query.sh | 4 +-- advanced/Scripts/webpage.sh | 12 ++++---- automated install/basic-install.sh | 2 +- gravity.sh | 2 +- 9 files changed, 43 insertions(+), 43 deletions(-) diff --git a/advanced/Scripts/database_migration/gravity-db.sh b/advanced/Scripts/database_migration/gravity-db.sh index 09dc1727..a7ba60a9 100755 --- a/advanced/Scripts/database_migration/gravity-db.sh +++ b/advanced/Scripts/database_migration/gravity-db.sh @@ -19,13 +19,13 @@ upgrade_gravityDB(){ auditFile="${piholeDir}/auditlog.list" # Get database version - version="$(sqlite3 "${database}" "SELECT \"value\" FROM \"info\" WHERE \"property\" = 'version';")" + version="$(pihole-FTL sqlite3 "${database}" "SELECT \"value\" FROM \"info\" WHERE \"property\" = 'version';")" if [[ "$version" == "1" ]]; then # This migration script upgrades the gravity.db file by # adding the domain_audit table echo -e " ${INFO} Upgrading gravity database from version 1 to 2" - sqlite3 "${database}" < "${scriptPath}/1_to_2.sql" + pihole-FTL sqlite3 "${database}" < "${scriptPath}/1_to_2.sql" version=2 # Store audit domains in database table @@ -40,28 +40,28 @@ upgrade_gravityDB(){ # renaming the regex table to regex_blacklist, and # creating a new regex_whitelist table + corresponding linking table and views echo -e " ${INFO} Upgrading gravity database from version 2 to 3" - sqlite3 "${database}" < "${scriptPath}/2_to_3.sql" + pihole-FTL sqlite3 "${database}" < "${scriptPath}/2_to_3.sql" version=3 fi if [[ "$version" == "3" ]]; then # This migration script unifies the formally separated domain # lists into a single table with a UNIQUE domain constraint echo -e " ${INFO} Upgrading gravity database from version 3 to 4" - sqlite3 "${database}" < "${scriptPath}/3_to_4.sql" + pihole-FTL sqlite3 "${database}" < "${scriptPath}/3_to_4.sql" version=4 fi if [[ "$version" == "4" ]]; then # This migration script upgrades the gravity and list views # implementing necessary changes for per-client blocking echo -e " ${INFO} Upgrading gravity database from version 4 to 5" - sqlite3 "${database}" < "${scriptPath}/4_to_5.sql" + pihole-FTL sqlite3 "${database}" < "${scriptPath}/4_to_5.sql" version=5 fi if [[ "$version" == "5" ]]; then # This migration script upgrades the adlist view # to return an ID used in gravity.sh echo -e " ${INFO} Upgrading gravity database from version 5 to 6" - sqlite3 "${database}" < "${scriptPath}/5_to_6.sql" + pihole-FTL sqlite3 "${database}" < "${scriptPath}/5_to_6.sql" version=6 fi if [[ "$version" == "6" ]]; then @@ -69,7 +69,7 @@ upgrade_gravityDB(){ # which is automatically associated to all clients not # having their own group assignments echo -e " ${INFO} Upgrading gravity database from version 6 to 7" - sqlite3 "${database}" < "${scriptPath}/6_to_7.sql" + pihole-FTL sqlite3 "${database}" < "${scriptPath}/6_to_7.sql" version=7 fi if [[ "$version" == "7" ]]; then @@ -77,21 +77,21 @@ upgrade_gravityDB(){ # to ensure uniqueness on the group name # We also add date_added and date_modified columns echo -e " ${INFO} Upgrading gravity database from version 7 to 8" - sqlite3 "${database}" < "${scriptPath}/7_to_8.sql" + pihole-FTL sqlite3 "${database}" < "${scriptPath}/7_to_8.sql" version=8 fi if [[ "$version" == "8" ]]; then # This migration fixes some issues that were introduced # in the previous migration script. echo -e " ${INFO} Upgrading gravity database from version 8 to 9" - sqlite3 "${database}" < "${scriptPath}/8_to_9.sql" + pihole-FTL sqlite3 "${database}" < "${scriptPath}/8_to_9.sql" version=9 fi if [[ "$version" == "9" ]]; then # This migration drops unused tables and creates triggers to remove # obsolete groups assignments when the linked items are deleted echo -e " ${INFO} Upgrading gravity database from version 9 to 10" - sqlite3 "${database}" < "${scriptPath}/9_to_10.sql" + pihole-FTL sqlite3 "${database}" < "${scriptPath}/9_to_10.sql" version=10 fi if [[ "$version" == "10" ]]; then @@ -101,31 +101,31 @@ upgrade_gravityDB(){ # to keep the copying process generic (needs the same columns in both the # source and the destination databases). echo -e " ${INFO} Upgrading gravity database from version 10 to 11" - sqlite3 "${database}" < "${scriptPath}/10_to_11.sql" + pihole-FTL sqlite3 "${database}" < "${scriptPath}/10_to_11.sql" version=11 fi if [[ "$version" == "11" ]]; then # Rename group 0 from "Unassociated" to "Default" echo -e " ${INFO} Upgrading gravity database from version 11 to 12" - sqlite3 "${database}" < "${scriptPath}/11_to_12.sql" + pihole-FTL sqlite3 "${database}" < "${scriptPath}/11_to_12.sql" version=12 fi if [[ "$version" == "12" ]]; then # Add column date_updated to adlist table echo -e " ${INFO} Upgrading gravity database from version 12 to 13" - sqlite3 "${database}" < "${scriptPath}/12_to_13.sql" + pihole-FTL sqlite3 "${database}" < "${scriptPath}/12_to_13.sql" version=13 fi if [[ "$version" == "13" ]]; then # Add columns number and status to adlist table echo -e " ${INFO} Upgrading gravity database from version 13 to 14" - sqlite3 "${database}" < "${scriptPath}/13_to_14.sql" + pihole-FTL sqlite3 "${database}" < "${scriptPath}/13_to_14.sql" version=14 fi if [[ "$version" == "14" ]]; then # Changes the vw_adlist created in 5_to_6 echo -e " ${INFO} Upgrading gravity database from version 14 to 15" - sqlite3 "${database}" < "${scriptPath}/14_to_15.sql" + pihole-FTL sqlite3 "${database}" < "${scriptPath}/14_to_15.sql" version=15 fi } diff --git a/advanced/Scripts/list.sh b/advanced/Scripts/list.sh index 8945047e..f3f97da2 100755 --- a/advanced/Scripts/list.sh +++ b/advanced/Scripts/list.sh @@ -142,18 +142,18 @@ AddDomain() { domain="$1" # Is the domain in the list we want to add it to? - num="$(sqlite3 "${gravityDBfile}" "SELECT COUNT(*) FROM domainlist WHERE domain = '${domain}';")" + num="$(pihole-FTL sqlite3 "${gravityDBfile}" "SELECT COUNT(*) FROM domainlist WHERE domain = '${domain}';")" requestedListname="$(GetListnameFromTypeId "${typeId}")" if [[ "${num}" -ne 0 ]]; then - existingTypeId="$(sqlite3 "${gravityDBfile}" "SELECT type FROM domainlist WHERE domain = '${domain}';")" + existingTypeId="$(pihole-FTL sqlite3 "${gravityDBfile}" "SELECT type FROM domainlist WHERE domain = '${domain}';")" if [[ "${existingTypeId}" == "${typeId}" ]]; then if [[ "${verbose}" == true ]]; then echo -e " ${INFO} ${1} already exists in ${requestedListname}, no need to add!" fi else existingListname="$(GetListnameFromTypeId "${existingTypeId}")" - sqlite3 "${gravityDBfile}" "UPDATE domainlist SET type = ${typeId} WHERE domain='${domain}';" + pihole-FTL sqlite3 "${gravityDBfile}" "UPDATE domainlist SET type = ${typeId} WHERE domain='${domain}';" if [[ "${verbose}" == true ]]; then echo -e " ${INFO} ${1} already exists in ${existingListname}, it has been moved to ${requestedListname}!" fi @@ -169,10 +169,10 @@ AddDomain() { # Insert only the domain here. The enabled and date_added fields will be filled # with their default values (enabled = true, date_added = current timestamp) if [[ -z "${comment}" ]]; then - sqlite3 "${gravityDBfile}" "INSERT INTO domainlist (domain,type) VALUES ('${domain}',${typeId});" + pihole-FTL sqlite3 "${gravityDBfile}" "INSERT INTO domainlist (domain,type) VALUES ('${domain}',${typeId});" else # also add comment when variable has been set through the "--comment" option - sqlite3 "${gravityDBfile}" "INSERT INTO domainlist (domain,type,comment) VALUES ('${domain}',${typeId},'${comment}');" + pihole-FTL sqlite3 "${gravityDBfile}" "INSERT INTO domainlist (domain,type,comment) VALUES ('${domain}',${typeId},'${comment}');" fi } @@ -181,7 +181,7 @@ RemoveDomain() { domain="$1" # Is the domain in the list we want to remove it from? - num="$(sqlite3 "${gravityDBfile}" "SELECT COUNT(*) FROM domainlist WHERE domain = '${domain}' AND type = ${typeId};")" + num="$(pihole-FTL sqlite3 "${gravityDBfile}" "SELECT COUNT(*) FROM domainlist WHERE domain = '${domain}' AND type = ${typeId};")" requestedListname="$(GetListnameFromTypeId "${typeId}")" @@ -198,14 +198,14 @@ RemoveDomain() { fi reload=true # Remove it from the current list - sqlite3 "${gravityDBfile}" "DELETE FROM domainlist WHERE domain = '${domain}' AND type = ${typeId};" + pihole-FTL sqlite3 "${gravityDBfile}" "DELETE FROM domainlist WHERE domain = '${domain}' AND type = ${typeId};" } Displaylist() { local count num_pipes domain enabled status nicedate requestedListname requestedListname="$(GetListnameFromTypeId "${typeId}")" - data="$(sqlite3 "${gravityDBfile}" "SELECT domain,enabled,date_modified FROM domainlist WHERE type = ${typeId};" 2> /dev/null)" + data="$(pihole-FTL sqlite3 "${gravityDBfile}" "SELECT domain,enabled,date_modified FROM domainlist WHERE type = ${typeId};" 2> /dev/null)" if [[ -z $data ]]; then echo -e "Not showing empty list" @@ -243,10 +243,10 @@ Displaylist() { } NukeList() { - count=$(sqlite3 "${gravityDBfile}" "SELECT COUNT(1) FROM domainlist WHERE type = ${typeId};") + count=$(pihole-FTL sqlite3 "${gravityDBfile}" "SELECT COUNT(1) FROM domainlist WHERE type = ${typeId};") listname="$(GetListnameFromTypeId "${typeId}")" if [ "$count" -gt 0 ];then - sqlite3 "${gravityDBfile}" "DELETE FROM domainlist WHERE type = ${typeId};" + pihole-FTL sqlite3 "${gravityDBfile}" "DELETE FROM domainlist WHERE type = ${typeId};" echo " ${TICK} Removed ${count} domain(s) from the ${listname}" else echo " ${INFO} ${listname} already empty. Nothing to do!" diff --git a/advanced/Scripts/piholeARPTable.sh b/advanced/Scripts/piholeARPTable.sh index 66d05bf9..5daa025d 100755 --- a/advanced/Scripts/piholeARPTable.sh +++ b/advanced/Scripts/piholeARPTable.sh @@ -39,7 +39,7 @@ flushARP(){ # Truncate network_addresses table in pihole-FTL.db # This needs to be done before we can truncate the network table due to # foreign key constraints - if ! output=$(sqlite3 "${DBFILE}" "DELETE FROM network_addresses" 2>&1); then + if ! output=$(pihole-FTL sqlite3 "${DBFILE}" "DELETE FROM network_addresses" 2>&1); then echo -e "${OVER} ${CROSS} Failed to truncate network_addresses table" echo " Database location: ${DBFILE}" echo " Output: ${output}" @@ -47,7 +47,7 @@ flushARP(){ fi # Truncate network table in pihole-FTL.db - if ! output=$(sqlite3 "${DBFILE}" "DELETE FROM network" 2>&1); then + if ! output=$(pihole-FTL sqlite3 "${DBFILE}" "DELETE FROM network" 2>&1); then echo -e "${OVER} ${CROSS} Failed to truncate network table" echo " Database location: ${DBFILE}" echo " Output: ${output}" diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index 7be4029b..7d3e7acf 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -888,7 +888,7 @@ dig_at() { # This helps emulate queries to different domains that a user might query # It will also give extra assurance that Pi-hole is correctly resolving and blocking domains local random_url - random_url=$(sqlite3 "${PIHOLE_GRAVITY_DB_FILE}" "SELECT domain FROM vw_gravity ORDER BY RANDOM() LIMIT 1") + random_url=$(pihole-FTL sqlite3 "${PIHOLE_GRAVITY_DB_FILE}" "SELECT domain FROM vw_gravity ORDER BY RANDOM() LIMIT 1") # Next we need to check if Pi-hole can resolve a domain when the query is sent to it's IP address # This better emulates how clients will interact with Pi-hole as opposed to above where Pi-hole is @@ -1202,7 +1202,7 @@ show_db_entries() { IFS=$'\r\n' local entries=() mapfile -t entries < <(\ - sqlite3 "${PIHOLE_GRAVITY_DB_FILE}" \ + pihole-FTL sqlite3 "${PIHOLE_GRAVITY_DB_FILE}" \ -cmd ".headers on" \ -cmd ".mode column" \ -cmd ".width ${widths}" \ @@ -1227,7 +1227,7 @@ show_FTL_db_entries() { IFS=$'\r\n' local entries=() mapfile -t entries < <(\ - sqlite3 "${PIHOLE_FTL_DB_FILE}" \ + pihole-FTL sqlite3 "${PIHOLE_FTL_DB_FILE}" \ -cmd ".headers on" \ -cmd ".mode column" \ -cmd ".width ${widths}" \ @@ -1284,7 +1284,7 @@ analyze_gravity_list() { log_write "${COL_GREEN}${gravity_permissions}${COL_NC}" show_db_entries "Info table" "SELECT property,value FROM info" "20 40" - gravity_updated_raw="$(sqlite3 "${PIHOLE_GRAVITY_DB_FILE}" "SELECT value FROM info where property = 'updated'")" + gravity_updated_raw="$(pihole-FTL sqlite3 "${PIHOLE_GRAVITY_DB_FILE}" "SELECT value FROM info where property = 'updated'")" gravity_updated="$(date -d @"${gravity_updated_raw}")" log_write " Last gravity run finished at: ${COL_CYAN}${gravity_updated}${COL_NC}" log_write "" @@ -1292,7 +1292,7 @@ analyze_gravity_list() { OLD_IFS="$IFS" IFS=$'\r\n' local gravity_sample=() - mapfile -t gravity_sample < <(sqlite3 "${PIHOLE_GRAVITY_DB_FILE}" "SELECT domain FROM vw_gravity LIMIT 10") + mapfile -t gravity_sample < <(pihole-FTL sqlite3 "${PIHOLE_GRAVITY_DB_FILE}" "SELECT domain FROM vw_gravity LIMIT 10") log_write " ${COL_CYAN}----- First 10 Gravity Domains -----${COL_NC}" for line in "${gravity_sample[@]}"; do diff --git a/advanced/Scripts/piholeLogFlush.sh b/advanced/Scripts/piholeLogFlush.sh index 5c6a2c68..7547a5fd 100755 --- a/advanced/Scripts/piholeLogFlush.sh +++ b/advanced/Scripts/piholeLogFlush.sh @@ -63,7 +63,7 @@ else fi fi # Delete most recent 24 hours from FTL's database, leave even older data intact (don't wipe out all history) - deleted=$(sqlite3 "${DBFILE}" "DELETE FROM queries WHERE timestamp >= strftime('%s','now')-86400; select changes() from queries limit 1") + deleted=$(pihole-FTL sqlite3 "${DBFILE}" "DELETE FROM queries WHERE timestamp >= strftime('%s','now')-86400; select changes() from queries limit 1") # Restart pihole-FTL to force reloading history sudo pihole restartdns diff --git a/advanced/Scripts/query.sh b/advanced/Scripts/query.sh index 9ddfdc62..20c891bf 100755 --- a/advanced/Scripts/query.sh +++ b/advanced/Scripts/query.sh @@ -121,7 +121,7 @@ scanDatabaseTable() { fi # Send prepared query to gravity database - result="$(sqlite3 "${gravityDBfile}" "${querystr}")" 2> /dev/null + result="$(pihole-FTL sqlite3 "${gravityDBfile}" "${querystr}")" 2> /dev/null if [[ -z "${result}" ]]; then # Return early when there are no matches in this table return @@ -164,7 +164,7 @@ scanRegexDatabaseTable() { type="${3:-}" # Query all regex from the corresponding database tables - mapfile -t regexList < <(sqlite3 "${gravityDBfile}" "SELECT domain FROM domainlist WHERE type = ${type}" 2> /dev/null) + mapfile -t regexList < <(pihole-FTL sqlite3 "${gravityDBfile}" "SELECT domain FROM domainlist WHERE type = ${type}" 2> /dev/null) # If we have regexps to process if [[ "${#regexList[@]}" -ne 0 ]]; then diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index 4f44eca8..0b9fb62b 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -523,13 +523,13 @@ CustomizeAdLists() { if CheckUrl "${address}"; then if [[ "${args[2]}" == "enable" ]]; then - sqlite3 "${gravityDBfile}" "UPDATE adlist SET enabled = 1 WHERE address = '${address}'" + pihole-FTL sqlite3 "${gravityDBfile}" "UPDATE adlist SET enabled = 1 WHERE address = '${address}'" elif [[ "${args[2]}" == "disable" ]]; then - sqlite3 "${gravityDBfile}" "UPDATE adlist SET enabled = 0 WHERE address = '${address}'" + pihole-FTL sqlite3 "${gravityDBfile}" "UPDATE adlist SET enabled = 0 WHERE address = '${address}'" elif [[ "${args[2]}" == "add" ]]; then - sqlite3 "${gravityDBfile}" "INSERT OR IGNORE INTO adlist (address, comment) VALUES ('${address}', '${comment}')" + pihole-FTL sqlite3 "${gravityDBfile}" "INSERT OR IGNORE INTO adlist (address, comment) VALUES ('${address}', '${comment}')" elif [[ "${args[2]}" == "del" ]]; then - sqlite3 "${gravityDBfile}" "DELETE FROM adlist WHERE address = '${address}'" + pihole-FTL sqlite3 "${gravityDBfile}" "DELETE FROM adlist WHERE address = '${address}'" else echo "Not permitted" return 1 @@ -681,12 +681,12 @@ addAudit() done # Insert only the domain here. The date_added field will be # filled with its default value (date_added = current timestamp) - sqlite3 "${gravityDBfile}" "INSERT INTO domain_audit (domain) VALUES ${domains};" + pihole-FTL sqlite3 "${gravityDBfile}" "INSERT INTO domain_audit (domain) VALUES ${domains};" } clearAudit() { - sqlite3 "${gravityDBfile}" "DELETE FROM domain_audit;" + pihole-FTL sqlite3 "${gravityDBfile}" "DELETE FROM domain_audit;" } SetPrivacyLevel() { diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 6591634e..a5c20692 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -287,7 +287,7 @@ package_manager_detect() { # Packages required to run this install script (stored as an array) INSTALLER_DEPS=(git iproute2 whiptail ca-certificates) # Packages required to run Pi-hole (stored as an array) - PIHOLE_DEPS=(cron curl iputils-ping psmisc sudo unzip idn2 sqlite3 libcap2-bin dns-root-data libcap2 netcat-openbsd) + PIHOLE_DEPS=(cron curl iputils-ping psmisc sudo unzip idn2 libcap2-bin dns-root-data libcap2 netcat-openbsd) # Packages required for the Web admin interface (stored as an array) # It's useful to separate this from Pi-hole, since the two repos are also setup separately PIHOLE_WEB_DEPS=(lighttpd "${phpVer}-common" "${phpVer}-cgi" "${phpVer}-sqlite3" "${phpVer}-xml" "${phpVer}-intl") diff --git a/gravity.sh b/gravity.sh index ac2fca1b..9c11fa98 100755 --- a/gravity.sh +++ b/gravity.sh @@ -119,7 +119,7 @@ gravity_swap_databases() { mv "${gravityTEMPfile}" "${gravityDBfile}" echo -e "${OVER} ${TICK} ${str}" - if [ oldAvail ]; then + if $oldAvail; then echo -e " ${TICK} The old database remains available." fi } From 1dd9d55d82501a7b05fc86eb621a2fc9a610c8b8 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Sun, 30 Jan 2022 15:53:03 +0000 Subject: [PATCH 026/110] Replace value for BLOCKING_ENABLED (and QUERY_LOGGING, for consistency) and if value that we are trying to replace does not exist, add it to the end of the file. Co-authored-by: MichaIng Signed-off-by: Adam Warner --- pihole | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/pihole b/pihole index ddb8c707..610c9f31 100755 --- a/pihole +++ b/pihole @@ -170,6 +170,16 @@ restartDNS() { fi } +addOrEditKeyValPair() { + local key="${1}" + local value="${2}" + if grep -q "^${key}=" "${setupVars}"; then + sed -i "/^${key}=/c\\${key}=${value}" "${setupVars}" + else + echo "${key}=${value}" >> "${setupVars}" + fi +} + piholeEnable() { if [[ "${2}" == "-h" ]] || [[ "${2}" == "--help" ]]; then echo "Usage: pihole disable [time] @@ -223,7 +233,7 @@ Time: fi local str="Pi-hole Disabled" - sed -i "s/^BLOCKING_ENABLED=true/BLOCKING_ENABLED=false/" "${setupVars}" + addOrEditKeyValPair "BLOCKING_ENABLED" "false" fi else # Enable Pi-hole @@ -235,7 +245,7 @@ Time: echo -e " ${INFO} Enabling blocking" local str="Pi-hole Enabled" - sed -i "s/^BLOCKING_ENABLED=false/BLOCKING_ENABLED=true/" "${setupVars}" + addOrEditKeyValPair "BLOCKING_ENABLED" "true" fi restartDNS reload-lists @@ -258,7 +268,7 @@ Options: elif [[ "${1}" == "off" ]]; then # Disable logging sed -i 's/^log-queries/#log-queries/' /etc/dnsmasq.d/01-pihole.conf - sed -i 's/^QUERY_LOGGING=true/QUERY_LOGGING=false/' /etc/pihole/setupVars.conf + addOrEditKeyValPair "QUERY_LOGGING" "false" if [[ "${2}" != "noflush" ]]; then # Flush logs "${PI_HOLE_BIN_DIR}"/pihole -f @@ -268,7 +278,7 @@ Options: elif [[ "${1}" == "on" ]]; then # Enable logging sed -i 's/^#log-queries/log-queries/' /etc/dnsmasq.d/01-pihole.conf - sed -i 's/^QUERY_LOGGING=false/QUERY_LOGGING=true/' /etc/pihole/setupVars.conf + addOrEditKeyValPair "QUERY_LOGGING" "true" echo -e " ${INFO} Enabling logging..." local str="Logging has been enabled!" else From 2f4c4d9176d5081e2494e13f4a5304e91b12757c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Sun, 30 Jan 2022 20:13:10 +0100 Subject: [PATCH 027/110] Fix stale label to stale MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- .github/workflows/stale.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index fc78e820..506af406 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -19,7 +19,7 @@ jobs: days-before-stale: 30 days-before-close: 5 stale-issue-message: 'This issue is stale because it has been open 30 days with no activity. Please comment or update this issue or it will be closed in 5 days.' - stale-issue-label: 'Submitter Attention Required' + stale-issue-label: 'stale' exempt-issue-labels: 'Internal, Fixed in next release, Bug: Confirmed' exempt-all-issue-assignees: true operations-per-run: 300 From 74d7d10554dbd96454ffbc5ce960d608b1a4a034 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sun, 30 Jan 2022 21:09:24 +0100 Subject: [PATCH 028/110] Orphans need to be deleted in the old database Signed-off-by: DL6ER --- advanced/Templates/gravity_copy.sql | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/advanced/Templates/gravity_copy.sql b/advanced/Templates/gravity_copy.sql index a927dd8d..3bea731d 100644 --- a/advanced/Templates/gravity_copy.sql +++ b/advanced/Templates/gravity_copy.sql @@ -12,17 +12,17 @@ INSERT OR REPLACE INTO "group" SELECT * FROM OLD."group"; INSERT OR REPLACE INTO domain_audit SELECT * FROM OLD.domain_audit; INSERT OR REPLACE INTO domainlist SELECT * FROM OLD.domainlist; -DELETE FROM domainlist_by_group WHERE domainlist_id NOT IN (SELECT id FROM domainlist); +DELETE FROM OLD.domainlist_by_group WHERE domainlist_id NOT IN (SELECT id FROM OLD.domainlist); INSERT OR REPLACE INTO domainlist_by_group SELECT * FROM OLD.domainlist_by_group; INSERT OR REPLACE INTO adlist SELECT * FROM OLD.adlist; -DELETE FROM adlist_by_group WHERE adlist_id NOT IN (SELECT id FROM adlist); +DELETE FROM OLD.adlist_by_group WHERE adlist_id NOT IN (SELECT id FROM OLD.adlist); INSERT OR REPLACE INTO adlist_by_group SELECT * FROM OLD.adlist_by_group; INSERT OR REPLACE INTO info SELECT * FROM OLD.info; INSERT OR REPLACE INTO client SELECT * FROM OLD.client; -DELETE FROM client_by_group WHERE client_id NOT IN (SELECT id FROM client); +DELETE FROM OLD.client_by_group WHERE client_id NOT IN (SELECT id FROM OLD.client); INSERT OR REPLACE INTO client_by_group SELECT * FROM OLD.client_by_group; From 77e5121d438f7895ae6c512222802a0307c63ebb Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Sun, 30 Jan 2022 23:05:28 +0000 Subject: [PATCH 029/110] Split new function out into a separte utility script and add a test for it. Can be used in future to organise re/commonly-used code Signed-off-by: Adam Warner --- advanced/Scripts/utils.sh | 35 +++++++++++++++++++ pihole | 21 ++++------- ...stall.py => test_any_automated_install.py} | 0 test/test_any_utils.py | 16 +++++++++ test/tox.centos_7.ini | 2 +- test/tox.centos_8.ini | 2 +- test/tox.debian_10.ini | 2 +- test/tox.debian_11.ini | 2 +- test/tox.debian_9.ini | 2 +- test/tox.fedora_33.ini | 2 +- test/tox.fedora_34.ini | 2 +- test/tox.ubuntu_16.ini | 2 +- test/tox.ubuntu_18.ini | 2 +- test/tox.ubuntu_20.ini | 2 +- test/tox.ubuntu_21.ini | 2 +- 15 files changed, 69 insertions(+), 25 deletions(-) create mode 100755 advanced/Scripts/utils.sh rename test/{test_automated_install.py => test_any_automated_install.py} (100%) create mode 100644 test/test_any_utils.py diff --git a/advanced/Scripts/utils.sh b/advanced/Scripts/utils.sh new file mode 100755 index 00000000..887816cc --- /dev/null +++ b/advanced/Scripts/utils.sh @@ -0,0 +1,35 @@ +#!/usr/bin/env bash +# Pi-hole: A black hole for Internet advertisements +# (c) 2017 Pi-hole, LLC (https://pi-hole.net) +# Network-wide ad blocking via your own hardware. +# +# Script to hold utility functions for use in other scripts +# +# This file is copyright under the latest version of the EUPL. +# Please see LICENSE file for your rights under this license. + +# Basic Housekeeping rules +# - Functions must be self contained +# - Functions must be added in alphabetical order +# - Functions must be documented +# - New functions must have a test added for them in test/test_any_utils.py + +####################### +# Takes three arguments key, value, and file. +# Checks the target file for the existence of the key +# - If it exists, it changes the value +# - If it does not exist, it adds the value +# +# Example usage: +# addOrEditKeyValuePair "BLOCKING_ENABLED" "true" "/etc/pihole/setupVars.conf" +####################### +addOrEditKeyValPair() { + local key="${1}" + local value="${2}" + local file="${3}" + if grep -q "^${key}=" "${file}"; then + sed -i "/^${key}=/c\\${key}=${value}" "${file}" + else + echo "${key}=${value}" >> "${file}" + fi +} diff --git a/pihole b/pihole index 610c9f31..56d47eca 100755 --- a/pihole +++ b/pihole @@ -21,6 +21,9 @@ readonly FTL_PID_FILE="/run/pihole-FTL.pid" readonly colfile="${PI_HOLE_SCRIPT_DIR}/COL_TABLE" source "${colfile}" +readonly utilsfile="${PI_HOLE_SCRIPT_DIR}/utils.sh" +source "${utilsfile}" + webpageFunc() { source "${PI_HOLE_SCRIPT_DIR}/webpage.sh" main "$@" @@ -170,16 +173,6 @@ restartDNS() { fi } -addOrEditKeyValPair() { - local key="${1}" - local value="${2}" - if grep -q "^${key}=" "${setupVars}"; then - sed -i "/^${key}=/c\\${key}=${value}" "${setupVars}" - else - echo "${key}=${value}" >> "${setupVars}" - fi -} - piholeEnable() { if [[ "${2}" == "-h" ]] || [[ "${2}" == "--help" ]]; then echo "Usage: pihole disable [time] @@ -233,7 +226,7 @@ Time: fi local str="Pi-hole Disabled" - addOrEditKeyValPair "BLOCKING_ENABLED" "false" + addOrEditKeyValPair "BLOCKING_ENABLED" "false" "${setupVars}" fi else # Enable Pi-hole @@ -245,7 +238,7 @@ Time: echo -e " ${INFO} Enabling blocking" local str="Pi-hole Enabled" - addOrEditKeyValPair "BLOCKING_ENABLED" "true" + addOrEditKeyValPair "BLOCKING_ENABLED" "true" "${setupVars}" fi restartDNS reload-lists @@ -268,7 +261,7 @@ Options: elif [[ "${1}" == "off" ]]; then # Disable logging sed -i 's/^log-queries/#log-queries/' /etc/dnsmasq.d/01-pihole.conf - addOrEditKeyValPair "QUERY_LOGGING" "false" + addOrEditKeyValPair "QUERY_LOGGING" "false" "${setupVars}" if [[ "${2}" != "noflush" ]]; then # Flush logs "${PI_HOLE_BIN_DIR}"/pihole -f @@ -278,7 +271,7 @@ Options: elif [[ "${1}" == "on" ]]; then # Enable logging sed -i 's/^#log-queries/log-queries/' /etc/dnsmasq.d/01-pihole.conf - addOrEditKeyValPair "QUERY_LOGGING" "true" + addOrEditKeyValPair "QUERY_LOGGING" "true" "${setupVars}" echo -e " ${INFO} Enabling logging..." local str="Logging has been enabled!" else diff --git a/test/test_automated_install.py b/test/test_any_automated_install.py similarity index 100% rename from test/test_automated_install.py rename to test/test_any_automated_install.py diff --git a/test/test_any_utils.py b/test/test_any_utils.py new file mode 100644 index 00000000..ba9b2d23 --- /dev/null +++ b/test/test_any_utils.py @@ -0,0 +1,16 @@ +def test_key_val_replacement_works(host): + ''' Confirms addOrEditKeyValPair provides the expected output ''' + host.run(''' + setupvars=./testoutput + source /opt/pihole/utils.sh + addOrEditKeyValPair "KEY_ONE" "value1" "./testoutput" + addOrEditKeyValPair "KEY_TWO" "value2" "./testoutput" + addOrEditKeyValPair "KEY_ONE" "value3" "./testoutput" + addOrEditKeyValPair "KEY_FOUR" "value4" "./testoutput" + cat ./testoutput + ''') + output = host.run(''' + cat ./testoutput + ''') + expected_stdout = 'KEY_ONE=value3\nKEY_TWO=value2\nKEY_FOUR=value4\n' + assert expected_stdout == output.stdout diff --git a/test/tox.centos_7.ini b/test/tox.centos_7.ini index 88940fdd..319465dd 100644 --- a/test/tox.centos_7.ini +++ b/test/tox.centos_7.ini @@ -5,4 +5,4 @@ envlist = py38 whitelist_externals = docker deps = -rrequirements.txt commands = docker build -f _centos_7.Dockerfile -t pytest_pihole:test_container ../ - pytest {posargs:-vv -n auto} ./test_automated_install.py ./test_centos_fedora_common_support.py ./test_centos_common_support.py ./test_centos_7_support.py + pytest {posargs:-vv -n auto} ./test_any_automated_install.py ./test_any_utils.py ./test_centos_fedora_common_support.py ./test_centos_common_support.py ./test_centos_7_support.py diff --git a/test/tox.centos_8.ini b/test/tox.centos_8.ini index 5088da16..c7926289 100644 --- a/test/tox.centos_8.ini +++ b/test/tox.centos_8.ini @@ -5,4 +5,4 @@ envlist = py38 whitelist_externals = docker deps = -rrequirements.txt commands = docker build -f _centos_8.Dockerfile -t pytest_pihole:test_container ../ - pytest {posargs:-vv -n auto} ./test_automated_install.py ./test_centos_fedora_common_support.py ./test_centos_common_support.py ./test_centos_8_support.py + pytest {posargs:-vv -n auto} ./test_any_automated_install.py ./test_any_utils.py ./test_centos_fedora_common_support.py ./test_centos_common_support.py ./test_centos_8_support.py diff --git a/test/tox.debian_10.ini b/test/tox.debian_10.ini index 9c2a05d1..3b182cdc 100644 --- a/test/tox.debian_10.ini +++ b/test/tox.debian_10.ini @@ -5,4 +5,4 @@ envlist = py38 whitelist_externals = docker deps = -rrequirements.txt commands = docker build -f _debian_10.Dockerfile -t pytest_pihole:test_container ../ - pytest {posargs:-vv -n auto} ./test_automated_install.py + pytest {posargs:-vv -n auto} ./test_any_automated_install.py ./test_any_utils.py diff --git a/test/tox.debian_11.ini b/test/tox.debian_11.ini index f3cdbe84..c7e41a91 100644 --- a/test/tox.debian_11.ini +++ b/test/tox.debian_11.ini @@ -5,4 +5,4 @@ envlist = py38 whitelist_externals = docker deps = -rrequirements.txt commands = docker build -f _debian_11.Dockerfile -t pytest_pihole:test_container ../ - pytest {posargs:-vv -n auto} ./test_automated_install.py + pytest {posargs:-vv -n auto} ./test_any_automated_install.py ./test_any_utils.py diff --git a/test/tox.debian_9.ini b/test/tox.debian_9.ini index b46e0a49..56b9d37f 100644 --- a/test/tox.debian_9.ini +++ b/test/tox.debian_9.ini @@ -5,4 +5,4 @@ envlist = py38 whitelist_externals = docker deps = -rrequirements.txt commands = docker build -f _debian_9.Dockerfile -t pytest_pihole:test_container ../ - pytest {posargs:-vv -n auto} ./test_automated_install.py + pytest {posargs:-vv -n auto} ./test_any_automated_install.py ./test_any_utils.py diff --git a/test/tox.fedora_33.ini b/test/tox.fedora_33.ini index d33fbf53..b17bd563 100644 --- a/test/tox.fedora_33.ini +++ b/test/tox.fedora_33.ini @@ -5,4 +5,4 @@ envlist = py38 whitelist_externals = docker deps = -rrequirements.txt commands = docker build -f _fedora_33.Dockerfile -t pytest_pihole:test_container ../ - pytest {posargs:-vv -n auto} ./test_automated_install.py ./test_centos_fedora_common_support.py ./test_fedora_support.py + pytest {posargs:-vv -n auto} ./test_any_automated_install.py ./test_any_utils.py ./test_centos_fedora_common_support.py ./test_fedora_support.py diff --git a/test/tox.fedora_34.ini b/test/tox.fedora_34.ini index 819291fa..26856984 100644 --- a/test/tox.fedora_34.ini +++ b/test/tox.fedora_34.ini @@ -5,4 +5,4 @@ envlist = py38 whitelist_externals = docker deps = -rrequirements.txt commands = docker build -f _fedora_34.Dockerfile -t pytest_pihole:test_container ../ - pytest {posargs:-vv -n auto} ./test_automated_install.py ./test_centos_fedora_common_support.py ./test_fedora_support.py + pytest {posargs:-vv -n auto} ./test_any_automated_install.py ./test_any_utils.py ./test_centos_fedora_common_support.py ./test_fedora_support.py diff --git a/test/tox.ubuntu_16.ini b/test/tox.ubuntu_16.ini index bce948a2..f8f6e92a 100644 --- a/test/tox.ubuntu_16.ini +++ b/test/tox.ubuntu_16.ini @@ -5,4 +5,4 @@ envlist = py38 whitelist_externals = docker deps = -rrequirements.txt commands = docker build -f _ubuntu_16.Dockerfile -t pytest_pihole:test_container ../ - pytest {posargs:-vv -n auto} ./test_automated_install.py + pytest {posargs:-vv -n auto} ./test_any_automated_install.py ./test_any_utils.py diff --git a/test/tox.ubuntu_18.ini b/test/tox.ubuntu_18.ini index cf7a3642..a2513dfd 100644 --- a/test/tox.ubuntu_18.ini +++ b/test/tox.ubuntu_18.ini @@ -5,4 +5,4 @@ envlist = py38 whitelist_externals = docker deps = -rrequirements.txt commands = docker build -f _ubuntu_18.Dockerfile -t pytest_pihole:test_container ../ - pytest {posargs:-vv -n auto} ./test_automated_install.py + pytest {posargs:-vv -n auto} ./test_any_automated_install.py ./test_any_utils.py diff --git a/test/tox.ubuntu_20.ini b/test/tox.ubuntu_20.ini index 03b605ce..fb3d20d7 100644 --- a/test/tox.ubuntu_20.ini +++ b/test/tox.ubuntu_20.ini @@ -5,4 +5,4 @@ envlist = py38 whitelist_externals = docker deps = -rrequirements.txt commands = docker build -f _ubuntu_20.Dockerfile -t pytest_pihole:test_container ../ - pytest {posargs:-vv -n auto} ./test_automated_install.py + pytest {posargs:-vv -n auto} ./test_any_automated_install.py ./test_any_utils.py diff --git a/test/tox.ubuntu_21.ini b/test/tox.ubuntu_21.ini index 12b1ac0b..070d3a72 100644 --- a/test/tox.ubuntu_21.ini +++ b/test/tox.ubuntu_21.ini @@ -5,4 +5,4 @@ envlist = py38 whitelist_externals = docker deps = -rrequirements.txt commands = docker build -f _ubuntu_21.Dockerfile -t pytest_pihole:test_container ../ - pytest {posargs:-vv -n auto} ./test_automated_install.py + pytest {posargs:-vv -n auto} ./test_any_automated_install.py ./test_any_utils.py From e09dd56807c45ab56e5285e1eea936c799052f25 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Tue, 1 Feb 2022 07:38:57 +0100 Subject: [PATCH 030/110] Remove RPM package sqlite as well Signed-off-by: DL6ER --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index a5c20692..e3dec82d 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -332,7 +332,7 @@ package_manager_detect() { PKG_COUNT="${PKG_MANAGER} check-update | egrep '(.i686|.x86|.noarch|.arm|.src)' | wc -l" OS_CHECK_DEPS=(grep bind-utils) INSTALLER_DEPS=(git iproute newt procps-ng which chkconfig ca-certificates) - PIHOLE_DEPS=(cronie curl findutils sudo unzip libidn2 psmisc sqlite libcap nmap-ncat) + PIHOLE_DEPS=(cronie curl findutils sudo unzip libidn2 psmisc libcap nmap-ncat) PIHOLE_WEB_DEPS=(lighttpd lighttpd-fastcgi php-common php-cli php-pdo php-xml php-json php-intl) LIGHTTPD_USER="lighttpd" LIGHTTPD_GROUP="lighttpd" From 881d92632ce8ee346ad5e1224879190eeb8c6836 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Lukas=20Schl=C3=B6tterer?= <80917404+lschloetterer@users.noreply.github.com> Date: Tue, 1 Feb 2022 09:41:57 +0100 Subject: [PATCH 031/110] add hint for custom teleporter filename to help function MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Lukas Schlötterer <80917404+lschloetterer@users.noreply.github.com> --- advanced/Scripts/webpage.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index d823a7c1..dad5380e 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -45,7 +45,7 @@ Options: -h, --help Show this help dialog -i, interface Specify dnsmasq's interface listening behavior -l, privacylevel Set privacy level (0 = lowest, 3 = highest) - -t, teleporter Backup configuration as an archive" + -t, teleporter Backup configuration as an archive. Optionally specify a custom filename" exit 0 } From 444526ad582818b03263dabc8a01c6fbee5018a4 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Thu, 3 Feb 2022 18:43:19 +0000 Subject: [PATCH 032/110] Switch from centos8 to centos8:stream base image for centos 8 tests --- test/_centos_8.Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/_centos_8.Dockerfile b/test/_centos_8.Dockerfile index fddb3ed1..86e5a778 100644 --- a/test/_centos_8.Dockerfile +++ b/test/_centos_8.Dockerfile @@ -1,4 +1,4 @@ -FROM centos:8 +FROM quay.io/centos/centos:stream8 RUN yum install -y git ENV GITDIR /etc/.pihole From 7c60ee8df11d158cca3bde3b0b89a6f05bb9f409 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Wed, 29 Dec 2021 06:52:17 +0100 Subject: [PATCH 033/110] Remove pihole-FTL.conf man page MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König Remove double https:// Signed-off-by: Christian König --- automated install/basic-install.sh | 9 +- manpages/pihole-FTL.8 | 4 +- manpages/pihole-FTL.conf.5 | 313 ----------------------------- 3 files changed, 10 insertions(+), 316 deletions(-) delete mode 100644 manpages/pihole-FTL.conf.5 diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index e3dec82d..6bf55e92 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1371,7 +1371,12 @@ install_manpage() { # Testing complete, copy the files & update the man db install -D -m 644 -T ${PI_HOLE_LOCAL_REPO}/manpages/pihole.8 /usr/local/share/man/man8/pihole.8 install -D -m 644 -T ${PI_HOLE_LOCAL_REPO}/manpages/pihole-FTL.8 /usr/local/share/man/man8/pihole-FTL.8 - install -D -m 644 -T ${PI_HOLE_LOCAL_REPO}/manpages/pihole-FTL.conf.5 /usr/local/share/man/man5/pihole-FTL.conf.5 + + # remvoe previously installed "pihole-FTL.conf" man page + if [[ -f "/usr/local/share/man/man5/pihole-FTL.conf.5" ]]; then + rm /usr/local/share/man/man5/pihole-FTL.conf.5 + fi + if mandb -q &>/dev/null; then # Updated successfully printf "%b %b man pages installed and database updated\\n" "${OVER}" "${TICK}" @@ -1379,7 +1384,7 @@ install_manpage() { else # Something is wrong with the system's man installation, clean up # our files, (leave everything how we found it). - rm /usr/local/share/man/man8/pihole.8 /usr/local/share/man/man8/pihole-FTL.8 /usr/local/share/man/man5/pihole-FTL.conf.5 + rm /usr/local/share/man/man8/pihole.8 /usr/local/share/man/man8/pihole-FTL.8 printf "%b %b man page db not updated, man pages not installed\\n" "${OVER}" "${CROSS}" fi } diff --git a/manpages/pihole-FTL.8 b/manpages/pihole-FTL.8 index c7b69d83..c1b7550f 100644 --- a/manpages/pihole-FTL.8 +++ b/manpages/pihole-FTL.8 @@ -144,7 +144,9 @@ Command line arguments can be arbitrarily combined, e.g: Start ftl in foreground with more verbose logging, process everything and shutdown immediately .br .SH "SEE ALSO" -\fBpihole\fR(8), \fBpihole-FTL.conf\fR(5) +\fBpihole\fR(8) +.br +\fBFor FTL's config options please see https://docs.pi-hole.net/ftldns/configfile/\fR .br .SH "COLOPHON" diff --git a/manpages/pihole-FTL.conf.5 b/manpages/pihole-FTL.conf.5 deleted file mode 100644 index 42405436..00000000 --- a/manpages/pihole-FTL.conf.5 +++ /dev/null @@ -1,313 +0,0 @@ -.TH "pihole-FTL.conf" "5" "pihole-FTL.conf" "pihole-FTL.conf" "November 2020" -.SH "NAME" - -pihole-FTL.conf - FTL's config file -.br -.SH "DESCRIPTION" - -/etc/pihole/pihole-FTL.conf will be read by \fBpihole-FTL(8)\fR on startup. -.br -For each setting the option shown first is the default. -.br - -\fBBLOCKINGMODE=IP|IP-AAAA-NODATA|NODATA|NXDOMAIN|NULL\fR -.br - How should FTL reply to blocked queries? - - IP - Pi-hole's IPs for blocked domains - - IP-AAAA-NODATA - Pi-hole's IP + NODATA-IPv6 for blocked domains - - NODATA - Using NODATA for blocked domains - - NXDOMAIN - NXDOMAIN for blocked domains - - NULL - Null IPs for blocked domains -.br - -\fBCNAME_DEEP_INSPECT=true|false\fR -.br - Use this option to disable deep CNAME inspection. This might be beneficial for very low-end devices. -.br - -\fBBLOCK_ESNI=true|false\fR -.br - Block requests to _esni.* sub-domains. -.br - -\fBMAXLOGAGE=24.0\fR -.br - Up to how many hours of queries should be imported from the database and logs? -.br - Maximum is 744 (31 days) -.br - -\fBPRIVACYLEVEL=0|1|2|3|4\fR -.br - Privacy level used to collect Pi-hole statistics. -.br - 0 - show everything -.br - 1 - hide domains -.br - 2 - hide domains and clients -.br - 3 - anonymous mode (hide everything) -.br - 4 - disable all statistics -.br - -\fBIGNORE_LOCALHOST=no|yes\fR -.br - Should FTL ignore queries coming from the local machine? -.br - -\fBAAAA_QUERY_ANALYSIS=yes|no\fR -.br - Should FTL analyze AAAA queries? -.br - -\fBANALYZE_ONLY_A_AND_AAAA=false|true\fR -.br - Should FTL only analyze A and AAAA queries? -.br - -\fBSOCKET_LISTENING=localonly|all\fR -.br - Listen only for local socket connections on the API port or permit all connections. -.br - -\fBFTLPORT=4711\fR -.br - On which port should FTL be listening? -.br - -\fBRESOLVE_IPV6=yes|no\fR -.br - Should FTL try to resolve IPv6 addresses to hostnames? -.br - -\fBRESOLVE_IPV4=yes|no\fR -.br - Should FTL try to resolve IPv4 addresses to hostnames? -.br - -\fBDELAY_STARTUP=0\fR -.br - Time in seconds (between 0 and 300) to delay FTL startup. -.br - -\fBNICE=-10\fR -.br - Set the niceness of the Pi-hole FTL process. -.br - Can be disabled altogether by setting a value of -999. -.br - -\fBNAMES_FROM_NETDB=true|false\fR -.br - Control whether FTL should use a fallback option and try to obtain client names from checking the network table. -.br - E.g. IPv6 clients without a hostname will be compared via MAC address to known clients. -.br - -\fB\fBREFRESH_HOSTNAMES=IPV4|ALL|NONE\fR -.br - Change how (and if) hourly PTR requests are made to check for changes in client and upstream server hostnames: -.br - IPV4 - Do the hourly PTR lookups only for IPv4 addresses resolving issues in networks with many short-lived PE IPv6 addresses. -.br - ALL - Do the hourly PTR lookups for all addresses. This can create a lot of PTR queries in networks with many IPv6 addresses. -.br - NONE - Don't do hourly PTR lookups. Look up hostnames once (when first seeing a client) and never again. Future hostname changes may be missed. -.br - -\fBMAXNETAGE=365\fR -.br - IP addresses (and associated host names) older than the specified number of days are removed. -.br - This avoids dead entries in the network overview table. -.br - -\fBEDNS0_ECS=true|false\fR -.br - Should we overwrite the query source when client information is provided through EDNS0 client subnet (ECS) information? -.br - -\fBPARSE_ARP_CACHE=true|false\fR -.br - Parse ARP cache to fill network overview table. -.br - -\fBDBIMPORT=yes|no\fR -.br - Should FTL load information from the database on startup to be aware of the most recent history? -.br - -\fBMAXDBDAYS=365\fR -.br - How long should queries be stored in the database? Setting this to 0 disables the database -.br - -\fBDBINTERVAL=1.0\fR -.br - How often do we store queries in FTL's database [minutes]? -.br - Accepts value between 0.1 (6 sec) and 1440 (1 day) -.br - -\fBDBFILE=/etc/pihole/pihole-FTL.db\fR -.br - Specify path and filename of FTL's SQLite long-term database. -.br - Setting this to DBFILE= disables the database altogether -.br - -\fBLOGFILE=/var/log/pihole-FTL.log\fR -.br - The location of FTL's log file. -.br - -\fBPIDFILE=/run/pihole-FTL.pid\fR -.br - The file which contains the PID of FTL's main process. -.br - -\fBPORTFILE=/run/pihole-FTL.port\fR -.br - Specify path and filename where the FTL process will write its API port number. -.br - -\fBSOCKETFILE=/run/pihole/FTL.sock\fR -.br - The file containing the socket FTL's API is listening on. -.br - -\fBSETUPVARSFILE=/etc/pihole/setupVars.conf\fR -.br - The config file of Pi-hole containing, e.g., the current blocking status (do not change). -.br - -\fBMACVENDORDB=/etc/pihole/macvendor.db\fR -.br - The database containing MAC -> Vendor information for the network table. -.br - -\fBGRAVITYDB=/etc/pihole/gravity.db\fR -.br - Specify path and filename of FTL's SQLite3 gravity database. This database contains all domains relevant for Pi-hole's DNS blocking. -.br - -\fBDEBUG_ALL=false|true\fR -.br - Enable all debug flags. If this is set to true, all other debug config options are ignored. -.br - -\fBDEBUG_DATABASE=false|true\fR -.br - Print debugging information about database actions such as SQL statements and performance. -.br - -\fBDEBUG_NETWORKING=false|true\fR -.br - Prints a list of the detected network interfaces on the startup of FTL. -.br - -\fBDEBUG_LOCKS=false|true\fR -.br - Print information about shared memory locks. -.br - Messages will be generated when waiting, obtaining, and releasing a lock. -.br - -\fBDEBUG_QUERIES=false|true\fR -.br - Print extensive DNS query information (domains, types, replies, etc.). -.br - -\fBDEBUG_FLAGS=false|true\fR -.br - Print flags of queries received by the DNS hooks. -.br - Only effective when \fBDEBUG_QUERIES\fR is enabled as well. - -\fBDEBUG_SHMEM=false|true\fR -.br - Print information about shared memory buffers. -.br - Messages are either about creating or enlarging shmem objects or string injections. -.br - -\fBDEBUG_GC=false|true\fR -.br - Print information about garbage collection (GC): -.br - What is to be removed, how many have been removed and how long did GC take. -.br - -\fBDEBUG_ARP=false|true\fR -.br - Print information about ARP table processing: -.br - How long did parsing take, whether read MAC addresses are valid, and if the macvendor.db file exists. -.br - -\fBDEBUG_REGEX=false|true\fR -.br - Controls if FTL should print extended details about regex matching. -.br - -\fBDEBUG_API=false|true\fR -.br - Print extra debugging information during telnet API calls. -.br - Currently only used to send extra information when getting all queries. -.br - -\fBDEBUG_OVERTIME=false|true\fR -.br - Print information about overTime memory operations, such as initializing or moving overTime slots. -.br - -\fBDEBUG_EXTBLOCKED=false|true\fR -.br - Print information about why FTL decided that certain queries were recognized as being externally blocked. -.br - -\fBDEBUG_CAPS=false|true\fR -.br - Print information about POSIX capabilities granted to the FTL process. -.br - The current capabilities are printed on receipt of SIGHUP i.e. after executing `killall -HUP pihole-FTL`. -.br - -\fBDEBUG_DNSMASQ_LINES=false|true\fR -.br - Print file and line causing a dnsmasq event into FTL's log files. -.br - This is handy to implement additional hooks missing from FTL. -.br - -\fBDEBUG_VECTORS=false|true\fR -.br - FTL uses dynamically allocated vectors for various tasks. -.br - This config option enables extensive debugging information such as information about allocation, referencing, deletion, and appending. -.br - -\fBDEBUG_RESOLVER=false|true\fR -.br - Extensive information about hostname resolution like which DNS servers are used in the first and second hostname resolving tries. -.br - -.SH "SEE ALSO" - -\fBpihole\fR(8), \fBpihole-FTL\fR(8) -.br -.SH "COLOPHON" - -Pi-hole : The Faster-Than-Light (FTL) Engine is a lightweight, purpose-built daemon used to provide statistics needed for the Pi-hole Web Interface, and its API can be easily integrated into your own projects. Although it is an optional component of the Pi-hole ecosystem, it will be installed by default to provide statistics. As the name implies, FTL does its work \fIvery quickly\fR! -.br - -Get sucked into the latest news and community activity by entering Pi-hole's orbit. Information about Pi-hole, and the latest version of the software can be found at https://pi-hole.net -.br From d7d8e9730b385342a79bbac368243f98cade359f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Thu, 30 Dec 2021 06:49:03 +0100 Subject: [PATCH 034/110] Remove pihole-FTL.conf.5 from automated tests MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- test/test_any_automated_install.py | 4 ---- 1 file changed, 4 deletions(-) diff --git a/test/test_any_automated_install.py b/test/test_any_automated_install.py index 7959e100..b7b4ccd8 100644 --- a/test/test_any_automated_install.py +++ b/test/test_any_automated_install.py @@ -351,10 +351,6 @@ def test_installPihole_fresh_install_readableFiles(host): 'r', '/usr/local/share/man/man8/pihole-FTL.8', piholeuser) actual_rc = host.run(check_man).rc assert exit_status_success == actual_rc - check_man = test_cmd.format( - 'r', '/usr/local/share/man/man5/pihole-FTL.conf.5', piholeuser) - actual_rc = host.run(check_man).rc - assert exit_status_success == actual_rc # check not readable sudoers file check_sudo = test_cmd.format( 'r', '/etc/sudoers.d/pihole', piholeuser) From c3c5342b48b226f482bc0d44ca8b5bed13b60a08 Mon Sep 17 00:00:00 2001 From: yubiuser Date: Fri, 4 Feb 2022 21:11:54 +0100 Subject: [PATCH 035/110] Fix reviewer's comment Co-authored-by: DL6ER --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 6bf55e92..1e004b8b 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1372,7 +1372,7 @@ install_manpage() { install -D -m 644 -T ${PI_HOLE_LOCAL_REPO}/manpages/pihole.8 /usr/local/share/man/man8/pihole.8 install -D -m 644 -T ${PI_HOLE_LOCAL_REPO}/manpages/pihole-FTL.8 /usr/local/share/man/man8/pihole-FTL.8 - # remvoe previously installed "pihole-FTL.conf" man page + # remove previously installed "pihole-FTL.conf.5" man page if [[ -f "/usr/local/share/man/man5/pihole-FTL.conf.5" ]]; then rm /usr/local/share/man/man5/pihole-FTL.conf.5 fi From 2a0bb5b9ee12d33f35f39c035ef931f48d6370cd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Lukas=20Schl=C3=B6tterer?= <80917404+lschloetterer@users.noreply.github.com> Date: Fri, 4 Feb 2022 21:19:09 +0100 Subject: [PATCH 036/110] Create second entry for teleporter and adjust spacing MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Lukas Schlötterer <80917404+lschloetterer@users.noreply.github.com> --- advanced/Scripts/webpage.sh | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index dad5380e..c80934d9 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -37,15 +37,16 @@ Example: pihole -a -p password Set options for the Admin Console Options: - -p, password Set Admin Console password - -c, celsius Set Celsius as preferred temperature unit - -f, fahrenheit Set Fahrenheit as preferred temperature unit - -k, kelvin Set Kelvin as preferred temperature unit - -e, email Set an administrative contact address for the Block Page - -h, --help Show this help dialog - -i, interface Specify dnsmasq's interface listening behavior - -l, privacylevel Set privacy level (0 = lowest, 3 = highest) - -t, teleporter Backup configuration as an archive. Optionally specify a custom filename" + -p, password Set Admin Console password + -c, celsius Set Celsius as preferred temperature unit + -f, fahrenheit Set Fahrenheit as preferred temperature unit + -k, kelvin Set Kelvin as preferred temperature unit + -e, email Set an administrative contact address for the Block Page + -h, --help Show this help dialog + -i, interface Specify dnsmasq's interface listening behavior + -l, privacylevel Set privacy level (0 = lowest, 3 = highest) + -t, teleporter Backup configuration as an archive + -t, teleporter myname.tar.gz Backup configuration to archive with name myname.tar.gz as specified" exit 0 } From 08999bf315daf7f2d65bca06e205e9147f6375be Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Fri, 4 Feb 2022 21:16:02 +0000 Subject: [PATCH 037/110] Use case insensitive deletion when removing custom CNAME/DNS records in case of manual entries with mixed case having been added Signed-off-by: Adam Warner --- advanced/Scripts/webpage.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index 23b4f402..aa4795dd 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -739,7 +739,7 @@ RemoveCustomDNSAddress() { validHost="$(checkDomain "${host}")" if [[ -n "${validHost}" ]]; then if valid_ip "${ip}" || valid_ip6 "${ip}" ; then - sed -i "/^${ip} ${validHost}$/d" "${dnscustomfile}" + sed -i "/^${ip} ${validHost}$/Id" "${dnscustomfile}" else echo -e " ${CROSS} Invalid IP has been passed" exit 1 @@ -792,7 +792,7 @@ RemoveCustomCNAMERecord() { if [[ -n "${validDomain}" ]]; then validTarget="$(checkDomain "${target}")" if [[ -n "${validTarget}" ]]; then - sed -i "/cname=${validDomain},${validTarget}$/d" "${dnscustomcnamefile}" + sed -i "/cname=${validDomain},${validTarget}$/Id" "${dnscustomcnamefile}" else echo " ${CROSS} Invalid Target Passed!" exit 1 From f4286a4d1256d2629272d7286a4ad12bbe4aef24 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Sat, 12 Feb 2022 23:33:19 +0100 Subject: [PATCH 038/110] Fix log flush with new query database schema MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- advanced/Scripts/piholeLogFlush.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/Scripts/piholeLogFlush.sh b/advanced/Scripts/piholeLogFlush.sh index 7547a5fd..57f901f5 100755 --- a/advanced/Scripts/piholeLogFlush.sh +++ b/advanced/Scripts/piholeLogFlush.sh @@ -63,7 +63,7 @@ else fi fi # Delete most recent 24 hours from FTL's database, leave even older data intact (don't wipe out all history) - deleted=$(pihole-FTL sqlite3 "${DBFILE}" "DELETE FROM queries WHERE timestamp >= strftime('%s','now')-86400; select changes() from queries limit 1") + deleted=$(pihole-FTL sqlite3 "${DBFILE}" "DELETE FROM query_storage WHERE timestamp >= strftime('%s','now')-86400; select changes() from query_storage limit 1") # Restart pihole-FTL to force reloading history sudo pihole restartdns From 91b4233d3a66a48a68659acfc60b1827a1fa9c61 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sat, 19 Feb 2022 09:30:53 +0100 Subject: [PATCH 039/110] Add backend option to set rate-limit from the dashboard Signed-off-by: DL6ER --- advanced/Scripts/webpage.sh | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index aa4795dd..0f88c463 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -808,6 +808,23 @@ RemoveCustomCNAMERecord() { fi } +SetRateLimit() { + local rate_limit_count rate_limit_interval reload + rate_limit_count="${args[2]}" + rate_limit_interval="${args[3]}" + reload="${args[4]}" + + # Set rate-limit setting inf valid + if [ "${rate_limit_count}" -ge 0 ] && [ "${rate_limit_interval}" -ge 0 ]; then + changeFTLsetting "RATE_LIMIT" "${rate_limit_count}/${rate_limit_interval}" + fi + + # Restart FTL to update rate-limit settings only if $reload not false + if [[ ! $reload == "false" ]]; then + RestartDNS + fi +} + main() { args=("$@") @@ -841,6 +858,7 @@ main() { "removecustomdns" ) RemoveCustomDNSAddress;; "addcustomcname" ) AddCustomCNAMERecord;; "removecustomcname" ) RemoveCustomCNAMERecord;; + "ratelimit" ) SetRateLimit;; * ) helpFunc;; esac From 9be5199f7c7648aea75c7d902adca89b4a37685f Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Sun, 20 Feb 2022 12:39:58 +0000 Subject: [PATCH 040/110] remove the CONTENT_COMPARISON setting (defaults to false) --- .github/workflows/sync-back-to-dev.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/sync-back-to-dev.yml b/.github/workflows/sync-back-to-dev.yml index 819e9d24..5b9fa570 100644 --- a/.github/workflows/sync-back-to-dev.yml +++ b/.github/workflows/sync-back-to-dev.yml @@ -19,7 +19,6 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} FROM_BRANCH: 'master' TO_BRANCH: 'development' - CONTENT_COMPARISON: true - name: Label the pull request to ignore for release note generation uses: actions-ecosystem/action-add-labels@v1 with: From 42424b515ba174fc60309f8363a193c91b7b444d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Sun, 20 Feb 2022 22:24:17 +0100 Subject: [PATCH 041/110] Add getFTLAPIPort function MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Add ftl_api_port function Signed-off-by: Christian König Use getFTLAPIPort in pihole Signed-off-by: Christian König Use default portfile as fallback Signed-off-by: Christian König Fix stickler Signed-off-by: Christian König Correct variables Signed-off-by: Christian König Apply suggestions from code review Co-authored-by: DL6ER Add test getFTLAPIPort returing default port Signed-off-by: Christian König Remove unused code from test_key_val_replacement_works Signed-off-by: Christian König Add getFTLAPIPort_custom test Signed-off-by: Christian König Fix output format Signed-off-by: Christian König Add debugging Signed-off-by: Christian König Remove debugging and fix function Signed-off-by: Christian König --- advanced/Scripts/utils.sh | 27 +++++++++++++++++++++++++++ pihole | 7 ++++--- test/test_any_utils.py | 26 ++++++++++++++++++++++++-- 3 files changed, 55 insertions(+), 5 deletions(-) diff --git a/advanced/Scripts/utils.sh b/advanced/Scripts/utils.sh index 887816cc..97dca952 100755 --- a/advanced/Scripts/utils.sh +++ b/advanced/Scripts/utils.sh @@ -33,3 +33,30 @@ addOrEditKeyValPair() { echo "${key}=${value}" >> "${file}" fi } + +####################### +# returns FTL's current telnet API port +####################### +getFTLAPIPort(){ + local -r FTLCONFFILE="/etc/pihole/pihole-FTL.conf" + local -r DEFAULT_PORT_FILE="/run/pihole-FTL.port" + local -r DEFAULT_FTL_PORT=4711 + local PORTFILE + local ftl_api_port + + if [[ -f "$FTLCONFFILE" ]]; then + # if PORTFILE is not set in pihole-FTL.conf, use the default path + PORTFILE="$( (grep "^PORTFILE=" $FTLCONFFILE || echo "$DEFAULT_PORT_FILE") | cut -d"=" -f2-)" + fi + + if [[ -s "$PORTFILE" ]]; then + # -s: FILE exists and has a size greater than zero + ftl_api_port=$(<"$PORTFILE") + # Exploit prevention: unset the variable if there is malicious content + # Verify that the value read from the file is numeric + [[ "$ftl_api_port" =~ [^[:digit:]] ]] && unset ftl_api_port + fi + + # echo the port found in the portfile or default to the default port + echo "${ftl_api_port:=$DEFAULT_FTL_PORT}" +} diff --git a/pihole b/pihole index 56d47eca..d73fd5aa 100755 --- a/pihole +++ b/pihole @@ -316,9 +316,10 @@ analyze_ports() { statusFunc() { # Determine if there is pihole-FTL service is listening - local listening pid port + local pid port ftl_api_port pid="$(getFTLPID)" + ftl_api_port="$(getFTLAPIPort)" if [[ "$pid" -eq "-1" ]]; then case "${1}" in "web") echo "-1";; @@ -326,8 +327,8 @@ statusFunc() { esac return 0 else - #get the port pihole-FTL is listening on by using FTL's telnet API - port="$(echo ">dns-port >quit" | nc 127.0.0.1 4711)" + #get the DNS port pihole-FTL is listening on by using FTL's telnet API + port="$(echo ">dns-port >quit" | nc 127.0.0.1 "$ftl_api_port")" if [[ "${port}" == "0" ]]; then case "${1}" in "web") echo "-1";; diff --git a/test/test_any_utils.py b/test/test_any_utils.py index ba9b2d23..8ad27997 100644 --- a/test/test_any_utils.py +++ b/test/test_any_utils.py @@ -1,16 +1,38 @@ def test_key_val_replacement_works(host): ''' Confirms addOrEditKeyValPair provides the expected output ''' host.run(''' - setupvars=./testoutput source /opt/pihole/utils.sh addOrEditKeyValPair "KEY_ONE" "value1" "./testoutput" addOrEditKeyValPair "KEY_TWO" "value2" "./testoutput" addOrEditKeyValPair "KEY_ONE" "value3" "./testoutput" addOrEditKeyValPair "KEY_FOUR" "value4" "./testoutput" - cat ./testoutput ''') output = host.run(''' cat ./testoutput ''') expected_stdout = 'KEY_ONE=value3\nKEY_TWO=value2\nKEY_FOUR=value4\n' assert expected_stdout == output.stdout + + +def test_getFTLAPIPort_default(host): + ''' Confirms getFTLAPIPort returns the default API port ''' + output = host.run(''' + source /opt/pihole/utils.sh + getFTLAPIPort + ''') + expected_stdout = '4711\n' + assert expected_stdout == output.stdout + + +def test_getFTLAPIPort_custom(host): + ''' Confirms getFTLAPIPort returns a custom API port in a custom PORTFILE location ''' + host.run(''' + echo "PORTFILE=/tmp/port.file" > /etc/pihole/pihole-FTL.conf + echo "1234" > /tmp/port.file + ''') + output = host.run(''' + source /opt/pihole/utils.sh + getFTLAPIPort + ''') + expected_stdout = '1234\n' + assert expected_stdout == output.stdout From c756bcb9d12a004b38d1925cd341fefa2fbb6ae9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Tue, 1 Mar 2022 09:07:51 +0100 Subject: [PATCH 042/110] Add procps to dependencies MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 1e004b8b..496d90fe 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -287,7 +287,7 @@ package_manager_detect() { # Packages required to run this install script (stored as an array) INSTALLER_DEPS=(git iproute2 whiptail ca-certificates) # Packages required to run Pi-hole (stored as an array) - PIHOLE_DEPS=(cron curl iputils-ping psmisc sudo unzip idn2 libcap2-bin dns-root-data libcap2 netcat-openbsd) + PIHOLE_DEPS=(cron curl iputils-ping psmisc sudo unzip idn2 libcap2-bin dns-root-data libcap2 netcat-openbsd procps) # Packages required for the Web admin interface (stored as an array) # It's useful to separate this from Pi-hole, since the two repos are also setup separately PIHOLE_WEB_DEPS=(lighttpd "${phpVer}-common" "${phpVer}-cgi" "${phpVer}-sqlite3" "${phpVer}-xml" "${phpVer}-intl") From 899cac0aac8e86f36f5b9aaac67c58922be8c79e Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Sat, 5 Mar 2022 15:49:54 +0000 Subject: [PATCH 043/110] Ignore Documentation Needed label --- .github/workflows/stale.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index 506af406..783f1419 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -20,6 +20,6 @@ jobs: days-before-close: 5 stale-issue-message: 'This issue is stale because it has been open 30 days with no activity. Please comment or update this issue or it will be closed in 5 days.' stale-issue-label: 'stale' - exempt-issue-labels: 'Internal, Fixed in next release, Bug: Confirmed' + exempt-issue-labels: 'Internal, Fixed in next release, Bug: Confirmed, Documentation Needed' exempt-all-issue-assignees: true operations-per-run: 300 From 40b96e673b6af18c3ede288fc3e968e36f661238 Mon Sep 17 00:00:00 2001 From: RD WebDesign Date: Sat, 12 Mar 2022 02:58:46 -0300 Subject: [PATCH 044/110] Allows colorful debug logs via web interface Note: needs the AdminLTE code changes to work. Signed-off-by: RD WebDesign --- advanced/Scripts/COL_TABLE | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/Scripts/COL_TABLE b/advanced/Scripts/COL_TABLE index d76be68c..2d2b074b 100644 --- a/advanced/Scripts/COL_TABLE +++ b/advanced/Scripts/COL_TABLE @@ -1,5 +1,5 @@ # Determine if terminal is capable of showing colors -if [[ -t 1 ]] && [[ $(tput colors) -ge 8 ]]; then +if ([[ -t 1 ]] && [[ $(tput colors) -ge 8 ]]) || [[ "${WEBCALL}" ]]; then # Bold and underline may not show up on all clients # If something MUST be emphasized, use both COL_BOLD='' From 0219e5dfe040fd63b7cc161026854f358ed7150e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Sat, 12 Mar 2022 20:48:01 +0100 Subject: [PATCH 045/110] Pool identical messages in debug output MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- advanced/Scripts/piholeDebug.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index 7d3e7acf..e72ae5b8 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -1273,7 +1273,7 @@ show_clients() { } show_messages() { - show_FTL_db_entries "Pi-hole diagnosis messages" "SELECT id,datetime(timestamp,'unixepoch','localtime') timestamp,type,message,blob1,blob2,blob3,blob4,blob5 FROM message;" "4 19 20 60 20 20 20 20 20" + show_FTL_db_entries "Pi-hole diagnosis messages" "SELECT count (message) as count, type, message, blob1, blob2, blob3, blob4, blob5 FROM message GROUP BY type, message, blob1, blob2, blob3, blob4, blob5;" "6 20 60 20 20 20 20 20" } analyze_gravity_list() { From 48136c5bbcda42a2241b2ed398c6df69868d0f98 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Mon, 14 Mar 2022 19:54:46 +0100 Subject: [PATCH 046/110] Add last timestamp MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- advanced/Scripts/piholeDebug.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index e72ae5b8..c5844131 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -1273,7 +1273,7 @@ show_clients() { } show_messages() { - show_FTL_db_entries "Pi-hole diagnosis messages" "SELECT count (message) as count, type, message, blob1, blob2, blob3, blob4, blob5 FROM message GROUP BY type, message, blob1, blob2, blob3, blob4, blob5;" "6 20 60 20 20 20 20 20" + show_FTL_db_entries "Pi-hole diagnosis messages" "SELECT count (message) as count, datetime(max(timestamp),'unixepoch','localtime') as 'last timestamp', type, message, blob1, blob2, blob3, blob4, blob5 FROM message GROUP BY type, message, blob1, blob2, blob3, blob4, blob5;" "6 19 20 60 20 20 20 20 20" } analyze_gravity_list() { From ab7d83384ff801e238f42408a4209d2784c9c2b3 Mon Sep 17 00:00:00 2001 From: RD WebDesign Date: Mon, 14 Mar 2022 18:55:46 -0300 Subject: [PATCH 047/110] Allow lighttpd to stream responses to browser Signed-off-by: RD WebDesign --- advanced/lighttpd.conf.debian | 5 +++++ advanced/lighttpd.conf.fedora | 5 +++++ 2 files changed, 10 insertions(+) diff --git a/advanced/lighttpd.conf.debian b/advanced/lighttpd.conf.debian index cf728e19..b8656a24 100644 --- a/advanced/lighttpd.conf.debian +++ b/advanced/lighttpd.conf.debian @@ -36,6 +36,11 @@ server.port = 80 accesslog.filename = "/var/log/lighttpd/access.log" accesslog.format = "%{%s}t|%V|%r|%s|%b" +# Allow streaming response +# reference: https://redmine.lighttpd.net/projects/lighttpd/wiki/Server_stream-response-bodyDetails +server.stream-response-body = 1 +#ssl.read-ahead = "disable" + index-file.names = ( "index.php", "index.html", "index.lighttpd.html" ) url.access-deny = ( "~", ".inc", ".md", ".yml", ".ini" ) static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" ) diff --git a/advanced/lighttpd.conf.fedora b/advanced/lighttpd.conf.fedora index 626a3d8d..79d5f3b2 100644 --- a/advanced/lighttpd.conf.fedora +++ b/advanced/lighttpd.conf.fedora @@ -37,6 +37,11 @@ server.port = 80 accesslog.filename = "/var/log/lighttpd/access.log" accesslog.format = "%{%s}t|%V|%r|%s|%b" +# Allow streaming response +# reference: https://redmine.lighttpd.net/projects/lighttpd/wiki/Server_stream-response-bodyDetails +server.stream-response-body = 1 +#ssl.read-ahead = "disable" + index-file.names = ( "index.php", "index.html", "index.lighttpd.html" ) url.access-deny = ( "~", ".inc", ".md", ".yml", ".ini" ) static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" ) From 48138d32b6acfe8c20dff097537e69a11df02fbf Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Wed, 16 Mar 2022 17:42:01 +0000 Subject: [PATCH 048/110] Adjust addOrEditKeyValPair to optionally take two or three arguments (adjust test to suit) Add a removeKey function with test update webpage.sh to reference functions in utils.sh (this can likely be abstracted/refactored further) Signed-off-by: Adam Warner --- advanced/Scripts/utils.sh | 50 +++++++++++++++++++++++++++++++------ advanced/Scripts/webpage.sh | 27 +++++++++----------- test/test_any_utils.py | 19 +++++++++++++- 3 files changed, 73 insertions(+), 23 deletions(-) diff --git a/advanced/Scripts/utils.sh b/advanced/Scripts/utils.sh index 97dca952..a006d43a 100755 --- a/advanced/Scripts/utils.sh +++ b/advanced/Scripts/utils.sh @@ -15,7 +15,10 @@ # - New functions must have a test added for them in test/test_any_utils.py ####################### -# Takes three arguments key, value, and file. +# Takes either +# - Three arguments: key, value, and file. +# - Two arguments: key, and file +# # Checks the target file for the existence of the key # - If it exists, it changes the value # - If it does not exist, it adds the value @@ -25,13 +28,46 @@ ####################### addOrEditKeyValPair() { local key="${1}" - local value="${2}" - local file="${3}" - if grep -q "^${key}=" "${file}"; then - sed -i "/^${key}=/c\\${key}=${value}" "${file}" - else - echo "${key}=${value}" >> "${file}" + local value + local file + + # If two arguments have been passed, then the second one is the file - there is no value + if [ $# -lt 3 ]; then + file="${2}" + else + value="${2}" + file="${3}" fi + + if [[ "${value}" != "" ]]; then + # value has a value, so it is a key pair + if grep -q "^${key}=" "${file}"; then + # Key already exists in file, modify the value + sed -i "/^${key}=/c\\${key}=${value}" "${file}" + else + # Key does not already exist, add it and it's value + echo "${key}=${value}" >> "${file}" + fi + else + # value has no value, so it is just a key. Add it if it does not already exist + if ! grep -q "^${key}" "${file}"; then + # Key does not exist, add it. + echo "${key}" >> "${file}" + fi + fi +} + +####################### +# Takes two arguments key, and file. +# Deletes a key from target file +# +# Example usage: +# removeKey "PIHOLE_DNS_1" "/etc/pihole/setupVars.conf" +####################### +removeKey() { + local key="${1}" + local file="${2}" + sed -i "/^${key}/d" "${file}" } ####################### diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index 0f88c463..14cf5999 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -26,6 +26,9 @@ readonly PI_HOLE_FILES_DIR="/etc/.pihole" PH_TEST="true" source "${PI_HOLE_FILES_DIR}/automated install/basic-install.sh" +readonly utilsfile="/opt/pihole/utils.sh" +source "${utilsfile}" + coltable="/opt/pihole/COL_TABLE" if [[ -f ${coltable} ]]; then source ${coltable} @@ -51,41 +54,35 @@ Options: } add_setting() { - echo "${1}=${2}" >> "${setupVars}" + addOrEditKeyValPair "${1}" "${2}" "${setupVars}" } delete_setting() { - sed -i "/^${1}/d" "${setupVars}" + removeKey "${1}" "${setupVars}" } change_setting() { - delete_setting "${1}" - add_setting "${1}" "${2}" + addOrEditKeyValPair "${1}" "${2}" "${setupVars}" } addFTLsetting() { - echo "${1}=${2}" >> "${FTLconf}" + addOrEditKeyValPair "${1}" "${2}" "${FTLconf}" } deleteFTLsetting() { - sed -i "/^${1}/d" "${FTLconf}" + removeKey "${1}" "${FTLconf}" } changeFTLsetting() { - deleteFTLsetting "${1}" - addFTLsetting "${1}" "${2}" + addOrEditKeyValPair "${1}" "${2}" "${FTLconf}" } add_dnsmasq_setting() { - if [[ "${2}" != "" ]]; then - echo "${1}=${2}" >> "${dnsmasqconfig}" - else - echo "${1}" >> "${dnsmasqconfig}" - fi + addOrEditKeyValPair "${1}" "${2}" "${dnsmasqconfig}" } delete_dnsmasq_setting() { - sed -i "/^${1}/d" "${dnsmasqconfig}" + removeKey "${1}" "${dnsmasqconfig}" } SetTemperatureUnit() { @@ -183,7 +180,7 @@ ProcessDNSSettings() { fi delete_dnsmasq_setting "dnssec" - delete_dnsmasq_setting "trust-anchor=" + delete_dnsmasq_setting "trust-anchor" if [[ "${DNSSEC}" == true ]]; then echo "dnssec diff --git a/test/test_any_utils.py b/test/test_any_utils.py index 8ad27997..f73cc1b2 100644 --- a/test/test_any_utils.py +++ b/test/test_any_utils.py @@ -6,11 +6,28 @@ def test_key_val_replacement_works(host): addOrEditKeyValPair "KEY_TWO" "value2" "./testoutput" addOrEditKeyValPair "KEY_ONE" "value3" "./testoutput" addOrEditKeyValPair "KEY_FOUR" "value4" "./testoutput" + addOrEditKeyValPair "KEY_FIVE_NO_VALUE" "./testoutput" + addOrEditKeyValPair "KEY_FIVE_NO_VALUE" "./testoutput" ''') output = host.run(''' cat ./testoutput ''') - expected_stdout = 'KEY_ONE=value3\nKEY_TWO=value2\nKEY_FOUR=value4\n' + expected_stdout = 'KEY_ONE=value3\nKEY_TWO=value2\nKEY_FOUR=value4\nKEY_FIVE_NO_VALUE\n' + assert expected_stdout == output.stdout + +def test_key_val_removal_works(host): + ''' Confirms addOrEditKeyValPair provides the expected output ''' + host.run(''' + source /opt/pihole/utils.sh + addOrEditKeyValPair "KEY_ONE" "value1" "./testoutput" + addOrEditKeyValPair "KEY_TWO" "value2" "./testoutput" + addOrEditKeyValPair "KEY_THREE" "value3" "./testoutput" + removeKey "KEY_TWO" "./testoutput" + ''') + output = host.run(''' + cat ./testoutput + ''') + expected_stdout = 'KEY_ONE=value1\nKEY_THREE=value3\n' assert expected_stdout == output.stdout From 59fc3804be28b3b26f3c6b333a36e04701be18d9 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Wed, 16 Mar 2022 20:30:31 +0000 Subject: [PATCH 049/110] Make utils.sh posix compatible per request Signed-off-by: Adam Warner --- advanced/Scripts/utils.sh | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/advanced/Scripts/utils.sh b/advanced/Scripts/utils.sh index a006d43a..86a7e0b4 100755 --- a/advanced/Scripts/utils.sh +++ b/advanced/Scripts/utils.sh @@ -1,4 +1,4 @@ -#!/usr/bin/env bash +#!/usr/bin/env sh # Pi-hole: A black hole for Internet advertisements # (c) 2017 Pi-hole, LLC (https://pi-hole.net) # Network-wide ad blocking via your own hardware. @@ -39,7 +39,7 @@ addOrEditKeyValPair() { file="${3}" fi - if [[ "${value}" != "" ]]; then + if [ "${value}" != "" ]; then # value has a value, so it is a key pair if grep -q "^${key}=" "${file}"; then # Key already exists in file, modify the value @@ -74,23 +74,23 @@ removeKey() { # returns FTL's current telnet API port ####################### getFTLAPIPort(){ - local -r FTLCONFFILE="/etc/pihole/pihole-FTL.conf" - local -r DEFAULT_PORT_FILE="/run/pihole-FTL.port" - local -r DEFAULT_FTL_PORT=4711 + local FTLCONFFILE="/etc/pihole/pihole-FTL.conf" + local DEFAULT_PORT_FILE="/run/pihole-FTL.port" + local DEFAULT_FTL_PORT=4711 local PORTFILE local ftl_api_port - if [[ -f "$FTLCONFFILE" ]]; then + if [ -f "$FTLCONFFILE" ]; then # if PORTFILE is not set in pihole-FTL.conf, use the default path PORTFILE="$( (grep "^PORTFILE=" $FTLCONFFILE || echo "$DEFAULT_PORT_FILE") | cut -d"=" -f2-)" fi - if [[ -s "$PORTFILE" ]]; then + if [ -s "$PORTFILE" ]; then # -s: FILE exists and has a size greater than zero - ftl_api_port=$(<"$PORTFILE") + ftl_api_port=$(cat "${PORTFILE}") # Exploit prevention: unset the variable if there is malicious content - # Verify that the value read from the file is numeric - [[ "$ftl_api_port" =~ [^[:digit:]] ]] && unset ftl_api_port + # Verify that the value read from the file is numeric + expr "$ftl_api_port" : "[^[:digit:]]" > /dev/null && unset ftl_api_port fi # echo the port found in the portfile or default to the default port From 2ade05d60fc20dcbdd25fa57d105da08ca464683 Mon Sep 17 00:00:00 2001 From: Yang Bin Date: Thu, 17 Mar 2022 18:19:01 +0800 Subject: [PATCH 050/110] Fixed wrong words in `README.md` Signed-off-by: Yang Bin --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index b993cfe9..20c707b1 100644 --- a/README.md +++ b/README.md @@ -161,4 +161,4 @@ Some notable features include: There are several ways to [access the dashboard](https://discourse.pi-hole.net/t/how-do-i-access-pi-holes-dashboard-admin-interface/3168): 1. `http://pi.hole/admin/` (when using Pi-hole as your DNS server) -2. `http:///admin/` +2. `http:///admin/` From 0d4c69cc6fc81a989c6ee3df50a3aa80f48a1ebc Mon Sep 17 00:00:00 2001 From: RD WebDesign Date: Mon, 21 Mar 2022 18:47:42 -0300 Subject: [PATCH 051/110] Add check to avoid error in PHP 8 and return some information about the unexpected value Signed-off-by: RD WebDesign --- advanced/index.php | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/advanced/index.php b/advanced/index.php index d0c5fc5d..95afcdff 100644 --- a/advanced/index.php +++ b/advanced/index.php @@ -170,7 +170,15 @@ function queryAds($serverName) { $serverName ); $queryAds = file($queryAdsURL, FILE_IGNORE_NEW_LINES); - $queryAds = array_values(array_filter(preg_replace("/data:\s+/", "", $queryAds))); + + // $queryAds must be an array (to avoid PHP 8.0+ error) + if (is_array($queryAds)) { + $queryAds = array_values(array_filter(preg_replace("/data:\s+/", "", $queryAds))); + } else { + // if not an array, return an error message + return array("0" => "error", "1" => "Not an array:
(".gettype($queryAds).")
".print_r($queryAds, true)); + } + $queryTime = sprintf("%.0f", (microtime(true)-$_SERVER["REQUEST_TIME_FLOAT"]) - $preQueryTime); // Exception Handling From c9809371abf89efe4f39c25170773eb2a5f39929 Mon Sep 17 00:00:00 2001 From: RD WebDesign Date: Wed, 23 Mar 2022 18:33:15 -0300 Subject: [PATCH 052/110] Selecting the protocol Signed-off-by: RD WebDesign --- advanced/index.php | 27 +++++++++++++++++++++------ 1 file changed, 21 insertions(+), 6 deletions(-) diff --git a/advanced/index.php b/advanced/index.php index 95afcdff..054e8063 100644 --- a/advanced/index.php +++ b/advanced/index.php @@ -164,19 +164,34 @@ ini_set("default_socket_timeout", 3); function queryAds($serverName) { // Determine the time it takes while querying adlists $preQueryTime = microtime(true)-$_SERVER["REQUEST_TIME_FLOAT"]; + + // Determine which protocol should be used + $protocol = "http"; + if ( + (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on') || + (isset($_SERVER['REQUEST_SCHEME']) && $_SERVER['REQUEST_SCHEME'] === 'https') || + (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https') + ) { + $protocol = "https"; + } + + // Format the URL $queryAdsURL = sprintf( - "http://127.0.0.1:%s/admin/scripts/pi-hole/php/queryads.php?domain=%s&bp", + "%s://127.0.0.1:%s/admin/scripts/pi-hole/php/queryads.php?domain=%s&bp", + $protocol, $_SERVER["SERVER_PORT"], $serverName ); - $queryAds = file($queryAdsURL, FILE_IGNORE_NEW_LINES); - // $queryAds must be an array (to avoid PHP 8.0+ error) - if (is_array($queryAds)) { - $queryAds = array_values(array_filter(preg_replace("/data:\s+/", "", $queryAds))); + // Request the file and receive the response + $queryAdsFile = file($queryAdsURL, FILE_IGNORE_NEW_LINES); + + // $queryAdsFile must be an array (to avoid PHP 8.0+ error) + if (is_array($queryAdsFile)) { + $queryAds = array_values(array_filter(preg_replace("/data:\s+/", "", $queryAdsFile))); } else { // if not an array, return an error message - return array("0" => "error", "1" => "Not an array:
(".gettype($queryAds).")
".print_r($queryAds, true)); + return array("0" => "error", "1" => "
Not an array: (".gettype($queryAdsFile).")
".print_r($queryAdsFile, true)); } $queryTime = sprintf("%.0f", (microtime(true)-$_SERVER["REQUEST_TIME_FLOAT"]) - $preQueryTime); From f8e84b3c3f7031eaef1e2e72a03bbdda8a1e1b92 Mon Sep 17 00:00:00 2001 From: RD WebDesign Date: Wed, 23 Mar 2022 18:45:18 -0300 Subject: [PATCH 053/110] Fix stickler Signed-off-by: RD WebDesign --- advanced/index.php | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/advanced/index.php b/advanced/index.php index 054e8063..cf0ab854 100644 --- a/advanced/index.php +++ b/advanced/index.php @@ -167,8 +167,7 @@ function queryAds($serverName) { // Determine which protocol should be used $protocol = "http"; - if ( - (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on') || + if ((isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on') || (isset($_SERVER['REQUEST_SCHEME']) && $_SERVER['REQUEST_SCHEME'] === 'https') || (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https') ) { @@ -191,7 +190,7 @@ function queryAds($serverName) { $queryAds = array_values(array_filter(preg_replace("/data:\s+/", "", $queryAdsFile))); } else { // if not an array, return an error message - return array("0" => "error", "1" => "
Not an array: (".gettype($queryAdsFile).")
".print_r($queryAdsFile, true)); + return array("0" => "error", "1" => "
(".gettype($queryAdsFile).")
".print_r($queryAdsFile, true)); } $queryTime = sprintf("%.0f", (microtime(true)-$_SERVER["REQUEST_TIME_FLOAT"]) - $preQueryTime); From 54ce8c26224ea98fa330dac7307c6bf5df7d372e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Wed, 30 Mar 2022 21:04:36 +0200 Subject: [PATCH 054/110] Only use sudo power if needed MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- pihole | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/pihole b/pihole index d73fd5aa..563cafd8 100755 --- a/pihole +++ b/pihole @@ -498,6 +498,14 @@ fi case "${1}" in "-h" | "help" | "--help" ) helpFunc;; + "-v" | "version" ) versionFunc "$@";; + "-c" | "chronometer" ) chronometerFunc "$@";; + "-d" | "debug" ) debugFunc "$@";; + "-q" | "query" ) queryFunc "$@";; + "status" ) statusFunc "$2";; + "-t" | "tail" ) tailFunc "$2";; + "tricorder" ) tricorderFunc;; + * ) helpFunc;; esac # Must be root to use this tool @@ -519,26 +527,17 @@ case "${1}" in "--regex" | "regex" ) listFunc "$@";; "--white-regex" | "white-regex" ) listFunc "$@";; "--white-wild" | "white-wild" ) listFunc "$@";; - "-d" | "debug" ) debugFunc "$@";; "-f" | "flush" ) flushFunc "$@";; "-up" | "updatePihole" ) updatePiholeFunc "$@";; "-r" | "reconfigure" ) reconfigurePiholeFunc;; "-g" | "updateGravity" ) updateGravityFunc "$@";; - "-c" | "chronometer" ) chronometerFunc "$@";; - "-h" | "help" ) helpFunc;; - "-v" | "version" ) versionFunc "$@";; - "-q" | "query" ) queryFunc "$@";; "-l" | "logging" ) piholeLogging "$@";; "uninstall" ) uninstallFunc;; "enable" ) piholeEnable 1;; "disable" ) piholeEnable 0 "$2";; - "status" ) statusFunc "$2";; "restartdns" ) restartDNS "$2";; "-a" | "admin" ) webpageFunc "$@";; - "-t" | "tail" ) tailFunc "$2";; "checkout" ) piholeCheckoutFunc "$@";; - "tricorder" ) tricorderFunc;; "updatechecker" ) updateCheckFunc "$@";; "arpflush" ) arpFunc "$@";; - * ) helpFunc;; esac From 614d18cd3dbf4a2635a05e54467abc8d62490db2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Wed, 30 Mar 2022 21:24:51 +0200 Subject: [PATCH 055/110] Debug need sudo MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- pihole | 25 ++++++++++++++++++++++++- 1 file changed, 24 insertions(+), 1 deletion(-) diff --git a/pihole b/pihole index 563cafd8..dd589a8d 100755 --- a/pihole +++ b/pihole @@ -496,15 +496,37 @@ if [[ $# = 0 ]]; then helpFunc fi +# functions that do not requiere sudo power case "${1}" in "-h" | "help" | "--help" ) helpFunc;; "-v" | "version" ) versionFunc "$@";; "-c" | "chronometer" ) chronometerFunc "$@";; - "-d" | "debug" ) debugFunc "$@";; "-q" | "query" ) queryFunc "$@";; "status" ) statusFunc "$2";; "-t" | "tail" ) tailFunc "$2";; "tricorder" ) tricorderFunc;; + + # we need to add all arguments that require sudo power to not trigger the * argument + "-w" | "whitelist" ) ;; + "-b" | "blacklist" ) ;; + "--wild" | "wildcard" ) ;; + "--regex" | "regex" ) ;; + "--white-regex" | "white-regex" ) ;; + "--white-wild" | "white-wild" ) ;; + "-f" | "flush" ) ;; + "-up" | "updatePihole" ) ;; + "-r" | "reconfigure" ) ;; + "-g" | "updateGravity" ) ;; + "-l" | "logging" ) ;; + "uninstall" ) ;; + "enable" ) ;; + "disable" ) ;; + "-d" | "debug" ) ;; + "restartdns" ) ;; + "-a" | "admin" ) ;; + "checkout" ) ;; + "updatechecker" ) ;; + "arpflush" ) ;; * ) helpFunc;; esac @@ -535,6 +557,7 @@ case "${1}" in "uninstall" ) uninstallFunc;; "enable" ) piholeEnable 1;; "disable" ) piholeEnable 0 "$2";; + "-d" | "debug" ) debugFunc "$@";; "restartdns" ) restartDNS "$2";; "-a" | "admin" ) webpageFunc "$@";; "checkout" ) piholeCheckoutFunc "$@";; From 722a716de37282401996d7cc95b7e689df5b7d92 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Wed, 30 Mar 2022 22:40:14 +0200 Subject: [PATCH 056/110] Add exit code to status function MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- pihole | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pihole b/pihole index dd589a8d..1f283d0e 100755 --- a/pihole +++ b/pihole @@ -365,7 +365,7 @@ statusFunc() { # Enable blocking "${PI_HOLE_BIN_DIR}"/pihole enable fi - +exit 0 } tailFunc() { @@ -549,6 +549,7 @@ case "${1}" in "--regex" | "regex" ) listFunc "$@";; "--white-regex" | "white-regex" ) listFunc "$@";; "--white-wild" | "white-wild" ) listFunc "$@";; + "-d" | "debug" ) debugFunc "$@";; "-f" | "flush" ) flushFunc "$@";; "-up" | "updatePihole" ) updatePiholeFunc "$@";; "-r" | "reconfigure" ) reconfigurePiholeFunc;; @@ -557,7 +558,6 @@ case "${1}" in "uninstall" ) uninstallFunc;; "enable" ) piholeEnable 1;; "disable" ) piholeEnable 0 "$2";; - "-d" | "debug" ) debugFunc "$@";; "restartdns" ) restartDNS "$2";; "-a" | "admin" ) webpageFunc "$@";; "checkout" ) piholeCheckoutFunc "$@";; From 5cebceadda93ceb73038b6d248044933af2e0459 Mon Sep 17 00:00:00 2001 From: RD WebDesign Date: Wed, 30 Mar 2022 21:32:18 -0300 Subject: [PATCH 057/110] Remove `@` and following character from interface name Signed-off-by: RD WebDesign --- advanced/Scripts/piholeDebug.sh | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index 7d3e7acf..c0efc767 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -906,9 +906,11 @@ dig_at() { # Removes all interfaces which are not UP # s/^[0-9]*: //g; # Removes interface index + # s/@.*//g; + # Removes everything after @ (if found) # s/: <.*//g; # Removes everything after the interface name - interfaces="$(ip link show | sed "/ master /d;/UP/!d;s/^[0-9]*: //g;s/: <.*//g;")" + interfaces="$(ip link show | sed "/ master /d;/UP/!d;s/^[0-9]*: //g;s/@.*//g;s/: <.*//g;")" while IFS= read -r iface ; do # Get addresses of current interface From 2f384525652e3e617bfd5e13e9ed09b0165a9176 Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Thu, 31 Mar 2022 12:03:17 -0700 Subject: [PATCH 058/110] Wrap touch calls with if/then guards for Buster docker. Signed-off-by: Dan Schaper --- automated install/basic-install.sh | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 1e004b8b..99e4dc47 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1128,8 +1128,10 @@ chooseBlocklists() { appendToListsFile "${choice}" done # Create an empty adList file with appropriate permissions. - touch "${adlistFile}" - chmod 644 "${adlistFile}" + if [ ! -f "${adlistFile}" ]; then + touch "${adlistFile}" + chmod 644 "${adlistFile}" + fi } # Accept a string parameter, it must be one of the default lists @@ -1330,8 +1332,10 @@ installConfigs() { # and copy in the config file Pi-hole needs install -D -m 644 -T ${PI_HOLE_LOCAL_REPO}/advanced/${LIGHTTPD_CFG} "${lighttpdConfig}" # Make sure the external.conf file exists, as lighttpd v1.4.50 crashes without it - touch /etc/lighttpd/external.conf - chmod 644 /etc/lighttpd/external.conf + if [ ! -f /etc/lighttpd/external.conf ]; then + touch /etc/lighttpd/external.conf + chmod 644 /etc/lighttpd/external.conf + fi # If there is a custom block page in the html/pihole directory, replace 404 handler in lighttpd config if [[ -f "${PI_HOLE_BLOCKPAGE_DIR}/custom.php" ]]; then sed -i 's/^\(server\.error-handler-404\s*=\s*\).*$/\1"\/pihole\/custom\.php"/' "${lighttpdConfig}" From c2384ecc6f5bc55e4d00c37e56666e891c0d8f46 Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Thu, 31 Mar 2022 14:23:39 -0700 Subject: [PATCH 059/110] Change touch that would always fire to install. Signed-off-by: Dan Schaper --- automated install/basic-install.sh | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 99e4dc47..4c173d05 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1333,8 +1333,7 @@ installConfigs() { install -D -m 644 -T ${PI_HOLE_LOCAL_REPO}/advanced/${LIGHTTPD_CFG} "${lighttpdConfig}" # Make sure the external.conf file exists, as lighttpd v1.4.50 crashes without it if [ ! -f /etc/lighttpd/external.conf ]; then - touch /etc/lighttpd/external.conf - chmod 644 /etc/lighttpd/external.conf + install -m 644 /dev/null /etc/lighttpd/external.com fi # If there is a custom block page in the html/pihole directory, replace 404 handler in lighttpd config if [[ -f "${PI_HOLE_BLOCKPAGE_DIR}/custom.php" ]]; then From d45c9fc52293d907d6871cc7f3cf701c9d88c376 Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Fri, 1 Apr 2022 11:08:26 -0700 Subject: [PATCH 060/110] Final touch to install fix. Signed-off-by: Dan Schaper --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 4c173d05..f2720d5d 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1129,7 +1129,7 @@ chooseBlocklists() { done # Create an empty adList file with appropriate permissions. if [ ! -f "${adlistFile}" ]; then - touch "${adlistFile}" + install /dev/null "${adlistFile}" chmod 644 "${adlistFile}" fi } From 4230be0c8074dbbc286875986cfc2ea61399a2bb Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Fri, 1 Apr 2022 12:00:14 -0700 Subject: [PATCH 061/110] Hirsute buildpack EOL upstream. Adding impish. Signed-off-by: Dan Schaper --- test/_ubuntu_21.Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/_ubuntu_21.Dockerfile b/test/_ubuntu_21.Dockerfile index afddbfa9..6d4d7fbc 100644 --- a/test/_ubuntu_21.Dockerfile +++ b/test/_ubuntu_21.Dockerfile @@ -1,4 +1,4 @@ -FROM buildpack-deps:hirsute-scm +FROM buildpack-deps:impish-scm ENV GITDIR /etc/.pihole ENV SCRIPTDIR /opt/pihole From 69e4e9a2ae705da466711238b81837d0a3ce6f3d Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Fri, 1 Apr 2022 12:53:43 -0700 Subject: [PATCH 062/110] Bump to python action v3. v2 has many changes. Signed-off-by: Dan Schaper --- .github/workflows/test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 17557a87..33ba6c8f 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -37,7 +37,7 @@ jobs: uses: actions/checkout@v2 - name: Set up Python 3.8 - uses: actions/setup-python@v2 + uses: actions/setup-python@v3 with: python-version: 3.8 - From 8a5c7dec719bb29f4717b0e679afc585d915c45e Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Thu, 31 Mar 2022 14:32:07 -0700 Subject: [PATCH 063/110] Ensure existing files are proper owner and mode. Signed-off-by: Dan Schaper co-authored-by: RD WebDesign --- advanced/Templates/pihole-FTL.service | 11 +++++++---- automated install/basic-install.sh | 5 +++-- 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/advanced/Templates/pihole-FTL.service b/advanced/Templates/pihole-FTL.service index 865e2cd9..23f4f125 100644 --- a/advanced/Templates/pihole-FTL.service +++ b/advanced/Templates/pihole-FTL.service @@ -21,12 +21,15 @@ start() { else # Touch files to ensure they exist (create if non-existing, preserve if existing) mkdir -pm 0755 /run/pihole - touch /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole-FTL.log /var/log/pihole.log /etc/pihole/dhcp.leases + [ ! -f /run/pihole-FTL.pid ] && install -m 644 -o pihole -g pihole dev/null /run/pihole-FTL.pid + [ ! -f /run/pihole-FTL.port ] && install -m 644 -o pihole -g pihole dev/null /run/pihole-FTL.port + [ ! -f /var/log/pihole-FTL.log ] && install -m 644 -o pihole -g pihole dev/null /var/log/pihole.log + [ ! -f /var/log/pihole.log ] && install -m 644 -o pihole -g pihole dev/null /var/log/pihole.log + [ ! -f /etc/pihole/dhcp.leases ] && install -m 644 -o pihole -g pihole dev/null /etc/pihole/dhcp.leases # Ensure that permissions are set so that pihole-FTL can edit all necessary files - chown pihole:pihole /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole-FTL.log /var/log/pihole.log /etc/pihole/dhcp.leases /run/pihole /etc/pihole - chmod 0644 /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole-FTL.log /var/log/pihole.log /etc/pihole/dhcp.leases + chown pihole:pihole /run/pihole /etc/pihole /var/log/pihole.log /var/log/pihole.log /etc/pihole/dhcp.leases # Ensure that permissions are set so that pihole-FTL can edit the files. We ignore errors as the file may not (yet) exist - chmod -f 0644 /etc/pihole/macvendor.db + chmod -f 0644 /etc/pihole/macvendor.db /etc/pihole/dhcp.leases /var/log/pihole-FTL.log /var/log/pihole.log # Chown database files to the user FTL runs as. We ignore errors as the files may not (yet) exist chown -f pihole:pihole /etc/pihole/pihole-FTL.db /etc/pihole/gravity.db /etc/pihole/macvendor.db # Chown database file permissions so that the pihole group (web interface) can edit the file. We ignore errors as the files may not (yet) exist diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index f2720d5d..62366f8a 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1129,7 +1129,8 @@ chooseBlocklists() { done # Create an empty adList file with appropriate permissions. if [ ! -f "${adlistFile}" ]; then - install /dev/null "${adlistFile}" + install -m 644 /dev/null "${adlistFile}" + else chmod 644 "${adlistFile}" fi } @@ -1333,7 +1334,7 @@ installConfigs() { install -D -m 644 -T ${PI_HOLE_LOCAL_REPO}/advanced/${LIGHTTPD_CFG} "${lighttpdConfig}" # Make sure the external.conf file exists, as lighttpd v1.4.50 crashes without it if [ ! -f /etc/lighttpd/external.conf ]; then - install -m 644 /dev/null /etc/lighttpd/external.com + install -m 644 /dev/null /etc/lighttpd/external.conf fi # If there is a custom block page in the html/pihole directory, replace 404 handler in lighttpd config if [[ -f "${PI_HOLE_BLOCKPAGE_DIR}/custom.php" ]]; then From 0f192998eb52c46e20cd422513d8ae5a9a0edf8f Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Fri, 1 Apr 2022 14:17:57 -0700 Subject: [PATCH 064/110] Create empty files. Signed-off-by: Dan Schaper --- advanced/Templates/pihole-FTL.service | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/advanced/Templates/pihole-FTL.service b/advanced/Templates/pihole-FTL.service index 23f4f125..d4a057ef 100644 --- a/advanced/Templates/pihole-FTL.service +++ b/advanced/Templates/pihole-FTL.service @@ -21,11 +21,11 @@ start() { else # Touch files to ensure they exist (create if non-existing, preserve if existing) mkdir -pm 0755 /run/pihole - [ ! -f /run/pihole-FTL.pid ] && install -m 644 -o pihole -g pihole dev/null /run/pihole-FTL.pid - [ ! -f /run/pihole-FTL.port ] && install -m 644 -o pihole -g pihole dev/null /run/pihole-FTL.port - [ ! -f /var/log/pihole-FTL.log ] && install -m 644 -o pihole -g pihole dev/null /var/log/pihole.log - [ ! -f /var/log/pihole.log ] && install -m 644 -o pihole -g pihole dev/null /var/log/pihole.log - [ ! -f /etc/pihole/dhcp.leases ] && install -m 644 -o pihole -g pihole dev/null /etc/pihole/dhcp.leases + [ ! -f /run/pihole-FTL.pid ] && install -m 644 -o pihole -g pihole /dev/null /run/pihole-FTL.pid + [ ! -f /run/pihole-FTL.port ] && install -m 644 -o pihole -g pihole /dev/null /run/pihole-FTL.port + [ ! -f /var/log/pihole-FTL.log ] && install -m 644 -o pihole -g pihole /dev/null /var/log/pihole.log + [ ! -f /var/log/pihole.log ] && install -m 644 -o pihole -g pihole /dev/null /var/log/pihole.log + [ ! -f /etc/pihole/dhcp.leases ] && install -m 644 -o pihole -g pihole /dev/null /etc/pihole/dhcp.leases # Ensure that permissions are set so that pihole-FTL can edit all necessary files chown pihole:pihole /run/pihole /etc/pihole /var/log/pihole.log /var/log/pihole.log /etc/pihole/dhcp.leases # Ensure that permissions are set so that pihole-FTL can edit the files. We ignore errors as the file may not (yet) exist From b714c4598a615ae384e8f884936071d8b04e84f6 Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Fri, 1 Apr 2022 14:49:30 -0700 Subject: [PATCH 065/110] Found it. Signed-off-by: Dan Schaper --- advanced/Templates/pihole-FTL.service | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/Templates/pihole-FTL.service b/advanced/Templates/pihole-FTL.service index d4a057ef..41ab8018 100644 --- a/advanced/Templates/pihole-FTL.service +++ b/advanced/Templates/pihole-FTL.service @@ -23,7 +23,7 @@ start() { mkdir -pm 0755 /run/pihole [ ! -f /run/pihole-FTL.pid ] && install -m 644 -o pihole -g pihole /dev/null /run/pihole-FTL.pid [ ! -f /run/pihole-FTL.port ] && install -m 644 -o pihole -g pihole /dev/null /run/pihole-FTL.port - [ ! -f /var/log/pihole-FTL.log ] && install -m 644 -o pihole -g pihole /dev/null /var/log/pihole.log + [ ! -f /var/log/pihole-FTL.log ] && install -m 644 -o pihole -g pihole /dev/null /var/log/pihole-FTL.log [ ! -f /var/log/pihole.log ] && install -m 644 -o pihole -g pihole /dev/null /var/log/pihole.log [ ! -f /etc/pihole/dhcp.leases ] && install -m 644 -o pihole -g pihole /dev/null /etc/pihole/dhcp.leases # Ensure that permissions are set so that pihole-FTL can edit all necessary files From 7fa8cdd03ee1884b61add34d923d0741da8a6a3a Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Wed, 16 Mar 2022 20:46:15 +0000 Subject: [PATCH 066/110] Address: - Review Comments - Stickler Complaints --- advanced/Scripts/utils.sh | 22 ++++++++-------------- advanced/Scripts/webpage.sh | 12 +++++++----- pihole | 8 ++++---- test/test_any_utils.py | 19 ++++++++++--------- 4 files changed, 29 insertions(+), 32 deletions(-) diff --git a/advanced/Scripts/utils.sh b/advanced/Scripts/utils.sh index 86a7e0b4..0906ce49 100755 --- a/advanced/Scripts/utils.sh +++ b/advanced/Scripts/utils.sh @@ -1,4 +1,6 @@ #!/usr/bin/env sh +# shellcheck disable=SC3043 #https://github.com/koalaman/shellcheck/wiki/SC3043#exceptions + # Pi-hole: A black hole for Internet advertisements # (c) 2017 Pi-hole, LLC (https://pi-hole.net) # Network-wide ad blocking via your own hardware. @@ -16,28 +18,20 @@ ####################### # Takes either -# - Three arguments: key, value, and file. -# - Two arguments: key, and file +# - Three arguments: file, key, and value. +# - Two arguments: file, and key. # # Checks the target file for the existence of the key # - If it exists, it changes the value # - If it does not exist, it adds the value # # Example usage: -# addOrEditKeyValuePair "BLOCKING_ENABLED" "true" "/etc/pihole/setupVars.conf" +# addOrEditKeyValuePair "/etc/pihole/setupVars.conf" "BLOCKING_ENABLED" "true" ####################### addOrEditKeyValPair() { - local key="${1}" - local value - local file - - # If two arguments have been passed, then the second one is the file - there is no value - if [ $# -lt 3 ]; then - file="${2}" - else - value="${2}" - file="${3}" - fi + local file="${1}" + local key="${2}" + local value="${3}" if [ "${value}" != "" ]; then # value has a value, so it is a key pair diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index 14cf5999..f63fd0ca 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -1,5 +1,7 @@ #!/usr/bin/env bash # shellcheck disable=SC1090 +# shellcheck disable=SC2154 + # Pi-hole: A black hole for Internet advertisements # (c) 2017 Pi-hole, LLC (https://pi-hole.net) @@ -54,7 +56,7 @@ Options: } add_setting() { - addOrEditKeyValPair "${1}" "${2}" "${setupVars}" + addOrEditKeyValPair "${setupVars}" "${1}" "${2}" } delete_setting() { @@ -62,11 +64,11 @@ delete_setting() { } change_setting() { - addOrEditKeyValPair "${1}" "${2}" "${setupVars}" + addOrEditKeyValPair "${setupVars}" "${1}" "${2}" } addFTLsetting() { - addOrEditKeyValPair "${1}" "${2}" "${FTLconf}" + addOrEditKeyValPair "${FTLconf}" "${1}" "${2}" } deleteFTLsetting() { @@ -74,11 +76,11 @@ deleteFTLsetting() { } changeFTLsetting() { - addOrEditKeyValPair "${1}" "${2}" "${FTLconf}" + addOrEditKeyValPair "${FTLconf}" "${1}" "${2}" } add_dnsmasq_setting() { - addOrEditKeyValPair "${1}" "${2}" "${dnsmasqconfig}" + addOrEditKeyValPair "${dnsmasqconfig}" "${1}" "${2}" } delete_dnsmasq_setting() { diff --git a/pihole b/pihole index d73fd5aa..bdce6663 100755 --- a/pihole +++ b/pihole @@ -226,7 +226,7 @@ Time: fi local str="Pi-hole Disabled" - addOrEditKeyValPair "BLOCKING_ENABLED" "false" "${setupVars}" + addOrEditKeyValPair "${setupVars}" "BLOCKING_ENABLED" "false" fi else # Enable Pi-hole @@ -238,7 +238,7 @@ Time: echo -e " ${INFO} Enabling blocking" local str="Pi-hole Enabled" - addOrEditKeyValPair "BLOCKING_ENABLED" "true" "${setupVars}" + addOrEditKeyValPair "${setupVars}" "BLOCKING_ENABLED" "true" fi restartDNS reload-lists @@ -261,7 +261,7 @@ Options: elif [[ "${1}" == "off" ]]; then # Disable logging sed -i 's/^log-queries/#log-queries/' /etc/dnsmasq.d/01-pihole.conf - addOrEditKeyValPair "QUERY_LOGGING" "false" "${setupVars}" + addOrEditKeyValPair "${setupVars}" "QUERY_LOGGING" "false" if [[ "${2}" != "noflush" ]]; then # Flush logs "${PI_HOLE_BIN_DIR}"/pihole -f @@ -271,7 +271,7 @@ Options: elif [[ "${1}" == "on" ]]; then # Enable logging sed -i 's/^#log-queries/log-queries/' /etc/dnsmasq.d/01-pihole.conf - addOrEditKeyValPair "QUERY_LOGGING" "true" "${setupVars}" + addOrEditKeyValPair "${setupVars}" "QUERY_LOGGING" "true" echo -e " ${INFO} Enabling logging..." local str="Logging has been enabled!" else diff --git a/test/test_any_utils.py b/test/test_any_utils.py index f73cc1b2..1c8f9531 100644 --- a/test/test_any_utils.py +++ b/test/test_any_utils.py @@ -2,12 +2,12 @@ def test_key_val_replacement_works(host): ''' Confirms addOrEditKeyValPair provides the expected output ''' host.run(''' source /opt/pihole/utils.sh - addOrEditKeyValPair "KEY_ONE" "value1" "./testoutput" - addOrEditKeyValPair "KEY_TWO" "value2" "./testoutput" - addOrEditKeyValPair "KEY_ONE" "value3" "./testoutput" - addOrEditKeyValPair "KEY_FOUR" "value4" "./testoutput" - addOrEditKeyValPair "KEY_FIVE_NO_VALUE" "./testoutput" - addOrEditKeyValPair "KEY_FIVE_NO_VALUE" "./testoutput" + addOrEditKeyValPair "./testoutput" "KEY_ONE" "value1" + addOrEditKeyValPair "./testoutput" "KEY_TWO" "value2" + addOrEditKeyValPair "./testoutput" "KEY_ONE" "value3" + addOrEditKeyValPair "./testoutput" "KEY_FOUR" "value4" + addOrEditKeyValPair "./testoutput" "KEY_FIVE_NO_VALUE" + addOrEditKeyValPair "./testoutput" "KEY_FIVE_NO_VALUE" ''') output = host.run(''' cat ./testoutput @@ -15,13 +15,14 @@ def test_key_val_replacement_works(host): expected_stdout = 'KEY_ONE=value3\nKEY_TWO=value2\nKEY_FOUR=value4\nKEY_FIVE_NO_VALUE\n' assert expected_stdout == output.stdout + def test_key_val_removal_works(host): ''' Confirms addOrEditKeyValPair provides the expected output ''' host.run(''' source /opt/pihole/utils.sh - addOrEditKeyValPair "KEY_ONE" "value1" "./testoutput" - addOrEditKeyValPair "KEY_TWO" "value2" "./testoutput" - addOrEditKeyValPair "KEY_THREE" "value3" "./testoutput" + addOrEditKeyValPair "./testoutput" "KEY_ONE" "value1" + addOrEditKeyValPair "./testoutput" "KEY_TWO" "value2" + addOrEditKeyValPair "./testoutput" "KEY_THREE" "value3" removeKey "KEY_TWO" "./testoutput" ''') output = host.run(''' From 6121c162ff31a74a3b24c13c9104af13627d1277 Mon Sep 17 00:00:00 2001 From: yubiuser Date: Sun, 3 Apr 2022 13:49:43 +0200 Subject: [PATCH 067/110] Fix typo Co-authored-by: Marius Hanl <66004280+Maran23@users.noreply.github.com> --- pihole | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pihole b/pihole index 1f283d0e..dd41c5f2 100755 --- a/pihole +++ b/pihole @@ -496,7 +496,7 @@ if [[ $# = 0 ]]; then helpFunc fi -# functions that do not requiere sudo power +# functions that do not require sudo power case "${1}" in "-h" | "help" | "--help" ) helpFunc;; "-v" | "version" ) versionFunc "$@";; From e4a1f3a175b00b344f0d941a4cf7a97fbc1f8b2a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Mon, 4 Apr 2022 13:52:26 +0200 Subject: [PATCH 068/110] Rename block lists to adlists within the query list functions MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- advanced/Scripts/query.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/advanced/Scripts/query.sh b/advanced/Scripts/query.sh index 20c891bf..8f7bfea4 100755 --- a/advanced/Scripts/query.sh +++ b/advanced/Scripts/query.sh @@ -64,8 +64,8 @@ Example: 'pihole -q -exact domain.com' Query the adlists for a specified domain Options: - -exact Search the block lists for exact domain matches - -all Return all query matches within a block list + -exact Search the adlists for exact domain matches + -all Return all query matches within the adlists -h, --help Show this help dialog" exit 0 fi @@ -210,7 +210,7 @@ mapfile -t results <<< "$(scanDatabaseTable "${domainQuery}" "gravity")" # Handle notices if [[ -z "${wbMatch:-}" ]] && [[ -z "${wcMatch:-}" ]] && [[ -z "${results[*]}" ]]; then - echo -e " ${INFO} No ${exact/t/t }results found for ${COL_BOLD}${domainQuery}${COL_NC} within the block lists" + echo -e " ${INFO} No ${exact/t/t }results found for ${COL_BOLD}${domainQuery}${COL_NC} within the adlists" exit 0 elif [[ -z "${results[*]}" ]]; then # Result found in WL/BL/Wildcards From cd3c97f11326fda89fdc0d617aaf115160f6be61 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Mon, 4 Apr 2022 16:38:30 +0200 Subject: [PATCH 069/110] Exit installer if dpkg lock is held for more then 30 seconds MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- automated install/basic-install.sh | 37 +++++++++++++++++------------- 1 file changed, 21 insertions(+), 16 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index a9235394..9d1eaccd 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -259,6 +259,27 @@ os_check() { fi } +# This function waits for dpkg to unlock, which signals that the previous apt-get command has finished. +test_dpkg_lock() { + i=0 + # fuser is a program to show which processes use the named files, sockets, or filesystems + # So while the lock is held, + while fuser /var/lib/dpkg/lock >/dev/null 2>&1 + do + # we wait half a second, + sleep 0.5 + # increase the iterator, + ((i=i+1)) + # exit if waiting for more then 30 seconds + if [[ $i -gt 60 ]]; then + echo "*** Error: Could not verify package manager finished and released lock. Attempt to install packages manually and retry."; + exit 1; + fi + done + # and then report success once dpkg is unlocked. + return 0 +} + # Compatibility package_manager_detect() { # First check to see if apt-get is installed. @@ -302,22 +323,6 @@ package_manager_detect() { # and config file LIGHTTPD_CFG="lighttpd.conf.debian" - # This function waits for dpkg to unlock, which signals that the previous apt-get command has finished. - test_dpkg_lock() { - i=0 - # fuser is a program to show which processes use the named files, sockets, or filesystems - # So while the lock is held, - while fuser /var/lib/dpkg/lock >/dev/null 2>&1 - do - # we wait half a second, - sleep 0.5 - # increase the iterator, - ((i=i+1)) - done - # and then report success once dpkg is unlocked. - return 0 - } - # If apt-get is not found, check for rpm. elif is_command rpm ; then # Then check if dnf or yum is the package manager From 30ba79f6a01e331302f753a190b8d187610d374f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Mon, 4 Apr 2022 16:48:34 +0200 Subject: [PATCH 070/110] Let users know what's going on MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- automated install/basic-install.sh | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 9d1eaccd..a51362ba 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -262,6 +262,7 @@ os_check() { # This function waits for dpkg to unlock, which signals that the previous apt-get command has finished. test_dpkg_lock() { i=0 + printf " %b Waiting for package manager to finish\\n" "${INFO}" # fuser is a program to show which processes use the named files, sockets, or filesystems # So while the lock is held, while fuser /var/lib/dpkg/lock >/dev/null 2>&1 @@ -272,7 +273,8 @@ test_dpkg_lock() { ((i=i+1)) # exit if waiting for more then 30 seconds if [[ $i -gt 60 ]]; then - echo "*** Error: Could not verify package manager finished and released lock. Attempt to install packages manually and retry."; + printf " %b %bError: Could not verify package manager finished and released lock. %b\\n" "${CROSS}" "${COL_LIGHT_RED}" "${COL_NC}" + printf " Attempt to install packages manually and retry.\\n" exit 1; fi done From c0a2ab7b77feaa64a25415ec674432fa22e423ac Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Mon, 4 Apr 2022 16:59:13 +0200 Subject: [PATCH 071/110] Fix indention MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index a51362ba..5f2f327d 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -262,7 +262,7 @@ os_check() { # This function waits for dpkg to unlock, which signals that the previous apt-get command has finished. test_dpkg_lock() { i=0 - printf " %b Waiting for package manager to finish\\n" "${INFO}" + printf " %b Waiting for package manager to finish\\n" "${INFO}" # fuser is a program to show which processes use the named files, sockets, or filesystems # So while the lock is held, while fuser /var/lib/dpkg/lock >/dev/null 2>&1 From 4d31d5ee1148f1de8e8608a7bf0fed255136a6e1 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Mon, 4 Apr 2022 22:02:26 +0100 Subject: [PATCH 072/110] Address review comments Signed-off-by: Adam Warner --- advanced/Scripts/utils.sh | 6 +++--- advanced/Scripts/webpage.sh | 6 +++--- pihole | 4 ++-- test/test_any_utils.py | 4 ++-- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/advanced/Scripts/utils.sh b/advanced/Scripts/utils.sh index 0906ce49..9d80e446 100755 --- a/advanced/Scripts/utils.sh +++ b/advanced/Scripts/utils.sh @@ -56,11 +56,11 @@ addOrEditKeyValPair() { # Deletes a key from target file # # Example usage: -# removeKey "PIHOLE_DNS_1" "/etc/pihole/setupVars.conf" +# removeKey "/etc/pihole/setupVars.conf" "PIHOLE_DNS_1" ####################### removeKey() { - local key="${1}" - local file="${2}" + local file="${1}" + local key="${2}" sed -i "/^${key}/d" "${file}" } diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index f63fd0ca..15418ee0 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -60,7 +60,7 @@ add_setting() { } delete_setting() { - removeKey "${1}" "${setupVars}" + removeKey "${setupVars}" "${1}" } change_setting() { @@ -72,7 +72,7 @@ addFTLsetting() { } deleteFTLsetting() { - removeKey "${1}" "${FTLconf}" + removeKey "${FTLconf}" "${1}" } changeFTLsetting() { @@ -84,7 +84,7 @@ add_dnsmasq_setting() { } delete_dnsmasq_setting() { - removeKey "${1}" "${dnsmasqconfig}" + removeKey "${dnsmasqconfig}" "${1}" } SetTemperatureUnit() { diff --git a/pihole b/pihole index bdce6663..83d1f45c 100755 --- a/pihole +++ b/pihole @@ -260,7 +260,7 @@ Options: exit 0 elif [[ "${1}" == "off" ]]; then # Disable logging - sed -i 's/^log-queries/#log-queries/' /etc/dnsmasq.d/01-pihole.conf + addOrEditKeyValPair /etc/dnsmasq.d/01-pihole.conf "log-queries" addOrEditKeyValPair "${setupVars}" "QUERY_LOGGING" "false" if [[ "${2}" != "noflush" ]]; then # Flush logs @@ -270,7 +270,7 @@ Options: local str="Logging has been disabled!" elif [[ "${1}" == "on" ]]; then # Enable logging - sed -i 's/^#log-queries/log-queries/' /etc/dnsmasq.d/01-pihole.conf + removeKey /etc/dnsmasq.d/01-pihole.conf "log-queries" addOrEditKeyValPair "${setupVars}" "QUERY_LOGGING" "true" echo -e " ${INFO} Enabling logging..." local str="Logging has been enabled!" diff --git a/test/test_any_utils.py b/test/test_any_utils.py index 1c8f9531..998c1c84 100644 --- a/test/test_any_utils.py +++ b/test/test_any_utils.py @@ -17,13 +17,13 @@ def test_key_val_replacement_works(host): def test_key_val_removal_works(host): - ''' Confirms addOrEditKeyValPair provides the expected output ''' + ''' Confirms removeKey provides the expected output ''' host.run(''' source /opt/pihole/utils.sh addOrEditKeyValPair "./testoutput" "KEY_ONE" "value1" addOrEditKeyValPair "./testoutput" "KEY_TWO" "value2" addOrEditKeyValPair "./testoutput" "KEY_THREE" "value3" - removeKey "KEY_TWO" "./testoutput" + removeKey "./testoutput" "KEY_TWO" ''') output = host.run(''' cat ./testoutput From 9b4f6c84cd770d333bca1579a8494472bfe5fa62 Mon Sep 17 00:00:00 2001 From: yubiuser Date: Mon, 4 Apr 2022 23:14:10 +0200 Subject: [PATCH 073/110] Minor review comments --- advanced/Scripts/utils.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/advanced/Scripts/utils.sh b/advanced/Scripts/utils.sh index 9d80e446..f457427f 100755 --- a/advanced/Scripts/utils.sh +++ b/advanced/Scripts/utils.sh @@ -34,7 +34,7 @@ addOrEditKeyValPair() { local value="${3}" if [ "${value}" != "" ]; then - # value has a value, so it is a key pair + # value has a value, so it is a key-value pair if grep -q "^${key}=" "${file}"; then # Key already exists in file, modify the value sed -i "/^${key}=/c\\${key}=${value}" "${file}" @@ -52,7 +52,7 @@ addOrEditKeyValPair() { } ####################### -# Takes two arguments key, and file. +# Takes two arguments file, and key. # Deletes a key from target file # # Example usage: From b33434d02a05e2777041ce853b0c09d5f9682bcf Mon Sep 17 00:00:00 2001 From: yubiuser Date: Thu, 7 Apr 2022 09:11:53 +0200 Subject: [PATCH 074/110] Let uses know how long they need to wait (max) Co-authored-by: Adam Warner --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 5f2f327d..e1683993 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -262,7 +262,7 @@ os_check() { # This function waits for dpkg to unlock, which signals that the previous apt-get command has finished. test_dpkg_lock() { i=0 - printf " %b Waiting for package manager to finish\\n" "${INFO}" + printf " %b Waiting for package manager to finish (up to 30 seconds)\\n" "${INFO}" # fuser is a program to show which processes use the named files, sockets, or filesystems # So while the lock is held, while fuser /var/lib/dpkg/lock >/dev/null 2>&1 From 86dd61288288cdb57b8780c11a159e4cf8b8e1da Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Tue, 12 Apr 2022 17:13:50 +0100 Subject: [PATCH 075/110] remove `readonly` directive from declaration of `utilsfile`, it is unnecassery Signed-off-by: Adam Warner --- advanced/Scripts/webpage.sh | 2 +- pihole | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index 15418ee0..c4d6570d 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -28,7 +28,7 @@ readonly PI_HOLE_FILES_DIR="/etc/.pihole" PH_TEST="true" source "${PI_HOLE_FILES_DIR}/automated install/basic-install.sh" -readonly utilsfile="/opt/pihole/utils.sh" +utilsfile="/opt/pihole/utils.sh" source "${utilsfile}" coltable="/opt/pihole/COL_TABLE" diff --git a/pihole b/pihole index 6beba316..6823b3b6 100755 --- a/pihole +++ b/pihole @@ -21,7 +21,7 @@ readonly FTL_PID_FILE="/run/pihole-FTL.pid" readonly colfile="${PI_HOLE_SCRIPT_DIR}/COL_TABLE" source "${colfile}" -readonly utilsfile="${PI_HOLE_SCRIPT_DIR}/utils.sh" +utilsfile="${PI_HOLE_SCRIPT_DIR}/utils.sh" source "${utilsfile}" webpageFunc() { From 9356d7bbb122f3c69fc97a2b3aff828944ef84d6 Mon Sep 17 00:00:00 2001 From: yubiuser Date: Tue, 12 Apr 2022 20:36:49 +0200 Subject: [PATCH 076/110] Remove unnecessary case in uninstall script (#4692) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Remove unnecessary case in uninstall script * Better answer Signed-off-by: Christian König --- automated install/uninstall.sh | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/automated install/uninstall.sh b/automated install/uninstall.sh index 5e27514f..9d3fca31 100755 --- a/automated install/uninstall.sh +++ b/automated install/uninstall.sh @@ -11,10 +11,9 @@ source "/opt/pihole/COL_TABLE" while true; do - read -rp " ${QST} Are you sure you would like to remove ${COL_WHITE}Pi-hole${COL_NC}? [y/N] " yn - case ${yn} in + read -rp " ${QST} Are you sure you would like to remove ${COL_WHITE}Pi-hole${COL_NC}? [y/N] " answer + case ${answer} in [Yy]* ) break;; - [Nn]* ) echo -e "${OVER} ${COL_LIGHT_GREEN}Uninstall has been canceled${COL_NC}"; exit 0;; * ) echo -e "${OVER} ${COL_LIGHT_GREEN}Uninstall has been canceled${COL_NC}"; exit 0;; esac done @@ -76,8 +75,8 @@ removeAndPurge() { for i in "${DEPS[@]}"; do if package_check "${i}" > /dev/null; then while true; do - read -rp " ${QST} Do you wish to remove ${COL_WHITE}${i}${COL_NC} from your system? [Y/N] " yn - case ${yn} in + read -rp " ${QST} Do you wish to remove ${COL_WHITE}${i}${COL_NC} from your system? [Y/N] " answer + case ${answer} in [Yy]* ) echo -ne " ${INFO} Removing ${i}..."; ${SUDO} "${PKG_REMOVE[@]}" "${i}" &> /dev/null; @@ -215,8 +214,8 @@ while true; do echo -n "${i} " done echo "${COL_NC}" - read -rp " ${QST} Do you wish to go through each dependency for removal? (Choosing No will leave all dependencies installed) [Y/n] " yn - case ${yn} in + read -rp " ${QST} Do you wish to go through each dependency for removal? (Choosing No will leave all dependencies installed) [Y/n] " answer + case ${answer} in [Yy]* ) removeAndPurge; break;; [Nn]* ) removeNoPurge; break;; * ) removeAndPurge; break;; From 2b124b1c697f18c80369848823bce8f0a624fa30 Mon Sep 17 00:00:00 2001 From: MichaIng Date: Wed, 13 Apr 2022 21:30:12 +0200 Subject: [PATCH 077/110] Do not pass whole environment for PIHOLE_SKIP_OS_CHECK=true With `sudo -E`, the whole environment is passed to the root shell, which is a potential security and/or privacy issue when command overrides/functions, PATH or private user info are passed. To pass `PIHOLE_SKIP_OS_CHECK=true`, it can be passed alone to the bash/script call within the sudo session, so the `-E` flag can be omitted. Signed-off-by: MichaIng --- automated install/basic-install.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index e1683993..5e0d5e14 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -239,10 +239,10 @@ os_check() { printf " If you wish to attempt to continue anyway, you can try one of the following commands to skip this check:\\n" printf "\\n" printf " e.g: If you are seeing this message on a fresh install, you can run:\\n" - printf " %bcurl -sSL https://install.pi-hole.net | PIHOLE_SKIP_OS_CHECK=true sudo -E bash%b\\n" "${COL_LIGHT_GREEN}" "${COL_NC}" + printf " %bcurl -sSL https://install.pi-hole.net | sudo PIHOLE_SKIP_OS_CHECK=true bash%b\\n" "${COL_LIGHT_GREEN}" "${COL_NC}" printf "\\n" printf " If you are seeing this message after having run pihole -up:\\n" - printf " %bPIHOLE_SKIP_OS_CHECK=true sudo -E pihole -r%b\\n" "${COL_LIGHT_GREEN}" "${COL_NC}" + printf " %bsudo PIHOLE_SKIP_OS_CHECK=true pihole -r%b\\n" "${COL_LIGHT_GREEN}" "${COL_NC}" printf " (In this case, your previous run of pihole -up will have already updated the local repository)\\n" printf "\\n" printf " It is possible that the installation will still fail at this stage due to an unsupported configuration.\\n" From db116971ce5182084c4eebc25b1088b1fad58e2e Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Thu, 14 Apr 2022 22:53:38 +0100 Subject: [PATCH 078/110] I tried to do too many things in one function, vastly overcomplicating what should have been _this_ all along Signed-off-by: Adam Warner --- advanced/Scripts/utils.sh | 42 ++++++++++++++++++++++----------------- pihole | 4 ++-- test/test_any_utils.py | 4 ++-- 3 files changed, 28 insertions(+), 22 deletions(-) diff --git a/advanced/Scripts/utils.sh b/advanced/Scripts/utils.sh index f457427f..f0a7cc37 100755 --- a/advanced/Scripts/utils.sh +++ b/advanced/Scripts/utils.sh @@ -17,43 +17,49 @@ # - New functions must have a test added for them in test/test_any_utils.py ####################### -# Takes either -# - Three arguments: file, key, and value. -# - Two arguments: file, and key. +# Takes Three arguments: file, key, and value. # # Checks the target file for the existence of the key # - If it exists, it changes the value # - If it does not exist, it adds the value # # Example usage: -# addOrEditKeyValuePair "/etc/pihole/setupVars.conf" "BLOCKING_ENABLED" "true" +# addOrEditKeyValPair "/etc/pihole/setupVars.conf" "BLOCKING_ENABLED" "true" ####################### addOrEditKeyValPair() { local file="${1}" local key="${2}" local value="${3}" - if [ "${value}" != "" ]; then - # value has a value, so it is a key-value pair - if grep -q "^${key}=" "${file}"; then + if grep -q "^${key}=" "${file}"; then # Key already exists in file, modify the value sed -i "/^${key}=/c\\${key}=${value}" "${file}" - else - # Key does not already exist, add it and it's value - echo "${key}=${value}" >> "${file}" - fi else - # value has no value, so it is just a key. Add it if it does not already exist - if ! grep -q "^${key}" "${file}"; then - # Key does not exist, add it. - echo "${key}" >> "${file}" - fi + # Key does not already exist, add it and it's value + echo "${key}=${value}" >> "${file}" fi } ####################### -# Takes two arguments file, and key. -# Deletes a key from target file +# Takes two arguments: file, and key. +# Adds a key to target file +# +# Example usage: +# addKey "/etc/dnsmasq.d/01-pihole.conf" "log-queries" +####################### +addKey(){ + local file="${1}" + local key="${2}" + + if ! grep -q "^${key}" "${file}"; then + # Key does not exist, add it. + echo "${key}" >> "${file}" + fi +} + +####################### +# Takes two arguments: file, and key. +# Deletes a key or key/value pair from target file # # Example usage: # removeKey "/etc/pihole/setupVars.conf" "PIHOLE_DNS_1" diff --git a/pihole b/pihole index 6823b3b6..f51fd956 100755 --- a/pihole +++ b/pihole @@ -260,7 +260,7 @@ Options: exit 0 elif [[ "${1}" == "off" ]]; then # Disable logging - addOrEditKeyValPair /etc/dnsmasq.d/01-pihole.conf "log-queries" + removeKey /etc/dnsmasq.d/01-pihole.conf "log-queries" addOrEditKeyValPair "${setupVars}" "QUERY_LOGGING" "false" if [[ "${2}" != "noflush" ]]; then # Flush logs @@ -270,7 +270,7 @@ Options: local str="Logging has been disabled!" elif [[ "${1}" == "on" ]]; then # Enable logging - removeKey /etc/dnsmasq.d/01-pihole.conf "log-queries" + addKey /etc/dnsmasq.d/01-pihole.conf "log-queries" addOrEditKeyValPair "${setupVars}" "QUERY_LOGGING" "true" echo -e " ${INFO} Enabling logging..." local str="Logging has been enabled!" diff --git a/test/test_any_utils.py b/test/test_any_utils.py index 998c1c84..07feaf0f 100644 --- a/test/test_any_utils.py +++ b/test/test_any_utils.py @@ -6,8 +6,8 @@ def test_key_val_replacement_works(host): addOrEditKeyValPair "./testoutput" "KEY_TWO" "value2" addOrEditKeyValPair "./testoutput" "KEY_ONE" "value3" addOrEditKeyValPair "./testoutput" "KEY_FOUR" "value4" - addOrEditKeyValPair "./testoutput" "KEY_FIVE_NO_VALUE" - addOrEditKeyValPair "./testoutput" "KEY_FIVE_NO_VALUE" + addKey "./testoutput" "KEY_FIVE_NO_VALUE" + addKey "./testoutput" "KEY_FIVE_NO_VALUE" ''') output = host.run(''' cat ./testoutput From 23e6fa1ec56e7e24054d359ef5da0114e2f9b77f Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Fri, 15 Apr 2022 09:50:40 +0100 Subject: [PATCH 079/110] Replace wrapper function calls with direct utils.sh calls. Leave warpper functions until next release as docker currently uses them, and new changes to utils.sh need to be in the `master` branch before docker can use them Signed-off-by: Adam Warner --- advanced/Scripts/webpage.sh | 170 ++++++++++++++++++------------------ 1 file changed, 85 insertions(+), 85 deletions(-) diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index c4d6570d..04c8cbee 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -88,7 +88,7 @@ delete_dnsmasq_setting() { } SetTemperatureUnit() { - change_setting "TEMPERATUREUNIT" "${unit}" + addOrEditKeyValPair "${setupVars}" "TEMPERATUREUNIT" "${unit}" echo -e " ${TICK} Set temperature unit to ${unit}" } @@ -123,7 +123,7 @@ SetWebPassword() { echo "" if [ "${PASSWORD}" == "" ]; then - change_setting "WEBPASSWORD" "" + addOrEditKeyValPair "${setupVars}" "WEBPASSWORD" "" echo -e " ${TICK} Password Removed" exit 0 fi @@ -136,7 +136,7 @@ SetWebPassword() { # We do not wrap this in brackets, otherwise BASH will expand any appropriate syntax hash=$(HashPassword "$PASSWORD") # Save hash to file - change_setting "WEBPASSWORD" "${hash}" + addOrEditKeyValPair "${setupVars}" "WEBPASSWORD" "${hash}" echo -e " ${TICK} New password set" else echo -e " ${CROSS} Passwords don't match. Your password has not been changed" @@ -147,7 +147,7 @@ SetWebPassword() { ProcessDNSSettings() { source "${setupVars}" - delete_dnsmasq_setting "server" + removeKey "${dnsmasqconfig}" "server" COUNTER=1 while true ; do @@ -155,34 +155,34 @@ ProcessDNSSettings() { if [ -z "${!var}" ]; then break; fi - add_dnsmasq_setting "server" "${!var}" + addOrEditKeyValPair "${dnsmasqconfig}" "server" "${!var}" (( COUNTER++ )) done # The option LOCAL_DNS_PORT is deprecated # We apply it once more, and then convert it into the current format if [ -n "${LOCAL_DNS_PORT}" ]; then - add_dnsmasq_setting "server" "127.0.0.1#${LOCAL_DNS_PORT}" - add_setting "PIHOLE_DNS_${COUNTER}" "127.0.0.1#${LOCAL_DNS_PORT}" - delete_setting "LOCAL_DNS_PORT" + addOrEditKeyValPair "${dnsmasqconfig}" "server" "127.0.0.1#${LOCAL_DNS_PORT}" + addOrEditKeyValPair "${setupVars}" "PIHOLE_DNS_${COUNTER}" "127.0.0.1#${LOCAL_DNS_PORT}" + removeKey "${setupVars}" "LOCAL_DNS_PORT" fi - delete_dnsmasq_setting "domain-needed" - delete_dnsmasq_setting "expand-hosts" + removeKey "${dnsmasqconfig}" "domain-needed" + removeKey "${dnsmasqconfig}" "expand-hosts" if [[ "${DNS_FQDN_REQUIRED}" == true ]]; then - add_dnsmasq_setting "domain-needed" - add_dnsmasq_setting "expand-hosts" + addKey "${dnsmasqconfig}" "domain-needed" + addKey "${dnsmasqconfig}" "expand-hosts" fi - delete_dnsmasq_setting "bogus-priv" + removeKey "${dnsmasqconfig}" "bogus-priv" if [[ "${DNS_BOGUS_PRIV}" == true ]]; then - add_dnsmasq_setting "bogus-priv" + addKey "${dnsmasqconfig}" "bogus-priv" fi - delete_dnsmasq_setting "dnssec" - delete_dnsmasq_setting "trust-anchor" + removeKey "${dnsmasqconfig}" "dnssec" + removeKey "${dnsmasqconfig}" "trust-anchor" if [[ "${DNSSEC}" == true ]]; then echo "dnssec @@ -190,24 +190,24 @@ trust-anchor=.,20326,8,2,E06D44B80B8F1D39A95C0B0D7C65D08458E880409BBC68345710423 " >> "${dnsmasqconfig}" fi - delete_dnsmasq_setting "host-record" + removeKey "${dnsmasqconfig}" "host-record" if [ -n "${HOSTRECORD}" ]; then - add_dnsmasq_setting "host-record" "${HOSTRECORD}" + addOrEditKeyValPair "${dnsmasqconfig}" "host-record" "${HOSTRECORD}" fi # Setup interface listening behavior of dnsmasq - delete_dnsmasq_setting "interface" - delete_dnsmasq_setting "local-service" - delete_dnsmasq_setting "except-interface" - delete_dnsmasq_setting "bind-interfaces" + removeKey "${dnsmasqconfig}" "interface" + removeKey "${dnsmasqconfig}" "local-service" + removeKey "${dnsmasqconfig}" "except-interface" + removeKey "${dnsmasqconfig}" "bind-interfaces" if [[ "${DNSMASQ_LISTENING}" == "all" ]]; then # Listen on all interfaces, permit all origins - add_dnsmasq_setting "except-interface" "nonexisting" + addOrEditKeyValPair "${dnsmasqconfig}" "except-interface" "nonexisting" elif [[ "${DNSMASQ_LISTENING}" == "local" ]]; then # Listen only on all interfaces, but only local subnets - add_dnsmasq_setting "local-service" + addKey "${dnsmasqconfig}" "local-service" else # Options "bind" and "single" # Listen only on one interface @@ -216,30 +216,30 @@ trust-anchor=.,20326,8,2,E06D44B80B8F1D39A95C0B0D7C65D08458E880409BBC68345710423 PIHOLE_INTERFACE="eth0" fi - add_dnsmasq_setting "interface" "${PIHOLE_INTERFACE}" + addOrEditKeyValPair "${dnsmasqconfig}" "interface" "${PIHOLE_INTERFACE}" if [[ "${DNSMASQ_LISTENING}" == "bind" ]]; then # Really bind to interface - add_dnsmasq_setting "bind-interfaces" + addKey "${dnsmasqconfig}" "bind-interfaces" fi fi if [[ "${CONDITIONAL_FORWARDING}" == true ]]; then # Convert legacy "conditional forwarding" to rev-server configuration # Remove any existing REV_SERVER settings - delete_setting "REV_SERVER" - delete_setting "REV_SERVER_DOMAIN" - delete_setting "REV_SERVER_TARGET" - delete_setting "REV_SERVER_CIDR" + removeKey "${setupVars}" "REV_SERVER" + removeKey "${setupVars}" "REV_SERVER_DOMAIN" + removeKey "${setupVars}" "REV_SERVER_TARGET" + removeKey "${setupVars}" "REV_SERVER_CIDR" REV_SERVER=true - add_setting "REV_SERVER" "true" + addOrEditKeyValPair "${setupVars}" "REV_SERVER" "true" REV_SERVER_DOMAIN="${CONDITIONAL_FORWARDING_DOMAIN}" - add_setting "REV_SERVER_DOMAIN" "${REV_SERVER_DOMAIN}" + addOrEditKeyValPair "${setupVars}" "REV_SERVER_DOMAIN" "${REV_SERVER_DOMAIN}" REV_SERVER_TARGET="${CONDITIONAL_FORWARDING_IP}" - add_setting "REV_SERVER_TARGET" "${REV_SERVER_TARGET}" + addOrEditKeyValPair "${setupVars}" "REV_SERVER_TARGET" "${REV_SERVER_TARGET}" #Convert CONDITIONAL_FORWARDING_REVERSE if necessary e.g: # 1.1.168.192.in-addr.arpa to 192.168.1.1/32 @@ -266,28 +266,28 @@ trust-anchor=.,20326,8,2,E06D44B80B8F1D39A95C0B0D7C65D08458E880409BBC68345710423 # shellcheck disable=2001 REV_SERVER_CIDR="$(sed "s+\\.[0-9]*$+\\.0/24+" <<< "${REV_SERVER_TARGET}")" fi - add_setting "REV_SERVER_CIDR" "${REV_SERVER_CIDR}" + addOrEditKeyValPair "${setupVars}" "REV_SERVER_CIDR" "${REV_SERVER_CIDR}" # Remove obsolete settings from setupVars.conf - delete_setting "CONDITIONAL_FORWARDING" - delete_setting "CONDITIONAL_FORWARDING_REVERSE" - delete_setting "CONDITIONAL_FORWARDING_DOMAIN" - delete_setting "CONDITIONAL_FORWARDING_IP" + removeKey "${setupVars}" "CONDITIONAL_FORWARDING" + removeKey "${setupVars}" "CONDITIONAL_FORWARDING_REVERSE" + removeKey "${setupVars}" "CONDITIONAL_FORWARDING_DOMAIN" + removeKey "${setupVars}" "CONDITIONAL_FORWARDING_IP" fi - delete_dnsmasq_setting "rev-server" + removeKey "${dnsmasqconfig}" "rev-server" if [[ "${REV_SERVER}" == true ]]; then - add_dnsmasq_setting "rev-server=${REV_SERVER_CIDR},${REV_SERVER_TARGET}" + addKey "${dnsmasqconfig}" "rev-server=${REV_SERVER_CIDR},${REV_SERVER_TARGET}" if [ -n "${REV_SERVER_DOMAIN}" ]; then # Forward local domain names to the CF target, too - add_dnsmasq_setting "server=/${REV_SERVER_DOMAIN}/${REV_SERVER_TARGET}" + addKey "${dnsmasqconfig}" "server=/${REV_SERVER_DOMAIN}/${REV_SERVER_TARGET}" fi if [[ "${DNS_FQDN_REQUIRED}" != true ]]; then # Forward unqualified names to the CF target only when the "never # forward non-FQDN" option is unticked - add_dnsmasq_setting "server=//${REV_SERVER_TARGET}" + addKey "${dnsmasqconfig}" "server=//${REV_SERVER_TARGET}" fi fi @@ -302,7 +302,7 @@ trust-anchor=.,20326,8,2,E06D44B80B8F1D39A95C0B0D7C65D08458E880409BBC68345710423 SetDNSServers() { # Save setting to file - delete_setting "PIHOLE_DNS" + removeKey "${setupVars}" "PIHOLE_DNS" IFS=',' read -r -a array <<< "${args[2]}" for index in "${!array[@]}" do @@ -311,7 +311,7 @@ SetDNSServers() { ip="${array[index]//\\#/#}" if valid_ip "${ip}" || valid_ip6 "${ip}" ; then - add_setting "PIHOLE_DNS_$((index+1))" "${ip}" + addOrEditKeyValPair "${setupVars}" "PIHOLE_DNS_$((index+1))" "${ip}" else echo -e " ${CROSS} Invalid IP has been passed" exit 1 @@ -319,30 +319,30 @@ SetDNSServers() { done if [[ "${args[3]}" == "domain-needed" ]]; then - change_setting "DNS_FQDN_REQUIRED" "true" + addOrEditKeyValPair "${setupVars}" "DNS_FQDN_REQUIRED" "true" else - change_setting "DNS_FQDN_REQUIRED" "false" + addOrEditKeyValPair "${setupVars}" "DNS_FQDN_REQUIRED" "false" fi if [[ "${args[4]}" == "bogus-priv" ]]; then - change_setting "DNS_BOGUS_PRIV" "true" + addOrEditKeyValPair "${setupVars}" "DNS_BOGUS_PRIV" "true" else - change_setting "DNS_BOGUS_PRIV" "false" + addOrEditKeyValPair "${setupVars}" "DNS_BOGUS_PRIV" "false" fi if [[ "${args[5]}" == "dnssec" ]]; then - change_setting "DNSSEC" "true" + addOrEditKeyValPair "${setupVars}" "DNSSEC" "true" else - change_setting "DNSSEC" "false" + addOrEditKeyValPair "${setupVars}" "DNSSEC" "false" fi if [[ "${args[6]}" == "rev-server" ]]; then - change_setting "REV_SERVER" "true" - change_setting "REV_SERVER_CIDR" "${args[7]}" - change_setting "REV_SERVER_TARGET" "${args[8]}" - change_setting "REV_SERVER_DOMAIN" "${args[9]}" + addOrEditKeyValPair "${setupVars}" "REV_SERVER" "true" + addOrEditKeyValPair "${setupVars}" "REV_SERVER_CIDR" "${args[7]}" + addOrEditKeyValPair "${setupVars}" "REV_SERVER_TARGET" "${args[8]}" + addOrEditKeyValPair "${setupVars}" "REV_SERVER_DOMAIN" "${args[9]}" else - change_setting "REV_SERVER" "false" + addOrEditKeyValPair "${setupVars}" "REV_SERVER" "false" fi ProcessDNSSettings @@ -352,11 +352,11 @@ SetDNSServers() { } SetExcludeDomains() { - change_setting "API_EXCLUDE_DOMAINS" "${args[2]}" + addOrEditKeyValPair "${setupVars}" "API_EXCLUDE_DOMAINS" "${args[2]}" } SetExcludeClients() { - change_setting "API_EXCLUDE_CLIENTS" "${args[2]}" + addOrEditKeyValPair "${setupVars}" "API_EXCLUDE_CLIENTS" "${args[2]}" } Poweroff(){ @@ -372,7 +372,7 @@ RestartDNS() { } SetQueryLogOptions() { - change_setting "API_QUERY_LOG_SHOW" "${args[2]}" + addOrEditKeyValPair "${setupVars}" "API_QUERY_LOG_SHOW" "${args[2]}" } ProcessDHCPSettings() { @@ -388,19 +388,19 @@ ProcessDHCPSettings() { if [[ "${PIHOLE_DOMAIN}" == "" ]]; then PIHOLE_DOMAIN="lan" - change_setting "PIHOLE_DOMAIN" "${PIHOLE_DOMAIN}" + addOrEditKeyValPair "${setupVars}" "PIHOLE_DOMAIN" "${PIHOLE_DOMAIN}" fi if [[ "${DHCP_LEASETIME}" == "0" ]]; then leasetime="infinite" elif [[ "${DHCP_LEASETIME}" == "" ]]; then leasetime="24" - change_setting "DHCP_LEASETIME" "${leasetime}" + addOrEditKeyValPair "${setupVars}" "DHCP_LEASETIME" "${leasetime}" elif [[ "${DHCP_LEASETIME}" == "24h" ]]; then #Installation is affected by known bug, introduced in a previous version. #This will automatically clean up setupVars.conf and remove the unnecessary "h" leasetime="24" - change_setting "DHCP_LEASETIME" "${leasetime}" + addOrEditKeyValPair "${setupVars}" "DHCP_LEASETIME" "${leasetime}" else leasetime="${DHCP_LEASETIME}h" fi @@ -453,24 +453,24 @@ ra-param=*,0,0 } EnableDHCP() { - change_setting "DHCP_ACTIVE" "true" - change_setting "DHCP_START" "${args[2]}" - change_setting "DHCP_END" "${args[3]}" - change_setting "DHCP_ROUTER" "${args[4]}" - change_setting "DHCP_LEASETIME" "${args[5]}" - change_setting "PIHOLE_DOMAIN" "${args[6]}" - change_setting "DHCP_IPv6" "${args[7]}" - change_setting "DHCP_rapid_commit" "${args[8]}" + addOrEditKeyValPair "${setupVars}" "DHCP_ACTIVE" "true" + addOrEditKeyValPair "${setupVars}" "DHCP_START" "${args[2]}" + addOrEditKeyValPair "${setupVars}" "DHCP_END" "${args[3]}" + addOrEditKeyValPair "${setupVars}" "DHCP_ROUTER" "${args[4]}" + addOrEditKeyValPair "${setupVars}" "DHCP_LEASETIME" "${args[5]}" + addOrEditKeyValPair "${setupVars}" "PIHOLE_DOMAIN" "${args[6]}" + addOrEditKeyValPair "${setupVars}" "DHCP_IPv6" "${args[7]}" + addOrEditKeyValPair "${setupVars}" "DHCP_rapid_commit" "${args[8]}" # Remove possible old setting from file - delete_dnsmasq_setting "dhcp-" - delete_dnsmasq_setting "quiet-dhcp" + removeKey "${dnsmasqconfig}" "dhcp-" + removeKey "${dnsmasqconfig}" "quiet-dhcp" # If a DHCP client claims that its name is "wpad", ignore that. # This fixes a security hole. see CERT Vulnerability VU#598349 # We also ignore "localhost" as Windows behaves strangely if a # device claims this host name - add_dnsmasq_setting "dhcp-name-match=set:hostname-ignore,wpad + addKey "${dnsmasqconfig}" "dhcp-name-match=set:hostname-ignore,wpad dhcp-name-match=set:hostname-ignore,localhost dhcp-ignore-names=tag:hostname-ignore" @@ -480,11 +480,11 @@ dhcp-ignore-names=tag:hostname-ignore" } DisableDHCP() { - change_setting "DHCP_ACTIVE" "false" + addOrEditKeyValPair "${setupVars}" "DHCP_ACTIVE" "false" # Remove possible old setting from file - delete_dnsmasq_setting "dhcp-" - delete_dnsmasq_setting "quiet-dhcp" + removeKey "${dnsmasqconfig}" "dhcp-" + removeKey "${dnsmasqconfig}" "quiet-dhcp" ProcessDHCPSettings @@ -492,11 +492,11 @@ DisableDHCP() { } SetWebUILayout() { - change_setting "WEBUIBOXEDLAYOUT" "${args[2]}" + addOrEditKeyValPair "${setupVars}" "WEBUIBOXEDLAYOUT" "${args[2]}" } SetWebUITheme() { - change_setting "WEBTHEME" "${args[2]}" + addOrEditKeyValPair "${setupVars}" "WEBTHEME" "${args[2]}" } CheckUrl(){ @@ -591,10 +591,10 @@ Options: exit 0 fi - change_setting "ADMIN_EMAIL" "${args[2]}" + addOrEditKeyValPair "${setupVars}" "ADMIN_EMAIL" "${args[2]}" echo -e " ${TICK} Setting admin contact to ${args[2]}" else - change_setting "ADMIN_EMAIL" "" + addOrEditKeyValPair "${setupVars}" "ADMIN_EMAIL" "" echo -e " ${TICK} Removing admin contact" fi } @@ -618,16 +618,16 @@ Interfaces: if [[ "${args[2]}" == "all" ]]; then echo -e " ${INFO} Listening on all interfaces, permitting all origins. Please use a firewall!" - change_setting "DNSMASQ_LISTENING" "all" + addOrEditKeyValPair "${setupVars}" "DNSMASQ_LISTENING" "all" elif [[ "${args[2]}" == "local" ]]; then echo -e " ${INFO} Listening on all interfaces, permitting origins from one hop away (LAN)" - change_setting "DNSMASQ_LISTENING" "local" + addOrEditKeyValPair "${setupVars}" "DNSMASQ_LISTENING" "local" elif [[ "${args[2]}" == "bind" ]]; then echo -e " ${INFO} Binding on interface ${PIHOLE_INTERFACE}" - change_setting "DNSMASQ_LISTENING" "bind" + addOrEditKeyValPair "${setupVars}" "DNSMASQ_LISTENING" "bind" else echo -e " ${INFO} Listening only on interface ${PIHOLE_INTERFACE}" - change_setting "DNSMASQ_LISTENING" "single" + addOrEditKeyValPair "${setupVars}" "DNSMASQ_LISTENING" "single" fi # Don't restart DNS server yet because other settings @@ -697,7 +697,7 @@ clearAudit() SetPrivacyLevel() { # Set privacy level. Minimum is 0, maximum is 3 if [ "${args[2]}" -ge 0 ] && [ "${args[2]}" -le 3 ]; then - changeFTLsetting "PRIVACYLEVEL" "${args[2]}" + addOrEditKeyValPair "${FTLconf}" "PRIVACYLEVEL" "${args[2]}" pihole restartdns reload-lists fi } @@ -815,7 +815,7 @@ SetRateLimit() { # Set rate-limit setting inf valid if [ "${rate_limit_count}" -ge 0 ] && [ "${rate_limit_interval}" -ge 0 ]; then - changeFTLsetting "RATE_LIMIT" "${rate_limit_count}/${rate_limit_interval}" + addOrEditKeyValPair "${FTLconf}" "RATE_LIMIT" "${rate_limit_count}/${rate_limit_interval}" fi # Restart FTL to update rate-limit settings only if $reload not false From 37cef84643e0f2ea151db334b2e20130a905bd83 Mon Sep 17 00:00:00 2001 From: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com> Date: Fri, 15 Apr 2022 21:26:56 -0500 Subject: [PATCH 080/110] Set permissions for GitHub actions MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs [Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/) Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much. Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com> --- .github/workflows/test.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 17557a87..ab6d4223 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -4,6 +4,9 @@ on: pull_request: types: [opened, synchronize, reopened, ready_for_review] +permissions: + contents: read + jobs: smoke-test: if: github.event.pull_request.draft == false From 2601162243028115768878f3bb0f5ec8fdde8393 Mon Sep 17 00:00:00 2001 From: spmfox Date: Sat, 16 Apr 2022 16:25:33 -0400 Subject: [PATCH 081/110] Changed ldd binary check from /bin/ls to /usr/bin/bash Signed-off-by: spmfox --- automated install/basic-install.sh | 2 +- test/test_any_automated_install.py | 12 ++++++------ 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index e1683993..ced6ff2a 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -2216,7 +2216,7 @@ get_binary_name() { local rev rev=$(uname -m | sed "s/[^0-9]//g;") local lib - lib=$(ldd /bin/ls | grep -E '^\s*/lib' | awk '{ print $1 }') + lib=$(ldd /bin/bash | grep -E '^\s*/lib' | awk '{ print $1 }') if [[ "${lib}" == "/lib/ld-linux-aarch64.so.1" ]]; then printf "%b %b Detected AArch64 (64 Bit ARM) processor\\n" "${OVER}" "${TICK}" # set the binary to be used diff --git a/test/test_any_automated_install.py b/test/test_any_automated_install.py index b7b4ccd8..1e65842b 100644 --- a/test/test_any_automated_install.py +++ b/test/test_any_automated_install.py @@ -679,7 +679,7 @@ def test_FTL_detect_aarch64_no_errors(host): mock_command( 'ldd', { - '/bin/ls': ( + '/bin/bash': ( '/lib/ld-linux-aarch64.so.1', '0' ) @@ -709,7 +709,7 @@ def test_FTL_detect_armv4t_no_errors(host): # mock uname to return armv4t platform mock_command('uname', {'-m': ('armv4t', '0')}, host) # mock ldd to respond with ld-linux shared library - mock_command('ldd', {'/bin/ls': ('/lib/ld-linux.so.3', '0')}, host) + mock_command('ldd', {'/bin/bash': ('/lib/ld-linux.so.3', '0')}, host) detectPlatform = host.run(''' source /opt/pihole/basic-install.sh create_pihole_user @@ -733,7 +733,7 @@ def test_FTL_detect_armv5te_no_errors(host): # mock uname to return armv5te platform mock_command('uname', {'-m': ('armv5te', '0')}, host) # mock ldd to respond with ld-linux shared library - mock_command('ldd', {'/bin/ls': ('/lib/ld-linux.so.3', '0')}, host) + mock_command('ldd', {'/bin/bash': ('/lib/ld-linux.so.3', '0')}, host) detectPlatform = host.run(''' source /opt/pihole/basic-install.sh create_pihole_user @@ -757,7 +757,7 @@ def test_FTL_detect_armv6l_no_errors(host): # mock uname to return armv6l platform mock_command('uname', {'-m': ('armv6l', '0')}, host) # mock ldd to respond with ld-linux-armhf shared library - mock_command('ldd', {'/bin/ls': ('/lib/ld-linux-armhf.so.3', '0')}, host) + mock_command('ldd', {'/bin/bash': ('/lib/ld-linux-armhf.so.3', '0')}, host) detectPlatform = host.run(''' source /opt/pihole/basic-install.sh create_pihole_user @@ -782,7 +782,7 @@ def test_FTL_detect_armv7l_no_errors(host): # mock uname to return armv7l platform mock_command('uname', {'-m': ('armv7l', '0')}, host) # mock ldd to respond with ld-linux-armhf shared library - mock_command('ldd', {'/bin/ls': ('/lib/ld-linux-armhf.so.3', '0')}, host) + mock_command('ldd', {'/bin/bash': ('/lib/ld-linux-armhf.so.3', '0')}, host) detectPlatform = host.run(''' source /opt/pihole/basic-install.sh create_pihole_user @@ -807,7 +807,7 @@ def test_FTL_detect_armv8a_no_errors(host): # mock uname to return armv8a platform mock_command('uname', {'-m': ('armv8a', '0')}, host) # mock ldd to respond with ld-linux-armhf shared library - mock_command('ldd', {'/bin/ls': ('/lib/ld-linux-armhf.so.3', '0')}, host) + mock_command('ldd', {'/bin/bash': ('/lib/ld-linux-armhf.so.3', '0')}, host) detectPlatform = host.run(''' source /opt/pihole/basic-install.sh create_pihole_user From c9e76c978e1eaf0e0276258ee7188963e2aca771 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Sun, 17 Apr 2022 13:39:55 +0100 Subject: [PATCH 082/110] Update advanced/Scripts/webpage.sh Co-authored-by: yubiuser --- advanced/Scripts/webpage.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index 04c8cbee..de06d60c 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -155,7 +155,7 @@ ProcessDNSSettings() { if [ -z "${!var}" ]; then break; fi - addOrEditKeyValPair "${dnsmasqconfig}" "server" "${!var}" + addKey "${dnsmasqconfig}" "server=${!var}" (( COUNTER++ )) done From 9840148ba95678c7b9316e171fd2a4659a88c1d3 Mon Sep 17 00:00:00 2001 From: spmfox Date: Sun, 17 Apr 2022 14:52:05 -0400 Subject: [PATCH 083/110] Update automated install/basic-install.sh Co-authored-by: Dan Schaper --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index ced6ff2a..79b6d1fa 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -2216,7 +2216,7 @@ get_binary_name() { local rev rev=$(uname -m | sed "s/[^0-9]//g;") local lib - lib=$(ldd /bin/bash | grep -E '^\s*/lib' | awk '{ print $1 }') + lib=$(ldd $(which sh) | grep -E '^\s*/lib' | awk '{ print $1 }') if [[ "${lib}" == "/lib/ld-linux-aarch64.so.1" ]]; then printf "%b %b Detected AArch64 (64 Bit ARM) processor\\n" "${OVER}" "${TICK}" # set the binary to be used From 8de814ab34b34433e6faf3f74e43a67805ab1bd0 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Tue, 19 Apr 2022 18:35:00 +0100 Subject: [PATCH 084/110] Split the tests, too. Enhance the descriptions Signed-off-by: Adam Warner --- test/test_any_utils.py | 30 ++++++++++++++++++++++++------ 1 file changed, 24 insertions(+), 6 deletions(-) diff --git a/test/test_any_utils.py b/test/test_any_utils.py index 07feaf0f..b30ff7fd 100644 --- a/test/test_any_utils.py +++ b/test/test_any_utils.py @@ -1,29 +1,47 @@ def test_key_val_replacement_works(host): - ''' Confirms addOrEditKeyValPair provides the expected output ''' + ''' Confirms addOrEditKeyValPair either adds or replaces a key value pair in a given file ''' host.run(''' source /opt/pihole/utils.sh addOrEditKeyValPair "./testoutput" "KEY_ONE" "value1" addOrEditKeyValPair "./testoutput" "KEY_TWO" "value2" addOrEditKeyValPair "./testoutput" "KEY_ONE" "value3" addOrEditKeyValPair "./testoutput" "KEY_FOUR" "value4" - addKey "./testoutput" "KEY_FIVE_NO_VALUE" - addKey "./testoutput" "KEY_FIVE_NO_VALUE" ''') output = host.run(''' cat ./testoutput ''') - expected_stdout = 'KEY_ONE=value3\nKEY_TWO=value2\nKEY_FOUR=value4\nKEY_FIVE_NO_VALUE\n' + expected_stdout = 'KEY_ONE=value3\nKEY_TWO=value2\nKEY_FOUR=value4\n' assert expected_stdout == output.stdout -def test_key_val_removal_works(host): - ''' Confirms removeKey provides the expected output ''' +def test_key_addition_works(host): + ''' Confirms addKey adds a key (no value) to a file without duplicating it ''' + host.run(''' + source /opt/pihole/utils.sh + addKey "./testoutput" "KEY_ONE" + addKey "./testoutput" "KEY_ONE" + addKey "./testoutput" "KEY_TWO" + addKey "./testoutput" "KEY_TWO" + addKey "./testoutput" "KEY_THREE" + addKey "./testoutput" "KEY_THREE" + ''') + output = host.run(''' + cat ./testoutput + ''') + expected_stdout = 'KEY_ONE\nKEY_TWO\nKEY_THREE\n' + assert expected_stdout == output.stdout + + +def test_key_removal_works(host): + ''' Confirms removeKey removes a key or key/value pair ''' host.run(''' source /opt/pihole/utils.sh addOrEditKeyValPair "./testoutput" "KEY_ONE" "value1" addOrEditKeyValPair "./testoutput" "KEY_TWO" "value2" addOrEditKeyValPair "./testoutput" "KEY_THREE" "value3" + addKey "./testoutput" "KEY_FOUR" removeKey "./testoutput" "KEY_TWO" + removeKey "./testoutput" "KEY_FOUR" ''') output = host.run(''' cat ./testoutput From aba5e884ebe2caaade5d923b7b1ad0e4542e0433 Mon Sep 17 00:00:00 2001 From: jpgpi250 Date: Wed, 20 Apr 2022 10:19:44 +0200 Subject: [PATCH 085/110] Update gravity.sh Signed-off-by: jpgpi250 --- gravity.sh | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/gravity.sh b/gravity.sh index 9c11fa98..e347d334 100755 --- a/gravity.sh +++ b/gravity.sh @@ -528,7 +528,9 @@ parseList() { # 1. Remove all domains containing invalid characters. Valid are: a-z, A-Z, 0-9, dot (.), minus (-), underscore (_) # 2. Append ,adlistID to every line # 3. Ensures there is a newline on the last line - sed -e "/[^a-zA-Z0-9.\_-]/d;s/$/,${adlistID}/;/.$/a\\" "${src}" >> "${target}" + # sed -e "/[^a-zA-Z0-9.\_-]/d;s/$/,${adlistID}/;/.$/a\\" "${src}" >> "${target}" + # previous line modified 20/04/2022, see https://github.com/pi-hole/pi-hole/issues/4701 + sed -e "/[^a-zA-Z0-9.\_-]/d;s/\.$//;s/$/,${adlistID}/;/.$/a\\" "${src}" >> "${target}" # Find (up to) five domains containing invalid characters (see above) incorrect_lines="$(sed -e "/[^a-zA-Z0-9.\_-]/!d" "${src}" | head -n 5)" From 1c28da7bbd0a3da34787133a68fcf835847facb5 Mon Sep 17 00:00:00 2001 From: Peter Russell Date: Wed, 20 Apr 2022 10:43:39 +0200 Subject: [PATCH 086/110] Update gravity.sh Co-authored-by: yubiuser --- gravity.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/gravity.sh b/gravity.sh index e347d334..5c1d2bc1 100755 --- a/gravity.sh +++ b/gravity.sh @@ -527,7 +527,8 @@ parseList() { # This sed does the following things: # 1. Remove all domains containing invalid characters. Valid are: a-z, A-Z, 0-9, dot (.), minus (-), underscore (_) # 2. Append ,adlistID to every line - # 3. Ensures there is a newline on the last line + # 3. Remove trailing period (see https://github.com/pi-hole/pi-hole/issues/4701) + # 4. Ensures there is a newline on the last line # sed -e "/[^a-zA-Z0-9.\_-]/d;s/$/,${adlistID}/;/.$/a\\" "${src}" >> "${target}" # previous line modified 20/04/2022, see https://github.com/pi-hole/pi-hole/issues/4701 sed -e "/[^a-zA-Z0-9.\_-]/d;s/\.$//;s/$/,${adlistID}/;/.$/a\\" "${src}" >> "${target}" From 325f20d5c28ccb1ff4396b88b14b6a65b7dc7078 Mon Sep 17 00:00:00 2001 From: Peter Russell Date: Wed, 20 Apr 2022 10:43:56 +0200 Subject: [PATCH 087/110] Update gravity.sh Co-authored-by: yubiuser --- gravity.sh | 1 - 1 file changed, 1 deletion(-) diff --git a/gravity.sh b/gravity.sh index 5c1d2bc1..d4880c24 100755 --- a/gravity.sh +++ b/gravity.sh @@ -529,7 +529,6 @@ parseList() { # 2. Append ,adlistID to every line # 3. Remove trailing period (see https://github.com/pi-hole/pi-hole/issues/4701) # 4. Ensures there is a newline on the last line - # sed -e "/[^a-zA-Z0-9.\_-]/d;s/$/,${adlistID}/;/.$/a\\" "${src}" >> "${target}" # previous line modified 20/04/2022, see https://github.com/pi-hole/pi-hole/issues/4701 sed -e "/[^a-zA-Z0-9.\_-]/d;s/\.$//;s/$/,${adlistID}/;/.$/a\\" "${src}" >> "${target}" # Find (up to) five domains containing invalid characters (see above) From 052a1f294e73e0307b440ef3862a9e3e3f92d767 Mon Sep 17 00:00:00 2001 From: Peter Russell Date: Wed, 20 Apr 2022 10:44:05 +0200 Subject: [PATCH 088/110] Update gravity.sh Co-authored-by: yubiuser --- gravity.sh | 1 - 1 file changed, 1 deletion(-) diff --git a/gravity.sh b/gravity.sh index d4880c24..c5e9e414 100755 --- a/gravity.sh +++ b/gravity.sh @@ -529,7 +529,6 @@ parseList() { # 2. Append ,adlistID to every line # 3. Remove trailing period (see https://github.com/pi-hole/pi-hole/issues/4701) # 4. Ensures there is a newline on the last line - # previous line modified 20/04/2022, see https://github.com/pi-hole/pi-hole/issues/4701 sed -e "/[^a-zA-Z0-9.\_-]/d;s/\.$//;s/$/,${adlistID}/;/.$/a\\" "${src}" >> "${target}" # Find (up to) five domains containing invalid characters (see above) incorrect_lines="$(sed -e "/[^a-zA-Z0-9.\_-]/!d" "${src}" | head -n 5)" From 71072b4beb0e4356f64e3f24f5524c878d1cb756 Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Wed, 20 Apr 2022 10:21:24 -0700 Subject: [PATCH 089/110] Stickler quoting --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 79b6d1fa..5bf4dedf 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -2216,7 +2216,7 @@ get_binary_name() { local rev rev=$(uname -m | sed "s/[^0-9]//g;") local lib - lib=$(ldd $(which sh) | grep -E '^\s*/lib' | awk '{ print $1 }') + lib=$(ldd "$(which sh)" | grep -E '^\s*/lib' | awk '{ print $1 }') if [[ "${lib}" == "/lib/ld-linux-aarch64.so.1" ]]; then printf "%b %b Detected AArch64 (64 Bit ARM) processor\\n" "${OVER}" "${TICK}" # set the binary to be used From c19788dd18c27b7461402d0753062f0823452616 Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Wed, 20 Apr 2022 10:35:18 -0700 Subject: [PATCH 090/110] Mock `which sh` to reutrn `/bin/sh`. Check for `/bin/sh` library Signed-off-by: Dan Schaper --- test/test_any_automated_install.py | 39 ++++++++++++++++++------------ 1 file changed, 23 insertions(+), 16 deletions(-) diff --git a/test/test_any_automated_install.py b/test/test_any_automated_install.py index 1e65842b..41a939e0 100644 --- a/test/test_any_automated_install.py +++ b/test/test_any_automated_install.py @@ -675,17 +675,10 @@ def test_FTL_detect_aarch64_no_errors(host): ''' # mock uname to return aarch64 platform mock_command('uname', {'-m': ('aarch64', '0')}, host) + # mock `which sh` to return `/bin/sh` + mock_command('which', {'sh': ('/bin/sh', '0')}, host) # mock ldd to respond with aarch64 shared library - mock_command( - 'ldd', - { - '/bin/bash': ( - '/lib/ld-linux-aarch64.so.1', - '0' - ) - }, - host - ) + mock_command('ldd', {'/bin/sh': ('/lib/ld-linux-aarch64.so.1', '0')}, host) detectPlatform = host.run(''' source /opt/pihole/basic-install.sh create_pihole_user @@ -708,8 +701,10 @@ def test_FTL_detect_armv4t_no_errors(host): ''' # mock uname to return armv4t platform mock_command('uname', {'-m': ('armv4t', '0')}, host) - # mock ldd to respond with ld-linux shared library - mock_command('ldd', {'/bin/bash': ('/lib/ld-linux.so.3', '0')}, host) + # mock `which sh` to return `/bin/sh` + mock_command('which', {'sh': ('/bin/sh', '0')}, host) + # mock ldd to respond with armv4t shared library + mock_command('ldd', {'/bin/sh': ('/lib/ld-linux.so.3', '0')}, host) detectPlatform = host.run(''' source /opt/pihole/basic-install.sh create_pihole_user @@ -732,8 +727,10 @@ def test_FTL_detect_armv5te_no_errors(host): ''' # mock uname to return armv5te platform mock_command('uname', {'-m': ('armv5te', '0')}, host) + # mock `which sh` to return `/bin/sh` + mock_command('which', {'sh': ('/bin/sh', '0')}, host) # mock ldd to respond with ld-linux shared library - mock_command('ldd', {'/bin/bash': ('/lib/ld-linux.so.3', '0')}, host) + mock_command('ldd', {'/bin/sh': ('/lib/ld-linux.so.3', '0')}, host) detectPlatform = host.run(''' source /opt/pihole/basic-install.sh create_pihole_user @@ -757,7 +754,9 @@ def test_FTL_detect_armv6l_no_errors(host): # mock uname to return armv6l platform mock_command('uname', {'-m': ('armv6l', '0')}, host) # mock ldd to respond with ld-linux-armhf shared library - mock_command('ldd', {'/bin/bash': ('/lib/ld-linux-armhf.so.3', '0')}, host) + # mock `which sh` to return `/bin/sh` + mock_command('which', {'sh': ('/bin/sh', '0')}, host) + mock_command('ldd', {'/bin/sh': ('/lib/ld-linux-armhf.so.3', '0')}, host) detectPlatform = host.run(''' source /opt/pihole/basic-install.sh create_pihole_user @@ -782,7 +781,9 @@ def test_FTL_detect_armv7l_no_errors(host): # mock uname to return armv7l platform mock_command('uname', {'-m': ('armv7l', '0')}, host) # mock ldd to respond with ld-linux-armhf shared library - mock_command('ldd', {'/bin/bash': ('/lib/ld-linux-armhf.so.3', '0')}, host) + # mock `which sh` to return `/bin/sh` + mock_command('which', {'sh': ('/bin/sh', '0')}, host) + mock_command('ldd', {'/bin/sh': ('/lib/ld-linux-armhf.so.3', '0')}, host) detectPlatform = host.run(''' source /opt/pihole/basic-install.sh create_pihole_user @@ -806,8 +807,10 @@ def test_FTL_detect_armv8a_no_errors(host): ''' # mock uname to return armv8a platform mock_command('uname', {'-m': ('armv8a', '0')}, host) + # mock `which sh` to return `/bin/sh` + mock_command('which', {'sh': ('/bin/sh', '0')}, host) # mock ldd to respond with ld-linux-armhf shared library - mock_command('ldd', {'/bin/bash': ('/lib/ld-linux-armhf.so.3', '0')}, host) + mock_command('ldd', {'/bin/sh': ('/lib/ld-linux-armhf.so.3', '0')}, host) detectPlatform = host.run(''' source /opt/pihole/basic-install.sh create_pihole_user @@ -828,6 +831,8 @@ def test_FTL_detect_x86_64_no_errors(host): ''' confirms only x86_64 package is downloaded for FTL engine ''' + # mock `which sh` to return `/bin/sh` + mock_command('which', {'sh': ('/bin/sh', '0')}, host) detectPlatform = host.run(''' source /opt/pihole/basic-install.sh create_pihole_user @@ -848,6 +853,8 @@ def test_FTL_detect_unknown_no_errors(host): ''' confirms only generic package is downloaded for FTL engine ''' # mock uname to return generic platform mock_command('uname', {'-m': ('mips', '0')}, host) + # mock `which sh` to return `/bin/sh` + mock_command('which', {'sh': ('/bin/sh', '0')}, host) detectPlatform = host.run(''' source /opt/pihole/basic-install.sh create_pihole_user From d78c689e552d184b4e2d713f491fba93f9b4994a Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Thu, 21 Apr 2022 19:56:21 +0100 Subject: [PATCH 091/110] no more alphabetical order Signed-off-by: Adam Warner --- advanced/Scripts/utils.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/Scripts/utils.sh b/advanced/Scripts/utils.sh index f0a7cc37..bdd238c3 100755 --- a/advanced/Scripts/utils.sh +++ b/advanced/Scripts/utils.sh @@ -12,7 +12,7 @@ # Basic Housekeeping rules # - Functions must be self contained -# - Functions must be added in alphabetical order +# - Functions should be grouped with other similar functions # - Functions must be documented # - New functions must have a test added for them in test/test_any_utils.py From 6a0c6c4a9b25e39ccf6c2580db2b3257ddc0b69e Mon Sep 17 00:00:00 2001 From: Leon <82407168+sed-i@users.noreply.github.com> Date: Mon, 25 Apr 2022 18:55:27 -0400 Subject: [PATCH 092/110] Add example for custom DNS server with port number Signed-off-by: sed-i <82407168+sed-i@users.noreply.github.com> --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 835f0efc..f61f47ee 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -946,7 +946,7 @@ setDNS() { fi # Prompt the user to enter custom upstream servers - piholeDNS=$(whiptail --backtitle "Specify Upstream DNS Provider(s)" --inputbox "Enter your desired upstream DNS provider(s), separated by a comma.\\n\\nFor example '8.8.8.8, 8.8.4.4'" "${r}" "${c}" "${prePopulate}" 3>&1 1>&2 2>&3) || \ + piholeDNS=$(whiptail --backtitle "Specify Upstream DNS Provider(s)" --inputbox "Enter your desired upstream DNS provider(s), separated by a comma.\\n\\nFor example '8.8.8.8, 8.8.4.4' or '127.0.0.1#5335'" "${r}" "${c}" "${prePopulate}" 3>&1 1>&2 2>&3) || \ { printf " %bCancel was selected, exiting installer%b\\n" "${COL_LIGHT_RED}" "${COL_NC}"; exit 1; } # Clean user input and replace whitespace with comma. piholeDNS=$(sed 's/[, \t]\+/,/g' <<< "${piholeDNS}") From 2e2a3aa0482300320ead1ca7784da9eae06c256e Mon Sep 17 00:00:00 2001 From: yubiuser Date: Mon, 9 May 2022 17:14:16 +0200 Subject: [PATCH 093/110] Add port info to explanation text --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index f61f47ee..2ac713e8 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -946,7 +946,7 @@ setDNS() { fi # Prompt the user to enter custom upstream servers - piholeDNS=$(whiptail --backtitle "Specify Upstream DNS Provider(s)" --inputbox "Enter your desired upstream DNS provider(s), separated by a comma.\\n\\nFor example '8.8.8.8, 8.8.4.4' or '127.0.0.1#5335'" "${r}" "${c}" "${prePopulate}" 3>&1 1>&2 2>&3) || \ + piholeDNS=$(whiptail --backtitle "Specify Upstream DNS Provider(s)" --inputbox "Enter your desired upstream DNS provider(s), separated by a comma. If you want to specify a port other than 53, separate it with a hash.\\n\\nFor example '8.8.8.8, 8.8.4.4' or '127.0.0.1#5335'" "${r}" "${c}" "${prePopulate}" 3>&1 1>&2 2>&3) || \ { printf " %bCancel was selected, exiting installer%b\\n" "${COL_LIGHT_RED}" "${COL_NC}"; exit 1; } # Clean user input and replace whitespace with comma. piholeDNS=$(sed 's/[, \t]\+/,/g' <<< "${piholeDNS}") From f7c800863e5ab02e56150a02f06b99de645bb84f Mon Sep 17 00:00:00 2001 From: Omoeba <38597972+Omoeba@users.noreply.github.com> Date: Wed, 11 May 2022 11:57:42 -0700 Subject: [PATCH 094/110] Remove DHCPv6, use leasetime from interface (#4507) Signed-off-by: Omoeba <38597972+Omoeba@users.noreply.github.com> --- advanced/Scripts/webpage.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index de06d60c..aa5a28b1 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -440,7 +440,7 @@ dhcp-leasefile=/etc/pihole/dhcp.leases echo "#quiet-dhcp6 #enable-ra dhcp-option=option6:dns-server,[::] -dhcp-range=::100,::1ff,constructor:${interface},ra-names,slaac,64,3600 +dhcp-range=::,constructor:${interface},ra-names,ra-stateless,64 ra-param=*,0,0 " >> "${dhcpconfig}" fi From 0decc1252b75908f8d186ac060a6d819c4276dca Mon Sep 17 00:00:00 2001 From: yubiuser Date: Thu, 12 May 2022 01:03:44 +0200 Subject: [PATCH 095/110] Respect user configurable path for pid and port file in pihole-FTL.service (#4680) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Use pid file in pihole-FTL.service Signed-off-by: Christian König Co-authored-by: MichaIng --- advanced/Templates/pihole-FTL.service | 68 ++++++++++++++++++++++++--- 1 file changed, 61 insertions(+), 7 deletions(-) diff --git a/advanced/Templates/pihole-FTL.service b/advanced/Templates/pihole-FTL.service index 41ab8018..c45d0dc1 100644 --- a/advanced/Templates/pihole-FTL.service +++ b/advanced/Templates/pihole-FTL.service @@ -9,8 +9,55 @@ # Description: Enable service provided by pihole-FTL daemon ### END INIT INFO +# Global variables +FTLCONFFILE="/etc/pihole/pihole-FTL.conf" +DEFAULT_PID_FILE="/run/pihole-FTL.pid" +DEFAULT_PORT_FILE="/run/pihole-FTL.port" +FTL_PID='' + +# Get the file path of the pihole-FTL.pid file +getFTLPIDFile() { + if [ -s "${FTLCONFFILE}" ]; then + # if PIDFILE is not set in pihole-FTL.conf, use the default path + FTL_PID_FILE="$({ grep '^PIDFILE=' "${FTLCONFFILE}" || echo "${DEFAULT_PID_FILE}"; } | cut -d'=' -f2-)" + else + # if there is no pihole-FTL.conf, use the default path + FTL_PID_FILE="${DEFAULT_PID_FILE}" + fi +} + +# Get the PID of the FTL process based on the content of the pihole-FTL.pid file +getFTLPID() { + if [ -s "${FTL_PID_FILE}" ]; then + # -s: FILE exists and has a size greater than zero + FTL_PID="$(cat "${FTL_PID_FILE}")" + # Exploit prevention: unset the variable if there is malicious content + # Verify that the value read from the file is numeric + expr "${FTL_PID}" : "[^[:digit:]]" > /dev/null && unset FTL_PID + fi + + # If FTL is not running, or the PID file contains malicious stuff, substitute + # negative PID to signal this + FTL_PID=${FTL_PID:=-1} +} + +# Get the file path of the pihole-FTL.port file +getFTLPortFile() { + if [ -s "${FTLCONFFILE}" ]; then + # if PORTFILE is not set in pihole-FTL.conf, use the default path + FTL_PORT_FILE="$({ grep '^PORTFILE=' "${FTLCONFFILE}" || echo "${DEFAULT_PORT_FILE}"; } | cut -d'=' -f2-)" + else + # if there is no pihole-FTL.conf, use the default path + FTL_PORT_FILE="${DEFAULT_PORT_FILE}" +fi +} + + is_running() { - pgrep -xo "pihole-FTL" > /dev/null + if [ -d "/proc/${FTL_PID}" ]; then + return 0 + fi + return 1 } @@ -21,8 +68,8 @@ start() { else # Touch files to ensure they exist (create if non-existing, preserve if existing) mkdir -pm 0755 /run/pihole - [ ! -f /run/pihole-FTL.pid ] && install -m 644 -o pihole -g pihole /dev/null /run/pihole-FTL.pid - [ ! -f /run/pihole-FTL.port ] && install -m 644 -o pihole -g pihole /dev/null /run/pihole-FTL.port + [ ! -f "${FTL_PID_FILE}" ] && install -m 644 -o pihole -g pihole /dev/null "${FTL_PID_FILE}" + [ ! -f "${FTL_PORT_FILE}" ] && install -m 644 -o pihole -g pihole /dev/null "${FTL_PORT_FILE}" [ ! -f /var/log/pihole-FTL.log ] && install -m 644 -o pihole -g pihole /dev/null /var/log/pihole-FTL.log [ ! -f /var/log/pihole.log ] && install -m 644 -o pihole -g pihole /dev/null /var/log/pihole.log [ ! -f /etc/pihole/dhcp.leases ] && install -m 644 -o pihole -g pihole /dev/null /etc/pihole/dhcp.leases @@ -47,7 +94,7 @@ start() { # Stop the service stop() { if is_running; then - pkill -xo "pihole-FTL" + kill "${FTL_PID}" for i in 1 2 3 4 5; do if ! is_running; then break @@ -60,8 +107,7 @@ stop() { if is_running; then echo "Not stopped; may still be shutting down or shutdown may have failed, killing now" - pkill -xo -9 "pihole-FTL" - exit 1 + kill -9 "${FTL_PID}" else echo "Stopped" fi @@ -69,7 +115,7 @@ stop() { echo "Not running" fi # Cleanup - rm -f /run/pihole/FTL.sock /dev/shm/FTL-* + rm -f /run/pihole/FTL.sock /dev/shm/FTL-* "${FTL_PID_FILE}" "${FTL_PORT_FILE}" echo } @@ -86,6 +132,14 @@ status() { ### main logic ### + +# Get file paths +getFTLPIDFile +getFTLPortFile + +# Get FTL's current PID +getFTLPID + case "$1" in stop) stop From 36dd533ef3716730378eb386acbd30a1300ff0c9 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Sat, 5 Sep 2020 14:15:03 +0100 Subject: [PATCH 096/110] use directory /var/log/pihole/ for log storage Signed-off-by: Adam Warner --- advanced/01-pihole.conf | 2 +- advanced/Scripts/piholeLogFlush.sh | 18 +++++++++--------- advanced/Templates/logrotate | 4 ++-- advanced/Templates/pihole-FTL.service | 8 ++++---- advanced/Templates/pihole.cron | 2 +- manpages/pihole.8 | 6 +++--- pihole | 8 ++++---- 7 files changed, 24 insertions(+), 24 deletions(-) diff --git a/advanced/01-pihole.conf b/advanced/01-pihole.conf index 02bc93bf..1fb34905 100644 --- a/advanced/01-pihole.conf +++ b/advanced/01-pihole.conf @@ -37,6 +37,6 @@ interface=@INT@ cache-size=@CACHE_SIZE@ log-queries -log-facility=/var/log/pihole.log +log-facility=/var/log/pihole/pihole.log log-async diff --git a/advanced/Scripts/piholeLogFlush.sh b/advanced/Scripts/piholeLogFlush.sh index 57f901f5..60d5856b 100755 --- a/advanced/Scripts/piholeLogFlush.sh +++ b/advanced/Scripts/piholeLogFlush.sh @@ -31,7 +31,7 @@ if [ -z "$DBFILE" ]; then fi if [[ "$@" != *"quiet"* ]]; then - echo -ne " ${INFO} Flushing /var/log/pihole.log ..." + echo -ne " ${INFO} Flushing /var/log/pihole/pihole.log ..." fi if [[ "$@" == *"once"* ]]; then # Nightly logrotation @@ -44,9 +44,9 @@ if [[ "$@" == *"once"* ]]; then # Note that moving the file is not an option, as # dnsmasq would happily continue writing into the # moved file (it will have the same file handler) - cp -p /var/log/pihole.log /var/log/pihole.log.1 - echo " " > /var/log/pihole.log - chmod 644 /var/log/pihole.log + cp -p /var/log/pihole/pihole.log /var/log/pihole/pihole.log.1 + echo " " > /var/log/pihole/pihole.log + chmod 644 /var/log/pihole/pihole.log fi else # Manual flushing @@ -56,10 +56,10 @@ else /usr/sbin/logrotate --force --state "${STATEFILE}" /etc/pihole/logrotate else # Flush both pihole.log and pihole.log.1 (if existing) - echo " " > /var/log/pihole.log - if [ -f /var/log/pihole.log.1 ]; then - echo " " > /var/log/pihole.log.1 - chmod 644 /var/log/pihole.log.1 + echo " " > /var/log/pihole/pihole.log + if [ -f /var/log/pihole/pihole.log.1 ]; then + echo " " > /var/log/pihole/pihole.log.1 + chmod 644 /var/log/pihole/pihole.log.1 fi fi # Delete most recent 24 hours from FTL's database, leave even older data intact (don't wipe out all history) @@ -70,6 +70,6 @@ else fi if [[ "$@" != *"quiet"* ]]; then - echo -e "${OVER} ${TICK} Flushed /var/log/pihole.log" + echo -e "${OVER} ${TICK} Flushed /var/log/pihole/pihole.log" echo -e " ${TICK} Deleted ${deleted} queries from database" fi diff --git a/advanced/Templates/logrotate b/advanced/Templates/logrotate index ffed910b..eeeeeadd 100644 --- a/advanced/Templates/logrotate +++ b/advanced/Templates/logrotate @@ -1,4 +1,4 @@ -/var/log/pihole.log { +/var/log/pihole/pihole.log { # su # daily copytruncate @@ -9,7 +9,7 @@ nomail } -/var/log/pihole-FTL.log { +/var/log/pihole/pihole-FTL.log { # su # weekly copytruncate diff --git a/advanced/Templates/pihole-FTL.service b/advanced/Templates/pihole-FTL.service index c45d0dc1..448454e1 100644 --- a/advanced/Templates/pihole-FTL.service +++ b/advanced/Templates/pihole-FTL.service @@ -70,13 +70,13 @@ start() { mkdir -pm 0755 /run/pihole [ ! -f "${FTL_PID_FILE}" ] && install -m 644 -o pihole -g pihole /dev/null "${FTL_PID_FILE}" [ ! -f "${FTL_PORT_FILE}" ] && install -m 644 -o pihole -g pihole /dev/null "${FTL_PORT_FILE}" - [ ! -f /var/log/pihole-FTL.log ] && install -m 644 -o pihole -g pihole /dev/null /var/log/pihole-FTL.log - [ ! -f /var/log/pihole.log ] && install -m 644 -o pihole -g pihole /dev/null /var/log/pihole.log + [ ! -f /var/log/pihole/pihole-FTL.log ] && install -m 644 -o pihole -g pihole /dev/null /var/log/pihole/pihole-FTL.log + [ ! -f /var/log/pihole/pihole.log ] && install -m 644 -o pihole -g pihole /dev/null /var/log/pihole/pihole.log [ ! -f /etc/pihole/dhcp.leases ] && install -m 644 -o pihole -g pihole /dev/null /etc/pihole/dhcp.leases # Ensure that permissions are set so that pihole-FTL can edit all necessary files - chown pihole:pihole /run/pihole /etc/pihole /var/log/pihole.log /var/log/pihole.log /etc/pihole/dhcp.leases + chown pihole:pihole /run/pihole /etc/pihole /var/log/pihole/pihole-FTL.log /var/log/pihole/pihole.log /etc/pihole/dhcp.leases # Ensure that permissions are set so that pihole-FTL can edit the files. We ignore errors as the file may not (yet) exist - chmod -f 0644 /etc/pihole/macvendor.db /etc/pihole/dhcp.leases /var/log/pihole-FTL.log /var/log/pihole.log + chmod -f 0644 /etc/pihole/macvendor.db /etc/pihole/dhcp.leases /var/log/pihole/pihole-FTL.log /var/log/pihole/pihole.log # Chown database files to the user FTL runs as. We ignore errors as the files may not (yet) exist chown -f pihole:pihole /etc/pihole/pihole-FTL.db /etc/pihole/gravity.db /etc/pihole/macvendor.db # Chown database file permissions so that the pihole group (web interface) can edit the file. We ignore errors as the files may not (yet) exist diff --git a/advanced/Templates/pihole.cron b/advanced/Templates/pihole.cron index 37724d2e..46640fbb 100644 --- a/advanced/Templates/pihole.cron +++ b/advanced/Templates/pihole.cron @@ -18,7 +18,7 @@ # early morning. Download any updates from the adlists # Squash output to log, then splat the log to stdout on error to allow for # standard crontab job error handling. -59 1 * * 7 root PATH="$PATH:/usr/sbin:/usr/local/bin/" pihole updateGravity >/var/log/pihole_updateGravity.log || cat /var/log/pihole_updateGravity.log +59 1 * * 7 root PATH="$PATH:/usr/sbin:/usr/local/bin/" pihole updateGravity >/var/log/pihole/pihole_updateGravity.log || cat /var/log/pihole/pihole_updateGravity.log # Pi-hole: Flush the log daily at 00:00 # The flush script will use logrotate if available diff --git a/manpages/pihole.8 b/manpages/pihole.8 index aaaa8d7e..4b1e5154 100644 --- a/manpages/pihole.8 +++ b/manpages/pihole.8 @@ -187,12 +187,12 @@ Available commands and options: (Logging options): .br - on Enable the Pi-hole log at /var/log/pihole.log + on Enable the Pi-hole log at /var/log/pihole/pihole.log .br off Disable and flush the Pi-hole log at - /var/log/pihole.log + /var/log/pihole/pihole.log .br - off noflush Disable the Pi-hole log at /var/log/pihole.log + off noflush Disable the Pi-hole log at /var/log/pihole/pihole.log .br \fB-up, updatePihole\fR [--check-only] diff --git a/pihole b/pihole index f51fd956..965f6288 100755 --- a/pihole +++ b/pihole @@ -254,9 +254,9 @@ Example: 'pihole logging on' Specify whether the Pi-hole log should be used Options: - on Enable the Pi-hole log at /var/log/pihole.log - off Disable and flush the Pi-hole log at /var/log/pihole.log - off noflush Disable the Pi-hole log at /var/log/pihole.log" + on Enable the Pi-hole log at /var/log/pihole/pihole.log + off Disable and flush the Pi-hole log at /var/log/pihole/pihole.log + off noflush Disable the Pi-hole log at /var/log/pihole/pihole.log" exit 0 elif [[ "${1}" == "off" ]]; then # Disable logging @@ -382,7 +382,7 @@ tailFunc() { # Color blocklist/blacklist/wildcard entries as red # Color A/AAAA/DHCP strings as white # Color everything else as gray - tail -f /var/log/pihole.log | grep --line-buffered "${1}" | sed -E \ + tail -f /var/log/pihole/pihole.log | grep --line-buffered "${1}" | sed -E \ -e "s,($(date +'%b %d ')| dnsmasq\[[0-9]*\]),,g" \ -e "s,(.*(blacklisted |gravity blocked ).*),${COL_RED}&${COL_NC}," \ -e "s,.*(query\\[A|DHCP).*,${COL_NC}&${COL_NC}," \ From 82695aba7d2174a5bad4055bb46310e89ea5a687 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Sat, 5 Sep 2020 15:00:37 +0100 Subject: [PATCH 097/110] update LOG_DIRECTORY variable in debug script Signed-off-by: Adam Warner --- advanced/Scripts/piholeDebug.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index 844cbd23..f9417d5e 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -66,7 +66,7 @@ PIHOLE_DIRECTORY="/etc/pihole" PIHOLE_SCRIPTS_DIRECTORY="/opt/pihole" BIN_DIRECTORY="/usr/local/bin" RUN_DIRECTORY="/run" -LOG_DIRECTORY="/var/log" +LOG_DIRECTORY="/var/log/pihole" WEB_SERVER_LOG_DIRECTORY="${LOG_DIRECTORY}/lighttpd" WEB_SERVER_CONFIG_DIRECTORY="/etc/lighttpd" HTML_DIRECTORY="/var/www/html" From 9b9acfd4a71fd98b9c31ab63f36e7f4a3292917e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Sun, 15 May 2022 20:22:06 +0200 Subject: [PATCH 098/110] Remove log files from new location during uninstalling MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- automated install/uninstall.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/automated install/uninstall.sh b/automated install/uninstall.sh index 9d3fca31..a0bb2e5b 100755 --- a/automated install/uninstall.sh +++ b/automated install/uninstall.sh @@ -146,6 +146,7 @@ removeNoPurge() { ${SUDO} rm -f /etc/dnsmasq.d/01-pihole.conf &> /dev/null ${SUDO} rm -f /etc/dnsmasq.d/06-rfc6761.conf &> /dev/null ${SUDO} rm -rf /var/log/*pihole* &> /dev/null + ${SUDO} rm -rf /var/log/pihole/*pihole* &> /dev/null ${SUDO} rm -rf /etc/pihole/ &> /dev/null ${SUDO} rm -rf /etc/.pihole/ &> /dev/null ${SUDO} rm -rf /opt/pihole/ &> /dev/null From 0fa94e0946be0347ac9287cbbae219736144bc5a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Sun, 15 May 2022 20:26:25 +0200 Subject: [PATCH 099/110] Remove unused test which was commented since 5 years by PR 1244 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- test/test_any_automated_install.py | 17 ----------------- 1 file changed, 17 deletions(-) diff --git a/test/test_any_automated_install.py b/test/test_any_automated_install.py index 41a939e0..b31897a4 100644 --- a/test/test_any_automated_install.py +++ b/test/test_any_automated_install.py @@ -905,23 +905,6 @@ def test_FTL_binary_installed_and_responsive_no_errors(host): assert expected_stdout in installed_binary.stdout -# def test_FTL_support_files_installed(host): -# ''' -# confirms FTL support files are installed -# ''' -# support_files = host.run(''' -# source /opt/pihole/basic-install.sh -# FTLdetect -# stat -c '%a %n' /var/log/pihole-FTL.log -# stat -c '%a %n' /run/pihole-FTL.port -# stat -c '%a %n' /run/pihole-FTL.pid -# ls -lac /run -# ''') -# assert '644 /run/pihole-FTL.port' in support_files.stdout -# assert '644 /run/pihole-FTL.pid' in support_files.stdout -# assert '644 /var/log/pihole-FTL.log' in support_files.stdout - - def test_IPv6_only_link_local(host): ''' confirms IPv6 blocking is disabled for Link-local address From 09611039339f3534a0be4ece0ef666167f0f3294 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Sun, 15 May 2022 22:10:40 +0200 Subject: [PATCH 100/110] Add backward compatibility to FTL service by creating symlinks MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- advanced/Templates/pihole-FTL.service | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/advanced/Templates/pihole-FTL.service b/advanced/Templates/pihole-FTL.service index 448454e1..f03047ef 100644 --- a/advanced/Templates/pihole-FTL.service +++ b/advanced/Templates/pihole-FTL.service @@ -68,19 +68,26 @@ start() { else # Touch files to ensure they exist (create if non-existing, preserve if existing) mkdir -pm 0755 /run/pihole + mkdir -pm 0755 /var/log/pihole [ ! -f "${FTL_PID_FILE}" ] && install -m 644 -o pihole -g pihole /dev/null "${FTL_PID_FILE}" [ ! -f "${FTL_PORT_FILE}" ] && install -m 644 -o pihole -g pihole /dev/null "${FTL_PORT_FILE}" [ ! -f /var/log/pihole/pihole-FTL.log ] && install -m 644 -o pihole -g pihole /dev/null /var/log/pihole/pihole-FTL.log [ ! -f /var/log/pihole/pihole.log ] && install -m 644 -o pihole -g pihole /dev/null /var/log/pihole/pihole.log [ ! -f /etc/pihole/dhcp.leases ] && install -m 644 -o pihole -g pihole /dev/null /etc/pihole/dhcp.leases # Ensure that permissions are set so that pihole-FTL can edit all necessary files - chown pihole:pihole /run/pihole /etc/pihole /var/log/pihole/pihole-FTL.log /var/log/pihole/pihole.log /etc/pihole/dhcp.leases + chown pihole:pihole /run/pihole /etc/pihole /var/log/pihole /var/log/pihole/pihole-FTL.log /var/log/pihole/pihole.log /etc/pihole/dhcp.leases # Ensure that permissions are set so that pihole-FTL can edit the files. We ignore errors as the file may not (yet) exist chmod -f 0644 /etc/pihole/macvendor.db /etc/pihole/dhcp.leases /var/log/pihole/pihole-FTL.log /var/log/pihole/pihole.log # Chown database files to the user FTL runs as. We ignore errors as the files may not (yet) exist chown -f pihole:pihole /etc/pihole/pihole-FTL.db /etc/pihole/gravity.db /etc/pihole/macvendor.db # Chown database file permissions so that the pihole group (web interface) can edit the file. We ignore errors as the files may not (yet) exist chmod -f 0664 /etc/pihole/pihole-FTL.db + + # Backward compatibility for user-scripts that still expect log files in /var/log instead of /var/log/pihole/ + # Should be removed with Pi-hole v6.0 + [ ! -f /var/log/pihole.log ] && ln -s /var/log/pihole/pihole.log /var/log/pihole.log + [ ! -f /var/log/pihole/pihole-FTL.log ] && ln -s /var/log/pihole/pihole-FTL.log /var/log/pihole-FTL.log + if setcap CAP_NET_BIND_SERVICE,CAP_NET_RAW,CAP_NET_ADMIN,CAP_SYS_NICE,CAP_IPC_LOCK,CAP_CHOWN+eip "/usr/bin/pihole-FTL"; then su -s /bin/sh -c "/usr/bin/pihole-FTL" pihole else From 110e7525523710f7dc29498b744828418a03b7c4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Sun, 15 May 2022 22:30:17 +0200 Subject: [PATCH 101/110] Move existing log files MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- automated install/basic-install.sh | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 2ac713e8..ace56789 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -2528,6 +2528,14 @@ main() { # If no setting was found, default to 0 PRIVACY_LEVEL="${PRIVACY_LEVEL:-0}" fi + + # If this is an update from a previous Pi-hole installation + # we need to move any existing `pihole*` logs from `/var/log` to `/var/log/pihole` + # if /var/log/pihole.log is not a symlink (set durign FTL startup) move the files + # can be removed with Pi-hole v6.0 + if [ -f /var/log/pihole.log ] && [ ! -L /var/log/pihole.log ]; then + mv /var/log/pihole*.* /var/log/pihole/ 2>/dev/null + fi fi # Download or update the scripts by updating the appropriate git repos clone_or_update_repos From 2dd08f070e5c10fac9da9a780019eca7d7aa84ae Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Sun, 15 May 2022 23:30:02 +0200 Subject: [PATCH 102/110] Fix copy&paste error MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- advanced/Templates/pihole-FTL.service | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/Templates/pihole-FTL.service b/advanced/Templates/pihole-FTL.service index f03047ef..a70f37b5 100644 --- a/advanced/Templates/pihole-FTL.service +++ b/advanced/Templates/pihole-FTL.service @@ -86,7 +86,7 @@ start() { # Backward compatibility for user-scripts that still expect log files in /var/log instead of /var/log/pihole/ # Should be removed with Pi-hole v6.0 [ ! -f /var/log/pihole.log ] && ln -s /var/log/pihole/pihole.log /var/log/pihole.log - [ ! -f /var/log/pihole/pihole-FTL.log ] && ln -s /var/log/pihole/pihole-FTL.log /var/log/pihole-FTL.log + [ ! -f /var/log/pihole-FTL.log ] && ln -s /var/log/pihole/pihole-FTL.log /var/log/pihole-FTL.log if setcap CAP_NET_BIND_SERVICE,CAP_NET_RAW,CAP_NET_ADMIN,CAP_SYS_NICE,CAP_IPC_LOCK,CAP_CHOWN+eip "/usr/bin/pihole-FTL"; then su -s /bin/sh -c "/usr/bin/pihole-FTL" pihole From 60615e60aa96797ee64a1bea0c8ddcbef0a1192d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Wed, 18 May 2022 21:11:38 +0200 Subject: [PATCH 103/110] Make sure FTL is stopped before old logfiles are moved MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- automated install/basic-install.sh | 21 +++++++++++++-------- 1 file changed, 13 insertions(+), 8 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index ace56789..22abf60c 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -2528,14 +2528,6 @@ main() { # If no setting was found, default to 0 PRIVACY_LEVEL="${PRIVACY_LEVEL:-0}" fi - - # If this is an update from a previous Pi-hole installation - # we need to move any existing `pihole*` logs from `/var/log` to `/var/log/pihole` - # if /var/log/pihole.log is not a symlink (set durign FTL startup) move the files - # can be removed with Pi-hole v6.0 - if [ -f /var/log/pihole.log ] && [ ! -L /var/log/pihole.log ]; then - mv /var/log/pihole*.* /var/log/pihole/ 2>/dev/null - fi fi # Download or update the scripts by updating the appropriate git repos clone_or_update_repos @@ -2621,6 +2613,19 @@ main() { # Fixes a problem reported on Ubuntu 18.04 where trying to start # the service before enabling causes installer to exit enable_service pihole-FTL + + # If this is an update from a previous Pi-hole installation + # we need to move any existing `pihole*` logs from `/var/log` to `/var/log/pihole` + # if /var/log/pihole.log is not a symlink (set durign FTL startup) move the files + # can be removed with Pi-hole v6.0 + # To be sure FTL is not running when we move the files we explicitly stop it here + + stop_service pihole-FTL &> /dev/null + + if [ -f /var/log/pihole.log ] && [ ! -L /var/log/pihole.log ]; then + mv /var/log/pihole*.* /var/log/pihole/ 2>/dev/null + fi + restart_service pihole-FTL # Download and compile the aggregated block list From 08faf21b2e173094da6072b9276a63f0bf3ca6f7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Wed, 18 May 2022 22:06:36 +0200 Subject: [PATCH 104/110] Set file owner and permission to symlinks MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- advanced/Templates/pihole-FTL.service | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/advanced/Templates/pihole-FTL.service b/advanced/Templates/pihole-FTL.service index a70f37b5..6ef57380 100644 --- a/advanced/Templates/pihole-FTL.service +++ b/advanced/Templates/pihole-FTL.service @@ -85,8 +85,17 @@ start() { # Backward compatibility for user-scripts that still expect log files in /var/log instead of /var/log/pihole/ # Should be removed with Pi-hole v6.0 - [ ! -f /var/log/pihole.log ] && ln -s /var/log/pihole/pihole.log /var/log/pihole.log - [ ! -f /var/log/pihole-FTL.log ] && ln -s /var/log/pihole/pihole-FTL.log /var/log/pihole-FTL.log + if [ ! -f /var/log/pihole.log ]; then + ln -s /var/log/pihole/pihole.log /var/log/pihole.log + chown pihole:pihole /var/log/pihole.log + chmod -f 0644 /var/log/pihole.log + + fi + if [ ! -f /var/log/pihole-FTL.log ]; then + ln -s /var/log/pihole/pihole-FTL.log /var/log/pihole-FTL.log + chown pihole:pihole /var/log/pihole-FTL.log + chmod -f 0644 /var/log/pihole-FTL.log + fi if setcap CAP_NET_BIND_SERVICE,CAP_NET_RAW,CAP_NET_ADMIN,CAP_SYS_NICE,CAP_IPC_LOCK,CAP_CHOWN+eip "/usr/bin/pihole-FTL"; then su -s /bin/sh -c "/usr/bin/pihole-FTL" pihole From ce8731b74683ab1606c788e071154e1350774cbd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Wed, 18 May 2022 22:19:19 +0200 Subject: [PATCH 105/110] no-dereference MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- advanced/Templates/pihole-FTL.service | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/advanced/Templates/pihole-FTL.service b/advanced/Templates/pihole-FTL.service index 6ef57380..9b9b3a0a 100644 --- a/advanced/Templates/pihole-FTL.service +++ b/advanced/Templates/pihole-FTL.service @@ -87,14 +87,12 @@ start() { # Should be removed with Pi-hole v6.0 if [ ! -f /var/log/pihole.log ]; then ln -s /var/log/pihole/pihole.log /var/log/pihole.log - chown pihole:pihole /var/log/pihole.log - chmod -f 0644 /var/log/pihole.log + chown -h pihole:pihole /var/log/pihole.log fi if [ ! -f /var/log/pihole-FTL.log ]; then ln -s /var/log/pihole/pihole-FTL.log /var/log/pihole-FTL.log - chown pihole:pihole /var/log/pihole-FTL.log - chmod -f 0644 /var/log/pihole-FTL.log + chown -h pihole:pihole /var/log/pihole-FTL.log fi if setcap CAP_NET_BIND_SERVICE,CAP_NET_RAW,CAP_NET_ADMIN,CAP_SYS_NICE,CAP_IPC_LOCK,CAP_CHOWN+eip "/usr/bin/pihole-FTL"; then From b7742ddb9bc2a166878fd7125eebfc75e09c3aa4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Thu, 19 May 2022 06:17:46 +0200 Subject: [PATCH 106/110] Always install pihole-FTL.service file MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- automated install/basic-install.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 2ac713e8..faa1fd61 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1326,6 +1326,9 @@ installConfigs() { fi fi + # Install pihole-FTL.service + install -T -m 0755 "${PI_HOLE_LOCAL_REPO}/advanced/Templates/pihole-FTL.service" "/etc/init.d/pihole-FTL" + # If the user chose to install the dashboard, if [[ "${INSTALL_WEB_SERVER}" == true ]]; then # and if the Web server conf directory does not exist, @@ -2117,9 +2120,6 @@ FTLinstall() { # Move into the temp ftl directory pushd "$(mktemp -d)" > /dev/null || { printf "Unable to make temporary directory for FTL binary download\\n"; return 1; } - # Always replace pihole-FTL.service - install -T -m 0755 "${PI_HOLE_LOCAL_REPO}/advanced/Templates/pihole-FTL.service" "/etc/init.d/pihole-FTL" - local ftlBranch local url From 52c3df1a8ec6fb606034cc5a7202c4d6188e1748 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Sat, 28 May 2022 21:21:48 +0200 Subject: [PATCH 107/110] lighttpd log dir is now different than Pi-hole log dir MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- advanced/Scripts/piholeDebug.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index f9417d5e..78b5379a 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -67,7 +67,7 @@ PIHOLE_SCRIPTS_DIRECTORY="/opt/pihole" BIN_DIRECTORY="/usr/local/bin" RUN_DIRECTORY="/run" LOG_DIRECTORY="/var/log/pihole" -WEB_SERVER_LOG_DIRECTORY="${LOG_DIRECTORY}/lighttpd" +WEB_SERVER_LOG_DIRECTORY="/var/log/lighttpd" WEB_SERVER_CONFIG_DIRECTORY="/etc/lighttpd" HTML_DIRECTORY="/var/www/html" WEB_GIT_DIRECTORY="${HTML_DIRECTORY}/admin" From 3fa8f76d997cb6bb8caccbddff5fd9ac4b293783 Mon Sep 17 00:00:00 2001 From: yubiuser Date: Sun, 29 May 2022 16:15:18 +0200 Subject: [PATCH 108/110] Combine mkdir in service file Co-authored-by: MichaIng --- advanced/Templates/pihole-FTL.service | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/advanced/Templates/pihole-FTL.service b/advanced/Templates/pihole-FTL.service index 9b9b3a0a..11bbe1c9 100644 --- a/advanced/Templates/pihole-FTL.service +++ b/advanced/Templates/pihole-FTL.service @@ -67,8 +67,7 @@ start() { echo "pihole-FTL is already running" else # Touch files to ensure they exist (create if non-existing, preserve if existing) - mkdir -pm 0755 /run/pihole - mkdir -pm 0755 /var/log/pihole + mkdir -pm 0755 /run/pihole /var/log/pihole [ ! -f "${FTL_PID_FILE}" ] && install -m 644 -o pihole -g pihole /dev/null "${FTL_PID_FILE}" [ ! -f "${FTL_PORT_FILE}" ] && install -m 644 -o pihole -g pihole /dev/null "${FTL_PORT_FILE}" [ ! -f /var/log/pihole/pihole-FTL.log ] && install -m 644 -o pihole -g pihole /dev/null /var/log/pihole/pihole-FTL.log From dae96e738492cdb64380194405a52cfe0a50630c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Sun, 29 May 2022 21:04:18 +0200 Subject: [PATCH 109/110] Change lighttpd log file names MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- advanced/Scripts/piholeDebug.sh | 4 ++-- advanced/lighttpd.conf.debian | 4 ++-- advanced/lighttpd.conf.fedora | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index 844cbd23..41da4215 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -131,8 +131,8 @@ PIHOLE_LOG_GZIPS="${LOG_DIRECTORY}/pihole.log.[0-9].*" PIHOLE_DEBUG_LOG="${LOG_DIRECTORY}/pihole_debug.log" PIHOLE_FTL_LOG="$(get_ftl_conf_value "LOGFILE" "${LOG_DIRECTORY}/pihole-FTL.log")" -PIHOLE_WEB_SERVER_ACCESS_LOG_FILE="${WEB_SERVER_LOG_DIRECTORY}/access.log" -PIHOLE_WEB_SERVER_ERROR_LOG_FILE="${WEB_SERVER_LOG_DIRECTORY}/error.log" +PIHOLE_WEB_SERVER_ACCESS_LOG_FILE="${WEB_SERVER_LOG_DIRECTORY}/access-pihole.log" +PIHOLE_WEB_SERVER_ERROR_LOG_FILE="${WEB_SERVER_LOG_DIRECTORY}/error-pihole.log" RESOLVCONF="${ETC}/resolv.conf" DNSMASQ_CONF="${ETC}/dnsmasq.conf" diff --git a/advanced/lighttpd.conf.debian b/advanced/lighttpd.conf.debian index b8656a24..4231a0c9 100644 --- a/advanced/lighttpd.conf.debian +++ b/advanced/lighttpd.conf.debian @@ -28,12 +28,12 @@ server.modules = ( server.document-root = "/var/www/html" server.error-handler-404 = "/pihole/index.php" server.upload-dirs = ( "/var/cache/lighttpd/uploads" ) -server.errorlog = "/var/log/lighttpd/error.log" +server.errorlog = "/var/log/lighttpd/error-pihole.log" server.pid-file = "/run/lighttpd.pid" server.username = "www-data" server.groupname = "www-data" server.port = 80 -accesslog.filename = "/var/log/lighttpd/access.log" +accesslog.filename = "/var/log/lighttpd/access-pihole.log" accesslog.format = "%{%s}t|%V|%r|%s|%b" # Allow streaming response diff --git a/advanced/lighttpd.conf.fedora b/advanced/lighttpd.conf.fedora index 79d5f3b2..c3c94986 100644 --- a/advanced/lighttpd.conf.fedora +++ b/advanced/lighttpd.conf.fedora @@ -29,12 +29,12 @@ server.modules = ( server.document-root = "/var/www/html" server.error-handler-404 = "/pihole/index.php" server.upload-dirs = ( "/var/cache/lighttpd/uploads" ) -server.errorlog = "/var/log/lighttpd/error.log" +server.errorlog = "/var/log/lighttpd/error-pihole.log" server.pid-file = "/run/lighttpd.pid" server.username = "lighttpd" server.groupname = "lighttpd" server.port = 80 -accesslog.filename = "/var/log/lighttpd/access.log" +accesslog.filename = "/var/log/lighttpd/access-pihole.log" accesslog.format = "%{%s}t|%V|%r|%s|%b" # Allow streaming response From 300c7b151815b97c5e9843bbef9c1295df1c7c38 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Tue, 31 May 2022 14:11:39 +0200 Subject: [PATCH 110/110] Do not hardcode webroot dir for teleporter MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- advanced/Scripts/webpage.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index aa5a28b1..da7b5a10 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -650,7 +650,8 @@ Teleporter() { host="${host//./_}" filename="pi-hole-${host:-noname}-teleporter_${datetimestamp}.tar.gz" fi - php /var/www/html/admin/scripts/pi-hole/php/teleporter.php > "${filename}" + # webroot is sourced from basic-install above + php "${webroot}/admin/scripts/pi-hole/php/teleporter.php" > "${filename}" } checkDomain()