From afabb5957b5265385466eb960390c99c33956b27 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Thu, 15 Dec 2016 18:55:40 +0100 Subject: [PATCH 01/37] Implement backend for https://github.com/pi-hole/AdminLTE/pull/253 --- advanced/Scripts/webpage.sh | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index d07e5c94..3e686b93 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -212,6 +212,20 @@ SetDNSDomainName(){ } +ResolutionSettings() { + + typ=${args[2]} + state=${args[3]} + + if [[ "${typ}" == "forward" ]]; then + sed -i.bak '/API_GET_UPSTREAM_DNS_HOSTNAME/d;' /etc/pihole/setupVars.conf + echo "API_GET_UPSTREAM_DNS_HOSTNAME=${state}" >> /etc/pihole/setupVars.conf + elif [[ "${typ}" == "clients" ]]; then + sed -i.bak '/API_GET_CLIENT_HOSTNAME/d;' /etc/pihole/setupVars.conf + echo "API_GET_CLIENT_HOSTNAME=${state}" >> /etc/pihole/setupVars.conf + fi +} + case "${args[1]}" in "-p" | "password" ) SetWebPassword;; "-c" | "celsius" ) unit="C"; SetTemperatureUnit;; @@ -227,6 +241,7 @@ case "${args[1]}" in "layout" ) SetWebUILayout;; "-h" | "--help" ) helpFunc;; "domainname" ) SetDNSDomainName;; + "resolve" ) ResolutionSettings;; * ) helpFunc;; esac From efaee2b68bbb81987016b2a1d854f823ac346e00 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sat, 17 Dec 2016 23:32:50 +0100 Subject: [PATCH 02/37] Improvements for gravity (errors shouldn't be able to escape the black hole if even light cannot do this!) --- gravity.sh | 57 +++++++++++++++++++++++++++++++++++++++++------------- 1 file changed, 44 insertions(+), 13 deletions(-) diff --git a/gravity.sh b/gravity.sh index 58d0eef9..e81aaa87 100755 --- a/gravity.sh +++ b/gravity.sh @@ -104,16 +104,26 @@ gravity_collapse() { # patternCheck - check to see if curl downloaded any new files. gravity_patternCheck() { patternBuffer=$1 + success=$2 # check if the patternbuffer is a non-zero length file - if [[ -s "${patternBuffer}" ]]; then - # Some of the blocklists are copyright, they need to be downloaded - # and stored as is. They can be processed for content after they - # have been saved. - mv "${patternBuffer}" "${saveLocation}" - echo " List updated, transport successful!" + if [ $success = true ]; then + if [[ -s "${patternBuffer}" ]]; then + # Some of the blocklists are copyright, they need to be downloaded + # and stored as is. They can be processed for content after they + # have been saved. + mv "${patternBuffer}" "${saveLocation}" + echo "::: List updated, transport successful!" + else + # Empty file -> use previously downloaded list + echo "::: Received empty file, using cached one (list not updated!)" + fi else - # curl didn't download any host files, probably because of the date check - echo " No changes detected, transport skipped!" + # check if cached list exists + if [[ -r "${saveLocation}" ]]; then + echo "::: List download failed, using cached list (list not updated!)" + else + echo "::: Download failed and no cached list available (list will not be considered)" + fi fi } @@ -132,9 +142,27 @@ gravity_transport() { fi # Silently curl url - curl -s -L ${cmd_ext} ${heisenbergCompensator} -A "${agent}" ${url} > ${patternBuffer} - # Check for list updates - gravity_patternCheck "${patternBuffer}" + err=$(curl -s -L ${cmd_ext} ${heisenbergCompensator} -w %{http_code} -A "${agent}" ${url} -o ${patternBuffer}) + + echo " done" + # Analyze http response + echo -n "::: Status: " + case "$err" in + "200" ) echo "Success (OK)"; success=true;; + "304" ) echo "Not modified"; success=false;; + "403" ) echo "Forbidden"; success=false;; + "404" ) echo "Not found"; success=false;; + "408" ) echo "Time-out"; success=false;; + "451" ) echo "Unavailable For Legal Reasons"; success=false;; + "521" ) echo "Web Server Is Down (Cloudflare)"; success=false;; + "522" ) echo "Connection Timed Out (Cloudflare)"; success=false;; + "500" ) echo "Internal Server Error"; success=false;; + * ) echo "Status $err"; success=false;; + esac + + # Process result + gravity_patternCheck "${patternBuffer}" ${success} + } # spinup - main gravity function @@ -181,7 +209,10 @@ gravity_Schwarzchild() { echo -n "::: Aggregating list of domains..." truncate -s 0 ${piholeDir}/${matterAndLight} for i in "${activeDomains[@]}"; do - cat "${i}" | tr -d '\r' >> ${piholeDir}/${matterAndLight} + # Only assimilate list if it is available (download might have faild permanently) + if [[ -r "${i}" ]]; then + cat "${i}" | tr -d '\r' >> ${piholeDir}/${matterAndLight} + fi done echo " done!" } @@ -353,7 +384,7 @@ if [[ "${forceGrav}" == true ]]; then fi #Overwrite adlists.default from /etc/.pihole in case any changes have been made. Changes should be saved in /etc/adlists.list -cp /etc/.pihole/adlists.default /etc/pihole/adlists.default +#cp /etc/.pihole/adlists.default /etc/pihole/adlists.default gravity_collapse gravity_spinup if [[ "${skipDownload}" == false ]]; then From cd0c3f941804ea7f44912b8be2e8341b4a3ae2f2 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sat, 17 Dec 2016 23:46:28 +0100 Subject: [PATCH 03/37] Better output if file has not been downloaded because it has not been changed --- gravity.sh | 30 +++++++++++++++++------------- 1 file changed, 17 insertions(+), 13 deletions(-) diff --git a/gravity.sh b/gravity.sh index e81aaa87..b5a3765c 100755 --- a/gravity.sh +++ b/gravity.sh @@ -105,9 +105,13 @@ gravity_collapse() { gravity_patternCheck() { patternBuffer=$1 success=$2 - # check if the patternbuffer is a non-zero length file + error=$3 if [ $success = true ]; then - if [[ -s "${patternBuffer}" ]]; then + # check if download was successful but list has not been modified + if [ "${error}" == "304" ]; then + echo "::: No changes detected, transport skipped!" + # check if the patternbuffer is a non-zero length file + elif [[ -s "${patternBuffer}" ]]; then # Some of the blocklists are copyright, they need to be downloaded # and stored as is. They can be processed for content after they # have been saved. @@ -148,20 +152,20 @@ gravity_transport() { # Analyze http response echo -n "::: Status: " case "$err" in - "200" ) echo "Success (OK)"; success=true;; - "304" ) echo "Not modified"; success=false;; - "403" ) echo "Forbidden"; success=false;; - "404" ) echo "Not found"; success=false;; - "408" ) echo "Time-out"; success=false;; - "451" ) echo "Unavailable For Legal Reasons"; success=false;; - "521" ) echo "Web Server Is Down (Cloudflare)"; success=false;; - "522" ) echo "Connection Timed Out (Cloudflare)"; success=false;; - "500" ) echo "Internal Server Error"; success=false;; - * ) echo "Status $err"; success=false;; + "200" ) echo "Success (OK)"; success=true;; + "304" ) echo "Not modified"; success=true;; + "403" ) echo "Forbidden"; success=false;; + "404" ) echo "Not found"; success=false;; + "408" ) echo "Time-out"; success=false;; + "451" ) echo "Unavailable For Legal Reasons"; success=false;; + "521" ) echo "Web Server Is Down (Cloudflare)"; success=false;; + "522" ) echo "Connection Timed Out (Cloudflare)"; success=false;; + "500" ) echo "Internal Server Error"; success=false;; + * ) echo "Status $err"; success=false;; esac # Process result - gravity_patternCheck "${patternBuffer}" ${success} + gravity_patternCheck "${patternBuffer}" ${success} "${err}" } From 4244f716e0c7b029f4fe086135bad39d22297b00 Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Wed, 21 Dec 2016 22:59:14 -0800 Subject: [PATCH 04/37] Create /opt/pihole before trying to install into it. Signed-off-by: Dan Schaper --- automated install/basic-install.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 3dacdfff..b03b98d0 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -628,6 +628,7 @@ installScripts() { # Install files from local core repository if is_repo "${PI_HOLE_LOCAL_REPO}"; then cd "${PI_HOLE_LOCAL_REPO}" + install -o "${USER}" -Dm755 -d /opt/pihole install -o "${USER}" -Dm755 -t /opt/pihole/ gravity.sh install -o "${USER}" -Dm755 -t /opt/pihole/ ./advanced/Scripts/*.sh install -o "${USER}" -Dm755 -t /opt/pihole/ ./automated\ install/uninstall.sh From c9c28cb59afe904887a15412fe3a793466852aeb Mon Sep 17 00:00:00 2001 From: bcambl Date: Thu, 22 Dec 2016 03:33:32 -0600 Subject: [PATCH 05/37] replace 'git -C' with long version The -C argument was introduced in git 1.8.4. CentOS 7.3 at the time of this commit provides v1.8.3.1. see: https://git.kaarsemaker.net/git/commit/44e1e4d67d5148c245db362cc48c3cc6c2ec82ca/ Fixes #1004 --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 3dacdfff..9b19c19f 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -135,7 +135,7 @@ fi is_repo() { # Use git to check if directory is currently under VCS, return the value local directory="${1}" - git -C "${directory}" status --short &> /dev/null + (cd ${directory} && git status --short) &> /dev/null return } From cbf84c1840fecce74b8554058aa32e9b8b4dfd18 Mon Sep 17 00:00:00 2001 From: bcambl Date: Thu, 22 Dec 2016 04:32:42 -0600 Subject: [PATCH 06/37] replace subshell with command chain --- automated install/basic-install.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 9b19c19f..bb2de017 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -135,8 +135,8 @@ fi is_repo() { # Use git to check if directory is currently under VCS, return the value local directory="${1}" - (cd ${directory} && git status --short) &> /dev/null - return + curdir=$PWD; cd $directory; git status --short &> /dev/null; rc=$?; cd $curdir + return $rc } make_repo() { From 4626b8ced50d17a4cf2da0ee7a4b3bfcb14efa5d Mon Sep 17 00:00:00 2001 From: DL6ER Date: Thu, 22 Dec 2016 13:18:38 +0100 Subject: [PATCH 07/37] Removed fixed username from sudoers file --- advanced/pihole.sudo | 1 - 1 file changed, 1 deletion(-) diff --git a/advanced/pihole.sudo b/advanced/pihole.sudo index ef06249a..702bc7a5 100644 --- a/advanced/pihole.sudo +++ b/advanced/pihole.sudo @@ -9,4 +9,3 @@ # the Free Software Foundation, either version 2 of the License, or # (at your option) any later version. -www-data ALL=NOPASSWD: /usr/local/bin/pihole From 60054da582b4c7d980944b768cd96ce924ac8356 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Thu, 22 Dec 2016 13:26:11 +0100 Subject: [PATCH 08/37] Add lighttpd user (OS dependent) to sudoers file --- automated install/basic-install.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index b03b98d0..e99a914a 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -801,6 +801,8 @@ installPiholeWeb() { echo -n "::: Installing sudoer file..." mkdir -p /etc/sudoers.d/ cp /etc/.pihole/advanced/pihole.sudo /etc/sudoers.d/pihole + # Add lighttpd user (OS dependent) to sudoers file + echo "${LIGHTTPD_USER} ALL=NOPASSWD: /usr/local/bin/pihole" >> /etc/sudoers.d/pihole chmod 0440 /etc/sudoers.d/pihole echo " done!" } From e88f58c34ecba8969e458fbcc0e80e1204f0dde5 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Thu, 22 Dec 2016 18:45:53 +0100 Subject: [PATCH 09/37] Remove grpping for today's log entries, because we flush the log every day --- advanced/Scripts/chronometer.sh | 4 +--- advanced/Scripts/update.sh | 0 2 files changed, 1 insertion(+), 3 deletions(-) mode change 100644 => 100755 advanced/Scripts/update.sh diff --git a/advanced/Scripts/chronometer.sh b/advanced/Scripts/chronometer.sh index c4b3d865..97777802 100755 --- a/advanced/Scripts/chronometer.sh +++ b/advanced/Scripts/chronometer.sh @@ -15,8 +15,6 @@ piLog="/var/log/pihole.log" gravity="/etc/pihole/gravity.list" -today=$(date "+%b %e") - . /etc/pihole/setupVars.conf CalcBlockedDomains() { @@ -35,7 +33,7 @@ CalcBlockedDomains() { CalcQueriesToday() { if [ -e "${piLog}" ]; then - queriesToday=$(cat "${piLog}" | grep "${today}" | awk '/query/ {print $6}' | wc -l) + queriesToday=$(cat "${piLog}" | awk '/query/ {print $6}' | wc -l) else queriesToday="Err." fi diff --git a/advanced/Scripts/update.sh b/advanced/Scripts/update.sh old mode 100644 new mode 100755 From 9b0390c9da5ee21f87b3e99ab9a099a8b294c0cb Mon Sep 17 00:00:00 2001 From: DL6ER Date: Thu, 22 Dec 2016 18:53:44 +0100 Subject: [PATCH 10/37] Space to Tab --- advanced/Scripts/chronometer.sh | 2 +- advanced/Scripts/update.sh | 0 2 files changed, 1 insertion(+), 1 deletion(-) mode change 100755 => 100644 advanced/Scripts/update.sh diff --git a/advanced/Scripts/chronometer.sh b/advanced/Scripts/chronometer.sh index 97777802..a2482d0d 100755 --- a/advanced/Scripts/chronometer.sh +++ b/advanced/Scripts/chronometer.sh @@ -102,7 +102,7 @@ normalChrono() { echo "Blocking: ${blockedDomainsTotal}" echo "Queries: ${queriesToday}" #same total calculation as dashboard - echo "Pi-holed: ${blockedToday} (${percentBlockedToday}%)" + echo "Pi-holed: ${blockedToday} (${percentBlockedToday}%)" sleep 5 done diff --git a/advanced/Scripts/update.sh b/advanced/Scripts/update.sh old mode 100755 new mode 100644 From bcf8139708c529db7c2b76e88af7e5bcf1b4b42e Mon Sep 17 00:00:00 2001 From: DL6ER Date: Thu, 22 Dec 2016 18:55:14 +0100 Subject: [PATCH 11/37] Removed cat where we don't need it --- advanced/Scripts/chronometer.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/advanced/Scripts/chronometer.sh b/advanced/Scripts/chronometer.sh index a2482d0d..702ed1c9 100755 --- a/advanced/Scripts/chronometer.sh +++ b/advanced/Scripts/chronometer.sh @@ -33,7 +33,7 @@ CalcBlockedDomains() { CalcQueriesToday() { if [ -e "${piLog}" ]; then - queriesToday=$(cat "${piLog}" | awk '/query/ {print $6}' | wc -l) + queriesToday=$(awk '/query/ {print $6}' < "${piLog}" | wc -l) else queriesToday="Err." fi @@ -41,7 +41,7 @@ CalcQueriesToday() { CalcblockedToday() { if [ -e "${piLog}" ] && [ -e "${gravity}" ];then - blockedToday=$(cat ${piLog} | awk '/\/etc\/pihole\/gravity.list/ && !/address/ {print $6}' | wc -l) + blockedToday=$(awk '/\/etc\/pihole\/gravity.list/ && !/address/ {print $6}' < "${piLog}" | wc -l) else blockedToday="Err." fi From a4f58b0a22ff9e0afdaa08db34c771f3f6d98a4c Mon Sep 17 00:00:00 2001 From: DL6ER Date: Thu, 22 Dec 2016 19:09:37 +0100 Subject: [PATCH 12/37] Look for "query[" instead of "query" to avoid false-positives, like listed below root@raspberrypi:/etc/.pihole# grep 'query' /var/log/pihole.log | grep -v 'query\[' Dec 22 16:29:50 dnsmasq[30801]: forwarded code.jquery.com to 208.67.222.222 Dec 22 16:29:50 dnsmasq[30801]: reply code.jquery.com is Dec 22 16:29:50 dnsmasq[30801]: reply code.jquery.netdna-cdn.com is 94.31.29.54 Dec 22 16:29:50 dnsmasq[30801]: reply code.jquery.netdna-cdn.com is 23.111.11.3 Dec 22 16:29:50 dnsmasq[30801]: reply code.jquery.netdna-cdn.com is 198.232.125.113 --- advanced/Scripts/chronometer.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/Scripts/chronometer.sh b/advanced/Scripts/chronometer.sh index 702ed1c9..a28bb868 100755 --- a/advanced/Scripts/chronometer.sh +++ b/advanced/Scripts/chronometer.sh @@ -33,7 +33,7 @@ CalcBlockedDomains() { CalcQueriesToday() { if [ -e "${piLog}" ]; then - queriesToday=$(awk '/query/ {print $6}' < "${piLog}" | wc -l) + queriesToday=$(awk '/query\[/ {print $6}' < "${piLog}" | wc -l) else queriesToday="Err." fi From ea5ee7b0f96e1a0a68af1cd42160c04ab8c7ce78 Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Thu, 22 Dec 2016 11:30:36 -0800 Subject: [PATCH 13/37] Execute gravity in same shell as installer, don't subshell it. Signed-off-by: Dan Schaper --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 82ea64fd..33b1842d 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -822,7 +822,7 @@ runGravity() { rm /etc/pihole/list.* fi echo "::: Running gravity.sh" - /opt/pihole/gravity.sh + { /opt/pihole/gravity.sh; } } create_pihole_user() { From 513bc32d879ca8f106f60fc09db7a24d85c5c31d Mon Sep 17 00:00:00 2001 From: bcambl Date: Thu, 22 Dec 2016 19:57:13 -0600 Subject: [PATCH 14/37] is_repo: ensure directory exists --- automated install/basic-install.sh | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index b5ba93ba..48e98f14 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -135,8 +135,14 @@ fi is_repo() { # Use git to check if directory is currently under VCS, return the value local directory="${1}" - curdir=$PWD; cd $directory; git status --short &> /dev/null; rc=$?; cd $curdir - return $rc + if [ -d $directory ]; then + # git -C is not used here to support git versions older than 1.8.4 + curdir=$PWD; cd $directory; git status --short &> /dev/null; rc=$?; cd $curdir + return $rc + else + # non-zero return code if directory does not exist OR is not a valid git repository + return 1 + fi } make_repo() { From 5e53f484bedc4609c468bd61668671c17fd7a866 Mon Sep 17 00:00:00 2001 From: Adam Hill Date: Thu, 22 Dec 2016 22:00:17 -0600 Subject: [PATCH 15/37] Update pihole.cron Stop repeating the path. --- advanced/pihole.cron | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/advanced/pihole.cron b/advanced/pihole.cron index 8311acfb..cb9965f0 100644 --- a/advanced/pihole.cron +++ b/advanced/pihole.cron @@ -13,14 +13,15 @@ # scripts, any changes made to this file will be overwritten when the softare # is updated or re-installed. Please make any changes to the appropriate crontab # or other cron file snippets. +PATH="$PATH:/usr/local/bin/" # Pi-hole: Update the ad sources once a week on Sunday at 01:59 # Download any updates from the adlists -59 1 * * 7 root PATH="$PATH:/usr/local/bin/" pihole updateGravity +59 1 * * 7 root pihole updateGravity # Pi-hole: Update Pi-hole! Uncomment to enable auto update -#30 2 * * 7 root PATH="$PATH:/usr/local/bin/" pihole updatePihole +#30 2 * * 7 root pihole updatePihole # Pi-hole: Flush the log daily at 00:00 so it doesn't get out of control # Stats will be viewable in the Web interface thanks to the cron job above -00 00 * * * root PATH="$PATH:/usr/local/bin/" pihole flush +00 00 * * * root pihole flush From 1e7e3259b511a8d8a228906483ded06d2d28c83b Mon Sep 17 00:00:00 2001 From: bcambl Date: Thu, 22 Dec 2016 22:34:38 -0600 Subject: [PATCH 16/37] choose dns servers prior to interface configuration upstream DNS servers must be chosen prior interface configuration. Fixes #1019 --- automated install/basic-install.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index b5ba93ba..5bab5531 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1056,10 +1056,10 @@ main() { get_available_interfaces # Find interfaces and let the user choose one chooseInterface - # Let the user decide if they want to block ads over IPv4 and/or IPv6 - use4andor6 # Decide what upstream DNS Servers to use setDNS + # Let the user decide if they want to block ads over IPv4 and/or IPv6 + use4andor6 # Let the user decide if they want query logging enabled... setLogging From 6b7b0e0eb3d8cca341f2ea48f5c84a46257403e5 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Fri, 23 Dec 2016 16:00:48 +0100 Subject: [PATCH 17/37] Test if /etc/pihole/adlists.default exists --- automated install/basic-install.sh | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 48e98f14..0f7f0e7c 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -829,6 +829,10 @@ runGravity() { echo "::: Cleaning up previous install (preserving whitelist/blacklist)" rm /etc/pihole/list.* fi + # Test if /etc/pihole/adlists.default exists + if [[ ! -e /etc/pihole/adlists.default ]]; then + cp /etc/.pihole/adlists.default /etc/pihole/adlists.default + fi echo "::: Running gravity.sh" { /opt/pihole/gravity.sh; } } From afabf30ec6c663c80daeebe4954f7f2b7b4c982d Mon Sep 17 00:00:00 2001 From: DL6ER Date: Fri, 23 Dec 2016 16:57:51 +0100 Subject: [PATCH 18/37] Fix Fedora web UI support --- automated install/basic-install.sh | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 7e4f62ef..bb1704dc 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -809,6 +809,13 @@ installPiholeWeb() { cp /etc/.pihole/advanced/pihole.sudo /etc/sudoers.d/pihole # Add lighttpd user (OS dependent) to sudoers file echo "${LIGHTTPD_USER} ALL=NOPASSWD: /usr/local/bin/pihole" >> /etc/sudoers.d/pihole + + if [[ LIGHTTPD_USER == "lighttpd" ]]; then + # Allow executing pihole via sudo with Fedora + # Usually /usr/local/bin is not permitted as directory for sudoable programms + echo "Defaults secure_path = /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin" >> /etc/sudoers.d/pihole + fi + chmod 0440 /etc/sudoers.d/pihole echo " done!" } From c674a175eeeb94ec7c15706c8bc731ff3e8b8ed2 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Fri, 23 Dec 2016 17:02:56 +0100 Subject: [PATCH 19/37] Make grep case insensitive --- pihole | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pihole b/pihole index 5509df47..5a54fae4 100755 --- a/pihole +++ b/pihole @@ -72,9 +72,9 @@ scanList(){ list="${2}" method="${3}" if [[ ${method} == "-exact" ]] ; then - grep -E "(^|\s)${domain}($|\s)" "${list}" + grep -i -E "(^|\s)${domain}($|\s)" "${list}" else - grep "${domain}" "${list}" + grep -i "${domain}" "${list}" fi } From aa8e1497a315c5fdd59d7c7c465d62bd9ac9b87b Mon Sep 17 00:00:00 2001 From: DL6ER Date: Fri, 23 Dec 2016 17:12:38 +0100 Subject: [PATCH 20/37] Fixed error --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index bb1704dc..5156d733 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -810,7 +810,7 @@ installPiholeWeb() { # Add lighttpd user (OS dependent) to sudoers file echo "${LIGHTTPD_USER} ALL=NOPASSWD: /usr/local/bin/pihole" >> /etc/sudoers.d/pihole - if [[ LIGHTTPD_USER == "lighttpd" ]]; then + if [[ "$LIGHTTPD_USER" == "lighttpd" ]]; then # Allow executing pihole via sudo with Fedora # Usually /usr/local/bin is not permitted as directory for sudoable programms echo "Defaults secure_path = /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin" >> /etc/sudoers.d/pihole From 2fb0dc0a4a34ac1c4bab8aed0d5c17417d024bef Mon Sep 17 00:00:00 2001 From: bcambl Date: Fri, 23 Dec 2016 10:27:52 -0600 Subject: [PATCH 21/37] add warning if SELinux is Enforcing --- advanced/selinux/pihole.te | 87 ------------------------------ automated install/basic-install.sh | 36 ++++++------- 2 files changed, 18 insertions(+), 105 deletions(-) delete mode 100644 advanced/selinux/pihole.te diff --git a/advanced/selinux/pihole.te b/advanced/selinux/pihole.te deleted file mode 100644 index 595755dd..00000000 --- a/advanced/selinux/pihole.te +++ /dev/null @@ -1,87 +0,0 @@ -module pihole 1.0; - -require { - type var_log_t; - type unconfined_t; - type init_t; - type auditd_t; - type syslogd_t; - type NetworkManager_t; - type mdadm_t; - type tuned_t; - type avahi_t; - type irqbalance_t; - type system_dbusd_t; - type kernel_t; - type httpd_sys_script_t; - type systemd_logind_t; - type httpd_t; - type policykit_t; - type dnsmasq_t; - type udev_t; - type postfix_pickup_t; - type sshd_t; - type crond_t; - type getty_t; - type lvm_t; - type postfix_qmgr_t; - type postfix_master_t; - class dir { getattr search }; - class file { read open setattr }; -} - -#============= dnsmasq_t ============== -allow dnsmasq_t var_log_t:file { open setattr }; - -#============= httpd_t ============== -allow httpd_t var_log_t:file { read open }; - -#============= httpd_sys_script_t (class: dir) ============== -allow httpd_sys_script_t NetworkManager_t:dir { getattr search }; -allow httpd_sys_script_t auditd_t:dir { getattr search }; -allow httpd_sys_script_t avahi_t:dir { getattr search }; -allow httpd_sys_script_t crond_t:dir { getattr search }; -allow httpd_sys_script_t dnsmasq_t:dir { getattr search }; -allow httpd_sys_script_t getty_t:dir { getattr search }; -allow httpd_sys_script_t httpd_t:dir { getattr search }; -allow httpd_sys_script_t init_t:dir { getattr search }; -allow httpd_sys_script_t irqbalance_t:dir { getattr search }; -allow httpd_sys_script_t kernel_t:dir { getattr search }; -allow httpd_sys_script_t lvm_t:dir { getattr search }; -allow httpd_sys_script_t mdadm_t:dir { getattr search }; -allow httpd_sys_script_t policykit_t:dir { getattr search }; -allow httpd_sys_script_t postfix_master_t:dir { getattr search }; -allow httpd_sys_script_t postfix_pickup_t:dir { getattr search }; -allow httpd_sys_script_t postfix_qmgr_t:dir { getattr search }; -allow httpd_sys_script_t sshd_t:dir { getattr search }; -allow httpd_sys_script_t syslogd_t:dir { getattr search }; -allow httpd_sys_script_t system_dbusd_t:dir { getattr search }; -allow httpd_sys_script_t systemd_logind_t:dir { getattr search }; -allow httpd_sys_script_t tuned_t:dir { getattr search }; -allow httpd_sys_script_t udev_t:dir { getattr search }; -allow httpd_sys_script_t unconfined_t:dir { getattr search }; - -#============= httpd_sys_script_t (class: file) ============== -allow httpd_sys_script_t NetworkManager_t:file { read open }; -allow httpd_sys_script_t auditd_t:file { read open }; -allow httpd_sys_script_t avahi_t:file { read open }; -allow httpd_sys_script_t crond_t:file { read open }; -allow httpd_sys_script_t dnsmasq_t:file { read open }; -allow httpd_sys_script_t getty_t:file { read open }; -allow httpd_sys_script_t httpd_t:file { read open }; -allow httpd_sys_script_t init_t:file { read open }; -allow httpd_sys_script_t irqbalance_t:file { read open }; -allow httpd_sys_script_t kernel_t:file { read open }; -allow httpd_sys_script_t lvm_t:file { read open }; -allow httpd_sys_script_t mdadm_t:file { read open }; -allow httpd_sys_script_t policykit_t:file { read open }; -allow httpd_sys_script_t postfix_master_t:file { read open }; -allow httpd_sys_script_t postfix_pickup_t:file { read open }; -allow httpd_sys_script_t postfix_qmgr_t:file { read open }; -allow httpd_sys_script_t sshd_t:file { read open }; -allow httpd_sys_script_t syslogd_t:file { read open }; -allow httpd_sys_script_t system_dbusd_t:file { read open }; -allow httpd_sys_script_t systemd_logind_t:file { read open }; -allow httpd_sys_script_t tuned_t:file { read open }; -allow httpd_sys_script_t udev_t:file { read open }; -allow httpd_sys_script_t unconfined_t:file { read open }; diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 7e4f62ef..0b32950d 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -890,7 +890,6 @@ installPihole() { installScripts installConfigs CreateLogFile - configureSelinux installPiholeWeb installCron configureFirewall @@ -921,7 +920,6 @@ updatePihole() { installScripts installConfigs CreateLogFile - configureSelinux installPiholeWeb installCron configureFirewall @@ -929,23 +927,22 @@ updatePihole() { runGravity } -configureSelinux() { +checkSelinux() { if [ -x "$(command -v getenforce)" ]; then - printf "\n::: SELinux Detected\n" - printf ":::\tChecking for SELinux policy development packages..." - package_check_install "selinux-policy-devel" > /dev/null - echo " installed!" - printf ":::\tEnabling httpd server side includes (SSI).. " - setsebool -P httpd_ssi_exec on &> /dev/null && echo "Success" || echo "SELinux not enabled" - printf "\n:::\tCompiling Pi-Hole SELinux policy..\n" - if ! [ -x "$(command -v systemctl)" ]; then - sed -i.bak '/systemd/d' /etc/.pihole/advanced/selinux/pihole.te + printf "\n::: SELinux Support Detected.." + getenforce | grep 'Enforcing' + if [ $? -eq 0 ]; then + printf "\n::: SELinux is being Enforced on your system" + printf "\n::: WARNING: PiHole does not support SELinux at this time.." + read -r -p "Continue with SELinux Enforcing? [y/N]" continue + if [[ $continue =~ ^([yY][eE][sS]|[yY])$ ]] + then + printf "\n::: Continuing installation with SELinux Enforcing.." + printf "\n::: Please refer to official SELinux documentation to create a custom policy." + else + exit 1 + fi fi - checkmodule -M -m -o /etc/pihole/pihole.mod /etc/.pihole/advanced/selinux/pihole.te - semodule_package -o /etc/pihole/pihole.pp -m /etc/pihole/pihole.mod - semodule -i /etc/pihole/pihole.pp - rm -f /etc/pihole/pihole.mod - semodule -l | grep pihole &> /dev/null && echo "::: Installed Pi-Hole SELinux policy" || echo "::: Warning: Pi-Hole SELinux policy did not install." fi } @@ -1011,7 +1008,10 @@ update_dialogs() { } main() { -# Check arguments for the undocumented flags + # Check if SELinux is Enforcing + checkSelinux + + # Check arguments for the undocumented flags for var in "$@"; do case "$var" in "--reconfigure" ) reconfigure=true;; From 73a80ff7dca240db484e42514ec14b3bc4e7398c Mon Sep 17 00:00:00 2001 From: Mcat12 Date: Fri, 23 Dec 2016 11:51:34 -0500 Subject: [PATCH 22/37] Align installer output for updating repo --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 5156d733..57f06518 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -158,7 +158,7 @@ make_repo() { update_repo() { local directory="${1}" # Pull the latest commits - echo -n "::: Updating repo in $1..." + echo -n "::: Updating repo in $1..." cd "${directory}" || exit 1 git stash -q &> /dev/null git pull -q &> /dev/null From fdb64a57022f8ac9ff5d98aaa0a7c64d6288bbb8 Mon Sep 17 00:00:00 2001 From: Promofaux Date: Fri, 23 Dec 2016 16:53:42 +0000 Subject: [PATCH 23/37] untested convert user prompt to whiptail --- automated install/basic-install.sh | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 15a0a868..d8899ce3 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -934,16 +934,14 @@ updatePihole() { runGravity } + + checkSelinux() { if [ -x "$(command -v getenforce)" ]; then printf "\n::: SELinux Support Detected.." getenforce | grep 'Enforcing' if [ $? -eq 0 ]; then - printf "\n::: SELinux is being Enforced on your system" - printf "\n::: WARNING: PiHole does not support SELinux at this time.." - read -r -p "Continue with SELinux Enforcing? [y/N]" continue - if [[ $continue =~ ^([yY][eE][sS]|[yY])$ ]] - then + if (whiptail --title "SELinux Detected" --yesno "SELinux is being Enforced on your system. \n Pi-hole does not support SELinux at this time...\nContinue with SELinux Enforcing?" 8 78); then printf "\n::: Continuing installation with SELinux Enforcing.." printf "\n::: Please refer to official SELinux documentation to create a custom policy." else From a8897becd2d753ed16f8d68628e38c08f9a165c0 Mon Sep 17 00:00:00 2001 From: Promofaux Date: Fri, 23 Dec 2016 16:55:56 +0000 Subject: [PATCH 24/37] Make sure whiptail is installed... --- automated install/basic-install.sh | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index d8899ce3..61665fdb 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1013,8 +1013,6 @@ update_dialogs() { } main() { - # Check if SELinux is Enforcing - checkSelinux # Check arguments for the undocumented flags for var in "$@"; do @@ -1051,6 +1049,9 @@ main() { # Install packages used by this installation script install_dependent_packages INSTALLER_DEPS[@] + # Check if SELinux is Enforcing + checkSelinux + if [[ "${reconfigure}" == true ]]; then echo "::: --reconfigure passed to install script. Not downloading/updating local repos" else From 662d4506514543a596810a77b3dcf25239f438d5 Mon Sep 17 00:00:00 2001 From: Promofaux Date: Fri, 23 Dec 2016 16:58:58 +0000 Subject: [PATCH 25/37] adjust size of whiptail dialog --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 61665fdb..1b1070e2 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -941,7 +941,7 @@ checkSelinux() { printf "\n::: SELinux Support Detected.." getenforce | grep 'Enforcing' if [ $? -eq 0 ]; then - if (whiptail --title "SELinux Detected" --yesno "SELinux is being Enforced on your system. \n Pi-hole does not support SELinux at this time...\nContinue with SELinux Enforcing?" 8 78); then + if (whiptail --title "SELinux Detected" --yesno "SELinux is being Enforced on your system. \nPi-hole does not support SELinux at this time...\nContinue with SELinux Enforcing?" ${r} ${c}); then printf "\n::: Continuing installation with SELinux Enforcing.." printf "\n::: Please refer to official SELinux documentation to create a custom policy." else From c45c3a72b517767cc7f11fc0804ce09812ae3a03 Mon Sep 17 00:00:00 2001 From: Promofaux Date: Fri, 23 Dec 2016 17:06:33 +0000 Subject: [PATCH 26/37] words words words --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 1b1070e2..98376e76 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -941,7 +941,7 @@ checkSelinux() { printf "\n::: SELinux Support Detected.." getenforce | grep 'Enforcing' if [ $? -eq 0 ]; then - if (whiptail --title "SELinux Detected" --yesno "SELinux is being Enforced on your system. \nPi-hole does not support SELinux at this time...\nContinue with SELinux Enforcing?" ${r} ${c}); then + if (whiptail --title "SELinux Detected" --yesno "SELinux is being Enforced on your system!\n\nPi-hole currently does not support SELinux, but you may still continue with the installation.\n\nNote: Admin UI Will not function fully without setting your policies correctly\n\nContinue installing Pi-hole?" ${r} ${c}); then printf "\n::: Continuing installation with SELinux Enforcing.." printf "\n::: Please refer to official SELinux documentation to create a custom policy." else From 00aff6a906dcef87382b50c0238626b20022faa6 Mon Sep 17 00:00:00 2001 From: Promofaux Date: Fri, 23 Dec 2016 17:16:03 +0000 Subject: [PATCH 27/37] maybe --- automated install/basic-install.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 98376e76..56960d24 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -939,8 +939,8 @@ updatePihole() { checkSelinux() { if [ -x "$(command -v getenforce)" ]; then printf "\n::: SELinux Support Detected.." - getenforce | grep 'Enforcing' - if [ $? -eq 0 ]; then + enforceMode=$(getenforce) + if [[ "${enforceMode}" == "Enforcing" ]]; then if (whiptail --title "SELinux Detected" --yesno "SELinux is being Enforced on your system!\n\nPi-hole currently does not support SELinux, but you may still continue with the installation.\n\nNote: Admin UI Will not function fully without setting your policies correctly\n\nContinue installing Pi-hole?" ${r} ${c}); then printf "\n::: Continuing installation with SELinux Enforcing.." printf "\n::: Please refer to official SELinux documentation to create a custom policy." From 15c674ba293b31bf45d1eb050c1ced9cb2cf430a Mon Sep 17 00:00:00 2001 From: Promofaux Date: Fri, 23 Dec 2016 17:20:33 +0000 Subject: [PATCH 28/37] verbosity --- automated install/basic-install.sh | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 56960d24..82ea6cb1 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -938,13 +938,16 @@ updatePihole() { checkSelinux() { if [ -x "$(command -v getenforce)" ]; then - printf "\n::: SELinux Support Detected.." + echo -n "\n::: SELinux Support Detected... Mode: " enforceMode=$(getenforce) + echo "${enforceMode}" if [[ "${enforceMode}" == "Enforcing" ]]; then - if (whiptail --title "SELinux Detected" --yesno "SELinux is being Enforced on your system!\n\nPi-hole currently does not support SELinux, but you may still continue with the installation.\n\nNote: Admin UI Will not function fully without setting your policies correctly\n\nContinue installing Pi-hole?" ${r} ${c}); then + echo "Enforcing" + if (whiptail --title "SELinux Enforcing Detected" --yesno "SELinux is being Enforced on your system!\n\nPi-hole currently does not support SELinux, but you may still continue with the installation.\n\nNote: Admin UI Will not function fully without setting your policies correctly\n\nContinue installing Pi-hole?" ${r} ${c}); then printf "\n::: Continuing installation with SELinux Enforcing.." printf "\n::: Please refer to official SELinux documentation to create a custom policy." else + printf "\n::: Not continuing install after SELinux Enforcing detected" exit 1 fi fi From 4c131b8c282465a6a7b3470f7236ba7910870922 Mon Sep 17 00:00:00 2001 From: Promofaux Date: Fri, 23 Dec 2016 17:21:23 +0000 Subject: [PATCH 29/37] newlines --- automated install/basic-install.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 82ea6cb1..e5f37152 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -938,7 +938,8 @@ updatePihole() { checkSelinux() { if [ -x "$(command -v getenforce)" ]; then - echo -n "\n::: SELinux Support Detected... Mode: " + echo ":::" + echo -n "::: SELinux Support Detected... Mode: " enforceMode=$(getenforce) echo "${enforceMode}" if [[ "${enforceMode}" == "Enforcing" ]]; then From 754f3359ec3018d1757cc5c8684fb5bd54c3dc69 Mon Sep 17 00:00:00 2001 From: Promofaux Date: Fri, 23 Dec 2016 17:22:31 +0000 Subject: [PATCH 30/37] too many echos spoil the branch --- automated install/basic-install.sh | 1 - 1 file changed, 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index e5f37152..7aaf470c 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -943,7 +943,6 @@ checkSelinux() { enforceMode=$(getenforce) echo "${enforceMode}" if [[ "${enforceMode}" == "Enforcing" ]]; then - echo "Enforcing" if (whiptail --title "SELinux Enforcing Detected" --yesno "SELinux is being Enforced on your system!\n\nPi-hole currently does not support SELinux, but you may still continue with the installation.\n\nNote: Admin UI Will not function fully without setting your policies correctly\n\nContinue installing Pi-hole?" ${r} ${c}); then printf "\n::: Continuing installation with SELinux Enforcing.." printf "\n::: Please refer to official SELinux documentation to create a custom policy." From 972598503769bab811811d8732f72659545cee6f Mon Sep 17 00:00:00 2001 From: Promofaux Date: Fri, 23 Dec 2016 17:24:33 +0000 Subject: [PATCH 31/37] printf to echo. idgaf --- automated install/basic-install.sh | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 7aaf470c..165ed5f3 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -944,10 +944,12 @@ checkSelinux() { echo "${enforceMode}" if [[ "${enforceMode}" == "Enforcing" ]]; then if (whiptail --title "SELinux Enforcing Detected" --yesno "SELinux is being Enforced on your system!\n\nPi-hole currently does not support SELinux, but you may still continue with the installation.\n\nNote: Admin UI Will not function fully without setting your policies correctly\n\nContinue installing Pi-hole?" ${r} ${c}); then - printf "\n::: Continuing installation with SELinux Enforcing.." - printf "\n::: Please refer to official SELinux documentation to create a custom policy." + echo ":::" + echo "::: Continuing installation with SELinux Enforcing.." + echo "::: Please refer to official SELinux documentation to create a custom policy." else - printf "\n::: Not continuing install after SELinux Enforcing detected" + echo ":::" + echo "::: Not continuing install after SELinux Enforcing detected" exit 1 fi fi From abd1fedc9d2e7adbc51fc3ff83a051e23dfead70 Mon Sep 17 00:00:00 2001 From: Promofaux Date: Fri, 23 Dec 2016 17:25:55 +0000 Subject: [PATCH 32/37] . --- automated install/basic-install.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 165ed5f3..058a57e9 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -945,11 +945,11 @@ checkSelinux() { if [[ "${enforceMode}" == "Enforcing" ]]; then if (whiptail --title "SELinux Enforcing Detected" --yesno "SELinux is being Enforced on your system!\n\nPi-hole currently does not support SELinux, but you may still continue with the installation.\n\nNote: Admin UI Will not function fully without setting your policies correctly\n\nContinue installing Pi-hole?" ${r} ${c}); then echo ":::" - echo "::: Continuing installation with SELinux Enforcing.." + echo "::: Continuing installation with SELinux Enforcing." echo "::: Please refer to official SELinux documentation to create a custom policy." else echo ":::" - echo "::: Not continuing install after SELinux Enforcing detected" + echo "::: Not continuing install after SELinux Enforcing detected." exit 1 fi fi From fc8fcdbece3de9920c085a2d064f55b137c9893d Mon Sep 17 00:00:00 2001 From: Mcat12 Date: Fri, 23 Dec 2016 12:28:18 -0500 Subject: [PATCH 33/37] Add newline --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 058a57e9..0c28f725 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -949,7 +949,7 @@ checkSelinux() { echo "::: Please refer to official SELinux documentation to create a custom policy." else echo ":::" - echo "::: Not continuing install after SELinux Enforcing detected." + echo "::: Not continuing install after SELinux Enforcing detected.\n" exit 1 fi fi From 54afffed19694fb24891be047c4b9d918f28a353 Mon Sep 17 00:00:00 2001 From: Mcat12 Date: Fri, 23 Dec 2016 12:30:33 -0500 Subject: [PATCH 34/37] Remove newline Issue was already fixed --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 0c28f725..058a57e9 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -949,7 +949,7 @@ checkSelinux() { echo "::: Please refer to official SELinux documentation to create a custom policy." else echo ":::" - echo "::: Not continuing install after SELinux Enforcing detected.\n" + echo "::: Not continuing install after SELinux Enforcing detected." exit 1 fi fi From 9a62026830ca29de780c11b85951ddb75159a72e Mon Sep 17 00:00:00 2001 From: Promofaux Date: Fri, 23 Dec 2016 19:27:02 +0000 Subject: [PATCH 35/37] remove `DNS_BOGUS_PRIV` from setupVars.conf --- advanced/Scripts/webpage.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index f6f8606f..38e82c14 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -69,7 +69,7 @@ SetWebPassword(){ SetDNSServers(){ # Remove setting from file (create backup setupVars.conf.bak) - sed -i.bak '/PIHOLE_DNS_1/d;/PIHOLE_DNS_2/d;/DNS_FQDN_REQUIRED/d;' /etc/pihole/setupVars.conf + sed -i.bak '/PIHOLE_DNS_1/d;/PIHOLE_DNS_2/d;/DNS_FQDN_REQUIRED/d;/DNS_BOGUS_PRIV/d;' /etc/pihole/setupVars.conf # Save setting to file echo "PIHOLE_DNS_1=${args[2]}" >> /etc/pihole/setupVars.conf if [[ "${args[3]}" != "none" ]]; then From ce2e410468086284eae9208330f5ec9351dc5547 Mon Sep 17 00:00:00 2001 From: Promofaux Date: Fri, 23 Dec 2016 19:39:37 +0000 Subject: [PATCH 36/37] Accidentally a word. Updated link --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index c982354c..311c8704 100644 --- a/README.md +++ b/README.md @@ -10,7 +10,7 @@ ## The multi-platform, network-wide ad blocker -Block ads for **all** your devices _without_ the need to install client-side software. The Pi-hole blocks ads the DNS-level, so all your devices are protected. +Block ads for **all** your devices _without_ the need to install client-side software. The Pi-hole blocks ads at the DNS-level, so all your devices are protected. - Web Browsers - Cell Phones @@ -53,7 +53,7 @@ wget -O basic-install.sh https://install.pi-hole.net bash basic-install.sh ``` -Once installed, [configure your router to have **DHCP clients use the Pi as their DNS server**](http://pi-hole.net/faq/can-i-set-the-pi-hole-to-be-the-dns-server-at-my-router-so-i-dont-have-to-change-settings-for-my-devices/) and then any device that connects to your network will have ads blocked without any further configuration. Alternatively, you can manually set each device to [use the Raspberry Pi as its DNS server](http://pi-hole.net/faq/how-do-i-use-the-pi-hole-as-my-dns-server/). +Once installed, [configure your router to have **DHCP clients use the Pi as their DNS server**](https://discourse.pi-hole.net/t/how-do-i-configure-my-devices-to-use-pi-hole-as-their-dns-server/245) and then any device that connects to your network will have ads blocked without any further configuration. Alternatively, you can manually set each device to [use the Raspberry Pi as its DNS server](http://pi-hole.net/faq/how-do-i-use-the-pi-hole-as-my-dns-server/). ## Installing the Pi-hole (Click to Watch!)

From d89254fedfee66067f2e09629ca4ca170a7b297f Mon Sep 17 00:00:00 2001 From: Promofaux Date: Fri, 23 Dec 2016 19:49:39 +0000 Subject: [PATCH 37/37] replace 1-10 checkboxes to tidy up appearance --- .github/ISSUE_TEMPLATE.md | 11 +---------- .github/PULL_REQUEST_TEMPLATE.md | 11 +---------- 2 files changed, 2 insertions(+), 20 deletions(-) diff --git a/.github/ISSUE_TEMPLATE.md b/.github/ISSUE_TEMPLATE.md index 07fc4352..c985b972 100644 --- a/.github/ISSUE_TEMPLATE.md +++ b/.github/ISSUE_TEMPLATE.md @@ -6,16 +6,7 @@ **How familiar are you with the codebase?:** -- [] 1 (very unfamiliar) -- [] 2 -- [] 3 -- [] 4 -- [] 5 -- [] 6 -- [] 7 -- [] 8 -- [] 9 -- [] 10 (very familiar) +_{replace this text with a number from 1 to 10, with 1 being not familiar, and 10 being very familiar}_ --- **[FEATURE REQUEST | QUESTION | OTHER]:** diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md index 9d6310d0..424bbc78 100644 --- a/.github/PULL_REQUEST_TEMPLATE.md +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -10,16 +10,7 @@ **How familiar are you with the codebase?:** -- [] 1 (very unfamiliar) -- [] 2 -- [] 3 -- [] 4 -- [] 5 -- [] 6 -- [] 7 -- [] 8 -- [] 9 -- [] 10 (very familiar) +_{replace this text with a number from 1 to 10, with 1 being not familiar, and 10 being very familiar}_ --- _{replace this line with your pull request content}_