The statement "All dependencies are safe to remove on Raspbian" has been added at a time where a much smaller list of dependencies were installed, all indeed relatively safe to purge. Nowadays this list has grown and includes important system packages, like iproute2, psmisc, sudo, curl and others, which are often again dependencies of other packages, like network stacks (ifupdown) and others, so that inexperienced users, following that statement, may break their systems network capabilities and more.
This message has hence been removed.
Signed-off-by: MichaIng <micha@dietpi.com>
sysconfig network scripts are missing on pure NetworkManager installs.
This commit touches a placeholder to allow the network configuration to
be generated and loaded via NetworkManager.
Signed-off-by: bcambl <blayne@blaynecampbell.com>
- "apt-cache show package" succeeds as well if package is listed as (optional) dependency or conflict by another package, hence is not a 100% reliable measure.
- There is no command which explicitly checks which package/name can be selected by apt-get for install. An install simulation/dry-run is possible as it was before Pi-hole v5.1, or the whole package cache can be scraped, which is still the less time consuming solution.
- Allow to succeed if another package "provides" it, like "php7.3-apcu" provided by "php-apcu" or "awk" provided by "mawk" and "gawk", in which case the non-virtual package is selected automatically by apt-get.
For reference: 066b89fa41
Signed-off-by: MichaIng <micha@dietpi.com>
+ Do not ask to install the web server, if the web interface has been deselected before.
+ Add additional info, that PHP modules need to be installed manually, when web server is deselected and the web server user needs to be member of the "pihole" group.
+ Consequently use webroot variable instead of /var/www/html
Signed-off-by: MichaIng <micha@dietpi.com>
If an user installs Pi-hole without selecting any adlists, the installer emits a warning and exits. By touching the file this is prevented.
Signed-off-by: jesterchen <github@jesterweb.de>
* use https when possible
* replace coverage with a link to the docs page in README.md
* remove obsolete affiliate link in README.md
Signed-off-by: XhmikosR <xhmikosr@gmail.com>
"$network" on a systemd-driven OS leads to "After=network-online.target" in the generated systemd unit.
This target is no guarantee that all network interfaces have been fully configured, as it depends on the related network services types, but at least it reduces the risk that those have not fully finished their job when pihole-FTL starts. If this is the case, certain issues can occur:
- https://github.com/pi-hole/pi-hole/issues/2924
- https://discourse.pi-hole.net/t/have-to-pihole-restartdns-after-reboot/28772
Runtime files are now consistently created in "/run" instead of "/var/run". The second is a symlink to the first for backwards compatibility but on none-ancient distro versions one should use "/run", systemd even prints a warnings if service files use "/var/run". The service file used "/run" and "/var/run" both, in cases for the same files/directories before, which does not directly cause issues currently, due to the symlink, but is inconsistent at best.
Signed-off-by: MichaIng <micha@dietpi.com>
- Currently, if the SELinux config file exists, installed SELinux is assumed.
- But removing e.g. an APT package via "apt-get remove" leaves config files in place, or they could be present for other reasons.
- If the getenforce command is not present but the config file is, currently the installer exists without error message when calling getenforce due to "set -e".
- With this change, the presence of getenforce command is checked first. If it is not present, selinux-utils is not installed, which is a core part of SELinux, pulled in by selinux-basics as well. So it can be assumed that no SELinux is active if this command is missing.
Signed-off-by: MichaIng <micha@dietpi.com>
This is and was never required and the pihole user does in fact not get any additional permissions through that group.
Signed-off-by: MichaIng <micha@dietpi.com>
Using the meta package causes several issues:
- Install on Debian prior to Jessie and Ubuntu prior to Xenial is broken, since those do not serve the meta packages but php5-* packages instead.
- If $phpVer != "php", then multiple conflicting PHP versions can be installed.
- If "${phpVer}-intl" does not pull the correct package, then inherently "${phpVer}-xml" etc are wrong, too. This is theoretically possible, e.g. if PHP7.4 was installed while the webserver uses a concurrently installed PHP7.3 instance. Then the "php" shell command output can differ from what the webserver uses. This theoretical issue would need a different approach to derive $phpVer, not based on the shell command output but by asking the webserver somehow in the first place. But using $phpVer for some modules and hardcoded meta for the others can only lead to inconsistencies and issues.
Signed-off-by: MichaIng <micha@dietpi.com>
When checking for available packages in APT repository, running a dry-run install can fail for other reasons, even if the package is available. Currently, in such case, wrong fallback packages are selected: https://github.com/pi-hole/pi-hole/issues/2888
"apt-cache show <pkg>" is a quicker method to check for available packages. This is now done as well to check if the fallbacks are available. If none is found, the installer exits with meaningful error message and exit code.
In rare cases, the APT list files can be missing when the installer is started. E.g. this could be on a fresh system, APT lists could have been moved to RAM or removed as a cleanup step. "apt-cache" calls will then fail, same as dry-run installs were. To assure that current package lists are checked, update the package cache directly after the Ubuntu universe repo has been added, only in the Debian/Ubuntu block. This renders the variable handling in RH/Fedora block obsolete.
Signed-off-by: MichaIng <micha@dietpi.com>
1- 1.1.1.2 (No Malware)
2- 1.1.1.3 (No Malware or Adult Content)
This would allow parents to have more control over the safety of their family's network.
Signed-off-by: Mohammed-Swillam <moh.sayed@hotmail.com>
Commit dc35709a1b ("Remove hosts-file.net from default lists") left a
few references to hosts-file.net. Removes them.
Signed-off-by: Antoine Tenart <antoine.tenart@ack.tf>
The new version of the installer moved from debconf-apt-progress to raw apt-get output on installs to solve issues with interactive config file choices. This lead to a largely increases amount of output lines of the installer. To reduce the apt-get output to a minimum, while sustaining interactive input in case of config files, the "-qq" option can be used, which inherits "--yes":
- https://manpages.debian.org/buster/apt/apt-get.8.en.html#OPTIONS
- https://manpages.ubuntu.com/manpages/bionic/man8/apt-get.8.html#options
Signed-off-by: MichaIng <micha@dietpi.com>
PHP dependency php-json is now required for both the latest Fedora and CentOS.
Package php-json will now be a default web dependency and removed from PIHOLE_WEB_DEPS when installing on CentOS7.
Signed-off-by: bcambl <blayne@blaynecampbell.com>
Always ensure we have the correct machine arch by storing to/reading from a file rather than depending on global variable that for some reason is not always populated...
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
no need for global variable
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
Use a file in the temporary FTL download directory
Signed-off-by: Dan Schaper <dan.schaper@pi-hole.net>
Local binary variable named to l_binary. Disambiguate from global binary.
Allow 'binary' to be shadowed for testing.
Use ./ftlbinary in all operations.
Signed-off-by: Dan Schaper <dan.schaper@pi-hole.net>
Revert shadow ability on binary variable.
Signed-off-by: Dan Schaper <dan.schaper@pi-hole.net>
Remove unused tests, binary variable can not be overridden.
Signed-off-by: Dan Schaper <dan.schaper@pi-hole.net>
This should work here, too
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
binary name is passed through from pihole checkout
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
Add comments
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
OK, let's try it this way again
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
we might be getting somewhere.. squash after this I think!
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
This is a test to see if it fixes the aarch64 test (we are definitely squashing these commits
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
fix the rest of the tests
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
Remove trailing whitespace in the files we've touched here
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
+ Print restart hint after setting IPv4 address on a separate line with [i] prefix to not break text alignment
+ Print final upstream DNS choice as a single printf call and by this fix missing info and linebreak on "Custom" choices.
+ Minor if/then/else code alignment
Signed-off-by: MichaIng <micha@dietpi.com>
The Pi-hole project does not ship a custom SELinux policy as the required policy would lower the overall system security.
Users who require SELinux to be enforcing are encouraged to create an custom policy on a case-by-case basis.
Signed-off-by: bcambl <blayne@blaynecampbell.com>
The headers containing the latest FTL tag were not properly input to the
command (`<` vs `<<<`). This caused Bash to try and open the file named
after the header string, which does not exist.
Signed-off-by: Mcat12 <newtoncat12@yahoo.com>
Previously, install_dependent_packages would receive an array variable
name as its single parameter, and would use variable indirection to
access it; this change simplifies that function so that it instead
receives the expanded array.
Signed-off-by: David Haguenauer <ml@kurokatta.org>
The 403 lighttpd errors were caused by removing the lighttpd config
directory and not removing lighttpd itself. This caused a subsequent
Pi-hole reinstall to not have all of the required lighttpd config files.
The error while removing packages was caused by combining arguments into
a string instead of listing each argument.
Signed-off-by: Mcat12 <newtoncat12@yahoo.com>
chkconfig is a dependency of spawn-fcgi which is a dependency of lighttpd which is installed via PIHOLE_WEB_DEPS in phase 2
adding chkconfig to INSTALLER_DEPS to ensure /etc/init.d is present during the installation prompts (phase 1)
Signed-off-by: bcambl <blayne@blaynecampbell.com>
During install in `valid_ip`, we split up the IP address into octets to verify it is valid (each is <= 255).
This validation was broken in #2743 when a variable usage was quoted where it should have stayed unquoted:
```
./automated install/basic-install.sh: line 942: [[: 192.241.211.120: syntax error: invalid arithmetic operator (error token is ".241.211.120")
```
Due to this error, `127.0.0.1` would be used instead of the requested IP address. Also, this prevented the user from entering a custom DNS server as it would be marked as an invalid IP address.
Signed-off-by: Mark Drobnak <mark.drobnak@gmail.com>
chkconfig is a dependency of spawn-fcgi which is a dependency of lighttpd which is installed via PIHOLE_WEB_DEPS in phase 2
adding chkconfig to INSTALLER_DEPS to ensure /etc/init.d is present during the installation prompts (phase 1)
Signed-off-by: bcambl <blayne@blaynecampbell.com>
The 403 lighttpd errors were caused by removing the lighttpd config
directory and not removing lighttpd itself. This caused a subsequent
Pi-hole reinstall to not have all of the required lighttpd config files.
The error while removing packages was caused by combining arguments into
a string instead of listing each argument.
Signed-off-by: Mcat12 <newtoncat12@yahoo.com>
Previously, install_dependent_packages would receive an array variable
name as its single parameter, and would use variable indirection to
access it; this change simplifies that function so that it instead
receives the expanded array.
Signed-off-by: David Haguenauer <ml@kurokatta.org>