mirror of
https://github.com/pi-hole/pi-hole
synced 2024-12-22 14:58:08 +00:00
954a0c2a14
Signed-off-by: Christian König <ckoenig@posteo.de>
174 lines
5.4 KiB
Desktop File
174 lines
5.4 KiB
Desktop File
#!/usr/bin/env sh
|
|
### BEGIN INIT INFO
|
|
# Provides: pihole-FTL
|
|
# Required-Start: $remote_fs $syslog $network
|
|
# Required-Stop: $remote_fs $syslog $network
|
|
# Default-Start: 2 3 4 5
|
|
# Default-Stop: 0 1 6
|
|
# Short-Description: pihole-FTL daemon
|
|
# Description: Enable service provided by pihole-FTL daemon
|
|
### END INIT INFO
|
|
|
|
# Global variables
|
|
FTLCONFFILE="/etc/pihole/pihole-FTL.conf"
|
|
DEFAULT_PID_FILE="/run/pihole-FTL.pid"
|
|
DEFAULT_PORT_FILE="/run/pihole-FTL.port"
|
|
FTL_PID=''
|
|
|
|
# Get the file path of the pihole-FTL.pid file
|
|
getFTLPIDFile() {
|
|
if [ -s "${FTLCONFFILE}" ]; then
|
|
# if PIDFILE is not set in pihole-FTL.conf, use the default path
|
|
FTL_PID_FILE="$({ grep '^PIDFILE=' "${FTLCONFFILE}" || echo "${DEFAULT_PID_FILE}"; } | cut -d'=' -f2-)"
|
|
else
|
|
# if there is no pihole-FTL.conf, use the default path
|
|
FTL_PID_FILE="${DEFAULT_PID_FILE}"
|
|
fi
|
|
}
|
|
|
|
# Get the PID of the FTL process based on the content of the pihole-FTL.pid file
|
|
getFTLPID() {
|
|
if [ -s "${FTL_PID_FILE}" ]; then
|
|
# -s: FILE exists and has a size greater than zero
|
|
FTL_PID="$(cat "${FTL_PID_FILE}")"
|
|
# Exploit prevention: unset the variable if there is malicious content
|
|
# Verify that the value read from the file is numeric
|
|
expr "${FTL_PID}" : "[^[:digit:]]" > /dev/null && unset FTL_PID
|
|
fi
|
|
|
|
# If FTL is not running, or the PID file contains malicious stuff, substitute
|
|
# negative PID to signal this
|
|
FTL_PID=${FTL_PID:=-1}
|
|
}
|
|
|
|
# Get the file path of the pihole-FTL.port file
|
|
getFTLPortFile() {
|
|
if [ -s "${FTLCONFFILE}" ]; then
|
|
# if PORTFILE is not set in pihole-FTL.conf, use the default path
|
|
FTL_PORT_FILE="$({ grep '^PORTFILE=' "${FTLCONFFILE}" || echo "${DEFAULT_PORT_FILE}"; } | cut -d'=' -f2-)"
|
|
else
|
|
# if there is no pihole-FTL.conf, use the default path
|
|
FTL_PORT_FILE="${DEFAULT_PORT_FILE}"
|
|
fi
|
|
}
|
|
|
|
|
|
is_running() {
|
|
if [ -d "/proc/${FTL_PID}" ]; then
|
|
return 0
|
|
fi
|
|
return 1
|
|
}
|
|
|
|
|
|
# Start the service
|
|
start() {
|
|
if is_running; then
|
|
echo "pihole-FTL is already running"
|
|
else
|
|
# Touch files to ensure they exist (create if non-existing, preserve if existing)
|
|
mkdir -pm 0755 /run/pihole /var/log/pihole
|
|
[ ! -f "${FTL_PID_FILE}" ] && install -m 644 -o pihole -g pihole /dev/null "${FTL_PID_FILE}"
|
|
[ ! -f "${FTL_PORT_FILE}" ] && install -m 644 -o pihole -g pihole /dev/null "${FTL_PORT_FILE}"
|
|
[ ! -f /var/log/pihole/pihole-FTL.log ] && install -m 644 -o pihole -g pihole /dev/null /var/log/pihole/pihole-FTL.log
|
|
[ ! -f /var/log/pihole/pihole.log ] && install -m 640 -o pihole -g pihole /dev/null /var/log/pihole/pihole.log
|
|
[ ! -f /etc/pihole/dhcp.leases ] && install -m 644 -o pihole -g pihole /dev/null /etc/pihole/dhcp.leases
|
|
# Ensure that permissions are set so that pihole-FTL can edit all necessary files
|
|
chown pihole:pihole /run/pihole /etc/pihole /var/log/pihole /var/log/pihole/pihole-FTL.log /var/log/pihole/pihole.log /etc/pihole/dhcp.leases
|
|
# Ensure that permissions are set so that pihole-FTL can edit the files. We ignore errors as the file may not (yet) exist
|
|
chmod -f 0644 /etc/pihole/macvendor.db /etc/pihole/dhcp.leases /var/log/pihole/pihole-FTL.log
|
|
chmod -f 0640 /var/log/pihole/pihole.log
|
|
# Chown database files to the user FTL runs as. We ignore errors as the files may not (yet) exist
|
|
chown -f pihole:pihole /etc/pihole/pihole-FTL.db /etc/pihole/gravity.db /etc/pihole/macvendor.db
|
|
# Chown database file permissions so that the pihole group (web interface) can edit the file. We ignore errors as the files may not (yet) exist
|
|
chmod -f 0664 /etc/pihole/pihole-FTL.db
|
|
|
|
# Backward compatibility for user-scripts that still expect log files in /var/log instead of /var/log/pihole/
|
|
# Should be removed with Pi-hole v6.0
|
|
if [ ! -f /var/log/pihole.log ]; then
|
|
ln -s /var/log/pihole/pihole.log /var/log/pihole.log
|
|
chown -h pihole:pihole /var/log/pihole.log
|
|
|
|
fi
|
|
if [ ! -f /var/log/pihole-FTL.log ]; then
|
|
ln -s /var/log/pihole/pihole-FTL.log /var/log/pihole-FTL.log
|
|
chown -h pihole:pihole /var/log/pihole-FTL.log
|
|
fi
|
|
|
|
if setcap CAP_NET_BIND_SERVICE,CAP_NET_RAW,CAP_NET_ADMIN,CAP_SYS_NICE,CAP_IPC_LOCK,CAP_CHOWN+eip "/usr/bin/pihole-FTL"; then
|
|
su -s /bin/sh -c "/usr/bin/pihole-FTL" pihole
|
|
else
|
|
echo "Warning: Starting pihole-FTL as root because setting capabilities is not supported on this system"
|
|
/usr/bin/pihole-FTL
|
|
fi
|
|
echo
|
|
fi
|
|
}
|
|
|
|
# Stop the service
|
|
stop() {
|
|
if is_running; then
|
|
kill "${FTL_PID}"
|
|
for i in 1 2 3 4 5; do
|
|
if ! is_running; then
|
|
break
|
|
fi
|
|
|
|
printf "."
|
|
sleep 1
|
|
done
|
|
echo
|
|
|
|
if is_running; then
|
|
echo "Not stopped; may still be shutting down or shutdown may have failed, killing now"
|
|
kill -9 "${FTL_PID}"
|
|
else
|
|
echo "Stopped"
|
|
fi
|
|
else
|
|
echo "Not running"
|
|
fi
|
|
# Cleanup
|
|
rm -f /run/pihole/FTL.sock /dev/shm/FTL-* "${FTL_PID_FILE}" "${FTL_PORT_FILE}"
|
|
echo
|
|
}
|
|
|
|
# Indicate the service status
|
|
status() {
|
|
if is_running; then
|
|
echo "[ ok ] pihole-FTL is running"
|
|
exit 0
|
|
else
|
|
echo "[ ] pihole-FTL is not running"
|
|
exit 1
|
|
fi
|
|
}
|
|
|
|
|
|
### main logic ###
|
|
|
|
# Get file paths
|
|
getFTLPIDFile
|
|
getFTLPortFile
|
|
|
|
# Get FTL's current PID
|
|
getFTLPID
|
|
|
|
case "$1" in
|
|
stop)
|
|
stop
|
|
;;
|
|
status)
|
|
status
|
|
;;
|
|
start|restart|reload|condrestart)
|
|
stop
|
|
start
|
|
;;
|
|
*)
|
|
echo "Usage: $0 {start|stop|restart|reload|status}"
|
|
exit 1
|
|
esac
|
|
|
|
exit 0
|