Merge branch 'development' into tweak/gravity_backup

Signed-off-by: DL6ER <dl6er@dl6er.de>

.github/workflows/test.yml

@@ -68,8 +68,8 @@ jobs:
             ubuntu_23,
             ubuntu_24,
             centos_9,
-            fedora_39,
             fedora_40,
+            fedora_41,
           ]
     env:
       DISTRO: ${{matrix.distro}}

advanced/Scripts/database_migration/gravity-db.sh

@@ -13,10 +13,9 @@
 readonly scriptPath="/etc/.pihole/advanced/Scripts/database_migration/gravity"
 
 upgrade_gravityDB(){
-    local database piholeDir auditFile version
+    local database piholeDir version
     database="${1}"
     piholeDir="${2}"
-    auditFile="${piholeDir}/auditlog.list"
 
     # Exit early if the database does not exist (e.g. in CI tests)
     if [[ ! -f "${database}" ]]; then
@@ -27,18 +26,11 @@ upgrade_gravityDB(){
     version="$(pihole-FTL sqlite3 -ni "${database}" "SELECT \"value\" FROM \"info\" WHERE \"property\" = 'version';")"
 
     if [[ "$version" == "1" ]]; then
-        # This migration script upgrades the gravity.db file by
+        # This migration script upgraded the gravity.db file by
-        # adding the domain_audit table
+        # adding the domain_audit table. It is now a no-op
         echo -e "  ${INFO} Upgrading gravity database from version 1 to 2"
         pihole-FTL sqlite3 -ni "${database}" < "${scriptPath}/1_to_2.sql"
         version=2
-
-        # Store audit domains in database table
-        if [ -e "${auditFile}" ]; then
-            echo -e "  ${INFO} Migrating content of ${auditFile} into new database"
-            # database_table_from_file is defined in gravity.sh
-            database_table_from_file "domain_audit" "${auditFile}"
-        fi
     fi
     if [[ "$version" == "2" ]]; then
         # This migration script upgrades the gravity.db file by

advanced/Scripts/database_migration/gravity/1_to_2.sql

@@ -2,13 +2,6 @@
 
 BEGIN TRANSACTION;
 
-CREATE TABLE domain_audit
-(
-    id INTEGER PRIMARY KEY AUTOINCREMENT,
-    domain TEXT UNIQUE NOT NULL,
-    date_added INTEGER NOT NULL DEFAULT (cast(strftime('%s', 'now') as int))
-);
-
 UPDATE info SET value = 2 WHERE property = 'version';
 
 COMMIT;

advanced/Templates/gravity.db.sql

@@ -73,13 +73,6 @@ INSERT INTO "info" VALUES('version','19');
     other string = restoration successful with the string being the backup file used */
 INSERT INTO "info" VALUES('gravity_restored','false');
 
-CREATE TABLE domain_audit
-(
-    id INTEGER PRIMARY KEY AUTOINCREMENT,
-    domain TEXT UNIQUE NOT NULL,
-    date_added INTEGER NOT NULL DEFAULT (cast(strftime('%s', 'now') as int))
-);
-
 CREATE TABLE domainlist_by_group
 (
     domainlist_id INTEGER NOT NULL REFERENCES domainlist (id),

advanced/Templates/gravity_copy.sql

@@ -9,7 +9,6 @@ DROP TRIGGER tr_client_add;
 DROP TRIGGER tr_adlist_add;
 
 INSERT OR REPLACE INTO "group" SELECT * FROM OLD."group";
-INSERT OR REPLACE INTO domain_audit SELECT * FROM OLD.domain_audit;
 
 INSERT OR REPLACE INTO domainlist SELECT * FROM OLD.domainlist;
 DELETE FROM OLD.domainlist_by_group WHERE domainlist_id NOT IN (SELECT id FROM OLD.domainlist);

automated install/basic-install.sh

@@ -1430,7 +1430,7 @@ install_dependent_packages() {
     for i in "$@"; do
         # For each package, check if it's already installed (and if so, don't add it to the installArray)
         printf "  %b Checking for %s..." "${INFO}" "${i}"
-        if "${PKG_MANAGER}" -q list installed "${i}" &>/dev/null; then
+        if rpm -q "${i}" &>/dev/null; then
             printf "%b  %b Checking for %s\\n" "${OVER}" "${TICK}" "${i}"
         else
             printf "%b  %b Checking for %s (will be installed)\\n" "${OVER}" "${INFO}" "${i}"
@@ -2270,7 +2270,7 @@ main() {
     notify_package_updates_available
 
     # Install packages necessary to perform os_check
-    printf "  %b Checking for / installing Required dependencies for OS Check...\\n" "${INFO}"
+    printf "  %b Checking for / installing required dependencies for OS Check...\\n" "${INFO}"
     install_dependent_packages "${OS_CHECK_COMMON_DEPS[@]}" "${OS_CHECK_DEPS[@]}"
 
     # Check that the installed OS is officially supported - display warning if not
@@ -2287,7 +2287,7 @@ main() {
     fi
 
     # Install packages used by this installation script
-    printf "  %b Checking for / installing Required dependencies for this install script...\\n" "${INFO}"
+    printf "  %b Checking for / installing required dependencies for this install script...\\n" "${INFO}"
     install_dependent_packages "${INSTALLER_COMMON_DEPS[@]}" "${INSTALLER_DEPS[@]}"
 
     # in case of an update
@@ -2335,7 +2335,7 @@ main() {
     local dep_install_list=("${PIHOLE_COMMON_DEPS[@]}" "${PIHOLE_DEPS[@]}")
 
     # Install packages used by the actual software
-    printf "  %b Checking for / installing Required dependencies for Pi-hole software...\\n" "${INFO}"
+    printf "  %b Checking for / installing required dependencies for Pi-hole software...\\n" "${INFO}"
     install_dependent_packages "${dep_install_list[@]}"
     unset dep_install_list
 

gravity.sh

@@ -60,14 +60,24 @@ gravityDIR="$(dirname -- "${gravityDBfile}")"
 gravityOLDfile="${gravityDIR}/gravity_old.db"
 gravityBCKfile="${gravityDIR}/gravity_backup.db"
 
+fix_owner_permissions() {
+  # Fix ownership and permissions for the specified file
+  # User and group are set to pihole:pihole
+  # Permissions are set to 664 (rw-rw-r--)
+  chown pihole:pihole "${1}"
+  chmod 664 "${1}"
+
+  # Ensure the containing directory is group writable
+  chmod g+w "$(dirname -- "${1}")"
+}
+
 # Generate new SQLite3 file from schema template
 generate_gravity_database() {
   if ! pihole-FTL sqlite3 -ni "${gravityDBfile}" <"${gravityDBschema}"; then
     echo -e "   ${CROSS} Unable to create ${gravityDBfile}"
     return 1
   fi
-  chown pihole:pihole "${gravityDBfile}"
+  fix_owner_permissions "${gravityDBfile}"
-  chmod g+w "${piholeDir}" "${gravityDBfile}"
 }
 
 # Build gravity tree
@@ -199,10 +209,7 @@ database_table_from_file() {
   grep -v '^ *#' <"${src}" | while IFS= read -r domain; do
     # Only add non-empty lines
     if [[ -n "${domain}" ]]; then
-      if [[ "${table}" == "domain_audit" ]]; then
+      if [[ "${table}" == "adlist" ]]; then
-        # domain_audit table format (no enable or modified fields)
-        echo "${rowid},\"${domain}\",${timestamp}" >>"${tmpFile}"
-      elif [[ "${table}" == "adlist" ]]; then
         # Adlist table format
         echo "${rowid},\"${domain}\",1,${timestamp},${timestamp},\"Migrated from ${src}\",,0,0,0,0,0" >>"${tmpFile}"
       else
@@ -393,7 +400,7 @@ gravity_DownloadBlocklists() {
     echo -e "  ${INFO} Storing gravity database in ${COL_BOLD}${gravityDBfile}${COL_NC}"
   fi
 
-  local url domain str target compression adlist_type
+  local url domain str target compression adlist_type directory
   echo ""
 
   # Prepare new gravity database
@@ -499,6 +506,24 @@ gravity_DownloadBlocklists() {
     saveLocation="${piholeDir}/list.${id}.${domain}.${domainsExtension}"
     activeDomains[$i]="${saveLocation}"
 
+    # Check if we can write to the save location file without actually creating
+    # it (in case it doesn't exist)
+    # First, check if the directory is writable
+    directory="$(dirname -- "${saveLocation}")"
+    if [ ! -w "${directory}" ]; then
+      echo -e "  ${CROSS} Unable to write to ${directory}"
+      echo "      Please run pihole -g as root"
+      echo ""
+      continue
+    fi
+    # Then, check if the file is writable (if it exists)
+    if [ -e "${saveLocation}" ] && [ ! -w "${saveLocation}" ]; then
+      echo -e "  ${CROSS} Unable to write to ${saveLocation}"
+      echo "      Please run pihole -g as root"
+      echo ""
+      continue
+    fi
+
     echo -e "  ${INFO} Target: ${url}"
     local regex check_url
     # Check for characters NOT allowed in URLs
@@ -527,6 +552,7 @@ compareLists() {
     if ! sha1sum --check --status --strict "${target}.sha1"; then
       # The list changed upstream, we need to update the checksum
       sha1sum "${target}" >"${target}.sha1"
+      fix_owner_permissions "${target}.sha1"
       echo "  ${INFO} List has been updated"
       database_adlist_status "${adlistID}" "1"
     else
@@ -536,6 +562,7 @@ compareLists() {
   else
     # No checksum available, create one for comparing on the next run
     sha1sum "${target}" >"${target}.sha1"
+    fix_owner_permissions "${target}.sha1"
     # We assume here it was changed upstream
     database_adlist_status "${adlistID}" "1"
   fi
@@ -797,7 +824,7 @@ gravity_ParseFileIntoDomains() {
     -e 's/^.*\s+//g' \
     -e '/^$/d' "${destination}"
 
-  chmod 644 "${destination}"
+  fix_owner_permissions "${destination}"
 }
 
 # Report number of entries in a table
@@ -1082,8 +1109,7 @@ fi
 update_gravity_timestamp
 
 # Ensure proper permissions are set for the database
-chown pihole:pihole "${gravityTEMPfile}"
+fix_owner_permissions "${gravityTEMPfile}"
-chmod g+w "${piholeDir}" "${gravityTEMPfile}"
 
 # Build the tree
 timeit gravity_build_tree

test/_fedora_41.Dockerfile

@@ -1,4 +1,4 @@
-FROM fedora:39
+FROM fedora:41
 RUN dnf install -y git initscripts
 
 ENV GITDIR=/etc/.pihole

test/tox.fedora_41.ini

@@ -6,5 +6,5 @@ allowlist_externals = docker
 deps = -rrequirements.txt
 setenv =
     COLUMNS=120
-commands = docker buildx build --load --progress plain -f _fedora_39.Dockerfile -t pytest_pihole:test_container ../
+commands = docker buildx build --load --progress plain -f _fedora_41.Dockerfile -t pytest_pihole:test_container ../
            pytest {posargs:-vv -n auto} ./test_any_automated_install.py ./test_any_utils.py ./test_centos_fedora_common_support.py