mirror of
https://github.com/pi-hole/pi-hole.git
synced 2024-11-24 23:23:42 +00:00
Big sudo refactor.
In general: - Each script reruns itself as either root or pihole. Any $SUDO variables are removed. - Two new scripts are created that need to be run as root. - The installer creates a file in sudoers.d that allows the pihole user to run the above two scripts as root. piholeReloadServices.sh: Script to reload dnsmasq (or start it if required). piholeSetPermissions.sh: Script to set the permissions on /etc/pihole basic-install.sh: - Copy two new scripts. - Set owner and permissions on /etc/pihole - Install the sudoers file to allow the pihole user to run certain scripts as root without a password. uninstall.sh: - Remote two new scripts. - Remove sudoers file gravity.sh: - Rerun as pihole user. - Use sudo for setting permissions and reloading services. - Replaced chmod 777 with piholeSetPermissions.sh. blacklist.sh, whitelist.sh: Rerun as pihole user. Use sudo for reloading services. chronometer.sh, piholeLogFlush.sh: Rerun as pihole user. setupLCD.sh: Rerun as root.
This commit is contained in:
parent
3eb6739263
commit
9a68adf36f
10 changed files with 291 additions and 64 deletions
|
@ -23,6 +23,29 @@ if [[ $# = 0 ]]; then
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# Check if pihole user, and if not then rerun with sudo.
|
||||||
|
echo ":::"
|
||||||
|
runninguser=$(whoami)
|
||||||
|
if [[ "$runninguser" = "pihole" ]];then
|
||||||
|
echo "::: You are pihole user."
|
||||||
|
# Older versions of Pi-hole set $SUDO="sudo" and prefixed commands with it,
|
||||||
|
# rather than rerunning as sudo. Just in case it turns up by accident,
|
||||||
|
# explicitly set the $SUDO variable to an empty string.
|
||||||
|
SUDO=""
|
||||||
|
else
|
||||||
|
echo "::: sudo will be used."
|
||||||
|
# Check if it is actually installed
|
||||||
|
# If it isn't, exit because the install cannot complete
|
||||||
|
if [[ $(dpkg-query -s sudo) ]];then
|
||||||
|
echo "::: Running sudo -u pihole $@"
|
||||||
|
sudo -u pihole "$@"
|
||||||
|
exit $?
|
||||||
|
else
|
||||||
|
echo "::: Please install sudo."
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
#globals
|
#globals
|
||||||
blacklist=/etc/pihole/blacklist.txt
|
blacklist=/etc/pihole/blacklist.txt
|
||||||
adList=/etc/pihole/gravity.list
|
adList=/etc/pihole/gravity.list
|
||||||
|
@ -153,15 +176,11 @@ function Reload() {
|
||||||
echo ":::"
|
echo ":::"
|
||||||
echo -n "::: Refresh lists in dnsmasq..."
|
echo -n "::: Refresh lists in dnsmasq..."
|
||||||
|
|
||||||
dnsmasqPid=$(pidof dnsmasq)
|
# Reloading services requires root.
|
||||||
|
# The installer should have created a file in sudoers.d to allow pihole user
|
||||||
|
# to run piholeReloadServices.sh as root with sudo without a password
|
||||||
|
sudo --non-interactive /usr/local/bin/piholeReloadServices.sh
|
||||||
|
|
||||||
if [[ $dnsmasqPid ]]; then
|
|
||||||
# service already running - reload config
|
|
||||||
sudo kill -HUP $dnsmasqPid
|
|
||||||
else
|
|
||||||
# service not running, start it up
|
|
||||||
sudo service dnsmasq start
|
|
||||||
fi
|
|
||||||
echo " done!"
|
echo " done!"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -10,6 +10,28 @@
|
||||||
# the Free Software Foundation, either version 2 of the License, or
|
# the Free Software Foundation, either version 2 of the License, or
|
||||||
# (at your option) any later version.
|
# (at your option) any later version.
|
||||||
|
|
||||||
|
# Check if pihole user, and if not then rerun with sudo.
|
||||||
|
echo ":::"
|
||||||
|
runninguser=$(whoami)
|
||||||
|
if [[ "$runninguser" = "pihole" ]];then
|
||||||
|
echo "::: You are pihole user."
|
||||||
|
# Older versions of Pi-hole set $SUDO="sudo" and prefixed commands with it,
|
||||||
|
# rather than rerunning as sudo. Just in case it turns up by accident,
|
||||||
|
# explicitly set the $SUDO variable to an empty string.
|
||||||
|
SUDO=""
|
||||||
|
else
|
||||||
|
echo "::: sudo will be used."
|
||||||
|
# Check if it is actually installed
|
||||||
|
# If it isn't, exit because the install cannot complete
|
||||||
|
if [[ $(dpkg-query -s sudo) ]];then
|
||||||
|
echo "::: Running sudo -u pihole $@"
|
||||||
|
sudo -u pihole "$@"
|
||||||
|
exit $?
|
||||||
|
else
|
||||||
|
echo "::: Please install sudo."
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
#Functions##############################################################################################################
|
#Functions##############################################################################################################
|
||||||
piLog="/var/log/pihole.log"
|
piLog="/var/log/pihole.log"
|
||||||
|
|
|
@ -10,4 +10,27 @@
|
||||||
# the Free Software Foundation, either version 2 of the License, or
|
# the Free Software Foundation, either version 2 of the License, or
|
||||||
# (at your option) any later version.
|
# (at your option) any later version.
|
||||||
|
|
||||||
|
# Check if pihole user, and if not then rerun with sudo.
|
||||||
|
echo ":::"
|
||||||
|
runninguser=$(whoami)
|
||||||
|
if [[ "$runninguser" = "pihole" ]];then
|
||||||
|
echo "::: You are pihole user."
|
||||||
|
# Older versions of Pi-hole set $SUDO="sudo" and prefixed commands with it,
|
||||||
|
# rather than rerunning as sudo. Just in case it turns up by accident,
|
||||||
|
# explicitly set the $SUDO variable to an empty string.
|
||||||
|
SUDO=""
|
||||||
|
else
|
||||||
|
echo "::: sudo will be used."
|
||||||
|
# Check if it is actually installed
|
||||||
|
# If it isn't, exit because the install cannot complete
|
||||||
|
if [[ $(dpkg-query -s sudo) ]];then
|
||||||
|
echo "::: Running sudo -u pihole $@"
|
||||||
|
sudo -u pihole "$@"
|
||||||
|
exit $?
|
||||||
|
else
|
||||||
|
echo "::: Please install sudo."
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
truncate -s 0 /var/log/pihole.log
|
truncate -s 0 /var/log/pihole.log
|
||||||
|
|
60
advanced/Scripts/piholeReloadServices.sh
Normal file
60
advanced/Scripts/piholeReloadServices.sh
Normal file
|
@ -0,0 +1,60 @@
|
||||||
|
#!/usr/bin/env bash
|
||||||
|
# Pi-hole: A black hole for Internet advertisements
|
||||||
|
# (c) 2015, 2016 by Jacob Salmela
|
||||||
|
# Network-wide ad blocking via your Raspberry Pi
|
||||||
|
# http://pi-hole.net
|
||||||
|
# Restarts pihole services
|
||||||
|
#
|
||||||
|
# Pi-hole is free software: you can redistribute it and/or modify
|
||||||
|
# it under the terms of the GNU General Public License as published by
|
||||||
|
# the Free Software Foundation, either version 2 of the License, or
|
||||||
|
# (at your option) any later version.
|
||||||
|
|
||||||
|
# Check if root, and if not then rerun with sudo.
|
||||||
|
echo ":::"
|
||||||
|
if [[ $EUID -eq 0 ]];then
|
||||||
|
echo "::: You are root."
|
||||||
|
# Older versions of Pi-hole set $SUDO="sudo" and prefixed commands with it,
|
||||||
|
# rather than rerunning as sudo. Just in case it turns up by accident,
|
||||||
|
# explicitly set the $SUDO variable to an empty string.
|
||||||
|
SUDO=""
|
||||||
|
else
|
||||||
|
echo "::: sudo will be used."
|
||||||
|
# Check if it is actually installed
|
||||||
|
# If it isn't, exit because the install cannot complete
|
||||||
|
if [[ $(dpkg-query -s sudo) ]];then
|
||||||
|
echo "::: Running sudo $@"
|
||||||
|
sudo "$@"
|
||||||
|
exit $?
|
||||||
|
else
|
||||||
|
echo "::: Please install sudo or run this script as root."
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
spinner(){
|
||||||
|
local pid=$1
|
||||||
|
local delay=0.001
|
||||||
|
local spinstr='/-\|'
|
||||||
|
|
||||||
|
spin='-\|/'
|
||||||
|
i=0
|
||||||
|
while kill -0 $pid 2>/dev/null
|
||||||
|
do
|
||||||
|
i=$(( (i+1) %4 ))
|
||||||
|
printf "\b${spin:$i:1}"
|
||||||
|
sleep .1
|
||||||
|
done
|
||||||
|
printf "\b"
|
||||||
|
}
|
||||||
|
|
||||||
|
dnsmasqPid=$(pidof dnsmasq)
|
||||||
|
|
||||||
|
if [[ $dnsmasqPid ]]; then
|
||||||
|
# service already running - reload config
|
||||||
|
$SUDO kill -HUP $dnsmasqPid & spinner $!
|
||||||
|
else
|
||||||
|
# service not running, start it up
|
||||||
|
$SUDO service dnsmasq start & spinner $!
|
||||||
|
fi
|
36
advanced/Scripts/piholeSetPermissions.sh
Normal file
36
advanced/Scripts/piholeSetPermissions.sh
Normal file
|
@ -0,0 +1,36 @@
|
||||||
|
#!/usr/bin/env bash
|
||||||
|
# Pi-hole: A black hole for Internet advertisements
|
||||||
|
# (c) 2015, 2016 by Jacob Salmela
|
||||||
|
# Network-wide ad blocking via your Raspberry Pi
|
||||||
|
# http://pi-hole.net
|
||||||
|
# Sets permissions to pihole files and directories
|
||||||
|
#
|
||||||
|
# Pi-hole is free software: you can redistribute it and/or modify
|
||||||
|
# it under the terms of the GNU General Public License as published by
|
||||||
|
# the Free Software Foundation, either version 2 of the License, or
|
||||||
|
# (at your option) any later version.
|
||||||
|
|
||||||
|
# Check if root, and if not then rerun with sudo.
|
||||||
|
echo ":::"
|
||||||
|
if [[ $EUID -eq 0 ]];then
|
||||||
|
echo "::: You are root."
|
||||||
|
# Older versions of Pi-hole set $SUDO="sudo" and prefixed commands with it,
|
||||||
|
# rather than rerunning as sudo. Just in case it turns up by accident,
|
||||||
|
# explicitly set the $SUDO variable to an empty string.
|
||||||
|
SUDO=""
|
||||||
|
else
|
||||||
|
echo "::: sudo will be used."
|
||||||
|
# Check if it is actually installed
|
||||||
|
# If it isn't, exit because the install cannot complete
|
||||||
|
if [[ $(dpkg-query -s sudo) ]];then
|
||||||
|
echo "::: Running sudo $@"
|
||||||
|
sudo "$@"
|
||||||
|
exit $?
|
||||||
|
else
|
||||||
|
echo "::: Please install sudo or run this script as root."
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
chown --recursive root:pihole /etc/pihole
|
||||||
|
chmod --recursive ug=rwX,o=rX /etc/pihole
|
|
@ -10,6 +10,28 @@
|
||||||
# the Free Software Foundation, either version 2 of the License, or
|
# the Free Software Foundation, either version 2 of the License, or
|
||||||
# (at your option) any later version.
|
# (at your option) any later version.
|
||||||
|
|
||||||
|
# Check if root, and if not then rerun with sudo.
|
||||||
|
echo ":::"
|
||||||
|
if [[ $EUID -eq 0 ]];then
|
||||||
|
echo "::: You are root."
|
||||||
|
# Older versions of Pi-hole set $SUDO="sudo" and prefixed commands with it,
|
||||||
|
# rather than rerunning as sudo. Just in case it turns up by accident,
|
||||||
|
# explicitly set the $SUDO variable to an empty string.
|
||||||
|
SUDO=""
|
||||||
|
else
|
||||||
|
echo "::: sudo will be used."
|
||||||
|
# Check if it is actually installed
|
||||||
|
# If it isn't, exit because the install cannot complete
|
||||||
|
if [[ $(dpkg-query -s sudo) ]];then
|
||||||
|
echo "::: Running sudo $@"
|
||||||
|
sudo "$@"
|
||||||
|
exit $?
|
||||||
|
else
|
||||||
|
echo "::: Please install sudo or run this script as root."
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
############ FUNCTIONS ###########
|
############ FUNCTIONS ###########
|
||||||
# Run this script as root or under sudo
|
# Run this script as root or under sudo
|
||||||
echo ":::"
|
echo ":::"
|
||||||
|
@ -45,11 +67,11 @@ getInitSys() {
|
||||||
autoLoginPiToConsole() {
|
autoLoginPiToConsole() {
|
||||||
if [ -e /etc/init.d/lightdm ]; then
|
if [ -e /etc/init.d/lightdm ]; then
|
||||||
if [ $SYSTEMD -eq 1 ]; then
|
if [ $SYSTEMD -eq 1 ]; then
|
||||||
$SUDO systemctl set-default multi-user.target
|
systemctl set-default multi-user.target
|
||||||
$SUDO ln -fs /etc/systemd/system/autologin@.service /etc/systemd/system/getty.target.wants/getty@tty1.service
|
ln -fs /etc/systemd/system/autologin@.service /etc/systemd/system/getty.target.wants/getty@tty1.service
|
||||||
else
|
else
|
||||||
$SUDO update-rc.d lightdm disable 2
|
update-rc.d lightdm disable 2
|
||||||
$SUDO sed /etc/inittab -i -e "s/1:2345:respawn:\/sbin\/getty --noclear 38400 tty1/1:2345:respawn:\/bin\/login -f pi tty1 <\/dev\/tty1 >\/dev\/tty1 2>&1/"
|
sed /etc/inittab -i -e "s/1:2345:respawn:\/sbin\/getty --noclear 38400 tty1/1:2345:respawn:\/bin\/login -f pi tty1 <\/dev\/tty1 >\/dev\/tty1 2>&1/"
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
@ -62,27 +84,27 @@ autoLoginPiToConsole
|
||||||
# Set chronomter to run automatically when pi logs in
|
# Set chronomter to run automatically when pi logs in
|
||||||
echo /usr/local/bin/chronometer.sh >> /home/pi/.bashrc
|
echo /usr/local/bin/chronometer.sh >> /home/pi/.bashrc
|
||||||
# OR
|
# OR
|
||||||
#$SUDO echo /usr/local/bin/chronometer.sh >> /etc/profile
|
#echo /usr/local/bin/chronometer.sh >> /etc/profile
|
||||||
|
|
||||||
# Set up the LCD screen based on Adafruits instuctions:
|
# Set up the LCD screen based on Adafruits instuctions:
|
||||||
# https://learn.adafruit.com/adafruit-pitft-28-inch-resistive-touchscreen-display-raspberry-pi/easy-install
|
# https://learn.adafruit.com/adafruit-pitft-28-inch-resistive-touchscreen-display-raspberry-pi/easy-install
|
||||||
curl -SLs https://apt.adafruit.com/add-pin | $SUDO bash
|
curl -SLs https://apt.adafruit.com/add-pin | bash
|
||||||
$SUDO apt-get -y install raspberrypi-bootloader
|
apt-get -y install raspberrypi-bootloader
|
||||||
$SUDO apt-get -y install adafruit-pitft-helper
|
apt-get -y install adafruit-pitft-helper
|
||||||
$SUDO adafruit-pitft-helper -t 28r
|
adafruit-pitft-helper -t 28r
|
||||||
|
|
||||||
# Download the cmdline.txt file that prevents the screen from going blank after a period of time
|
# Download the cmdline.txt file that prevents the screen from going blank after a period of time
|
||||||
$SUDO mv /boot/cmdline.txt /boot/cmdline.orig
|
mv /boot/cmdline.txt /boot/cmdline.orig
|
||||||
$SUDO curl -o /boot/cmdline.txt https://raw.githubusercontent.com/pi-hole/pi-hole/master/advanced/cmdline.txt
|
curl -o /boot/cmdline.txt https://raw.githubusercontent.com/pi-hole/pi-hole/master/advanced/cmdline.txt
|
||||||
|
|
||||||
# Back up the original file and download the new one
|
# Back up the original file and download the new one
|
||||||
$SUDO mv /etc/default/console-setup /etc/default/console-setup.orig
|
mv /etc/default/console-setup /etc/default/console-setup.orig
|
||||||
$SUDO curl -o /etc/default/console-setup https://raw.githubusercontent.com/pi-hole/pi-hole/master/advanced/console-setup
|
curl -o /etc/default/console-setup https://raw.githubusercontent.com/pi-hole/pi-hole/master/advanced/console-setup
|
||||||
|
|
||||||
# Instantly apply the font change to the LCD screen
|
# Instantly apply the font change to the LCD screen
|
||||||
$SUDO setupcon
|
setupcon
|
||||||
|
|
||||||
$SUDO reboot
|
reboot
|
||||||
|
|
||||||
# Start showing the stats on the screen by running the command on another tty:
|
# Start showing the stats on the screen by running the command on another tty:
|
||||||
# http://unix.stackexchange.com/questions/170063/start-a-process-on-a-different-tty
|
# http://unix.stackexchange.com/questions/170063/start-a-process-on-a-different-tty
|
||||||
|
|
|
@ -23,6 +23,29 @@ if [[ $# = 0 ]]; then
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# Check if pihole user, and if not then rerun with sudo.
|
||||||
|
echo ":::"
|
||||||
|
runninguser=$(whoami)
|
||||||
|
if [[ "$runninguser" = "pihole" ]];then
|
||||||
|
echo "::: You are pihole user."
|
||||||
|
# Older versions of Pi-hole set $SUDO="sudo" and prefixed commands with it,
|
||||||
|
# rather than rerunning as sudo. Just in case it turns up by accident,
|
||||||
|
# explicitly set the $SUDO variable to an empty string.
|
||||||
|
SUDO=""
|
||||||
|
else
|
||||||
|
echo "::: sudo will be used."
|
||||||
|
# Check if it is actually installed
|
||||||
|
# If it isn't, exit because the install cannot complete
|
||||||
|
if [[ $(dpkg-query -s sudo) ]];then
|
||||||
|
echo "::: Running sudo -u pihole $@"
|
||||||
|
sudo -u pihole "$@"
|
||||||
|
exit $?
|
||||||
|
else
|
||||||
|
echo "::: Please install sudo."
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
#globals
|
#globals
|
||||||
whitelist=/etc/pihole/whitelist.txt
|
whitelist=/etc/pihole/whitelist.txt
|
||||||
adList=/etc/pihole/gravity.list
|
adList=/etc/pihole/gravity.list
|
||||||
|
@ -162,15 +185,11 @@ function Reload() {
|
||||||
# Reload hosts file
|
# Reload hosts file
|
||||||
echo ":::"
|
echo ":::"
|
||||||
echo -n "::: Refresh lists in dnsmasq..."
|
echo -n "::: Refresh lists in dnsmasq..."
|
||||||
dnsmasqPid=$(pidof dnsmasq)
|
|
||||||
|
|
||||||
if [[ $dnsmasqPid ]]; then
|
# Reloading services requires root.
|
||||||
# service already running - reload config
|
# The installer should have created a file in sudoers.d to allow pihole user
|
||||||
sudo kill -HUP $dnsmasqPid
|
# to run piholeReloadServices.sh as root with sudo without a password
|
||||||
else
|
sudo --non-interactive /usr/local/bin/piholeReloadServices.sh
|
||||||
# service not running, start it up
|
|
||||||
sudo service dnsmasq start
|
|
||||||
fi
|
|
||||||
echo " done!"
|
echo " done!"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -93,6 +93,13 @@ spinner() {
|
||||||
printf "\b"
|
printf "\b"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
mkpiholeDir() {
|
||||||
|
# Create the pihole config directory with pihole as the group owner with rw permissions.
|
||||||
|
mkdir -p /etc/pihole/
|
||||||
|
chown --recursive root:pihole /etc/pihole
|
||||||
|
chmod --recursive ug=rwX,o=rX /etc/pihole
|
||||||
|
}
|
||||||
|
|
||||||
backupLegacyPihole() {
|
backupLegacyPihole() {
|
||||||
# This function detects and backups the pi-hole v1 files. It will not do anything to the current version files.
|
# This function detects and backups the pi-hole v1 files. It will not do anything to the current version files.
|
||||||
if [[ -f /etc/dnsmasq.d/adList.conf ]];then
|
if [[ -f /etc/dnsmasq.d/adList.conf ]];then
|
||||||
|
@ -481,9 +488,11 @@ installScripts() {
|
||||||
cp /etc/.pihole/advanced/Scripts/chronometer.sh /usr/local/bin/chronometer.sh
|
cp /etc/.pihole/advanced/Scripts/chronometer.sh /usr/local/bin/chronometer.sh
|
||||||
cp /etc/.pihole/advanced/Scripts/whitelist.sh /usr/local/bin/whitelist.sh
|
cp /etc/.pihole/advanced/Scripts/whitelist.sh /usr/local/bin/whitelist.sh
|
||||||
cp /etc/.pihole/advanced/Scripts/blacklist.sh /usr/local/bin/blacklist.sh
|
cp /etc/.pihole/advanced/Scripts/blacklist.sh /usr/local/bin/blacklist.sh
|
||||||
|
cp /etc/.pihole/advanced/Scripts/piholeReloadServices.sh /usr/local/bin/piholeReloadServices.sh
|
||||||
|
cp /etc/.pihole/advanced/Scripts/piholeSetPermissions.sh /usr/local/bin/piholeSetPermissions.sh
|
||||||
cp /etc/.pihole/advanced/Scripts/piholeLogFlush.sh /usr/local/bin/piholeLogFlush.sh
|
cp /etc/.pihole/advanced/Scripts/piholeLogFlush.sh /usr/local/bin/piholeLogFlush.sh
|
||||||
cp /etc/.pihole/advanced/Scripts/updateDashboard.sh /usr/local/bin/updateDashboard.sh
|
cp /etc/.pihole/advanced/Scripts/updateDashboard.sh /usr/local/bin/updateDashboard.sh
|
||||||
chmod 755 /usr/local/bin/{gravity,chronometer,whitelist,blacklist,piholeLogFlush,updateDashboard}.sh
|
chmod 755 /usr/local/bin/{gravity,chronometer,whitelist,blacklist,piholeReloadServices,piholeSetPermissions,piholeLogFlush,updateDashboard}.sh
|
||||||
echo " done."
|
echo " done."
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -664,6 +673,16 @@ setUser(){
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
|
installSudoersFile() {
|
||||||
|
# Install the file in /etc/sudoers.d that defines what commands
|
||||||
|
# and scripts the pihole user can elevate to root with sudo.
|
||||||
|
sudoersFile='/etc/sudoers.d/pihole'
|
||||||
|
sudoersContent="pihole ALL=(ALL:ALL) NOPASSWD: /usr/local/bin/piholeReloadServices.sh /usr/local/bin/piholeSetPermissions.sh"
|
||||||
|
echo "$sudoersContent" > "$sudoersFile"
|
||||||
|
# chmod as per /etc/sudoers.d/README
|
||||||
|
chmod 0440 "$sudoersFile"
|
||||||
|
}
|
||||||
|
|
||||||
installPihole() {
|
installPihole() {
|
||||||
# Install base files and web interface
|
# Install base files and web interface
|
||||||
checkForDependencies # done
|
checkForDependencies # done
|
||||||
|
@ -677,6 +696,7 @@ installPihole() {
|
||||||
|
|
||||||
getGitFiles
|
getGitFiles
|
||||||
installScripts
|
installScripts
|
||||||
|
installSudoersFile
|
||||||
installConfigs
|
installConfigs
|
||||||
CreateLogFile
|
CreateLogFile
|
||||||
installPiholeWeb
|
installPiholeWeb
|
||||||
|
@ -698,7 +718,7 @@ The install log is in /etc/pihole." $r $c
|
||||||
|
|
||||||
######## SCRIPT ############
|
######## SCRIPT ############
|
||||||
# Start the installer
|
# Start the installer
|
||||||
mkdir -p /etc/pihole/
|
mkpiholeDir
|
||||||
welcomeDialogs
|
welcomeDialogs
|
||||||
|
|
||||||
# Verify there is enough disk space for the install
|
# Verify there is enough disk space for the install
|
||||||
|
|
|
@ -71,10 +71,13 @@ fi
|
||||||
|
|
||||||
echo "Removing config files and scripts..."
|
echo "Removing config files and scripts..."
|
||||||
rm /etc/dnsmasq.conf
|
rm /etc/dnsmasq.conf
|
||||||
|
rm /etc/sudoers.d/pihole
|
||||||
rm -rf /etc/lighttpd/
|
rm -rf /etc/lighttpd/
|
||||||
rm /var/log/pihole.log
|
rm /var/log/pihole.log
|
||||||
rm /usr/local/bin/gravity.sh
|
rm /usr/local/bin/gravity.sh
|
||||||
rm /usr/local/bin/chronometer.sh
|
rm /usr/local/bin/chronometer.sh
|
||||||
rm /usr/local/bin/whitelist.sh
|
rm /usr/local/bin/whitelist.sh
|
||||||
|
rm /usr/local/bin/piholeReloadServices.sh
|
||||||
|
rm /usr/local/bin/piholeSetPermissions.sh
|
||||||
rm /usr/local/bin/piholeLogFlush.sh
|
rm /usr/local/bin/piholeLogFlush.sh
|
||||||
rm -rf /etc/pihole/
|
rm -rf /etc/pihole/
|
||||||
|
|
47
gravity.sh
47
gravity.sh
|
@ -10,18 +10,25 @@
|
||||||
# the Free Software Foundation, either version 2 of the License, or
|
# the Free Software Foundation, either version 2 of the License, or
|
||||||
# (at your option) any later version.
|
# (at your option) any later version.
|
||||||
|
|
||||||
# Run this script as root or under sudo
|
# Check if pihole user, and if not then rerun with sudo.
|
||||||
echo ":::"
|
echo ":::"
|
||||||
if [[ $EUID -eq 0 ]];then
|
runninguser=$(whoami)
|
||||||
echo "::: You are root."
|
if [[ "$runninguser" = "pihole" ]];then
|
||||||
|
echo "::: You are pihole user."
|
||||||
|
# Older versions of Pi-hole set $SUDO="sudo" and prefixed commands with it,
|
||||||
|
# rather than rerunning as sudo. Just in case it turns up by accident,
|
||||||
|
# explicitly set the $SUDO variable to an empty string.
|
||||||
|
SUDO=""
|
||||||
else
|
else
|
||||||
echo "::: sudo will be used."
|
echo "::: sudo will be used."
|
||||||
# Check if it is actually installed
|
# Check if it is actually installed
|
||||||
# If it isn't, exit because the install cannot complete
|
# If it isn't, exit because the install cannot complete
|
||||||
if [[ $(dpkg-query -s sudo) ]];then
|
if [[ $(dpkg-query -s sudo) ]];then
|
||||||
export SUDO="sudo"
|
echo "::: Running sudo -u pihole $@"
|
||||||
|
sudo -u pihole "$@"
|
||||||
|
exit $?
|
||||||
else
|
else
|
||||||
echo "::: Please install sudo or run this script as root."
|
echo "::: Please install sudo."
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
@ -81,7 +88,7 @@ spinner(){
|
||||||
|
|
||||||
spin='-\|/'
|
spin='-\|/'
|
||||||
i=0
|
i=0
|
||||||
while $SUDO kill -0 $pid 2>/dev/null
|
while kill -0 $pid 2>/dev/null
|
||||||
do
|
do
|
||||||
i=$(( (i+1) %4 ))
|
i=$(( (i+1) %4 ))
|
||||||
printf "\b${spin:$i:1}"
|
printf "\b${spin:$i:1}"
|
||||||
|
@ -125,17 +132,18 @@ function gravity_collapse() {
|
||||||
|
|
||||||
# Create the pihole resource directory if it doesn't exist. Future files will be stored here
|
# Create the pihole resource directory if it doesn't exist. Future files will be stored here
|
||||||
if [[ -d $piholeDir ]];then
|
if [[ -d $piholeDir ]];then
|
||||||
# Temporary hack to allow non-root access to pihole directory
|
|
||||||
# Will update later, needed for existing installs, new installs should
|
|
||||||
# create this directory as non-root
|
|
||||||
$SUDO chmod 777 $piholeDir
|
|
||||||
find "$piholeDir" -type f -exec $SUDO chmod 666 {} \; & spinner $!
|
|
||||||
echo "."
|
echo "."
|
||||||
else
|
else
|
||||||
echo -n "::: Creating pihole directory..."
|
echo -n "::: Creating pihole directory..."
|
||||||
mkdir $piholeDir & spinner $!
|
mkdir $piholeDir & spinner $!
|
||||||
echo " done!"
|
echo " done!"
|
||||||
fi
|
fi
|
||||||
|
# Still not the best, but slightly more elegent hack than chmod 777.
|
||||||
|
# Run script to give the pihole group permissions to the pihole directory.
|
||||||
|
# This requires root.
|
||||||
|
# The installer should have created a file in sudoers.d to allow pihole user
|
||||||
|
# to run piholeSetPermissions.sh as root with sudo without a password
|
||||||
|
sudo --non-interactive /usr/local/bin/piholeSetPermissions.sh
|
||||||
}
|
}
|
||||||
|
|
||||||
# patternCheck - check to see if curl downloaded any new files.
|
# patternCheck - check to see if curl downloaded any new files.
|
||||||
|
@ -331,27 +339,22 @@ function gravity_reload() {
|
||||||
#Clear no longer needed files...
|
#Clear no longer needed files...
|
||||||
echo ":::"
|
echo ":::"
|
||||||
echo -n "::: Cleaning up un-needed files..."
|
echo -n "::: Cleaning up un-needed files..."
|
||||||
$SUDO rm /etc/pihole/pihole.*
|
rm /etc/pihole/pihole.*
|
||||||
echo " done!"
|
echo " done!"
|
||||||
|
|
||||||
# Reload hosts file
|
# Reload hosts file
|
||||||
echo ":::"
|
echo ":::"
|
||||||
echo -n "::: Refresh lists in dnsmasq..."
|
echo -n "::: Refresh lists in dnsmasq..."
|
||||||
dnsmasqPid=$(pidof dnsmasq)
|
|
||||||
|
|
||||||
find "$piholeDir" -type f -exec $SUDO chmod 666 {} \; & spinner $!
|
# Reloading services requires root.
|
||||||
|
# The installer should have created a file in sudoers.d to allow pihole user
|
||||||
|
# to run piholeReloadServices.sh as root with sudo without a password
|
||||||
|
sudo --non-interactive /usr/local/bin/piholeReloadServices.sh
|
||||||
|
|
||||||
if [[ $dnsmasqPid ]]; then
|
|
||||||
# service already running - reload config
|
|
||||||
$SUDO kill -HUP $dnsmasqPid & spinner $!
|
|
||||||
else
|
|
||||||
# service not running, start it up
|
|
||||||
$SUDO service dnsmasq start & spinner $!
|
|
||||||
fi
|
|
||||||
echo " done!"
|
echo " done!"
|
||||||
}
|
}
|
||||||
|
|
||||||
$SUDO cp /etc/.pihole/adlists.default /etc/pihole/adlists.default
|
cp /etc/.pihole/adlists.default /etc/pihole/adlists.default
|
||||||
gravity_collapse
|
gravity_collapse
|
||||||
gravity_spinup
|
gravity_spinup
|
||||||
gravity_Schwarzchild
|
gravity_Schwarzchild
|
||||||
|
|
Loading…
Reference in a new issue