Commit 046029d0 authored by Kaarle Ritvanen's avatar Kaarle Ritvanen

activate: initial setup

parent cd4b3a8c
......@@ -11,6 +11,7 @@ lpc = require('lpc')
posix = require('posix')
signal = posix.signal
stat = posix.stat
stringy = require('stringy')
......@@ -291,7 +292,7 @@ if not call(
if mode == 'dump' then dump(level)
elseif mode == 'diff' then
if not posix.stat(dumpfile) then
if not stat(dumpfile) then
printmsg('Please translate or activate first')
os.exit(2)
end
......@@ -321,13 +322,52 @@ if not call(
elseif mode == 'activate' then
local function translate()
config:dump()
filedump(sysdumpfile)
end
local interrupted
if not force then
for _, sig in ipairs{'INT', 'TERM'} do
signal(
posix['SIG'..sig],
function()
interrupted = true
io.stdin:close()
end
)
end
end
if not iptables.isenabled() then
local INIT = '/usr/libexec/awall-init'
if not force and stat(INIT) then
printmsg('Firewall is not active')
io.stderr:write(
'Press RETURN to perform initial configuration and activation: '
)
if io.read() then
translate()
for _, family in ipairs(require('awall.family').ACTIVE) do
os.execute(
INIT..' '..
({inet='iptables', inet6='ip6tables'})[family]
)
end
os.exit(0)
end
printmsg('\nCanceled')
os.exit(2)
end
raise('Firewall not enabled in kernel')
end
iptables.backup()
local pid, interrupted
local pid
if not force then
signal(
......@@ -336,15 +376,6 @@ if not call(
if pid and lpc.wait(pid, 1) then os.exit(1) end
end
)
for i, sig in ipairs({'INT', 'TERM'}) do
signal(
posix['SIG'..sig],
function()
interrupted = true
io.stdin:close()
end
)
end
pid = util.run(arg[0], 'fallback')
end
......@@ -376,8 +407,7 @@ if not call(
end
end
config:dump()
filedump(sysdumpfile)
translate()
else
if not force then kill() end
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment