Openwrt /etc/rc.button/reset 保存配置安全脚本
2015-05-21 10:05
901 查看
写一个/etc/rc.button/reset脚本来对安全,状态还有配置改变的反馈做相应的处理
远程操作按下reset按键,并存储配置,脚本文件:
另一个安全备份脚本:
在做reset复位之前,先要进行安全备份,没有备份,就不会进行复位:
button按下0-1秒,保存配置并重启,overlay没有擦除
button按下3-5秒,overly被擦除,存储配置,重启
button按下9-12秒,进行出厂复位,overlay配擦除,没有配置存储
warning: 该脚本不是Openwrt通用脚本,仅作参考,需要根据不用的路由器做出对应修改
远程操作按下reset按键,并存储配置,脚本文件:
#!/bin/sh
PATH="$PATH:/usr/local/sbin/:/usr/local/bin/"
# Only run on button release.
[[ "${ACTION}" = "released" ]] || exit 0
# logger "$BUTTON pressed for $SEEN seconds"
# env >> /tmp/reset-button
if [[ "$SEEN" -le 1 ]] ; then
MESSAGE="RESET BUTTON: Retain current overlay, restore safebackup, and reboot"
echo "$MESSAGE" > /dev/console
logger "$MESSAGE"
safebackup restore && reboot &
elif [[ "$SEEN" -ge 3 -a "$SEEN" -le 5 ]] ; then
MESSAGE="RESET BUTTON: Wipe overlay, restore safebackup, and reboot"
echo "$MESSAGE" > /dev/console
logger "$MESSAGE"
safebackup fullrestore
elif [[ "$SEEN" -ge 9 -a "$SEEN" -le 12 ]] ; then
MESSAGE="RESET BUTTON: Wipe overlay (factory reset) and reboot"
echo "$MESSAGE" > /dev/console
logger "$MESSAGE"
jffs2reset -y && reboot &
else
MESSAGE="RESET BUTTON: Error. Pressed for $SEEN seconds. Do nothing."
echo "$MESSAGE" > /dev/console
logger "$MESSAGE"
fi另一个安全备份脚本:
#!/bin/sh
# This script was written to run under the busybox ash shell.
#
# Save and restore a safe configuration backup state for the host.
export BAKDIR="/safebackups"
export SAVEFILE="/safebackups/safebackup-$(hostname)-$(date +%Y%m%d%H%M%S)-$$.tar.gz"
export RESTOREFILE=$(find /safebackups/ -maxdepth 1 -mindepth 1 -type f -name 'safebackup-*.tar.gz' | head -n 1 2> /dev/null)
export SYSUPGRADE_CONF_TAR="/tmp/sysupgrade.tgz"
PIDFILE="/tmp/$(basename $0.pid)"
MYNAME=$(basename $0)
#--
echoerr() {
# Print errors to stderr.
echo "$@" 1>&2;
}
f_validate_restore() {
# Validate before a restoration.
# If there is no restore file, there is nothing we can do.
if ! [[ -f "$RESTOREFILE" ]] ; then
echoerr ""
echoerr "ERROR: No restore file could be found."
echoerr ""
exit 1
fi
}
f_save() {
# Save a backup.
echo ""
# Make sure the BAKDIR exists. If not, create it.
if ! [[ -d "$BAKDIR" ]] ; then
echo "$BAKDIR does not exist, so creating it."
mkdir "$BAKDIR"
chmod o-rwx "$BAKDIR"
fi
# Remove old backups prior to the new save. We only keep one backup at a time.
echo -n "Removing old backups..."
rm -rf /safebackups/safebackup-*.tar.gz
echo " Done"
# Save the new backup.
sysupgrade -b "$SAVEFILE"
echo "sysupgrade backup saved to $SAVEFILE"
echo ""
}
f_restore() {
# Restore the backup.
f_validate_restore
echo ""
echo "Restoring sysupgrade backup from file: $RESTOREFILE"
sysupgrade -r "$RESTOREFILE"
echo " Done"
echo ""
}
f_fullrestore() {
# Wipe the overlay flash, and restore from backup.
# This is a complicated and dangerous process. This is mostly based on what the sysupgrade script does.
# FIXME: ext-root problems? Reference notes.
f_validate_restore
echo ""
echo "Wiping overlay and restoring sysupgrade backup from file: $RESTOREFILE"
echoerr "WARNING: Network access will be lost during this process and the host will be rebooted."
echo ""
# Copy the safe backup to /tmp
cp "$RESTOREFILE" "$SYSUPGRADE_CONF_TAR" || { echoerr "ERROR: Unable cp restore file to /tmp" ; exit 1 ; }
#
# Source required functions.
source /lib/functions.sh
for EACH in /lib/upgrade/*.sh ; do source "$EACH" ; done
#
# run_hooks will disable the process watchdog and do other important tasks.
run_hooks "" $sysupgrade_pre_upgrade
#
# No idea what this does, and may not be needed at all.
ubus call system upgrade
#
# Kill off all non-critical processes.
kill_remaining TERM ; sleep 3 ; kill_remaining KILL
#
# This is the important part. This runs the ramfs, pivots root, erases the overlay, and restores the config backup.
# WARNING: Remember that when we do run_ramfs, we lose access to the old filesystem, possibly functions, envrionment, etc.
run_ramfs 'mtd -e rootfs_data jffs2write $SYSUPGRADE_CONF_TAR rootfs_data ; reboot -f'
#
# Nothing from here on our matters. We've already rebooted.
# SYSUPGRADE_CONF_TAR is restored on reboot by /lib/preinit/80_mount_root and erased by /etc/init.d/done
#
echo " Done"
echo ""
}
#--
case "$1" in
save )
f_save
;;
restore )
f_restore
;;
fullrestore )
f_fullrestore
;;
*)
echo ""
echo "Usage: $MYNAME save|restore|fullrestore"
echo " WARNING: fullrestore implies a overlay wipe and reboot"
echo ""
exit 1
;;
esac在做reset复位之前,先要进行安全备份,没有备份,就不会进行复位:
button按下0-1秒,保存配置并重启,overlay没有擦除
button按下3-5秒,overly被擦除,存储配置,重启
button按下9-12秒,进行出厂复位,overlay配擦除,没有配置存储
warning: 该脚本不是Openwrt通用脚本,仅作参考,需要根据不用的路由器做出对应修改
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- Openwrt /etc/config/network 配置解析
- Android记录4--自定义ToggleButton+用SharedPreferences保存用户配置
- centos 7.1开机/etc/rc.local脚本不执行的问题
- Android 自定义ToggleButton+用SharedPreferences保存用户配置
- CentOS5生产环境系统安全加固配置-脚本实例二
- win2008 r2 服务器安全配置步骤小结[原创]_win服务器_脚本之家
- openwrt overlayfs (一)实现脚本
- Android 7.0 init.rc 执行shell脚本 ---- 制作一初始化配置文件
- ubuntu /etc/rc.local下脚本不起作用
- openwrt overlayfs 实现脚本
- Silverlight 5 RC新特性探索系列:11.SaveFileDialog保存文件指定默认名称---OpenFileDialog打开文件指定默认路径
- linux的自启动服务脚本的(/etc/rc.d/init.d或者其链接/etc/init.d)
- sshd 安全配置脚本
- linux+openwrt+linkit7688:串口的应用程序配置
- linux中/etc/rc.local脚本的作用
- /etc/rc.d/init.d下的脚本(1)
- 1指令 --/bin/sh 解决/etc/rc.local内脚本代码不运行
- linux中/etc/rc.local脚本的作用
- openwrt overlayfs 实现脚本