1
0
mirror of synced 2024-11-25 22:36:04 +03:00

Add Alpine 3.15

- Add support for Alpine Linux 3.15
- Install nss, nss-tools and nss-dev packages from edge for CVE-2021-43527
  Ref: https://lists.libreswan.org/pipermail/swan-announce/2021/000044.html
This commit is contained in:
hwdsl2 2021-12-29 23:12:24 -06:00
parent a323b13512
commit 603b198613
5 changed files with 26 additions and 14 deletions

View File

@ -87,8 +87,8 @@ EOF
esac esac
if [ "$os_type" = "alpine" ]; then if [ "$os_type" = "alpine" ]; then
os_ver=$(. /etc/os-release && printf '%s' "$VERSION_ID" | cut -d '.' -f 1,2) os_ver=$(. /etc/os-release && printf '%s' "$VERSION_ID" | cut -d '.' -f 1,2)
if [ "$os_ver" != "3.14" ]; then if [ "$os_ver" != "3.14" ] && [ "$os_ver" != "3.15" ]; then
exiterr "This script only supports Alpine Linux 3.14." exiterr "This script only supports Alpine Linux 3.14/3.15."
fi fi
else else
os_ver=$(sed 's/\..*//' /etc/debian_version | tr -dc 'A-Za-z0-9') os_ver=$(sed 's/\..*//' /etc/debian_version | tr -dc 'A-Za-z0-9')

View File

@ -78,8 +78,8 @@ EOF
esac esac
if [ "$os_type" = "alpine" ]; then if [ "$os_type" = "alpine" ]; then
os_ver=$(. /etc/os-release && printf '%s' "$VERSION_ID" | cut -d '.' -f 1,2) os_ver=$(. /etc/os-release && printf '%s' "$VERSION_ID" | cut -d '.' -f 1,2)
if [ "$os_ver" != "3.14" ]; then if [ "$os_ver" != "3.14" ] && [ "$os_ver" != "3.15" ]; then
exiterr "This script only supports Alpine Linux 3.14." exiterr "This script only supports Alpine Linux 3.14/3.15."
fi fi
else else
os_ver=$(sed 's/\..*//' /etc/debian_version | tr -dc 'A-Za-z0-9') os_ver=$(sed 's/\..*//' /etc/debian_version | tr -dc 'A-Za-z0-9')

View File

@ -50,8 +50,8 @@ check_os() {
;; ;;
esac esac
os_ver=$(. /etc/os-release && printf '%s' "$VERSION_ID" | cut -d '.' -f 1,2) os_ver=$(. /etc/os-release && printf '%s' "$VERSION_ID" | cut -d '.' -f 1,2)
if [ "$os_ver" != "3.14" ]; then if [ "$os_ver" != "3.14" ] && [ "$os_ver" != "3.15" ]; then
exiterr "This script only supports Alpine Linux 3.14." exiterr "This script only supports Alpine Linux 3.14/3.15."
fi fi
} }
@ -149,10 +149,16 @@ install_pkgs() {
( (
set -x set -x
apk add -U -q bash bind-tools coreutils openssl wget iproute2 sed grep \ apk add -U -q bash bind-tools coreutils openssl wget iproute2 sed grep \
libcap-ng libcurl libevent linux-pam musl nspr nss nss-tools \ libcap-ng libcurl libevent linux-pam musl nspr \
bison flex gcc make libc-dev bsd-compat-headers linux-pam-dev nss-dev \ bison flex gcc make libc-dev bsd-compat-headers linux-pam-dev \
libcap-ng-dev libevent-dev curl-dev nspr-dev uuidgen openrc libcap-ng-dev libevent-dev curl-dev nspr-dev uuidgen openrc
) || exiterr2 ) || exiterr2
(
set -x
apk add -q --no-cache \
--repository=https://dl-cdn.alpinelinux.org/alpine/edge/community \
nss nss-tools nss-dev
) || exiterr2
} }
get_libreswan() { get_libreswan() {

View File

@ -109,8 +109,8 @@ EOF
esac esac
if [ "$os_type" = "alpine" ]; then if [ "$os_type" = "alpine" ]; then
os_ver=$(. /etc/os-release && printf '%s' "$VERSION_ID" | cut -d '.' -f 1,2) os_ver=$(. /etc/os-release && printf '%s' "$VERSION_ID" | cut -d '.' -f 1,2)
if [ "$os_ver" != "3.14" ]; then if [ "$os_ver" != "3.14" ] && [ "$os_ver" != "3.15" ]; then
exiterr "This script only supports Alpine Linux 3.14." exiterr "This script only supports Alpine Linux 3.14/3.15."
fi fi
else else
os_ver=$(sed 's/\..*//' /etc/debian_version | tr -dc 'A-Za-z0-9') os_ver=$(sed 's/\..*//' /etc/debian_version | tr -dc 'A-Za-z0-9')

View File

@ -71,8 +71,8 @@ check_os() {
;; ;;
esac esac
os_ver=$(. /etc/os-release && printf '%s' "$VERSION_ID" | cut -d '.' -f 1,2) os_ver=$(. /etc/os-release && printf '%s' "$VERSION_ID" | cut -d '.' -f 1,2)
if [ "$os_ver" != "3.14" ]; then if [ "$os_ver" != "3.14" ] && [ "$os_ver" != "3.15" ]; then
exiterr "This script only supports Alpine Linux 3.14." exiterr "This script only supports Alpine Linux 3.14/3.15."
fi fi
} }
@ -160,10 +160,16 @@ install_vpn_pkgs() {
bigecho "Installing packages required for the VPN..." bigecho "Installing packages required for the VPN..."
( (
set -x set -x
apk add -U -q libcap-ng libcurl libevent linux-pam musl nspr nss nss-tools \ apk add -U -q libcap-ng libcurl libevent linux-pam musl nspr \
bison flex gcc make libc-dev bsd-compat-headers linux-pam-dev nss-dev \ bison flex gcc make libc-dev bsd-compat-headers linux-pam-dev \
libcap-ng-dev libevent-dev curl-dev nspr-dev uuidgen openrc xl2tpd libcap-ng-dev libevent-dev curl-dev nspr-dev uuidgen openrc xl2tpd
) || exiterr2 ) || exiterr2
(
set -x
apk add -q --no-cache \
--repository=https://dl-cdn.alpinelinux.org/alpine/edge/community \
nss nss-tools nss-dev
) || exiterr2
} }
install_fail2ban() { install_fail2ban() {