14 Remotely applying IPCop patches from the command line

Jul 29th, 2008   1:57 pm

IPCop has a built in (although sometimes broken) download/apply UI for patches / security updates. However, it is broken sometimes, and there are times where it’s easier do it over SSH (slow, or unreliable connectivity, for example). Having Googled a bit, there wasn’t an immediate or obvious solution, so I dug around in the CGI scripts to see how it’s done.

This solution (as user Ederson notes in the comments) is applicable to later versions of IPCop 1.x. This has not been tested on the current IPCop 2.x.

Firstly, download the patch using wget, for example:

wget http://prdownloads.sourceforge.net/ipcop/ipcop-1.4.21-update.i386.tgz.gpg?download

Then, move that patch as follows:

mv ipcop-1.4.21-update.i386.tgz.gpg /var/patches/patch.tgz.gpg

That destination file shouldn’t already exist, so if it does you may need to investigate why the previous patch wasn’t applied correctly.

Finally, apply the patch:

/usr/local/bin/installpackage --install

You’ll be prompted when the patch is applied. Reboot if the patch requires so.

Comments:

Aug 29th, 2008   10:09 am

wget: command not found ipcop-1.4.20 and i just want to update to 1.4.21. any suggestion?

Author

Aug 29th, 2008   3:47 pm

You'll find wget (and other handy utils) at .. http://www.ipadd.de/binary.html
Jim Hicks
Oct 2nd, 2009   7:52 pm

I am trying to get 1.4.20 upgraded to 1.4.21 I downloaded the patch with wget and moved it to the correct directory then ran the install. Got these error messages: gpg: WARNING: unsafe permissions on homedir '/root/.gnupg' secmem usage: 1408/1408 bytes in 2/2 blocks of pool 1408/32768 Public signature not found (who signed package?)! I don't know anything about linux or unix, do you have any idea what the problem might be? Many thanks for your wisdom-

Author

Oct 2nd, 2009   9:29 pm

I don't know is the answer, I'm afraid! I assume you are running the command as root (not admin)? If so, I have 755 on .gnupg/ and 600 on all the files in it, if that helps. I also have the following contents... gpg.conf pubring.gpg secring.gpg trustdb.gpg ... with pubring and trustdb being non-empty.
Jim Hicks
Oct 3rd, 2009   4:16 pm

yes, I was logged in as root, and my .gnupg directory appears to look just like yours. I guess I will try again, do some more head scratching and searching.
Jim Hicks
Oct 3rd, 2009   5:15 pm

Eureka! Still got some error msgs but it apparently has worked on the second try....
B Knotts
Dec 7th, 2009   1:28 am

This was helpful, and hopefully may come in handy to others who find themselves with an ipcop which is not displaying parts of the web interface. I reinstalled the 1.4.21 patch using this method and it fixed the interface, which was missing much of its text.
Nov 9th, 2012   5:45 pm

Gentleman, Excuse my English because i'm just a brazilian guy who wants to help. I've tried this method but do'nt worked for me. But give me the bases to begin my searchs. Searching around the web i founded this: http://comments.gmane.org/gmane.comp.security.ipcop.devel/6949 What unveil the problem, the "installpackage" its designed to be called only by CGI's, thats why its cannot accept regular paths or filenames as argument. The solution is: 1 - Copy the patches for any directory of the IPCOP; 2 - Rename the files to be like this: "patch-.tar.gz.gpg" ; 3 - Move the renamed patches to the /var/patches directory; 4 - Apply the command: "installpackage " ; It worked for me. PS: Edit my post to correct any grammar errors that may be occured, to a best knowing of this subject.
Nov 9th, 2012   5:53 pm

I cant say if it appears only for me or for everyone. In the step 2, the name of the file needs a number after the minus symbol, before the first dot. I've typed the word "number" inside the signs Less-than an More-than and it's maybe caused the disapeared. Once again, excuse my poor english, since this error will be corrected this Reply can be excluded. Thanks,
Nov 9th, 2012   6:22 pm

Well, here I am again now i see why the method that you described don't worked for me before. This is the correct method since the 1.4.17 version of IPCOP. Any previous version (I've tested upgrading from 1.4.10 to beyond). As long as I installed de 1.4.17 your method begins to work. If you think, for the best, all my replies can be condensed for better knowing. Sorry for my long verbiage (this one came from Google translate) and for the poor english. Thank you,

Author

Nov 9th, 2012   6:26 pm

@Ederson Ah, thanks for letting us know! I'll update the post accordingly.
Nov 9th, 2012   9:48 pm

Just now i see that the error of non-showing the word "number", between the signs Less-than an More-than, happened too in the step 4, where you must type command: "installpackage number" This reaaally needs an update, to join all this information in a better shape for human understanding ;-)
Tim
Nov 29th, 2016   2:01 pm

Just to let you know this works fine for 2.1.x except you need to add the patch file name and path so it becomes: /usr/local/bin/installpackage --install=/var/patches/patch.tgz.gpg Thanks for the post it was very useful. Tim

Author

Nov 29th, 2016   2:07 pm

Great to hear Tim, thanks for letting me & readers know!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

css.php