-
-
Save WinkelCode/dffeb181a4c7903cbc463169324f61b8 to your computer and use it in GitHub Desktop.
| #!/usr/bin/env bash | |
| set -e # Exit on error | |
| if [ "$EUID" -ne 0 ]; then | |
| echo "To ensure correct permissions, this script must be run as root." | |
| exit 1 | |
| fi | |
| install_location="/var/lib/safing-portmaster" # Must not include trailing slash | |
| echo "-> Creating Portmaster program directory at '${install_location}'" | |
| mkdir -p "${install_location}" | |
| echo "-> Creating Portmaster exports directory at '${install_location}/exports'" | |
| mkdir -p "${install_location}/exports/share/applications" | |
| mkdir -p "${install_location}/exports/share/icons" | |
| mkdir -p "${install_location}/exports/units" | |
| temp_dir=$(mktemp -d) | |
| echo "-> Downloading 'portmaster-start'" | |
| wget -q --show-progress -O "$temp_dir/portmaster-start" https://updates.safing.io/latest/linux_amd64/start/portmaster-start | |
| echo "-> Downloading 'portmaster.service'" | |
| wget -q --show-progress -O "$temp_dir/portmaster.service" https://raw.githubusercontent.com/safing/portmaster-packaging/master/linux/portmaster.service | |
| echo "-> Downloading 'portmaster.desktop'" | |
| wget -q --show-progress -O "$temp_dir/portmaster.desktop" https://raw.githubusercontent.com/safing/portmaster-packaging/master/linux/portmaster.desktop | |
| echo "-> Downloading 'portmaster_notifier.desktop'" | |
| wget -q --show-progress -O "$temp_dir/portmaster_notifier.desktop" https://raw.githubusercontent.com/safing/portmaster-packaging/master/linux/portmaster_notifier.desktop | |
| echo "-> Downloading 'portmaster_logo.png'" | |
| wget -q --show-progress -O "$temp_dir/portmaster_logo.png" https://raw.githubusercontent.com/safing/portmaster-packaging/master/linux/portmaster_logo.png | |
| echo "-> Patching paths in 'portmaster.service'" | |
| sed -i "s|/opt/safing/portmaster|${install_location}|g" "$temp_dir/portmaster.service" | |
| echo "-> Patching paths in 'portmaster.desktop'" | |
| sed -i "s|/opt/safing/portmaster|${install_location}|g" "$temp_dir/portmaster.desktop" | |
| echo "-> Patching paths in 'portmaster_notifier.desktop'" | |
| sed -i "s|/opt/safing/portmaster|${install_location}|g" "$temp_dir/portmaster_notifier.desktop" | |
| echo "-> Installing 'portmaster-start' and setting security context" | |
| install -m 0755 "$temp_dir/portmaster-start" "${install_location}/portmaster-start" | |
| chcon -t bin_t "${install_location}/portmaster-start" | |
| echo "-> Installing 'portmaster.service'" | |
| install -m 0644 "$temp_dir/portmaster.service" "${install_location}/exports/units/portmaster.service" | |
| echo "-> Installing 'portmaster.desktop'" | |
| install -m 0644 "$temp_dir/portmaster.desktop" "${install_location}/exports/share/applications/portmaster.desktop" | |
| echo "-> Installing 'portmaster_notifier.desktop'" | |
| install -m 0644 "$temp_dir/portmaster_notifier.desktop" "${install_location}/exports/share/applications/portmaster_notifier.desktop" | |
| echo "-> Installing 'portmaster_logo.png' (as 'portmaster.png')" | |
| install -m 0644 "$temp_dir/portmaster_logo.png" "${install_location}/exports/share/icons/portmaster.png" | |
| echo "-> Running 'portmaster-start update' to download Portmaster data" | |
| "${install_location}/portmaster-start" update --data="${install_location}" | |
| echo "-> (Workaround) Moving 'portmaster.service' to '/etc/systemd/system' and reverse-symlinking it since systemd wants units on the same filesystem" | |
| mv "${install_location}/exports/units/portmaster.service" /etc/systemd/system/portmaster.service | |
| ln -s /etc/systemd/system/portmaster.service "${install_location}/exports/units/portmaster.service" | |
| echo "-> Enabling 'portmaster' service" | |
| systemctl daemon-reload | |
| systemctl enable "portmaster.service" | |
| echo "-> Creating 'portmaster_notifier' autostart" | |
| ln -s "${install_location}/exports/share/applications/portmaster_notifier.desktop" /etc/xdg/autostart/portmaster_notifier.desktop | |
| echo "-> Adding '$install_location' to \$XDG_DATA_DIRS to show desktop entries (applies after next login)" | |
| echo "XDG_DATA_DIRS=$install_location/exports/share:\$XDG_DATA_DIRS" >/etc/profile.d/zzz-portmaster-to-xdg-data-dirs.sh # We prepend 'zzz' since profile.d scripts aren't numbered on Fedora, and we want to run after any other scripts that modify XDG_DATA_DIRS. | |
| echo "-> Removing '${temp_dir}'" | |
| rm -rf "$temp_dir" | |
| echo "-> Done, Portmaster and its tray/notifier application will start with the next boot." |
output of: systemctl status portmaster
portmaster.service - Portmaster by Safing
Loaded: loaded (/etc/systemd/system/portmaster.service; enabled; preset: disabled)
Drop-In: /usr/lib/systemd/system/service.d
└─10-timeout-abort.conf
Active: active (running) since Tue 2023-05-02 10:49:16 CEST; 39min ago
Docs: https://safing.io
https://docs.safing.io
Main PID: 14281 (portmaster-star)
Tasks: 0 (limit: 19018)
Memory: 4.0K
CPU: 45ms
CGroup: /system.slice/portmaster.service
‣ 14281 /var/lib/safing-portmaster/portmaster-start core
May 02 10:49:16 fedora systemd[1]: Started portmaster.service - Portmaster by Safing.
May 02 10:49:16 fedora (er-start)[14410]: portmaster.service: Failed to locate executable /var/lib/safing-portmaster/portmaster-start: Permission denied
May 02 10:49:16 fedora (er-start)[14410]: portmaster.service: Failed at step EXEC spawning /var/lib/safing-portmaster/portmaster-start: Permission denied
May 02 10:49:16 fedora systemd[1]: portmaster.service: Supervising process 14281 which is not our child. We'll most likely not notice when it exits.
Hi @WinkelCode I am still having this issue, I was about to try re-install using your script but not sure how I should go about that, as portmaster is already running and I probably shouldn't install it while it's running.
What should I do?
I think you should be able to close out of the Portmaster GUI, could be right click on the icon. Alternatively, delete /etc/xdg/autostart/portmaster_notifier.desktop, then restart (log out could also suffice).
Given the error message "permission denied", this might work: chcon -t bin_t "${install_location}/portmaster-start" (install_location="/var/lib/safing-portmaster")
So I finally got to this, I made a backup of /var/lib/safing-portmaster and ran your script again, the script failed at the point of copying assets over, but that was actually helpful as it had already reset the systemd service and didn't overwrite my profile settings. After restart, it seems portmaster is launching properly again :) Thanks
[@fedora ~]$ sudo /var/home/user/Applications/install_portmaster_to_var.sh
[sudo] password for user:
-> Creating Portmaster program directory at '/var/lib/safing-portmaster'
-> Creating Portmaster exports directory at '/var/lib/safing-portmaster/exports'
-> Downloading 'portmaster-start'
[@fedora ~]$ sudo /var/home/D24/Applications/install_portmaster_to_var.sh
-> Creating Portmaster program directory at '/var/lib/safing-portmaster'
-> Creating Portmaster exports directory at '/var/lib/safing-portmaster/exports'
-> Downloading 'portmaster-start'
/tmp/tmp.pXwudeK4P4/portmaster- 100%[====================================================>] 23.16M 5.06MB/s in 5.4s
-> Downloading 'portmaster.service'
/tmp/tmp.pXwudeK4P4/portmaster. 100%[====================================================>] 1.58K --.-KB/s in 0.001s
-> Downloading 'portmaster.desktop'
/tmp/tmp.pXwudeK4P4/portmaster. 100%[====================================================>] 210 --.-KB/s in 0s
-> Downloading 'portmaster_notifier.desktop'
/tmp/tmp.pXwudeK4P4/portmaster_ 100%[====================================================>] 248 --.-KB/s in 0s
-> Downloading 'portmaster_logo.png'
/tmp/tmp.pXwudeK4P4/portmaster_ 100%[====================================================>] 30.63K --.-KB/s in 0.003s
-> Patching paths in 'portmaster.service'
-> Patching paths in 'portmaster.desktop'
-> Patching paths in 'portmaster_notifier.desktop'
-> Installing 'portmaster-start' and setting security context
-> Installing 'portmaster.service'
-> Installing 'portmaster.desktop'
-> Installing 'portmaster_notifier.desktop'
-> Installing 'portmaster_logo.png' (as 'portmaster.png')
-> Running 'portmaster-start update' to download Portmaster data
[pmstart] 2023/07/22 23:30:45 checking for new versions
[pmstart] 2023/07/22 23:30:46 all resources are up to date
-> (Workaround) Moving 'portmaster.service' to '/etc/systemd/system' and reverse-symlinking it since systemd wants units on the same filesystem
-> Enabling 'portmaster' service
-> Creating 'portmaster_notifier' autostart
ln: failed to create symbolic link '/etc/xdg/autostart/portmaster_notifier.desktop': File exists
Thanks for the script, would you like us to link to it from the Safing wiki?
https://wiki.safing.io/en/Portmaster/Install/Linux
Has anyone tested this out in VanillaOS? I'm not confident on my ability to read nor test this script without borking my system.
@mateowoetam someone from the Portmaster community wrote a guide for VanillaOS https://wiki.safing.io/en/Portmaster/Install/Linux/VanillaOS I did not test it but other on the discord already did thank him for it, so it seems to work 😁
Hi @Raphty,
Apologies for missing your earlier comment. Yes, please feel free to link it in the wiki.
Heya are you experiencing issues with the core service not starting at boot anymore? It started presenting today after an update last night . But when I tried rollback, it still didn't launch at boot.
When I startup, the portmaster gui is active in the system tray but red. opening in the GUI and clicking start core service prompts for root password and said something about policy kit.
But entering the password results in no change.
I then ran in CLI: sudo /var/lib/safing-portmaster/portmaster-start core
and Pmaster came online again. But currently I have to run that command after boot every time. I'm on Kinoite if you remember...