diff --git a/functions/openhabian.bash b/functions/openhabian.bash index 5ad914b51..bcca8774b 100644 --- a/functions/openhabian.bash +++ b/functions/openhabian.bash @@ -390,7 +390,7 @@ system_check_default_password() { local originalPassword local salt local fields - + if is_pi && id -u pi &> /dev/null; then defaultUser="pi" defaultPassword="raspberry" @@ -414,10 +414,10 @@ system_check_default_password() { export algo defaultPassword salt fields generatedPassword="$(perl -le 'print crypt("$ENV{defaultPassword}","\$$ENV{algo}\$$ENV{salt}\$")')" ;; - esac + esac introText="The default password was detected on your system! That is a serious security concern. Bad guys or malicious programs in your subnet are able to gain root access!\\n\\nPlease set a strong password by typing the command 'passwd ${defaultUser}'!" - + echo -n "$(timestamp) [openHABian] Checking for default openHABian username:password combination... " if ! [[ $(id -u "$defaultUser") ]]; then echo "OK (unknown user)"; return 0; fi if [[ $generatedPassword == "$originalPassword" ]]; then @@ -439,6 +439,19 @@ system_check_default_password() { config_ipv6() { local aptConf="/etc/apt/apt.conf.d/S90force-ipv4" local sysctlConf="/etc/sysctl.d/99-sysctl.conf" + local dhcpcdConf="/etc/dhcpcd.conf" + + echo -n "$(timestamp) [openHABian] Making sure route advertisments are available... " + if ! grep -qs "net.ipv6.conf.all.accept_ra = 1" "$sysctlConf"; then + echo -e "\\n# Enable IPv6 route advertisments\\n# This is needed for proper discovery with the Matter binding\\nnet.ipv6.conf.all.accept_ra = 1\\nnet.ipv6.conf.all.accept_ra_rt_info_max_plen = 64" >> "$sysctlConf" + fi + if ! grep -qs "^[[:space:]]*# Disable IPv6" "$dhcpcdConf" && [[ "${1:-${ipv6:-enable}}" == "disable" ]]; then + echo -e "\\n# Disable IPv6\\nnoipv6rs\\nnoipv6" >> /etc/dhcpcd.conf + elif grep -qs "^[[:space:]]*# Disable IPv6" "$dhcpcdConf" && [[ "${1:-${ipv6:-enable}}" == "enable" ]]; then + sed -i '/# Disable IPv6/d; /noipv6rs/d; /noipv6/d' "$dhcpcdConf" + fi + if ! cond_redirect systemctl restart dhcpcd; then echo "FAILED"; return 1; fi + if cond_redirect sysctl --load; then echo "OK"; else echo "FAILED"; return 1; fi if [[ "${1:-${ipv6:-enable}}" == "disable" ]]; then echo -n "$(timestamp) [openHABian] Disabling IPv6... "