[BACK]Return to fw_install.sh CVS log [TXT][DIR] Up to [local] / openbsd / fw_update

Diff for /openbsd/fw_update/fw_install.sh between version 1.41 and 1.49

version 1.41, 2021/12/01 02:30:43 version 1.49, 2021/12/02 04:00:37
Line 21 
Line 21 
         echo "${DESTDIR}/tmp"          echo "${DESTDIR}/tmp"
 }  }
   
 # tmpdir, do_as, unpriv, and unpriv2 are from install.sub  # tmpdir, do_as, and unpriv are from install.sub
   # modified to use su(1) when not in the installer.
   # modified to use mktemp(1) when not in the installer.
   
 # Create a temporary directory based on the supplied directory name prefix.  # Create a temporary directory based on the supplied directory name prefix.
 tmpdir() {  tmpdir() {
         local _i=1 _dir          local _i=1 _dir
           if [[ -z $1 ]]; then
                   echo No tmpdir >&2
                   exit 1
           fi
   
         until _dir="${1?}.$_i.$RANDOM" && mkdir -- "$_dir" 2>/dev/null; do          if [[ -e /usr/bin/mktemp ]]; then
                 ((++_i < 10000)) || return 1                  _dir=$( /usr/bin/mktemp -d $1 )
         done                  chown _file "$_dir"
           else
                   until _dir="${1%-+(X)}.$_i.$RANDOM" && mkdir -- "$_dir" 2>/dev/null; do
                       ((++_i < 10000)) || return 1
                   done
           fi
         echo "$_dir"          echo "$_dir"
 }  }
   
Line 57 
Line 68 
                 chown "$_user" "$_file"                  chown "$_user" "$_file"
         fi          fi
   
         doas -u "$_user" "$@"          if [[ -x /usr/bin/su ]]; then
                   /usr/bin/su -s /bin/ksh "$_user" -c "$*"
           else
                   doas -u "$_user" "$@"
           fi
         _rc=$?          _rc=$?
   
         while doas -u "$_user" kill -9 -1 2>/dev/null; do          while doas -u "$_user" kill -9 -1 2>/dev/null; do
Line 71 
Line 86 
 }  }
   
 unpriv() {  unpriv() {
         do_as _sndio "$@"  
 }  
   
 unpriv2() {  
         do_as _file "$@"          do_as _file "$@"
 }  }
   
Line 93 
Line 104 
 #       Otherwise, the fw_update after first boot will fix it up for us.  #       Otherwise, the fw_update after first boot will fix it up for us.
   
 HTTP_FWDIR=$FWDIR  HTTP_FWDIR=$FWDIR
 set -- sed -n "/^OpenBSD $VNAME\([^ ]*\).*$/s//\1/p" /var/run/dmesg.boot  VTYPE=$( sed -n "/^OpenBSD $VNAME\([^ ]*\).*$/s//\1/p" /var/run/dmesg.boot | sed '$!d' )
 [[ $1 == -!(stable) ]] && HTTP_FWDIR=snapshots  [[ $VTYPE == -!(stable) ]] && HTTP_FWDIR=snapshots
   
 FWURL=http://firmware.openbsd.org/firmware/${HTTP_FWDIR}  FWURL=http://firmware.openbsd.org/firmware/${HTTP_FWDIR}
 FWPUB_KEY=${DESTDIR}/etc/signify/openbsd-${VERSION}-fw.pub  FWPUB_KEY=${DESTDIR}/etc/signify/openbsd-${VERSION}-fw.pub
Line 137 
Line 148 
                 done                  done
   
                 # Create a download directory for the firmware and                  # Create a download directory for the firmware and
                 # check that the _sndio user can read files from                  # check that the _file user can read files from
                 # it. Otherwise cleanup and skip the filesystem.                  # it. Otherwise cleanup and skip the filesystem.
                 if _tmpsrc=$(tmpdir "$_tmpfs/firmware"); then                  if _tmpsrc=$(tmpdir "$_tmpfs/firmware-XXXXXXXXX"); then
                         (                          (
                         >$_tmpsrc/t &&                          >$_tmpsrc/t &&
                         $_unpriv cat $_tmpsrc/t                          $_unpriv cat $_tmpsrc/t
Line 160 
Line 171 
             echo "Cannot fetch SHA256.sig" >&2 && return 1              echo "Cannot fetch SHA256.sig" >&2 && return 1
   
         # Verify signature file with public keys.          # Verify signature file with public keys.
         ! $_unpriv -f "$_cfile" \          ! signify -Vep $FWPUB_KEY -x "$_cfile.sig" -m "$_cfile" &&
             signify -Vep $FWPUB_KEY -x "$_cfile.sig" -m "$_cfile" &&  
             echo "Signature check of SHA256.sig failed" >&2 && return 1              echo "Signature check of SHA256.sig failed" >&2 && return 1
   
         for _d in $_drivers; do          for _d in $_drivers; do
Line 186 
Line 196 
                 # sha256. Create a flag file in case ftp failed. Firmware                  # sha256. Create a flag file in case ftp failed. Firmware
                 # from net is written to the prefetch area.                  # from net is written to the prefetch area.
                 ( $_unpriv ftp -D "$_t" -Vmo - "$_src/$_f" || >/tmp/fail ) |                  ( $_unpriv ftp -D "$_t" -Vmo - "$_src/$_f" || >/tmp/fail ) |
                 ( $_srclocal && unpriv2 sha256 -b >/tmp/h ||                  ( $_srclocal && sha256 -b >/tmp/h ||
                     unpriv2 -f /tmp/h sha256 -bph /tmp/h >"$_tmpsrc/$_f" )                      sha256 -bph /tmp/h >"$_tmpsrc/$_f" )
   
                 # Handle failed transfer.                  # Handle failed transfer.
                 if [[ -f /tmp/fail ]]; then                  if [[ -f /tmp/fail ]]; then
Legend:
Removed from v.1.41  
changed lines
  Added in v.1.49
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>