[BACK]Return to fw_install.sh CVS log [TXT][DIR] Up to [local] / openbsd / fw_update

Diff for /openbsd/fw_update/fw_install.sh between version 1.46 and 1.49

version 1.46, 2021/12/02 03:46:50 version 1.49, 2021/12/02 04:00:37
Line 35 
Line 35 
   
         if [[ -e /usr/bin/mktemp ]]; then          if [[ -e /usr/bin/mktemp ]]; then
                 _dir=$( /usr/bin/mktemp -d $1 )                  _dir=$( /usr/bin/mktemp -d $1 )
                 chown _sndio "$_dir"                  chown _file "$_dir"
         else          else
                 until _dir="${1%-+(X)}.$_i.$RANDOM" && mkdir -- "$_dir" 2>/dev/null; do                  until _dir="${1%-+(X)}.$_i.$RANDOM" && mkdir -- "$_dir" 2>/dev/null; do
                     ((++_i < 10000)) || return 1                      ((++_i < 10000)) || return 1
Line 86 
Line 86 
 }  }
   
 unpriv() {  unpriv() {
         do_as _sndio "$@"          do_as _file "$@"
 }  }
   
 VNAME=${VNAME:-$(sysctl -n kern.osrelease)}  VNAME=${VNAME:-$(sysctl -n kern.osrelease)}
Line 104 
Line 104 
 #       Otherwise, the fw_update after first boot will fix it up for us.  #       Otherwise, the fw_update after first boot will fix it up for us.
   
 HTTP_FWDIR=$FWDIR  HTTP_FWDIR=$FWDIR
 set -- sed -n "/^OpenBSD $VNAME\([^ ]*\).*$/s//\1/p" /var/run/dmesg.boot  VTYPE=$( sed -n "/^OpenBSD $VNAME\([^ ]*\).*$/s//\1/p" /var/run/dmesg.boot | sed '$!d' )
 [[ $1 == -!(stable) ]] && HTTP_FWDIR=snapshots  [[ $VTYPE == -!(stable) ]] && HTTP_FWDIR=snapshots
   
 FWURL=http://firmware.openbsd.org/firmware/${HTTP_FWDIR}  FWURL=http://firmware.openbsd.org/firmware/${HTTP_FWDIR}
 FWPUB_KEY=${DESTDIR}/etc/signify/openbsd-${VERSION}-fw.pub  FWPUB_KEY=${DESTDIR}/etc/signify/openbsd-${VERSION}-fw.pub
Line 148 
Line 148 
                 done                  done
   
                 # Create a download directory for the firmware and                  # Create a download directory for the firmware and
                 # check that the _sndio user can read files from                  # check that the _file user can read files from
                 # it. Otherwise cleanup and skip the filesystem.                  # it. Otherwise cleanup and skip the filesystem.
                 if _tmpsrc=$(tmpdir "$_tmpfs/firmware-XXXXXXXXX"); then                  if _tmpsrc=$(tmpdir "$_tmpfs/firmware-XXXXXXXXX"); then
                         (                          (
Line 171 
Line 171 
             echo "Cannot fetch SHA256.sig" >&2 && return 1              echo "Cannot fetch SHA256.sig" >&2 && return 1
   
         # Verify signature file with public keys.          # Verify signature file with public keys.
         ! $_unpriv -f "$_cfile" \          ! signify -Vep $FWPUB_KEY -x "$_cfile.sig" -m "$_cfile" &&
             signify -Vep $FWPUB_KEY -x "$_cfile.sig" -m "$_cfile" &&  
             echo "Signature check of SHA256.sig failed" >&2 && return 1              echo "Signature check of SHA256.sig failed" >&2 && return 1
   
         for _d in $_drivers; do          for _d in $_drivers; do
Legend:
Removed from v.1.46  
changed lines
  Added in v.1.49
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>