=================================================================== RCS file: /cvs/openbsd/update_openbsd/update_openbsd,v retrieving revision 1.55 retrieving revision 1.98 diff -u -r1.55 -r1.98 --- openbsd/update_openbsd/update_openbsd 2013/12/28 02:56:24 1.55 +++ openbsd/update_openbsd/update_openbsd 2017/12/11 01:35:44 1.98 @@ -1,6 +1,6 @@ #!/bin/sh -# $AFresh1: update_openbsd,v 1.54 2013/12/28 02:55:28 andrew Exp $ -# +# $AFresh1: update_openbsd,v 1.97 2017/12/11 00:52:41 andrew Exp $ +# # Copyright (c) 2012 Andrew Fresh # # Permission to use, copy, modify, and distribute this software for any @@ -18,7 +18,7 @@ installed_sets() { local misc=/usr/share/doc/README - local man=/usr/share/man/cat1/intro.0 + local man=/usr/share/man/man1/intro.1 local comp=/usr/bin/cc local game=/usr/games/ local xbase=/usr/X11R6/ @@ -27,10 +27,12 @@ local xserv=/usr/X11R6/bin/X local xshare=/usr/X11R6/bin/startx + local _nv=`echo $NEW_VER | sed -e 's/\.//'` local _c _d _e echo -n base - echo -n ' etc' + [ $_nv -lt 57 ] && echo -n ' etc' for _d in misc man comp game xbase xetc xfont xserv xshare; do + [ $_d = xetc -a $_nv -ge 57 ] && continue eval _e=\$${_d} _c=`ls $_e 2> /dev/null | wc -l` #echo $_c $_d $_e @@ -40,7 +42,7 @@ done sendmail -d0.1 --badoption /dev/null | grep -q SASL - if [ $? == 0 ]; then + if [ $? == 0 ]; then echo -n ' sendmail-smtp_auth' fi } @@ -58,19 +60,15 @@ local _list=`echo "ls base*.tgz" | ${FTP_CMD} ${FTP}/` _file=`echo ${_list} | awk '/base[0-9][0-9].tgz/ { print $9 }'` - elif [ X"http" == X"${_proto}" ]; then - local _list=`${FTP_CMD} -V -o - ${FTP}/` - _file=`echo ${_list} | awk '/[^x]base[0-9][0-9]*\.tgz/ { - sub("^.*base","base"); - sub("\.tgz.*",".tgz"); - print $0; - }'` + elif [ X"http" == X"${_proto}" -o X"https" == X"${_proto}" ]; then + _file=`${FTP_CMD} -V -o - ${FTP}/index.txt | + sed -ne 's/.*\(base[0-9][0-9].tgz\).*/\1/p'` elif [ X"scp" == X"${_proto}" ]; then echo SCP is not yet supported >&2 return 2 - else + else echo Unsupported FTP ${FTP} >&2 return 2 @@ -81,6 +79,21 @@ echo $_v } +set_boot_device() { + BOOT_DEVICE=$( df -nP /bsd | sed -ne 's! .*/$!!p' ) + + root_disk=$( echo $BOOT_DEVICE | + sed -e 's,/dev/\([a-z]*[0-9]\)[a-z].*,\1,' ) + msdos_partition=$( + fdisk $root_disk | grep -q '^*.*FAT32' \ + && \ + disklabel $root_disk | sed -ne 's/:.*MSDOS//p' | tr -d ' ' + ) + + [ "$msdos_partition" ] && + BOOT_DEVICE="/dev/$root_disk$msdos_partition" +} + set_version() { CUR_VER=`uname -r` NEW_VER=`dc -e "$CUR_VER 0.1 + p"` @@ -116,10 +129,13 @@ fi if [ X"" != X"${MIRROR}" -a X"" == X"${_v}" ]; then - if [ X"No" == X"${FORCE_DIR}" ]; then - _dir=${NEW_VER} - else + if [ X"No" != X"${FORCE_DIR}" ]; then _dir=${FORCE_DIR} + elif sysctl kern.version | grep -q -- '-current '; then + _dir=snapshots + FORCE_DIR=snapshots + else + _dir=${NEW_VER} fi FTP=${MIRROR}/${_dir}/`machine` @@ -140,7 +156,7 @@ if [ X"" == X"${_v}" ]; then echo No sets in [${FTP}] >&2 - return 2 + return 2 elif [ X"${_cv}" == X"${_v}" ]; then NEW_VER=$CUR_VER elif [ X"${_nv}" == X"${_v}" ]; then @@ -157,7 +173,11 @@ fi if [ X"" == X"${_v}" ]; then - echo ERROR: Unable to determine file version! >&2 + if [ X"" == X"${MIRROR}" ]; then + echo ERROR: No sets, and no MIRROR, unable to continue. >&2 + else + echo ERROR: Unable to determine FILE_VER, check your MIRROR. >&2 + fi return 1 fi @@ -218,10 +238,14 @@ if [ ! -e ./${_b} ]; then echo "===> $FTP_CMD ${FTP}/${_b}" $FTP_CMD ${FTP}/${_b} + else + echo "===> Have ${_b}" fi + kernel_file_version "${_b}" done for _s in $INSTALLED_SETS; do + [ "$_v" -ge "57" -a "$_s" != "${_s%etc}" ] && continue local _file=${_s}${_v}.tgz if [ ${_s} == sendmail-smtp_auth ]; then _file=${_s}.gz @@ -234,10 +258,12 @@ done local _type + local _ftp for _type in $CHECKSUM_TYPES; do [ -e $_type ] && break - echo "===> $FTP_CMD ${FTP}/$_type" - $FTP_CMD ${FTP}/$_type + _ftp=`echo "$FTP" | sed -e 's,://[^/]*/,://ftp.openbsd.org/,'` + echo "===> $FTP_CMD ${_ftp}/$_type" + $FTP_CMD ${_ftp}/$_type done } @@ -245,9 +271,7 @@ local _file=$1 # This could go circular, but I dunno how to fix that. if [ -h $_file ]; then - follow_symlink $( file $_file | - grep 'symbolic link' | - sed -e s/^.*\\\`// -e s/\\\'\$// ) + follow_symlink $( readlink -f $_file ) else echo $_file fi @@ -263,9 +287,28 @@ return 1 fi - ls bsd* *gz | sed -e 's/\(.*\)/(\1)/' > index - grep -f index $_type | sum -c + local _nv=`echo $NEW_VER | sed -e 's/\.//'` + local _signify=`which signify 2>/dev/null` + local _keyfile=/etc/signify/openbsd-${_nv}-base.pub + local _b _s + ( + for _b in $INSTALL_KERNELS; do echo "($_b)" ; done + for _s in $INSTALLED_SETS; do echo "($_s$_nv.tgz)"; done + ) > index + + + if [ -n "$_signify" -a "$_type" != "${_type%.sig}" ]; then + echo "===> Checking signature"; + if [ ! -e $_keyfile ]; then + echo "key [$_keyfile] does not exist, cannot check $_type" >&2 + return 2 + fi + signify -V -e -p $_keyfile -x $_type -m - | grep -f index | sha256 -c - + else + grep -f index $_type | sha256 -c + fi + if [ $? -ne 0 ]; then echo ERROR: $_type does not match! >&2 return 1 @@ -298,6 +341,7 @@ fi for _s in $INSTALLED_SETS; do + [ "$_v" -ge "57" -a "$_s" != "${_s%etc}" ] && continue local _file=${_s}${_v}.tgz if [ ${_s} == sendmail-smtp_auth ]; then _file=${_s}.gz @@ -309,34 +353,64 @@ done if [ X"" == X"${_missing_sets}" ]; then - echo '===> All OK' + echo 'All OK' fi local _type for _type in $CHECKSUM_TYPES; do + [ -n "$NO_SIGNIFY" -a "$_type" != "${_type%.sig}" ] && continue if [ -e $_type ]; then - check_sum $_type - [ $? -ne 0 -a -z "$IGNORE_CHECKSUM_ERROR" ] && exit 1 + check_sum $_type && break + [ -z "$IGNORE_CHECKSUM_ERROR" ] && exit 1 fi done + + return 0 } install_kernels() { - echo '==> INSTALLING KERNEL' - if [ X"$USER" != X"root" -a X"$SUDO" == X"" ]; then - echo ${0##*/} must be run as root or SUDO must be set! >&2 - exit 1 + local _d=$1 + local default_mount=$( df -lnP /bsd | sed -ne 's!/dev/.* !!p' ) + local boot_mount + local mount_is_msdos + + if [ ! "$_d" ]; then + boot_mount=$( mount | + sed -ne "s!^$BOOT_DEVICE on \([^ ]*\).*!\1!p" ) + + local _ik="$INSTALL_KERNELS" + INSTALL_KERNELS="${BOOT_KERNEL#/} bsd.rd" + + if [ ! "$boot_mount" ]; then + mount $BOOT_DEVICE /mnt + install_kernels /mnt/ + umount $BOOT_DEVICE + elif [ "$boot_mount" != "$default_mount" ]; then + install_kernels $boot_mount/ + fi + + INSTALL_KERNELS="$_ik" + install_kernels $default_mount + return fi + echo "==> INSTALLING KERNEL to $_d" + if [ X"" == X"$RELEASEDIR" ]; then echo ERROR: no source for new kernels! >&2 exit 1 fi + mount | grep -q " ${_d%/} .* msdos" && mount_is_msdos=1 + if [ X"$BOOT_KERNEL_VERSION" != X"$NEW_KERNEL_VERSION" ]; then - echo "===> Backing up $BOOT_KERNEL to /obsd" - $SUDO ln -f $BOOT_KERNEL /obsd + echo "===> Backing up $BOOT_KERNEL to ${_d}obsd" + if [ $mount_is_msdos ]; then + cp $BOOT_KERNEL ${_d}obsd + else + ln -f $BOOT_KERNEL ${_d}obsd + fi if [ $? -ne 0 ]; then echo "Error copying old kernel!" >&2 exit 1 @@ -346,15 +420,15 @@ cd $RELEASEDIR for _b in $INSTALL_KERNELS; do - $SUDO rm -f /nbsd + rm -f ${_d}nbsd local _bd=$_b [ X"${_b}" == X"bsd" ] && _bd="bsd.sp" local _is_boot="" - [ X"$BOOT_KERNEL" == X"/${_bd}" ] && _is_boot="# boot kernel" - - echo "===> Copying $_b to /$_bd $_is_boot" - $SUDO cp ${_b} /nbsd && $SUDO mv /nbsd /${_bd} + [ X"$BOOT_KERNEL" == X"${_d}${_bd}" ] && _is_boot="# boot kernel" + + echo "Copying $_b to ${_d}$_bd $_is_boot" + cp ${_b} ${_d}nbsd && mv ${_d}nbsd ${_d}${_bd} if [ $? -ne 0 ]; then echo ERROR: Could not copy new $_bd kernel! >&2 exit 1 @@ -363,30 +437,27 @@ cd $OLDPWD - if [ ! -h /bsd ]; then - cd / + if [ ! -h ${_d}bsd ]; then + cd ${_d} for _b in $BOOT_KERNELS; do [ X"$_b" == X"bsd" ] && _b="bsd.sp" if [ -e $_b ]; then - echo "===> symlinking $_b to /bsd" - $SUDO ln -sf $_b bsd - if [ $? -ne 0 ]; then - echo ERROR: Could not symlink new kernel! >&2 - exit 1 + if [ "$mount_is_msdos" ]; then + echo "===> Moving $_b ${_d}bsd (MSDOS)" + mv -f ${_b} bsd + else + echo "===> symlinking $_b to ${_d}bsd" + ln -sf $_b bsd fi break fi done - cd $OLDPWD + cd $OLDPWD fi } install_sets() { echo '==> INSTALLING SETS' - if [ X"$USER" != X"root" -a X"$SUDO" == X"" ]; then - echo ${0##*/} must be run as root or SUDO must be set! >&2 - exit 1 - fi if [ X"" == X"$RELEASEDIR" ]; then echo ERROR: no source for sets! >&2 @@ -406,9 +477,9 @@ _path=/var/tmp/temproot fi - echo "===> Extracting $_f to $_path" - $SUDO mkdir -p $_path - $SUDO tar -C $_path -xzphf ${RELEASEDIR}/${_f} + echo "Extracting $_f to $_path" + mkdir -p $_path + tar -C $_path -xzphf ${RELEASEDIR}/${_f} if [ $? -ne 0 ]; then echo ERROR: Could not extract ${_f}! >&2 exit 1 @@ -425,10 +496,10 @@ fi if [ -e ${RELEASEDIR}/sendmail-smtp_auth ]; then if ! pkg_info -qe 'cyrus-sasl-*'; then - $SUDO pkg_add -i cyrus-sasl + pkg_add -i cyrus-sasl fi - $SUDO install -o root -g smmsp -m 2555 \ + install -o root -g smmsp -m 2555 \ ${RELEASEDIR}/sendmail-smtp_auth \ /usr/libexec/sendmail/sendmail @@ -443,32 +514,41 @@ exit 1; fi - if [ X"" == X"$RELEASEDIR" ]; then - echo "ERROR: no source for etc!" >&2 - exit 1 - fi - - cd $RELEASEDIR - local _v=$FILE_VER local _args="" - if [ -e etc${_v}.tgz ]; then - _args="$_args -s etc${_v}.tgz" + + if [ ! -e /var/sysmerge/etc.tgz ]; then + if [ X"" == X"$RELEASEDIR" ]; then + echo "ERROR: no source for etc!" >&2 + exit 1 + fi + + cd $RELEASEDIR + + if [ -e etc${_v}.tgz ]; then + _args="$_args -s ${RELEASEDIR}/etc${_v}.tgz" + fi + if [ -e xetc${_v}.tgz ]; then + _args="$_args -x ${RELEASEDIR}/xetc${_v}.tgz" + fi + if [ X"" == X"$_args" ]; then + echo ERROR: No upgrade sets found! >&2 + exit 1 + fi fi - if [ -e xetc${_v}.tgz ]; then - _args="$_args -x xetc${_v}.tgz" - fi - if [ X"" == X"$_args" ]; then - echo ERROR: No upgrade sets found! >&2 - else - echo '==> RUNNING SYSMERGE' - $SUDO $SYSMERGE $_args - fi + echo '==> RUNNING SYSMERGE' + $SYSMERGE $_args + cd $OLDPWD } +if [ $(id -u) != 0 ]; then + echo 'ERROR: need root privileges to run this script' >&2 + exit 1 +fi + if [ -e /etc/update_openbsd.conf ]; then . /etc/update_openbsd.conf fi @@ -477,39 +557,58 @@ . ${HOME}/.update_openbsdrc fi -#MIRROR=${MIRROR:=ftp://ftp.openbsd.org/pub/OpenBSD} +MIRROR=${MIRROR:=http://fastly.cdn.openbsd.org/pub/OpenBSD} FTP_CMD=${FTP_CMD:=ftp -V} -PKG_PATH=${PKG_PATH:=/usr/ports/packages/`machine`/all/:${MIRROR}/`uname -r`/packages/`machine`/} DESTDIR=${DESTDIR:=/} SYSMERGE=${SYSMERGE:=/usr/sbin/sysmerge} FORCE_DIR=${FORCE_DIR:=No} +export PKG_PATH TRUSTED_PKG_PATH + +set_version +[ -z "$BOOT_DEVICE" ] && set_boot_device + +TRUSTED_PKG_PATH=${TRUSTED_PKG_PATH:=/usr/ports/packages/`machine -a`/all} +if [ "$FORCE_DIR" = "No" ]; then + PKG_PATH=${PKG_PATH:=${MIRROR}/$NEW_VER/packages/`machine -a`} +else + PKG_PATH=${PKG_PATH:=${MIRROR}/$FORCE_DIR/packages/`machine -a`} +fi + INSTALLED_SETS=${INSTALLED_SETS:=`installed_sets`} -CHECKSUM_TYPES=${CHECKSUM_TYPES:=SHA256 MD5} +CHECKSUM_TYPES=${CHECKSUM_TYPES:=SHA256.sig SHA256} -set_version local _error=$? echo echo "-= update_openbsd - helper script to update OpenBSD =-" echo "------------------------------------------------------" echo -echo " SUDO: $SUDO" -echo " SYSMERGE: $SYSMERGE" -echo " MIRROR: $MIRROR" -echo " RELEASEDIR: $RELEASEDIR" -echo " DESTDIR: $DESTDIR" -echo " BOOT_KERNEL: $BOOT_KERNEL" -echo "INSTALL_KERNELS: $INSTALL_KERNELS" -echo " INSTALLED_SETS: $INSTALLED_SETS" +echo " SYSMERGE: $SYSMERGE" +echo " MIRROR: $FTP" +echo " PKG_PATH: $PKG_PATH" +echo "TRUSTED_PKG_PATH: $TRUSTED_PKG_PATH" +echo " RELEASEDIR: $RELEASEDIR" +echo " DESTDIR: $DESTDIR" +echo " BOOT_DEVICE: $BOOT_DEVICE" +echo " BOOT_KERNEL: $BOOT_KERNEL" +echo " INSTALL_KERNELS: $INSTALL_KERNELS" +echo " INSTALLED_SETS: $INSTALLED_SETS" echo -echo " CUR_VER: $CUR_VER" -echo " NEW_VER: $NEW_VER" -#echo " FILE_VER: $FILE_VER" +echo " CUR_VER: $CUR_VER" +echo " NEW_VER: $NEW_VER" +#echo " FILE_VER: $FILE_VER" echo +for k in $INSTALL_KERNELS; do + if [ -e "/$k" ]; then + echo "Existing $k" + kernel_file_version "/$k" + fi +done + if [ ${_error} -ne 0 ]; then exit ${_error} fi @@ -535,32 +634,27 @@ NEW_KERNEL_VERSION=$BOOT_KERNEL_VERSION fi -if [ -n "$SUDO" -a $CUR_VER != $NEW_VER ]; then +if [ X"$NEW_KERNEL_VERSION" != X"$BOOTED_KERNEL_VERSION" ]; then echo >&2 - echo "!!! You are upgrading between OpenBSD versions. !!!" >&2 - echo "!!! You should make sure you have a root shell open !!!" >&2 - echo "!!! It is needed in order to run /sbin/oreboot. !!!" >&2 - echo "!!! sudo MAY NOT WORK after sets are extracted. !!!" >&2 + echo "!!! You are upgrading the OpenBSD kernel. !!!" >&2 + echo "!!! You will be given the opportunity to reboot !!!" >&2 + echo "!!! at the end of the proces but it is safer to !!!" >&2 + echo "!!! have a separate root shell open. !!!" >&2 + echo "!!! It is needed in order to run /sbin/oreboot. !!!" >&2 + echo "!!! doas MAY NOT WORK after sets are extracted. !!!" >&2 echo >&2 - echo "ctrl+C to cancel, enter to continue" >&2 + echo "enter to continue, ctrl+C to cancel" >&2 local _temp read _temp -fi -if [ -n "$SUDO" ]; then - echo - echo You may be asked for your sudo password multiple times. - $SUDO -v -p "sudo Password: " -fi - -if [ X"$NEW_KERNEL_VERSION" != X"$BOOTED_KERNEL_VERSION" \ - -a ! -e /sbin/oreboot ]; then - $SUDO cp /sbin/reboot /sbin/oreboot - if [ $? -ne 0 ]; then - echo "Error copying old reboot command!" >&2 - exit 1 + if [ ! -e /sbin/oreboot ]; then + cp /sbin/reboot /sbin/oreboot + if [ $? -ne 0 ]; then + echo "Error copying old reboot command!" >&2 + exit 1 + fi + echo "/sbin/reboot copied to /sbin/oreboot" fi - echo "/sbin/reboot copied to /sbin/oreboot" fi install_kernels @@ -571,15 +665,28 @@ if [ -e /sbin/oreboot ]; then echo Removing /sbin/oreboot - $SUDO rm -f /sbin/oreboot + rm -f /sbin/oreboot fi update_etc - echo '==> UPDATING PACKAGES' - $SUDO pkg_add -ui -F update -F updatedepends + OPENUP=$( which openup 2>/dev/null ) + if [ -n "$OPENUP" ]; then + echo "==> UPDATING WITH $OPENUP" + $OPENUP + else + echo '==> UPDATING PACKAGES' + pkg_add -u + fi + echo '==> UPDATING FIRMWARE' + fw_update + else - echo Instructions for updating to the new version available from + [ -e /etc/rc.sysmerge ] && grep -q $SYSMERGE /etc/rc.sysmerge || + echo "$SYSMERGE -b" >>/etc/rc.sysmerge && + echo "==> RUNNING $SYSMERGE -b ON REBOOT" + + echo Instructions for updating to the new version available from if [ X"snapshots" == X"$FORCE_DIR" ]; then echo " http://www.openbsd.org/faq/current.html" else @@ -587,7 +694,11 @@ fi fi -echo New kernel installed. Please reboot! +echo Update complete. enter to reboot, ctrl+C to cancel +read _temp if [ -e /sbin/oreboot ]; then - echo Possibly using /sbin/oreboot + echo using /sbin/oreboot + /sbin/oreboot +else + /sbin/reboot fi