=================================================================== RCS file: /cvs/openbsd/update_openbsd/update_openbsd,v retrieving revision 1.39 retrieving revision 1.75 diff -u -r1.39 -r1.75 --- openbsd/update_openbsd/update_openbsd 2012/12/08 19:52:08 1.39 +++ openbsd/update_openbsd/update_openbsd 2015/05/03 00:27:01 1.75 @@ -1,9 +1,24 @@ #!/bin/sh -# $AFresh1: update_openbsd,v 1.38 2012/04/19 04:03:47 andrew Exp $ +# $AFresh1: update_openbsd,v 1.74 2015/03/21 22:50:18 andrew Exp $ +# +# Copyright (c) 2012 Andrew Fresh +# +# Permission to use, copy, modify, and distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notice and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR +# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF +# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. +# installed_sets() { local misc=/usr/share/doc/README - local man=/usr/share/man/cat1/intro.0 + local man=/usr/share/man/man1/intro.1 local comp=/usr/bin/cc local game=/usr/games/ local xbase=/usr/X11R6/ @@ -12,10 +27,12 @@ local xserv=/usr/X11R6/bin/X local xshare=/usr/X11R6/bin/startx + local _nv=`echo $NEW_VER | sed -e 's/\.//'` local _c _d _e echo -n base - echo -n ' etc' + [ $_nv -lt 57 ] && echo -n ' etc' for _d in misc man comp game xbase xetc xfont xserv xshare; do + [ $_d = xetc -a $_nv -ge 57 ] && continue eval _e=\$${_d} _c=`ls $_e 2> /dev/null | wc -l` #echo $_c $_d $_e @@ -142,7 +159,11 @@ fi if [ X"" == X"${_v}" ]; then - echo ERROR: Unable to determine file version! >&2 + if [ X"" == X"${MIRROR}" ]; then + echo ERROR: No sets, and no MIRROR, unable to continue. >&2 + else + echo ERROR: Unable to determine FILE_VER, check your MIRROR. >&2 + fi return 1 fi @@ -160,8 +181,8 @@ [ -e /boot.conf ] && sed -E '/^ *(set +image|boot) +/!d ; \ s///; s/^.*://; s/ .*$//' /boot.conf \ ) | tail -1` + BOOT_KERNEL=`follow_symlink /$BOOT_KERNEL` BOOT_KERNEL="/${BOOT_KERNEL#/}" - BOOT_KERNEL=`follow_symlink $BOOT_KERNEL` BOOT_KERNEL_VERSION=`kernel_file_version $BOOT_KERNEL` @@ -170,6 +191,10 @@ # We want to default to what we had INSTALL_KERNELS="${BOOT_KERNEL#/}" + # if the boot kernel was our specially named bsd.sp, we install from bsd + if [ X"$INSTALL_KERNELS" == X"bsd.sp" ]; then + INSTALL_KERNELS="bsd" + fi # with a second option of an mp kernel if is is a likely candidate if [ X"$INSTALL_KERNELS" != X"bsd.mp" ]; then local _ncpu=$(sysctl -n hw.ncpufound) @@ -184,7 +209,7 @@ } get_sets() { - echo '### GETTING SETS ###' + echo '==> GETTING SETS' if [ X"" == X"$FTP" ]; then echo ERROR: No FTP site set! >&2 return 1 @@ -196,30 +221,35 @@ local _v=$FILE_VER for _b in $INSTALL_KERNELS; do - if [ -e /${_b} -a ! -e ./${_b} ]; then - echo $FTP_CMD ${FTP}/${_b} + if [ ! -e ./${_b} ]; then + echo "===> $FTP_CMD ${FTP}/${_b}" $FTP_CMD ${FTP}/${_b} + else + echo "===> Have ${_b}" fi + kernel_file_version "${_b}" done for _s in $INSTALLED_SETS; do + [ "$_v" -ge "57" -a "$_s" != "${_s%etc}" ] && continue local _file=${_s}${_v}.tgz if [ ${_s} == sendmail-smtp_auth ]; then _file=${_s}.gz fi if [ ! -e ./${_file} ]; then - echo $FTP_CMD ${FTP}/${_file} + echo "===> $FTP_CMD ${FTP}/${_file}" $FTP_CMD ${FTP}/${_file} fi done local _type + local _ftp for _type in $CHECKSUM_TYPES; do - if [ ! -e $_type ]; then - echo $FTP_CMD ${FTP}/$_type - $FTP_CMD ${FTP}/$_type - fi + [ -e $_type ] && break + _ftp=`echo "$FTP" | sed -e 's,://[^/]*/,://ftp.openbsd.org/,'` + echo "===> $FTP_CMD ${_ftp}/$_type" + $FTP_CMD ${_ftp}/$_type done } @@ -237,7 +267,7 @@ check_sum () { local _type=$1 - echo "### CHECKING $_type SUMS ###" + echo "==> CHECKING $_type SUMS" cd $RELEASEDIR if [ ! -e $_type ]; then @@ -245,9 +275,28 @@ return 1 fi - ls bsd* *gz | sed -e 's/\(.*\)/(\1)/' > index - grep -f index $_type | sum -c + local _nv=`echo $NEW_VER | sed -e 's/\.//'` + local _signify=`which signify 2>/dev/null` + local _keyfile=/etc/signify/openbsd-${_nv}-base.pub + local _b _s + ( + for _b in $INSTALL_KERNELS; do echo "($_b)" ; done + for _s in $INSTALLED_SETS; do echo "($_s$_nv.tgz)"; done + ) > index + + + if [ -n "$_signify" -a "$_type" != "${_type%.sig}" ]; then + echo "===> Checking signature"; + if [ ! -e $_keyfile ]; then + echo "key [$_keyfile] does not exist, cannot check $_type" >&2 + return 2 + fi + signify -V -e -p $_keyfile -x $_type -m - | grep -f index | sha256 -c - + else + grep -f index $_type | sha256 -c + fi + if [ $? -ne 0 ]; then echo ERROR: $_type does not match! >&2 return 1 @@ -255,7 +304,7 @@ } check_sets() { - echo '### CHECKING SETS ###' + echo '==> CHECKING SETS' cd $RELEASEDIR local _missing_sets @@ -280,6 +329,7 @@ fi for _s in $INSTALLED_SETS; do + [ "$_v" -ge "57" -a "$_s" != "${_s%etc}" ] && continue local _file=${_s}${_v}.tgz if [ ${_s} == sendmail-smtp_auth ]; then _file=${_s}.gz @@ -291,49 +341,51 @@ done if [ X"" == X"${_missing_sets}" ]; then - echo All OK + echo '===> All OK' fi local _type for _type in $CHECKSUM_TYPES; do + [ -n "$NO_SIGNIFY" -a "$_type" != "${_type%.sig}" ] && continue if [ -e $_type ]; then - check_sum $_type + check_sum $_type && break + [ -z "$IGNORE_CHECKSUM_ERROR" ] && exit 1 fi done + + return 0 } install_kernels() { - echo '### INSTALLING KERNEL ###' - if [ X"$USER" != X"root" -a X"$SUDO" == X"" ]; then - echo ${0##*/} must be run as root or SUDO must be set! >&2 - exit 1 - fi + echo '==> INSTALLING KERNEL' if [ X"" == X"$RELEASEDIR" ]; then echo ERROR: no source for new kernels! >&2 exit 1 fi - echo "Backing up $BOOT_KERNEL to /obsd" - $SUDO ln -f $BOOT_KERNEL /obsd - if [ $? -ne 0 ]; then - echo "Error copying old kernel!" >&2 - exit 1 + if [ X"$BOOT_KERNEL_VERSION" != X"$NEW_KERNEL_VERSION" ]; then + echo "===> Backing up $BOOT_KERNEL to /obsd" + ln -f $BOOT_KERNEL /obsd + if [ $? -ne 0 ]; then + echo "Error copying old kernel!" >&2 + exit 1 + fi fi cd $RELEASEDIR for _b in $INSTALL_KERNELS; do - $SUDO rm -f /nbsd + rm -f /nbsd local _bd=$_b [ X"${_b}" == X"bsd" ] && _bd="bsd.sp" local _is_boot="" [ X"$BOOT_KERNEL" == X"/${_bd}" ] && _is_boot="# boot kernel" - echo "Copying $_b to /$_bd $_is_boot" - $SUDO cp ${_b} /nbsd && $SUDO mv /nbsd /${_bd} + echo "===> Copying $_b to /$_bd $_is_boot" + cp ${_b} /nbsd && mv /nbsd /${_bd} if [ $? -ne 0 ]; then echo ERROR: Could not copy new $_bd kernel! >&2 exit 1 @@ -347,8 +399,8 @@ for _b in $BOOT_KERNELS; do [ X"$_b" == X"bsd" ] && _b="bsd.sp" if [ -e $_b ]; then - echo symlinking $_b to /bsd - $SUDO ln -sf $_b bsd + echo "===> symlinking $_b to /bsd" + ln -sf $_b bsd if [ $? -ne 0 ]; then echo ERROR: Could not symlink new kernel! >&2 exit 1 @@ -361,11 +413,7 @@ } install_sets() { - echo '### INSTALLING SETS ###' - if [ X"$USER" != X"root" -a X"$SUDO" == X"" ]; then - echo ${0##*/} must be run as root or SUDO must be set! >&2 - exit 1 - fi + echo '==> INSTALLING SETS' if [ X"" == X"$RELEASEDIR" ]; then echo ERROR: no source for sets! >&2 @@ -376,15 +424,6 @@ local _v=$FILE_VER - if [ $CUR_VER != $NEW_VER -a ! -e /sbin/oreboot ]; then - $SUDO cp /sbin/reboot /sbin/oreboot - if [ $? -ne 0 ]; then - echo "Error copying old reboot command!" >&2 - exit 1 - fi - echo "/sbin/reboot copied to /sbin/oreboot" - fi - local _sets=`ls *${_v}.tgz | grep -v ^base ` for _f in ${_sets} base${_v}.tgz; do _path=$DESTDIR @@ -394,89 +433,78 @@ _path=/var/tmp/temproot fi - echo Extracting $_f to $_path - $SUDO mkdir -p $_path - $SUDO tar -C $_path -xzphf ${RELEASEDIR}/${_f} + echo "===> Extracting $_f to $_path" + mkdir -p $_path + tar -C $_path -xzphf ${RELEASEDIR}/${_f} if [ $? -ne 0 ]; then echo ERROR: Could not extract ${_f}! >&2 exit 1 fi done - echo Extracted all sets. + echo '===> Extracted all sets.' +} +install_sendmail_smtp_auth() { if [ -e ${RELEASEDIR}/sendmail-smtp_auth.gz ]; then gzcat ${RELEASEDIR}/sendmail-smtp_auth.gz > \ ${RELEASEDIR}/sendmail-smtp_auth fi if [ -e ${RELEASEDIR}/sendmail-smtp_auth ]; then if ! pkg_info -qe 'cyrus-sasl-*'; then - $SUDO pkg_add -i cyrus-sasl + pkg_add -i cyrus-sasl fi - $SUDO install -o root -g smmsp -m 2555 \ + install -o root -g smmsp -m 2555 \ ${RELEASEDIR}/sendmail-smtp_auth \ /usr/libexec/sendmail/sendmail - echo Installed sendmail with smtp_auth + echo '===> Installed sendmail with smtp_auth' fi } update_etc() { - echo '### UPDATING ETC ###' + echo '==> UPDATING ETC' if [ ! -e $SYSMERGE ]; then - SYSMERGE= + echo "ERROR: Can't find sysmerge!" >&2 + exit 1; fi - if [ X"" == X"$SYSMERGE" ]; then - if [ -e /var/tmp/temproot ]; then - MERGEMASTER=`which mergemaster` + local _v=$FILE_VER + local _args="" - if [ $? != 0 ]; then - $SUDO pkg_add -i mergemaster - - MERGEMASTER=`which mergemaster` - if [ $? != 0 ]; then - echo ERROR: mergemaster not installed! >&2 - exit 1 - fi - fi - - echo '### RUNNING MERGEMASTER ###' - $SUDO $MERGEMASTER -irv - else - echo "ERROR: no source for etc!" >&2 - exit 1 - fi - else + if [ ! -e /usr/share/sysmerge/etc.tgz ]; then if [ X"" == X"$RELEASEDIR" ]; then echo "ERROR: no source for etc!" >&2 exit 1 - else - cd $RELEASEDIR fi - local _v=$FILE_VER - local _args="" + cd $RELEASEDIR + if [ -e etc${_v}.tgz ]; then - _args="$_args -s etc${_v}.tgz" + _args="$_args -s ${RELEASEDIR}/etc${_v}.tgz" fi if [ -e xetc${_v}.tgz ]; then - _args="$_args -x xetc${_v}.tgz" + _args="$_args -x ${RELEASEDIR}/xetc${_v}.tgz" fi if [ X"" == X"$_args" ]; then echo ERROR: No upgrade sets found! >&2 - else - echo '### RUNNING SYSMERGE ###' - if sysmerge 2>&1 | grep -- -a >/dev/null; then - _args="-a $_args" - fi - $SUDO $SYSMERGE $_args + exit 1 fi fi + + echo '==> RUNNING SYSMERGE' + $SYSMERGE $_args + + cd $OLDPWD } +if [ $(id -u) != 0 ]; then + echo 'ERROR: need root privileges to run this script' >&2 + exit 1 +fi + if [ -e /etc/update_openbsd.conf ]; then . /etc/update_openbsd.conf fi @@ -489,22 +517,22 @@ FTP_CMD=${FTP_CMD:=ftp -V} PKG_PATH=${PKG_PATH:=/usr/ports/packages/`machine`/all/:${MIRROR}/`uname -r`/packages/`machine`/} +set_version + DESTDIR=${DESTDIR:=/} SYSMERGE=${SYSMERGE:=/usr/sbin/sysmerge} FORCE_DIR=${FORCE_DIR:=No} INSTALLED_SETS=${INSTALLED_SETS:=`installed_sets`} -CHECKSUM_TYPES=${CHECKSUM_TYPES:=SHA256 MD5} +CHECKSUM_TYPES=${CHECKSUM_TYPES:=SHA256.sig SHA256} -set_version local _error=$? echo echo "-= update_openbsd - helper script to update OpenBSD =-" echo "------------------------------------------------------" echo -echo " SUDO: $SUDO" echo " SYSMERGE: $SYSMERGE" echo " MIRROR: $MIRROR" echo " RELEASEDIR: $RELEASEDIR" @@ -518,6 +546,13 @@ #echo " FILE_VER: $FILE_VER" echo +for k in $INSTALL_KERNELS; do + if [ -e "/$k" ]; then + echo "Existing $k" + kernel_file_version "/$k" + fi +done + if [ ${_error} -ne 0 ]; then exit ${_error} fi @@ -528,39 +563,62 @@ check_sets || exit -echo "Last booted:\n$BOOTED_KERNEL_VERSION" +echo "===> Last booted:\n$BOOTED_KERNEL_VERSION" if [ X"$BOOT_KERNEL_VERSION" != X"$BOOTED_KERNEL_VERSION" \ -a X"$BOOT_KERNEL_VERSION" != X"$NEW_KERNEL_VERSION" ]; then echo "Next boot (unless replaced):\n$BOOT_KERNEL_VERSION" fi if [ -n "$NEW_KERNEL_VERSION" ]; then - echo "New $BOOT_KERNEL:\n$NEW_KERNEL_VERSION"; + echo "===> New $BOOT_KERNEL:\n$NEW_KERNEL_VERSION"; else echo "\n!!! WARNING: Will not replace boot kernel $BOOT_KERNEL! !!!\n" >&2 echo "ctrl+C to cancel, enter to continue anyway" >&2 local _temp read _temp + NEW_KERNEL_VERSION=$BOOT_KERNEL_VERSION fi -if [ X"" != X"$SUDO" ]; then - echo Please enter your sudo password if prompted. - echo You may be asked for it again later in the process. - $SUDO -v +if [ X"$NEW_KERNEL_VERSION" != X"$BOOTED_KERNEL_VERSION" ]; then + echo >&2 + echo "!!! You are upgrading the OpenBSD kernel. !!!" >&2 + echo "!!! You will be given the opportunity to reboot !!!" >&2 + echo "!!! at the end of the proces but it is safer to !!!" >&2 + echo "!!! have a separate root shell open. !!!" >&2 + echo "!!! It is needed in order to run /sbin/oreboot. !!!" >&2 + echo "!!! sudo MAY NOT WORK after sets are extracted. !!!" >&2 + echo >&2 + echo "enter to continue, ctrl+C to cancel" >&2 + local _temp + read _temp + + if [ ! -e /sbin/oreboot ]; then + cp /sbin/reboot /sbin/oreboot + if [ $? -ne 0 ]; then + echo "Error copying old reboot command!" >&2 + exit 1 + fi + echo "/sbin/reboot copied to /sbin/oreboot" + fi fi install_kernels install_sets -if [ $CUR_VER == $NEW_VER ]; then +if [ X"$NEW_KERNEL_VERSION" == X"$BOOTED_KERNEL_VERSION" ]; then + install_sendmail_smtp_auth + if [ -e /sbin/oreboot ]; then echo Removing /sbin/oreboot - $SUDO rm -f /sbin/oreboot + rm -f /sbin/oreboot fi update_etc - echo '### UPDATING PACKAGES ###' - $SUDO pkg_add -ui -F update -F updatedepends + echo '==> UPDATING PACKAGES' + pkg_add -ui -F update -F updatedepends + echo '==> UPDATING FIRMWARE' + fw_update + else echo Instructions for updating to the new version available from if [ X"snapshots" == X"$FORCE_DIR" ]; then @@ -570,17 +628,11 @@ fi fi -echo New kernel installed. Please reboot! +echo Update complete. enter to reboot, ctrl+C to cancel +read _temp if [ -e /sbin/oreboot ]; then - echo Possibly using /sbin/oreboot -fi - -local _send_dmesg=`dirname $0`/send_dmesg -if [ -e "$_send_dmesg" ]; then - if [ -e $RELEASEDIR/.send_dmesg ]; then - $_send_dmesg - rm -f $RELEASEDIR/.send_dmesg - elif [ X"$CUR_VER" != X"$NEW_VER" ]; then - touch $RELEASEDIR/.send_dmesg - fi + echo using /sbin/oreboot + /sbin/oreboot +else + /sbin/reboot fi