src - OpenBSD base system

diff options


context:
space:
mode:

author	Antoine Jacoutot <ajacoutot@cvs.openbsd.org>	2014-03-24 15:20:33 +0000
committer	Antoine Jacoutot <ajacoutot@cvs.openbsd.org>	2014-03-24 15:20:33 +0000
commit	17f87fd9b823419ddbf80591c0f5e5d99b9061c1 (patch)
tree	308808e8eb33392d36cdfd9d3cf6f056f55e2be2
parent	b9f660bad5b31e3de245344f3e25af94ac870239 (diff)

Rework the way we fetch and verify sets to simplify the process.

Don't fetch SHA256 twice when we are updating from the same repo. Better output. Simplify extract_set (becomes extract_sets and deal with all sets at once). Make sure we cannot pass -s xetcXX and/or -x etcXX. Bring consistency in condition evaluations. Drop some unused variables. with inputs from rpe@

Diffstat

-rw-r--r--

usr.sbin/sysmerge/sysmerge.sh

149

1 files changed, 81 insertions, 68 deletions

diff --git a/usr.sbin/sysmerge/sysmerge.sh b/usr.sbin/sysmerge/sysmerge.sh
index cc4c8078517..aabf76e1482 100644
--- a/usr.sbin/sysmerge/sysmerge.sh
+++ b/usr.sbin/sysmerge/sysmerge.sh

@@ -1,6 +1,6 @@

#!/bin/ksh -

-# $OpenBSD: sysmerge.sh,v 1.130 2014/03/22 12:33:36 ajacoutot Exp $

+# $OpenBSD: sysmerge.sh,v 1.131 2014/03/24 15:20:32 ajacoutot Exp $

@@ -20,9 +20,8 @@

umask 0022

-unset AUTO_INSTALLED_FILES BATCHMODE DIFFMODE EDIT ETCSUM NEED_NEWALIASES

-unset NEWGRP NEWUSR NEED_REBOOT NOSIGCHECK RELINT SIGFETCHED SRCDIR SRCSUM

-unset TGZ XETCSUM XTGZ

+unset AUTO_INSTALLED_FILES BATCHMODE DIFFMODE ETCSUM NEED_NEWALIASES NEWGRP

+unset NEWUSR NEED_REBOOT NOSIGCHECK SRCDIR SRCSUM TGZ XETCSUM XTGZ

# forced variables

WRKDIR=$(mktemp -d -p ${TMPDIR:=/var/tmp} sysmerge.XXXXXXXXXX) || exit 1

@@ -44,7 +43,7 @@ PAGER="${PAGER:=/usr/bin/more}"

# clean leftovers created by make in src

clean_src() {

- [ -n "${SRCDIR}" ] && \

+ [[ -n ${SRCDIR} ]] && \

cd ${SRCDIR}/gnu/usr.sbin/sendmail/cf/cf && make cleandir >/dev/null

}

@@ -81,6 +80,7 @@ error_rm_wrkdir() {

# way since it contains our backup files

rm -rf ${TEMPROOT}

rm -f ${WRKDIR}/*.tgz

+ rm -f ${WRKDIR}/SHA256.sig

rmdir ${WRKDIR} 2>/dev/null

exit 1

}

@@ -92,48 +92,60 @@ if (($(id -u) != 0)); then

error_rm_wrkdir "need root privileges"

-# extract (x)etcXX.tgz and create cksum file;

+# extract (x)etcXX.tgz and create cksum file(s);

# stores sum filename in ETCSUM or XETCSUM (see eval);

-# takes file and setname ('etc' or 'xetc') as arguments

-extract_set() {

- [[ -z $1 ]] && return

- local _tgz=$(readlink -f "$1") _set=$2 _f

- typeset -u _SETSUM=${_set}sum

- eval ${_SETSUM}=${_set}sum

- (cd ${TEMPROOT} && tar -xzphf "${_tgz}" && \

- tar -tzf "${_tgz}" | while read _f; do

- [ ! -h ${_f} ] && cksum ${_f} >> ${WRKDIR}/${_set}sum; done) || \

- error_rm_wrkdir "failed to extract ${_tgz} and create checksum file"

- rm "${_tgz}"

+extract_sets() {

+ [[ -n ${SRCDIR} ]] && return

+ local _e _x _set _tgz

+ [[ -f ${WRKDIR}/${TGZ##*/} ]] && _e=etc

+ [[ -f ${WRKDIR}/${XTGZ##*/} ]] && _x=xetc

+ for _set in ${_e} ${_x}; do

+ typeset -u _SETSUM=${_set}sum

+ eval ${_SETSUM}=${_set}sum

+ [[ ${_set} == etc ]] && _tgz=${WRKDIR}/${TGZ##*/}

+ [[ ${_set} == xetc ]] && _tgz=${WRKDIR}/${XTGZ##*/}

+ tar -tzf "${_tgz}" ./var/db/sysmerge/${_set}sum >/dev/null ||

+ error_rm_wrkdir "${_tgz##*/}: badly formed \"${_set}\" set, lacks ./var/db/sysmerge/${_set}sum"

+ (cd ${TEMPROOT} && tar -xzphf "${_tgz}" && \

+ tar -tzf "${_tgz}" | while read _f; do

+ [[ ! -h ${_f} ]] && cksum ${_f} >> ${WRKDIR}/${_set}sum; done) || \

+ error_rm_wrkdir "failed to extract ${_tgz} and create checksum file"

+ rm "${_tgz}"

+ done

}

-# fetch and check if tgz is valid;

-# stores local path to tgz in TGZ or XTGZ;

-# takes url or filename and setname ('etc' or 'xetc') as arguments;

-# verify SHA256.sig, abort on failure

-get_set() {

- local _url=$1 _set=$2

- local _tgz=${WRKDIR}/${_url##*/}

+# fetch and verify sets, abort on failure

+sm_fetch_and_verify() {

+ [[ -n ${SRCDIR} ]] && return

+ local _file _sigdone _url;

local _key="/etc/signify/openbsd-${RELINT}-base.pub"

- [ -f "${_url}" ] && _url="file://$(readlink -f ${_url})"

- [[ ${_set} == etc ]] && TGZ=${_tgz} || XTGZ=${_tgz}

- if [[ ${_url} == @(file|ftp|http|https)://*/*[!/] ]]; then

- echo "===> Fetching from ${_url%/*}"

- /usr/bin/ftp -D "===> Getting" -Vm -k "${FTP_KEEPALIVE-0}" -o "${_tgz}" "${_url}" || \

+ for _url in ${TGZ} ${XTGZ}; do

+ [[ -f ${_url} ]] && _url="file://$(readlink -f ${_url})"

+ _file=${WRKDIR}/${_url##*/}

+ [[ ${_url} == @(file|ftp|http|https)://*/*[!/] ]] ||

+ error_rm_wrkdir "${_url}: invalid URL"

+ echo "===> Fetching ${_url}"

+ /usr/bin/ftp -Vm -k "${FTP_KEEPALIVE-0}" -o "${_file}" "${_url}" >/dev/null || \

error_rm_wrkdir "could not retrieve ${_url##*/}"

- else

- error_rm_wrkdir "${_url}: no such file"

- fi

- if [ -z "${NOSIGCHECK}" ]; then

- echo "===> Verifying against ${_key}"

- (cd ${WRKDIR} &&

- /usr/bin/ftp -D "===> Getting" -Vm -k "${FTP_KEEPALIVE-0}" -o - "${_url%/*}/SHA256.sig" | \

- /usr/bin/signify -qC -p ${_key} -x - ${_url##*/}) || \

- error_rm_wrkdir "SHA256.sig: signature/checksum failed"

- else

- tar -tzf "${_tgz}" ./var/db/sysmerge/${_set}sum >/dev/null || \

- error_rm_wrkdir "${_tgz##*/}: badly formed \"${_set}\" set, lacks ./var/db/sysmerge/${_set}sum"

- fi

+ if [ -z "${NOSIGCHECK}" ]; then

+ if [ -z ${_sigdone} ]; then

+ echo "===> Fetching ${_url%/*}/SHA256.sig"

+ /usr/bin/ftp -Vm -k "${FTP_KEEPALIVE-0}" -o "${WRKDIR}/SHA256.sig" "${_url%/*}/SHA256.sig" >/dev/null || \

+ error_rm_wrkdir "could not retrieve SHA256.sig"

+ [[ ${TGZ%/*} == ${XTGZ%/*} ]] && _sigdone=1

+ fi

+ echo "===> Verifying ${_url##*/} against ${_key}"

+ (cd ${WRKDIR} && /usr/bin/signify -qC -p ${_key} -x SHA256.sig ${_url##*/}) || \

+ error_rm_wrkdir "${_url##*/}: signature/checksum failed"

+ fi

+ done

+ [[ -z ${NOSIGCHECK} ]] && rm ${WRKDIR}/SHA256.sig

}

# prepare TEMPROOT content from a src dir and create cksum file

@@ -156,15 +168,12 @@ sm_populate() {

mkdir -p ${DESTDIR}/${DBDIR} || exit 1

- extract_set "${TGZ}" etc

- extract_set "${XTGZ}" xetc

# automatically install missing user(s) and group(s) from the

# new master.passwd and group files:

# - after extracting the sets (so we have the new files)

# - before running distribution-etc-root-var (using files from SRCDIR)

+ extract_sets

install_user_group

prepare_src

for i in ${SRCSUM} ${ETCSUM} ${XETCSUM}; do

@@ -190,7 +199,7 @@ sm_populate() {

[ -n "$(grep "${CURSUM}" ${DESTDIR}/${DBDIR}/${i})" -a -z "$(grep "${CURSUM}" ${WRKDIR}/${i})" ] && \

_array="${_array} ${_d}"

done

- [ -n "${_array}" ] && set -A AUTO_UPG -- ${_array}

+ [[ -n ${_array} ]] && set -A AUTO_UPG -- ${_array}

mv ${DESTDIR}/${DBDIR}/${i} ${DESTDIR}/${DBDIR}/.${i}.bak

@@ -213,7 +222,7 @@ sm_populate() {

CF_FILES="/etc/mail/localhost.cf /etc/mail/sendmail.cf /etc/mail/submit.cf"

for cf in ${CF_FILES}; do

CF_DIFF=$(diff -q -I "##### " ${TEMPROOT}/${cf} ${DESTDIR}/${cf} 2>/dev/null)

- [ -z "${CF_DIFF}" ] && IGNORE_FILES="${IGNORE_FILES} ${cf}"

+ [[ -z ${CF_DIFF} ]] && IGNORE_FILES="${IGNORE_FILES} ${cf}"

done

if [ -r /etc/sysmerge.ignore ]; then

while read i; do \

@@ -243,7 +252,7 @@ install_file() {

INSTDIR=${1#.}

INSTDIR=${INSTDIR%/*}

- [ -z "${INSTDIR}" ] && INSTDIR=/

+ [[ -z ${INSTDIR} ]] && INSTDIR=/

DIR_MODE=$(stat -f "%OMp%OLp" "${TEMPROOT}/${INSTDIR}")

eval $(stat -f "FILE_MODE=%OMp%OLp FILE_OWN=%Su FILE_GRP=%Sg" ${1})

@@ -288,7 +297,7 @@ install_link() {

_LINKF=$(dirname ${DESTDIR}${COMPFILE#.})

DIR_MODE=$(stat -f "%OMp%OLp" "${TEMPROOT}/${_LINKF}")

- [ ! -d "${_LINKF}" ] && \

+ [[ ! -d ${_LINKF} ]] && \

install -d -o root -g wheel -m "${DIR_MODE}" "${_LINKF}"

rm -f ${COMPFILE}

@@ -306,6 +315,9 @@ install_user_group() {

local _gr="${TEMPROOT}/etc/group"

+ # when running with '-x' only

+ [ ! -f ${_pw} -o ! -f ${_gr} ] && return

while read l; do

_u=$(echo ${l} | awk -F ':' '{ print $1 }')

if [ "${_u}" != "root" ]; then

@@ -418,7 +430,7 @@ diff_loop() {

if [ -z "${DIFFMODE}" ]; then

# automatically install files if current != new and current = old

for i in "${AUTO_UPG[@]}"; do

- [ "${i}" = "${COMPFILE}" ] && FORCE_UPG=1

+ [[ ${i} == ${COMPFILE} ]] && FORCE_UPG=1

done

# automatically install files which differ only by CVS Id or that are binaries

if [ -z "$(diff -q -I'[$]OpenBSD:.*$' "${DESTDIR}${COMPFILE#.}" "${COMPFILE}")" -o -n "${FORCE_UPG}" -o -n "${IS_BINFILE}" ]; then

@@ -472,7 +484,7 @@ diff_loop() {

if [ -z "${BATCHMODE}" ]; then

echo " Use 'd' to delete the temporary ${COMPFILE}"

- if [[ ${COMPFILE} != ./etc/hosts ]]; then

+ if [ "${COMPFILE}" != ./etc/hosts ]; then

CAN_INSTALL=1

echo " Use 'i' to install the temporary ${COMPFILE}"

@@ -563,14 +575,14 @@ sm_compare() {

# only process them (i.e. install) if they don't exist on the target system

if [ ! -s "${COMPFILE}" ]; then

if [ -f "${DESTDIR}${COMPFILE#.}" ]; then

- [ -f "${COMPFILE}" ] && rm "${COMPFILE}"

+ [[ -f ${COMPFILE} ]] && rm ${COMPFILE}

else

IS_BINFILE=1

# links need to be treated in a different way

- [ -h "${COMPFILE}" ] && IS_LINK=1

+ [[ -h ${COMPFILE} ]] && IS_LINK=1

if [ -n "${IS_LINK}" -a -h "${DESTDIR}${COMPFILE#.}" ]; then

IS_LINK=1

# if links target are the same, remove from temproot

@@ -597,7 +609,7 @@ sm_compare() {

-z ${IS_LINK} ]]; then

CVSID1=$(grep "[$]OpenBSD:" ${DESTDIR}${COMPFILE#.} 2>/dev/null)

CVSID2=$(grep "[$]OpenBSD:" ${COMPFILE} 2>/dev/null) || CVSID2=none

- [ "${CVSID2}" = "${CVSID1}" ] && rm "${COMPFILE}"

+ [[ ${CVSID2} == ${CVSID1} ]] && rm "${COMPFILE}"

if [ -f "${COMPFILE}" -a -z "${IS_LINK}" ]; then

@@ -619,7 +631,7 @@ sm_post() {

local FILES_IN_TEMPROOT FILES_IN_BKPDIR

FILES_IN_TEMPROOT=$(find ${TEMPROOT} -type f ! -name \*.merged -size +0)

- [ -d "${BKPDIR}" ] && FILES_IN_BKPDIR=$(find ${BKPDIR} -type f -size +0)

+ [[ -d ${BKPDIR} ]] && FILES_IN_BKPDIR=$(find ${BKPDIR} -type f -size +0)

if [ -n "${NEED_NEWALIASES}" ]; then

report "===> A new ${DESTDIR}/etc/mail/aliases file was installed."

@@ -641,8 +653,8 @@ sm_post() {

if [ -n "${NEWUSR}" -o -n "${NEWGRP}" ]; then

report "===> The following user(s)/group(s) have been added"

- [ -n "${NEWUSR}" ] && report "user(s): ${NEWUSR[@]}"

- [ -n "${NEWGRP}" ] && report "group(s): ${NEWGRP[@]}"

+ [[ -n ${NEWUSR} ]] && report "user(s): ${NEWUSR[@]}"

+ [[ -n ${NEWGRP} ]] && report "group(s): ${NEWGRP[@]}"

report ""

if [ -n "${FILES_IN_TEMPROOT}" ]; then

@@ -650,18 +662,18 @@ sm_post() {

report "${FILES_IN_TEMPROOT}"

- [ -n "${FILES_IN_TEMPROOT}" ] && \

+ [[ -n ${FILES_IN_TEMPROOT} ]] && \

warn "some files are still left for comparison"

- [ -n "${NEED_NEWALIASES}" ] && \

+ [[ -n ${NEED_NEWALIASES} ]] && \

warn "newaliases(8) failed to run properly"

- [ -n "${NEED_REBOOT}" ] && \

+ [[ -n ${NEED_REBOOT} ]] && \

warn "some new/updated file(s) may require a reboot"

echo "===> Checking directory hierarchy permissions (running mtree(8))"

mtree -qdef ${DESTDIR}/etc/mtree/4.4BSD.dist -p ${DESTDIR:=/} -U >/dev/null

- [ -n "${XTGZ}" ] && \

+ [[ -n ${XTGZ} ]] && \

mtree -qdef ${DESTDIR}/etc/mtree/BSD.x11.dist -p ${DESTDIR:=/} -U >/dev/null

if [ -e "${REPORT}" ]; then

@@ -690,18 +702,18 @@ while getopts bdSs:x: arg; do

;;

if [ -d "${OPTARG}" ]; then

- SRCDIR=${OPTARG}

- [ -f "${SRCDIR}/etc/Makefile" ] || \

+ SRCDIR="${OPTARG}"

+ [[ -f ${SRCDIR}/etc/Makefile ]] || \

error_rm_wrkdir "${SRCDIR}: invalid \"src\" tree, missing ${SRCDIR}/etc/Makefile"

continue

- get_set "${OPTARG}" etc

+ TGZ="${OPTARG}"

;;

NOSIGCHECK=1

;;

- get_set "${OPTARG}" xetc

+ XTGZ="${OPTARG}"

;;

usage

@@ -718,9 +730,9 @@ fi

if [ -z "${SRCDIR}" -a -z "${TGZ}" -a -z "${XTGZ}" ]; then

if [ -n "${SM_PATH}" ]; then

- get_set "${SM_PATH}/etc${RELINT}.tgz" etc

+ TGZ="${SM_PATH}/etc${RELINT}.tgz"

if [ -d ${DESTDIR}/etc/X11 ]; then

- get_set "${SM_PATH}/xetc${RELINT}.tgz" xetc

+ XTGZ="${SM_PATH}/xetc${RELINT}.tgz"

elif [ -f "/usr/src/etc/Makefile" ]; then

SRCDIR=/usr/src

@@ -733,6 +745,7 @@ fi

TEMPROOT="${WRKDIR}/temproot"

BKPDIR="${WRKDIR}/backups"

+sm_fetch_and_verify

sm_populate

sm_compare

sm_post