diff options
| author | Robert Peichaer <rpe@cvs.openbsd.org> | 2017-10-10 18:55:23 +0000 |
|---|---|---|
| committer | Robert Peichaer <rpe@cvs.openbsd.org> | 2017-10-10 18:55:23 +0000 |
| commit | 658efcebfacf897621561be54027725002e5c6e5 (patch) | |
| tree | 89a34ce8026a14d7b1f6a2a2d4e5befc3affbcd5 /distrib/miniroot | |
| parent | 49481cd9c59f10a453d5d40eb8f51451c30506d9 (diff) | |
Allow to boot into the existing bsd.rd and to download, verify
and upgrade to the bsd.rd of the next release.
The installer detects this bsd.rd only upgrade if the answer to
the 'Server directory?' question points to the sets of the next
release.
It then limits the set selection to the bsd.rd file, verifies it
using the on-disk signify key of the next release and makes a
backup of the existing bsd.rd before installing it.
Idea from and OK deraadt@
OK benno@
Diffstat (limited to 'distrib/miniroot')
| -rw-r--r-- | distrib/miniroot/install.sub | 20 |
1 files changed, 18 insertions, 2 deletions
diff --git a/distrib/miniroot/install.sub b/distrib/miniroot/install.sub index d08744a61c2..992b9261a69 100644 --- a/distrib/miniroot/install.sub +++ b/distrib/miniroot/install.sub @@ -1,5 +1,5 @@ #!/bin/ksh -# $OpenBSD: install.sub,v 1.1037 2017/10/05 19:42:52 naddy Exp $ +# $OpenBSD: install.sub,v 1.1038 2017/10/10 18:55:22 rpe Exp $ # # Copyright (c) 1997-2015 Todd Miller, Theo de Raadt, Ken Westerback # Copyright (c) 2015, Robert Peichaer <rpe@openbsd.org> @@ -1330,6 +1330,15 @@ sane_install() { # select_sets() { local _avail=$1 _selected=$2 _f _action _col=$COLUMNS + local _bsd_rd _no_sets=true + + if [[ $MODE == upgrade ]]; then + for _f in $_avail; do + [[ $_f != bsd* ]] && _no_sets=false + [[ $_f == bsd.rd* ]] && _bsd_rd=$_f + done + $_no_sets && UPGRADE_BSDRD=true _avail=$_bsd_rd _selected=$_bsd_rd + fi # account for 4 spaces added to the sets list let COLUMNS=_col-8 @@ -1516,6 +1525,9 @@ install_files() { ! $_unpriv ftp -D "$_t" -Vmo - "$_src/SHA256.sig" >"$_cfile.sig" && _issue="Cannot fetch SHA256.sig" && break + $UPGRADE_BSDRD && + PUB_KEY=/mnt/etc/signify/openbsd-$((VERSION + 1))-base.pub + # Verify signature file with public keys. ! unpriv -f "$_cfile" \ signify -Vep $PUB_KEY -x "$_cfile.sig" -m "$_cfile" && @@ -1576,7 +1588,9 @@ install_files() { tar -zxphf - -C /mnt fi ;; - *) $_unpriv ftp -D Installing -Vmo - "$_fsrc" >"/mnt/$_f" + *) $UPGRADE_BSDRD && [[ $_f == bsd.rd* ]] && + cp /mnt/$_f /mnt/$_f.old.$VERSION + $_unpriv ftp -D Installing -Vmo - "$_fsrc" >"/mnt/$_f" ;; esac if (($?)); then @@ -1587,6 +1601,7 @@ install_files() { fi else DEFAULTSETS=$(rmel $_f $DEFAULTSETS) + $UPGRADE_BSDRD && DEFAULTSETS= fi [[ -d $_tmpsrc ]] && rm -f "$_tmpsrc/$_f" done @@ -3139,6 +3154,7 @@ PUB_KEY=/etc/signify/openbsd-${VERSION}-base.pub ROOTDEV= ROOTDISK= SETDIR="$VNAME/$ARCH" +UPGRADE_BSDRD=false V4_DHCPCONF=false V6_AUTOCONF=false WLANLIST=/tmp/i/wlanlist |