diff options
| author | Theo Buehler <tb@cvs.openbsd.org> | 2017-08-24 15:21:57 +0000 |
|---|---|---|
| committer | Theo Buehler <tb@cvs.openbsd.org> | 2017-08-24 15:21:57 +0000 |
| commit | c724d2384a26db789c3c1c6d2a0dabebc84529f8 (patch) | |
| tree | 5d060a0ec760c9a6b0d29617690d5862053bdf4f /distrib | |
| parent | eb32ab9851537a3e9c03eecbfa292114a4c186df (diff) | |
On release installs of architectures supported by syspatch, run syspatch -c
from rc.firsttime. If binary patches are available, users will be informed
on the console and in the rc.firsttime output mail.
Based on an idea from tj; discussed with several during t2k17.
Positive feedback and go ahead, deraadt, ajacoutot, rpe, tj.
Diffstat (limited to 'distrib')
| -rw-r--r-- | distrib/miniroot/install.sub | 22 |
1 files changed, 21 insertions, 1 deletions
diff --git a/distrib/miniroot/install.sub b/distrib/miniroot/install.sub index 902e69a9ada..9c29f6d40ce 100644 --- a/distrib/miniroot/install.sub +++ b/distrib/miniroot/install.sub @@ -1,5 +1,5 @@ #!/bin/ksh -# $OpenBSD: install.sub,v 1.1033 2017/08/18 16:57:48 jcs Exp $ +# $OpenBSD: install.sub,v 1.1034 2017/08/24 15:21:56 tb Exp $ # # Copyright (c) 1997-2015 Todd Miller, Theo de Raadt, Ken Westerback # Copyright (c) 2015, Robert Peichaer <rpe@openbsd.org> @@ -2586,6 +2586,7 @@ store_random() { finish_up() { local _dev _mp _fstype _rest _d local _compile=/mnt/usr/share/compile _kernel=${MDKERNEL:-GENERIC} + local _syspatch_archs="amd64 i386" # Mount all known swap partitions. This gives systems with little # memory a better chance at running 'MAKEDEV all'. @@ -2669,6 +2670,25 @@ finish_up() { # Ensure that fw_update is run on reboot. echo "/usr/sbin/fw_update -v" >>/mnt/etc/rc.firsttime + # Run syspatch -c on reboot if the arch is supported and if it is a + # release system (not -stable or -current). List uninstalled syspatches + # on the console and in the rc.firsttime output mail. + isin $ARCH $_syspatch_archs && cat <<__EOT >>/mnt/etc/rc.firsttime +set -A _KERNV -- \$(sysctl -n kern.version | + sed 's/^OpenBSD \([0-9]\.[0-9]\)\([^ ]*\).*/\1 \2/;q') +if ((\${#_KERNV[*]} == 1)) && [[ -s /etc/installurl ]] && + _CKPATCH=\$(mktemp /tmp/_ckpatch.XXXXXXXXXX); then + echo -n "Checking for available binary patches... " + syspatch -c > \$_CKPATCH + echo "done." + if [[ -s \$_CKPATCH ]]; then + echo "Run syspatch(8) to install:" + cat \$_CKPATCH + fi + rm -f \$_CKPATCH +fi +__EOT + # Email installer questions and their answers to root on next boot. prep_root_mail /tmp/i/$MODE.resp "$(hostname) $MODE response file" |