| Age | Commit message (Collapse) | Author |
|---|
|
necessary as 'softdep' is now a no-op.
ok beck@ sthen@
|
|
We already keep /var/db/installed.SHA256 for sysupgrade(8) as a cheap
check to not install the same snapshot over and over again. With
/mnt/var/db/installed.BUILDINFO we can ensure that we are not
installing an older snapshot over a newer snapshot.
Intentionally not yet committing the sysupgrade(8) bits so that we
exercise the sysupgrade(8) / install.sub interaction as it will happen
during the 7.5 -> 7.6 transition. I.e. a newer install.sub getting
installed by an older sysupgrade(8).
deraadt@ likes it.
|
|
Firmware is fetched after bootstraps are installed, i.e. on fresh installs
apple-boot is not there yet when installboot ought to place it onto the EFI
System Partition.
Rerun --only on Apple silicon-- to replace Asahi u-boot and boot straight
into ours, nicely visible my different logo.
Input sthen deraadt
|
|
An upgrade stalled on me, either my testing was flawed or my diff is...
Having stop_watchdog() is fine, but calling it in a different place has
is apparently too subtle for me to get right.
|
|
We have {reset,start}_watchdog() which are only used in unattended upgrade
code, but stopping the background timer is done inline for all upgrades,
incl. interactive ones.
Relocate it out of the very end of do_upgrade() right after its only caller
and limit it to unattended upgrades to match where/how the timer is started.
OK afresh1
|
|
|
|
bioctl(8) uses readpassphrase(3) RPP_REQUITE_TTY, so always pass stdin,
but only use it over TTY with -s in unattended mode.
Prodding afresh1 sthen
"much better" sthen
|
|
Interactively keeps using bioctl(8)'s own prompt, in unattended mode
ask_passphrase() ensures non-empty responses or fails.
Unlike user passwords, autoinstall(8) only supports plaintext passphrases:
Encrypt the root disk with a (p)assphrase or (k)eydisk = passphrase
New passphrase = secret
Make sure to trust the install network or use a pre-configured key disk:
Encrypt the root disk with a (p)assphrase or (k)eydisk = keydisk
Which disk contains the key disk = sd2
Which sd2 partition is the key disk = a
initial diff from Chris Narkiewicz
OK afresh1
Feedback sthen
|
|
a file to a dir with the libc++ update to 16. ok deraadt phessler
|
|
|
|
Extend the yes/no question to no/passphrase/keydisk and have users pick an
existing, preformated RAID partition; no support (yet) for creating one.
OK tb afresh1
|
|
Since r1.1245 encrypt_root() happens immediately after get_rootinfo().
the latter creates device files for the root disk (and aborts if make_dev()
fails), so encrypt_root()'s call on the softraid chunk is purely redundant.
Hoist _chunk definition into declaration while here.
|
|
bioctl(8) now retries itself on mismatch so the installer continues until
the passphrase is confirmed correctly (like for the root password) instead
of bailing out after three failed attempts.
|
|
The bioctl(8) command to create new and unlock old volumes is the same.
Use `-C force' to prevent reuse, which happens with, e.g. aborted/restarted
encrypted installations past the question or installations onto an old disk.
OK naddy sthen deraadt
|
|
The yes/no question was mistaken as actual passphrase prompt and/or details
in parentheses were taken as option list (despite the lack of commas).
Unmention the only disk encryption mechanism we support and simply ask
whether to protect the root disk with a passphrase or not (still yes/no).
Prodded by solene, feedback from many
Wording from naddy, similar wording from sthen
OK naddy sthen deraadt afresh1
|
|
The installer always checks for softraid using it, skip if unavailable.
Apply the usual idiom in encrypt_root() to silence stderr noise.
Do so in do in get_softraid_chunks() as well which is always called in
get_dkdevs_unitialized() and finish_up(); get_softraid_chunks() discards
stderr and both users still do the right thing on bioctl failure/empty
output from get_dkdevs_unitialized(), but there's no point in trying plus
the idiom clarifies how this code is indeed used on floppies.
Found and tested by krw
OK deraadt krw
|
|
|
|
Since this question moved after the root disk one and '?' stopped listing disks,
hoist the implementation details in order to drop the custom answer and reuse
existing ask_yn(), thus
Encrypt the root disk? (yes, no or '?' for details) [no] ?
Create a passphrase protected CRYPTO softraid volume to be used as root disk.
Encrypt the root disk? (yes, no or '?' for details) [no]
becomes
Encrypt the root disk? (passphrase CRYPTO softraid) [no]
Prodded by afresh1
|
|
ok kn@ millert@
|
|
It takes just one, the disk; the second snuck from earlier development into
the intial r1.1231 commit.
|
|
|
|
Encrypt the root disk? (disk, no or '?' for details) [no]
Which disk is the root disk? ('?' for details) [sdN]
becomes
Which disk is the root disk? ('?' for details) [sd0]
Encrypt the root disk? (yes, no or '?' for details) [no]
so that answering 'sd0' at this point during installation behaves the same
as before the new question: specifying the root disk.
Users no longer deal with two (softraid chunk sd0, root disk sd1), but just
one disk as before, while sdN are dealt with transparently.
Code also gets simpler and should enable more improvements soon.
Feedback OK afresh1
|
|
to require "no", instead of "n" or "no" which works at every other damn prompt
in the installer. This seems to be an artifact of relentlessly pushing people
towards softraid by default, and I think that is a bit nasty and pushy.
|
|
|
|
'?' output to list available answers could better distuingish from questions
and other lines, like sets selection does with four leading spaces.
OK deraadt
|
|
For installation, no partitions whatsoever are mounted, so 'yes' is always
wrong unless the user manually mounted stuff before that question.
No change for upgrade, where partitions on the root disk are mounted.
Idea from naddy, diff from Mikhail (mp39590 AT gmail)
Tweaks from me
OK op afresh1
|
|
Save the softraid volume's device and make it root disk default, being the
only legit choice in this case; this gets it always right on systems with
multiple physical disks.
All other install/upgrade cases keep picking the first available [sw]d* disk
as root disk default.
OK afresh1
|
|
"disk" can mean both "chunk" and "volume" and a future diff for better
softraid volumes handling will benefit from this distinction.
No functional change.
|
|
Set to split `hw.disknames' strings is neat, but functionn-wide means the
bsort() invocation honours it, i.e. it'll output newlines not spaces.
Break the one-liner into the same multi-line idom occuring elsewhere and
contain IFS in the subshell that needs it.
This was never visible due how the output of was consumed by the shell.
The only visual, but otherwise effectless bug due to this appeared with the
new disk encryption question double-quoting get_dkdevs() output, i.e.
multiple disks printed across multiple lines; this yields one, as inteded.
OK afresh1
|
|
'Default IPv4 route?' takes an IP or this word, not no IP at all.
All other questions already quote their 'none', 'done', etc. answers.
No behaviour change for autoinstall(8) files, questions end after the
qestion mark and potential answers/help in parentheses comes after that.
|
|
While MAKEDEV accepts multiple args, it complains loudly on repeated args.
It is silent when trying to create a single already existing device.
This is probably a bug in MAKEDEV.
|
|
No need to loop here, the script takes multiple args.
OK tb afresh1
|
|
^C during questiong yields
/install: /tmp/cppid: cannot open $(<) input
The trap handler must first test existence, then read the PID file.
Quote like other PID file constructs in install.sub do.
Use newlines to make the trap function readable.
OK miod
|
|
ok kn@ deraadt@
|
|
WEP does not work with our bwfm(4) and it shows:
Which network interface do you wish to configure? (or 'done') [bse0] bwfm0
ifconfig: SIOCS80211NWKEY: Operation not supported by device
Access point? (ESSID, 'any', list# or '?') [any] 2
Security protocol? (O)pen, (W)EP, WPA-(P)SK [O]
Handle the error and disable (W)EP unless the driver has it.
No objections from anyone.
|
|
One new question to cover the most common use case, such that manual setup
in (S)hell or '!' prior to install is no longer required:
Encrypt the root disk? (disk, 'no' or '?' for details) [no] ?
Create a passphrase protected CRYPTO softraid volume to be used as root disk.
Available disks are: sd0.
Encrypt the root disk? (disk, 'no' or '?' for details) [no]
Use of keydisk or different disciplines are not covered.
Only asked in interactive installations; no autoinstall(8) or upgrades.
Only reachable on i386, amd64, sparc64 and riscv64 for now (arm64 WIP).
Tested by cheloha naddy and a few users
Feedback from cheloha deraadt claudio
OK cheloha
"get it in now" deraadt
|
|
In practise, omitting \n is pointless in get_*devs*(), addel() and rmel()
as they are all all used in such a way that the shell always ensures a
trailing \n anyway.
(This might have been needed with the old recursive bsort(), but not now.)
The one exception being the case of a ramdisk with no disks, which revealed
\n mishandling in the root disk question where it ought to print "none"
instead of an empty list of available disks (since inception in r1.1114):
Available disks are: .
Which disk is the root disk? ('?' for details) ?
OK afresh1
|
|
Sets on an unmounted disk partition are most likely to be on install media,
e.g. CD or USB stick.
Default 'Which disk contains the install media?' to the first disk that is
a) not the root disk and b) not a disk with softraid chunks (hosting the
root disk, for example).
This makes it point at the right disk in most setups.
All disks remain valid answers, this is only about the default.
OK afresh1
|
|
ksh(1) can sort itself and addel() ensures uniqueness, so reuse both to get
a much simpler shell version of `sort -u' that is bug-for-bug compatible
with the old one but shorter and easier to tweak/reason about.
OK afresh1
|
|
Skip chunk devices in the 'Which disk do you wish to initialize?' question.
Touching sd0, e.g. after a root on softraid sd1 install on sd0, will fail.
get_dkdevs_uninitialized() is used once, in interactive installs, right
after root disk setup, iff multiple disks exist.
Tested as part of a bigger diff by a few
OK cheloha
|
|
|
|
get_softraid_chunks() yields full device names with labels, e.g. "sd0a",
but the installer largely deals with disk names "sd0".
The only user of this, MAKEDEV, behaves identically with either form.
Rename to get_softraid_disks(), clarify comments and return disk names
so it can be reused without pattern matching or stripping labels.
OK afresh1
|
|
No behaviour change, but get_softraid_chunks() reads much clearer.
The root disk is checked to be a softraid volume; if so, devices for each
chunks are created to make installboot work later.
bioctl accepts "sd1" and "softraid0", the latter prints all volumes.
Output is identical if sd1 is the only volume.
OK afresh1
|
|
the keyboard layout on all of them during install.
tested with a Thinkpad X13s with a silly amount of kezboards connected.
OK miod@ kn@
|
|
|
|
Hacking on the installer while running it is a lot easier when you can
inspect or run functions directly without paging the whole script or
poking around in it with ed.
install.sub is already structured so that all functions come first,
then MD code, then actual commands.
Copy FUNCS_ONLY from rc.subr(8) so you can drop out any time and hack around
more conveniently:
Available disks are: sd0 sd1.
Which disk is the root disk? ('?' for details) [sd0] !
Type 'exit' to return to install.
test# FUNCS_ONLY=1 . /install.sub
test# typeset -f get_dkdevs
get_dkdevs() {
echo $(scan_disknames "${MDDKDEVS:-/^[sw]d[0-9][0-9]* /s/ .*//p}")
}
test# get_dkdevs
sd0 sd1
test#
This requires the sourcing shell to be ksh(1) or sh(1) with 'strict Bourne
shell mode' disabled. '!' is ksh now, but the initial (S)hell answer still
lands in a strict (default) sh(1) -- that can/should be fixed separately.
OK deraadt
|
|
Even without any interfaces the installer still asks for one and only
continues when the only possible answer 'done' is provided.
That means one mandatory but useless answer during installations like
# vmctl start -c -d ./install72.img -d ./disk.img test
...
System hostname? (short form, e.g. 'foo') test
Available network interfaces are: .
Network interface to configure? (name, lladdr, '?', or 'done')
A response is required.
Network interface to configure? (name, lladdr, '?', or 'done') ?
Available network interfaces are: .
Network interface to configure? (name, lladdr, '?', or 'done') done
DNS domain name? (e.g. 'example.com') [my.domain]
...
Skip it when there is no viable answer:
# vmctl start -c -d ./install72.img -d ./disk.img test
...
System hostname? (short form, e.g. 'foo') test
DNS domain name? (e.g. 'example.com') [my.domain]
...
OK deraadt
|
|
arithmetic expression `(( ... ))' and more.
OK deraadt
|
|
This modifies the installer question, auto install scripts may need updating.
Allows answering ? to the interface question to list allowed lladdrs
and allows answering with one of them to configure the interface.
Reconfiguring by either name/unit or lladdr will clear the previous config.
Many suggestions from kn@
finish it @deraadt
|
|
|
