summaryrefslogtreecommitdiff
path: root/distrib
AgeCommit message (Collapse)Author
2014-01-19Use the new installboot when building amd64 media.Joel Sing
2014-01-19Switch amd64 installs/upgrades to the new installboot.Joel Sing
2014-01-19Add usr/sbin/installboot to amd64 instbin.Joel Sing
2014-01-19Add makefile for distrib/special/installboot.Joel Sing
2014-01-19we no long use the /var/hash files, but rely on the SHA256.sig file.Theo de Raadt
We can remove the hashing support.
2014-01-17add signature checking and make checksum procedure more robust byAlexander Hall
prefetching sets to a temporary directory within /home, iff it is a separate mount point with rpe@ and deraadt@, "ffiinaallllyyy .... OK" rpe@ (r.i.p. progress bars)
2014-01-15Since we now show the installer output we want that new line back.Robert Peichaer
OK halex@
2014-01-12Place a SHA256 (not SHA256.sig, sorry not yet) onto the install*.isoTheo de Raadt
media to give some upcoming changes a chance of working. Long discussions with todd and rpe
2014-01-12syncTheo de Raadt
2014-01-12syncTheo de Raadt
2014-01-11when selecting sets to install, postpone the xbase/comp check so theAlexander Hall
comp set does not get readded if the xbase set is being removed later on the same input line "nice semantics" deraadt@
2014-01-11add a few things mumbleTheo de Raadt
2014-01-11No need for a bin/cpio link on the media, because the pax|tar binary doesTheo de Raadt
not support cpio anymore.
2014-01-11Butcher a smaller tar/pax here, which has no cpio supportTheo de Raadt
ok guenther
2014-01-11use -DSHA2_ONLY to be more clear about what we are butcheringTheo de Raadt
idea from tedu
2014-01-11use NOMAN=1 for all directoriesTheo de Raadt
2014-01-11unify with other Makefiles around hereTheo de Raadt
2014-01-10remove md5 after installing it (with the links to the sha256/512 commands).Theo de Raadt
this is because the md5/sha256/sha512 are in the same binary, found in the md5 directory, but the version on the media lacks md5 support. Understand?
2014-01-09syncTheo de Raadt
2014-01-09Mention that T5120/T5220 systems require an OBP update if they are below 4.28Miod Vallat
level (matching the stealth commit to sparc64.html years ago); and update the OBP update section to point to the current Oracle ``Firmware Domwnloads'' page.
2014-01-09copy the relevant key for the release onto the mediaTheo de Raadt
2014-01-09syncTheo de Raadt
2014-01-09ramdisks need a /etc/signify directoryTheo de Raadt
2014-01-09we need to build a ztscale stub for zaurus media.Theo de Raadt
2014-01-08Take restore off the floppy media for now. Sorry.Theo de Raadt
2014-01-08Switch to using the base sha256 command, rather than some customizedTheo de Raadt
abomination. install.sub chunk tested by rpe
2014-01-08syncTheo de Raadt
2014-01-08enter md5 directoryTheo de Raadt
2014-01-08Build a -DSMALL verison of md5 for the install media (will be installedTheo de Raadt
as sha256 and sha512, primarily)
2014-01-08always include ddTheo de Raadt
2014-01-08rename SHA256_ONLY to SHA2_SMALL; changing things so that sha512 supportTheo de Raadt
is also pulled in
2014-01-08enable building of signify in the ramdisksTheo de Raadt
2014-01-07Make skipping the root fs DUID aware.Robert Peichaer
If ROOTDEV is either the device from fstab or the converted DUID device name with the partition added, skip the current fstab entry ok halex@
2014-01-07SRCDRS usr.bin usr.sbin is a bad idea (because of PIE). The places weTheo de Raadt
pick binaries up must be compiled -static or at least in some safe model for reuse. Since we now use distrib/special for those, we can safely remove usr.bin and usr.sbin from this list.
2014-01-06In the new PIE world, all dynamic binaries (for instance those foundTheo de Raadt
in usr.bin and usr.sbin on the install media) must be re-compiled non-PIE (here, in the special directory) so that crunchgen can reuse them. This issue is most acute on i386, which has register pressure, and does weird things for PIE. thanks for matthew for helping figure this out.
2014-01-06we do not need apm or apmd on the install media, that is sillyTheo de Raadt
2014-01-06Remove mention of installXX not bootable on IP27/35.Miod Vallat
2014-01-06Rework the setup of the bootable installation cd-rom (installXX.iso) toMiod Vallat
contain both a 2048-byte sector ffs filesystem, and a 512-byte volume header, so that the IP27 boot magic^Wuglyness recently added to the boot-only cd-rom (cdXX.iso) can be applied as well. The full-blown installation iso can now boot on IP27/28/30/32/35.
2014-01-06syncMiod Vallat
2014-01-06syncMiod Vallat
2014-01-06syncTheo de Raadt
2014-01-05Like upgrade, use feed_random right after mounting filesystems. ThisTheo de Raadt
is less than ideal. We hope the kernel has good entropy already, because this is a reinstall?? Or maybe the ftp server startup has run to completion? Or if this is an autoinstall, that config has enough unique in it? This needs more work, but the existing late-entropy feed sequence is worse. discussed at length with rpe, who tested it
2014-01-05We can feed_random right after mounting the filesystems, hoping we pickTheo de Raadt
up the previous kernel's /var/db/host.random ok rpe
2014-01-05provide feed_random() and store_random(). The first is used by install orTheo de Raadt
upgrade to feed as much additional usable entropy (as early as possible) to the current bsd.rd install kernel. The latter is used late in the procedure to store entropy for the next boot (of a real kernel) based on an issue described by dtucker, must conversation with halex and rpe tested by rpe
2014-01-04syncTheo de Raadt
2013-12-31syncTodd T. Fries
2013-12-28syncTheo de Raadt
2013-12-27syncTheo de Raadt
2013-12-24syncTheo de Raadt
2013-12-24syncTheo de Raadt
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-02 04:15:07 +0000