From 0eb7598cef40c107c6df6cb0e7975ae48c8852f9 Mon Sep 17 00:00:00 2001 From: Antoine Jacoutot Date: Tue, 8 Nov 2016 12:11:23 +0000 Subject: Few fixes and consistency. --- usr.sbin/syspatch/syspatch.sh | 29 +++++++++++++---------------- 1 file changed, 13 insertions(+), 16 deletions(-) (limited to 'usr.sbin/syspatch') diff --git a/usr.sbin/syspatch/syspatch.sh b/usr.sbin/syspatch/syspatch.sh index 1f5118f2cb1..9d7a17168c4 100644 --- a/usr.sbin/syspatch/syspatch.sh +++ b/usr.sbin/syspatch/syspatch.sh @@ -1,6 +1,6 @@ #!/bin/ksh # -# $OpenBSD: syspatch.sh,v 1.40 2016/11/06 19:12:58 halex Exp $ +# $OpenBSD: syspatch.sh,v 1.41 2016/11/08 12:11:22 ajacoutot Exp $ # # Copyright (c) 2016 Antoine Jacoutot # @@ -38,7 +38,7 @@ apply_patch() local _explodir _file _files _patch=$1 [[ -n ${_patch} ]] - local _explodir=${_TMP}/${_patch} + _explodir=${_TMP}/${_patch} mkdir -p ${_explodir} _files="$(tar xvzphf ${_TMP}/${_patch}.tgz -C ${_explodir})" @@ -64,9 +64,9 @@ apply_patch() apply_patches() { needs_root - local _m _patch _patches="$(ls_missing)" + local _patch - for _patch in ${_patches}; do + for _patch in $(ls_missing); do fetch_and_verify "${_patch}" trap '' INT apply_patch "${_patch}" @@ -78,11 +78,9 @@ apply_patches() checkfs() { - local _files="${@}" + local _d _f _files="${@}" [[ -n ${_files} ]] - local _d _f - for _d in $(stat -qf "%Sd" $(for _f in ${_files}; do echo /${_f%/*} done | uniq)); do mount | grep -q "^/dev/${_d} .*read-only" && sp_err "Remote or read-only filesystem, aborting" @@ -123,26 +121,24 @@ create_rollback() fetch_and_verify() { - # XXX privsep ala installer + # XXX privsep ala installer (doas|su)? local _patch=$1 [[ -n ${_patch} ]] - local _key="/etc/signify/openbsd-${_RELINT}-syspatch.pub" _p - ${_FETCH} -o "${_TMP}/SHA256.sig" "${PATCH_PATH}/SHA256.sig" ${_FETCH} -mD "Applying" -o "${_TMP}/${_patch}.tgz" \ "${PATCH_PATH}/${_patch}.tgz" - (cd ${_TMP} && - /usr/bin/signify -qC -p ${_key} -x SHA256.sig ${_patch}.tgz) + (cd ${_TMP} && /usr/bin/signify -qC -p \ + /etc/signify/openbsd-${_RELINT}-syspatch.pub -x SHA256.sig \ + ${_patch}.tgz) } install_file() { # XXX handle symlinks, dir->file, file->dir? - local _src=$1 _dst=$2 + local _dst=$2 _fgrp _fmode _fown _src=$1 [[ -f ${_src} && -f ${_dst} ]] - local _fmode _fown _fgrp eval $(stat -f "_fmode=%OMp%OLp _fown=%Su _fgrp=%Sg" ${_src}) install -DFS -m ${_fmode} -o ${_fown} -g ${_fgrp} ${_src} ${_dst} @@ -171,7 +167,7 @@ ls_installed() local _p for _p in ${_PDIR}/${_REL}/*; do _p=${_p:##*/} - [[ ${_p} = rollback-syspatch-${_RELINT}-*.tgz ]] && + [[ ${_p} == rollback-syspatch-${_RELINT}-*.tgz ]] && _p=${_p#rollback-} && echo ${_p%.tgz} done | sort -V } @@ -202,8 +198,9 @@ rollback_patch() _patch="$(ls_installed | sort -V | tail -1)" [[ -n ${_patch} ]] - echo "Reverting ${_patch}" _explodir=${_TMP}/rollback-${_patch} + + echo "Reverting ${_patch}" mkdir -p ${_explodir} _files="$(tar xvzphf ${_PDIR}/${_REL}/rollback-${_patch}.tgz -C \ -- cgit v1.2.3