Changeset View
Changeset View
Standalone View
Standalone View
usr.sbin/freebsd-update/freebsd-update.sh
Show First 20 Lines • Show All 2,841 Lines • ▼ Show 20 Lines | if [ ${TYPE} = "f" ] && | ||||
chflags ${FLAGS} ${BASEDIR}/${FPATH} | chflags ${FLAGS} ${BASEDIR}/${FPATH} | ||||
fi | fi | ||||
done | done | ||||
} | } | ||||
# Remove files which we want to delete | # Remove files which we want to delete | ||||
install_delete () { | install_delete () { | ||||
# Generate list of new files | # Generate list of new files | ||||
cut -f 1 -d '|' < $2 | | cut -f 1 -d '|' < $2 | | ||||
kevans: One general question I did have- what do INDEX-OLD/INDEX-NEW actually contain? Is this check… | |||||
sort > newfiles | sort > newfiles | ||||
# Generate subindex of old files we want to nuke | # Generate subindex of old files we want to nuke | ||||
sort -k 1,1 -t '|' $1 | | sort -k 1,1 -t '|' $1 | | ||||
join -t '|' -v 1 - newfiles | | join -t '|' -v 1 - newfiles | | ||||
sort -r -k 1,1 -t '|' | | sort -r -k 1,1 -t '|' | | ||||
cut -f 1,2 -d '|' | | cut -f 1,2 -d '|' | | ||||
tr '|' ' ' > killfiles | tr '|' ' ' > killfiles | ||||
Done Inline Actionss/nuke/remove/ emaste: s/nuke/remove/ | |||||
# Remove the offending bits | # Remove the offending bits | ||||
while read FPATH TYPE; do | while read FPATH TYPE; do | ||||
case ${TYPE} in | case ${TYPE} in | ||||
d) | d) | ||||
rmdir ${BASEDIR}/${FPATH} | rmdir ${BASEDIR}/${FPATH} | ||||
;; | ;; | ||||
f) | f) | ||||
rm ${BASEDIR}/${FPATH} | rm ${BASEDIR}/${FPATH} | ||||
;; | ;; | ||||
L) | L) | ||||
rm ${BASEDIR}/${FPATH} | rm ${BASEDIR}/${FPATH} | ||||
;; | ;; | ||||
esac | esac | ||||
done < killfiles | done < killfiles | ||||
# Clean up | # Clean up | ||||
rm newfiles killfiles | rm newfiles killfiles | ||||
} | } | ||||
# Install new files, delete old files, and update linker.hints | # Install new files, delete old files, and update generated files | ||||
Done Inline Actionsprobably need to update this comment, maybe just "update generated files" or something like that emaste: probably need to update this comment, maybe just "update generated files" or something like that | |||||
install_files () { | install_files () { | ||||
# If we haven't already dealt with the kernel, deal with it. | # If we haven't already dealt with the kernel, deal with it. | ||||
if ! [ -f $1/kerneldone ]; then | if ! [ -f $1/kerneldone ]; then | ||||
grep -E '^/boot/' $1/INDEX-OLD > INDEX-OLD | grep -E '^/boot/' $1/INDEX-OLD > INDEX-OLD | ||||
grep -E '^/boot/' $1/INDEX-NEW > INDEX-NEW | grep -E '^/boot/' $1/INDEX-NEW > INDEX-NEW | ||||
# Backup current kernel before installing a new one | # Backup current kernel before installing a new one | ||||
backup_kernel || return 1 | backup_kernel || return 1 | ||||
▲ Show 20 Lines • Show All 50 Lines • ▼ Show 20 Lines | grep -vE '^/boot/' $1/INDEX-OLD | | ||||
grep -vE '^/libexec/ld-elf[^|]*\.so\.[0-9]+\|' | | grep -vE '^/libexec/ld-elf[^|]*\.so\.[0-9]+\|' | | ||||
grep -vE '^[^|]*/lib/[^|]*\.so\.[0-9]+\|' > INDEX-OLD | grep -vE '^[^|]*/lib/[^|]*\.so\.[0-9]+\|' > INDEX-OLD | ||||
grep -vE '^/boot/' $1/INDEX-NEW | | grep -vE '^/boot/' $1/INDEX-NEW | | ||||
grep -vE '^[^|]+\|d\|' | | grep -vE '^[^|]+\|d\|' | | ||||
grep -vE '^/libexec/ld-elf[^|]*\.so\.[0-9]+\|' | | grep -vE '^/libexec/ld-elf[^|]*\.so\.[0-9]+\|' | | ||||
grep -vE '^[^|]*/lib/[^|]*\.so\.[0-9]+\|' > INDEX-NEW | grep -vE '^[^|]*/lib/[^|]*\.so\.[0-9]+\|' > INDEX-NEW | ||||
install_from_index INDEX-NEW || return 1 | install_from_index INDEX-NEW || return 1 | ||||
install_delete INDEX-OLD INDEX-NEW || return 1 | install_delete INDEX-OLD INDEX-NEW || return 1 | ||||
# Rehash certs if we actually have certctl installed. | |||||
if which certctl>/dev/null; then | |||||
env DESTDIR=${BASEDIR} certctl rehash | |||||
Not Done Inline ActionsNot sure if I followed -- why do we need to search INDEX-OLD here? delphij: Not sure if I followed -- why do we need to search INDEX-OLD here? | |||||
Done Inline ActionsI'll have to re-read again to see if I can follow my logic, but it was likely a bad misunderstanding on my part kevans: I'll have to re-read again to see if I can follow my logic, but it was likely a bad… | |||||
Done Inline ActionsSorry, this took a little longer to circle back to than I'd like -- it looks like what I really wanted to do was rehash if /usr/local/certs/* files either disappeared between INDEX-OLD and INDEX-NEW or just appeared in INDEX-NEW. I think this should probably use the logic from install_delete, then check killfiles and INDEX-NEW for cert changes. kevans: Sorry, this took a little longer to circle back to than I'd like -- it looks like what I really… | |||||
fi | |||||
# Rebuild generated pwd files. | # Rebuild generated pwd files. | ||||
if [ ${BASEDIR}/etc/master.passwd -nt ${BASEDIR}/etc/spwd.db ] || | if [ ${BASEDIR}/etc/master.passwd -nt ${BASEDIR}/etc/spwd.db ] || | ||||
[ ${BASEDIR}/etc/master.passwd -nt ${BASEDIR}/etc/pwd.db ] || | [ ${BASEDIR}/etc/master.passwd -nt ${BASEDIR}/etc/pwd.db ] || | ||||
[ ${BASEDIR}/etc/master.passwd -nt ${BASEDIR}/etc/passwd ]; then | [ ${BASEDIR}/etc/master.passwd -nt ${BASEDIR}/etc/passwd ]; then | ||||
pwd_mkdb -d ${BASEDIR}/etc -p ${BASEDIR}/etc/master.passwd | pwd_mkdb -d ${BASEDIR}/etc -p ${BASEDIR}/etc/master.passwd | ||||
fi | fi | ||||
▲ Show 20 Lines • Show All 442 Lines • Show Last 20 Lines |
One general question I did have- what do INDEX-OLD/INDEX-NEW actually contain? Is this check here actually triggering if the contents of a cert changed (for some reason) but not the path?
I'm somewhat suspecting that I should either be doing something like the below sort/join/sort/cut/tr invocation but from old -> new to make sure we only rehash when something's actually changed, or we should drop the illusion that we rehash only on changes that need a rehash and just rehash if a cert appears in either INDEX because a rehash should generally do no harm.