Changeset View
Changeset View
Standalone View
Standalone View
usr.sbin/freebsd-update/freebsd-update.sh
| Show First 20 Lines • Show All 2,841 Lines • ▼ Show 20 Lines | if [ ${TYPE} = "f" ] && | ||||
| chflags ${FLAGS} ${BASEDIR}/${FPATH} | chflags ${FLAGS} ${BASEDIR}/${FPATH} | ||||
| fi | fi | ||||
| done | done | ||||
| } | } | ||||
| # Remove files which we want to delete | # Remove files which we want to delete | ||||
| install_delete () { | install_delete () { | ||||
| # Generate list of new files | # Generate list of new files | ||||
| cut -f 1 -d '|' < $2 | | cut -f 1 -d '|' < $2 | | ||||
kevans: One general question I did have- what do INDEX-OLD/INDEX-NEW actually contain? Is this check… | |||||
| sort > newfiles | sort > newfiles | ||||
| # Generate subindex of old files we want to nuke | # Generate subindex of old files we want to nuke | ||||
| sort -k 1,1 -t '|' $1 | | sort -k 1,1 -t '|' $1 | | ||||
| join -t '|' -v 1 - newfiles | | join -t '|' -v 1 - newfiles | | ||||
| sort -r -k 1,1 -t '|' | | sort -r -k 1,1 -t '|' | | ||||
| cut -f 1,2 -d '|' | | cut -f 1,2 -d '|' | | ||||
| tr '|' ' ' > killfiles | tr '|' ' ' > killfiles | ||||
Done Inline Actionss/nuke/remove/ emaste: s/nuke/remove/ | |||||
| # Remove the offending bits | # Remove the offending bits | ||||
| while read FPATH TYPE; do | while read FPATH TYPE; do | ||||
| case ${TYPE} in | case ${TYPE} in | ||||
| d) | d) | ||||
| rmdir ${BASEDIR}/${FPATH} | rmdir ${BASEDIR}/${FPATH} | ||||
| ;; | ;; | ||||
| f) | f) | ||||
| rm ${BASEDIR}/${FPATH} | rm ${BASEDIR}/${FPATH} | ||||
| ;; | ;; | ||||
| L) | L) | ||||
| rm ${BASEDIR}/${FPATH} | rm ${BASEDIR}/${FPATH} | ||||
| ;; | ;; | ||||
| esac | esac | ||||
| done < killfiles | done < killfiles | ||||
| # Clean up | # Clean up | ||||
| rm newfiles killfiles | rm newfiles killfiles | ||||
| } | } | ||||
| # Install new files, delete old files, and update linker.hints | # Install new files, delete old files, and update generated files | ||||
Done Inline Actionsprobably need to update this comment, maybe just "update generated files" or something like that emaste: probably need to update this comment, maybe just "update generated files" or something like that | |||||
| install_files () { | install_files () { | ||||
| # If we haven't already dealt with the kernel, deal with it. | # If we haven't already dealt with the kernel, deal with it. | ||||
| if ! [ -f $1/kerneldone ]; then | if ! [ -f $1/kerneldone ]; then | ||||
| grep -E '^/boot/' $1/INDEX-OLD > INDEX-OLD | grep -E '^/boot/' $1/INDEX-OLD > INDEX-OLD | ||||
| grep -E '^/boot/' $1/INDEX-NEW > INDEX-NEW | grep -E '^/boot/' $1/INDEX-NEW > INDEX-NEW | ||||
| # Backup current kernel before installing a new one | # Backup current kernel before installing a new one | ||||
| backup_kernel || return 1 | backup_kernel || return 1 | ||||
| ▲ Show 20 Lines • Show All 50 Lines • ▼ Show 20 Lines | grep -vE '^/boot/' $1/INDEX-OLD | | ||||
| grep -vE '^/libexec/ld-elf[^|]*\.so\.[0-9]+\|' | | grep -vE '^/libexec/ld-elf[^|]*\.so\.[0-9]+\|' | | ||||
| grep -vE '^[^|]*/lib/[^|]*\.so\.[0-9]+\|' > INDEX-OLD | grep -vE '^[^|]*/lib/[^|]*\.so\.[0-9]+\|' > INDEX-OLD | ||||
| grep -vE '^/boot/' $1/INDEX-NEW | | grep -vE '^/boot/' $1/INDEX-NEW | | ||||
| grep -vE '^[^|]+\|d\|' | | grep -vE '^[^|]+\|d\|' | | ||||
| grep -vE '^/libexec/ld-elf[^|]*\.so\.[0-9]+\|' | | grep -vE '^/libexec/ld-elf[^|]*\.so\.[0-9]+\|' | | ||||
| grep -vE '^[^|]*/lib/[^|]*\.so\.[0-9]+\|' > INDEX-NEW | grep -vE '^[^|]*/lib/[^|]*\.so\.[0-9]+\|' > INDEX-NEW | ||||
| install_from_index INDEX-NEW || return 1 | install_from_index INDEX-NEW || return 1 | ||||
| install_delete INDEX-OLD INDEX-NEW || return 1 | install_delete INDEX-OLD INDEX-NEW || return 1 | ||||
| # Rehash certs if we actually have certctl installed. | |||||
| if which certctl>/dev/null; then | |||||
| env DESTDIR=${BASEDIR} certctl rehash | |||||
Not Done Inline ActionsNot sure if I followed -- why do we need to search INDEX-OLD here? delphij: Not sure if I followed -- why do we need to search INDEX-OLD here? | |||||
Done Inline ActionsI'll have to re-read again to see if I can follow my logic, but it was likely a bad misunderstanding on my part kevans: I'll have to re-read again to see if I can follow my logic, but it was likely a bad… | |||||
Done Inline ActionsSorry, this took a little longer to circle back to than I'd like -- it looks like what I really wanted to do was rehash if /usr/local/certs/* files either disappeared between INDEX-OLD and INDEX-NEW or just appeared in INDEX-NEW. I think this should probably use the logic from install_delete, then check killfiles and INDEX-NEW for cert changes. kevans: Sorry, this took a little longer to circle back to than I'd like -- it looks like what I really… | |||||
| fi | |||||
| # Rebuild generated pwd files. | # Rebuild generated pwd files. | ||||
| if [ ${BASEDIR}/etc/master.passwd -nt ${BASEDIR}/etc/spwd.db ] || | if [ ${BASEDIR}/etc/master.passwd -nt ${BASEDIR}/etc/spwd.db ] || | ||||
| [ ${BASEDIR}/etc/master.passwd -nt ${BASEDIR}/etc/pwd.db ] || | [ ${BASEDIR}/etc/master.passwd -nt ${BASEDIR}/etc/pwd.db ] || | ||||
| [ ${BASEDIR}/etc/master.passwd -nt ${BASEDIR}/etc/passwd ]; then | [ ${BASEDIR}/etc/master.passwd -nt ${BASEDIR}/etc/passwd ]; then | ||||
| pwd_mkdb -d ${BASEDIR}/etc -p ${BASEDIR}/etc/master.passwd | pwd_mkdb -d ${BASEDIR}/etc -p ${BASEDIR}/etc/master.passwd | ||||
| fi | fi | ||||
| ▲ Show 20 Lines • Show All 442 Lines • Show Last 20 Lines | |||||
One general question I did have- what do INDEX-OLD/INDEX-NEW actually contain? Is this check here actually triggering if the contents of a cert changed (for some reason) but not the path?
I'm somewhat suspecting that I should either be doing something like the below sort/join/sort/cut/tr invocation but from old -> new to make sure we only rehash when something's actually changed, or we should drop the illusion that we rehash only on changes that need a rehash and just rehash if a cert appears in either INDEX because a rehash should generally do no harm.