fixup! Add tix-upgrade(8).
This commit is contained in:
parent
7f8cb8aecc
commit
2402ef8361
|
@ -86,10 +86,10 @@ for argument do
|
||||||
--collection=*) collection=$parameter ;;
|
--collection=*) collection=$parameter ;;
|
||||||
--collection) previous_option=collection ;;
|
--collection) previous_option=collection ;;
|
||||||
--continue) continue="--continue" ;;
|
--continue) continue="--continue" ;;
|
||||||
--download-non-verbose) previous_option="-nv" ;;
|
--download-non-verbose) wget_options="-nv" ;;
|
||||||
--download-non-verbose) previous_option="-v" ;;
|
--download-non-verbose) wget_options="-v" ;;
|
||||||
--download-quiet) previous_option="-q" ;;
|
--download-quiet) wget_options="-q" ;;
|
||||||
--download-verbose) previous_option="-v" ;;
|
--download-verbose) wget_options="-v" ;;
|
||||||
--execpatch) execpatch=true ;;
|
--execpatch) execpatch=true ;;
|
||||||
--initrd) initrd=true ;;
|
--initrd) initrd=true ;;
|
||||||
--input-release-file=*) input_release_file=$parameter ;;
|
--input-release-file=*) input_release_file=$parameter ;;
|
||||||
|
@ -149,18 +149,19 @@ fi
|
||||||
# TODO: Mutually incompatible options.
|
# TODO: Mutually incompatible options.
|
||||||
|
|
||||||
conf() {
|
conf() {
|
||||||
grep -E "^$1[[:space:]]*=" -- "$collection/etc/upgrade.conf" |
|
sed -E -e 's/([a-zA-Z0-9_]+) *? *= */\U\1=/' \
|
||||||
tail -n 1 |
|
-e 's/=yes$/=true/' -e 's/no$/=false/' "$3" | \
|
||||||
sed -E 's/^[^=]*=[[:space:]]*(|.*[^[:space:]])[[:space:]]*/\1/'
|
tix-vars -d "$2" - "$4"
|
||||||
}
|
}
|
||||||
|
|
||||||
tmpdir=$(mktemp -dt tix-fetch-port.XXXXXX)
|
tmpdir=$(mktemp -dt tix-fetch-port.XXXXXX)
|
||||||
trap 'rm -rf -- "$tmpdir"' EXIT HUP INT QUIT TERM
|
trap 'rm -rf -- "$tmpdir"' EXIT HUP INT QUIT TERM
|
||||||
|
|
||||||
RELEASE_KEY=$(conf release_key)
|
upgrade_conf="${collection%/}/etc/upgrade.conf"
|
||||||
RELEASE_SIG_URL=$(conf release_sig_url)
|
RELEASE_KEY=$(conf -d '' "$upgrade_conf" RELEASE_KEY)
|
||||||
PREFERRED_MIRROR=$(conf mirror)
|
RELEASE_SIG_URL=$(conf -d '' "$upgrade_conf" RELEASE_SIG_URL)
|
||||||
FORCE_MIRROR=$(conf force_mirror)
|
PREFERRED_MIRROR=$(conf -d '' "$upgrade_conf" PREFERRED_MIRROR)
|
||||||
|
FORCE_MIRROR=$(conf -d '' "$upgrade_conf" FORCE_MIRROR)
|
||||||
USER_AGENT="$(uname -s)/$(uname -r) ($(uname -m); $(uname -v))"
|
USER_AGENT="$(uname -s)/$(uname -r) ($(uname -m); $(uname -v))"
|
||||||
|
|
||||||
if $insecure_no_check_certificate; then
|
if $insecure_no_check_certificate; then
|
||||||
|
@ -226,7 +227,6 @@ if [ -n "$output_release_file" ]; then
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Load the release description.
|
# Load the release description.
|
||||||
# TODO: SECURITY: REMOTE CODE EXECUTION OF SIGNED REMOTE CODE.
|
|
||||||
# TODO: SECURITY: Protect against responding with older release.sh.
|
# TODO: SECURITY: Protect against responding with older release.sh.
|
||||||
|
|
||||||
# TODO: DO NOT SUBMIT: Temporary compatibility.
|
# TODO: DO NOT SUBMIT: Temporary compatibility.
|
||||||
|
@ -259,7 +259,7 @@ for POTENTIAL_MIRROR in $MIRRORS; do
|
||||||
fi
|
fi
|
||||||
done
|
done
|
||||||
if [ -n "$PREFERRED_MIRROR" ] && [ "$MIRROR" != "$PREFERRED_MIRROR" ]; then
|
if [ -n "$PREFERRED_MIRROR" ] && [ "$MIRROR" != "$PREFERRED_MIRROR" ]; then
|
||||||
if [ "$FORCE_MIRROR" = yes ]; then
|
if [ "$FORCE_MIRROR" = true ]; then
|
||||||
MIRROR="$PREFERRED_MIRROR"
|
MIRROR="$PREFERRED_MIRROR"
|
||||||
else
|
else
|
||||||
echo "$0: warning: ignoring unsupported mirror $PREFERRED_MIRROR" >&2
|
echo "$0: warning: ignoring unsupported mirror $PREFERRED_MIRROR" >&2
|
||||||
|
|
|
@ -56,6 +56,8 @@ for argument do
|
||||||
--collection=*) collection=$parameter ;;
|
--collection=*) collection=$parameter ;;
|
||||||
--collection) previous_option=collection ;;
|
--collection) previous_option=collection ;;
|
||||||
--download-only) download_only=true ;;
|
--download-only) download_only=true ;;
|
||||||
|
--fetch-options=*) fetch_options="$parameter" ;;
|
||||||
|
--fetch-options) previous_option=fetch_options ;;
|
||||||
--insecure-downgrade-to-http) fetch_options="$fetch_options $argument" ;;
|
--insecure-downgrade-to-http) fetch_options="$fetch_options $argument" ;;
|
||||||
--insecure-no-check-certificate) fetch_options="$fetch_options $argument" ;;
|
--insecure-no-check-certificate) fetch_options="$fetch_options $argument" ;;
|
||||||
--ports) upgrade_ports=true ;;
|
--ports) upgrade_ports=true ;;
|
||||||
|
@ -81,7 +83,7 @@ if [ 0 -lt $# ]; then
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
get_conf() {
|
conf() {
|
||||||
sed -E -e 's/([a-zA-Z0-9_]+) *? *= */\U\1=/' \
|
sed -E -e 's/([a-zA-Z0-9_]+) *? *= */\U\1=/' \
|
||||||
-e 's/=yes$/=true/' -e 's/no$/=false/' "$3" | \
|
-e 's/=yes$/=true/' -e 's/no$/=false/' "$3" | \
|
||||||
tix-vars -d "$2" - "$4"
|
tix-vars -d "$2" - "$4"
|
||||||
|
@ -93,8 +95,8 @@ if ! $upgrade_ports && ! $upgrade_system; then
|
||||||
upgrade_ports=true
|
upgrade_ports=true
|
||||||
upgrade_system=true
|
upgrade_system=true
|
||||||
if [ -e "$collection/etc/upgrade.conf" ]; then
|
if [ -e "$collection/etc/upgrade.conf" ]; then
|
||||||
upgrade_ports=$(get_conf -d true "$collection/etc/upgrade.conf" PORTS)
|
upgrade_ports=$(conf -d true "$collection/etc/upgrade.conf" PORTS)
|
||||||
upgrade_system=$(get_conf -d true "$collection/etc/upgrade.conf" SYSTEM)
|
upgrade_system=$(conf -d true "$collection/etc/upgrade.conf" SYSTEM)
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
@ -123,14 +125,16 @@ mkdir -p -- "$cachedir/new"
|
||||||
# Fetch the latest official release.sig.sh and its matching sha256sum file.
|
# Fetch the latest official release.sig.sh and its matching sha256sum file.
|
||||||
tix-fetch $fetch_options \
|
tix-fetch $fetch_options \
|
||||||
--collection="$collection" \
|
--collection="$collection" \
|
||||||
|
--output-release-file="$cachedir/new/release.sh" \
|
||||||
--output-release-sig-file="$cachedir/new/release.sh.sig" \
|
--output-release-sig-file="$cachedir/new/release.sh.sig" \
|
||||||
--output-sha256sum="$cachedir/new/sha256sum"
|
--output-sha256sum="$cachedir/new/sha256sum"
|
||||||
|
|
||||||
# If release.sig.sh or sha256sum changed, clean the cache directory of downloads
|
# If release.sig.sh or sha256sum changed, clean the cache directory of downloads
|
||||||
# that were currently in progress as they might not have the right checksums.
|
# that were currently in progress as they might not have the right checksums.
|
||||||
if [ ! -e "$cachedir/release.sh.sig" ] ||
|
if [ ! -e "$cachedir/release.sh" ] ||
|
||||||
|
[ ! -e "$cachedir/release.sh.sig" ] ||
|
||||||
[ ! -e "$cachedir/sha256sum" ] ||
|
[ ! -e "$cachedir/sha256sum" ] ||
|
||||||
! (cd "$cachedir/new" && sha256sum release.sh.sig sha256sum) |
|
! (cd "$cachedir/new" && sha256sum release.sh release.sh.sig sha256sum) |
|
||||||
(cd "$cachedir" && sha256sum -cs); then
|
(cd "$cachedir" && sha256sum -cs); then
|
||||||
rm -rf -- "$cachedir/boot"
|
rm -rf -- "$cachedir/boot"
|
||||||
rm -rf -- "$cachedir/repository"
|
rm -rf -- "$cachedir/repository"
|
||||||
|
@ -139,23 +143,30 @@ fi
|
||||||
|
|
||||||
# Store the new release.sig.sh and sha256sum files so we can resume the download
|
# Store the new release.sig.sh and sha256sum files so we can resume the download
|
||||||
# if cancelled and these files still match.
|
# if cancelled and these files still match.
|
||||||
|
mv -- "$cachedir/new/release.sh" "$cachedir/release.sh"
|
||||||
mv -- "$cachedir/new/release.sh.sig" "$cachedir/release.sh.sig"
|
mv -- "$cachedir/new/release.sh.sig" "$cachedir/release.sh.sig"
|
||||||
mv -- "$cachedir/new/sha256sum" "$cachedir/sha256sum"
|
mv -- "$cachedir/new/sha256sum" "$cachedir/sha256sum"
|
||||||
rm -rf -- "$cachedir/new"
|
rm -rf -- "$cachedir/new"
|
||||||
|
|
||||||
mkdir -p "$cachedir/boot"
|
mkdir -p -- "$cachedir/boot"
|
||||||
mkdir -p "$cachedir/repository"
|
mkdir -p -- "$cachedir/repository"
|
||||||
|
|
||||||
# TODO: Support upgrading across releases, renamed channels, etc.
|
# TODO: Support upgrading across releases, renamed channels, etc.
|
||||||
|
|
||||||
|
# TODO: DO NOT SUBMIT: Temporary -d system compatibility until builds roll.
|
||||||
|
SYSTEM_INITRDS=$(tix-vars -d system "$cachedir/release.sh" SYSTEM_INITRDS)
|
||||||
|
|
||||||
|
# TODO: What about the system source code in /src?
|
||||||
|
|
||||||
if $upgrade_system; then
|
if $upgrade_system; then
|
||||||
# Fetch the base system initrds from the mirror.
|
# Fetch the base system initrds from the mirror.
|
||||||
# TODO: What about the system source code in /src?
|
for initrd in $SYSTEM_INITRDS; do
|
||||||
tix-fetch $fetch_options \
|
tix-fetch $fetch_options \
|
||||||
--collection="$collection" \
|
--collection="$collection" \
|
||||||
--input-release-sig-file="$cachedir/release.sh.sig" \
|
--input-release-sig-file="$cachedir/release.sh.sig" \
|
||||||
--input-sha256sum="$cachedir/sha256sum" \
|
--input-sha256sum="$cachedir/sha256sum" \
|
||||||
-c --initrd -O "$cachedir/boot" -- system
|
-c --initrd -O "$cachedir/boot" -- "$initrd"
|
||||||
|
done
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if $upgrade_ports; then
|
if $upgrade_ports; then
|
||||||
|
@ -192,9 +203,11 @@ mkdir -p -- "$cachedir/sysroot"
|
||||||
|
|
||||||
# Extract the base system into the sysroot.
|
# Extract the base system into the sysroot.
|
||||||
if $upgrade_system; then
|
if $upgrade_system; then
|
||||||
echo "Extracting system.tar.xz..."
|
for initrd in $SYSTEM_INITRDS; do
|
||||||
tar -C "$cachedir/sysroot" -xJf "$cachedir/boot/system.tar.xz"
|
echo "Extracting $initrd.tar.xz..."
|
||||||
rm -f "$cachedir/boot/system.tar.xz"
|
tar -C "$cachedir/sysroot" -xJf "$cachedir/boot/$initrd.tar.xz"
|
||||||
|
rm -f "$cachedir/boot/$initrd.tar.xz"
|
||||||
|
done
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Extract the ports into the sysroot.
|
# Extract the ports into the sysroot.
|
||||||
|
|
Loading…
Reference in New Issue