fixup! Add tix-upgrade(8).
This commit is contained in:
Jonas 'Sortie' Termansen
parent
7f8cb8aecc
commit
2402ef8361
|
|
@ -86,10 +86,10 @@ for argument do
|
|||
--collection=*) collection=$parameter ;;
|
||||
--collection) previous_option=collection ;;
|
||||
--continue) continue="--continue" ;;
|
||||
--download-non-verbose) previous_option="-nv" ;;
|
||||
--download-non-verbose) previous_option="-v" ;;
|
||||
--download-quiet) previous_option="-q" ;;
|
||||
--download-verbose) previous_option="-v" ;;
|
||||
--download-non-verbose) wget_options="-nv" ;;
|
||||
--download-non-verbose) wget_options="-v" ;;
|
||||
--download-quiet) wget_options="-q" ;;
|
||||
--download-verbose) wget_options="-v" ;;
|
||||
--execpatch) execpatch=true ;;
|
||||
--initrd) initrd=true ;;
|
||||
--input-release-file=*) input_release_file=$parameter ;;
|
||||
|
|
@ -149,18 +149,19 @@ fi
|
|||
# TODO: Mutually incompatible options.
|
||||
|
||||
conf() {
|
||||
grep -E "^$1[[:space:]]*=" -- "$collection/etc/upgrade.conf" |
|
||||
tail -n 1 |
|
||||
sed -E 's/^[^=]*=[[:space:]]*(|.*[^[:space:]])[[:space:]]*/\1/'
|
||||
sed -E -e 's/([a-zA-Z0-9_]+) *? *= */\U\1=/' \
|
||||
-e 's/=yes$/=true/' -e 's/no$/=false/' "$3" | \
|
||||
tix-vars -d "$2" - "$4"
|
||||
}
|
||||
|
||||
tmpdir=$(mktemp -dt tix-fetch-port.XXXXXX)
|
||||
trap 'rm -rf -- "$tmpdir"' EXIT HUP INT QUIT TERM
|
||||
|
||||
RELEASE_KEY=$(conf release_key)
|
||||
RELEASE_SIG_URL=$(conf release_sig_url)
|
||||
PREFERRED_MIRROR=$(conf mirror)
|
||||
FORCE_MIRROR=$(conf force_mirror)
|
||||
upgrade_conf="${collection%/}/etc/upgrade.conf"
|
||||
RELEASE_KEY=$(conf -d '' "$upgrade_conf" RELEASE_KEY)
|
||||
RELEASE_SIG_URL=$(conf -d '' "$upgrade_conf" RELEASE_SIG_URL)
|
||||
PREFERRED_MIRROR=$(conf -d '' "$upgrade_conf" PREFERRED_MIRROR)
|
||||
FORCE_MIRROR=$(conf -d '' "$upgrade_conf" FORCE_MIRROR)
|
||||
USER_AGENT="$(uname -s)/$(uname -r) ($(uname -m); $(uname -v))"
|
||||
|
||||
if $insecure_no_check_certificate; then
|
||||
|
|
@ -226,7 +227,6 @@ if [ -n "$output_release_file" ]; then
|
|||
fi
|
||||
|
||||
# Load the release description.
|
||||
# TODO: SECURITY: REMOTE CODE EXECUTION OF SIGNED REMOTE CODE.
|
||||
# TODO: SECURITY: Protect against responding with older release.sh.
|
||||
|
||||
# TODO: DO NOT SUBMIT: Temporary compatibility.
|
||||
|
|
@ -259,7 +259,7 @@ for POTENTIAL_MIRROR in $MIRRORS; do
|
|||
fi
|
||||
done
|
||||
if [ -n "$PREFERRED_MIRROR" ] && [ "$MIRROR" != "$PREFERRED_MIRROR" ]; then
|
||||
if [ "$FORCE_MIRROR" = yes ]; then
|
||||
if [ "$FORCE_MIRROR" = true ]; then
|
||||
MIRROR="$PREFERRED_MIRROR"
|
||||
else
|
||||
echo "$0: warning: ignoring unsupported mirror $PREFERRED_MIRROR" >&2
|
||||
|
|
|
|||
|
|
@ -56,6 +56,8 @@ for argument do
|
|||
--collection=*) collection=$parameter ;;
|
||||
--collection) previous_option=collection ;;
|
||||
--download-only) download_only=true ;;
|
||||
--fetch-options=*) fetch_options="$parameter" ;;
|
||||
--fetch-options) previous_option=fetch_options ;;
|
||||
--insecure-downgrade-to-http) fetch_options="$fetch_options $argument" ;;
|
||||
--insecure-no-check-certificate) fetch_options="$fetch_options $argument" ;;
|
||||
--ports) upgrade_ports=true ;;
|
||||
|
|
@ -81,7 +83,7 @@ if [ 0 -lt $# ]; then
|
|||
exit 1
|
||||
fi
|
||||
|
||||
get_conf() {
|
||||
conf() {
|
||||
sed -E -e 's/([a-zA-Z0-9_]+) *? *= */\U\1=/' \
|
||||
-e 's/=yes$/=true/' -e 's/no$/=false/' "$3" | \
|
||||
tix-vars -d "$2" - "$4"
|
||||
|
|
@ -93,8 +95,8 @@ if ! $upgrade_ports && ! $upgrade_system; then
|
|||
upgrade_ports=true
|
||||
upgrade_system=true
|
||||
if [ -e "$collection/etc/upgrade.conf" ]; then
|
||||
upgrade_ports=$(get_conf -d true "$collection/etc/upgrade.conf" PORTS)
|
||||
upgrade_system=$(get_conf -d true "$collection/etc/upgrade.conf" SYSTEM)
|
||||
upgrade_ports=$(conf -d true "$collection/etc/upgrade.conf" PORTS)
|
||||
upgrade_system=$(conf -d true "$collection/etc/upgrade.conf" SYSTEM)
|
||||
fi
|
||||
fi
|
||||
|
||||
|
|
@ -123,14 +125,16 @@ mkdir -p -- "$cachedir/new"
|
|||
# Fetch the latest official release.sig.sh and its matching sha256sum file.
|
||||
tix-fetch $fetch_options \
|
||||
--collection="$collection" \
|
||||
--output-release-file="$cachedir/new/release.sh" \
|
||||
--output-release-sig-file="$cachedir/new/release.sh.sig" \
|
||||
--output-sha256sum="$cachedir/new/sha256sum"
|
||||
|
||||
# If release.sig.sh or sha256sum changed, clean the cache directory of downloads
|
||||
# that were currently in progress as they might not have the right checksums.
|
||||
if [ ! -e "$cachedir/release.sh.sig" ] ||
|
||||
if [ ! -e "$cachedir/release.sh" ] ||
|
||||
[ ! -e "$cachedir/release.sh.sig" ] ||
|
||||
[ ! -e "$cachedir/sha256sum" ] ||
|
||||
! (cd "$cachedir/new" && sha256sum release.sh.sig sha256sum) |
|
||||
! (cd "$cachedir/new" && sha256sum release.sh release.sh.sig sha256sum) |
|
||||
(cd "$cachedir" && sha256sum -cs); then
|
||||
rm -rf -- "$cachedir/boot"
|
||||
rm -rf -- "$cachedir/repository"
|
||||
|
|
@ -139,23 +143,30 @@ fi
|
|||
|
||||
# Store the new release.sig.sh and sha256sum files so we can resume the download
|
||||
# if cancelled and these files still match.
|
||||
mv -- "$cachedir/new/release.sh" "$cachedir/release.sh"
|
||||
mv -- "$cachedir/new/release.sh.sig" "$cachedir/release.sh.sig"
|
||||
mv -- "$cachedir/new/sha256sum" "$cachedir/sha256sum"
|
||||
rm -rf -- "$cachedir/new"
|
||||
|
||||
mkdir -p "$cachedir/boot"
|
||||
mkdir -p "$cachedir/repository"
|
||||
mkdir -p -- "$cachedir/boot"
|
||||
mkdir -p -- "$cachedir/repository"
|
||||
|
||||
# TODO: Support upgrading across releases, renamed channels, etc.
|
||||
|
||||
# TODO: DO NOT SUBMIT: Temporary -d system compatibility until builds roll.
|
||||
SYSTEM_INITRDS=$(tix-vars -d system "$cachedir/release.sh" SYSTEM_INITRDS)
|
||||
|
||||
# TODO: What about the system source code in /src?
|
||||
|
||||
if $upgrade_system; then
|
||||
# Fetch the base system initrds from the mirror.
|
||||
# TODO: What about the system source code in /src?
|
||||
tix-fetch $fetch_options \
|
||||
--collection="$collection" \
|
||||
--input-release-sig-file="$cachedir/release.sh.sig" \
|
||||
--input-sha256sum="$cachedir/sha256sum" \
|
||||
-c --initrd -O "$cachedir/boot" -- system
|
||||
for initrd in $SYSTEM_INITRDS; do
|
||||
tix-fetch $fetch_options \
|
||||
--collection="$collection" \
|
||||
--input-release-sig-file="$cachedir/release.sh.sig" \
|
||||
--input-sha256sum="$cachedir/sha256sum" \
|
||||
-c --initrd -O "$cachedir/boot" -- "$initrd"
|
||||
done
|
||||
fi
|
||||
|
||||
if $upgrade_ports; then
|
||||
|
|
@ -192,9 +203,11 @@ mkdir -p -- "$cachedir/sysroot"
|
|||
|
||||
# Extract the base system into the sysroot.
|
||||
if $upgrade_system; then
|
||||
echo "Extracting system.tar.xz..."
|
||||
tar -C "$cachedir/sysroot" -xJf "$cachedir/boot/system.tar.xz"
|
||||
rm -f "$cachedir/boot/system.tar.xz"
|
||||
for initrd in $SYSTEM_INITRDS; do
|
||||
echo "Extracting $initrd.tar.xz..."
|
||||
tar -C "$cachedir/sysroot" -xJf "$cachedir/boot/$initrd.tar.xz"
|
||||
rm -f "$cachedir/boot/$initrd.tar.xz"
|
||||
done
|
||||
fi
|
||||
|
||||
# Extract the ports into the sysroot.
|
||||
|
|
|
|||
Loading…
Reference in New Issue