Makefile.inc1: Fix -DNO_ROOT distributeworld certctl usage
Currently for distributeworld we pass DESTDIR to certctl.sh as an
environment variable, which sets the default value in the script.
However, for -DNO_ROOT builds, CERTCTLFLAGS has METALOG_INSTALLFLAGS
which includes -D ${DESTDIR}, overriding the custom DESTDIR pointing at
the base dist directory.
Moreover, in order to ensure that the METALOG includes the base/ prefix
for all the files, we need to have certctl call install with -D set to
DESTDIR/DISTDIR without the /base suffix but also ensure the files get
installed to DESTDIR/DISTDIR/base.
Fix these by passing the custom DESTDIR to certctl via -D rather than in
the environment and to pass the /base suffix in the distributeworld case
via the newly-added -d option.
We also need to run certctl rehash before we generate the .meta files
from the METALOG, not after, otherwise they won't include the METALOG
additions, so move the certctl rehash call.
Finally, add a missing semicolon that results in no message being
printed in the missing openssl case. By not including the semicolon,
else echo "..." is treated as extra arguments to certctl, which is lax
in its argument parsing and ignores additional arguments, and the
semicolon and fi after the intended echo terminate the if statement as
normal so there's no syntax error at the shell level. This is harmless
as we weren't trying to do anything other than echo anyway, all that
happens is the echo doesn't actually get run.
Reported by: markj (missing semicolon)
Reviewed by: brooks, kevans
Obtained from: CheriBSD
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D35809
This commit is contained in:
Jessica Clarke
parent
232cf6be4b
commit
7e45839aca
@ -948,10 +948,12 @@ IMAKE_INSTALL= INSTALL="${INSTALL_CMD} ${INSTALLFLAGS}"
|
||||
IMAKE_MTREE= MTREE_CMD="${MTREE_CMD} ${MTREEFLAGS}"
|
||||
.endif
|
||||
.if make(distributeworld)
|
||||
CERTCTLDESTDIR= ${DESTDIR}/${DISTDIR}/base
|
||||
CERTCTLDESTDIR= ${DESTDIR}/${DISTDIR}
|
||||
CERTCTLFLAGS+= -d /base
|
||||
.else
|
||||
CERTCTLDESTDIR= ${DESTDIR}
|
||||
.endif
|
||||
CERTCTLFLAGS+= -D "${CERTCTLDESTDIR}"
|
||||
|
||||
DESTDIR_MTREEFLAGS= -deU
|
||||
# When creating worldtmp we don't need to set the directories as owned by root
|
||||
@ -1443,6 +1445,14 @@ distributeworld installworld stageworld: _installcheck_world .PHONY
|
||||
.endif # make(distributeworld)
|
||||
${_+_}cd ${.CURDIR}; ${IMAKE} re${.TARGET:S/world$//}; \
|
||||
${IMAKEENV} rm -rf ${INSTALLTMP}
|
||||
.if !make(packageworld) && ${MK_CAROOT} != "no"
|
||||
@if which openssl>/dev/null; then \
|
||||
PATH=${TMPPATH}:${PATH} \
|
||||
sh ${SRCTOP}/usr.sbin/certctl/certctl.sh ${CERTCTLFLAGS} rehash; \
|
||||
else \
|
||||
echo "No openssl on the host, not rehashing certificates target -- /etc/ssl may not be populated."; \
|
||||
fi
|
||||
.endif
|
||||
.if make(distributeworld)
|
||||
.for dist in ${EXTRA_DISTRIBUTIONS}
|
||||
find ${DESTDIR}/${DISTDIR}/${dist} -mindepth 1 -type d -empty -delete
|
||||
@ -1470,14 +1480,6 @@ distributeworld installworld stageworld: _installcheck_world .PHONY
|
||||
.endfor
|
||||
.endif
|
||||
.endif # make(distributeworld)
|
||||
.if !make(packageworld) && ${MK_CAROOT} != "no"
|
||||
@if which openssl>/dev/null; then \
|
||||
DESTDIR=${CERTCTLDESTDIR} PATH=${TMPPATH}:${PATH} \
|
||||
sh ${SRCTOP}/usr.sbin/certctl/certctl.sh ${CERTCTLFLAGS} rehash \
|
||||
else \
|
||||
echo "No openssl on the host, not rehashing certificates target -- /etc/ssl may not be populated."; \
|
||||
fi
|
||||
.endif
|
||||
|
||||
packageworld: .PHONY
|
||||
.for dist in base ${EXTRA_DISTRIBUTIONS}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user