Also mark it as config file so if a user changes this file pkg will attempt
to merge the new file upon an update.
device.hints is neither related to runtime or loader but it make more sense
to have it in loader in case some user delete /boot/ and wants to recreate it,
now only two packages are required FreeBSD-bootloader and the kernel package.
While here change where we override the package for files installed in /boot,
this allow us to keep other tags (such as config).
Reported by: pizzamig
Reviewed by: bapt pizzamig emaste
Differential Revision: https://reviews.freebsd.org/D24159
autofs was introduced with FreeBSD 10.1 and is the supported method for
automounting filesystems. As of r296194 the amd man page claimed that it
is deprecated. Remove it from base now; the sysutils/am-utils port is
still available if necessary.
Discussed with: cy
Relnotes: Yes
Sponsored by: The FreeBSD Foundation
We don't produce these anymore as of r356797, remove the remnant in
generate-ucl.sh that accounted for them. This isn't strictly necessary, but
future work is needed for the various packages that can be generated on a
lib build.
Namely, we may produce -development packages for private/internal libs that
should be installed but won't have the base FreeBSD-libfoo pkg to depend on
because it's internal (e.g. liby, libpmcstat, libifconfig) but we want the
headers installed. It may be a better move to just shove these into
-runtime-development instead, but if not then we've just simplified the
cases that need to take private/internal libs into account.
I forgot to do this as part of r345858 -- I added it to the
vm_extra_pre_umount in vmimage.subr but forgot that function
was overridden in the EC2 build.
MFC after: 2 weeks
I've discovered I have this local diff that never got committed -- this
should have been a part of r355424.
Reproted by: Klaus Küchemann <maciphone2@googlemail.com>
This cuts out a large chunk of duplicated *.ucl files that just needed
dependencies tacked on, and gives generate-ucl.sh some leeway in case a
future pkg may need more than one dependency.
Run-through to determine which ones could simply be removed done with for i
in *.ucl; do diff -U3 template.ucl ${i}; done | less and inspecting for any
differences beyond just adding deps at the end. The remaining ucl files are
basically all differently-licensed, require scripts, or are marked vital.
I've opted to remove %PKGDEPS% entirely without regard for third-party ucl,
as pkgbase is not yet considered production. However, I do not hold a strong
position on this and there is approximately 0 chance it will return.
clibs should have been added previously in generate-ucl.sh as one that
doesn't have any dependencies, but do so now that we would otherwise be
tacking on the runtime dependency.
Reviewed by: manu, bapt (earlier version)
Differential Revision: https://reviews.freebsd.org/D23415
The original intention for caroot was to be packaged separately, perhaps so
that users can have a more/less conservative upgrade policy for this
separated from the rest of base.
secure/caroot/Makefile doesn't have anything interesting to package, but its
subdirectories might. Move the PACKAGE= to Makefile.inc so both blacklisted
and trusted get packaged consistently into the correct one rather than the
default -utilities. Also tag the directories for package=caroot, as they
could also be empty; blacklisted is empty by default, but trusted is not.
Add a post-install script to do certctl rehash, along with a note should we
eventually come up with a way to detect that files have been added or
removed that requires a rehash.
-caroot gets a dependency on -utilities, as that's where we provide certctl
at the moment. We can perhaps reconsider this and put certctl into this
package in the future, but there are some bits within -utilities that
unconditionally invoke certctl so let's hold off for now.
Reviewed by: manu (earlier version, before -utilities dep added)
Differential Revision: https://reviews.freebsd.org/D23352
These are just direct copies of the template. If they don't exist but are
attempted to be used, generate-ucl.sh will simply fallback to the template
anyways. Let it do so to reduce potential maintenance burden.
Make stock FreeBSD more useful for people wishing to use them. The
QEMU folks suggested this change. It adds a serial console which
allows them to interact with FreeBSD from the earliest moments. This
allows them to configure FreeBSD via the serial port to set it up for
CI use.
Reviewed by: kevans@
Sponsored by: Netflix, Inc
Differential Revision: https://reviews.freebsd.org/D22786
The recent rpi-firmware update renamed "0" to "zero" in the RPi0 DTB
filename
It also included the components needed to boot the RPi4, so install those
now -- interested parties can install sysutils/u-boot-rpi4 and copy
config_rpi4.txt to config.txt on the FAT partition in order to boot the
board. Do note that we currently don't support ethernet/usb/pci.
Reviewed by: manu
MFC after: 3 days
Postings were sent to -arch@ on 2019/09/13 and 2019/10/01, proposing and
confirming a removal of these scripts on 2019/10/31, due to significant work
needed to bring this into the modern world and nobody having done this work
in the past couple of years. No objections or proposed work was raised in
response to these postings. The tinyware may see a resurrection into a
separate repo for archival purposes if any users of it show interest in
doing so.
MFC after: never
Notices appear both in picobsd(8) (near the top for easy notice) and are
also printed to stderr on every invocation of picobsd for visibility.
The tentative date for removal is October 31st, as no volunteers have
stepped forward at all from postings to -arch@ at least.
No objection from: -arch@
MFC after: 3 days
picobsd/tinyware has had this compact HTTPD server for a long time, and some
people do use it. Move it out into usr.sbin well in advance of any action
being taken on picobsd.
This has been gated behind an HTTPD option defaulted to *off*, primarily for
two reasons:
1.) This code likely needs a good audit, as it's been living off in picobsd
land for a long time, and
2.) We don't currently ship an httpd and this may not be a welcome surprise.
Reviewed by: eugen
Differential Revision: https://reviews.freebsd.org/D21724
Since login and login.conf moved to the utilities packages move also
the post-install related commands.
Reported by: mj-mailinglist@gmx.de
Reviewed by: bapt
The default package use to be FreeBSD-runtime but it should only contain
binaries and libs enough to boot to single user and repair the system, it
is also very handy to have a package that can be tranform to a small mfsroot.
So create a new package named FreeBSD-utilities and make it the default one.
Also move a few binaries and lib into this package when it make sense.
Reviewed by: bapt, gjb
Differential Revision: https://reviews.freebsd.org/D21506
It doesn't need to be in runtime and might help people who want to
experiment with other rc system or don't use one (like in small
embedded mfsroot).
Reviewed by: bapt, gjb
Differential Revision: https://reviews.freebsd.org/D21499
Bootloader file isn't needed for jails so don't include it in FreeBSD-runtime.
Reviewed by: bapt, delphij, gjb
Differential Revision: https://reviews.freebsd.org/D21496
With this last piece in place, make -C /usr/src/release release.iso is
finally able to run in a jail. This was not possible before because
msdosfs cannot be mounted inside a jail.
Submitted by: ryan@ixsystems.com
Reviewed by: emaste@, imp@, gjb@
MFC after: 1 week
Sponsored by: iXsystems, Inc.
Differential Revision: https://reviews.freebsd.org/D21385
"static" keywords and -Werror,-Wmissing-variable-declarations
This change adds needed "static" so it builds again with WARNS?=6
No functional changes.
MFC after: 1 week
Update login(1), its manual pages, similar utilities, and motd.5 to refer to
the new location.
Suggested by: delphij@ (re: r349256)
Reviewed by: bcr (manpages), delphij
Differential Revision: https://reviews.freebsd.org/D20721
Move the bluetooth related files from FreeBSD-runtime to a new package named
FreeBSD-bluetooth
The FreeBSD runtime is only intended to have everything for a working
FreeBSD installation and bluetooth isn't needed for that.
Reviewed by: bapt, gjb
Differential Revision: https://reviews.freebsd.org/D20959
Move the hostapd related files from FreeBSD-runtime to a new package n
FreeBSD-hostapd
The FreeBSD runtime is only intended to have everything for a working
FreeBSD installation and hostapd isn't needed for that.
Reviewed by: bapt, gjb
Differential Revision: https://reviews.freebsd.org/D20958
Move the wpa related files from FreeBSD-runtime to a new package named
FreeBSD-wpa
The FreeBSD runtime is only intended to have everything for a working
FreeBSD installation and wpa isn't needed for that.
Reviewed by: bapt, gjb
Differential Revision: https://reviews.freebsd.org/D20957
Remove RELEASE_CRUNCH here. It's obsolete and hasn't worked in a while. The
build options need to be revisited, since many older ones are listed, while
newer useful ones are not. But that rototilling I'll leave to others.
directory where the individual distribution sets exist.
The new metadata files include the build date, svn branch, and
revision of the build.
Requested by: Mellanox Technologies (via kib)
MFC after: 3 days
Sponsored by: Rubicon Communications, LLC (Netgate)
SRC_CONF, __MAKE_CONF and SRCCONF, respectively) through
to arm_install_base() and chroot_arm_build_release().
This prevents failures when the target image is intended
to be build with make.conf(5) and src.conf(5) overrides,
which are correctly handled for non-embedded image builds.
Reported and tested by: Daniel Engberg
PR: 238615
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
The fix to override the default python version when building
the sysutils/py-google-compute-engine did not work, and there
are still issues that need to be addressed in the port itself.
See bugzilla 238267 for additional details.
MFC after: 6 days
MFC with: r348438
MFC note: no-op to appease the merge tracker
Sponsored by: The FreeBSD Foundation
size is too small to bootstrap the firstboot_pkgs list.
While here, add the growfs(8) startup script to /etc/rc.conf,
as Vagrant images can be resized by modifying the Vagrantfile.
Reported by: dbaio
PR: 238226
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
The ports/head branch recently switched to python3 as the default,
which breaks the sysutils/py-google-compute-engine startup scripts,
as lang/python installs lang/python3{,.x} where lang/python2{,.x}
are needed.
Set DEFAULT_VERSIONS in release/tools/gce.conf to python=2.7, and
remove the lang/python3 inclusion in VM_EXTRA_PACKAGES.
Additionally, unset DEFAULT_VERSIONS in release/tools/vmimage.subr
to prevent persistence of DEFAULT_VERSIONS=python=2.7 in subsequent
VM/cloud image builds.
Note: at present, this affects only 13-CURRENT and 12-STABLE, as
the stable/11 branch had already switched to using the 2019Q2 branch
at the start of the 11.3-RELEASE cycle, so this does not immediately
affect 11.3-BETA, hence the 1-week merge timeout. This had been
manually tested on 13-CURRENT.
Reported by: ler (privately)
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Summary:
loader has grown to the point it's overflowing the existing 307200 bytes
allocated to it in the HFS boot partition on the isos.
Bump the space reservation up to 500k.
Submitted by: Brandon Bergren
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D20301
AMIs have been breaking for the past month due to insufficient disk space.
Due to the small amount of overhead in the disk image, the EC2 AMIs end
up with the same (4GB) minimum disk size.
Reported by: Michal Krawczyk
30GB to 3GB. The raw images can be resized using truncate(1), and
other formats can be resized with tools included with other tools
included with other hypervisors.
Enable the growfs(8) rc(8) at firstboot if the disk was resized
prior to booting the virtual machine for the first time.
Discussed with: several
PR: 232313 (requested in other context)
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
If MACHINE_ARCH doesn't match TARGET_ARCH, and we're not in the special
case of building i386 images on an amd64 host, we need to pull in the
qemu-user-static package; this allows us to run some commands inside
the VM disk image chroot, most notably to install packages.
Reviewed by: gjb
MFC after: 2 weeks
Sponsored by: FreeBSD/EC2 patreon (https://www.patreon.com/cperciva)
to full filesystem. This makes the size of the arm64 SoC images
consistent with armv6 and armv7.
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
This script broke around FreeBSD 11.0 as a result of SWAPMETA no longer
being reported by vmstat -z; but it also needs to be reworked due to the
arrival in EC2 of nvme ephemeral disks.
I'll turn this option back on after I've found time to rewrite the
script in question.
PR: 234686
Reported by: meta@
MFC after: 1 week
Currently, the installer uses pre-created 800KB FAT12 filesystems that
it dd's onto the ESP partition.
This changeset improves that by having the installer generate a FAT32
filesystem directly onto the ESP using newfs_msdos and then copying
loader.efi into /EFI/freebsd.
For live installs it then runs efibootmgr to add a FreeBSD boot entry
in the BIOS.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D17947
This fixes 'cdrom' target in the case when world was built by user,
and not root.
Reviewed by: imp
Differential revision: https://reviews.freebsd.org/D18414
Add a configuration for PINEBOOK image.
Pinebook is a arm64 laptop based on a Pine64 board.
Since the usb trackpad need a quirk, add a common function for adding
quirk for arm board.
A default one is supplied as most board to not need quirks.
Reviewed by: gjb
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D18337
list and remaining references from the script used to create the
MANIFEST file used by bsdinstall(8).
No MFC is planned at this time.
Sponsored by: The FreeBSD Foundation
was removed in r318881 when roff was removed from the base
system.
This results in the doc.txz distribution set containing a
single directory (./) which is empty.
Remove the "Additional documentation" option from the menu
selection of bsdinstall(8), as the plain-text documentation
installed in /usr/share/doc is installed as part of the
packageworld target.
The doc entry has not been removed from EXTRA_DISTRIBUTIONS
in Makefile.inc1, in case its removal triggers an issue with
freebsd-update(8), which is currently aware of the world/doc
component, so the empty doc.txz continues to be created as
a precaution.
Noticed by: rgrimes
MFC after: 2 days
MFC before: 12.0-RC1
Sponsored by: The FreeBSD Foundation
src branch is used when generating the hardware.html page.
MFC after: 3 days
MFC before: 12.0-BETA3
MFC with: r339873
Sponsored by: The FreeBSD Foundation
AVAHI to the list. This fixes the textproc/docproj build
seemingly following FLAVORS being added.
Specifically, the problem with the dependency chain here is:
- textproc/docproj depends on print/cups, which sets AVAHI=on
by default;
- net/avahi-app depends on devel/gobject-introspection, which
requires python3+;
- graphics/netpbm depends on graphics/mesa-libs, which can
only be built with python2.7;
- textproc/docproj depends on a number of graphics ports for
font rendering, etc.
MFC after: 3 days
MFC before: 12.0-BETA3
Sponsored by: The FreeBSD Foundation
This feature is disabled on install media as these generally won't have any
interesting kernels to be listed other than the default kernel, so the
potential performance penalty in these situations likely isn't worth it.
Approved by: re (kib)
target.
The doc/share/mk/doc.commands.mk sets SVN to /usr/local/bin/svn
by default, which is not necessarily installed by the documentation
project textproc/docproj port.
Ensure SVN can be evaluated properly to include the hardware pages
by iterating through /usr/local/bin and /usr/bin and looking for
both svn and svnlite binaries, and pass the SVN variable explicitly
through env(1) in the reldoc target to avoid failures if it does not
exist.
Approved by: re (rgrimes)
Sponsored by: The FreeBSD Foundation
dvd1.iso installation medium from including KDE4 to KDE5, as the
KDE4-based ports have been marked as deprecated in the Ports
Collection.
MFC after: 3 days
Approved by: re (rgrimes)
Sponsored by: The FreeBSD Foundation
lualoader has moved to a model where the user is expected to disable color
as desired, rather than disabling it automatically for serial boots, due to
more wide-spread support for color sequences.
In a similar vain, though also to reduce special cases, lualoader no
longer disables the beastie menu automatically for !x86. This was done in
Forth land with a different loader.rc that simply didn't invoke the menu
routines, thus wasn't necessary.
This set of changes puts release images back to how they would've been
experienced prior to the switch to Lua.
Approved by: re (rgrimes)
the probing and attaching of the PS/2 mouse (not present on EC2) and
keyboard (emulated, but not accessible via EC2).
Note that we disable atkbd0 separately even though during device probing
it shows up as a child of atkbdc0; this is necessary because the device
is also initialized during the early console setup from hammer_time.
This change cuts the kernel boot time on an EC2 c5.4xlarge instance from
7259ms down to 4727 ms.
Approved by: re (marius)
SVN checkout for placement into an EC2 AMI. We only run these if there
is a .svn directory; but in the event that SVN was used to check out a
tree which is then exported over NFS, we were unnecessarily noisy.
Reported by: Andrey Fesenko
MFC after: 3 days
X-MFC-With: r336420, r336433, r336593, r336621,
r336622, r336624, r337394, r337401
There are several scripts and targets solely used to generate install
media, make sure DB_FROM_SRC is used in that case in order to prevent
checking the host database, which is irrelevant when generating
install binaries.
Sponsored by: Citrix Systems R&D
PR: 230459
Reviewed by: gjb
Differential revision: https://reviews.freebsd.org/D16638
to help avoid hard-coding 'python<MAJOR>.<MINOR>' in several
scripts in the client-side scripts.
PR: 230248
MFC after: 3 days
Submitted by: gustavo.scalet@collabora.com
Sponsored by: The FreeBSD Foundation
flag to bsdec2-image-upload instructing it to mark the snapshot of its
root disk as public (which is independent from marking the created AMIs
as public).
Requested by: Amazon
When booting via EFI on arm we have no way to know the dtb file to load
and we always use the one provided from the bootloader.
This works in most case but :
U-Boot have some really old DTB for some boards, the sync from Linux isn't done automatically for all boards
Some boards (like TI BeagleBone series) use one u-boot for all the model and it doesn't embed the DTBs
Some boards (like IMX6 based ones), don't embed the DTB
We want u-boot to load and patch the DTB with the mac address or the display
node enabled or not.
Reviewed by: gjb, imp
Differential Revision: https://reviews.freebsd.org/D16596
The images were renamed from KERNCONF to BOARDNAME when
specified, which would result in an image name of:
12.0-CURRENT-arm-armv7-GENERIC.img
which would then be renamed to use the BOARDNAME for the
SoC the image is targeted to use. BOARDNAME was specified
for all images as of r336994, which now causes the ftp-stage
target to fail, as the rename is no longer necessary.
Sponsored by: The FreeBSD Foundation
Pine64 isn't produced anymore but Pine64-LTS is.
This image works on the LTS release and the Sopine module.
Reviewed by: gjb
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D16487
Since we have now EFI framebuffer enabled for ARM64 if we boot on a board
with an screen, u-boot will set up a EFI GOP framebuffer and we won't boot
using the serial console.
Also on RPI3 the firmware always setup the framebuffer area resulting in u-boot
always setup the EFI GOP and FreeBSD never using the serial console.
Reviewed by: gjb, lwshu (previous version)
Differential Revision: https://reviews.freebsd.org/D16472
boot.scr is a u-boot script that loads and execute ubldr.bin
If not present u-boot will automatically boot loader.efi which
is already installed.
This means that all armv6/armv7 images are now booted via EFI
Tested-On: RPI-B
Tested-On: RPI2
Tested-On: OrangePi One
Tested-On: All lot of other boards
MFC after: Never
Relnotes: yes
This is not a problem for 12-CURRENT as EFI boot works but it doesn't
for 11.
While here some board arm_install_uboot also copy ubldr.bin et create
firstboot files but it's already done in arm_install_boot
Reviewed by: gjb
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D16481
FORCE_PKG_REGISTER is broken so multiple invocation of release.sh for the
same board will fails if /scratch isn't cleaned.
Leave it but deinstall the package first.
Reviewed by: gjb
Differential Revision: https://reviews.freebsd.org/D16513
Using KERNEL made sense when all boards had different kernel configuration.
Now that all of them are using GENERIC use the board name instead
Reviewed by: gjb
Differential Revision: https://reviews.freebsd.org/D16512
This produce a generic sdcard image using armv7 GENERIC kernel that
just need some u-boot (or none if the board have u-boot or a SPI flash
for example).
Reviewed by: imp, gjb
Differential Revision: https://reviews.freebsd.org/D16410
They were added for unclear reasons in r277263. The current OpenSSH
defaults (7.5+) are reasonable, and do not include the insecure rc4 cipher:
chacha20-poly1305@openssh.com,
aes128-ctr,aes192-ctr,aes256-ctr,
aes128-gcm@openssh.com,aes256-gcm@openssh.com,
aes128-cbc,aes192-cbc,aes256-cbc
I think I recall there being a reason for a specific list of ciphers on GCE
at the time, but I do not recall what it was, and cannot find any
current GCE documentation of such a list.
So, just revert the explicit configuration and use sane openssh defaults.
PR: 230092
Submitted by: Gustavo Scalet <gustavo.scalet AT collabora.com>
MFC after: 3 days
Security: yes
This config never worked. At no time did u-boot match the kenrel match
the userland. As all the GUMSTIX gear we support is quite old and/or
not working, remove it. The duovero stuff might work, but nobody
has the hardware for it and GUMSTIX hasn't sold it in years.
The change made in r336593 assumes that the build is happening in a
svn checkout resulting in misleading debug output. Check that we're
actually working in an svn checkout before proceeding to call svn.
This is needed with new u-boot that uses the rpi-firmware dtbs.
Reviewed by: gjb
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D16240
This reduce the per-board arm_install_uboot to just install u-boot.
While here remove the installation of rpi.dtb and rpi2.dtb as we load
them from the UFS partition via ubldr.
Reviewed by: gjb, imp (older version)
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D16239
and revision number announced in SNS notifications about new EC2 AMIs.
While I'm here, incorporate that information into the AMI "description"
fields, since it's more useful than simply echoing the information
already provided via the AMI "name".
Approved by: gjb
the system to make use of USB device mode / USB OTG to provide a "virtual
serial port" on release images.
Reviewed by: gjb@
MFC after: 2 weeks
Relnotes: yes
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D15602
than $4. Introduce $BASEBITSDIR for clarity and to avoid repeating this
mistake in the future. Fixing this ensures that we pick up newly built
boot bits native to the target rather for/from the host.
- Apply some of the argument quoting fixes done in r287635 but missing in
later revisions.
A good number of BIOSes have trouble booting from GPT in non-UEFI mode.
This is commonly reported with Lenovo desktops and laptops (including
X220, X230, T430, and E31) and Dell systems. Although UEFI is the
preferred amd64 boot method on recent hardware, older hardware does not
support UEFI, a user may wish to boot via BIOS/CSM, and some systems
that support UEFI fail to boot FreeBSD via UEFI (such as an old
AMD FX-6100 that I have).
With this change amd64 memsticks remain dual-mode (booting from either
UEFI or CSM); the partitioning type is just switched from GPT to MBR.
The "vestigial swap partition" in the GPT scheme was added in r265017 to
work around some issue with loader's GPT support, so we should not need
it when using MBR.
There is some concern that future UEFI systems may not boot from MBR,
but I am not aware of any today. In any case the likely path forward
for our installers is to migrate to CD/USB combo images, and if it
becomes necessary introduce a separate memstick specifically for the
MBR BIOS/CSM case.
PR: 227954
Reviewed by: gjb, imp, tsoome
MFC after: 3 days
Relnotes: Yes
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D15599
switch the default kldxref_enable to YES.
The reason is that it's required for every image that's being cross-built,
as kldxref(8) cannot handle files for non-native architectures. For the
one that is not - amd64 - having it on by default doesn't change anything;
the script is noop if the linker.hints already exists.
MFC after: 2 weeks
Sponsored by: DARPA, AFRL
boot1.efi have some trouble to read MBR partitions, it needs them to be
aligned a certain way while loader.efi can cope with them either way.
We want to switch to loader.efi as the main efi loader everywhere, it seems
that arm64 using MBR partition will be the guinea pig.
Tested On: RPI3, Pine64
Reviewed by: imp
Approved by: gjb
RPI* 32bits and RPI* 64bits have a different config.txt
Copy to correct config.txt to the fat partition of the release image.
Also copy pwm.dtbo as some people want to use it.
Reviewed by: gjb
r332674 raised the size of the FAT partition from 2MB to 41MB for some
boards. But we format them in FAT12 and this size appears to be to big
for FAT12 and some SoC bootrom cannot cope with that.
Format the msdosfs partition as FAT16,
PR: 228285
MFC after: soon
the /boot/kernel/linker.hints file, which breaks loading some of the modules
with dependencies, eg cfiscsi.ko.
This is a minimal fix for ARM images, in order to safely MFC it before
11.2-RELEASE. Afterwards, however, I believe we should actually just change
the default (as in, etc/defaults/rc.conf). The reason is that it's required
for every image that's being cross-built, as kldxref(1) cannot handle files
for non-native architectures. For the one that is not - amd64 - having it
on by default doesn't change anything - the script is noop if the linker.hints
already exists.
The long-term solution would be to rewrite kldxref(1) to handle other
architectures, and generate linker.hints at build time.
Reviewed by: gjb@
MFC after: 3 days
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D14534
will include license metadata in the resultant GCE image.
GCE_LICENSE is unset by default, as it primarily pertains to images
produced by the FreeBSD Project, but for downstream FreeBSD consumers,
it can be set in the make(1) environment in the format of:
--licenses="projects/PROJECT_ID/global/licenses/LICENSE_NAME"
The "license" is not a license, per se, but required metadata that
is required by the GCE marketplace. For the FreeBSD Project, the
license name is simply 'freebsd', with the description of 'FreeBSD'.
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
satisfying a requirement to allow FreeBSD to be considered
a top-tier supported OS in Google Compute Engine.
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Recent changes to makefs and mkimg have led to situations where the
disconnect between this script and the versions installed on the host cause
failures. Provide a way to work around this that doesn't require the
installation of new versions to the host system if that's not desired.
With this change mkisoimages.sh will honour the $ETDUMP, $MAKEFS and $MKIMG
environment variables but fall back to the previous behaviour of finding them
within $PATH.
Reviewed by: gjb
Sponsored by: iXsystems, Inc.
Differential Revision: https://reviews.freebsd.org/D15181
current size may not be sufficiently large for development and/or
testing.
PR: 227548
Submitted by: trasz
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
EC2 instances from sysctl.conf to loader.conf; these can all be set as
loader tunables, and setting them in loader.conf gives us the right
behaviour in the event of a kernel panic taking place prior to when
sysctl.conf is processed.
MFC after: 1 week
This keeps the existing El Torito entries for BIOS and UEFI boot code and
adds a GPT in the ISO image's System Area containing boot code for BIOS that
will load /boot/loader from the ISO filesystem and execute it. We then use
etdump to find the EFI System Partition image in the El Torito catalog and
add an entry to the GPT that allows EFI to find it.
Reviewed by: gjb, imp
Sponsored by: iXsystems, Inc.
Differential Revision: https://reviews.freebsd.org/D15051
Some BIOSes have trouble booting from GPT in non-UEFI mode. This is
commonly reported with Lenovo laptops, including my x220. As we do not
currently support booting FreeBSD/i386 via UEFI there's no reason to
prefer GPT.
The "vestigial swap partition" was added in r265017 to work around an
issue with loader's GPT support, so we should not need it when using
MBR.
We may want to make the same change to amd64, although the issue there is
mitigated by such systems booting via UEFI in the common case.
PR: 227422
Reviewed by: gjb
MFC after: 3 weeks
Relnotes: Yes
Sponsored by: The FreeBSD Foundation
This makes it easier to identify the individual partition types and
facilitates comparisons across architectures.
Reviewed by: gjb
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
have moved from the u-boot-rpi3 share directory to the default
rpi-firmware share directory. Remove the files from UBOOT_FILES
and append the DTB file to a DTB_FILES list so the correct path
is used, fixing a build failure.
Sponsored by: The FreeBSD Foundation
This allows for GCE consumers to easily detect the latest major
version of FreeBSD when using the gcloud command line utility.
To ensure snapshot builds do not conflict with release-style
builds (ALPHA, BETA, RC, RELEASE), the '-snap' suffix is appended
to the GCE image family name.
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Latest u-boot update need u-boot script to load and start ubldr.
(See D14230 for more details)
Copy this file for our arm release on the fat partition.
Approved by: gjb
UEFI booting requires an EFI System Partition (ESP). On most storage devices
this will be in a specific partition type. To allow booting from CD/ISO
filesystems, UEFI will look for an ESP in the form of a FAT filesystem image
embedded in the image. Historically FreeBSD has added one of these to its
amd64 ISO images but marked it as simply another i386 boot image. Luckily for
us most UEFI implementations are rather forgiving and work this out for us.
This change adds the ability to mark a boot image as being a UEFI image. It
also modifies our ISO generation to use this marking for the UEFI image we
embed.
Reported by: Thomas Schmitt <scdbackup@gmx.net>
Reviewed by: emaste, imp
MFC after: 1 week
Sponsored by: iXsystems, Inc.
Differential Revision: https://reviews.freebsd.org/D14809
kernel.ucl uses a hardcoded boot/kernel for kldxref, which is the incorrect
directory when we're installing extra kernels that aren't the "default"
kernel (placed at boot/kernel).
Fix this by instead using a new %KERNELDIR% that we now replace in
Makefile.inc1 with "kernel" for the default kernel and "kernel.${_kernel}"
for these extra kernels so that, e.g. /boot/kernel.SHIVA, will get properly
kldxref'd upon update and avoid outdated linker.hints.
Reviewed by: gjb
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D14689
providing more space for a local buildworld to succeed without
attaching separate disks for /usr/src and /usr/obj.
Reported by: mckusick
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
The Pine64 root filesystem was incorrectly created directly on the MBR
partition. This can cause the loader to get confused when loading the
kernel from this filesystem.
The loader will see this as a small partition meaning later checks to
ensure it doesn't read past the end of the disk incorrectly report a
failure. This seems to work mostly by accident with the released images as
they are smaller than the reported size, however after growfs has run the
image may no longer boot.
Reviewed by: gjb, emaste, imp
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D14343
within the CHROOTDIR. If it does not exist, unset CHROOTBUILD_SKIP
to prevent build failures.
Requested by: swills
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Since Amazon provides NTP servers within their network, this should
be far superior to using the default NTP pools; and since the service
is provided by Amazon there's very little risk in enabling it by
default. (If someone is able to compromise Amazon's NTP servers and
exploit them to attack EC2 instances, they would almost certainly be
able to compromise EC2 instances even without ntpd running...)
MFC after: 1 week
Relnotes: EC2 instances now keep their clocks synchronized using
the Amazon Time Sync Service (aka. NTP).
EC2 instances are normally launched with an SSH public key specified,
which is then used for logging in (by default, as 'ec2-user'). Having
ChallengeResponseAuthentication enabled (as FreeBSD's default sshd_config
does) has no functional effect in a new EC2 instance, since you can't log
in using a password until a password has been set -- but having this
enabled results in alerts from automated scanning tools which can detect
that sshd advertises support for keyboard-interactive logins (since they
can't detect that accounts have no password set).
EC2 users who want to use passwords to log in to their instances will need
to set 'ChallengeResponseAuthentication yes' in FreeBSD 12.0 and later.
Discussed with: gjb, gtetlow, emaste, des
Requested by: Amazon
X-MFC: No
Relnotes: ChallengeResponseAuthentication is turned off by default in
Amazon EC2 AMIs.
EMBEDDEDPORTS. [1]
Remove and update stale documentation from release(7) while here.
PR: 206344 [1]
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
chroot(8) to avoid mtime changes within the ports checkout,
which can cause checksum differences.
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
copied from the build host. It is renamed to /etc/resolv.conf.bak
on boot, so never used anyway.
Noticed by: peter
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.
Special thanks to Wind River for providing access to "The Duke of
Highlander" tool: an older (2014) run over FreeBSD tree was useful as a
starting point.
Initially, only tag files that use BSD 4-Clause "Original" license.
RelNotes: yes
Differential Revision: https://reviews.freebsd.org/D13133
not already exist within ${CHROOTDIR}. This allows re-using a build
chroot with CHROOTBUILD_SKIP set to a non-empty value and CHROOTDIR
set to '/' in release.conf.
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
The u-boot port for RPI-2 was updated to use u-boot-master, this cause
an update in u-boot version to v2017.09 and changing the filename.
The various firmware files for the RPI* are now in a common ports
sysutils/rpi-firmware as they are shared on all the RPI version.
Update the release files to copy the right files from the right location.
Reviewed by: gjb
MFC after: 3 days
THe u-boot port for RPI-B was updated to use u-boot-master, this cause
an update in u-boot version to v2017.09 and changing the filename.
The various firmware files for the RPI* are now in a common ports
sysutils/rpi-firmware as they are shared on all the RPI version.
Update the release files to copy the right files from the right location.
Reviewed by: gjb
MFC after: 3 days
Update the TARGET/TARGET_ARCH matching in release/release.sh and
release/Makefile.mirrors for simplification.
Discussed with: mmel
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
ubldr is the non-pie version of ubldr.bin, do not install two
copies of the same binary. This will allow us to remove ubldr
in the future.
All the u-boot ports know how to load ubldr.bin
Reviewed by: gjb (earlier version)
make(1) invocations following the OBJDIR restructuring to
ensure the output arm SoC image is in the correct directory.
Sponsored by: The FreeBSD Foundation
This changes the build OBJDIR from the older style of /usr/obj/<srcdir> for
native builds, and /usr/obj/<target>.<target_arch>/<srcdir> for cross builds to
a new simpler format of /usr/obj/<srcdir>/<target>.<target_arch>. This
new format is used regardless of cross or native build. It allows
easier management of multiple source tree object directories.
The UNIFIED_OBJDIR option will be removed and its feature made permanent
for the 12.0 release.
Relnotes: yes (don't note UNIFIED_OBJDIR option since it will be removed)
Prior work: D3711 D874
Reviewed by: gjb, sjg
Discussed at: https://lists.freebsd.org/pipermail/freebsd-arch/2016-May/017805.html
Discussed with: emaste
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D12840
immediately available on instances which are running without internet
access (or which can't rely on firstboot_pkgs to install it for some
other reason).
Note that this agent is not enabled by default; to enable it, add
amazon_ssm_agent_enable="YES" to /etc/rc.conf, e.g., by placing the lines
>>/etc/rc.conf
amazon_ssm_agent_enable="YES"
into the EC2 user-data. In addition to being enabled, the agent requires
keys to be provided via IAM Roles; users are encouraged to be very careful
in using this functionality due to the inherent vulnerability in the idea
of providing credentials via a service accessible to any process which can
open an HTTP connection.
Requested by: Amazon
No objection from: re@
Relnotes: FreeBSD/EC2 AMIs now include the Amazon EC2 Systems Manager
(SSM) Agent.
A recent bug in security/sudo causes segmentation faults when
the system is not configured with a hostname, which causes issues
with some virtual machine setups, notably Vagrant. Set the default
hostname to the output of 'uname -o'.
Submitted by: Nicholas Fiorentini
Sponsored by: The FreeBSD Foundation
The original change was dealing with the build wanting to run a newer
install(1) that was not yet installed. The solution to look into the private
legacy directory of the existing build conflicts with 2 upcoming features: a
changed OBJDIR format, and splitting the host tools into arch-dependent and
arch-independent directories. Rather than hardcoding and changing the paths in
this script, just let kernel-toolchain do the work, while disabling much of the
meat. With -j15 this finishes in 25 seconds for me and 117 seconds with -j1.
All that is really needed is bootstrap-tools, but the system is not currently
written in a way that all previous dependent steps will have ran. The previous
steps, such as _worldtmp, are being reworked and renamed and so cannot be
relied upon to be right.
Sponsored by: Dell EMC Isilon
Make armv7 as a new MACHINE_ARCH.
Copy all the places we do armv6 and add armv7 as basically an
alias. clang appears to generate code for armv7 by default. armv7 hard
float isn't supported by the the in-tree gcc, so it hasn't been
updated to have a new default.
Support armv7 as a new valid MACHINE_ARCH (and by extension
TARGET_ARCH).
Add armv7 to the universe build.
Differential Revision: https://reviews.freebsd.org/D12010
build on arm/armv6 images.
Pointyhat: gjb (myself)
MFC after: immediate
MFC note: releng/10.4 has broken because of this
Sponsored by: The FreeBSD Foundation
virtual machine images and embedded images, similar to what is
done when extracting base.txz to the target root filesystem in
an new installation.
Noticed by: marius
Tested with: head@r323729
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
There's not much practical difference as far as install media is
concerned but newfs creates UFSv2 by default and it is sensible to use
the contemporary UFS version.
I also intend to change makefs to create UFSv2 by default (to match
newfs) so we'll want make-memstick.sh to be explicit, rather than
relying on the host tool's default.
Reviewed by: andrew, gjb, jhibbits
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D12231
This Makefile relies on Makefile.fat providing the correct value for
BOOT1_MAXSIZE and BOOT1_OFFSET. Since BOOT1_OFFSET had no default value
here the build would already fail if Makefile.fat did not provide
correct values.
Sponsored by: The FreeBSD Foundation
Also remove the now-redundant error handling that was only for makefs.
This change applies arm64's r308171 to the other make-memstick.sh
versions.
Reviewed by: gjb
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D12195
Engine (GCE) images with an updated version of Google's tools.
PR: 221714
Submitted by: helen _dot_ koike _@_ collabora_dot_com (original)
MFC after: 5 days
Sponsored by: The FreeBSD Foundation
Disconnect the dependency on the kernel package from the runtime
package. There are a number of problems here:
1) The runtime package installed into a chroot or a jail would
include the kernel package, changing the behavior of how jails
work now [1];
2) As result of (1), it is possible a binary may incorrectly
resolve kernel symbols [2]; in addition, it is possible there
will be unexpected fallout with 32-bit jails on a 64-bit host
kernel [2].
Noticed by: brd [1]
Discussed with: kib [2]
MFC after: 3 days
MFC note: record-only to wipe from the merge tracker
Sponsored by: The FreeBSD Foundation
svnversion metadata to the runtime and kernel packages.
Instead of traversing src/sys, as is done by newvers.sh for uname(1),
a full tree walk is done to prevent userland and/or modifications
from not being reflected in a modified tree (M).
MFC after: 5 days
Sponsored by: The FreeBSD Foundation
Use PPID and PID to kill off the pre-install and parent pkg(8)
processes unless 'Y' or 'y' are entered at the prompt if the user
wants to proceed with upgrading the kernel and userland at the same
time.
This restores some of the logic and intent of r322327, with the
caveat of printing "child process terminated unexpectedly."
MFC after: 5 days
MFC with: r322327, r322352
Sponsored by: The FreeBSD Foundation
It appears I misunderstand process forking and signal handling in
how the pre-/post-install scripts are executed internally by pkg(8).
In some cases (not all), ^C when prompted to cancel the kernel
package update will stop the pre-install script from executing, but
allow pkg(8) to continue extracting the package when it is not the
intent.
In order to keep somewhat of an anti-footshooting measure in place,
print the recommendation to install the kernel package first if
ASSUME_ALWAYS_YES is false and TERM is set, then sleep for 5 seconds
to allow the user to see the message.
MFC after: 5 days
MFC with: r322327
X-MFC-Note: Maybe not until I am happy with this..
Sponsored by: The FreeBSD Foundation
The idea here is that, provided upstream pkg(8) maintainers accept
the proposed change, the kernel.ucl will contain a post-install
script causing pkg(8) to emit a message informing to reboot the
system after the kernel is upgraded using 'pkg upgrade', so the
new userland is installed on the running new kernel. At present,
this functionality does not exist in pkg(8), but will help ensure
the upgrade path follows that from UPDATING. To work around this
for now, evaluate ASSUME_ALWAYS_YES, and prompt the user if they
wish to proceed if not set to true.
Since there is a kernel dependency, and a non-GENERIC kernel may
be in use, update Makefile.inc1 to replace '%KERNCONF%' in the
runtime.ucl with the first-built kernel set either via command line
or in make.conf(5).
MFC after: 5 days
Sponsored by: The FreeBSD Foundation
- Update ATLAS_UPLOAD_URL to avoid various regular expressions
from failing to match due to redirections.
- Use ATLAS_UPLOAD_URL throughout the script.
- Adjust several regular expression patterns.
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
- Rename chroot_arm_armv6_build_release() to chroot_arm_build_release()
and make it hardware agnostic (such as armv6 -vs- armv7 -vs- arm64).
- Evaluate EMBEDDED_TARGET differently so release/tools/arm.subr can
be used for arm/armv6 and arm64/aarch64.
- Update comments and copyright.
In release/tools/arm.subr:
- In arm_create_disk(), change the default alignment from 63 to 512k,
fixing a boot issue on arm64 and EFI. [1]
- Update comments and copyright.
Add a RPI3 configuration file, pieces obtained from Crochet.
Obtained from: Crochet [1]
MFC after: 5 days
X-MFC-Note: maybe
Sponsored by: The FreeBSD Foundation
All manpages in base are now compatible with mandoc(1), all roff documentation
will be relocated in the doc tree. man(1) can now use groff from the ports tree
if it needs.
Also remove checknr(1) and colcrt(1) which are only useful with groff.
Approved by: (no objections on the mailing lists)
otherwise with 'CLOUDWARE=vagrant-virtualbox', the path to the
configuration file may be incorrect.
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
made recently by Atlas Hashicorp. The data returned from GET and
POST requests has changed, which caused a number of regex patterns
to fail to be properly identified as 'success' or 'failure', which
ended up in upload/publish failures.
Tested with: 12-CURRENT
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
to 1.5G.
- Use the 'conv=sync' dd(1) option to fix writing the u-boot.imx
file to the md(4) device for IMX6-based boards.
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
install to prepare an AMI image. This can be used to create a ZFS AMI disk
image using a virtual machine.
Change ec2.conf to use the pkg tool from a chroot rather than trying to
bootstrap it and fail from the livecd readonly filesystem.
Reviewed by: gjb
Renumber cluase 4 to 3, per what everybody else did when BSD granted
them permission to remove clause 3. My insistance on keeping the same
numbering for legal reasons is too pedantic, so give up on that point.
Submitted by: Jan Schaumann <jschauma@stevens.edu>
Pull Request: https://github.com/freebsd/freebsd/pull/96
- Speeds up the boot process by disabling sendmail.
- Allows an user to ssh as root with a public key.
- Make ssh(1) respond faster by disabling DNS lookups.
- Enable DHCP on the vtnet(4) interface.
Note: The CLOUDWARE list has not yet been changed to include the
OpenStack target by default yet.
Submitted by: Diego Casati
PR: 215258
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
to create a repo during 'make packages'
This would have been useful for a situation I found myself in where
pkg(8) had been upgraded to a version that wanted the FBSD_1.5 ABI
version but libc.so.7 had not been upgraded, and only provided
FBSD_1.4. I found I needed to update libc in order to run pkg, and I
also needed to use pkg to update libc... Which is why pkg-static
exists, but there's currently no way to tell the build system to use
pkg-static instead of pkg.
This creates a variable PKG_CMD, default value 'pkg', that can be
overridden from the command line.
Reviewed by: gjb
Approved by: gjb
Differential Revision: https://reviews.freebsd.org/D8120
During the upgrade of clang/llvm etc to 3.9.0 in r309124, the PACKAGE
directive in the usr.bin/clang/*.mk files got dropped accidentally.
Restore it, with a few minor changes and additions:
* Correct license in clang.ucl to NCSA
* Add PACKAGE=clang for clang and most of the "ll" tools
* Put lldb in its own package
* Put lld in its own package
Reviewed by: gjb, jmallett
X-MFC-With: 309124
Differential Revision: https://reviews.freebsd.org/D8666
The default pkg(8) from pkg.freebsd.org requires libjail.so,
so mark the jail package as vital along with the runtime
package to avoid errors when libjail.so is removed. This is
a no-op for systems with WITHOUT_JAIL in src.conf(5) and pkg(8)
built from the Ports Collection.
In order to make this work without marking packages such as
the jail-lib32, for example, the jail.ucl file needed to be
split out into separate files similarly to the runtime-*.ucl
files.
Glanced at by: brd
MFC after: 5 days
Sponsored by: The FreeBSD Foundation
