Add generation of an installation manifest containing SHA256 checksums as
well as package descriptions and add code in the installer to check the checksums.
This commit is contained in:
nwhitehorn
parent
93e771cdbb
commit
da52594639
@ -112,7 +112,8 @@ system: packagesystem
|
||||
-rm ${.OBJDIR}/release/boot/kernel/*.symbols
|
||||
# Copy distfiles
|
||||
mkdir ${.OBJDIR}/release/usr/freebsd-dist
|
||||
cp ${.OBJDIR}/*.txz ${.OBJDIR}/release/usr/freebsd-dist
|
||||
cp ${.OBJDIR}/*.txz ${.OBJDIR}/MANIFEST \
|
||||
${.OBJDIR}/release/usr/freebsd-dist
|
||||
# Copy documentation, if generated
|
||||
.if !defined(NODOC)
|
||||
cp ${.OBJDIR}/reldoc/* ${.OBJDIR}/release
|
||||
@ -134,13 +135,14 @@ memstick: system
|
||||
sh ${.CURDIR}/${TARGET}/make-memstick.sh ${.OBJDIR}/release ${.OBJDIR}/memstick
|
||||
|
||||
packagesystem: base.txz kernel.txz ${EXTRA_PACKAGES}
|
||||
sh ${.CURDIR}/${TARGET}/make-manifest.sh ${DISTDIR}/*.txz > ${.OBJDIR}/MANIFEST
|
||||
touch ${.OBJDIR}/${.TARGET}
|
||||
|
||||
cdrom: release.iso
|
||||
ftp: packagesystem
|
||||
rm -rf ${.OBJDIR}/ftp
|
||||
mkdir ${.OBJDIR}/ftp
|
||||
cp ${.OBJDIR}/*.txz ${.OBJDIR}/ftp
|
||||
cp ${.OBJDIR}/*.txz ${.OBJDIR}/MANIFEST ${.OBJDIR}/ftp
|
||||
|
||||
release: ${RELEASE_TARGETS}
|
||||
|
||||
@ -148,7 +150,7 @@ clean:
|
||||
chflags -R noschg ${.OBJDIR}
|
||||
rm -rf ${.OBJDIR}/dist ${.OBJDIR}/ftp
|
||||
rm -f packagesystem
|
||||
rm -f ${.OBJDIR}/*.txz
|
||||
rm -f ${.OBJDIR}/*.txz ${.OBJDIR}/MANIFEST
|
||||
rm -f system
|
||||
rm -rf ${.OBJDIR}/release
|
||||
rm -f ${.OBJDIR}/release.iso ${.OBJDIR}/memstick
|
||||
|
||||
25
release/scripts/make-manifest.sh
Executable file
25
release/scripts/make-manifest.sh
Executable file
@ -0,0 +1,25 @@
|
||||
#!/bin/sh
|
||||
|
||||
# make-manifest.sh: create checksums and package descriptions for the installer
|
||||
#
|
||||
# Usage: make-manifest.sh foo1.txz foo2.txz ...
|
||||
#
|
||||
# The output file looks like this (tab-delimited):
|
||||
# foo1.txz SHA256-checksu Number-of-files foo1 Description Install-by-default
|
||||
#
|
||||
# $FreeBSD$
|
||||
|
||||
desc_base="Base system (MANDATORY)"
|
||||
desc_kernel="Kernel (MANDATORY)"
|
||||
desc_doc="Additional documentation"
|
||||
doc_default=off
|
||||
desc_games="Games (fortune, etc.)"
|
||||
desc_lib32="32-bit compatibility libraries"
|
||||
desc_ports="Ports tree"
|
||||
desc_src="System source code"
|
||||
src_default=off
|
||||
|
||||
for i in $*; do
|
||||
echo "`basename $i` `sha256 -q $i` `tar tvf $i | wc -l | tr -d ' '` `basename $i .txz` \"`eval echo \\\$desc_$(basename $i .txz)`\" `eval echo \\\${$(basename $i .txz)_default:-on}`"
|
||||
done
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
# $FreeBSD$
|
||||
|
||||
SCRIPTS= auto adduser config hostname jail keymap mount netconfig rootpass \
|
||||
services time umount wlanconfig
|
||||
SCRIPTS= auto adduser checksum config hostname jail keymap mount netconfig \
|
||||
rootpass services time umount wlanconfig
|
||||
BINDIR= /usr/libexec/bsdinstall
|
||||
|
||||
NO_MAN= true
|
||||
|
||||
@ -50,26 +50,21 @@ bsdinstall keymap
|
||||
trap error SIGINT # Catch cntrl-C here
|
||||
bsdinstall hostname || error
|
||||
|
||||
LIB32=""
|
||||
[ `uname -p` = amd64 -o `uname -p` = powerpc64 ] && \
|
||||
LIB32="lib32 \"32-bit compatibility\" on"
|
||||
|
||||
DISTMENU="doc \"Additional documentation\" on \
|
||||
games \"Games (fortune, etc.)\" on \
|
||||
$LIB32 \
|
||||
ports \"Ports tree\" on \
|
||||
src \"System source code\" off"
|
||||
|
||||
exec 3>&1
|
||||
EXTRA_DISTS=$(echo $DISTMENU | xargs dialog --backtitle "FreeBSD Installer" \
|
||||
--title "Distribution Select" --nocancel --separate-output \
|
||||
--checklist "Choose optional system components to install:" \
|
||||
0 0 0 \
|
||||
2>&1 1>&3)
|
||||
export DISTRIBUTIONS="base.txz kernel.txz"
|
||||
for dist in $EXTRA_DISTS; do
|
||||
export DISTRIBUTIONS="$DISTRIBUTIONS $dist.txz"
|
||||
done
|
||||
if [ -f $BSDINSTALL_DISTDIR/MANIFEST ]; then
|
||||
DISTMENU=`cut -f 4,5,6 $BSDINSTALL_DISTDIR/MANIFEST | grep -v -e ^kernel -e ^base`
|
||||
|
||||
exec 3>&1
|
||||
EXTRA_DISTS=$(echo $DISTMENU | xargs dialog \
|
||||
--backtitle "FreeBSD Installer" \
|
||||
--title "Distribution Select" --nocancel --separate-output \
|
||||
--checklist "Choose optional system components to install:" \
|
||||
0 0 0 \
|
||||
2>&1 1>&3)
|
||||
for dist in $EXTRA_DISTS; do
|
||||
export DISTRIBUTIONS="$DISTRIBUTIONS $dist.txz"
|
||||
done
|
||||
fi
|
||||
|
||||
FETCH_DISTRIBUTIONS=""
|
||||
for dist in $DISTRIBUTIONS; do
|
||||
@ -131,6 +126,7 @@ if [ ! -z "$FETCH_DISTRIBUTIONS" ]; then
|
||||
export DISTRIBUTIONS="$ALL_DISTRIBUTIONS"
|
||||
fi
|
||||
|
||||
bsdinstall checksum || error
|
||||
bsdinstall distextract || error
|
||||
bsdinstall rootpass || error
|
||||
|
||||
|
||||
65
usr.sbin/bsdinstall/scripts/checksum
Executable file
65
usr.sbin/bsdinstall/scripts/checksum
Executable file
@ -0,0 +1,65 @@
|
||||
#!/bin/sh
|
||||
#-
|
||||
# Copyright (c) 2011 Nathan Whitehorn
|
||||
# All rights reserved.
|
||||
#
|
||||
# Redistribution and use in source and binary forms, with or without
|
||||
# modification, are permitted provided that the following conditions
|
||||
# are met:
|
||||
# 1. Redistributions of source code must retain the above copyright
|
||||
# notice, this list of conditions and the following disclaimer.
|
||||
# 2. Redistributions in binary form must reproduce the above copyright
|
||||
# notice, this list of conditions and the following disclaimer in the
|
||||
# documentation and/or other materials provided with the distribution.
|
||||
#
|
||||
# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
|
||||
# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
# SUCH DAMAGE.
|
||||
#
|
||||
# $FreeBSD$
|
||||
|
||||
test -f $BSDINSTALL_DISTDIR/MANIFEST || exit 0
|
||||
|
||||
percentage=0
|
||||
for dist in $DISTRIBUTIONS; do
|
||||
distname=$(basename $dist .txz)
|
||||
eval "status_$distname=7"
|
||||
|
||||
items=""
|
||||
for i in $DISTRIBUTIONS; do
|
||||
items="$items $i `eval echo \\\${status_$(basename $i .txz):-Pending}`"
|
||||
done
|
||||
dialog --backtitle "FreeBSD Installer" --title "Checksum Verification" \
|
||||
--mixedgauge "Verifying checksums of selected distributions." \
|
||||
0 0 $percentage $items
|
||||
|
||||
CK=`sha256 -q $BSDINSTALL_DISTDIR/$dist`
|
||||
awk -v checksum=$CK -v dist=$dist '{
|
||||
if (dist == $1) {
|
||||
if (checksum == $2)
|
||||
exit(0)
|
||||
else
|
||||
exit(1)
|
||||
}
|
||||
}' $BSDINSTALL_DISTDIR/MANIFEST
|
||||
|
||||
if [ $? -eq 0 ]; then
|
||||
eval "status_$distname=2"
|
||||
percentage=$(echo $percentage + 100/`echo $DISTRIBUTIONS | wc -w` | bc)
|
||||
else
|
||||
eval "status_$distname=1"
|
||||
dialog --backtitle "FreeBSD Installer" --title "Error" \
|
||||
--msgbox "The checksum for $dist does not match. It may have become corrupted, and should be redownloaded." 0 0
|
||||
exit 1
|
||||
fi
|
||||
done
|
||||
|
||||
exit 0
|
||||
Loading…
x
Reference in New Issue
Block a user