Implement pubkey support for the bootstrap
Note that to not interfer with finger print it expects a signature on pkg itself
which is named pkg.txz.pubkeysign
To genrate it:
echo -n "$(sha256 -q pkg.txz)" | openssl dgst -sha256 -sign /thekey \
-binary -out ./pkg.txz.pubkeysig
Note the "echo -n" which prevent signing the '\n' one would get otherwise
PR: 202622
Issue warning and refuse to proceed further if the configured
repository signature_type is unsupported by bootstrap pkg(7).
Previously, when signature_type specified an unsupported method,
the bootstrap pkg(7) would proceed like when signature_type is
"none". MITM attackers may be able to use this vulnerability and
bypass validation and install their own versions of pkg(8).
At this time, only fingerprint and none are supported by the
bootstrap pkg(7).
FreeBSD's official pkg(8) repository uses the fingerprint method
and is therefore unaffected.
Errata candidate.
Add -f support to 'pkg bootstrap' and 'pkg add' to force installation
of pkg(8) even if already installed.
This is useful if you somehow messup pkg(8) and need to reinstall from
remote with it already being registered in the pkg(8) /var/db/pkg database.
Also add some sanity checks to 'pkg add'.
Approved by: bapt
Approved by: re (glebius)
Add a 'pkg bootstrap' command which will bootstrap pkg(8) without
forwarding any command to it after installation.
Approved by: bapt
Approved by: re (gjb)
r257149,r257150,r257158,r257159,r257164,r257168,
r257193
- Support checking signature for pkg bootstrap from remote
and for 'pkg add ./pkg.txz'
- Be verbose on where pkg is being bootstrapped from.
- Add support for reading configuration files from /etc/pkg.
For now only /etc/pkg/FreeBSD.conf is supported.
- Add test package signing key fingerprint into /etc/keys/pkg/trusted.
- Disable fingerprint checking by default for now as the official
packages are not yet signed.
Approved by: bapt
Approved by: re (glebius)
Add support for using "pkg+http://" for the PACKAGESITE.
pkg 1.2 is adding this support as well. This should help
lessen the confusion on why the default SRV PACKAGESITE
does not load in a browser.
Approved by: bapt
Approved by: re (glebius)
Improve SRV records support for the pkg(8) bootstrap:
- order srv records by priorities
- for all entries of the same priority, order randomly respect the weight
- select the port where to fetch from respect the port provided in the SRV
record
Allow to bootstrap by doing pkg add ./a/path/to/a/pkg_package.txz
Approved by: re (glebius)
Only look for boostrap useful options:
- PACKAGESITE
- ABI
- MIRROR_TYPE
- ASSUME_ALWAYS_YES
While here makes PACKAGESITE expand the ${ABI} variable.
Allow to deactivate any SRV record look up (MIRROR_TYPE=none)
Use the same mechanism as for pkgng itself: first get configuration out of
environment variable and fallback on pkg.conf if exists.
Reviewed by: bdrewery
status. '-n' is already used extensively elsewhere in pkgng (to mean
'dry-run') and this reduces the potential confusion
Submitted by: eadler
Approved by: bapt
MFC after: 2 weeks
whether a system has been configured to use pkgng, cause /usr/sbin/pkg
recognise a -n option and exit with a failure code when the pkg port
is not installed.
Approved by: bapt
MFC after: 2 weeks
The previous behaviour was to silently download and install the pkg
package, without ever telling user about what it was doing and why.
Discussed with: bapt
Reviewed by: kib
- more style(9) fixes
- some refactoring
- better error detection
- Add the DPADD to Makefile
Submitted by: Garrett Cooper <yanegomi@gmail.com>
Approved by: des (mentor)
it respects PACKAGESITE, PACKAGEROOT, and a new environment variable ABI (if a user want to use a different API from the base one for its packages)
it has no man page on purpose to avoid hidding the pkg(8) man page from the pkgng package.
for now uses pkgbeta.FreeBSD.org as default mirror to find its package
it respects MK_PKGTOOLS
Approved by: des (mentor)
