A new loader.conf(5) option of geom_eli_passphrase_prompt="YES" will now
allow you to enter your geli(8) root-mount credentials prior to invoking
the kernel.
See check-password.4th(8) for details.
Differential Revision: https://reviews.freebsd.org/D2105
Reviewed by: imp, kmoore
Discussed on: -current
MFC after: 3 days
X-MFC-to: stable/10
Relnotes: yes
Summary:
Add "GELI Passphrase:" prompt to boot loader.
A new loader.conf(5) option of geom_eli_passphrase_prompt="YES" will now
allow you to enter your geli(8) root-mount credentials prior to invoking
the kernel.
See check-password.4th(8) for details.
Differential Revision: https://reviews.freebsd.org/D2105
Reviewed by: (your name[s] here)
MFC after: 3 days
X-MFC-to: stable/10
Relnotes: yes
Test Plan:
Drop a head copy of check-password.4th into /boot and then apply the patch
(only the patch to /boot/check-password.4th is required; no other changes are
required but you do have to have a HEAD copy of check-password.4th to
apply the patch).
NB: The rest of your /boot files can be up to 2 years old but no older.
NB: The test won't work unless your kernel has the following change
https://svnweb.freebsd.org/base?view=revision&revision=273489
Now, put into /boot/loader.conf:
geom_eli_passphrase_prompt="YES"
and reboot.
You should be prompted for a GELI passphrase before the menu (if enabled),
just after loading loader.conf(5).
NB: It doesn't matter if you're using GELI or not. However if you are using
GELI and a sufficiently new enough release (has SVN r273489) and you entered
the proper passphrase to mount your GELI encrypted root device(s), you should
notice that the boot process did not stop (you went from loader all the way to login).
Reviewers: cperciva, allanjude, scottl, kmoore
Subscribers: jkh, imp
Differential Revision: https://reviews.freebsd.org/D2105
bsdconfig's f_package_add doesn't seem to support using the pkg repo from /etc/pkg/FreeBSD.conf, it also tries to run the commands on the installer image, not in the destination chroot
Instead, manually bootstrap pkg in the chroot, and then install the requested packages (in the chroot)
Doesn't use pkg -c, because pkg is not installed on the installer image
PR: 196250
Differential Revision: https://reviews.freebsd.org/D2026
Approved by: bapt
Sponsored by: ScaleEngine Inc.
assume that GPT means UEFI boot, resulting in the installation of
uninstallable systems. This needs a little more work before MFC, in
particular based on disk size (> 2 TB + BIOS + MBR is not workable). That
will come soon.
Previously we used gnop(8) to fake 4K sector size disks but ZFS now has a
sysctl to control this when creating new top level vdev's so use that
instead.
Differential Revision: D566
MFC after: 1 month
Sponsored by: Multiplay
new dpv(3) wrapper to dialog(3) dialog_gauge(). The dpv(3) library provides
a more flexible and refined interface similar to dialog_mixedgauge() however
is implemented atop the more generalized dialog_gauge() for portability.
Noticeable improvements in bsdinstall's distextract will be a status line
showing data rate information (with support for localeconv(3) to format
numbers according to $LANG or $LC_ALL conversion information), i18n support,
improved auto-sizing of gauge widget, a ``wheel barrow'' to keep the user
informed that things are moving (even if status/progress has not changed),
improved color support (mini-progress bars use the same color, if enabled,
as the main gauge bar), and several other improvements (some not visible).
dpv stands for "dialog progress view" (dpv was introduced in SVN r274116).
Differential Revision: https://reviews.freebsd.org/D714
Discussed on: -current
Reviewed by: julian
MFC after: 3 days
X-MFC-to: stable/10
Relnotes: Improved installer feedback from bsdinstall distextract
less obsolete information. Also move the entropy command down the list --
the list is ordered by likelihood of use rather than alphabetically.
MFC after: 1 week
while here:
+ Fix an issue when extracting small archives where dialog_mixedgauge was
not rendering; leaving the user wondering if anything happened.
+ Add #ifdef's to assuage compilation against older libarchive
NB: Minimize diff between branches; make merging easier.
+ Add missing calls to end_dialog(3)
+ Change string processing from strtok(3) to strcspn(3) (O(1) optimization)
+ Use EXIT_SUCCESS and EXIT_FAILURE instead of 0/1
+ Optimize getenv(3) use, using stored results instead of calling repeatedly
NB: Fixes copy/paste error wherein we display getenv(BSDINSTALL_DISTDIR) in
an error msgbox when chdir(2) to getenv(BSDINSTALL_CHROOT) fails
(wrong variable displayed in msgbox).
+ Use strtol(3) instead of [deprecated] atoi(3)
+ Add additional error checking (e.g., check return of archive_read_new(3))
+ Assign DECONST strings to static variables
+ Fix typo in distextract.c error message (s/Could could/Could not/)
+ Add comments and make a minor whitespace adjustment
Reviewed by: nwhitehorn, julian
Use adequately sized buffer for error(s) (512 -> PATH_MAX + 512).
Fix the following style(9) nits while here:
- distfetch.c uses PATH_MAX while distextract.c uses MAXPATHLEN;
standardize on one (PATH_MAX)
- Move $FreeBSD$ from comment to __FBSDID()
- Sort included headers (alphabetically, sys/* at top)
- Add missing header includes (e.g., <stdlib.h> for getenv(3),
calloc(3)/malloc(3)/free(3), and atoi(3); <string.h> for strdup(3),
strrchr(3), strsep(3), and strcmp(3); <ctype.h> for isspace(3); and
<unistd.h> for chdir(2), etc.)
- Remove rogue newline at end of distfetch.c
- Don't declare variables in if-, while-, or other statement
NB: To prevent masking of prior declarations atop function
- Perform stack alignment for variable declarations
- Add missing function prototype for count_files() in distextract.c
- Break out single-line multivariable-declarations
NB: Aligning similarly-named variables with one-char difference(s)
NB: Minimizes diffs and makes future diffs more clear
- Use err(3) family of functions (requires s/int err;/int retval;/g)
Reviewed by: nwhitehorn, julian
ZFS property canmount=off so that /var/db/pkg and other such directories
are part of the / dataset, and only /var/mail, /var/log, and /var/crash
are excluded from the ZFS boot environment (beadm).
PR: 193971
Approved by: jmg
MFC after: ASAP
Relnotes: yes
Sponsored by: ScaleEngine Inc.
reality. In particular, draw a connection between the auto ZFS script and
the auto UFS one, since they fulfill similar functions. I'm not sure the
auto ZFS code is actually experimental anymore, so it might be worth
changing that label still.
partitions of types other than "freebsd-boot" (in particular, "efi").
This allows the removal of some nasty hacks for supporting PowerPC systems,
in particular aliasing freebsd-boot to apple-boot on APM and an IBM-specific
code on MBR.
This changes the installer to use the correct names, which also breaks a
degeneracy in the meaning of "freebsd-boot" that allows the addition
of support for some newer IBM systems that can boot from GPT in addition to
MBR. Since I have no idea how to detect which those systems are, leave
the default on IBM PPC systems as MBR for now.
an embedded newline appearing within the options string surrounded by
double-quotes. Rework the logic that goes into setting dataset options on
the root pool dataset while we're here -- added two new variables (which
can be altered via scripting) ZFSBOOT_POOL_CREATE_OPTIONS and also
ZFSBOOT_BOOT_POOL_CREATE_OPTIONS for setting pool/dataset attributes at
the time of pool creation. The former is for setting options on the root
pool (zroot) and the latter is for setting options on the optional separate
boot pool (bootpool) implicitly enabled when using either GELI or MBR. The
default value for the root pool variable (ZFSBOOT_POOL_CREATE_OPTIONS) is
"-O compress=lz4 -O atime=off" and the default value for separate boot pool
variable (ZFSBOOT_BOOT_POOL_CREATE_OPTIONS) is NULL (no additional options
for the separate boot pool dataset).
Reviewed by: allanjude
MFC after: 7 days
X-MFC-with: r266107-266109
It starts off being used to track the grammar for the number of disks
(singular vs plural) and then it is reused as the list of available disks.
Replace the variable with disks_grammar and move 'disk' and 'disks' to
msg_ vars so they can be translated in the future.
Submitted by: Allan Jude <freebsd@allanjude.com>
Reviewed by: roberto
MFC after: 2 weeks
Sponsored by: ScaleEngine Inc.
Set compress=lz4 for the entire pool, removing it from the individual
datasets
Remove exec=no from /usr/src, breaks the test suite.
Submitted by: Allan Jude <freebsd@allanjude.com>
Reviewed by: roberto
MFC after: 2 weeks
Sponsored by: ScaleEngine Inc.
encryption for swap, and optional gmirror for swap (which can be combined)
Submitted by: Allan Jude <freebsd@allanjude.com>
Requested By: roberto
Sponsored By: ScaleEngine Inc.
MFC after: 2 weeks
a sysctl to determine what firmware is in use. This sysctl does not exist
yet, so the following blocks are in front of the wheels:
- I've provisionally called this "hw.platform" after the equivalent thing
on PPC
- The logic to check the sysctl is short-circuited to always choose BIOS.
There's a comment in the top of the file about how to turn this off.
If IA64 acquired a boot1.efifat-like thing (probably with very few
modifications), the same code could be adapted there.
GEOM support (thereby adding GEOM support to the disk selection
menu of bsdinstall(8)'s `zfsboot' module updated herein).
MFC after: 1 week
X-MFC-with: 264840
that the slightly older dialog(1) requires --separate-output when using the
--checklist widget to force response to produce unquoted values (whereas in
stable/10 --checklist widget without --separate-output will only quote the
checklist labels in the response if the label is multi-word (contains any
whitespace).
Since these enhancements (see revisions 263956 and 264437) were developed
originally on 10, the --separate-output option was omitted. When merged to
stable/9, we (Allan Jude) and I found during testing that the "always-
quoting" of the response was causing things like struct interpolation to
fail (`f_struct device_$dev' would produce `f_struct device_\"da0\"' for
example -- literal quotes inherited from dialog(1) --checklist response).
To see the behavior, execute the following on stable/9 versus stable/10:
dialog --checklist disks: 0 0 0 da0 "" off da1 "" off
Check both items and hit enter. On stable/10, the response is:
da0 da1
On stable/9 the response is:
"da0" "da1"
If you use the --separate-output option, the response is the same for both:
da0
da1
So applying --separate-output on every platform until either one of two
things occurs 1) dialog(1,3) gets synchronized between stable/9, higher or
2) we drop support for stable/9.
MFC after: 3 days
Reviewed by: Allan Jude
and finish the job. ncurses is now the only Makefile in the tree that
uses it since it wasn't a simple mechanical change, and will be
addressed in a future commit.
NB: If the zfsboot variables ($ZFSBOOT_*) are set, a script is
assumed to want zfsboot module instead of scriptedpart module.
Submitted by: Loïc Brarda <loic.brarda@cern.ch>
Reviewed by: nwhitehorn@
MFC after: 3 days
commit c1acf022c533c5ae27e0cd556977eafe3f5959eb
Author: Brooks Davis <brooks@one-eyed-alien.net>
Date: Fri Jan 17 21:46:44 2014 +0000
Add an option WITHOUT_NCURSESW to suppress building and linking to
libncursesw. While wide character support it useful we'd like to
only need one ncurses library on embedded systems.
MFC after: 4 weeks
Sponsored by: DARPA, AFRL
