Module Name: src
Committed By: martin
Date: Thu Apr 21 17:30:15 UTC 2022
Modified Files:
src/usr.sbin/sysinst: configmenu.c defs.h install.c msg.entropy.de
msg.entropy.en msg.entropy.es msg.entropy.fr msg.entropy.pl
msg.mi.de msg.mi.en msg.mi.es msg.mi.fr msg.mi.pl run.c upgrade.c
util.c
Log Message:
Make default installations a bit more secure:
- push a bit harder for setup of a root password
- simplify/clarify manual entropy setup
- visit the entropy setup (on machines where it is needed) on the
default path through sysinst
To generate a diff of this commit:
cvs rdiff -u -r1.14 -r1.15 src/usr.sbin/sysinst/configmenu.c \
src/usr.sbin/sysinst/run.c
cvs rdiff -u -r1.80 -r1.81 src/usr.sbin/sysinst/defs.h
cvs rdiff -u -r1.22 -r1.23 src/usr.sbin/sysinst/install.c
cvs rdiff -u -r1.4 -r1.5 src/usr.sbin/sysinst/msg.entropy.de \
src/usr.sbin/sysinst/msg.entropy.es src/usr.sbin/sysinst/msg.entropy.fr \
src/usr.sbin/sysinst/msg.entropy.pl
cvs rdiff -u -r1.3 -r1.4 src/usr.sbin/sysinst/msg.entropy.en
cvs rdiff -u -r1.35 -r1.36 src/usr.sbin/sysinst/msg.mi.de
cvs rdiff -u -r1.37 -r1.38 src/usr.sbin/sysinst/msg.mi.en \
src/usr.sbin/sysinst/msg.mi.pl
cvs rdiff -u -r1.31 -r1.32 src/usr.sbin/sysinst/msg.mi.es
cvs rdiff -u -r1.36 -r1.37 src/usr.sbin/sysinst/msg.mi.fr
cvs rdiff -u -r1.19 -r1.20 src/usr.sbin/sysinst/upgrade.c
cvs rdiff -u -r1.65 -r1.66 src/usr.sbin/sysinst/util.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/usr.sbin/sysinst/configmenu.c
diff -u src/usr.sbin/sysinst/configmenu.c:1.14 src/usr.sbin/sysinst/configmenu.c:1.15
--- src/usr.sbin/sysinst/configmenu.c:1.14 Sat Oct 9 09:06:28 2021
+++ src/usr.sbin/sysinst/configmenu.c Thu Apr 21 17:30:15 2022
@@ -1,4 +1,4 @@
-/* $NetBSD: configmenu.c,v 1.14 2021/10/09 09:06:28 martin Exp $ */
+/* $NetBSD: configmenu.c,v 1.15 2022/04/21 17:30:15 martin Exp $ */
/*-
* Copyright (c) 2012 The NetBSD Foundation, Inc.
@@ -291,6 +291,14 @@ add_new_user(struct menudesc *menu, void
return 0;
}
+void
+root_pw_setup(void)
+{
+ msg_display(MSG_force_rootpw);
+ run_program(RUN_DISPLAY | RUN_PROGRESS | RUN_CHROOT | RUN_STDSCR,
+ "passwd -l root");
+}
+
static int
change_root_password(struct menudesc *menu, void *arg)
{
Index: src/usr.sbin/sysinst/run.c
diff -u src/usr.sbin/sysinst/run.c:1.14 src/usr.sbin/sysinst/run.c:1.15
--- src/usr.sbin/sysinst/run.c:1.14 Tue Aug 3 13:34:04 2021
+++ src/usr.sbin/sysinst/run.c Thu Apr 21 17:30:15 2022
@@ -1,4 +1,4 @@
-/* $NetBSD: run.c,v 1.14 2021/08/03 13:34:04 martin Exp $ */
+/* $NetBSD: run.c,v 1.15 2022/04/21 17:30:15 martin Exp $ */
/*
* Copyright 1997 Piermont Information Systems Inc.
@@ -655,14 +655,19 @@ run_program(int flags, const char *cmd,
win.ws_col = 80;
if ((flags & RUN_DISPLAY) != 0) {
- if (flags & RUN_FULLSCREEN) {
+ if (flags & RUN_STDSCR) {
+ actionwin = stdscr;
+ wmove(stdscr, msg_row()+2, 0);
+ wrefresh(stdscr);
+ } else if (flags & RUN_FULLSCREEN) {
wclear(stdscr);
clearok(stdscr, 1);
touchwin(stdscr);
refresh();
actionwin = stdscr;
- } else
+ } else {
actionwin = show_cmd(scmd, &win);
+ }
} else
win.ws_row -= 4;
Index: src/usr.sbin/sysinst/defs.h
diff -u src/usr.sbin/sysinst/defs.h:1.80 src/usr.sbin/sysinst/defs.h:1.81
--- src/usr.sbin/sysinst/defs.h:1.80 Thu Feb 10 16:11:41 2022
+++ src/usr.sbin/sysinst/defs.h Thu Apr 21 17:30:15 2022
@@ -1,4 +1,4 @@
-/* $NetBSD: defs.h,v 1.80 2022/02/10 16:11:41 martin Exp $ */
+/* $NetBSD: defs.h,v 1.81 2022/04/21 17:30:15 martin Exp $ */
/*
* Copyright 1997 Piermont Information Systems Inc.
@@ -108,6 +108,7 @@ const char *getfslabelname(uint, uint);
#define RUN_PROGRESS 0x0080 /* Output is just progess test */
#define RUN_NO_CLEAR 0x0100 /* Leave program output after error */
#define RUN_XFER_DIR 0x0200 /* cd to xfer_dir in child */
+#define RUN_STDSCR 0x0400 /* run program in standard screen */
/* for bsddisklabel.c */
enum layout_type {
@@ -1004,6 +1005,7 @@ void save_kb_encoding(void);
/* from configmenu.c */
void do_configmenu(struct install_partition_desc*);
+void root_pw_setup(void);
/* from checkrc.c */
int check_rcvar(const char *);
Index: src/usr.sbin/sysinst/install.c
diff -u src/usr.sbin/sysinst/install.c:1.22 src/usr.sbin/sysinst/install.c:1.23
--- src/usr.sbin/sysinst/install.c:1.22 Sat Jan 29 16:01:16 2022
+++ src/usr.sbin/sysinst/install.c Thu Apr 21 17:30:15 2022
@@ -1,4 +1,4 @@
-/* $NetBSD: install.c,v 1.22 2022/01/29 16:01:16 martin Exp $ */
+/* $NetBSD: install.c,v 1.23 2022/04/21 17:30:15 martin Exp $ */
/*
* Copyright 1997 Piermont Information Systems Inc.
@@ -233,6 +233,10 @@ do_install(void)
if (md_post_extract(&install, false) != 0)
goto error;
+ root_pw_setup();
+#if CHECK_ENTROPY
+ do_add_entropy();
+#endif
do_configmenu(&install);
sanity_check();
Index: src/usr.sbin/sysinst/msg.entropy.de
diff -u src/usr.sbin/sysinst/msg.entropy.de:1.4 src/usr.sbin/sysinst/msg.entropy.de:1.5
--- src/usr.sbin/sysinst/msg.entropy.de:1.4 Mon Oct 11 17:23:28 2021
+++ src/usr.sbin/sysinst/msg.entropy.de Thu Apr 21 17:30:15 2022
@@ -1,4 +1,4 @@
-/* $NetBSD: msg.entropy.de,v 1.4 2021/10/11 17:23:28 rillig Exp $ */
+/* $NetBSD: msg.entropy.de,v 1.5 2022/04/21 17:30:15 martin Exp $ */
/*
* Copyright (c) 2020 The NetBSD Foundation, Inc.
@@ -28,27 +28,29 @@
message Configure_entropy {Entropie konfigurieren}
-message continue_without_entropy {Weiter ohne Entropie}
+message continue_without_entropy {Jetzt nicht - weiter!}
message not_enough_entropy
-{Dieses System scheint nicht �ber einen Pseudo-Zufallszahlengenerator
-zu verf�gen. F�r das Erzeugen von kryptografisch sicheren Schl�sseldateien
-(z.B. ssh host keys) ist nicht genug Entropie verf�gbar.
+{Dieses System verf�gt momentan nicht �ber genug Entropie um kryptografisch
+starke Zufallszahlen zu generieren.
-Am einfachsten generieren Sie Zufallsdaten auf einem anderen Computer
-und laden sie in dieser Installation. Alternativ k�nnen Sie auch
-manuell Zufallsdaten eingeben.
+Falls Sie diese Installation produktiv verwenden m�chten und z.B.
+ssh host keys generieren werden, empfehlen wir dringend die
+Entropie-Konfiguration zu vervollst�ndigen!
-Falls Sie einen USB-Zufallsgenerator besitzen, verbinden Sie diesen
+Sie k�nnen Zufallszahlen von einem anderen Computer verwenden oder
+manuell zuf�llige Zeichen eingeben.
+
+Falls Sie einen USB-Zufallsgenerator haben, verbinden Sie diesen
jetzt und w�hlen dann die Option "Erneut testen".}
-message entropy_add_manually {Manuelle Zufallseingabe}
+message entropy_add_manually {Zufallsdaten manuell eingeben}
message entropy_download_raw {Rohe bin�re Zufallsdaten laden}
message entropy_download_seed {NetBSD-Entropie-Datei laden}
message entropy_retry {Erneut testen}
message entropy_enter_manual1
-{Geben Sie bitte mehrere Zeilen zuf�llige Zeichen ein,
+{Geben Sie bitte zuf�llige Zeichen ein,
in denen genug Entropie enthalten sein sollte, die 256 M�nzw�rfen,
100 W�rfen mit einem sechsseitigen W�rfel oder 64 zuf�lligen hexadezimalen
Zeichen entspricht.}
@@ -60,11 +62,9 @@ folgenden Befehls (auf einem System, des
verwenden:}
message entropy_enter_manual3
-{Benutzen Sie nicht die gleiche Eingabe f�r mehrere Installationen.
-Beenden Sie die Eingabe mit einer leeren Zeile.}
-
-message entropy_manual_not_enough
-{Sie haben nicht genug Zeichen eingegeben!}
+{Sie k�nnen eine Zeile mit beliebiger L�nge eingeben. Wenn die
+Eingabe nicht mindestens 256 zuf�llige Bits enth�lt, ist
+das installierte System eventuell nicht sicher.}
message entropy_select_file
{W�hlen Sie, auf welche Art Sie die Zufallsdaten auf diesen Computer
Index: src/usr.sbin/sysinst/msg.entropy.es
diff -u src/usr.sbin/sysinst/msg.entropy.es:1.4 src/usr.sbin/sysinst/msg.entropy.es:1.5
--- src/usr.sbin/sysinst/msg.entropy.es:1.4 Fri Oct 8 22:07:11 2021
+++ src/usr.sbin/sysinst/msg.entropy.es Thu Apr 21 17:30:15 2022
@@ -1,4 +1,4 @@
-/* $NetBSD: msg.entropy.es,v 1.4 2021/10/08 22:07:11 nia Exp $ */
+/* $NetBSD: msg.entropy.es,v 1.5 2022/04/21 17:30:15 martin Exp $ */
/*
* Copyright (c) 2020 The NetBSD Foundation, Inc.
@@ -28,26 +28,30 @@
message Configure_entropy {Set up entropy}
-message continue_without_entropy {Continue without entropy}
+message continue_without_entropy {Not now, continue!}
message not_enough_entropy
{This system seems to lack a cryptographically strong pseudo random
number generator. There is not enough entropy available to create secure
keys (e.g. ssh host keys).
-
+
+If you plan to use this installation for production work and will
+for example have ssh host keys generated, we strongly advise to complete
+the entropy setup now!
+
You may use random data generated on another computer and load it
here, or you could enter random characters manually.
-If you own a USB random number device, connect it now and select
+If you have a USB random number device, connect it now and select
the "Re-test" option.}
-message entropy_add_manually {Manual input of random data}
+message entropy_add_manually {Manually input random characters}
message entropy_download_raw {Load raw binary random data}
message entropy_download_seed {Import a NetBSD entropy file}
message entropy_retry {Re-test}
message entropy_enter_manual1
-{Enter random characters.}
+{Enter one line of random characters.}
message entropy_enter_manual2
{They should contain at last 256 bits of randomness, as in 256 coin
@@ -57,11 +61,9 @@ installer) the output from running the f
machine whose randomness you trust:}
message entropy_enter_manual3
-{Do not use the same data for multiple installations.
-Terminate the input with an empty line.}
-
-message entropy_manual_not_enough
-{You did not enter enough characters!}
+{A line of any length and content will be accepted and assumed to
+contain at least 256 bits of randomness. If it actually contains
+less, the installed system may not be secure.}
message entropy_select_file
{Please select how you want to transfer the random data file
@@ -80,7 +82,7 @@ message entropy_add_nfs
{Load from a NFS share}
message entropy_add_local
-{Laod from a local file system (e.g. a USB device)}
+{Load from a local file system (e.g. a USB device)}
message entropy_file
{Path/file}
@@ -125,4 +127,3 @@ message entropy_path_and_file
message entropy_localfs
{Enter the unmounted local device and directory on that device where
the random data is located.}
-
Index: src/usr.sbin/sysinst/msg.entropy.fr
diff -u src/usr.sbin/sysinst/msg.entropy.fr:1.4 src/usr.sbin/sysinst/msg.entropy.fr:1.5
--- src/usr.sbin/sysinst/msg.entropy.fr:1.4 Fri Oct 8 22:07:11 2021
+++ src/usr.sbin/sysinst/msg.entropy.fr Thu Apr 21 17:30:15 2022
@@ -1,4 +1,4 @@
-/* $NetBSD: msg.entropy.fr,v 1.4 2021/10/08 22:07:11 nia Exp $ */
+/* $NetBSD: msg.entropy.fr,v 1.5 2022/04/21 17:30:15 martin Exp $ */
/*
* Copyright (c) 2020 The NetBSD Foundation, Inc.
@@ -28,26 +28,30 @@
message Configure_entropy {Set up entropy}
-message continue_without_entropy {Continue without entropy}
+message continue_without_entropy {Not now, continue!}
message not_enough_entropy
{This system seems to lack a cryptographically strong pseudo random
number generator. There is not enough entropy available to create secure
keys (e.g. ssh host keys).
-
+
+If you plan to use this installation for production work and will
+for example have ssh host keys generated, we strongly advise to complete
+the entropy setup now!
+
You may use random data generated on another computer and load it
here, or you could enter random characters manually.
-If you own a USB random number device, connect it now and select
+If you have a USB random number device, connect it now and select
the "Re-test" option.}
-message entropy_add_manually {Manual input of random data}
+message entropy_add_manually {Manually input random characters}
message entropy_download_raw {Load raw binary random data}
message entropy_download_seed {Import a NetBSD entropy file}
message entropy_retry {Re-test}
message entropy_enter_manual1
-{Enter random characters.}
+{Enter one line of random characters.}
message entropy_enter_manual2
{They should contain at last 256 bits of randomness, as in 256 coin
@@ -57,11 +61,9 @@ installer) the output from running the f
machine whose randomness you trust:}
message entropy_enter_manual3
-{Do not use the same data for multiple installations.
-Terminate the input with an empty line.}
-
-message entropy_manual_not_enough
-{You did not enter enough characters!}
+{A line of any length and content will be accepted and assumed to
+contain at least 256 bits of randomness. If it actually contains
+less, the installed system may not be secure.}
message entropy_select_file
{Please select how you want to transfer the random data file
@@ -125,4 +127,3 @@ message entropy_path_and_file
message entropy_localfs
{Enter the unmounted local device and directory on that device where
the random data is located.}
-
Index: src/usr.sbin/sysinst/msg.entropy.pl
diff -u src/usr.sbin/sysinst/msg.entropy.pl:1.4 src/usr.sbin/sysinst/msg.entropy.pl:1.5
--- src/usr.sbin/sysinst/msg.entropy.pl:1.4 Fri Oct 8 22:07:11 2021
+++ src/usr.sbin/sysinst/msg.entropy.pl Thu Apr 21 17:30:15 2022
@@ -1,4 +1,4 @@
-/* $NetBSD: msg.entropy.pl,v 1.4 2021/10/08 22:07:11 nia Exp $ */
+/* $NetBSD: msg.entropy.pl,v 1.5 2022/04/21 17:30:15 martin Exp $ */
/*
* Copyright (c) 2020 The NetBSD Foundation, Inc.
@@ -28,26 +28,30 @@
message Configure_entropy {Set up entropy}
-message continue_without_entropy {Continue without entropy}
+message continue_without_entropy {Not now, continue!}
message not_enough_entropy
{This system seems to lack a cryptographically strong pseudo random
number generator. There is not enough entropy available to create secure
keys (e.g. ssh host keys).
-
+
+If you plan to use this installation for production work and will
+for example have ssh host keys generated, we strongly advise to complete
+the entropy setup now!
+
You may use random data generated on another computer and load it
here, or you could enter random characters manually.
-If you own a USB random number device, connect it now and select
+If you have a USB random number device, connect it now and select
the "Re-test" option.}
-message entropy_add_manually {Manual input of random data}
+message entropy_add_manually {Manually input random characters}
message entropy_download_raw {Load raw binary random data}
message entropy_download_seed {Import a NetBSD entropy file}
message entropy_retry {Re-test}
message entropy_enter_manual1
-{Enter random characters.}
+{Enter one line of random characters.}
message entropy_enter_manual2
{They should contain at last 256 bits of randomness, as in 256 coin
@@ -57,11 +61,9 @@ installer) the output from running the f
machine whose randomness you trust:}
message entropy_enter_manual3
-{Do not use the same data for multiple installations.
-Terminate the input with an empty line.}
-
-message entropy_manual_not_enough
-{You did not enter enough characters!}
+{A line of any length and content will be accepted and assumed to
+contain at least 256 bits of randomness. If it actually contains
+less, the installed system may not be secure.}
message entropy_select_file
{Please select how you want to transfer the random data file
@@ -125,4 +127,3 @@ message entropy_path_and_file
message entropy_localfs
{Enter the unmounted local device and directory on that device where
the random data is located.}
-
Index: src/usr.sbin/sysinst/msg.entropy.en
diff -u src/usr.sbin/sysinst/msg.entropy.en:1.3 src/usr.sbin/sysinst/msg.entropy.en:1.4
--- src/usr.sbin/sysinst/msg.entropy.en:1.3 Fri Oct 8 15:59:55 2021
+++ src/usr.sbin/sysinst/msg.entropy.en Thu Apr 21 17:30:15 2022
@@ -1,4 +1,4 @@
-/* $NetBSD: msg.entropy.en,v 1.3 2021/10/08 15:59:55 martin Exp $ */
+/* $NetBSD: msg.entropy.en,v 1.4 2022/04/21 17:30:15 martin Exp $ */
/*
* Copyright (c) 2020 The NetBSD Foundation, Inc.
@@ -28,26 +28,30 @@
message Configure_entropy {Set up entropy}
-message continue_without_entropy {Continue without entropy}
+message continue_without_entropy {Not now, continue!}
message not_enough_entropy
{This system seems to lack a cryptographically strong pseudo random
number generator. There is not enough entropy available to create secure
keys (e.g. ssh host keys).
-
+
+If you plan to use this installation for production work and will
+for example have ssh host keys generated, we strongly advise to complete
+the entropy setup now!
+
You may use random data generated on another computer and load it
here, or you could enter random characters manually.
-If you own a USB random number device, connect it now and select
+If you have a USB random number device, connect it now and select
the "Re-test" option.}
-message entropy_add_manually {Manual input of random data}
+message entropy_add_manually {Manually input random characters}
message entropy_download_raw {Load raw binary random data}
message entropy_download_seed {Import a NetBSD entropy file}
message entropy_retry {Re-test}
message entropy_enter_manual1
-{Enter random characters.}
+{Enter one line of random characters.}
message entropy_enter_manual2
{They should contain at last 256 bits of randomness, as in 256 coin
@@ -57,11 +61,9 @@ installer) the output from running the f
machine whose randomness you trust:}
message entropy_enter_manual3
-{Do not use the same data for multiple installations.
-Terminate the input with an empty line.}
-
-message entropy_manual_not_enough
-{You did not enter enough characters!}
+{A line of any length and content will be accepted and assumed to
+contain at least 256 bits of randomness. If it actually contains
+less, the installed system may not be secure.}
message entropy_select_file
{Please select how you want to transfer the random data file
@@ -125,4 +127,3 @@ message entropy_path_and_file
message entropy_localfs
{Enter the unmounted local device and directory on that device where
the random data is located.}
-
Index: src/usr.sbin/sysinst/msg.mi.de
diff -u src/usr.sbin/sysinst/msg.mi.de:1.35 src/usr.sbin/sysinst/msg.mi.de:1.36
--- src/usr.sbin/sysinst/msg.mi.de:1.35 Mon Jan 10 12:17:48 2022
+++ src/usr.sbin/sysinst/msg.mi.de Thu Apr 21 17:30:15 2022
@@ -1,4 +1,4 @@
-/* $NetBSD: msg.mi.de,v 1.35 2022/01/10 12:17:48 nia Exp $ */
+/* $NetBSD: msg.mi.de,v 1.36 2022/04/21 17:30:15 martin Exp $ */
/*
* Copyright 1997 Piermont Information Systems Inc.
@@ -1034,6 +1034,13 @@ message rootpw
{Das Rootpasswort f�r das neu installierte System wurde noch nicht gesetzt
und ist somit leer. M�chten Sie jetzt ein Rootpasswort f�r das System setzen?}
+message force_rootpw
+{Das Rootpasswort f�r das neu installierte System wurde noch nicht gesetzt.
+Geben Sie es jetzt ein.
+
+Falls Sie kein Rootpasswort setzen m�chten, geben Sie ein leeres
+Passwort ein.}
+
message rootsh
{Sie k�nnen jetzt die Standardshell f�r Benutzer "root" ausw�hlen.
Die Vorgabe daf�r ist /bin/sh, aber vielleicht bevorzugen Sie eine andere
Index: src/usr.sbin/sysinst/msg.mi.en
diff -u src/usr.sbin/sysinst/msg.mi.en:1.37 src/usr.sbin/sysinst/msg.mi.en:1.38
--- src/usr.sbin/sysinst/msg.mi.en:1.37 Mon Jan 10 12:17:48 2022
+++ src/usr.sbin/sysinst/msg.mi.en Thu Apr 21 17:30:15 2022
@@ -1,4 +1,4 @@
-/* $NetBSD: msg.mi.en,v 1.37 2022/01/10 12:17:48 nia Exp $ */
+/* $NetBSD: msg.mi.en,v 1.38 2022/04/21 17:30:15 martin Exp $ */
/*
* Copyright 1997 Piermont Information Systems Inc.
@@ -966,6 +966,12 @@ message rootpw
{The root password of the newly installed system has not yet been initialized,
and is thus empty. Do you want to set a root password for the system now?}
+message force_rootpw
+{The root password of the newly installed system has not yet been
+initialized.
+
+If you do not want to set a password, enter an empty line.}
+
message rootsh
{You can now select which shell to use for the root user. The default is
/bin/sh, but you may prefer another one.}
Index: src/usr.sbin/sysinst/msg.mi.pl
diff -u src/usr.sbin/sysinst/msg.mi.pl:1.37 src/usr.sbin/sysinst/msg.mi.pl:1.38
--- src/usr.sbin/sysinst/msg.mi.pl:1.37 Mon Jan 10 12:17:48 2022
+++ src/usr.sbin/sysinst/msg.mi.pl Thu Apr 21 17:30:15 2022
@@ -1,4 +1,4 @@
-/* $NetBSD: msg.mi.pl,v 1.37 2022/01/10 12:17:48 nia Exp $ */
+/* $NetBSD: msg.mi.pl,v 1.38 2022/04/21 17:30:15 martin Exp $ */
/* Based on english version: */
/* NetBSD: msg.mi.pl,v 1.36 2004/04/17 18:55:35 atatat Exp */
@@ -963,6 +963,12 @@ message rootpw
{Haslo root'a w nowo zainstalowanym systemie nie zostalo jeszcze ustawione,
i dlatego jest puste. Czy chcesz teraz ustawic haslo dla root'a?}
+message force_rootpw
+{The root password of the newly installed system has not yet been
+initialized.
+
+If you do not want to set a password, enter an empty line.}
+
message rootsh
{Mozesz teraz wybrac, ktorej powloki ma uzywac uzytkownik root. Domyslnie
jest to /bin/sh, ale moze preferujesz inna.}
Index: src/usr.sbin/sysinst/msg.mi.es
diff -u src/usr.sbin/sysinst/msg.mi.es:1.31 src/usr.sbin/sysinst/msg.mi.es:1.32
--- src/usr.sbin/sysinst/msg.mi.es:1.31 Mon Jan 10 12:17:48 2022
+++ src/usr.sbin/sysinst/msg.mi.es Thu Apr 21 17:30:15 2022
@@ -1,4 +1,4 @@
-/* $NetBSD: msg.mi.es,v 1.31 2022/01/10 12:17:48 nia Exp $ */
+/* $NetBSD: msg.mi.es,v 1.32 2022/04/21 17:30:15 martin Exp $ */
/*
* Copyright 1997 Piermont Information Systems Inc.
@@ -993,6 +993,12 @@ message rootpw
y por tanto est� vac�a. �Quiere establecer ahora una contrase�a de root para
el sistema?}
+message force_rootpw
+{The root password of the newly installed system has not yet been
+initialized.
+
+If you do not want to set a password, enter an empty line.}
+
message rootsh
{Ahora puede seleccionar que shell quiere usar para el usuario root. Por
omisi�n es /bin/sh, pero podr�a preferir otra.}
Index: src/usr.sbin/sysinst/msg.mi.fr
diff -u src/usr.sbin/sysinst/msg.mi.fr:1.36 src/usr.sbin/sysinst/msg.mi.fr:1.37
--- src/usr.sbin/sysinst/msg.mi.fr:1.36 Mon Jan 10 12:17:48 2022
+++ src/usr.sbin/sysinst/msg.mi.fr Thu Apr 21 17:30:15 2022
@@ -1,4 +1,4 @@
-/* $NetBSD: msg.mi.fr,v 1.36 2022/01/10 12:17:48 nia Exp $ */
+/* $NetBSD: msg.mi.fr,v 1.37 2022/04/21 17:30:15 martin Exp $ */
/*
* Copyright 1997 Piermont Information Systems Inc.
@@ -1045,6 +1045,12 @@ Nous vous recommandons de sp�cifier un m
Le souhaitez-vous ?
}
+message force_rootpw
+{The root password of the newly installed system has not yet been
+initialized.
+
+If you do not want to set a password, enter an empty line.}
+
message rootsh
{
Sp�cifiez le shell par d�faut qui sera utilis� par l'utilisateur "root".
Index: src/usr.sbin/sysinst/upgrade.c
diff -u src/usr.sbin/sysinst/upgrade.c:1.19 src/usr.sbin/sysinst/upgrade.c:1.20
--- src/usr.sbin/sysinst/upgrade.c:1.19 Sat Jan 29 16:01:16 2022
+++ src/usr.sbin/sysinst/upgrade.c Thu Apr 21 17:30:15 2022
@@ -1,4 +1,4 @@
-/* $NetBSD: upgrade.c,v 1.19 2022/01/29 16:01:16 martin Exp $ */
+/* $NetBSD: upgrade.c,v 1.20 2022/04/21 17:30:15 martin Exp $ */
/*
* Copyright 1997 Piermont Information Systems Inc.
@@ -125,6 +125,10 @@ do_upgrade(void)
merge_X("/usr/X11R6");
merge_X("/usr/X11R7");
+#if CHECK_ENTROPY
+ do_add_entropy();
+#endif
+
sanity_check();
free_install:
@@ -223,6 +227,10 @@ do_reinstall_sets()
if (get_and_unpack_sets(0, NULL, MSG_unpackcomplete, MSG_abortunpack) != 0)
goto free_install;
+#if CHECK_ENTROPY
+ do_add_entropy();
+#endif
+
sanity_check();
free_install:
Index: src/usr.sbin/sysinst/util.c
diff -u src/usr.sbin/sysinst/util.c:1.65 src/usr.sbin/sysinst/util.c:1.66
--- src/usr.sbin/sysinst/util.c:1.65 Thu Apr 14 15:48:31 2022
+++ src/usr.sbin/sysinst/util.c Thu Apr 21 17:30:15 2022
@@ -1,4 +1,4 @@
-/* $NetBSD: util.c,v 1.65 2022/04/14 15:48:31 martin Exp $ */
+/* $NetBSD: util.c,v 1.66 2022/04/21 17:30:15 martin Exp $ */
/*
* Copyright 1997 Piermont Information Systems Inc.
@@ -1158,48 +1158,32 @@ entropy_add_manual(void)
uint8_t digest[SHA256_DIGEST_LENGTH];
static const char prompt[] = "> ";
size_t l;
- int txt_y, maxy, init_y;
- bool ok = false;
+ int txt_y;
msg_display(MSG_entropy_enter_manual1);
msg_printf("\n\n");
msg_display_add(MSG_entropy_enter_manual2);
- msg_printf("\n\n dd if=/dev/random bs=32 count=16 | openssl base64\n\n");
+ msg_printf("\n\n dd if=/dev/random bs=32 count=1 | openssl base64\n\n");
msg_display_add(MSG_entropy_enter_manual3);
msg_printf("\n\n");
SHA256_Init(&ctx);
- txt_y = getcury(mainwin);
- maxy = getmaxy(mainwin);
- init_y = txt_y;
+ txt_y = getcury(mainwin)+1;
echo();
- do {
- txt_y++;
- if (txt_y >= maxy) {
- txt_y = init_y;
- wmove(mainwin, txt_y, 0);
- wclrtobot(mainwin);
- } else {
- wmove(mainwin, txt_y, 0);
- }
- msg_fmt_table_add(prompt, prompt);
- mvwgetnstr(mainwin, txt_y, 2, buf, sizeof buf);
- l = strlen(buf);
- if (l > 0)
- SHA256_Update(&ctx, (const uint8_t*)buf, l);
- } while(l > 0);
+ wmove(mainwin, txt_y, 0);
+ msg_fmt_table_add(prompt, prompt);
+ mvwgetnstr(mainwin, txt_y, 2, buf, sizeof buf);
+ l = strlen(buf);
+ if (l > 0)
+ SHA256_Update(&ctx, (const uint8_t*)buf, l);
noecho();
- ok = ctx.bitcount >= 256;
SHA256_Final(digest, &ctx);
- wmove(mainwin, init_y, 0);
+ wmove(mainwin, txt_y-1, 0);
wclrtobot(mainwin);
wrefresh(mainwin);
- if (ok)
- entropy_write_to_kernel(digest, sizeof digest);
- else
- hit_enter_to_continue(NULL, MSG_entropy_manual_not_enough);
+ entropy_write_to_kernel(digest, sizeof digest);
}
/*
