Re: Conditional sysupgrade

Sat, 27 Apr 2019 07:09:45 -0700 

On Sat, Apr 27, 2019 at 01:23:20PM +0100, Marco Bonetti wrote:
> Hello folks,
> 
> First of all congratulations on a new OpenBSD release and thanks for
> introducing sysupgrade in -current.
> 
> Before sysupgrade, I was using a custom script for achieving the same
> result with only difference that I was checking if a new snapshot (or
> release) is available by looking at BUILDINFO before starting the
> upgrade process.
> 
> Patch below introduce the same behaviour using SHA256.sig as control
> file. If you believe there is a valid use case for reinstalling already
> applied sets to the running system please let me know and I can add a
> -f force option.
> 
> Cheers,
> Marco

I was going to suggest something similar.

See comment below.

> 
> Index: usr.sbin/sysupgrade/sysupgrade.8
> ===================================================================
> RCS file: /cvs/src/usr.sbin/sysupgrade/sysupgrade.8,v
> retrieving revision 1.2
> diff -u -p -u -r1.2 sysupgrade.8
> --- usr.sbin/sysupgrade/sysupgrade.8  26 Apr 2019 05:54:49 -0000      1.2
> +++ usr.sbin/sysupgrade/sysupgrade.8  27 Apr 2019 11:54:40 -0000
> @@ -28,7 +28,7 @@
>  .Nm
>  is a utility to upgrade
>  .Ox
> -to the next release or a new snapshot.
> +to the next release or a new snapshot if available.
>  .Pp
>  .Nm
>  downloads the necessary files to
> 
> Index: usr.sbin/sysupgrade/sysupgrade.sh
> ===================================================================
> RCS file: /cvs/src/usr.sbin/sysupgrade/sysupgrade.sh,v
> retrieving revision 1.6
> diff -u -p -u -r1.6 sysupgrade.sh
> --- usr.sbin/sysupgrade/sysupgrade.sh 26 Apr 2019 21:52:39 -0000      1.6
> +++ usr.sbin/sysupgrade/sysupgrade.sh 27 Apr 2019 11:54:48 -0000
> @@ -110,7 +110,19 @@ fi
>  
>  cd ${SETSDIR}
>  
> -unpriv -f SHA256.sig ftp -Vmo SHA256.sig ${URL}SHA256.sig
> +unpriv -f SHA256.sig.tmp ftp -Vmo SHA256.sig.tmp ${URL}SHA256.sig
> +TMP_SHA=$(sha256 -q SHA256.sig.tmp)
> +
> +unpriv touch SHA256.sig
> +CUR_SHA=$(sha256 -q SHA256.sig)
> +
> +if [[ "${TMP_SHA}" = "${CUR_SHA}" ]]; then

Why compare checksums?

    if cmp -s SHA256.sig SHA256.sig.tmp; then

> +     rm SHA256.sig.tmp
> +     return 0
> +fi
> +
> +unpriv cat SHA256.sig.tmp >SHA256.sig
> +rm SHA256.sig.tmp
>  
>  _KEY=openbsd-${_KERNV[0]%.*}${_KERNV[0]#*.}-base.pub
>  _NEXTKEY=openbsd-${NEXT_VERSION%.*}${NEXT_VERSION#*.}-base.pub

-- 
Andreas Kusalananda Kähäri,
National Bioinformatics Infrastructure Sweden (NBIS),
Uppsala University, Sweden.

Reply via email to