On supported -release systems, syspatch(8) -c is run from rc.firsttime(8)
and the list of patches it pretty-printed if non-empty.
-c output fits into a shell variable, not needing a temporary file, which
is also what usr.sbin/syspatch/syspatch.sh does internally.
Here's what the patch would do on a fresh -release install:
rel71# _CKPATCH=$(syspatch -c)
rel71# echo "$_CKPATCH" | column -xc 80
001_wifi 002_ipsec 003_kqueue 004_asn1
005_pppoe
007_cron 008_bgpd 009_zlib 010_expat
011_smtpd
The double quotes retain the newlines; without them column(1) would
print a single line (possibly longer than 80 chars).
Feedback? OK?
Index: install.sub
===================================================================
RCS file: /cvs/src/distrib/miniroot/install.sub,v
retrieving revision 1.1207
diff -u -p -r1.1207 install.sub
--- install.sub 27 Sep 2022 12:28:25 -0000 1.1207
+++ install.sub 27 Sep 2022 13:37:58 -0000
@@ -2905,15 +2905,13 @@ finish_up() {
isin "$ARCH" $_syspatch_archs && cat <<'__EOT' >>/mnt/etc/rc.firsttime
set -A _KERNV -- $(sysctl -n kern.version |
sed 's/^OpenBSD \([1-9][0-9]*\.[0-9]\)\([^ ]*\).*/\1 \2/;q')
-if ((${#_KERNV[*]} == 1)) && [[ -s /etc/installurl ]] &&
- _CKPATCH=$(mktemp /tmp/_ckpatch.XXXXXXXXXX); then
+if ((${#_KERNV[*]} == 1)) && [[ -s /etc/installurl ]]; then
echo "Checking for available binary patches..."
- syspatch -c > $_CKPATCH
- if [[ -s $_CKPATCH ]]; then
+ _CKPATCH=$(syspatch -c)
+ if [[ -n $_CKPATCH ]]; then
echo "Run syspatch(8) to install:"
- column -xc 80 $_CKPATCH
+ echo "$_CKPATCH" | column -xc 80
fi
- rm -f $_CKPATCH
fi
__EOT
