Date: Tue, 13 May 2014 23:24:33 +0000 (UTC) From: Xin LI <delphij@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r265989 - in releng/8.4: . etc etc/mtree etc/pkg share share/keys share/keys/pkg share/keys/pkg/trusted share/man/man7 sys/conf usr.sbin/kldxref usr.sbin/pkg Message-ID: <201405132324.s4DNOXAN058859@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: delphij Date: Tue May 13 23:24:32 2014 New Revision: 265989 URL: http://svnweb.freebsd.org/changeset/base/265989 Log: Add pkg bootstrapping, configuration and public keys. [EN-14:03] Improve build repeatability for kldxref(8). [EN-14:04] Approved by: so Added: releng/8.4/etc/pkg/ releng/8.4/etc/pkg/FreeBSD.conf (contents, props changed) releng/8.4/etc/pkg/Makefile (contents, props changed) releng/8.4/share/keys/ releng/8.4/share/keys/Makefile (contents, props changed) releng/8.4/share/keys/pkg/ releng/8.4/share/keys/pkg/Makefile (contents, props changed) releng/8.4/share/keys/pkg/trusted/ releng/8.4/share/keys/pkg/trusted/Makefile (contents, props changed) releng/8.4/share/keys/pkg/trusted/pkg.freebsd.org.2013102301 (contents, props changed) Modified: releng/8.4/UPDATING releng/8.4/etc/Makefile releng/8.4/etc/mtree/BSD.root.dist releng/8.4/etc/mtree/BSD.usr.dist releng/8.4/share/Makefile releng/8.4/share/man/man7/hier.7 releng/8.4/sys/conf/newvers.sh releng/8.4/usr.sbin/kldxref/kldxref.c releng/8.4/usr.sbin/pkg/pkg.c Modified: releng/8.4/UPDATING ============================================================================== --- releng/8.4/UPDATING Tue May 13 23:24:14 2014 (r265988) +++ releng/8.4/UPDATING Tue May 13 23:24:32 2014 (r265989) @@ -15,6 +15,13 @@ NOTE TO PEOPLE WHO THINK THAT FreeBSD 8. debugging tools present in HEAD were left in place because sun4v support still needs work to become production ready. +20140513: p10 FreeBSD-EN-14:03.pkg + FreeBSD-EN-14:04.kldxref + + Add pkg bootstrapping, configuration and public keys. [EN-14:03] + + Improve build repeatability for kldxref(8). [EN-14:04] + 20140430: p9 FreeBSD-SA-14:08.tcp Fix TCP reassembly vulnerability. [SA-14:08] Modified: releng/8.4/etc/Makefile ============================================================================== --- releng/8.4/etc/Makefile Tue May 13 23:24:14 2014 (r265988) +++ releng/8.4/etc/Makefile Tue May 13 23:24:32 2014 (r265989) @@ -172,6 +172,7 @@ distribution: ${_+_}cd ${.CURDIR}/devd; ${MAKE} install ${_+_}cd ${.CURDIR}/gss; ${MAKE} install ${_+_}cd ${.CURDIR}/periodic; ${MAKE} install + ${_+_}cd ${.CURDIR}/pkg; ${MAKE} install ${_+_}cd ${.CURDIR}/rc.d; ${MAKE} install ${_+_}cd ${.CURDIR}/../gnu/usr.bin/send-pr; ${MAKE} etc-gnats-freefall ${_+_}cd ${.CURDIR}/../share/termcap; ${MAKE} etc-termcap Modified: releng/8.4/etc/mtree/BSD.root.dist ============================================================================== --- releng/8.4/etc/mtree/BSD.root.dist Tue May 13 23:24:14 2014 (r265988) +++ releng/8.4/etc/mtree/BSD.root.dist Tue May 13 23:24:32 2014 (r265989) @@ -52,6 +52,8 @@ weekly .. .. + pkg + .. ppp .. rc.d Modified: releng/8.4/etc/mtree/BSD.usr.dist ============================================================================== --- releng/8.4/etc/mtree/BSD.usr.dist Tue May 13 23:24:14 2014 (r265988) +++ releng/8.4/etc/mtree/BSD.usr.dist Tue May 13 23:24:32 2014 (r265989) @@ -340,6 +340,14 @@ .. info .. + keys + pkg + revoked + .. + trusted + .. + .. + .. locale UTF-8 .. Added: releng/8.4/etc/pkg/FreeBSD.conf ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ releng/8.4/etc/pkg/FreeBSD.conf Tue May 13 23:24:32 2014 (r265989) @@ -0,0 +1,16 @@ +# $FreeBSD$ +# +# To disable this repository, instead of modifying or removing this file, +# create a /usr/local/etc/pkg/repos/FreeBSD.conf file: +# +# mkdir -p /usr/local/etc/pkg/repos +# echo "FreeBSD: { enabled: no }" > /usr/local/etc/pkg/repos/FreeBSD.conf +# + +FreeBSD: { + url: "pkg+http://pkg.FreeBSD.org/${ABI}/latest", + mirror_type: "srv", + signature_type: "fingerprints", + fingerprints: "/usr/share/keys/pkg", + enabled: yes +} Added: releng/8.4/etc/pkg/Makefile ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ releng/8.4/etc/pkg/Makefile Tue May 13 23:24:32 2014 (r265989) @@ -0,0 +1,10 @@ +# $FreeBSD$ + +NO_OBJ= + +FILES= FreeBSD.conf + +FILESDIR= /etc/pkg +FILESMODE= 644 + +.include <bsd.prog.mk> Modified: releng/8.4/share/Makefile ============================================================================== --- releng/8.4/share/Makefile Tue May 13 23:24:14 2014 (r265988) +++ releng/8.4/share/Makefile Tue May 13 23:24:32 2014 (r265989) @@ -9,6 +9,7 @@ SUBDIR= ${_colldef} \ ${_dict} \ ${_doc} \ ${_examples} \ + keys \ ${_man} \ ${_me} \ misc \ Added: releng/8.4/share/keys/Makefile ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ releng/8.4/share/keys/Makefile Tue May 13 23:24:32 2014 (r265989) @@ -0,0 +1,5 @@ +# $FreeBSD$ + +SUBDIR= pkg + +.include <bsd.subdir.mk> Added: releng/8.4/share/keys/pkg/Makefile ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ releng/8.4/share/keys/pkg/Makefile Tue May 13 23:24:32 2014 (r265989) @@ -0,0 +1,5 @@ +# $FreeBSD$ + +SUBDIR= trusted + +.include <bsd.subdir.mk> Added: releng/8.4/share/keys/pkg/trusted/Makefile ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ releng/8.4/share/keys/pkg/trusted/Makefile Tue May 13 23:24:32 2014 (r265989) @@ -0,0 +1,10 @@ +# $FreeBSD$ + +NO_OBJ= + +FILES= pkg.freebsd.org.2013102301 + +FILESDIR= /usr/share/keys/pkg/trusted +FILESMODE= 644 + +.include <bsd.prog.mk> Added: releng/8.4/share/keys/pkg/trusted/pkg.freebsd.org.2013102301 ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ releng/8.4/share/keys/pkg/trusted/pkg.freebsd.org.2013102301 Tue May 13 23:24:32 2014 (r265989) @@ -0,0 +1,4 @@ +# $FreeBSD$ + +function: "sha256" +fingerprint: "b0170035af3acc5f3f3ae1859dc717101b4e6c1d0a794ad554928ca0cbb2f438" Modified: releng/8.4/share/man/man7/hier.7 ============================================================================== --- releng/8.4/share/man/man7/hier.7 Tue May 13 23:24:14 2014 (r265988) +++ releng/8.4/share/man/man7/hier.7 Tue May 13 23:24:32 2014 (r265989) @@ -32,7 +32,7 @@ .\" @(#)hier.7 8.1 (Berkeley) 6/5/93 .\" $FreeBSD$ .\" -.Dd May 25, 2008 +.Dd October 29, 2013 .Dt HIER 7 .Os .Sh NAME @@ -546,6 +546,16 @@ ASCII text files used by various games device description file for device name .It Pa info/ GNU Info hypertext system +.It Pa keys/ +known trusted and revoked keys. +.Bl -tag -width ".Pa keys/pkg/" -compact +.It Pa keys/pkg/ +fingerprints for +.Xr pkg 7 +and +.Xr pkg 8 +.El +.Pp .It Pa locale/ localization files; see Modified: releng/8.4/sys/conf/newvers.sh ============================================================================== --- releng/8.4/sys/conf/newvers.sh Tue May 13 23:24:14 2014 (r265988) +++ releng/8.4/sys/conf/newvers.sh Tue May 13 23:24:32 2014 (r265989) @@ -32,7 +32,7 @@ TYPE="FreeBSD" REVISION="8.4" -BRANCH="RELEASE-p9" +BRANCH="RELEASE-p10" if [ "X${BRANCH_OVERRIDE}" != "X" ]; then BRANCH=${BRANCH_OVERRIDE} fi Modified: releng/8.4/usr.sbin/kldxref/kldxref.c ============================================================================== --- releng/8.4/usr.sbin/kldxref/kldxref.c Tue May 13 23:24:14 2014 (r265988) +++ releng/8.4/usr.sbin/kldxref/kldxref.c Tue May 13 23:24:32 2014 (r265989) @@ -275,6 +275,16 @@ usage(void) exit(1); } +static int +compare(const FTSENT *const *a, const FTSENT *const *b) +{ + if ((*a)->fts_info == FTS_D && (*b)->fts_info != FTS_D) + return 1; + if ((*a)->fts_info != FTS_D && (*b)->fts_info == FTS_D) + return -1; + return strcmp((*a)->fts_name, (*b)->fts_name); +} + int main(int argc, char *argv[]) { @@ -316,7 +326,7 @@ main(int argc, char *argv[]) err(1, "%s", argv[0]); } - ftsp = fts_open(argv, fts_options, 0); + ftsp = fts_open(argv, fts_options, compare); if (ftsp == NULL) exit(1); Modified: releng/8.4/usr.sbin/pkg/pkg.c ============================================================================== --- releng/8.4/usr.sbin/pkg/pkg.c Tue May 13 23:24:14 2014 (r265988) +++ releng/8.4/usr.sbin/pkg/pkg.c Tue May 13 23:24:32 2014 (r265989) @@ -284,13 +284,10 @@ bootstrap_pkg(void) { struct url *u; FILE *remote; - FILE *config; - char *site; struct dns_srvinfo *mirrors, *current; /* To store _https._tcp. + hostname + \0 */ char zone[MAXHOSTNAMELEN + 13]; char url[MAXPATHLEN]; - char conf[MAXPATHLEN]; char abi[BUFSIZ]; char tmppkg[MAXPATHLEN]; char buf[10240]; @@ -306,7 +303,6 @@ bootstrap_pkg(void) max_retry = 3; ret = -1; remote = NULL; - config = NULL; current = mirrors = NULL; printf("Bootstrapping pkg please wait\n"); @@ -387,26 +383,6 @@ bootstrap_pkg(void) if ((ret = extract_pkg_static(fd, pkgstatic, MAXPATHLEN)) == 0) ret = install_pkg_static(pkgstatic, tmppkg); - snprintf(conf, MAXPATHLEN, "%s/etc/pkg.conf", - getenv("LOCALBASE") ? getenv("LOCALBASE") : _LOCALBASE); - - if (access(conf, R_OK) == -1) { - site = strrchr(url, '/'); - if (site == NULL) - goto cleanup; - site[0] = '\0'; - site = strrchr(url, '/'); - if (site == NULL) - goto cleanup; - site[0] = '\0'; - - config = fopen(conf, "w+"); - if (config == NULL) - goto cleanup; - fprintf(config, "packagesite: %s\n", url); - fclose(config); - } - goto cleanup; fetchfail: @@ -423,7 +399,11 @@ cleanup: static const char confirmation_message[] = "The package management tool is not yet installed on your system.\n" -"Do you want to fetch and install it now? [y/N]: "; +"The mechanism for doing this is not secure on FreeBSD 8. To securely install\n" +"pkg(8), use ports from a portsnap checkout:\n" +" # portsnap fetch extract\n" +" # make -C /usr/ports/ports-mgmt/pkg install clean\n" +"Do you still want to fetch and install it now? [y/N]: "; static int pkg_query_yes_no(void)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201405132324.s4DNOXAN058859>