bin/138926: [patch] freebsd-update(8) allows unattended upgrade
Tom Smith
freebsd at thomassmith.com
Fri Sep 18 00:40:02 UTC 2009
>Number: 138926
>Category: bin
>Synopsis: [patch] freebsd-update(8) allows unattended upgrade
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Fri Sep 18 00:40:01 UTC 2009
>Closed-Date:
>Last-Modified:
>Originator: Tom Smith
>Release: FreeBSD 7.2-RELEASE-p2 i386
>Organization:
>Environment:
>Description:
This patch enables unattended upgrades by a setting in
the config file. When Unattended=yes is set, freebsd-update
assumes yes for all user prompts and writes everything
it would have written and confirmed with the user to standard
out without paging. This allows for unattended upgrades to
take place only if the user knows what they are doing and
specifically takes steps to enable this behavior. It is
intended for environments with large numbers of identical
or very similar machines where a staging server is used
beforehand to verify that the unattended install will
proceed correctly. The administrator can send the output
to a file or through tee to keep a record of what happened
and review it after each step in the upgrade process.
>How-To-Repeat:
To perform an unattended install with this patch, set
Unattended=yes in the freebsd-update.conf file and
run freebsd-update as directed in the FreeBSD Handbook.
>Fix:
The attached patch is for both the freebsd-update script and
the default configuration file (where Unattended defaults
to no and comments explain impact of setting to yes).
Patch attached with submission follows:
*** usr.sbin/freebsd-update/freebsd-update.sh.orig Sat Sep 12 14:48:15 2009
--- usr.sbin/freebsd-update/freebsd-update.sh Sat Sep 12 14:51:32 2009
***************
*** 88,94 ****
CONFIGOPTIONS="KEYPRINT WORKDIR SERVERNAME MAILTO ALLOWADD ALLOWDELETE
KEEPMODIFIEDMETADATA COMPONENTS IGNOREPATHS UPDATEIFUNMODIFIED
BASEDIR VERBOSELEVEL TARGETRELEASE STRICTCOMPONENTS MERGECHANGES
! IDSIGNOREPATHS"
# Set all the configuration options to "".
nullconfig () {
--- 88,94 ----
CONFIGOPTIONS="KEYPRINT WORKDIR SERVERNAME MAILTO ALLOWADD ALLOWDELETE
KEEPMODIFIEDMETADATA COMPONENTS IGNOREPATHS UPDATEIFUNMODIFIED
BASEDIR VERBOSELEVEL TARGETRELEASE STRICTCOMPONENTS MERGECHANGES
! IDSIGNOREPATHS UNATTENDED"
# Set all the configuration options to "".
nullconfig () {
***************
*** 308,313 ****
--- 308,333 ----
fi
}
+ # Set whether any interactive prompts or paging will happen
+ config_Unattended () {
+ if [ -z ${UNATTENDED} ]; then
+ case $1 in
+ [Yy][Ee][Ss])
+ UNATTENDED=yes
+ ;;
+ [Nn][Oo])
+ UNATTENDED=no
+ ;;
+ *)
+ return 1
+ ;;
+ esac
+ else
+ return 1
+ fi
+ }
+
+
# Handle one line of configuration
configline () {
if [ $# -eq 0 ]; then
***************
*** 931,946 ****
# Function for asking the user if everything is ok
continuep () {
! while read -p "Does this look reasonable (y/n)? " CONTINUE; do
! case "${CONTINUE}" in
! y*)
! return 0
! ;;
! n*)
! return 1
! ;;
! esac
! done
}
# Initialize the working directory
--- 951,970 ----
# Function for asking the user if everything is ok
continuep () {
! if [ ${UNATTENDED} != "yes" ]; then
! while read -p "Does this look reasonable (y/n)? " CONTINUE; do
! case "${CONTINUE}" in
! y*)
! return 0
! ;;
! n*)
! return 1
! ;;
! esac
! done
! else
! return 0
! fi
}
# Initialize the working directory
***************
*** 1783,1791 ****
echo "but no changes have"
echo -n "been downloaded because the files have been "
echo "modified locally:"
! cat modifiedfiles
! fi | more
! rm modifiedfiles
# If no files will be updated, tell the user and exit
if ! [ -s INDEX-PRESENT ] &&
--- 1807,1820 ----
echo "but no changes have"
echo -n "been downloaded because the files have been "
echo "modified locally:"
! cat modifiedfiles
! fi > modifiedfiles.out
! if [ ${UNATTENDED} != "yes" ]; then
! more modifiedfiles.out
! else
! cat modifiedfiles.out
! fi
! rm modifiedfiles.out modifiedfiles
# If no files will be updated, tell the user and exit
if ! [ -s INDEX-PRESENT ] &&
***************
*** 1814,1821 ****
echo -n "The following files will be removed "
echo "as part of updating to ${RELNUM}-p${RELPATCHNUM}:"
cat files.removed
! fi | more
! rm files.removed
# Report added files, if any
if [ -s files.added ]; then
--- 1843,1855 ----
echo -n "The following files will be removed "
echo "as part of updating to ${RELNUM}-p${RELPATCHNUM}:"
cat files.removed
! fi > files.removed.out
! if [ ${UNATTENDED} != "yes" ]; then
! more files.removed.out
! else
! cat files.removed.out
! fi
! rm files.removed.out files.removed
# Report added files, if any
if [ -s files.added ]; then
***************
*** 1823,1840 ****
echo -n "The following files will be added "
echo "as part of updating to ${RELNUM}-p${RELPATCHNUM}:"
cat files.added
! fi | more
! rm files.added
# Report updated files, if any
if [ -s files.updated ]; then
echo
echo -n "The following files will be updated "
echo "as part of updating to ${RELNUM}-p${RELPATCHNUM}:"
-
cat files.updated
! fi | more
! rm files.updated
# Create a directory for the install manifest.
MDIR=`mktemp -d install.XXXXXX` || return 1
--- 1857,1883 ----
echo -n "The following files will be added "
echo "as part of updating to ${RELNUM}-p${RELPATCHNUM}:"
cat files.added
! fi > files.added.out
! if [ ${UNATTENDED} != "yes" ]; then
! more files.added.out
! else
! cat files.added.out
! fi
! rm files.added.out files.added
# Report updated files, if any
if [ -s files.updated ]; then
echo
echo -n "The following files will be updated "
echo "as part of updating to ${RELNUM}-p${RELPATCHNUM}:"
cat files.updated
! fi > files.updated.out
! if [ ${UNATTENDED} != "yes" ]; then
! more files.updated.out
! else
! cat files.updated.out
! fi
! rm files.updated.out files.updated
# Create a directory for the install manifest.
MDIR=`mktemp -d install.XXXXXX` || return 1
***************
*** 2244,2264 ****
done < $1-paths
echo " done."
! # Ask the user to handle any files which didn't merge.
! while read F; do
! cat <<-EOF
The following file could not be merged automatically: ${F}
Press Enter to edit this file in ${EDITOR} and resolve the conflicts
manually...
! EOF
! read dummy </dev/tty
! ${EDITOR} `pwd`/merge/new/${F} < /dev/tty
! done < failed.merges
rm failed.merges
# Ask the user to confirm that he likes how the result
! # of merging files.
while read F; do
# Skip files which haven't changed.
if [ -f merge/new/${F} ] &&
--- 2287,2313 ----
done < $1-paths
echo " done."
! # Ask the user to handle any files which didn't merge
! # unless unattended
! if [ ${UNATTENDED} != "yes" ]; then
! while read F; do
! cat <<-EOF
The following file could not be merged automatically: ${F}
Press Enter to edit this file in ${EDITOR} and resolve the conflicts
manually...
! EOF
! read dummy </dev/tty
! ${EDITOR} `pwd`/merge/new/${F} < /dev/tty
! done < failed.merges
! else
! echo "These files could not be merged automatically:"
! cat failed.merges
! fi
rm failed.merges
# Ask the user to confirm that he likes how the result
! # of merging files unless unattended
while read F; do
# Skip files which haven't changed.
if [ -f merge/new/${F} ] &&
***************
*** 2266,2283 ****
continue
fi
! # Warn about files which are ceasing to exist.
if ! [ -f merge/new/${F} ]; then
cat <<-EOF
The following file will be removed, as it no longer exists in
FreeBSD ${RELNUM}: ${F}
EOF
! continuep < /dev/tty || return 1
continue
fi
! # Print changes for the user's approval.
cat <<-EOF
The following changes, which occurred between FreeBSD ${OLDRELNUM} and
--- 2315,2334 ----
continue
fi
! # Warn about files which are ceasing to exist unless unattended
if ! [ -f merge/new/${F} ]; then
cat <<-EOF
The following file will be removed, as it no longer exists in
FreeBSD ${RELNUM}: ${F}
EOF
! if [ ${UNATTENDED} != "yes" ]; then
! continuep < /dev/tty || return 1
! fi
continue
fi
! # Print changes for the user's approval unless unattended
cat <<-EOF
The following changes, which occurred between FreeBSD ${OLDRELNUM} and
***************
*** 2285,2291 ****
EOF
diff -U 5 -L "current version" -L "new version" \
merge/old/${F} merge/new/${F} || true
! continuep < /dev/tty || return 1
done < $1-paths
# Store merged files.
--- 2336,2344 ----
EOF
diff -U 5 -L "current version" -L "new version" \
merge/old/${F} merge/new/${F} || true
! if [ ${UNATTENDED} != "yes" ]; then
! continuep < /dev/tty || return 1
! fi
done < $1-paths
# Store merged files.
*** etc/freebsd-update.conf.orig Sat Sep 12 14:46:22 2009
--- etc/freebsd-update.conf Sat Sep 12 14:46:26 2009
***************
*** 63,65 ****
--- 63,69 ----
# which *might* be installed of which FreeBSD Update should figure out
# which actually are installed and upgrade those (StrictComponents no)?
# StrictComponents no
+
+ # Is FreeBSD Update allowed to assume yes for any user prompts and
+ # automatically merge files?
+ # Unattended no
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list