Cryptographic signatures of installer sets
Nathan Dorfman
ndorf at rtfm.net
Sun Feb 2 11:37:14 UTC 2020
On Thu, Jan 30, 2020 at 01:22:39PM +0000, Glen Barber wrote:
> I honestly wasn't aware there was a jail subcommand to bsdinstall.
> I think, rather than creating /usr/freebsd-dist on the host system, we
> should instead check if the misc/freebsd-release-manifests package is
> installed and bail if it does not. This package contains the MANIFEST
> files from past releases (and in-progress releases, including BETA and
> RC builds).
>
> Does that seem like a reasonable solution?
Well, that only works for actual releases. The one from the installation
medium would work in all cases, such as if one installs a snapshot, or a
custom build. It would have to be kept up to date by freebsd-update,
though.
Also, you would need to add logic to select the correct manifest from
the ones in the package, whereas one from the initial install (and
freebsd-update) would be the only one. That could be as simple as
stripping the -p123 suffixes from `uname -r`, but why?
FWIW, the /usr/freebsd-dist location can be overridden by setting
$BSDINSTALL_DISTDIR, but the checksum script[1] will expect to find the
manifest and sets in the same directory regardless.
Perhaps this default could be changed to something under /usr/share?
-nd.
[1] https://svnweb.freebsd.org/base/release/12.1.0/usr.sbin/bsdinstall/scripts/checksum?view=markup#l29
More information about the freebsd-security
mailing list