svn commit: r265989 - in releng/8.4: . etc etc/mtree etc/pkg share share/keys share/keys/pkg share/keys/pkg/trusted share/man/man7 sys/conf usr.sbin/kldxref usr.sbin/pkg
Xin LI
delphij at FreeBSD.org
Tue May 13 23:24:36 UTC 2014
Author: delphij
Date: Tue May 13 23:24:32 2014
New Revision: 265989
URL: http://svnweb.freebsd.org/changeset/base/265989
Log:
Add pkg bootstrapping, configuration and public keys. [EN-14:03]
Improve build repeatability for kldxref(8). [EN-14:04]
Approved by: so
Added:
releng/8.4/etc/pkg/
releng/8.4/etc/pkg/FreeBSD.conf (contents, props changed)
releng/8.4/etc/pkg/Makefile (contents, props changed)
releng/8.4/share/keys/
releng/8.4/share/keys/Makefile (contents, props changed)
releng/8.4/share/keys/pkg/
releng/8.4/share/keys/pkg/Makefile (contents, props changed)
releng/8.4/share/keys/pkg/trusted/
releng/8.4/share/keys/pkg/trusted/Makefile (contents, props changed)
releng/8.4/share/keys/pkg/trusted/pkg.freebsd.org.2013102301 (contents, props changed)
Modified:
releng/8.4/UPDATING
releng/8.4/etc/Makefile
releng/8.4/etc/mtree/BSD.root.dist
releng/8.4/etc/mtree/BSD.usr.dist
releng/8.4/share/Makefile
releng/8.4/share/man/man7/hier.7
releng/8.4/sys/conf/newvers.sh
releng/8.4/usr.sbin/kldxref/kldxref.c
releng/8.4/usr.sbin/pkg/pkg.c
Modified: releng/8.4/UPDATING
==============================================================================
--- releng/8.4/UPDATING Tue May 13 23:24:14 2014 (r265988)
+++ releng/8.4/UPDATING Tue May 13 23:24:32 2014 (r265989)
@@ -15,6 +15,13 @@ NOTE TO PEOPLE WHO THINK THAT FreeBSD 8.
debugging tools present in HEAD were left in place because
sun4v support still needs work to become production ready.
+20140513: p10 FreeBSD-EN-14:03.pkg
+ FreeBSD-EN-14:04.kldxref
+
+ Add pkg bootstrapping, configuration and public keys. [EN-14:03]
+
+ Improve build repeatability for kldxref(8). [EN-14:04]
+
20140430: p9 FreeBSD-SA-14:08.tcp
Fix TCP reassembly vulnerability. [SA-14:08]
Modified: releng/8.4/etc/Makefile
==============================================================================
--- releng/8.4/etc/Makefile Tue May 13 23:24:14 2014 (r265988)
+++ releng/8.4/etc/Makefile Tue May 13 23:24:32 2014 (r265989)
@@ -172,6 +172,7 @@ distribution:
${_+_}cd ${.CURDIR}/devd; ${MAKE} install
${_+_}cd ${.CURDIR}/gss; ${MAKE} install
${_+_}cd ${.CURDIR}/periodic; ${MAKE} install
+ ${_+_}cd ${.CURDIR}/pkg; ${MAKE} install
${_+_}cd ${.CURDIR}/rc.d; ${MAKE} install
${_+_}cd ${.CURDIR}/../gnu/usr.bin/send-pr; ${MAKE} etc-gnats-freefall
${_+_}cd ${.CURDIR}/../share/termcap; ${MAKE} etc-termcap
Modified: releng/8.4/etc/mtree/BSD.root.dist
==============================================================================
--- releng/8.4/etc/mtree/BSD.root.dist Tue May 13 23:24:14 2014 (r265988)
+++ releng/8.4/etc/mtree/BSD.root.dist Tue May 13 23:24:32 2014 (r265989)
@@ -52,6 +52,8 @@
weekly
..
..
+ pkg
+ ..
ppp
..
rc.d
Modified: releng/8.4/etc/mtree/BSD.usr.dist
==============================================================================
--- releng/8.4/etc/mtree/BSD.usr.dist Tue May 13 23:24:14 2014 (r265988)
+++ releng/8.4/etc/mtree/BSD.usr.dist Tue May 13 23:24:32 2014 (r265989)
@@ -340,6 +340,14 @@
..
info
..
+ keys
+ pkg
+ revoked
+ ..
+ trusted
+ ..
+ ..
+ ..
locale
UTF-8
..
Added: releng/8.4/etc/pkg/FreeBSD.conf
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ releng/8.4/etc/pkg/FreeBSD.conf Tue May 13 23:24:32 2014 (r265989)
@@ -0,0 +1,16 @@
+# $FreeBSD$
+#
+# To disable this repository, instead of modifying or removing this file,
+# create a /usr/local/etc/pkg/repos/FreeBSD.conf file:
+#
+# mkdir -p /usr/local/etc/pkg/repos
+# echo "FreeBSD: { enabled: no }" > /usr/local/etc/pkg/repos/FreeBSD.conf
+#
+
+FreeBSD: {
+ url: "pkg+http://pkg.FreeBSD.org/${ABI}/latest",
+ mirror_type: "srv",
+ signature_type: "fingerprints",
+ fingerprints: "/usr/share/keys/pkg",
+ enabled: yes
+}
Added: releng/8.4/etc/pkg/Makefile
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ releng/8.4/etc/pkg/Makefile Tue May 13 23:24:32 2014 (r265989)
@@ -0,0 +1,10 @@
+# $FreeBSD$
+
+NO_OBJ=
+
+FILES= FreeBSD.conf
+
+FILESDIR= /etc/pkg
+FILESMODE= 644
+
+.include <bsd.prog.mk>
Modified: releng/8.4/share/Makefile
==============================================================================
--- releng/8.4/share/Makefile Tue May 13 23:24:14 2014 (r265988)
+++ releng/8.4/share/Makefile Tue May 13 23:24:32 2014 (r265989)
@@ -9,6 +9,7 @@ SUBDIR= ${_colldef} \
${_dict} \
${_doc} \
${_examples} \
+ keys \
${_man} \
${_me} \
misc \
Added: releng/8.4/share/keys/Makefile
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ releng/8.4/share/keys/Makefile Tue May 13 23:24:32 2014 (r265989)
@@ -0,0 +1,5 @@
+# $FreeBSD$
+
+SUBDIR= pkg
+
+.include <bsd.subdir.mk>
Added: releng/8.4/share/keys/pkg/Makefile
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ releng/8.4/share/keys/pkg/Makefile Tue May 13 23:24:32 2014 (r265989)
@@ -0,0 +1,5 @@
+# $FreeBSD$
+
+SUBDIR= trusted
+
+.include <bsd.subdir.mk>
Added: releng/8.4/share/keys/pkg/trusted/Makefile
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ releng/8.4/share/keys/pkg/trusted/Makefile Tue May 13 23:24:32 2014 (r265989)
@@ -0,0 +1,10 @@
+# $FreeBSD$
+
+NO_OBJ=
+
+FILES= pkg.freebsd.org.2013102301
+
+FILESDIR= /usr/share/keys/pkg/trusted
+FILESMODE= 644
+
+.include <bsd.prog.mk>
Added: releng/8.4/share/keys/pkg/trusted/pkg.freebsd.org.2013102301
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ releng/8.4/share/keys/pkg/trusted/pkg.freebsd.org.2013102301 Tue May 13 23:24:32 2014 (r265989)
@@ -0,0 +1,4 @@
+# $FreeBSD$
+
+function: "sha256"
+fingerprint: "b0170035af3acc5f3f3ae1859dc717101b4e6c1d0a794ad554928ca0cbb2f438"
Modified: releng/8.4/share/man/man7/hier.7
==============================================================================
--- releng/8.4/share/man/man7/hier.7 Tue May 13 23:24:14 2014 (r265988)
+++ releng/8.4/share/man/man7/hier.7 Tue May 13 23:24:32 2014 (r265989)
@@ -32,7 +32,7 @@
.\" @(#)hier.7 8.1 (Berkeley) 6/5/93
.\" $FreeBSD$
.\"
-.Dd May 25, 2008
+.Dd October 29, 2013
.Dt HIER 7
.Os
.Sh NAME
@@ -546,6 +546,16 @@ ASCII text files used by various games
device description file for device name
.It Pa info/
GNU Info hypertext system
+.It Pa keys/
+known trusted and revoked keys.
+.Bl -tag -width ".Pa keys/pkg/" -compact
+.It Pa keys/pkg/
+fingerprints for
+.Xr pkg 7
+and
+.Xr pkg 8
+.El
+.Pp
.It Pa locale/
localization files;
see
Modified: releng/8.4/sys/conf/newvers.sh
==============================================================================
--- releng/8.4/sys/conf/newvers.sh Tue May 13 23:24:14 2014 (r265988)
+++ releng/8.4/sys/conf/newvers.sh Tue May 13 23:24:32 2014 (r265989)
@@ -32,7 +32,7 @@
TYPE="FreeBSD"
REVISION="8.4"
-BRANCH="RELEASE-p9"
+BRANCH="RELEASE-p10"
if [ "X${BRANCH_OVERRIDE}" != "X" ]; then
BRANCH=${BRANCH_OVERRIDE}
fi
Modified: releng/8.4/usr.sbin/kldxref/kldxref.c
==============================================================================
--- releng/8.4/usr.sbin/kldxref/kldxref.c Tue May 13 23:24:14 2014 (r265988)
+++ releng/8.4/usr.sbin/kldxref/kldxref.c Tue May 13 23:24:32 2014 (r265989)
@@ -275,6 +275,16 @@ usage(void)
exit(1);
}
+static int
+compare(const FTSENT *const *a, const FTSENT *const *b)
+{
+ if ((*a)->fts_info == FTS_D && (*b)->fts_info != FTS_D)
+ return 1;
+ if ((*a)->fts_info != FTS_D && (*b)->fts_info == FTS_D)
+ return -1;
+ return strcmp((*a)->fts_name, (*b)->fts_name);
+}
+
int
main(int argc, char *argv[])
{
@@ -316,7 +326,7 @@ main(int argc, char *argv[])
err(1, "%s", argv[0]);
}
- ftsp = fts_open(argv, fts_options, 0);
+ ftsp = fts_open(argv, fts_options, compare);
if (ftsp == NULL)
exit(1);
Modified: releng/8.4/usr.sbin/pkg/pkg.c
==============================================================================
--- releng/8.4/usr.sbin/pkg/pkg.c Tue May 13 23:24:14 2014 (r265988)
+++ releng/8.4/usr.sbin/pkg/pkg.c Tue May 13 23:24:32 2014 (r265989)
@@ -284,13 +284,10 @@ bootstrap_pkg(void)
{
struct url *u;
FILE *remote;
- FILE *config;
- char *site;
struct dns_srvinfo *mirrors, *current;
/* To store _https._tcp. + hostname + \0 */
char zone[MAXHOSTNAMELEN + 13];
char url[MAXPATHLEN];
- char conf[MAXPATHLEN];
char abi[BUFSIZ];
char tmppkg[MAXPATHLEN];
char buf[10240];
@@ -306,7 +303,6 @@ bootstrap_pkg(void)
max_retry = 3;
ret = -1;
remote = NULL;
- config = NULL;
current = mirrors = NULL;
printf("Bootstrapping pkg please wait\n");
@@ -387,26 +383,6 @@ bootstrap_pkg(void)
if ((ret = extract_pkg_static(fd, pkgstatic, MAXPATHLEN)) == 0)
ret = install_pkg_static(pkgstatic, tmppkg);
- snprintf(conf, MAXPATHLEN, "%s/etc/pkg.conf",
- getenv("LOCALBASE") ? getenv("LOCALBASE") : _LOCALBASE);
-
- if (access(conf, R_OK) == -1) {
- site = strrchr(url, '/');
- if (site == NULL)
- goto cleanup;
- site[0] = '\0';
- site = strrchr(url, '/');
- if (site == NULL)
- goto cleanup;
- site[0] = '\0';
-
- config = fopen(conf, "w+");
- if (config == NULL)
- goto cleanup;
- fprintf(config, "packagesite: %s\n", url);
- fclose(config);
- }
-
goto cleanup;
fetchfail:
@@ -423,7 +399,11 @@ cleanup:
static const char confirmation_message[] =
"The package management tool is not yet installed on your system.\n"
-"Do you want to fetch and install it now? [y/N]: ";
+"The mechanism for doing this is not secure on FreeBSD 8. To securely install\n"
+"pkg(8), use ports from a portsnap checkout:\n"
+" # portsnap fetch extract\n"
+" # make -C /usr/ports/ports-mgmt/pkg install clean\n"
+"Do you still want to fetch and install it now? [y/N]: ";
static int
pkg_query_yes_no(void)
More information about the svn-src-all
mailing list