xref: /openbsd-src/usr.sbin/syspatch/syspatch.sh (revision 99fd087599a8791921855f21bd7e36130f39aadc) 
1#!/bin/ksh
2#
3# $OpenBSD: syspatch.sh,v 1.159 2019/12/10 17:11:06 ajacoutot Exp $
4#
5# Copyright (c) 2016, 2017 Antoine Jacoutot <ajacoutot@openbsd.org>
6#
7# Permission to use, copy, modify, and distribute this software for any
8# purpose with or without fee is hereby granted, provided that the above
9# copyright notice and this permission notice appear in all copies.
10#
11# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
12# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
13# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
14# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
15# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
16# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
17# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18
19set -e
20umask 0022
21export PATH=/usr/bin:/bin:/usr/sbin:/sbin
22
23sp_err()
24{
25	echo "${0##*/}: ${1}" 1>&2 && return ${2:-1}
26}
27
28usage()
29{
30	echo "usage: ${0##*/} [-c | -l | -R | -r]"; return 1
31}
32
33apply_patch()
34{
35	local _edir _file _files _patch=$1 _rc=0 _s _upself=false
36	[[ -n ${_patch} ]]
37
38	_edir=${_TMP}/${_patch}
39
40	fetch_and_verify "syspatch${_patch}.tgz"
41
42	trap '' INT
43	echo "Installing patch ${_patch##${_OSrev}-}"
44	install -d ${_edir} ${_PDIR}/${_patch}
45
46	${_BSDMP} && _s="-s @usr/share/relink/kernel/GENERIC/.*@@g" ||
47		_s="-s @usr/share/relink/kernel/GENERIC.MP/.*@@g"
48	_files="$(tar -xvzphf ${_TMP}/syspatch${_patch}.tgz -C ${_edir} \
49		${_s})" || { rm -r ${_PDIR}/${_patch}; return 1; }
50
51	checkfs ${_files}
52	create_rollback ${_patch} "${_files}"
53
54	for _file in ${_files}; do
55		((_rc == 0)) || break
56		[[ ${_file} == usr/sbin/syspatch ]] && _upself=true
57		install_file ${_edir}/${_file} /${_file} || _rc=$?
58	done
59
60	if ((_rc != 0)); then
61		sp_err "Failed to apply patch ${_patch##${_OSrev}-}" 0
62		rollback_patch; return ${_rc}
63	fi
64	# don't fill up /tmp when installing multiple patches at once; non-fatal
65	rm -rf ${_edir} ${_TMP}/syspatch${_patch}.tgz
66	trap exit INT
67
68	echo ${_files} | grep -Eqv \
69		'(^|[[:blank:]]+)usr/share/relink/kernel/GENERI(C|C.MP)/[[:print:]]+([[:blank:]]+|$)' ||
70		_KARL=true
71
72	(! ${_upself} || sp_err "updated itself, run it again to install \
73missing patches" 2)
74}
75
76# quick-and-dirty filesystem status and size checks:
77# - assume old files are about the same size as new ones
78# - ignore new (nonexistent) files
79# - ignore rollback tarball: create_rollback() will handle the failure
80# - compute total size of all files per fs, simpler and less margin for error
81#   (instead of computing before installing each file)
82checkfs()
83{
84	local _d _dev _df _files="${@}" _sz
85	[[ -n ${_files} ]]
86
87	set +e # ignore errors due to:
88	# - nonexistent files (i.e. syspatch is installing new files)
89	# - broken interpolation due to bogus devices like remote filesystems
90	eval $(cd / &&
91		stat -qf "_dev=\"\${_dev} %Sd\";
92			local %Sd=\"\${%Sd:+\${%Sd}\+}%Uz\"" ${_files}) \
93			2>/dev/null
94	set -e
95
96	for _d in $(printf '%s\n' ${_dev} | sort -u); do
97		[[ ${_d} != "??" ]] || sp_err "Unsupported filesystem, aborting"
98		mount | grep -v read-only | grep -q "^/dev/${_d} " ||
99			sp_err "Read-only filesystem, aborting"
100		_df=$(df -Pk | grep "^/dev/${_d} " | tr -s ' ' | cut -d ' ' -f4)
101		_sz=$(($((_d))/1024))
102		((_df > _sz)) || sp_err "No space left on ${_d}, aborting"
103	done
104}
105
106create_rollback()
107{
108	# XXX annotate new files so we can remove them if we rollback?
109	local _file _patch=$1 _rbfiles _rc=0
110	[[ -n ${_patch} ]]
111	shift
112	local _files="${@}"
113	[[ -n ${_files} ]]
114
115	for _file in ${_files}; do
116		[[ -f /${_file} ]] && _rbfiles="${_rbfiles} ${_file}"
117	done
118
119	tar -C / -czf ${_PDIR}/${_patch}/rollback.tgz ${_rbfiles} || _rc=$?
120
121	if ((_rc != 0)); then
122		sp_err "Failed to create rollback patch ${_patch##${_OSrev}-}" 0
123		rm -r ${_PDIR}/${_patch}; return ${_rc}
124	fi
125}
126
127fetch_and_verify()
128{
129	local _tgz=$1 _title="Get/Verify"
130	[[ -n ${_tgz} ]]
131
132	[[ -t 0 ]] || echo "${_title} ${_tgz}"
133	unpriv -f "${_TMP}/${_tgz}" ftp -N syspatch -VD "${_title}" -o \
134		"${_TMP}/${_tgz}" "${_MIRROR}/${_tgz}"
135
136	(cd ${_TMP} && sha256 -qC ${_TMP}/SHA256 ${_tgz})
137}
138
139install_file()
140{
141	# XXX handle hard link, dir->file, file->dir?
142	local _dst=$2 _fgrp _fmode _fown _src=$1
143	[[ -f ${_src} && -f ${_dst} ]]
144
145	if [[ -h ${_src} ]]; then
146		ln -sf $(readlink ${_src}) ${_dst}
147	else
148		eval $(stat -f "_fmode=%OMp%OLp _fown=%Su _fgrp=%Sg" ${_src})
149		install -DFp -m ${_fmode} -o ${_fown} -g ${_fgrp} ${_src} \
150			${_dst}
151	fi
152}
153
154ls_installed()
155{
156	local _p
157	for _p in ${_PDIR}/${_OSrev}-+([[:digit:]])_+([[:alnum:]_]); do
158		[[ -f ${_p}/rollback.tgz ]] && echo ${_p##*/${_OSrev}-}
159	done | sort -V
160}
161
162ls_missing()
163{
164	local _c _f _cmd _l="$(ls_installed)" _p _sha=${_TMP}/SHA256
165
166	# don't output anything on stdout to prevent corrupting the patch list
167	unpriv -f "${_sha}.sig" ftp -N syspatch -MVo "${_sha}.sig" \
168		"${_MIRROR}/SHA256.sig" >/dev/null
169	unpriv -f "${_sha}" signify -Veq -x ${_sha}.sig -m ${_sha} -p \
170		/etc/signify/openbsd-${_OSrev}-syspatch.pub >/dev/null
171
172	# if no earlier version of all files contained in the syspatch exists
173	# on the system, it means a missing set so skip it
174	grep -Eo "syspatch${_OSrev}-[[:digit:]]{3}_[[:alnum:]_]+" ${_sha} |
175		while read _c; do _c=${_c##syspatch${_OSrev}-} &&
176		[[ -n ${_l} ]] && echo ${_c} | grep -qw -- "${_l}" || echo ${_c}
177	done | while read _p; do
178		_cmd="ftp -N syspatch -MVo - \
179			${_MIRROR}/syspatch${_OSrev}-${_p}.tgz"
180		{ unpriv ${_cmd} | tar tzf -; } 2>/dev/null | while read _f; do
181			[[ -f /${_f} ]] || continue && echo ${_p} && pkill -u \
182				_syspatch -xf "${_cmd}" || true && break
183		done
184	done | sort -V
185}
186
187rollback_patch()
188{
189	local _edir _file _files _patch _rc=0
190
191	_patch="$(ls_installed | tail -1)"
192	[[ -n ${_patch} ]] || return 0 # nothing to rollback
193
194	_edir=${_TMP}/${_patch}-rollback
195	_patch=${_OSrev}-${_patch}
196
197	trap '' INT
198	echo "Reverting patch ${_patch##${_OSrev}-}"
199	install -d ${_edir}
200
201	_files="$(tar xvzphf ${_PDIR}/${_patch}/rollback.tgz -C ${_edir})"
202	checkfs ${_files} ${_PDIR} # check for read-only /var/syspatch
203
204	for _file in ${_files}; do
205		((_rc == 0)) || break
206		install_file ${_edir}/${_file} /${_file} || _rc=$?
207	done
208
209	((_rc != 0)) || rm -r ${_PDIR}/${_patch} || _rc=$?
210	((_rc == 0)) ||
211		sp_err "Failed to revert patch ${_patch##${_OSrev}-}" ${_rc}
212	rm -rf ${_edir} # don't fill up /tmp when using `-R'; non-fatal
213	trap exit INT
214
215	echo ${_files} | grep -Eqv \
216		'(^|[[:blank:]]+)usr/share/relink/kernel/GENERI(C|C.MP)/[[:print:]]+([[:blank:]]+|$)' ||
217		_KARL=true
218}
219
220trap_handler()
221{
222	set +e # we're trapped
223	rm -rf "${_TMP}"
224
225	# in case a patch added a new directory (install -D)
226	if [[ -n ${_PATCHES} ]]; then
227		mtree -qdef /etc/mtree/4.4BSD.dist -p / -U >/dev/null
228		[[ -f /var/sysmerge/xetc.tgz ]] &&
229			mtree -qdef /etc/mtree/BSD.x11.dist -p / -U >/dev/null
230	fi
231
232	if ${_KARL}; then
233		echo -n "Relinking to create unique kernel..."
234		if /usr/libexec/reorder_kernel; then
235			echo " done; reboot to load the new kernel"
236		else
237			echo " failed!\n!!! \"/usr/libexec/reorder_kernel\" \
238must be run manually to install the new kernel"
239			exit 1
240		fi
241	fi
242
243	${_PATCH_APPLIED} && echo "Errata can be reviewed under ${_PDIR}"
244}
245
246unpriv()
247{
248	local _file=$2 _rc=0 _user=_syspatch
249
250	if [[ $1 == -f && -n ${_file} ]]; then
251		>${_file}
252		chown "${_user}" "${_file}"
253		chmod 0711 ${_TMP}
254		shift 2
255	fi
256	(($# >= 1))
257
258	# XXX ksh(1) bug; send error code to the caller instead of failing hard
259	set +e
260	eval su -s /bin/sh ${_user} -c "'$@'" || _rc=$?
261	set -e
262
263	[[ -n ${_file} ]] && chown root "${_file}"
264
265	return ${_rc}
266}
267
268# only run on release (not -current nor -stable)
269set -A _KERNV -- $(sysctl -n kern.version |
270	sed 's/^OpenBSD \([1-9][0-9]*\.[0-9]\)\([^ ]*\).*/\1 \2/;q')
271((${#_KERNV[*]} > 1)) && sp_err "Unsupported release: ${_KERNV[0]}${_KERNV[1]}"
272
273[[ $@ == @(|-[[:alpha:]]) ]] || usage; [[ $@ == @(|-(c|R|r)) ]] &&
274	(($(id -u) != 0)) && sp_err "need root privileges"
275[[ $@ == @(|-(R|r)) ]] && pgrep -qxf '/bin/ksh .*reorder_kernel' &&
276	sp_err "cannot apply patches while reorder_kernel is running"
277
278_OSrev=${_KERNV[0]%.*}${_KERNV[0]#*.}
279[[ -n ${_OSrev} ]]
280
281_MIRROR=$(while read _line; do _line=${_line%%#*}; [[ -n ${_line} ]] &&
282	print -r -- "${_line}"; done </etc/installurl | tail -1) 2>/dev/null
283[[ ${_MIRROR} == @(file|ftp|http|https)://* ]] ||
284	_MIRROR=https://cdn.openbsd.org/pub/OpenBSD
285_MIRROR="${_MIRROR}/syspatch/${_KERNV[0]}/$(machine)"
286
287(($(sysctl -n hw.ncpufound) > 1)) && _BSDMP=true || _BSDMP=false
288_PATCH_APPLIED=false
289_PDIR="/var/syspatch"
290_TMP=$(mktemp -d -p ${TMPDIR:-/tmp} syspatch.XXXXXXXXXX)
291_KARL=false
292
293readonly _BSDMP _KERNV _MIRROR _OSrev _PDIR _TMP
294
295trap 'trap_handler' EXIT
296trap exit HUP INT TERM
297
298while getopts clRr arg; do
299	case ${arg} in
300		c) ls_missing ;;
301		l) ls_installed ;;
302		R) while [[ -n $(ls_installed) ]]; do rollback_patch; done ;;
303		r) rollback_patch ;;
304		*) usage ;;
305	esac
306done
307shift $((OPTIND - 1))
308(($# != 0)) && usage
309
310# default action: apply all patches
311if ((OPTIND == 1)); then
312	# remove non matching release /var/syspatch/ content
313	for _D in ${_PDIR}/{.[!.],}*; do
314		[[ -e ${_D} ]] || continue
315		[[ ${_D##*/} == ${_OSrev}-+([[:digit:]])_+([[:alnum:]]|_) ]] &&
316			[[ -f ${_D}/rollback.tgz ]] || rm -r ${_D}
317	done
318	_PATCHES=$(ls_missing)
319	for _PATCH in ${_PATCHES}; do
320		apply_patch ${_OSrev}-${_PATCH}
321		_PATCH_APPLIED=true
322	done
323fi
324