xref: /openbsd-src/usr.sbin/syspatch/syspatch.sh (revision ae3cb403620ab940fbaabb3055fac045a63d56b7) 
1#!/bin/ksh
2#
3# $OpenBSD: syspatch.sh,v 1.134 2017/12/29 18:56:36 ajacoutot Exp $
4#
5# Copyright (c) 2016, 2017 Antoine Jacoutot <ajacoutot@openbsd.org>
6#
7# Permission to use, copy, modify, and distribute this software for any
8# purpose with or without fee is hereby granted, provided that the above
9# copyright notice and this permission notice appear in all copies.
10#
11# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
12# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
13# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
14# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
15# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
16# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
17# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18
19set -e
20umask 0022
21
22sp_err()
23{
24	echo "${1}" 1>&2 && return ${2:-1}
25}
26
27usage()
28{
29	sp_err "usage: ${0##*/} [-c | -l | -R | -r]"
30}
31
32apply_patch()
33{
34	local _edir _file _files _patch=$1 _ret=0 _s _upself=false
35	[[ -n ${_patch} ]]
36
37	_edir=${_TMP}/${_patch}
38
39	fetch_and_verify "syspatch${_patch}.tgz"
40
41	trap '' INT
42	echo "Installing patch ${_patch##${_OSrev}-}"
43	install -d ${_edir} ${_PDIR}/${_patch}
44
45	${_BSDMP} && _s="-s @usr/share/relink/kernel/GENERIC/.*@@g" ||
46		_s="-s @usr/share/relink/kernel/GENERIC.MP/.*@@g"
47	_files="$(tar -xvzphf ${_TMP}/syspatch${_patch}.tgz -C ${_edir} ${_s})"
48
49	checkfs ${_files}
50	create_rollback ${_patch} "${_files}"
51
52	for _file in ${_files}; do
53		((_ret == 0)) || break
54		[[ ${_file} == usr/sbin/syspatch ]] && _upself=true
55		install_file ${_edir}/${_file} /${_file} || _ret=$?
56	done
57
58	if ((_ret != 0)); then
59		sp_err "Failed to apply patch ${_patch##${_OSrev}-}" 0
60		rollback_patch; return ${_ret}
61	fi
62	# don't fill up /tmp when installing multiple patches at once; non-fatal
63	rm -rf ${_edir} ${_TMP}/syspatch${_patch}.tgz
64	trap exit INT
65
66	echo ${_files} | grep -Eqv \
67		'(^|[[:blank:]]+)usr/share/relink/kernel/GENERI(C|C.MP)/[[:print:]]+([[:blank:]]+|$)' ||
68		_KARL=true
69
70	! ${_upself} || sp_err "syspatch updated itself, run it again to \
71install missing patches" 2
72}
73
74# quick-and-dirty filesystem status and size checks:
75# - assume old files are about the same size as new ones
76# - ignore new (nonexistent) files
77# - ignore rollback tarball: create_rollback() will handle the failure
78# - compute total size of all files per fs, simpler and less margin for error
79#   (instead of computing before installing each file)
80checkfs()
81{
82	local _d _dev _df _files="${@}" _ret _sz
83	[[ -n ${_files} ]]
84
85	set +e # ignore errors due to:
86	# - nonexistent files (i.e. syspatch is installing new files)
87	# - broken interpolation due to bogus devices like remote filesystems
88	eval $(cd / &&
89		stat -qf "_dev=\"\${_dev} %Sd\";
90			local %Sd=\"\${%Sd:+\${%Sd}\+}%Uz\"" ${_files}) \
91			2>/dev/null || _ret=$?
92	set -e
93	[[ ${_ret} == 127 ]] && sp_err "Remote filesystem, aborting"
94
95	for _d in $(printf '%s\n' ${_dev} | sort -u); do
96		mount | grep -v read-only | grep -q "^/dev/${_d} " ||
97			sp_err "Read-only filesystem, aborting"
98		_df=$(df -Pk | grep "^/dev/${_d} " | tr -s ' ' | cut -d ' ' -f4)
99		_sz=$(($((_d))/1024))
100		((_df > _sz)) || sp_err "No space left on ${_d}, aborting"
101	done
102}
103
104create_rollback()
105{
106	# XXX annotate new files so we can remove them if we rollback?
107	local _file _patch=$1 _rbfiles _ret=0
108	[[ -n ${_patch} ]]
109	shift
110	local _files="${@}"
111	[[ -n ${_files} ]]
112
113	for _file in ${_files}; do
114		[[ -f /${_file} ]] && _rbfiles="${_rbfiles} ${_file}"
115	done
116
117	tar -C / -czf ${_PDIR}/${_patch}/rollback.tgz ${_rbfiles} || _ret=$?
118
119	if ((_ret != 0)); then
120		sp_err "Failed to create rollback patch ${_patch##${_OSrev}-}" 0
121		rm -r ${_PDIR}/${_patch}; return ${_ret}
122	fi
123}
124
125fetch_and_verify()
126{
127	local _tgz=$1 _title="Get/Verify"
128	[[ -n ${_tgz} ]]
129
130	[[ -t 0 ]] || echo "${_title} ${_tgz}"
131	unpriv -f "${_TMP}/${_tgz}" ftp -VD "${_title}" -o "${_TMP}/${_tgz}" \
132		"${_MIRROR}/${_tgz}"
133
134	(cd ${_TMP} && sha256 -qC ${_TMP}/SHA256 ${_tgz})
135}
136
137install_file()
138{
139	# XXX handle hard and symbolic links, dir->file, file->dir?
140	local _dst=$2 _fgrp _fmode _fown _src=$1
141	[[ -f ${_src} && -f ${_dst} ]]
142
143	eval $(stat -f "_fmode=%OMp%OLp _fown=%Su _fgrp=%Sg" ${_src})
144
145	install -DFSp -m ${_fmode} -o ${_fown} -g ${_fgrp} ${_src} ${_dst}
146}
147
148ls_installed()
149{
150	local _p
151	for _p in ${_PDIR}/${_OSrev}-+([[:digit:]])_+([[:alnum:]_]); do
152		[[ -f ${_p}/rollback.tgz ]] && echo ${_p##*/${_OSrev}-}
153	done | sort -V
154}
155
156ls_missing()
157{
158	local _c _d _f _cmd _l="$(ls_installed)" _p _r _sha=${_TMP}/SHA256
159
160	# don't output anything on stdout to prevent corrupting the patch list
161	unpriv -f "${_sha}.sig" ftp -MVo "${_sha}.sig" "${_MIRROR}/SHA256.sig" \
162		>/dev/null 2>&1 # hide stderr (nonexistent = no patch available)
163	unpriv -f "${_sha}" signify -Veq -x ${_sha}.sig -m ${_sha} -p \
164		/etc/signify/openbsd-${_OSrev}-syspatch.pub >/dev/null
165
166	# if no earlier version of all files contained in the syspatch exists
167	# on the system, it means a missing set so skip it
168	grep -Eo "syspatch${_OSrev}-[[:digit:]]{3}_[[:alnum:]_]+" ${_sha} |
169		while read _c; do _c=${_c##syspatch${_OSrev}-} &&
170		[[ -n ${_l} ]] && echo ${_c} | grep -qw -- "${_l}" || echo ${_c}
171	done | while read _p; do
172		_cmd="ftp -MVo - ${_MIRROR}/syspatch${_OSrev}-${_p}.tgz"
173		{ unpriv ${_cmd} | tar tzf -; } 2>/dev/null | while read _f; do
174			[[ -f /${_f} ]] || continue && echo ${_p} && pkill -u \
175				_syspatch -xf "${_cmd}" || true && break
176		done
177	done | sort -V
178}
179
180rollback_patch()
181{
182	local _edir _file _files _patch _ret=0
183
184	_patch="$(ls_installed | tail -1)"
185	[[ -n ${_patch} ]]
186
187	_edir=${_TMP}/${_patch}-rollback
188	_patch=${_OSrev}-${_patch}
189
190	trap '' INT
191	echo "Reverting patch ${_patch##${_OSrev}-}"
192	install -d ${_edir}
193
194	_files="$(tar xvzphf ${_PDIR}/${_patch}/rollback.tgz -C ${_edir})"
195	checkfs ${_files} ${_PDIR} # check for read-only /var/syspatch
196
197	for _file in ${_files}; do
198		((_ret == 0)) || break
199		install_file ${_edir}/${_file} /${_file} || _ret=$?
200	done
201
202	((_ret != 0)) || rm -r ${_PDIR}/${_patch} || _ret=$?
203	((_ret == 0)) ||
204		sp_err "Failed to revert patch ${_patch##${_OSrev}-}" ${_ret}
205	rm -rf ${_edir} # don't fill up /tmp when using `-R'; non-fatal
206	trap exit INT
207
208	echo ${_files} | grep -Eqv \
209		'(^|[[:blank:]]+)usr/share/relink/kernel/GENERI(C|C.MP)/[[:print:]]+([[:blank:]]+|$)' ||
210		_KARL=true
211}
212
213trap_handler()
214{
215	local _ret
216
217	set +e # we're trapped
218	rm -rf "${_TMP}"
219
220	# in case a patch added a new directory (install -D)
221	if [[ -n ${_PATCHES} ]]; then
222		mtree -qdef /etc/mtree/4.4BSD.dist -p / -U >/dev/null
223		[[ -f /var/sysmerge/xetc.tgz ]] &&
224			mtree -qdef /etc/mtree/BSD.x11.dist -p / -U >/dev/null
225	fi
226
227	if ${_KARL}; then
228		echo -n "Relinking to create unique kernel..."
229		if /usr/libexec/reorder_kernel; then
230			echo " done."
231		else
232			_ret=$?; echo " failed!"; exit ${_ret}
233		fi
234	fi
235}
236
237unpriv()
238{
239	local _file=$2 _user=_syspatch
240
241	if [[ $1 == -f && -n ${_file} ]]; then
242		>${_file}
243		chown "${_user}" "${_file}"
244		chmod 0711 ${_TMP}
245		shift 2
246	fi
247	(($# >= 1))
248
249	eval su -s /bin/sh ${_user} -c "'$@'"
250}
251
252[[ $@ == @(|-[[:alpha:]]) ]] || usage; [[ $@ == @(|-(c|R|r)) ]] &&
253	(($(id -u) != 0)) && sp_err "${0##*/}: need root privileges"
254[[ $@ == @(|-(R|r)) ]] && pgrep -qxf '/bin/ksh .*reorder_kernel' &&
255	sp_err "${0##*/}: cannot apply patches while reorder_kernel is running"
256
257# only run on release (not -current nor -stable)
258set -A _KERNV -- $(sysctl -n kern.version |
259	sed 's/^OpenBSD \([0-9]\.[0-9]\)\([^ ]*\).*/\1 \2/;q')
260((${#_KERNV[*]} > 1)) && sp_err "Unsupported release: ${_KERNV[0]}${_KERNV[1]}"
261
262_OSrev=${_KERNV[0]%.*}${_KERNV[0]#*.}
263[[ -n ${_OSrev} ]]
264
265_MIRROR=$(while read _line; do _line=${_line%%#*}; [[ -n ${_line} ]] &&
266	print -r -- "${_line}"; done </etc/installurl | tail -1) 2>/dev/null
267[[ ${_MIRROR} == @(file|http|https)://* ]] ||
268	sp_err "${0##*/}: invalid URL configured in /etc/installurl"
269_MIRROR="${_MIRROR}/syspatch/${_KERNV[0]}/$(machine)"
270
271(($(sysctl -n hw.ncpufound) > 1)) && _BSDMP=true || _BSDMP=false
272_PDIR="/var/syspatch"
273_TMP=$(mktemp -d -p ${TMPDIR:-/tmp} syspatch.XXXXXXXXXX)
274_KARL=false
275
276readonly _BSDMP _KERNV _MIRROR _OSrev _PDIR _TMP
277
278trap 'trap_handler' EXIT
279trap exit HUP INT TERM
280
281while getopts clRr arg; do
282	case ${arg} in
283		c) ls_missing ;;
284		l) ls_installed ;;
285		R) while [[ -n $(ls_installed) ]]; do rollback_patch; done ;;
286		r) rollback_patch ;;
287		*) usage ;;
288	esac
289done
290shift $((OPTIND - 1))
291(($# != 0)) && usage
292
293# default action: apply all patches
294if ((OPTIND == 1)); then
295	# XXX remove for OPENBSD_6_4
296	rm -f /bsd.syspatch+([[:digit:]])
297	# remove non matching release /var/syspatch/ content
298	for _D in ${_PDIR}/{.[!.],}*; do
299		[[ -e ${_D} ]] || continue
300		[[ ${_D##*/} == ${_OSrev}-+([[:digit:]])_+([[:alnum:]]|_) ]] &&
301			[[ -f ${_D}/rollback.tgz ]] || rm -r ${_D}
302	done
303	_PATCHES=$(ls_missing)
304	for _PATCH in ${_PATCHES}; do
305		apply_patch ${_OSrev}-${_PATCH}
306	done
307fi
308