diff --git a/distrib/sets/lists/base/mi b/distrib/sets/lists/base/mi index 246aea2..6d542e0 100644 --- a/distrib/sets/lists/base/mi +++ b/distrib/sets/lists/base/mi @@ -97,6 +97,7 @@ ./etc/fonts base-x11-root ./etc/fonts/conf.avail base-x11-root ./etc/fonts/conf.d base-x11-root +./etc/install.d base-sys-root ./etc/iscsi base-sysutil-root ./etc/kerberosIV base-obsolete obsolete ./etc/kerberosV base-krb5-root diff --git a/distrib/sets/lists/etc/mi b/distrib/sets/lists/etc/mi index 8c14dfd..a0c4b7d 100644 --- a/distrib/sets/lists/etc/mi +++ b/distrib/sets/lists/etc/mi @@ -85,6 +85,40 @@ ./etc/hosts.equiv etc-netutil-etc ./etc/hosts.lpd etc-lpr-etc ./etc/inetd.conf etc-netutil-etc +./etc/install.d/atf etc-sys-etc +./etc/install.d/bluetooth etc-sys-etc +./etc/install.d/catpages etc-sys-etc +./etc/install.d/ddbonpanic etc-sys-etc +./etc/install.d/defaults etc-sys-etc +./etc/install.d/dhcpd etc-sys-etc +./etc/install.d/dhcpdrundir etc-sys-etc +./etc/install.d/envsys etc-sys-etc +./etc/install.d/fontconfig etc-sys-etc +./etc/install.d/gid etc-sys-etc +./etc/install.d/gpio etc-sys-etc +./etc/install.d/hosts etc-sys-etc +./etc/install.d/iscsi etc-sys-etc +./etc/install.d/mailerconf etc-sys-etc +./etc/install.d/makedev etc-sys-etc +./etc/install.d/motd etc-sys-etc +./etc/install.d/mtree etc-sys-etc +./etc/install.d/named etc-sys-etc +./etc/install.d/obsolete etc-sys-etc +./etc/install.d/pam etc-sys-etc +./etc/install.d/periodic etc-sys-etc +./etc/install.d/pf etc-sys-etc +./etc/install.d/ptyfsoldnodes etc-sys-etc +./etc/install.d/pwd_mkdb etc-sys-etc +./etc/install.d/rc etc-sys-etc +./etc/install.d/sendmail etc-sys-etc +./etc/install.d/ssh etc-sys-etc +./etc/install.d/tcpdumpchroot etc-sys-etc +./etc/install.d/uid etc-sys-etc +./etc/install.d/varrwho etc-sys-etc +./etc/install.d/varshm etc-sys-etc +./etc/install.d/wscons etc-sys-etc +./etc/install.d/x11 etc-sys-etc +./etc/install.d/xkb etc-sys-etc ./etc/iscsi/auths etc-iscsi-etc iscsi ./etc/iscsi/targets etc-iscsi-etc iscsi ./etc/kyua/kyua.conf etc-kyua-etc kyua diff --git a/etc/Makefile b/etc/Makefile index d80b1ae..2f25747 100644 --- a/etc/Makefile +++ b/etc/Makefile @@ -317,7 +317,7 @@ install-etc-files: .PHONY .MAKE check_DESTDIR MAKEDEV /dev/null ${DESTDIR}${file}; \ else true; fi .endfor -.for subdir in . daily.d defaults bluetooth iscsi monthly.d mtree namedb pam.d powerd rc.d root security.d skel ssh weekly.d +.for subdir in . daily.d defaults bluetooth install.d iscsi monthly.d mtree namedb pam.d powerd rc.d root security.d skel ssh weekly.d ${MAKEDIRTARGET} ${subdir} configinstall .endfor ${MAKEDIRTARGET} ${NETBSDSRCDIR}/external/bsd/dhcpcd/sbin/dhcpcd configinstall diff --git a/etc/install.d/Makefile b/etc/install.d/Makefile new file mode 100644 index 0000000..9228c85 --- /dev/null +++ b/etc/install.d/Makefile @@ -0,0 +1,44 @@ +# $NetBSD$ + +.include + +# XXX catpages conflicts with the corresponding phony target name +CONFIGFILES=\ + atf \ + bluetooth \ + ./catpages \ + ddbonpanic \ + defaults \ + dhcpd \ + dhcpdrundir \ + envsys \ + fontconfig \ + gid \ + gpio \ + hosts \ + iscsi \ + mailerconf \ + makedev \ + motd \ + mtree \ + named \ + obsolete \ + pam \ + periodic \ + pf \ + ptyfsoldnodes \ + pwd_mkdb \ + rc \ + sendmail \ + ssh \ + tcpdumpchroot \ + uid \ + varrwho \ + varshm \ + wscons \ + x11 \ + xkb +FILESDIR= /etc/install.d +FILESMODE= ${NONBINMODE} + +.include diff --git a/etc/install.d/atf b/etc/install.d/atf new file mode 100644 index 0000000..4b3a0b4 --- /dev/null +++ b/etc/install.d/atf @@ -0,0 +1,67 @@ +# $NetBSD$ + +# +# atf +# +additem atf "install missing atf configuration files and validate them" +do_atf() +{ + [ -n "$1" ] || err 3 "USAGE: do_atf fix|check" + op="$1" + failed=0 + + # Ensure atf configuration files are in place. + if find_file_in_dirlist NetBSD.conf "NetBSD.conf" \ + "${SRC_DIR}/external/bsd/atf/etc/atf" \ + "${SRC_DIR}/etc/atf"; then + # ${dir} is set by find_file_in_dirlist() + populate_dir "${op}" true "${dir}" "${DEST_DIR}/etc/atf" 644 \ + NetBSD.conf common.conf || failed=1 + else + failed=1 + fi + if find_file_in_dirlist atf-run.hooks "atf-run.hooks" \ + "${SRC_DIR}/external/bsd/atf/dist/tools/sample" \ + "${SRC_DIR}/etc/atf"; then + # ${dir} is set by find_file_in_dirlist() + populate_dir "${op}" true "${dir}" "${DEST_DIR}/etc/atf" 644 \ + atf-run.hooks || failed=1 + else + failed=1 + fi + + # Validate the _atf to _tests user/group renaming. + if [ -f "${DEST_DIR}/etc/atf/common.conf" ]; then + handle_atf_user "${op}" || failed=1 + else + failed=1 + fi + + return ${failed} +} + +handle_atf_user() +{ + local op="$1" + local failed=0 + + local conf="${DEST_DIR}/etc/atf/common.conf" + if grep '[^#]*unprivileged-user[ \t]*=.*_atf' "${conf}" >/dev/null + then + if [ "$1" = "fix" ]; then + sed -e \ + "/[^#]*unprivileged-user[\ t]*=/s/_atf/_tests/" \ + "${conf}" >"${conf}.new" + failed=$(( ${failed} + $? )) + mv "${conf}.new" "${conf}" + failed=$(( ${failed} + $? )) + msg "Set unprivileged-user=_tests in ${conf}" + else + msg "unprivileged-user=_atf in ${conf} should be" \ + "unprivileged-user=_tests" + failed=1 + fi + fi + + return ${failed} +} diff --git a/etc/install.d/bluetooth b/etc/install.d/bluetooth new file mode 100644 index 0000000..5851b4f --- /dev/null +++ b/etc/install.d/bluetooth @@ -0,0 +1,36 @@ +# $NetBSD$ + +# +# Bluetooth +# + +additem bluetooth "Bluetooth configuration is up to date" +do_bluetooth() +{ + [ -n "$1" ] || err 3 "USAGE: do_bluetooth fix|check" + op="$1" + failed=0 + + populate_dir "${op}" true \ + "${SRC_DIR}/etc/bluetooth" "${DEST_DIR}/etc/bluetooth" 644 \ + hosts protocols btattach.conf btdevctl.conf + failed=$(( ${failed} + $? )) + + move_file "${op}" "${DEST_DIR}/var/db/btdev.xml" \ + "${DEST_DIR}/var/db/btdevctl.plist" + failed=$(( ${failed} + $? )) + + notfixed="" + if [ "${op}" = "fix" ]; then + notfixed="${NOT_FIXED}" + fi + for _v in btattach btconfig btdevctl; do + if rcvar_is_enabled "${_v}"; then + msg \ + "${_v} is obsolete in rc.conf(5)${notfixed}: use bluetooth=YES" + failed=$(( ${failed} + 1 )) + fi + done + + return ${failed} +} diff --git a/etc/install.d/catpages b/etc/install.d/catpages new file mode 100644 index 0000000..e2573ef --- /dev/null +++ b/etc/install.d/catpages @@ -0,0 +1,60 @@ +# $NetBSD$ + +# +# catpages +# +obsolete_catpages() +{ + basedir="$2" + section="$3" + mandir="${basedir}/man${section}" + catdir="${basedir}/cat${section}" + test -d "$mandir" || return 0 + test -d "$catdir" || return 0 + (cd "$mandir" && find . -type f) | { + failed=0 + while read manpage; do + manpage="${manpage#./}" + case "$manpage" in + *.Z) + catname="$catdir/${manpage%.*.Z}.0" + ;; + *.gz) + catname="$catdir/${manpage%.*.gz}.0" + ;; + *) + catname="$catdir/${manpage%.*}.0" + ;; + esac + test -e "$catname" -a "$catname" -ot "$mandir/$manpage" || continue + if [ "$1" = "fix" ]; then + rm "$catname" + failed=$(( ${failed} + $? )) + msg "Removed obsolete cat page $catname" + else + msg "Obsolete cat page $catname" + failed=1 + fi + done + exit $failed + } +} + +additem catpages "remove outdated cat pages" +do_catpages() +{ + failed=0 + for manbase in /usr/share/man /usr/X11R6/man /usr/X11R7/man; do + for sec in 1 2 3 4 5 6 7 8 9; do + obsolete_catpages "$1" "${DEST_DIR}${manbase}" "${sec}" + failed=$(( ${failed} + $? )) + if [ "$1" = "fix" ]; then + rmdir "${DEST_DIR}${manbase}/cat${sec}"/* \ + 2>/dev/null + rmdir "${DEST_DIR}${manbase}/cat${sec}" \ + 2>/dev/null + fi + done + done + return $failed +} diff --git a/etc/install.d/ddbonpanic b/etc/install.d/ddbonpanic new file mode 100644 index 0000000..2f8b69e --- /dev/null +++ b/etc/install.d/ddbonpanic @@ -0,0 +1,30 @@ +# $NetBSD$ + +# +# ddbonpanic +# +additem ddbonpanic "verify ddb.onpanic is configured in sysctl.conf" +do_ddbonpanic() +{ + [ -n "$1" ] || err 3 "USAGE: do_ddbonpanic fix|check" + + if ${GREP} -E '^#*[[:space:]]*ddb\.onpanic[[:space:]]*\??=[[:space:]]*[[:digit:]]+' \ + "${DEST_DIR}/etc/sysctl.conf" >/dev/null 2>&1 + then + result=0 + else + if [ "$1" = check ]; then + msg \ + "The ddb.onpanic behaviour is not explicitly specified in /etc/sysctl.conf" + result=1 + else + echo >> "${DEST_DIR}/etc/sysctl.conf" + sed < "${SRC_DIR}/etc/sysctl.conf" \ + -e '/^ddb\.onpanic/q' | \ + sed -e '1,/^$/d' >> \ + "${DEST_DIR}/etc/sysctl.conf" + result=$? + fi + fi + return ${result} +} diff --git a/etc/install.d/defaults b/etc/install.d/defaults new file mode 100644 index 0000000..2f603f3 --- /dev/null +++ b/etc/install.d/defaults @@ -0,0 +1,49 @@ +# $NetBSD$ + +# +# defaults +# +additem defaults "/etc/defaults/ being up to date" +do_defaults() +{ + [ -n "$1" ] || err 3 "USAGE: do_defaults fix|check" + op="$1" + failed=0 + + # Except for i386 and amd64, rc.conf(5) should be the same as the + # one obtained from a source directory + extra_scripts="rc.conf" + if [ "$MACHINE" = "i386" -o "$MACHINE" = "amd64" ]; then + if $SOURCEMODE; then + extra_scripts= # clear + + # Generate and compare the correct rc.conf(5) file + mkdir "${SCRATCHDIR}/defaults" + + cat "${SRC_DIR}/etc/defaults/rc.conf" \ + "${SRC_DIR}/etc/etc.${MACHINE}/rc.conf.append" \ + > "${SCRATCHDIR}/defaults/rc.conf" + + compare_dir "${op}" "${SCRATCHDIR}/defaults" \ + "${DEST_DIR}/etc/defaults" \ + 444 \ + "rc.conf" + failed=$(( ${failed} + $? )) + fi + fi + + compare_dir "$op" "${SRC_DIR}/etc/defaults" "${DEST_DIR}/etc/defaults" \ + 444 \ + daily.conf monthly.conf pkgpath.conf security.conf \ + weekly.conf ${extra_scripts} + failed=$(( ${failed} + $? )) + + find_file_in_dirlist pf.boot.conf "pf.boot.conf" \ + "${SRC_DIR}/usr.sbin/pf/etc/defaults" "${SRC_DIR}/etc/defaults" \ + || return 1 + # ${dir} is set by find_file_in_dirlist() + compare_dir "$op" "${dir}" "${DEST_DIR}/etc/defaults" 444 pf.boot.conf + failed=$(( ${failed} + $? )) + + return ${failed} +} diff --git a/etc/install.d/dhcpd b/etc/install.d/dhcpd new file mode 100644 index 0000000..6ff83f5 --- /dev/null +++ b/etc/install.d/dhcpd @@ -0,0 +1,20 @@ +# $NetBSD$ + +# +# dhcpcd +# +additem dhcpcd "dhcpcd configuration is up to date" +do_dhcpcd() +{ + [ -n "$1" ] || err 3 "USAGE: do_dhcpcd fix|check" + op="$1" + failed=0 + + find_file_in_dirlist dhcpcd.conf "dhcpcd.conf" \ + "${SRC_DIR}/external/bsd/dhcpcd/dist" "${SRC_DIR}/etc" || return 1 + # ${dir} is set by find_file_in_dirlist() + populate_dir "$op" true "${dir}" "${DEST_DIR}/etc" 644 dhcpcd.conf + failed=$(( ${failed} + $? )) + + return ${failed} +} diff --git a/etc/install.d/dhcpdrundir b/etc/install.d/dhcpdrundir new file mode 100644 index 0000000..1ed6233 --- /dev/null +++ b/etc/install.d/dhcpdrundir @@ -0,0 +1,25 @@ +# $NetBSD$ + +# +# dhcpcdrundir +# +additem dhcpcdrundir "accientaly created /@RUNDIR@ does not exist" +do_dhcpcdrundir() +{ + [ -n "$1" ] || err 3 "USAGE: do_dhcpcdrundir fix|check" + op="$1" + failed=0 + + if [ -d /@RUNDIR@ ]; then + if [ "${op}" = "check" ]; then + msg "Remove eroneously created /@RUNDIR@" + failed=1 + elif ! eval "rm -r /@RUNDIR@"; then + msg "Failed to remove /@RUNDIR@" + failed=1 + else + msg "Removed eroneously created /@RUNDIR@" + fi + fi + return ${failed} +} diff --git a/etc/install.d/envsys b/etc/install.d/envsys new file mode 100644 index 0000000..6dcfcd6 --- /dev/null +++ b/etc/install.d/envsys @@ -0,0 +1,24 @@ +# $NetBSD$ + +# +# envsys +# +additem envsys "envsys configuration is up to date" +do_envsys() +{ + [ -n "$1" ] || err 3 "USAGE: do_envsys fix|check" + op="$1" + failed=0 + + populate_dir "$op" true "${SRC_DIR}/etc" "${DEST_DIR}/etc" 644 \ + envsys.conf + failed=$(( ${failed} + $? )) + + populate_dir "$op" true "${SRC_DIR}/etc/powerd/scripts" \ + "${DEST_DIR}/etc/powerd/scripts" 555 sensor_battery \ + sensor_drive sensor_fan sensor_indicator sensor_power \ + sensor_resistance sensor_temperature sensor_voltage + failed=$(( ${failed} + $? )) + + return ${failed} +} diff --git a/etc/install.d/fontconfig b/etc/install.d/fontconfig new file mode 100644 index 0000000..e30dcb3 --- /dev/null +++ b/etc/install.d/fontconfig @@ -0,0 +1,82 @@ +# $NetBSD$ + +# +# X11 fontconfig +# +additem fontconfig "X11 font configuration is up to date" +do_fontconfig() +{ + [ -n "$1" ] || err 3 "USAGE: do_fontconfig fix|check" + op="$1" + failed=0 + + # First, check for updates we can handle. + if ! $SOURCEMODE; then + FONTCONFIG_DIR="${SRC_DIR}/etc/fonts/conf.avail" + else + FONTCONFIG_DIR="${XSRC_DIR}/external/mit/fontconfig/dist/conf.d" + fi + + populate_dir "$op" false "${FONTCONFIG_DIR}" "${DEST_DIR}/etc/fonts/conf.avail" 444 \ + 10-autohint.conf \ + 10-no-sub-pixel.conf \ + 10-scale-bitmap-fonts.conf \ + 10-sub-pixel-bgr.conf \ + 10-sub-pixel-rgb.conf \ + 10-sub-pixel-vbgr.conf \ + 10-sub-pixel-vrgb.conf \ + 10-unhinted.conf \ + 11-lcdfilter-default.conf \ + 11-lcdfilter-legacy.conf \ + 11-lcdfilter-light.conf \ + 20-unhint-small-vera.conf \ + 25-unhint-nonlatin.conf \ + 30-metric-aliases.conf \ + 30-urw-aliases.conf \ + 40-nonlatin.conf \ + 45-latin.conf \ + 49-sansserif.conf \ + 50-user.conf \ + 51-local.conf \ + 60-latin.conf \ + 65-fonts-persian.conf \ + 65-khmer.conf \ + 65-nonlatin.conf \ + 69-unifont.conf \ + 70-no-bitmaps.conf \ + 70-yes-bitmaps.conf \ + 80-delicious.conf \ + 90-synthetic.conf + failed=$(( ${failed} + $? )) + + # We can't modify conf.d easily; someone might have removed a file. + + conf_d_failed=0 + # Look for old files that need to be deleted. + if [ -f "${DEST_DIR}/etc/fonts/conf.d/10-unhinted.conf" -a \ + -f "${DEST_DIR}/etc/fonts/conf.d/10-autohint.conf" ]; then + conf_d_failed=1 + failed=$(( ${failed} + 1 )) + fi + + if [ "$conf_d_failed" = 1 ]; then + msg \ + "Broken fontconfig configuration found; please delete these files" + msg \ + "in the ${DESTDIR}/etc/fonts/conf.d/ subdirectory:" + msg \ + " 10-autohint.conf 10-no-sub-pixel.conf 10-sub-pixel-bgr.conf" + msg \ + " 10-sub-pixel-rgb.conf 10-sub-pixel-vbgr.conf" + msg \ + " 10-sub-pixel-vrgb.conf 10-unhinted.conf 25-unhint-nonlatin.conf" + msg \ + " 65-khmer.conf 70-no-bitmaps.conf 70-yes-bitmaps.conf" + msg \ + "(This warning only appears if both the 10-unhinted.conf and" + msg \ + "10-autohint.conf files are present." + fi + + return ${failed} +} diff --git a/etc/install.d/gid b/etc/install.d/gid new file mode 100644 index 0000000..c2c8232 --- /dev/null +++ b/etc/install.d/gid @@ -0,0 +1,14 @@ +# $NetBSD$ + +# +# gid +# +additem gid "required groups in /etc/group" +do_gid() +{ + [ -n "$1" ] || err 3 "USAGE: do_gid fix|check" + + check_ids "$1" groups "${DEST_DIR}/etc/group" 14 \ + named ntpd sshd SKIP _pflogd _rwhod staff _proxy _timedc \ + _sdpd _httpd _mdnsd _tests _tcpdump _tss _gpio _rtadvd +} diff --git a/etc/install.d/gpio b/etc/install.d/gpio new file mode 100644 index 0000000..b2f17d4 --- /dev/null +++ b/etc/install.d/gpio @@ -0,0 +1,18 @@ +# $NetBSD$ + +# +# gpio +# +additem gpio "gpio configuration is up to date" +do_gpio() +{ + [ -n "$1" ] || err 3 "USAGE: do_gpio fix|check" + op="$1" + failed=0 + + populate_dir "$op" true "${SRC_DIR}/etc" "${DEST_DIR}/etc" 644 \ + gpio.conf + failed=$(( ${failed} + $? )) + + return ${failed} +} diff --git a/etc/install.d/hosts b/etc/install.d/hosts new file mode 100644 index 0000000..d8cd9d3 --- /dev/null +++ b/etc/install.d/hosts @@ -0,0 +1,19 @@ +# $NetBSD$ + +# +# hosts +# +additem hosts "/etc/hosts being up to date" +do_hosts() +{ + [ -n "$1" ] || err 3 "USAGE: do_hosts fix|check" + + modify_file "$1" "${DEST_DIR}/etc/hosts" "${SCRATCHDIR}/hosts" ' + /^(127\.0\.0\.1|::1)[ ]+[^\.]*$/ { + print $0, "localhost." + next + } + { print } + ' + return $? +} diff --git a/etc/install.d/iscsi b/etc/install.d/iscsi new file mode 100644 index 0000000..42ad724 --- /dev/null +++ b/etc/install.d/iscsi @@ -0,0 +1,16 @@ +# $NetBSD$ + +# +# iscsi +# +additem iscsi "/etc/iscsi is populated" +do_iscsi() +{ + [ -n "$1" ] || err 3 "USAGE: do_iscsi fix|check" + + populate_dir "${op}" true \ + "${SRC_DIR}/etc/iscsi" "${DEST_DIR}/etc/iscsi" 600 auths + populate_dir "${op}" true \ + "${SRC_DIR}/etc/iscsi" "${DEST_DIR}/etc/iscsi" 644 targets + return $? +} diff --git a/etc/install.d/mailerconf b/etc/install.d/mailerconf new file mode 100644 index 0000000..ee0c096 --- /dev/null +++ b/etc/install.d/mailerconf @@ -0,0 +1,28 @@ +# $NetBSD$ + +# +# mailerconf +# +adddisableditem mailerconf "update /etc/mailer.conf after sendmail removal" +do_mailerconf() +{ + [ -n "$1" ] || err 3 "USAGE: do_mailterconf fix|check" + op="$1" + + failed=0 + mta_path="$(${AWK} '/^sendmail[ \t]/{print$2}' \ + "${DEST_DIR}/etc/mailer.conf")" + old_sendmail_path="/usr/libexec/sendmail/sendmail" + if [ "${mta_path}" = "${old_sendmail_path}" ]; then + if [ "$op" = check ]; then + msg "mailer.conf points to obsolete ${old_sendmail_path}" + failed=1; + else + populate_dir "${op}" false \ + "${SRC_DIR}/etc" "${DEST_DIR}/etc" 644 mailer.conf + failed=$? + fi + fi + + return ${failed} +} diff --git a/etc/install.d/makedev b/etc/install.d/makedev new file mode 100644 index 0000000..8de6994 --- /dev/null +++ b/etc/install.d/makedev @@ -0,0 +1,36 @@ +# $NetBSD$ + +# +# makedev +# +additem makedev "/dev/MAKEDEV being up to date" +do_makedev() +{ + [ -n "$1" ] || err 3 "USAGE: do_makedev fix|check" + failed=0 + + if [ -f "${SRC_DIR}/etc/MAKEDEV.tmpl" ]; then + # generate MAKEDEV from source if source is available + env MACHINE="${MACHINE}" \ + MACHINE_ARCH="${MACHINE_ARCH}" \ + NETBSDSRCDIR="${SRC_DIR}" \ + ${AWK} -f "${SRC_DIR}/etc/MAKEDEV.awk" \ + "${SRC_DIR}/etc/MAKEDEV.tmpl" > "${SCRATCHDIR}/MAKEDEV" + fi + + find_file_in_dirlist MAKEDEV "MAKEDEV" \ + "${SCRATCHDIR}" "${SRC_DIR}/dev" \ + || return 1 + # ${dir} is set by find_file_in_dirlist() + compare_dir "$1" "${dir}" "${DEST_DIR}/dev" 555 MAKEDEV + failed=$(( ${failed} + $? )) + + find_file_in_dirlist MAKEDEV.local "MAKEDEV.local" \ + "${SRC_DIR}/etc" "${SRC_DIR}/dev" \ + || return 1 + # ${dir} is set by find_file_in_dirlist() + compare_dir "$1" "${dir}" "${DEST_DIR}/dev" 555 MAKEDEV.local + failed=$(( ${failed} + $? )) + + return ${failed} +} diff --git a/etc/install.d/motd b/etc/install.d/motd new file mode 100644 index 0000000..7062735 --- /dev/null +++ b/etc/install.d/motd @@ -0,0 +1,41 @@ +# $NetBSD$ + +# +# motd +# +additem motd "contents of motd" +do_motd() +{ + [ -n "$1" ] || err 3 "USAGE: do_motd fix|check" + + if ${GREP} -i 'http://www.NetBSD.org/Misc/send-pr.html' \ + "${DEST_DIR}/etc/motd" >/dev/null 2>&1 \ + || ${GREP} -i 'http://www.NetBSD.org/support/send-pr.html' \ + "${DEST_DIR}/etc/motd" >/dev/null 2>&1 + then + tmp1="$(mktemp /tmp/postinstall.motd.XXXXXXXX)" + tmp2="$(mktemp /tmp/postinstall.motd.XXXXXXXX)" + sed '1,2d' <"${SRC_DIR}/etc/motd" >"${tmp1}" + sed '1,2d' <"${DEST_DIR}/etc/motd" >"${tmp2}" + + if [ "$1" = check ]; then + cmp -s "${tmp1}" "${tmp2}" + result=$? + if [ "${result}" -ne 0 ]; then + msg \ + "Bug reporting messages do not seem to match the installed release" + fi + else + head -n 2 "${DEST_DIR}/etc/motd" >"${tmp1}" + sed '1,2d' <"${SRC_DIR}/etc/motd" >>"${tmp1}" + cp "${tmp1}" "${DEST_DIR}/etc/motd" + result=0 + fi + + rm -f "${tmp1}" "${tmp2}" + else + result=0 + fi + + return ${result} +} diff --git a/etc/install.d/mtree b/etc/install.d/mtree new file mode 100644 index 0000000..5e55c54 --- /dev/null +++ b/etc/install.d/mtree @@ -0,0 +1,26 @@ +# $NetBSD$ + +# +# mtree +# +additem mtree "/etc/mtree/ being up to date" +do_mtree() +{ + [ -n "$1" ] || err 3 "USAGE: do_mtree fix|check" + failed=0 + + compare_dir "$1" "${SRC_DIR}/etc/mtree" "${DEST_DIR}/etc/mtree" 444 special + failed=$(( ${failed} + $? )) + + if ! $SOURCEMODE; then + MTREE_DIR="${SRC_DIR}/etc/mtree" + else + ${MAKE} -s -C "${SRC_DIR}/etc/mtree" emit_dist_file > \ + "${SCRATCHDIR}/NetBSD.dist" + MTREE_DIR="${SCRATCHDIR}" + fi + compare_dir "$1" "${MTREE_DIR}" "${DEST_DIR}/etc/mtree" 444 NetBSD.dist + failed=$(( ${failed} + $? )) + + return ${failed} +} diff --git a/etc/install.d/named b/etc/install.d/named new file mode 100644 index 0000000..087fc0b --- /dev/null +++ b/etc/install.d/named @@ -0,0 +1,19 @@ +# $NetBSD$ + +# +# named +# +additem named "named configuration update" +do_named() +{ + [ -n "$1" ] || err 3 "USAGE: do_named fix|check" + op="$1" + + move_file "${op}" \ + "${DEST_DIR}/etc/namedb/named.conf" \ + "${DEST_DIR}/etc/named.conf" + + compare_dir "${op}" "${SRC_DIR}/etc/namedb" "${DEST_DIR}/etc/namedb" \ + 644 \ + root.cache +} diff --git a/etc/install.d/obsolete b/etc/install.d/obsolete new file mode 100644 index 0000000..63af453 --- /dev/null +++ b/etc/install.d/obsolete @@ -0,0 +1,29 @@ +# $NetBSD$ + +# +# obsolete +# (this item is last to allow other items to move obsolete files) +# +additem obsolete "remove obsolete file sets and minor libraries" +do_obsolete() +{ + [ -n "$1" ] || err 3 "USAGE: do_obsolete fix|check" + op="$1" + failed=0 + + sort -ru "${DEST_DIR}"/var/db/obsolete/* | obsolete_paths "${op}" + failed=$(( ${failed} + $? )) + + ( + obsolete_libs /lib + obsolete_libs /usr/lib + obsolete_libs /usr/lib/i18n + obsolete_libs /usr/X11R6/lib + obsolete_libs /usr/X11R7/lib + [ "$MACHINE" = "amd64" ] && obsolete_libs /usr/lib/i386 + [ "$MACHINE" = "sparc64" ] && obsolete_libs /usr/lib/sparc + ) | obsolete_paths "${op}" + failed=$(( ${failed} + $? )) + + return ${failed} +} diff --git a/etc/install.d/pam b/etc/install.d/pam new file mode 100644 index 0000000..2e92963 --- /dev/null +++ b/etc/install.d/pam @@ -0,0 +1,21 @@ +# $NetBSD$ + +# +# pam +# +additem pam "/etc/pam.d is populated" +do_pam() +{ + [ -n "$1" ] || err 3 "USAGE: do_pam fix|check" + op="$1" + failed=0 + + populate_dir "${op}" true "${SRC_DIR}/etc/pam.d" \ + "${DEST_DIR}/etc/pam.d" 644 \ + README display_manager ftpd gdm imap kde login other passwd \ + pop3 ppp rexecd rsh sshd su system telnetd xdm xserver + + failed=$(( ${failed} + $? )) + + return ${failed} +} diff --git a/etc/install.d/periodic b/etc/install.d/periodic new file mode 100644 index 0000000..2e6da48 --- /dev/null +++ b/etc/install.d/periodic @@ -0,0 +1,13 @@ +# $NetBSD$ + +# +# periodic +# +additem periodic "/etc/{daily,weekly,monthly,security} being up to date" +do_periodic() +{ + [ -n "$1" ] || err 3 "USAGE: do_periodic fix|check" + + compare_dir "$1" "${SRC_DIR}/etc" "${DEST_DIR}/etc" 644 \ + daily weekly monthly security +} diff --git a/etc/install.d/pf b/etc/install.d/pf new file mode 100644 index 0000000..56fccd6 --- /dev/null +++ b/etc/install.d/pf @@ -0,0 +1,26 @@ +# $NetBSD$ + +# +# pf +# +additem pf "pf configuration being up to date" +do_pf() +{ + [ -n "$1" ] || err 3 "USAGE: do_pf fix|check" + op="$1" + failed=0 + + find_file_in_dirlist pf.os "pf.os" \ + "${SRC_DIR}/dist/pf/etc" "${SRC_DIR}/etc" \ + || return 1 + # ${dir} is set by find_file_in_dirlist() + populate_dir "${op}" true \ + "${dir}" "${DEST_DIR}/etc" 644 \ + pf.conf + failed=$(( ${failed} + $? )) + + compare_dir "${op}" "${dir}" "${DEST_DIR}/etc" 444 pf.os + failed=$(( ${failed} + $? )) + + return ${failed} +} diff --git a/etc/install.d/ptyfsoldnodes b/etc/install.d/ptyfsoldnodes new file mode 100644 index 0000000..9a9f502 --- /dev/null +++ b/etc/install.d/ptyfsoldnodes @@ -0,0 +1,85 @@ +# $NetBSD$ + +# +# ptyfsoldnodes +# +additem ptyfsoldnodes "remove legacy device nodes when using ptyfs" +do_ptyfsoldnodes() +{ + [ -n "$1" ] || err 3 "USAGE: do_ptyfsoldnodes fix|check" + _ptyfs_op="$1" + + # Check whether ptyfs is in use + failed=0; + if ! ${GREP} -E "^ptyfs" "${DEST_DIR}/etc/fstab" > /dev/null; then + msg "ptyfs is not in use" + return 0 + fi + + # Find the device major numbers for the pty master and slave + # devices, by parsing the output from "MAKEDEV -s pty0". + # + # Output from MAKEDEV looks like this: + # ./ttyp0 type=char device=netbsd,5,0 mode=666 gid=0 uid=0 + # ./ptyp0 type=char device=netbsd,6,0 mode=666 gid=0 uid=0 + # + # Output from awk, used in the eval statement, looks like this: + # maj_ptym=6; maj_ptys=5; + # + eval "$( + ${HOST_SH} "${DEST_DIR}/dev/MAKEDEV" -s pty0 2>/dev/null \ + | ${AWK} '\ + BEGIN { before_re = ".*device=[a-zA-Z]*,"; after_re = ",.*"; } + /ptyp0/ { maj_ptym = gensub(before_re, "", 1, $0); + maj_ptym = gensub(after_re, "", 1, maj_ptym); } + /ttyp0/ { maj_ptys = gensub(before_re, "", 1, $0); + maj_ptys = gensub(after_re, "", 1, maj_ptys); } + END { print "maj_ptym=" maj_ptym "; maj_ptys=" maj_ptys ";"; } + ' + )" + #msg "Major numbers are maj_ptym=${maj_ptym} maj_ptys=${maj_ptys}" + if [ -z "$maj_ptym" ] || [ -z "$maj_ptys" ]; then + msg "Cannot find device major numbers for pty master and slave" + return 1 + fi + + # look for /dev/[pt]ty[p-zP-T][0-9a-zA-Z], and check that they + # have the expected device major numbers. ttyv* is typically not a + # pty device, but we check it anyway. + # + # The "for d1" loop is intended to avoid overflowing ARG_MAX; + # otherwise we could have used a single glob pattern. + # + # If there are no files that match a particular pattern, + # then stat prints something like: + # stat: /dev/[pt]tyx?: lstat: No such file or directory + # and we ignore it. XXX: We also ignore other error messages. + # + _ptyfs_tmp="$(mktemp /tmp/postinstall.ptyfs.XXXXXXXX)" + for d1 in p q r s t u v w x y z P Q R S T; do + ${STAT} -f "%Hr %N" "${DEST_DIR}/dev/"[pt]ty${d1}? 2>&1 + done \ + | while read -r major node ; do + case "$major" in + ${maj_ptym}|${maj_ptys}) echo "$node" ;; + esac + done >"${_ptyfs_tmp}" + + _desc="legacy device node" + while read node; do + if [ "${_ptyfs_op}" = "check" ]; then + msg "Remove ${_desc} ${node}" + failed=1 + else # "fix" + if rm "${node}"; then + msg "Removed ${_desc} ${node}" + else + warn "Failed to remove ${_desc} ${node}" + failed=1 + fi + fi + done < "${_ptyfs_tmp}" + rm "${_ptyfs_tmp}" + + return ${failed} +} diff --git a/etc/install.d/pwd_mkdb b/etc/install.d/pwd_mkdb new file mode 100644 index 0000000..068f2e3 --- /dev/null +++ b/etc/install.d/pwd_mkdb @@ -0,0 +1,40 @@ +# $NetBSD$ + +# +# pwd_mkdb +# +additem pwd_mkdb "passwd database version" +do_pwd_mkdb() +{ + [ -n "$1" ] || err 3 "USAGE: do_pwd_mkdb fix|check" + op="$1" + failed=0 + + # XXX Ideally, we should figure out the endianness of the + # target machine, and add "-E B"/"-E L" to the db(1) flags, + # and "-B"/"-L" to the pwd_mkdb(8) flags if the target is not + # the same as the host machine. It probably doesn't matter, + # because we don't expect "postinstall fix pwd_mkdb" to be + # invoked during a cross build. + + set -- $(${DB} -q -Sb -Ub -To -N hash "${DEST_DIR}/etc/pwd.db" \ + 'VERSION\0') + case "$2" in + '\001\000\000\000') return 0 ;; # version 1, little-endian + '\000\000\000\001') return 0 ;; # version 1, big-endian + esac + + if [ "${op}" = "check" ]; then + msg "Update format of passwd database" + failed=1 + elif ! ${PWD_MKDB} -V 1 -d "${DEST_DIR:-/}" \ + "${DEST_DIR}/etc/master.passwd"; + then + msg "Can't update format of passwd database" + failed=1 + else + msg "Updated format of passwd database" + fi + + return ${failed} +} diff --git a/etc/install.d/rc b/etc/install.d/rc new file mode 100644 index 0000000..e8a5f9b --- /dev/null +++ b/etc/install.d/rc @@ -0,0 +1,99 @@ +# $NetBSD$ + +# +# rc +# +additem rc "/etc/rc* and /etc/rc.d/ being up to date" +do_rc() +{ + [ -n "$1" ] || err 3 "USAGE: do_rc fix|check" + op="$1" + failed=0 + generated_scripts="" + if [ "${MKX11}" != "no" ]; then + generated_scripts="${generated_scripts} xdm xfs" + fi + + compare_dir "${op}" "${SRC_DIR}/etc" "${DEST_DIR}/etc" 644 \ + rc rc.subr rc.shutdown + failed=$(( ${failed} + $? )) + + if ! $SOURCEMODE; then + extra_scripts="${generated_scripts}" + else + extra_scripts="" + fi + + compare_dir "${op}" "${SRC_DIR}/etc/rc.d" "${DEST_DIR}/etc/rc.d" 555 \ + DAEMON DISKS LOGIN NETWORKING SERVERS \ + accounting altqd amd apmd \ + bluetooth bootconf.sh bootparams \ + ccd cgd cleartmp cron devpubd \ + dhclient dhcpcd dhcpd dhcrelay dmesg downinterfaces envsys \ + fsck fsck_root ftp_proxy ftpd \ + gpio \ + hostapd httpd \ + identd ifwatchd inetd ipfilter ipfs ipmon ipnat ipsec \ + irdaattach iscsi_target isdnd isibootd \ + kdc \ + ldconfig ldpd local lpd lvm \ + makemandb mdnsd mixerctl mopd motd mountall mountcritlocal \ + mountcritremote mountd moused mrouted \ + named ndbootd network newsyslog nfsd nfslocking npf ntpd \ + ntpdate \ + perusertmp pf pf_boot pflogd postfix powerd ppp pwcheck \ + quota \ + racoon rpcbind raidframe raidframeparity random_seed rarpd \ + rbootd rndctl root route6d routed rtadvd rtclocaltime \ + rtsold rwho \ + savecore screenblank securelevel sshd \ + staticroute swap1 swap2 sysctl sysdb syslogd \ + timed tpctl ttys \ + veriexec virecover wdogctl wpa_supplicant wscons wsmoused \ + ypbind yppasswdd ypserv \ + ${extra_scripts} + failed=$(( ${failed} + $? )) + + if $SOURCEMODE && [ -n "${generated_scripts}" ]; then + # generate scripts + mkdir "${SCRATCHDIR}/rc" + for f in ${generated_scripts}; do + sed -e "s,@X11ROOTDIR@,${X11ROOTDIR},g" \ + < "${SRC_DIR}/etc/rc.d/${f}.in" \ + > "${SCRATCHDIR}/rc/${f}" + done + compare_dir "${op}" "${SCRATCHDIR}/rc" \ + "${DEST_DIR}/etc/rc.d" 555 \ + ${generated_scripts} + failed=$(( ${failed} + $? )) + fi + + # check for obsolete rc.d files + for f in NETWORK btattach btconfig btcontrol btdevctl bthcid btuartd \ + fsck.sh kerberos nfsiod sdpd servers \ + systemfs daemon gated login poffd portmap sunndd xntpd; do + fd="/etc/rc.d/${f}" + [ -e "${DEST_DIR}${fd}" ] && echo "${fd}" + done | obsolete_paths "${op}" + failed=$(( ${failed} + $? )) + + # check for obsolete rc.conf(5) variables + set -- amd amd_master \ + btcontrol btcontrol_devices \ + critical_filesystems critical_filesystems_beforenet \ + mountcritlocal mountcritremote \ + network ip6forwarding \ + network nfsiod_flags \ + sdpd sdpd_control \ + sdpd sdpd_groupname \ + sdpd sdpd_username \ + sysctl defcorename + while [ $# -gt 1 ]; do + if rcconf_is_set "${op}" "$1" "$2" 1; then + failed=1 + fi + shift 2 + done + + return ${failed} +} diff --git a/etc/install.d/sendmail b/etc/install.d/sendmail new file mode 100644 index 0000000..0d6d4d3 --- /dev/null +++ b/etc/install.d/sendmail @@ -0,0 +1,32 @@ +# $NetBSD$ + +# +# sendmail +# +adddisableditem sendmail "remove obsolete sendmail configuration files and scripts" +do_sendmail() +{ + [ -n "$1" ] || err 3 "USAGE: do_sendmail fix|check" + op="$1" + failed=0 + + # Don't complain if the "sendmail" package is installed because the + # files might still be in use. + if /usr/sbin/pkg_info -qe sendmail >/dev/null 2>&1; then + return 0 + fi + + for f in /etc/mail/helpfile /etc/mail/local-host-names \ + /etc/mail/sendmail.cf /etc/mail/submit.cf /etc/rc.d/sendmail \ + /etc/rc.d/smmsp /usr/share/misc/sendmail.hf \ + $(find "${DEST_DIR}/usr/share/sendmail" -type f) \ + $(find "${DEST_DIR}/usr/share/sendmail" -type d) \ + "${DEST_DIR}/var/log/sendmail.st" \ + "${DEST_DIR}/var/spool/clientmqueue" \ + "${DEST_DIR}/var/spool/mqueue"; do + [ -e "${DEST_DIR}${f}" ] && echo "${f}" + done | obsolete_paths "${op}" + failed=$(( ${failed} + $? )) + + return ${failed} +} diff --git a/etc/install.d/ssh b/etc/install.d/ssh new file mode 100644 index 0000000..46efcda --- /dev/null +++ b/etc/install.d/ssh @@ -0,0 +1,95 @@ +# $NetBSD$ + +# +# ssh +# +additem ssh "ssh configuration update" +do_ssh() +{ + [ -n "$1" ] || err 3 "USAGE: do_ssh fix|check" + op="$1" + + failed=0 + _etcssh="${DEST_DIR}/etc/ssh" + if ! check_dir "${op}" "${_etcssh}" 755; then + failed=1 + fi + + if [ ${failed} -eq 0 ]; then + for f in \ + ssh_known_hosts ssh_known_hosts2 \ + ssh_host_dsa_key ssh_host_dsa_key.pub \ + ssh_host_rsa_key ssh_host_rsa_key.pub \ + ssh_host_key ssh_host_key.pub \ + ; do + if ! move_file "${op}" \ + "${DEST_DIR}/etc/${f}" "${_etcssh}/${f}" ; then + failed=1 + fi + done + for f in sshd.conf ssh.conf ; do + # /etc/ssh/ssh{,d}.conf -> ssh{,d}_config + # + if ! move_file "${op}" \ + "${_etcssh}/${f}" "${_etcssh}/${f%.conf}_config" ; + then + failed=1 + fi + # /etc/ssh{,d}.conf -> /etc/ssh/ssh{,d}_config + # + if ! move_file "${op}" \ + "${DEST_DIR}/etc/${f}" \ + "${_etcssh}/${f%.conf}_config" ; + then + failed=1 + fi + done + fi + + sshdconf="" + for f in \ + "${_etcssh}/sshd_config" \ + "${_etcssh}/sshd.conf" \ + "${DEST_DIR}/etc/sshd.conf" ; do + if [ -f "${f}" ]; then + sshdconf="${f}" + break + fi + done + if [ -n "${sshdconf}" ]; then + modify_file "${op}" "${sshdconf}" "${SCRATCHDIR}/sshdconf" ' + /^[^#$]/ { + kw = tolower($1) + if (kw == "hostkey" && + $2 ~ /^\/etc\/+ssh_host(_[dr]sa)?_key$/ ) { + sub(/\/etc\/+/, "/etc/ssh/") + } + if (kw == "rhostsauthentication" || + kw == "verifyreversemapping" || + kw == "reversemappingcheck") { + sub(/^/, "# DEPRECATED:\t") + } + } + { print } + ' + failed=$(( ${failed} + $? )) + fi + + if ! find_file_in_dirlist moduli "moduli" \ + "${SRC_DIR}/crypto/external/bsd/openssh/dist" "${SRC_DIR}/etc" ; then + failed=1 + # ${dir} is set by find_file_in_dirlist() + elif ! compare_dir "${op}" "${dir}" "${DEST_DIR}/etc" 444 moduli; then + failed=1 + fi + + if ! check_dir "${op}" "${DEST_DIR}/var/chroot/sshd" 755 ; then + failed=1 + fi + + if rcconf_is_set "${op}" sshd sshd_conf_dir 1; then + failed=1 + fi + + return ${failed} +} diff --git a/etc/install.d/tcpdumpchroot b/etc/install.d/tcpdumpchroot new file mode 100644 index 0000000..ccecbd6 --- /dev/null +++ b/etc/install.d/tcpdumpchroot @@ -0,0 +1,23 @@ +# $NetBSD$ + +# +# tcpdumpchroot +# +additem tcpdumpchroot "remove /var/chroot/tcpdump/etc/protocols" +do_tcpdumpchroot() +{ + [ -n "$1" ] || err 3 "USAGE: do_tcpdumpchroot fix|check" + + failed=0; + if [ -r "${DEST_DIR}/var/chroot/tcpdump/etc/protocols" ]; then + if [ "$1" = "fix" ]; then + rm "${DEST_DIR}/var/chroot/tcpdump/etc/protocols" + failed=$(( ${failed} + $? )) + rmdir "${DEST_DIR}/var/chroot/tcpdump/etc" + failed=$(( ${failed} + $? )) + else + failed=1 + fi + fi + return ${failed} +} diff --git a/etc/install.d/uid b/etc/install.d/uid new file mode 100644 index 0000000..acc6a86 --- /dev/null +++ b/etc/install.d/uid @@ -0,0 +1,14 @@ +# $NetBSD$ + +# +# uid +# +additem uid "required users in /etc/master.passwd" +do_uid() +{ + [ -n "$1" ] || err 3 "USAGE: do_uid fix|check" + + check_ids "$1" users "${DEST_DIR}/etc/master.passwd" 12 \ + postfix SKIP named ntpd sshd SKIP _pflogd _rwhod SKIP _proxy \ + _timedc _sdpd _httpd _mdnsd _tests _tcpdump _tss SKIP _rtadvd +} diff --git a/etc/install.d/varrwho b/etc/install.d/varrwho new file mode 100644 index 0000000..df44644 --- /dev/null +++ b/etc/install.d/varrwho @@ -0,0 +1,12 @@ +# $NetBSD$ + +# +# varrwho +# +additem varrwho "required ownership of files in /var/rwho" +do_varrwho() +{ + [ -n "$1" ] || err 3 "USAGE: do_varrwho fix|check" + + contents_owner "$1" "${DEST_DIR}/var/rwho" _rwhod _rwhod +} diff --git a/etc/install.d/varshm b/etc/install.d/varshm new file mode 100644 index 0000000..38efdd4 --- /dev/null +++ b/etc/install.d/varshm @@ -0,0 +1,30 @@ +# $NetBSD$ + +# +# varshm +# +additem varshm "check for a tmpfs mounted on /var/shm" +do_varshm() +{ + [ -n "$1" ] || err 3 "USAGE: do_varshm fix|check" + op="$1" + failed=0 + + [ -f "${DEST_DIR}/etc/fstab" ] || return 0 + if ${GREP} -w "/var/shm" "${DEST_DIR}/etc/fstab" >/dev/null 2>&1; + then + failed=0; + else + if [ "${op}" = "check" ]; then + failed=1 + msg "No /var/shm mount found in ${DEST_DIR}/etc/fstab" + elif [ "${op}" = "fix" ]; then + printf '\ntmpfs\t/var/shm\ttmpfs\trw,-m1777,-sram%%25\n' \ + >> "${DEST_DIR}/etc/fstab" + msg "Added tmpfs with 25% ram limit as /var/shm" + + fi + fi + + return ${failed} +} diff --git a/etc/install.d/wscons b/etc/install.d/wscons new file mode 100644 index 0000000..9ed53ad --- /dev/null +++ b/etc/install.d/wscons @@ -0,0 +1,28 @@ +# $NetBSD$ + +# +# wscons +# +additem wscons "wscons configuration file update" +do_wscons() +{ + [ -n "$1" ] || err 3 "USAGE: do_wscons fix|check" + op="$1" + + [ -f "${DEST_DIR}/etc/wscons.conf" ] || return 0 + + failed=0 + notfixed="" + if [ "${op}" = "fix" ]; then + notfixed="${NOT_FIXED}" + fi + while read _type _arg1 _rest; do + if [ "${_type}" = "mux" -a "${_arg1}" = "1" ]; then + msg \ + "Obsolete wscons.conf(5) entry \""${_type} ${_arg1}"\" found.${notfixed}" + failed=1 + fi + done < "${DEST_DIR}/etc/wscons.conf" + + return ${failed} +} diff --git a/etc/install.d/x11 b/etc/install.d/x11 new file mode 100644 index 0000000..42fdd38 --- /dev/null +++ b/etc/install.d/x11 @@ -0,0 +1,58 @@ +# $NetBSD$ + +# +# X11 +# +additem x11 "x11 configuration update" +do_x11() +{ + [ -n "$1" ] || err 3 "USAGE: do_x11 fix|check" + op="$1" + + failed=0 + _etcx11="${DEST_DIR}/etc/X11" + if [ ! -d "${_etcx11}" ]; then + msg "${_etcx11} is not a directory; skipping check" + return 0 + fi + if [ -d "${DEST_DIR}/usr/X11R6/." ] + then + _libx11="${DEST_DIR}/usr/X11R6/lib/X11" + if [ ! -d "${_libx11}" ]; then + msg "${_libx11} is not a directory; skipping check" + return 0 + fi + fi + + _notfixed="" + if [ "${op}" = "fix" ]; then + _notfixed="${NOT_FIXED}" + fi + + for d in \ + fs lbxproxy proxymngr rstart twm xdm xinit xserver xsm \ + ; do + sd="${_libx11}/${d}" + ld="/etc/X11/${d}" + td="${DEST_DIR}${ld}" + if [ -h "${sd}" ]; then + continue + elif [ -d "${sd}" ]; then + tdfiles="$(find "${td}" \! -type d)" + if [ -n "${tdfiles}" ]; then + msg "${sd} exists yet ${td} already" \ + "contains files${_notfixed}" + else + msg "Migrate ${sd} to ${td}${_notfixed}" + fi + failed=1 + elif [ -e "${sd}" ]; then + msg "Unexpected file ${sd}${_notfixed}" + continue + else + continue + fi + done + + return ${failed} +} diff --git a/etc/install.d/xkb b/etc/install.d/xkb new file mode 100644 index 0000000..ba2ced3 --- /dev/null +++ b/etc/install.d/xkb @@ -0,0 +1,66 @@ +# $NetBSD$ + +# +# xkb +# +# /usr/X11R7/lib/X11/xkb/symbols/pc used to be a directory, but changed +# to a file on 2009-06-12. Fixing this requires removing the directory +# (which we can do) and re-extracting the xbase set (which we can't do), +# or at least adding that one file (which we may be able to do if X11SRCDIR +# is available). +# +additem xkb "clean up for xkbdata to xkeyboard-config upgrade" +do_xkb() +{ + [ -n "$1" ] || err 3 "USAGE: do_xkb fix|check" + op="$1" + failed=0 + + pcpath="/usr/X11R7/lib/X11/xkb/symbols/pc" + pcsrcdir="${X11SRCDIR}/external/mit/xkeyboard-config/dist/symbols" + + filemsg="\ +${pcpath} was a directory, should be a file. + To fix, extract the xbase set again." + + _notfixed="" + if [ "${op}" = "fix" ]; then + _notfixed="${NOT_FIXED}" + fi + + if [ ! -d "${DESTDIR}${pcpath}" ]; then + return 0 + fi + + # Delete obsolete files in the directory, and the directory + # itself. If the directory contains unexpected extra files + # then it will not be deleted. + ( [ -f "${DEST_DIR}"/var/db/obsolete/xbase ] \ + && sort -ru "${DEST_DIR}"/var/db/obsolete/xbase \ + | ${GREP} -E "^\\.?${pcpath}/" ; + echo "${pcpath}" ) \ + | obsolete_paths "${op}" + failed=$(( ${failed} + $? )) + + # If the directory was removed above, then try to replace it with + # a file. + if [ -d "${DESTDIR}${pcpath}" ]; then + msg "${filemsg}${_notfixed}" + failed=$(( ${failed} + 1 )) + else + if ! find_file_in_dirlist pc "${pcpath}" \ + "${pcsrcdir}" "${SRC_DIR}${pcpath%/*}" + then + msg "${filemsg}${_notfixed}" + failed=$(( ${failed} + 1 )) + else + # ${dir} is set by find_file_in_dirlist() + populate_dir "${op}" true \ + "${dir}" "${DEST_DIR}${pcpath%/*}" 444 \ + pc + failed=$(( ${failed} + $? )) + fi + fi + + return $failed +} diff --git a/etc/mtree/NetBSD.dist.base b/etc/mtree/NetBSD.dist.base index 484afbe..13f5163 100644 --- a/etc/mtree/NetBSD.dist.base +++ b/etc/mtree/NetBSD.dist.base @@ -35,6 +35,7 @@ ./etc/fonts ./etc/fonts/conf.avail ./etc/fonts/conf.d +./etc/install.d ./etc/iscsi ./etc/kerberosV ./etc/kyua diff --git a/etc/mtree/special b/etc/mtree/special index 1635c1b..c5eb604 100644 --- a/etc/mtree/special +++ b/etc/mtree/special @@ -99,6 +99,41 @@ ./etc/hosts.lpd type=file mode=0644 optional ./etc/ifaliases type=file mode=0644 optional ./etc/inetd.conf type=file mode=0644 +./etc/install.d type=dir mode=0755 +./etc/install.d/atf type=file mode=0444 +./etc/install.d/bluetooth type=file mode=0444 +./etc/install.d/catpages type=file mode=0444 +./etc/install.d/ddbonpanic type=file mode=0444 +./etc/install.d/defaults type=file mode=0444 +./etc/install.d/dhcpd type=file mode=0444 +./etc/install.d/dhcpdrundir type=file mode=0444 +./etc/install.d/envsys type=file mode=0444 +./etc/install.d/fontconfig type=file mode=0444 +./etc/install.d/gid type=file mode=0444 +./etc/install.d/gpio type=file mode=0444 +./etc/install.d/hosts type=file mode=0444 +./etc/install.d/iscsi type=file mode=0444 +./etc/install.d/mailerconf type=file mode=0444 +./etc/install.d/makedev type=file mode=0444 +./etc/install.d/motd type=file mode=0444 +./etc/install.d/mtree type=file mode=0444 +./etc/install.d/named type=file mode=0444 +./etc/install.d/obsolete type=file mode=0444 +./etc/install.d/pam type=file mode=0444 +./etc/install.d/periodic type=file mode=0444 +./etc/install.d/pf type=file mode=0444 +./etc/install.d/ptyfsoldnodes type=file mode=0444 +./etc/install.d/pwd_mkdb type=file mode=0444 +./etc/install.d/rc type=file mode=0444 +./etc/install.d/sendmail type=file mode=0444 +./etc/install.d/ssh type=file mode=0444 +./etc/install.d/tcpdumpchroot type=file mode=0444 +./etc/install.d/uid type=file mode=0444 +./etc/install.d/varrwho type=file mode=0444 +./etc/install.d/varshm type=file mode=0444 +./etc/install.d/wscons type=file mode=0444 +./etc/install.d/x11 type=file mode=0444 +./etc/install.d/xkb type=file mode=0444 ./etc/ipf.conf type=file mode=0644 optional ./etc/ipf6.conf type=file mode=0644 optional ./etc/ipnat.conf type=file mode=0644 optional diff --git a/usr.sbin/postinstall/postinstall b/usr.sbin/postinstall/postinstall index 33b7947..c923150 100755 --- a/usr.sbin/postinstall/postinstall +++ b/usr.sbin/postinstall/postinstall @@ -659,1269 +659,6 @@ detect_x11() fi } -# -# items -# ----- -# - -# -# Bluetooth -# - -additem bluetooth "Bluetooth configuration is up to date" -do_bluetooth() -{ - [ -n "$1" ] || err 3 "USAGE: do_bluetooth fix|check" - op="$1" - failed=0 - - populate_dir "${op}" true \ - "${SRC_DIR}/etc/bluetooth" "${DEST_DIR}/etc/bluetooth" 644 \ - hosts protocols btattach.conf btdevctl.conf - failed=$(( ${failed} + $? )) - - move_file "${op}" "${DEST_DIR}/var/db/btdev.xml" \ - "${DEST_DIR}/var/db/btdevctl.plist" - failed=$(( ${failed} + $? )) - - notfixed="" - if [ "${op}" = "fix" ]; then - notfixed="${NOT_FIXED}" - fi - for _v in btattach btconfig btdevctl; do - if rcvar_is_enabled "${_v}"; then - msg \ - "${_v} is obsolete in rc.conf(5)${notfixed}: use bluetooth=YES" - failed=$(( ${failed} + 1 )) - fi - done - - return ${failed} -} - -# -# ddbonpanic -# -additem ddbonpanic "verify ddb.onpanic is configured in sysctl.conf" -do_ddbonpanic() -{ - [ -n "$1" ] || err 3 "USAGE: do_ddbonpanic fix|check" - - if ${GREP} -E '^#*[[:space:]]*ddb\.onpanic[[:space:]]*\??=[[:space:]]*[[:digit:]]+' \ - "${DEST_DIR}/etc/sysctl.conf" >/dev/null 2>&1 - then - result=0 - else - if [ "$1" = check ]; then - msg \ - "The ddb.onpanic behaviour is not explicitly specified in /etc/sysctl.conf" - result=1 - else - echo >> "${DEST_DIR}/etc/sysctl.conf" - sed < "${SRC_DIR}/etc/sysctl.conf" \ - -e '/^ddb\.onpanic/q' | \ - sed -e '1,/^$/d' >> \ - "${DEST_DIR}/etc/sysctl.conf" - result=$? - fi - fi - return ${result} -} - -# -# defaults -# -additem defaults "/etc/defaults/ being up to date" -do_defaults() -{ - [ -n "$1" ] || err 3 "USAGE: do_defaults fix|check" - op="$1" - failed=0 - - # Except for i386 and amd64, rc.conf(5) should be the same as the - # one obtained from a source directory - extra_scripts="rc.conf" - if [ "$MACHINE" = "i386" -o "$MACHINE" = "amd64" ]; then - if $SOURCEMODE; then - extra_scripts= # clear - - # Generate and compare the correct rc.conf(5) file - mkdir "${SCRATCHDIR}/defaults" - - cat "${SRC_DIR}/etc/defaults/rc.conf" \ - "${SRC_DIR}/etc/etc.${MACHINE}/rc.conf.append" \ - > "${SCRATCHDIR}/defaults/rc.conf" - - compare_dir "${op}" "${SCRATCHDIR}/defaults" \ - "${DEST_DIR}/etc/defaults" \ - 444 \ - "rc.conf" - failed=$(( ${failed} + $? )) - fi - fi - - compare_dir "$op" "${SRC_DIR}/etc/defaults" "${DEST_DIR}/etc/defaults" \ - 444 \ - daily.conf monthly.conf pkgpath.conf security.conf \ - weekly.conf ${extra_scripts} - failed=$(( ${failed} + $? )) - - find_file_in_dirlist pf.boot.conf "pf.boot.conf" \ - "${SRC_DIR}/usr.sbin/pf/etc/defaults" "${SRC_DIR}/etc/defaults" \ - || return 1 - # ${dir} is set by find_file_in_dirlist() - compare_dir "$op" "${dir}" "${DEST_DIR}/etc/defaults" 444 pf.boot.conf - failed=$(( ${failed} + $? )) - - return ${failed} -} - -# -# dhcpcd -# -additem dhcpcd "dhcpcd configuration is up to date" -do_dhcpcd() -{ - [ -n "$1" ] || err 3 "USAGE: do_dhcpcd fix|check" - op="$1" - failed=0 - - find_file_in_dirlist dhcpcd.conf "dhcpcd.conf" \ - "${SRC_DIR}/external/bsd/dhcpcd/dist" "${SRC_DIR}/etc" || return 1 - # ${dir} is set by find_file_in_dirlist() - populate_dir "$op" true "${dir}" "${DEST_DIR}/etc" 644 dhcpcd.conf - failed=$(( ${failed} + $? )) - - return ${failed} -} - -# -# dhcpcdrundir -# -additem dhcpcdrundir "accientaly created /@RUNDIR@ does not exist" -do_dhcpcdrundir() -{ - [ -n "$1" ] || err 3 "USAGE: do_dhcpcdrundir fix|check" - op="$1" - failed=0 - - if [ -d /@RUNDIR@ ]; then - if [ "${op}" = "check" ]; then - msg "Remove eroneously created /@RUNDIR@" - failed=1 - elif ! eval "rm -r /@RUNDIR@"; then - msg "Failed to remove /@RUNDIR@" - failed=1 - else - msg "Removed eroneously created /@RUNDIR@" - fi - fi - return ${failed} -} - -# -# envsys -# -additem envsys "envsys configuration is up to date" -do_envsys() -{ - [ -n "$1" ] || err 3 "USAGE: do_envsys fix|check" - op="$1" - failed=0 - - populate_dir "$op" true "${SRC_DIR}/etc" "${DEST_DIR}/etc" 644 \ - envsys.conf - failed=$(( ${failed} + $? )) - - populate_dir "$op" true "${SRC_DIR}/etc/powerd/scripts" \ - "${DEST_DIR}/etc/powerd/scripts" 555 sensor_battery \ - sensor_drive sensor_fan sensor_indicator sensor_power \ - sensor_resistance sensor_temperature sensor_voltage - failed=$(( ${failed} + $? )) - - return ${failed} -} - -# -# X11 fontconfig -# -additem fontconfig "X11 font configuration is up to date" -do_fontconfig() -{ - [ -n "$1" ] || err 3 "USAGE: do_fontconfig fix|check" - op="$1" - failed=0 - - # First, check for updates we can handle. - if ! $SOURCEMODE; then - FONTCONFIG_DIR="${SRC_DIR}/etc/fonts/conf.avail" - else - FONTCONFIG_DIR="${XSRC_DIR}/external/mit/fontconfig/dist/conf.d" - fi - - populate_dir "$op" false "${FONTCONFIG_DIR}" "${DEST_DIR}/etc/fonts/conf.avail" 444 \ - 10-autohint.conf \ - 10-no-sub-pixel.conf \ - 10-scale-bitmap-fonts.conf \ - 10-sub-pixel-bgr.conf \ - 10-sub-pixel-rgb.conf \ - 10-sub-pixel-vbgr.conf \ - 10-sub-pixel-vrgb.conf \ - 10-unhinted.conf \ - 11-lcdfilter-default.conf \ - 11-lcdfilter-legacy.conf \ - 11-lcdfilter-light.conf \ - 20-unhint-small-vera.conf \ - 25-unhint-nonlatin.conf \ - 30-metric-aliases.conf \ - 30-urw-aliases.conf \ - 40-nonlatin.conf \ - 45-latin.conf \ - 49-sansserif.conf \ - 50-user.conf \ - 51-local.conf \ - 60-latin.conf \ - 65-fonts-persian.conf \ - 65-khmer.conf \ - 65-nonlatin.conf \ - 69-unifont.conf \ - 70-no-bitmaps.conf \ - 70-yes-bitmaps.conf \ - 80-delicious.conf \ - 90-synthetic.conf - failed=$(( ${failed} + $? )) - - # We can't modify conf.d easily; someone might have removed a file. - - conf_d_failed=0 - # Look for old files that need to be deleted. - if [ -f "${DEST_DIR}/etc/fonts/conf.d/10-unhinted.conf" -a \ - -f "${DEST_DIR}/etc/fonts/conf.d/10-autohint.conf" ]; then - conf_d_failed=1 - failed=$(( ${failed} + 1 )) - fi - - if [ "$conf_d_failed" = 1 ]; then - msg \ - "Broken fontconfig configuration found; please delete these files" - msg \ - "in the ${DESTDIR}/etc/fonts/conf.d/ subdirectory:" - msg \ - " 10-autohint.conf 10-no-sub-pixel.conf 10-sub-pixel-bgr.conf" - msg \ - " 10-sub-pixel-rgb.conf 10-sub-pixel-vbgr.conf" - msg \ - " 10-sub-pixel-vrgb.conf 10-unhinted.conf 25-unhint-nonlatin.conf" - msg \ - " 65-khmer.conf 70-no-bitmaps.conf 70-yes-bitmaps.conf" - msg \ - "(This warning only appears if both the 10-unhinted.conf and" - msg \ - "10-autohint.conf files are present." - fi - - return ${failed} -} - -# -# gid -# -additem gid "required groups in /etc/group" -do_gid() -{ - [ -n "$1" ] || err 3 "USAGE: do_gid fix|check" - - check_ids "$1" groups "${DEST_DIR}/etc/group" 14 \ - named ntpd sshd SKIP _pflogd _rwhod staff _proxy _timedc \ - _sdpd _httpd _mdnsd _tests _tcpdump _tss _gpio _rtadvd -} - -# -# gpio -# -additem gpio "gpio configuration is up to date" -do_gpio() -{ - [ -n "$1" ] || err 3 "USAGE: do_gpio fix|check" - op="$1" - failed=0 - - populate_dir "$op" true "${SRC_DIR}/etc" "${DEST_DIR}/etc" 644 \ - gpio.conf - failed=$(( ${failed} + $? )) - - return ${failed} -} - -# -# hosts -# -additem hosts "/etc/hosts being up to date" -do_hosts() -{ - [ -n "$1" ] || err 3 "USAGE: do_hosts fix|check" - - modify_file "$1" "${DEST_DIR}/etc/hosts" "${SCRATCHDIR}/hosts" ' - /^(127\.0\.0\.1|::1)[ ]+[^\.]*$/ { - print $0, "localhost." - next - } - { print } - ' - return $? -} - -# -# iscsi -# -additem iscsi "/etc/iscsi is populated" -do_iscsi() -{ - [ -n "$1" ] || err 3 "USAGE: do_iscsi fix|check" - - populate_dir "${op}" true \ - "${SRC_DIR}/etc/iscsi" "${DEST_DIR}/etc/iscsi" 600 auths - populate_dir "${op}" true \ - "${SRC_DIR}/etc/iscsi" "${DEST_DIR}/etc/iscsi" 644 targets - return $? -} - -# -# makedev -# -additem makedev "/dev/MAKEDEV being up to date" -do_makedev() -{ - [ -n "$1" ] || err 3 "USAGE: do_makedev fix|check" - failed=0 - - if [ -f "${SRC_DIR}/etc/MAKEDEV.tmpl" ]; then - # generate MAKEDEV from source if source is available - env MACHINE="${MACHINE}" \ - MACHINE_ARCH="${MACHINE_ARCH}" \ - NETBSDSRCDIR="${SRC_DIR}" \ - ${AWK} -f "${SRC_DIR}/etc/MAKEDEV.awk" \ - "${SRC_DIR}/etc/MAKEDEV.tmpl" > "${SCRATCHDIR}/MAKEDEV" - fi - - find_file_in_dirlist MAKEDEV "MAKEDEV" \ - "${SCRATCHDIR}" "${SRC_DIR}/dev" \ - || return 1 - # ${dir} is set by find_file_in_dirlist() - compare_dir "$1" "${dir}" "${DEST_DIR}/dev" 555 MAKEDEV - failed=$(( ${failed} + $? )) - - find_file_in_dirlist MAKEDEV.local "MAKEDEV.local" \ - "${SRC_DIR}/etc" "${SRC_DIR}/dev" \ - || return 1 - # ${dir} is set by find_file_in_dirlist() - compare_dir "$1" "${dir}" "${DEST_DIR}/dev" 555 MAKEDEV.local - failed=$(( ${failed} + $? )) - - return ${failed} -} - -# -# motd -# -additem motd "contents of motd" -do_motd() -{ - [ -n "$1" ] || err 3 "USAGE: do_motd fix|check" - - if ${GREP} -i 'http://www.NetBSD.org/Misc/send-pr.html' \ - "${DEST_DIR}/etc/motd" >/dev/null 2>&1 \ - || ${GREP} -i 'http://www.NetBSD.org/support/send-pr.html' \ - "${DEST_DIR}/etc/motd" >/dev/null 2>&1 - then - tmp1="$(mktemp /tmp/postinstall.motd.XXXXXXXX)" - tmp2="$(mktemp /tmp/postinstall.motd.XXXXXXXX)" - sed '1,2d' <"${SRC_DIR}/etc/motd" >"${tmp1}" - sed '1,2d' <"${DEST_DIR}/etc/motd" >"${tmp2}" - - if [ "$1" = check ]; then - cmp -s "${tmp1}" "${tmp2}" - result=$? - if [ "${result}" -ne 0 ]; then - msg \ - "Bug reporting messages do not seem to match the installed release" - fi - else - head -n 2 "${DEST_DIR}/etc/motd" >"${tmp1}" - sed '1,2d' <"${SRC_DIR}/etc/motd" >>"${tmp1}" - cp "${tmp1}" "${DEST_DIR}/etc/motd" - result=0 - fi - - rm -f "${tmp1}" "${tmp2}" - else - result=0 - fi - - return ${result} -} - -# -# mtree -# -additem mtree "/etc/mtree/ being up to date" -do_mtree() -{ - [ -n "$1" ] || err 3 "USAGE: do_mtree fix|check" - failed=0 - - compare_dir "$1" "${SRC_DIR}/etc/mtree" "${DEST_DIR}/etc/mtree" 444 special - failed=$(( ${failed} + $? )) - - if ! $SOURCEMODE; then - MTREE_DIR="${SRC_DIR}/etc/mtree" - else - ${MAKE} -s -C "${SRC_DIR}/etc/mtree" emit_dist_file > \ - "${SCRATCHDIR}/NetBSD.dist" - MTREE_DIR="${SCRATCHDIR}" - fi - compare_dir "$1" "${MTREE_DIR}" "${DEST_DIR}/etc/mtree" 444 NetBSD.dist - failed=$(( ${failed} + $? )) - - return ${failed} -} - -# -# named -# -additem named "named configuration update" -do_named() -{ - [ -n "$1" ] || err 3 "USAGE: do_named fix|check" - op="$1" - - move_file "${op}" \ - "${DEST_DIR}/etc/namedb/named.conf" \ - "${DEST_DIR}/etc/named.conf" - - compare_dir "${op}" "${SRC_DIR}/etc/namedb" "${DEST_DIR}/etc/namedb" \ - 644 \ - root.cache -} - -# -# pam -# -additem pam "/etc/pam.d is populated" -do_pam() -{ - [ -n "$1" ] || err 3 "USAGE: do_pam fix|check" - op="$1" - failed=0 - - populate_dir "${op}" true "${SRC_DIR}/etc/pam.d" \ - "${DEST_DIR}/etc/pam.d" 644 \ - README display_manager ftpd gdm imap kde login other passwd \ - pop3 ppp rexecd rsh sshd su system telnetd xdm xserver - - failed=$(( ${failed} + $? )) - - return ${failed} -} - -# -# periodic -# -additem periodic "/etc/{daily,weekly,monthly,security} being up to date" -do_periodic() -{ - [ -n "$1" ] || err 3 "USAGE: do_periodic fix|check" - - compare_dir "$1" "${SRC_DIR}/etc" "${DEST_DIR}/etc" 644 \ - daily weekly monthly security -} - -# -# pf -# -additem pf "pf configuration being up to date" -do_pf() -{ - [ -n "$1" ] || err 3 "USAGE: do_pf fix|check" - op="$1" - failed=0 - - find_file_in_dirlist pf.os "pf.os" \ - "${SRC_DIR}/dist/pf/etc" "${SRC_DIR}/etc" \ - || return 1 - # ${dir} is set by find_file_in_dirlist() - populate_dir "${op}" true \ - "${dir}" "${DEST_DIR}/etc" 644 \ - pf.conf - failed=$(( ${failed} + $? )) - - compare_dir "${op}" "${dir}" "${DEST_DIR}/etc" 444 pf.os - failed=$(( ${failed} + $? )) - - return ${failed} -} - -# -# pwd_mkdb -# -additem pwd_mkdb "passwd database version" -do_pwd_mkdb() -{ - [ -n "$1" ] || err 3 "USAGE: do_pwd_mkdb fix|check" - op="$1" - failed=0 - - # XXX Ideally, we should figure out the endianness of the - # target machine, and add "-E B"/"-E L" to the db(1) flags, - # and "-B"/"-L" to the pwd_mkdb(8) flags if the target is not - # the same as the host machine. It probably doesn't matter, - # because we don't expect "postinstall fix pwd_mkdb" to be - # invoked during a cross build. - - set -- $(${DB} -q -Sb -Ub -To -N hash "${DEST_DIR}/etc/pwd.db" \ - 'VERSION\0') - case "$2" in - '\001\000\000\000') return 0 ;; # version 1, little-endian - '\000\000\000\001') return 0 ;; # version 1, big-endian - esac - - if [ "${op}" = "check" ]; then - msg "Update format of passwd database" - failed=1 - elif ! ${PWD_MKDB} -V 1 -d "${DEST_DIR:-/}" \ - "${DEST_DIR}/etc/master.passwd"; - then - msg "Can't update format of passwd database" - failed=1 - else - msg "Updated format of passwd database" - fi - - return ${failed} -} - -# -# rc -# -additem rc "/etc/rc* and /etc/rc.d/ being up to date" -do_rc() -{ - [ -n "$1" ] || err 3 "USAGE: do_rc fix|check" - op="$1" - failed=0 - generated_scripts="" - if [ "${MKX11}" != "no" ]; then - generated_scripts="${generated_scripts} xdm xfs" - fi - - compare_dir "${op}" "${SRC_DIR}/etc" "${DEST_DIR}/etc" 644 \ - rc rc.subr rc.shutdown - failed=$(( ${failed} + $? )) - - if ! $SOURCEMODE; then - extra_scripts="${generated_scripts}" - else - extra_scripts="" - fi - - compare_dir "${op}" "${SRC_DIR}/etc/rc.d" "${DEST_DIR}/etc/rc.d" 555 \ - DAEMON DISKS LOGIN NETWORKING SERVERS \ - accounting altqd amd apmd \ - bluetooth bootconf.sh bootparams \ - ccd cgd cleartmp cron devpubd \ - dhclient dhcpcd dhcpd dhcrelay dmesg downinterfaces envsys \ - fsck fsck_root ftp_proxy ftpd \ - gpio \ - hostapd httpd \ - identd ifwatchd inetd ipfilter ipfs ipmon ipnat ipsec \ - irdaattach iscsi_target isdnd isibootd \ - kdc \ - ldconfig ldpd local lpd lvm \ - makemandb mdnsd mixerctl mopd motd mountall mountcritlocal \ - mountcritremote mountd moused mrouted \ - named ndbootd network newsyslog nfsd nfslocking npf ntpd \ - ntpdate \ - perusertmp pf pf_boot pflogd postfix powerd ppp pwcheck \ - quota \ - racoon rpcbind raidframe raidframeparity random_seed rarpd \ - rbootd rndctl root route6d routed rtadvd rtclocaltime \ - rtsold rwho \ - savecore screenblank securelevel sshd \ - staticroute swap1 swap2 sysctl sysdb syslogd \ - timed tpctl ttys \ - veriexec virecover wdogctl wpa_supplicant wscons wsmoused \ - ypbind yppasswdd ypserv \ - ${extra_scripts} - failed=$(( ${failed} + $? )) - - if $SOURCEMODE && [ -n "${generated_scripts}" ]; then - # generate scripts - mkdir "${SCRATCHDIR}/rc" - for f in ${generated_scripts}; do - sed -e "s,@X11ROOTDIR@,${X11ROOTDIR},g" \ - < "${SRC_DIR}/etc/rc.d/${f}.in" \ - > "${SCRATCHDIR}/rc/${f}" - done - compare_dir "${op}" "${SCRATCHDIR}/rc" \ - "${DEST_DIR}/etc/rc.d" 555 \ - ${generated_scripts} - failed=$(( ${failed} + $? )) - fi - - # check for obsolete rc.d files - for f in NETWORK btattach btconfig btcontrol btdevctl bthcid btuartd \ - fsck.sh kerberos nfsiod sdpd servers \ - systemfs daemon gated login poffd portmap sunndd xntpd; do - fd="/etc/rc.d/${f}" - [ -e "${DEST_DIR}${fd}" ] && echo "${fd}" - done | obsolete_paths "${op}" - failed=$(( ${failed} + $? )) - - # check for obsolete rc.conf(5) variables - set -- amd amd_master \ - btcontrol btcontrol_devices \ - critical_filesystems critical_filesystems_beforenet \ - mountcritlocal mountcritremote \ - network ip6forwarding \ - network nfsiod_flags \ - sdpd sdpd_control \ - sdpd sdpd_groupname \ - sdpd sdpd_username \ - sysctl defcorename - while [ $# -gt 1 ]; do - if rcconf_is_set "${op}" "$1" "$2" 1; then - failed=1 - fi - shift 2 - done - - return ${failed} -} - -# -# sendmail -# -adddisableditem sendmail "remove obsolete sendmail configuration files and scripts" -do_sendmail() -{ - [ -n "$1" ] || err 3 "USAGE: do_sendmail fix|check" - op="$1" - failed=0 - - # Don't complain if the "sendmail" package is installed because the - # files might still be in use. - if /usr/sbin/pkg_info -qe sendmail >/dev/null 2>&1; then - return 0 - fi - - for f in /etc/mail/helpfile /etc/mail/local-host-names \ - /etc/mail/sendmail.cf /etc/mail/submit.cf /etc/rc.d/sendmail \ - /etc/rc.d/smmsp /usr/share/misc/sendmail.hf \ - $(find "${DEST_DIR}/usr/share/sendmail" -type f) \ - $(find "${DEST_DIR}/usr/share/sendmail" -type d) \ - "${DEST_DIR}/var/log/sendmail.st" \ - "${DEST_DIR}/var/spool/clientmqueue" \ - "${DEST_DIR}/var/spool/mqueue"; do - [ -e "${DEST_DIR}${f}" ] && echo "${f}" - done | obsolete_paths "${op}" - failed=$(( ${failed} + $? )) - - return ${failed} -} - -# -# mailerconf -# -adddisableditem mailerconf "update /etc/mailer.conf after sendmail removal" -do_mailerconf() -{ - [ -n "$1" ] || err 3 "USAGE: do_mailterconf fix|check" - op="$1" - - failed=0 - mta_path="$(${AWK} '/^sendmail[ \t]/{print$2}' \ - "${DEST_DIR}/etc/mailer.conf")" - old_sendmail_path="/usr/libexec/sendmail/sendmail" - if [ "${mta_path}" = "${old_sendmail_path}" ]; then - if [ "$op" = check ]; then - msg "mailer.conf points to obsolete ${old_sendmail_path}" - failed=1; - else - populate_dir "${op}" false \ - "${SRC_DIR}/etc" "${DEST_DIR}/etc" 644 mailer.conf - failed=$? - fi - fi - - return ${failed} -} - -# -# ssh -# -additem ssh "ssh configuration update" -do_ssh() -{ - [ -n "$1" ] || err 3 "USAGE: do_ssh fix|check" - op="$1" - - failed=0 - _etcssh="${DEST_DIR}/etc/ssh" - if ! check_dir "${op}" "${_etcssh}" 755; then - failed=1 - fi - - if [ ${failed} -eq 0 ]; then - for f in \ - ssh_known_hosts ssh_known_hosts2 \ - ssh_host_dsa_key ssh_host_dsa_key.pub \ - ssh_host_rsa_key ssh_host_rsa_key.pub \ - ssh_host_key ssh_host_key.pub \ - ; do - if ! move_file "${op}" \ - "${DEST_DIR}/etc/${f}" "${_etcssh}/${f}" ; then - failed=1 - fi - done - for f in sshd.conf ssh.conf ; do - # /etc/ssh/ssh{,d}.conf -> ssh{,d}_config - # - if ! move_file "${op}" \ - "${_etcssh}/${f}" "${_etcssh}/${f%.conf}_config" ; - then - failed=1 - fi - # /etc/ssh{,d}.conf -> /etc/ssh/ssh{,d}_config - # - if ! move_file "${op}" \ - "${DEST_DIR}/etc/${f}" \ - "${_etcssh}/${f%.conf}_config" ; - then - failed=1 - fi - done - fi - - sshdconf="" - for f in \ - "${_etcssh}/sshd_config" \ - "${_etcssh}/sshd.conf" \ - "${DEST_DIR}/etc/sshd.conf" ; do - if [ -f "${f}" ]; then - sshdconf="${f}" - break - fi - done - if [ -n "${sshdconf}" ]; then - modify_file "${op}" "${sshdconf}" "${SCRATCHDIR}/sshdconf" ' - /^[^#$]/ { - kw = tolower($1) - if (kw == "hostkey" && - $2 ~ /^\/etc\/+ssh_host(_[dr]sa)?_key$/ ) { - sub(/\/etc\/+/, "/etc/ssh/") - } - if (kw == "rhostsauthentication" || - kw == "verifyreversemapping" || - kw == "reversemappingcheck") { - sub(/^/, "# DEPRECATED:\t") - } - } - { print } - ' - failed=$(( ${failed} + $? )) - fi - - if ! find_file_in_dirlist moduli "moduli" \ - "${SRC_DIR}/crypto/external/bsd/openssh/dist" "${SRC_DIR}/etc" ; then - failed=1 - # ${dir} is set by find_file_in_dirlist() - elif ! compare_dir "${op}" "${dir}" "${DEST_DIR}/etc" 444 moduli; then - failed=1 - fi - - if ! check_dir "${op}" "${DEST_DIR}/var/chroot/sshd" 755 ; then - failed=1 - fi - - if rcconf_is_set "${op}" sshd sshd_conf_dir 1; then - failed=1 - fi - - return ${failed} -} - -# -# wscons -# -additem wscons "wscons configuration file update" -do_wscons() -{ - [ -n "$1" ] || err 3 "USAGE: do_wscons fix|check" - op="$1" - - [ -f "${DEST_DIR}/etc/wscons.conf" ] || return 0 - - failed=0 - notfixed="" - if [ "${op}" = "fix" ]; then - notfixed="${NOT_FIXED}" - fi - while read _type _arg1 _rest; do - if [ "${_type}" = "mux" -a "${_arg1}" = "1" ]; then - msg \ - "Obsolete wscons.conf(5) entry \""${_type} ${_arg1}"\" found.${notfixed}" - failed=1 - fi - done < "${DEST_DIR}/etc/wscons.conf" - - return ${failed} -} - -# -# X11 -# -additem x11 "x11 configuration update" -do_x11() -{ - [ -n "$1" ] || err 3 "USAGE: do_x11 fix|check" - op="$1" - - failed=0 - _etcx11="${DEST_DIR}/etc/X11" - if [ ! -d "${_etcx11}" ]; then - msg "${_etcx11} is not a directory; skipping check" - return 0 - fi - if [ -d "${DEST_DIR}/usr/X11R6/." ] - then - _libx11="${DEST_DIR}/usr/X11R6/lib/X11" - if [ ! -d "${_libx11}" ]; then - msg "${_libx11} is not a directory; skipping check" - return 0 - fi - fi - - _notfixed="" - if [ "${op}" = "fix" ]; then - _notfixed="${NOT_FIXED}" - fi - - for d in \ - fs lbxproxy proxymngr rstart twm xdm xinit xserver xsm \ - ; do - sd="${_libx11}/${d}" - ld="/etc/X11/${d}" - td="${DEST_DIR}${ld}" - if [ -h "${sd}" ]; then - continue - elif [ -d "${sd}" ]; then - tdfiles="$(find "${td}" \! -type d)" - if [ -n "${tdfiles}" ]; then - msg "${sd} exists yet ${td} already" \ - "contains files${_notfixed}" - else - msg "Migrate ${sd} to ${td}${_notfixed}" - fi - failed=1 - elif [ -e "${sd}" ]; then - msg "Unexpected file ${sd}${_notfixed}" - continue - else - continue - fi - done - - return ${failed} -} - -# -# xkb -# -# /usr/X11R7/lib/X11/xkb/symbols/pc used to be a directory, but changed -# to a file on 2009-06-12. Fixing this requires removing the directory -# (which we can do) and re-extracting the xbase set (which we can't do), -# or at least adding that one file (which we may be able to do if X11SRCDIR -# is available). -# -additem xkb "clean up for xkbdata to xkeyboard-config upgrade" -do_xkb() -{ - [ -n "$1" ] || err 3 "USAGE: do_xkb fix|check" - op="$1" - failed=0 - - pcpath="/usr/X11R7/lib/X11/xkb/symbols/pc" - pcsrcdir="${X11SRCDIR}/external/mit/xkeyboard-config/dist/symbols" - - filemsg="\ -${pcpath} was a directory, should be a file. - To fix, extract the xbase set again." - - _notfixed="" - if [ "${op}" = "fix" ]; then - _notfixed="${NOT_FIXED}" - fi - - if [ ! -d "${DESTDIR}${pcpath}" ]; then - return 0 - fi - - # Delete obsolete files in the directory, and the directory - # itself. If the directory contains unexpected extra files - # then it will not be deleted. - ( [ -f "${DEST_DIR}"/var/db/obsolete/xbase ] \ - && sort -ru "${DEST_DIR}"/var/db/obsolete/xbase \ - | ${GREP} -E "^\\.?${pcpath}/" ; - echo "${pcpath}" ) \ - | obsolete_paths "${op}" - failed=$(( ${failed} + $? )) - - # If the directory was removed above, then try to replace it with - # a file. - if [ -d "${DESTDIR}${pcpath}" ]; then - msg "${filemsg}${_notfixed}" - failed=$(( ${failed} + 1 )) - else - if ! find_file_in_dirlist pc "${pcpath}" \ - "${pcsrcdir}" "${SRC_DIR}${pcpath%/*}" - then - msg "${filemsg}${_notfixed}" - failed=$(( ${failed} + 1 )) - else - # ${dir} is set by find_file_in_dirlist() - populate_dir "${op}" true \ - "${dir}" "${DEST_DIR}${pcpath%/*}" 444 \ - pc - failed=$(( ${failed} + $? )) - fi - fi - - return $failed -} - -# -# uid -# -additem uid "required users in /etc/master.passwd" -do_uid() -{ - [ -n "$1" ] || err 3 "USAGE: do_uid fix|check" - - check_ids "$1" users "${DEST_DIR}/etc/master.passwd" 12 \ - postfix SKIP named ntpd sshd SKIP _pflogd _rwhod SKIP _proxy \ - _timedc _sdpd _httpd _mdnsd _tests _tcpdump _tss SKIP _rtadvd -} - - -# -# varrwho -# -additem varrwho "required ownership of files in /var/rwho" -do_varrwho() -{ - [ -n "$1" ] || err 3 "USAGE: do_varrwho fix|check" - - contents_owner "$1" "${DEST_DIR}/var/rwho" _rwhod _rwhod -} - - -# -# tcpdumpchroot -# -additem tcpdumpchroot "remove /var/chroot/tcpdump/etc/protocols" -do_tcpdumpchroot() -{ - [ -n "$1" ] || err 3 "USAGE: do_tcpdumpchroot fix|check" - - failed=0; - if [ -r "${DEST_DIR}/var/chroot/tcpdump/etc/protocols" ]; then - if [ "$1" = "fix" ]; then - rm "${DEST_DIR}/var/chroot/tcpdump/etc/protocols" - failed=$(( ${failed} + $? )) - rmdir "${DEST_DIR}/var/chroot/tcpdump/etc" - failed=$(( ${failed} + $? )) - else - failed=1 - fi - fi - return ${failed} -} - - -# -# atf -# -additem atf "install missing atf configuration files and validate them" -do_atf() -{ - [ -n "$1" ] || err 3 "USAGE: do_atf fix|check" - op="$1" - failed=0 - - # Ensure atf configuration files are in place. - if find_file_in_dirlist NetBSD.conf "NetBSD.conf" \ - "${SRC_DIR}/external/bsd/atf/etc/atf" \ - "${SRC_DIR}/etc/atf"; then - # ${dir} is set by find_file_in_dirlist() - populate_dir "${op}" true "${dir}" "${DEST_DIR}/etc/atf" 644 \ - NetBSD.conf common.conf || failed=1 - else - failed=1 - fi - if find_file_in_dirlist atf-run.hooks "atf-run.hooks" \ - "${SRC_DIR}/external/bsd/atf/dist/tools/sample" \ - "${SRC_DIR}/etc/atf"; then - # ${dir} is set by find_file_in_dirlist() - populate_dir "${op}" true "${dir}" "${DEST_DIR}/etc/atf" 644 \ - atf-run.hooks || failed=1 - else - failed=1 - fi - - # Validate the _atf to _tests user/group renaming. - if [ -f "${DEST_DIR}/etc/atf/common.conf" ]; then - handle_atf_user "${op}" || failed=1 - else - failed=1 - fi - - return ${failed} -} - -handle_atf_user() -{ - local op="$1" - local failed=0 - - local conf="${DEST_DIR}/etc/atf/common.conf" - if grep '[^#]*unprivileged-user[ \t]*=.*_atf' "${conf}" >/dev/null - then - if [ "$1" = "fix" ]; then - sed -e \ - "/[^#]*unprivileged-user[\ t]*=/s/_atf/_tests/" \ - "${conf}" >"${conf}.new" - failed=$(( ${failed} + $? )) - mv "${conf}.new" "${conf}" - failed=$(( ${failed} + $? )) - msg "Set unprivileged-user=_tests in ${conf}" - else - msg "unprivileged-user=_atf in ${conf} should be" \ - "unprivileged-user=_tests" - failed=1 - fi - fi - - return ${failed} -} - -# -# catpages -# -obsolete_catpages() -{ - basedir="$2" - section="$3" - mandir="${basedir}/man${section}" - catdir="${basedir}/cat${section}" - test -d "$mandir" || return 0 - test -d "$catdir" || return 0 - (cd "$mandir" && find . -type f) | { - failed=0 - while read manpage; do - manpage="${manpage#./}" - case "$manpage" in - *.Z) - catname="$catdir/${manpage%.*.Z}.0" - ;; - *.gz) - catname="$catdir/${manpage%.*.gz}.0" - ;; - *) - catname="$catdir/${manpage%.*}.0" - ;; - esac - test -e "$catname" -a "$catname" -ot "$mandir/$manpage" || continue - if [ "$1" = "fix" ]; then - rm "$catname" - failed=$(( ${failed} + $? )) - msg "Removed obsolete cat page $catname" - else - msg "Obsolete cat page $catname" - failed=1 - fi - done - exit $failed - } -} - -additem catpages "remove outdated cat pages" -do_catpages() -{ - failed=0 - for manbase in /usr/share/man /usr/X11R6/man /usr/X11R7/man; do - for sec in 1 2 3 4 5 6 7 8 9; do - obsolete_catpages "$1" "${DEST_DIR}${manbase}" "${sec}" - failed=$(( ${failed} + $? )) - if [ "$1" = "fix" ]; then - rmdir "${DEST_DIR}${manbase}/cat${sec}"/* \ - 2>/dev/null - rmdir "${DEST_DIR}${manbase}/cat${sec}" \ - 2>/dev/null - fi - done - done - return $failed -} - - -# -# ptyfsoldnodes -# -additem ptyfsoldnodes "remove legacy device nodes when using ptyfs" -do_ptyfsoldnodes() -{ - [ -n "$1" ] || err 3 "USAGE: do_ptyfsoldnodes fix|check" - _ptyfs_op="$1" - - # Check whether ptyfs is in use - failed=0; - if ! ${GREP} -E "^ptyfs" "${DEST_DIR}/etc/fstab" > /dev/null; then - msg "ptyfs is not in use" - return 0 - fi - - # Find the device major numbers for the pty master and slave - # devices, by parsing the output from "MAKEDEV -s pty0". - # - # Output from MAKEDEV looks like this: - # ./ttyp0 type=char device=netbsd,5,0 mode=666 gid=0 uid=0 - # ./ptyp0 type=char device=netbsd,6,0 mode=666 gid=0 uid=0 - # - # Output from awk, used in the eval statement, looks like this: - # maj_ptym=6; maj_ptys=5; - # - eval "$( - ${HOST_SH} "${DEST_DIR}/dev/MAKEDEV" -s pty0 2>/dev/null \ - | ${AWK} '\ - BEGIN { before_re = ".*device=[a-zA-Z]*,"; after_re = ",.*"; } - /ptyp0/ { maj_ptym = gensub(before_re, "", 1, $0); - maj_ptym = gensub(after_re, "", 1, maj_ptym); } - /ttyp0/ { maj_ptys = gensub(before_re, "", 1, $0); - maj_ptys = gensub(after_re, "", 1, maj_ptys); } - END { print "maj_ptym=" maj_ptym "; maj_ptys=" maj_ptys ";"; } - ' - )" - #msg "Major numbers are maj_ptym=${maj_ptym} maj_ptys=${maj_ptys}" - if [ -z "$maj_ptym" ] || [ -z "$maj_ptys" ]; then - msg "Cannot find device major numbers for pty master and slave" - return 1 - fi - - # look for /dev/[pt]ty[p-zP-T][0-9a-zA-Z], and check that they - # have the expected device major numbers. ttyv* is typically not a - # pty device, but we check it anyway. - # - # The "for d1" loop is intended to avoid overflowing ARG_MAX; - # otherwise we could have used a single glob pattern. - # - # If there are no files that match a particular pattern, - # then stat prints something like: - # stat: /dev/[pt]tyx?: lstat: No such file or directory - # and we ignore it. XXX: We also ignore other error messages. - # - _ptyfs_tmp="$(mktemp /tmp/postinstall.ptyfs.XXXXXXXX)" - for d1 in p q r s t u v w x y z P Q R S T; do - ${STAT} -f "%Hr %N" "${DEST_DIR}/dev/"[pt]ty${d1}? 2>&1 - done \ - | while read -r major node ; do - case "$major" in - ${maj_ptym}|${maj_ptys}) echo "$node" ;; - esac - done >"${_ptyfs_tmp}" - - _desc="legacy device node" - while read node; do - if [ "${_ptyfs_op}" = "check" ]; then - msg "Remove ${_desc} ${node}" - failed=1 - else # "fix" - if rm "${node}"; then - msg "Removed ${_desc} ${node}" - else - warn "Failed to remove ${_desc} ${node}" - failed=1 - fi - fi - done < "${_ptyfs_tmp}" - rm "${_ptyfs_tmp}" - - return ${failed} -} - - -# -# varshm -# -additem varshm "check for a tmpfs mounted on /var/shm" -do_varshm() -{ - [ -n "$1" ] || err 3 "USAGE: do_varshm fix|check" - op="$1" - failed=0 - - [ -f "${DEST_DIR}/etc/fstab" ] || return 0 - if ${GREP} -w "/var/shm" "${DEST_DIR}/etc/fstab" >/dev/null 2>&1; - then - failed=0; - else - if [ "${op}" = "check" ]; then - failed=1 - msg "No /var/shm mount found in ${DEST_DIR}/etc/fstab" - elif [ "${op}" = "fix" ]; then - printf '\ntmpfs\t/var/shm\ttmpfs\trw,-m1777,-sram%%25\n' \ - >> "${DEST_DIR}/etc/fstab" - msg "Added tmpfs with 25% ram limit as /var/shm" - - fi - fi - - return ${failed} -} - - -# -# obsolete -# (this item is last to allow other items to move obsolete files) -# -additem obsolete "remove obsolete file sets and minor libraries" -do_obsolete() -{ - [ -n "$1" ] || err 3 "USAGE: do_obsolete fix|check" - op="$1" - failed=0 - - sort -ru "${DEST_DIR}"/var/db/obsolete/* | obsolete_paths "${op}" - failed=$(( ${failed} + $? )) - - ( - obsolete_libs /lib - obsolete_libs /usr/lib - obsolete_libs /usr/lib/i18n - obsolete_libs /usr/X11R6/lib - obsolete_libs /usr/X11R7/lib - [ "$MACHINE" = "amd64" ] && obsolete_libs /usr/lib/i386 - [ "$MACHINE" = "sparc64" ] && obsolete_libs /usr/lib/sparc - ) | obsolete_paths "${op}" - failed=$(( ${failed} + $? )) - - return ${failed} -} - -# -# end of items -# ------------ -# - usage() { @@ -1982,7 +719,7 @@ list() } -main() +init() { TGZLIST= # quoted list list of tgz files SRC_ARGLIST= # quoted list of one or more "-s" args @@ -2101,6 +838,12 @@ main() detect_x11 + ops="$@" +} + + +main() +{ op="$1" shift @@ -2223,6 +966,11 @@ exec 3>/dev/null exec 4>/dev/null exitstatus=0 -main "$@" +ops= +init "$@" +for f in ${SRC_DIR}/etc/install.d/[a-z]*; do + [ -f $f ] && . $f +done +main $ops /bin/rm -rf "${SCRATCHDIR}" exit $exitstatus