#!/bin/sh # # Updating a NetBSD or OpenBSD system # (c)2009, lists@nerdbynature.de # # NOTE: We assume that our *BSD system has its SRC/PKGSRC repos # NFS mounted. Thus, we CVS'update the repos on the NFS # server but compile/install locally of course. # # See how we were called OS=`basename $0 | awk -F\- '{print $1}'` case "$OS" in netbsd) SRC=/usr/src # local path PKGSRC=/usr/pkgsrc SRC_CVS=/data/Scratch/netbsd/src # remote path on the NFS server PKGSRC_CVS=/data/Scratch/netbsd/pkgsrc KCONFIG=XEN3_DOMU KERNEL=netbsd OBJDIR=`awk '/^BSDOBJDIR/ {print $NF}' /etc/mk.conf 2>/dev/null` TOOLDIR=`awk '/^TOOLDIR/ {print $NF}' /etc/mk.conf 2>/dev/null` ;; openbsd) SRC=/usr/src # local path PKGSRC=/usr/ports SRC_CVS=/data/Scratch/openbsd/src # remote path on the NFS server PKGSRC_CVS=/data/Scratch/openbsd/ports KCONFIG=GENERIC KERNEL=bsd OBJDIR=`awk '/^BSDOBJDIR/ {print $NF}' /etc/mk.conf 2>/dev/null` TOOLDIR=`awk '/^TOOLDIR/ {print $NF}' /etc/mk.conf 2>/dev/null` STOP=/new_kernel_has_to_be_rebooted ;; *) echo "Could not determine operating system to update ($OS), bailing out!" exit 1 ;; esac checkpriv() { if [ `id -u` = 0 -o ! -d "$1"/CVS ]; then echo "* Don't use root to do this, but a normal user." echo "* The repository in $1 has to exist, we won't create it." test -z "$FORCE" && exit 1 fi } log() { # an optionally submitted value will be our exitcode echo "`date +"%F %H:%M:%S %Z"`: $1" test -z "$2" || exit "$2" } # unset me! # DEBUG=echo # # As this is largely OS specifc (NetBSD/build.sh vs. OpenBSD/make), we split # both parts into functions # src_netbsd() { # Toolchain... $DEBUG cd $SRC $DEBUG mkdir -p $OBJDIR $TOOLDIR || log "Failed to create $OBJDIR and $TOOLDIR" 1 $DEBUG rm -rf $OBJDIR/* $TOOLDIR/* $DEBUG ./build.sh -O $OBJDIR -T $TOOLDIR tools if [ ! $? = 0 ]; then log "Something went wrong when building the toolchain, please investigate!" 1 else log "Toolchain has been built, moving on..." fi # Kernel... if [ -f $SRC/sys/arch/`uname -m`/conf/$KCONFIG ]; then $DEBUG ./build.sh -O $OBJDIR -T $TOOLDIR kernel=$KCONFIG if [ ! $? = 0 ]; then log "Something went wrong when building the userland, please investigate!" 1 else log "Kernel has been built, moving on..." fi else log "Kernel configuration $SRC/sys/arch/`uname -m`/conf/$KCONFIG not found, cannot build kernel" 1 fi # Userland... $DEBUG ./build.sh -O $OBJDIR -T $TOOLDIR -U distribution if [ ! $? = 0 ]; then log "Something went wrong when building the userland, please investigate!" 1 else log "Build succeeded, you may install the kernel and userland now:" log "mv /$KERNEL /$KERNEL.`date +%F`" log "mv $OBJDIR/sys/arch/`uname -m`/compile/$KCONFIG/$KERNEL /$KERNEL" log "cd $SRC && ./build.sh -O $OBJDIR -T $TOOLDIR -U install=/" fi } src_openbsd() { # Kernel... test -f $STOP && log "Remove $STOP before building $OS (and reboot if you've already built the new kernel)" 1 if [ -f $SRC/sys/arch/`uname -m`/conf/$KCONFIG ]; then $DEBUG cd $SRC/sys/arch/`uname -m`/conf/ $DEBUG config $KCONFIG $DEBUG ../compile/$KCONFIG $DEBUG make clean $DEBUG make depend $DEBUG make if [ ! $? = 0 ]; then log "Something went wrong when building the userland, please investigate!" 1 else log "Kernel has been built." log "It is recommended to install and boot this new kernel before updating the userland:" log "mv /$KERNEL /$KERNEL.`date +%F`" log "mv $SRC/sys/arch/`uname -m`/compile/$KCONFIG/$KERNEL /$KERNEL" $DEBUG touch $STOP fi else log "Kernel configuration $SRC/sys/arch/`uname -m`/conf/$KCONFIG not found, cannot build kernel" 1 fi # Userland if [ -f $STOP ]; then log "Please reboot the new kernel first and remove the $STOP file!" 1 fi $DEBUG cd $SRC $DEBUG find . -type l -name obj | $DEBUG xargs rm $DEBUG make cleandir $DEBUG rm -rf $TOOLDIR/* $DEBUG make obj $DEBUG cd $SRC/etc $DEBUG make DESTDIR=/ distrib-dirs $DEBUG cd $SRC $DEBUG make build if [ ! $? = 0 ]; then log "Something went wrong when building the userland, please investigate!" 1 else log "Build succeeded, you may install the kernel and userland now:" log "cd $SRC && make build" fi } pkgsrc_netbsd() { log "Checking for outdated packages..." checkpriv $PKGSRC which pkg_chk > /dev/null || log "Please install pkgtools/pkg_chk!" 1 CHK=`mktemp -t pkg_chk` # Just guess why we're not updating sudo(8) in this routine :) $DEBUG pkg_chk -u -n 2>/dev/null | awk '/^[a-z]/ && !/security\/sudo/ {print $1}' > $CHK [ ! -s $CHK ] && rm $CHK && log "No outdated packages found." 0 log "Updating $OS packages..." for p in `cat $CHK`; do log "Updating $p..." $DEBUG cd $PKGSRC/"$p" $DEBUG make update done rm $CHK log "Running download-vulnerability-list, audit-packages..." $DEBUG sudo download-vulnerability-list > /dev/null $DEBUG sudo audit-packages } pkgsrc_openbsd() { echo TBD exit 2 } case "$1" in src-cvs) log "Updating $OS src via CVS..." checkpriv $SRC_CVS cd $SRC_CVS $DEBUG cvs update -dP 2>&1 | egrep -v '^cvs update:|^cvs server:' log "CVS tree in $SRC_CVS updated." ;; src) log "Updating $OS kernel+userland..." checkpriv $SRC # For readability's sake, these are functions now case $OS in netbsd) src_netbsd ;; openbsd) src_openbsd ;; esac ;; pkgsrc-cvs) log "Updating $OS pksrc via CVS..." checkpriv $PKGSRC_CVS cd $PKGSRC_CVS # FIXME! [ "$OS" = openbsd ] && export CVSROOT=anoncvs@anoncvs.de.openbsd.org:/cvs $DEBUG cvs update -dP 2>&1 | egrep -v '^cvs update:|^cvs server:' log "CVS tree in $PKGSRC_CVS updated." ;; pkgsrc) # For readability's sake, these are functions now case $OS in netbsd) pkgsrc_netbsd ;; openbsd) pkgsrc_openbsd ;; esac ;; *) echo "Usage: `basename $0` [src-cvs|src|pkgsrc-cvs|pkgsrc]" exit 0 ;; esac