Mirrors/BastilleBSD_bastille
1
0
Fork 1
mirror of https://github.com/BastilleBSD/bastille.git synced 2025-12-12 01:49:51 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1333 from BastilleBSD/upgrade-fixes

Browse Source 
upgrade: many fixes
This commit is contained in:
tschettervictor
2025-12-02 15:46:51 -07:00
committed by GitHub
parent 053bfe9d34 06f377c047
commit 5e333433e8
2 changed files with 44 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
usr/local/etc/bastille/bastille.conf.sample
View File

@@ -2,7 +2,7 @@
## [ BastilleBSD ] ## ## [ BastilleBSD ] ##
##################### #####################
## default paths ## Default paths
bastille_prefix="/usr/local/bastille" ## default: "/usr/local/bastille" bastille_prefix="/usr/local/bastille" ## default: "/usr/local/bastille"
bastille_backupsdir="${bastille_prefix}/backups" ## default: "${bastille_prefix}/backups" bastille_backupsdir="${bastille_prefix}/backups" ## default: "${bastille_prefix}/backups"
bastille_cachedir="${bastille_prefix}/cache" ## default: "${bastille_prefix}/cache" bastille_cachedir="${bastille_prefix}/cache" ## default: "${bastille_prefix}/cache"
@@ -14,10 +14,10 @@ bastille_logsdir="/var/log/bastille" ## default
## pf configuration path ## pf configuration path
bastille_pf_conf="/etc/pf.conf" ## default: "/etc/pf.conf" bastille_pf_conf="/etc/pf.conf" ## default: "/etc/pf.conf"
## bastille scripts directory (assumed by bastille pkg) ## Bastille commands directory (assumed by bastille pkg)
bastille_sharedir="/usr/local/share/bastille" ## default: "/usr/local/share/bastille" bastille_sharedir="/usr/local/share/bastille" ## default: "/usr/local/share/bastille"
## bootstrap archives, which components of the OS to install. ## Bootstrap archives, which components of the OS to install.
## base - The base OS, kernel + userland ## base - The base OS, kernel + userland
## lib32 - Libraries for compatibility with 32 bit binaries ## lib32 - Libraries for compatibility with 32 bit binaries
## ports - The FreeBSD ports (3rd party applications) tree ## ports - The FreeBSD ports (3rd party applications) tree
@@ -27,7 +27,7 @@ bastille_sharedir="/usr/local/share/bastille" ## default
## bastille_bootstrap_archives="base lib32 ports src test" ## bastille_bootstrap_archives="base lib32 ports src test"
bastille_bootstrap_archives="base" ## default: "base" bastille_bootstrap_archives="base" ## default: "base"
## pkgbase package sets (used for FreeBSD 15+) ## Pkgbase package sets
## Any set with [-dbg] can be installed with debugging ## Any set with [-dbg] can be installed with debugging
## symbols by adding '-dbg' to the package set ## symbols by adding '-dbg' to the package set
## base[-dbg] - Base system ## base[-dbg] - Base system
@@ -45,16 +45,16 @@ bastille_bootstrap_archives="base" ## default
## bastille_pkgbase_packages="base-jail lib32-dbg src" ## bastille_pkgbase_packages="base-jail lib32-dbg src"
bastille_pkgbase_packages="base-jail" ## default: "base-jail" bastille_pkgbase_packages="base-jail" ## default: "base-jail"
## default timezone ## Default timezone
bastille_tzdata="" ## default: empty to use host's time zone bastille_tzdata="" ## default: empty to use host's time zone
## default jail resolv.conf ## Default jail resolv.conf
bastille_resolv_conf="/etc/resolv.conf" ## default: "/etc/resolv.conf" bastille_resolv_conf="/etc/resolv.conf" ## default: "/etc/resolv.conf"
## bootstrap urls ## Bootstrap URLs
bastille_url_freebsd="http://ftp.freebsd.org/pub/FreeBSD/releases/" ## default: "http://ftp.freebsd.org/pub/FreeBSD/releases/" bastille_url_freebsd="http://ftp.freebsd.org/pub/FreeBSD/releases/" ## default: "http://ftp.freebsd.org/pub/FreeBSD/releases/"
bastille_url_hardenedbsd="https://installers.hardenedbsd.org/pub/" ## default: "https://installer.hardenedbsd.org/pub/HardenedBSD/releases/" bastille_url_hardenedbsd="https://installers.hardenedbsd.org/pub/" ## default: "https://installer.hardenedbsd.org/pub/HardenedBSD/releases/"
bastille_url_midnightbsd="https://www.midnightbsd.org/ftp/MidnightBSD/releases/" ## default: "https://www.midnightbsd.org/pub/MidnightBSD/releases/" bastille_url_midnightbsd="https://www.midnightbsd.org/ftp/MidnightBSD/releases/" ## default: "https://www.midnightbsd.org/pub/MidnightBSD/releases/"
## ZFS options ## ZFS options
bastille_zfs_enable="NO" ## default: "NO" bastille_zfs_enable="NO" ## default: "NO"

62
usr/local/share/bastille/upgrade.sh
View File

@@ -104,7 +104,15 @@ thick_jail_check() {
error_exit "Use [-a|--auto] to auto-start the jail." error_exit "Use [-a|--auto] to auto-start the jail."
fi fi
if [ "${PLATFORM_OS}" = "FreeBSD" ]; then # Verify PLATFORM_OS inside jail
JAIL_PLATFORM_OS="$(${bastille_jailsdir}/${TARGET}/root/bin/freebsd-version)"
if echo "${JAIL_PLATFORM_OS}" | grep -q "HBSD"; then
JAIL_PLATFORM_OS="HardenedBSD"
else
JAIL_PLATFORM_OS="FreeBSD"
fi
if [ "${JAIL_PLATFORM_OS}" = "FreeBSD" ]; then
# Set OLD_RELEASE # Set OLD_RELEASE
OLD_RELEASE="$(${bastille_jailsdir}/${TARGET}/root/bin/freebsd-version 2>/dev/null)" OLD_RELEASE="$(${bastille_jailsdir}/${TARGET}/root/bin/freebsd-version 2>/dev/null)"
@@ -117,13 +125,13 @@ thick_jail_check() {
NEW_MAJOR_VERSION=$(echo ${NEW_RELEASE} | grep -Eo '^[0-9]+') NEW_MAJOR_VERSION=$(echo ${NEW_RELEASE} | grep -Eo '^[0-9]+')
# Validate PKGBASE or non-PKGBASE # Validate PKGBASE or non-PKGBASE
if echo "${NEW_RELEASE}" | grep -oq "\-CURRENT"; then
FREEBSD_BRANCH="current"
else
FREEBSD_BRANCH="release"
fi
if pkg -r "${bastille_jailsdir}/${TARGET}/root" which /usr/bin/uname > /dev/null 2>&1; then if pkg -r "${bastille_jailsdir}/${TARGET}/root" which /usr/bin/uname > /dev/null 2>&1; then
PKGBASE=1 PKGBASE=1
if echo "${NEW_RELEASE}" | grep -oq "\-CURRENT"; then
FREEBSD_BRANCH="current"
else
FREEBSD_BRANCH="release"
fi
fi fi
# Check if jail is already running NEW_RELEASE # Check if jail is already running NEW_RELEASE
@@ -132,7 +140,7 @@ thick_jail_check() {
error_exit "See 'bastille update TARGET' to update the jail." error_exit "See 'bastille update TARGET' to update the jail."
fi fi
elif [ "${PLATFORM_OS}" = "HardenedBSD" ]; then elif [ "${JAIL_PLATFORM_OS}" = "HardenedBSD" ]; then
# Set VERSION # Set VERSION
OLD_RELEASE="$(${bastille_jailsdir}/${TARGET}/root/bin/freebsd-version 2>/dev/null)" OLD_RELEASE="$(${bastille_jailsdir}/${TARGET}/root/bin/freebsd-version 2>/dev/null)"
@@ -160,7 +168,7 @@ thin_jail_check() {
error_exit "Use [-a|--auto] to auto-stop the jail." error_exit "Use [-a|--auto] to auto-stop the jail."
fi fi
# Set VERSION # Set OLD_RELEASE
OLD_RELEASE="$(bastille config ${TARGET} get osrelease)" OLD_RELEASE="$(bastille config ${TARGET} get osrelease)"
if [ -z "${OLD_RELEASE}" ]; then if [ -z "${OLD_RELEASE}" ]; then
error_exit "[ERROR]: Can't determine '${TARGET}' version." error_exit "[ERROR]: Can't determine '${TARGET}' version."
@@ -243,31 +251,29 @@ jail_upgrade() {
else else
if [ "${PLATFORM_OS}" = "FreeBSD" ]; then if [ "${JAIL_PLATFORM_OS}" = "FreeBSD" ]; then
local jailpath="${bastille_jailsdir}/${TARGET}/root" local jailpath="${bastille_jailsdir}/${TARGET}/root"
local work_dir="${jailpath}/var/db/freebsd-update" local work_dir="${jailpath}/var/db/freebsd-update"
local freebsd_update_conf="${jailpath}/etc/freebsd-update.conf" local freebsd_update_conf="${jailpath}/etc/freebsd-update.conf"
# Upgrade a thick jail # Upgrade a thick jail
env PAGER="/bin/cat" freebsd-update ${OPTION} --not-running-from-cron \ if env PAGER="/bin/cat" freebsd-update ${OPTION} --not-running-from-cron \
--currently-running "${OLD_RELEASE}" \ --currently-running "${OLD_RELEASE}" \
-j "${TARGET}" \ -j "${TARGET}" \
-d "${work_dir}" \ -d "${work_dir}" \
-f "${freebsd_update_conf}" \ -f "${freebsd_update_conf}" \
-r "${NEW_RELEASE}" upgrade -r "${NEW_RELEASE}" upgrade; then
UPGRADED_RELEASE="$(${bastille_jailsdir}/${TARGET}/root/bin/freebsd-version 2>/dev/null)"
if [ "${OLD_RELEASE}" = "${UPGRADED_RELEASE}" ]; then
info "\nNo upgrades available.\n"
else
# Update "osrelease" inside jail.conf using 'bastille config' # Update "osrelease" inside jail.conf using 'bastille config'
bastille config ${TARGET} set osrelease ${UPGRADED_RELEASE} >/dev/null 2>/dev/null bastille config ${TARGET} set osrelease ${UPGRADED_RELEASE} >/dev/null 2>/dev/null
warn "Please run 'bastille upgrade ${TARGET} install', restart the jail, then run 'bastille upgrade ${TARGET} install' again to finish installing updates." info "\nUpgraded ${TARGET}: ${OLD_RELEASE} > ${NEW_RELEASE}"
echo warn "\nPlease run 'bastille upgrade ${TARGET} install', restart the jail, then run 'bastille upgrade ${TARGET} install' again to finish installing the upgrade.\n"
else
info "\nNo upgrades available.\n"
fi fi
elif [ "${PLATFORM_OS}" = "HardenedBSD" ]; then elif [ "${JAIL_PLATFORM_OS}" = "HardenedBSD" ]; then
local jailname="${TARGET}" local jailname="${TARGET}"
local jailpath="${bastille_jailsdir}/${TARGET}/root" local jailpath="${bastille_jailsdir}/${TARGET}/root"
@@ -296,10 +302,10 @@ jail_upgrade() {
-c "${hbsd_update_conf}" -c "${hbsd_update_conf}"
UPGRADED_RELEASE="$(${bastille_jailsdir}/${TARGET}/root/bin/freebsd-version 2>/dev/null)" UPGRADED_RELEASE="$(${bastille_jailsdir}/${TARGET}/root/bin/freebsd-version 2>/dev/null)"
if [ "${OLD_RELEASE}" = "${UPGRADED_RELEASE}" ]; then if [ "${OLD_RELEASE}" != "${UPGRADED_RELEASE}" ]; then
info "\nNo upgrades available.\n"
else
info "\nUpgraded ${TARGET}: ${OLD_RELEASE} -> ${UPGRADED_RELEASE}\n" info "\nUpgraded ${TARGET}: ${OLD_RELEASE} -> ${UPGRADED_RELEASE}\n"
else
info "\nNo upgrades available.\n"
fi fi
fi fi
fi fi
@@ -307,7 +313,7 @@ jail_upgrade() {
jail_upgrade_pkgbase() { jail_upgrade_pkgbase() {
if [ "${PLATFORM_OS}" = "FreeBSD" ]; then if [ "${JAIL_PLATFORM_OS}" = "FreeBSD" ]; then
local jailpath="${bastille_jailsdir}/${TARGET}/root" local jailpath="${bastille_jailsdir}/${TARGET}/root"
local abi="FreeBSD:${NEW_MAJOR_VERSION}:${HW_MACHINE_ARCH}" local abi="FreeBSD:${NEW_MAJOR_VERSION}:${HW_MACHINE_ARCH}"
@@ -382,7 +388,7 @@ jail_upgrade_pkgbase() {
jail_updates_install() { jail_updates_install() {
if [ "${PLATFORM_OS}" = "FreeBSD" ]; then if [ "${JAIL_PLATFORM_OS}" = "FreeBSD" ]; then
local jailpath="${bastille_jailsdir}/${TARGET}/root" local jailpath="${bastille_jailsdir}/${TARGET}/root"
local work_dir="${jailpath}/var/db/freebsd-update" local work_dir="${jailpath}/var/db/freebsd-update"
@@ -438,4 +444,4 @@ case ${NEW_RELEASE} in
fi fi
fi fi
;; ;;
esac esac