Stuart Henderson wrote:
> Sounds reasonable. Do you want to try changing that, make sure it works
> ("man release"), and propose a diff?
Here's what I came up with. This should work with both install and upgrade
flows, including sysupgrade. You'll notice that during a sysupgrade the
proxy is not passed directly to the installer (so fw_update from within
the preinstallation environment will fail); however, this seems largely
unnecessary as fw_update is always run again on the following boot anyway.
I believe this would only impact a very, very small number of machines that
need a firmware update before they can boot the new kernel. (Apple?)
sysupgrade was modified to add the proxy to rc.firsttime so it catches it
on the next boot when it runs fw_update and syspatch.
For this to support sysupgrade flow before the next release, the patch to
sysupgrade should be applied beforehand to the current release. This will
work even without the patches to install.sub in the present bsd.rd.
I did test this numerous ways but more testing would be appreciated!
Regards
Lloyd
Index: sysupgrade.sh
===================================================================
RCS file: /cvs/src/usr.sbin/sysupgrade/sysupgrade.sh,v
retrieving revision 1.58
diff -u -p -u -p -r1.58 sysupgrade.sh
--- sysupgrade.sh 3 Feb 2025 18:55:55 -0000 1.58
+++ sysupgrade.sh 8 Sep 2025 21:58:32 -0000
@@ -219,9 +219,17 @@ Pathname to the sets = ${SETSDIR}/
Directory does not contain SHA256.sig. Continue without verification = yes
__EOT
+[[ -e /etc/rc.firsttime ]] && rm -f /etc/rc.firsttime
+
+# If a proxy was needed to fetch the sets, pass it to rc.firsttime
+[[ -n $http_proxy ]] &&
+ cat <<__EOT >> /etc/rc.firsttime
+export http_proxy="${http_proxy}"
+__EOT
+
if ! ${KEEP}; then
CLEAN=$(echo BUILDINFO SHA256 ${SETS} | sed -e 's/ /,/g')
- cat <<__EOT > /etc/rc.firsttime
+ cat <<__EOT >> /etc/rc.firsttime
rm -f ${SETSDIR}/{${CLEAN}}
__EOT
fi
Index: install.sub
===================================================================
RCS file: /cvs/src/distrib/miniroot/install.sub,v
retrieving revision 1.1269
diff -u -p -u -p -r1.1269 install.sub
--- install.sub 6 Apr 2025 11:54:36 -0000 1.1269
+++ install.sub 8 Sep 2025 21:57:55 -0000
@@ -1864,7 +1864,7 @@ install_files() {
reset_watchdog
}
-# Fetch install sets from an HTTP server possibly using a proxy.
+# Fetch install sets from an HTTP server.
install_http() {
local _d _f _flist _file_list _prompt _tls _http_proto _url_base
local _idx=/tmp/i/index.txt _sha=/tmp/i/SHA256 _sig=/tmp/i/SHA256.sig
@@ -1876,13 +1876,6 @@ install_http() {
# mirror and local servers. That ensures that the mirror server ends
# up in /etc/installurl file if one of the servers is not a mirror.
- # N.B.: 'http_proxy' is an environment variable used by ftp(1).
- # DON'T change the name or case!
- ask "HTTP proxy URL? (e.g. 'http://proxy:8080', or 'none')" \
- "${http_proxy:-none}"
- unset http_proxy
- [[ $resp == none ]] || export http_proxy=$resp
-
# If the mirror server listfile download failed, inform the user and
# show a reduced prompt.
if [[ -s $HTTP_LIST ]]; then
@@ -2237,6 +2230,16 @@ donetconfig() {
fi
}
+# Configure proxy settings
+doproxy() {
+ # N.B.: 'http_proxy' is an environment variable used by ftp(1).
+ # DON'T change the name or case!
+ ask "HTTP proxy URL? (e.g. 'http://proxy:8080', or 'none')" \
+ "${http_proxy:-none}"
+ unset http_proxy
+ [[ $resp == none ]] || export http_proxy=$resp
+}
+
# Ask user about daemon startup on boot, X Window usage and console setup.
# The actual configuration is done later in apply().
questions() {
@@ -3189,6 +3192,9 @@ do_install() {
# Configure the network.
donetconfig
+ # Set proxy (if needed)
+ doproxy
+
# Fetch list of mirror servers and installer choices from previous runs.
start_cgiinfo
@@ -3466,6 +3472,9 @@ do_upgrade() {
# Configure the network.
enable_network
+
+ # Set proxy (if needed)
+ doproxy
# Create a skeletal /etc/fstab which is usable for the upgrade process.
munge_fstab
