OpenBSD src changes summary for 2016-09-05 ==========================================
distrib/miniroot distrib/sets distrib/syspatch gnu gnu/usr.bin/clang lib/libc lib/libcompiler_rt lib/libcrypto lib/libcxx lib/libunwind regress/lib regress/libexec regress/sys regress/usr.sbin sbin/init sbin/route share/man share/misc sys/arch/amd64/amd64 sys/arch/armv7/imx sys/conf sys/dev/pci sys/kern sys/net sys/sys usr.bin/mg usr.bin/openssl usr.bin/ssh usr.sbin/acme-client usr.sbin/pkg_add usr.sbin/syspatch == distrib =========================================================== 01/09 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/distrib miniroot ~ dot.profile > Relax permissions to make files readable by unpriv users again. > Found out by naddy > OK deraadt (rpe@) ~ dot.profile > Tweak comments and spacing. > OK krw, halex (rpe@) sets ~ lists/base/md.alpha ~ lists/base/md.amd64 ~ lists/base/md.armv7 ~ lists/base/md.hppa ~ lists/base/md.i386 ~ lists/base/md.landisk ~ lists/base/md.loongson ~ lists/base/md.luna88k ~ lists/base/md.macppc ~ lists/base/md.octeon ~ lists/base/md.sgi ~ lists/base/md.socppc ~ lists/base/md.sparc64 ~ lists/comp/mi > sync (deraadt@) syspatch ~ bsd.syspatch.mk > use OSREV and OSrev instead of setting them in the makefile > and remove variables for MAKE, SIGNIFY, etc. > prodded by deraadt@ (robert@) == gnu =============================================================== 02/09 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/gnu gnu ~ llvm/tools/clang/lib/Driver/Tools.cpp > Link static PIEs with the correct C runtime (rcrt0.o). > ok kettenis@ (pascal@) ~ llvm/tools/clang/lib/Driver/ToolChains.cpp ~ llvm/tools/clang/lib/Driver/ToolChains.h ~ llvm/tools/clang/lib/Frontend/InitHeaderSearch.cpp > Let clang use libc++/libc++abi and its header files per default. You can > still > use the old libstdc++ by specifying -stdlib=libstdc++. > with hints from/looks good to patrick@, ok kettenis@ (pascal@) ~ llvm/tools/clang/lib/Driver/Tools.cpp > libunwind relies on the EH frame header. Our OpenBSD frontend code > does not tell our linker to produce that header for statically linked > binaries. Just create that header for all binaries and we are fine. > ok guenther@ (patrick@) usr.bin/clang + Makefile.arch + Makefile.inc + clang/Makefile + clang-tblgen/Makefile + include/clang/Makefile + include/clang/AST/Makefile + include/clang/Basic/Makefile + include/clang/Basic/Version.inc + include/clang/Config/config.h + include/clang/Driver/Makefile + include/clang/Parse/Makefile + include/clang/Sema/Makefile + include/clang/Serialization/Makefile + include/clang/intrin/Makefile + include/llvm/Config/Makefile + include/llvm/Config/config.h + include/llvm/Config/llvm-config.h + include/llvm/IR/Makefile + include/llvm/Sparc/Makefile + include/llvm/X86/Makefile + libLLVMAnalysis/Makefile + libLLVMAsmParser/Makefile + libLLVMAsmPrinter/Makefile + libLLVMBitReader/Makefile + libLLVMBitWriter/Makefile + libLLVMCodeGen/Makefile + libLLVMCore/Makefile + libLLVMIRReader/Makefile + libLLVMInstCombine/Makefile + libLLVMInstrumentation/Makefile + libLLVMLinker/Makefile + libLLVMMC/Makefile + libLLVMMCDisassembler/Makefile + libLLVMMCParser/Makefile + libLLVMMIRParser/Makefile + libLLVMObjCARCOpts/Makefile + libLLVMObject/Makefile + libLLVMOption/Makefile + libLLVMProfileData/Makefile + libLLVMScalarOpts/Makefile + libLLVMSelectionDAG/Makefile + libLLVMSparcAsmParser/Makefile + libLLVMSparcAsmPrinter/Makefile + libLLVMSparcCodeGen/Makefile + libLLVMSparcDesc/Makefile + libLLVMSparcDisassembler/Makefile + libLLVMSparcInfo/Makefile + libLLVMSupport/Makefile + libLLVMTableGen/Makefile + libLLVMTarget/Makefile + libLLVMTransformUtils/Makefile + libLLVMVectorize/Makefile + libLLVMX86AsmParser/Makefile + libLLVMX86AsmPrinter/Makefile + libLLVMX86CodeGen/Makefile + libLLVMX86Desc/Makefile + libLLVMX86Disassembler/Makefile + libLLVMX86Info/Makefile + libLLVMX86Utils/Makefile + libLLVMipo/Makefile + libclangAST/Makefile + libclangAnalysis/Makefile + libclangBasic/Makefile + libclangCodeGen/Makefile + libclangDriver/Makefile + libclangEdit/Makefile + libclangFrontend/Makefile + libclangFrontendTool/Makefile + libclangLex/Makefile + libclangParse/Makefile + libclangRewrite/Makefile + libclangRewriteFrontend/Makefile + libclangSema/Makefile + libclangSerialization/Makefile + llc/Makefile + llvm-tblgen/Makefile > LLVM/Clang build system. This only builds the bare minimum of what is > needed > to get a working "clang" binary. > Note that you need GCC from ports to bootstrap clang. > looks good to patrick@, ok jsg@ kettenis@ (pascal@) + Makefile + clang/clang.1 + include/llvm/Support/DataTypes.h > I was bound to forget some files ... (pascal@) ~ libclangRewrite/Makefile > Fix "make depend". > ok jsg@ (pascal@) == lib =============================================================== 03/09 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib libc - citrus/citrus_ctype.c - citrus/citrus_ctype_local.h - citrus/citrus_none.h - citrus/citrus_utf8.h - locale/multibyte.h ~ citrus/Makefile.inc ~ citrus/citrus_ctype.h ~ citrus/citrus_none.c ~ citrus/citrus_utf8.c ~ locale/multibyte_citrus.c ~ locale/rune.c ~ locale/rune_local.h ~ locale/runetable.c ~ locale/runetype.h ~ locale/setrunelocale.c > Delete some abstraction that we don't and won't need. > Declare functions rather than generating declarations with macros. > Just call functions rather than mainting function pointer tables. > Purge unused arguments. Simplify mbstate_t casting. > Garbage collect one empty and one unused function. > As a bonus, make mbsinit(3) work at all, it returned garbage > in the past due to a missing cast when passing mbstate_t. > Apart from that, no functional change. > No libc bump needed; only private functions are removed and > change prototype and only private structs change size. > OK stsp@ mpi@; deraadt@ likes the general direction. (schwarze@) ~ sys/pledge.2 > correct wording; from [email protected] (deraadt@) libcompiler_rt + CMakeLists.txt + LICENSE.TXT + Makefile.mk + README.txt + absvdi2.c + absvsi2.c + absvti2.c + adddf3.c + addsf3.c + addtf3.c + addvdi3.c + addvsi3.c + addvti3.c + apple_versioning.c + ashldi3.c + ashlti3.c + ashrdi3.c + ashrti3.c + assembly.h + atomic.c + atomic_flag_clear.c + atomic_flag_test_and_set.c + atomic_flag_clear_explicit.c + atomic_flag_test_and_set_explicit.c + atomic_signal_fence.c + atomic_thread_fence.c + clear_cache.c + clzdi2.c + clzsi2.c + clzti2.c + cmpdi2.c + cmpti2.c + comparedf2.c + comparesf2.c + comparetf2.c + cpu_model.c + ctzdi2.c + ctzsi2.c + ctzti2.c + divdc3.c + divdf3.c + divdi3.c + divmoddi4.c + divmodsi4.c + divsc3.c + divsf3.c + divsi3.c + divtc3.c + divtf3.c + divti3.c + divxc3.c + emutls.c + enable_execute_stack.c + eprintf.c + extenddftf2.c + extendhfsf2.c + extendsfdf2.c + extendsftf2.c + ffsdi2.c + ffsti2.c + fixdfdi.c + fixdfsi.c + fixdfti.c + fixsfdi.c + fixsfsi.c + fixsfti.c + fixtfdi.c + fixtfsi.c + fixtfti.c + fixunsdfdi.c + fixunsdfsi.c + fixunsdfti.c + fixunssfdi.c + fixunssfsi.c + fixunssfti.c + fixunstfdi.c + fixunstfsi.c + fixunstfti.c + fixunsxfdi.c + fixunsxfsi.c + fixunsxfti.c + fixxfdi.c + fixxfti.c + floatdidf.c + floatdisf.c + floatditf.c + floatdixf.c + floatsidf.c + floatsisf.c + floatsitf.c + floattidf.c + floattisf.c + floattixf.c + floatundidf.c + floatundisf.c + floatunditf.c + floatundixf.c + floatunsidf.c + floatunsisf.c + floatunsitf.c + floatuntidf.c + floatuntisf.c + floatuntixf.c + fp_add_impl.inc + fp_extend.h + fp_extend_impl.inc + fp_fixint_impl.inc + fp_fixuint_impl.inc + fp_lib.h + fp_mul_impl.inc + fp_trunc.h + int_lib.h + fp_trunc_impl.inc + gcc_personality_v0.c + int_endianness.h + int_math.h + int_types.h + int_util.c + int_util.h + lshrdi3.c + lshrti3.c + moddi3.c + modsi3.c + modti3.c + muldc3.c + muldf3.c + muldi3.c + mulodi4.c + mulosi4.c + muloti4.c + mulsc3.c + mulsf3.c + multc3.c + multf3.c + multi3.c + mulvdi3.c + mulvsi3.c + mulvti3.c + mulxc3.c + negdf2.c + negdi2.c + negsf2.c + negti2.c + negvdi2.c + negvsi2.c + negvti2.c + paritydi2.c + paritysi2.c + parityti2.c + popcountdi2.c + popcountsi2.c + popcountti2.c + powidf2.c + powisf2.c + powitf2.c + powixf2.c + subdf3.c + subsf3.c + subtf3.c + subvdi3.c + subvsi3.c + subvti3.c + trampoline_setup.c + truncdfhf2.c + truncdfsf2.c + truncsfhf2.c + trunctfdf2.c + trunctfsf2.c + ucmpdi2.c + ucmpti2.c + udivdi3.c + udivmoddi4.c + udivmodsi4.c + udivmodti4.c + udivsi3.c + udivti3.c + umoddi3.c + umodsi3.c + umodti3.c + Darwin-excludes/osx-i386.txt + Darwin-excludes/ios7-arm64.txt + Darwin-excludes/10.4.txt + Darwin-excludes/osx.txt + Darwin-excludes/iossim-i386.txt + Darwin-excludes/iossim.txt + Darwin-excludes/ios.txt + Darwin-excludes/ios6-armv7s.txt + Darwin-excludes/ios6-armv7.txt + Darwin-excludes/CMakeLists.txt + Darwin-excludes/iossim-x86_64.txt + Darwin-excludes/README.TXT + Darwin-excludes/ios-armv7s.txt + Darwin-excludes/ios-armv7.txt + arm/sync_fetch_and_and_4.S + arm/aeabi_ldivmod.S + arm/sync-ops.h + arm/aeabi_cdcmp.S + arm/sync_fetch_and_umax_4.S + arm/bswapsi2.S + arm/sync_fetch_and_max_8.S + arm/aeabi_cfcmpeq_check_nan.c + arm/sync_fetch_and_nand_4.S + arm/addsf3vfp.S + arm/sync_fetch_and_xor_4.S + arm/udivsi3.S + arm/ltsf2vfp.S + arm/sync_fetch_and_umin_8.S + arm/truncdfsf2vfp.S + arm/gedf2vfp.S + arm/sync_fetch_and_xor_8.S + arm/aeabi_dcmp.S + arm/modsi3.S + arm/aeabi_memcpy.S + arm/sync_fetch_and_min_4.S + arm/ltdf2vfp.S + arm/umodsi3.S + arm/sync_fetch_and_add_4.S + arm/fixdfsivfp.S + arm/unorddf2vfp.S + arm/aeabi_div0.c + arm/floatsisfvfp.S + arm/aeabi_cdcmpeq_check_nan.c + arm/gtdf2vfp.S + arm/aeabi_uldivmod.S + arm/negsf2vfp.S + arm/aeabi_drsub.c + arm/ledf2vfp.S + arm/udivmodsi4.S + arm/sync_fetch_and_add_8.S + arm/adddf3vfp.S + arm/aeabi_idivmod.S + arm/switch32.S + arm/fixunssfsivfp.S + arm/aeabi_uidivmod.S + arm/divmodsi4.S + arm/floatunssisfvfp.S + arm/eqdf2vfp.S + arm/fixsfsivfp.S + arm/negdf2vfp.S + arm/sync_fetch_and_or_4.S + arm/sync_fetch_and_umin_4.S + arm/clzdi2.S + arm/aeabi_memcmp.S + arm/aeabi_cfcmp.S + arm/softfloat-alias.list + arm/nedf2vfp.S + arm/extendsfdf2vfp.S + arm/sync_fetch_and_nand_8.S + arm/nesf2vfp.S + arm/gtsf2vfp.S + arm/switch8.S + arm/sync_synchronize.S + arm/clzsi2.S + arm/switch16.S + arm/save_vfp_d8_d15_regs.S + arm/subdf3vfp.S + arm/gesf2vfp.S + arm/muldf3vfp.S + arm/fixunsdfsivfp.S + arm/unordsf2vfp.S + arm/bswapdi2.S + arm/divsi3.S + arm/lesf2vfp.S + arm/sync_fetch_and_and_8.S + arm/sync_fetch_and_sub_8.S + arm/sync_fetch_and_umax_8.S + arm/sync_fetch_and_sub_4.S + arm/aeabi_memmove.S + arm/restore_vfp_d8_d15_regs.S + arm/sync_fetch_and_or_8.S + arm/mulsf3vfp.S + arm/eqsf2vfp.S + arm/sync_fetch_and_min_8.S + arm/divsf3vfp.S + arm/floatunssidfvfp.S + arm/floatsidfvfp.S + arm/sync_fetch_and_max_4.S + arm/aeabi_memset.S + arm/comparesf2.S + arm/aeabi_fcmp.S + arm/switchu8.S + arm/Makefile.mk + arm/divdf3vfp.S + arm/subsf3vfp.S + arm/aeabi_frsub.c + arm64/Makefile.mk + armv6m/Makefile.mk + ppc/fixunstfdi.c + ppc/restFP.S + ppc/floatunditf.c + ppc/gcc_qdiv.c + ppc/saveFP.S + ppc/DD.h + ppc/gcc_qmul.c + ppc/floatditf.c + ppc/divtc3.c + ppc/gcc_qsub.c + ppc/multc3.c + ppc/fixtfdi.c + ppc/gcc_qadd.c + ppc/Makefile.mk + i386/floatdidf.S + i386/floatundisf.S + i386/floatdisf.S + i386/lshrdi3.S + i386/floatundixf.S + i386/floatdixf.S + i386/divdi3.S + i386/chkstk2.S + i386/ashrdi3.S + i386/floatundidf.S + i386/udivdi3.S + i386/muldi3.S + i386/umoddi3.S + i386/chkstk.S + i386/moddi3.S + i386/ashldi3.S + i386/Makefile.mk + x86_64/floatundisf.S + x86_64/floatdidf.c + x86_64/floatdisf.c + x86_64/floatdixf.c + x86_64/floatundixf.S + x86_64/chkstk2.S + x86_64/floatundidf.S + x86_64/chkstk.S + x86_64/Makefile.mk + macho_embedded/arm.txt + macho_embedded/thumb2.txt + macho_embedded/thumb2-64.txt + macho_embedded/common.txt + macho_embedded/CMakeLists.txt + macho_embedded/i386.txt > New import: > Import libcompiler_rt 3.9.0, LLVM's replacement for libgcc. + Makefile > Add libcompiler_rt Makefile. (pascal@) libcrypto - doc/PEM_write_bio_CMS_stream.pod - doc/SMIME_read_CMS.pod - doc/SMIME_write_CMS.pod - doc/i2d_CMS_bio_stream.pod - man/BIO_new_CMS.3 - man/CMS_add0_cert.3 - man/CMS_add1_recipient_cert.3 - man/CMS_add1_signer.3 - man/CMS_compress.3 - man/CMS_decrypt.3 - man/CMS_encrypt.3 - man/CMS_final.3 - man/CMS_get0_RecipientInfos.3 - man/CMS_get0_SignerInfos.3 - man/CMS_get0_type.3 - man/CMS_get1_ReceiptRequest.3 - man/CMS_sign.3 - man/CMS_sign_receipt.3 - man/CMS_uncompress.3 - man/CMS_verify.3 - man/CMS_verify_receipt.3 ~ doc/X509_STORE_set_verify_cb_func.pod ~ man/Makefile > remove CMS manuals; beck@ agress with the general idea (schwarze@) libcxx ~ include/__config ~ include/__locale ~ include/cstdio ~ include/support/newlib/xlocale.h > Implement OpenBSD support in libc++ and libunwind. > ok kettenis@ (patrick@) libunwind ~ src/AddressSpace.hpp > Implement OpenBSD support in libc++ and libunwind. > ok kettenis@ (patrick@) ~ src/AddressSpace.hpp ~ src/EHHeaderParser.hpp > In some cases, for instance for statically linked binaries, our binutils > does not produce the binary table which is used for optimization. > libunwind currently depends on having that table. This changes > libunwind to fall back to the default search code when the binary table > is not available. > ok kettenis@ (patrick@) == regress =========================================================== 04/09 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/regress lib ~ libc/locale/Makefile > Enable mbrtowc(3) and wcrtomb(3) tests now that mbsinit(3) works. > Related to locale/multibyte_citrus.c rev. 1.7. (schwarze@) libexec ~ ld.so/init-env/libaa/Makefile > Add a regress target so that a recursive "make regress" also builds > this library as a prerequisite. (bluhm@) sys ~ netinet/in_pcbbind/Makefile ~ netinet/in_pcbbind/runtest.c > Big refactoring in main(), simplify the invocation syntax. (vgross@) usr.sbin ~ ldapd/Makefile > Add purge to the all: target and comment out cpan for now (landry@) ~ Makefile > link ldapd regress to the build (landry@) ~ Makefile > ldapd regress is creating files during make obj; comment out until fixed > (deraadt@) == sbin ============================================================== 05/09 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sbin init ~ init.c > replace obsolete getpass() by readpassphrase() > OK tedu millert (gsoares@) ~ init.8 > for consistency, hyphenate "single-user"; > from rob pierce (jmc@) route ~ show.c > Print route labels in double quotes since they can contain spaces in the > name. > OK florian@ (claudio@) == share ============================================================= 06/09 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/share man ~ man9/Makefile + man9/RBT_INIT.9 > first cut at documenting new red-black tree code. > ok jmc@ (dlg@) ~ man9/RBT_INIT.9 > tweak previous; (jmc@) ~ man8/rc.8 > consistency fix; from rob pierce (jmc@) ~ man8/afterboot.8 ~ man8/netstart.8 > for consistency, hyphenate "single-user"; > from rob pierce (jmc@) ~ man9/RBT_INIT.9 > RBT_PREV goes to the element before the current one. (dlg@) misc - getopt ~ Makefile > Remove an old getopt example from some dusty corner. > ok tedu@ schwarze@ (bentley@) == sys =============================================================== 07/09 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys arch/amd64/amd64 ~ vmm.c > Dump vcpu and vmcs info on various fail to enter scenarios (mlarkin@) arch/armv7/imx ~ imxesdhc.c > Remove some unused bits. > ok kettenis (mglocker@) ~ imxesdhc.c > No point to jump to an empty return label in a void function. (mglocker@) ~ imxesdhc.c > Some spacing/knf while here. No functional changes. (mglocker@) conf ~ files > enable the subr_tree version of red-black trees (dlg@) dev/pci ~ if_ipw.c ~ if_ipwvar.h > convert busy flag and tsleep to rwlock as in iwm (tedu@) ~ if_iwi.c ~ if_iwivar.h > convert busy flag and tsleep to rwlock as in iwm (tedu@) ~ if_iwn.c ~ if_iwnvar.h > convert busy flag and tsleep to rwlock as in iwm (tedu@) ~ if_wpi.c ~ if_wpivar.h > convert busy flag and tsleep to rwlock as in iwm (tedu@) ~ if_ipw.c ~ if_ipwvar.h > Backout previous commit; does not compile. (kettenis@) ~ if_ipw.c ~ if_ipwvar.h > redo rwlock conversion now that i've compiled it on i386 (tedu@) kern ~ subr_pool.c > move pool red-black trees from tree.h code to subr_tree.c code > ok tedu@ (dlg@) ~ subr_pool.c > revert moving pools from tree.h to subr_tree.c rb trees. > itll go in again when i dont break userland. (dlg@) ~ uipc_proto.c > Kill raw_ctlinput() this function is INCOMPLETE since rev 1.1 and is not > needed. All callers using the protosw pr_ctlinput pointer do a NULL check > before so there is no need to provide the function. (claudio@) ~ subr_hibernate.c > Fix hibernation - make stack protector writable during resume > Committing for guenther@ because he is on United and apparently > they break ssh (as well as guitars) > ok deraadt@ in the car from cambridge (beck@) net ~ if_pppx.c > move pppx red-black trees from tree.h code to subr_tree.c code > this change and the same one for pools should have us breaking even for > the "extra" code in subr_tree. after this we will get more space back > by converting RB_ to RBT_ code, and any new red-black trees using RBT_ > are free. (dlg@) ~ if.c > Rename if_linkstate() to if_linkstate_task() and make sure that all callers > pass the ifindex to that function and not the ifp. This fixes the missing > link state change messages on if_up and if_down. This is a fix for Rev > 1.444 > which introduced this problem. > OK florian@ (claudio@) ~ pfkey.c ~ raw_cb.h ~ raw_usrreq.c ~ rtsock.c > Kill raw_ctlinput() this function is INCOMPLETE since rev 1.1 and is not > needed. All callers using the protosw pr_ctlinput pointer do a NULL check > before so there is no need to provide the function. (claudio@) ~ raw_cb.c ~ raw_usrreq.c > Remove code that was never enabled, it will not happen. (claudio@) sys ~ tree.h > enable the subr_tree version of red-black trees (dlg@) ~ pool.h > move pool red-black trees from tree.h code to subr_tree.c code > ok tedu@ (dlg@) ~ pool.h > revert moving pools from tree.h to subr_tree.c rb trees. > itll go in again when i dont break userland. (dlg@) ~ tree.h > move the types for RBT out from under #ifdef _KERNEL > this lets userland understand kernel structures with RBT bits in them. > tested by a make build on amd64 and sparc64 (dlg@) == usr.bin =========================================================== 08/09 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin mg ~ undo.c > Initialize stack variables to zero before memmove(). > Coverity Scan reported these two stack variables as uninitialized, in > particular the .r_lineno struct member was uninitialized. This patch > clears the 'struct region' rather than setting .r_lineno because if > any more struct members are added in the future the clear will cover > them too. > Source Joachim Nilsson. ok tom@ millert@ (lum@) openssl ~ progs.h > remove a cms leftover (deraadt@) ssh ~ monitor.c > enforce expected request flow for GSSAPI calls; thanks to Jakub Jelen > for testing; ok markus@ (djm@) ~ myproposal.h ~ ssh_config.5 > remove 3des-cbc from the client's default proposal; 64-bit block ciphers > are not safe in 2016 and we don't want to wait until attacks like sweet32 > are extended to SSH. > As 3des-cbc was the only mandatory cipher in the SSH RFCs, this may > cause problems connecting to older devices using the defaults, but > it's highly likely that such devices already need explicit > configuration for KEX and hostkeys anyway. > ok deraadt, markus, dtucker (djm@) == usr.sbin ========================================================== 09/09 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin acme-client - ChangeLog > this file cannot be kept accurate (deraadt@) ~ Makefile > We do not compile things -g by default (deraadt@) pkg_add ~ OpenBSD/PackageRepository/Installed.pm > forgot to provide an empty method (espie@) syspatch + Makefile + syspatch.8 + syspatch.sh > Welcome syspatch(8), a binary patch management utility for the base system. > This is currently a POC, maybe it will become something, maybe not. > Therefore it will not be hooked to the build before we are happy with it. > Workflow would be something like: > - fetch and verify signed tarballs containing the patched binaries from a > mirror > - create a rollback tarball of the files we are about to replace > - extract and install the patched files > *** BIG FAT RED DISCLAIMER *** > This is very much WIP, it does *NOT* work, don't bikeshed, don't use it! > "get it in" deraadt@ (ajacoutot@) ~ syspatch.8 ~ syspatch.sh > No need to install the /var/syspatch/$REL directory, the binpatch does it > for us. > Put /var/syspatch into a variable, it's used more than 10 times. > prodded by robert@ (ajacoutot@) ~ syspatch.sh > use a for loop for mtree for the two spec files > and add a better comment > ok ajacoutot@ (robert@) ~ syspatch.sh > Missing local. > Shorter var name. (ajacoutot@) ~ syspatch.sh > Make sure the file exists before putting it in the rollback tarball. > (ajacoutot@) =============================================================================== _______________________________________________ odc mailing list [email protected] http://www.squish.net/mailman/listinfo/odc
