From 7c7740e3d8fed37e286a144d740883da720f2fb3 Mon Sep 17 00:00:00 2001 From: Bryan Drewery Date: Wed, 5 Jul 2017 20:02:44 +0000 Subject: Restore /boot/entropy handling incorrectly lost in upstream 1.2.7 tag. PR: 219256 --- sysutils/beadm/Makefile | 2 +- sysutils/beadm/files/patch-beadm | 83 ++++++++++++++++++++++++++++++++++++++++ 2 files changed, 84 insertions(+), 1 deletion(-) create mode 100644 sysutils/beadm/files/patch-beadm (limited to 'sysutils/beadm') diff --git a/sysutils/beadm/Makefile b/sysutils/beadm/Makefile index ca867d7e1673..d1adaebf56a1 100644 --- a/sysutils/beadm/Makefile +++ b/sysutils/beadm/Makefile @@ -2,7 +2,7 @@ PORTNAME= beadm PORTVERSION= 1.2.7 -PORTREVISION= 0 +PORTREVISION= 1 CATEGORIES= sysutils MASTER_SITES= GH \ http://mirror.shatow.net/freebsd/${PORTNAME}/ \ diff --git a/sysutils/beadm/files/patch-beadm b/sysutils/beadm/files/patch-beadm new file mode 100644 index 000000000000..f75f72f259d5 --- /dev/null +++ b/sysutils/beadm/files/patch-beadm @@ -0,0 +1,83 @@ +diff --git beadm beadm +index 6a0e397..f817e40 100755 +--- beadm ++++ beadm +@@ -128,6 +128,24 @@ __be_new() { # 1=SOURCE 2=TARGET + unset NAME_NEW + unset NAME_SANITY + local SOURCE=$( echo ${1} | cut -d '@' -f 1 ) ++ local ENTROPY=0 ++ # secure current /boot/entropy file ++ if [ -f /boot/entropy ] ++ then ++ if ! cp -p /boot/entropy /boot/entropy.OLD 1> /dev/null 2> /dev/null ++ then ++ echo "ERROR: Can not copy current '/boot/entropy' file" ++ exit 1 ++ fi ++ ENTROPY=1 ++ fi ++ # create new /boot/entropy file that would be used in new boot environment ++ if ! dd if=/dev/random of=/boot/entropy bs=4096 count=1 1> /dev/null 2> /dev/null ++ then ++ echo "ERROR: Can not generate new '/boot/entropy' file" ++ exit 1 ++ fi ++ # create snapshot that will be used as a base for new boot environment + if __be_snapshot ${1} + then + # create boot environment from snapshot +@@ -138,6 +156,13 @@ __be_new() { # 1=SOURCE 2=TARGET + if ! zfs list -H -o name ${FS}@${SNAPSHOT} 1> /dev/null 2> /dev/null + then + echo "ERROR: Child snapshot '${FS}@${SNAPSHOT}' does not exist" ++ if [ ${ENTROPY} -ne 0 ] ++ then ++ if ! mv /boot/entropy.OLD /boot/entropy 1> /dev/null 2> /dev/null ++ then ++ echo "WARNING: Can not bring back original '/boot/entropy' file" ++ fi ++ fi + exit 1 + fi + done +@@ -146,6 +171,13 @@ __be_new() { # 1=SOURCE 2=TARGET + if zfs list -H -o name ${1}@${2##*/} 1> /dev/null 2> /dev/null + then + echo "ERROR: Snapshot '${1}@${2##*/}' already exists" ++ if [ ${ENTROPY} -ne 0 ] ++ then ++ if ! mv /boot/entropy.OLD /boot/entropy 1> /dev/null 2> /dev/null ++ then ++ echo "WARNING: Can not bring back original '/boot/entropy' file" ++ fi ++ fi + exit 1 + fi + # snapshot format +@@ -153,9 +185,25 @@ __be_new() { # 1=SOURCE 2=TARGET + if ! zfs snapshot -r ${1}@${FMT} 1> /dev/null 2> /dev/null + then + echo "ERROR: Cannot create snapshot '${1}@${FMT}'" ++ if [ ${ENTROPY} -ne 0 ] ++ then ++ if ! mv /boot/entropy.OLD /boot/entropy 1> /dev/null 2> /dev/null ++ then ++ echo "WARNING: Can not bring back original '/boot/entropy' file" ++ fi ++ fi + exit 1 + fi + fi ++ # bring back secured /boot/entropy.OLD file ++ if [ -f /boot/entropy.OLD ] ++ then ++ if ! mv /boot/entropy.OLD /boot/entropy 1> /dev/null 2> /dev/null ++ then ++ echo "WARNING: Can not bring back original '/boot/entropy' file" ++ fi ++ fi ++ unset ENTROPY + # clone properties of source boot environment + zfs list -H -o name -r ${SOURCE} \ + | grep -v '@' \ -- cgit v1.2.3