diff options
Diffstat (limited to 'release')
53 files changed, 174 insertions, 142 deletions
diff --git a/release/Makefile b/release/Makefile index 12f5114f8b22..13532097d56c 100644 --- a/release/Makefile +++ b/release/Makefile @@ -448,9 +448,7 @@ release: real-release vm-release cloudware-release oci-release release-done: touch release -real-release: - ${MAKE} -C ${.CURDIR} ${.MAKEFLAGS} obj - ${MAKE} -C ${.CURDIR} ${.MAKEFLAGS} ${RELEASE_TARGETS} +real-release: obj .WAIT ${RELEASE_TARGETS} install: release-install vm-install oci-install .WAIT cloud-install diff --git a/release/Makefile.mirrors b/release/Makefile.mirrors index 6778b86873e6..924d289d1c44 100644 --- a/release/Makefile.mirrors +++ b/release/Makefile.mirrors @@ -382,16 +382,16 @@ pkgbase-repo-stage: mkdir -p ${PKGBASE_DIR}/Latest mkdir -p ${PKGBASE_DIR}/${BUILDDATE} cd ${RELEASEDIR}/pkgbase && \ - mv pkgbase-repo.tar pkgbase-repo-${SNAP_SUFFIX}.tar - cp -p ${RELEASEDIR}/pkgbase/pkgbase-repo-${SNAP_SUFFIX}.tar \ - ${PKGBASE_DIR}/${BUILDDATE}/pkgbase-repo-${SNAP_SUFFIX}.tar + mv pkgbase-repo.tar ${OSRELEASE}-pkgbase-repo-${SNAP_SUFFIX}.tar + cp -p ${RELEASEDIR}/pkgbase/${OSRELEASE}-pkgbase-repo-${SNAP_SUFFIX}.tar \ + ${PKGBASE_DIR}/${BUILDDATE}/${OSRELEASE}-pkgbase-repo-${SNAP_SUFFIX}.tar cd ${PKGBASE_DIR}/Latest && \ - ln -s ../${BUILDDATE}/pkgbase-repo-${SNAP_SUFFIX}.tar \ - pkgbase-repo.tar + ln -s ../${BUILDDATE}/${OSRELEASE}-pkgbase-repo-${SNAP_SUFFIX}.tar \ + ${OSRELEASE}-pkgbase-repo.tar cd ${RELEASEDIR}/pkgbase && rm -f CHECKSUM.* . for CHECKSUM in ${CHECKSUM_FILES} cd ${RELEASEDIR}/pkgbase && \ - ${CHECKSUM:tl} pkgbase-repo-*.tar > CHECKSUM.${CHECKSUM}-${SNAP_SUFFIX} + ${CHECKSUM:tl} ${OSRELEASE}-pkgbase-repo-*.tar > CHECKSUM.${CHECKSUM}-${SNAP_SUFFIX} cp -p ${RELEASEDIR}/pkgbase/CHECKSUM.${CHECKSUM}-${SNAP_SUFFIX} \ ${PKGBASE_DIR}/${BUILDDATE}/CHECKSUM.${CHECKSUM}-${SNAP_SUFFIX} cd ${PKGBASE_DIR}/Latest && \ @@ -403,10 +403,13 @@ pkgbase-repo-stage: rm -rf ${PKGBASE_DIR}/Latest . endif mkdir -p ${PKGBASE_DIR}/Latest - cp -p ${RELEASEDIR}/pkgbase/pkgbase-repo.tar \ - ${PKGBASE_DIR}/Latest/pkgbase-repo.tar -. endfor + cd ${RELEASEDIR}/pkgbase && \ + mv pkgbase-repo.tar ${OSRELEASE}-pkgbase-repo.tar + cp -p ${RELEASEDIR}/pkgbase/${OSRELEASE}-pkgbase-repo.tar \ + ${PKGBASE_DIR}/Latest/${OSRELEASE}-pkgbase-repo.tar . for CHECKSUM in ${CHECKSUM_FILES} + cd ${RELEASEDIR}/pkgbase && \ + ${CHECKSUM:tl} ${OSRELEASE}-pkgbase-repo.tar > CHECKSUM.${CHECKSUM} cp -p ${RELEASEDIR}/pkgbase/CHECKSUM.${CHECKSUM} \ ${PKGBASE_DIR}/Latest/CHECKSUM.${CHECKSUM} . endfor diff --git a/release/arm64/RPI.conf b/release/arm64/RPI.conf index b973687c535d..d418dae28d3a 100644 --- a/release/arm64/RPI.conf +++ b/release/arm64/RPI.conf @@ -3,8 +3,9 @@ # DTB_DIR="/usr/local/share/rpi-firmware" -DTB="bcm2710-rpi-2-b.dtb bcm2710-rpi-3-b.dtb bcm2710-rpi-3-b-plus.dtb bcm2710-rpi-cm3.dtb \ - bcm2711-rpi-4-b.dtb bcm2711-rpi-cm4-io.dtb bcm2711-rpi-cm4.dtb" +DTB="bcm2710-rpi-2-b.dtb bcm2710-rpi-3-b.dtb bcm2710-rpi-3-b-plus.dtb \ + bcm2710-rpi-cm3.dtb bcm2710-rpi-zero-2-w.dtb bcm2711-rpi-4-b.dtb \ + bcm2711-rpi-cm4-io.dtb bcm2711-rpi-cm4.dtb" EMBEDDED_TARGET_ARCH="aarch64" EMBEDDED_TARGET="arm64" EMBEDDEDBUILD=1 diff --git a/release/packages/generate-set-ucl.lua b/release/packages/generate-set-ucl.lua index b1b70053b02a..9ba7026b75df 100755 --- a/release/packages/generate-set-ucl.lua +++ b/release/packages/generate-set-ucl.lua @@ -1,7 +1,13 @@ #!/usr/libexec/flua +-- +-- Copyright (c) 2024-2025 Baptiste Daroussin <bapt@FreeBSD.org> +-- Copyright (c) 2025 Lexi Winter <ivy@FreeBSD.org> +-- +-- SPDX-License-Identifier: BSD-2-Clause +-- --[[ usage: -generare-set-ucl.lua <template> [<variablename> <variablevalue>] +generate-set-ucl.lua <template> [<variablename> <variablevalue>] Generate the UCL for a set metapackage. The variables provided will be substituted as UCL variables. @@ -75,15 +81,15 @@ end -- Add dependencies from SET_DEPENDS. for dep in string.gmatch(pkgdeps, "[^%s]+") do obj["deps"][dep] = { - ["origin"] = "base" + ["origin"] = "base/"..dep } end --- Add a version key to all dependencies, otherwise pkg doesn't like it. +-- Add a version and origin key to all dependencies, otherwise pkg +-- doesn't like it. for dep, opts in pairs(obj["deps"]) do - if obj["deps"][dep]["version"] == nil then - obj["deps"][dep]["version"] = pkgversion - end + obj["deps"][dep]["origin"] = obj["deps"][dep]["origin"] or "base/"..dep + obj["deps"][dep]["version"] = obj["deps"][dep]["version"] or pkgversion end -- If there are no dependencies, remove the deps key, otherwise pkg raises an diff --git a/release/packages/generate-ucl.lua b/release/packages/generate-ucl.lua index ea3743894740..19a9a95d5d38 100755 --- a/release/packages/generate-ucl.lua +++ b/release/packages/generate-ucl.lua @@ -1,7 +1,13 @@ #!/usr/libexec/flua +-- +-- Copyright (c) 2024-2025 Baptiste Daroussin <bapt@FreeBSD.org> +-- Copyright (c) 2025 Lexi Winter <ivy@FreeBSD.org> +-- +-- SPDX-License-Identifier: BSD-2-Clause +-- --[[ usage: -generare-ucl.lua [<variablename> <variablevalue>]... <sourceucl> <destucl> +generate-ucl.lua [<variablename> <variablevalue>]... <sourceucl> <destucl> Build a package's UCL configuration by loading the template UCL file <sourceucl>, replacing any $VARIABLES in the UCL based on the provided @@ -161,7 +167,7 @@ if add_gen_dep(pkgname, pkggenname) then end obj["deps"][pkggenname] = { ["version"] = pkgversion, - ["origin"] = "base" + ["origin"] = "base/"..pkgprefix.."-"..pkggenname, } end @@ -217,6 +223,8 @@ if pkgprefix ~= nil and obj["deps"] ~= nil then newdeps = {} for dep, opts in pairs(obj["deps"]) do local newdep = pkgprefix .. "-" .. dep + -- Make sure origin is set. + opts["origin"] = opts["origin"] or "base/"..newdep newdeps[newdep] = opts end obj["deps"] = newdeps diff --git a/release/packages/set-template.ucl b/release/packages/set-template.ucl index b7ea2b830168..ff2c2d3e6057 100644 --- a/release/packages/set-template.ucl +++ b/release/packages/set-template.ucl @@ -4,7 +4,7 @@ name = "${PKG_NAME_PREFIX}-set-${PKGNAME}" prefix = "/" -origin = "base" +origin = "base/${PKG_NAME_PREFIX}-set-${PKGNAME}" categories = [ base ] version = "${VERSION}" maintainer = "${PKG_MAINTAINER}" diff --git a/release/packages/sets/base-dbg.ucl b/release/packages/sets/base-dbg.ucl index d9eeb2c49677..79e5de22522e 100644 --- a/release/packages/sets/base-dbg.ucl +++ b/release/packages/sets/base-dbg.ucl @@ -25,10 +25,8 @@ EOD deps { "set-minimal-dbg" { version = "${VERSION}" - origin = "base" }, "set-devel-dbg" { version = "${VERSION}" - origin = "base" } } diff --git a/release/packages/sets/base-jail-dbg.ucl b/release/packages/sets/base-jail-dbg.ucl index 7996b9afbb21..56a130367fa3 100644 --- a/release/packages/sets/base-jail-dbg.ucl +++ b/release/packages/sets/base-jail-dbg.ucl @@ -25,10 +25,8 @@ EOD deps { "set-minimal-jail-dbg" { version = "${VERSION}" - origin = "base" }, "set-devel-dbg" { version = "${VERSION}" - origin = "base" } } diff --git a/release/packages/sets/base-jail.ucl b/release/packages/sets/base-jail.ucl index d1dc17bc9860..88861510f954 100644 --- a/release/packages/sets/base-jail.ucl +++ b/release/packages/sets/base-jail.ucl @@ -28,14 +28,11 @@ EOD deps { "set-minimal-jail" { version = "${VERSION}" - origin = "base" }, "set-optional-jail" { version = "${VERSION}" - origin = "base" }, "set-devel" { version = "${VERSION}" - origin = "base" } } diff --git a/release/packages/sets/base.ucl b/release/packages/sets/base.ucl index 823e2342fab8..6a970668c13e 100644 --- a/release/packages/sets/base.ucl +++ b/release/packages/sets/base.ucl @@ -31,14 +31,11 @@ EOD deps { "set-minimal" { version = "${VERSION}" - origin = "base" }, "set-optional" { version = "${VERSION}" - origin = "base" }, "set-devel" { version = "${VERSION}" - origin = "base" } } diff --git a/release/packages/sets/optional-dbg.ucl b/release/packages/sets/optional-dbg.ucl index a221327518f9..882469c3ad57 100644 --- a/release/packages/sets/optional-dbg.ucl +++ b/release/packages/sets/optional-dbg.ucl @@ -26,6 +26,5 @@ EOD deps { "set-minimal-dbg" { version = "${VERSION}" - origin = "base" }, } diff --git a/release/packages/sets/optional-jail-dbg.ucl b/release/packages/sets/optional-jail-dbg.ucl index 84c76fa407fe..54e7309abdf1 100644 --- a/release/packages/sets/optional-jail-dbg.ucl +++ b/release/packages/sets/optional-jail-dbg.ucl @@ -26,6 +26,5 @@ EOD deps { "set-minimal-jail-dbg" { version = "${VERSION}" - origin = "base" }, } diff --git a/release/packages/sets/optional-jail.ucl b/release/packages/sets/optional-jail.ucl index da6d5fb00825..877023a10eed 100644 --- a/release/packages/sets/optional-jail.ucl +++ b/release/packages/sets/optional-jail.ucl @@ -29,6 +29,5 @@ EOD deps { "set-minimal-jail" { version = "${VERSION}" - origin = "base" }, } diff --git a/release/packages/sets/optional.ucl b/release/packages/sets/optional.ucl index f50fa17e4297..8b44dfe1f3ea 100644 --- a/release/packages/sets/optional.ucl +++ b/release/packages/sets/optional.ucl @@ -28,6 +28,5 @@ EOD deps { "set-minimal" { version = "${VERSION}" - origin = "base" }, } diff --git a/release/packages/ucl/acpi-all.ucl b/release/packages/ucl/acpi-all.ucl index 9e75822a8a04..9b63b825bd60 100644 --- a/release/packages/ucl/acpi-all.ucl +++ b/release/packages/ucl/acpi-all.ucl @@ -23,7 +23,7 @@ ACPI is a hardware standard allowing the operating system to monitor various hardware devices and system state. For example, ACPI can report whether the system is on AC or battery power. -This packages provides several utilities that can be used to interact with the +This package provides several utilities that can be used to interact with the ACPI implementation in the kernel: * The /etc/rc.d/power_profile service can be used to change system performance diff --git a/release/packages/ucl/at.ucl b/release/packages/ucl/at.ucl index 25724adfd7af..1e2495028b30 100644 --- a/release/packages/ucl/at.ucl +++ b/release/packages/ucl/at.ucl @@ -20,13 +20,11 @@ deps { # atrun relies on cron to work. "cron" { version = "${VERSION}" - origin = "base" }, # at(1) passes the command to /bin/sh "runtime" { version = "${VERSION}" - origin = "base" }, } diff --git a/release/packages/ucl/audit-all.ucl b/release/packages/ucl/audit-all.ucl index 3324795d8d9c..0ff79f7c6b73 100644 --- a/release/packages/ucl/audit-all.ucl +++ b/release/packages/ucl/audit-all.ucl @@ -39,7 +39,7 @@ The audit facility implements the de facto industry standard BSM API, file formats, and command line interface, first found in the Solaris operating system. -This packages provides the auditing daemon auditd(8) and various utilities +This package provides the auditing daemon auditd(8) and various utilities used to manage the auditing system and work with audit data. EOD diff --git a/release/packages/ucl/blocklist-all.ucl b/release/packages/ucl/blocklist-all.ucl index 92f304ac9151..273df85fc22b 100644 --- a/release/packages/ucl/blocklist-all.ucl +++ b/release/packages/ucl/blocklist-all.ucl @@ -19,12 +19,14 @@ comment = "Network blocklist daemon" desc = <<EOD -The blacklistd(8) daemon monitors failed access attempts from remote network +The blocklistd(8) daemon monitors failed access attempts from remote network locations and automatically blocks the originating network address using the system packet filter. -blacklistd(8) relies on each network daemon to report access attempts, so -only daemons which have had blacklist support added will work. +blocklistd(8) relies on each network daemon to report access attempts, so +only daemons which have had blocklist support added will work. + +The blocklistd(8) daemon was previously named blacklistd(8). EOD annotations { diff --git a/release/packages/ucl/bluetooth.ucl b/release/packages/ucl/bluetooth.ucl index c87d5e9c8420..e9c4787fdbfb 100644 --- a/release/packages/ucl/bluetooth.ucl +++ b/release/packages/ucl/bluetooth.ucl @@ -20,7 +20,6 @@ deps { # rfcomm_pppd(8) uses ppp(8) "ppp" { version = "${VERSION}" - origin = "base" }, } diff --git a/release/packages/ucl/bsdconfig.ucl b/release/packages/ucl/bsdconfig.ucl index 752c352ae904..98981f65bea4 100644 --- a/release/packages/ucl/bsdconfig.ucl +++ b/release/packages/ucl/bsdconfig.ucl @@ -20,6 +20,5 @@ deps { # bsdconfig is written in shell script, so it needs /bin/sh "runtime" { version = "${VERSION}" - origin = "base" }, } diff --git a/release/packages/ucl/bsdinstall.ucl b/release/packages/ucl/bsdinstall.ucl index 6e5cbce4e342..7fe8898b9427 100644 --- a/release/packages/ucl/bsdinstall.ucl +++ b/release/packages/ucl/bsdinstall.ucl @@ -20,6 +20,5 @@ deps { # bsdinstall is written in shell script, so it needs /bin/sh "runtime" { version = "${VERSION}" - origin = "base" }, } diff --git a/release/packages/ucl/caroot.ucl b/release/packages/ucl/caroot.ucl index 4d2b52d300fc..e43c9d0771f2 100644 --- a/release/packages/ucl/caroot.ucl +++ b/release/packages/ucl/caroot.ucl @@ -1,7 +1,6 @@ deps { "certctl": { version = "${VERSION}" - origin = "base" } } scripts: { diff --git a/release/packages/ucl/certctl.ucl b/release/packages/ucl/certctl.ucl index f12158459c5e..d2b4790946ec 100644 --- a/release/packages/ucl/certctl.ucl +++ b/release/packages/ucl/certctl.ucl @@ -19,6 +19,5 @@ deps { "openssl": { version = "${VERSION}" - origin = "base" } } diff --git a/release/packages/ucl/clang.ucl b/release/packages/ucl/clang.ucl index 956b769a1ee7..3c15d9b7ef03 100644 --- a/release/packages/ucl/clang.ucl +++ b/release/packages/ucl/clang.ucl @@ -1,11 +1,9 @@ deps { "lld" { version = "${VERSION}" - origin = "base" } "libcompiler_rt-dev" { version = "${VERSION}" - origin = "base" } } diff --git a/release/packages/ucl/ctf-all.ucl b/release/packages/ucl/ctf-all.ucl index 941990908373..970ac3ffb4fa 100644 --- a/release/packages/ucl/ctf-all.ucl +++ b/release/packages/ucl/ctf-all.ucl @@ -30,7 +30,7 @@ CTF is intended specifically for runtime program analyzers such as DTrace. This package provides the ctfconvert(1), ctfdump(1) and ctfmerge(1) utilities which are used to work with CTF data, and the libctf library which allows -application to access CTF debugging information programatically. +applications to access CTF debugging information programmatically. EOD licenses = [ "CDDL-1.0" ] diff --git a/release/packages/ucl/devd.ucl b/release/packages/ucl/devd.ucl index 8d83ab9ee020..c5fcfef1c368 100644 --- a/release/packages/ucl/devd.ucl +++ b/release/packages/ucl/devd.ucl @@ -20,6 +20,5 @@ deps { # devd uses /bin/sh to invoke hooks. "runtime" { version = "${VERSION}" - origin = "base" }, } diff --git a/release/packages/ucl/fetch-all.ucl b/release/packages/ucl/fetch-all.ucl index d14f22cb74a5..5a3c0be826fa 100644 --- a/release/packages/ucl/fetch-all.ucl +++ b/release/packages/ucl/fetch-all.ucl @@ -19,13 +19,13 @@ comment = "Retrieve a file from a remote URL" desc = <<EOD -The fetch(1) utility retieves one or more files from a remote URL via +The fetch(1) utility retrieves one or more files from a remote URL via HTTP or FTP. fetch(1) includes support for TLS, HTTP proxies, .netrc files, and includes a "mirror" mode which only downloads files which are newer on the remote site. Also provided is fetch(3), a library which allows applications to use -this functionality programatically. +this functionality programmatically. EOD annotations { diff --git a/release/packages/ucl/libbegemot-all.ucl b/release/packages/ucl/libbegemot-all.ucl index 812e94f72eaf..5bead26f69f8 100644 --- a/release/packages/ucl/libbegemot-all.ucl +++ b/release/packages/ucl/libbegemot-all.ucl @@ -41,8 +41,8 @@ calls are however clumsy to use and the usage of one of these calls is probably not portable to other systems - not all systems support both calls. The rpoll(3) family of functions is designed to overcome these restrictions. -They support the well known and understood technique of event driven programing -and, in addition to select(2) and poll(2) also support timers. +They support the well known and understood technique of event driven +programming and, in addition to select(2) and poll(2) also support timers. EOD annotations { diff --git a/release/packages/ucl/libbsdstat-all.ucl b/release/packages/ucl/libbsdstat-all.ucl index 144d4200fed9..56efee79a334 100644 --- a/release/packages/ucl/libbsdstat-all.ucl +++ b/release/packages/ucl/libbsdstat-all.ucl @@ -19,7 +19,7 @@ comment = "Periodic statistics library" desc = <<EOD -libbsdstat is a library for managing and display periodically collected +libbsdstat is a library for managing and displaying periodically collected statistics. EOD diff --git a/release/packages/ucl/unbound-all.ucl b/release/packages/ucl/local-unbound-all.ucl index e66f00be16a7..e66f00be16a7 100644 --- a/release/packages/ucl/unbound-all.ucl +++ b/release/packages/ucl/local-unbound-all.ucl diff --git a/release/packages/ucl/local-unbound.ucl b/release/packages/ucl/local-unbound.ucl new file mode 100644 index 000000000000..0f1c77a0d0ee --- /dev/null +++ b/release/packages/ucl/local-unbound.ucl @@ -0,0 +1,27 @@ +/* + * SPDX-License-Identifier: ISC + * + * Copyright (c) 2025 Lexi Winter <ivy@FreeBSD.org> + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +messages = [ + { + type: upgrade + message: <<EOM +After upgrading local-unbound, the configuration file should be regenerated +by running "service local_unbound setup" before restarting the service. +EOM + } +] diff --git a/release/packages/ucl/mandoc-all.ucl b/release/packages/ucl/mandoc-all.ucl index 3948c4ce261e..ebd6a9da59e0 100644 --- a/release/packages/ucl/mandoc-all.ucl +++ b/release/packages/ucl/mandoc-all.ucl @@ -19,7 +19,7 @@ comment = "Online manual page reader" desc = <<EOD -This packages provides man(1), a utility which can format and display system +This package provides man(1), a utility which can format and display system manual pages, along with the related utilities apropos(1) and makewhatis(8), and the mandoc(1) rendering backend. EOD diff --git a/release/packages/ucl/ncurses-all.ucl b/release/packages/ucl/ncurses-all.ucl index c0d52e046e78..3963eb98aa72 100644 --- a/release/packages/ucl/ncurses-all.ucl +++ b/release/packages/ucl/ncurses-all.ucl @@ -17,3 +17,7 @@ curses interface, and is also backward compatible with traditional BSD curses. This package ships with a limited termcap database, but it is designed to use a terminfo database provided by ports, such as in misc/terminfo-db. EOD + +annotations { + set = "minimal,minimal-jail" +} diff --git a/release/packages/ucl/newsyslog.ucl b/release/packages/ucl/newsyslog.ucl index b1dfa8253737..27b212a42b77 100644 --- a/release/packages/ucl/newsyslog.ucl +++ b/release/packages/ucl/newsyslog.ucl @@ -2,6 +2,5 @@ deps { # newsyslog uses bzip2 to compress log files. "bzip2" { version = "${VERSION}" - origin = "base" } } diff --git a/release/packages/ucl/openssl-all.ucl b/release/packages/ucl/openssl-all.ucl index 24a83ab6b9ba..4c393efe3b89 100644 --- a/release/packages/ucl/openssl-all.ucl +++ b/release/packages/ucl/openssl-all.ucl @@ -26,7 +26,7 @@ protocols such as HTTP, SMTP and DNS. OpenSSL provides openssl(1), a command-line utility used for testing TLS clients and servers, managing certificate used in TLS authentication, and -performing various miscallenous cryptographic operations. +performing various miscellaneous cryptographic operations. Also provided are two libraries, libcrypto and libssl, which can be used by applications to provide generic cryptographic functionality, and to implement diff --git a/release/packages/ucl/periodic.ucl b/release/packages/ucl/periodic.ucl index c8b8ac57c676..2a8a482f959f 100644 --- a/release/packages/ucl/periodic.ucl +++ b/release/packages/ucl/periodic.ucl @@ -19,6 +19,5 @@ deps { "cron" { version = "${VERSION}" - origin = "base" } } diff --git a/release/packages/ucl/rc.ucl b/release/packages/ucl/rc.ucl index 1a734aaa187c..854963a81ca1 100644 --- a/release/packages/ucl/rc.ucl +++ b/release/packages/ucl/rc.ucl @@ -19,7 +19,6 @@ deps { "runtime": { version = "${VERSION}" - origin = "base" } } diff --git a/release/packages/ucl/rcmds.ucl b/release/packages/ucl/rcmds.ucl index b572ff25e6c3..de608487e07d 100644 --- a/release/packages/ucl/rcmds.ucl +++ b/release/packages/ucl/rcmds.ucl @@ -20,7 +20,6 @@ deps { # The RPC daemons require rpcbind. "utilities" { version = "${VERSION}" - origin = "base" } } diff --git a/release/packages/ucl/sendmail.ucl b/release/packages/ucl/sendmail.ucl index 62d0a1f2bc61..318fd5aabbe5 100644 --- a/release/packages/ucl/sendmail.ucl +++ b/release/packages/ucl/sendmail.ucl @@ -20,6 +20,5 @@ deps { # sendmail requires make to build its configuration file. "bmake": { version = "${VERSION}" - origin = "base" } } diff --git a/release/packages/ucl/tests-all.ucl b/release/packages/ucl/tests-all.ucl index 1f3b027b7037..3ad2d0f50e6b 100644 --- a/release/packages/ucl/tests-all.ucl +++ b/release/packages/ucl/tests-all.ucl @@ -27,20 +27,17 @@ deps { # Nearly all the tests require atf to run. "atf": { version = "${VERSION}" - origin = "base" }, # The test framework requires Kyua. "kyua": { version = "${VERSION}" - origin = "base" }, # Since the purpose of the tests is to test the base system, the base # system must be installed. "set-base": { version = "${VERSION}" - origin = "base" } } diff --git a/release/packages/ucl/ufs-all.ucl b/release/packages/ucl/ufs-all.ucl index d9302bd0e3f9..b35e0f3d1dc7 100644 --- a/release/packages/ucl/ufs-all.ucl +++ b/release/packages/ucl/ufs-all.ucl @@ -32,7 +32,7 @@ utilities used to check the consistency of an existing filesystem after an unclean shutdown or panic. The libufs library is also provided, which allows applications to access -UFS filesystems programatically. +UFS filesystems programmatically. EOD annotations { diff --git a/release/packages/ucl/xz-all.ucl b/release/packages/ucl/xz-all.ucl index 16da8b76f0ac..8a7c33bcce46 100644 --- a/release/packages/ucl/xz-all.ucl +++ b/release/packages/ucl/xz-all.ucl @@ -21,7 +21,7 @@ comment = "LZMA2 data compression" desc = <<EOD xz compresses data using the LZMA2 data compression algorithm. This package provides the front-end xz(1) utility, and the liblzma library which allows -applications to use this functionality programatically. +applications to use this functionality programmatically. EOD annotations { diff --git a/release/packages/ucl/yp-all.ucl b/release/packages/ucl/yp-all.ucl index f361f319b730..fb337394fc4c 100644 --- a/release/packages/ucl/yp-all.ucl +++ b/release/packages/ucl/yp-all.ucl @@ -20,7 +20,7 @@ comment = "Yellow Pages (YP) / Network Information Service (NIS)" desc = <<EOD YP, also called NIS, is a network protocol for sharing name service -information across machines on a network. This packages contain the YP +information across machines on a network. This package contains the YP server, YP management utilities, the YP-LDAP gateway (ypldap), YP client utilities and a sample Makefile for building the YP database. EOD diff --git a/release/packages/ucl/yp.ucl b/release/packages/ucl/yp.ucl index be4310c85591..9babdbe98fb1 100644 --- a/release/packages/ucl/yp.ucl +++ b/release/packages/ucl/yp.ucl @@ -20,6 +20,5 @@ deps { # YP requires bmake to rebuild the database. "bmake": { version = "${VERSION}" - origin = "base" } } diff --git a/release/packages/ucl/zfs-all.ucl b/release/packages/ucl/zfs-all.ucl index 70ebcdacdb57..9d166452188d 100644 --- a/release/packages/ucl/zfs-all.ucl +++ b/release/packages/ucl/zfs-all.ucl @@ -39,7 +39,7 @@ This package provides the zfs(8) and zpool(8) utilities used to manage ZFS filesystems, the zfsd(8) self-healing daemon, and several other utilities, as well as the runtime libraries used internally by ZFS itself, and the libzfs_core library providing a stable interface for -managing ZFS programatically. +managing ZFS programmatically. EOD licenses = [ "CDDL-1.0" ] diff --git a/release/scripts/make-oci-image.sh b/release/scripts/make-oci-image.sh index 6e5ad69741f7..f8ea679bfd18 100644 --- a/release/scripts/make-oci-image.sh +++ b/release/scripts/make-oci-image.sh @@ -39,10 +39,18 @@ install_packages() { local abi=$1; shift local workdir=$1; shift local rootdir=${workdir}/rootfs + + # Make sure we have the keys needed for verifying package integrity if + # not already added by a parent image. if [ ! -d ${rootdir}/usr/share/keys/pkg/trusted ]; then mkdir -p ${rootdir}/usr/share/keys/pkg/trusted fi - cp /usr/share/keys/pkg/trusted/* ${rootdir}/usr/share/keys/pkg/trusted + for i in ${curdir}/../share/keys/pkg/trusted/pkg.*; do + if [ ! -f ${rootdir}/usr/share/keys/pkg/trusted/$(basename $i) ]; then + cp $i ${rootdir}/usr/share/keys/pkg/trusted + fi + done + # We install the packages and then remove repository metadata (keeping the # metadata for what was installed). This trims more than 40Mb from the # resulting image. diff --git a/release/scripts/pkg-stage.sh b/release/scripts/pkg-stage.sh index f9216b52b088..6d460a83e1da 100755 --- a/release/scripts/pkg-stage.sh +++ b/release/scripts/pkg-stage.sh @@ -110,7 +110,7 @@ ${PKGCMD} repo ${PKG_REPODIR} if [ $NO_ROOT ]; then mtree -c -p $ROOTDIR | mtree -C -k type,mode,link,size | \ - grep '^./packages/' >> $ROOTDIR/METALOG + grep '^./packages[/ ]' >> $ROOTDIR/METALOG fi # Always exit '0', even if pkg(8) complains about conflicts. diff --git a/release/tools/ec2-base.conf b/release/tools/ec2-base.conf index b6354db3d9d1..ffe2646240a5 100644 --- a/release/tools/ec2-base.conf +++ b/release/tools/ec2-base.conf @@ -36,5 +36,9 @@ vm_extra_pre_umount() { # Standard FreeBSD network configuration ec2_base_networking + # Add files from packages which weren't recorded in metalog + metalog_add_data ./usr/local/etc/dhclient.conf + metalog_add_data ./usr/local/etc/ssl/cert.pem + return 0 } diff --git a/release/tools/ec2-builder.conf b/release/tools/ec2-builder.conf index cf4276fc80ec..3b0344f9eb9a 100644 --- a/release/tools/ec2-builder.conf +++ b/release/tools/ec2-builder.conf @@ -7,17 +7,16 @@ export VMSIZE=8000m # Flags to installworld/kernel: We don't want debug symbols (kernel or -# userland), 32-bit libraries, tests, or the debugger. +# userland), 32-bit libraries, or tests. export INSTALLOPTS="WITHOUT_DEBUG_FILES=YES WITHOUT_KERNEL_SYMBOLS=YES \ - WITHOUT_LIB32=YES WITHOUT_TESTS=YES WITHOUT_LLDB=YES" + WITHOUT_LIB32=YES WITHOUT_TESTS=YES" # Equivalent to INSTALLOPTS for pkgbase vm_extra_filter_base_packages() { grep -v \ -e '.*-dbg$' \ -e '.*-lib32$' \ - -e '^FreeBSD-tests.*' \ - -e '^FreeBSD-lldb.*' + -e '^FreeBSD-set-tests' } # Packages to install into the image we're creating. In addition to packages @@ -67,5 +66,8 @@ vm_extra_pre_umount() { EOF metalog_add_data ./boot/loader.conf + # Add files from packages which weren't recorded in metalog + metalog_add_data ./usr/local/etc/dhclient.conf + return 0 } diff --git a/release/tools/ec2-small.conf b/release/tools/ec2-small.conf index 32d02cbb79e4..6564a59c2cf6 100644 --- a/release/tools/ec2-small.conf +++ b/release/tools/ec2-small.conf @@ -10,17 +10,16 @@ export VMSIZE=5000m # Flags to installworld/kernel: We don't want debug symbols (kernel or -# userland), 32-bit libraries, tests, or the debugger. +# userland), 32-bit libraries, or tests. export INSTALLOPTS="WITHOUT_DEBUG_FILES=YES WITHOUT_KERNEL_SYMBOLS=YES \ - WITHOUT_LIB32=YES WITHOUT_TESTS=YES WITHOUT_LLDB=YES" + WITHOUT_LIB32=YES WITHOUT_TESTS=YES" # Equivalent to INSTALLOPTS for pkgbase vm_extra_filter_base_packages() { grep -v \ -e '.*-dbg$' \ -e '.*-lib32$' \ - -e '^FreeBSD-tests.*' \ - -e '^FreeBSD-lldb.*' + -e '^FreeBSD-set-tests' } # Packages to install into the image we're creating. In addition to packages @@ -50,5 +49,8 @@ vm_extra_pre_umount() { # Standard FreeBSD network configuration ec2_base_networking + # Add files from packages which weren't recorded in metalog + metalog_add_data ./usr/local/etc/dhclient.conf + return 0 } diff --git a/release/tools/oci-image-notoolchain.conf b/release/tools/oci-image-notoolchain.conf index a769b53f9ff6..72a62657fa76 100644 --- a/release/tools/oci-image-notoolchain.conf +++ b/release/tools/oci-image-notoolchain.conf @@ -1,67 +1,25 @@ #! /bin/sh -# Build OCI container image with almost all packages suitable for jails, excluding compiler +# Build OCI container image with almost all packages suitable for jails, +# excluding toolchain. OCI_BASE_IMAGE=runtime oci_image_build() { set_cmd ${workdir} /bin/sh install_packages ${abi} ${workdir} \ - FreeBSD-acct \ - FreeBSD-at \ - FreeBSD-audit \ - FreeBSD-autofs \ - FreeBSD-blocklist \ - FreeBSD-bsnmp \ - FreeBSD-caroot \ - FreeBSD-certctl \ - FreeBSD-clibs \ - FreeBSD-console-tools \ - FreeBSD-cron \ - FreeBSD-csh \ + FreeBSD-bmake \ FreeBSD-dma \ - FreeBSD-ee \ - FreeBSD-fd \ - FreeBSD-fetch \ - FreeBSD-ftp \ FreeBSD-inetd \ FreeBSD-ipf \ FreeBSD-ipfw \ - FreeBSD-iscsi \ - FreeBSD-jail \ - FreeBSD-kerberos \ - FreeBSD-kerberos-lib \ - FreeBSD-libarchive \ - FreeBSD-libcompiler_rt-dev \ - FreeBSD-libexecinfo \ - FreeBSD-libucl \ - FreeBSD-locales \ - FreeBSD-lp \ - FreeBSD-mtree \ FreeBSD-natd \ FreeBSD-netmap \ - FreeBSD-newsyslog \ - FreeBSD-nfs \ - FreeBSD-nuageinit \ - FreeBSD-openssl \ - FreeBSD-periodic \ FreeBSD-pf \ - FreeBSD-pkg-bootstrap \ - FreeBSD-quotacheck \ - FreeBSD-rc \ - FreeBSD-rcmds \ - FreeBSD-rescue \ - FreeBSD-resolvconf \ - FreeBSD-runtime \ FreeBSD-ssh \ - FreeBSD-syslogd \ - FreeBSD-tcpd \ FreeBSD-telnet \ - FreeBSD-ufs \ - FreeBSD-unbound \ - FreeBSD-utilities \ - FreeBSD-vi \ - FreeBSD-yp \ + FreeBSD-xz \ FreeBSD-zfs \ - FreeBSD-zoneinfo + FreeBSD-set-minimal-jail } + diff --git a/release/tools/oci-image-runtime.conf b/release/tools/oci-image-runtime.conf index 93aad1e39250..db99e5640040 100644 --- a/release/tools/oci-image-runtime.conf +++ b/release/tools/oci-image-runtime.conf @@ -9,6 +9,10 @@ OCI_BASE_IMAGE=dynamic oci_image_build() { set_cmd ${workdir} /bin/sh + # The static image installed termcap.small into /usr/share/misc/termcap + # and we are replacing it with the full termcap file. We remove the + # small one first to avoid creating a .pkgsave file. + rm ${workdir}/rootfs/usr/share/misc/termcap install_packages ${abi} ${workdir} \ FreeBSD-runtime \ FreeBSD-certctl \ diff --git a/release/tools/vmimage.subr b/release/tools/vmimage.subr index 3b0519c21dbc..842a808c623e 100644 --- a/release/tools/vmimage.subr +++ b/release/tools/vmimage.subr @@ -70,15 +70,20 @@ vm_copy_base() { return 0 } -vm_filter_base_packages() { - # Reads a list of all base system packages from stdin. - # Writes a list of base system packages to install to stdout. - grep -v -e '^FreeBSD-src.*' -e '^FreeBSD-kernel.*' - # There are several kernel variants available in separate packages. - # For VMs it is sufficient to install only the generic kernel. - echo "FreeBSD-kernel-man" - echo "FreeBSD-kernel-generic" - echo "FreeBSD-kernel-generic-dbg" +vm_base_packages_list() { + # Output a list of package sets equivalent to what we get from + # "installworld installkernel distribution", aka. the full base + # system. + for S in base kernels; do + echo FreeBSD-set-$S + echo FreeBSD-set-$S-dbg + done + case ${TARGET_ARCH} in + amd64 | aarch64 | powerpc64) + echo FreeBSD-set-lib32 + echo FreeBSD-set-lib32-dbg + esac + echo FreeBSD-set-tests } vm_extra_filter_base_packages() { @@ -99,8 +104,7 @@ vm_install_base() { pkg_cmd="$pkg_cmd -o METALOG=METALOG" fi $pkg_cmd update - selected=$($pkg_cmd rquery -U -r FreeBSD-base %n | \ - vm_filter_base_packages | vm_extra_filter_base_packages) + selected=$(vm_base_packages_list | vm_extra_filter_base_packages) $pkg_cmd install -U -r FreeBSD-base $selected else cd ${WORLDDIR} && \ @@ -209,6 +213,16 @@ vm_extra_install_packages() { install -y -r ${PKG_REPO_NAME} $pkg done metalog_add_data ./var/db/pkg/local.sqlite + + # Add some database files which are created by pkg triggers; + # at some point in the future the tools which create these + # files should probably learn how to record them in METALOG + # (which would simplify no-root installworld as well). + metalog_add_data ./etc/login.conf.db + metalog_add_data ./etc/passwd + metalog_add_data ./etc/pwd.db + metalog_add_data ./etc/spwd.db 600 + metalog_add_data ./var/db/services.db else if [ -n "${WITHOUT_QEMU}" ]; then return 0 @@ -256,6 +270,7 @@ vm_extra_pkg_rmcache() { if [ -n "${NO_ROOT}" ]; then ${PKG_CMD} \ -o ASSUME_ALWAYS_YES=yes \ + -o INSTALL_AS_USER=yes \ -r ${DESTDIR} \ clean -y -a else @@ -275,6 +290,29 @@ buildfs() { cat ${DESTDIR}/METALOG.pkg >> ${DESTDIR}/METALOG fi + # Check for any directories in the staging tree which weren't + # recorded in METALOG, and record them now. This is a quick hack + # to avoid creating unusable VM images and should go away once + # the bugs which produce such unlogged directories are gone. + grep type=dir ${DESTDIR}/METALOG | + cut -f 1 -d ' ' | + sort -u > ${DESTDIR}/METALOG.dirs + ( cd ${DESTDIR} && find . -type d ) | + sort | + comm -23 - ${DESTDIR}/METALOG.dirs > ${DESTDIR}/METALOG.missingdirs + if [ -s ${DESTDIR}/METALOG.missingdirs ]; then + echo "WARNING: Directories exist but were not in METALOG" + cat ${DESTDIR}/METALOG.missingdirs + fi + while read DIR; do + metalog_add_data ${DIR} + done < ${DESTDIR}/METALOG.missingdirs + + # Sort METALOG file; makefs produces directories with 000 permissions + # if their contents are seen before the directories themselves. + env -i LC_COLLATE=C sort -u ${DESTDIR}/METALOG > ${DESTDIR}/METALOG.sorted + mv ${DESTDIR}/METALOG.sorted ${DESTDIR}/METALOG + case "${VMFS}" in ufs) cd ${DESTDIR} && ${MAKEFS} ${MAKEFSARGS} -o label=rootfs -o version=2 -o softupdates=1 \ |