Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

update: set -d and -f for release updates and thick jail updates #810

Merged
merged 4 commits into from
Jan 20, 2025
Merged

update: set -d and -f for release updates and thick jail updates #810

Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
b22d68d
update: set -d and -f for release updates and think jail updates
tschettervictor Jan 14, 2025
2f7120a
update: add debug, code cleanup
tschettervictor Jan 14, 2025
a74f871
update: Use -j jailpath and _release path as vars
tschettervictor Jan 16, 2025
6eaa16e
update: use “workdir”
tschettervictor Jan 17, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
137 changes: 90 additions & 47 deletions usr/local/share/bastille/update.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,39 +34,62 @@
. /usr/local/etc/bastille/bastille.conf

usage() {
error_exit "Usage: bastille update [release|container|template] | [force]"
}
error_notify "Usage: bastille update [option(s)] TARGET"
cat << EOF
Options:

# Handle special-case commands first.
case "$1" in
help|-h|--help)
usage
;;
esac
-a | --auto Auto mode. Start/stop jail(s) if required.
-f | --force Force update a release.
-x | --debug Enable debug mode.

EOF
exit 1
}

if [ $# -gt 2 ] || [ $# -lt 1 ]; then
usage
fi

bastille_root_check
# Handle options.
OPTION=""
AUTO=0
while [ "$#" -gt 0 ]; do
case "${1}" in
-h|--help|help)
usage
;;
-a|--auto)
AUTO=1
shift
;;
-f|--force)
OPTION="-F"
shift
;;
-x|--debug)
enable_debug
shift
;;
-*)
for _opt in $(echo ${1} | sed 's/-//g' | fold -w1); do
case ${_opt} in
a) AUTO=1 ;;
f) OPTION="-F" ;;
x) enable_debug ;;
*) error_exit "Unknown Option: \"${1}\"" ;;
esac
done
shift
;;
*)
break
;;
esac
done

TARGET="${1}"
OPTION="${2}"

# Handle options
case "${OPTION}" in
-f|--force)
OPTION="-F"
;;
*)
OPTION=
;;
esac

# Check for unsupported actions
if [ "${TARGET}" = "ALL" ]; then
error_exit "Batch upgrade is unsupported."
fi

bastille_root_check

if [ -f "/bin/midnightbsd-version" ]; then
echo -e "${COLOR_RED}Not yet supported on MidnightBSD.${COLOR_RESET}"
Expand All @@ -86,45 +109,64 @@ arch_check() {

jail_check() {
# Check if the jail is thick and is running
if [ ! "$(/usr/sbin/jls name | awk "/^${TARGET}$/")" ]; then
error_exit "[${TARGET}]: Not started. See 'bastille start ${TARGET}'."
else
if grep -qw "${bastille_jailsdir}/${TARGET}/root/.bastille" "${bastille_jailsdir}/${TARGET}/fstab"; then
error_exit "${TARGET} is not a thick container."
fi
set_target_single "${TARGET}"
check_target_is_running "${TARGET}" || if [ "${AUTO}" -eq 1 ]; then
bastille start "${TARGET}"
else
error_notify "Jail is not running."
error_continue "Use [-a|--auto] to auto-start the jail."
fi
if grep -qw "${bastille_jailsdir}/${TARGET}/root/.bastille" "${bastille_jailsdir}/${TARGET}/fstab"; then
error_notify "${TARGET} is not a thick container."
error_exit "See 'bastille update RELEASE' to update thin jails."
fi
}

jail_update() {
local _jailname="${1}"
local _jailpath="${bastille_jailsdir}/${TARGET}/root"
local _freebsd_update_conf="${_jailpath}/etc/freebsd-update.conf"
local _workdir="${_jailpath}/var/db/freebsd-update"
# Update a thick container
if [ -d "${bastille_jailsdir}/${TARGET}" ]; then
jail_check
if [ -d "${bastille_jailsdir}/${TARGET}" ]; then
CURRENT_VERSION=$(/usr/sbin/jexec -l "${TARGET}" freebsd-version 2>/dev/null)
if [ -z "${CURRENT_VERSION}" ]; then
error_exit "Can't determine '${TARGET}' version."
else
env PAGER="/bin/cat" freebsd-update ${OPTION} --not-running-from-cron -b "${bastille_jailsdir}/${TARGET}/root" \
fetch install --currently-running "${CURRENT_VERSION}"
env PAGER="/bin/cat" freebsd-update ${OPTION} \
--not-running-from-cron \
-j "${_jailname}" \
-d "${_workdir}" \
-f "${_freebsd_update_conf}" \
fetch install
fi
else
error_exit "${TARGET} not found. See 'bastille bootstrap'."
fi
}

release_update() {
local _releasepath="${bastille_releasesdir}/${TARGET}"
local _freebsd_update_conf="${_releasepath}/etc/freebsd-update.conf"
local _workdir="${_releasepath}/var/db/freebsd-update"
# Update a release base(affects child containers)
if [ -d "${bastille_releasesdir}/${TARGET}" ]; then
if [ -d "${_releasepath}" ]; then
TARGET_TRIM="${TARGET}"
if [ -n "${ARCH_I386}" ]; then
TARGET_TRIM=$(echo "${TARGET}" | sed 's/-i386//')
fi

env PAGER="/bin/cat" freebsd-update ${OPTION} --not-running-from-cron -b "${bastille_releasesdir}/${TARGET}" \
env PAGER="/bin/cat" freebsd-update ${OPTION} \
--not-running-from-cron \
-b "${_releasepath}" \
-d "${_workdir}" \
-f "${_freebsd_update_conf}" \
fetch --currently-running "${TARGET_TRIM}"
env PAGER="/bin/cat" freebsd-update ${OPTION} --not-running-from-cron -b "${bastille_releasesdir}/${TARGET}" \
env PAGER="/bin/cat" freebsd-update ${OPTION} \
--not-running-from-cron \
-b "${_releasepath}" \
-d "${_workdir}" \
-f "${_freebsd_update_conf}" \
install --currently-running "${TARGET_TRIM}"
else
error_exit "${TARGET} not found. See 'bastille bootstrap'."
error_exit "${TARGET} not found. See 'bastille bootstrap RELEASE'."
fi
}

Expand All @@ -145,10 +187,10 @@ template_update() {
templates_update() {
# Update all templates
_updated_templates=0
if [ -d "${bastille_templatesdir}" ]; then
# shellcheck disable=SC2045
for _template_path in $(ls -d "${bastille_templatesdir}"/*/*); do
if [ -d "$_template_path"/.git ]; then
if [ -d ${bastille_templatesdir} ]; then
# shellcheck disable=SC2045
for _template_path in $(ls -d ${bastille_templatesdir}/*/*); do
if [ -d $_template_path/.git ]; then
BASTILLE_TEMPLATE=$(echo "$_template_path" | awk -F / '{ print $(NF-1) "/" $NF }')
template_update

Expand All @@ -174,5 +216,6 @@ elif echo "${TARGET}" | grep -q "[0-9]\{2\}.[0-9]-RELEASE"; then
arch_check
release_update
else
jail_update
jail_check
jail_update "${TARGET}"
fi