Browse Source

Add a new function reorder_kernel() that relinks and installs the

new kernel in the background on system startup. It stores the hash
of the new kernel and sends a notification email to the admin or
root user. If it finds /usr/share/compile.tgz, it removes the
existing compile dir and replaces it with the content of (new)
archive. If the hash of /bsd does not match the stored one, no
relinking happens.
Idea from, joint work with and OK deraadt@
OK tb@ halex@
unnoticed by many
OPENBSD_6_2
rpe 7 years ago
parent
commit
caf9e7cb30
1 changed files with 35 additions and 1 deletions
  1. +35
    -1
      src/etc/rc

+ 35
- 1
src/etc/rc View File

@ -1,4 +1,4 @@
# $OpenBSD: rc,v 1.501 2017/06/06 13:59:37 florian Exp $
# $OpenBSD: rc,v 1.502 2017/06/14 21:39:53 rpe Exp $
# System startup script run by init on autoboot or after single-user. # System startup script run by init on autoboot or after single-user.
# Output and error are redirected to console by init, and the console is the # Output and error are redirected to console by init, and the console is the
@ -219,6 +219,38 @@ reorder_libs() {
fi fi
} }
# Re-link the kernel, placing the objects in a random order.
# Replace current with relinked kernel and inform root about it.
reorder_kernel() {
(
set -e
_compile_dir=/usr/share/compile
_kernel=$(sysctl -n kern.osversion)
_kernel=${_kernel%#*}
_kernel_dir=$_compile_dir/$_kernel
_sha256=$_kernel_dir/SHA256
if [[ -f /usr/share/compile.tgz ]]; then
rm -rf $_compile_dir
mkdir -m 700 -p $_compile_dir
tar -C $_compile_dir -xzf /usr/share/compile.tgz $_kernel
rm -f /usr/share/compile.tgz
fi
[[ -f $_sha256 ]] && sha256 -q -C $_sha256 /bsd
cd $_kernel_dir
make newbsd >$_kernel_dir/log 2>&1
make install >>$_kernel_dir/log 2>&1
sha256 -h $_sha256 /bsd
(echo "Kernel has been relinked and is active on next reboot\n"; \
cat $_sha256; echo "\nRelink log:\n"; cat $_kernel_dir/log ) |
mail -Es "$(hostname) Kernel relink info" root >/dev/null
) >/dev/null 2>&1 &
}
# Run rc.* script and email output to root. # Run rc.* script and email output to root.
# Usage: run_upgrade_script firsttime|sysmerge # Usage: run_upgrade_script firsttime|sysmerge
run_upgrade_script() { run_upgrade_script() {
@ -586,5 +618,7 @@ echo -n 'starting local daemons:'
start_daemon apmd sensorsd hotplugd watchdogd cron wsmoused xenodm start_daemon apmd sensorsd hotplugd watchdogd cron wsmoused xenodm
echo '.' echo '.'
reorder_kernel
date date
exit 0 exit 0

Loading…
Cancel
Save