Without quotes, $@ loses its special meanining (see below)
% sh -c 'echo $@' /bin/sh " 1 " " 2 "
1 2
% sh -c 'echo "$@"' /bin/sh " 1 " " 2 "
1 2
The quotes are required to get ARGV to be unperterped
The most recent version of bsdinstall does not seem to respect any of
the checkboxes in the "Choose the services you would like to be started
at boot" dialog. None of the chosen services end up in the rc.conf file
that is installed onto the target system.
This is caused by the bsdinstall/scripts/hardening script, which
implements the new hardening options dialog. The script starts by
overwriting the previously written rc.conf.services file:
echo -n > $BSDINSTALL_TMPETC/rc.conf.services
which is obviously incorrect. It should clear out rc.conf.hardening
instead.
Reviewed by: allanjude
PR: 211506
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D7387
If an encrypted install is attempted and fails for any reason, the disk
cannot be erased by the installer because the partition is in use by GELI
At the start of the installation process, all ZFS pools are exported and
all GELI instances are detached, to allow a restarted install to proceed
PR: 210814
Reported by: jonathan
MFC after: 10 days
The pools are exported and reimported in order to write the bootcode
This causes an error when the bootpool is later mounted by common code
The bootpool is now imported with the -N flag to prevent mounting
Reported by: Michael Dexter
MFC after: 5 days
This patch add new 'hardening' file responsible for new bsdinstall
'System Hardening' menu allowing users to set some sane and carefully
picked system security options (like random process id's, hiding
other users/groups processes and others).
All options are OFF by default in this patch due to POLA principle
with intention to turn change some of them to ON by default in future.
Reviewed by: adrian, allanjude, bdrewery, nwhitehorn
Approved by: adrian, allanjude
MFC after: 7 days
Not having the correct date and time makes many PKI based things not work
In 10 and 11, it can mean that Unbound, ntpd, and sshd won't start
Submitted by: des (original patch)
MFC after: 7 days
Apply the LenovoFix (fake partition in pMBR is 2nd rather than 1st)
and GPT Active fix (mark the fake pMBR partition active) to respective
hardware that is confirmed to require such to boot correct.
Submitted by: Sam Fourman Jr. <sfourman@gmail.com> (ThinkPad W520)
Submitted by: Matthias Apitz <guru@unixarea.de> (Latitude E6330)
Approved by: re (gjb)
Sponsored by: ScaleEngine Inc.
A separate bootpool is used when the selected partition type is MBR
or when the disk is GELI encrypted and a UEFI loader is selected.
BIOS avoids the bootpool by using bootcode and loader that support GELI.
bsdinstall did not remount the bootpool after creating the main pool,
which caused an error when mkdir tried to create /boot/zfs
PR: 210717
Approved by: re (gjb)
Sponsored by: ScaleEngine Inc.
Fix an error where vfs.root.mountfrom was not always set as required
when creating a bootpool. After the recent geliboot changes, it was only
set if the main pool was encrypted.
Also resolve an error where the bootpool was unmounted twice causing
bsdinstall to stop with an error message about the failed command.
Approved by: re (gjb)
Sponsored by: BSDCan Hacker Lounge
Allow to setup country and/or regulatory domain before scanning
(since channel list is affected by regulatory restrictions this may
impact scan results).
PR: 182600 (originally)
Differential Revision: https://reviews.freebsd.org/D6325
Do not set canmount=noauto on the boot environment at create time, because
this causes / to not be mounted, and since the chroot is read only, new
mountpoints cannot be created.
The property is set later, when other properties are adjusted
Reported by: HardenedBSD
Sponsored by: ScaleEngine Inc.
In this configuration, a separate bootpool is not required.
This allows ZFS Boot Environments to be used with GELI encrypted ZFS pools.
Support for GPT+EFI+GELI is planned for the future.
Tested by: Joseph Mingrone, HardenedBSD
Relnotes: yes
Sponsored by: ScaleEngine Inc.
Differential Revision: https://reviews.freebsd.org/D5869
The root file system is mounted early via vfs.root.mountfrom.
The canmount=noauto property only affects the zfs rc.d script.
This ensures that the 'default' BE is not mounted overtop of another BE when
one is selected from the beastie menu
Sponsored by: ScaleEngine Inc.
Installs both pmbr+gptzfsboot as well as boot1.efifat in separate partitions
The resulting system can be booted with either UEFI or BIOS/CSM.
Preference is controlled by the user's firmware boot settings.
This is now the default for zfsboot installs
PR: 208629
Submitted by: Galael LAPLANCHE <ganael.laplanche@corp.ovh.com> (original version)
If a user requested encrypted swap, but 0 sized, it would still be added to fstab
PR: 208630
Submitted by: Ganael LAPLANCHE <ganael.laplanche@corp.ovh.com>
MFC after: 2 weeks
Sponsored by: ScaleEngine Inc.
If the bootpool does not start at the first sector of the BSD partition
then zfsldr seeks to the wrong offset inside the ZFS vdev label, and is
unable to find zfsboot, so the system does not boot
If 4k alignment is requested, align the BSD partition in the MBR table,
and align the swap and data pool, but the bootpool must start at sector 1
While here, if 4k alignment is requested, disable MBR CHS alignment, as
this results in not-4k aligned partitions.
Reported by: Alex Wilkinson
MFC after: 5 days
Sponsored by: ScaleEngine Inc.
The Dell Precision Tower 5810 fails to boot from GPT in Legacy/BIOS mode
without the Active flag in the Protective MBR. Suggest the workaround
during installation.
Since an increasing number of Dell systems exhibit this behavior,
I imagine all Dells past a certain date will do so. I would like
to suggest the workaround for all Dells with a BIOS date of, say,
2014 or later, but I would need to test a variety of systems before
committing such a change.
Reviewed by: allanjude, dteske
MFC after: 5 days
Relnotes: We should probably suggest using GPT+Active on "recent" Dells.
Sponsored by: Dell Inc.
Differential Revision: https://reviews.freebsd.org/D4075
- Rework MANIFEST generation and parsing via bsdinstall(8).
- Allow selecting debugging distribution sets during install.
- Rework bsdinstall(8) to fetch remote debug distribution sets
when they are not available on the local install medium.
- Allow selecting additional non-GENERIC kernels during install.
At present, GENERIC is still required, and installed by default.
Tested with: head@r293203
Sponsored by: The FreeBSD Foundation
For Lenovo laptops with buggy bios (x220, t420, t520):
Write the 0xee entry into the second slot in the pmbr instead of the first
For some Dell and HP models:
The BIOS gives a warning message when booting in legacy mode from a GPT partitioned disk where the 0xee partition in the pmbr is not flagged active
For models known to have this problem, mark the pmbr active during installation
Use smbios data to identify machines known to be affected by any of the above, and offer the user the option to apply the workaround
In bsdinstall's ufs auto mode (autopart partition wizard):
Allow users to select which type of partition table to use
Keep current defaults: MBR for BIOS, GPT for UEFI
This allows users to choose GPT for legacy boot if they wish
PR: 184910
PR: 194359
Reviewed by: Michael Dexter
Approved by: marcel
MFC after: 3 days
X-MFC-With: r285594
Relnotes: yes
Sponsored by: ScaleEngine Inc.
Differential Revision: https://reviews.freebsd.org/D3091
A variable was misspelled resulting in chmod executing on the installer instead of on the target chroot
PR: 191402
Submitted by: Martin Simmons <martin@lispworks.com>
Approved by: brueffer
MFC after: 3 days
Sponsored by: ScaleEngine Inc.
Differential Revision: https://reviews.freebsd.org/D3061
Off by default, build behaves normally.
WITH_META_MODE we get auto objdir creation, the ability to
start build from anywhere in the tree.
Still need to add real targets under targets/ to build packages.
Differential Revision: D2796
Reviewed by: brooks imp
A new loader.conf(5) option of geom_eli_passphrase_prompt="YES" will now
allow you to enter your geli(8) root-mount credentials prior to invoking
the kernel.
See check-password.4th(8) for details.
Differential Revision: https://reviews.freebsd.org/D2105
Reviewed by: imp, kmoore
Discussed on: -current
MFC after: 3 days
X-MFC-to: stable/10
Relnotes: yes
Summary:
Add "GELI Passphrase:" prompt to boot loader.
A new loader.conf(5) option of geom_eli_passphrase_prompt="YES" will now
allow you to enter your geli(8) root-mount credentials prior to invoking
the kernel.
See check-password.4th(8) for details.
Differential Revision: https://reviews.freebsd.org/D2105
Reviewed by: (your name[s] here)
MFC after: 3 days
X-MFC-to: stable/10
Relnotes: yes
Test Plan:
Drop a head copy of check-password.4th into /boot and then apply the patch
(only the patch to /boot/check-password.4th is required; no other changes are
required but you do have to have a HEAD copy of check-password.4th to
apply the patch).
NB: The rest of your /boot files can be up to 2 years old but no older.
NB: The test won't work unless your kernel has the following change
https://svnweb.freebsd.org/base?view=revision&revision=273489
Now, put into /boot/loader.conf:
geom_eli_passphrase_prompt="YES"
and reboot.
You should be prompted for a GELI passphrase before the menu (if enabled),
just after loading loader.conf(5).
NB: It doesn't matter if you're using GELI or not. However if you are using
GELI and a sufficiently new enough release (has SVN r273489) and you entered
the proper passphrase to mount your GELI encrypted root device(s), you should
notice that the boot process did not stop (you went from loader all the way to login).
Reviewers: cperciva, allanjude, scottl, kmoore
Subscribers: jkh, imp
Differential Revision: https://reviews.freebsd.org/D2105
bsdconfig's f_package_add doesn't seem to support using the pkg repo from /etc/pkg/FreeBSD.conf, it also tries to run the commands on the installer image, not in the destination chroot
Instead, manually bootstrap pkg in the chroot, and then install the requested packages (in the chroot)
Doesn't use pkg -c, because pkg is not installed on the installer image
PR: 196250
Differential Revision: https://reviews.freebsd.org/D2026
Approved by: bapt
Sponsored by: ScaleEngine Inc.
Previously we used gnop(8) to fake 4K sector size disks but ZFS now has a
sysctl to control this when creating new top level vdev's so use that
instead.
Differential Revision: D566
MFC after: 1 month
Sponsored by: Multiplay
ZFS property canmount=off so that /var/db/pkg and other such directories
are part of the / dataset, and only /var/mail, /var/log, and /var/crash
are excluded from the ZFS boot environment (beadm).
PR: 193971
Approved by: jmg
MFC after: ASAP
Relnotes: yes
Sponsored by: ScaleEngine Inc.
reality. In particular, draw a connection between the auto ZFS script and
the auto UFS one, since they fulfill similar functions. I'm not sure the
auto ZFS code is actually experimental anymore, so it might be worth
changing that label still.
an embedded newline appearing within the options string surrounded by
double-quotes. Rework the logic that goes into setting dataset options on
the root pool dataset while we're here -- added two new variables (which
can be altered via scripting) ZFSBOOT_POOL_CREATE_OPTIONS and also
ZFSBOOT_BOOT_POOL_CREATE_OPTIONS for setting pool/dataset attributes at
the time of pool creation. The former is for setting options on the root
pool (zroot) and the latter is for setting options on the optional separate
boot pool (bootpool) implicitly enabled when using either GELI or MBR. The
default value for the root pool variable (ZFSBOOT_POOL_CREATE_OPTIONS) is
"-O compress=lz4 -O atime=off" and the default value for separate boot pool
variable (ZFSBOOT_BOOT_POOL_CREATE_OPTIONS) is NULL (no additional options
for the separate boot pool dataset).
Reviewed by: allanjude
MFC after: 7 days
X-MFC-with: r266107-266109
It starts off being used to track the grammar for the number of disks
(singular vs plural) and then it is reused as the list of available disks.
Replace the variable with disks_grammar and move 'disk' and 'disks' to
msg_ vars so they can be translated in the future.
Submitted by: Allan Jude <freebsd@allanjude.com>
Reviewed by: roberto
MFC after: 2 weeks
Sponsored by: ScaleEngine Inc.
Set compress=lz4 for the entire pool, removing it from the individual
datasets
Remove exec=no from /usr/src, breaks the test suite.
Submitted by: Allan Jude <freebsd@allanjude.com>
Reviewed by: roberto
MFC after: 2 weeks
Sponsored by: ScaleEngine Inc.
encryption for swap, and optional gmirror for swap (which can be combined)
Submitted by: Allan Jude <freebsd@allanjude.com>
Requested By: roberto
Sponsored By: ScaleEngine Inc.
MFC after: 2 weeks
GEOM support (thereby adding GEOM support to the disk selection
menu of bsdinstall(8)'s `zfsboot' module updated herein).
MFC after: 1 week
X-MFC-with: 264840
that the slightly older dialog(1) requires --separate-output when using the
--checklist widget to force response to produce unquoted values (whereas in
stable/10 --checklist widget without --separate-output will only quote the
checklist labels in the response if the label is multi-word (contains any
whitespace).
Since these enhancements (see revisions 263956 and 264437) were developed
originally on 10, the --separate-output option was omitted. When merged to
stable/9, we (Allan Jude) and I found during testing that the "always-
quoting" of the response was causing things like struct interpolation to
fail (`f_struct device_$dev' would produce `f_struct device_\"da0\"' for
example -- literal quotes inherited from dialog(1) --checklist response).
To see the behavior, execute the following on stable/9 versus stable/10:
dialog --checklist disks: 0 0 0 da0 "" off da1 "" off
Check both items and hit enter. On stable/10, the response is:
da0 da1
On stable/9 the response is:
"da0" "da1"
If you use the --separate-output option, the response is the same for both:
da0
da1
So applying --separate-output on every platform until either one of two
things occurs 1) dialog(1,3) gets synchronized between stable/9, higher or
2) we drop support for stable/9.
MFC after: 3 days
Reviewed by: Allan Jude
and finish the job. ncurses is now the only Makefile in the tree that
uses it since it wasn't a simple mechanical change, and will be
addressed in a future commit.
NB: If the zfsboot variables ($ZFSBOOT_*) are set, a script is
assumed to want zfsboot module instead of scriptedpart module.
Submitted by: Loïc Brarda <loic.brarda@cern.ch>
Reviewed by: nwhitehorn@
MFC after: 3 days
in the one-line comment associated with the dumpdev setting was not present
for the case where the user deselects the dumpdev service (restoring pre-
r256348 behaviour.
MFC After: 3 days
only allows basic username/password config, and does not provide the
ability to set any of the other WPA options. Regardless, this is
generally sufficient to associate.
Perhaps in the future this could allow full configuring (e.g. being able
to set "anonymous identity", and perhaps some of the more obscure WPA
options), though perhaps that will better belong in bsdconfig when that
grows wlan config ability.
MFC after: 1 week
location of /etc/rc.local on the install media is more appropriate as it
knows serial vs. non-serial and can also do the change earlier (so that
even the initial Install dialog can benefit from the change).
MFC after: 3 days
installation to 3-4+ (depending on vdev type) vdevs would result in odd
error messages where the zpool `create' command appeared to repeat itself
(an artifact of printf when you supply too many arguments -- caused by
neglecting to properly quote the multi-word expansion of $*vdevs when
creating the pool(s)). Example error below (taken from bsdinstall_log):
DEBUG: zfs_create_boot: Creating root pool...
DEBUG: zfs_create_boot: zpool create -o altroot=/mnt -m none -f "zroot" \
ada0p3.nop ada1p3.nopzpool create ada2p3.nop "ada3p3.nop"
DEBUG: zfs_create_boot: retval=1 <output below>
cannot open 'ada1p3.nopzpool': no such GEOM provider
DEBUG: Running installation step: hostname
rm: /tmp/bsdinstall_etc/fstab: No such file or directory
The two lines are unrelated, and the rm is spurious. Let's add `-f' to
that rm(1) so it doesn't confuse us when debugging an install.
MFC after: 3 days
should not have used DIALOG_CANCEL because dialog.subr wasn't included to
define it. The effect of the error was that you could not cancel the
partition dialog. Discovered by checking bsdinstall_log for something else.
MFC after: 3 days
required in such a case). But don't prevent the user from pointing the
gun at his/her foot -- you can disable 4k alignment after enabling geli).
MFC after: 3 days
and subsequent headaches caused by multiple pools with the same name.
Specifically, blast away any labels on the designated swap partition.
Problem was when you install to a given layout *with* swap and then turn
around and re-install the same layout *without* swap (we weren't doing a
labelclear for the swap device, so would end up with an "UNAVAIL" status
zroot pool that may only exist in the pool cache).
MFC after: 3 days
