From 0b39d9de2e7170c214b39f1aca42c11d6f7c13e9 Mon Sep 17 00:00:00 2001 From: Colin Percival Date: Thu, 4 May 2023 20:00:58 -0700 Subject: [PATCH] freebsd-update: Fix merging already-updated files When performing an "upgrade" (moving between FreeBSD releases, as opposed to "update" which merely applies security/errata updates to the installed release) FreeBSD Update: 1. Generates a list of "files needing to be merged", namely those files which don't match the version installed in the "old" release and have paths matching the MergeChanges configuration directive (by default, /boot/device.hints and everything under /etc/). and later on, 2. Compares the currently-installed files to the versions in the "new" release, removing index entries for files which "don't need to be updated because they're not changing". Unfortunately if a file falls into both of these categories -- that is to say, if a file in /etc/ is the same as the version in the new release and not the same as the version in the old release -- the resulting "merge" step saw that the file was no longer listed as being part of the new release, resulting in the file being deleted. For the first 18 years of FreeBSD Update's existence, this never happened, since $FreeBSD$ tags resulted in "new release" files always being different from any files systems would already have installed. This commit fixes this behaviour by only placing a file into the "files needing to be merged" list if it does not match the version in the old release *or* the version in the new release. Reported by: des Reviewed by: delphij (earlier version), des, emaste Approved by: so Security: FreeBSD-EN-23:09.freebsd-update Differential Revision: https://reviews.freebsd.org/D39973 (cherry picked from commit c55b7e522629cb78adeb54bd9964304481d55eab) (cherry picked from commit 866e5c6b3ce7ca3e15a24180fa1a0dcbda7c4b0f) --- usr.sbin/freebsd-update/freebsd-update.sh | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/usr.sbin/freebsd-update/freebsd-update.sh b/usr.sbin/freebsd-update/freebsd-update.sh index 4ef44d1ad00..4f779270926 100644 --- a/usr.sbin/freebsd-update/freebsd-update.sh +++ b/usr.sbin/freebsd-update/freebsd-update.sh @@ -1677,11 +1677,12 @@ fetch_inspect_system () { echo "done." } -# For any paths matching ${MERGECHANGES}, compare $1 and $2 and find any -# files which differ; generate $3 containing these paths and the old hashes. +# For any paths matching ${MERGECHANGES}, compare $2 against $1 and $3 and +# find any files with values unique to $2; generate $4 containing these paths +# and their corresponding hashes from $1. fetch_filter_mergechanges () { # Pull out the paths and hashes of the files matching ${MERGECHANGES}. - for F in $1 $2; do + for F in $1 $2 $3; do for X in ${MERGECHANGES}; do grep -E "^${X}" ${F} done | @@ -1689,9 +1690,10 @@ fetch_filter_mergechanges () { sort > ${F}-values done - # Any line in $2-values which doesn't appear in $1-values and is a - # file means that we should list the path in $3. - comm -13 $1-values $2-values | + # Any line in $2-values which doesn't appear in $1-values or $3-values + # and is a file means that we should list the path in $3. + sort $1-values $3-values | + comm -13 - $2-values | fgrep '|f|' | cut -f 1 -d '|' > $2-paths @@ -1703,10 +1705,10 @@ fetch_filter_mergechanges () { while read X; do look "${X}|" $1-values | head -1 - done < $2-paths > $3 + done < $2-paths > $4 # Clean up - rm $1-values $2-values $2-paths + rm $1-values $2-values $3-values $2-paths } # For any paths matching ${UPDATEIFUNMODIFIED}, remove lines from $[123] @@ -2711,7 +2713,7 @@ upgrade_run () { # Based on ${MERGECHANGES}, generate a file tomerge-old with the # paths and hashes of old versions of files to merge. - fetch_filter_mergechanges INDEX-OLD INDEX-PRESENT tomerge-old + fetch_filter_mergechanges INDEX-OLD INDEX-PRESENT INDEX-NEW tomerge-old # Based on ${UPDATEIFUNMODIFIED}, remove lines from INDEX-* which # correspond to lines in INDEX-PRESENT with hashes not appearing -- 2.45.0