summaryrefslogtreecommitdiff
path: root/scripts/install/install-image
AgeCommit message (Collapse)Author
2021-10-16gpg: T3879: fix signature validationChristian Poessinger
(cherry picked from commit 217c4b5c165e9e8a64bfe82d3ddade256b0990e0)
2021-09-06install-image: T2108: use minisign backup key if primary key failsChristian Poessinger
(cherry picked from commit 0c5edf1ced2872c495b190977db575deaf28fa1c)
2021-09-06install-image: remove whitespaces after .Christian Poessinger
(cherry picked from commit c36db1614b60fc180d016fd3b7f64d9342a503a6)
2021-08-26install-image: T2108: verify image by using minisign over GPGChristian Poessinger
We will first download and try to verify the image using the generated minisign signature. If this fails, we try to retrieve the GPG signature file.
2021-06-13T3356: Remove redundant error messageerkin
2021-05-18T3356: remote: Read username and password from environment variableserkin
2021-05-18T3356: Switch install-image from curl to remote.pyerkin
2021-05-10T3351: Check for SHA256 filesLulu Cathrinus Grimalkin
Fall back to MD5 if SHA256 checksums could not be found Don't bother downloading .iso.sha256 files
2020-10-28image: T3027: do not rely on the ISO filename when calculating sha256 hashChristian Poessinger
Updating a running VyOS installation by using the "add system image" command pointing to https://downloads.vyos.io/rolling/current/amd64/vyos-rolling-latest.iso will break the validation due to filename missmatch. The root cause for this is the sha256 checksum file itself. It contains the hash and the filename used when hashing. When running "sha256sum --check" during the upgrade it expects the "real" filename when calculating and verifying the hash. The real filename differs when using the vyos-rolling-latest.iso symlink on the webserver as it will tell the running VyOS installation a different filename and the validation fails. This is now fixed by not depending on the filename when verifying the hash. We simply calculate the hash of the downloaded file and compare it to the has we saved inside the checksum file and totally ignore the filename itself.
2020-10-18image: T2992: automatically verify sha256 checksum on ISO downloadChristian Poessinger
Good: ===== vyos@vyos:~$ add system image http://foo.com/vyos-1.3-rolling-202010180826-amd64.iso Trying to fetch ISO file from http://foo.com/vyos-1.3-rolling-202010180826-amd64.iso % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 309M 100 309M 0 0 25.1M 0 0:00:12 0:00:12 --:--:-- 25.2M ISO download succeeded. Checking SHA256 (256-bit) checksum... % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 106 100 106 0 0 26500 0 --:--:-- --:--:-- --:--:-- 26500 Found it. Verifying checksum... SHA256 checksum valid. Checking for digital signature file... % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 curl: (22) The requested URL returned error: 404 Not Found Unable to fetch digital signature file. Do you want to continue without signature check? (yes/no) [yes] Bad: ==== vyos@vyos:~$ add system image http://foo.com/vyos-1.3-rolling-202010180826-amd64.iso Trying to fetch ISO file from http://foo.com/vyos-1.3-rolling-202010180826-amd64.iso % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 309M 100 309M 0 0 25.8M 0 0:00:11 0:00:11 --:--:-- 25.8M ISO download succeeded. Checking SHA256 (256-bit) checksum... % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 106 100 106 0 0 9636 0 --:--:-- --:--:-- --:--:-- 9636 Found it. Verifying checksum... vyos-1.3-rolling-202010180826-amd64.iso: FAILED sha256sum: WARNING: 1 computed checksum did NOT match Signature check FAILED. Installation will not be performed. Exiting...
2020-08-23install-image: T2690: T2762: always run in default VRF unless specifiedChristian Poessinger
When you connect via SSH and run the "add system image" command, it is launched inside the VRF you are currently connected to. This might become confusing as the VRF context changes. Change command to always run in "default" vrf unless "add system image" command is invoked with the vrf option.
2020-08-01install-image: T2690: add VRF support when installing new imagesChristian Poessinger
2020-08-01install-image: T2753: add named command line optionsChristian Poessinger
This makes it easier to add VRF support.
2019-10-21Merge branch 'current' into equuleushagbard
Auto-merging scripts/rl-system.init Auto-merging scripts/install/install-image Auto-merging Jenkinsfile
2019-10-18[system-proxy]: T1741 - Add system wide proxy settinghagbard
2019-10-08install-image: T1718 - ISO check in /opt/vyatta/sbin/install-image faultyhagbard
2018-11-06T955: Integrating EFI into the installerKroy
2018-11-05T955: Integrating EFI into the installerKroy
2018-10-15T885 Bug in add system image signature check confirmationEwald van Geffen
Documentation https://github.com/vyos/vyatta-cfg-system/blob/current/scripts/install/install-functions#L90 (cherry picked from commit 1a05b1bfe0ccfd3f02a1cd4983b5f899364408c8)
2016-01-29Refine getting the vyos version.Kim Hagen
2016-01-29Update the way the install scrips get the vyos version.Kim Hagen
2014-07-29Replace login name check with effective UID check in install-image.Daniil Baturin
2014-01-18Bug #98: add an option for redirect support to curl call.Daniil Baturin
2013-12-22Fix curl command to fetch the signature file.Daniil Baturin
2013-11-02Fix some shell quoting weirdness (curl dumped the ISO on stdout)Daniil Baturin
2013-11-02Set User-Agent: to VyOS/$version for statistics collection.Daniil Baturin
2013-11-02Replace missed vyatta names in installerDaniil Baturin
2012-02-29Merge branch 'oxnard' of git.vyatta.com:/git/vyatta-cfg-system into oxnardJohn Southworth
2012-02-29Bugfix 7555: allow users to import ssh keys when running add system imageJohn Southworth
2012-02-21Fix spelling errors in install imageStephen Hemminger
Bug 7544 Found several misspellings in the install prompts.
2011-12-06Bugfix 7497: Include auth credentials when fetching the signature fileBob Gilligan
2011-12-06Fix up formating of Vyatta specific HTTP options.Bob Gilligan
2011-12-05Add HTTP headers to identify client and version.Bob Gilligan
2011-07-14Bugfix 5856: Add username and password options.Bob Gilligan
In order to allow username and password parameters in the corresponding op mode command, we allow username and password to be specified on the install-image command line.
2010-12-22Add more error recovery and disk space checking.Bob Gilligan
2010-11-21Bugfix 6457: Don't ask the question if you're not going to like the answer.Bob Gilligan
2010-09-08Fix quoting of shell -zStephen Hemminger
The -z test in shell needs to be quoted to avoid issues with shell expansion.
2010-08-02Bugfix 5964: Eliminate unnecessary version check.Bob Gilligan
2010-05-03Add code to check digital signature of image files.Bob Gilligan
In URL mode, we now check for a digital signature file. If one exists, we'll try to download it and check the signature.
2010-03-09Bugfix 5424: Allow image with same version to be added to disk-based installBob Gilligan
2010-03-08Use more reliable method for determining system version.Bob Gilligan
2010-02-25Bugfix 5217: Don't use the "-#" option to curl. It runs slow on serial ports.Bob Gilligan
2010-01-13Don't allow installation to proceed if MD5 checksum errors are found.Bob Gilligan
2010-01-08Switch from wget to curl since the latter supports more URL methods.Bob Gilligan
2010-01-06Validate MD5 checksums on ISO file before proceeding with installation.Bob Gilligan
2009-12-23Add support for fetching ISO file based on URL.Bob Gilligan
2009-11-02use top-level pid for progress indicatorAn-Cheng Huang
2009-10-30add unified install-imageAn-Cheng Huang
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-25 07:08:50 +0000