From c634b7d41c241a9b033e16ff32ba26a6d99bc227 Mon Sep 17 00:00:00 2001
From: Bob Gilligan <gilligan@vyatta.com>
Date: Fri, 30 Apr 2010 15:45:44 -0700
Subject: Allow user to name system images when installing them.

Now we ask the user what they would like to name an image when
they are installing.  The default answer is the same string used previously:
The Vyatta version string.
---
 scripts/install/install-image-existing | 49 +++++++++++++++++++++++++---------
 1 file changed, 36 insertions(+), 13 deletions(-)

(limited to 'scripts/install/install-image-existing')

diff --git a/scripts/install/install-image-existing b/scripts/install/install-image-existing
index ce0e502d..bad2be58 100755
--- a/scripts/install/install-image-existing
+++ b/scripts/install/install-image-existing
@@ -54,16 +54,27 @@ fi
 
 # get new version string. this is from the squashfs image.
 NEWVER=`dpkg -l --root=${CD_SQUASH_ROOT} | grep "^..  vyatta-version " | awk '{print $3}'`
+NEWNAME=$NEWVER
 
-if [ -z "$NEWVER" ]; then
-  failure_exit 'Cannot find new release version.'
+echo -n "What would you like to name this image? [$NEWNAME]: "
+read response
+if [ -n "$response" ]; then
+    NEWNAME=$response
 fi
-if [ "$CURVER" == "$NEWVER" ]; then
-    echo "Image version $NEWVER is the same as the running system."
-    echo "Cannot install the same release version as the running system."
-    exit 1
+
+# Validate image name
+if [ "$NEWNAME" = "grub" -o "${NEWNAME:0:7}" = "vmlinuz" -o \
+    "${NEWNAME:0:6}" = "initrd" -o "${NEWNAME:0:10}" = "System.map" -o \
+    "$NEWNAME" = "Old-non-image-installation" ]; then
+    echo "Can't use $NEWNAME.  It is a reserved image name."
+    exit 1;
+fi
+
+if [ -z "$NEWNAME" ]; then
+  failure_exit 'Invalid image name.'
 fi
 
+echo "OK.  This image will be named: $NEWNAME"
 
 # this is the default if current install is union
 BOOT_DIR=/live/image/boot
@@ -74,24 +85,30 @@ elif [ "$CUR_INSTALL" != 'union' ]; then
   exit 1
 fi
 
-if [ -d $BOOT_DIR/$NEWVER ]; then
-    echo "Version $NEWVER is already installed on this system."
+if [ -d $BOOT_DIR/$NEWNAME ]; then
+    if [ "$CURVER" = "$NEWNAME" ]; then
+           echo "$NEWNAME is the image you are currently running.  Can't"
+	   echo "Re-install over the running image."
+	   exit 1
+    fi
+
+    echo "An image named $NEWNAME is already installed on this system."
     echo "Proceeding with this installation will delete this copy of"
-    echo "$NEWVER and replace it with a new copy."
+    echo "$NEWNAME and replace it with a new copy."
     echo -n "Do you want to replace it? (Yes/No) [No]: "
     resp=$(get_response "No" "Yes No Y N")
     if [ "$resp" != 'yes' ] && [ "$resp" != 'y' ]; then
-	echo "OK.  Will not replace $NEWVER"
+	echo "OK.  Will not replace $NEWNAME"
 	echo "Exiting..."
 	exit 1
     fi
 fi
 
 # start the install
-echo "Installing \"$NEWVER\" release."
+echo "Installing \"$NEWNAME\" image."
 
 # create the new release directories
-REL_ROOT=$BOOT_DIR/$NEWVER
+REL_ROOT=$BOOT_DIR/$NEWNAME
 RW_DIR="$REL_ROOT/live-rw"
 if ! mkdir -p "$RW_DIR"; then
   failure_exit 'Cannot create directory for new release.'
@@ -163,10 +180,16 @@ if [ -e "$DEF_GRUB" ]; then
   echo "Setting up grub configuration..."
   new_index=$(get_grub_index)
 
+  def_grub_vers=/tmp/def_grub.$$
+  cp $DEF_GRUB $def_grub_vers
+  sed -i "s/menuentry \"Vyatta.*(/menuentry \"Vyatta image $NEWNAME (/" $def_grub_vers
+  sed -i "s/menuentry \"Lost password change.*(/menuentry \"Lost password change $NEWNAME (/" $def_grub_vers
+  sed -i "sX/boot/[A-Za-z0-9\.]*X/boot/${NEWNAME}Xg" $def_grub_vers
+
   old_grub_cfg=$BOOT_DIR/grub/grub.cfg
   new_grub_cfg=/tmp/grub.cfg.$$
   sed -n '/^menuentry/q;p' $old_grub_cfg >$new_grub_cfg
-  cat $DEF_GRUB >>$new_grub_cfg
+  cat $def_grub_vers >> $new_grub_cfg
   sed -n '/^menuentry/,${p}' $old_grub_cfg >>$new_grub_cfg
   sed -i "s/^set default=[0-9]\+$/set default=$new_index/" $new_grub_cfg
   mv $new_grub_cfg $old_grub_cfg
-- 
cgit v1.2.3


From 83cca7053bba3181b451609fee641271b3b7adf3 Mon Sep 17 00:00:00 2001
From: Bob Gilligan <gilligan@vyatta.com>
Date: Mon, 3 May 2010 17:19:15 -0700
Subject: Add code to check digital signature of image files.

In URL mode, we now check for a digital signature file.  If one
exists, we'll try to download it and check the signature.
---
 scripts/install/install-image          | 33 +++++++++++++++++++++++++++++++++
 scripts/install/install-image-existing |  2 +-
 2 files changed, 34 insertions(+), 1 deletion(-)

(limited to 'scripts/install/install-image-existing')

diff --git a/scripts/install/install-image b/scripts/install/install-image
index 607dcc98..c4bf3800 100755
--- a/scripts/install/install-image
+++ b/scripts/install/install-image
@@ -69,6 +69,39 @@ fetch_iso_by_url ()
     fi
 
     echo "ISO download suceeded."
+
+    echo "Checking for digital signature file..."
+    curl -f -o ${filename}.asc ${NEW_ISO}.asc
+    if [ $? -ne 0 ]; then
+	echo "Unable to fetch digital signature file."
+	echo -n "Do you want to continue without signature check? (yes/no) [yes] "
+
+	response=$(get_response "Yes" "Yes No Y N")
+	if [ "$response" == "no" ] || [ "$response" == "n" ]; then
+	    fail_exit 'OK.  Installation will not be performed.'
+	fi
+
+	# In case signature file was partially downloaded...
+	rm -f ${filename}.asc
+    fi
+
+    if [ -e ${filename}.asc ]; then
+	echo "Found it.  Checking digital signature..."
+	gpg --keyring /etc/apt/trusted.gpg --verify ${filename}.asc
+	if [ $? -ne 0 ]; then
+	    echo "Signature check FAILED."
+	    echo -n "Do you want to continue anyway? (yes/no) [no] "
+	    response=$(get_response "Yes" "Yes No Y N")
+	    if [ "$response" == "no" ] || [ "$response" == "n" ]; then
+		fail_exit 'OK.  Installation will not be performed.'
+	    fi
+	    
+	    echo "OK. Proceding with installation anyway."
+	else
+	    echo "Digital signature is valid."
+	fi
+    fi
+
     NEW_ISO=$filename
 }
 
diff --git a/scripts/install/install-image-existing b/scripts/install/install-image-existing
index bad2be58..d35437ba 100755
--- a/scripts/install/install-image-existing
+++ b/scripts/install/install-image-existing
@@ -184,7 +184,7 @@ if [ -e "$DEF_GRUB" ]; then
   cp $DEF_GRUB $def_grub_vers
   sed -i "s/menuentry \"Vyatta.*(/menuentry \"Vyatta image $NEWNAME (/" $def_grub_vers
   sed -i "s/menuentry \"Lost password change.*(/menuentry \"Lost password change $NEWNAME (/" $def_grub_vers
-  sed -i "sX/boot/[A-Za-z0-9\.]*X/boot/${NEWNAME}Xg" $def_grub_vers
+  sed -i "sX/boot/[A-Za-z0-9\.\-]*X/boot/${NEWNAME}Xg" $def_grub_vers
 
   old_grub_cfg=$BOOT_DIR/grub/grub.cfg
   new_grub_cfg=/tmp/grub.cfg.$$
-- 
cgit v1.2.3


From 427ab38e9d8144b185e53f29504df36d48277ac4 Mon Sep 17 00:00:00 2001
From: Stephen Hemminger <stephen.hemminger@vyatta.com>
Date: Fri, 7 May 2010 15:03:46 -0700
Subject: Preserve file attributes of root files

Want to preserve labels and other attributes
---
 scripts/install/install-image-existing | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'scripts/install/install-image-existing')

diff --git a/scripts/install/install-image-existing b/scripts/install/install-image-existing
index ce0e502d..c243fda6 100755
--- a/scripts/install/install-image-existing
+++ b/scripts/install/install-image-existing
@@ -108,7 +108,7 @@ if [ ! -f "$squash_img" ] || [ -z "$boot_files" ]; then
 fi
 target_squash=$REL_ROOT/$NEWVER.squashfs 
 cp -p $squash_img $target_squash >&/dev/null
-cp -dp $boot_files $REL_ROOT/ >&/dev/null
+cp --no-dereference --preserve=all $boot_files $REL_ROOT/ >&/dev/null
 
 # mount copied squashfs
 if ! try_mount "-o loop,ro $target_squash $READ_ROOT"; then
-- 
cgit v1.2.3