3535# shellcheck source=/dev/null
3636source " ${INSTALL_MNT} /lib/os-release"
3737NEXT_VERSION_ID=${VERSION_ID}
38+ NEXT_VERSION=" ${VERSION} "
3839
3940# shellcheck source=/dev/null
4041source /usr/lib/os-release
@@ -43,6 +44,167 @@ tee_journal() {
4344 tee >( systemd-cat -t coreos-postinst)
4445}
4546
47+ OEMID=$( { grep -m 1 -o " ^ID=.*" " ${OEM_MNT} " || true ; } | cut -d = -f 2)
48+
49+ # Must not be used as "if sysext_download; then" or "sysext_download ||" because that makes set -e a no-op, and also must not use "( sysext_download )" because we want to set the global SUCCESS variable.
50+ sysext_download () {
51+ local name=" $1 " # Payload name
52+ local target=" $2 " # Path to write the payload to, writing does not need to be atomic because the caller later does an atomic move
53+ local from=" ${3-} " # Either path to XML dump or the constant "release-server"
54+ local base=" "
55+ local entries=" "
56+ local hash=" "
57+ local size=" "
58+ local url=" "
59+ local ret
60+ SUCCESS=false
61+ set +e
62+ (
63+ set -e
64+ # TODO: Replace the below with invoking an ue-rs helper binary for downloading the payload "name", either from the XML data or the release server ("from"), and write unpacked, verified file to "target"
65+ if [ " ${from} " = " release-server" ; then
66+ url=" https://update.release.flatcar-linux.net/${FLATCAR_BOARD} /${NEXT_VERSION} /${name} "
67+ elif [ " ${from} " = " bincache-server" ; then
68+ url=" https://bincache.flatcar-linux.net/images/${FLATCAR_BOARD/ -usr} /${NEXT_VERSION} /${name} "
69+ else
70+ base=$( grep -m 1 -o ' codebase="[^"]*"' " ${from} " | cut -d ' "' )
71+ entries=$( grep -m 1 -o " <package name=\" ${name} \" [^>]*" " ${from} " )
72+ url=" ${base} /${name} "
73+ size=$( echo " ${entries} " | grep -o ' size="[0-9]*' | cut -d ' "' )
74+ hash=$( echo " ${entries} " | grep -o -P ' hash="[^"]*' | cut -d ' "' ) # openssl dgst -binary -sha1 < "$PAYLOAD" | base64
75+ fi
76+ rm -f " ${target} .tmp"
77+ curl -fsSL --retry-delay 1 --retry 60 --retry-connrefused --retry-max-time 60 --connect-timeout 20 -o " ${target} .tmp" " ${url} "
78+ if [ " ${size} " != " " && [ " ${hash} " != " " ; then
79+ if [ " $( stat --printf=' %s' " ${target} .tmp" ) " != " ${size} " ; then
80+ echo " Size mismatch for ${name} " >&2
81+ return 1 # jump to ret=
82+ fi
83+ if [ " $( openssl dgst -binary -sha1 < " ${target} .tmp" | base64) " != " ${hash} " ; then
84+ echo " Hash mismatch for ${name} " >&2
85+ return 1 # jump to ret=
86+ fi
87+ fi
88+ # Using "${INSTALL_MNT}" here is ok because it was verified first by update-engine
89+ PROTOPATH=" ${INSTALL_MNT} " " ${INSTALL_MNT} " " ${target} .tmp" " ${target} "
90+ )
91+ ret=$?
92+ set -e
93+ rm -f " ${target} .tmp"
94+ if [ " ${ret} " -eq 0 ]; then
95+ SUCCESS=true
96+ fi
97+ }
98+
99+ # To know whether an OEM update payload is expected we can't rely on checking if the Omaha response contains one
100+ # because users may run their own instance and forget to supply it, or this is an old instance that doesn't hand us
101+ # the XML dump over. In both cases we do a fallback download and rely on a hardcoded list of OEM sysexts which we
102+ # anyway need to maintain for the migration actions. Besides checking that an entry in the list exists we can also
103+ # check for the active-oem-OEM flag file to support custom OEMs (but they must be part of the Omaha response).
104+ if [ " ${OEMID} " != " " && { [ -e " ${INSTALL_MNT} /share/flatcar/oems/${OEMID} " || [ -e " ${OEM_MNT} /sysext/active-oem-${OEMID} " ; }; then
105+ mkdir -p " ${OEM_MNT} "
106+ # Delete sysext images that belonged to the now overwritten /usr partition but keep the sysext image for the current version
107+ KEEP=" ${OEM_MNT} /sysext/oem-${OEMID} -${VERSION} .raw"
108+ if [ ! -e " ${KEEP} " ; then
109+ KEEP=" /etc/flatcar/oem-sysext/oem-${OEMID} -${VERSION} .raw"
110+ fi
111+ if [ ! -e " ${KEEP} " ; then
112+ KEEP=" ${OEM_MNT} /sysext/oem-${OEMID} -initial.raw" # It may not exist as well but that's ok (also, it can only exist on the OEM partition)
113+ fi
114+ shopt -s nullglob
115+ for OLD_IMAGE in " ${OEM_MNT} " * raw /etc/flatcar/oem-sysext/oem* raw; do
116+ if [ " ${OLD_IMAGE} " != " ${KEEP} " && [ -f " ${OLD_IMAGE} " ; then
117+ rm -f " ${OLD_IMAGE} "
118+ fi
119+ done
120+ # Note that in the case of VERSION=NEXT_VERSION we will replace the running sysext and maybe it's better
121+ # to do so than not because it allows to recover from a corrupted file (where the corruption happened on disk)
122+ SUCCESS=false
123+ # Preferred is to download from the location given by the Omaha response
124+ # which only works with a new update-engine client that creates "full-response",
125+ # and we also have to check that this file was created fresh for this update operation
126+ # (relies on the reset of /var/lib/update_engine/prefs/previous-version that old clients also do)
127+ if [ -e /var/lib/update_engine/prefs/full-response ] && [ $( stat -L --printf=' %Y' ) -gt $( stat -L --printf=' %Y' ) ; then
128+ rm -f " /var/lib/update_engine/oem-${OEMID} .raw"
129+ sysext_download " oem-${OEMID} .gz" " /var/lib/update_engine/oem-${OEMID} .raw"
130+ fi
131+ # If that was not provided due to updating from an old version or if the download failed, try the release server or bincache
132+ if [ " ${SUCCESS} " = false ]; then
133+ rm -f " /var/lib/update_engine/oem-${OEMID} .raw"
134+ PAYLOADSERVER=release-server
135+ PAYLOADNAME=" oem-${OEMID} .gz"
136+ if [ " $( md5sum /usr/share/update_engine/update-payload-key.pub.pem | cut -d " " ) " = " 7192addf4a7f890c0057d21653eff2ea" ; then
137+ PAYLOADSERVER=bincache-server
138+ PAYLOADNAME=" flatcar_test_update-oem-${OEMID} .gz"
139+ fi
140+ sysext_download " ${PAYLOADNAME} " " /var/lib/update_engine/oem-${OEMID} .raw" " ${PAYLOADSERVER} "
141+ fi
142+ if [ " ${SUCCESS} " = false ]; then
143+ rm -f " /var/lib/update_engine/oem-${OEMID} .raw"
144+ echo " Failed to download required OEM update payload" >&2
145+ exit 1
146+ fi
147+ NEW_SYSEXT=" ${OEM_MNT} /sysext/oem-${OEMID} -${NEXT_VERSION} .raw"
148+ # We don't need to check if it's the initial MVP OEM because it's an update payload provided for a particular version
149+ echo " Trying to place /var/lib/update_engine/oem-${OEMID} -${NEXT_VERSION} .raw on OEM partition" >&2
150+ if ! mv " /var/lib/update_engine/oem-${OEMID} .raw" " ${NEW_SYSEXT} " ; then
151+ echo " That failed, moving it to right location on root partition" >&2
152+ NEW_SYSEXT=" /etc/flatcar/oem-sysext/oem-${OEMID} -${NEXT_VERSION} .raw"
153+ mv " /var/lib/update_engine/oem-${OEMID} .raw" " ${NEW_SYSEXT} "
154+ fi
155+ if [ -e " ${KEEP} " && [ -e " ${NEW_SYSEXT} " && [ ! -e " ${OEM_MNT} /sysext/active-oem-${OEMID} " ; then
156+ if [ -e " ${INSTALL_MNT} /share/flatcar/oems/${OEMID} " ; then
157+ touch " ${OEM_MNT} /sysext/migrate-oem-${OEMID} "
158+ fi
159+ touch " ${OEM_MNT} /sysext/active-oem-${OEMID} "
160+ fi
161+ fi
162+
163+ # Download official Flatcar extensions
164+ # The enabled-sysext.conf file is read from /etc and /usr and contains one name per line,
165+ # and when the name is prefixed with a "-" it means that the extension should be disabled if enabled by default in the file from /usr.
166+ # It may contain comments starting with "#" at the beginning of a line or after a name.
167+ # The file is also used in bootengine to know which extensions to enable.
168+ # Note that we don't need "{ grep || true ; }" to suppress the match return code because in for _ in $(grep...) return codes are ignored
169+ for NAME in $( grep -h -o ' ^[^#]*' | grep -v -x -f <( grep ' ^-' | cut -d - -f 2-) | grep -v -P ' ^(-).*' ) ; do
170+ KEEP=" /etc/flatcar/sysext/flatcar-${NAME} -${VERSION} .raw"
171+ shopt -s nullglob
172+ # Delete sysext images that belonged to the now overwritten /usr partition but keep the sysext image for the current version
173+ for OLD_IMAGE in /etc/flatcar/sysext/flatcar* raw; do
174+ if [ " ${OLD_IMAGE} " != " ${KEEP} " && [ -f " ${OLD_IMAGE} " ; then
175+ rm -f " ${OLD_IMAGE} "
176+ fi
177+ done
178+ # Note that in the case of VERSION=NEXT_VERSION we will replace the running sysext and maybe it's better
179+ # to do so than not because it allows to recover from a corrupted file (where the corruption happened on disk)
180+ SUCCESS=false
181+ # Preferred is to download from the location given by the Omaha response
182+ # which only works with a new update-engine client that creates "full-response",
183+ # and we also have to check that this file was created fresh for this update operation
184+ # (relies on the reset of /var/lib/update_engine/prefs/previous-version that old clients also do)
185+ if [ -e /var/lib/update_engine/prefs/full-response ] && [ $( stat -L --printf=' %Y' ) -gt $( stat -L --printf=' %Y' ) ; then
186+ rm -f " /var/lib/update_engine/flatcar-${NAME} .raw"
187+ sysext_download " flatcar-${NAME} .gz" " /var/lib/update_engine/flatcar-${NAME} .raw"
188+ fi
189+ # If that was not provided due to updating from an old version or if the download failed, try the release server or bincache
190+ if [ " ${SUCCESS} " = false ]; then
191+ rm -f " /var/lib/update_engine/flatcar-${NAME} .raw"
192+ PAYLOADSERVER=release-server
193+ PAYLOADNAME=" flatcar-${NAME} .gz"
194+ if [ " $( md5sum /usr/share/update_engine/update-payload-key.pub.pem | cut -d " " ) " = " 7192addf4a7f890c0057d21653eff2ea" ; then
195+ PAYLOADSERVER=bincache-server
196+ PAYLOADNAME=" flatcar_test_update-flatcar-${NAME} .gz"
197+ fi
198+ sysext_download " ${PAYLOADNAME} " " /var/lib/update_engine/flatcar-${NAME} .raw" " ${PAYLOADSERVER} "
199+ fi
200+ if [ " ${SUCCESS} " = false ]; then
201+ rm -f " /var/lib/update_engine/flatcar-${NAME} .raw"
202+ echo " Failed to download required OEM update payload" >&2
203+ exit 1
204+ fi
205+ mv " /var/lib/update_engine/flatcar-${NAME} .raw" " /etc/flatcar/sysext/flatcar-${NAME} -${NEXT_VERSION} .raw"
206+ done
207+
46208# Keep old nodes on cgroup v1
47209if [[ " ${BUILD_ID} " != " dev-" * ]]; then
48210 if [ " ${VERSION_ID%% .* } " -lt 2956 ]; then
0 commit comments