From owner-freebsd-current@FreeBSD.ORG Mon Mar 23 16:16:00 2015 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 146AC536 for ; Mon, 23 Mar 2015 16:16:00 +0000 (UTC) Received: from c.mail.sonic.net (c.mail.sonic.net [64.142.111.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D395638B for ; Mon, 23 Mar 2015 16:15:59 +0000 (UTC) Received: from aurora.physics.berkeley.edu (aurora.Physics.Berkeley.EDU [128.32.117.67]) (authenticated bits=0) by c.mail.sonic.net (8.15.1/8.15.1) with ESMTPSA id t2NGFvVf028171 (version=TLSv1.2 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Mon, 23 Mar 2015 09:15:58 -0700 Message-ID: <55103C3D.9050009@freebsd.org> Date: Mon, 23 Mar 2015 09:15:57 -0700 From: Nathan Whitehorn User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:31.0) Gecko/20100101 Thunderbird/31.4.0 MIME-Version: 1.0 To: freebsd-current@freebsd.org Subject: Re: bsdinstall and current (possible stable) snapshots References: <20150323084738.70f7db7b@laptop.minsk.domain> <5762F1B8-771F-469C-9B93-AB6477C1C90D@FreeBSD.org> In-Reply-To: <5762F1B8-771F-469C-9B93-AB6477C1C90D@FreeBSD.org> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit X-Sonic-CAuth: UmFuZG9tSVaRK2qFSS+7iq3MUkaT28knwTUewkByuznPVzN0PdCNPwcqeg0ujTxBVk4R94LT72PHWAX4IsMYlTsN2UUzqKkzme7OevyOccE= X-Sonic-ID: C;oo2P43fR5BGr3tBwQIsAyQ== M;uhnI43fR5BGr3tBwQIsAyQ== X-Spam-Flag: No X-Sonic-Spam-Details: 0.0/5.0 by cerberusd X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 23 Mar 2015 16:16:00 -0000 On 03/23/15 09:06, Devin Teske wrote: >> On Mar 22, 2015, at 10:47 PM, Sergey V. Dyatko wrote: >> >> Hi Devin, >> >> Recently I'm trying to install FreeBSD CURRENT from bootonly image >> ( FreeBSD-11.0-CURRENT-amd64-20150302-r279514-bootonly.iso) >> on IBM HS22 blade via bladecenter's kvm but I faced with problem on checksum >> stage, bootonly doesn't contain base, kernel,etc distributions but it contain >> manifest file. >> On mirrors we have pub/FreeBSD/snapshots/${ARCH}/11.0-CURRENT/*txz and >> MANIFEST, sha256 sums from _local_ manifest doesn't match sha256 sums for >> fetched files. I suppose it will be fine with RELEASE bootonly iso but not with >> stable/current. >> there is 2 ways how we can handle it: >> 1) download remote MANIFEST if spotted checksum mismatch and trying to use it >> 2) allow user to continue installation with 'broken' distributions >> >> I had to first put 10.1 then update it to HEAD :( >> >> What do you think ? > When I get some time I’ll have a look and see what I can do. > — > Cheers, > Devin > > Using the local manifest is a security feature -- there is otherwise zero protection against a man-in-the-middle attack. Ideally, you'd use the ISO that matches the posted files. There are three options here: 1. Add a dialog that lets you move ahead in the event of checksum failure, which makes me very nervous. 2. Use the boot1 disk. 2a. For release engineering: if the posted tarballs change too fast, the bootonly disk isn't actually useful for -CURRENT and should probably be removed from the FTP server. 3. You could reroll the ISO (just untar and run makefs again), commenting out line 180 of /usr/libexec/bsdinstall/scripts/auto. -Nathan