head 1.2; access; symbols netbsd-10-0-RELEASE:1.1.2.1 netbsd-10-0-RC6:1.1.2.1 netbsd-10-0-RC5:1.1.2.1 netbsd-10-0-RC4:1.1.2.1 netbsd-10-0-RC3:1.1.2.1 netbsd-10-0-RC2:1.1.2.1 netbsd-10-0-RC1:1.1.2.1 netbsd-10:1.1.0.2 netbsd-10-base:1.1; locks; strict; comment @# @; 1.2 date 2023.09.27.00.24.12; author riastradh; state Exp; branches; next 1.1; commitid k45BHG3lHtqEflGE; 1.1 date 2021.07.24.14.00.08; author jmcneill; state Exp; branches 1.1.2.1; next ; commitid ajnpwKEbyPvNjf2D; 1.1.2.1 date 2023.10.02.13.26.04; author martin; state Exp; branches; next ; commitid 1NCiH2r23TKUp3HE; desc @@ 1.2 log @/etc/rc.d/cerctl_init: New script for certctl rehash in live images. This is very limited -- it does not supplant postinstall to rehash certificates on upgrade; it only runs certctl rehash if /etc/openssl/certs is an empty directory, as you get in live images not created with sysinst. We could also have a more general-purpose way to run postinstall(8) on first boot of an image, but that has a lot more moving parts to think about, so let's start with this limited-scope low-risk approach. PR install/57629 XXX pullup-10 @ text @# $NetBSD: rc.conf.armimage,v 1.1 2021/07/24 14:00:08 jmcneill Exp $ is_ec2() { val=NO # Look for the string "amazon" in one of these sysctl nodes for node in machdep.dmi.system-vendor \ machdep.dmi.system-version \ machdep.dmi.bios-version \ machdep.xen.version ; do if /sbin/sysctl -q $node; then nodeval="$(/sbin/sysctl -n $node | tr '[A-Z]' '[a-z]')" case "$nodeval" in *amazon*) val=YES ;; # OpenStack is not EC2 but it does have a metadata service. *openstack*) val=YES ;; esac fi done printf $val } certctl_init=YES resize_gpt=YES resize_root=YES resize_root_flags="-p" resize_root_postcmd="/sbin/reboot -n" dhcpcd=YES sshd=YES ec2_init=$(is_ec2) if checkyesno ec2_init; then dhcpcd_flags="$dhcpcd_flags -w" fi @ 1.1 log @evbarm: liveimage: use RC_CONF_EXTRA instead of rc.conf.d @ text @d1 1 a1 1 # $NetBSD$ d26 1 @ 1.1.2.1 log @Pull up following revision(s) (requested by riastradh in ticket #381): distrib/utils/embedded/conf/evbarm.conf: revision 1.42 distrib/sets/lists/etc/mi: revision 1.273 etc/rc.d/Makefile: revision 1.118 distrib/utils/embedded/conf/usermode.conf: revision 1.7 etc/rc.d/certctl_init: revision 1.1 distrib/evbarm/liveimage/armimage/rc.conf.armimage: revision 1.2 etc/defaults/rc.conf: revision 1.166 distrib/amd64/liveimage/emuimage/rc.conf.emuimage: revision 1.3 distrib/utils/embedded/conf/x86.conf: revision 1.11 distrib/utils/embedded/conf/evbmips.conf: revision 1.4 /etc/rc.d/cerctl_init: New script for certctl rehash in live images. This is very limited -- it does not supplant postinstall to rehash certificates on upgrade; it only runs certctl rehash if /etc/openssl/certs is an empty directory, as you get in live images not created with sysinst. We could also have a more general-purpose way to run postinstall(8) on first boot of an image, but that has a lot more moving parts to think about, so let's start with this limited-scope low-risk approach. PR install/57629 /etc/rc.d/certctl_init: Default off. Otherwise in systems without certctl_init=YES, such as systems installed with sysinst(8) where it's unnecessary because the rehash has already happened at install time, you'll get spurious warnings. @ text @d1 1 a1 1 # $NetBSD: rc.conf.armimage,v 1.1 2021/07/24 14:00:08 jmcneill Exp $ a25 1 certctl_init=YES @