diff options
| author | Paul Emm. Katsoulakis <34388743+paulkatsoulakis@users.noreply.github.com> | 2019-04-01 18:25:51 +0200 |
|---|---|---|
| committer | Chris Akritidis <43294513+cakrit@users.noreply.github.com> | 2019-04-01 18:25:50 +0200 |
| commit | 2637740ff30669ec78d175d7d0d18294e07003f7 (patch) | |
| tree | 593387aa653c865fd938b0e90ecfbf76ea5256d3 | |
| parent | 061643fb41c5d5ae6daa74251074cdfae6ecd88f (diff) | |
netdata/packaging/installer: fix sha256sum failure on freeBSD (#5760)
* netdata/packaging/installer: Introduce safe_sha256sum - a more flexible checsum function
Due to #5747 we discovered that our installer wasnt working properly on FreeBSD.
We created within our functions lib a safe_sha256sum that picks between sha256sum and shasum, with priority to the first method
* netdata/packaging/installer: Update checksums in README
| -rwxr-xr-x | netdata-installer.sh | 2 | ||||
| -rw-r--r-- | packaging/installer/README.md | 4 | ||||
| -rw-r--r-- | packaging/installer/functions.sh | 13 | ||||
| -rwxr-xr-x | packaging/installer/kickstart-static64.sh | 2 | ||||
| -rwxr-xr-x | packaging/installer/kickstart.sh | 2 | ||||
| -rw-r--r-- | packaging/installer/netdata-updater.sh | 4 |
6 files changed, 20 insertions, 7 deletions
diff --git a/netdata-installer.sh b/netdata-installer.sh index ed4ead7e94..2018cb336e 100755 --- a/netdata-installer.sh +++ b/netdata-installer.sh @@ -775,7 +775,7 @@ install_go() { grep "config.tar.gz" "${INSTALLER_DIR}/packaging/go.d.checksums" >> "${tmp}/sha256sums.txt" 2>/dev/null # Checksum validation - if ! (cd "${tmp}" && sha256sum -c "sha256sums.txt"); then + if ! (cd "${tmp}" && safe_sha256sum -c "sha256sums.txt"); then run_failed "go.d.plugin package files checksum validation failed." return 1 fi diff --git a/packaging/installer/README.md b/packaging/installer/README.md index f9cd746a1f..21ebc695e3 100644 --- a/packaging/installer/README.md +++ b/packaging/installer/README.md @@ -42,7 +42,7 @@ bash <(curl -Ss https://my-netdata.io/kickstart.sh) Verify the integrity of the script with this: ```bash -[ "e051d1baed4c69653b5d3e4588696466" = "$(curl -Ss https://my-netdata.io/kickstart.sh | md5sum | cut -d ' ' -f 1)" ] && echo "OK, VALID" || echo "FAILED, INVALID" +[ "dec269c623667e132b4b179b9b77fcaf" = "$(curl -Ss https://my-netdata.io/kickstart.sh | md5sum | cut -d ' ' -f 1)" ] && echo "OK, VALID" || echo "FAILED, INVALID" ``` *It should print `OK, VALID` if the script is the one we ship.* @@ -96,7 +96,7 @@ To install Netdata with a binary package on any Linux distro, any kernel version Verify the integrity of the script with this: ```bash -[ "8e6df9b6f6cc7de0d73f6e5e51a3c8c2" = "$(curl -Ss https://my-netdata.io/kickstart-static64.sh | md5sum | cut -d ' ' -f 1)" ] && echo "OK, VALID" || echo "FAILED, INVALID" +[ "9f5e63e50ec4322f65064b446cff8dc5" = "$(curl -Ss https://my-netdata.io/kickstart-static64.sh | md5sum | cut -d ' ' -f 1)" ] && echo "OK, VALID" || echo "FAILED, INVALID" ``` *It should print `OK, VALID` if the script is the one we ship.* diff --git a/packaging/installer/functions.sh b/packaging/installer/functions.sh index 7016b4f343..0b3049967b 100644 --- a/packaging/installer/functions.sh +++ b/packaging/installer/functions.sh @@ -678,3 +678,16 @@ portable_add_user_to_group() { return 1 fi } + + +function safe_sha256sum() { + # Within the contexct of the installer, we only use -c option that is common between the two commands + # We will have to reconsider if we start non-common options + if command -v sha256sum >/dev/null 2>&1; then + sha256sum $@ + elif command -v shasum >/dev/null 2>&1; then + shasum -a 256 $@ + else + fatal "I could not find a suitable checksum binary to use" + fi +} diff --git a/packaging/installer/kickstart-static64.sh b/packaging/installer/kickstart-static64.sh index f6d0fc6949..33ef738593 100755 --- a/packaging/installer/kickstart-static64.sh +++ b/packaging/installer/kickstart-static64.sh @@ -157,7 +157,7 @@ progress "Downloading static netdata binary: ${NETDATA_TARBALL_URL}" download "${NETDATA_TARBALL_CHECKSUM_URL}" "${TMPDIR}/sha256sum.txt" download "${NETDATA_TARBALL_URL}" "${TMPDIR}/netdata-latest.gz.run" -if ! grep netdata-latest.gz.run "${TMPDIR}/sha256sum.txt" | sha256sum --check - >/dev/null 2>&1; then +if ! grep netdata-latest.gz.run "${TMPDIR}/sha256sum.txt" | safe_sha256sum -c - >/dev/null 2>&1; then fatal "Static binary checksum validation failed. Stopping netdata installation and leaving binary in ${TMPDIR}" fi diff --git a/packaging/installer/kickstart.sh b/packaging/installer/kickstart.sh index f5683327a9..24a96f56a7 100755 --- a/packaging/installer/kickstart.sh +++ b/packaging/installer/kickstart.sh @@ -275,7 +275,7 @@ set_tarball_urls "${RELEASE_CHANNEL}" download "${NETDATA_TARBALL_CHECKSUM_URL}" "${TMPDIR}/sha256sum.txt" download "${NETDATA_TARBALL_URL}" "${TMPDIR}/netdata-latest.tar.gz" -if ! grep netdata-latest.tar.gz "${TMPDIR}/sha256sum.txt" | sha256sum --check - >/dev/null 2>&1; then +if ! grep netdata-latest.tar.gz "${TMPDIR}/sha256sum.txt" | safe_sha256sum -c - >/dev/null 2>&1; then fatal "Tarball checksum validation failed. Stopping netdata installation and leaving tarball in ${TMPDIR}" fi run tar -xf netdata-latest.tar.gz diff --git a/packaging/installer/netdata-updater.sh b/packaging/installer/netdata-updater.sh index 071198dd6c..1f3ba927a8 100644 --- a/packaging/installer/netdata-updater.sh +++ b/packaging/installer/netdata-updater.sh @@ -79,10 +79,10 @@ update() { info "Newest version is already installed" else download "${NETDATA_TARBALL_URL}" "${dir}/netdata-latest.tar.gz" - if ! grep netdata-latest.tar.gz sha256sum.txt | sha256sum --check - >&3 2>&3; then + if ! grep netdata-latest.tar.gz sha256sum.txt | safe_sha256sum -c - >&3 2>&3; then failed "Tarball checksum validation failed. Stopping netdata upgrade and leaving tarball in ${dir}" fi - NEW_CHECKSUM="$(sha256sum netdata-latest.tar.gz 2>/dev/null| cut -d' ' -f1)" + NEW_CHECKSUM="$(safe_sha256sum netdata-latest.tar.gz 2>/dev/null| cut -d' ' -f1)" tar -xf netdata-latest.tar.gz >&3 2>&3 rm netdata-latest.tar.gz >&3 2>&3 cd netdata-* |