From 38578176e40dec040e5f65333559dd95040a995f Mon Sep 17 00:00:00 2001 From: Franco Fichtner Date: Tue, 29 Jun 2021 14:38:36 +0200 Subject: [PATCH] firmware: comment on compexity avoidance in shell menu Fix plist while here. --- plist | 2 ++ src/opnsense/scripts/shell/firmware.sh | 8 ++++++++ 2 files changed, 10 insertions(+) diff --git a/plist b/plist index f118afb8e..26a2ba4ab 100644 --- a/plist +++ b/plist @@ -243,6 +243,8 @@ /usr/local/opnsense/data/proxy/template_error_pages/ERR_ZERO_SIZE_OBJECT.html /usr/local/opnsense/data/proxy/template_error_pages/error-details.txt /usr/local/opnsense/data/proxy/template_error_pages/errorpage.css +/usr/local/opnsense/firmware-message +/usr/local/opnsense/firmware-upgrade /usr/local/opnsense/mvc/app/cache/README /usr/local/opnsense/mvc/app/config/config.php /usr/local/opnsense/mvc/app/config/loader.php diff --git a/src/opnsense/scripts/shell/firmware.sh b/src/opnsense/scripts/shell/firmware.sh index 3811054d0..39b576ab3 100755 --- a/src/opnsense/scripts/shell/firmware.sh +++ b/src/opnsense/scripts/shell/firmware.sh @@ -27,6 +27,14 @@ set -e +# From this shell script never execute any remote check priror to user +# consent. The first action is the changelog fetch. After that we +# opportunistically run the selected major "upgrade"/minor "update" request. +# Except for the reboot check, we never inspect the incoming integrity +# of the update: in case there is none available the respective function +# will tell us itself. With this we shield the firmware shell run from +# the complexity of GUI/API updates so that bugs are most likely avoided. + SCRIPTSDIR="/usr/local/opnsense/scripts/firmware" RELEASE=$(opnsense-update -vR) PROMPT="y/N"