From owner-freebsd-stable@freebsd.org  Fri Jun 16 14:55:40 2017
Return-Path: <owner-freebsd-stable@freebsd.org>
Delivered-To: freebsd-stable@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 9BDB9C0ADE1
 for <freebsd-stable@mailman.ysv.freebsd.org>;
 Fri, 16 Jun 2017 14:55:40 +0000 (UTC)
 (envelope-from karl@denninger.net)
Received: from colo1.denninger.net (colo1.denninger.net [67.205.158.196])
 by mx1.freebsd.org (Postfix) with ESMTP id 6F6BC82FE7
 for <freebsd-stable@freebsd.org>; Fri, 16 Jun 2017 14:55:39 +0000 (UTC)
 (envelope-from karl@denninger.net)
Received: from denninger.net (ip68-1-57-197.pn.at.cox.net [68.1.57.197])
 by colo1.denninger.net (Postfix) with ESMTP id 289E527336
 for <freebsd-stable@freebsd.org>; Fri, 16 Jun 2017 10:55:39 -0400 (EDT)
Received: from [192.168.10.20] (D10.Denninger.Net [192.168.10.20])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (No client certificate requested)
 by denninger.net (Postfix) with ESMTPSA id 016E33C84
 for <freebsd-stable@freebsd.org>; Fri, 16 Jun 2017 09:55:37 -0500 (CDT)
Subject: Re: Interesting permissions difference on NanoBSD build
To: freebsd-stable@freebsd.org
References: <a6e9db4f-235e-bd40-e361-a8af84a68186@denninger.net>
 <1387791f-fe22-08d7-2048-26bd95eab451@madpilot.net>
 <0561597d-4b24-f68e-33a8-d0902e7696da@denninger.net>
From: Karl Denninger <karl@denninger.net>
Message-ID: <129b610a-0f2b-4831-ea5f-9aa4c323cfa8@denninger.net>
Date: Fri, 16 Jun 2017 09:55:35 -0500
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101
 Thunderbird/52.2.0
MIME-Version: 1.0
In-Reply-To: <0561597d-4b24-f68e-33a8-d0902e7696da@denninger.net>
Content-Type: multipart/signed; protocol="application/pkcs7-signature";
 micalg=sha-512; boundary="------------ms030809040209060705000707"
X-Content-Filtered-By: Mailman/MimeDel 2.1.23
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-stable>, 
 <mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable/>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
 <mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 16 Jun 2017 14:55:40 -0000

This is a cryptographically signed message in MIME format.

--------------ms030809040209060705000707
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

On 6/16/2017 08:21, Karl Denninger wrote:
> On 6/16/2017 07:52, Guido Falsi wrote:
>> On 06/16/17 14:25, Karl Denninger wrote:
>>> I've recently started playing with the "base" NanoBSD scripts and hav=
e
>>> run into an interesting issue.
>> [...]
>>> Note the missing "r" bit for "other" in usr and etc directories -- an=
d
>>> the missing "x" bit (at minimum) for the root!  The same is carried d=
own
>>> to "local" under usr:
>>>
>>> root@NewFS:/pics/Crochet-work-AMD/obj/_.w # ls -al usr
>>> total 134
>>> drwxr-x--x  12 root  wheel   12 Jun 15 17:10 .
>>> drwxr-x---  18 root  wheel   24 Jun 15 17:10 ..
>>> drwxr-xr-x   2 root  wheel  497 Jun 15 17:09 bin
>>> drwxr-xr-x  52 root  wheel  327 Jun 15 17:10 include
>>> drwxr-xr-x   8 root  wheel  655 Jun 15 17:10 lib
>>> drwxr-xr-x   4 root  wheel  670 Jun 15 17:09 lib32
>>> drwxr-xr-x   5 root  wheel    5 Jun 15 17:10 libdata
>>> drwxr-xr-x   7 root  wheel   70 Jun 15 17:10 libexec
>>> drwxr-x--x  10 root  wheel   11 Jun 15 17:10 local
>>> drwxr-xr-x   2 root  wheel  294 Jun 15 17:08 sbin
>>> drwxr-xr-x  31 root  wheel   31 Jun 15 17:10 share
>>> drwxr-xr-x  14 root  wheel   17 Jun 15 17:10 tests
>>> root@NewFS:/pics/Crochet-work-AMD/obj/_.w #
>> I have no idea why this is happening on your system but I'm not
>> observing it here:
>>
>>> ls -al usr
>> total 85
>> drwxr-xr-x   9 root  wheel    9 Jun 15 13:32 .
>> drwxr-xr-x  22 root  wheel   29 Jun 15 13:32 ..
>> drwxr-xr-x   2 root  wheel  359 Jun 15 13:32 bin
>> drwxr-xr-x   4 root  wheel  446 Jun 15 13:32 lib
>> drwxr-xr-x   3 root  wheel    3 Jun 15 13:32 libdata
>> drwxr-xr-x   5 root  wheel   47 Jun 15 13:32 libexec
>> drwxr-xr-x  12 root  wheel   13 Jun 15 13:32 local
>> drwxr-xr-x   2 root  wheel  218 Jun 15 13:32 sbin
>> drwxr-xr-x  17 root  wheel   17 Jun 15 13:32 share
>>
>>
>> and I get (almost) the same on the installed nanobsd system:
>>> ls -al usr
>> total 24
>> drwxr-xr-x   9 root  wheel    512 Jun 15 13:32 .
>> drwxr-xr-x  23 root  wheel    512 Jun 15 13:34 ..
>> drwxr-xr-x   2 root  wheel   6144 Jun 15 13:32 bin
>> drwxr-xr-x   4 root  wheel  10752 Jun 15 13:32 lib
>> drwxr-xr-x   3 root  wheel    512 Jun 15 13:32 libdata
>> drwxr-xr-x   5 root  wheel   1024 Jun 15 13:32 libexec
>> drwxr-xr-x  12 root  wheel    512 Jun 15 13:32 local
>> drwxr-xr-x   2 root  wheel   4096 Jun 15 13:32 sbin
>> drwxr-xr-x  17 root  wheel    512 Jun 15 13:32 share
>>
>> The machine I'm building the NanoBSD image on is running head r318959,=

>> and is running ZFS, while the NanoBSD system I've built is tracking
>> 11-STABLE and is at r319971 at present, so a BETA1.
>>
>> Could you report version information too? maybe it's a problem present=

>> on head NanoBSD scripts?
> FreeBSD 11.0-STABLE #15 r312669M: Mon Jan 23 14:01:03 CST 2017   =20
> karl@NewFS.denninger.net:/usr/obj/usr/src/sys/KSD-SMP
>
> I also build using Crochet against both /usr/src (my "primary" source
> repo, which is on the rev noted here) and against a second one (-HEAD),=

> which I need to use for the RPI3.  Neither winds up with this sort of
> permission issue.
>
> The obj directory is on /pics/Crochet-Work-AMD, which is a zfs
> filesystem mounted off a "scratch" SSD.
>
> The problem appears to stem from the creation of "_.w" and since
> directory permissions are "normally" inherited it promulgates from ther=
e
> unless an explicit permission set occurs.  Yet I see nothing that would=

> create the world directory with anything other than the umask at the
> time it runs.
>
> I *am* running this from "batch" -- perhaps that's where the problem is=

> coming from?  I'll try adding a "umask 022" to the nanobsd.sh script at=

> the top and see what that does.
Nope.

It's something in the installworld subset; I put a stop in after the
clean/create world directory and I have a 0755 permission mask on the
(empty) directory.

Hmmm...

I do not know where this is coming from now but this test implies that
it's the "installworld" action that causes it.

root@NewFS:/pics/Crochet-work-AMD/obj # ls -al

total 2176760
drwxr-xr-x  5 root  wheel          24 Jun 16 09:41 .
drwxr-xr-x  3 root  wheel           3 Jun 16 08:25 ..
-rw-r--r--  1 root  wheel     7658918 Jun 16 09:22 _.bk
-rw-r--r--  1 root  wheel    53768368 Jun 16 09:15 _.bw
-rw-r--r--  1 root  wheel         200 Jun 16 09:25 _.cust.cust_comconsole=

-rw-r--r--  1 root  wheel         733 Jun 16 09:25 _.cust.cust_freebsd
-rw-r--r--  1 root  wheel         550 Jun 16 09:25 _.cust.cust_install_fi=
les
-rw-r--r--  1 root  wheel       16958 Jun 16 09:25 _.cust.cust_pkgng
-rw-r--r--  1 root  wheel     2566610 Jun 16 09:26 _.di
-rw-r--r--  1 root  wheel  6000000000 Jun 16 09:26 _.disk.full
-rw-r--r--  1 root  wheel  2711020032 Jun 16 09:26 _.disk.image
-rw-r--r--  1 root  wheel          59 Jun 16 09:25 _.dl
-rw-r--r--  1 root  wheel       59521 Jun 16 09:25 _.du
-rw-r--r--  1 root  wheel        2041 Jun 16 08:25 _.env
-rw-r--r--  1 root  wheel       75783 Jun 16 09:24 _.etc
-rw-r--r--  1 root  wheel         148 Jun 16 09:25 _.fdisk
-rw-r--r--  1 root  wheel      215692 Jun 16 09:25 _.ik
-rw-r--r--  1 root  wheel     4085907 Jun 16 09:24 _.iw
drwxr-xr-x  2 root  wheel           2 Jun 16 09:25 _.mnt
-rw-r--r--  1 root  wheel     2676015 Jun 16 09:25 _.mtree
drwxr-xr-x  2 root  wheel           2 Jun 16 09:41 _.w
-rw-r--r--  1 root  wheel          22 Jun 16 08:25 make.conf.build
-rw-r--r--  1 root  wheel          22 Jun 16 09:22 make.conf.install
drwxr-xr-x  3 root  wheel           3 Jun 16 08:25 usr

root@NewFS:/usr/src/tools/tools/nanobsd # sh nanobsd.sh -b -n -c
PCEngines.conf
00:00:00 ### Exporting NanoBSD variables
00:00:00 ### Setting variable: MAKEOBJDIRPREFIX=3D"/pics/Crochet-work-AMD=
/obj"
00:00:00 ### Setting variable: NANO_ARCH=3D"amd64"
00:00:00 ### Setting variable: NANO_CODESIZE=3D"0"
00:00:00 ### Setting variable: NANO_CONFSIZE=3D"125000"
00:00:00 ### Setting variable: NANO_CUSTOMIZE=3D" cust_comconsole
cust_pkgng cust_install_files cust_freebsd"
00:00:00 ### Setting variable: NANO_DATASIZE=3D"1000000"
00:00:00 ### Setting variable: NANO_DRIVE=3D"mmcsd0"
00:00:00 ### Setting variable: NANO_HEADS=3D"16"
00:00:00 ### Setting variable: NANO_IMAGES=3D"2"
00:00:00 ### Setting variable: NANO_IMGNAME=3D"_.disk.full"
00:00:00 ### Setting variable: NANO_MAKE=3D"make"
00:00:00 ### Setting variable:
NANO_MAKE_CONF_BUILD=3D"/pics/Crochet-work-AMD/obj/make.conf.build"
00:00:00 ### Setting variable:
NANO_MAKE_CONF_INSTALL=3D"/pics/Crochet-work-AMD/obj/make.conf.install"
00:00:00 ### Setting variable: NANO_MEDIASIZE=3D"11718750"
00:00:00 ### Setting variable: NANO_NAME=3D"pcengines"
00:00:00 ### Setting variable: NANO_NEWFS=3D"-b 4096 -f 512 -i 8192 -U"
00:00:00 ### Setting variable: NANO_OBJ=3D"/pics/Crochet-work-AMD/obj"
00:00:00 ### Setting variable: NANO_PMAKE=3D"make -j 8"
00:00:00 ### Setting variable: NANO_SECTS=3D"63"
00:00:00 ### Setting variable: NANO_SRC=3D"/usr/src"
00:00:00 ### Setting variable: NANO_TOOLS=3D"/usr/src/tools/tools/nanobsd=
"
00:00:00 ### Setting variable:
NANO_WORLDDIR=3D"/pics/Crochet-work-AMD/obj/_.w"
00:00:00 ### Setting variable: NANO_BOOT0CFG=3D"-o packet -s 1 -m 3"
00:00:00 ### Setting variable: NANO_BOOTLOADER=3D"boot/boot0sio"
00:00:00 ### Setting variable: NANO_LABEL=3D""
00:00:00 ### Setting variable: NANO_MODULES=3D"default"
00:00:00 ### Setting variable: NANO_NOPRIV_BUILD=3D""
00:00:00 ### Setting variable: NANO_METALOG=3D""
00:00:00 ### Setting variable: NANO_LOG=3D"/pics/Crochet-work-AMD/obj"
00:00:00 ### Setting variable: SRCCONF=3D"/dev/null"
00:00:00 ### Setting variable: SRC_ENV_CONF=3D"/dev/null"
00:00:00 # NanoBSD image pcengines build starting
00:00:00 ## run early customize scripts
00:00:00 ## Skipping buildworld (as instructed)
00:00:00 ## Skipping buildkernel (as instructed)
00:00:00 ## Clean and create world directory
(/pics/Crochet-work-AMD/obj/_.w)
STOP STOP STOP


--=20
Karl Denninger
karl@denninger.net <mailto:karl@denninger.net>
/The Market Ticker/
/[S/MIME encrypted email preferred]/

--------------ms030809040209060705000707
Content-Type: application/pkcs7-signature; name="smime.p7s"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="smime.p7s"
Content-Description: S/MIME Cryptographic Signature

MIAGCSqGSIb3DQEHAqCAMIACAQExDzANBglghkgBZQMEAgMFADCABgkqhkiG9w0BBwEAAKCC
BlwwggZYMIIEQKADAgECAgE9MA0GCSqGSIb3DQEBCwUAMIGQMQswCQYDVQQGEwJVUzEQMA4G
A1UECBMHRmxvcmlkYTESMBAGA1UEBxMJTmljZXZpbGxlMRkwFwYDVQQKExBDdWRhIFN5c3Rl
bXMgTExDMRwwGgYDVQQDExNDdWRhIFN5c3RlbXMgTExDIENBMSIwIAYJKoZIhvcNAQkBFhND
dWRhIFN5c3RlbXMgTExDIENBMB4XDTE2MTIxODE5NDUzNVoXDTIxMTIxNzE5NDUzNVowVzEL
MAkGA1UEBhMCVVMxEDAOBgNVBAgTB0Zsb3JpZGExGTAXBgNVBAoTEEN1ZGEgU3lzdGVtcyBM
TEMxGzAZBgNVBAMUEmthcmxAZGVubmluZ2VyLm5ldDCCAiIwDQYJKoZIhvcNAQEBBQADggIP
ADCCAgoCggIBAM2N5maxs7NkoY9g5NMxFWll0TYiO7gXrGZTo3q25ZJgNdPMwrntLz/5ewE9
07TEbwJ3ah/Ep9BfZm7JF9vTtE1HkgKtXNKi0pawNGm1Yn26Dz5AbUr1byby6dFtDJr14E07
trzDCtRRvTkOVSBj6PQPal0fAnDtkIYQBVcuMkXkuMCtyfE95pjm8g4K9l7lAcKii3T1/3rE
hCc1o2nBnb7EN1/XwBeCDGB+I2SN/ftZDbKQqGAF5q9dUn+iXU7Z/CVSfUWmhVh6cVZA4Ftv
TglUqj410OuPx+cUQch3h1kFgsuhQR63HiJc3HbRJllHsV0rihvL1CjeARQkhnA6uY9NLFST
p5I/PfzBzW2MSmtN/tGZvmfKKnmtbfUNgkzbIR1K3lsum+yEL71kB93Xtz/4f1demEx5c8TJ
RBIniDHjDeLGK1aoBu8nfnvXAvgthFNTWBOEoR49AHEPjC3kZj0l8JQml1Y8bTQD5gtC5txl
klO60WV0EufU7Hy9CmynMuFtjiA2v71pm097rXeCdrAKgisdYeEESB+SFrlY65rLiLv4n8o1
PX7DqRfqKkOYIakZ0ug/yHVKcq2EM3RiJxwzls5gT70CoOBlKbrC98O8TA6teON0Jq30M06t
NTI2HhvNbJDLbBH+Awf4h1UKB+0ufENwjVvF5Jfz8Ww/FaSDAgMBAAGjgfQwgfEwNwYIKwYB
BQUHAQEEKzApMCcGCCsGAQUFBzABhhtodHRwOi8vY3VkYXN5c3RlbXMubmV0Ojg4ODgwCQYD
VR0TBAIwADARBglghkgBhvhCAQEEBAMCBaAwCwYDVR0PBAQDAgXgMCwGCWCGSAGG+EIBDQQf
Fh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUpfAI3y+751pp9A0w
6vJHx8RoR/MwHwYDVR0jBBgwFoAUJHGbnYV9/N3dvbDKkpQDofrTbTUwHQYDVR0RBBYwFIES
a2FybEBkZW5uaW5nZXIubmV0MA0GCSqGSIb3DQEBCwUAA4ICAQBiB6MlugxYJdccD8boZ/u8
d8VxmLkJCtbfyYHRjYdyoABLW5hE3k3xSpYCM9L7vzWyV/UWwDYKi4ZzxHo4g+jG/GQZfKhx
v38BQjL2G9xD0Hn2d+cygOq3UPjVYlbbfQoew6JbyCFXrrZ7/0jvRMLAN2+bRC7ynaFUixPH
Whnj9JSH7ieYdzak8KN+G2coIC2t2iyfXVKehzi5gdNQ0vJ7+ypbGsRm4gE8Mdo9N/WgFPvZ
HPFqR9Dwas7Z+aHwOabpk5r/336SyjOaZsn3MqKJQZL6GqDKusVOCWt+9uFAD8kadg7FetZe
atIoD9I+zbp59oVoMnkMDMx7Hi85faU03csusqMGsjSsAzWSI1N8PJytZlchLiykokLKc3OL
G87QKlErotlou7cfPX2BbEAH5wmkj9oiqZhxIL/wwAUA+PkiTbEmksKBNompSjUq/6UsR8EA
s74gnu17lmijv8mrg2qMlwRirE7qG8pnE8egLtCDxcjd0Of9WMi2NJskn0/ovC7P+J60Napl
m3ZIgPJst1piYSE0Zc1FIat4fFphMfK5v4iLblo1tFSlkdx1UNDGdg/U+LaXkNVXlMp8fyPm
R80V6cIrCAlEWnBJNxG1UyfbbsvNMCCZBM4faGGsR/hhQOiydlruxhjL6P8J2WV8p11DdeGx
KymWoil2s1J5WTGCBRMwggUPAgEBMIGWMIGQMQswCQYDVQQGEwJVUzEQMA4GA1UECBMHRmxv
cmlkYTESMBAGA1UEBxMJTmljZXZpbGxlMRkwFwYDVQQKExBDdWRhIFN5c3RlbXMgTExDMRww
GgYDVQQDExNDdWRhIFN5c3RlbXMgTExDIENBMSIwIAYJKoZIhvcNAQkBFhNDdWRhIFN5c3Rl
bXMgTExDIENBAgE9MA0GCWCGSAFlAwQCAwUAoIICTTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcN
AQcBMBwGCSqGSIb3DQEJBTEPFw0xNzA2MTYxNDU1MzVaME8GCSqGSIb3DQEJBDFCBEBZ443e
xHnSzHymR1i0oDqom63UdAt45ZdlR5Hr2kekDBkP9IJZnflPCY9MqSY5v9tOR4PjEPN+7H1q
55F4slruMGwGCSqGSIb3DQEJDzFfMF0wCwYJYIZIAWUDBAEqMAsGCWCGSAFlAwQBAjAKBggq
hkiG9w0DBzAOBggqhkiG9w0DAgICAIAwDQYIKoZIhvcNAwICAUAwBwYFKw4DAgcwDQYIKoZI
hvcNAwICASgwgacGCSsGAQQBgjcQBDGBmTCBljCBkDELMAkGA1UEBhMCVVMxEDAOBgNVBAgT
B0Zsb3JpZGExEjAQBgNVBAcTCU5pY2V2aWxsZTEZMBcGA1UEChMQQ3VkYSBTeXN0ZW1zIExM
QzEcMBoGA1UEAxMTQ3VkYSBTeXN0ZW1zIExMQyBDQTEiMCAGCSqGSIb3DQEJARYTQ3VkYSBT
eXN0ZW1zIExMQyBDQQIBPTCBqQYLKoZIhvcNAQkQAgsxgZmggZYwgZAxCzAJBgNVBAYTAlVT
MRAwDgYDVQQIEwdGbG9yaWRhMRIwEAYDVQQHEwlOaWNldmlsbGUxGTAXBgNVBAoTEEN1ZGEg
U3lzdGVtcyBMTEMxHDAaBgNVBAMTE0N1ZGEgU3lzdGVtcyBMTEMgQ0ExIjAgBgkqhkiG9w0B
CQEWE0N1ZGEgU3lzdGVtcyBMTEMgQ0ECAT0wDQYJKoZIhvcNAQEBBQAEggIAstQrSuh7le4I
OIllldpGpIbxK855K1S3+Rkt3GD8FSWyyvPcVkieGAKZqKrGdAmTJNOqFnFBY6EL1HZY/hpz
Y0nXLBJvi9IT9/JnJLdo1e0Fder6hciDyvApuSLUlDWsI4hoppBU3ZIcSAgaqndJmiWaweW2
fs/zOVS5ldApmPVi2Ki9F/EK4wNxI3A9ddF/pfBc1tQQxPa2rjrQSf2ErphLJxp/cUUlWRVg
0Vs2yNX+J4S6Fgg9/D5I14et6lRLhRro+K8ZWTzff1t/RdBYWFGDGqVBbSnw9ErcOt+xYw37
XvPBtthrDv/dbr4y8WCz0OyGDrflHrAEf84g2ygtV9p3rEwPKGbKhtqESFgx4LSRNWfbfWXq
gEBqUW9JqzyDJRu29qerrI7cb+uUG0FcAz+dP0qzUSLXWMIi4EusOvgrdd2MfhEDFRbBj8m1
sa0FeT5mQSW8TnGTF58SRnQnXoPFKdj5pCynifUhKrcobp1euttwARsDsNzoklGmXEa0R7Wb
teiquTcWjGz/Ec+IBS8HArQ8idz9tIVQ/t4ZqVM6cRjW0q7GIjfRGTKTRAjz+cieaTACp9/u
PjZqr8q2U8LnFk8ek3VKWlEG9Vb/69gOY7zwDr1M3Su6yjtXP3qrQCt/wQVtYy3ZgeOoNkQS
i/eJK9uWOgky/WUzk60NlvgAAAAAAAA=
--------------ms030809040209060705000707--