From owner-freebsd-stable@FreeBSD.ORG Sat Jun 6 15:42:15 2009 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 9CA2E106566B for ; Sat, 6 Jun 2009 15:42:15 +0000 (UTC) (envelope-from freebsd-stable-local@be-well.ilk.org) Received: from mail5.sea5.speakeasy.net (mail5.sea5.speakeasy.net [69.17.117.7]) by mx1.freebsd.org (Postfix) with ESMTP id 716818FC17 for ; Sat, 6 Jun 2009 15:42:15 +0000 (UTC) (envelope-from freebsd-stable-local@be-well.ilk.org) Received: (qmail 6953 invoked from network); 6 Jun 2009 15:42:15 -0000 Received: from dsl092-078-145.bos1.dsl.speakeasy.net (HELO be-well.ilk.org) ([66.92.78.145]) (envelope-sender ) by mail5.sea5.speakeasy.net (qmail-ldap-1.03) with SMTP for ; 6 Jun 2009 15:42:14 -0000 Received: from lowell-desk.lan (lowell-desk.lan [172.30.250.6]) by be-well.ilk.org (Postfix) with ESMTP id 3F07850825; Sat, 6 Jun 2009 11:42:08 -0400 (EDT) Received: by lowell-desk.lan (Postfix, from userid 1147) id 9D32F1CC23; Sat, 6 Jun 2009 11:42:07 -0400 (EDT) To: Bruce Cran References: <20090605154544.GA1855@sd-13813.dedibox.fr> <20090605233507.42ee1c96@gluon.draftnet> <44prdimhh2.fsf@lowell-desk.lan> <20090606010058.2bd884b0@gluon.draftnet> From: Lowell Gilbert Date: Sat, 06 Jun 2009 11:42:07 -0400 In-Reply-To: <20090606010058.2bd884b0@gluon.draftnet> (Bruce Cran's message of "Sat\, 6 Jun 2009 01\:00\:58 +0100") Message-ID: <44d49hbc8g.fsf@lowell-desk.lan> User-Agent: Gnus/5.11 (Gnus v5.11) Emacs/22.3 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: FLEURIOT Damien , freebsd-stable@freebsd.org Subject: Re: make installworld and securelevel X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 06 Jun 2009 15:42:16 -0000 Bruce Cran writes: > On Fri, 05 Jun 2009 18:41:13 -0400 > Lowell Gilbert wrote: > >> Bruce Cran writes: >> >> > On Fri, 5 Jun 2009 17:45:50 +0200 >> > FLEURIOT Damien wrote: >> > >> >> >> >> Hello list, >> >> >> >> >> >> I apologize if this issue has been raised already but I couldn't >> >> find it anywhere. >> >> >> >> >> >> Find below a snip from my installworld: >> >> >> >> -------------------------------------------------------------- >> >> >>> Installing everything >> >> -------------------------------------------------------------- >> >> cd /usr/src; make -f Makefile.inc1 install >> >> ===> share/info (install) >> >> ===> lib (install) >> >> ===> lib/csu/i386-elf (install) >> >> install -o root -g wheel -m 444 crt1.o crti.o crtn.o gcrt1.o >> >> /usr/lib >> >> ===> lib/libc (install) >> >> install -C -o root -g wheel -m 444 libc.a /usr/lib >> >> install -C -o root -g wheel -m 444 libc_p.a /usr/lib >> >> install -s -o root -g wheel -m 444 -fschg -S libc.so.7 /lib >> >> ^C >> >> >> >> >> >> My concern is with the last line which installs libc.so.7 and >> >> chflags it. >> >> >> >> I was running with securelevel 1 and got denied. >> >> I had to revert to the old kernel, change my securelevel, reinstall >> >> the new 7.2 kernel, then run my installworld. >> >> >> >> This hasn't caused me any other issue, but what will happen the day >> >> the libc.a or libc_p.a which are installed in the early steps of >> >> installworld become incompatible with the old kernel (if this is at >> >> all possible) ? >> >> >> >> I wouldn't have been able to boot anymore (this is a remote host). >> >> The server has a rescue system, but I think a lot of trouble could >> >> be saved by interrupting "make installworld" if we're running above >> >> securelevel 0. >> > >> > Although it's often safe to run installworld in multi user mode, >> > it's recommended to run it in single user mode to avoid issues like >> > this. From /usr/src/UPDATING: >> > >> > >> > make buildworld >> > make kernel KERNCONF=YOUR_KERNEL_HERE >> > [1] >> > [3] >> > mergemaster -p [5] >> > make installworld >> > make delete-old >> > mergemaster [4] >> > >> >> Still, I don't really see any obvious downsides to the suggestion. >> Maybe it could cause problems with jail updates? That's the only >> issue I've been able to think of... >> > > If you do both the installkernel and installworld at the same time and > the new kernel doesn't boot, then you may not be able to boot with the > old kernel because the new userland may be incompatible. The original suggestion wasn't to skip the reboot, but rather to stop the user from doing an installworld under a raised securelevel. I don't consider it important, because the recommended upgrade path is to do the installworld in single-user mode, but by the same token I don't see any real harm.