From owner-freebsd-current@FreeBSD.ORG Wed Mar 10 16:02:36 2004 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 65F8216A4CE for ; Wed, 10 Mar 2004 16:02:36 -0800 (PST) Received: from mail.dt.e-technik.uni-dortmund.de (mail.dt.E-Technik.Uni-Dortmund.DE [129.217.163.1]) by mx1.FreeBSD.org (Postfix) with ESMTP id AB2BC43D1D for ; Wed, 10 Mar 2004 16:02:35 -0800 (PST) (envelope-from ma@dt.e-technik.uni-dortmund.de) Received: from m2a2.dyndns.org (krusty.dt.e-technik.uni-dortmund.de [129.217.163.1])BB7A023D9E for ; Thu, 11 Mar 2004 01:02:34 +0100 (CET) Received: from localhost (localhost [127.0.0.1]) by merlin.emma.line.org (Postfix) with ESMTP id B8D769E7BB for ; Thu, 11 Mar 2004 01:02:32 +0100 (CET) Received: from merlin.emma.line.org ([127.0.0.1]) by localhost (m2a2.dyndns.org [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 30339-01-2 for ; Thu, 11 Mar 2004 01:02:32 +0100 (CET) Received: by merlin.emma.line.org (Postfix, from userid 500) id 321E29D770; Thu, 11 Mar 2004 01:02:32 +0100 (CET) Date: Thu, 11 Mar 2004 01:02:32 +0100 From: Matthias Andree To: current@FreeBSD.org Message-ID: <20040311000232.GA30116@merlin.emma.line.org> Mail-Followup-To: current@FreeBSD.org Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="vkogqOf2sHV7VnPd" Content-Disposition: inline User-Agent: Mutt/1.5.5.1i X-Virus-Scanned: by amavisd-new at m2a2.dyndns.org Subject: PATCH: Makefile.inc1 r1.411 jams make installworld X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 11 Mar 2004 00:02:36 -0000 --vkogqOf2sHV7VnPd Content-Type: text/plain; charset=us-ascii Content-Disposition: inline I've sent this PR - unfortunately from the wrong address, so the posting was held. I've cancelled it and am forwarding it so it appears earlier, to avoid the problem from being reported again. This has been assigned PR misc/64073 in the meanwhile, see http://www.freebsd.org/cgi/query-pr.cgi?pr=64073 Matthias --vkogqOf2sHV7VnPd Content-Type: message/rfc822 Content-Disposition: inline Return-Path: X-Original-To: emma@sigma.emma.line.org Delivered-To: emma@sigma.emma.line.org Received: from localhost (localhost [127.0.0.1]) by merlin.emma.line.org (Postfix) with ESMTP id DA1BF1CF0; Thu, 11 Mar 2004 00:53:36 +0100 (CET) Received: from merlin.emma.line.org ([127.0.0.1]) by localhost (m2a2.dyndns.org [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 29212-03; Thu, 11 Mar 2004 00:53:36 +0100 (CET) Received: from sigma.emma.line.org (sigma.emma.line.org [192.168.0.49]) by merlin.emma.line.org (Postfix) with ESMTP id 56651DE7; Thu, 11 Mar 2004 00:53:36 +0100 (CET) Received: by sigma.emma.line.org (Postfix, from userid 500) id 1C3AC5C33; Thu, 11 Mar 2004 00:53:36 +0100 (CET) To: FreeBSD-gnats-submit@freebsd.org Subject: PATCH: Makefile.inc1 r1.411 jams make installworld From: Matthias Andree Cc: current@freebsd.org, net@freebsd.org, gshapiro@freebsd.org, peter@freebsd.org, Max Laier X-send-pr-version: 3.113 X-GNATS-Notify: Message-Id: <20040310235336.1C3AC5C33@sigma.emma.line.org> Date: Thu, 11 Mar 2004 00:53:36 +0100 (CET) X-Virus-Scanned: by amavisd-new at !change-mydomain-variable!.example.com X-Bogosity: No, tests=bogofilter, spamicity=0.000000, version=0.17.2.cvs.CVStime_20040305_003938, date=2004-03-10T23:53:37Z >Submitter-Id: current-users >Originator: Matthias Andree >Organization: >Confidential: no >Synopsis: PATCH: Makefile.inc1 r1.411 jams make installworld >Severity: critical >Priority: low >Category: misc >Class: sw-bug >Release: FreeBSD 5.2-CURRENT i386 >Environment: System: FreeBSD sigma.emma.line.org 5.2-CURRENT FreeBSD 5.2-CURRENT #3: Wed Mar 10 22:29:45 CET 2004 root@sigma.emma.line.org:/usr/src/sys/i386/compile/SIGMA i386 >Description: "make installworld" fails, complaining the required authpf group was missing: -bash-2.05b# grep -w authpf /etc/group authpf:*:63: -bash-2.05b# make installworld id: authpf: no such user ERROR: Required authpf group is missing, see /usr/src/UPDATING. *** Error code 1 Cause: The recent Makefile.inc1 change in rev. 1.411 of that file is bogus, it is a copy of a bogus line further up in the file that was shadowed by a mandatory user account with the same name as the group that was supposed to be checked. "id -g authpf" does not check if a *group* "authpf" exists but returns the primary group ID of the *user* "authpf". Result as above. Looking closer, the same problem applies to the "id -g smmsp" check that used to be fine (albeit inefficient) but was repaired broken in revision 1.376 on 2003-07-06 by gshapiro after suggestion from peter. I am suggesting the patch below that checks /etc/group with grep and then NIS with ypmatch. This is a bit ugly but will serve for now. A more complex but nsswitch-proof alternative would be to create a dummy file, for instance: echo "delete me" >${DECENTPATH}/dummy$$ chgrp smmsp ${DECENTPATH}/dummy$$ DECENTPATH should be somewhere writable below the installation location, it won't hurt there, or in a temporary directory that is not prone to symlink attacks (i. e. that is not world writable). >How-To-Repeat: Update the FreeBSD -CURRENT base system as usual. >Fix: Patch /usr/src/Makefile.inc1 as follows: --- Makefile.inc1~ Wed Mar 10 22:10:11 2004 +++ Makefile.inc1 Thu Mar 11 00:35:58 2004 @@ -409,25 +409,28 @@ # installcheck: ${SPECIAL_INSTALLCHECKS} .if !defined(NO_SENDMAIL) - @if ! `id -u smmsp > /dev/null`; then \ + @if ! id -u smmsp > /dev/null; then \ echo "ERROR: Required smmsp user is missing, see /usr/src/UPDATING."; \ false; \ fi - @if ! `id -g smmsp > /dev/null`; then \ + @if ! grep '^smmsp:' /etc/group > /dev/null \ + && ! ypmatch smmsp group >/dev/null ; then \ echo "ERROR: Required smmsp group is missing, see /usr/src/UPDATING."; \ false; \ fi .endif .if !defined(NO_PF) - @if ! `id -u proxy > /dev/null`; then \ + @if ! id -u proxy > /dev/null; then \ echo "ERROR: Required proxy user is missing, see /usr/src/UPDATING."; \ false; \ fi - @if ! `id -g proxy > /dev/null`; then \ + @if ! grep '^proxy:' /etc/group > /dev/null \ + && ! ypmatch proxy group >/dev/null ; then \ echo "ERROR: Required proxy group is missing, see /usr/src/UPDATING."; \ false; \ fi - @if ! `id -g authpf > /dev/null`; then \ + @if ! grep '^authpf:' /etc/group > /dev/null \ + && ! ypmatch authpf group >/dev/null ; then \ echo "ERROR: Required authpf group is missing, see /usr/src/UPDATING."; \ false; \ fi --vkogqOf2sHV7VnPd--