From owner-freebsd-current@FreeBSD.ORG Sat Aug 8 00:03:01 2009 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id EE423106564A for ; Sat, 8 Aug 2009 00:03:01 +0000 (UTC) (envelope-from mel.flynn+fbsd.current@mailing.thruhere.net) Received: from mailhub.rachie.is-a-geek.net (rachie.is-a-geek.net [66.230.99.27]) by mx1.freebsd.org (Postfix) with ESMTP id B1A328FC16 for ; Sat, 8 Aug 2009 00:03:01 +0000 (UTC) Received: from smoochies.rachie.is-a-geek.net (mailhub.lan.rachie.is-a-geek.net [192.168.2.11]) by mailhub.rachie.is-a-geek.net (Postfix) with ESMTP id A94A77E818; Fri, 7 Aug 2009 16:03:00 -0800 (AKDT) From: Mel Flynn To: freebsd-current@freebsd.org Date: Fri, 7 Aug 2009 16:02:59 -0800 User-Agent: KMail/1.11.4 (FreeBSD/8.0-BETA2; KDE/4.2.4; i386; ; ) References: <4A7C7220.2090309@mykitchentable.net> <20090807190350.GO1292@hoeg.nl> <20090807191454.GP1292@hoeg.nl> In-Reply-To: <20090807191454.GP1292@hoeg.nl> MIME-Version: 1.0 Content-Type: Multipart/Mixed; boundary="Boundary-00=_zCMfKTGzASiM7qP" Message-Id: <200908071602.59676.mel.flynn+fbsd.current@mailing.thruhere.net> Cc: Chris Ruiz , Ed Schouten Subject: Fixing install (Was: Re: [Fwd: How To Recover From Missing /lib/libc.so.7?]) X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 08 Aug 2009 00:03:02 -0000 --Boundary-00=_zCMfKTGzASiM7qP Content-Type: text/plain; charset="iso-8859-6" Content-Transfer-Encoding: 7bit Content-Disposition: inline On Friday 07 August 2009 11:14:54 Ed Schouten wrote: > * Ed Schouten wrote: > > * Chris Ruiz wrote: > > > You must specify NO_FSCHG= when you installworld on an unupgraded ZFS > > > filesystem, otherwise you will lose libc.so.7! I'll spare you the > > > details on why this happens. > > > > Which is because our install(1) is stupid enough to delete the resulting > > binary if it can't add the schg flag. We should really change this > > behaviour. > > It looks like there are actually two bugs: > > - install(1) does check for EOPNOTSUPP, while ZFS seems to return > EINVAL. This is probably a ZFS bug. > - Inside jails, (un)setting schg is not permitted and returns EPERM. We > should change the VFS to return EOPNOTSUPP or install(1) to allow > EPERM as well. > > It's a bit late, but I think it would be nice to have this fixed before > 8.0. Perhaps the second case only if jailed? EPERM is also given when the running user doesn't have permission and I'd rather have things bail out sooner then later. Patch attached for this. -- Mel --Boundary-00=_zCMfKTGzASiM7qP Content-Type: text/plain; charset="ISO-8859-1"; name="xinstall.patch.txt" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="xinstall.patch.txt" Index: usr.bin/xinstall/xinstall.c =================================================================== --- usr.bin/xinstall/xinstall.c (revision 196085) +++ usr.bin/xinstall/xinstall.c (working copy) @@ -47,6 +47,8 @@ __FBSDID("$FreeBSD$"); #include +#include +#include #include #include #include @@ -83,6 +85,7 @@ gid_t gid; uid_t uid; int dobackup, docompare, dodir, dopreserve, dostrip, nommap, safecopy, verbose; +int is_jailed; mode_t mode = S_IRWXU | S_IRGRP | S_IXGRP | S_IROTH | S_IXOTH; const char *suffix = BACKUP_SUFFIX; @@ -106,9 +109,11 @@ int ch, no_target; u_int iflags; char *flags; + size_t len = sizeof(int); const char *group, *owner, *to_name; iflags = 0; + is_jailed = 0; group = owner = NULL; while ((ch = getopt(argc, argv, "B:bCcdf:g:Mm:o:pSsv")) != -1) switch((char)ch) { @@ -242,6 +247,11 @@ errx(EX_USAGE, "%s and %s are the same file", *argv, to_name); } + if( sysctlbyname("security.jail.jailed", (void *)&is_jailed, + &len, NULL, 0) == -1 ) { + warn("Unable to get security.jail.jailed, assuming unjailed"); + is_jailed = 0; + } install(*argv, to_name, fset, iflags); exit(EX_OK); /* NOTREACHED */ @@ -506,6 +516,8 @@ if (flags & SETFLAGS) { if (errno == EOPNOTSUPP) warn("%s: chflags", to_name); + else if( errno == EPERM && is_jailed ) + warn("%s: chflags", to_name); else { serrno = errno; (void)unlink(to_name); --Boundary-00=_zCMfKTGzASiM7qP--