From owner-freebsd-ports-bugs@FreeBSD.ORG Mon Jul 28 02:00:23 2003 Return-Path: Delivered-To: freebsd-ports-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5AC1E37B404 for ; Mon, 28 Jul 2003 02:00:23 -0700 (PDT) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2DBD843FBF for ; Mon, 28 Jul 2003 02:00:21 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.12.9/8.12.9) with ESMTP id h6S90LUp090648 for ; Mon, 28 Jul 2003 02:00:21 -0700 (PDT) (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.12.9/8.12.9/Submit) id h6S90Lx2090646; Mon, 28 Jul 2003 02:00:21 -0700 (PDT) Resent-Date: Mon, 28 Jul 2003 02:00:21 -0700 (PDT) Resent-Message-Id: <200307280900.h6S90Lx2090646@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-ports-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Volker Stolz Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B7C6F37B401 for ; Mon, 28 Jul 2003 01:52:11 -0700 (PDT) Received: from atlas.informatik.rwth-aachen.de (atlas.Informatik.RWTH-Aachen.DE [137.226.194.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id 385D543FD7 for ; Mon, 28 Jul 2003 01:52:10 -0700 (PDT) (envelope-from stolz@i2.informatik.rwth-aachen.de) Received: from menelaos.informatik.rwth-aachen.de (menelaos.Informatik.RWTH-Aachen.DE [137.226.194.73]) 8.11.1-0.5) with ESMTP id h6S8q8K32013 for ; Mon, 28 Jul 2003 10:52:08 +0200 Received: (from stolz@localhost)h6S8q9TC040021; Mon, 28 Jul 2003 10:52:09 +0200 (CEST) (envelope-from stolz) Message-Id: <200307280852.h6S8q9TC040021@menelaos.informatik.rwth-aachen.de> Date: Mon, 28 Jul 2003 10:52:09 +0200 (CEST) From: Volker Stolz To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Subject: ports/54970: emulators/linux_base Port Makefile "dangerous" for jails X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Volker Stolz List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 28 Jul 2003 09:00:23 -0000 >Number: 54970 >Category: ports >Synopsis: emulators/linux_base Port Makefile "dangerous" for jails >Confidential: no >Severity: serious >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Mon Jul 28 02:00:20 PDT 2003 >Closed-Date: >Last-Modified: >Originator: Volker Stolz >Release: FreeBSD 4.8-STABLE i386 >Organization: Lehrstuhl für Informatik II >Environment: System: FreeBSD menelaos.informatik.rwth-aachen.de 4.8-STABLE FreeBSD 4.8-STABLE #4: Tue Apr 29 11:28:13 CEST 2003 root@menelaos.informatik.rwth-aachen.de:/usr/obj/usr/src/sys/MENELAOS i386 >Description: The linux_base-port unconditionally unlinks the dev/null special device in /compat/linux before it tries to create a new one with 'mknod'. If you are doing this in a jail, you will not be able to create a new special device for dev/null inside the jail without manual intervention of the admin of the host providing the jail! This especially means that it is dangerous to try to upgrade linux_base port because you will have an incomplete installation or even none at all until the admin provides you with a new dev/null from outside the jail. Luckily, my hoster doesn't charge for this and is rather quick in responding to such queries, but for others, this might cause maintenance nightmares and even incur additional costs. >How-To-Repeat: Inside a jail, try installing or upgrading linux_base. It will fail at the point of invoking ${MKNOD}. >Fix: Several solutions come to mind. 1) Detect if running in jail and prompt a warning or skip the rm/mknod part, maybe check if the existing special device is usable. I'm not sure if it currently is possible to detect if you're running inside a jail (apart from some failing syscalls, that is). 2) Mark this port INTERACTIVE, prompt a warning and require a confirmation. 3) Don't remove the existing special device at all, but only create it when installing it for the first time. >Release-Note: >Audit-Trail: >Unformatted: