Date: Thu, 20 Dec 2001 02:09:46 +0100 (CET) From: BOUWSMA Beery <freebsd-user@netscum.dyndns.dk> To: questions@freebsd.org Subject: mergemaster and zero-length files Message-ID: <200112200109.fBK19k200340@crotchety.newsbastards.org>
next in thread | raw e-mail | index | archive | help
[replies sent directly to me may timeout and bounce, since I'm not
online as often as I should be, but I'll check the list archives]
Mahlzeit
I tried installing FreeBSD-stable onto an empty disk from
source, which mostly went fine, using the -i -D options to
mergemaster to build the initial tree structure and install
needed config files, and then defining DESTDIR when doing
installworld/installkernel.
There were a few things missing -- as I just noted, /stand
and sysinstall looked different and needed a patch in order
to recognize DESTDIR, but more importantly, none of the
logfiles were created in /var/log. Syslogd wept.
I found the `distribution' target in src/etc/Makefile,
which looked like it should work, and then looked more
closely at mergemaster which seemed to be the only other
logical place to look (and the most likely candidate for
creating such files), and I found the lines
692 # Using -size +0 avoids uselessly checking the empty log files created
693 # by ${SOURCEDIR}/Makefile and the device entries in ./dev, but does
694 # check the scripts in ./dev, as we'd like (assuming no devfs of course
694 ).
695 #
696 for COMPFILE in `find . -type f -size +0`; do
Okay, hmmm. I don't quite understand how much of a problem
it is to check these zero-length files/devices, but it seems
to be needed when one doesn't have these files. Not only are
the files that syslogd needs included, but /etc/dumpdates and
/var/db/something. Not only is a new installation missing
all these files, but perhaps if some new logfile is needed by
syslog, then when this is added to the etc/Makefile, it will
not be added new to any system with this mergemaster.
So I thought of two options -- either make a special loop to
handle these null-length files, or see how it works if I get
rid of the `-size +0' and whether that creates problems later
when the zero-length logfile templates compare with data-rich
files.
Well, it worked -- I got my logfiles and dumpdates and so on,
and it didn't seem to create any problems at all.
So I suggest that somehow, the mergemaster script be changed
to `do the right thing' with zero-length files, whatever that
may be, particularly when they don't exist on the target.
Another thing that occurred to me -- mergemaster doesn't
seem to make note of changes in ownership/group or of the
permissions from the templates in temproot to the installed
files. For example, from looking at the temproot tree, I
could see that an earlier -stable installation had the slip
and ppp logfiles created readable for group `network' but
now only r00t has access.
Perhaps there should be an (optional?) loop in mergemaster
where it traverses the temproot tree and either spits out
warnings about files whose owner/group/permissions do not
match, or offers to change the installed versions, or
something. Seems that this could help to close possible
lingering security holes that would otherwise go unnoticed.
I dunno. Thoughts?
thanks
barry bouwsma
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200112200109.fBK19k200340>