From owner-freebsd-stable@freebsd.org Fri Jun 16 13:22:30 2017 Return-Path: Delivered-To: freebsd-stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 36949C08ACD for ; Fri, 16 Jun 2017 13:22:30 +0000 (UTC) (envelope-from karl@denninger.net) Received: from colo1.denninger.net (colo1.denninger.net [67.205.158.196]) by mx1.freebsd.org (Postfix) with ESMTP id 0BB817ED91 for ; Fri, 16 Jun 2017 13:22:29 +0000 (UTC) (envelope-from karl@denninger.net) Received: from denninger.net (ip68-1-57-197.pn.at.cox.net [68.1.57.197]) by colo1.denninger.net (Postfix) with ESMTP id 66AB927336 for ; Fri, 16 Jun 2017 09:22:00 -0400 (EDT) Received: from [192.168.10.20] (D10.Denninger.Net [192.168.10.20]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by denninger.net (Postfix) with ESMTPSA id 865CA3935 for ; Fri, 16 Jun 2017 08:21:58 -0500 (CDT) Subject: Re: Interesting permissions difference on NanoBSD build To: freebsd-stable@freebsd.org References: <1387791f-fe22-08d7-2048-26bd95eab451@madpilot.net> From: Karl Denninger Message-ID: <0561597d-4b24-f68e-33a8-d0902e7696da@denninger.net> Date: Fri, 16 Jun 2017 08:21:56 -0500 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.2.0 MIME-Version: 1.0 In-Reply-To: <1387791f-fe22-08d7-2048-26bd95eab451@madpilot.net> Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha-512; boundary="------------ms020903020300030706080704" X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 16 Jun 2017 13:22:30 -0000 This is a cryptographically signed message in MIME format. --------------ms020903020300030706080704 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable On 6/16/2017 07:52, Guido Falsi wrote: > On 06/16/17 14:25, Karl Denninger wrote: >> I've recently started playing with the "base" NanoBSD scripts and have= >> run into an interesting issue. > [...] >> Note the missing "r" bit for "other" in usr and etc directories -- and= >> the missing "x" bit (at minimum) for the root! The same is carried do= wn >> to "local" under usr: >> >> root@NewFS:/pics/Crochet-work-AMD/obj/_.w # ls -al usr >> total 134 >> drwxr-x--x 12 root wheel 12 Jun 15 17:10 . >> drwxr-x--- 18 root wheel 24 Jun 15 17:10 .. >> drwxr-xr-x 2 root wheel 497 Jun 15 17:09 bin >> drwxr-xr-x 52 root wheel 327 Jun 15 17:10 include >> drwxr-xr-x 8 root wheel 655 Jun 15 17:10 lib >> drwxr-xr-x 4 root wheel 670 Jun 15 17:09 lib32 >> drwxr-xr-x 5 root wheel 5 Jun 15 17:10 libdata >> drwxr-xr-x 7 root wheel 70 Jun 15 17:10 libexec >> drwxr-x--x 10 root wheel 11 Jun 15 17:10 local >> drwxr-xr-x 2 root wheel 294 Jun 15 17:08 sbin >> drwxr-xr-x 31 root wheel 31 Jun 15 17:10 share >> drwxr-xr-x 14 root wheel 17 Jun 15 17:10 tests >> root@NewFS:/pics/Crochet-work-AMD/obj/_.w # > I have no idea why this is happening on your system but I'm not > observing it here: > >> ls -al usr > total 85 > drwxr-xr-x 9 root wheel 9 Jun 15 13:32 . > drwxr-xr-x 22 root wheel 29 Jun 15 13:32 .. > drwxr-xr-x 2 root wheel 359 Jun 15 13:32 bin > drwxr-xr-x 4 root wheel 446 Jun 15 13:32 lib > drwxr-xr-x 3 root wheel 3 Jun 15 13:32 libdata > drwxr-xr-x 5 root wheel 47 Jun 15 13:32 libexec > drwxr-xr-x 12 root wheel 13 Jun 15 13:32 local > drwxr-xr-x 2 root wheel 218 Jun 15 13:32 sbin > drwxr-xr-x 17 root wheel 17 Jun 15 13:32 share > > > and I get (almost) the same on the installed nanobsd system: >> ls -al usr > total 24 > drwxr-xr-x 9 root wheel 512 Jun 15 13:32 . > drwxr-xr-x 23 root wheel 512 Jun 15 13:34 .. > drwxr-xr-x 2 root wheel 6144 Jun 15 13:32 bin > drwxr-xr-x 4 root wheel 10752 Jun 15 13:32 lib > drwxr-xr-x 3 root wheel 512 Jun 15 13:32 libdata > drwxr-xr-x 5 root wheel 1024 Jun 15 13:32 libexec > drwxr-xr-x 12 root wheel 512 Jun 15 13:32 local > drwxr-xr-x 2 root wheel 4096 Jun 15 13:32 sbin > drwxr-xr-x 17 root wheel 512 Jun 15 13:32 share > > The machine I'm building the NanoBSD image on is running head r318959, > and is running ZFS, while the NanoBSD system I've built is tracking > 11-STABLE and is at r319971 at present, so a BETA1. > > Could you report version information too? maybe it's a problem present > on head NanoBSD scripts? FreeBSD 11.0-STABLE #15 r312669M: Mon Jan 23 14:01:03 CST 2017 =20 karl@NewFS.denninger.net:/usr/obj/usr/src/sys/KSD-SMP I also build using Crochet against both /usr/src (my "primary" source repo, which is on the rev noted here) and against a second one (-HEAD), which I need to use for the RPI3. Neither winds up with this sort of permission issue. The obj directory is on /pics/Crochet-Work-AMD, which is a zfs filesystem mounted off a "scratch" SSD. The problem appears to stem from the creation of "_.w" and since directory permissions are "normally" inherited it promulgates from there unless an explicit permission set occurs. Yet I see nothing that would create the world directory with anything other than the umask at the time it runs. I *am* running this from "batch" -- perhaps that's where the problem is coming from? I'll try adding a "umask 022" to the nanobsd.sh script at the top and see what that does. --=20 Karl Denninger karl@denninger.net /The Market Ticker/ /[S/MIME encrypted email preferred]/ --------------ms020903020300030706080704 Content-Type: application/pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Description: S/MIME Cryptographic Signature MIAGCSqGSIb3DQEHAqCAMIACAQExDzANBglghkgBZQMEAgMFADCABgkqhkiG9w0BBwEAAKCC BlwwggZYMIIEQKADAgECAgE9MA0GCSqGSIb3DQEBCwUAMIGQMQswCQYDVQQGEwJVUzEQMA4G A1UECBMHRmxvcmlkYTESMBAGA1UEBxMJTmljZXZpbGxlMRkwFwYDVQQKExBDdWRhIFN5c3Rl bXMgTExDMRwwGgYDVQQDExNDdWRhIFN5c3RlbXMgTExDIENBMSIwIAYJKoZIhvcNAQkBFhND dWRhIFN5c3RlbXMgTExDIENBMB4XDTE2MTIxODE5NDUzNVoXDTIxMTIxNzE5NDUzNVowVzEL MAkGA1UEBhMCVVMxEDAOBgNVBAgTB0Zsb3JpZGExGTAXBgNVBAoTEEN1ZGEgU3lzdGVtcyBM TEMxGzAZBgNVBAMUEmthcmxAZGVubmluZ2VyLm5ldDCCAiIwDQYJKoZIhvcNAQEBBQADggIP ADCCAgoCggIBAM2N5maxs7NkoY9g5NMxFWll0TYiO7gXrGZTo3q25ZJgNdPMwrntLz/5ewE9 07TEbwJ3ah/Ep9BfZm7JF9vTtE1HkgKtXNKi0pawNGm1Yn26Dz5AbUr1byby6dFtDJr14E07 trzDCtRRvTkOVSBj6PQPal0fAnDtkIYQBVcuMkXkuMCtyfE95pjm8g4K9l7lAcKii3T1/3rE hCc1o2nBnb7EN1/XwBeCDGB+I2SN/ftZDbKQqGAF5q9dUn+iXU7Z/CVSfUWmhVh6cVZA4Ftv TglUqj410OuPx+cUQch3h1kFgsuhQR63HiJc3HbRJllHsV0rihvL1CjeARQkhnA6uY9NLFST p5I/PfzBzW2MSmtN/tGZvmfKKnmtbfUNgkzbIR1K3lsum+yEL71kB93Xtz/4f1demEx5c8TJ RBIniDHjDeLGK1aoBu8nfnvXAvgthFNTWBOEoR49AHEPjC3kZj0l8JQml1Y8bTQD5gtC5txl klO60WV0EufU7Hy9CmynMuFtjiA2v71pm097rXeCdrAKgisdYeEESB+SFrlY65rLiLv4n8o1 PX7DqRfqKkOYIakZ0ug/yHVKcq2EM3RiJxwzls5gT70CoOBlKbrC98O8TA6teON0Jq30M06t NTI2HhvNbJDLbBH+Awf4h1UKB+0ufENwjVvF5Jfz8Ww/FaSDAgMBAAGjgfQwgfEwNwYIKwYB BQUHAQEEKzApMCcGCCsGAQUFBzABhhtodHRwOi8vY3VkYXN5c3RlbXMubmV0Ojg4ODgwCQYD VR0TBAIwADARBglghkgBhvhCAQEEBAMCBaAwCwYDVR0PBAQDAgXgMCwGCWCGSAGG+EIBDQQf Fh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUpfAI3y+751pp9A0w 6vJHx8RoR/MwHwYDVR0jBBgwFoAUJHGbnYV9/N3dvbDKkpQDofrTbTUwHQYDVR0RBBYwFIES a2FybEBkZW5uaW5nZXIubmV0MA0GCSqGSIb3DQEBCwUAA4ICAQBiB6MlugxYJdccD8boZ/u8 d8VxmLkJCtbfyYHRjYdyoABLW5hE3k3xSpYCM9L7vzWyV/UWwDYKi4ZzxHo4g+jG/GQZfKhx v38BQjL2G9xD0Hn2d+cygOq3UPjVYlbbfQoew6JbyCFXrrZ7/0jvRMLAN2+bRC7ynaFUixPH Whnj9JSH7ieYdzak8KN+G2coIC2t2iyfXVKehzi5gdNQ0vJ7+ypbGsRm4gE8Mdo9N/WgFPvZ HPFqR9Dwas7Z+aHwOabpk5r/336SyjOaZsn3MqKJQZL6GqDKusVOCWt+9uFAD8kadg7FetZe atIoD9I+zbp59oVoMnkMDMx7Hi85faU03csusqMGsjSsAzWSI1N8PJytZlchLiykokLKc3OL G87QKlErotlou7cfPX2BbEAH5wmkj9oiqZhxIL/wwAUA+PkiTbEmksKBNompSjUq/6UsR8EA s74gnu17lmijv8mrg2qMlwRirE7qG8pnE8egLtCDxcjd0Of9WMi2NJskn0/ovC7P+J60Napl m3ZIgPJst1piYSE0Zc1FIat4fFphMfK5v4iLblo1tFSlkdx1UNDGdg/U+LaXkNVXlMp8fyPm R80V6cIrCAlEWnBJNxG1UyfbbsvNMCCZBM4faGGsR/hhQOiydlruxhjL6P8J2WV8p11DdeGx KymWoil2s1J5WTGCBRMwggUPAgEBMIGWMIGQMQswCQYDVQQGEwJVUzEQMA4GA1UECBMHRmxv cmlkYTESMBAGA1UEBxMJTmljZXZpbGxlMRkwFwYDVQQKExBDdWRhIFN5c3RlbXMgTExDMRww GgYDVQQDExNDdWRhIFN5c3RlbXMgTExDIENBMSIwIAYJKoZIhvcNAQkBFhNDdWRhIFN5c3Rl bXMgTExDIENBAgE9MA0GCWCGSAFlAwQCAwUAoIICTTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcN AQcBMBwGCSqGSIb3DQEJBTEPFw0xNzA2MTYxMzIxNTZaME8GCSqGSIb3DQEJBDFCBEBridWr ZWPoHfmEqYZzeNMmROI7v5bgbqoX7ypSy3CsizJMpPUGjlS+Pa80ROnUeujoY9hKtKdmzqjB GyL6s+X3MGwGCSqGSIb3DQEJDzFfMF0wCwYJYIZIAWUDBAEqMAsGCWCGSAFlAwQBAjAKBggq hkiG9w0DBzAOBggqhkiG9w0DAgICAIAwDQYIKoZIhvcNAwICAUAwBwYFKw4DAgcwDQYIKoZI hvcNAwICASgwgacGCSsGAQQBgjcQBDGBmTCBljCBkDELMAkGA1UEBhMCVVMxEDAOBgNVBAgT B0Zsb3JpZGExEjAQBgNVBAcTCU5pY2V2aWxsZTEZMBcGA1UEChMQQ3VkYSBTeXN0ZW1zIExM QzEcMBoGA1UEAxMTQ3VkYSBTeXN0ZW1zIExMQyBDQTEiMCAGCSqGSIb3DQEJARYTQ3VkYSBT eXN0ZW1zIExMQyBDQQIBPTCBqQYLKoZIhvcNAQkQAgsxgZmggZYwgZAxCzAJBgNVBAYTAlVT MRAwDgYDVQQIEwdGbG9yaWRhMRIwEAYDVQQHEwlOaWNldmlsbGUxGTAXBgNVBAoTEEN1ZGEg U3lzdGVtcyBMTEMxHDAaBgNVBAMTE0N1ZGEgU3lzdGVtcyBMTEMgQ0ExIjAgBgkqhkiG9w0B CQEWE0N1ZGEgU3lzdGVtcyBMTEMgQ0ECAT0wDQYJKoZIhvcNAQEBBQAEggIAiEvY5knWoB4q BGe6crK4AaDWRvbIbLunWZ6LiG5BDiYGQl8qKej43K9GIJptfp0xnkwjudkDeROimcIFh/BV EYTAOd/q2JTGrXPfKkiJOM83V/tO47+CWBRY+wfddnChcy13zOKj2HHAZxM32+5I92eqwAVT kueih/XKGJyA+nL6TVJW/zkTBQIMqaLpORkbLb6W6U9u+fu7Dm0ET0p+idepGeiW8JxLAzM8 FmH68qJEWipuu+sbcKo4APsWaI5sF7YEaitssPSoZmFuNhC1IzIr23cp0zviaboTb6DQvXim mXC3JsdKDQLMuzbll0UIa0K/Up/8X62oNQiLJmPZ1ttH58Dlb7R2qBCDD4ZbGvEJYbDW3l3h J+otFUBueT0hdyy2rM2j/o5XGuhv9sqIHYzwrCUPD6gesCMHrIzHbQyOB4+2Y+BkY+FkMnhK cqMRESbNWijyHG967gh9nUz9OFzb7IkSmj/AmhatumDUmEWFGAgGhXnPlVRnQbXfK+4Kb13D bHAP/l3yjhaJMpqCIsLn//tGDxlfWamclJU2LUbCzf/jaS79Olqhp2H+uKecvgFZpBAYubK+ ZPORNvfwZECb13Zwq49cXovnmQ8dt3nTFwECG7AItdlJhL6RIlIVPSVCy4dO+7T3+vKuRH/Q cDqVJ3I/TKpOG3tD3GciovAAAAAAAAA= --------------ms020903020300030706080704--