From owner-freebsd-arch@freebsd.org  Wed Sep 16 23:09:25 2020
Return-Path: <owner-freebsd-arch@freebsd.org>
Delivered-To: freebsd-arch@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id A4FC63F4540
 for <freebsd-arch@mailman.nyi.freebsd.org>;
 Wed, 16 Sep 2020 23:09:25 +0000 (UTC)
 (envelope-from jmg@gold.funkthat.com)
Received: from gold.funkthat.com (gate2.funkthat.com [208.87.223.18])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "gate2.funkthat.com",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4BsG510JMzz4QZ4;
 Wed, 16 Sep 2020 23:09:24 +0000 (UTC)
 (envelope-from jmg@gold.funkthat.com)
Received: from gold.funkthat.com (localhost [127.0.0.1])
 by gold.funkthat.com (8.15.2/8.15.2) with ESMTPS id 08GN9MtX065604
 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO);
 Wed, 16 Sep 2020 16:09:22 -0700 (PDT)
 (envelope-from jmg@gold.funkthat.com)
Received: (from jmg@localhost)
 by gold.funkthat.com (8.15.2/8.15.2/Submit) id 08GN9MRM065603;
 Wed, 16 Sep 2020 16:09:22 -0700 (PDT) (envelope-from jmg)
Date: Wed, 16 Sep 2020 16:09:22 -0700
From: John-Mark Gurney <jmg@funkthat.com>
To: Brooks Davis <brooks@freebsd.org>
Cc: freebsd-arch@freebsd.org
Subject: Re: Appropriate path for mount/fsck sub-programs?
Message-ID: <20200916230922.GT4213@funkthat.com>
Mail-Followup-To: Brooks Davis <brooks@freebsd.org>, freebsd-arch@freebsd.org
References: <20200916204214.GA87473@spindle.one-eyed-alien.net>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512;
 protocol="application/pgp-signature"; boundary="lPld9KzQhYxXHcUh"
Content-Disposition: inline
In-Reply-To: <20200916204214.GA87473@spindle.one-eyed-alien.net>
X-Operating-System: FreeBSD 11.3-STABLE amd64
X-PGP-Fingerprint: D87A 235F FB71 1F3F 55B7  ED9B D5FF 5A51 C0AC 3D65
X-Files: The truth is out there
X-URL: https://www.funkthat.com/
X-Resume: https://www.funkthat.com/~jmg/resume.html
X-TipJar: bitcoin:13Qmb6AeTgQecazTWph4XasEsP7nGRbAPE
X-to-the-FBI-CIA-and-NSA: HI! HOW YA DOIN? can i haz chizburger?
User-Agent: Mutt/1.6.1 (2016-04-27)
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.4.3
 (gold.funkthat.com [127.0.0.1]); Wed, 16 Sep 2020 16:09:22 -0700 (PDT)
X-Rspamd-Queue-Id: 4BsG510JMzz4QZ4
X-Spamd-Bar: -
Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none;
 spf=none (mx1.freebsd.org: domain of jmg@gold.funkthat.com has no SPF policy
 when checking 208.87.223.18) smtp.mailfrom=jmg@gold.funkthat.com
X-Spamd-Result: default: False [-1.80 / 15.00]; SUBJECT_ENDS_QUESTION(1.00)[];
 ARC_NA(0.00)[]; FREEFALL_USER(0.00)[jmg]; FROM_HAS_DN(0.00)[];
 TO_DN_SOME(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[];
 RCVD_TLS_ALL(0.00)[];
 MIME_GOOD(-0.20)[multipart/signed,text/plain];
 DMARC_NA(0.00)[funkthat.com]; AUTH_NA(1.00)[];
 MID_RHS_MATCH_FROM(0.00)[]; NEURAL_HAM_LONG(-0.98)[-0.978];
 NEURAL_HAM_MEDIUM(-0.96)[-0.964];
 NEURAL_SPAM_SHORT(0.05)[0.046]; RCPT_COUNT_TWO(0.00)[2];
 SIGNED_PGP(-2.00)[];
 FORGED_SENDER(0.30)[jmg@funkthat.com,jmg@gold.funkthat.com];
 R_SPF_NA(0.00)[no SPF record]; R_DKIM_NA(0.00)[];
 MIME_TRACE(0.00)[0:+,1:+,2:~];
 ASN(0.00)[asn:32354, ipnet:208.87.216.0/21, country:US];
 FROM_NEQ_ENVFROM(0.00)[jmg@funkthat.com,jmg@gold.funkthat.com];
 MAILMAN_DEST(0.00)[freebsd-arch]; RCVD_COUNT_TWO(0.00)[2]
X-BeenThere: freebsd-arch@freebsd.org
X-Mailman-Version: 2.1.33
Precedence: list
List-Id: Discussion related to FreeBSD architecture <freebsd-arch.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-arch>,
 <mailto:freebsd-arch-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-arch/>
List-Post: <mailto:freebsd-arch@freebsd.org>
List-Help: <mailto:freebsd-arch-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-arch>,
 <mailto:freebsd-arch-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Sep 2020 23:09:25 -0000


--lPld9KzQhYxXHcUh
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Brooks Davis wrote this message on Wed, Sep 16, 2020 at 20:42 +0000:
> The mount and fsck commands have the ability to exec a mount_<fs> or
> fsck_<fs> program to do the actual work.  Currently they do this with:
>=20
> execvP(execname, _PATH_SYSPATH, argv);
>=20
> Where _PATH_SYSPATH is "/sbin:/usr/sbin" unless RESCUE is defined in
> which case it's "/rescue:/sbin:/usr/sbin".  This isn't very friendly to
> filesystems in ports and results in things like sysutils/e2fsprogs
> adding a link to /sbin.  I think the path should be expanded to include
> /usr/local/sbin at a minimum.  If it wasn't for the /rescue hack I'd be
> tempted to suggest just switching to `execvp` and using PATH.
> I see a few options (semi-sorted by level of change):
>=20
> 0) Do nothing
> 1a) Add /usr/local/sbin to _PATH_SYSPATH (it's only used in mount and
>    fsck).
> 1b) The same, but a new variable.
> 2) Switch to _PATH_DEFPATH (that also add .../bin directories).
> 3) Use PATH, optionally prepending /rescue
> 4) Use exevp and teach crunched_main.c to prepend /rescue to PATH.
>=20
> I'd like opinions on what people think makes sense here.  I think (0)
> aligns poorly with current project directions, but how far to go is a
> question to answer before implementing something.

Since it's only used by fsck and mount, I'm firmly in the 1a camp..

This means that mount_* programs can be located in /usr/local/sbin as
well, which seems to complete this change...

2 would make fsck_* programs "visible" when ports don't do the correct
thing, which 1b helps prevent.

3 and 4 are dangerous to me, as it not everyone keeps . out of their
path, and might be tricked into running a bad binary..

--=20
  John-Mark Gurney				Voice: +1 415 225 5579

     "All that I will do, has been done, All that I have, has not."

--lPld9KzQhYxXHcUh
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQJ8BAEBCgBmBQJfYpshXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MEI1RTRGMTNDNzYyMDZDNjEyMDBCNjAy
MDVGMEIzM0REMDA2QURBAAoJECBfCzPdAGrar4EQALPjd7kpSYJUKSAwrymNG/C+
TVpYpMZBn3o8iHPMuhygJ9Pf1OuJCis3VvlE1SeEPv9K83Qs19LaNLRHyrdim/1u
OFR1f/7pI8XkwKpFbIktDBjvirEnReO+jJG9R5vPrT2GNQO21Ygx8s28ggn01H7K
SHze2dmDJUZ9dXSK04WnlmQ4kgK6CyQUKfdc9QVr+DM3JuVd6JBx8b+U4j95Nl2O
IVsr5aOMwTEWoneNAIKSi8oap4J0jaGH22kjGSwBc4nu0lr+sGVoBWvwmXPTeuaC
IkvU55axQDE+6qSvk9XnGFGTV7grrRJgs8vFDGUYz304X8ojoLB33WwGHhcf4EU0
aaG2Hl826M7JT544pGpbfqyUuy8dURsxz1sqAiNrcn5dOLwwILwu2JgrdosKhcKp
Ry26JJ7cA3Ai6H9fAGmo6xu/6XuHm2DACatSslWmjz3f7trgNWIbf8EV/r1MW0/H
Lng8KKJf58PZLZIu4BTUUn5bgQZuMLYsdz2Z1JJsGzU/eXvOmAqEE65UEEuTIMkk
0jORI3uIqtN7nFwBN1Ur8xRby9JJA7Mxsqdqv7UccFi5fPL4YifmvYeGlFjCQCk/
m4iVgTd0RIoYZzBeC1QqeZS5OakOAFUMFtD+umoXOf1wGPlUfVI9am3eFWzQ+HHr
XnB7DUs/qPa8Wj/5HdAS
=COpR
-----END PGP SIGNATURE-----

--lPld9KzQhYxXHcUh--