From owner-freebsd-current@freebsd.org Tue Oct 27 08:17:07 2020 Return-Path: Delivered-To: freebsd-current@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 8121A442BC6 for ; Tue, 27 Oct 2020 08:17:07 +0000 (UTC) (envelope-from kozlov@ravenloft.kiev.ua) Received: from ravenloft.kiev.ua (ravenloft.kiev.ua [94.244.131.95]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4CL4LW1zkDz4TVh; Tue, 27 Oct 2020 08:17:07 +0000 (UTC) (envelope-from kozlov@ravenloft.kiev.ua) Date: Tue, 27 Oct 2020 09:17:05 +0100 From: Alex Kozlov To: Stefan Esser Cc: freebsd-current@freebsd.org Subject: Re: Literal references to /usr/local in shell scripts Message-ID: <20201027081705.GA28065@ravenloft.kiev.ua> References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Rspamd-Queue-Id: 4CL4LW1zkDz4TVh X-Spamd-Bar: ---- X-Spamd-Result: default: False [-4.00 / 15.00]; ASN(0.00)[asn:34743, ipnet:94.244.128.0/18, country:UA]; REPLY(-4.00)[] X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Oct 2020 08:17:07 -0000 On Mon, Oct 26, 2020 at 02:24:50PM +0100, Stefan Esser wrote: > The following shell scripts (or configuration files parsed by a > shell) contain literal references to /usr/local: > > libexec/rc/rc.conf # many variables > libexec/rc/rc.shutdown # PATH component > > sys/conf/newvers.sh # search for svnversion, git, hg > > usr.bin/man/man.sh # man_default_path, config_local > > usr.sbin/autofs/autofs/include_ldap # path to ldapsearch > usr.sbin/autofs/autofs/special_media # path to mount.exfat, ntfs-3g > usr.sbin/bsdconfig/bsdconfig # BSDCFG_LOCAL_LIBE > usr.sbin/certctl/certctl.sh # TRUSTPATH, BLACKLISTPATH > usr.sbin/crashinfo/crashinfo.sh # path to gdb > usr.sbin/periodic/periodic.conf # local_periodic variable > > On systems with non-default LOCALBASE these scripts need to be > adjusted. I've one 12.x system with PREFIX/LOCALBASE = /usr/pkg. This is what I'd to change: rc.conf: local_startup ldconfig_paths ldconfig_local_dirs, set $MANPATH, $PATH periodic.conf: local_periodic All these regressions needs to be fixed of course. Thanks for tacking this. > In the case of rc.shutdown, for example, shutdown routines will > not be executed for a LOCALBASE other then /usr/local. > > The rc.shutdown, autofs/*, certctl.sh, and crashinfo scripts will > be run with root privileges and must not use an untrusted LOCALBASE > value (but could refer to a sysctl variable). The same applies to > the periodic script that relies on the local_periodic variable set > in periodic.conf (but probably overridden in periodic.conf.local, > if required). > > rc.conf could use a $LOCALBASE variable instead of literal values > to construct paths to port/package provided files in order to not > require that each value is modified in the systems /etc/rc.conf > file - which will fail if new variables referring to /usr/local > are introduced in the default configuration). > > The list of shell scripts checked excludes those in contrib, release, tests, > and tools directories, since I think those will be used with > default LOCALBASE, in general. -- Alex