From owner-freebsd-jail@FreeBSD.ORG  Sun Oct  5 10:19:22 2008
Return-Path: <owner-freebsd-jail@FreeBSD.ORG>
Delivered-To: jail@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 56F0B1065697;
	Sun,  5 Oct 2008 10:19:22 +0000 (UTC)
	(envelope-from 000.fbsd@quip.cz)
Received: from elsa.codelab.cz (elsa.codelab.cz [91.103.162.4])
	by mx1.freebsd.org (Postfix) with ESMTP id D10C08FC14;
	Sun,  5 Oct 2008 10:19:21 +0000 (UTC)
	(envelope-from 000.fbsd@quip.cz)
Received: from localhost (localhost.codelab.cz [127.0.0.1])
	by elsa.codelab.cz (Postfix) with ESMTP id AA2EC19E023;
	Sun,  5 Oct 2008 12:03:02 +0200 (CEST)
Received: from [192.168.1.2] (r5bb235.net.upc.cz [86.49.61.235])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by elsa.codelab.cz (Postfix) with ESMTPSA id A22DB19E019;
	Sun,  5 Oct 2008 12:02:59 +0200 (CEST)
Message-ID: <48E890F5.70800@quip.cz>
Date: Sun, 05 Oct 2008 12:03:33 +0200
From: Miroslav Lachman <000.fbsd@quip.cz>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US;
	rv:1.7.12) Gecko/20050915
X-Accept-Language: cz, cs, en, en-us
MIME-Version: 1.0
To: Ian Smith <smithi@nimnet.asn.au>
References: <f1019d520810041135s509ef5f4tdf9be77b4a3d8df3@mail.gmail.com>	<48E7B80F.8040602@gmail.com>	<f1019d520810041140t6d6cdb42w94d9696448db406f@mail.gmail.com>	<f1019d520810041153p3f7d1058lcea5defdf4f44613@mail.gmail.com>	<f1019d520810041156o53cb86c3ua74da1a76cf7c11a@mail.gmail.com>	<18663.48601.45230.57747@almost.alerce.com>	<f1019d520810041204n276a7dabvd881dab396ac512e@mail.gmail.com>	<18663.49808.808955.271579@almost.alerce.com>	<f1019d520810041327u1cb710ebya0b9de9fa5eaea50@mail.gmail.com>
	<20081005154926.V49572@sola.nimnet.asn.au>
In-Reply-To: <20081005154926.V49572@sola.nimnet.asn.au>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Cc: jail@freebsd.org, questions@freebsd.org
Subject: Re: Problems moving my jails (mv: Operation not permitted)
X-BeenThere: freebsd-jail@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Discussion about FreeBSD jail\(8\)" <freebsd-jail.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-jail>,
	<mailto:freebsd-jail-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-jail>
List-Post: <mailto:freebsd-jail@freebsd.org>
List-Help: <mailto:freebsd-jail-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-jail>,
	<mailto:freebsd-jail-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 05 Oct 2008 10:19:22 -0000

Ian Smith wrote:

> On Sat, 4 Oct 2008, Redd Vinylene wrote:
>  > On Sat, Oct 4, 2008 at 9:22 PM, George Hartzell <hartzell@alerce.com> wrote:
>  > > Redd Vinylene writes:
>  > >  > On Sat, Oct 4, 2008 at 9:02 PM, George Hartzell <hartzell@alerce.com> wrote:
>  > >  > >
>  > >  > > If you do an ls -lo /home/jail/box/usr/bin/chpass, you'll probably see
>  > >  > > the schg flag set.  Man chflags for more info and instructions on how
>  > >  > > to unset it
>  > >  > >
>  > >  > > g.
>  > >  > >
>  > >  >
>  > >  > Yes:
>  > >  >
>  > >  > -r-sr-xr-x  6 root  wheel  schg 18468 Aug  2 19:47 /usr/jail/box/usr/bin/chpass
>  > >  >
>  > >  > So I'd simply have to "chflags noschg /usr/jail/box/usr/bin/chpass"
>  > >  > and then "cp /usr/jail/box/usr/bin/chpass
>  > >  > /home/jail/box/usr/bin/chpass"?
>  > >
>  > > I think that you ought to be able to cp it as is.  You're just not
>  > > allowed to change the original (e.g. remove it), which is why your mv
>  > > and rm failed.
>  > >
>  > > g.
>  > >
>  > 
>  > I've been told that changing flags might seriously mess things up. Is
>  > there any way to copy the remaining files from /usr/jail into
>  > /home/jail, or do I have to rebuild everything from scratch?
> 
> Having read the thread to date, I reckon you should:
> 
>  a) find(1) all schg files in your jails (was chpass the only one?)
>  b) clear the schg flag on any such found as above (-R if you like)
>  c) use mv as you originally intended (if they're still there :)
>  d) chflags schg on all files that were originally set that way.
> 
> If you do use cp instead of mv, make sure to use cp -p to preserve 
> each file's owner/group/permissions/datestamp.
> 
>  e) make sure any and all symlinks still point to the right file/s.
> 
> Personally I'd use cp -pR rather than mv in case I stuffed it up :) but 
> then being perhaps overcautious I'd have started off with a 'ls -lR 
> /usr/jail > listfile' (if I hadn't made a backup tar) to at least have a 
> full list of what was where, with what user/perms etc ..
> 
> Also read cp(1) re -R flag carefully .. if there are any hard linked 
> files, as there may well be, then using tar to move these would be 
> the safest bet anyway - plus you'd have a backup .. next time anyway :)
> 
> Since it just failed to mv some files, you shouldn't need to rebuild if 
> you can mv those files and reset their flags/permissions correctly.

Yes, there are hardlinks, so "the best" way to move all files with 
preserving flags, permissions, links etc is something like this:
    [copy jails by tar (or use cpio if you prefer)]
tar -cf - -C /usr/jail . | tar -xpf - -C /home/jail
    [remove flags from old jail files]
chflags -R noschg /usr/jail
    [remove old jail files]
rm -r /usr/jail

But it applies only in case before you use chflags -R noschg on original 
files (as you post earlier - now you do not have flags anymore)

Another way is to use getfacl/setfacl or mtree to get backup of original 
files permissions and restore them later.

Miroslav Lachman