From owner-dev-commits-src-branches@freebsd.org  Wed Feb 24 01:42:11 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 3B66E55BC75;
 Wed, 24 Feb 2021 01:42:11 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4DldvP2Kc1z3HF8;
 Wed, 24 Feb 2021 01:42:09 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4A55D238ED;
 Wed, 24 Feb 2021 01:42:08 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 11O1g8gg054518;
 Wed, 24 Feb 2021 01:42:08 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 11O1g8dm054517;
 Wed, 24 Feb 2021 01:42:08 GMT (envelope-from git)
Date: Wed, 24 Feb 2021 01:42:08 GMT
Message-Id: <202102240142.11O1g8dm054517@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: df378912ebc2 - releng/12.2 - MFC freebsd-update: unconditionally
 regenerate passwd/login.conf files
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/12.2
X-Git-Reftype: branch
X-Git-Commit: df378912ebc2fe2603fcbcedf72af9d7b0e94db7
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Feb 2021 01:42:11 -0000

The branch releng/12.2 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=df378912ebc2fe2603fcbcedf72af9d7b0e94db7

commit df378912ebc2fe2603fcbcedf72af9d7b0e94db7
Author:     Kyle Evans <kevans@FreeBSD.org>
AuthorDate: 2020-12-17 03:42:54 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2021-02-24 01:42:01 +0000

    MFC freebsd-update: unconditionally regenerate passwd/login.conf files
    
    The existing logic is nice in theory, but in practice freebsd-update will
    not preserve the timestamps on these files. When doing a major upgrade, e.g.
    from 12.1-RELEASE -> 12.2-RELEASE, pwd.mkdb et al. appear in the INDEX and
    we clobber the timestamp several times in the process of packaging up the
    existing system into /var/db/freebsd-update/files and extracting for
    comparisons. This leads to these files not getting regenerated when they're
    most likely to be needed.
    
    Measures could be taken to preserve timestamps, but it's unclear whether
    the complexity and overhead of doing so is really outweighed by the marginal
    benefit.
    
    I observed this issue when pkg subsequently failed to install a package that
    wanted to add a user, claiming that the user was removed in the process.
    bapt@ pointed to this pre-existing bug with freebsd-update as the cause.
    
    PR:             234014, 232921
    Approved by:    so
    Security:       FreeBSD-EN-21:08.freebsd-update
    
    (cherry picked from commit ebebc41e4cfe44b8e8fd881badf2fa2c4be65aa4)
    (cherry picked from commit 5cf1ba21eebaf89cf4d8639a18345dc49116d1d5)
---
 usr.sbin/freebsd-update/freebsd-update.sh | 14 +++-----------
 1 file changed, 3 insertions(+), 11 deletions(-)

diff --git a/usr.sbin/freebsd-update/freebsd-update.sh b/usr.sbin/freebsd-update/freebsd-update.sh
index ea85bb7c6831..004515bb8bf8 100644
--- a/usr.sbin/freebsd-update/freebsd-update.sh
+++ b/usr.sbin/freebsd-update/freebsd-update.sh
@@ -2949,17 +2949,9 @@ Kernel updates have been installed.  Please reboot and run
 			env DESTDIR=${BASEDIR} certctl rehash
 		fi
 
-		# Rebuild generated pwd files.
-		if [ ${BASEDIR}/etc/master.passwd -nt ${BASEDIR}/etc/spwd.db ] ||
-		    [ ${BASEDIR}/etc/master.passwd -nt ${BASEDIR}/etc/pwd.db ] ||
-		    [ ${BASEDIR}/etc/master.passwd -nt ${BASEDIR}/etc/passwd ]; then
-			pwd_mkdb -d ${BASEDIR}/etc -p ${BASEDIR}/etc/master.passwd
-		fi
-
-		# Rebuild /etc/login.conf.db if necessary.
-		if [ ${BASEDIR}/etc/login.conf -nt ${BASEDIR}/etc/login.conf.db ]; then
-			cap_mkdb ${BASEDIR}/etc/login.conf
-		fi
+		# Rebuild generated pwd files and /etc/login.conf.db.
+		pwd_mkdb -d ${BASEDIR}/etc -p ${BASEDIR}/etc/master.passwd
+		cap_mkdb ${BASEDIR}/etc/login.conf
 
 		# Rebuild man page databases, if necessary.
 		for D in /usr/share/man /usr/share/openssl/man; do