Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 26 Sep 2001 11:20:04 +0400 (MSD)
From:      Yar Tikhiy <yar@snark.rinet.ru>
To:        FreeBSD-gnats-submit@freebsd.org
Subject:   bin/30837: Sysinstall doesn't set the schg flag on the sensitive files
Message-ID:  <200109260720.f8Q7K4l95116@snark.rinet.ru>
next in thread | raw e-mail | index | archive | help 

>Number:         30837
>Category:       bin
>Synopsis:       Sysinstall doesn't set the schg flag on the sensitive files
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Wed Sep 26 00:30:02 PDT 2001
>Closed-Date:
>Last-Modified:
>Originator:     Yar Tikhiy
>Release:        FreeBSD 4.4-RELEASE i386
>Organization:
NASH monthly magazine
>Environment:
System: FreeBSD xxxx.xxxx.ru 4.4-RELEASE FreeBSD 4.4-RELEASE #0: Tue Sep 18 11:57 :08 PDT 2001     murray@builder.FreeBSD.org:/usr/src/sys/compile/GENERIC  i386

>Description:
	After install or upgrade procedure, sysinstall leaves /kernel,
	/sbin/init, /usr/bin/libc.so.*, and the whole bunch of other
	sensitive files with the system-immutable flag unset.
	It is rather unexpected to those admins who usually install
	or upgrade the system from source.

>How-To-Repeat:
	Do a fresh install or an upgrade.  See /kernel, /sbin/init etc
	have no schg flag.

>Fix:
	There are at least three possible ways to deal with the problem:

	First, sysinstall(8) may be taught to set the schg flag on the files.
	However, that would require maintaining the list of sensitive
	files within the sysinstall configuration while the information
	is already contained in the corresponding Makefiles.

	Second, tar(1) may be modified to save and restore file flags.
	This solution is likely to cause compatibility problems, though.

	Third, the current sysinstall vs. make world behaviour may be
	documented - as I can see, it isn't yet.
>Release-Note:
>Audit-Trail:
>Unformatted:

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200109260720.f8Q7K4l95116>