From owner-freebsd-hackers@FreeBSD.ORG Mon Jun 9 23:28:27 2014 Return-Path: Delivered-To: hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D1B7468E; Mon, 9 Jun 2014 23:28:27 +0000 (UTC) Received: from mail-qa0-x22f.google.com (mail-qa0-x22f.google.com [IPv6:2607:f8b0:400d:c00::22f]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 847052DE4; Mon, 9 Jun 2014 23:28:27 +0000 (UTC) Received: by mail-qa0-f47.google.com with SMTP id s7so8417005qap.20 for ; Mon, 09 Jun 2014 16:28:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=h6+RsMHz0TDJGidcm6GoCB79fxkycNWtryokTNGCWHI=; b=Amt3vKs/VyRm0Wo03vO8lfkcKeIT1EiDPKCpzw5UaL+WA1IKO1p0EOCNUy+vxR8pZq WOuVuC+1GPTUhp5wRASrwa+N38as+J/0gJC561VYACL/ZHfSZoOHajuPbdz6KDc7oM1B j3ym6aJSYqSxjzGUVh44uSK0xdw9Glrq0ElU/YbqrkyVaxAVD38iOjuLziCfUA6Oor4o afMzwZ2n0rdB2pqEeIj4oxXIqe+XZL+KbE/jDB/p8iz/xPMg9dZkYGdJ32yBb8NCKqHN L4MRTwp41ilMCYr5hddEsAqjgtzauC4Zyk3OTk2bOIQHvsau+HBUXEJR2g4aTIHFwqAL BIYQ== MIME-Version: 1.0 X-Received: by 10.224.16.200 with SMTP id p8mr13578503qaa.76.1402356506638; Mon, 09 Jun 2014 16:28:26 -0700 (PDT) Sender: adrian.chadd@gmail.com Received: by 10.224.43.134 with HTTP; Mon, 9 Jun 2014 16:28:26 -0700 (PDT) In-Reply-To: <25659df71b49c7b72b6f2d9a786c5ac9@shatow.net> References: <25659df71b49c7b72b6f2d9a786c5ac9@shatow.net> Date: Mon, 9 Jun 2014 19:28:26 -0400 X-Google-Sender-Auth: FCRCxgsOzmNTK1-nxcgxOistrZU Message-ID: Subject: Re: [RFC] Fixed installworld with noexec /tmp From: Adrian Chadd To: Bryan Drewery Content-Type: text/plain; charset=UTF-8 Cc: "freebsd-hackers@freebsd.org" X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 09 Jun 2014 23:28:28 -0000 Would this fix instances of people building world on a shared box? (ie, multiple different srcdir/objdir/destdir, but same /tmp?) -a On 9 June 2014 19:01, Bryan Drewery wrote: > I've always had my /tmp mounted as noexec. Despite how useless this > is, I and many others have had trouble with installworld due to it. > > You can see how frequent it occurs here: > https://www.google.com/#q=freebsd+installworld+noexec > > A simple workaround, which I only just discovered from PR 58117, is to set > TMPDIR > to somewhere that can exec. > > This patch fixes it by using the OBJDIR rather than the assumed /tmp or > TMPDIR. > > The purpose of the installworld code using INSTALLTMP is to use the > pre-install > binaries to do the install, rather than the newly built binaries. This is to > ensure > the binaries will run while system is in an inconsistent state with > libraries and > in case the kernel is not yet upgraded. My change adds continues to respect > that by > ensuring it uses the already-installed mkdir(1) and env(1) with full paths. > > http://people.freebsd.org/~bdrewery/patches/installworld-noexec.txt > > --- Makefile.inc1 > +++ Makefile.inc1 > @@ -191,7 +191,9 @@ TMPPATH= ${STRICTTMPPATH}:${PATH} > # when in the middle of installing over this system. > # > .if make(distributeworld) || make(installworld) > -INSTALLTMP!= /usr/bin/mktemp -d -u -t install > +INSTALLTMPDIR= ${OBJTREE}${.CURDIR}/itmp > +INSTALLTMP!= /bin/mkdir -p ${INSTALLTMPDIR} && /usr/bin/env \ > + TMPDIR=${INSTALLTMPDIR} /usr/bin/mktemp -d -u -t install > .endif > > # > @@ -833,7 +835,7 @@ distributeworld installworld: _installcheck_world > LOCAL_MTREE=${LOCAL_MTREE:Q} distrib-dirs > .endif > ${_+_}cd ${.CURDIR}; ${IMAKE} re${.TARGET:S/world$//}; \ > - ${IMAKEENV} rm -rf ${INSTALLTMP} > + ${IMAKEENV} rm -rf ${INSTALLTMPDIR} > .if make(distributeworld) > .for dist in ${EXTRA_DISTRIBUTIONS} > find ${DESTDIR}/${DISTDIR}/${dist} -mindepth 1 -empty -delete > > The only downside I see is that failures can leave the stale tmpdir in > the OBJDIR, which is why I remove the entire "itmp" dir once installworld > finally does succeed. > > -- > Regards, > Bryan Drewery > _______________________________________________ > freebsd-hackers@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-hackers > To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org"