Date: Mon, 9 Jun 2014 18:52:35 -0500 From: Bryan Drewery <bdrewery@FreeBSD.org> To: Adrian Chadd <adrian@freebsd.org> Cc: "freebsd-hackers@freebsd.org" <hackers@freebsd.org> Subject: Re: [RFC] Fixed installworld with noexec /tmp Message-ID: <5F09C06B-7334-4501-8BF0-B99E6C74B8FA@FreeBSD.org> In-Reply-To: <CAJ-Vmo=AhqX7YZ2EjwrYtOzHYW6-mXO_3EN8n1ePVnYJb45PhQ@mail.gmail.com> References: <25659df71b49c7b72b6f2d9a786c5ac9@shatow.net> <CAJ-Vmo=AhqX7YZ2EjwrYtOzHYW6-mXO_3EN8n1ePVnYJb45PhQ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
I am not familiar with that problem. I don't think my fix would help that is= sue as it was already using mktemp(1) to get a random directory in /tmp. Sent from my iPhone > On Jun 9, 2014, at 18:28, Adrian Chadd <adrian@freebsd.org> wrote: >=20 > Would this fix instances of people building world on a shared box? >=20 > (ie, multiple different srcdir/objdir/destdir, but same /tmp?) >=20 >=20 > -a >=20 >=20 >> On 9 June 2014 19:01, Bryan Drewery <bdrewery@freebsd.org> wrote: >> I've always had my /tmp mounted as noexec. Despite how useless this >> is, I and many others have had trouble with installworld due to it. >>=20 >> You can see how frequent it occurs here: >> https://www.google.com/#q=3Dfreebsd+installworld+noexec >>=20 >> A simple workaround, which I only just discovered from PR 58117, is to se= t >> TMPDIR >> to somewhere that can exec. >>=20 >> This patch fixes it by using the OBJDIR rather than the assumed /tmp or >> TMPDIR. >>=20 >> The purpose of the installworld code using INSTALLTMP is to use the >> pre-install >> binaries to do the install, rather than the newly built binaries. This is= to >> ensure >> the binaries will run while system is in an inconsistent state with >> libraries and >> in case the kernel is not yet upgraded. My change adds continues to respe= ct >> that by >> ensuring it uses the already-installed mkdir(1) and env(1) with full path= s. >>=20 >> http://people.freebsd.org/~bdrewery/patches/installworld-noexec.txt >>=20 >> --- Makefile.inc1 >> +++ Makefile.inc1 >> @@ -191,7 +191,9 @@ TMPPATH=3D ${STRICTTMPPATH}:${PATH} >> # when in the middle of installing over this system. >> # >> .if make(distributeworld) || make(installworld) >> -INSTALLTMP!=3D /usr/bin/mktemp -d -u -t install >> +INSTALLTMPDIR=3D ${OBJTREE}${.CURDIR}/itmp >> +INSTALLTMP!=3D /bin/mkdir -p ${INSTALLTMPDIR} && /usr/bin/env \ >> + TMPDIR=3D${INSTALLTMPDIR} /usr/bin/mktemp -d -u -t instal= l >> .endif >>=20 >> # >> @@ -833,7 +835,7 @@ distributeworld installworld: _installcheck_world >> LOCAL_MTREE=3D${LOCAL_MTREE:Q} distrib-dirs >> .endif >> ${_+_}cd ${.CURDIR}; ${IMAKE} re${.TARGET:S/world$//}; \ >> - ${IMAKEENV} rm -rf ${INSTALLTMP} >> + ${IMAKEENV} rm -rf ${INSTALLTMPDIR} >> .if make(distributeworld) >> .for dist in ${EXTRA_DISTRIBUTIONS} >> find ${DESTDIR}/${DISTDIR}/${dist} -mindepth 1 -empty -delete >>=20 >> The only downside I see is that failures can leave the stale tmpdir in >> the OBJDIR, which is why I remove the entire "itmp" dir once installworld= >> finally does succeed. >>=20 >> -- >> Regards, >> Bryan Drewery >> _______________________________________________ >> freebsd-hackers@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-hackers >> To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org= "
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5F09C06B-7334-4501-8BF0-B99E6C74B8FA>