From owner-freebsd-hackers@FreeBSD.ORG Mon Jun 16 11:25:30 2014 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 48121F8A; Mon, 16 Jun 2014 11:25:30 +0000 (UTC) Received: from mail.feld.me (mail.feld.me [66.170.3.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail.feld.me", Issuer "Gandi Standard SSL CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id DC20D2533; Mon, 16 Jun 2014 11:25:29 +0000 (UTC) Received: from mail.feld.me (mail.feld.me [66.170.3.6]); by mail.feld.me (OpenSMTPD) with ESMTP id c6f88dcc; Mon, 16 Jun 2014 06:18:48 -0500 (CDT) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=feld.me; h=mime-version :content-type:date:from:to:cc:subject:in-reply-to:references :message-id:sender; s=blargle2; bh=96AFouek2GNifbjDzkH+W7obU0I=; b= iHOqASV3w8Il0Lp4zx+dfWkFTKX285OooAcFiRP7iRFZRaVStRt+XL5gu3IqTLvb i4iOBtZYFOMcp1oHKO2dD1taLqetRSO5FYO7dVepTZasA7K3YM09BO3C0ZQx0wjg 0eXZKFOwGWmKnODwyTog709Q9PyzS5CHvoAg/ajERzi9v/U7ymPwyq8mdO7PmcFN sELg+B1hWTFlxBpIE0nU5cL+NpigA8jV0N9Q/A98kRxNcFlTwngDA4/Hxks1u8or 5d6tNfxxk2FD9IwTZN3IVsMcXVRSJo5fTY8y676tgpZJjmYf1NDFrZdFy1TVifBx pl0aa+jGo01wFS2sbzlEiQ== DomainKey-Signature: a=rsa-sha1; c=nofws; d=feld.me; h=mime-version :content-type:date:from:to:cc:subject:in-reply-to:references :message-id:sender; q=dns; s=blargle2; b=yVHeh0lBn16pI4NkNUaKQDg +HiX+dKNZxnqrdzMlrl84mjtC6xbS/31HXsttGUkctFeMQSwos/XW/XytrpLCgZO WeMz1yLQ57gez+g5MGheLzKehf0Hlg6nXmlKg2qqSoBi3WFyw1+d7mCCTw1m21m2 UbPkwxL1wGpwsaFtNwAV2n2AASJ5r9gtqVC5HftwlgrK61YZbQQFO9PLJR/SuK+h sfa9GaP0l3FiqtQ+w16Kb/qPcnPeFPa988tRvONK7KU5ysXEzOJqIQMZpYlcpacG zPjygehfCt1PPbxws+5gEupQPr1J4J8PaO8yVWD37cSUtpCsj+LGJvevxbRqcaA= = Received: from mail.feld.me (mail.feld.me [66.170.3.6]); by mail.feld.me (OpenSMTPD) with ESMTP id f59c315d; Mon, 16 Jun 2014 06:18:48 -0500 (CDT) Received: from feld@feld.me by mail.feld.me (Archiveopteryx 3.2.0) with esmtpa id 1402420245-26378-26375/5/1; Tue, 10 Jun 2014 17:10:45 +0000 Mime-Version: 1.0 Content-Type: text/plain; format=flowed Date: Tue, 10 Jun 2014 12:10:44 -0500 From: Mark Felder To: Matthias Meyser Subject: Re: [RFC] Fixed installworld with noexec /tmp In-Reply-To: <5396C6A3.6050004@xenet.de> References: <25659df71b49c7b72b6f2d9a786c5ac9@shatow.net> <5396C6A3.6050004@xenet.de> Message-Id: <9256634ca32304dc48edf51e8ac5effe@mail.feld.me> X-Sender: feld@FreeBSD.org User-Agent: Roundcube Webmail/1.0.1 Sender: feld@feld.me Cc: freebsd-hackers@freebsd.org, owner-freebsd-hackers@freebsd.org X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 16 Jun 2014 11:25:30 -0000 On 2014-06-10 03:49, Matthias Meyser wrote: > > Would this not break installing from an "RO" mounted OBJDIR? > > We build everything on one machine an install on many machines > by nfsmounting /usr/src/, /usr/doc, /usr/obj. > All of them are mounted "RO" to prevent changes during install. > I do this as well sometimes. Is /var/tmp ever "noexec" ? Maybe that's a good candidate?