From owner-freebsd-pkgbase@freebsd.org Wed Dec 6 18:07:31 2017 Return-Path: Delivered-To: freebsd-pkgbase@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id A4462E87B86 for ; Wed, 6 Dec 2017 18:07:31 +0000 (UTC) (envelope-from carpeddiem@gmail.com) Received: from mail-it0-x22e.google.com (mail-it0-x22e.google.com [IPv6:2607:f8b0:4001:c0b::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4CDF77C4B7; Wed, 6 Dec 2017 18:07:31 +0000 (UTC) (envelope-from carpeddiem@gmail.com) Received: by mail-it0-x22e.google.com with SMTP id f190so8243507ita.5; Wed, 06 Dec 2017 10:07:31 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=fjeO2IiveMKhjqAHqJ8SuxKHtsbWPsgTqXw6hWl4xpo=; b=aectukC5DRoX88QLzJkdkCtCTgt1FELjmURyXfpdmkHtHytbCxpRb8UYNqsaVpwmAc r8zTtKm34sickESG2elgC+idPzvB2ntFKbSn+NUwu+KE0P98JPxtaSSZV9aLymwunKgG HgrAJTQigRctxMMZN7YDNFutqGjGDm8isdraNmoRb+vwJqyUDn41qcYFN+/O6DCdtGMk PtX+kQURef5ePysuftLQtsdIKcsAGjw1S9bKo9GAtaPg7ekhlKNXxPox3nQzBn2CH7t8 Y63t5gX0Oxt65iGdyMYgLsyktCp0l/gW+zU90j0pKqbr+4hc5fFSJVTwgRYFg2ZSpTDl UCEA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=fjeO2IiveMKhjqAHqJ8SuxKHtsbWPsgTqXw6hWl4xpo=; b=UbMNQ/p2upKJuKrXUv9G4DjKtTEjGoPBxmDyOOmXhcn+vU6obXCcwh6ZkOb5alTPkx C1+Gomio0LUVNfAnwR3HP98PiryN5smkH8b4ow93HeqtsrRF/GXGbFvLkkDAQ78VTpD1 96q4YYJloyrvHPnn1T1EYI21wL14d5o+tTJQFJ4P3iIER+hwwvS9nIxy+Nq0Q26mFiqb of0yxxO8iiyE0f6tubBRpe8UEJ91NdSrbFOVjNAQ80n3oGhg5TLq+CQSJaydqlH05PWG cCghp5WcTAKlANspPnxDZ0pDXSfSD9hnE+J0NPZDoV0hZl406HZwcyW/G3Gou/jOxH+H b26g== X-Gm-Message-State: AJaThX7DhqW3G9L35jVfYO8VUqzq2YQf7MdMWSmBGu7oxrEaowAfKQhS 1THGXVt6vxXfu2sHLr5TVYFt0+dNdUmCSrKl9+eQonVn X-Google-Smtp-Source: AGs4zMY6WJEJhuGPjOFvwRJWeankkw+xZnhekgs1CCcAL76TqvjGuxBS5J+2GTe8pSRZH+sWco5ui5Yo0qKusI6tNSk= X-Received: by 10.107.81.24 with SMTP id f24mr33464113iob.63.1512583650343; Wed, 06 Dec 2017 10:07:30 -0800 (PST) MIME-Version: 1.0 Sender: carpeddiem@gmail.com Received: by 10.107.85.6 with HTTP; Wed, 6 Dec 2017 10:07:09 -0800 (PST) In-Reply-To: <20171204215653.4mhaf6thtn2voe4v@ivaldir.net> References: <20171204183703.GG22326@FreeBSD.org> <201712041846.vB4IkuiW047326@pdx.rh.CN85.dnsmgr.net> <20171204185956.GH22326@FreeBSD.org> <20171204215653.4mhaf6thtn2voe4v@ivaldir.net> From: Ed Maste Date: Wed, 6 Dec 2017 13:07:09 -0500 X-Google-Sender-Auth: 8cDxrUGEHEa1gAQ_XKUk3BEqxhg Message-ID: Subject: Re: Recent issue with pkg base missing setuid To: Baptiste Daroussin Cc: Glen Barber , Kris Moore , "Rodney W. Grimes" , freebsd-pkgbase@freebsd.org Content-Type: text/plain; charset="UTF-8" X-BeenThere: freebsd-pkgbase@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: "Packaging the FreeBSD base system." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 06 Dec 2017 18:07:31 -0000 On 4 December 2017 at 16:56, Baptiste Daroussin wrote: > > So this is the issue, somewhere in the way libarchive is handling the hardlinks. I'm not sure libarchive is at fault, it seems to be a bug/limitation in the way install handles links with -M. For regular installs we invoke: install -l h and the link then has the same permissions via the existing inode. With -M install produces a metalog containing ./ type=file mode=0755 size=0 (i.e., permissions not explicitly set) and we end up with two entries in the metalog referencing two names for the same inode, but with different permissions. If we passed in the mode when invoking install for a hardlink we should have the expected permissions, regardless of sorting: # install -M METALOG -m4554 -l h ./ type=file mode=04554 size=0 On a positive note there are only a few Makefiles with LINKS as well as BINOWN, BINMODE, or BINGRP. As far as I can tell: release/picobsd/tinyware/passwd/Makefile sbin/shutdown/Makefile usr.bin/at/Makefile usr.sbin/authpf/Makefile and of these shutdown is the only one that has a link that's not already in alpha order.