From owner-freebsd-current@freebsd.org Thu May 12 15:34:42 2016 Return-Path: Delivered-To: freebsd-current@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id AF9F3B38657 for ; Thu, 12 May 2016 15:34:42 +0000 (UTC) (envelope-from mm@freebsd.org) Received: from mail.vx.sk (mail.vx.sk [IPv6:2a01:4f8:161:9127::4]) by mx1.freebsd.org (Postfix) with ESMTP id 5DAB81CD8 for ; Thu, 12 May 2016 15:34:42 +0000 (UTC) (envelope-from mm@freebsd.org) Received: from mail.vx.sk (localhost [127.0.0.1]) by mail.vx.sk (Postfix) with ESMTP id 83C32CCAA; Thu, 12 May 2016 17:34:41 +0200 (CEST) X-Virus-Scanned: amavisd-new at mail.vx.sk Received: from mail.vx.sk by mail.vx.sk (amavisd-new, unix socket) with LMTP id uZOWcdfmTxhX; Thu, 12 May 2016 17:34:41 +0200 (CEST) Received: from mail.vx.sk (localhost [IPv6:::1]) by mail.vx.sk (Postfix) with ESMTPSA id DA290CC84; Thu, 12 May 2016 17:34:40 +0200 (CEST) Received: from 145.243.194.207 ([145.243.194.207]) by mail.vx.sk (Horde Framework) with HTTP; Thu, 12 May 2016 17:34:40 +0200 Date: Thu, 12 May 2016 17:34:40 +0200 Message-ID: <20160512173440.Horde.5l1s9ijXRgAeMNgmT0MmCPa@mail.vx.sk> From: Martin Matuska To: Michael Butler Cc: freebsd-current Subject: Re: libarchive update SVN r299529 breaks "ezjail update" In-Reply-To: <2c059cf5-2c8a-3b89-16c3-eedf02a01ec5@protected-networks.net> User-Agent: Horde Application Framework 5 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed; DelSp=Yes Content-Transfer-Encoding: 8bit Content-Disposition: inline Content-Description: Textnachricht X-Content-Filtered-By: Mailman/MimeDel 2.1.22 X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 May 2016 15:34:42 -0000 Hi Michael, I have looked at the source and this is an intended change in 3.2.0. An absolute path security check was added, cpio refuses to extract or copy over absolute paths. To do this anyway the "--insecure" flag must be used. Here is the commit: https://github.com/libarchive/libarchive/commit/59357157706d47c365b2227739e17daba3607526 Quoting Michael Butler : > It seems that today's libarchive update breaks cpio's behaviour: > > sudo ezjail-admin update -i -s /usr/src > > [ .. ] > > cd /usr/src/etc/..; install -o root -g wheel -m 444  COPYRIGHT > /usr/local/jails/fulljail/ > install -o root -g wheel -m 444 > /usr/src/etc/../sys/i386/conf/GENERIC.hints > /usr/local/jails/fulljail/boot/device.hints > /usr/local/jails/basejail/bincpio: bin: Path is absolute: Unknown error: -1 > > /usr/local/jails/basejail/bin/catcpio: bin/cat: Path is absolute: > Unknown error: -1 > > /usr/local/jails/basejail/bin/chflagscpio: bin/chflags: Path is > absolute: Unknown error: -1 > > /usr/local/jails/basejail/bin/chiocpio: bin/chio: Path is absolute: > Unknown error: -1 > > /usr/local/jails/basejail/bin/chmodcpio: bin/chmod: Path is absolute: > Unknown error: -1 > > /usr/local/jails/basejail/bin/cpcpio: bin/cp: Path is absolute: Unknown > error: -1 > > /usr/local/jails/basejail/bin/datecpio: bin/date: Path is absolute: > Unknown error: -1 > > /usr/local/jails/basejail/bin/ddcpio: bin/dd: Path is absolute: Unknown > error: -1 > > /usr/local/jails/basejail/bin/dfcpio: bin/df: Path is absolute: Unknown > error: -1 > > /usr/local/jails/basejail/bin/domainnamecpio: bin/domainname: Path is > absolute: Unknown error: -1 > [ .. etc. .. ] -- Martin Matuska FreeBSD committer http://blog.vx.sk