Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 2 Nov 2004 14:13:42 +0200
From:      Ruslan Ermilov <ru@freebsd.org>
To:        Oliver Lehmann <lehmann@ans-netz.de>
Cc:        current@freebsd.org
Subject:   Re: make world inside a jail
Message-ID:  <20041102121341.GB56174@ip.net.ua>
In-Reply-To: <20041101212932.2452ddf1.lehmann@ans-netz.de>
References:  <20041101212932.2452ddf1.lehmann@ans-netz.de>
index | next in thread | previous in thread | raw e-mail 

[-- Attachment #1 --]
On Mon, Nov 01, 2004 at 09:29:32PM +0100, Oliver Lehmann wrote:
> Hi,
> 
> today I played a bit with make world inside a jail, and get stuck with
> install -fschg - because setting the schg flag inside a jail is permitted.
> I removed at first all schg flags from outside the jail, Then I discovered
> the option NOFSCHG in share/mk/bsd.lib.mk and retried the build with make
> -DNOSCHG installworld.
> But I got now once more stuck because of -fschg was hardcoded:
> 
> --- libexec/rtld-elf/Makefile.orig	Mon Nov  1 20:18:45 2004
> +++ libexec/rtld-elf/Makefile	Mon Nov  1 20:19:10 2004
> @@ -9,7 +9,11 @@
>  CFLAGS+=	-Wall -DFREEBSD_ELF -DIN_RTLD
>  CFLAGS+=	-I${.CURDIR}/${MACHINE_ARCH} -I${.CURDIR}
>  LDFLAGS+=	-nostdlib -e .rtld_start
> +.if !defined(NOFSCHG)
>  INSTALLFLAGS=	-fschg -C -b
> +.else
> +INSTALLFLAGS=	-C -b
> +.endif
>  BINDIR=		/libexec
>  SYMLINKS=	${BINDIR}/${PROG} /usr/libexec/${PROG}
>  MLINKS=		rtld.1 ld-elf.so.1.1 \
> 
> and now I'm stuck once more with:
> ===> bin/rcp
> install -s -o root -g wheel -m 4555  -fschg rcp /bin
> install: /bin/rcp: Operation not permitted
> 
> so I'm asking myself... maybe I'm doing sth. wrong? Is there an other way
> to avoid setting the schg flag during installworld?
> I actually don't care of security for that jail. I just have sth. to tast
> which I would preferably test within a jail and which requieres make
> world's.
> I could submit an pr with a patch which adds a NOSCHG option arround every
> -fschg assignment to INSTALLFLAGS if you want me to. But right now I'm
> just asking if there is something _I_ did wrong ;)
> 
Try this:

	make installworld INSTALLFLAGS_EDIT=:N-fschg


Cheers,
-- 
Ruslan Ermilov
ru@FreeBSD.org
FreeBSD committer

[-- Attachment #2 --]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (FreeBSD)

iD8DBQFBh3n1qRfpzJluFF4RAh+kAJ0ToHyaKEO6l3vK1Kr2ycpsJsdjiACghC25
h7tBGX9N0rq5i9iCgzcr5JY=
=wdB1
-----END PGP SIGNATURE-----
help

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041102121341.GB56174>