From owner-freebsd-hackers@FreeBSD.ORG Wed Mar 4 16:48:16 2015 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id F2DC3180 for ; Wed, 4 Mar 2015 16:48:15 +0000 (UTC) Received: from slim.berklix.org (slim.berklix.org [94.185.90.68]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 95948ECE for ; Wed, 4 Mar 2015 16:48:14 +0000 (UTC) Received: from mart.js.berklix.net (pD9FBE68B.dip0.t-ipconnect.de [217.251.230.139]) (authenticated bits=128) by slim.berklix.org (8.14.5/8.14.5) with ESMTP id t24G4LtR046718; Wed, 4 Mar 2015 17:04:22 +0100 (CET) (envelope-from jhs@berklix.com) Received: from fire.js.berklix.net (fire.js.berklix.net [192.168.91.41]) by mart.js.berklix.net (8.14.3/8.14.3) with ESMTP id t24G0wG5083584; Wed, 4 Mar 2015 17:00:58 +0100 (CET) (envelope-from jhs@berklix.com) Received: from fire.js.berklix.net (localhost [127.0.0.1]) by fire.js.berklix.net (8.14.7/8.14.7) with ESMTP id t24G0QV1048766; Wed, 4 Mar 2015 17:00:39 +0100 (CET) (envelope-from jhs@berklix.com) Message-Id: <201503041600.t24G0QV1048766@fire.js.berklix.net> To: freebsd-hackers@freebsd.org Subject: Patch to stop world killing jails via failing install -fschg libc.so.7 From: "Julian H. Stacey" Organization: http://berklix.com BSD Linux Unix Consultants, Munich Germany User-agent: EXMH on FreeBSD http://www.berklix.com/free/ X-URL: http://www.berklix.com/~jhs/cv/ Date: Wed, 04 Mar 2015 17:00:26 +0100 Cc: "Julian H. Stacey" , np@bsn.com X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 Mar 2015 16:48:16 -0000 Hi Hackers, I have filed this patch https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=198279 via https://bugs.freebsd.org/bugzilla/enter_bug.cgi Chflags lovers (not me!) might want to write an enhanced patch. ----- Jails are lethaly killed by make world, unless /etc/make.conf contains this: NO_FSCHG="yes" # Avoid bsd.lib.mk 'INSTALLFLAGS+= -fschg' killing FreeBSD jails, # deleting /lib/libc.so.7 via 'cd /usr/src/lib/csu/amd64 ; make install' Killing: uname -a FreeBSD land.berklix.org 10.1-RELEASE-p6 FreeBSD 10.1-RELEASE-p6 #0: Tue Feb 24 19:00:21 UTC 2015 root@amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC amd64 cd /usr/src; make install ===> lib/libc (install) install -s -o root -g wheel -m 444 -fschg -S libc.so.7 /lib install: /lib/libc.so.7: chflags: Operation not permitted *** Error code 71 Recovery: /rescue/cp /usr/obj/usr/src/lib/libc/libc.so.7 /lib/ man install falsely claims: -S Safe copy, But is broken by -fschg ! Solutions: - Disable chflags in bsd.lib.mk & bsd.lib.mk. Patches appended. - Or Extend bsd.lib.mk & bsd.lib.mk to be conditional on jail detection. (**) - Or Fix install to not break with chflags (**) (**) Last 2 should be done by those who want to keep Chflags in FreeBSD, not me, I've used Unix since 1978, but find chflags a Wart best removed. I discovered this on 8.2-RELEASE 18 Jun 2013, & just got bitten again on 10.1-RELEASE-p6, (as my jail's make.conf lost its NO_FSCHG="yes"). *** 10.1-RELEASE-p6/src/share/mk/bsd.lib.mk Wed Mar 4 14:27:16 2015 --- new-generic/src/share/mk/bsd.lib.mk Wed Mar 4 14:33:48 2015 *************** *** 284,291 **** .if defined(PRECIOUSLIB) .if !defined(NO_FSCHG) ! SHLINSTALLFLAGS+= -fschg .endif SHLINSTALLFLAGS+= -S .endif --- 284,290 ---- .if defined(PRECIOUSLIB) .if !defined(NO_FSCHG) ! # SHLINSTALLFLAGS+= -fschg ! # Explanation: http://berklix.com/~jhs/src/bsd/fixes/freebsd/src/gen/share/mk/bsd.lib.mk.chflags.REL=ALL.diff .endif SHLINSTALLFLAGS+= -S .endif *************** *** 356,362 **** ${INSTALL_SYMLINK} ${_SHLIBDIRPREFIX}${_SHLIBDIR}/${SHLIB_NAME} \ ${DESTDIR}${_LIBDIR}/${SHLIB_LINK} .if exists(${DESTDIR}${_LIBDIR}/${SHLIB_NAME}) ! -chflags noschg ${DESTDIR}${_LIBDIR}/${SHLIB_NAME} rm -f ${DESTDIR}${_LIBDIR}/${SHLIB_NAME} .endif .endif --- 356,364 ---- ${INSTALL_SYMLINK} ${_SHLIBDIRPREFIX}${_SHLIBDIR}/${SHLIB_NAME} \ ${DESTDIR}${_LIBDIR}/${SHLIB_LINK} .if exists(${DESTDIR}${_LIBDIR}/${SHLIB_NAME}) ! # -chflags noschg ${DESTDIR}${_LIBDIR}/${SHLIB_NAME} ! # Chflags wont actually kill the system here, but chflags is dirty. ! @echo "Skipping -chflags noschg ${DESTDIR}${_LIBDIR}/${SHLIB_NAME}" rm -f ${DESTDIR}${_LIBDIR}/${SHLIB_NAME} .endif .endif *** 10.1-RELEASE-p6/src/share/mk/bsd.prog.mk Wed Mar 4 14:27:16 2015 --- new-generic/src/share/mk/bsd.prog.mk Wed Mar 4 14:34:50 2015 *************** *** 185,192 **** .if defined(PRECIOUSPROG) .if !defined(NO_FSCHG) ! INSTALLFLAGS+= -fschg ! # Explanation: http://berklix.com/~jhs/src/bsd/fixes/freebsd/src/gen/share/mk/bsd.lib.mk.chflags.REL=ALL.diff .endif INSTALLFLAGS+= -S .endif --- 185,192 ---- .if defined(PRECIOUSPROG) .if !defined(NO_FSCHG) ! # INSTALLFLAGS+= -fschg ! # See similar change in bsd.lib.mk .endif INSTALLFLAGS+= -S .endif Cheers, Julian -- Julian Stacey, BSD Linux Unix C Sys Eng Consultant Munich http://berklix.com Indent previous with "> ". Reply Below as a play script. Send plain text, Not quoted-printable, HTML, or base64.