From owner-freebsd-stable@FreeBSD.ORG Thu Mar 2 23:09:04 2006 Return-Path: X-Original-To: freebsd-stable@freebsd.org Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0DD5916A420 for ; Thu, 2 Mar 2006 23:09:04 +0000 (GMT) (envelope-from yar@comp.chem.msu.su) Received: from comp.chem.msu.su (comp.chem.msu.su [158.250.32.97]) by mx1.FreeBSD.org (Postfix) with ESMTP id B8E1443D48 for ; Thu, 2 Mar 2006 23:08:50 +0000 (GMT) (envelope-from yar@comp.chem.msu.su) Received: from comp.chem.msu.su (localhost [127.0.0.1]) by comp.chem.msu.su (8.13.3/8.13.3) with ESMTP id k22N8hJU018547; Fri, 3 Mar 2006 02:08:44 +0300 (MSK) (envelope-from yar@comp.chem.msu.su) Received: (from yar@localhost) by comp.chem.msu.su (8.13.3/8.13.3/Submit) id k22N8h11018545; Fri, 3 Mar 2006 02:08:43 +0300 (MSK) (envelope-from yar) Date: Fri, 3 Mar 2006 02:08:43 +0300 From: Yar Tikhiy To: Nick Price Message-ID: <20060302230843.GB16191@comp.chem.msu.su> References: <4406A6B3.1080007@dindin.ru> <000601c63ddb$afa2ebe0$fbd2a118@bigmatix> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <000601c63ddb$afa2ebe0$fbd2a118@bigmatix> User-Agent: Mutt/1.5.9i Cc: freebsd-stable@freebsd.org Subject: Re: Remote Installworld X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 02 Mar 2006 23:09:04 -0000 On Thu, Mar 02, 2006 at 01:28:34AM -0800, Nick Price wrote: > > > > > > I'm currently administering a machine about 1500mi from me with nobody > > > local to the machine to assist me. Anyways, my only access to this > > > machine is via SSH, no remote serial console or anything. > > > When I try to do a "make installworld" I end up with > > > install: rename: /lib/INS@aTxk to /lib/libcrypt.so.3: Operation not > > > permitted > > > very shortly thereafter. I cannot boot into single user mode because > > > I am far, far away from the machine. What can I do to finish the > > > installworld? > > > > It's probably because there schg flag set for this file. Try to > > # chflags noschg /lib/libcrypt.so > > if your securelevel allows it. Afterward try installworld one more time. > > The securelevel wouldn't allow me to change the flag. You'll have to reboot the machine in order to decrease its securelevel. This part is rather obvious: edit /etc/rc.conf, save, cross your fingers, reboot. In rc.conf, look for kern_securelevel_enable or kern_securelevel. Consult rc.conf(5) manpage for details. The question is whether that machine will succeed in booting to multi-user then, given that "make installworld" has already changed some system files. The libcrypt.so library gets installed rather early, so there's a good chance that your machine will book OK using old userland programs and libraries. Just make sure you haven't forgot to install the new kernel with "make installkernel" before the reboot. Assuming here that you haven't done a complete run of mergemaster(8): new files in /etc might confuse old programs. If still in doubt, try to reproduce the case locally on a test machine and see what happens. Apropos, clearing the schg flag on old system files is generally not needed before installworld because install(1) can deal with it if allowed to by the securelevel setting. -- Yar