[Bug 281995] IDS errors after upgrading from 14.0 to 14.1-RELEASE amd64

In reply to: bugzilla-noreply_a_freebsd.org: "[Bug 281995] IDS errors after upgrading from 14.0 to 14.1-RELEASE amd64"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Fri, 11 Oct 2024 03:18:23 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=281995

--- Comment #3 from Jiacong Fang <zldrobit@gmail.com> ---
When upgrading from a fresh 14.1-RELEASE install to 14.1-RELEASE-p5, the IDS
check passed. After changing permissions using 'chmod -x /boot/kernel/*
/usr/lib/debug/boot/kernel/*', IDS works as expected in the aforementioned
FreeBSD (updated from 14.0-RELEASE). 

My best guess is the permissions of '/boot/kernel/*' and
'/usr/lib/debug/boot/kernel/*' differ between 14.0-RELEASE and 14.1-RELEASE.
The 'freebsd-update' tool does not apply permission changes, thus the IDS check
failed. If the permissions is set correctly, the SHA256 hash check also passes.

PS: Change the perm of '/var/db/etcupdate/current/root' from 0755 -> 0750

-- 
You are receiving this mail because:
You are the assignee for the bug.