[Bug 283340] build: distributeworld -DNO_ROOT does not set SSL cert links uname / gname in METALOG

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=283340

--- Comment #4 from Jessica Clarke <jrtc27@freebsd.org> ---
> The metalog file should have a:
>     /set uname=root gname=wheel
> Definition at the beginning of the file that should prevent this from happening.

No it shouldn't. That would hide potential bugs. If you want anything it should
be to have a validation pass that every entry has uname and gname set.

> At any rate, the patch applied in 10fa3f2518d4 ("certctl: Set METALOG ownership to root:wheel") broke my NanoBSD NO_ROOT builds (WIP) because the password database file does not yet exist when certctl.sh is rehashed:
>     install: Can't open `/usr/obj/jlduran/obj/_.w/etc/group': No such file or directory
>     install: Unable to use user and group databases in `/usr/obj/jlduran/obj/_.w/etc': No such file or directory
> 
> One “hack” that could work is to remove the -N flag from the INSTALLFLAGS.
> Or perhaps move the rehash later in the Makefile?

Yes and no; the patch is broken. certctl.sh rehash is run during installworld,
but the destination won't have the relevant files until distribution is run,
which at least for cheribuild comes after installworld, and I assume is true
for your build too. Makefile.inc1 uses -N ${.CURDIR}/etc, i.e. the *source*
tree's, DB. I think certctl.sh needs to do the same during installworld.

-- 
You are receiving this mail because:
You are the assignee for the bug.