pkg check -s - why does it try to open the pkg DB in r/w mode?
Date: Tue, 21 May 2024 12:54:29 UTC
Hi all, we have this jail based hosting environment and I began to debug some odd error message of the daily security check output: ----------- pkg: Insufficient privileges ----------- The cause was quickly found with truss: ----------- 14199: openat(AT_FDCWD,"/var/db/pkg",O_RDONLY|O_DIRECTORY|O_CLOEXEC,00) = 5 (0x5) 14199: fstatat(5,".",{ mode=drwxr-xr-x ,inode=34,size=5,blksize=4096 },0x0) = 0 (0x0) 14199: faccessat(5,".",R_OK,AT_EACCESS) = 0 (0x0) 14199: fstatat(5,"local.sqlite",{ mode=-rw-r--r-- ,inode=2,size=109010944,blksize=131072 },0x0) = 0 (0x0) 14199: faccessat(5,"local.sqlite",R_OK,AT_EACCESS) = 0 (0x0) 14199: fstatat(5,".",{ mode=drwxr-xr-x ,inode=34,size=5,blksize=4096 },0x0) = 0 (0x0) 14199: faccessat(5,".",R_OK,AT_EACCESS) = 0 (0x0) 14199: fstatat(5,"local.sqlite",{ mode=-rw-r--r-- ,inode=2,size=109010944,blksize=131072 },0x0) = 0 (0x0) 14199: faccessat(5,"local.sqlite",W_OK,AT_EACCESS) ERR#30 'Read-only file system' pkg: 14199: write(2,"pkg: ",5) = 5 (0x5) Insufficient privileges14199: write(2,"Insufficient privileges",23) = 23 (0x17) ----------- Yes, we mount lots of things into the jails r/o. The daily script runs `pkg -qsa` for a checksum check of all installed packages. Question: why does pkg need the database to be r/w for a -s/--checksum check? Thanks and kind regards, Patrick -- punkt.de GmbH Patrick M. Hausen .infrastructure Sophienstr. 187 76185 Karlsruhe Tel. +49 721 9109500 https://infrastructure.punkt.de info@punkt.de AG Mannheim 108285 Geschäftsführer: Daniel Lienert, Fabian Stein