[RFC] Fixed installworld with noexec /tmp

Matthias Meyser meyser at xenet.de
Tue Jun 10 08:49:55 UTC 2014 

Hi

Am 10.06.2014 01:01, schrieb Bryan Drewery:
> I've always had my /tmp mounted as noexec. Despite how useless this
> is, I and many others have had trouble with installworld due to it.
>
> You can see how frequent it occurs here:
> https://www.google.com/#q=freebsd+installworld+noexec
>
> A simple workaround, which I only just discovered from PR 58117, is to set
> TMPDIR
> to somewhere that can exec.
>
> This patch fixes it by using the OBJDIR rather than the assumed /tmp or
> TMPDIR.
>
> The purpose of the installworld code using INSTALLTMP is to use the pre-install
> binaries to do the install, rather than the newly built binaries. This is to
> ensure
> the binaries will run while system is in an inconsistent state with
> libraries and
> in case the kernel is not yet upgraded. My change adds continues to respect
> that by
> ensuring it uses the already-installed mkdir(1) and env(1) with full paths.
>
> http://people.freebsd.org/~bdrewery/patches/installworld-noexec.txt
>
> --- Makefile.inc1
> +++ Makefile.inc1
> @@ -191,7 +191,9 @@ TMPPATH=    ${STRICTTMPPATH}:${PATH}
>   # when in the middle of installing over this system.
>   #
>   .if make(distributeworld) || make(installworld)
> -INSTALLTMP!=    /usr/bin/mktemp -d -u -t install
> +INSTALLTMPDIR=    ${OBJTREE}${.CURDIR}/itmp
> +INSTALLTMP!=    /bin/mkdir -p ${INSTALLTMPDIR} && /usr/bin/env \
> +        TMPDIR=${INSTALLTMPDIR} /usr/bin/mktemp -d -u -t install
>   .endif
>
>   #
> @@ -833,7 +835,7 @@ distributeworld installworld: _installcheck_world
>           LOCAL_MTREE=${LOCAL_MTREE:Q} distrib-dirs
>   .endif
>       ${_+_}cd ${.CURDIR}; ${IMAKE} re${.TARGET:S/world$//}; \
> -        ${IMAKEENV} rm -rf ${INSTALLTMP}
> +        ${IMAKEENV} rm -rf ${INSTALLTMPDIR}
>   .if make(distributeworld)
>   .for dist in ${EXTRA_DISTRIBUTIONS}
>       find ${DESTDIR}/${DISTDIR}/${dist} -mindepth 1 -empty -delete
>
> The only downside I see is that failures can leave the stale tmpdir in
> the OBJDIR, which is why I remove the entire "itmp" dir once installworld
> finally does succeed.
>

Would this not break installing from an "RO" mounted OBJDIR?

We build everything on one machine an install on many machines
by nfsmounting /usr/src/, /usr/doc, /usr/obj.
All of them are mounted "RO" to prevent changes during install.

BW
   Matthias

-- 
Matthias Meyser            | XeNET GmbH
Tel.:  +49-5323-9489050    | 38678 Clausthal-Zellerfeld, Marktstrasse 40
Fax:   +49-5323-9489059    | Registergericht: Amtsgericht Braunschweig HRB 
110823
Email: Meyser at xenet.de     | Geschaeftsfuehrer: Matthias Meyser

More information about the freebsd-hackers mailing list