A recent 10.2-STABLE no longer builds on a no-exec /usr/src file system

Mark Martinec Mark.Martinec+freebsd at ijs.si
Mon Dec 7 15:35:13 UTC 2015 

So, is this a new state of affairs that /usr/src file system
needs to be mounted exec in order for buildworld to succeed,
or is this an unintended change and I should file a bug report?

   Mark


On 2015-11-26 19:44, Miroslav Lachman wrote:
> Mark Martinec wrote on 11/26/2015 19:31:
>> Up to about a week ago building world on FreeBSD 10.2-STABLE went
>> just fine. Today after svn update the build fails:
>> 
>> 
>> # make buildworld
>> [...]
>> 
>> CC='cc ' mkdep -f .depend.getprotoent_test -a
>> -I/usr/src/lib/libc/tests/net -I/usr/src/lib/libnetbsd
>> -I/usr/src/contrib/netbsd-tests -std=gnu99
>> /usr/src/contrib/netbsd-tests/lib/libc/net/t_getprotoent.c
>> echo getprotoent_test: /usr/obj/usr/src/tmp/usr/lib/libc.a
>> /usr/obj/usr/src/tmp/usr/lib/private/libatf-c.a >> 
>> .depend.getprotoent_test
>> (cd /usr/src/lib/libc/tests/net && make -f
>> /usr/src/lib/libc/tests/net/Makefile _RECURSING_PROGS=  SUBDIR=
>> PROG=ether_aton_test  DEPENDFILE=.depend.ether_aton_test
>> .MAKE.DEPENDFILE=.depend.ether_aton_test   depend)
>> /usr/src/contrib/netbsd-tests/lib/libc/net/gen_ether_subr
>> /usr/src/sys/net/if_ethersubr.c aton_ether_subr.c
>> make[7]: 
>> exec(/usr/src/contrib/netbsd-tests/lib/libc/net/gen_ether_subr)
>> failed (Permission denied)
>> *** Error code 1
>> 
>> Stop.
>> make[7]: stopped in /usr/src/lib/libc/tests/net
>> *** Error code 1
>> 
>> 
>> It turns out that our file system /usr/src had an "exec" flag
>> turned off, so now running a command:
>>    /usr/src/contrib/netbsd-tests/lib/libc/net/gen_ether_subr
>> fails with "Permission denied".
>> 
>> It would be valuable if building a system on an exec-protected
>> src file system would continue to be possible.
>> 
>> Not sure if the 
>> /usr/src/contrib/netbsd-tests/lib/libc/net/gen_ether_subr
>> is the only such new command breaking the build. Anyway, a simple
>> workaround is to run shell from a command line instead of as a
>> shebang, i.e.:
>> 
>>    # /bin/sh /usr/src/contrib/netbsd-tests/lib/libc/net/gen_ether_subr
>> 
>> instead of:
>> 
>>    # /usr/src/contrib/netbsd-tests/lib/libc/net/gen_ether_subr
> 
> I was puzzled by similar thing years ago. I was using /var/db and /tmp
> mounted with noexec. And then there was some changes. Ports need
> /var/db with exec because of some script in /var/db/pkg and /tmp must
> have exec too for buildworld or installworld (I don't remember it
> well, now I always do mount -u -o current,exec /tmp before build +
> install world and kernel)
> 
> Anyway - it would be better to not have these partitions mounted with 
> exec.
> 
> Miroslav Lachman

More information about the freebsd-stable mailing list