Mark Martinec
2016-Jan-14 15:42 UTC
A recent 10.2-STABLE no longer builds on a no-exec /usr/src file system
Prompted by recent security advisories I did a 'make buildworld' on a fresh svn checkout, only to find out that it seems the 'exec' mount flag on /usr/src is still required for a successful build. This wasn't so for 10.2, and I hope it won't become a requirement in 10.3 - or at least it should be clearly documented in release notes. Mark On 2015-12-07 16:35, Mark Martinec wrote:> So, is this a new state of affairs that /usr/src file system > needs to be mounted exec in order for buildworld to succeed, > or is this an unintended change and I should file a bug report? > > Mark > > > On 2015-11-26 19:44, Miroslav Lachman wrote: >> Mark Martinec wrote on 11/26/2015 19:31: >>> Up to about a week ago building world on FreeBSD 10.2-STABLE went >>> just fine. Today after svn update the build fails: >>> >>> >>> # make buildworld >>> [...] >>> >>> CC='cc ' mkdep -f .depend.getprotoent_test -a >>> -I/usr/src/lib/libc/tests/net -I/usr/src/lib/libnetbsd >>> -I/usr/src/contrib/netbsd-tests -std=gnu99 >>> /usr/src/contrib/netbsd-tests/lib/libc/net/t_getprotoent.c >>> echo getprotoent_test: /usr/obj/usr/src/tmp/usr/lib/libc.a >>> /usr/obj/usr/src/tmp/usr/lib/private/libatf-c.a >> >>> .depend.getprotoent_test >>> (cd /usr/src/lib/libc/tests/net && make -f >>> /usr/src/lib/libc/tests/net/Makefile _RECURSING_PROGS= SUBDIR>>> PROG=ether_aton_test DEPENDFILE=.depend.ether_aton_test >>> .MAKE.DEPENDFILE=.depend.ether_aton_test depend) >>> /usr/src/contrib/netbsd-tests/lib/libc/net/gen_ether_subr >>> /usr/src/sys/net/if_ethersubr.c aton_ether_subr.c >>> make[7]: >>> exec(/usr/src/contrib/netbsd-tests/lib/libc/net/gen_ether_subr) >>> failed (Permission denied) >>> *** Error code 1 >>> >>> Stop. >>> make[7]: stopped in /usr/src/lib/libc/tests/net >>> *** Error code 1 >>> >>> >>> It turns out that our file system /usr/src had an "exec" flag >>> turned off, so now running a command: >>> /usr/src/contrib/netbsd-tests/lib/libc/net/gen_ether_subr >>> fails with "Permission denied". >>> >>> It would be valuable if building a system on an exec-protected >>> src file system would continue to be possible. >>> >>> Not sure if the >>> /usr/src/contrib/netbsd-tests/lib/libc/net/gen_ether_subr >>> is the only such new command breaking the build. Anyway, a simple >>> workaround is to run shell from a command line instead of as a >>> shebang, i.e.: >>> >>> # /bin/sh >>> /usr/src/contrib/netbsd-tests/lib/libc/net/gen_ether_subr >>> >>> instead of: >>> >>> # /usr/src/contrib/netbsd-tests/lib/libc/net/gen_ether_subr >> >> I was puzzled by similar thing years ago. I was using /var/db and /tmp >> mounted with noexec. And then there was some changes. Ports need >> /var/db with exec because of some script in /var/db/pkg and /tmp must >> have exec too for buildworld or installworld (I don't remember it >> well, now I always do mount -u -o current,exec /tmp before build + >> install world and kernel) >> >> Anyway - it would be better to not have these partitions mounted with >> exec. >> >> Miroslav Lachman > _______________________________________________ > freebsd-stable at freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to > "freebsd-stable-unsubscribe at freebsd.org"
Bryan Drewery
2016-Jan-14 22:13 UTC
A recent 10.2-STABLE no longer builds on a no-exec /usr/src file system
Where / What is the error? The only example here was fixed in November. On 1/14/2016 7:42 AM, Mark Martinec wrote:> Prompted by recent security advisories I did a 'make buildworld' > on a fresh svn checkout, only to find out that it seems the 'exec' > mount flag on /usr/src is still required for a successful build. > > This wasn't so for 10.2, and I hope it won't become a requirement > in 10.3 - or at least it should be clearly documented in release notes. > > Mark > > > On 2015-12-07 16:35, Mark Martinec wrote: >> So, is this a new state of affairs that /usr/src file system >> needs to be mounted exec in order for buildworld to succeed, >> or is this an unintended change and I should file a bug report? >> >> Mark >> >> >> On 2015-11-26 19:44, Miroslav Lachman wrote: >>> Mark Martinec wrote on 11/26/2015 19:31: >>>> Up to about a week ago building world on FreeBSD 10.2-STABLE went >>>> just fine. Today after svn update the build fails: >>>> >>>> >>>> # make buildworld >>>> [...] >>>> >>>> CC='cc ' mkdep -f .depend.getprotoent_test -a >>>> -I/usr/src/lib/libc/tests/net -I/usr/src/lib/libnetbsd >>>> -I/usr/src/contrib/netbsd-tests -std=gnu99 >>>> /usr/src/contrib/netbsd-tests/lib/libc/net/t_getprotoent.c >>>> echo getprotoent_test: /usr/obj/usr/src/tmp/usr/lib/libc.a >>>> /usr/obj/usr/src/tmp/usr/lib/private/libatf-c.a >> >>>> .depend.getprotoent_test >>>> (cd /usr/src/lib/libc/tests/net && make -f >>>> /usr/src/lib/libc/tests/net/Makefile _RECURSING_PROGS= SUBDIR>>>> PROG=ether_aton_test DEPENDFILE=.depend.ether_aton_test >>>> .MAKE.DEPENDFILE=.depend.ether_aton_test depend) >>>> /usr/src/contrib/netbsd-tests/lib/libc/net/gen_ether_subr >>>> /usr/src/sys/net/if_ethersubr.c aton_ether_subr.c >>>> make[7]: >>>> exec(/usr/src/contrib/netbsd-tests/lib/libc/net/gen_ether_subr) >>>> failed (Permission denied) >>>> *** Error code 1 >>>> >>>> Stop. >>>> make[7]: stopped in /usr/src/lib/libc/tests/net >>>> *** Error code 1 >>>> >>>> >>>> It turns out that our file system /usr/src had an "exec" flag >>>> turned off, so now running a command: >>>> /usr/src/contrib/netbsd-tests/lib/libc/net/gen_ether_subr >>>> fails with "Permission denied". >>>> >>>> It would be valuable if building a system on an exec-protected >>>> src file system would continue to be possible. >>>> >>>> Not sure if the >>>> /usr/src/contrib/netbsd-tests/lib/libc/net/gen_ether_subr >>>> is the only such new command breaking the build. Anyway, a simple >>>> workaround is to run shell from a command line instead of as a >>>> shebang, i.e.: >>>> >>>> # /bin/sh /usr/src/contrib/netbsd-tests/lib/libc/net/gen_ether_subr >>>> >>>> instead of: >>>> >>>> # /usr/src/contrib/netbsd-tests/lib/libc/net/gen_ether_subr >>> >>> I was puzzled by similar thing years ago. I was using /var/db and /tmp >>> mounted with noexec. And then there was some changes. Ports need >>> /var/db with exec because of some script in /var/db/pkg and /tmp must >>> have exec too for buildworld or installworld (I don't remember it >>> well, now I always do mount -u -o current,exec /tmp before build + >>> install world and kernel) >>> >>> Anyway - it would be better to not have these partitions mounted with >>> exec. >>>-- Regards, Bryan Drewery -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 473 bytes Desc: OpenPGP digital signature URL: <http://lists.freebsd.org/pipermail/freebsd-stable/attachments/20160114/a9dc3bc7/attachment.sig>