Date: Sun, 21 Sep 2008 15:29:02 -0700 From: "Jason C. Wells" <jcw@highperformance.net> To: "Jason C. Wells" <jcw@highperformance.net> Cc: Jeremy Chadwick <koitsu@freebsd.org>, freebsd-stable <freebsd-stable@freebsd.org> Subject: Re: Installworld deletes libc Message-ID: <48D6CAAE.9060303@highperformance.net> In-Reply-To: <48D6C995.7060606@highperformance.net> References: <48D68FD6.50804@highperformance.net> <20080921215113.GB9494@icarus.home.lan> <48D6C995.7060606@highperformance.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Jason C. Wells wrote: > Jeremy Chadwick wrote: >> On Sun, Sep 21, 2008 at 11:17:58AM -0700, Jason C. Wells wrote: >>> I have the problem similar to one described in 20071024 UPDATING. >>> The build is running inside a jail. The system is 6.2-RELEASE. I >>> supped this moring. I have the correct lib/Makefile. During >>> installworld I receive an error: >>> >>> install: /lib/libc.so.6: chflags: Operation not permitted >>> *** Error code 71 >>> >>> Stop in /usr/src/lib/libc. >>> >>> My situation is different in the libc is erased in the process. >>> Copying the new libc.so.6 from /usr/obj does not fix the problem. >>> >>> Any ideas? >> >> Sounds like kern.securelevel is in the way. See security(7). > > The securelevel would normally prevent the deletion of a file. The > secure level of this jail is -1 in any case so the schg flag should be > ignored. security.jail.chflags_allowed=0 seems to supersede the > securelevel according to sysctl(8). > > Some part of installworld is misbehaving in the jail. The security > mechanisms in securelevel and security.jail.chflags_allowed are not > working. I should add that 'systcl security.jail.chflags_allowed=1' allowed installworld to proceed without error. That solves my immediate problem. There appears to be a bug in the security mechanism. Later, Jason
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?48D6CAAE.9060303>