From owner-freebsd-questions  Sun Jul 22 18:43:18 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from mailc.telia.com (mailc.telia.com [194.22.190.4])
	by hub.freebsd.org (Postfix) with ESMTP id C8B9437B403
	for <freebsd-questions@FreeBSD.ORG>; Sun, 22 Jul 2001 18:43:11 -0700 (PDT)
	(envelope-from ertr1013@student.uu.se)
Received: from d1o913.telia.com (d1o913.telia.com [195.252.44.241])
	by mailc.telia.com (8.11.2/8.11.0) with ESMTP id f6N1h7q16470
	for <freebsd-questions@FreeBSD.ORG>; Mon, 23 Jul 2001 03:43:07 +0200 (CEST)
Received: from ertr1013.student.uu.se (h185n2fls20o913.telia.com [212.181.163.185])
	by d1o913.telia.com (8.8.8/8.8.8) with SMTP id DAA16310
	for <freebsd-questions@FreeBSD.ORG>; Mon, 23 Jul 2001 03:43:06 +0200 (CEST)
Received: (qmail 52910 invoked by uid 1001); 23 Jul 2001 01:42:18 -0000
Date: Mon, 23 Jul 2001 03:42:17 +0200
From: Erik Trulsson <ertr1013@student.uu.se>
To: Jim Durham <durham@w2xo.pgh.pa.us>
Cc: Mark Rowlands <mark.rowlands@minmail.net>,
	matt <matt@bluemoon.27south.com>, freebsd-questions@FreeBSD.ORG
Subject: Re: Security Issues And Iso Images
Message-ID: <20010723034216.A36349@student.uu.se>
Mail-Followup-To: Jim Durham <durham@w2xo.pgh.pa.us>,
	Mark Rowlands <mark.rowlands@minmail.net>,
	matt <matt@bluemoon.27south.com>, freebsd-questions@FreeBSD.ORG
References: <20010723021248.A80079@student.uu.se> <Pine.BSF.4.33.0107222045210.2632-100000@jimslaptop.int>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <Pine.BSF.4.33.0107222045210.2632-100000@jimslaptop.int>
User-Agent: Mutt/1.3.19i
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

On Sun, Jul 22, 2001 at 09:04:50PM -0400, Jim Durham wrote:
> 
> 
> On Mon, 23 Jul 2001, Erik Trulsson wrote:
> 
> > On Sun, Jul 22, 2001 at 08:04:27PM -0400, Jim Durham wrote:
> > > On Sun, 22 Jul 2001, Mark Rowlands wrote:
> > >
> > > > 9) cd /usr/src
> > > >
> > > > make buildworld && make buildkernel KERNCONF=YOURKERNEL \
> > >
> > > I don't want to confuse the issue... but I have "an issue" 8-) . Aren't
> > > you building your kernel against old libs? IMHO you want to do your
> > > buildworld, then drop to single-user (you can't install a running binary),
> > > do your installworld, then buildkernel, then installkernel, so that your
> > > new kernel is built against the newly installed libraries.
> >
> > Nope, make buildkernel will use the libraries in /usr/obj that were
> > built by the previous buildworld.
> > builworld, buildkernel, installkernel, installworld  is the correct
> > sequence.
> 
> > You might want to drop into single user mode before the installworld
> > but as long as the system is quiet that isn't necessary.
> >
> 
> Maybe I'm out of date, but how do you replace a running binary that
> is mapped into address space while it's running? The only way to do
> it, as far as I know, is to rename it and then create a new binary
> which will run after a reboot, leaving the old file there with another
> name. Does the script do all this, or have the rules changed?

(Note that dropping into single user mode would not change anything
about this.)

Replacing the binary of running program is no problem.  You just
overwrite the old file with the new one.  The system automatically
keeps track of the parts of the old binaries that it needs.
This is similar to how you can delete a file that another program hold
open.  The other program can still read and write to the file even
though it no longer appears in a directory listing.  The space for the
file won't be reclaimed until no program is using it any more.
I don't know for how long this has been true but several years at least
I believe. Quite possibly forever.

(Although I have run into problems on a Solaris system with NFS-mounted
directories a couple of years ago where removing the binary of a
running program caused a program crash fairly quickly.  That system has
since been upgraded and the problem disappeared.)  

> 
> Also, in my reading somewhere, and I can't find it now of course,
> it was mentioned that you had to specifically ask for the /obj libs
> to be used, and the person didn't feel this worked well for some
> reason I also forget (I forget a lot lately)

This might be from before the new buildkernel target was introduced.
Back then the installed files were used and not the ones in /usr/obj.

Note also that for quite some time you could not even do a 'make
buildkernel' without first having done a 'make buildworld'. This was
because the buildkernel target tried to use the files built by a
buildworld and failed if they weren't found. I believe this has since
been fixed.


> 
> If you can amplify on the whys of all this, I'm sure there are others
> who would be very interested.
> 
> Thanks,
> 
> Jim


If in doubt please see /usr/src/UPDATING which describes the official
way of upgrading which is:

        To update from 4.0-RELEASE or later to the most current
        4.x-STABLE
        ----------
        make buildworld
        make buildkernel KERNCONF=YOUR_KERNEL_HERE
        make installkernel KERNCONF=YOUR_KERNEL_HERE
        reboot  (in single user) [1]
        make installworld
        mergemaster
        reboot

(The reboot before installworld can usually be skipped on quiet systems.)

-- 
<Insert your favourite quote here.>
Erik Trulsson
ertr1013@student.uu.se


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message