Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 06 Oct 2013 13:18:54 +0200
From:      =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= <des@des.no>
To:        Peter Wemm <peter@wemm.org>
Cc:        freebsd-arch@freebsd.org
Subject:   Re: Userland patch level
Message-ID:  <86hacuprz5.fsf@nine.des.no>
In-Reply-To: <52507F4A.1050707@wemm.org> (Peter Wemm's message of "Sat, 05 Oct 2013 14:06:18 -0700")
References:  <8661tbsi40.fsf@nine.des.no> <52507F4A.1050707@wemm.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
Peter Wemm <peter@wemm.org> writes:
> IMHO, promoting the parsing strings like this is fraught with danger.  The
> canonical one-true-version is __FreeBSD_version, I'd much rather encourage
> people to refer to that, and it is available in newvers.sh in the same way
> that you're building it now.

The kernel and userland versions do not necessarily match, even in
supported configurations.

newvers.sh is not necessarily available at run time.

> freebsd-version.sh.in seems fragile as presented.  It's missing
> loader.conf.local parsing, hardcodes the assumption that you use /boot
> (vs /efi), etc.

I wasn't aware of loader.conf.local.  I'll add support for it.

I don't know anything about efi.

As for hardcoding assumptions: like the man page says, this is a *best
effort* which is intended to work in the common case, i.e. either "make
buildworld buildkernel installworld installkernel" from a clean,
consistent tree or "freebsd-update fetch install".

> The usage string has a -i option that doesn't seem to exist.

Thanks, I'll fix that.

> Secteam does bump the osreldate for patch releases, right?

We bump newvers.sh.

> Woudn't that be sufficient for userland audit tools to reliably
> identify vulnerable userlands?

No.

I don't particularly enjoy answering the same questions over and over
again.  If you have any more questions, please read one of the previous
threads on this subject and / or the minutes from the security session
at the Malta summit.

DES
--=20
Dag-Erling Sm=C3=B8rgrav - des@des.no

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?86hacuprz5.fsf>