From owner-freebsd-current@FreeBSD.ORG Tue Sep 28 08:38:27 2004 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2473A16A4CE; Tue, 28 Sep 2004 08:38:27 +0000 (GMT) Received: from mail.dt.e-technik.uni-dortmund.de (mail.dt.E-Technik.Uni-Dortmund.DE [129.217.163.1]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7EE3D43D5A; Tue, 28 Sep 2004 08:38:26 +0000 (GMT) (envelope-from ma@dt.e-technik.uni-dortmund.de) Received: from localhost (localhost [127.0.0.1])98B6940C12; Tue, 28 Sep 2004 10:38:25 +0200 (CEST) Received: from mail.dt.e-technik.uni-dortmund.de ([127.0.0.1]) by localhost (krusty [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 31704-05; Tue, 28 Sep 2004 10:38:25 +0200 (CEST) Received: from m2a2.dyndns.org (p508EF02B.dip.t-dialin.net [80.142.240.43]) 2F3CB40BC7; Tue, 28 Sep 2004 10:38:25 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) by merlin.emma.line.org (Postfix) with ESMTP id 5DD09C8FBA; Tue, 28 Sep 2004 10:38:24 +0200 (CEST) Received: from merlin.emma.line.org ([127.0.0.1]) by localhost (m2a2.dyndns.org [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 11131-04-2; Tue, 28 Sep 2004 10:38:24 +0200 (CEST) Received: by merlin.emma.line.org (Postfix, from userid 500) id 04F78C8F94; Tue, 28 Sep 2004 10:38:24 +0200 (CEST) To: Ruslan Ermilov In-Reply-To: <20040928071758.GB14942@ip.net.ua> (Ruslan Ermilov's message of "Tue, 28 Sep 2004 10:17:58 +0300") References: <20040927224353.845381B217@merlin.emma.line.org> <20040928043351.GA2400@frontfree.net> <20040928071758.GB14942@ip.net.ua> From: Matthias Andree Date: Tue, 28 Sep 2004 10:38:23 +0200 Message-ID: User-Agent: Gnus/5.110003 (No Gnus v0.3) Emacs/21.3 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Virus-Scanned: by amavisd-new at dt.e-technik.uni-dortmund.de cc: current@FreeBSD.org cc: Matthias Andree Subject: Re: bin/72138: libc.so.5 isn't installed in a safe way X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Sep 2004 08:38:27 -0000 Ruslan Ermilov writes: > On Tue, Sep 28, 2004 at 12:33:51PM +0800, Xin LI wrote: >> (-CURRENT is cc'ed for a boarder review) >> >> I fell like this idea, and here is the patch for review: >> >> Index: Makefile >> =================================================================== >> RCS file: /r/ncvs/src/lib/libc/Makefile,v >> retrieving revision 1.52 >> diff -u -r1.52 Makefile >> --- Makefile 14 May 2004 12:04:29 -0000 1.52 >> +++ Makefile 28 Sep 2004 04:30:26 -0000 >> @@ -16,6 +16,7 @@ >> CFLAGS+=-I${.CURDIR}/include -I${.CURDIR}/../../include >> CFLAGS+=-I${.CURDIR}/${MACHINE_ARCH} >> CLEANFILES+=tags >> +SHLINSTALLFLAGS+= -S >> INSTALL_PIC_ARCHIVE= yes >> PRECIOUSLIB= yes >> > I like the idea so much, that I suggest this instead: > > %%% > Index: bsd.lib.mk > =================================================================== > RCS file: /home/ncvs/src/share/mk/bsd.lib.mk,v > retrieving revision 1.160 > diff -u -r1.160 bsd.lib.mk > --- bsd.lib.mk 7 May 2004 09:58:36 -0000 1.160 > +++ bsd.lib.mk 28 Sep 2004 07:13:18 -0000 > @@ -187,9 +187,12 @@ > > .if !target(install) > > -.if defined(PRECIOUSLIB) && !defined(NOFSCHG) > +.if defined(PRECIOUSLIB) > +.if !defined(NOFSCHG) > SHLINSTALLFLAGS+= -fschg > .endif > +SHLINSTALLFLAGS+= -S > +.endif > > _INSTALLFLAGS:= ${INSTALLFLAGS} > .for ie in ${INSTALLFLAGS_EDIT} > %%% I must say that although Xin's patch will certainly work well to address my original PR, I like Ruslan's idea better, because it appears to work for all precious libraries, not just libc. But there is more "precious" stuff, /bin, /sbin, /boot (including kernel), /rescue (I was glad I had the latter, otherwise my system would have been dead.) Using -S for the whole system might be a bit slow without softupdates (or async, which I do not favor) but would not be a bad idea from a robustness point of view which I personally prefer. -- Matthias Andree Encrypted mail welcome: my GnuPG key ID is 0x052E7D95 (PGP/MIME preferred)