Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 31 Mar 2007 16:00:19 +0100
From:      "Kimi Ostro" <kimimeister@gmail.com>
To:        "Jonathan Horne" <freebsd@dfwlp.com>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: updating a jail
Message-ID:  <42b497160703310800m37440ae2h4c98c813e5f6da53@mail.gmail.com>
In-Reply-To: <20070331090326.5c0a836d.freebsd@dfwlp.com>
References:  <20070331090326.5c0a836d.freebsd@dfwlp.com>

next in thread | previous in thread | raw e-mail | index | archive | help
On 31/03/07, Jonathan Horne <freebsd@dfwlp.com> wrote:
> im still working on updating 2 jails.  i nullfs mounted /usr/src /usr/obj from my host into my jails, and tried to installworld, but got this error:
>
> ===> lib/libcrypt (install)
> install -C -o root -g wheel -m 444   libcrypt.a /usr/lib
> install -C -o root -g wheel -m 444   libcrypt_p.a /usr/lib
> install -s -o root -g wheel -m 444   -fschg -S  libcrypt.so.3 /lib
> install: rename: /lib/INS@eggs to /lib/libcrypt.so.3: Operation not permitted
> *** Error code 71
>
> Stop in /usr/src/lib/libcrypt.
> *** Error code 1
>
> Stop in /usr/src/lib.
> *** Error code 1
>
> Stop in /usr/src.
> *** Error code 1
>
> Stop in /usr/src.
> *** Error code 1
>
> Stop in /usr/src.
> *** Error code 1
>
> Stop in /usr/src.
>
> the jail manpage is easy enough to follow, but IMO mastering management and maintenance is much more difficult to learn without good documented guidance.  i know many have recommended that i try ezjail and such, but im one of those guys who refuses to pay someone to fix my own car until i fully understand why such an operation is too far above my head.  same glutton for pain stance for me on computer stuff too... i force myself to understand the canonical methods first, before i start taking advantage of shortcuts.
>
> so... how do i get over or past this error?
>

do you fiddle with securelevels? check the file flags on
/lib/libcrypt.so.3 with ls -lo

also what is value of sysctl security.jail.chflags_allowed ?

I used a different strategy:

/var/jail/jail0 - contains a full buildworld
/var/jail/jail1 - is a unionfs from jail0
/var/jail/jailX - as jail1

jail0 has nfs mounted /usr/src and /usr/obj - this way I can jexec 1
/bin/csh do the whole buildworld mergemaster dance - only thing that
is nullfs mounted is /tmp. I also do a mksnap_ffs before updating just
incase things break & change security.jail.chflags_allowed before and
after the installworld part.

> thanks,
> jonathan

--
Kimi



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?42b497160703310800m37440ae2h4c98c813e5f6da53>