Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 26 Nov 2015 19:44:52 +0100
From:      Miroslav Lachman <000.fbsd@quip.cz>
To:        Mark Martinec <Mark.Martinec+freebsd@ijs.si>, freebsd-stable@FreeBSD.org
Subject:   Re: A recent 10.2-STABLE no longer builds on a no-exec /usr/src file system
Message-ID:  <56575324.9070400@quip.cz>
In-Reply-To: <636a770981c5655f3cc45f2c6aee6474@mailbox.ijs.si>
References:  <636a770981c5655f3cc45f2c6aee6474@mailbox.ijs.si>

next in thread | previous in thread | raw e-mail | index | archive | help
Mark Martinec wrote on 11/26/2015 19:31:
> Up to about a week ago building world on FreeBSD 10.2-STABLE went
> just fine. Today after svn update the build fails:
>
>
> # make buildworld
> [...]
>
> CC='cc ' mkdep -f .depend.getprotoent_test -a
> -I/usr/src/lib/libc/tests/net -I/usr/src/lib/libnetbsd
> -I/usr/src/contrib/netbsd-tests -std=gnu99
> /usr/src/contrib/netbsd-tests/lib/libc/net/t_getprotoent.c
> echo getprotoent_test: /usr/obj/usr/src/tmp/usr/lib/libc.a
> /usr/obj/usr/src/tmp/usr/lib/private/libatf-c.a >> .depend.getprotoent_test
> (cd /usr/src/lib/libc/tests/net && make -f
> /usr/src/lib/libc/tests/net/Makefile _RECURSING_PROGS=  SUBDIR=
> PROG=ether_aton_test  DEPENDFILE=.depend.ether_aton_test
> .MAKE.DEPENDFILE=.depend.ether_aton_test   depend)
> /usr/src/contrib/netbsd-tests/lib/libc/net/gen_ether_subr
> /usr/src/sys/net/if_ethersubr.c aton_ether_subr.c
> make[7]: exec(/usr/src/contrib/netbsd-tests/lib/libc/net/gen_ether_subr)
> failed (Permission denied)
> *** Error code 1
>
> Stop.
> make[7]: stopped in /usr/src/lib/libc/tests/net
> *** Error code 1
>
>
> It turns out that our file system /usr/src had an "exec" flag
> turned off, so now running a command:
>    /usr/src/contrib/netbsd-tests/lib/libc/net/gen_ether_subr
> fails with "Permission denied".
>
> It would be valuable if building a system on an exec-protected
> src file system would continue to be possible.
>
> Not sure if the /usr/src/contrib/netbsd-tests/lib/libc/net/gen_ether_subr
> is the only such new command breaking the build. Anyway, a simple
> workaround is to run shell from a command line instead of as a
> shebang, i.e.:
>
>    # /bin/sh /usr/src/contrib/netbsd-tests/lib/libc/net/gen_ether_subr
>
> instead of:
>
>    # /usr/src/contrib/netbsd-tests/lib/libc/net/gen_ether_subr

I was puzzled by similar thing years ago. I was using /var/db and /tmp 
mounted with noexec. And then there was some changes. Ports need /var/db 
with exec because of some script in /var/db/pkg and /tmp must have exec 
too for buildworld or installworld (I don't remember it well, now I 
always do mount -u -o current,exec /tmp before build + install world and 
kernel)

Anyway - it would be better to not have these partitions mounted with exec.

Miroslav Lachman




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?56575324.9070400>