ports/54970: emulators/linux_base Port Makefile "dangerous" for jails

Volker Stolz stolz at i2.informatik.rwth-aachen.de
Mon Jul 28 09:00:23 UTC 2003 

>Number:         54970
>Category:       ports
>Synopsis:       emulators/linux_base Port Makefile "dangerous" for jails
>Confidential:   no
>Severity:       serious
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Jul 28 02:00:20 PDT 2003
>Closed-Date:
>Last-Modified:
>Originator:     Volker Stolz
>Release:        FreeBSD 4.8-STABLE i386
>Organization:
Lehrstuhl für Informatik II
>Environment:
System: FreeBSD menelaos.informatik.rwth-aachen.de 4.8-STABLE FreeBSD 4.8-STABLE #4: Tue Apr 29 11:28:13 CEST 2003 root at menelaos.informatik.rwth-aachen.de:/usr/obj/usr/src/sys/MENELAOS i386


>Description:
The linux_base-port unconditionally unlinks the dev/null special device in
/compat/linux before it tries to create a new one with 'mknod'. If you are
doing this in a jail, you will not be able to create a new special device
for dev/null inside the jail without manual intervention of the admin of the
host providing the jail!

This especially means that it is dangerous to try to upgrade linux_base port
because you will have an incomplete installation or even none at all until the
admin provides you with a new dev/null from outside the jail.

Luckily, my hoster doesn't charge for this and is rather quick in responding to
such queries, but for others, this might cause maintenance nightmares and even
incur additional costs.
>How-To-Repeat:
Inside a jail, try installing or upgrading linux_base. It will fail at the
point of invoking ${MKNOD}.

>Fix:
Several solutions come to mind.

1) Detect if running in jail and prompt a warning or skip the
  rm/mknod part, maybe check if the existing special device is usable.
  I'm not sure if it currently is possible to detect if you're running
  inside a jail (apart from some failing syscalls, that is).

2) Mark this port INTERACTIVE, prompt a warning and require a
    confirmation.

3) Don't remove the existing special device at all, but only
    create it when installing it for the first time.
>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-ports-bugs mailing list