freebsd-update.conf IgnorePaths linker.hints not working

Morhold freebsd-security at morhold.ru
Tue Jun 17 22:56:56 UTC 2014 

29.05.2014 6:03, Gregory Orange пишет:
> On 27/05/14 21:36, R. Scott Evans wrote:
>> On 05/26/14 10:00, Dag-Erling Smørgrav wrote:
>>> This was supposed to be fixed by the following errata notice:
>>> http://www.freebsd.org/security/advisories/FreeBSD-EN-14:04.kldxref.asc
>>
>> Well it is still broken after the 9.2-RELEASE-p6 also in that errata.
>>
>> The relevant thread in freebsd-questions:
>> http://lists.freebsd.org/pipermail/freebsd-questions/2014-May/258238.html 
>>
>
> I'm left wondering what to do next:
> * Should I simply delete linker.hints - would that cause unwanted 
> behaviour?
> * Should I instead move linker.hints aside before freebsd-update cron 
> & freebsd-update install, then move it back again? That seems to work 
> on a manual test, but seems ugly.
> * Should I post an official PR somewhere?
>
> Greg.
> _______________________________________________
> freebsd-security at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to 
> "freebsd-security-unsubscribe at freebsd.org"
>

Same here with 9.1-RELEASE-p14:

# freebsd-update fetch
...
The following files will be updated as part of updating to 9.1-RELEASE-p15:
/boot/kernel/linker.hints
#

So I just did like this:
   - copied /usr/sbin/freebsd-update to /usr/sbin/freebsd-update,my
   - applied to /usr/sbin/freebsd-update,my the following patch:

--- /usr/sbin/freebsd-update    2014-06-18 02:04:54.000000000 +0400
+++ /usr/sbin/freebsd-update,my 2014-06-18 02:08:12.000000000 +0400
@@ -2078,6 +2078,13 @@
         # Fetch files.
         fetch_files || return 1

+       mv INDEX-PRESENT INDEX-PRESENT,orig
+       grep -v '/boot/kernel/linker.hints' INDEX-PRESENT,orig > 
INDEX-PRESENT
+       rm INDEX-PRESENT,orig
+       mv INDEX-NEW INDEX-NEW,orig
+       grep -v '/boot/kernel/linker.hints' INDEX-NEW,orig > INDEX-NEW
+       rm INDEX-NEW,orig
+
         # Create and populate install manifest directory; and report what
         # updates are available.
         fetch_create_manifest || return 1

  - in /etc/crontab replaced "freebsd-update cron" to "freebsd-update,my 
cron"

Now waiting what will happen after.

More information about the freebsd-security mailing list