From nobody Sun Apr 13 02:51:17 2025 X-Original-To: freebsd-current@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4ZZw0n1lR4z5sQZW for ; Sun, 13 Apr 2025 02:51:21 +0000 (UTC) (envelope-from agh@riseup.net) Received: from mx1.riseup.net (mx1.riseup.net [198.252.153.129]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "mx1.riseup.net", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4ZZw0l46JYz3WGd for ; Sun, 13 Apr 2025 02:51:19 +0000 (UTC) (envelope-from agh@riseup.net) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=riseup.net header.s=squak header.b=rhomc83p; dmarc=pass (policy=none) header.from=riseup.net; spf=pass (mx1.freebsd.org: domain of agh@riseup.net designates 198.252.153.129 as permitted sender) smtp.mailfrom=agh@riseup.net Received: from fews02-sea.riseup.net (fews02-sea-pn.riseup.net [10.0.1.112]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx1.riseup.net (Postfix) with ESMTPS id 4ZZw0j5Xk9zDqdP for ; Sun, 13 Apr 2025 02:51:17 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=riseup.net; s=squak; t=1744512677; bh=hnbh/aGIdis/mJPLTxtJ0EV2q0tehYyjamEeOi6YxJA=; h=Date:From:To:Subject:From; b=rhomc83pEJl8881jXiiGbSpta5/ji3Lgs1ZbP01sF4cf6//sIgiW9w7BpCfhV9NxT myyEOf/C4HYRHSRVWNjdqvxkZtZUEyue6enRZ0JpN3IoWop5kFdobb6ris9RCy8bpR wxCw+YqNOylN1nRjBtOkIXvS8DQWEopZ7/LFZZpE= X-Riseup-User-ID: A38BE82B4EFB54416A9F46AF17B4B9464110F5EA3C78576D686EF2E3E94D3138 Received: from [127.0.0.1] (localhost [127.0.0.1]) by fews02-sea.riseup.net (Postfix) with ESMTPSA id 4ZZw0j4W7vzFsj7 for ; Sun, 13 Apr 2025 02:51:17 +0000 (UTC) List-Id: Discussions about the use of FreeBSD-current List-Archive: https://lists.freebsd.org/archives/freebsd-current List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-current@FreeBSD.org MIME-Version: 1.0 Date: Sun, 13 Apr 2025 02:51:17 +0000 From: Alastair Hogge To: freebsd-current@freebsd.org Subject: etcupdate failed to build tree with read-only /usr/src Message-ID: Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Spamd-Result: default: False [-1.08 / 15.00]; DWL_DNSWL_LOW(-1.00)[riseup.net:dkim]; NEURAL_SPAM_MEDIUM(1.00)[0.999]; NEURAL_SPAM_LONG(1.00)[0.998]; NEURAL_HAM_SHORT(-0.88)[-0.882]; DMARC_POLICY_ALLOW(-0.50)[riseup.net,none]; R_DKIM_ALLOW(-0.20)[riseup.net:s=squak]; R_SPF_ALLOW(-0.20)[+a:mx1.riseup.net]; MIME_GOOD(-0.10)[text/plain]; RWL_MAILSPIKE_GOOD(-0.10)[198.252.153.129:from]; RCVD_IN_DNSWL_LOW(-0.10)[198.252.153.129:from]; TO_MATCH_ENVRCPT_ALL(0.00)[]; RECEIVED_HELO_LOCALHOST(0.00)[]; RCVD_COUNT_TWO(0.00)[2]; MID_RHS_MATCH_FROM(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; FROM_EQ_ENVFROM(0.00)[]; ARC_NA(0.00)[]; TO_DN_NONE(0.00)[]; RCVD_TLS_ALL(0.00)[]; DKIM_TRACE(0.00)[riseup.net:+]; RCVD_VIA_SMTP_AUTH(0.00)[]; RBL_SENDERSCORE_REPUT_8(0.00)[198.252.153.129:from]; MLMMJ_DEST(0.00)[freebsd-current@freebsd.org]; ASN(0.00)[asn:16652, ipnet:198.252.153.0/24, country:US]; MIME_TRACE(0.00)[0:+]; MISSING_XM_UA(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-current@freebsd.org]; FROM_HAS_DN(0.00)[] X-Rspamd-Queue-Id: 4ZZw0l46JYz3WGd X-Spamd-Bar: - Hello, I am updating a 15-CURRENT host from 1016b3c344350fa5968f16852e5e4e388c51d817[1] (2025-03-08 18:28:50 +0000) to 63578bf225df37944b78febfb177e8c1c81f54e4[2] (2025-04-12 19:50:06 +0000). My update process is as follows: $ cat /home/agh/tasks/update-host #!/bin/sh -ex UPDATE_HOST_HOST="$(hostname -s)" (cd /usr/src && \ env MAKEOBJDIRPREFIX=/tmp/${UPDATE_HOST_HOST} make -j64 buildworld && \ env MAKEOBJDIRPREFIX=/tmp/${UPDATE_HOST_HOST} make -j64 buildkernel) (echo "env MAKEOBJDIRPREFIX=/tmp/${UPDATE_HOST_HOST} make installkernel") (echo "env MAKEOBJDIRPREFIX=/tmp/${UPDATE_HOST_HOST} make installworld") You can see that I build kernel, and world from a non-root user, into a tmpfs prefix. /usr/src is mounted read-only from a NFS exported checkout. The git checkout is owned by a non-root user: $ mount -p | grep "/usr/src" /exports/fafnir/git/freebsd/src/main /usr/src nullfs ro 0 0 After the build processes complete, I then switch to root, to start the upgrade: $ doas su - # cd /usr/src # etcupdate -p # env MAKEOBJDIRPREFIX=/tmp/fafnir make installkernel # env MAKEOBJDIRPREFIX=/tmp/fafnir make installworld # etcupdate Here etcupdate exits with, "Failed to build new tree." I used git bisect to find the commit[3] where my update process broke: commit 49bc071f40886af46eb90467dfef6cba5f95beec Author: Mark Johnston Date: Mon Apr 7 12:42:08 2025 +0000 nsswitch.conf: Avoid modification after installation To implement WITHOUT_NIS, we have a hack in the build which modifies the installed nsswitch.conf to remove NIS compat providers and databases. This hack operates on the installed nsswitch.conf, which means that the installed file size won't match that listed in the metalog. One option would be to maintain two copies of nsswitch.conf, one for each configuration, but that would result in duplication and I don't see a clear way around that. Instead, stage a copy of nsswitch.conf in the libc objdir, and modify that one before installing, so that the version recorded in the metalog matches what actually gets installed. PR: 209718 Reviewed by: kevans, emaste Sponsored by: Klara, Inc. Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D49300 Is my update process flawed? Is updating from a read-only ${SRC} not an option anymore, or never was meant to be an option? Is it possible configure etcupdate to build the current tree in a custom build prefix? A snippet from the etcupdate log: # tail -n40 /var/db/etcupdate/log ===> lib/csu (installconfig) ===> lib/csu/amd64 (installconfig) ===> lib/libc (installconfig) installing DIRS CONFSDIR install -N /usr/src/etc -d -m 0755 -o root -g wheel /var/db/etcupdate/etcupdate-JN3IPm7/etc install -N /usr/src/etc -C -o root -g wheel -m 644 /usr/src/etc/group /var/db/etcupdate/etcupdate-JN3IPm7/etc/group install -N /usr/src/etc -C -o root -g wheel -m 600 /usr/src/etc/master.passwd /var/db/etcupdate/etcupdate-JN3IPm7/etc/master.passwd install -N /usr/src/etc -C -o root -g wheel -m 644 /usr/src/etc/shells /var/db/etcupdate/etcupdate-JN3IPm7/etc/shells install -N /usr/src/etc -C -o root -g wheel -m 644 net/hosts /var/db/etcupdate/etcupdate-JN3IPm7/etc/hosts install -N /usr/src/etc -C -o root -g wheel -m 644 net/hosts.equiv /var/db/etcupdate/etcupdate-JN3IPm7/etc/hosts.equiv install -N /usr/src/etc -C -o root -g wheel -m 644 net/networks /var/db/etcupdate/etcupdate-JN3IPm7/etc/networks cp -f /usr/src/lib/libc/net/nsswitch.conf /usr/src/lib/libc/nsswitch.conf cp: /usr/src/lib/libc/nsswitch.conf: Read-only file system *** Error code 1 Stop. make[5]: stopped making "installconfig" in /usr/src/lib/libc *** Error code 1 Stop. make[4]: stopped making "installconfig" in /usr/src/lib *** Error code 1 Stop. make[3]: stopped making "installconfig" in /usr/src *** Error code 1 Stop. make[2]: stopped making "distribution" in /usr/src *** Error code 1 Stop. make[1]: stopped making "installetc" in /usr/src *** Error code 1 Stop. make: stopped making "installetc" in /usr/src rm: /var/db/etcupdate/etcupdate-JN3IPm7/var/empty: Operation not permitted rm: /var/db/etcupdate/etcupdate-JN3IPm7/var: Directory not empty rm: /var/db/etcupdate/etcupdate-JN3IPm7: Directory not empty 1: https://cgit.freebsd.org./src/commit/?id=1016b3c344350fa5968f16852e5e4e388c51d817 2: https://cgit.freebsd.org./src/commit/?id=63578bf225df37944b78febfb177e8c1c81f54e4 3: https://cgit.freebsd.org./src/commit/?id=49bc071f40886af46eb90467dfef6cba5f95beec -- To good health, Alastair