git: 6b2993e74eba - main - packages: fix ownership of /tmp and /dev

Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: Lexi Winter <ivy_at_FreeBSD.org>
Date: Wed, 04 Jun 2025 06:22:37 UTC
The branch main has been updated by ivy:

URL: https://cgit.FreeBSD.org/src/commit/?id=6b2993e74ebaacd46bd1e438787c23450cd2752d

commit 6b2993e74ebaacd46bd1e438787c23450cd2752d
Author:     Lexi Winter <ivy@FreeBSD.org>
AuthorDate: 2025-06-04 05:38:48 +0000
Commit:     Lexi Winter <ivy@FreeBSD.org>
CommitDate: 2025-06-04 05:38:48 +0000

    packages: fix ownership of /tmp and /dev
    
    release/packages/runtime.ucl manually adds "/tmp" and "/dev" to the
    "directories" key, which causes them to be included in the manifest
    with the user/group owner of whoever built the package repository:
    
    drwxr-xr-x   7 ivy wheel 512 Jun  1 17:24 /dev
    drwxrwxrwt  10 ivy wheel  10 Jun  1 17:42 /tmp
    
    Remove the manual entries and instead put an explicit package tag
    in etc/mtree/BSD.root.dist.  This also means /tmp gets the right
    mode by default and we can remove the chmod from the post-install
    script.
    
    Reviewed by:    manu, kevans, emaste
    Approved by:    kevans (mentor)
    Differential Revision:  https://reviews.freebsd.org/D50636
---
 etc/mtree/BSD.root.dist      | 4 ++--
 release/packages/runtime.ucl | 5 -----
 2 files changed, 2 insertions(+), 7 deletions(-)

diff --git a/etc/mtree/BSD.root.dist b/etc/mtree/BSD.root.dist
index add31410f633..1312251cdd9e 100644
--- a/etc/mtree/BSD.root.dist
+++ b/etc/mtree/BSD.root.dist
@@ -38,7 +38,7 @@
         zfs
         ..
     ..
-    dev             mode=0555
+    dev             mode=0555 tags=package=runtime
     ..
     etc
         X11
@@ -136,7 +136,7 @@
     ..
     sbin
     ..
-    tmp             mode=01777
+    tmp             mode=01777 tags=package=runtime
     ..
     usr
     ..
diff --git a/release/packages/runtime.ucl b/release/packages/runtime.ucl
index 8a337c038fdd..b04bc32f33cc 100644
--- a/release/packages/runtime.ucl
+++ b/release/packages/runtime.ucl
@@ -3,10 +3,5 @@ scripts: {
     post-install = <<EOD
     pwd_mkdb -i -p -d  ${PKG_ROOTDIR}/etc ${PKG_ROOTDIR}/etc/master.passwd
     services_mkdb ${CAP_MKDB_ENDIAN} -q -o ${PKG_ROOTDIR}/var/db/services.db ${PKG_ROOTDIR}/
-    chmod 1777 ${PKG_ROOTDIR}/tmp
 EOD
 }
-directories: {
-    /dev = "y";
-    /tmp = "y";
-}