From nobody Mon Oct 20 07:06:52 2025 X-Original-To: freebsd-stable@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4cqmh51wp7z6DMLG for ; Mon, 20 Oct 2025 07:07:01 +0000 (UTC) (envelope-from drsnx60@gmail.com) Received: from mail-lf1-x133.google.com (mail-lf1-x133.google.com [IPv6:2a00:1450:4864:20::133]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "WR4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4cqmh44HXhz3Tmt for ; Mon, 20 Oct 2025 07:07:00 +0000 (UTC) (envelope-from drsnx60@gmail.com) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20230601 header.b=YqiuFLq0; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of drsnx60@gmail.com designates 2a00:1450:4864:20::133 as permitted sender) smtp.mailfrom=drsnx60@gmail.com Received: by mail-lf1-x133.google.com with SMTP id 2adb3069b0e04-57a59124323so4110212e87.2 for ; Mon, 20 Oct 2025 00:07:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1760944014; x=1761548814; darn=freebsd.org; h=in-reply-to:organization:from:content-language:references:to :subject:user-agent:mime-version:date:message-id:from:to:cc:subject :date:message-id:reply-to; bh=w9pIeFSJ55YWaZNI1Vh2E6WrUCNh9MpLdrGhdyhiWRw=; b=YqiuFLq0nx08RjpkZpooHEYxfGHrzZciDCbchHtPAkyW8PeV98vZwES/e9mdHzgiPQ CSbgpiejA3r0zYoumVdI04gOmT0bDKnt0dqpoixT//sim+WGBF00OAmlwsr79B5iF7gE PhbeMKRQQuKoq8w0oqAR59aJRh9vvEIRe3dIBkrzLxc1PgAhZhitGey31Ua3mkDe5YwL 7FhLGgcdldNsC1mhM7tnIS9p0BfQI27M6uj629OaTzhA0dEry1ta8HIFyNjPSy74AS+f 8Riu1k/mq3L21Zz2hXbW6JolKyQ63fSTHkACVymrEJ/yekh9xSG4jZImL+KdILIgsfi5 Wjyg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1760944014; x=1761548814; h=in-reply-to:organization:from:content-language:references:to :subject:user-agent:mime-version:date:message-id:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=w9pIeFSJ55YWaZNI1Vh2E6WrUCNh9MpLdrGhdyhiWRw=; b=iC4Whlkcak+LI2064myMCyN2Xwta+OKK35uaO3ubVAm6/raxgxwA+c5ii2VQK5S9Nl gb9N7vfws5sd+Rxv1odfLtsl1UJjglaT8ppWH1yN00VtGkganyZKa0L+Q0VQCdLGLDFJ 4uoFHxCiZPIH2H8iIm2bkT45NY37s8vaFd4e64tuW6Hn5IhaRG/HqARHhGyCeG/mBIXg xzAH0MpNrXrzELH16k1wlP29Wl9kazze2jt7dJcKSns9/0cdtS6lLFyoFNvn3i8icGX+ QgWBBNSRuRzvzl3zeHTGr6z1RpBijVxgoQeVP9x4cPwYPb0RdhL7S+j8MXhkomjgulFE GTWg== X-Forwarded-Encrypted: i=1; AJvYcCVVcPZW+MVp3rVamRRu1MRyJrfYToChqA/aGfWjI1E8XqmiKwEF8sTOIxrM7V1VOMZsi6IM0IMwtqPwCruzOQ==@freebsd.org X-Gm-Message-State: AOJu0YyDrZAyxhkqsPybmlI2axXkKf+Lju3zClNuXs7/QvL7tW1LGOBh B054UUgRFCPvt+GLhFYLxC/2i55CUL9oyLHpmEBI8X2yR6sK+ZTtWizC X-Gm-Gg: ASbGncsTB7lvMR7TEPNW0Lxk0vjWJXp1gF+ZB44dv8MdANQJXT4jFA8kjaB3PcpqiUK fwHpW0HlHlSMd4fokB8agwnxaIbZb8ZhKGwcmMEWmsQacTq7SUc4yaXJDvpTAOK6ex4Cloxo4Bf oN1gM/wD/J/av3XUytmxR5DPCoOhG4iZhmuIL5z6VkhWxnKj2dAZ/vngtu/M8e5fl6RK/gYVz2n Om+UN+ufWIypOxq6MGhGUvbGw8ddJw/WdgjBa/TzSYABv3XZMi05EQHbSdPccmA0coy+FNNQzWw MSa9YEdwPwNAhv1yhUZ5l3K5jkMk/biV/NqKXH8ErieoM71jBpTbJBvvjuzsTZb4lPe788LQTZd mmwrkSzc5J8UaqGels1E51qhSSJ+cZTWdoV80IKsbD7VjTcBZ/iXo0UrI8OjUiMp/F6AJuF4gxA JMCxNxh0Gy6TWBFSD08PM8DBk+EErW+w== X-Google-Smtp-Source: AGHT+IGLEuAXTsEIouoRaQZ5BA6OosFJy9rjg5YITH2pA4b+jvyKUce2fbw5cASexR8js9UjN0IaJw== X-Received: by 2002:a05:6512:104a:b0:585:b359:4fb9 with SMTP id 2adb3069b0e04-591d8533ad5mr3368673e87.33.1760944013489; Mon, 20 Oct 2025 00:06:53 -0700 (PDT) Received: from [192.168.2.131] (host.62.13.8.86.bitcom.se. [62.13.8.86]) by smtp.gmail.com with ESMTPSA id 2adb3069b0e04-591def1be26sm2231892e87.91.2025.10.20.00.06.53 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 20 Oct 2025 00:06:53 -0700 (PDT) Content-Type: multipart/alternative; boundary="------------tPrl61IlTukk3RNoHN5CFyX4" Message-ID: <1404a698-13d8-4350-90ef-61bd89dbc33c@gmail.com> Date: Mon, 20 Oct 2025 09:06:52 +0200 List-Id: Production branch of FreeBSD source code List-Archive: https://lists.freebsd.org/archives/freebsd-stable List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: freebsd-stable@freebsd.org Sender: owner-freebsd-stable@FreeBSD.org MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: FreeBSD 15.0-BETA2 Now Available To: FreeBSD Release Engineering Team , freebsd-stable@FreeBSD.org References: <20251018212218.B3B58B199@freefall.freebsd.org> Content-Language: sv-SE From: Lars Tunkrans Organization: Retiered In-Reply-To: <20251018212218.B3B58B199@freefall.freebsd.org> X-Spamd-Bar: -- X-Spamd-Result: default: False [-2.04 / 15.00]; NEURAL_HAM_MEDIUM(-1.00)[-0.998]; NEURAL_HAM_LONG(-0.97)[-0.966]; NEURAL_SPAM_SHORT(0.93)[0.927]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20230601]; R_SPF_ALLOW(-0.20)[+ip6:2a00:1450:4000::/36:c]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; RCPT_COUNT_TWO(0.00)[2]; FROM_HAS_DN(0.00)[]; HAS_ORG_HEADER(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; ARC_NA(0.00)[]; FREEMAIL_FROM(0.00)[gmail.com]; TO_DN_SOME(0.00)[]; RCVD_TLS_LAST(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; RCVD_VIA_SMTP_AUTH(0.00)[]; RCVD_COUNT_TWO(0.00)[2]; FROM_EQ_ENVFROM(0.00)[]; FREEMAIL_ENVFROM(0.00)[gmail.com]; TO_MATCH_ENVRCPT_SOME(0.00)[]; MLMMJ_DEST(0.00)[freebsd-stable@freebsd.org]; PREVIOUSLY_DELIVERED(0.00)[freebsd-stable@freebsd.org]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[2a00:1450:4864:20::133:from] X-Rspamd-Queue-Id: 4cqmh44HXhz3Tmt This is a multi-part message in MIME format. --------------tPrl61IlTukk3RNoHN5CFyX4 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit Den 2025-10-18 kl. 23:22, skrev Colin Percival: > The second beta build of the 15.0-RELEASE release cycle is now available. > -- I have  found  one  more  problem    When  the  ISO-Image  based installer runs  command   adduser(8)  at the  end  of  its  run  to create the initial users on  the system:    when  ZFS encrypted  $HOME   directory is  selected  in  the dialouge,  then  the  directory  is  created  owned by  root . *Below  the  user  "betaguest"   is  created by the  installer   with  encrypted   ZFS  home  directory * Also   the  user   "gammaguest"   is  created AFTER  installation  by running  adduser(8)    as  root. users  " alphaguest" and "deltaguest  are setup without  encrypted ZFS $HOMEs  by the installer  and  the  adduser(8)  respectivelly root@alderan:/home # pwd /home root@alderan:/home # ls -lasi total 44  34 9 drwxr-xr-x   7 root       wheel       7 Oct 20 08:37 .  34 9 drwxr-xr-x  20 root       wheel      22 Oct 20 08:33 ..  34 9 drwxr-xr-x   2 alphaguest alphaguest  9 Oct 20 08:28 alphaguest *128 1 drwxr-xr-x   2 root       wheel       2 Oct 20 08:30 betaguest*  34 9 drwxr-xr-x   2 deltaguest deltaguest  9 Oct 20 08:35 deltaguest  34 9 drwxr-xr-x   2 gammaguest gammaguest  9 Oct 20 08:37 gammaguest root@alderan:/home # zfs get all zroot/home/betaguest     (  not relevant  properties  removed.  ) NAME                  PROPERTY                VALUE    SOURCE root/home/betaguest  encryption              aes-256-gcm    - zroot/home/betaguest  keylocation             prompt     local zroot/home/betaguest  keyformat               passphrase     - zroot/home/betaguest  pbkdf2iters             350000     - zroot/home/betaguest  encryptionroot zroot/home/betaguest    - root@alderan:/home # zfs get all zroot/home/gammaguest      ( not  relevant  properties  removed.  ) NAME                   PROPERTY                VALUE      SOURCE zroot/home/gammaguest  encryption              aes-256-gcm      - zroot/home/gammaguest  keylocation             prompt     local zroot/home/gammaguest  keyformat               passphrase     - zroot/home/gammaguest  pbkdf2iters             350000     - zroot/home/gammaguest  encryptionroot zroot/home/gammaguest   - This  happens  on  several  systems    both  Intel  or AMD  based machines. When  the  Installer  runs  the  adduser(8)  subroutine,  It  failes in  setting  up  the  userpermissions  on  $HOME directory  when ZFS  Encryption  is  selected. when  adduser(8)  is  run  by the  sysadmin  after installtion it operates as  expected  giving  the  user  correct  permissions on $HOME  Regards ------------------------- Lars Tunkrans Oracle SPARC/Solaris System Administrator Fujitsu M12 SPARC Specilaist --------------tPrl61IlTukk3RNoHN5CFyX4 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 8bit


Den 2025-10-18 kl. 23:22, skrev Colin Percival:
The second beta build of the 15.0-RELEASE release cycle is now available.
-- 
I have  found  one  more  problem  
   When  the  ISO-Image  based installer runs  command   adduser(8)   at the  end  of  its  run  to create the initial users on  the  system: 
   when  ZFS encrypted  $HOME   directory is  selected  in  the  dialouge,  then  the  directory  is  created  owned by  root .

 

Below  the  user  "betaguest"   is  created by the  installer    with  encrypted   ZFS  home  directory  

Also   the  user   "gammaguest"   is  created AFTER  installation   by running  adduser(8)    as  root.  
users  " alphaguest" and "deltaguest  are setup without  encrypted ZFS $HOMEs  by the installer  and  the  adduser(8)  respectivelly  


root@alderan:/home # pwd
/home
root@alderan:/home # ls -lasi
total 44
 34 9 drwxr-xr-x   7 root       wheel       7 Oct 20 08:37 .
 34 9 drwxr-xr-x  20 root       wheel      22 Oct 20 08:33 ..
 34 9 drwxr-xr-x   2 alphaguest alphaguest  9 Oct 20 08:28 alphaguest
128 1 drwxr-xr-x   2 root       wheel       2 Oct 20 08:30 betaguest
 34 9 drwxr-xr-x   2 deltaguest deltaguest  9 Oct 20 08:35 deltaguest
 34 9 drwxr-xr-x   2 gammaguest gammaguest  9 Oct 20 08:37 gammaguest


root@alderan:/home # zfs get all zroot/home/betaguest     (  not  relevant  properties  removed.  )  
NAME                  PROPERTY                VALUE                   SOURCE

root/home/betaguest  encryption              aes-256-gcm             -
zroot/home/betaguest  keylocation             prompt                  local
zroot/home/betaguest  keyformat               passphrase              -
zroot/home/betaguest  pbkdf2iters             350000                  -
zroot/home/betaguest  encryptionroot          zroot/home/betaguest    -


root@alderan:/home # zfs get all zroot/home/gammaguest      (  not  relevant  properties  removed.  )  
NAME                   PROPERTY                VALUE                   SOURCE

zroot/home/gammaguest  encryption              aes-256-gcm             -
zroot/home/gammaguest  keylocation             prompt                  local
zroot/home/gammaguest  keyformat               passphrase              -
zroot/home/gammaguest  pbkdf2iters             350000                  -
zroot/home/gammaguest  encryptionroot          zroot/home/gammaguest   -
     

This  happens  on  several  systems    both  Intel  or AMD  based  machines. 
When  the  Installer  runs  the  adduser(8)  subroutine,  It  failes in  setting  up  the  userpermissions  on  $HOME 
directory  when ZFS  Encryption  is  selected. 
when  adduser(8)  is  run  by the  sysadmin  after installtion it operates as  expected  giving  the  user  correct  permissions on $HOME

 Regards 

-------------------------
Lars Tunkrans
Oracle SPARC/Solaris System Administrator
Fujitsu M12 SPARC Specilaist

--------------tPrl61IlTukk3RNoHN5CFyX4--