New mergemaster option -I, failsafe install files

Doug Barton dougb at
Wed May 13 22:50:25 UTC 2009

Jeremie Le Hen wrote:
> On Sun, May 10, 2009 at 09:54:42PM -0700, Doug Barton wrote:
>> Jeremie Le Hen wrote:
>>> Hi Doug,
>>> As you may guess from my multiple emails, I'm in the process of
>>> upgrading my jails :-).
>>> Since I have one jail per service, a very few number of configuration
>>> files are modified on each jail.  As most of user of FreeBSD I think,
>>> I'm used to run "mergemaster -iU" to automate the process as much as
>>> possible.  The problem with service jails (chapter 15.6.1 of the
>>> handbook) is that / is read-only mounted on all jails, /etc /var /root
>>> and a few other places being symlinks to /s, the private read-write
>>> space of each jail.  Thus when mergemaster tries to update
>>> /boot/devices.hints it fails and abort.
>> I think the way to solve this problem would be with an
>> MM_PRE_COMPARE_SCRIPT that deletes /boot/device.hints (and any other
>> relevant files) from the temproot. If they are not present in that
>> directory when the comparison starts then it's a non-issue.
> Actually, /boot belongs to the read/only nullfs mount, so it is not
> possible to use MM_PRE_COMPARE_SCRIPT from the jail.  The only way to
> handle this currently is to remove /boot from the jail template.
> I'm Cc:ing -doc@ because chapter 15.6.1 of the handbook (service jails)
> needs to be updated to remove /boot from the jail template "mroot".

I think you misunderstood my suggestion. I was not suggesting to do
anything to the files on the installed system (whether in the jail or
in the host). The temproot that I was referring to is the path that
mergemaster installs the files to prior to comparing them to the
installed versions. When it starts the comparison it simply runs
through every file in the temproot and compares it to the equivalent
on the live system. If a given file is removed from the temproot
before the comparison starts, nothing further will happen with that file.

I think something like this would do what you want, it's a modified
version of one that I used for a long time before I added the


# NOTE: No PATH needed, because mm's PATH is already draconian enough

case "${PRE_WORLD}" in
'')	rm -f ${TEMPROOT}/boot/device.hints ;;

You could also try adding the following to either /etc/mergemaster.rc
or ~/.mergemasterrc:


That _should_ work, but the first method will work for sure.




    This .signature sanitized for your protection

More information about the freebsd-current mailing list