Existing passwd and group files overwritten by pkgbase upgrade

Matthew Seaman matthew at FreeBSD.org
Thu May 16 10:13:05 UTC 2019 

On 15/05/2019 21:11, Brad Davis wrote:
> On Wed, May 15, 2019, at 1:39 PM, Brad Davis wrote:
>> On Mon, May 13, 2019, at 8:39 AM, Emmanuel Vadot wrote:
>>> On Sun, 12 May 2019 20:24:04 -0700
>>> Ashley Chase <erisianash at gmail.com> wrote:
>>>
>>>> On Sat, May 11, 2019 at 03:44:10PM +0200, Emmanuel Vadot wrote:
>>>>> On Sat, 11 May 2019 15:23:21 +0200
>>>>> mj-mailinglist at gmx.de wrote:
>>>>>
>>>>>> Hi Ashley,
>>>>>>
>>>>>> I guess this change is the cause: https://reviews.freebsd.org/D20173
>>>>>> It marks the group and the master.passwd file for inclusion in the 
>>>>>> FreebSD-runtime package.
>>>>>> I tried this change on my 12 system, the files are included in the
>>>>>> package. You also see them in the runtime.plist file, but as regular file,
>>>>>> not marked as a config file, like the motd file for example.
>>>>>>  
>>>>>> ...
>>>>>> @(root,wheel,0644,) /etc/group
>>>>>> @(root,wheel,0600,) /etc/master.passwd
>>>>>> @config(root,wheel,0644,) /etc/motd
>>>>>> ...
>>>>>>  
>>>>>> i guess now the existing file is replaced by the new file, instead of beeing
>>>>>> merged with it.
>>>>>> i think, the tag "config" must be added to the above patch. But i am not sure,
>>>>>> what the sytnax looks like for this.
>>>>>>  
>>>>>> --
>>>>>> Martin
>>>>>>  
>>>>>>> After building and installing -CURRENT r347469 using in-tree pkgbase, I
>>>>>>> discovered that my /etc/group, /etc/passwd, /etc/master.passwd,
>>>>>>> /etc/pwd.db and /etc/spwd.db had been overwritten.
>>>>>>>  
>>>>>>> I encountered this after running 'make packages', installing into a
>>>>>>> ZFS Boot Environment using bectl to create and mount a new BE, running
>>>>>>> 'pkg -r $mounpoint upgrade -y' and 'pkg -r $mountpoint -yg "FreeBSD-*"'
>>>>>>> to upgrade the packages and insure that new base packages got installed,
>>>>>>> and finally unmounting and activating the BE.
>>>>>>>  
>>>>>>> ~Ashley Chase
>>>>>>> _______________________________________________
>>>>>>> freebsd-pkgbase at freebsd.org mailing list
>>>>>>> https://lists.freebsd.org/mailman/listinfo/freebsd-pkgbase[https://lists.freebsd.org/mailman/listinfo/freebsd-pkgbase]
>>>>>>> To unsubscribe, send any mail to "freebsd-pkgbase-unsubscribe at freebsd.org"
>>>>>>>  
>>>>>> _______________________________________________
>>>>>> freebsd-pkgbase at freebsd.org mailing list
>>>>>> https://lists.freebsd.org/mailman/listinfo/freebsd-pkgbase
>>>>>> To unsubscribe, send any mail to "freebsd-pkgbase-unsubscribe at freebsd.org"
>>>>>
>>>>>  Yes sorry that's my fault.
>>>>>  I beleive the included patch should work but I don't have time to test
>>>>> right now.
>>>>>
>>>>>  diff --git a/etc/Makefile b/etc/Makefile
>>>>> index ab70a94bc761..4b60868fe3dc 100644
>>>>> --- a/etc/Makefile
>>>>> +++ b/etc/Makefile
>>>>> @@ -69,9 +69,9 @@ distribution:
>>>>>  		rc.firewall ${DESTDIR}/etc;
>>>>>  .endif
>>>>>  	cd ${.CURDIR}; \
>>>>> -	    ${INSTALL} -o ${BINOWN} -g ${BINGRP} -m 644 -T
>>>>> "tags=package=runtime"\
>>>>> +	    ${INSTALL} -o ${BINOWN} -g ${BINGRP} -m 644 -T
>>>>> "tags=package=runtime,config"\ ${BIN1} ${DESTDIR}/etc; \
>>>>> -	    ${INSTALL} -o ${BINOWN} -g ${BINGRP} -m 600 -T
>>>>> "tags=package=runtime"\
>>>>> +	    ${INSTALL} -o ${BINOWN} -g ${BINGRP} -m 600 -T
>>>>> "tags=package=runtime,config"\ master.passwd ${DESTDIR}/etc;
>>>>>  
>>>>>  .if ${MK_TCSH} == "no"
>>>>>
>>>>>  I'll try to test soon and commit.
>>>>
>>>> This resolved the issue. Thank you.
>>>
>>>  I'll come up with a different version of the patch, the problem with
>>> this one is that we install rc.bsdextended as a config file while it's
>>> not one.
>>>  I also think that we should use CONFS for those file so the metadata
>>> will be added automatically.
>>>  I've reverted the commits for now.
>>
>> Unfortunately this is going to break again when I commit this: 
>> https://reviews.freebsd.org/D16728
>>
>> But once this goes in, the files will be properly tagged as a config 
>> file and merged properly in the future.
>>
>> Sorry in advance.
> 
> HEADS UP: This was committed as r347638.

So, I'm getting this in the nightly e-mails from my pkgbase VM (now that
I've fixed the mail system on it...):

Checking for packages with mismatched checksums:
FreeBSD-clibs-13.0.s20190515185144: /etc/hosts
FreeBSD-clibs-13.0.s20190515185144: /etc/shells
FreeBSD-runtime-13.0.s20190515185144: /etc/motd
FreeBSD-runtime-13.0.s20190515185144: /etc/syslog.conf
FreeBSD-ssh-13.0.s20190515185144: /etc/ssh/moduli
FreeBSD-ssh-13.0.s20190515185144: /etc/ssh/sshd_config

which I guess are just some more files that should be marked as config
files?  It make no sense for 'pkg check -s' to complain about
mis-matched checksums here, as these files are meant to be user modified.

	Cheers,

	Matthew




-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 963 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freebsd.org/pipermail/freebsd-pkgbase/attachments/20190516/a3fab563/attachment.sig>

More information about the freebsd-pkgbase mailing list