From 519bc416cacec66da6845e4da0d24bd597a03541 Mon Sep 17 00:00:00 2001 From: Yaroslav Tykhiy Date: Wed, 31 Oct 2007 09:26:42 +0000 Subject: [PATCH] Decouple the install tools from the main system as much as possible. I.e., not only copy them to a scratch dir, but also make them use saved copies of libraries and locale files. That gives us several benefits: 1) ABI breakages should no longer affect installworld over the live system. 2) It becomes safe to run installworld while still running the old kernel. However, it can be reasonable to save the old /rescue before that to be able to run the old reboot(8), as the new binaries are rather likely to fail with the old kernel. Anyhow, it's now possible to upgrade a system in a single reboot _reliably_. 3) With a bit of hackery around rtld(8), it becomes possible to do destructive cross-installs, e.g., i386->amd64 over the live system. The only shared item left between the old and new systems is rtld(8), which cannot be run from a saved copy easily because its full pathname is stored in the respective field of each ELF executable. (In theory, that field could be overridden, e.g., from the environment, but this can lead to security issues.) That's why a destructive cross-install isn't possible w/o hackery yet. Fruitful ideas by: ru Reviewed by: ru Tested with: audit(4) --- Makefile.inc1 | 50 ++++++++++++++++++++++++++++++++++---------------- 1 file changed, 34 insertions(+), 16 deletions(-) diff --git a/Makefile.inc1 b/Makefile.inc1 index e64fd4b47387..4447bdc43f1e 100644 --- a/Makefile.inc1 +++ b/Makefile.inc1 @@ -159,7 +159,14 @@ XPATH= ${WORLDTMP}/usr/sbin:${WORLDTMP}/usr/bin:${WORLDTMP}/usr/games STRICTTMPPATH= ${BPATH}:${XPATH} TMPPATH= ${STRICTTMPPATH}:${PATH} +# +# Avoid running mktemp(1) unless actually needed. +# It may not be functional, e.g., due to new ABI +# when in the middle of installing over this system. +# +.if make(distributeworld) || make(installworld) INSTALLTMP!= /usr/bin/mktemp -d -u -t install +.endif # # Building a world goes through the following stages @@ -265,14 +272,16 @@ LIB32IMAKE= ${LIB32WMAKE:NINSTALL=*:NDESTDIR=*} -DNO_INCS .endif # install stage -.if empty(.MAKEFLAGS:M-n) -IMAKEENV= ${CROSSENV} \ - PATH=${STRICTTMPPATH}:${INSTALLTMP} -.else -IMAKEENV= ${CROSSENV} \ - PATH=${TMPPATH}:${INSTALLTMP} -.endif +IMAKEENV= ${CROSSENV} IMAKE= ${IMAKEENV} ${MAKE} -f Makefile.inc1 +.if empty(.MAKEFLAGS:M-n) +IMAKEENV+= PATH=${STRICTTMPPATH}:${INSTALLTMP} \ + LD_LIBRARY_PATH=${INSTALLTMP} \ + PATH_LOCALE=${INSTALLTMP}/locale +IMAKE+= __MAKE_SHELL=${INSTALLTMP}/sh +.else +IMAKEENV+= PATH=${TMPPATH}:${INSTALLTMP} +.endif # kernel stage KMAKEENV= ${WMAKEENV} @@ -563,6 +572,14 @@ installcheck_UGID: fi .endfor +# +# Required install tools to be saved in a scratch dir for safety. +# +ITOOLS= [ awk cap_mkdb cat chflags chmod chown \ + date echo egrep find grep install-info \ + ln lockf make mkdir mtree mv pwd_mkdb rm sed sh sysctl \ + test true uname wc zic + # # distributeworld # @@ -574,19 +591,20 @@ installcheck_UGID: # distributeworld installworld: installcheck mkdir -p ${INSTALLTMP} - for prog in [ awk cap_mkdb cat chflags chmod chown \ - date echo egrep find grep install-info \ - ln lockf make mkdir mtree mv pwd_mkdb rm sed sh sysctl \ - test true uname wc zic; do \ + for prog in ${ITOOLS}; do \ if progpath=`which $$prog`; then \ - cp $$progpath ${INSTALLTMP}; \ + progs="$$progs $$progpath"; \ else \ - echo "Required install tool $$prog not found" >&2; \ + echo "Required tool $$prog not found in PATH." >&2; \ exit 1; \ fi; \ - done - ${_+_}cd ${.CURDIR}; ${IMAKE} re${.TARGET:S/world$//} - rm -rf ${INSTALLTMP} + done; \ + cp $$progs ${INSTALLTMP}; \ + cp `ldd -f "%p\n" -f "%p\n" $$progs 2>/dev/null | \ + sort -u` ${INSTALLTMP} + cp -R $${PATH_LOCALE:-"/usr/share/locale"} ${INSTALLTMP}/locale + ${_+_}cd ${.CURDIR}; ${IMAKE} re${.TARGET:S/world$//}; \ + ${IMAKEENV} rm -rf ${INSTALLTMP} # # reinstall