From yar@snark.rinet.ru  Wed Sep 26 00:20:11 2001
Return-Path: <yar@snark.rinet.ru>
Received: from snark.rinet.ru (snark.rinet.ru [195.54.192.73])
	by hub.freebsd.org (Postfix) with ESMTP id 56CFB37B414
	for <FreeBSD-gnats-submit@freebsd.org>; Wed, 26 Sep 2001 00:20:09 -0700 (PDT)
Received: (from yar@localhost)
	by snark.rinet.ru (8.11.6/8.11.6) id f8Q7K4l95116;
	Wed, 26 Sep 2001 11:20:04 +0400 (MSD)
	(envelope-from yar)
Message-Id: <200109260720.f8Q7K4l95116@snark.rinet.ru>
Date: Wed, 26 Sep 2001 11:20:04 +0400 (MSD)
From: Yar Tikhiy <yar@snark.rinet.ru>
Reply-To: Yar Tikhiy <yar@comp.chem.msu.su>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: Sysinstall doesn't set the schg flag on the sensitive files
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         30837
>Category:       bin
>Synopsis:       [sysinstall] sysinstall doesn't set the schg flag on the sensitive files
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    kensmith
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Wed Sep 26 00:30:02 PDT 2001
>Closed-Date:    Sun Dec 07 06:31:37 UTC 2008
>Last-Modified:  Sun Dec 07 06:31:37 UTC 2008
>Originator:     Yar Tikhiy
>Release:        FreeBSD 4.4-RELEASE i386
>Organization:
NASH monthly magazine
>Environment:
System: FreeBSD xxxx.xxxx.ru 4.4-RELEASE FreeBSD 4.4-RELEASE #0: Tue Sep 18 11:57 :08 PDT 2001     murray@builder.FreeBSD.org:/usr/src/sys/compile/GENERIC  i386

>Description:
	After install or upgrade procedure, sysinstall leaves /kernel,
	/sbin/init, /usr/bin/libc.so.*, and the whole bunch of other
	sensitive files with the system-immutable flag unset.
	It is rather unexpected to those admins who usually install
	or upgrade the system from source.

>How-To-Repeat:
	Do a fresh install or an upgrade.  See /kernel, /sbin/init etc
	have no schg flag.

>Fix:
	There are at least three possible ways to deal with the problem:

	First, sysinstall(8) may be taught to set the schg flag on the files.
	However, that would require maintaining the list of sensitive
	files within the sysinstall configuration while the information
	is already contained in the corresponding Makefiles.

	Second, tar(1) may be modified to save and restore file flags.
	This solution is likely to cause compatibility problems, though.

	Third, the current sysinstall vs. make world behaviour may be
	documented - as I can see, it isn't yet.
>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->qa 
Responsible-Changed-By: johan 
Responsible-Changed-When: Tue May 6 13:54:59 PDT 2003 
Responsible-Changed-Why:  
Over to maintainer group. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=30837 
Responsible-Changed-From-To: qa->freebsd-qa 
Responsible-Changed-By: jhb 
Responsible-Changed-When: Mon Aug 2 18:39:52 GMT 2004 
Responsible-Changed-Why:  
Canonicalize responsible. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=30837 
Responsible-Changed-From-To: freebsd-bugs->kensmith 
Responsible-Changed-By: kensmith 
Responsible-Changed-When: Wed Jan 2 10:01:47 UTC 2008 
Responsible-Changed-Why:  

I have a proof-of-concept patch that switches sysinstall over to using 
tar instead of cpio.  cpio doesn't honor file flags so when sysinstall 
uses it to unpack the "base" distribution any file flags info gets lost. 


http://www.freebsd.org/cgi/query-pr.cgi?pr=30837 
State-Changed-From-To: open->closed 
State-Changed-By: kensmith 
State-Changed-When: Sun Dec 7 06:29:53 UTC 2008 
State-Changed-Why:  

This is fixed in head.  Sysinstall has been modified to use bsdcpio 
instead of gnucpio, and bsdcpio has been fixed to honor the extra 
file attribute flags. 


http://www.freebsd.org/cgi/query-pr.cgi?pr=30837 
>Unformatted:
