2002-Sep-30
Noticed on security report some directories had wrong permissions. Several were writable, like etc, etc/defaults, etc/mtree and more. (Looking back to the 425kB security report from the first morning after upgrade, I see it had this problem in it too.)I fixed these, but I don't know how it happened in first place. I had untarred etc.tgz file, and I know my umask didn't cause that. (And I tried again for testing, and the permissions were correct.)
And I saw skel was writable too. So I fixed it. I send-pr'd a patch for this: misc/18476.
Looking around I saw world-writable directories like: /var/spool/texfonts/tfm, /var/spool/texfonts/source /var/spool/uucppublic, /var/spool/sockets and writable files under un-writable postfix directories.
build.sh should check for gnu sources instead of later failing if missing:
nbmake: "/home/src/usr/src/tools/dbsym/../Makefile.host" line 26: Could not find /home/src/usr/src/tools/dbsym/../../gnu/usr.sbin/dbsym/Makefile nbmake: Fatal errors encountered -- cannot continue(I fixed by unpacking gnusrc.tgz.) And it should check for usr.sbin/config too instead of:
nbmake: "/home/src/usr/src/tools/config/../Makefile.host" line 26: Could not find /home/src/usr/src/tools/config/../../usr.sbin/config/Makefile nbmake: Fatal errors encountered -- cannot continue(Fixed by untarring syssrc.tgz.)
I used: "time ./build.sh -U -D /home/src". The -U switch for unprivileged (no root needed). The 1.6 build was quick:
real 81m54.513s user 27m36.166s sys 5m35.056sWhen finished it complained about missing /etc files (but "build" target does not do etc, but "distribution" target does). For unprivileged, it created a METALOG file with mtree(8) specifications. For example, the make did:
(cd /home/src/usr/src/gnu/usr.bin/texinfo/install-info && /home/src/usr/src/tools/obj/tools.NetBSD-1.6_RC1-i386/bin/nbmake infodir-meta) echo "/home/src/usr/share/info/dir type=file mode=0644 uname=root gname=wheel" | sed -e 's|^/|./|g' -e 's|//|/|g' | /home/src/usr/src/tools/obj/tools.NetBSD-1.6_RC1-i386/bin/nbcat -l >>/home/src/METALOGSome example entries in the 12923-line METALOG were:
./home/src type=dir mode=0755 uname=root gname=wheel ./home/src/sys type=link mode=0755 link=usr/src/sys uname=root gname=wheel ./home/src/usr/include/a.out.h type=file mode=0444 uname=root gname=wheel ... ./home/src/usr/lkm/coda.o type=file mode=0444 uname=root gname=wheel ./home/src/usr/share/man/whatis.db type=file mode=0444 uname=root gname=wheel ./home/src/usr/share/info/dir type=file mode=0644 uname=root gname=wheelThen pax(1) can be used with -M option to override real permissions/times with those from specification file. This is done in distrib/sets/maketars. So no superuser privileges needed!