Summary: | ports-mgmt/pkg: pkg -r fails to run post install script. | ||
---|---|---|---|
Product: | Ports & Packages | Reporter: | Josef Karthauser <joe> |
Component: | Individual Port(s) | Assignee: | freebsd-pkg (Nobody) <pkg> |
Status: | In Progress --- | ||
Severity: | Affects Some People | CC: | dch, jeff+freebsd, lumiwa |
Priority: | --- | ||
Version: | Latest | ||
Hardware: | amd64 | ||
OS: | Any |
Description
Josef Karthauser
2017-03-27 08:55:13 UTC
you state --chroot but actually use -r which is not a chroot but a rootdir. btw do you know there is -j ? Sorry - you are right I wrongly reported it was a chroot option problem. Mea culpa. I was trying lots of things and it was late when I raise the bug. However, the install still fails with rootdir which is what I was reporting (although I thought it was a chroot issue): [1/1] Extracting influxdb-1.1.0: 100% cp: /usr/local/etc/influxd.conf.sample: No such file or directory pkg: POST-INSTALL script failed It looks like the POST-INSTALL script isn't being run in the context of the rootdir, which looks like an issue to me. (p.s. the reason I can't run -j is that the jail doesn't have network connectivity to the outside world - it's a vimage jail. Similarly running chromed doesn't work because it switches to using the resolv.conf within the chromed environment which isn't configured for the public network). I have a problem with pkg on FreeBSD 11-RELEASE too. I am using Synth and I update 745 ports and when start updateing it stopped at: Installing sndio-1.2.0_2... ===> Creating groups. Using existing group '_sndio'. ===> Creating users Creating user '_sndio' with uid '702'. pw: user '_sndio' disappeared during update pkg: PRE-INSTALL script failed Unfortunately, the system upgraded failed. It happened today March 29th. Confirming that -r / --rotdir does not appear to run the package scripts in a "sae" manner, resulting in failures and potentially corruption of the system, in general. Expected behavior: * Running `pkg -r /path/to/jail/root` would only impact files under /path/to/jail/root * With the possible exception of the pkg cache on the host file system Observed behavior: * Package scripts attempt to modify files relative to the host file system that are outside of the specified root Impact: * Host file system can be put into an inconsistent state Steps to replicate at the end of this comment. --- Observed that, as a repeatable example, `php74-xmlwriter-7.4.5` results in /bin/sh: cannot create /usr/local/include/php/ext/php_config.h: No such file or directory pkg: POST-INSTALL script failed This appears to be due to the post-install script using absolute path names. From `+MANIFEST` "scripts":{"post-install":"echo \\#include \\\"ext/xmlwriter/config.h\\\" >> /usr/local/include/php/ext/php_config.h","pre-deinstall":"cp /usr/local/include/php/ext/php_config.h /usr/local/include/php/ext/php_config.h.orig\ngrep -v ext/xmlwriter/config.h /usr/local/include/php/ext/php_config.h.orig > /usr/local/include/php/ext/php_config.h || true\n/bin/rm -f /usr/local/include/php/ext/php_config.h.orig"} Thankfully, my host system does not have /usr/local/include/php/ or I suspect the script would have corrupted the host system. While one can argue that this is also an error in the packages, installing a package to a target filesystem shouldn't overwrite the host system's data (with the potential exception of the package caches). There does not seem to be a workaround that I can find as the application is installing ports on jail filesystems for jails that intentionally do not have general network access. `pkg -j` is not an option as the jail needs to be running and the jail does not have access to the repos over the network. Running `pkg` from within the jail with `jexec` has the same issues. `pkg -c` first fails due to lack of `/etc/resolv.conf`. While `/etc/resolv.conf` could be overwritten, this would then allow a running jail access to DNS records that it ordinarily would not have (the jails also have no DNS access or restricted DNS views). Even adding an "unrestricted" `/etc/resolv.conf` still results in problems, with a lack of `/dev/null` being the next problem. TO REPLICATE ============ # create an empty file system, extract the base system sudo zfs create zroot-js-front-2020-05/var/jail/pkg-r cd /var/jail/pkg-r/ sudo tar xvf ~/FreeBSD/12.1/base.txz # Update it to current sudo freebsd-update -b /var/jail/pkg-c fetch sudo freebsd-update -b /var/jail/pkg-c install # Update the package data sudo pkg -r /var/jail/pkg-r update # Install a package that brings in some php modules sudo pkg -r /var/jail/pkg-r install nextcloud-php74 # It looks like php74 alone would work # Observe that the POST-INSTALL scripts are trying to access paths outside of the specified root # and that, had the directories and files been present on the host, # would have resulted the "wrong" files being copied, as well as changing the host's configuration [14/55] Extracting php74-7.4.5: 100% cp: /usr/local/etc/php-fpm.conf.default: No such file or directory cp: /usr/local/etc/php-fpm.d/www.conf.default: No such file or directory touch: /usr/local/include/php/ext/php_config.h: No such file or directory pkg: POST-INSTALL script failed (In reply to Jeff Kletsky from comment #4) A few typos in the previous comment * `-r` was used, `--rotdir` is a typo * In TO REPLICATE, it is typo that `freebsd-update` is shown for `/var/jail/pkg-c` rather than for `/var/jail/pkg-r` The tests were self-consistent, with `-c` being consistently tested in `/var/jail/pkg-c` and `-r` being consistently tested in `/var/jail/pkg-r`. (In reply to Jeff Kletsky from comment #4) WORK AROUND =========== sudo zfs create zroot-js-front-2020-05/var/jail/pkg-c cd /var/jail/pkg-c/ sudo tar xf ~/FreeBSD/12.1/base.txz sudo freebsd-update -b /var/jail/pkg-c/ fetch sudo freebsd-update -b /var/jail/pkg-c/ install env ROOT=/var/jail/pkg-c /var/jail/pkg-c/bin/freebsd-version # If devfs is not already mounted in the chroot sudo mount -t devfs devfs /var/jail/pkg-c/dev/ # pkg [-C <configuration file>] [-R <repository configuration directory>] # may be helpful if the jail's pkg/repo configuration is different than the host's sudo env NAMESERVER=<nameserver IP> pkg -c /var/jail/pkg-c update sudo env NAMESERVER=<nameserver IP> pkg -c /var/jail/pkg-c install php74 sudo umount /var/jail/pkg-c/dev |