diff options
author | Theo Buehler <tb@cvs.openbsd.org> | 2016-11-19 14:20:59 +0000 |
---|---|---|
committer | Theo Buehler <tb@cvs.openbsd.org> | 2016-11-19 14:20:59 +0000 |
commit | ccf229da8b6ad74b119b67a457df5ace214ff285 (patch) | |
tree | 8d486a891162fd87fae214c24069cebbadfd30b5 | |
parent | b000445053ca3f94bebf6ddc651e5ce4e3c9ea66 (diff) |
Enable builds with a dedicated user that cannot elevate privileges or write
to /usr/src or /usr/xenocara.
Change /usr/{,x}obj to owner build:wobj with mode 770 and install the
systemwide makefiles before starting a build. The root of the noperm fs
containing DESTDIR should also be owned by build:wobj.
Developers will need to add their users to group wobj to be able to write
to /usr/{,x}obj/.
"push forward" deraadt; testing, input & ok rpe
-rw-r--r-- | Makefile | 5 | ||||
-rw-r--r-- | etc/Makefile | 7 | ||||
-rw-r--r-- | share/mk/bsd.obj.mk | 24 | ||||
-rw-r--r-- | share/mk/bsd.own.mk | 6 |
4 files changed, 28 insertions, 14 deletions
@@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.130 2016/10/18 02:47:07 tb Exp $ +# $OpenBSD: Makefile,v 1.131 2016/11/19 14:20:58 tb Exp $ # # For more information on building in tricky environments, please see @@ -71,6 +71,9 @@ build: @false .else build: + umask ${WOBJUMASK}; exec ${MAKE} do-build + +do-build: .ifdef GLOBAL_AUTOCONF_CACHE cp /dev/null ${GLOBAL_AUTOCONF_CACHE} .endif diff --git a/etc/Makefile b/etc/Makefile index fdada477dfa..155e4ae2c58 100644 --- a/etc/Makefile +++ b/etc/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.444 2016/11/05 09:14:37 rpe Exp $ +# $OpenBSD: Makefile,v 1.445 2016/11/19 14:20:58 tb Exp $ TZDIR= /usr/share/zoneinfo LOCALTIME= Canada/Mountain @@ -238,6 +238,9 @@ release: .else release: + umask ${WOBJUMASK}; exec ${MAKE} do-release + +do-release: @if [[ `id -u` -ne 0 ]]; then \ echo $@ must be called by root >&2; \ false; \ @@ -273,7 +276,7 @@ sha: .endif # DESTDIR check distrib: - cd ../distrib && \ + umask 022; cd ../distrib && \ ${MAKE} && exec ${MAKE} install .PHONY: distribution-etc-root-var distribution distrib-dirs \ diff --git a/share/mk/bsd.obj.mk b/share/mk/bsd.obj.mk index c1414027d57..1635d7cd8d3 100644 --- a/share/mk/bsd.obj.mk +++ b/share/mk/bsd.obj.mk @@ -1,4 +1,4 @@ -# $OpenBSD: bsd.obj.mk,v 1.15 2016/10/06 15:34:18 natano Exp $ +# $OpenBSD: bsd.obj.mk,v 1.16 2016/11/19 14:20:58 tb Exp $ # $NetBSD: bsd.obj.mk,v 1.9 1996/04/10 21:08:05 thorpej Exp $ .if !target(obj) @@ -16,18 +16,23 @@ _SUBDIRUSE: obj! _SUBDIRUSE @cd ${.CURDIR}; \ + umask ${WOBJUMASK}; \ + here=`/bin/pwd`; bsdsrcdir=`cd ${BSDSRCDIR}; /bin/pwd`; \ + subdir=$${here#$${bsdsrcdir}/}; \ if [[ `id -u` -eq 0 && ${BUILDUSER} != root ]]; then \ - SETOWNER="chown -h ${BUILDUSER}"; \ - _mkdirs() { \ - su ${BUILDUSER} -c "mkdir -p $$1"; \ - }; \ - MKDIRS=_mkdirs; \ + SETOWNER="chown -h ${BUILDUSER}:${WOBJGROUP}"; \ + if [[ $$here != $$subdir ]]; then \ + _mkdirs() { \ + su ${BUILDUSER} -c "mkdir -p $$1"; \ + }; \ + MKDIRS=_mkdirs; \ + fi; \ + elif [[ $$here == $$subdir ]]; then \ + SETOWNER="chown :${WOBJGROUP}"; \ else \ - MKDIRS="mkdir -p"; \ SETOWNER=:; \ fi; \ - here=`/bin/pwd`; bsdsrcdir=`cd ${BSDSRCDIR}; /bin/pwd`; \ - subdir=$${here#$${bsdsrcdir}/}; \ + [[ -z $$MKDIRS ]] && MKDIRS="mkdir -p"; \ if test $$here != $$subdir ; then \ dest=${BSDOBJDIR}/$$subdir ; \ echo "$$here/${__objdir} -> $$dest"; \ @@ -53,6 +58,7 @@ obj! _SUBDIRUSE if test ! -d ${__objdir} ; then \ echo "making $$dest" ; \ $$MKDIRS $$dest; \ + $$SETOWNER $$dest; \ fi ; \ fi; . endif diff --git a/share/mk/bsd.own.mk b/share/mk/bsd.own.mk index 82d33d688f4..d2db1871218 100644 --- a/share/mk/bsd.own.mk +++ b/share/mk/bsd.own.mk @@ -1,4 +1,4 @@ -# $OpenBSD: bsd.own.mk,v 1.180 2016/10/05 18:00:41 natano Exp $ +# $OpenBSD: bsd.own.mk,v 1.181 2016/11/19 14:20:58 tb Exp $ # $NetBSD: bsd.own.mk,v 1.24 1996/04/13 02:08:09 thorpej Exp $ # Host-specific overrides @@ -128,7 +128,9 @@ DEFAULT_PIE_DEF=-DPIE_DEFAULT=1 NOPROFILE= .endif -BUILDUSER?= ${USER} +BUILDUSER?= build +WOBJGROUP?= wobj +WOBJUMASK?= 007 BSD_OWN_MK=Done |