On Tue, Oct 04, 2016 at 07:06:30PM +0100, Laurence Tratt wrote: > >Synopsis: Upgrading from sets on a mounted disk no longer works > >Environment: > System : OpenBSD 6.0 > Details : OpenBSD 6.0-current (GENERIC.MP) #2518: Sun Oct 2 > 21:41:07 MDT 2016 > > [email protected]:/usr/src/sys/arch/amd64/compile/GENERIC.MP > > Architecture: OpenBSD.amd64 > Machine : amd64 > >Description: > The last couple of snapshots seem to have changed the behaviour of upgrading. > If > when asked "Location of sets?" I select "disk", and type in an appropriate > mounted location, the correct sets are presented to me. However, when I select > "done" to install the sets, I get the following: > > ftp: Can't open file ////mnt/home/ltratt/tmp/bsd/SHA256.sig: Permission > denied > Cannot fetch SHA256.sig. Continue without verification? [no] > > The file(s) exist, and if I manually use ftp from the shell (with a file:/// > URL), there is no permission problem at all. I assume, but don't know, that > the install script is calling ftp incorrectly? > >How-To-Repeat: > Happens on two amd64 machines I have access to.
The installer script now uses the unpriv() wrapper to fetch the set files as unprivileged user (see cvs log below). Before, the root user was able to fetch the files no matter what the ownership/permissions were. revision 1.908 date: 2016/09/03 11:29:17; author: rpe; state: Exp; lines: +46 -1; Add a do_as() function that executes commands as unprivileged user and ensures that no processes of this user remain active afterwards. Optionally, it creates a file, that is owned by the user only for this command execution. Afterwards it's chown'd by root. Add wrapper functions for do_as(). unpriv() uses the _sndio user and unpriv2() uses the _file user to execute commands. OK halex, tb, deraadt
