1. Forum
  2. Usenet
  3. COMP.UNIX.BSD.FREEBSD.MIS

  • permission 0444 vs 0555 on /boot/kernel/*

    From Winston@21:1/5 to All on Mon Nov 25 12:34:24 2024
    'freebsd-update IDS' reports that most (all?) of the files in
    /boot/kernel/, including /boot/kernel/kernel, should have
    permission 0444, not 0555.

    Really?

    AFAIK, those files were written by freebsd-upgrade -r when the system
    was upgraded from 14.0 to 14.1 and have only been touched since then by freebsd-upgrade for patches, so I assume the files were installed with
    0555.

    Thanks,
    -WBE

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Robin Haberkorn@21:1/5 to Winston on Tue Dec 24 18:52:39 2024
    On Mon, 25 Nov 2024, Winston wrote:

    'freebsd-update IDS' reports that most (all?) of the files in
    /boot/kernel/, including /boot/kernel/kernel, should have
    permission 0444, not 0555.

    Really?

    AFAIK, those files were written by freebsd-upgrade -r when the system
    was upgraded from 14.0 to 14.1 and have only been touched since then by freebsd-upgrade for patches, so I assume the files were installed with
    0555.

    They are all 0444 on my system.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Winston@21:1/5 to to which Robin Haberkorn on Tue Dec 24 20:34:23 2024
    I originally posted:
    'freebsd-update IDS' reports that most (all?) of the files in
    /boot/kernel/, including /boot/kernel/kernel, should have
    permission 0444, not 0555.

    Really?

    AFAIK, those files were written by freebsd-upgrade -r when the system
    was upgraded from 14.0 to 14.1 and have only been touched since then by
    freebsd-upgrade for patches, so I assume the files were installed with
    0555.

    to which Robin Haberkorn <robin.haberkorn@googlemail.com> replied:
    They are all 0444 on my system.

    The answer turned out to be:

    If the files with matching names are old enough (and in older releases
    of FreeBSD, those files used to be 0555) and KeepModifiedMetadata in /etc/freebsd-update.conf is yes, then the old permissions get retained. freebsd-upgrade didn't distinguish distribution-modified from
    user-modified. The Bugzilla discussion is at:

    https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=283110

    -WBE

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)