etcupdate failed to build tree with read-only /usr/src

Alastair Hogge Sat, 12 Apr 2025 19:52:05 -0700

Hello,

I am updating a 15-CURRENT host from
1016b3c344350fa5968f16852e5e4e388c51d817[1] (2025-03-08 18:28:50 +0000)
to 
63578bf225df37944b78febfb177e8c1c81f54e4[2] (2025-04-12 19:50:06 +0000).
My update process is as follows:


$ cat /home/agh/tasks/update-host
#!/bin/sh -ex

UPDATE_HOST_HOST="$(hostname -s)"

(cd /usr/src && \
        env MAKEOBJDIRPREFIX=/tmp/${UPDATE_HOST_HOST} make -j64
buildworld && \
        env MAKEOBJDIRPREFIX=/tmp/${UPDATE_HOST_HOST} make -j64
buildkernel)

(echo "env MAKEOBJDIRPREFIX=/tmp/${UPDATE_HOST_HOST} make
installkernel")
(echo "env MAKEOBJDIRPREFIX=/tmp/${UPDATE_HOST_HOST} make installworld")

You can see that I build kernel, and world from a non-root user, into a
tmpfs prefix.

/usr/src is mounted read-only from a NFS exported checkout. The git
checkout is owned by a non-root user:
$ mount -p | grep  "/usr/src"
/exports/fafnir/git/freebsd/src/main /usr/src           nullfs  ro      
       0 0

After the build processes complete, I then switch to root, to start the
upgrade:

$ doas su -
# cd /usr/src
# etcupdate -p
# env MAKEOBJDIRPREFIX=/tmp/fafnir make installkernel
# env MAKEOBJDIRPREFIX=/tmp/fafnir make installworld
# etcupdate

Here etcupdate exits with, "Failed to build new tree."

I used git bisect to find the commit[3] where my update process broke:
commit 49bc071f40886af46eb90467dfef6cba5f95beec
Author: Mark Johnston <ma...@freebsd.org>
Date:   Mon Apr 7 12:42:08 2025 +0000

    nsswitch.conf: Avoid modification after installation

    To implement WITHOUT_NIS, we have a hack in the build which modifies
the
    installed nsswitch.conf to remove NIS compat providers and
databases.
    This hack operates on the installed nsswitch.conf, which means that
the
    installed file size won't match that listed in the metalog.

    One option would be to maintain two copies of nsswitch.conf, one for
    each configuration, but that would result in duplication and I don't
see
    a clear way around that.

    Instead, stage a copy of nsswitch.conf in the libc objdir, and
modify
    that one before installing, so that the version recorded in the
metalog
    matches what actually gets installed.

    PR:             209718
    Reviewed by:    kevans, emaste
    Sponsored by:   Klara, Inc.
    Sponsored by:   The FreeBSD Foundation
    Differential Revision:  https://reviews.freebsd.org/D49300

Is my update process flawed? Is updating from a read-only ${SRC} not an
option anymore, or never was meant to be an option? Is it possible
configure etcupdate to build the current tree in a custom build prefix?

A snippet from the etcupdate log:
# tail -n40 /var/db/etcupdate/log
===> lib/csu (installconfig)
===> lib/csu/amd64 (installconfig)
===> lib/libc (installconfig)
installing DIRS CONFSDIR
install -N /usr/src/etc  -d -m 0755 -o root  -g wheel 
/var/db/etcupdate/etcupdate-JN3IPm7/etc
install -N /usr/src/etc  -C -o root  -g wheel -m 644  /usr/src/etc/group
/var/db/etcupdate/etcupdate-JN3IPm7/etc/group
install -N /usr/src/etc  -C -o root  -g wheel -m 600 
/usr/src/etc/master.passwd
/var/db/etcupdate/etcupdate-JN3IPm7/etc/master.passwd
install -N /usr/src/etc  -C -o root  -g wheel -m 644 
/usr/src/etc/shells /var/db/etcupdate/etcupdate-JN3IPm7/etc/shells
install -N /usr/src/etc  -C -o root  -g wheel -m 644  net/hosts
/var/db/etcupdate/etcupdate-JN3IPm7/etc/hosts
install -N /usr/src/etc  -C -o root  -g wheel -m 644  net/hosts.equiv
/var/db/etcupdate/etcupdate-JN3IPm7/etc/hosts.equiv
install -N /usr/src/etc  -C -o root  -g wheel -m 644  net/networks
/var/db/etcupdate/etcupdate-JN3IPm7/etc/networks
cp -f /usr/src/lib/libc/net/nsswitch.conf
/usr/src/lib/libc/nsswitch.conf
cp: /usr/src/lib/libc/nsswitch.conf: Read-only file system
*** Error code 1

Stop.
make[5]: stopped making "installconfig" in /usr/src/lib/libc
*** Error code 1

Stop.
make[4]: stopped making "installconfig" in /usr/src/lib
*** Error code 1

Stop.
make[3]: stopped making "installconfig" in /usr/src
*** Error code 1

Stop.
make[2]: stopped making "distribution" in /usr/src
*** Error code 1

Stop.
make[1]: stopped making "installetc" in /usr/src
*** Error code 1

Stop.
make: stopped making "installetc" in /usr/src
rm: /var/db/etcupdate/etcupdate-JN3IPm7/var/empty: Operation not
permitted
rm: /var/db/etcupdate/etcupdate-JN3IPm7/var: Directory not empty
rm: /var/db/etcupdate/etcupdate-JN3IPm7: Directory not empty

1:
https://cgit.freebsd.org./src/commit/?id=1016b3c344350fa5968f16852e5e4e388c51d817
2:
https://cgit.freebsd.org./src/commit/?id=63578bf225df37944b78febfb177e8c1c81f54e4
3:
https://cgit.freebsd.org./src/commit/?id=49bc071f40886af46eb90467dfef6cba5f95beec

--
To good health,
Alastair

etcupdate failed to build tree with read-only /usr/src

Reply via email to