release fixes

. make ramdisk buildable without ../etc having pwd.db
	. add cat to release bootstrap cmds
	. support running dynamically linked executables for
	  release bootstrap cmds
	. import netbsd chroot to help

commands/Makefile

@@ -6,7 +6,7 @@ SUBDIR=	add_route arp ash at awk \
 	backup badblocks banner basename \
 	btrace cal \
 	cawf cd  cdprobe checkhier cpp \
-	chmod chown chroot ci cksum cleantmp clear cmp co \
+	chmod chown ci cksum cleantmp clear cmp co \
 	comm compress cp crc cron crontab cut \
 	dd decomp16 DESCRIBE dev2name devsize df dhcpd \
 	dhrystone diff dirname diskctl dumpcore \

commands/chroot/Makefile

@@ -1,5 +0,0 @@
-PROG=	chroot
-BINDIR=	/bin
-MAN=
-
-.include <bsd.prog.mk>

commands/chroot/chroot.c

@@ -1,28 +0,0 @@
-
-#include <unistd.h>
-#include <stdio.h>
-#include <stdlib.h>
-
-#include <sys/wait.h>
-
-int
-main(int argc, char *argv[])
-{
-	int status;
-
-	if(argc != 3) {
-		fprintf(stderr, "usage: %s <root> <command>\n", argv[0]);
-		return 1;
-	}
-
-	if(chroot(argv[1]) < 0) {
-		perror("chroot");
-		return 1;
-	}
-
-	status = system(argv[2]);
-	if(WIFEXITED(status))
-		return WEXITSTATUS(status);
-	return 1;
-}
-

drivers/ramdisk/Makefile

@@ -8,7 +8,7 @@ PROG_COMMANDS=cdprobe dev2name loadramdisk mount fsck.mfs sysenv sh \
 PROG_SERVERS=mfs procfs
 PROG_USRSBIN=pwd_mkdb
 PROGRAMS=$(PROG_DRIVERS) $(PROG_COMMANDS) $(PROG_SERVERS) $(PROG_USRSBIN)
-EXTRA=system.conf master.passwd pwd.db spwd.db rs.single
+EXTRA=system.conf master.passwd rs.single 
 
 .if ${MKSMALL} != "yes"
 PROG_DRIVERS+= ahci
@@ -24,13 +24,13 @@ PROG_DRIVERS+= acpi
 
 CPPFLAGS+= -I${MINIXSRCDIR}/servers -I${MINIXSRCDIR}
 CLEANFILES += $(PROGRAMS) $(SCRIPTS) $(EXTRA) image image.c t proto.gen
-CLEANFILES += $(LIBRARIES)
+CLEANFILES += $(LIBRARIES) pwd.db spwd.db
 
 install: all
 
 realall: image
 
-image:	proto.gen mtab rc $(EXTRA) passwd
+image:	proto.gen mtab rc $(EXTRA) pwd.db spwd.db passwd
 	mkfs.mfs image proto.gen || { rm -f image; false; }
 	if fsck.mfs -s image | grep -q CLEAN;	\
 	then	: ;	\
@@ -81,7 +81,7 @@ $(server): ../../servers/$(server)/$(server)
 	$(MAKE) -C ../../servers/$(server) $(server)
 .endfor
 
-passwd: ../../etc/master.passwd ../../usr.sbin/pwd_mkdb/pwd_mkdb
+pwd.db spwd.db passwd: ../../etc/master.passwd ../../usr.sbin/pwd_mkdb/pwd_mkdb
 	rm -f ../../etc/master.passwd.orig ../../etc/passwd.orig
 	rm -f ../../etc/pwd.db.tmp ../../etc/spwd.db.tmp
 	../../usr.sbin/pwd_mkdb/pwd_mkdb -V 0 -p -d ../../ ../../etc/master.passwd

tools/nbsd_ports

@@ -2,6 +2,7 @@
 # Timestamp in UTC,minixpath,netbsdpath
 # minixpath:  path in Minix source tree (starting from /usr/src/)
 # netbsdpath: path in BSD source tree (starting from src/)
+2012/02/10 16:16:12,usr.sbin/chroot
 2011/01/17 18:11:10,usr.bin/ldd
 2011/01/17 18:11:10,external/bsd/file
 2011/01/17 18:11:10,lib/csu

tools/release.sh

@@ -9,10 +9,15 @@ version="`echo $version_pretty | tr . _`"
 PACKAGEDIR=/usr/pkgsrc/packages/$version_pretty/`uname -m`
 
 XBIN=usr/xbin
+XLIB=xlib
 SRC=src
 REPO=git://git.minix3.org/minix
 GITBRANCH=master
 
+LD_LIB="LD_LIBRARY_PATH=/lib:/usr/lib:/$XLIB"
+BUILDPATH="PATH=/$XBIN:/usr/pkg/bin"
+BUILDENV="$BUILDPATH $LD_LIB"
+
 # List of packages included on installation media
 PACKAGELIST=packages.install
 secs=`expr 32 '*' 64`
@@ -183,17 +188,28 @@ mkdir -m 1777 $RELEASEDIR/tmp
 mkdir -p $RELEASEDIR/tmp
 mkdir -p $RELEASEDIR/usr/tmp
 mkdir -p $RELEASEDIR/$XBIN
+mkdir -p $RELEASEDIR/$XLIB
+mkdir -p $RELEASEDIR/libexec
 mkdir -p $RELEASEDIR/usr/bin
 mkdir -p $RELEASEDIR/bin
 mkdir -p $RELEASEPACKAGE
 
 echo " * Transfering bootstrap dirs to $RELEASEDIR"
+
+# Actual binaries
 cp -p /bin/* /usr/bin/* /usr/sbin/* /sbin/* $RELEASEDIR/$XBIN
-cp -rp /bin/sh /bin/echo /bin/install /bin/rm \
+cp -rp /bin/cat /bin/sh /bin/echo /bin/install /bin/rm \
     /bin/date /bin/ls $RELEASEDIR/bin
 cp -rp /usr/bin/make /usr/bin/yacc /usr/bin/lex \
 	/usr/bin/grep /usr/bin/egrep /usr/bin/awk /usr/bin/sed $RELEASEDIR/usr/bin
 
+# For dynamically linked binaries: put interpreter there the
+# system's current crop of shared libraries so they'll run;
+# once they're rebuilt they can be thrown out in favour of the
+# new ones like $XBIN
+cp -p /libexec/ld.elf_so $RELEASEDIR/libexec/
+cp -p /lib/*.so* /usr/lib/*.so* $RELEASEDIR/$XLIB/
+
 CONFIGHEADER=$RELEASEDIR/usr/src/include/minix/sys_config.h
 
 copy_local_packages
@@ -249,7 +265,7 @@ rm -f $RELEASEDIR/usr/$SRC/tools/revision
 cp chrootmake.sh $RELEASEDIR/usr/$SRC/tools/chrootmake.sh
 
 echo " * Make hierarchy"
-chroot $RELEASEDIR "PATH=/$XBIN:/usr/pkg/bin sh -x /usr/$SRC/tools/chrootmake.sh etcfiles" || exit 1
+sh -c "$LD_LIB chroot $RELEASEDIR sh -c \"$BUILDENV sh -x /usr/$SRC/tools/chrootmake.sh etcfiles\"" || exit 1
 
 for p in $PREINSTALLED_PACKAGES
 do	echo " * Pre-installing: $p from $PKG_ADD_URL"
@@ -263,10 +279,11 @@ fi
 echo " * Resetting timestamps"
 find $RELEASEDIR | xargs touch
 echo " * Chroot build"
-chroot $RELEASEDIR "PATH=/$XBIN:/usr/pkg/bin MAKEMAP=$MAKEMAP sh -x /usr/$SRC/tools/chrootmake.sh" || exit 1
+sh -c "$LD_LIB MAKEMAP=$MAKEMAP chroot $RELEASEDIR sh -c \"$BUILDENV sh -x /usr/$SRC/tools/chrootmake.sh\"" || exit 1
 echo " * Chroot build done"
 echo " * Removing bootstrap files"
 rm -rf $RELEASEDIR/$XBIN
+rm -rf $RELEASEDIR/$XLIB
 # The build process leaves some file in $SRC as bin.
 chown -R root $RELEASEDIR/usr/src*
 cp issue.install $RELEASEDIR/etc/issue

usr.sbin/Makefile

@@ -3,6 +3,6 @@
 .include <bsd.own.mk>
 
 # NetBSD imports
-SUBDIR= installboot pwd_mkdb user vipw zic
+SUBDIR= installboot pwd_mkdb user vipw zic chroot
 
 .include <bsd.subdir.mk>

usr.sbin/chroot/Makefile

@@ -0,0 +1,7 @@
+#	from: @(#)Makefile	8.1 (Berkeley) 6/6/93
+#	$NetBSD: Makefile,v 1.6 2009/04/22 15:23:02 lukem Exp $
+
+PROG=	chroot
+MAN=	chroot.8
+
+.include <bsd.prog.mk>

usr.sbin/chroot/chroot.8

@@ -0,0 +1,100 @@
+.\"	$NetBSD: chroot.8,v 1.14 2011/08/15 14:43:17 wiz Exp $
+.\"
+.\" Copyright (c) 1988, 1991, 1993
+.\"	The Regents of the University of California.  All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of the University nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\"     from: @(#)chroot.8	8.1 (Berkeley) 6/9/93
+.\"
+.Dd August 13, 2011
+.Dt CHROOT 8
+.Os
+.Sh NAME
+.Nm chroot
+.Nd change root directory
+.Sh SYNOPSIS
+.Nm
+.Op Fl G Ar group,group,...
+.Op Fl g Ar group
+.Op Fl u Ar user
+.Ar newroot
+.Op Ar command
+.Sh DESCRIPTION
+The
+.Nm
+command changes its root directory to the supplied directory
+.Ar newroot
+and exec's
+.Ar command ,
+or, if not supplied, an interactive copy of your shell.
+.Pp
+If the
+.Fl u ,
+.Fl g ,
+or
+.Fl G
+options are given, the user, group, and group list of the process are
+set to these values after the chroot has taken place; see
+.Xr setgid 2 ,
+.Xr setgroups 2 ,
+.Xr setuid 2 ,
+.Xr getgrnam 3 ,
+and
+.Xr getpwnam 3 .
+.Pp
+Note:
+.Ar command
+or the shell are run as your real-user-id.
+.Sh ENVIRONMENT
+The following environment variable is referenced by
+.Nm :
+.Bl -tag -width SHELL
+.It Ev SHELL
+If set,
+the string specified by
+.Ev SHELL
+is interpreted as the name of
+the shell to exec.
+If the variable
+.Ev SHELL
+is not set,
+.Pa /bin/sh
+is used.
+.El
+.Sh SEE ALSO
+.Xr ldd 1 ,
+.Xr chdir 2 ,
+.Xr chroot 2 ,
+.Xr environ 7
+.Sh HISTORY
+The
+.Nm
+utility first appeared in
+.Bx 4.4 .
+.Sh SECURITY CONSIDERATIONS
+.Nm
+should never be installed setuid root, as it would then be possible
+to exploit the program to gain root privileges.

usr.sbin/chroot/chroot.c

@@ -0,0 +1,205 @@
+/*	$NetBSD: chroot.c,v 1.19 2011/09/20 14:28:52 christos Exp $	*/
+
+/*
+ * Copyright (c) 1988, 1993
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. Neither the name of the University nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include <sys/cdefs.h>
+#ifndef lint
+__COPYRIGHT("@(#) Copyright (c) 1988, 1993\
+ The Regents of the University of California.  All rights reserved.");
+#endif /* not lint */
+
+#ifndef lint
+#if 0
+static char sccsid[] = "@(#)chroot.c	8.1 (Berkeley) 6/9/93";
+#else
+__RCSID("$NetBSD: chroot.c,v 1.19 2011/09/20 14:28:52 christos Exp $");
+#endif
+#endif /* not lint */
+
+#include <sys/param.h>
+
+#include <err.h>
+#include <errno.h>
+#include <grp.h>
+#include <paths.h>
+#include <pwd.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <inttypes.h>
+#include <string.h>
+#include <unistd.h>
+
+static void	usage(void) __dead;
+
+static int
+getnum(const char *str, uintmax_t *num)
+{
+	char *ep;
+
+	errno = 0;
+
+	*num = strtoumax(str, &ep, 0);
+	if (str[0] == '\0' || *ep != '\0') {
+		errno = EINVAL;
+		return -1;
+	}
+
+	if (errno == ERANGE && *num == UINTMAX_MAX)
+		return -1;
+
+	return 0;
+}
+
+
+static gid_t
+getgroup(const char *group)
+{
+	uintmax_t	num;
+	struct group	*gp;
+
+	if ((gp = getgrnam(group)) != NULL)
+		return gp->gr_gid;
+
+	if (getnum(group, &num) == -1)
+	    errx(1, "no such group `%s'", group);
+
+	return (gid_t)num;
+}
+
+static uid_t
+getuser(const char *user)
+{
+	uintmax_t	num;
+	struct passwd	*pw;
+
+	if ((pw = getpwnam(user)) != NULL)
+		return pw->pw_uid;
+
+	if (getnum(user, &num) == -1)
+		errx(1, "no such user `%s'", user);
+
+	return (uid_t)num;
+}
+
+int
+main(int argc, char *argv[])
+{
+	char	*user;		/* user to switch to before running program */
+	char	*group;		/* group to switch to ... */
+	char	*grouplist;	/* group list to switch to ... */
+	char		*p;
+	const char	*shell;
+	gid_t		gid, gidlist[NGROUPS_MAX];
+	uid_t		uid;
+	int		ch, gids;
+
+	user = NULL;
+	group = NULL;
+	grouplist = NULL;
+	gid = 0;
+	uid = 0;
+	gids = 0;
+	while ((ch = getopt(argc, argv, "G:g:u:")) != -1) {
+		switch(ch) {
+		case 'u':
+			user = optarg;
+			if (*user == '\0')
+				usage();
+			break;
+		case 'g':
+			group = optarg;
+			if (*group == '\0')
+				usage();
+			break;
+		case 'G':
+			grouplist = optarg;
+			if (*grouplist == '\0')
+				usage();
+			break;
+		case '?':
+		default:
+			usage();
+		}
+	}
+	argc -= optind;
+	argv += optind;
+
+	if (argc < 1)
+		usage();
+
+	if (user != NULL)
+		uid = getuser(user);
+
+	if (group != NULL)
+		gid = getgroup(group);
+
+	if (grouplist != NULL) {
+		while ((p = strsep(&grouplist, ",")) != NULL) {
+			if (*p == '\0')
+				continue;
+
+			if (gids == NGROUPS_MAX)
+				errx(1,
+				    "too many supplementary groups provided");
+
+			gidlist[gids++] = getgroup(p);
+		}
+	}
+
+	if (chdir(argv[0]) == -1 || chroot(".") == -1)
+		err(1, "%s", argv[0]);
+
+	if (gids && setgroups(gids, gidlist) == -1)
+		err(1, "setgroups");
+	if (group && setgid(gid) == -1)
+		err(1, "setgid");
+	if (user && setuid(uid) == -1)
+		err(1, "setuid");
+
+	if (argv[1]) {
+		execvp(argv[1], &argv[1]);
+		err(1, "%s", argv[1]);
+	}
+
+	if ((shell = getenv("SHELL")) == NULL)
+		shell = _PATH_BSHELL;
+	execlp(shell, shell, "-i", NULL);
+	err(1, "%s", shell);
+	/* NOTREACHED */
+}
+
+static void
+usage(void)
+{
+
+	(void)fprintf(stderr, "Usage: %s [-G group,group,...] [-g group] "
+	    "[-u user] newroot [command]\n", getprogname());
+	exit(1);
+}