lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Sat, 2 Jan 2021 10:13:22 +0100
From:   Sedat Dilek <sedat.dilek@...il.com>
To:     Masahiro Yamada <masahiroy@...nel.org>
Cc:     Pavel Machek <pavel@....cz>,
        Linus Torvalds <torvalds@...ux-foundation.org>,
        Linux Kbuild mailing list <linux-kbuild@...r.kernel.org>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: Re: Linux 5.11-rc1

On Sat, Jan 2, 2021 at 8:52 AM Masahiro Yamada <masahiroy@...nel.org> wrote:
>
> On Sat, Jan 2, 2021 at 3:55 AM Sedat Dilek <sedat.dilek@...il.com> wrote:
> >
> > On Fri, Jan 1, 2021 at 5:14 PM Pavel Machek <pavel@....cz> wrote:
> > >
> > > Hi!
> > > > >
> > > > > > $ dpkg -L kmod | grep bin | grep depmod
> > > > > > /sbin/depmod
> > > > > >
> > > > > > $ which depmod
> > > > > > [ empty ]
> > > > > >
> > > > > > $ echo $PATH
> > > > > > /opt/proxychains-ng/bin:/home/dileks/bin:/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
> > > >
> > > > Ok, I think this is a broken setup that has a separate /sbin but does
> > > > not have it in the PATH.
> > >
> > > That's how it is supposed to work, AFAICT. It is so on Debian here,
> > > for example.
> > >
> > > /sbin is for management commands, why would I have it in PATH when
> > > running as normal user?
> > >
> >
> > I am here on Debian/testing AMD64 and waiting for feedback [2].
> >
> > For now I have applied the diff from [1].
> >
> > - Sedat -
> >
> > [1] https://marc.info/?l=linux-kbuild&m=160919738006768&w=2
> > [2] https://marc.info/?l=linux-kernel&m=160919729606750&w=2
>
>
> PATH for the root on Debian is
> /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
>
>
> depmod is used from 'make module_install'.
>
> For the native module installation to the host machine,
> module_install is run after 'su -'
> or 'sudo', which successfully finds depmod in /sbin.
>
>
> I also tested 'make deb-pkg' with/without
> rootless builds. It also successfully found depmod
> in /sbin, presumably dpkg tools automatically tweak
> PATH env variable.
>
>
> Maybe, the problem is when we run 'make modules_install'
> for cross compilation, which we do not necessarily
> require the root permission.
>
> Users can still adjust PATH in ~/.profile, but
> somebody may think breaking the legacy behavior
> is annoying.
>
> So, after some consideration, the workaround by Linus
> looks good to me.
>

Happy new 2020+1,

Thanks for your feedback Masahiro.

Building a Linux kernel on Debian is mostly done using fakeroot binary
(so I do) - so in the user's (PATH) environment.

I cannot speak for the case of cross-compilation as I never used it in
the last years.

We are in the transition "Xmas -> New year -> Weekend" so a lot of
user's of Debian system will not test and hit the problem.
To be honest I wondered why there were no more reports on this.
With upcoming Sunday/Monday we will have Linux v5.11-rc2 released
which has an elegant solution by restoring common legacy behaviour by
putting "sbin" to the end of "PATH" (search).

Regards,
- Sedat -

Powered by blists - more mailing lists