From ea87b3cb61eb4f90e6d2b6a0ea81cf77a54819ef Mon Sep 17 00:00:00 2001 From: "David E. O'Brien" Date: Wed, 25 Apr 2001 20:56:15 +0000 Subject: [PATCH] Don't install KO's with the "schg" flag. We are way too inconsistent with our setting of the "schg" flag, and in our default install, it doesn't really offer any additional security. Reviewed by: arch@ --- sys/conf/Makefile.alpha | 11 ++--------- sys/conf/Makefile.i386 | 11 ++--------- sys/conf/Makefile.ia64 | 11 ++--------- sys/conf/Makefile.pc98 | 11 ++--------- sys/conf/Makefile.powerpc | 11 ++--------- sys/conf/kmod.mk | 2 +- 6 files changed, 11 insertions(+), 46 deletions(-) diff --git a/sys/conf/Makefile.alpha b/sys/conf/Makefile.alpha index ddeae04005f..0d6afd18cc4 100644 --- a/sys/conf/Makefile.alpha +++ b/sys/conf/Makefile.alpha @@ -292,23 +292,16 @@ kernel-install kernel-install.debug: fi .if exists(${DESTDIR}${KODIR}) .if exists(${DESTDIR}${KODIR}.old) - @-chflags -R noschg ${DESTDIR}${KODIR}.old -rm -rf ${DESTDIR}${KODIR}.old .endif mv ${DESTDIR}${KODIR} ${DESTDIR}${KODIR}.old .endif mkdir -p ${DESTDIR}${KODIR} - @-if [ -f ${DESTDIR}${KODIR}/${KERNEL_KO} ] ; then \ - chflags noschg ${DESTDIR}${KODIR}/${KERNEL_KO} ; \ - fi - install -c -m 555 -o root -g wheel -fschg \ + install -c -m 555 -o root -g wheel \ ${KERNEL_KO}${.TARGET:S/kernel-install//} ${DESTDIR}${KODIR} kernel-reinstall kernel-reinstall.debug: - @-if [ -f ${DESTDIR}${KODIR}/${KERNEL_KO} ] ; then \ - chflags noschg ${DESTDIR}${KODIR}/${KERNEL_KO} ; \ - fi - install -c -m 555 -o root -g wheel -fschg \ + install -c -m 555 -o root -g wheel \ ${KERNEL_KO}${.TARGET:S/kernel-reinstall//} ${DESTDIR}${KODIR} .if !defined(MODULES_WITH_WORLD) && !defined(NO_MODULES) && exists($S/modules) diff --git a/sys/conf/Makefile.i386 b/sys/conf/Makefile.i386 index 69ca923c692..1d5e1dce068 100644 --- a/sys/conf/Makefile.i386 +++ b/sys/conf/Makefile.i386 @@ -252,23 +252,16 @@ kernel-install kernel-install.debug: fi .if exists(${DESTDIR}${KODIR}) .if exists(${DESTDIR}${KODIR}.old) - @-chflags -R noschg ${DESTDIR}${KODIR}.old -rm -rf ${DESTDIR}${KODIR}.old .endif mv ${DESTDIR}${KODIR} ${DESTDIR}${KODIR}.old .endif mkdir -p ${DESTDIR}${KODIR} - @-if [ -f ${DESTDIR}${KODIR}/${KERNEL_KO} ] ; then \ - chflags noschg ${DESTDIR}${KODIR}/${KERNEL_KO} ; \ - fi - install -c -m 555 -o root -g wheel -fschg \ + install -c -m 555 -o root -g wheel \ ${KERNEL_KO}${.TARGET:S/kernel-install//} ${DESTDIR}${KODIR} kernel-reinstall kernel-reinstall.debug: - @-if [ -f ${DESTDIR}${KODIR}/${KERNEL_KO} ] ; then \ - chflags noschg ${DESTDIR}${KODIR}/${KERNEL_KO} ; \ - fi - install -c -m 555 -o root -g wheel -fschg \ + install -c -m 555 -o root -g wheel \ ${KERNEL_KO}${.TARGET:S/kernel-reinstall//} ${DESTDIR}${KODIR} .if !defined(MODULES_WITH_WORLD) && !defined(NO_MODULES) && exists($S/modules) diff --git a/sys/conf/Makefile.ia64 b/sys/conf/Makefile.ia64 index bb0151beeb2..a589b0034e0 100644 --- a/sys/conf/Makefile.ia64 +++ b/sys/conf/Makefile.ia64 @@ -256,23 +256,16 @@ kernel-install kernel-install.debug: fi .if exists(${DESTDIR}${KODIR}) .if exists(${DESTDIR}${KODIR}.old) - @-chflags -R noschg ${DESTDIR}${KODIR}.old -rm -rf ${DESTDIR}${KODIR}.old .endif mv ${DESTDIR}${KODIR} ${DESTDIR}${KODIR}.old .endif mkdir -p ${DESTDIR}${KODIR} - @-if [ -f ${DESTDIR}${KODIR}/${KERNEL_KO} ] ; then \ - chflags noschg ${DESTDIR}${KODIR}/${KERNEL_KO} ; \ - fi - install -c -m 555 -o root -g wheel -fschg \ + install -c -m 555 -o root -g wheel \ ${KERNEL_KO}${.TARGET:S/kernel-install//} ${DESTDIR}${KODIR} kernel-reinstall kernel-reinstall.debug: - @-if [ -f ${DESTDIR}${KODIR}/${KERNEL_KO} ] ; then \ - chflags noschg ${DESTDIR}${KODIR}/${KERNEL_KO} ; \ - fi - install -c -m 555 -o root -g wheel -fschg \ + install -c -m 555 -o root -g wheel \ ${KERNEL_KO}${.TARGET:S/kernel-reinstall//} ${DESTDIR}${KODIR} .if !defined(MODULES_WITH_WORLD) && !defined(NO_MODULES) && exists($S/modules) diff --git a/sys/conf/Makefile.pc98 b/sys/conf/Makefile.pc98 index d132d3ef132..bce1d593be0 100644 --- a/sys/conf/Makefile.pc98 +++ b/sys/conf/Makefile.pc98 @@ -255,23 +255,16 @@ kernel-install kernel-install.debug: fi .if exists(${DESTDIR}${KODIR}) .if exists(${DESTDIR}${KODIR}.old) - @-chflags -R noschg ${DESTDIR}${KODIR}.old -rm -rf ${DESTDIR}${KODIR}.old .endif mv ${DESTDIR}${KODIR} ${DESTDIR}${KODIR}.old .endif mkdir -p ${DESTDIR}${KODIR} - @-if [ -f ${DESTDIR}${KODIR}/${KERNEL_KO} ] ; then \ - chflags noschg ${DESTDIR}${KODIR}/${KERNEL_KO} ; \ - fi - install -c -m 555 -o root -g wheel -fschg \ + install -c -m 555 -o root -g wheel \ ${KERNEL_KO}${.TARGET:S/kernel-install//} ${DESTDIR}${KODIR} kernel-reinstall kernel-reinstall.debug: - @-if [ -f ${DESTDIR}${KODIR}/${KERNEL_KO} ] ; then \ - chflags noschg ${DESTDIR}${KODIR}/${KERNEL_KO} ; \ - fi - install -c -m 555 -o root -g wheel -fschg \ + install -c -m 555 -o root -g wheel \ ${KERNEL_KO}${.TARGET:S/kernel-reinstall//} ${DESTDIR}${KODIR} .if !defined(MODULES_WITH_WORLD) && !defined(NO_MODULES) && exists($S/modules) diff --git a/sys/conf/Makefile.powerpc b/sys/conf/Makefile.powerpc index 69ca923c692..1d5e1dce068 100644 --- a/sys/conf/Makefile.powerpc +++ b/sys/conf/Makefile.powerpc @@ -252,23 +252,16 @@ kernel-install kernel-install.debug: fi .if exists(${DESTDIR}${KODIR}) .if exists(${DESTDIR}${KODIR}.old) - @-chflags -R noschg ${DESTDIR}${KODIR}.old -rm -rf ${DESTDIR}${KODIR}.old .endif mv ${DESTDIR}${KODIR} ${DESTDIR}${KODIR}.old .endif mkdir -p ${DESTDIR}${KODIR} - @-if [ -f ${DESTDIR}${KODIR}/${KERNEL_KO} ] ; then \ - chflags noschg ${DESTDIR}${KODIR}/${KERNEL_KO} ; \ - fi - install -c -m 555 -o root -g wheel -fschg \ + install -c -m 555 -o root -g wheel \ ${KERNEL_KO}${.TARGET:S/kernel-install//} ${DESTDIR}${KODIR} kernel-reinstall kernel-reinstall.debug: - @-if [ -f ${DESTDIR}${KODIR}/${KERNEL_KO} ] ; then \ - chflags noschg ${DESTDIR}${KODIR}/${KERNEL_KO} ; \ - fi - install -c -m 555 -o root -g wheel -fschg \ + install -c -m 555 -o root -g wheel \ ${KERNEL_KO}${.TARGET:S/kernel-reinstall//} ${DESTDIR}${KODIR} .if !defined(MODULES_WITH_WORLD) && !defined(NO_MODULES) && exists($S/modules) diff --git a/sys/conf/kmod.mk b/sys/conf/kmod.mk index 7a279f31bb4..7b1f7c814f9 100644 --- a/sys/conf/kmod.mk +++ b/sys/conf/kmod.mk @@ -205,7 +205,7 @@ beforeinstall: afterinstall: .endif -_INSTALLFLAGS:= -fschg ${INSTALLFLAGS} +_INSTALLFLAGS:= ${INSTALLFLAGS} .for ie in ${INSTALLFLAGS_EDIT} _INSTALLFLAGS:= ${_INSTALLFLAGS${ie}} .endfor