Commit 7590f9c5 authored by Leigh Stoller's avatar Leigh Stoller

Makefile Whacking! Try to deal with the problem caused by the delay

between when something is installed and when post-install runs. Short
of a global lock (which we probably need anyway someday), my solution
is this. In your makefiles, add these variables before the line that
has the include of $(TESTBED_SRCDIR)/GNUmakerules:

	SETUID_BIN_SCRIPTS   =
	SETUID_SBIN_SCRIPTS  =

I have added three new rules to GNUmakerules that look like this:

	$(addprefix $(SBINDIR)/, $(SETUID_SBIN_SCRIPTS)): $(SBINDIR)/%: %
		echo "Installing (setuid) $<"
		-mkdir -p $(INSTALL_SBINDIR)
		$(SUDO) $(INSTALL) -o root -m 4755 $< $@

Yep, your eyes ain't lying to you; use sudo to run the target so that
install does the right thing (which is that the old file is not
replaced until the new one has the proper attributes on it).

Note that post-install is still needed for the initial install, but
should no longer be needed for day to day installs since all that other
stuff post-install does is mkdir/chmod on directories.
parent b24ab662
......@@ -35,6 +35,22 @@ $(INSTALL_ETCDIR)/%: %
-mkdir -p $(INSTALL_ETCDIR)
$(INSTALL_DATA) $< $@
$(addprefix $(INSTALL_SBINDIR)/, $(SETUID_SBIN_SCRIPTS)): $(INSTALL_SBINDIR)/%: %
echo "Installing (setuid) $<"
-mkdir -p $(INSTALL_SBINDIR)
$(SUDO) $(INSTALL) -o root -m 4755 $< $@
$(addprefix $(INSTALL_BINDIR)/, $(SETUID_BIN_SCRIPTS)): $(INSTALL_BINDIR)/%: %
echo "Installing (setuid) $<"
-mkdir -p $(INSTALL_BINDIR)
$(SUDO) $(INSTALL) -o root -m 4755 $< $@
$(addprefix $(INSTALL_LIBEXECDIR)/, $(SETUID_LIBX_SCRIPTS)): $(INSTALL_LIBEXECDIR)/%: %
echo "Installing (setuid) $<"
-mkdir -p $(INSTALL_LIBEXECDIR)
$(SUDO) $(INSTALL) -o root -m 4755 $< $@
CFLAGS += $(LOCALCFLAGS)
clean:
......
......@@ -63,6 +63,7 @@ INSTALL = @INSTALL@
INSTALL_PROGRAM = @INSTALL@ -m 755
EXE = @EXEEXT@
INSTALL_DATA = @INSTALL@ -m 444
SUDO = @SUDO@
CLIENT_ETCDIR = @CLIENT_ETCDIR@
CLIENT_BINDIR = @CLIENT_BINDIR@
......
#
# EMULAB-COPYRIGHT
# Copyright (c) 2000-2005 University of Utah and the Flux Group.
# Copyright (c) 2000-2006 University of Utah and the Flux Group.
# All rights reserved.
#
......@@ -15,6 +15,11 @@ include $(OBJDIR)/Makeconf
SBIN_STUFF = tbacct addsfskey addpubkey mkusercert quotamail genpubkeys
LIBEXEC_STUFF = webtbacct webaddsfskey webaddpubkey webmkusercert
# These scripts installed setuid, with sudo.
SETUID_BIN_SCRIPTS =
SETUID_SBIN_SCRIPTS = tbacct addpubkey mkusercert
SETUID_LIBX_SCRIPTS =
#
# Force dependencies on the scripts so that they will be rerun through
# configure if the .in file is changed.
......
......@@ -17,6 +17,11 @@ LIBEXEC_SCRIPTS = bugdbxlogin
CTRL_SBIN_SCRIPTS = bugdbproxy bugdbgateway
# These scripts installed setuid, with sudo.
SETUID_BIN_SCRIPTS =
SETUID_SBIN_SCRIPTS = addbugdbproj addbugdbuser setbugdbgroups
SETUID_LIBX_SCRIPTS = bugdbxlogin
#
# Force dependencies on the scripts so that they will be rerun through
# configure if the .in file is changed.
......
......@@ -155,7 +155,7 @@ while (my ($pid,$gid) = $query_result->fetchrow_array()) {
# And populate all the lists!
#
foreach my $pid (@projects) {
system("$GENELISTS $optarg -p $pid") == 0
system("$GENELISTS $optarg -f -p $pid") == 0
or fatal("Could not populate lists for project $pid!");
}
......
......@@ -1188,11 +1188,46 @@ else
echo "$ac_t""no" 1>&6
fi
# Extract the first word of "sudo", so it can be a program name with args.
set dummy sudo; ac_word=$2
echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
echo "configure:1195: checking for $ac_word" >&5
if eval "test \"`echo '$''{'ac_cv_path_SUDO'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
case "$SUDO" in
/*)
ac_cv_path_SUDO="$SUDO" # Let the user override the test with a path.
;;
?:/*)
ac_cv_path_SUDO="$SUDO" # Let the user override the test with a dos path.
;;
*)
IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":"
ac_dummy="$PATH"
for ac_dir in $ac_dummy; do
test -z "$ac_dir" && ac_dir=.
if test -f $ac_dir/$ac_word; then
ac_cv_path_SUDO="$ac_dir/$ac_word"
break
fi
done
IFS="$ac_save_ifs"
;;
esac
fi
SUDO="$ac_cv_path_SUDO"
if test -n "$SUDO"; then
echo "$ac_t""$SUDO" 1>&6
else
echo "$ac_t""no" 1>&6
fi
# Extract the first word of "${ac_tool_prefix}ssh", so it can be a program name with args.
set dummy ${ac_tool_prefix}ssh; ac_word=$2
echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
echo "configure:1196: checking for $ac_word" >&5
echo "configure:1231: checking for $ac_word" >&5
if eval "test \"`echo '$''{'ac_cv_prog_SSH'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
......@@ -1225,12 +1260,12 @@ fi
for ac_func in srandomdev
do
echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
echo "configure:1229: checking for $ac_func" >&5
echo "configure:1264: checking for $ac_func" >&5
if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
#line 1234 "configure"
#line 1269 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char $ac_func(); below. */
......@@ -1253,7 +1288,7 @@ $ac_func();
; return 0; }
EOF
if { (eval echo configure:1257: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
if { (eval echo configure:1292: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_func_$ac_func=yes"
else
......@@ -2017,17 +2052,17 @@ for ac_hdr in ulxmlrpcpp/ulxr_config.h
do
ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
echo "configure:2021: checking for $ac_hdr" >&5
echo "configure:2056: checking for $ac_hdr" >&5
if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
#line 2026 "configure"
#line 2061 "configure"
#include "confdefs.h"
#include <$ac_hdr>
EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
{ (eval echo configure:2031: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
{ (eval echo configure:2066: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
if test -z "$ac_err"; then
rm -rf conftest*
......@@ -2066,17 +2101,17 @@ for ac_hdr in linux/videodev.h
do
ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
echo "configure:2070: checking for $ac_hdr" >&5
echo "configure:2105: checking for $ac_hdr" >&5
if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
#line 2075 "configure"
#line 2110 "configure"
#include "confdefs.h"
#include <$ac_hdr>
EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
{ (eval echo configure:2080: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
{ (eval echo configure:2115: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
if test -z "$ac_err"; then
rm -rf conftest*
......@@ -2109,7 +2144,7 @@ done
# Extract the first word of "gtk-config", so it can be a program name with args.
set dummy gtk-config; ac_word=$2
echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
echo "configure:2113: checking for $ac_word" >&5
echo "configure:2148: checking for $ac_word" >&5
if eval "test \"`echo '$''{'ac_cv_prog_GTK_CONFIG'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
......@@ -2188,7 +2223,7 @@ fi
# SVR4 /usr/ucb/install, which tries to use the nonexistent group "staff"
# ./install, which can be erroneously created by make from ./install.sh.
echo $ac_n "checking for a BSD compatible install""... $ac_c" 1>&6
echo "configure:2192: checking for a BSD compatible install" >&5
echo "configure:2227: checking for a BSD compatible install" >&5
if test -z "$INSTALL"; then
if eval "test \"`echo '$''{'ac_cv_path_install'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
......@@ -2249,7 +2284,7 @@ esac
# Extract the first word of "rsync", so it can be a program name with args.
set dummy rsync; ac_word=$2
echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
echo "configure:2253: checking for $ac_word" >&5
echo "configure:2288: checking for $ac_word" >&5
if eval "test \"`echo '$''{'ac_cv_path_RSYNC'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
......@@ -2636,6 +2671,7 @@ s%@EXEEXT@%$EXEEXT%g
s%@ELVIN_CONFIG@%$ELVIN_CONFIG%g
s%@JAVAC@%$JAVAC%g
s%@JAR@%$JAR%g
s%@SUDO@%$SUDO%g
s%@SSH@%$SSH%g
s%@optional_subdirs@%$optional_subdirs%g
s%@TBDBNAME@%$TBDBNAME%g
......
......@@ -54,6 +54,7 @@ AC_EXEEXT
AC_PATH_PROG(ELVIN_CONFIG,elvin-config)
AC_PATH_PROG(JAVAC,javac)
AC_PATH_PROG(JAR,jar)
AC_PATH_PROG(SUDO,sudo)
AC_CHECK_TOOL(SSH,ssh)
......
......@@ -26,6 +26,11 @@ LIB_SCRIPTS = libdb.pm Node.pm libdb.py libadminctrl.pm Experiment.pm \
USERSBINS = genelists.proxy dumperrorlog.proxy
USERLIBS = libtbdb.pm
# These scripts installed setuid, with sudo.
SETUID_BIN_SCRIPTS =
SETUID_SBIN_SCRIPTS = genelists dhcpd_makeconf elabinelab_bossinit
SETUID_LIBX_SCRIPTS =
#
# Force dependencies on the scripts so that they will be rerun through
# configure if the .in file is changed.
......
......@@ -20,6 +20,12 @@ SCRIPT_CONTROL = linktest_control
SCRIPT_TBCOMPAT = tb_compat.tcl
SCRIPT_NSTB_COMPAT = nstb_compat.tcl
# These scripts installed setuid, with sudo.
SETUID_BIN_SCRIPTS =
SETUID_SBIN_SCRIPTS = $(SCRIPT_CONTROL)
SETUID_LIBX_SCRIPTS =
SYSTEM := $(patsubst CYGWIN%,CYGWIN,$(shell uname -s))
include $(OBJDIR)/Makeconf
......@@ -82,9 +88,9 @@ $(DAEMON_OBJS): ../lib/libevent.a ../lib/event.h
$(LTEVENT_OBJS): ../lib/libevent.a ../lib/event.h
# We install just enough to fire off the test from boss and wait.
install: weblinktest $(SCRIPT_CONTROL) $(SCRIPT_RUN) $(SCRIPT_PROXY) $(LTEVENT)
install: weblinktest $(SCRIPT_RUN) $(SCRIPT_PROXY) $(LTEVENT) \
$(INSTALL_SBINDIR)/$(SCRIPT_CONTROL)
$(INSTALL_PROGRAM) weblinktest $(INSTALL_LIBEXECDIR)
$(INSTALL_PROGRAM) $(SCRIPT_CONTROL) $(INSTALL_SBINDIR)
$(INSTALL_DATA) $(SRCDIR)/linktest.html $(INSTALL_WWWDIR)/doc
-mkdir -p $(INSTALL_DIR)/opsdir/bin
-mkdir -p $(INSTALL_DIR)/opsdir/sbin
......
#
# EMULAB-COPYRIGHT
# Copyright (c) 2000-2002 University of Utah and the Flux Group.
# Copyright (c) 2000-2002, 2006 University of Utah and the Flux Group.
# All rights reserved.
#
SRCDIR = @srcdir@
......@@ -12,6 +12,11 @@ include $(OBJDIR)/Makeconf
all: ipod apod
# These scripts installed setuid, with sudo.
SETUID_BIN_SCRIPTS =
SETUID_SBIN_SCRIPTS = ipod apod
SETUID_LIBX_SCRIPTS =
include $(TESTBED_SRCDIR)/GNUmakerules
CFLAGS= -g -O2
......
#
# EMULAB-COPYRIGHT
# Copyright (c) 2004, 2005 University of Utah and the Flux Group.
# Copyright (c) 2004, 2005, 2006 University of Utah and the Flux Group.
# All rights reserved.
#
......@@ -13,6 +13,11 @@ include $(OBJDIR)/Makeconf
BIN_SCRIPTS = tbuisp tbsgmotepower newmote set-mote-id
# These scripts installed setuid, with sudo.
SETUID_BIN_SCRIPTS =
SETUID_SBIN_SCRIPTS = tbuisp tbsgmotepower
SETUID_LIBX_SCRIPTS =
#
# Force dependencies on the scripts so that they will be rerun through
# configure if the .in file is changed.
......
#
# EMULAB-COPYRIGHT
# Copyright (c) 2004, 2005 University of Utah and the Flux Group.
# Copyright (c) 2004, 2005, 2006 University of Utah and the Flux Group.
# All rights reserved.
#
......@@ -14,6 +14,11 @@ include $(OBJDIR)/Makeconf
PROGS = locpiper emcd
TESTS = test_emcd.sh
# These scripts installed setuid, with sudo.
SETUID_BIN_SCRIPTS =
SETUID_SBIN_SCRIPTS = locpiper
SETUID_LIBX_SCRIPTS =
all: $(PROGS)
client client-install:
......@@ -34,10 +39,9 @@ test_emcd.sh: emcd
emcd: $(OBJS) ../mtp/libmtp.a emcd.h ../mtp/mtp_xdr.h ../mtp/mtp.h
$(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(OBJS) $(LIBS)
install: all
install: all $(INSTALL_SBINDIR)/locpiper
-mkdir -p $(INSTALL_DIR)/opsdir/sbin
$(INSTALL_PROGRAM) emcd $(INSTALL_DIR)/opsdir/sbin/emcd
$(INSTALL_PROGRAM) locpiper $(INSTALL_SBINDIR)/locpiper
@echo "Don't forget to do a post-install as root"
post-install:
......
......@@ -14,6 +14,11 @@ include $(OBJDIR)/Makeconf
BINS = suexec
SBINS = genlastlog lastlog_daemon
# These scripts installed setuid, with sudo.
SETUID_BIN_SCRIPTS =
SETUID_SBIN_SCRIPTS =
SETUID_LIBX_SCRIPTS = suexec
#
# Force dependencies on the scripts so that they will be rerun through
# configure if the .in file is changed.
......
......@@ -71,6 +71,15 @@ LIB_STUFF = libtbsetup.pm exitonwarn.pm libtestbed.pm snmpit_intel.pm \
libadminmfs.pm libtblog.pm libtblog_simple.pm libArchive.pm \
power_mail.pm power_whol.pm Template.pm
# These scripts installed setuid, with sudo.
SETUID_BIN_SCRIPTS = node_reboot eventsys_control tarfiles_setup savelogs \
tbrsync
SETUID_SBIN_SCRIPTS = mkproj rmgroup mkgroup frisbeelauncher frisbeeimage \
rmuser idleswap named_setup exports_setup \
sfskey_update setgroups newnode_reboot vnode_setup \
elabinelab nfstrace
SETUID_LIBX_SCRIPTS = rmproj console_setup spewlogfile
ifeq ($(SYSTEM),FreeBSD)
FBSDVERSION := $(shell uname -v | sed -e 's/FreeBSD \([0-9]\).*/FreeBSD\1/')
ifeq ($(FBSDVERSION),FreeBSD4)
......
#
# EMULAB-COPYRIGHT
# Copyright (c) 2000-2005 University of Utah and the Flux Group.
# Copyright (c) 2000-2006 University of Utah and the Flux Group.
# All rights reserved.
#
......@@ -23,6 +23,11 @@ LIB_STUFF = lanlink.tcl node.tcl sim.tcl tb_compat.tcl null.tcl \
BOSSLIBEXEC = parse-ns
USERLIBEXEC = parse.proxy
# These scripts installed setuid, with sudo.
SETUID_BIN_SCRIPTS =
SETUID_SBIN_SCRIPTS =
SETUID_LIBX_SCRIPTS = parse-ns
#
# Force dependencies on the scripts so that they will be rerun through
# configure if the .in file is changed.
......
#
# EMULAB-COPYRIGHT
# Copyright (c) 2000-2003 University of Utah and the Flux Group.
# Copyright (c) 2000-2003, 2006 University of Utah and the Flux Group.
# All rights reserved.
#
......@@ -19,6 +19,11 @@ LIB_STUFF = nse.node.tcl nse.sim.tcl nse.null.tcl \
BOSSLIBEXEC = parse-nse
USERLIBEXEC = nse.parse.proxy
# These scripts installed setuid, with sudo.
SETUID_BIN_SCRIPTS =
SETUID_SBIN_SCRIPTS =
SETUID_LIBX_SCRIPTS = parse-nse
#
# Force dependencies on the scripts so that they will be rerun through
# configure if the .in file is changed.
......
......@@ -23,6 +23,11 @@ LIB_STUFF = tb_compat.tcl
LIBEXEC_STUFF = nstbparse
BOSSLIBEXEC = verify-ns
# These scripts installed setuid, with sudo.
SETUID_BIN_SCRIPTS =
SETUID_SBIN_SCRIPTS =
SETUID_LIBX_SCRIPTS = verify-ns
all: $(LIB_STUFF) $(LIBEXEC_STUFF) $(BOSSLIBEXEC)
include $(TESTBED_SRCDIR)/GNUmakerules
......
#
# EMULAB-COPYRIGHT
# Copyright (c) 2000-2004 University of Utah and the Flux Group.
# Copyright (c) 2000-2004, 2006 University of Utah and the Flux Group.
# All rights reserved.
#
......@@ -24,6 +24,11 @@ LIB_STUFF = libplab.py mod_dslice.py mod_PLC.py mod_PLCNM.py \
LIBEXEC_STUFF = webplabstats
# These scripts installed setuid, with sudo.
SETUID_BIN_SCRIPTS =
SETUID_SBIN_SCRIPTS = plabslice plabnode plabrenewd
SETUID_LIBX_SCRIPTS =
#
# Force dependencies on the scripts so that they will be rerun through
# configure if the .in file is changed.
......
#
# EMULAB-COPYRIGHT
# Copyright (c) 2005 University of Utah and the Flux Group.
# Copyright (c) 2005, 2006 University of Utah and the Flux Group.
# All rights reserved.
#
......@@ -11,6 +11,11 @@ SUBDIR = tools/whol
include $(OBJDIR)/Makeconf
# These scripts installed setuid, with sudo.
SETUID_BIN_SCRIPTS =
SETUID_SBIN_SCRIPTS = whol
SETUID_LIBX_SCRIPTS =
all: whol
include $(TESTBED_SRCDIR)/GNUmakerules
......
......@@ -27,6 +27,11 @@ LIBEXEC_SCRIPTS = webcreateimage newnode webdeletenode spewleds webcopy \
webspewconlog xlogin webviewvc spewevents
CTRLSBIN_SCRIPTS= opsdb_control.proxy
# These scripts installed setuid, with sudo.
SETUID_BIN_SCRIPTS =
SETUID_SBIN_SCRIPTS = grabwebcams checkquota spewconlog opsdb_control
SETUID_LIBX_SCRIPTS = xlogin
#
# Force dependencies on the scripts so that they will be rerun through
# configure if the .in file is changed.
......
......@@ -19,6 +19,11 @@ CTRL_SBIN_SCRIPTS = wikiproxy
CTRL_LIB_FILES = usertemplate webhometemplate
TWIKIFILES = UserPermNotes.txt GroupPermNotes.txt LocalSite.cfg
# These scripts installed setuid, with sudo.
SETUID_BIN_SCRIPTS =
SETUID_SBIN_SCRIPTS = addwikiuser delwikiuser addwikiproj setwikigroups
SETUID_LIBX_SCRIPTS = wikixlogin
#
# Force dependencies on the scripts so that they will be rerun through
# configure if the .in file is changed.
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment