Harden FreeBSD guest /etc and activation diagnostics
This commit is contained in:
@@ -2711,3 +2711,102 @@ Next recommended step:
|
||||
1. continue with Phase 12.2 and tighten the guest-side runtime/operator diagnostics
|
||||
2. remove or reduce the most distracting remaining boot/runtime rough edges where the fixes are small and local
|
||||
3. keep the deployment path stable so Phase 13 can start from a sharper baseline
|
||||
|
||||
## 2026-04-02 — Phase 12.2: guest runtime diagnostics tightened and `/etc` handling improved
|
||||
|
||||
Completed work:
|
||||
|
||||
- wrote the Phase 12.2 report:
|
||||
- `docs/reports/phase12-runtime-diagnostics-freebsd.md`
|
||||
- updated `modules/fruix/system/freebsd.scm` so selected database-backed `/etc` files are now materialized as regular files in the guest rootfs instead of symlinks:
|
||||
- `/etc/passwd`
|
||||
- `/etc/master.passwd`
|
||||
- `/etc/group`
|
||||
- `/etc/login.conf`
|
||||
- the generated activation script now refreshes those files from `/run/current-system/etc` before rebuilding FreeBSD databases
|
||||
- activation now writes a guest-visible log:
|
||||
- `/var/log/fruix-activate.log`
|
||||
- with markers including:
|
||||
- `fruix-activate:start`
|
||||
- `fruix-activate:cap_mkdb=ok`
|
||||
- `fruix-activate:pwd_mkdb=ok`
|
||||
- `fruix-activate:done`
|
||||
- exit status marker via shell trap
|
||||
- tightened closure permissions slightly by making:
|
||||
- `etc/master.passwd`
|
||||
mode `0600`
|
||||
- upgraded validation harnesses so they now assert the improved runtime behavior directly:
|
||||
- `tests/system/run-phase8-system-image.sh`
|
||||
- now checks that image `/etc/login.conf` is a regular file
|
||||
- now checks that image `/etc/master.passwd` is a regular file
|
||||
- `tests/system/run-phase9-xcpng-boot.sh`
|
||||
- `tests/system/run-phase11-shepherd-pid1-xcpng.sh`
|
||||
- `tests/system/run-phase11-shepherd-pid1-qemu.sh`
|
||||
- now check for:
|
||||
- `login_conf_kind=regular`
|
||||
- `login_conf_db=present`
|
||||
- `pwd_dbs=present`
|
||||
- activation log completion marker
|
||||
- fixed a small follow-up bug in the activation log path:
|
||||
- initial implementation used `touch`, which is not staged in the minimal guest
|
||||
- switched to shell redirection instead:
|
||||
- `: >> "$logfile"`
|
||||
|
||||
Validation:
|
||||
|
||||
- `tests/system/run-phase8-system-image.sh` passes locally with the new image-layout checks:
|
||||
- workdir: `/tmp/phase12-2-image-1775159011`
|
||||
- confirmed:
|
||||
- `login_conf_kind=regular`
|
||||
- `master_passwd_kind=regular`
|
||||
- `tests/system/run-phase11-shepherd-pid1-qemu.sh` passes locally again with the new activation/runtime checks:
|
||||
- workdir: `/tmp/phase12-2b-qemu-1775161367`
|
||||
- confirmed:
|
||||
- `activate_log=fruix-activate:start ... fruix-activate:done ...`
|
||||
- `login_conf_kind=regular`
|
||||
- `login_conf_db=present`
|
||||
- `pwd_dbs=present`
|
||||
- `shepherd_pid=1`
|
||||
- `sshd_status=running`
|
||||
- `tests/system/run-phase9-xcpng-boot.sh` passes on the real VM with the new checks:
|
||||
- workdir: `/tmp/phase12-2b-phase9-1775161731`
|
||||
- confirmed:
|
||||
- `activate_log=fruix-activate:start ... fruix-activate:done ...`
|
||||
- `login_conf_kind=regular`
|
||||
- `login_conf_db=present`
|
||||
- `pwd_dbs=present`
|
||||
- `compat_prefix_shims=absent`
|
||||
- `guile_module_smoke=ok`
|
||||
- `shepherd_status=running`
|
||||
- `sshd_status=running`
|
||||
- `tests/system/run-phase11-shepherd-pid1-xcpng.sh` passes on the real VM with the new checks:
|
||||
- workdir: `/tmp/phase12-2b-phase11-1775162210`
|
||||
- confirmed:
|
||||
- `activate_log=fruix-activate:start ... fruix-activate:done ...`
|
||||
- `login_conf_kind=regular`
|
||||
- `login_conf_db=present`
|
||||
- `pwd_dbs=present`
|
||||
- `compat_prefix_shims=absent`
|
||||
- `guile_module_smoke=ok`
|
||||
- `shepherd_pid=1`
|
||||
- `sshd_status=running`
|
||||
|
||||
Important findings:
|
||||
|
||||
- the old symlink-based handling for login/password database inputs was a real mismatch with FreeBSD expectations; making those files regular in the guest was a better fit than leaving them store-backed symlinks
|
||||
- adding a direct activation log materially improves post-boot diagnosis and avoids guessing whether activation actually completed
|
||||
- the first attempt exposed a missing-userland dependency (`touch`) quickly; because the new diagnostics were explicit, the follow-up fix was immediate and local
|
||||
- both validated boot paths still hold after this change:
|
||||
- `freebsd-init+rc.d-shepherd`
|
||||
- `shepherd-pid1`
|
||||
|
||||
Current assessment:
|
||||
|
||||
- the current Fruix guest remains intentionally minimal, but its runtime behavior is now less prototype-noisy and easier to inspect as a basic FreeBSD-like system
|
||||
- this is exactly the kind of targeted hardening that makes the existing system a better launch point for native FreeBSD base-build work
|
||||
|
||||
Next recommended step:
|
||||
|
||||
1. complete Phase 12.3 by making the host-staged FreeBSD base boundary explicit in the package/model layer and docs
|
||||
2. document the first intended replacement order for native world/kernel work
|
||||
3. then begin Phase 13 with a clearer transitional boundary
|
||||
|
||||
Reference in New Issue
Block a user