Bug#756593: busybox's switch_root makes read-only NFS root read/write

To: Michael Tokarev <mjt@tls.msk.ru>
Cc: "756593@bugs.debian.org" <756593@bugs.debian.org>
Subject: Bug#756593: busybox's switch_root makes read-only NFS root read/write
From: "Zimmermann, Alexander" <Alexander.Zimmermann@netapp.com>
Date: Fri, 1 Aug 2014 11:37:17 +0000
Message-id: <[🔎] DD218524-DCBA-488B-B428-D8FC08290285@netapp.com>
Reply-to: "Zimmermann, Alexander" <Alexander.Zimmermann@netapp.com>, 756593@bugs.debian.org
In-reply-to: <53DA90AC.5060507@msgid.tls.msk.ru>
References: <066B2F9F-63FF-448D-B03C-DCC0CBE15BE5@netapp.com> <53DA90AC.5060507@msgid.tls.msk.ru>

Hi Michael,

Am 31.07.2014 um 20:53 schrieb Michael Tokarev <mjt@tls.msk.ru>:

> Control: tag -1 + moreinfo
> 
> 31.07.2014 11:56, Zimmermann, Alexander wrote:
>> Package: busybox
>> Version: 1:1.22.0-6
>> Severity: important
>> 
>> Dear Maintainer,
>> 
>> we have a PXE environments in our lab, where we boot both physical boxes
>> and XEN machines via NFS from one centralized Debian SID image. While
>> the kernel/initramfs mounts the image correctly read only (I set a
>> breakpoint just before switch_root get invoked) (see [1]), makes
>> switch_root the NFS root read/write (see [2]).
> 
> Very interesting.
> 
> I can't reproduce this behavor here.  I use remote root a lot,
> also with PXE booting, and never saw a read-write root after
> switch_root run.
> 
> Looking at the source, it only does one mount(2) syscall:
> 
>        // Overmount / with newdir and chroot into it
>        if (mount(".", "/", NULL, MS_MOVE, NULL)) {
>                // For example, fails when newroot is not a mountpoint
>                bb_perror_msg_and_die("error moving root");
> 
> and that’s about it.

We also scanned the source code yesterday quickly. At the first glance
we also saw nothing special here. 


>  So unless the kernel is broken,

Good point. We use a patched vanilla kernel (see below). Maybe the patch
is broken.

> it
> should not result in changing the mount flags in any way.
> 
> And it definitely doesn't change flags when switch_root'ing to
> a regular ext4 or other local filesystem (in a regular initramfs
> which is used by almost all debian systems).
> 
> Maybe you can describe your environment a bit more?

Sure. PXE, DHCP and NFS is provided by a FreeBSD 10.0-Stable box. The PXE
config is:

SERIAL 0 9600
DEFAULT linux
LABEL linux
KERNEL ../kernel/vmlinuz-3.14.0.fas3270-aufs+
APPEND  tsc=reliable acpi=off quiet root=/dev/nfs
nfsroot=192.168.0.1:/usr/local/muclab/image/debian-sid ro boot=nfs root-ro=aufs
ip=:::::eth4:dhcp console=ttyS0 initrd=../initrd/initrd.img-3.14.0.fas3270-aufs+

As you can see, we use a vanilla 3.14 Kernel, patched w/ official AUFS patch (see
http://aufs.sourceforge.net)

To enable/disable AUFS we use a patched version of the root-ro script (see
https://help.ubuntu.com/community/aufsRootFileSystemOnUsbFlash) in our initramfs.
The script is located under /etc/initramfs-tools/scripts/init-bottom/. 

> Where do you set breakpoints?

To ensure that the root-to script isn’t the culprit, I disabled it (and therefore
AUFS too) via cmdline parameter root-ro=false and put a breakpoint right after
(break=init). At the breakpoint, the NFS mount was still ro.

I put another „breakpoint“ in /etc/rc3.d/S01* start script to verify the mount
right after switch_root. Here, the mount was already rw.

Let me double check that AUFS is not broken. I try to boot a vanilla kernel.
I will come back to you w/ the results.

Alex

—-
As a side note, if we boot w/ AUFS, the mount points are right.

alexandz@two:/etc/initramfs-tools$ mount
sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime)
proc on /proc type proc (rw,nosuid,nodev,noexec,relatime)
udev on /dev type devtmpfs (rw,relatime,size=10240k,nr_inodes=2051429,mode=755)
devpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,gid=5,mode=620)
tmpfs on /run type tmpfs (rw,nosuid,noexec,relatime,size=1641472k,mode=755)
192.168.0.1:/usr/local/muclab/image/debian-sid on /mnt/root-ro type nfs (ro,relatime,vers=3,rsize=65536,wsize=65536,namlen=255,hard,nolock,proto=tcp,port=2049,timeo=7,retrans=10,sec=sys,local_lock=all,addr=192.168.0.1)
tmpfs-root on /mnt/root-rw type tmpfs (rw,relatime)
aufs-root on / type aufs (rw,relatime,si=b2127ecf3bdae6c7)
tmpfs on /run/lock type tmpfs (rw,nosuid,nodev,noexec,relatime,size=5120k)
tmpfs on /run/shm type tmpfs (rw,nosuid,nodev,noexec,relatime,size=3282940k)
tmpfs on /tmp type tmpfs (rw,nosuid,nodev,relatime,size=3282940k)
192.168.0.1:/usr/local/muclab/boot on /mnt/boot type nfs (rw,nosuid,nodev,noatime,vers=3,rsize=8192,wsize=8192,namlen=255,hard,nolock,proto=tcp,timeo=600,retrans=2,sec=sys,mountaddr=192.168.0.1,mountvers=3,mountport=945,mountproto=udp,fsc,local_lock=all,addr=192.168.0.1)
rpc_pipefs on /run/rpc_pipefs type rpc_pipefs (rw,relatime)
/etc/auto.home on /home type autofs (rw,relatime,fd=6,pgrp=1894,timeout=300,minproto=5,maxproto=5,indirect)
192.168.0.1:/usr/home/puneeth on /home/puneeth type nfs (rw,noatime,vers=3,rsize=8192,wsize=8192,namlen=255,hard,proto=tcp,timeo=600,retrans=2,sec=sys,mountaddr=192.168.0.1,mountvers=3,mountport=945,mountproto=tcp,local_lock=none,addr=192.168.0.1)
192.168.0.1:/usr/home/alexandz on /home/alexandz type nfs (rw,noatime,vers=3,rsize=8192,wsize=8192,namlen=255,hard,proto=tcp,timeo=600,retrans=2,sec=sys,mountaddr=192.168.0.1,mountvers=3,mountport=945,mountproto=tcp,local_lock=none,addr=192.168.0.1)

> 
> Thanks,
> 
> /mjt

Attachment: signature.asc
Description: Message signed with OpenPGP using GPGMail

Reply to:

Follow-Ups:
- Bug#756593: busybox's switch_root makes read-only NFS root read/write
  - From: Michael Tokarev <mjt@tls.msk.ru>

Prev by Date: Bug#756593: busybox's switch_root makes read-only NFS root read/write
Next by Date: Re: localechooser_2.63_amd64.changes ACCEPTED into unstable
Next by thread: Bug#756593: busybox's switch_root makes read-only NFS root read/write
Index(es):
- Date
- Thread