Bug#806273: Patch for disabling kernel mounts when grub-mount is available
The included patch disables read_only mounts when grub-mount is available.
This patch should also fix #788062 and #648208, which I presume are the
same bug.
According to https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701814#57
it seems that the fallback for kernel mounts were mostly added as a
"conservative fallback".
Actually this conservative fallback can lead to data corruption as shown
in #788062 and #648208 and when a failed grub-mount will be succeeded
by the attempt of a readonly
I am looking forward for comments about the patch since the bug is
release critical and goes back as far as 2011.
>From 58c2cbf7660e93f52e43bdf076a5db9bc95d9889 Mon Sep 17 00:00:00 2001
From: Emmanuel Kasper <e.kasper@proxmox.com>
Date: Tue, 15 Nov 2016 14:52:23 +0100
Subject: [PATCH] do not mount partitions via 'mount' if grub-mount fails on a
block device closes: #806273, #788602
kernel read-only 'mount' via ro_partition causes data loss if the block device
is actually mounted outside our environement (for example via iscsi, or
a virtual machine)
since grub-mount has now support for all the filesystems needed in os-probes/mounted,
(with the execption of QNX) it is assumed to be safe to disable kernel read-only
mounts except for the case where grub-mount is not available
---
debian/control | 2 +-
os-probes/common/50mounted-tests | 17 +++++++++--------
2 files changed, 10 insertions(+), 9 deletions(-)
diff --git a/debian/control b/debian/control
index 10459bd..00c4a63 100644
--- a/debian/control
+++ b/debian/control
@@ -22,7 +22,7 @@ Package: os-prober
Architecture: any
Section: utils
Priority: extra
-Depends: ${shlibs:Depends}, ${misc:Depends}
+Depends: ${shlibs:Depends}, ${misc:Depends}, grub-common [i386 amd64 powerpc ppc64 ppc64el sparc mipsel kfreebsd-i386 kfreebsd-amd64]
Description: utility to detect other OSes on a set of drives
This package detects other OSes available on a system and outputs the
results in a generic machine-readable format.
diff --git a/os-probes/common/50mounted-tests b/os-probes/common/50mounted-tests
index 561163b..f1e35c1 100755
--- a/os-probes/common/50mounted-tests
+++ b/os-probes/common/50mounted-tests
@@ -47,15 +47,16 @@ fi
mounted=
if type grub-mount >/dev/null 2>&1 && \
- type grub-probe >/dev/null 2>&1 && \
- grub-mount "$partition" "$tmpmnt" 2>/dev/null; then
- mounted=1
- type="$(grub-probe -d "$partition" -t fs)" || true
- if [ "$type" ]; then
- debug "mounted using GRUB $type filesystem driver"
- else
- debug "mounted using GRUB, but unknown filesystem?"
+ type grub-probe >/dev/null 2>&1; then
+ if grub-mount "$partition" "$tmpmnt" 2>/dev/null; then
+ mounted=1
+ type="$(grub-probe -d "$partition" -t fs)" || true
+ if [ "$type" ]; then
+ debug "mounted using GRUB $type filesystem driver"
+ else
+ debug "mounted using GRUB, but unknown filesystem?"
type=fuseblk
+ fi
fi
else
ro_partition "$partition"
--
2.1.4
Reply to: