Bug#806273: marked as done (os-prober: remove or disable-per default the non grub-mount based probing)
Your message dated Fri, 20 Jan 2017 13:04:29 +0000
with message-id <E1cUYrl-000IYw-B3@fasolo.debian.org>
and subject line Bug#648208: fixed in os-prober 1.72
has caused the Debian Bug report #648208,
regarding os-prober: remove or disable-per default the non grub-mount based probing
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)
--
648208: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=648208
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: os-prober: remove or disable-per default the non grub-mount based probing
- From: Christoph Anton Mitterer <calestyo@scientia.net>
- Date: Thu, 26 Nov 2015 02:54:54 +0100
- Message-id: <144850289443.24315.423718274400396835.reportbug@heisenberg.scientia.net>
Package: os-prober
Severity: critical
Justification: causes serious data loss
Hey.
AFAIU, os-prober still falls back to using the non grub-mount based probing,
when the later isn't available.
Also os-prober doesn't in anyway depend on grub, so there is absolutely no
guarantee it would be available.
Now looking at the non-based probing and it's issues:
1) As already reported in several other open bugs, it may cause data
corruptions, as mount -r doesn't mean that nothing on disk may be change.
Typical example is replaying the log of journalled filesystems but als
non journaled filesystems have a log (e.g. btrfs, though it's not used there
for journalling) and there are well known cases in which replaying the log
is totally undesired,... ranging from when you doing forensics on such
devices to rescue measurements, where replaying a broken log might cause even
more damage.
2) Even if it wouldn't potentially cause data corruptions, ro mounting, AFAIU still
may lead to changes one may not want (e.g. last mount time and other meta-data).
Things which, AFAIU, grub's mount doesn't do (at least that's what it claims).
3) And possibly even more problematic and also the reason why I mark this as "causes
serious data loss"
In the code the block device seems to be set read only... (ro_partition "$boottomnt")
WTF?!
No only doesn't the check a few lines before, whether the device is mounted,
guarantee that it's still not rw-mounted a few lines later... but mounted isn't
the only way the underlying block device may be used/modified.
The first thing that pops to my mind is a filesystem repair in operation,
which may easily end up the fs in a even worse state when interrupted.
Or what about devices exported via nbd?
I hope I didn't miss anything, which would protect against the above issues,
but I didn't want to simulate such problems as I'm a bit too concerned about my
data :)
Cheers,
Chris.
--- End Message ---
--- Begin Message ---
Source: os-prober
Source-Version: 1.72
We believe that the bug you reported is fixed in the latest version of
os-prober, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 648208@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Colin Watson <cjwatson@debian.org> (supplier of updated os-prober package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Fri, 20 Jan 2017 12:44:34 +0000
Source: os-prober
Binary: os-prober-udeb os-prober
Architecture: source
Version: 1.72
Distribution: unstable
Urgency: medium
Maintainer: Debian Install System Team <debian-boot@lists.debian.org>
Changed-By: Colin Watson <cjwatson@debian.org>
Description:
os-prober - utility to detect other OSes on a set of drives
os-prober-udeb - utility to detect other OSes on a set of drives (udeb)
Closes: 648208 674561 698598 698733 701814 776275 784709 787418 794409 801631 803155
Changes:
os-prober (1.72) unstable; urgency=medium
.
* Improve logging of mounting and setting partitions to ro/rw (thanks, Ivo
De Decker).
* Use a read-only device-mapper entry if possible rather than setting the
underlying device to read-only (thanks, Ivo De Decker; closes: #701814).
Note that this introduces a dependency on dmsetup on Linux
architectures.
* Remove the "blockdev --setro" code path entirely, since the read-only
device-mapper arrangement supersedes it and should be safer (closes:
#648208).
* Make os-prober-udeb depend on grub-mount-udeb on all Linux and kFreeBSD
architectures, now that it's available on them all (thanks, James
Cowgill; closes: #776275).
* Make os-prober depend on grub-common on Linux and kFreeBSD, in order
that grub-mount is consistently available.
* Fix detection of /usr/ partition as a GNU/Linux root partition when
/lib* directories are moved to /usr/ completely (thanks, Hedayat
Vatankhah; closes: #698733).
* Make the yaboot parser more tolerant about the syntax of "append"
options (thanks, Hedayat Vatankhah; closes: #674561).
* Disable debugging if OS_PROBER_DISABLE_DEBUG is set (thanks, Hedayat
Vatankhah; closes: #698598).
* Replace basename/dirname with shell string processing (thanks, Hedayat
Vatankhah; part of #694668).
* Call dmraid only once (thanks, Jeff Mahoney).
* Fix typos in README (thanks, Nyav; closes: #803155).
* Add os-release support (based loosely on a patch by Török Edwin; closes:
#794409).
* Add Devuan detection (thanks, David Hare; closes: #801631).
* Work harder to avoid trying to mount extended partitions (thanks,
Philippe Coval; closes: #784709).
* Drop " (loader)" suffixes on Microsoft operating systems (thanks, Chris
Lamb; closes: #787418).
Checksums-Sha1:
8438248e4fbc40749b85e37c16cf433db51b3cff 1816 os-prober_1.72.dsc
c7b3b51719328b7cf0258561f4ee9c08f9a21d79 26452 os-prober_1.72.tar.xz
Checksums-Sha256:
f79975ddbd06ed371c3f27a781d423b2d88af6cc04896946f8df03fa42915f70 1816 os-prober_1.72.dsc
13ed24f78e83f0c49e11635891458f067e6c8348be210adda46629dd3b7b627a 26452 os-prober_1.72.tar.xz
Files:
90ced5506beca6dc949347ab30f6e174 1816 debian-installer optional os-prober_1.72.dsc
16ce39ea58a684f102dd7aff1779cbf5 26452 debian-installer optional os-prober_1.72.tar.xz
-----BEGIN PGP SIGNATURE-----
Comment: Colin Watson <cjwatson@debian.org> -- Debian developer
iQIzBAEBCAAdFiEErApP8SYRtvzPAcEROTWH2X2GUAsFAliCBlMACgkQOTWH2X2G
UAuXBw/+J+SAw+8es7Ca2xByEwor4P28IqkoU5uiBZ2zYo4xs727tAo6CVX0yw7Z
ctRSJhOpKF1/FtiIUNq+6E6ZKKRzqEder4S7fRI92e7FXbW0yn5unUz84EvVrcI1
5V/rhEe3y8IrXEgVWMJoY+Vg5/sQWRMHap7HamC0Zj+9zlGmjZkc01gJRr0hTvw/
ApCUhZncVSlqXb7zgjU74HVX3+YHzJaOsZY4XyhVjmEnWlY8U0pNffCnzuxJDTuY
gMDqC9AQmKyA3bhmzgi5DSh+5r6j2nwvYV9a3+xgJZvu0mv6Ng+UNd3p+uS+7BFU
8KdPy3Cnd0Xv/DkMKYdU5sOoFzsDwXF0sxJtlBpJyMFt9ZAnpRz7oxIS7D76HzYI
msUVsvnBLaldkdTKpn9BlhxGVCH1iIlwN6w3aCW/fBNjuA9VBJyEdzzhCuaAfXZC
fYwryq2gXgeowwdvH6rQcu04C7AHWiXulsl9yV1be8OlbRk8yc+CF08Ma7ABAweI
ToYXEupEfdWEkKyQPaGtgoowUquX6cmYKeKBn5E6N2AVgU+yT10JbWeg6VLzlkKe
p3UD6+iFKjfdKCjM9iy9aoyGjDGCy35lqb824R+nAZsGsJmkEMgRFgTMqYtgCOkU
Jtp0pdbat3CXTQn50nbICF77jOzcFM4p2sO3yVOI0sFOa0mitMY=
=lgmu
-----END PGP SIGNATURE-----
--- End Message ---
Reply to: