[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#251425: marked as done (diskless-image-simple: Dangerous /etc/mtab setup on reboot.)

Your message dated Tue, 13 Sep 2005 09:55:21 +0200
with message-id <20050913075521.GA1577@diziet.irb.hr>
and subject line diskless removed
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

Received: (at submit) by bugs.debian.org; 28 May 2004 11:52:47 +0000
>From ivan@selidor.net Fri May 28 04:52:47 2004
Return-path: <ivan@selidor.net>
Received: from 74.red-80-25-29.pooles.rima-tde.net (orm-embar.terramar.selidor.net) [] 
	by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
	id 1BTfuo-00011h-00; Fri, 28 May 2004 04:52:46 -0700
Received: from ivan by orm-embar.terramar.selidor.net with local (Exim 4.32)
	id 1BTfxy-0005yF-6W; Fri, 28 May 2004 13:56:02 +0200
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Ivan Vilata i Balaguer <ivan@selidor.net>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: diskless-image-simple: Dangerous /etc/mtab setup on reboot.
X-Mailer: reportbug 2.58
Date: Fri, 28 May 2004 13:56:02 +0200
Message-Id: <E1BTfxy-0005yF-6W@orm-embar.terramar.selidor.net>
Sender: Ivan Vilata i Balaguer <ivan@selidor.net>
Delivered-To: submit@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_03_25 
	(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.5 required=4.0 tests=BAYES_10,HAS_PACKAGE 
	autolearn=no version=2.60-bugs.debian.org_2004_03_25

Package: diskless-image-simple
Severity: normal

      Hello, I would like to remark a possible situation that may arise
  when using local filesystems under diskless.  It may cause data loss
  and filesystem corruption.

      On booting the diskless node, the shared default/root image is
  mounted readonly.  Then, the node's private default/IP/etc directory
  is mounted on top of the shared /etc directory, which results in the
  node being able to write its /etc/mtab file.  On reboot, remote
  filesystems are unmounted, then the local ones.

      Let us suppose a modification to the /etc/fstab template has been
  done in order to mount a local filesystem of the node (say /tmp).  On
  boot, filesystems are mounted and they are reflected on the node's
  private /etc/mtab.  However, on reboot remote filesystems are unmounted
  first, so the node's private /etc is unmounted and the shared root and
  its /etc directory becomes visible again (the root directory is
  obviously not unmounted even if remote).  This leaves the local
  filesystems mounted but the shared /etc/mtab visible.  The contents of
  the shared /etc/mtab are not reliable and surely do not contain any
  reference to any local filesystem.  When init.d/umountfs runs, 'mount'
  does not see the local filesystems mounted in the node, and the system
  is rebooted without unmounting them, which may lead to serious data
  loss and filesystem corruption.

      Two solutions come to my mind:
	* Editing the shared image /etc/mtab to include the local
	  mounted filesystems.
	* Making a symbolic link from the shared /etc/mtab to
	  /proc/mounts, the kernel's view of mounted filesystems.

  On both cases, unmounting the private /etc would leave a /etc/mtab
  file with the local mounted partitions.  However, since /proc/mounts
  is generated on the fly by the kernel, the second solution would work
  out of the box.  I have tried it and it does not cause any problems on
  the node (on boot or reboot), and neither it does on the server system
  while chroot()ing to the shared image to do administrative tasks.
  Even mounting /proc in the jail is no problem, since /proc/mounts is
  not writable.  The problem is that chroot()ing into the jail makes
  'mount' unusable until /proc is mounted in it.  However, working in
  tha jail without /proc mounted makes equally no sense.  'mount' is not
  frequently used in such a jail, anyway.

      I know this is a rare case, but the solution could avoid dangerous
  situations and, in any case, the shared image's /etc/mtab makes no
  sense in the state it is left when the shared image is build (neither
  does the corresponding node template, buit it does not matter since it
  is cleared on boot).


-- System Information:
Debian Release: testing/unstable
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.4.24orm
Locale: LANG=ca_ES, LC_CTYPE=ca_ES

Received: (at 251425-done) by bugs.debian.org; 13 Sep 2005 07:55:26 +0000
>From mvela@irb.hr Tue Sep 13 00:55:26 2005
Return-path: <mvela@irb.hr>
Received: from mail.irb.hr [] (UNKNOWN)
	by spohr.debian.org with esmtp (Exim 3.36 1 (Debian))
	id 1EF5dV-00067X-00; Tue, 13 Sep 2005 00:55:25 -0700
Received: from diziet.irb.hr (diziet.irb.hr [])
	by mail.irb.hr (8.13.3/8.13.3/Debian-6) with ESMTP id j8D7tDOP024226;
	Tue, 13 Sep 2005 09:55:13 +0200
Received: from diziet.irb.hr (localhost [])
	by diziet.irb.hr (8.13.4/8.13.4/Debian-4) with ESMTP id j8D7tLv2029532;
	Tue, 13 Sep 2005 09:55:21 +0200
Received: (from mvela@localhost)
	by diziet.irb.hr (8.13.4/8.13.4/Submit) id j8D7tLkm029530;
	Tue, 13 Sep 2005 09:55:21 +0200
Date: Tue, 13 Sep 2005 09:55:21 +0200
From: Matej Vela <vela@debian.org>
To: 77389-done@bugs.debian.org, 88529-done@bugs.debian.org,
        101199-done@bugs.debian.org, 107702-done@bugs.debian.org,
        107721-done@bugs.debian.org, 138817-done@bugs.debian.org,
        144307-done@bugs.debian.org, 158694-done@bugs.debian.org,
        158696-done@bugs.debian.org, 162615-done@bugs.debian.org,
        164531-done@bugs.debian.org, 164532-done@bugs.debian.org,
        246358-done@bugs.debian.org, 246532-done@bugs.debian.org,
        251425-done@bugs.debian.org, 254116-done@bugs.debian.org,
        261829-done@bugs.debian.org, 262905-done@bugs.debian.org,
        293264-done@bugs.debian.org, 293807-done@bugs.debian.org,
        311590-done@bugs.debian.org, 311591-done@bugs.debian.org,
        315516-done@bugs.debian.org, 316658-done@bugs.debian.org,
        319253-done@bugs.debian.org, 326873-done@bugs.debian.org
Subject: diskless removed
Message-ID: <20050913075521.GA1577@diziet.irb.hr>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.5.10i
X-Scanned-By: MIMEDefang 2.51 on
Delivered-To: 251425-done@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
	(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-3.0 required=4.0 tests=BAYES_00 autolearn=no 
X-CrossAssassin-Score: 13

diskless has been removed from Debian due to bugginess and lack of
maintenance.  Similar functionality is provided by lessdisks.  For
details, see <http://bugs.debian.org/107808>.

Reply to: