Bug#251425: marked as done (diskless-image-simple: Dangerous /etc/mtab setup on reboot.)
Your message dated Tue, 13 Sep 2005 09:55:21 +0200
with message-id <20050913075521.GA1577@diziet.irb.hr>
and subject line diskless removed
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 28 May 2004 11:52:47 +0000
>From ivan@selidor.net Fri May 28 04:52:47 2004
Return-path: <ivan@selidor.net>
Received: from 74.red-80-25-29.pooles.rima-tde.net (orm-embar.terramar.selidor.net) [80.25.29.74]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1BTfuo-00011h-00; Fri, 28 May 2004 04:52:46 -0700
Received: from ivan by orm-embar.terramar.selidor.net with local (Exim 4.32)
id 1BTfxy-0005yF-6W; Fri, 28 May 2004 13:56:02 +0200
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Ivan Vilata i Balaguer <ivan@selidor.net>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: diskless-image-simple: Dangerous /etc/mtab setup on reboot.
X-Mailer: reportbug 2.58
Date: Fri, 28 May 2004 13:56:02 +0200
Message-Id: <E1BTfxy-0005yF-6W@orm-embar.terramar.selidor.net>
Sender: Ivan Vilata i Balaguer <ivan@selidor.net>
Delivered-To: submit@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_03_25
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.5 required=4.0 tests=BAYES_10,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2004_03_25
X-Spam-Level:
Package: diskless-image-simple
Version: 0.3.18.0.4
Severity: normal
Hello, I would like to remark a possible situation that may arise
when using local filesystems under diskless. It may cause data loss
and filesystem corruption.
On booting the diskless node, the shared default/root image is
mounted readonly. Then, the node's private default/IP/etc directory
is mounted on top of the shared /etc directory, which results in the
node being able to write its /etc/mtab file. On reboot, remote
filesystems are unmounted, then the local ones.
Let us suppose a modification to the /etc/fstab template has been
done in order to mount a local filesystem of the node (say /tmp). On
boot, filesystems are mounted and they are reflected on the node's
private /etc/mtab. However, on reboot remote filesystems are unmounted
first, so the node's private /etc is unmounted and the shared root and
its /etc directory becomes visible again (the root directory is
obviously not unmounted even if remote). This leaves the local
filesystems mounted but the shared /etc/mtab visible. The contents of
the shared /etc/mtab are not reliable and surely do not contain any
reference to any local filesystem. When init.d/umountfs runs, 'mount'
does not see the local filesystems mounted in the node, and the system
is rebooted without unmounting them, which may lead to serious data
loss and filesystem corruption.
Two solutions come to my mind:
* Editing the shared image /etc/mtab to include the local
mounted filesystems.
* Making a symbolic link from the shared /etc/mtab to
/proc/mounts, the kernel's view of mounted filesystems.
On both cases, unmounting the private /etc would leave a /etc/mtab
file with the local mounted partitions. However, since /proc/mounts
is generated on the fly by the kernel, the second solution would work
out of the box. I have tried it and it does not cause any problems on
the node (on boot or reboot), and neither it does on the server system
while chroot()ing to the shared image to do administrative tasks.
Even mounting /proc in the jail is no problem, since /proc/mounts is
not writable. The problem is that chroot()ing into the jail makes
'mount' unusable until /proc is mounted in it. However, working in
tha jail without /proc mounted makes equally no sense. 'mount' is not
frequently used in such a jail, anyway.
I know this is a rare case, but the solution could avoid dangerous
situations and, in any case, the shared image's /etc/mtab makes no
sense in the state it is left when the shared image is build (neither
does the corresponding node template, buit it does not matter since it
is cleared on boot).
Thanks,
Ivan
-- System Information:
Debian Release: testing/unstable
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.4.24orm
Locale: LANG=ca_ES, LC_CTYPE=ca_ES
---------------------------------------
Received: (at 251425-done) by bugs.debian.org; 13 Sep 2005 07:55:26 +0000
>From mvela@irb.hr Tue Sep 13 00:55:26 2005
Return-path: <mvela@irb.hr>
Received: from mail.irb.hr [161.53.22.8] (UNKNOWN)
by spohr.debian.org with esmtp (Exim 3.36 1 (Debian))
id 1EF5dV-00067X-00; Tue, 13 Sep 2005 00:55:25 -0700
Received: from diziet.irb.hr (diziet.irb.hr [161.53.22.31])
by mail.irb.hr (8.13.3/8.13.3/Debian-6) with ESMTP id j8D7tDOP024226;
Tue, 13 Sep 2005 09:55:13 +0200
Received: from diziet.irb.hr (localhost [127.0.0.1])
by diziet.irb.hr (8.13.4/8.13.4/Debian-4) with ESMTP id j8D7tLv2029532;
Tue, 13 Sep 2005 09:55:21 +0200
Received: (from mvela@localhost)
by diziet.irb.hr (8.13.4/8.13.4/Submit) id j8D7tLkm029530;
Tue, 13 Sep 2005 09:55:21 +0200
Date: Tue, 13 Sep 2005 09:55:21 +0200
From: Matej Vela <vela@debian.org>
To: 77389-done@bugs.debian.org, 88529-done@bugs.debian.org,
101199-done@bugs.debian.org, 107702-done@bugs.debian.org,
107721-done@bugs.debian.org, 138817-done@bugs.debian.org,
144307-done@bugs.debian.org, 158694-done@bugs.debian.org,
158696-done@bugs.debian.org, 162615-done@bugs.debian.org,
164531-done@bugs.debian.org, 164532-done@bugs.debian.org,
246358-done@bugs.debian.org, 246532-done@bugs.debian.org,
251425-done@bugs.debian.org, 254116-done@bugs.debian.org,
261829-done@bugs.debian.org, 262905-done@bugs.debian.org,
293264-done@bugs.debian.org, 293807-done@bugs.debian.org,
311590-done@bugs.debian.org, 311591-done@bugs.debian.org,
315516-done@bugs.debian.org, 316658-done@bugs.debian.org,
319253-done@bugs.debian.org, 326873-done@bugs.debian.org
Subject: diskless removed
Message-ID: <20050913075521.GA1577@diziet.irb.hr>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.5.10i
X-Scanned-By: MIMEDefang 2.51 on 161.53.22.8
Delivered-To: 251425-done@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-3.0 required=4.0 tests=BAYES_00 autolearn=no
version=2.60-bugs.debian.org_2005_01_02
X-CrossAssassin-Score: 13
diskless has been removed from Debian due to bugginess and lack of
maintenance. Similar functionality is provided by lessdisks. For
details, see <http://bugs.debian.org/107808>.
Reply to: