[klibc] [PATCH 6/8] switch_root: Fix single file mounts

Michal Suchanek michal.suchanek at ruk.cuni.cz
Fri Jul 29 01:15:29 PDT 2011 

Excerpts from Mike Waychison's message of Thu Jul 28 19:26:06 +0200 2011:
> On Wed, Jul 27, 2011 at 12:42 PM, maximilian attems <max at stro.at> wrote:
> > On Mon, 18 Jul 2011, Michal Suchanek wrote:
> >
> >> Hello,
> >>
> >> Excerpts from maximilian attems's message of Wed Jul 13 15:48:31 +0200 2011:
> >> > From: Michal Suchanek <michal.suchanek at ruk.cuni.cz>
> >> >
> >> > The root of the failure is that nuke cannot cope with file
> >> > mounts (single files mounted, not directories). These are the result of
> >> > using fuse to get to the root filesystem (httpfs, curlftpfs).
> 
> Why not just add support for unmounting the file?

Most likely it will be busy (backing /new_root).

> 
> >> >
> >> > This fixes
> >> > http://bugs.debian.org/476268
> >>
> >> thanks for looking into this.
> >>
> >> Since this is a long-standing issue I wrapped the file mount in a tmpfs
> >> mount as a workaround.
> 
> How does this work?

The mountpoint is picked up by another part of the script and moved
somewhere where it does not get in the way of nuke_initramfs.

> 
> >>
> >> I hope this makes life easier for people trying to use klibc in the
> >> future.
> >
> > after the post I'm less convinced of this patchset.
> > What is the meaning of such a left mounted tmpfs in initramfs?
> > One can't access it afterwards from the new root.
> >
> > as you can read in the following post mikew also opted for the
> > strict error http://www.zytor.com/pipermail/klibc/2011-July/003002.html
> > handling as it is currently done in run-init.
> 
> I deliberately fail on error in the above only if the new command line
> flag is specified, as ignoring the errors would imply a failure of
> matching the intentions of the flag, which can be detrimental because
> the intent is to restrict userland's posix capabilities (as a security
> measure).
> 
> >
> > the util-linux switch_root is in contrary very lax, but that
> > way dev errors can't be catched.
> 
> Agreed.   If anything we should fix the cases that can be handled
> (like unmounting of files) and complain loudly with developer-oriented
> messages in the logs whenever we gracefully fail in the nuke case.

Foremost the expectations of nuke_initramfs should be documented so that
people know what they code for when writing initramfs scripts without
adding their own debug messages into switch_root.

Thanks

Michal

More information about the klibc mailing list