[Piuparts-devel] Bug#911334: Bug#911334: Create /dev/ptmx like debootstrap does
Andreas Beckmann
anbe at debian.org
Fri Oct 19 09:05:35 BST 2018
On 2018-10-18 21:01, Mathieu Parent wrote:
> Package: piuparts
> Version: 0.92
> Tag: patch
>
> Hello,
>
> When using piuparts on a chroot without /dev/ptmx [noptmx],
> scripts/pre_remove_50_find_bad_permissions fails with:
>
> ERROR: BAD PERMISSIONS
> crw-rw-rw-. 1 root root 5, 2 Oct 16 03:49 /dev/ptmx
I have this in the host/chroot:
$ l -i /srv/piuparts/tmp/tmpLWxqqg/dev/ptmx /srv/piuparts/tmp/tmpLWxqqg/dev/pts/ptmx /dev/ptmx /dev/pts/ptmx
1106 crw-rw-rw- 1 root tty 5, 2 Oct 19 09:51 /dev/ptmx
2 c--------- 1 root root 5, 2 Apr 25 14:45 /dev/pts/ptmx
2 crw-rw-rw- 1 root root 5, 2 Oct 19 09:16 /srv/piuparts/tmp/tmpLWxqqg/dev/ptmx
2 crw-rw-rw- 1 root root 5, 2 Oct 19 09:16 /srv/piuparts/tmp/tmpLWxqqg/dev/pts/ptmx
$ mount | grep tmpLWxqqg
proc on /srv/piuparts/tmp/tmpLWxqqg/proc type proc (rw,relatime)
devpts on /srv/piuparts/tmp/tmpLWxqqg/dev/pts type devpts (rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=666)
devpts on /srv/piuparts/tmp/tmpLWxqqg/dev/ptmx type devpts (rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=666)
devpts on /srv/piuparts/tmp/tmpLWxqqg/dev/console type devpts (rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000)
tmpfs on /srv/piuparts/tmp/tmpLWxqqg/dev/shm type tmpfs (rw,relatime,size=65536k)
and do not get the error.
>
> In this case, piuparts does something like this:
>
> touch /dev/ptmx
> mount -o bind /dev/pts/ptmx /dev/ptmx
That sounds wrong, since we have
self.mount("devpts", "/dev/pts", fstype="devpts", opts="newinstance,noexec,nosuid,gid=5,mode=0620,ptmxmode=0666")
self.mount(self.relative("dev/pts/ptmx"), "/dev/ptmx", opts="bind", no_mkdir=True)
and your change would take the /dev/pts/ptmx from the host.
> The kernel doc [devpts.txt] recommends instead:
>
> mknod /dev/ptmx c 5 2
>
> And this is what debootstrap does [debootstrap].
as can be seen in the piuparts chroot tarball:
$ less sid_amd64.tar.gz | grep /dev/
drwxr-xr-x root/root 0 2018-10-18 20:36 ./dev/
crw--w---- piupartss/tty 136,8 2018-10-18 20:29 ./dev/console
lrwxrwxrwx root/root 0 2018-10-18 20:31 ./dev/stderr -> /proc/self/fd/2
lrwxrwxrwx root/root 0 2018-10-18 20:31 ./dev/stdout -> /proc/self/fd/1
lrwxrwxrwx root/root 0 2018-10-18 20:31 ./dev/stdin -> /proc/self/fd/0
lrwxrwxrwx root/root 0 2018-10-18 20:31 ./dev/fd -> /proc/self/fd
crw-rw-rw- root/root 5,2 2018-10-18 20:36 ./dev/ptmx
drwxrwxrwt root/root 0 2018-10-18 20:36 ./dev/shm/
drwxr-xr-x root/root 0 2018-10-18 20:36 ./dev/pts/
crw-rw-rw- root/root 5,0 2018-10-18 20:31 ./dev/tty
crw-rw-rw- root/root 1,9 2018-10-18 20:31 ./dev/urandom
crw-rw-rw- root/root 1,8 2018-10-18 20:31 ./dev/random
crw-rw-rw- root/root 1,7 2018-10-18 20:31 ./dev/full
crw-rw-rw- root/root 1,5 2018-10-18 20:31 ./dev/zero
crw-rw-rw- root/root 1,3 2018-10-18 20:31 ./dev/null
and piuparts mounts the ptmx from $chroot/dev/pts/ptmx
(newinstance devpts) over $chroot/dev/ptmx
> I propose to map the piuparts behavior with debootstrap's.
>
> My proposed change is at
> https://salsa.debian.org/debian/piuparts/merge_requests/2
NACK until I understand the problem.
Might we actually have two different problems here?
* dev/ptmx not being set up correctly in the chroot
* something throwing an insecure permissions error?
Andreas
PS: IIRC the pts/ptx/console bits are inspired by the handling in pbuilder
More information about the Piuparts-devel
mailing list