Bug#309932: gnome-system-tools: boot-admin is DANGEROUS
Johannes Rohr
Johannes Rohr <j.rohr@comlink.org>, 309932@bugs.debian.org
Fri, 20 May 2005 17:24:45 +0000
Package: gnome-system-tools
Version: 1.2.0-1
Severity: normal
Tags: experimental
Boot-admin seems to be /very/ experimental.
Even though the doc claims to support GNU/Hurd style booting, boot-admin
fails to recognize an existing GNU/Hurd boot stanza. The properties
dialogue provides only space for a single module. GNU/Hurd needs two of
them and both modules need to be passed arguments, else Hurd will not
boot. BTW: Other multiboot compliant OSes like VSTa or Syllable use even
more modules than Hurd. So boot-admin should support any number of
modules plus individual command line parameters for each of them.
Furthermore, boot-admin fails to recognize certain chainloader commands:
I boot ReactOS through
title ReactOS
root (hd0,0)
makeactive
chainloader /bootsect.ros # This is where ReactOS puts its bootsector if
#it detects an installed NT/XP
savedefault
boot-admin seems to know only the frequently used "chainloader +1" and
fails to understand "chainloader /somefile". Consequently, clicking on
"Properties" and then on OK. will destroy the configuration, replacing
it with:
title ReactOS
rootnoverify (hd0,0)
makeactive
chainloader +1
Note that boot-admin has also silently omitted the "savedefault" line.
Further, boot-admin has completely fucked up the VSTa and GNU/Hurd boot
configuration.
This was before:
title Debian GNU/Hurd 0.3 pre
savedefault
root (hd0,8)
kernel /boot/gnumach.gz root=device:hd0s9
module /hurd/ext2fs.static
--multiboot-command-line=${kernel-command-line}
--host-priv-port=${host-port} --device-master-port=${device-port}
--exec-server-task=${exec-task} -T typed ${root} $(task-create)
$(task-resume)
module /lib/ld.so.1 /hurd/exec $(exec-task=task-create)
This after:
title Debian GNU/Hurd 0.3 pre
root (hd0,8)
kernel /boot/gnumach.gz root=device:hd0s9
module /hurd/ext2fs.static
This was before:
title VSTa 1.6.8
savedefault
root (hd0,0)
kernel /vsta/boot/vsta
module /vsta/boot/cons
module /vsta/boot/namer
module /vsta/boot/wd d0:readp
module /vsta/boot/dos -d //disk/wd:wd0_dos0 -n fs/root
module /vsta/boot/init
This after:
title VSTa 1.6.8
root (hd0,0)
kernel /vsta/boot/vsta
module /vsta/boot/cons
Please not that I did NOT touch the boot configs for those two OS in
boot-admin. I simply clicked on "properties" and then chose "cancel".
However, when you click on O.K. in the main menu, boot-admin will
apparantly rewrite the whole menu.lst, regardless of whether you
actually modified anything.
Fortunately it did not destroy those bits before
### BEGIN AUTOMATIC KERNELS LIST
I.e. the comments that are needed to make Debian's update-grub command
work were left intact. However, all comments following
### END AUTOMATIC KERNELS LIST
were silently deleted.
Well, it its current shape this tool is /dangerous/. І don't know if it
is realistic to expect the upstream developers to implement the full
command syntax that grub offers. If they choose not to do so, they
should at least try to make their tool stay away from entries that it
does not understand. If it encounters such, it should at least WARN
before doing something potentially dangerous like throwing aways
existing command lines, giving full details about what it intends to do.
Thanks,
Johannes
Debian Release: 3.1
APT prefers testing
APT policy: (990, 'testing'), (500, 'unstable'), (101, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.8-2-k7
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Versions of packages gnome-system-tools depends on:
ii libart-2.0-2 2.3.17-1 Library of functions for 2D graphi
ii libatk1.0-0 1.10.1-1 The ATK accessibility toolkit
ii libaudiofile0 0.2.6-6 Open-source version of SGI's audio
ii libbonobo2-0 2.8.1-2 Bonobo CORBA interfaces library
ii libbonoboui2-0 2.8.1-2 The Bonobo UI library
ii libc6 2.3.2.ds1-21 GNU C Library: Shared libraries an
ii libesd-alsa0 [libesd 0.2.35-2 Enlightened Sound Daemon (ALSA) -
ii libgconf2-4 2.10.0-1 GNOME configuration database syste
ii libgcrypt11 1.2.0-11 LGPL Crypto library - runtime libr
ii libglade2-0 1:2.5.1-1 library to load .glade files at ru
ii libglib2.0-0 2.6.4-1 The GLib library of C routines
ii libgnome-keyring0 0.4.2-1 GNOME keyring services library
ii libgnome2-0 2.10.0-1 The GNOME 2 library - runtime file
ii libgnomecanvas2-0 2.8.0-1 A powerful object-oriented display
ii libgnomeui-0 2.10.0-1 The GNOME 2 libraries (User Interf
ii libgnomevfs2-0 2.10.1-3 The GNOME virtual file-system libr
ii libgnutls11 1.0.16-9 GNU TLS library - runtime library
ii libgpg-error0 1.0-1 library for common error values an
ii libgtk2.0-0 2.6.4-1 The GTK+ graphical user interface
ii libice6 4.3.0.dfsg.1-12.0.1 Inter-Client Exchange library
ii libjpeg62 6b-9 The Independent JPEG Group's JPEG
ii libnautilus-extensio 2.10.0-1 libraries for nautilus components
ii liborbit2 1:2.12.2-1 libraries for ORBit2 - a CORBA ORB
ii libpango1.0-0 1.8.1-1 Layout and rendering of internatio
ii libpopt0 1.7-5 lib for parsing cmdline parameters
ii libsm6 4.3.0.dfsg.1-12.0.1 X Window System Session Management
ii libtasn1-2 0.2.10-4 Manage ASN.1 structures (runtime)
ii libx11-6 4.3.0.dfsg.1-12.0.1 X Window System protocol client li
ii libxml2 2.6.16-7 GNOME XML library
ii perl 5.8.4-8 Larry Wall's Practical Extraction
ii system-tools-backend 1.2.0-1 System Tools to manage computer co
ii xlibs 4.3.0.dfsg.1-12 X Keyboard Extension (XKB) configu
ii zlib1g 1:1.2.2-4 compression library - runtime
-- no debconf information