[Pkg-sysvinit-devel] Re: Use only one tmpfs for /lib/init/rw/, /var/run/ and /var/lock/?

Petter Reinholdtsen pere at hungry.com
Sun Sep 24 06:43:34 UTC 2006 

[Petter Reinholdtsen] wrote:
> The only problem I see with this approach, is that the nodev and
> noexec options must be dropped from the mount points, to allow all
> users of /lib/init/rw/, /var/run/ and /var/lock/ the features they
> need.  I guess /dev/shm/ also should be bind-mounted to /var/run/rw/
> if we go this route.

Here is a testet patch to do it.  I made the bind-mounts show up in
mtab.  If we want them to stay hidden, we can set the fs type to
'none' instead of 'unknown'.  I decided to keep /dev/shm/ as a
separate file system if SHM_SIZE or TMPFS_SIZE was set.  Not sure if
it make sense, but the idea is to avoid changing the behaviour of
/dev/shm/ for already installed systems where the size has been
reduced or increased.

Index: debian/initscripts/lib/init/mount-functions.sh
===================================================================
--- debian/initscripts/lib/init/mount-functions.sh	(revision 965)
+++ debian/initscripts/lib/init/mount-functions.sh	(working copy)
@@ -126,40 +126,25 @@
 	# copies of the /var/run and /var/lock mounts elsewhere on the root
 	# filesystem so they can be moved back.
 	if [ yes = "$RAMRUN" ] ; then
-		mkdir /lib/init/rw/var.run
-		mount -n --bind /var/run /lib/init/rw/var.run
+		umount /var/run
 	fi
 	if [ yes = "$RAMLOCK" ] ; then
-		mkdir /lib/init/rw/var.lock
-		mount -n --bind /var/lock /lib/init/rw/var.lock
+		umount /var/lock
 	fi
 }
 
 #
 # Restore /var/run and /var/lock mountpoints if something was mounted
-# as /var/.  Avoid mounting them back over themselves if nothing was
-# mounted as /var/ by checking if /var/run/ and /var/lock/ are still
-# mount points.  Enabling RAMRUN and RAMLOCK while listing /var/run or
+# as /var/.  Enabling RAMRUN and RAMLOCK while listing /var/run or
 # /var/lock in /etc/fstab is not supported.
 #
 post_mountall ()
 {
+	# Mount /var/run and /var/lock as tmpfs if enabled
 	if [ yes = "$RAMRUN" ] ; then
-		[ -d /var/run ] || mkdir /var/run
-		if mountpoint -q /var/run ; then
-			umount /lib/init/rw/var.run
-		else
-			mount -n --move /lib/init/rw/var.run /var/run
-		fi
-		rmdir /lib/init/rw/var.run
+		mount -t unknown --bind /lib/init/rw/run /var/run
 	fi
 	if [ yes = "$RAMLOCK" ] ; then
-		[ -d /var/lock ] || mkdir /var/lock
-		if mountpoint -q /var/lock ; then
-			umount /lib/init/rw/var.lock
-		else
-			mount -n --move /lib/init/rw/var.lock /var/lock
-		fi
-		rmdir /lib/init/rw/var.lock
+		mount -t unknown --bind /lib/init/rw/lock /var/lock
 	fi
 }
Index: debian/initscripts/etc/init.d/mountkernfs.sh
===================================================================
--- debian/initscripts/etc/init.d/mountkernfs.sh	(revision 964)
+++ debian/initscripts/etc/init.d/mountkernfs.sh	(working copy)
@@ -45,11 +45,15 @@
 
 	# Mount /var/run and /var/lock as tmpfs if enabled
 	if [ yes = "$RAMRUN" ] ; then
-		domount tmpfs "" /var/run varrun -omode=0755,nosuid
+		mkdir /lib/init/rw/run
+		chmod 755 /lib/init/rw/run
+		mount -n --bind /lib/init/rw/run /var/run
 		touch /var/run/.ramfs
 	fi
 	if [ yes = "$RAMLOCK" ] ; then
-		domount tmpfs "" /var/lock varlock -omode=1777,nodev,noexec,nosuid
+		mkdir /lib/init/rw/lock
+		chmod 1777 /lib/init/rw/lock
+		mount -n --bind /lib/init/rw/lock /var/lock
 		touch /var/lock/.ramfs
 	fi
 
Index: debian/initscripts/etc/init.d/mtab.sh
===================================================================
--- debian/initscripts/etc/init.d/mtab.sh	(revision 963)
+++ debian/initscripts/etc/init.d/mtab.sh	(working copy)
@@ -118,10 +117,10 @@
 		domtab sysfs /sys sysfs -onodev,noexec,nosuid
 	fi
 	if [ yes = "$RAMRUN" ] ; then
-		domtab tmpfs /var/run "varrun" -omode=0755,nodev,noexec,nosuid
+		domtab unknown /var/run /lib/init/rw/run --bind
 	fi
 	if [ yes = "$RAMLOCK" ] ; then
-		domtab tmpfs /var/lock "varlock" -omode=1777,nodev,noexec,nosuid
+		domtab unknown /var/lock /lib/init/rw/lock --bind
 	fi
 	if [ -d /proc/bus/usb ]
 	then
@@ -132,9 +131,13 @@
 	domtab tmpfs /dev "udev" -omode=0755
 
 	# S04mountdevsubfs
-	SHM_OPT=
-	[ "${SHM_SIZE:=$TMPFS_SIZE}" ] && SHM_OPT="-osize=$SHM_SIZE"
-	domtab tmpfs /dev/shm tmpfs $SHM_OPT
+	if [ "$SHM_SIZE" ] || [ "$TMPFS_SIZE" ] ; then
+		SHM_OPT=
+		[ "${SHM_SIZE:=$TMPFS_SIZE}" ] && SHM_OPT="-osize=$SHM_SIZE"
+		domtab tmpfs /dev/shm tmpfs $SHM_OPT
+	else
+		domtab unknown /dev/shm /lib/init/rw/shm --bind
+	fi
 	domtab devpts /dev/pts "devpts" -onoexec,nosuid,gid=$TTYGRP,mode=$TTYMODE
 
 	# Add everything else in /proc/mounts into /etc/mtab, with
Index: debian/initscripts/etc/init.d/mountdevsubfs.sh
===================================================================
--- debian/initscripts/etc/init.d/mountdevsubfs.sh	(revision 962)
+++ debian/initscripts/etc/init.d/mountdevsubfs.sh	(working copy)
@@ -29,11 +29,20 @@
 
 do_start () {
 	#
-	# Mount a tmpfs on /dev/shm
+	# Mount a tmpfs on /dev/shm if SHM_SIZE or TMPFS_SIZE is set.
+	# Otherwise, bind-mount from /lib/init/rw/.
 	#
-	SHM_OPT=
-	[ "${SHM_SIZE:=$TMPFS_SIZE}" ] && SHM_OPT=",size=$SHM_SIZE"
-	domount tmpfs shmfs /dev/shm tmpfs -onoexec,nosuid,nodev$SHM_OPT
+	if [ "$SHM_SIZE" ] || [ "$TMPFS_SIZE" ] ; then
+		SHM_OPT=
+		[ "${SHM_SIZE:=$TMPFS_SIZE}" ] && SHM_OPT=",size=$SHM_SIZE"
+		domount tmpfs shmfs /dev/shm tmpfs -onoexec,nosuid,nodev$SHM_OPT
+	elif mountpoint -q /dev/shm ; then
+		:
+	else
+		[ -d /lib/init/rw/shm ] || mkdir /lib/init/rw/shm
+		chmod 1777 /lib/init/rw/shm
+		mount -n --bind /lib/init/rw/shm /dev/shm
+	fi
 
 	#
 	# Mount /dev/pts. Create master ptmx node if needed.

More information about the Pkg-sysvinit-devel mailing list