[Pkg-sysvinit-devel] Bug#665827: initscripts: be more strict about ischroot usage
Yves-Alexis Perez
corsac at debian.org
Mon Mar 26 13:18:39 UTC 2012
Package: initscripts
Version: 2.88dsf-22.1
Severity: normal
Hi,
ischroot can return 0/1 depending on if a chroot is detected or not, but
it can also return 2 when it failed to do the detection. This might
happen for example when /proc is not available (USEPROC=false in
pbuilder/cowbuilder) or /proc/1 is not available in a chroot
(grsec kernels).
Right not, initscript postinst only check for 0 / !0, which means in
case the detection fails, it'll behaves as if it wasn't a chroot. I
think there should be a third case for 2, where you don't know, and thus
shouldn't fail the same way if something bad happens.
Regards,
--
Yves-Alexis
-- System Information:
Debian Release: wheezy/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (500, 'oldstable')
Architecture: amd64 (x86_64)
Kernel: Linux 3.2.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages initscripts depends on:
ii coreutils 8.13-3.1
ii debianutils 4.2.2
ii libc6 2.13-27
ii lsb-base 3.2+Debian31
ii mount 2.20.1-4
ii sysv-rc 2.88dsf-22.1
ii sysvinit-utils 2.88dsf-22.1
ii ucf 3.0025+nmu2
Versions of packages initscripts recommends:
ii e2fsprogs 1.42.1-2
ii psmisc 22.16-1
initscripts suggests no packages.
-- Configuration Files:
/etc/init.d/mountdevsubfs.sh changed:
PATH=/sbin:/bin
TTYGRP=5
TTYMODE=620
[ -f /etc/default/devpts ] && . /etc/default/devpts
KERNEL="$(uname -s)"
. /lib/init/vars.sh
. /lib/init/tmpfs.sh
. /lib/lsb/init-functions
. /lib/init/mount-functions.sh
mount_filesystems () {
MNTMODE="$1"
# Mount a tmpfs on /run/shm
if [ ! -d /run/shm ]
then
mkdir --mode=755 /run/shm
[ -x /sbin/restorecon ] && /sbin/restorecon /run/shm
fi
if [ yes = "$RAMSHM" ] || read_fstab_entry /run/shm tmpfs; then
domount "$MNTMODE" tmpfs shmfs /run/shm tmpfs "-onoexec,nosuid,nodev$SHM_OPT"
else
chmod "$SHM_MODE" /run/shm
fi
# Migrate early, so /dev/shm is available from the start
if [ "$MNTMODE" = mount_noupdate ] || [ "$MNTMODE" = mount ]; then
run_migrate /dev/shm /run/shm ../run/shm
fi
# Mount /dev/pts
if [ "$KERNEL" = Linux ]
then
if [ ! -d /dev/pts ]
then
mkdir --mode=755 /dev/pts
[ -x /sbin/restorecon ] && /sbin/restorecon /dev/pts
fi
domount "$MNTMODE" devpts "" /dev/pts devpts "-onoexec,nosuid,gid=$TTYGRP,mode=$TTYMODE"
fi
}
case "$1" in
"")
echo "Warning: mountdevsubfs should be called with the 'start' argument." >&2
mount_filesystems mount_noupdate
;;
start)
mount_filesystems mount_noupdate
;;
mtab)
mount_filesystems mtab
;;
restart|reload|force-reload)
mount_filesystems remount
;;
stop)
# No-op
;;
*)
echo "Usage: mountdevsubfs [start|stop]" >&2
exit 3
;;
esac
/etc/init.d/mountkernfs.sh changed:
PATH=/sbin:/bin
. /lib/init/vars.sh
. /lib/init/tmpfs.sh
. /lib/lsb/init-functions
. /lib/init/mount-functions.sh
mount_filesystems () {
MNTMODE="$1"
# Needed to determine if root is being mounted read-only.
read_fstab
#
# Get some writable area available before the root is checked
# and remounted. Note that /run may be handed over from the
# initramfs.
#
# If /run/shm is separately mounted, /run can be safely mounted noexec.
RUNEXEC=
if [ yes = "$RAMSHM" ] || read_fstab_entry /run/shm tmpfs; then
RUNEXEC=',noexec'
fi
# TODO: Add -onodev once checkroot no longer creates a device node.
domount "$MNTMODE" tmpfs shmfs /run tmpfs "-onodev,nosuid$RUNEXEC$RUN_OPT"
[ -x /sbin/restorecon ] && /sbin/restorecon -r /run
[ -f /run/.ramfs ] || touch /run/.ramfs
# Make lock directory as the replacement for /var/lock
[ -d /run/lock ] || mkdir --mode=755 /run/lock
[ -x /sbin/restorecon ] && /sbin/restorecon /run/lock
# Mount /run/lock as tmpfs if enabled. This prevents user DoS
# of /run by filling /run/lock at the expense of using an
# additional tmpfs.
if [ yes = "$RAMLOCK" ] || read_fstab_entry /run/lock tmpfs; then
domount "$MNTMODE" tmpfs shmfs /run/lock tmpfs "-onodev,noexec,nosuid$LOCK_OPT"
else
chmod "$LOCK_MODE" /run/lock
fi
[ -f /run/lock/.ramfs ] || touch /run/lock/.ramfs
# If /tmp is a symlink, make sure the linked-to directory exists.
if [ -L /tmp ] && [ ! -d /tmp ]; then
TMPPATH="$(readlink /tmp)"
mkdir -p --mode=755 "$TMPPATH"
[ -x /sbin/restorecon ] && /sbin/restorecon "$TMPPATH"
fi
# If root is read only, default to mounting a tmpfs on /tmp,
# unless one is due to be mounted from fstab.
if [ rw != "$rootmode" ]; then
# If there's an entry in fstab for /tmp (any
# filesystem type, not just tmpfs), then we don't need
# a tmpfs on /tmp by default.
if read_fstab_entry /tmp ; then
:
else
RAMTMP="yes"
fi
fi
# Mount /tmp as tmpfs if enabled.
if [ yes = "$RAMTMP" ] || read_fstab_entry /tmp tmpfs; then
domount "$MNTMODE" tmpfs shmfs /tmp tmpfs "-onodev,nosuid$TMP_OPT"
else
# When root is still read only, this will fail.
if [ mount_noupdate != "$MNTMODE" ] && [ rw = "$rootmode" ]; then
chmod "$TMP_MODE" /tmp
fi
fi
# Make pidfile omit directory for sendsigs
[ -d /run/sendsigs.omit.d ] || mkdir --mode=755 /run/sendsigs.omit.d/
#
# Mount proc filesystem on /proc
#
domount "$MNTMODE" proc "" /proc proc "-onodev,noexec,nosuid"
#
# Mount sysfs on /sys
#
# Only mount sysfs if it is supported (kernel >= 2.6)
if grep -E -qs "sysfs\$" /proc/filesystems
then
domount "$MNTMODE" sysfs "" /sys sysfs "-onodev,noexec,nosuid"
fi
}
case "$1" in
"")
echo "Warning: mountkernfs should be called with the 'start' argument." >&2
mount_filesystems mount_noupdate
;;
start)
mount_filesystems mount_noupdate
;;
mtab)
mount_filesystems mtab
;;
restart|reload|force-reload)
mount_filesystems remount
;;
stop)
# No-op
;;
*)
echo "Usage: mountkernfs [start|stop]" >&2
exit 3
;;
esac
-- no debconf information
More information about the Pkg-sysvinit-devel
mailing list