| 1 |
commit: ac3d2bb6b761e72a5b5161639beeb28f37b380a0 |
| 2 |
Author: Robin H. Johnson <robbat2 <AT> gentoo <DOT> org> |
| 3 |
AuthorDate: Fri Feb 27 01:58:22 2015 +0000 |
| 4 |
Commit: Robin H. Johnson <robbat2 <AT> gentoo <DOT> org> |
| 5 |
CommitDate: Fri Feb 27 02:28:41 2015 +0000 |
| 6 |
URL: http://sources.gentoo.org/gitweb/?p=proj/openrc.git;a=commit;h=ac3d2bb6 |
| 7 |
|
| 8 |
bootmisc: clean_run safety improvements. |
| 9 |
|
| 10 |
If /tmp or / are read-only, the clean_run function can fail in some very |
| 11 |
bad ways. |
| 12 |
|
| 13 |
1. dir=$(mktemp -d) returns an EMPTY string on error. |
| 14 |
2. "mount -o bind / $dir", and don't check the result of that, |
| 15 |
3. "rm -rf $dir/run/*", which removes the REAL /run contents |
| 16 |
4. box gets very weird from this point forward |
| 17 |
|
| 18 |
Signed-Off-By: Robin H. Johnson <robbat2 <AT> gentoo.org> |
| 19 |
Signed-Off-By: Chip Parker <infowolfe <AT> gmail.com> |
| 20 |
Reported-by: Chip Parker <infowolfe <AT> gmail.com> |
| 21 |
Tested-by: Chip Parker <infowolfe <AT> gmail.com> |
| 22 |
|
| 23 |
--- |
| 24 |
init.d/bootmisc.in | 33 +++++++++++++++++++++++++++++---- |
| 25 |
1 file changed, 29 insertions(+), 4 deletions(-) |
| 26 |
|
| 27 |
diff --git a/init.d/bootmisc.in b/init.d/bootmisc.in |
| 28 |
index 2ec075f..2f3feee 100644 |
| 29 |
--- a/init.d/bootmisc.in |
| 30 |
+++ b/init.d/bootmisc.in |
| 31 |
@@ -119,11 +119,36 @@ clean_run() |
| 32 |
{ |
| 33 |
[ "$RC_SYS" = VSERVER -o "$RC_SYS" = LXC ] && return 0 |
| 34 |
local dir |
| 35 |
+ # If / is stll read-only due to a problem, this will fail! |
| 36 |
+ mountinfo -q --options-regex '^rw(,|$)' / |
| 37 |
+ if [ $? -ne 0 ]; then |
| 38 |
+ eerror "/ is not writable; unable to clean up underlying /run" |
| 39 |
+ return 1 |
| 40 |
+ fi |
| 41 |
+ # Get the mountpoint used by /tmp (it might be /tmp or /) |
| 42 |
+ tmpmnt=`/usr/bin/stat -c '%m' /tmp` |
| 43 |
+ mountinfo -q --options-regex '^rw(,|$)' $tmpmnt |
| 44 |
+ if [ -n "$tmpmnt" -a $? -ne 0 ]; then |
| 45 |
+ eerror "/tmp is not writable; unable to clean up underlying /run" |
| 46 |
+ return 1 |
| 47 |
+ fi |
| 48 |
+ # Now we know that we can modify /tmp and / |
| 49 |
+ # if mktemp -d fails, it returns an EMPTY string |
| 50 |
+ # STDERR: mktemp: failed to create directory via template ‘/tmp/tmp.XXXXXXXXXX’: Read-only file system |
| 51 |
+ # STDOUT: '' |
| 52 |
+ rc=0 |
| 53 |
dir=$(mktemp -d) |
| 54 |
- mount --bind / $dir |
| 55 |
- rm -rf $dir/run/* |
| 56 |
- umount $dir |
| 57 |
- rm -rf $dir |
| 58 |
+ if [ -n "$dir" -a -d $dir -a -w $dir ]; then |
| 59 |
+ mount --bind / $dir && rm -rf $dir/run/* || rc=1 |
| 60 |
+ umount $dir |
| 61 |
+ rm -rf $dir |
| 62 |
+ else |
| 63 |
+ rc=1 |
| 64 |
+ fi |
| 65 |
+ if [ $rc -ne 0 ]; then |
| 66 |
+ eerror "Could not clean up underlying /run on /" |
| 67 |
+ return 1 |
| 68 |
+ fi |
| 69 |
} |
| 70 |
|
| 71 |
start() |
Archives