1 |
On Thu, 13 Jul 2017 07:09:45 -0400 Rich Freeman wrote: |
2 |
> On Thu, Jul 13, 2017 at 2:30 AM, Andrew Savchenko <bircoph@g.o> wrote: |
3 |
> > On Wed, 12 Jul 2017 17:42:50 -0700 Matt Turner wrote: |
4 |
> >> On Wed, Jul 12, 2017 at 5:29 PM, Lucas Ramage <ramage.lucas94@×××××.com> wrote: |
5 |
> >> > What needs to be changed for the bootloaders? I may be able to assist. |
6 |
> >> |
7 |
> >> The documentation should be updated to say that with OpenRC 0.28 that |
8 |
> >> you'll have to remount efivars as RW before you can install the |
9 |
> >> bootloader (e.g., grub-install) |
10 |
> >> |
11 |
> >> The command I use locally to remount rw (since I have configured |
12 |
> >> efivars to be mounted read-only in fstab) is |
13 |
> >> |
14 |
> >> mount -o remount,rw /sys/firmware/efi/efivars |
15 |
> > |
16 |
> > We don't have that much efi bootloaders. Maybe it will be better |
17 |
> > to update their scripting to remount efivars rw and back ro when |
18 |
> > needed? The same way we have non-efi bootloaders to mount /boot |
19 |
> > partition when needed. |
20 |
> > |
21 |
> |
22 |
> Presumably you'd only want to remount it if it was mounted ro to |
23 |
> start, since it sounds like openrc will be diverging from systemd |
24 |
> behavior here. |
25 |
> |
26 |
> While it seems like a good idea I'm not sure how big an improvement it |
27 |
> is in the larger scheme. We're worried about root accidentially |
28 |
> modifying efivars, but we have no safeguards against root writing to |
29 |
> /dev/sda, and the latter seems much more likely to cause harm, and is |
30 |
> harder to fix. |
31 |
|
32 |
Writing to /dev/sda may kill data stored there, but hardware itself |
33 |
will survive. Writing to efivars kills hardware and this is the |
34 |
motivation for this change. See [1] and [2] for details. Poettering |
35 |
says this is OK to hard brick device, well fine, this is systemd |
36 |
way. OpenRC is smarter here and protects users from unintended |
37 |
disaster. |
38 |
|
39 |
Data can be restored from backup, but hard bricked hardware may |
40 |
become completely dead beyond repair or require a very complicated |
41 |
soldering. So I see this issue much more serious than writing |
42 |
to /dev/sda. |
43 |
|
44 |
[1] https://github.com/openrc/openrc/issues/134 |
45 |
[2] https://github.com/systemd/systemd/issues/2402 |
46 |
|
47 |
Best regards, |
48 |
Andrew Savchenko |