From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id EFE4F138ACE for ; Fri, 27 Feb 2015 16:21:57 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 9E4D5E0963; Fri, 27 Feb 2015 16:21:56 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 511E0E0963 for ; Fri, 27 Feb 2015 16:21:56 +0000 (UTC) Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id E640B340C24 for ; Fri, 27 Feb 2015 16:21:54 +0000 (UTC) Received: from localhost.localdomain (localhost [127.0.0.1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id 63AEE12ACB for ; Fri, 27 Feb 2015 16:21:53 +0000 (UTC) From: "William Hubbs" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "William Hubbs" Message-ID: <1425053684.7bbb73574b44972b0c1b364e24f71623068d7a1c.williamh@OpenRC> Subject: [gentoo-commits] proj/openrc:master commit in: init.d/ X-VCS-Repository: proj/openrc X-VCS-Files: init.d/bootmisc.in X-VCS-Directories: init.d/ X-VCS-Committer: williamh X-VCS-Committer-Name: William Hubbs X-VCS-Revision: 7bbb73574b44972b0c1b364e24f71623068d7a1c X-VCS-Branch: master Date: Fri, 27 Feb 2015 16:21:53 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Archives-Salt: f0a93ba4-cb60-4a6b-b46b-8f70a7b6dc7a X-Archives-Hash: 7be6078d4206bfff61ef119ee213df5e commit: 7bbb73574b44972b0c1b364e24f71623068d7a1c Author: Robin H. Johnson gentoo org> AuthorDate: Fri Feb 27 01:58:22 2015 +0000 Commit: William Hubbs gentoo org> CommitDate: Fri Feb 27 16:14:44 2015 +0000 URL: http://sources.gentoo.org/gitweb/?p=proj/openrc.git;a=commit;h=7bbb7357 bootmisc: clean_run safety improvements. If /tmp or / are read-only, the clean_run function can fail in some very bad ways. 1. dir=$(mktemp -d) returns an EMPTY string on error. 2. "mount -o bind / $dir", and don't check the result of that, 3. "rm -rf $dir/run/*", which removes the REAL /run contents 4. box gets very weird from this point forward Signed-Off-By: Robin H. Johnson gentoo.org> Signed-Off-By: Chip Parker gmail.com> Reported-by: Chip Parker gmail.com> Tested-by: Chip Parker gmail.com> --- init.d/bootmisc.in | 29 +++++++++++++++++++++++++---- 1 file changed, 25 insertions(+), 4 deletions(-) diff --git a/init.d/bootmisc.in b/init.d/bootmisc.in index 2ec075f..dbd258e 100644 --- a/init.d/bootmisc.in +++ b/init.d/bootmisc.in @@ -119,11 +119,32 @@ clean_run() { [ "$RC_SYS" = VSERVER -o "$RC_SYS" = LXC ] && return 0 local dir + # If / is still read-only due to a problem, this will fail! + if ! checkpath -W /; then + eerror "/ is not writable; unable to clean up underlying /run" + return 1 + fi + if ! checkpath -W /tmp; then + eerror "/tmp is not writable; unable to clean up underlying /run" + return 1 + fi + # Now we know that we can modify /tmp and / + # if mktemp -d fails, it returns an EMPTY string + # STDERR: mktemp: failed to create directory via template ‘/tmp/tmp.XXXXXXXXXX’: Read-only file system + # STDOUT: '' + rc=0 dir=$(mktemp -d) - mount --bind / $dir - rm -rf $dir/run/* - umount $dir - rm -rf $dir + if [ -n "$dir" -a -d $dir -a -w $dir ]; then + mount --bind / $dir && rm -rf $dir/run/* || rc=1 + umount $dir + rm -rf $dir + else + rc=1 + fi + if [ $rc -ne 0 ]; then + eerror "Could not clean up underlying /run on /" + return 1 + fi } start()