Subject: Re: PR 36963
To: Jan Danielsson <email@example.com>
From: Bill Stouder-Studenmund <firstname.lastname@example.org>
Date: 09/22/2007 19:39:13
Content-Type: text/plain; charset=us-ascii
On Sun, Sep 23, 2007 at 01:39:31AM +0200, Jan Danielsson wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
> Bill Stouder-Studenmund wrote:
> >>> Hm. Here's a thought: if he's logging in on the console, init might =
> >>> using a a file descriptor bound to the device node _outside_ the chro=
> >>> I can think of a few ways chaos could then ensue, given subtle bugs in
> >>> the session-handling or device alias detection code...
> >> By "chaos", do you mean "what you are currently seeing", or do you
> >> mean "everything will be fubar Any Time Now"?
> > I'm not Thor (nor do I play one on TV), but I suspect something more ak=
> > to "what you are currently seeing".
> That's what I thought; but I tend to get a little pessimistic when my
> system isn't working as I want it to. :)
> > Since it seems to be the statvfs path munging code that's at issue, try=
> > putting printf()s in it indicating what's going on.
> I will. On that note; do printf()'s end up in dmesg?
> > As a total aside, I think that code is questionable in this case. The i=
> > behind it is (I think) to hide mount points that aren't in the chroot, =
> > to not leak info about the chroot path.
> > As I understand this case, though, your chroot is the mount point. :-)
> Hmm.. In this thread, I've detected a hint of the opinion that the
> init.root sysctl is a bad idea to begin with. I guess I should have
> asked first; but OTOH, it was a documented feature, so I didn't expect
> it to blow up in my face this bad. :(
I think it's more experimental than we expected.
=46rom thinking about things, I think that the problem is that we really=20
need something more akin to the pivot system call. The issue is that while=
the root you end up with isn't the root that the kernel booted with, it=20
really should be considered the root node of the system. Not the root node=
of some chroot environment the admin cooked up to keep your programs=20
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (NetBSD)
-----END PGP SIGNATURE-----