| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 04 Aug 2014 15:59:08 -0700 From: ebiederm@...ssion.com (Eric W. Biederman) To: Richard Weinberger <richard@....at> Cc: Ram Pai <linuxram@...ibm.com>, linux-fsdevel <linux-fsdevel@...r.kernel.org>, Al Viro <viro@...iv.linux.org.uk>, Christoph Hellwig <hch@...radead.org>, Paul McKenney <paulmck@...ux.vnet.ibm.com>, Jeff Mahoney <jeffm@...e.com>, sahne@...0.at, "linux-kernel\@vger.kernel.org" <linux-kernel@...r.kernel.org> Subject: Re: MNT_DETACH and mount namespace issue Richard Weinberger <richard@....at> writes: > Am 04.08.2014 18:46, schrieb Eric W. Biederman: >> Richard Weinberger <richard.weinberger@...il.com> writes: >> >>> On Sat, Aug 2, 2014 at 12:09 AM, Eric W. Biederman >>> <ebiederm@...ssion.com> wrote: [snip] >> >> Hmm. That problem does sound familiar. >> >> Is the problem oversharing? Is the problem that the mount of /proc in >> the chroot directory is propogating into other mount namespaces that >> don't care? > > /proc is propagating into another mount namespaces that does not care. > This happens because systemd creates for several services a mount namespace and sets > the root tree to MS_SHARED. Unless you are in the primary mount namespace when having this issue it would be good to run mount make-rprivate / before mounting your new /proc. >> If the problem is over propogating I would argue that KIWI needs to >> use a mount namespace instead of a chroot and to tweak the mount >> namespace so the mount of /proc simply does not leak out. >> >> Not that the kernel doesn't need to be fixed but that a design where >> mounts propogate everywhere is a problem in userspace anyway, and it is >> likely going to only need to be a handful of lines of code to fix >> userspace cleanly. While the kernel fix or fixes are going to require a >> bit more time. > > KIWI can bypass the issue by not using a lazy unmount of /proc. > But I fear more applications will need fixing. > While I don't think that it was a wise choice from systemd developers to set > / shared by default I agree that systemd is not the root cause of the problem. > It is the messenger. > > It is just annoying that applications stopped working correctly after upgrading > to systemd. Quite. The deep issue here is actually the design of how mount propogation works. If you want the option of mounts to propogate then you are required to make them shared to start with then after creating a mount namespace if you don't want that sharing you have to do "mount --make-rprivate /". Essentially all of this is documented in Documentation/shared-subtress.txt. Although frankly I have yet to find a case where I really want shared subtreess. Though I have found a few cases where because we have to deal with sharing I using sharing to make it not a pain. Ultimately this means is that in every mount namespace that is created we have to turn off sharing if we don't want it. Which usually we don't because mount namespaces are used when complete sharing is undesirable. Eric -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists