Hello Harald. My reply follows the quoted text from previous messages... On gio, 2016-04-14 at 12:33 +0200, Harald Hoyer wrote: > On 12.04.2016 16:41, Guido Trentalancia wrote: > > On mar, 2016-04-12 at 16:24 +0200, Harald Hoyer wrote: > > > Am 12.04.2016 um 16:07 schrieb Guido Trentalancia: > > > > Do not mount the /run directory with the "noexec" option, > > > > otherwise > > > > the > > > > system bootup fails (no binary can be executed, everything > > > > fails > > > > with > > > > permission denied errors). > > > > > > > > The bug was introduced in version 042 (11 Jun 2015) and affects > > > > all > > > > versions up to 044 (latest) and including git checked out on 12 > > > > Apr > > > > 2016. > > > > > > > > Signed-off-by: Guido Trentalancia <guido@xxxxxxxxxxxxxxxx> > > > > --- > > > > modules.d/99base/init.sh | 2 +- > > > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > > > > > --- dracut-044/modules.d/99base/init.sh 2015-11-25 > > > > 14:22:28.000000000 +0100 > > > > +++ dracut-044-99base-init-should-mount-newrun-as- > > > > exec/modules.d/99base/init.sh 2016-04-12 > > > > 15:37:44.163185387 > > > > +0200 > > > > @@ -64,7 +64,7 @@ fi > > > > > > > > if ! ismounted /run; then > > > > mkdir -m 0755 /newrun > > > > - mount -t tmpfs -o > > > > mode=0755,noexec,nosuid,nodev,strictatime > > > > tmpfs /newrun >/dev/null > > > > + mount -t tmpfs -o mode=0755,nosuid,nodev,strictatime tmpfs > > > > /newrun >/dev/null > > > > cp -a /run/* /newrun >/dev/null 2>&1 > > > > mount --move /newrun /run > > > > rm -fr -- /newrun > > > > > > > > > > Which binary resides in /run ?? > > > > > > The whole initram filesystem binaries, including > > (/run/initramfs)/bin, > > (/run/initramfs)/sbin, (/run/initramfs)/usr/bin and > > (/run/initramfs)/usr/sbin. [...] > > The patch has been tested and it works fine. Without the patch, > > dracut > > is unusable (the system cannot be booted). [...] > I would prefer something like this. Care to check, if that solves it? No, it does NOT work. Harald, you should apply the patch I sent to you (and quoted above), unmodified in order to sort out this major bug which produces unbootable initram filesystems. > diff --git a/modules.d/99base/init.sh b/modules.d/99base/init.sh > index bd7ef70..31126d6 100755 > --- a/modules.d/99base/init.sh > +++ b/modules.d/99base/init.sh > @@ -64,7 +64,12 @@ fi > > if ! ismounted /run; then > mkdir -m 0755 /newrun > - mount -t tmpfs -o mode=0755,noexec,nosuid,nodev,strictatime > tmpfs /newrun >/dev/null > + if ! str_starts "$(readlink -f /bin/sh)" "/run"; then > + mount -t tmpfs -o mode=0755,noexec,nosuid,nodev,strictatime > tmpfs /newrun >/dev/null > + else > + # the initramfs is based in /run, so don't mount it with > noexec > + mount -t tmpfs -o mode=0755,nosuid,nodev,strictatime tmpfs > /newrun >/dev/null > + fi > cp -a /run/* /newrun >/dev/null 2>&1 > mount --move /newrun /run > rm -fr -- /newrun Regards, Guido -- To unsubscribe from this list: send the line "unsubscribe initramfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
