Hello Harald.
Given that you insist, I'll help you on this...
Please try the attached second version of the patch, which includes the
check you like.
On gio, 2016-04-14 at 13:30 +0200, Harald Hoyer wrote:
> On 14.04.2016 13:18, Guido Trentalancia wrote:
> > Hello Harald.
> >
> > My reply follows the quoted text from previous messages...
> >
> > On gio, 2016-04-14 at 12:33 +0200, Harald Hoyer wrote:
> > > On 12.04.2016 16:41, Guido Trentalancia wrote:
> > > > On mar, 2016-04-12 at 16:24 +0200, Harald Hoyer wrote:
> > > > > Am 12.04.2016 um 16:07 schrieb Guido Trentalancia:
> > > > > > Do not mount the /run directory with the "noexec" option,
> > > > > > otherwise
> > > > > > the
> > > > > > system bootup fails (no binary can be executed, everything
> > > > > > fails
> > > > > > with
> > > > > > permission denied errors).
> > > > > >
> > > > > > The bug was introduced in version 042 (11 Jun 2015) and
> > > > > > affects
> > > > > > all
> > > > > > versions up to 044 (latest) and including git checked out
> > > > > > on 12
> > > > > > Apr
> > > > > > 2016.
> > > > > >
> > > > > > Signed-off-by: Guido Trentalancia <guido@xxxxxxxxxxxxxxxx>
> > > > > > ---
> > > > > > modules.d/99base/init.sh | 2 +-
> > > > > > 1 file changed, 1 insertion(+), 1 deletion(-)
> > > > > >
> > > > > > --- dracut-044/modules.d/99base/init.sh 2015-11-25
> > > > > > 14:22:28.000000000 +0100
> > > > > > +++ dracut-044-99base-init-should-mount-newrun-as-
> > > > > > exec/modules.d/99base/init.sh 2016-04-12
> > > > > > 15:37:44.163185387
> > > > > > +0200
> > > > > > @@ -64,7 +64,7 @@ fi
> > > > > >
> > > > > > if ! ismounted /run; then
> > > > > > mkdir -m 0755 /newrun
> > > > > > - mount -t tmpfs -o
> > > > > > mode=0755,noexec,nosuid,nodev,strictatime
> > > > > > tmpfs /newrun >/dev/null
> > > > > > + mount -t tmpfs -o mode=0755,nosuid,nodev,strictatime
> > > > > > tmpfs
> > > > > > /newrun >/dev/null
> > > > > > cp -a /run/* /newrun >/dev/null 2>&1
> > > > > > mount --move /newrun /run
> > > > > > rm -fr -- /newrun
Do not mount the /run directory with the "noexec" option, otherwise the
system bootup fails (no binary can be executed, everything fails with
permission denied errors).
The bug was introduced with the following commit:
commit c4184b5cf1b4892712de1370f8d2d92e5cc2e705
Author: Nikoli
Date: Sat Nov 15 17:01:18 2014 +0300
and it started to affect version 042 (11 Jun 2015) and greater up and
including version 044 (latest) and git checked out on 13 Apr 2016.
Signed-off-by: Guido Trentalancia <guido@xxxxxxxxxxxxxxxx>
---
modules.d/99base/init.sh | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
--- dracut-042/modules.d/99base/init.sh 2016-04-14 13:34:31.594743542 +0200
+++ dracut-042-99base-init-should-mount-newrun-as-exec-v2/modules.d/99base/init.sh 2016-04-14 13:34:09.442551940 +0200
@@ -64,7 +64,12 @@ fi
if ! ismounted /run; then
mkdir -m 0755 /newrun
- mount -t tmpfs -o mode=0755,noexec,nosuid,nodev,strictatime tmpfs /newrun >/dev/null
+ if [ `echo $(readlink -f /bin/sh) | grep "^/run/"` ]; then
+ mount -t tmpfs -o mode=0755,noexec,nosuid,nodev,strictatime tmpfs /newrun >/dev/null
+ else
+ # the initramfs is based in /run, so don't mount it with noexec
+ mount -t tmpfs -o mode=0755,nosuid,nodev,strictatime tmpfs /newrun >/dev/null
+ fi
cp -a /run/* /newrun >/dev/null 2>&1
mount --move /newrun /run
rm -fr -- /newrun
--
To unsubscribe from this list: send the line "unsubscribe initramfs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
