On Mon, Sep 25 2017, John Stoffel wrote:
>>>>>> "NeilBrown" == NeilBrown <neilb@xxxxxxxx> writes:
>
> NeilBrown> Creating an array by opening a block-device with major number of 9
> NeilBrown> will transparently load the md module if needed.
> NeilBrown> Creating an array by opening
> NeilBrown> /sys/module/md_mod/parameters/new_array
> NeilBrown> and writing to it won't, it will just fail if md_mod isn't loaded.
>
> NeilBrown> So when opening that file fails with ENOENT, run "modprobe md_mod" and
> NeilBrown> try again.
>
> NeilBrown> This fixes a bug whereby if you have "CREATE names=yes" in mdadm.conf,
> NeilBrown> and the md modules isn't loaded, then creating or assembling an
> NeilBrown> array will not honor the "names=yes" configuration.
>
> NeilBrown> Signed-off-by: NeilBrown <neilb@xxxxxxxx>
> NeilBrown> ---
> NeilBrown> mdopen.c | 4 ++++
> NeilBrown> 1 file changed, 4 insertions(+)
>
> NeilBrown> diff --git a/mdopen.c b/mdopen.c
> NeilBrown> index 3c0052f2db23..dcdc6f23e6c1 100644
> NeilBrown> --- a/mdopen.c
> NeilBrown> +++ b/mdopen.c
> NeilBrown> @@ -312,6 +312,10 @@ int create_mddev(char *dev, char *name, int autof, int trustworthy,
> NeilBrown> if (block_udev)
> NeilBrown> udev_block(devnm);
> NeilBrown> fd = open("/sys/module/md_mod/parameters/new_array", O_WRONLY);
> NeilBrown> + if (fd < 0 && errno == ENOENT) {
> NeilBrown> + system("modprobe md_mod");
> NeilBrown> + fd = open("/sys/module/md_mod/parameters/new_array", O_WRONLY);
> NeilBrown> + }
> NeilBrown> if (fd >= 0) {
> NeilBrown> n = write(fd, devnm, strlen(devnm));
> NeilBrown> close(fd);
> NeilBrown> --
> NeilBrown> 2.14.0.rc0.dirty
>
> I haven't looked, but shouldn't the path for modprobe be hardcoded
> here to /sbin/modprobe? Or the PATH sanitized so that random people
> can't put something into the system PATH and cause problems?
That issue briefly crossed my mind as I wrote the code (is it OK to use
system()? should I use /sbin/modprobe or just modprobe?) but as mdadm is
not set-uid and cannot be run in an environment created by a
non-privileged user, there is no security risk.
Certainly a careless sysadmin might set path wrongs, but the most likely
wrong outcome is that modprobe won't be found, and there is very little
cost to that.
So thanks for asking, but I don't think there is any need for any extra
care, in which case "simplest is best".
Thanks,
NeilBrown
Attachment:
signature.asc
Description: PGP signature
