Date: Wed, 16 Dec 2009 12:36:47 GMT From: Markiyan Kushnir <mkushnir@lohika.com> To: freebsd-gnats-submit@FreeBSD.org Subject: conf/141678: A minor enhancement to how /etc/rc.d/jail determines mount points used in jails Message-ID: <200912161236.nBGCalSx079625@www.freebsd.org> Resent-Message-ID: <200912161240.nBGCe0o8076167@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 141678 >Category: conf >Synopsis: A minor enhancement to how /etc/rc.d/jail determines mount points used in jails >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Wed Dec 16 12:40:00 UTC 2009 >Closed-Date: >Last-Modified: >Originator: Markiyan Kushnir >Release: 8.0-STABLE >Organization: Lohika Systems >Environment: FreeBSD localhost 8.0-STABLE FreeBSD 8.0-STABLE #2: Fri Dec 11 00:54:35 EET 2009 root@localhost:/usr/obj/usr/src/sys/MAREK i386 >Description: As a part of jail cleanup the /etc/rc.d/jail script performs un-mount of the configured mount points, such as dev, fdesc, proc, as well as those in the jail's fstab file. To safely umount the mount point, it first checks if it is really a mount point, calling is_current_mountpoint(). This function performs rather naive path normalization, which fails if there are "/./" present in the mount point path. It can occur if, for example, the fstab file if automatically generated. Such paths are, however, perfectly valid input to the mount(8). Please consider a little bit advanced version of the path normalization, which I propose to put in the rc.subr. >How-To-Repeat: One might have the following fstab: /data/test-release/R/stage/trees/base/bin /usr/jails/M/./bin nullfs ro 0 0 /data/test-release/R/stage/trees/base/boot /usr/jails/M/./boot nullfs ro 0 0 >Fix: Please see the patch attached. Patch attached with submission follows: --- etc/rc.subr 2009-12-16 12:46:34.000000000 +0200 +++ etc/rc.subr.mkushnir 2009-12-16 14:18:16.000000000 +0200 @@ -1,5 +1,5 @@ # $NetBSD: rc.subr,v 1.67 2006/10/07 11:25:15 elad Exp $ -# $FreeBSD: src/etc/rc.subr,v 1.88.2.7 2009/12/15 23:05:16 dougb Exp $ +# $FreeBSD$ # # Copyright (c) 1997-2004 The NetBSD Foundation, Inc. # All rights reserved. @@ -738,7 +738,7 @@ if [ -n "$_nice" ]; then if [ -z "$_user" ]; then _doit="sh -c \"$_doit\"" - fi + fi _doit="nice -n $_nice $_doit" fi fi @@ -1063,7 +1063,7 @@ esac done } - + # # load_rc_config_var name var # Read the rc.conf(5) var for name and set in the @@ -1702,6 +1702,48 @@ return 0 } +# normalize_path() +# Removes excess components from the file path: +# - single dots, double dots, multiple consecutive slashes +# are correctly collapsed +# Correctly handles spaces in the path components. +# +normalize_path() +{ + echo ${1} | awk '{ + res = ""; + split($0, pieces, "/"); + ii = 0; + len = length(pieces); + for (i = 1; i <= len; i++) { + if (pieces[i] == "") { + if (i == 1) { + # absolute path + res = "/"; + } + } else if (pieces[i] == ".") { + # ignoring dot + } else if (pieces[i] == "..") { + # unwind the path one step + if (ii > 0) { + delete tmp[ii-1]; + ii--; + } + } else { + tmp[ii] = pieces[i]; + ii++; + } + } + for (i = 0; i < length(tmp); i++) res = res tmp[i] "/"; + # remove trailing slash from the result + if (length(res) != 1) { + sub("/$", "", res); + } + print res; +}' +} + fi + _rc_subr_loaded=: --- etc/rc.d/jail 2009-12-16 13:34:53.000000000 +0200 +++ etc/rc.d/jail.mkushnir 2009-12-16 13:35:18.000000000 +0200 @@ -1,6 +1,6 @@ #!/bin/sh # -# $FreeBSD: src/etc/rc.d/jail,v 1.44 2009/11/02 09:56:46 remko Exp $ +# $FreeBSD$ # # PROVIDE: jail @@ -237,7 +237,7 @@ _dir=$1 - _dir=`echo $_dir | sed -Ee 's#//+#/#g' -e 's#/$##'` + _dir="`normalize_path \"${_dir}\"`" [ ! -d "${_dir}" ] && return 1 _dir2=`df ${_dir} | tail +2 | awk '{ print $6 }'` [ "${_dir}" = "${_dir2}" ] >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200912161236.nBGCalSx079625>