os-prober expects to run in a new private mount namespace, but new namespace is not private
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
os-prober (Debian) |
New
|
Unknown
|
|||
os-prober (Ubuntu) |
Fix Released
|
Undecided
|
Dan Bungert |
Bug Description
During execution of os-prober, other processes on the system can see the
temporary mounts to /var/lib/
in a separate mount namespace.
In order to run os-prober in a more isolated mode, we introduced the
newns.c source file a while ago. We build it to a binary and ship it in
os-prober and os-prober-udeb.
The original idea was to run os-prober in a private mount namespace.
Sadly, calling the unshare(
create a new mount namespace. But it is not enough to make the new
namespace private.
While we can patch newns.c to make the new mount namespace private,
relying on unshare(1) from util-linux (which is an essential package)
seems like a more viable option.
Related branches
- Nick Rosbrook (community): Approve
-
Diff: 716 lines (+391/-41)11 files modifiedcommon.sh (+12/-2)
debian/changelog (+325/-0)
debian/control (+5/-1)
debian/os-prober-udeb.install (+0/-1)
debian/os-prober.install (+0/-1)
debian/rules (+5/-4)
dev/null (+0/-29)
linux-boot-probes/common/50mounted-tests (+13/-0)
os-probes/init/common/10filesystems (+1/-1)
os-probes/mounted/powerpc/20macosx (+1/-1)
os-probes/mounted/x86/20microsoft (+29/-1)
Changed in os-prober (Ubuntu): | |
assignee: | nobody → Olivier Gayot (ogayot) |
Changed in os-prober (Ubuntu): | |
assignee: | nobody → Dan Bungert (dbungert) |
status: | New → In Progress |
Changed in os-prober (Debian): | |
status: | Unknown → New |
Adding debdiff removing the flawed newns binary and replacing it by the use of unshare. unshare --mount creates a private mount namespace by default, and it is shipped by util-linux [essential]