Package: initscripts
Version: 2.86.ds1-34
Severity: minor
Tags: patch
Hi,
the attached patch changes the initscripts mtab script to not use an
extra fd when processing /proc/mounts. This makes SELinux happier as the
extra fds aren't "leaked" to the utils that are executed later.
I must admit though that I didn't really understand why the fd9 trick
was used in the first place?
--
David Härdeman
diff -ur ./sysvinit-2.86.ds1.orig/debian/initscripts/etc/init.d/mtab.sh
./sysvinit-2.86.ds1/debian/initscripts/etc/init.d/mtab.sh
--- ./sysvinit-2.86.ds1.orig/debian/initscripts/etc/init.d/mtab.sh
2006-11-07 23:49:09.000000000 +0100
+++ ./sysvinit-2.86.ds1/debian/initscripts/etc/init.d/mtab.sh 2006-11-07
23:50:05.000000000 +0100
@@ -44,7 +44,7 @@
fi
# Not mounted?
- if ! mountpoint -q $2
+ if ! mountpoint -q $2 < /dev/null
then
return
fi
@@ -57,9 +57,9 @@
fi
# Already recorded?
- if ! grep -E -sq "^([^ ]+) +$2 +" /etc/mtab
+ if ! grep -E -sq "^([^ ]+) +$2 +" /etc/mtab < /dev/null
then
- mount -f -t $1 $OPTS $4 $NAME $2
+ mount -f -t $1 $OPTS $4 $NAME $2 < /dev/null
fi
}
@@ -141,7 +141,6 @@
# Add everything else in /proc/mounts into /etc/mtab, with
# special exceptions.
- exec 9<&0 0</proc/mounts
while read FDEV FDIR FTYPE FOPTS REST
do
case "$FDIR" in
@@ -156,8 +155,7 @@
;;
esac
domtab "$FTYPE" "$FDIR" "$FDEV" "-o$FOPTS"
- done
- exec 0<&9 9<&-
+ done < /proc/mounts
}
case "$1" in
