yahoo wrote: > Il 09/04/25 18:38, ralfconn ha scritto: >> Il 21/09/24 18:16, ralfconn ha scritto: >>> Upon boot OpenRc shows this warning: >>> >>> fsck: checking local filesystem >>> fsck: fsck.ext4 device or resource busy while trying to open /dev/ >>> nvme0n1p6 >>> fsck: filesystem mounted or opened exclusively by another program? >>> fsck: operational error >>> >>> ... >> Old thread, no answer, but now I get the same message on another box, >> just after I reconfigured the kernel for hardening (https:// >> kspp.github.io/Recommended_Settings), so it was not an OpenRC issue. >> >> I'll update if I find the option that causes the issue, just to close >> the thread for the posterity :-). >> > > I found the kernel option causing the error: > > BLK_DEV_WRITE_MOUNTED > > Re-enabling the option fixes the issue. > > The help says: > > "When a block device is mounted, writing to its buffer cache is very > likely going to cause filesystem corruption. It is also rather easy to > crash the kernel in this way since the filesystem has no practical way > of detecting these writes to buffer cache and verifying its metadata > integrity. However there are some setups that need this capability > like *running fsck on read-only mounted root device*, modifying some > features on mounted ext4 filesystem, and similar...." > > I can't say they didn't warn me :-) > > The option is on by default, I was directed to switch it off by > app-admin/kernel-hardening-checker: > > CONFIG_BLK_DEV_WRITE_MOUNTED |kconfig| is not set > |a13xp0p0v |cut_attack_surface| FAIL: "y" > > The fourth column is the source of the recommended setting - a13xp0p0v > - who is the maintainer of the tool. It's in github, I'll open a > ticket there. > > raffaele > >
Is this a driver we should all disable or do you have a different use case than most? I ask because mine is on as well. Given the large volume of data I have, if it needs to be off, I want to turn it off and build a new kernel. I rarely mount anything read only anyway so I can't think of a reason I would ever need it. I either unmount completely or run it when mounted as read/write if fsck allows it. Thanks. Dale :-) :-)
