Re: Mounting EFI partition: default to `uid=0,gid=0`

2023-11-09 Thread Pascal Hambourg

Hi,

On 09/11/2023 at 17:36, Danny van Heumen wrote:


I recently discovered that `/boot/efi`, being a FAT parition, is mounted with 
an implicit owner and group, because FAT cannot store permissions. For the 
default use case, `/boot/efi` is mounted automatically during boot, so there is 
little risk. With diffirent mount options, this may become an issue.

Was it ever considered to add `uid=0,gid=0` as default mount options for the 
EFI System Partition (ESP)?


Which use cases would this be useful for ?



Re: Mounting EFI partition: default to `uid=0,gid=0`

2023-11-09 Thread Danny van Heumen
Hi,

Resending, as I forgot to reply to the list. Response in line.


On Thursday, 9 November 2023 at 20:52, Pascal Hambourg  
wrote:
 
> Hi,
> 
> On 09/11/2023 at 17:36, Danny van Heumen wrote:
> 
> > I recently discovered that `/boot/efi`, being a FAT parition, is mounted 
> > with an implicit owner and group, because FAT cannot store permissions. For 
> > the default use case, `/boot/efi` is mounted automatically during boot, so 
> > there is little risk. With diffirent mount options, this may become an 
> > issue.
> > 
> > Was it ever considered to add `uid=0,gid=0` as default mount options for 
> > the EFI System Partition (ESP)?

I would argue that this should be independent of use case, that is you would 
want to ensure the ESP is always accessed as root. (Same as for example the 
`umask=0077` setting that I think is already part of the install.)
Apart from that, I was experimenting with having /boot not auto-mounted, but 
only mounted manually when performing system updates.

> 
> Which use cases would this be useful for ?



Re: Mounting EFI partition: default to `uid=0,gid=0`

2023-11-21 Thread Danny van Heumen
Hi,

AFAICT, there was no follow-up to this. Does this mean that it is preferred 
that ownership is determined solely by the user who mounts the EFI partition?

Regards,
Danny



On Friday, 10 November 2023 at 03:07, Danny van Heumen 
 wrote:


> 
> 
> Hi,
> 
> Resending, as I forgot to reply to the list. Response in line.
> 
> 
> On Thursday, 9 November 2023 at 20:52, Pascal Hambourg pas...@plouf.fr.eu.org 
> wrote:
> 
> > Hi,
> > 
> > On 09/11/2023 at 17:36, Danny van Heumen wrote:
> > 
> > > I recently discovered that `/boot/efi`, being a FAT parition, is mounted 
> > > with an implicit owner and group, because FAT cannot store permissions. 
> > > For the default use case, `/boot/efi` is mounted automatically during 
> > > boot, so there is little risk. With diffirent mount options, this may 
> > > become an issue.
> > > 
> > > Was it ever considered to add `uid=0,gid=0` as default mount options for 
> > > the EFI System Partition (ESP)?
> 
> 
> I would argue that this should be independent of use case, that is you would 
> want to ensure the ESP is always accessed as root. (Same as for example the 
> `umask=0077` setting that I think is already part of the install.)
> Apart from that, I was experimenting with having /boot not auto-mounted, but 
> only mounted manually when performing system updates.
> 
> > Which use cases would this be useful for ?



Re: Mounting EFI partition: default to `uid=0,gid=0`

2023-11-21 Thread Steve McIntyre
On Tue, Nov 21, 2023 at 03:16:42PM +, Danny van Heumen wrote:
>Hi,
>
>AFAICT, there was no follow-up to this. Does this mean that it is
>preferred that ownership is determined solely by the user who mounts
>the EFI partition?

In normal use, the EFI partition isn't mounted by a user. What are you
trying to solve here?

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
< Aardvark> I dislike C++ to start with. C++11 just seems to be
handing rope-creating factories for users to hang multiple
instances of themselves.



Re: Mounting EFI partition: default to `uid=0,gid=0`

2023-11-21 Thread Danny van Heumen
Hi, see in-line.

 Original Message 
On Nov 21, 2023, 4:59 PM, Steve McIntyre < st...@einval.com> wrote:
On Tue, Nov 21, 2023 at 03:16:42PM +, Danny van Heumen wrote: >Hi, > 
>AFAICT, there was no follow-up to this. Does this mean that it is >preferred 
that ownership is determined solely by the user who mounts >the EFI partition? 
In normal use, the EFI partition isn't mounted by a user. What are you trying 
to solve here?

I wanted to make the partition user-mountable such that I can mount it before 
upgrading packages. The partition would not be mounted by default. 
(`noauto,users`) Then I found out that it defaults to ownership of mounting 
users, which is not good.

As I mentioned previously, I would argue that the ESP should always mount with 
owner 0, even if my use case/experiment itself is an outlier. I spotted my 
mistake, but was surprised by how owner is chosen (in such a case).

Yes, even when using sudo this shouldn't be a problem, however the behavior 
does deviate from other filesystems which have their own permission bits 
therefore have "protection" (maybe a strong word) against this situation.

-- Steve McIntyre, Cambridge, UK. st...@einval.com < Aardvark> I dislike C++ to 
start with. C++11 just seems to be handing rope-creating factories for users to 
hang multiple instances of themselves.

Re: Mounting EFI partition: default to `uid=0,gid=0`

2023-11-21 Thread Steve McIntyre
[ Argh, please turn off the crappy auto-encryption with your
  protonmail setup. It's utterly pointless when discussion is going to
  a mailing list too... ]

Hi Danny,

On Tue, Nov 21, 2023 at 07:20:31PM +, Danny van Heumen wrote:
>On Nov 21, 2023, 4:59 PM, Steve McIntyre < st...@einval.com> wrote:
>>In normal use, the EFI partition isn't mounted by a user. What are
>>you trying to solve here?
>
>I wanted to make the partition user-mountable such that I can mount
>it before upgrading packages. The partition would not be mounted by
>default. (\`noauto,users\`) Then I found out that it defaults to
>ownership of mounting users, which is not good.
>
>As I mentioned previously, I would argue that the ESP should always
>mount with owner 0, even if my use case/experiment itself is an
>outlier. I spotted my mistake, but was surprised by how owner is
>chosen (in such a case).
>
>Yes, even when using sudo this shouldn't be a problem, however the
>behavior does deviate from other filesystems which have their own
>permission bits therefore have "protection" (maybe a strong word)
>against this situation.

Debian's standard installation setup works here as expected. If you
want to break that, then I think it's up to you to handle the
consequences I'm afraid. You're *already* modified the fstab to do
what you want, you get to make the other changes you want too. OK?

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
The two hard things in computing:
 * naming things
 * cache invalidation
 * off-by-one errors  -- Stig Sandbeck Mathisen



Re: Mounting EFI partition: default to `uid=0,gid=0`

2023-11-21 Thread Danny van Heumen
Hi,

I will look into this setting. Thanks for pointing this out.

Now, to rewind to the original question, because my use case distracts from my 
question:

I noticed that the mount-configuration in `/etc/fstab`, by default, relies on 
an *implicit* assumption for the ownership of the ESP to /boot/efi, i.e.  
'root' (uid 0) only because it is executed as part of the boot process.

Is this intentional? (i.e. was this considered?)

I am guessing the answer is 'yes', given that you immediately skip this and 
focus on pointing out my actions which helped to discover this 
assumption/implicit behavior. I will consider my question answered then.

Kind regards,
Danny



On Tuesday, 21 November 2023 at 20:56, Steve McIntyre  wrote:


> 
> 
> [ Argh, please turn off the crappy auto-encryption with your
> protonmail setup. It's utterly pointless when discussion is going to
> a mailing list too... ]
> 
> Hi Danny,
> 
> On Tue, Nov 21, 2023 at 07:20:31PM +, Danny van Heumen wrote:
> 
> > On Nov 21, 2023, 4:59 PM, Steve McIntyre < st...@einval.com> wrote:
> > 
> > > In normal use, the EFI partition isn't mounted by a user. What are
> > > you trying to solve here?
> > 
> > I wanted to make the partition user-mountable such that I can mount
> > it before upgrading packages. The partition would not be mounted by
> > default. (\`noauto,users\\`) Then I found out that it defaults to
> > ownership of mounting users, which is not good.
> > 
> > As I mentioned previously, I would argue that the ESP should always
> > mount with owner 0, even if my use case/experiment itself is an
> > outlier. I spotted my mistake, but was surprised by how owner is
> > chosen (in such a case).
> > 
> > Yes, even when using sudo this shouldn't be a problem, however the
> > behavior does deviate from other filesystems which have their own
> > permission bits therefore have "protection" (maybe a strong word)
> > against this situation.
> 
> 
> Debian's standard installation setup works here as expected. If you
> want to break that, then I think it's up to you to handle the
> consequences I'm afraid. You're already modified the fstab to do
> what you want, you get to make the other changes you want too. OK?
> 
> --
> Steve McIntyre, Cambridge, UK. st...@einval.com
> The two hard things in computing:
> * naming things
> * cache invalidation
> * off-by-one errors -- Stig Sandbeck Mathisen



Re: Mounting EFI partition: default to `uid=0,gid=0`

2023-11-21 Thread Pascal Hambourg

On 21/11/2023 at 21:35, Danny van Heumen wrote:


I noticed that the mount-configuration in `/etc/fstab`, by default, relies on 
an *implicit* assumption for the ownership of the ESP to /boot/efi, i.e.  
'root' (uid 0) only because it is executed as part of the boot process.


There is no implicit assumption. The default mount options set up by the 
installer command that the ESP is automatically mounted at startup, 
resulting in root ownership. There is no need to add uid and gid mount 
options.


I agree with Steve: if *you* choose to change the default mount options 
with  "noauto,users", *you* should deal with the consequences and add 
other mount options if needed.


But I believe that your use case is wrong anyway: upgrading packages 
requires root privileges so mounting the ESP as a normal user should not 
be needed. Instead you may use dpkg's pre-invoke and post-invoke options 
or apt's Pre-Invoke and Post-Invoke options to mount and unmount the 
ESP, like what can be done to remount /usr read-write during package 
upgrades on systems where it is mounted read-only by default.




Re: Mounting EFI partition: default to `uid=0,gid=0`

2023-11-21 Thread yxcv

On Tue, 21 Nov 2023 22:12:31 +0100
 Pascal Hambourg  wrote:
I' m afraid I have to read much more about d-i
Especially partitioning.
But where to start?
Ciao



Re: Mounting EFI partition: default to `uid=0,gid=0`

2023-11-22 Thread Pascal Hambourg

On 22/11/2023 at 00:54, y...@vienna.at wrote:

I' m afraid I have to read much more about d-i
Especially partitioning.
But where to start?


The debian-installer package contains some documentation (maybe 
incomplete and outdated) about partman, the d-i partitioning tool.

But I do not see the relationship with this discussion.

The script fstab.d/efi in installer udeb package partman-efi writes

UUID=- /boot/efi vfat umask=0077 0 1

to the target /etc/fstab. It means that the ESP is automatically mounted 
at startup and cannot be mounted by a regular user, so the default 
ownership is root:root and there is no need to force uid=0,gid=0.