Bug#524977: secure_mount: mounting directories readonly remounts whole partition readonly

[Dominik Schulz]

Package: util-vserver
Version: 0.30.216~r2772-6
Severity: important
Tags: patch

Problem description:
We run several stripped-down Vservers which mount as much directories as 
possible read-only from another Vserver (like /sbin, /bin, ...). The Vservers 
reside on their own LVM partition.

Our /etc/vservers/vs-www/fstab looks like this:

/srv/vserver/skeleton.vs-web/etc        /etc    none    bind,ro 0       0
/srv/vserver/skeleton.vs-web/bin        /bin    none    bind,ro 0       0
/srv/vserver/skeleton.vs-web/usr        /usr    none    bind,ro 0       0
/srv/vserver/skeleton.vs-web/lib        /lib    none    bind,ro 0       0
/srv/vserver/skeleton.vs-web/sbin       /sbin   none    bind,rw 0       0
/srv/vserver/skeleton.vs-web/opt        /opt    none    bind,ro 0       0
none    /proc           proc    defaults                0 0
none    /dev/pts        devpts  gid=5,mode=620          0 0

If the last "bind" entry is a "ro" mount the whole partition in the host will 
be mounted read-only.

If we change the last bind-mount to "rw", everything is fine:
[...]
/srv/vserver/skeleton.vs-web/opt        /opt    none    bind,rw 0       0
[...]

Expected Behavior:
The Vserver should start up without mounting the partition read-only.

Further Information:
Please see also the upstream bug report: 
http://savannah.nongnu.org/bugs/?25547

Patch:
We have backported the fix from upstream and it works for us.

Behaviour without patch/Steps to reproduce:

laura:/srv/vserver# touch test
laura:/srv/vserver# vserver vs-www start
secure-mount: open(<mtab>): Read-only file system
Failed to update mtab-file
secure-mount: open(<mtab>): Read-only file system
Failed to update mtab-file
secure-mount: open(<mtab>): Read-only file system
Failed to update mtab-file
secure-mount: open(<mtab>): Read-only file system
Failed to update mtab-file
secure-mount: open(<mtab>): Read-only file system
Failed to update mtab-file
secure-mount: write(): Invalid argument
Failed to update mtab-file
secure-mount: write(): Invalid argument
Failed to update mtab-file
chroot-sh: unlink("var/run/crond.reboot"): Read-only file system
chroot-sh: unlink("var/run/crond.pid"): Read-only file system
chroot-sh: unlink("var/run/utmp"): Read-only file system

Failed to start vserver 'vs-www'
laura:/srv/vserver# touch test
touch: kann „test“ nicht berühren: Das Dateisystem ist nur lesbar

Behaviour with patch:

laura:/srv/vserver# touch test
laura:/srv/vserver# vserver vs-www start
secure-mount: write(): Invalid argument
Failed to update mtab-file
secure-mount: write(): Invalid argument
Failed to update mtab-file
Starting OpenBSD Secure Shell server: sshd.
SpamAssassin Mail Filter Daemon: disabled, see /etc/default/spamassassin
Starting web server: lighttpd.
Starting Postfix Mail Transport Agent: postfix.
Starting periodic command scheduler: crond.
laura:/srv/vserver# touch test
laura:/srv/vserver#

-- System Information:
Debian Release: 5.0
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.26-1-vserver-amd64 (SMP w/16 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages util-vserver depends on:
ii  debconf                       1.5.24     Debian configuration management 
sy
ii  iproute                       20080725-2 networking and traffic control 
too
ii  libbeecrypt6                  4.1.2-7    open source C library of 
cryptogra
ii  libc6                         2.7-18     GNU C Library: Shared libraries
ii  make                          3.81-5     The GNU version of the "make" 
util
ii  net-tools                     1.60-22    The NET-3 networking toolkit
ii  util-linux                    2.13.1.1-1 Miscellaneous system utilities

Versions of packages util-vserver recommends:
ii  binutils            2.18.1~cvs20080103-7 The GNU assembler, linker and 
bina
ii  debootstrap         1.0.10lenny1         Bootstrap a basic Debian system

Versions of packages util-vserver suggests:
ii  iptables                 1.4.2-6         administration tools for packet 
fi
ii  linux-image-2.6.26-1-vse 2.6.26-13lenny2 Linux 2.6.26 image on AMD64, 
Linux
ii  module-init-tools        3.4-1           tools for managing Linux kernel 
mo
ii  procps                   1:3.2.7-11      /proc file system utilities
pn  vlan                     <none>          (no description available)
ii  wget                     1.11.4-2        retrieves files from the web
pn  yum                      <none>          (no description available)

-- debconf information:
  util-vserver/prerm_stop_running_vservers: true
  util-vserver/postrm_remove_vserver_configs: false

-- 
Mit freundlichen Grüßen / Best Regards
Dominik Schulz


--- util-vserver-0.30.216~r2772/debian/patches/20securemount.dpatch     2009-04-17 10:36:08.000000000 +0200
+++ util-vserver-0.30.216~r2772-patched/debian/patches/20securemount.dpatch     2009-04-14 10:45:12.000000000 +0200
@@ -8,7 +8,7 @@
 diff -urNad trunk~/src/secure-mount.c trunk/src/secure-mount.c
 --- trunk~/src/secure-mount.c  2008-03-17 12:20:27.000000000 -0400
 +++ trunk/src/secure-mount.c   2008-08-27 12:55:02.000000000 -0400
-@@ -436,6 +436,20 @@
+@@ -436,6 +436,19 @@
        perror("secure-mount: mount()");
        return false;
      }
@@ -19,8 +19,7 @@
 +      return false;
 +      if (mount(mnt->src, ".",
 +              mnt->type ? mnt->type : "",
-+              ((mnt->flag & ~(MS_BIND|MS_REC)) |
-+              MS_REMOUNT), NULL) == -1 &&
++              (mnt->flag | MS_REMOUNT), NULL) == -1 &&
 +        errno != EBUSY) { /* Returned on older kernels */
 +      perror("secure-mount: mount()");
 +      return false;