Date: Fri, 27 Jul 2007 11:07:29 +0200 From: "Simon L. Nielsen" <simon@FreeBSD.org> To: Joel Hatton <freebsd-stable@auscert.org.au> Cc: freebsd-security@freebsd.org, freebsd-stable@freebsd.org Subject: Re: HEADS UP: Re: FreeBSD Security Advisory FreeBSD-SA-07:01.jail Message-ID: <20070727090729.GA1004@zaphod.nitro.dk> In-Reply-To: <200707270712.l6R7CYs4064783@app.auscert.org.au> References: <cryx-freebsd@h3q.com> <45A7034B.3070002@h3q.com> <200707270712.l6R7CYs4064783@app.auscert.org.au>
next in thread | previous in thread | raw e-mail | index | archive | help
--GRPZ8SYKNexpdSJ7
Content-Type: multipart/mixed; boundary="Qxx1br4bt0+wmkIi"
Content-Disposition: inline
--Qxx1br4bt0+wmkIi
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On 2007.07.27 17:12:34 +1000, Joel Hatton wrote:
> I'm dredging up an old issue here, but it appears to be unresolved in
> RELENG_5_5 at this time. After upgrading to 5.5-RELEASE-p14, I found that
> my jails wouldn't start anymore, and it comes down to this bit again. By
> way of explanation, I'll include the patch for what I changed.
>=20
> --- /tmp/jail Wed Feb 14 15:16:30 2007
> +++ /etc/rc.d/jail Fri Jul 27 13:46:51 2007
> @@ -218,7 +218,7 @@
> {
> local _device _mountpt _rest
> =20
> - while read _device _mountpt _rest; do
> + cat ${jail_fstab} | while read _device _mountpt _rest; do
> case ":${_device}" in
> :#* | :)
> continue
>=20
> In short, the jail_mount_fstab function is not given the fstab file on
> which the local variables depend. My patch may not be the most robust but
> for me today it is expedient.
Hey,
Yes, looking at the code now it is clearly wrong. Guess I/we
(secteam) stared too much at the code so we missed this issue :-/.
Your patch is very close to the "correct"/cleaner patch which is
attached. How exactly does it fail without your patch? Does it say
"cannot open : No such file or directory" and then no jails start when
booting (that would be my guess from a quick check of the bug)?
Would it be possible for you to test the attached patch and see if it
fixes the issue for you?
> Sorry if this has been discussed already, but I was surprised that this
> hadn't been fixed yet. It certainly would have caused some anxious moments
> if I'd upgraded a prod server with multiple jails before I realised!
I haven't heard of this issue before, so not many people are using 5.5
with jails. The bug was certainly introduced as a merge error in the
with the patch for FreeBSD-SA-07:01.jail.
As this is clearly a bug in a Security Advisory patch and RELENG_5 /
RELENG_5_5 are still supported I expect that an updated advisory will
be released to fix this bug shortly.
Thanks for reporting the issue, and sorry about the bad patch :-(.
--=20
Simon L. Nielsen
Hat: FreeBSD Security Team and pointyhat
--Qxx1br4bt0+wmkIi
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename=jail5_11
Content-Transfer-Encoding: quoted-printable
Index: jail
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
RCS file: /home/ncvs/src/etc/rc.d/jail,v
retrieving revision 1.15.2.5.2.1
diff -u -d -r1.15.2.5.2.1 jail
--- jail 11 Jan 2007 18:19:33 -0000 1.15.2.5.2.1
+++ jail 27 Jul 2007 08:49:37 -0000
@@ -228,7 +228,7 @@
warn "${_mountpt} has symlink as parent - not mounting from ${jail_fsta=
b}"
return
fi
- done <${_fstab}
+ done <${jail_fstab}
mount -a -F "${jail_fstab}"
}
=20
--Qxx1br4bt0+wmkIi--
--GRPZ8SYKNexpdSJ7
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (FreeBSD)
iD8DBQFGqbXQBJx0gP90kKsRAoYcAJ459927vr4qhpGPmduiQQ0DS8sYuQCeJNPh
2HnAMtOU/KKZw6z0kLCDU7U=
=D8WS
-----END PGP SIGNATURE-----
--GRPZ8SYKNexpdSJ7--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070727090729.GA1004>