Hi Alan,
Alan Cox wrote:
> 2.4.22pre7 has the unshare_files fix - its a security fix.
>
> It should not have changed the behaviour so I'm very interested to
> know if that specific patch set changes the behaviour and precisely
> what your code is doing
I have now compiled vanilla 2.4.21 with the same configuration (but
without the netfilter patch-o-matic patches, which shouldn't matter) -
it works. But now I'm again stuck without the CLE266 module. Attached is
the script that does the actual root fs switch (it is called from init
after the daemons have been stopped, i.e. during runlevel change). I
hope I haven't done anything too stupid in this script, embarassing
myself with this post to LKML... ;)
If you want, I could send you a diff of the two trees (between my
patched 2.4.21 and 2.4.21-ac4 trees). But it will mostly be just your
own -ac4 patch, with preempt and patch-o-matic stuff applied.
Would it help if I tried it with 2.4.22pre7 ?
- Rene
#!/bin/sh
# Switch from harddisk to RAM mode.
#
# Rene Mayrhofer, 2003
. /etc/cramdisk.conf
mntpoint=/cramfs
if [ -e /on-cramfs ]; then
echo "Already running on CRAMFS."
exit 1
fi
if grep -q "$mntpoint" /proc/mounts; then
umount $mntpoint/mnt 2>/dev/null
umount $mntpoint/var 2>/dev/null
umount $mntpoint/data 2>/dev/null
umount $mntpoint/dev 2>/dev/null
umount $mntpoint/proc 2>/dev/null
umount $mntpoint
fi
echo "Building CRAMFS image"
#/usr/local/sbin/createramfs.sh
echo "Mounting CRAMFS image"
# this is stupid - why do we have to do it twice before it works ??
dd if=/boot/cramfs.img of=/dev/rd/0 2>/dev/null
mount -t cramfs /dev/rd/0 $mntpoint
dd if=/boot/cramfs.img of=/dev/rd/0 2>/dev/null
mount -t cramfs /dev/rd/0 $mntpoint
cd $mntpoint
echo "Mounting needed kernel filesystems"
mount -nt proc none proc/
mount -nt devfs none dev/
echo "Changing root to CRAMFS"
/sbin/pivot_root . mnt <dev/console >dev/console 2>&1
echo "Creating RAM disk for var/"
mount -nt tmpfs -o size=300M none var/
echo "Creating directories for var"
for d in $CREATE_VAR_DIRS; do
mkdir -p var/$d
done
echo "Copying directories to var/"
for d in $COPY_VAR_DIRS; do
mkdir -p var/$d
cp -dp mnt/var/$d/* var/$d/ 2> /dev/null
done
echo "Linking directories for var"
for d in $LINK_VAR_DIRS; do
ln -s /var-static/$d var/`dirname $d`
done
echo "Re-executing init"
/usr/sbin/chroot . /sbin/telinit u <dev/console >/dev/console 2>&1
echo "Killing all processes that still have stuff open on /mnt"
/usr/bin/killall getty
/usr/sbin/lsof -n | grep "/mnt" |
while read name pid user fd type device size node name; do
# don't kill ourselves or the currently running rc script ....
if [ -d /proc/$pid ] &&
! cat /proc/$pid/cmdline | grep -q "switch-to-cramfs" &&
! cat /proc/$pid/cmdline | grep -q "/etc/init.d/rc"; then
/bin/kill -9 $pid
fi
done
echo "Mounting data directory read-only"
if grep -q "/mnt/data" /proc/mounts; then
umount -n /mnt/data
fi
mount -nt ext2 -o ro /dev/discs/disc0/part3 /data
echo -n "Postponing unmount of filesystems until runlevel switch has completed"
/usr/sbin/chroot . /bin/bash -c '
# the grep -v is because the processlist contains this command itself...
while ps ax | grep -v "\"/etc/init.d/rc\"" | grep -q "/etc/init.d/rc"; do
sleep 1s
done
echo "Unmounting old filesystems"
if grep -q "/mnt/dev" /proc/mounts; then
umount -n /mnt/dev
fi
if grep -q "/mnt/proc/bus/usb" /proc/mounts; then
umount -n /mnt/proc/bus/usb
fi
if grep -q "/mnt/proc" /proc/mounts; then
umount -n /mnt/proc
fi
if grep -q "/mnt/mnt/cdrom" /proc/mounts; then
umount -n /mnt/mnt/cdrom
fi
if grep -q "/mnt/mnt/usb" /proc/mounts; then
umount -n /mnt/mnt/usb
fi
if grep -q "/mnt/data" /proc/mounts; then
umount -n /mnt/data
fi
if umount /mnt; then
/sbin/hdparm -y /dev/hda
fi' < /dev/null > /dev/null 2> /dev/null &
echo "."
exit 0
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Wed Jul 23 2003 - 22:00:47 EST