GNU bug report logs -
#18736
chroot regression - chroot avoids the chroot() call too eagerly.
Previous Next
Reported by: Rogier <rogier777 <at> gmail.com>
Date: Wed, 15 Oct 2014 15:44:04 UTC
Severity: normal
Done: Pádraig Brady <P <at> draigBrady.com>
Bug is archived. No further changes may be made.
Full log
Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
Hi,
Since a few months, it seems that chroot has started avoiding the
chroot call if it can be determined to be idempotent.
It looks like the new check is based on inode comparison - if the
inode is the same, the chroot() call is considered idempotent, and not
performed.
However, while two directories being in the same file system and having
the same inode number implies that they are the same directory, it
does not necessarily imply that they have same file system path (i.e.
use the same mountpoint), so there is no guarantee that the entire
directory trees rooted at the two directories are also identical even
though the directories are.This means that chroot will fail to
chroot() in cases when the call would in fact not be idempotent.
On my system (debian testing), I have / bind-mounted elsewhere, with a
slightly different directory tree mounted beneath it, as is mounted
beneath /. In my case, I need this so that I can make partial backups
of the system - including some file systems but leaving out others.
Undoubtly, there are other use-cases as well - I wouldn't be surprised
if users of libpam-chroot can be affected by this, depending on exactly
how they configure their chroot environments.
The new chroot behavior no longer allows chrooting into such alternate
trees. In my case, that means that my backup fails.
Kind regards,
Rogier.
This bug report was last modified 10 years and 276 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.