GNU bug report logs - #28134
Nix daemon incorrectly decodes octal escapes in mount names

Previous Next

To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 28134 in the body.
You can then email your comments to 28134 AT debbugs.gnu.org in the normal way.

Toggle the display of automated, internal messages from the tracker.

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Andy Wingo <wingo <at> igalia.com>
To: guix-patches <at> gnu.org
Subject: Nix daemon incorrectly decodes octal escapes in mount names
Date: Fri, 18 Aug 2017 11:09:06 +0200

Hi,

With Guix at 3bfa7af41754a19faa1b3b7232fd080436ccb386 I tried to build
an installation image:

  guix system disk-image gnu/system/install.scm

However:

  guix system: error: build failed: while setting up the build environment: unable to make filesystem `/media/wingo/Ubuntu.04.2 LTS amd64' private: No such file or directory

That's weird; I do have an Ubuntu installer USB stick inserted though,
the name looks similar but a bit weird...

  $ ls /media/wingo
  'Ubuntu 16.04.2 LTS amd64'

  $ mount | grep wingo
  /dev/sdc1 on /media/wingo/Ubuntu 16.04.2 LTS amd64 type iso9660 (ro,nosuid,nodev,relatime,uid=1000,gid=1000,iocharset=utf8,mode=0400,dmode=0500,uhelper=udisks2)

  $ grep wingo /proc/self/mountinfo
  89 22 8:33 / /media/wingo/Ubuntu\04016.04.2\040LTS\040amd64 ro,nosuid,nodev,relatime - iso9660 /dev/sdc1 ro,uid=1000,gid=1000,iocharset=utf8,mode=0400,dmode=0500

I see in nix/libstore.build.cc around line 2090:

  /* Make all filesystems private.  This is necessary
     because subtrees may have been mounted as "shared"
     (MS_SHARED).  (Systemd does this, for instance.)  Even
     though we have a private mount namespace, mounting
     filesystems on top of a shared subtree still propagates
     outside of the namespace.  Making a subtree private is
     local to the namespace, though, so setting MS_PRIVATE
     does not affect the outside world. */
  Strings mounts = tokenizeString<Strings>(readFile("/proc/self/mountinfo", true), "\n");
  foreach (Strings::iterator, i, mounts) {
      vector<string> fields = tokenizeString<vector<string> >(*i, " ");
      string fs = decodeOctalEscaped(fields.at(4));
      if (mount(0, fs.c_str(), 0, MS_PRIVATE, 0) == -1)
          throw SysError(format("unable to make filesystem `%1%' private") % fs);
  }

I guess it would seem that decodeOctalEscaped didn't work?  Indeed, from nix/libutil/util.cc:

  string decodeOctalEscaped(const string & s)
  {
      string r;
      for (string::const_iterator i = s.begin(); i != s.end(); ) {
          if (*i != '\\') { r += *i++; continue; }
          unsigned char c = 0;
          ++i;
          while (i != s.end() && *i >= '0' && *i < '8')
              c = c * 8 + (*i++ - '0');
          r += c;
      }
      return r;
  }

The same code is in upstream Nix:

  https://github.com/NixOS/nix/blob/master/src/libutil/util.cc#L1143

The octal escape is generated by the kernel, ultimately by this function:

  https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/fs/seq_file.c#n416

The kernel always generates three-character octal escapes.

However it looks like upstream Nix no longer uses this function; instead
they use the MS_REC flag:

  if (mount(0, "/", 0, MS_REC|MS_PRIVATE, 0) == -1) {
      throw SysError("unable to make '/' private mount");
  }
  
So I will change our copy of the daemon to do the same.

Andy

Message #10 received at 28134-close <at> debbugs.gnu.org (full text, mbox):

From: Andy Wingo <wingo <at> igalia.com>
To: 28134-close <at> debbugs.gnu.org
Subject: Applied in 842e0e439a22081be1b4fed7ddc21d6d228afd10
Date: Mon, 21 Aug 2017 09:16:59 +0200

Fixed by cherry-picking a patch from upstream; I followed up by removing
the function.

Andy

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.