RPM Community Forums

Mailing List Message of <rpm-devel>

Re: [CVS] RPM: rpm-5_1: rpm/ VENDOR rpm/lib/ fs.c

From: Jeff Johnson <n3npq@mac.com>
Date: Sat 11 Oct 2008 - 19:40:10 CEST
Message-id: <E2F34D49-F9C7-45F6-AAE0-4F067676EB4C@mac.com> 
How about the simpler patch below instead?

(aside)
Condition skipping ENOENT on "/proc" compare if you wish, but there's  
other types of
leakage on linux through multiply mounted file systems, including  
pty's, that may
need special casing too, and I'd rather not maintain the enumeration  
explicitly.

Clearly ENOENT on a mounted file system stat that returns ENOENT is  
unlikely to ever lead to
any information that can be used by rpm imho, so just skipping
ENOENT is likely more than gud enuf.

The issue of information leakage affects not only *BSD jails, see

     https://bugzilla.redhat.com/show_bug.cgi?id=457940

where there is leakage through a symlink to something that is not
/etc/mtab.

And the issue of leakage is most definitely an uglix, not an rpm,  
problem.

73 de Jeff

Index: fs.c
===================================================================
RCS file: /v/rpm/cvs/rpm/lib/fs.c,v
retrieving revision 2.66
diff -u -b -B -w -p -r2.66 fs.c
--- fs.c        11 Oct 2008 14:51:08 -0000      2.66
+++ fs.c        11 Oct 2008 17:29:51 -0000
@@ -233,6 +233,7 @@ static int getFilesystemList(void)
                 rpmFreeFilesystems();
                 return 1;
                 /*@notreached@*/ /*@switchbreak@*/ break;
+           case ENOENT:        /* XXX avoid /proc if leaked into  
*BSD jails. */
             case EACCES:        /* XXX fuse fs #220991 */
             case ESTALE:
                 continue;



On Oct 11, 2008, at 10:52 AM, Ralf S. Engelschall wrote:

>   RPM Package Manager, CVS Repository
>   http://rpm5.org/cvs/
>    
> ______________________________________________________________________ 
> ______
>
>   Server: rpm5.org                         Name:   Ralf S. Engelschall
>   Root:   /v/rpm/cvs                       Email:  rse@rpm5.org
>   Module: rpm                              Date:   11-Oct-2008  
> 16:52:08
>   Branch: rpm-5_1                          Handle: 2008101114520700
>
>   Modified files:           (Branch: rpm-5_1)
>     rpm                     VENDOR
>     rpm/lib                 fs.c
>
>   Log:
>     merge from HEAD OpenPKG-specific change 'always-skip-proc- 
> filesystem'
>
>   Summary:
>     Revision    Changes     Path
>     2.47.2.5    +16 -0      rpm/VENDOR
>     2.63.2.1    +11 -0      rpm/lib/fs.c
>    
> ______________________________________________________________________ 
> ______
>
>   patch -p0 <<'@@ .'
>   Index: rpm/VENDOR
>    
> ====================================================================== 
> ======
>   $ cvs diff -u -r2.47.2.4 -r2.47.2.5 VENDOR
>   --- rpm/VENDOR	17 Aug 2008 16:19:51 -0000	2.47.2.4
>   +++ rpm/VENDOR	11 Oct 2008 14:52:07 -0000	2.47.2.5
>   @@ -421,6 +421,22 @@
>                         are not broken.
>          
> ______________________________________________________________________ 
> __
>
>   +     Change:         always-skip-proc-filesystem
>   +     Purpose:        Always skip the /proc filesystem
>   +     Reason:         OpenPKG never does anything with the  
> virtual filesystem
>   +                     /proc which exists on some platforms.  
> Sometimes
>   +                     (e.g. in a FreeBSD Jail) the problem even  
> exists
>   +                     that RPM discovers that /proc might be  
> available
>   +                     (because the FreeBSD host leaks this  
> information
>   +                     to the Jail) but /proc cannot be actually  
> accessed
>   +                     from within the Jail. As a result, RPM  
> complains
>   +                     with "error: failed to stat /proc: No such  
> file
>   +                     or directory" all the time.. As OpenPKG never
>   +                     fiddles around with /proc from within RPM,  
> in this
>   +                     particular vendor environment /proc safely  
> can be
>   +                     just ignored.
>   +      
> ______________________________________________________________________ 
> __
>   +
>      o  Name:           RPM4DARWIN
>         Vendor:         RPM for Darwin (Mac OS X) <http:// 
> rpm4darwin.sourceforge.net/>
>         Representative: Anders F. Bjorklund  
> <afb@users.sourceforge.net> <afb@rpm5.org>
>   @@ .
>   patch -p0 <<'@@ .'
>   Index: rpm/lib/fs.c
>    
> ====================================================================== 
> ======
>   $ cvs diff -u -r2.63 -r2.63.2.1 fs.c
>   --- rpm/lib/fs.c	12 Mar 2008 19:41:11 -0000	2.63
>   +++ rpm/lib/fs.c	11 Oct 2008 14:52:07 -0000	2.63.2.1
>   @@ -110,6 +110,9 @@
>
>    	filesystems[i].mntPoint = fsnames[i] = fsn;
>    	
>   +#if defined(RPM_VENDOR_OPENPKG) /* always-skip-proc-filesystem */
>   +	if (!(strcmp(filesystems[i].mntPoint, "/proc") == 0)) {
>   +#endif
>    	if (stat(filesystems[i].mntPoint, &sb)) {
>    	    rpmlog(RPMLOG_ERR, _("failed to stat %s: %s\n"), fsnames[i],
>    			strerror(errno));
>   @@ -120,6 +123,9 @@
>    	
>    	filesystems[i].dev = sb.st_dev;
>    	filesystems[i].rdonly = rdonly;
>   +#if defined(RPM_VENDOR_OPENPKG) /* always-skip-proc-filesystem */
>   +        }
>   +#endif
>
>    	/* goto the next vmount structure: */
>    	vm = (struct vmount *)((char *)vm + vm->vmt_length);
>   @@ -213,6 +219,11 @@
>    	    mntdir = mounts[nextMount++].f_mntonname;
>    #	endif
>
>   +#if defined(RPM_VENDOR_OPENPKG) /* always-skip-proc-filesystem */
>   +	if (strcmp(mntdir, "/proc") == 0)
>   +		continue;
>   +#endif
>   +
>    	if (stat(mntdir, &sb)) {
>    	    switch(errno) {
>    	    default:
>   @@ .
> ______________________________________________________________________
> RPM Package Manager                                    http://rpm5.org
> CVS Sources Repository                                rpm-cvs@rpm5.org
Received on Sat Oct 11 19:40:32 2008
Driven by Jeff Johnson and the RPM project team.
Hosted by OpenPKG and Ralf S. Engelschall.
Powered by FreeBSD and OpenPKG.