Control: clone -1 -2 Control: reassign -2 dropbear-initramfs 2019.78-2 Control: retitle -2 race condition: init-bottom doesn't abort/cleanup run_networking() Control: severity -2 normal
On Thu, 24 Oct 2019 at 18:48:12 -0400, Anton Avramov wrote: > However I've ran into a problem where if there is no panic and > initramfs ipconfig command uses dhcp it would actually finish after > the boot process is complete. And if the system itself uses static ip > it gets overwritten by the dhcp. Ah right, I understand the problem now. Whether configure_networking() is run (at premount stage) in the background or not depends on the boot method. On local (non-NFS) mounts it's done in the background, and should be interrupted at bottom stage. However if no other script is waiting for interactive user input the bottom script might run before dropbear had a chance to run yielding a race condition at bottom stage. This is a bug. > So the starting script in premount for dropbear should take care not > to start if there is no /etc/crypttab and only start in case of panic. dropbear-initramfs has nothing to do with /etc/crypttab, and it's not because there are encrypted volumes to unlock that the boot process is race-free: for instance these volumes might be unlocked in an unattended fashion with a cheap PBKDF (or just plain dm-crypt). Furthermore right now the way the encrypted volumes are unlocked at initramfs stage, incl. the location of the crypttab(5), is considered as an internal detail of the cryptsetup-initramfs package :-P That said I maintain that package too, so I could help documenting the necessary interface if needs be :-D > Considering my comment above should there be an option to activate > dropbear in case of panic but no crypttab or there should be a config > option to include and start dropbear in initramfs in case crypttab > doesn't exists? Once the race is eliminated from the init-bottom script (bug #-2), run_dropbear() will unconditionally start, but be properly terminated/cleaned before starting the init(1) binary. That's your second alternative; it's the simplest solution (either way there is a bug that needs fixing) and it doesn't require further documentation from initramfs-tools(7). I also think it'd be reasonable to have an option to run the premount script at panic stage instead. Cheers, -- Guilhem.
signature.asc
Description: PGP signature
