Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: systemd (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1991975
Title:
dev file system is mounted without nosuid
Status in linux package in Ubuntu:
Confirmed
Status in systemd package in Ubuntu:
Confirmed
Status in linux source package in Focal:
Confirmed
Status in systemd source package in Focal:
Confirmed
Bug description:
This is similar to
https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1450960 but new.
I discovered that my ec2 instances based off of Canonical supplied AMI
ami-0a23d90349664c6ee *(us-east-2), have dev mounted mounted without
the nosuid option.
https://us-east-2.console.aws.amazon.com/ec2/home?region=us-
east-2#Images:visibility=public-images;imageId=ami-0a23d90349664c6ee
My usb installed 20.04.4 home machine does not have this problem, but
it has been installed for quite some time. My 22.04 laptop machine
also does not have this issue.
Reproduce.
Start an ec2 instance based off of ami-0a23d90349664c6ee.
$ mount | grep devtmpfs
nosuid is not found in the options list.
I've checked the initrd, and /etc/init.d/udev script and all places I
know of where dev gets mounted set nosuid, so it's non-obvious what
boot code-path is being taken that results in nosuid missing.
ProblemType: Bug
DistroRelease: Ubuntu 20.04
Package: udev 245.4-4ubuntu3.18
ProcVersionSignature: Ubuntu 5.15.0-1020.24~20.04.1-aws 5.15.53
Uname: Linux 5.15.0-1020-aws x86_64
ApportVersion: 2.20.11-0ubuntu27.24
Architecture: amd64
CasperMD5CheckResult: skip
CustomUdevRuleFiles: 60-cdrom_id.rules 70-snap.snapd.rules
Date: Thu Oct 6 17:39:42 2022
Ec2AMI: ami-0a23d90349664c6ee
Ec2AMIManifest: (unknown)
Ec2AvailabilityZone: us-east-2c
Ec2InstanceType: t2.medium
Ec2Kernel: unavailable
Ec2Ramdisk: unavailable
Lsusb: Error: command ['lsusb'] failed with exit code 1:
Lsusb-t:
Lsusb-v: Error: command ['lsusb', '-v'] failed with exit code 1:
MachineType: Xen HVM domU
ProcEnviron:
TERM=xterm-256color
PATH=(custom, no user)
LANG=C.UTF-8
SHELL=/bin/bash
ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-5.15.0-1020-aws
root=PARTUUID=5bb90437-9efc-421d-aa94-c512c3b666a3 ro console=tty1
console=ttyS0 nvme_core.io_timeout=4294967295 panic=-1
SourcePackage: systemd
UpgradeStatus: No upgrade log present (probably fresh install)
dmi.bios.date: 08/24/2006
dmi.bios.release: 4.2
dmi.bios.vendor: Xen
dmi.bios.version: 4.2.amazon
dmi.chassis.type: 1
dmi.chassis.vendor: Xen
dmi.modalias:
dmi:bvnXen:bvr4.2.amazon:bd08/24/2006:br4.2:svnXen:pnHVMdomU:pvr4.2.amazon:cvnXen:ct1:cvr:sku:
dmi.product.name: HVM domU
dmi.product.version: 4.2.amazon
dmi.sys.vendor: Xen
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1991975/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
