*** This bug is a security vulnerability ***
Public security bug reported:
Binary package hint: mountall
This is basically a duplicate of 439604. Sorry I am filing a new bug,
but I see no other way to get this the attention it deserves.
The karmic mountall program checks filesystem in the background and the
system keeps booting without all filesystems mounted. The filesystems
will then later be mounted at an essentially random time. This can and
does lead to a lot of problems. I am not talking about you mp3
collection not being available, I am talking about server systems that
rely on a checked and consistend filesystem for their databases, mail
spools etc.
If you are lucky your servers wont find their config or data and just
will not start.
If you are unlucky, a server will start, find its data directory empty
and create the files it needs. People start using the service, data is
created. Then at some later time the fsck is finished and the real
filesystem gets mounted on top of the data the service has been creating
in the mean time. Now you have inconsistent data and half of it is
buried under the mounted fs.
If you are really unlucky, a non-existent config file will revert a
service to a default non-secure state.
Many years ago I had a problem where the mailboxes for a mail server
were not available sometimes. So the client comes to check for mail,
server says there is no mail. So the client thinks there is an empty
mailbox and clears his list of already read mails. Next time he checks
for mail, the mails are there again. But the client doesn't remember
those mails from before. So he downloads all the 10.000 mails from the
server and presents them as new mails to the user. Multiply this by many
many users. Not one of my proudest moments as admin of this system.
Thats the kind of problems you can get with inconsistent system state.
A system that boots with all the filesystems in the right place is in an
inconsistent state. Its the job of the operating system to make sure
this does not happen. There is no way you can predict and guard against
this kind of problem except by making sure that the server only keeps
booting if all filesystems are checked and mounted.
If you don't absolutely need your filesystems to be there at boot time,
we already have the "noauto" option available.
What makes this bug much worse ist that everything will appear to be ok
after upgrading to karmic, but when you reboot your system many months
later the fsck will run for the first time and you'll have those
inconsistencies. Many admins who don't know what went wrong might just
reboot the system again, this time it workes fine, because the
filesystems don't need checking. They think its a glitch and ignore it
but might get hit again next time around the filesystem needs checking.
** Affects: mountall (Ubuntu)
Importance: Undecided
Status: New
** Visibility changed to: Public
--
mountall endangers system stability
https://bugs.launchpad.net/bugs/571116
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
