* [PATCH 1/2] dracut: create ldconfig aux cache directory on the initrd
@ 2010-12-07 1:44 Christian Heinz
[not found] ` <1291686260-32371-1-git-send-email-christian.ch.heinz-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
0 siblings, 1 reply; 6+ messages in thread
From: Christian Heinz @ 2010-12-07 1:44 UTC (permalink / raw)
To: initramfs-u79uwXL29TY76Z2rM5mHXA; +Cc: Christian Heinz
This will allow ldconfig to create its auxiliary cache file in order to
prevent `ldconfig -r' from failing completely when dracut is run as
non-root. Applies to glibc/ldconfig versions released before Nov 22,
2010.
---
dracut | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/dracut b/dracut
index 303d817..5cdd313 100755
--- a/dracut
+++ b/dracut
@@ -350,6 +350,7 @@ unset item
# make sure that library links are correct and up to date
cp -ar /etc/ld.so.conf* "$initdir"/etc
+mkdir -p "$initdir/var/cache/ldconfig"
ldconfig -r "$initdir" || [[ $UID != "0" ]] && \
dinfo "ldconfig might need uid=0 (root) for chroot()"
--
1.7.3.3
^ permalink raw reply related [flat|nested] 6+ messages in thread[parent not found: <1291686260-32371-1-git-send-email-christian.ch.heinz-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>]
* [PATCH 2/2] dracut: don't print misleading dinfo after successful ldconfig run [not found] ` <1291686260-32371-1-git-send-email-christian.ch.heinz-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> @ 2010-12-07 1:44 ` Christian Heinz 2010-12-07 9:49 ` [PATCH 1/2] dracut: create ldconfig aux cache directory on the initrd Amadeusz Żołnowski 1 sibling, 0 replies; 6+ messages in thread From: Christian Heinz @ 2010-12-07 1:44 UTC (permalink / raw) To: initramfs-u79uwXL29TY76Z2rM5mHXA; +Cc: Christian Heinz --- dracut | 4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) diff --git a/dracut b/dracut index 5cdd313..93ea308 100755 --- a/dracut +++ b/dracut @@ -351,8 +351,8 @@ unset item # make sure that library links are correct and up to date cp -ar /etc/ld.so.conf* "$initdir"/etc mkdir -p "$initdir/var/cache/ldconfig" -ldconfig -r "$initdir" || [[ $UID != "0" ]] && \ - dinfo "ldconfig might need uid=0 (root) for chroot()" +ldconfig -r "$initdir" || { [[ $UID != "0" ]] && \ + dinfo "ldconfig might need uid=0 (root) for chroot()"; } [[ $beverbose = yes ]] && (du -c "$initdir" | sort -n) -- 1.7.3.3 ^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [PATCH 1/2] dracut: create ldconfig aux cache directory on the initrd [not found] ` <1291686260-32371-1-git-send-email-christian.ch.heinz-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> 2010-12-07 1:44 ` [PATCH 2/2] dracut: don't print misleading dinfo after successful ldconfig run Christian Heinz @ 2010-12-07 9:49 ` Amadeusz Żołnowski 2010-12-07 9:54 ` Amadeusz Żołnowski 2010-12-07 11:11 ` Christian Heinz 1 sibling, 2 replies; 6+ messages in thread From: Amadeusz Żołnowski @ 2010-12-07 9:49 UTC (permalink / raw) To: initramfs [-- Attachment #1: Type: text/plain, Size: 667 bytes --] Hi, Excerpts from Christian Heinz's message of Tue Dec 07 02:44:19 +0100 2010: > This will allow ldconfig to create its auxiliary cache file in order to > prevent `ldconfig -r' from failing completely when dracut is run as > non-root. Applies to glibc/ldconfig versions released before Nov 22, > 2010. What is the benefit of "falling partially" over "falling completely". I'm wondering if there shouldn't be check if dracut is run by non-root and then exit immediately. Normal user cannot read some files (e.g. /bin/mount), so what's the point? Cheers, -- Amadeusz Żołnowski PGP key fpr: C700 CEDE 0C18 212E 49DA 4653 F013 4531 E1DB FAB5 [-- Attachment #2: signature.asc --] [-- Type: application/pgp-signature, Size: 490 bytes --] ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH 1/2] dracut: create ldconfig aux cache directory on the initrd 2010-12-07 9:49 ` [PATCH 1/2] dracut: create ldconfig aux cache directory on the initrd Amadeusz Żołnowski @ 2010-12-07 9:54 ` Amadeusz Żołnowski 2010-12-07 11:11 ` Christian Heinz 1 sibling, 0 replies; 6+ messages in thread From: Amadeusz Żołnowski @ 2010-12-07 9:54 UTC (permalink / raw) To: initramfs [-- Attachment #1: Type: text/plain, Size: 376 bytes --] Excerpts from Amadeusz Żołnowski's message of Tue Dec 07 10:49:58 +0100 2010: > What is the benefit of "falling partially" over "falling completely". Should be: What is the benefit of "falling partially" over "falling completely"? (Detail, but looked too weird… :-)) -- Amadeusz Żołnowski PGP key fpr: C700 CEDE 0C18 212E 49DA 4653 F013 4531 E1DB FAB5 [-- Attachment #2: signature.asc --] [-- Type: application/pgp-signature, Size: 490 bytes --] ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH 1/2] dracut: create ldconfig aux cache directory on the initrd 2010-12-07 9:49 ` [PATCH 1/2] dracut: create ldconfig aux cache directory on the initrd Amadeusz Żołnowski 2010-12-07 9:54 ` Amadeusz Żołnowski @ 2010-12-07 11:11 ` Christian Heinz 2010-12-07 11:55 ` Amadeusz Żołnowski 1 sibling, 1 reply; 6+ messages in thread From: Christian Heinz @ 2010-12-07 11:11 UTC (permalink / raw) To: initramfs Hi, > What is the benefit of "falling partially" over "falling completely". > I'm wondering if there shouldn't be check if dracut is run by non-root > and then exit immediately. Normal user cannot read some files (e.g. > /bin/mount), so what's the point? Not having read permission for /bin/mount as normal user looks weird to me. I use dracut on Arch Linux, though I also just tested on a Fedora VM and everything builds/runs just fine without root permissions. Are there any compelling reasons to restrict image generation to root only? Am I missing something fundamental? Regards, Christian ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH 1/2] dracut: create ldconfig aux cache directory on the initrd 2010-12-07 11:11 ` Christian Heinz @ 2010-12-07 11:55 ` Amadeusz Żołnowski 0 siblings, 0 replies; 6+ messages in thread From: Amadeusz Żołnowski @ 2010-12-07 11:55 UTC (permalink / raw) To: initramfs [-- Attachment #1: Type: text/plain, Size: 923 bytes --] Excerpts from Christian Heinz's message of Tue Dec 07 12:11:33 +0100 2010: > > What is the benefit of "falling partially" over "falling completely". > > I'm wondering if there shouldn't be check if dracut is run by non-root > > and then exit immediately. Normal user cannot read some files (e.g. > > /bin/mount), so what's the point? > > Not having read permission for /bin/mount as normal user looks weird to > me. I use dracut on Arch Linux, though I also just tested on a Fedora VM > and everything builds/runs just fine without root permissions. Are there > any compelling reasons to restrict image generation to root only? Am > I missing something fundamental? If it builds just fine with your patch, that's cool. Maybe it's a good starting point to consider permissions policy in Gentoo. :-) Cheers, -- Amadeusz Żołnowski PGP key fpr: C700 CEDE 0C18 212E 49DA 4653 F013 4531 E1DB FAB5 [-- Attachment #2: signature.asc --] [-- Type: application/pgp-signature, Size: 490 bytes --] ^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2010-12-07 11:55 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2010-12-07 1:44 [PATCH 1/2] dracut: create ldconfig aux cache directory on the initrd Christian Heinz
[not found] ` <1291686260-32371-1-git-send-email-christian.ch.heinz-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
2010-12-07 1:44 ` [PATCH 2/2] dracut: don't print misleading dinfo after successful ldconfig run Christian Heinz
2010-12-07 9:49 ` [PATCH 1/2] dracut: create ldconfig aux cache directory on the initrd Amadeusz Żołnowski
2010-12-07 9:54 ` Amadeusz Żołnowski
2010-12-07 11:11 ` Christian Heinz
2010-12-07 11:55 ` Amadeusz Żołnowski
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.