Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
imgcreate/fs.py: abort on hard-unmount failure
Lazy unmounting was originally introduced in commit 73bd680 ("Do lazy umounts to reduce the impact of umount issues.", 2010-07-24) as a work-around for RHBZ#617844 and RHBZ#509427. Unfortunately, lazy unmounting and then proceeding as if no error had occurred is actively harmful: combined with the lazy nature of "losetup -d", it enables writes pending within the chroot to modify / corrupt the filesystem while it's being checked & modified by e2fsck, and/or captured into the ISO image. We've seen actual examples of this: - https://bugzilla.redhat.com/show_bug.cgi?id=2007045 - https://bugzilla.redhat.com/show_bug.cgi?id=2038105#c45 - #221 Papering over a hard-unmount failure is never right; in all such cases, the leaked reference(s) to the chroot filesystem must be tracked down and fixed -- potentially in packages that underlie livecd-tools, such as "dnf". Otherwise, corrupt ISO images are built, and worse: non-deterministically so, which makes people investigate in all the wrong places. Throw exceptions upon hard-unmount failures, and encourage users to report all failures to unmount in the upstream bug tracker. Preserve lazy unmount only as a last-resort *cleanup* action, so that the user is not left with a bunch of unwanted mounts *AFTER* the process using imgcreate exits (i.e., when the leaked references are cleaned up by the kernel automatically). Signed-off-by: Laszlo Ersek <lersek@redhat.com>
- Loading branch information