-
Notifications
You must be signed in to change notification settings - Fork 1.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Regression: umount exits non null due to restrictive permissions of utab.lock in 2.40 #2981
Comments
The permissions are fine; if you have no write access to the utab then you do not need the lock ;-) The problem is that libmount checks for access to the file but ignores the result of the check. See debug output
In this case, the library needs to ignore the utab update. Fixed version:
and it exits with 0. Fix: diff --git a/libmount/src/context.c b/libmount/src/context.c
index 952287a26..5206c1d58 100644
--- a/libmount/src/context.c
+++ b/libmount/src/context.c
@@ -367,8 +367,7 @@ const char *mnt_context_get_writable_tabpath(struct libmnt_context *cxt)
{
assert(cxt);
- context_init_paths(cxt, 1);
- return cxt->utab_path;
+ return mnt_context_utab_writable(cxt) ? cxt->utab_path : NULL;
}
I'll prepare a pull request with the fix. |
karelzak
added a commit
that referenced
this issue
Apr 23, 2024
The function mnt_has_regular_utab() properly detects that the utab is not writable, but this is ignored by the high-level context API. As a result, the library later attempts to update the file and ends up with a warning in mount(8): $ mkdir sys $ unshare --map-root-user --mount $ mount --rbind /sys sys $ umount --lazy sys; echo $? umount: /home/user/sys: filesystem was unmounted, but failed to update userspace mount table. 16 In this case, the utab should be ignored. Fixes: #2981 Signed-off-by: Karel Zak <kzak@redhat.com> (cherry picked from commit 97f7bfc)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Starting with c14bee4
/run/mount/utab.lock
has no longer read permissions for group and others.This results in an exit code of 16 instead of 0 when using umount in a user namespace.
You can reproduce this on Debian by creating a VM like this:
Changing unstable to testing (currently with util-linux 2.39.3) or stable (2.38.1) fixes this as the
utab.lock
has read permissions for everyone.I would propose to partly revert the commit like this:
Alternatively we could make something like
umount --no-mtab
the default.The text was updated successfully, but these errors were encountered: