Bug 953426

Summary: dracut creates non working initramfs if /var/tmp mounted noexec
Product: [Fedora] Fedora Reporter: GV <rhel>
Component: dracutAssignee: dracut-maint
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: high Docs Contact:
Priority: unspecified    
Version: 19CC: dracut-maint, harald, jonathan
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-04-23 03:38:00 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
Screenshot none

Description GV 2013-04-18 08:05:34 UTC 
Description of problem:
dracut seems to not include libselinux.so.1 anymore in initramfs image.

Version-Release number of selected component (if applicable):
dracut-027-26.git20130415.fc19.x86_64

How reproducible:
# dracut -v -f initramfs-3.9.0-0.rc6.git2.3.fc19.x86_64.img 3.9.0-0.rc6.git2.3.fc19.x86_64
I: *** Including module: i18n ***
I: *** Including module: kernel-modules ***
I: *** Including module: resume ***
I: *** Including module: rootfs-block ***
I: *** Including module: terminfo ***
I: *** Including module: udev-rules ***
I: *** Including module: biosdevname ***
I: *** Including module: systemd ***
I: *** Including module: usrmount ***
I: *** Including module: base ***
I: *** Including module: fs-lib ***
I: *** Including module: shutdown ***
I: *** Including modules done ***
I: *** Installing kernel module dependencies and firmware ***
I: *** Installing kernel module dependencies and firmware done ***
I: *** Resolving executable dependencies ***
I: *** Resolving executable dependencies done***
I: *** Hardlinking files ***
I: *** Hardlinking files done ***
W: Could not find 'strip'. Not stripping the initramfs.
I: *** Creating image file ***
I: *** Creating image file done ***
I: Wrote /root/initramfs-3.9.0-0.rc6.git2.3.fc19.x86_64.img:
I: -rw-------. 1 root root 6056835 Apr 18 10:53 /root/initramfs-3.9.0-0.rc6.git2.3.fc19.x86_64.img

# cat /boot/initramfs-3.9.0-0.rc6.git2.3.fc19.x86_64.img | gzip -d | cpio -t | grep selinux
19521 blocks

See attached picture.
Comment 1 GV 2013-04-18 08:06:10 UTC 
Created attachment 737196 [details]
Screenshot
Comment 2 GV 2013-04-18 08:33:25 UTC 
It seems that the problem occurs only if /var/tmp is bind mounted to /tmp.

Since this configuration works in F18 it would be nice to also work in F19.
Comment 3 GV 2013-04-18 08:34:35 UTC 
List of files in initramfs (/usr/lib64 directory only):

usr/lib64/libc.so.6
usr/lib64/libc-2.17.so
usr/lib64/libnss_files.so.2
usr/lib64/libnss_files-2.17.so
usr/lib64/libtinfo.so.5.9
usr/lib64/libdl.so.2
usr/lib64/ld-2.17.so
usr/lib64/ld-linux-x86-64.so.2
usr/lib64/libdl-2.17.so
usr/lib64/libtinfo.so.5
Comment 4 GV 2013-04-18 09:11:46 UTC 
I was wrong. Is not because of bind mount but because /tmp (and /var/tmp) being mounted noexec (also nosuid and nodev).

Still, this works fine in F18.
Comment 5 GV 2013-04-18 09:37:31 UTC 
OK, it's not dracut fault but ldd. Maybe you should print an error/warning message if tmpdir directory is mounted noexec.

I'm going to fill a bugreport for glibc.
Comment 6 GV 2013-04-18 09:39:24 UTC 
Still, ldd has the same behaviour in F18. I cannot understand this...
Comment 7 Harald Hoyer 2013-04-18 11:12:05 UTC 
No need to file a bugreport for glibc.

dracut-027-36.git20130418.fc19
Comment 8 GV 2013-04-18 11:50:14 UTC 
> No need to file a bugreport for glibc.
Yes, ldd will refuse to print dependencies if partition is mounted noexec. I don't know why I had the impression that it still prints something. Anyway...

> dracut-027-36.git20130418.fc19
Works fine now. Thank you.
Comment 9 Fedora Update System 2013-04-18 13:31:31 UTC 
dracut-027-36.git20130418.fc19 has been submitted as an update for Fedora 19.
https://admin.fedoraproject.org/updates/dracut-027-36.git20130418.fc19
Comment 10 Fedora Update System 2013-04-18 17:28:42 UTC 
Package dracut-027-36.git20130418.fc19:
* should fix your issue,
* was pushed to the Fedora 19 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing dracut-027-36.git20130418.fc19'
as soon as you are able to.
Please go to the following url:
https://admin.fedoraproject.org/updates/FEDORA-2013-6011/dracut-027-36.git20130418.fc19
then log in and leave karma (feedback).
Comment 11 Fedora Update System 2013-04-23 03:38:03 UTC 
dracut-027-36.git20130418.fc19 has been pushed to the Fedora 19 stable repository.  If problems still persist, please make note of it in this bug report.