Red Hat Bugzilla – Bug 158596
df: `/var/named/chroot/proc': Permission denied
Last modified: 2007-11-30 17:11:06 EST
From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.7.8) Gecko/20050512 Fedora/1.0.4-2 Firefox/1.0.4 Description of problem: Not sure where this should be filed but when using a chroot bind, a normal user gets an error when doing a df: wintermute> df Filesystem 1K-blocks Used Available Use% Mounted on /dev/mapper/vgw0-root 10157368 4854728 4778352 51% / /dev/sdi2 101105 27318 68566 29% /boot /dev/mapper/vgw0-local 8256952 1972296 5865228 26% /usr/local /dev/mapper/vgw0-web 14223724 1134172 12367020 9% /web /dev/mapper/vgw1-home 35252984 25883100 7579116 78% /home /dev/mapper/vgw2-mirror 384562228 292943732 72083856 81% /mirror /dev/mapper/vgw3-temp 192263772 81304544 101192728 45% /temp /dev/mapper/vgraid-raid 103212320 32554988 65414452 34% /raid /dev/shm 2001592 0 2001592 0% /dev/shm df: `/var/named/chroot/proc': Permission denied /home/tjb 35252984 25883100 7579116 78% /net/home/rcc/tjb wintermute> When I first noticed this, I thought it was I copied my FC3 chroot directory over. But then I booted a rescue cd and removed the proc directory. Today I noticed the error is back. Version-Release number of selected component (if applicable): bind-9.3.1-4 How reproducible: Didn't try Additional info: I can track it down more if it's not easily reproducible.
By default, the /var/named and /var/named/chroot partitions have mode: 0750 : drwxr-x--- and ownership root:named, ie. they are not readable / searchable by "other" users that are not root and not in group named. This is as it should be, to make BIND secure. In order for named to correctly determine the correct number of CPUs, the interface list, and other sysconf parameters, /proc needs to be mounted under the root in which named runs, so if it is not mounted under the chroot when named is to be started in a chroot, the /etc/init.d/named script mounts it there ( bug 151852 ). 'df' is being run under the non-root userid, who does not have permission to read / search /var/named/chroot , and hence emits the error message. Now 'df' shouldn't really be telling you anything about mount points that you do not have read/search permission to read / search ; however if you issue the "mount" command without any arguments as a non-root user, it does list "none on /var/named/chroot/proc type proc (rw) " . This problem is a minor inconsistency between mount / df, but is NOT a bind bug. If you feel strongly about it, please reopen this bug against coreutils (df should not emit the error message) or util-linux (mount should not report protected mount points to users who do not have permission to read or search them) .
This is at least a regression as it didn't used to happen under fc3.
Yes, df does emit the error message if run by a non-root user for 0750 protected mount points in FC3. So non-root users are notified of mount points they are not meant to see through these error messages.
Jason: what leads you to believe that df is behaving incorrectly here? My reading of the POSIX specification does not seem to say clearly one way or the other about this. If the issue is information leakage, mount is more responsible for it than df is -- although /etc/mtab provides this information, as does /proc/mounts. Resetting component.
(Incidentally, this is *not* a change in behaviour for df since FC3.)
I never saw this error before FC4. I've got a chrooted bind running on an fc3 system and don't see this error: gile> ps -ef | grep named named 3268 1 0 May10 ? 00:07:29 /usr/sbin/named -u named -t /var/named/chroot tjb 18006 17948 0 10:57 pts/0 00:00:00 grep named gile> df Filesystem 1K-blocks Used Available Use% Mounted on /dev/mapper/vgsda-vgroot 8256952 6347956 1489568 81% / /dev/sda1 101086 15856 80011 17% /boot /dev/mapper/vgsda-vglocal 4128448 90460 3828276 3% /usr/local /dev/mapper/vgsda-vgweb 21416524 10993240 9335388 55% /web /dev/hda1 76920416 16857196 56155812 24% /backup /dev/sdb1 17654736 1582164 15175748 10% /home /dev/sdc1 35001508 16851616 16371900 51% /music /dev/mapper/vgpata1-mirror 76923936 43183244 29833108 60% /mirror none 257240 0 257240 0% /dev/shm /home/bc/tjb 17654736 1582164 15175748 10% /net/home/bc/tjb gile>
Yes, but as I said in Comment #3: this is NOT a regression (change in df or mount behaviour from FC3) - FC3's df/mount behaves the same as FC4's df/mount. In FC4, named mounts the proc filesystem under /var/named/chroot/proc; in FC3, it does not (yet - the next FC3 bind release will also fix bug 151852). The issue here is whether A) df should be emitting an error message for mount points that the user has no permission to read / search. B) mount should be reporting these protected mount points to users at all.
I'm confused.. I don't see any output from mount where is any problem. Please, can you send me outputs from "mount" and "cat /proc/mounts".
wintermute> mount /dev/mapper/vgw0-root on / type ext3 (rw) /dev/proc on /proc type proc (rw) /dev/sys on /sys type sysfs (rw) /dev/devpts on /dev/pts type devpts (rw,gid=5,mode=620) /dev/sdi2 on /boot type ext3 (rw) /dev/mapper/vgw0-local on /usr/local type ext3 (rw) /dev/mapper/vgw0-web on /web type ext3 (rw) /dev/mapper/vgw1-home on /home type ext3 (rw) /dev/mapper/vgw2-mirror on /mirror type ext3 (rw) /dev/mapper/vgw3-temp on /temp type ext3 (rw) /dev/mapper/vgraid-raid on /raid type ext3 (rw) /dev/shm on /dev/shm type tmpfs (rw) none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw) none on /var/named/chroot/proc type proc (rw) sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw) automount(pid3344) on /net/nfs type autofs (rw,fd=4,pgrp=3344,minproto=2,maxproto=4) automount(pid3409) on /net/home/rcc type autofs (rw,fd=4,pgrp=3409,minproto=2,maxproto=4) automount(pid3471) on /net/rcc type autofs (rw,fd=4,pgrp=3471,minproto=2,maxproto=4) automount(pid3541) on /net/home/ssc type autofs (rw,fd=4,pgrp=3541,minproto=2,maxproto=4) automount(pid3615) on /net/app type autofs (rw,fd=4,pgrp=3615,minproto=2,maxproto=4) automount(pid3696) on /net/music type autofs (rw,fd=4,pgrp=3696,minproto=2,maxproto=4) automount(pid3781) on /net/home/sttg type autofs (rw,fd=4,pgrp=3781,minproto=2,maxproto=4) nfsd on /proc/fs/nfsd type nfsd (rw) /home/tjb on /net/home/rcc/tjb type none (rw,bind) wintermute> cat /proc/mounts rootfs / rootfs rw 0 0 /dev /dev tmpfs rw 0 0 /dev/root / ext3 rw 0 0 none /selinux selinuxfs rw 0 0 /proc /proc proc rw,nodiratime 0 0 /proc/bus/usb /proc/bus/usb usbfs rw 0 0 /sys /sys sysfs rw 0 0 /dev/devpts /dev/pts devpts rw 0 0 /dev/sdi2 /boot ext3 rw 0 0 /dev/vgw0/local /usr/local ext3 rw 0 0 /dev/vgw0/web /web ext3 rw 0 0 /dev/vgw1/home /home ext3 rw 0 0 /dev/vgw2/mirror /mirror ext3 rw 0 0 /dev/vgw3/temp /temp ext3 rw 0 0 /dev/vgraid/raid /raid ext3 rw 0 0 /dev/shm /dev/shm tmpfs rw 0 0 none /proc/sys/fs/binfmt_misc binfmt_misc rw 0 0 none /var/named/chroot/proc proc rw,nodiratime 0 0 sunrpc /var/lib/nfs/rpc_pipefs rpc_pipefs rw 0 0 automount(pid3344) /net/nfs autofs rw 0 0 automount(pid3409) /net/home/rcc autofs rw 0 0 automount(pid3471) /net/rcc autofs rw 0 0 automount(pid3541) /net/home/ssc autofs rw 0 0 automount(pid3615) /net/app autofs rw 0 0 automount(pid3696) /net/music autofs rw 0 0 automount(pid3781) /net/home/sttg autofs rw 0 0 nfsd /proc/fs/nfsd nfsd rw 0 0 /dev/vgw1/home /net/home/rcc/tjb ext3 rw 0 0 wintermute>
Thanks, but I don't see any problem. The directory "/var/named/chroot/proc" is there. What do expect from the "mount" command?
The bug is to do with df. See above comments.
>- mount should not tell the user about mount points they do not have > permission to know about No way. They have permission to *know* about it. Maybe they not have permission *access* the mount point. I think "access" and "know" are two different things. > This is at least a regression as it didn't used to happen under fc3. My FC-3 box: # mount -t proc none /root/aaa # su - smith $ df Filesystem 1K-blocks Used Available Use% Mounted on /dev/hda5 10080488 6484492 3083928 68% / none 258436 0 258436 0% /dev/shm /dev/hda8 27040064 3024772 22641740 12% /home/work /dev/hdb1 39563212 22248460 15305024 60% /home/store df: `/root/aaa': Permission denied ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ $ rpm -q coreutils glibc util-linux coreutils-5.2.1-31 glibc-2.3.5-0.fc3.1 util-linux-2.12a-24.2 I think you have different mount point permissions or users or so in FC3 and FC4. Please, don't open it anymore, else I will be more sarcastic next time :-)