Bug 188887 - bind/named in chroot does not umount proc FS after stop
bind/named in chroot does not umount proc FS after stop
Status: CLOSED NOTABUG
Product: Fedora
Classification: Fedora
Component: bind (Show other bugs)
5
All Linux
medium Severity medium
: ---
: ---
Assigned To: Jason Vas Dias
Ben Levenson
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2006-04-13 04:34 EDT by Thomas Steudten
Modified: 2007-11-30 17:11 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-04-13 17:29:15 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Thomas Steudten 2006-04-13 04:34:07 EDT
Description of problem:

/etc/init.d/named is startup script of bind (8).
There's only a mount request for the proc FS in the chroot environment:
/var/named/chroot/proc.
So start named gives (named start):
/proc on /var/named/chroot/proc type none (rw,bind)
Stopping it (named stop):
/etc/init.d/named stop
Stopping named:                                                      [  OK  ]
# mount | grep chroot
/proc on /var/named/chroot/proc type none (rw,bind)

Version-Release number of selected component (if applicable):

bind-9.3.2-12.FC5

How reproducible:

Steps to Reproduce:
1. /etc/init.d/named start ; mount |grep chroot
2. /etc/init.d/named stop; mount | grep chroot
3.
  
Actual results:
After named stop: /proc on /var/named/chroot/proc type none (rw,bind)

Expected results:
After stop: /var/named/chroot/proc not mounted.

Additional info:
Comment 1 Jason Vas Dias 2006-04-13 17:29:15 EDT
This really is not a bug, IMHO .

Named must mount /proc in the chroot for a variety of reasons, and will 
check that it is mounted on a start of the named service if the chroot
is enabled. The initscript will not do any mounts if the required 
mountpoints are already mounted.

There's no reason to unmount the mountpoints when named is stopped; 
if you have named enabled as a service, it should be running all the 
time, and interruptions in service are likely to be brief 
( eg. when doing a 'service named restart' ) -
then doing the umount + mount for every restart is just wasted effort.

Having /proc mounted under the bind chroot $ROOTDIR/proc causes no harm to
anything, so there's no real reason to unmount it when the named service is
stopped.

If you do not want the initscript to do any mounts / unmounts, then 
add these lines to /etc/fstab:
'
/dev/proc         /var/named/chroot/proc             none    bind      0 0
/var/run/dbus     /var/named/chroot/var/run/dbus     none    bind      0 0
'

If you do not want to mount anything under $ROOTDIR/ , then disable the
bind chroot environment:
  # bind-chroot-admin --disable
and enable SELinux in Enforcing mode:
  # setenforce 1
The bind-chroot environment serves no purpose that is not served by running
named with SELinux in Enforcing mode.
Comment 2 Thomas Steudten 2006-04-20 06:05:36 EDT
Please see "Write init scripts" and "How to enable and disable settings in init
scripts".

It is simple to add a "umount" call, in the stop section. If you do a mount
request in the start section, you should alway undo things from the start
section in the stop section.
If you don't want to do this, you can add the mount in the /etc/fstab with
setting "auto". However, why you should do this, if named is not used, like only
/etc/hosts?
So if using chroot with named/bind, you need the chroot-proc, but you don't need
this mount any more, if you stop the named process.

The system should be in the same state, like before the start of the init script.
See "How to use *.lck, *.pid files and to remove this by stop".

It is not a clean way, to mount things, and not to umount things after stopping
the only service, which uses this mount.

Note You need to log in before you can comment on or make changes to this bug.