Bug 192153 - rpm escapes --root if it disappears
rpm escapes --root if it disappears
Status: CLOSED WONTFIX
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: rpm (Show other bugs)
4.0
All Linux
medium Severity medium
: ---
: ---
Assigned To: Panu Matilainen
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2006-05-17 18:05 EDT by Mike McLean
Modified: 2012-06-20 09:21 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2012-06-20 09:21:16 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
strace of rpm showing this issue (287.41 KB, application/octet-stream)
2006-05-17 18:11 EDT, Mike McLean
no flags Details

  None (edit)
Description Mike McLean 2006-05-17 18:05:04 EDT
If you use rpm --root <chroot> to install packages for a chroot and the chroot
disappears while rpm is installing, it falls back to installing package content
outside of the chroot. This can really hose your system.

The version of rpm I am using is the one from U3: rpm-4.3.3-13_nonptl

To replicate this in a safe way, I've done the following:
1) create a harmless set of test packages to install
2) created a base chroot to install them in
3) install the test packages in the chroot
4) while the test packages are installing, delete the chroot
5) verify that contest from the test packages has been installed outside of the
chroot

I've written a script that goes through these steps: ~mikem/rpm-chroot.sh
The script has an strace option for running rpm through strace
For step 4, I recommend using ~mikem/rmtree

I will post some strace output shortly
Comment 1 Mike McLean 2006-05-17 18:11:49 EDT
Created attachment 129369 [details]
strace of rpm showing this issue

It looks like rpm may simply be ignoring the error code from a failed chroot:

chdir("/")				= 0
chroot("/var/lib/mock//test/")		= -1 ENOENT (No such file or directory)

time(NULL)				= 1147903876
open("/var/tmp/rpm-tmp.61061", O_RDWR|O_CREAT|O_TRUNC|O_EXCL, 0666) = 8
Comment 2 Mike McLean 2006-10-26 19:29:12 EDT
in psm.c, chroot is called three times:
in runScript, the return code is not checked
in rpmpsmStage (two instances), the return code of the chroot is returned from
the function, but I'm not sure how it is handled further up the line

in transaction.c, chroot is called twice in the function rpmtsRun. The return
code is not checked.
Comment 3 Warren Togami 2006-10-26 21:47:24 EDT
jkeating mentioned that brew is using a patched rpm that avoids this problem. 
Is this true?
Comment 4 Mike McLean 2006-10-26 22:01:36 EDT
No, brew is not using a patched rpm. Once we understood the nature of the
problem, we were able to avoid triggering the bug.
Comment 5 Jeff Johnson 2006-10-27 10:48:09 EDT
In most cases, there's little risk, as chroot is root-only, the build tree is owned by root.root and so cannot 
be removed, and the outer file system is owned root.root, etc.

But yes, the chroot return code needs to be checked.
Comment 6 Jiri Pallich 2012-06-20 09:21:16 EDT
Thank you for submitting this issue for consideration in Red Hat Enterprise Linux. The release for which you requested us to review is now End of Life. 
Please See https://access.redhat.com/support/policy/updates/errata/

If you would like Red Hat to re-consider your feature request for an active release, please re-open the request via appropriate support channels and provide additional supporting details about the importance of this issue.

Note You need to log in before you can comment on or make changes to this bug.