Bug 329091 - [5.2]The disk which the OS is in is destroyed by not becoming an error when the host OS is installed in an specified disk.
[5.2]The disk which the OS is in is destroyed by not becoming an error when t...
Status: CLOSED CANTFIX
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: python-virtinst (Show other bugs)
5.1
All Linux
low Severity high
: ---
: ---
Assigned To: Daniel Veillard
Virtualization Bugs
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2007-10-12 02:38 EDT by Shigeki Sakamoto
Modified: 2009-12-14 16:22 EST (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-10-31 04:21:45 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
Add the check of the disk like the check of the file, and warning is output. (1.09 KB, patch)
2007-10-16 03:04 EDT, Shigeki Sakamoto
no flags Details | Diff

  None (edit)
Description Shigeki Sakamoto 2007-10-12 02:38:56 EDT
Description of problem:
The disk which the OS is in is destroyed by not becoming an error when the host
OS is installed in an specified disk.

Version-Release number of selected component (if applicable):
libvirt-0.2.3-9.el5
libvirt-python-0.2.3-9.el5
python-virtinst-0.103.0-3.el5
libvirt-0.2.3-9.el5

How reproducible:
Because, there is only a check to judge whether specified --file operand is a file,
It adds a check to judge whether specified --file operand is a disk.


Steps to Reproduce:
1. add a check to judge whether specified --file operand is a disk to get_disk()
in virt-install
2. 
3. 
  
Actual results:
The disk which the OS is in is destroyed by not becoming an error.

Expected results:
When the disk which the OS is in is specified, becoming an error.

Additional info:
Comment 1 Shigeki Sakamoto 2007-10-12 03:00:26 EDT
Because content to fill out XX and YY is wrong, I revise it. It is as follows to
be right.
How reproducible:
always :When it specified disk which the OS is in

Steps to Reproduce:
1. it specified disk which the OS is in to an operand of
--file.(e.g."--file=/dev/sda")
Comment 2 Daniel Veillard 2007-10-12 03:07:00 EDT
I do not understand the bug report. Please clarify:
  - "The disk which the OS is in" does taht mean a file, a CDROM, a partition ?
  - "when the host OS is installed in an specified disk", what disk ?

you mention two disks, are they the same ? 
Why is the bug assigned to libvirt if you suggest to fix virt-install ?
With respect to comment #1:
  - what is XX  what is YY ?
  - I do not understand the step to reproduce, provide a *full* information
    or explain better what is the matter with passing --file=/dev/sda 

As such the bug is not understandable to me, sorry !

Daniel
Comment 3 Saori Fukuta 2007-10-12 03:50:00 EDT
Hello Daniel,

Sorry, Shigeki made several mistake.

This is a full information of steps to reproduce:
1. Confirm the device name and the partition mounted by host OS.
  (e.g.) 
  in this case, "/dev/sda1" and "/dev/sda2" is mounted, 
  and device name is "/dev/sda"
  # df -kh
  Filesystem            Size  Used Avail Use% Mounted on
  /dev/sda2              23G  4.4G   18G  20% /
  /dev/sda1              99M   26M   69M  28% /boot
  tmpfs                 467M   12K  467M   1% /dev/shm

2. Create a guest OS by specifying the device name.
   (i.e.  "/dev/sda", not "/dev/sda1" or "/dev/sda2")
  # virt-install --name=test --ram=256 --hvm --cdrom=/dev/cdrom --file=/dev/sda

3. The host OS will be destroyed because a system file is compulsorily 
   overwrited.


So,
>   - "The disk which the OS is in" does taht mean a file, a CDROM, a 
partition ?
that disk means device name that specified with virt-install as --file option.

>   - "when the host OS is installed in an specified disk", what disk ?
that disk means device name that mounted by host OS.

> Why is the bug assigned to libvirt if you suggest to fix virt-install ?
yes, you are right. I changed the component from libivrt to python-virtinst.

> With respect to comment #1:
>   - what is XX  what is YY ?
that is his mistake, sorry.

Regards,
Saori Fukuta
Comment 4 Daniel Veillard 2007-10-12 04:39:30 EDT
Hum, sure such a check could be aded, but in general the UNIX philosophy is that
if you run as root (and that command runs as root) and you mess up with files
well, you get to clean up the mess. Famous example includes '# rm -rf /' but
in your case if you were typing
  # cat /dev/zero > /dev/sda

then again you will trash your data. And the shell won't protect you. Basically
command like virt-install, which are to be run as root, cannot be made completely
fool-proof, and such access and permissions should never be granted to a normal
user.
Maybe a test can be added, but in general trying to foolproof full root access
system tools like this is just impossible.

Daniel
Comment 5 Shigeki Sakamoto 2007-10-12 07:27:06 EDT
I think that what is not checked at all is bad.
Surely, it may be impossible to make foolproof,
but it should give the warning at least. 
The one is user-friendly.

Shigeki Sakamoto
Comment 6 Shigeki Sakamoto 2007-10-16 03:04:30 EDT
Created attachment 228301 [details]
Add the check of the disk like the check of the file, and warning is output.
Comment 7 Shigeki Sakamoto 2007-10-16 03:05:29 EDT
I make the patch which improved this problem.
I attach it.
Comment 8 RHEL Product and Program Management 2007-10-19 11:55:25 EDT
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux maintenance release.  Product Management has requested
further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for currently deployed
products.  This request is not yet committed for inclusion in an Update
release.
Comment 10 Shigeki Sakamoto 2007-10-30 22:40:16 EDT
The patch which I showed is inappropriate.
It only prevent only a part of range and,
It is illogical because it lose usability by giving warning every time.
> Basically command like virt-install,
> which are to be run as root, cannot be made completely fool-proof,
Surely, the completely fool-proof check seems to be impossible
when I think about a range of a check.
Therefore, please close this bug.

Shigeki Sakamoto.
Comment 11 Daniel Veillard 2007-10-31 04:21:45 EDT
Okay, thanks. I understand why you wanted to try to do this but it's really
impractical, and a false sense of security is worse than knowing there is
a risk,

Daniel

Note You need to log in before you can comment on or make changes to this bug.