Bug #1533

Execution of snf-image-update-helper has side-effects on host

Added by Vangelis Koukis almost 10 years ago. Updated almost 10 years ago.

Status:Closed Start date:10/19/2011
Priority:High Due date:
Assignee:Nikos Skalkotos % Done:

0%

Category:- Spent time: -
Target version:v0.1.2

Description

Using debootstrap and installing packages in its chroot has potential side effects on the host,
due to execution of init scripts.

Use a policy-rc.d file to inhibit execution of init scripts during the bootstrap.
Example:

# dd if=/dev/zero of=backingfile bs=1M count=500
# mke2fs backingfile
# mkdir /aa
# mount -o loop backingfile /aa
# mkdir -p /aa/usr/sbin
# cat >/aa/usr/sbin/policy-rc.d
#!/bin/sh
exit 101
# chmod +x /aa/usr/sbin/policy-rc.d
# debootstrap --verbose --arch amd64 --include linux-image-amd64,ntfsprogs,ntfs-3g,fuse-utils --variant=minbase stable /aa http://ftp.gr.debian.org/debian/

Looking at /aa/var/log/bootstrap.log:

Setting up fuse-utils (2.8.4-1.1) ...
creating fuse group...
Adding group `fuse' (GID 102) ...
Done.
udev active, skipping device node creation.
invoke-rc.d: policy-rc.d denied execution of start.
Setting up gpgv (1.4.10-4) ...

History

#1 Updated by Nikos Skalkotos almost 10 years ago

  • Status changed from Assigned to Feedback

resolved in commit 5a31f7ef68277416fe26313bcf5cc1eb3cdc4df9

#2 Updated by Vangelis Koukis almost 10 years ago

  • Status changed from Feedback to Closed

Release as v0.1.2, closing ticket.

Also available in: Atom PDF