MNT_NOEXEC on root filesystem with diskless PXE boot?
Tom Alsberg
alsbergt at zoopee.org
Thu Mar 31 03:16:29 PST 2005
Perhaps this should go to -STABLE, I just couldn't be sure.
We are trying out FreeBSD 5.4-PRERELEASE on diskless clients. I
noticed one problem, being that when setting the LD_LIBRARY_PATH
(or for that matter, LD_PRELOAD, and LD_LIBMAP_DISABLE) environment
variables, nothing will run, as /libexec/ld-elf.so.1 complains:
Cannot execute objects on /
According to the sources, this was added in 5.4, and will happen
if / is mounted noexec.
In this case, / is mounted by the BTX PXE loader over NFS (from a
FreeBSD 5.3 server, right now). "mount" does not show the noexec
flag. However, with the attached little C program I verified that
statfs really returns this flag (0x00000006).
Now, I see that on FreeBSD 5.3 diskless clients this flag is also
returned on / - just it happened that nobody looked at it until
the change in rtld.c of FreeBSD 5.4:
if (fs.f_flags & MNT_NOEXEC) {
_rtld_error("Cannot execute objects on %s\n", fs.f_mntonname);
close(fd);
return NULL;
}
I didn't yet understand (didn't check much) - why does statfs report
the MNT_NOEXEC flag on the / filesystem (and only the / filesystem,
when it's mounted from NFS by the bootloader - not any other
NFS filesystems)? BTW, this happens also with NetApp as the NFS
server - just to rule out any possibility of relation here.
Ideas appreciated,
-- Tom
--
Tom Alsberg - certified insane, complete illiterate.
Homepage: http://www.cs.huji.ac.il/~alsbergt/
* An idea is not responsible for the people who believe in it.
-------------- next part --------------
#include <stdio.h>
#include <fcntl.h>
#include <sys/param.h>
#include <sys/mount.h>
int main(int argc, char *argv[])
{
if (argc != 2) {
fprintf(stderr, "invalid number of arguments");
return -1;
}
struct statfs stbuf;
if (statfs(argv[1], &stbuf) != 0) {
perror("fstatfs");
return -1;
}
printf("FLAGS: 0x%08X\n", stbuf.f_flags);
if (stbuf.f_flags & MNT_NOEXEC)
printf("MNT_NOEXEC\n");
return 0;
}
More information about the freebsd-hackers
mailing list