Temp files in /etc
Jeremy Chadwick
koitsu at FreeBSD.org
Sat Sep 6 06:31:15 UTC 2008
On Fri, Sep 05, 2008 at 07:40:13PM -0700, Joshua Piccari wrote:
> Hi all,
> I am setting up a few jails and I want them all to use the same /etc files
> (with the exception of the files related to the password files and
> databases), so I mounted a shared /etc folder as a nullfs with read-only
> permissions. The problem is that using utilities like pw or chpass create
> temporary files in /etc and that file system is mounted read-only.
> So is there a way to force any utilities that create temp files in /etc to
> use another location, something like /usr/local/etc for example?
I've had a chat with another user off-list about this, and the
conclusion reached is that your mounting of /etc read-only is a bad
idea, for many different reasons. Let's step through things slowly, so
that hopefully it'll make sense.
Foremost, /etc is mounted read-only, so what purpose does it serve to be
using passwd or group-editing utilities on that system? You'd need r/w
access to be able to accomplish that.
Secondly, utilities like vipw(8), chpass(1), pw(8), and many others all
create temporary files in /etc for security reasons: the temporary files
*must* be on the same filesystem. In your case, /etc is its own
filesystem, mounted read-only. So, placing the temporary files (e.g.
/etc/pw.XXXXXX when using vipw(8)) on a separate filesystem or separate
location is not plausible. Regarding the security implications, others
will have to chime in here.
Thirdly, some (but not all) of the utilities support command-line flags
that allow an alternative directory to /etc:
pw(8) -V flag
vipw(8) -d flag
pwd_mkdb(8) -d flag
chpass(1) no support
passwd(1) no support
rmuser(8) no support
adduser(8) no support
Fourthly, there are periodic(8) scripts which explicitly refer to
/etc/master.passwd and do not support an alternative directory. Those
scripts will break, and disabling them is not recommended.
Finally, some other caveats/situations which will likely arise:
- The administrator (you) will have to remember to use the above flags
every time they use said utilities; chances are you'll forget,
especially since the flags aren't all the same,
- A user of your jail may become very surprised when they find
passwd, group, or other files missing from /etc,
- Third-party software which reads /etc/passwd or related files will
fail since you'd be using an alternative /etc directory. I'm
pretty sure we have some ports which use rmuser/adduser (meaning
the software itself, not necessarily the port installation part).
Hope this sheds some light on things.
--
| Jeremy Chadwick jdc at parodius.com |
| Parodius Networking http://www.parodius.com/ |
| UNIX Systems Administrator Mountain View, CA, USA |
| Making life hard for others since 1977. PGP: 4BD6C0CB |
More information about the freebsd-hackers
mailing list