From: Timo Teras <timo.teras@iki.fi>
To: Rich Felker <dalias@libc.org>
Cc: musl@lists.openwall.com
Subject: Re: realpath() depends on a mounted /proc to work
Date: Tue, 7 Jun 2016 08:45:21 +0300 [thread overview]
Message-ID: <20160607084521.08cf94ec@vostro.util.wtbts.net> (raw)
In-Reply-To: <20160607011538.GU10893@brightrain.aerifal.cx>
On Mon, 6 Jun 2016 21:15:39 -0400
Rich Felker <dalias@libc.org> wrote:
> On Tue, Jun 07, 2016 at 08:27:18AM +0800, Lei Zhang wrote:
> > Hi,
> >
> > I observed that realpath() doesn't work correctly without a mounted
> > /proc while experimenting in a chroot system, where musl is the
> > default libc. OTOH, the same program statically linked against glibc
> > worked just as expected.
> >
> > Is the dependence on a mounted /proc intentional? Then what's the
> > rationale behind it?
>
> As a whole, musl depends on having /proc; the rationale is simply that
> Linux does not expose all the functionality needed to implement POSIX
> without /proc.
>
> As for realpath, it could be done without /proc, but being that musl
> already requires /proc for full functionality, and that non-/proc
> versions of realpath are significantly heavier, more complex, and less
> reliable, simply using /proc for realpath was the natural choice.
>
> If someone wants to do a survey of what functionality actually depends
> on /proc, we could document that and also evaluate whether realpath is
> sufficiently more "basic" than other things which need /proc that we
> might want to consider having a fallback implementation for when /proc
> is missign.
I remember we discussed this earlier, as I would prefer to have it for
running scripts in chroot from alpine package manager (without /proc).
This would also fix applications that chroot to isolated place after
startup (e.g. some ftp servers).
Grep says /proc is found to be used in:
- __synccall - /proc/self/task
- __procfdname - to generate /proc/self/fd/%d
- dl_iterate_phdr - /proc/self/exe as name for main executable
- dynlink - for $ORIGIN (and filtering it out from AT_EXECFN)
__synccall is used basically for setrlimit() and set*uid(). These
generally are done in the application startup, but could become issue
in chrooted multi-threaded programs.
And __procfdname is used in:
- ttyname_r
- realpath
- fexecve
- fchdir
- fchown
- fstat
- fchmodat
- fchmod
For these fexecve, ttyname_r and realpath seem to unconditionally
depend on it. For the other f* fd functions it is only the fallback
code for really old kernels.
Given the above, I would vote realpath() to have fallback code. It's
far more widely used, and would fix several chroot usage scenarios.
Btw, one discrepency is that ttyname_r declares:
char procname[sizeof "/proc/self/fd/" + 3*sizeof(int) + 2];
and all other users:
char buf[15+3*sizeof(int)];
ttyname_r this allocates one more byte for the buffer and makes it
clear where that size comes from. Perhaps this would be good place for
some internal header that has #define and prototype for __procfdname.
Thanks,
Timo
next prev parent reply other threads:[~2016-06-07 5:45 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-06-07 0:27 Lei Zhang
2016-06-07 1:15 ` Rich Felker
2016-06-07 5:17 ` Luca Barbato
2016-06-07 5:45 ` Timo Teras [this message]
2016-06-07 7:13 ` FRIGN
2016-06-08 17:50 ` Rich Felker
2016-11-03 17:03 ` Quentin Rameau
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160607084521.08cf94ec@vostro.util.wtbts.net \
--to=timo.teras@iki.fi \
--cc=dalias@libc.org \
--cc=musl@lists.openwall.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.vuxu.org/mirror/musl/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).