bin/43390: shutdown does not remove /etc/nologin when called with -r, -h or -p

To: gnats-admin%netbsd.org@localhost,netbsd-bugs%netbsd.org@localhost
Subject: bin/43390: shutdown does not remove /etc/nologin when called with -r, -h or -p
From: idleroux%fastmail.fm@localhost
Date: Sun, 30 May 2010 15:50:00 +0000 (UTC)

>Number:         43390
>Category:       bin
>Synopsis:       shutdown does not remove /etc/nologin when called with -r, -h 
>or -p
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    bin-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sun May 30 15:50:00 +0000 2010
>Originator:     Ian D. Leroux
>Release:        amd64 5.0.2-RELEASE
>Organization:
>Environment:
NetBSD spip.homeunix.net 5.0.2 NetBSD 5.0.2 (GENERIC) #0: Sat Feb  6 13:44:19 
UTC 2010  
builds%b8.netbsd.org@localhost:/home/builds/ab/netbsd-5-0-2-RELEASE/amd64/201002061851Z-obj/home/builds/ab/netbsd-5-0-2-RELEASE/src/sys/arch/amd64/compile/GENERIC
 amd64
>Description:
Synopsis:
If shutdown(8) is called with any of the -r, -h, or -p options on a system 
where / is marked read-only in /etc/fstab but is currently writable, then 
non-root logins are disabled at the next boot.

Explanation:
Provided the root file system is currently writable, shutdown(8) creates the 
file /etc/nologin to prevent inadvertant logins just before the system goes 
down.  Normally this file is removed just before shutdown(8) exits in the 
finish() function.  However, if shutdown(8) is called with any of the flags -r, 
-h, or -p it execs reboot(8), poweroff(8), or halt(8); the finish() function is 
never called, and /etc/nologin is never removed.  This prevents login as a 
non-root user at the next boot.

This behaviour is noticeable if / is marked ro in /etc/fstab; otherwise 
/etc/rc.d/mountcritlocal independently removes /etc/nologin at boot time, if 
possible.

Thanks to Robert Elz for helping me understand the cause of the problem.
>How-To-Repeat:
# Mark / as readonly in /etc/fstab, thus preventing the 
# /etc/rc.d/mountcritlocal script from removing /etc/nologin during boot.

mount -u -w /
shutdown -r now

# attempt to login as a normal user
>Fix:
The following patch /usr/src/sbin/shutdown/shutdown.c corrects the problem

--- shutdown.c.orig     2010-05-30 08:03:19.000000000 -0400
+++ shutdown.c  2010-05-30 08:11:26.000000000 -0400
@@ -395,6 +395,7 @@
                        *arg++ = bootstr;
                *arg++ = 0;
 #ifndef DEBUG
+               (void)unlink(_PATH_NOLOGIN);
                (void)execve(path, __UNCONST(args), NULL);
                serrno = errno;
                syslog(LOG_ERR, "Can't exec `%s' (%m)", path);

Prev by Date: Re: kern/43376 (linux32-compat failed to compile in kernel without SYSVSEM and SYSCSHM)
Next by Date: Re: toolchain/43381: gcc allows invalid anonymous unions
Previous by Thread: Re: kern/43376 (linux32-compat failed to compile in kernel without SYSVSEM and SYSCSHM)
Next by Thread: Re: toolchain/37504 (build.sh needs /usr/src/obj to exist for consistent usage on default values of DESTDIR, TOOLDIR and so on)
Indexes:

Home | Main Index | Thread Index | Old Index