← Back to team overview

touch-packages team mailing list archive

[Bug 1434121] [NEW] if-up might fail when triggered before temporary directory available

 

Public bug reported:

It seems that if-up.d is activated before any temporary directory is
available. On affected setup that caused a bash here-tag to fail, thus
security settings were not applied to the interface leaving it open to
attacks.

Documentation seems to be unclear, if any script should expect, that
temporary directory would work.  At least here it was quite unexpected
that data processing in scripts without explicit request for disk
operation failed due to that.

In my opinion, a CAVEAT in the interfaces (5) documentation might be
sufficient in most cases.

A workaround for the affected setup was to create a separate temporary
directory on /var/run (which is a tmpfs instance) and export it using
TEMPDIR.


To reproduce:

cat <<OUTEREOF > /etc/network/if-up.d/aaa-early
#!/bin/bash

echo "mounts"
cat /proc/mounts
echo "touch"
touch /tmp/xxx
cat <<EOF
Here document test
EOF
echo "mounts again"
cat /proc/mounts
OUTEREOF
chmod 0755 /etc/network/if-up.d/aaa-early


touch /forcefsck
reboot

# cat /var/log/upstart/network-interface-eth0.log

mounts
...
tmpfs /run tmpfs rw,nosuid,noexec,relatime,size=24784k,mode=755 0 0
/dev/disk/by-uuid/19c0ddc6-c305-4a8a-86f2-fb470ae5b39c / ext4 ro,relatime,data=ordered 0 0
...
touch
touch: cannot touch '/tmp/xxx': Read-only file system
/etc/network/if-up.d/aaa-early: line 7: cannot create temp file for here-document: Read-only file system
mounts again
...
/dev/disk/by-uuid/19c0ddc6-c305-4a8a-86f2-fb470ae5b39c / ext4 ro,relatime,data=ordered 0 0
...


# lsb_release -rd
Description:    Ubuntu 14.04.2 LTS
Release:        14.04

# apt-cache policy ifupdown
ifupdown:
  Installed: 0.7.47.2ubuntu4.1
  Candidate: 0.7.47.2ubuntu4.1
  Version table:
 *** 0.7.47.2ubuntu4.1 0
        500 http://ubuntu-proxy-ehealth.d03.arc.local/ubuntu/ trusty-updates/main i386 Packages
        100 /var/lib/dpkg/status
     0.7.47.2ubuntu4 0
        500 http://ubuntu-proxy-ehealth.d03.arc.local/ubuntu/ trusty/main i386 Packages

** Affects: ifupdown (Ubuntu)
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ifupdown in Ubuntu.
https://bugs.launchpad.net/bugs/1434121

Title:
  if-up might fail when triggered before temporary directory available

Status in ifupdown package in Ubuntu:
  New

Bug description:
  It seems that if-up.d is activated before any temporary directory is
  available. On affected setup that caused a bash here-tag to fail, thus
  security settings were not applied to the interface leaving it open to
  attacks.

  Documentation seems to be unclear, if any script should expect, that
  temporary directory would work.  At least here it was quite unexpected
  that data processing in scripts without explicit request for disk
  operation failed due to that.

  In my opinion, a CAVEAT in the interfaces (5) documentation might be
  sufficient in most cases.

  A workaround for the affected setup was to create a separate temporary
  directory on /var/run (which is a tmpfs instance) and export it using
  TEMPDIR.

  
  To reproduce:

  cat <<OUTEREOF > /etc/network/if-up.d/aaa-early
  #!/bin/bash

  echo "mounts"
  cat /proc/mounts
  echo "touch"
  touch /tmp/xxx
  cat <<EOF
  Here document test
  EOF
  echo "mounts again"
  cat /proc/mounts
  OUTEREOF
  chmod 0755 /etc/network/if-up.d/aaa-early

  
  touch /forcefsck
  reboot

  # cat /var/log/upstart/network-interface-eth0.log

  mounts
  ...
  tmpfs /run tmpfs rw,nosuid,noexec,relatime,size=24784k,mode=755 0 0
  /dev/disk/by-uuid/19c0ddc6-c305-4a8a-86f2-fb470ae5b39c / ext4 ro,relatime,data=ordered 0 0
  ...
  touch
  touch: cannot touch '/tmp/xxx': Read-only file system
  /etc/network/if-up.d/aaa-early: line 7: cannot create temp file for here-document: Read-only file system
  mounts again
  ...
  /dev/disk/by-uuid/19c0ddc6-c305-4a8a-86f2-fb470ae5b39c / ext4 ro,relatime,data=ordered 0 0
  ...

  
  # lsb_release -rd
  Description:    Ubuntu 14.04.2 LTS
  Release:        14.04

  # apt-cache policy ifupdown
  ifupdown:
    Installed: 0.7.47.2ubuntu4.1
    Candidate: 0.7.47.2ubuntu4.1
    Version table:
   *** 0.7.47.2ubuntu4.1 0
          500 http://ubuntu-proxy-ehealth.d03.arc.local/ubuntu/ trusty-updates/main i386 Packages
          100 /var/lib/dpkg/status
       0.7.47.2ubuntu4 0
          500 http://ubuntu-proxy-ehealth.d03.arc.local/ubuntu/ trusty/main i386 Packages

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ifupdown/+bug/1434121/+subscriptions


Follow ups

References