d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fixed incompleteness that would allow dirty filesystems to get mounted

Browse Source 
when the single user shell was terminated. These changes disallow mounting
or R/W upgrading filesystems that are dirty unless "-f" (force) option
is used with mount. /etc/rc has been modified to abort the startup if
one or more non-nfs partitions fail to mount.

Reviewed by:	Poul-Henning Kamp, Rod Grimes
This commit is contained in:
David Greenman 1995-05-15 08:39:37 +00:00
parent 9b5bb13bf8
commit 1469eec81e
6 changed files with 45 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
etc/rc
View File

@ -1,5 +1,5 @@
#!/bin/sh
# $Id: rc,v 1.63 1995/04/11 18:36:10 ache Exp $
# $Id: rc,v 1.64 1995/05/11 21:11:17 jkh Exp $
# From: @(#)rc 5.27 (Berkeley) 6/5/91
# System startup script run by init on autoboot
@ -65,9 +65,18 @@ trap "echo 'Reboot interrupted'; exit 1" 3
# root must be read/write both for NFS diskless and for VFS LKMs before
# proceeding any further.
mount -u -o rw /
if [ $? != 0 ]; then
echo "Filesystem mount failed, startup aborted"
exit 1
fi
umount -a >/dev/null 2>&1
mount -a -t nonfs
if [ $? != 0 ]; then
echo "Filesystem mount failed, startup aborted"
exit 1
fi
# If the machine runs wall CMOS clock (compatible with MSDOS),
# activate following line by creating empty file /etc/wall_cmos_clock

7
sbin/mount/mount.8
View File

@ -84,7 +84,9 @@ determine what the
command is trying to do.
.It Fl f
Forces the revocation of write access when trying to downgrade
a filesystem mount status from read-write to read-only.
a filesystem mount status from read-write to read-only. Also
forces the R/W mount of an unclean filesystem (dangerous; use with
caution).
.It Fl o
Options are specified with a
.Fl o
@ -104,7 +106,8 @@ system should your system crash.
The same as
.Fl f ;
forces the revocation of write access when trying to downgrade
a filesystem mount status from read-write to read-only.
a filesystem mount status from read-write to read-only. Also
forces the R/W mount of an unclean filesystem (dangerous; use with caution).
.It nodev
Do not interpret character or block special devices on the file system.
This option is useful for a server that has file systems containing

7
sbin/mount_ifs/mount.8
View File

@ -84,7 +84,9 @@ determine what the
command is trying to do.
.It Fl f
Forces the revocation of write access when trying to downgrade
a filesystem mount status from read-write to read-only.
a filesystem mount status from read-write to read-only. Also
forces the R/W mount of an unclean filesystem (dangerous; use with
caution).
.It Fl o
Options are specified with a
.Fl o
@ -104,7 +106,8 @@ system should your system crash.
The same as
.Fl f ;
forces the revocation of write access when trying to downgrade
a filesystem mount status from read-write to read-only.
a filesystem mount status from read-write to read-only. Also
forces the R/W mount of an unclean filesystem (dangerous; use with caution).
.It nodev
Do not interpret character or block special devices on the file system.
This option is useful for a server that has file systems containing

4
sys/kern/vfs_extattr.c
View File

@ -36,7 +36,7 @@
* SUCH DAMAGE.
*
* @(#)vfs_syscalls.c 8.13 (Berkeley) 4/15/94
* $Id: vfs_syscalls.c,v 1.22 1995/05/02 08:44:31 davidg Exp $
* $Id: vfs_syscalls.c,v 1.23 1995/05/02 09:06:04 davidg Exp $
*/
#include <sys/param.h>
@ -170,7 +170,7 @@ mount(p, uap, retval)
mp->mnt_flag &=~ (MNT_NOSUID | MNT_NOEXEC | MNT_NODEV |
MNT_SYNCHRONOUS | MNT_UNION | MNT_ASYNC);
mp->mnt_flag |= uap->flags & (MNT_NOSUID | MNT_NOEXEC | MNT_NODEV |
MNT_SYNCHRONOUS | MNT_UNION | MNT_ASYNC);
MNT_SYNCHRONOUS | MNT_UNION | MNT_ASYNC | MNT_FORCE);
/*
* Mount the filesystem.
*/

4
sys/kern/vfs_syscalls.c
View File

@ -36,7 +36,7 @@
* SUCH DAMAGE.
*
* @(#)vfs_syscalls.c 8.13 (Berkeley) 4/15/94
* $Id: vfs_syscalls.c,v 1.22 1995/05/02 08:44:31 davidg Exp $
* $Id: vfs_syscalls.c,v 1.23 1995/05/02 09:06:04 davidg Exp $
*/
#include <sys/param.h>
@ -170,7 +170,7 @@ mount(p, uap, retval)
mp->mnt_flag &=~ (MNT_NOSUID | MNT_NOEXEC | MNT_NODEV |
MNT_SYNCHRONOUS | MNT_UNION | MNT_ASYNC);
mp->mnt_flag |= uap->flags & (MNT_NOSUID | MNT_NOEXEC | MNT_NODEV |
MNT_SYNCHRONOUS | MNT_UNION | MNT_ASYNC);
MNT_SYNCHRONOUS | MNT_UNION | MNT_ASYNC | MNT_FORCE);
/*
* Mount the filesystem.
*/

26
sys/ufs/ffs/ffs_vfsops.c
View File

@ -31,7 +31,7 @@
* SUCH DAMAGE.
*
* @(#)ffs_vfsops.c 8.8 (Berkeley) 4/18/94
* $Id: ffs_vfsops.c,v 1.17 1995/04/11 04:23:47 davidg Exp $
* $Id: ffs_vfsops.c,v 1.18 1995/05/01 23:20:24 dyson Exp $
*/
#include <sys/param.h>
@ -187,8 +187,18 @@ ffs_mount(mp, path, data, ndp, p)
error = ffs_reload(mp, ndp->ni_cnd.cn_cred, p);
if (error)
return (error);
if (fs->fs_ronly && (mp->mnt_flag & MNT_WANTRDWR))
if (fs->fs_ronly && (mp->mnt_flag & MNT_WANTRDWR)) {
if (!fs->fs_clean) {
if (mp->mnt_flag & MNT_FORCE) {
printf("WARNING: %s was not properly dismounted.\n",fs->fs_fsmnt);
} else {
printf("WARNING: R/W mount of %s denied. Filesystem is not clean - run fsck.\n",
fs->fs_fsmnt);
return (EPERM);
}
}
fs->fs_ronly = 0;
}
if (fs->fs_ronly == 0) {
fs->fs_clean = 0;
ffs_sbupdate(ump, MNT_WAIT);
@ -408,6 +418,15 @@ ffs_mountfs(devvp, mp, p)
error = EINVAL; /* XXX needs translation */
goto out;
}
if (!fs->fs_clean) {
if (ronly || (mp->mnt_flag & MNT_FORCE)) {
printf("WARNING: %s was not properly dismounted.\n",fs->fs_fsmnt);
} else {
printf("WARNING: R/W mount of %s denied. Filesystem is not clean - run fsck.\n",fs->fs_fsmnt);
error = EPERM;
goto out;
}
}
ump = malloc(sizeof *ump, M_UFSMNT, M_WAITOK);
bzero((caddr_t)ump, sizeof *ump);
ump->um_fs = malloc((u_long)fs->fs_sbsize, M_UFSMNT,
@ -419,9 +438,6 @@ ffs_mountfs(devvp, mp, p)
bp = NULL;
fs = ump->um_fs;
fs->fs_ronly = ronly;
if (!fs->fs_clean) {
printf("WARNING: %s was not properly dismounted\n",fs->fs_fsmnt);
}
if (ronly == 0) {
fs->fs_fmod = 1;
fs->fs_clean = 0;