[systemd-devel] [HEADS-UP] systemd and Storage Daemons for the Root File System

[Jan Engelhardt]

On Wednesday 2012-01-11 14:42, Lennart Poettering wrote:

>On Wed, 11.01.12 08:21, Jan Engelhardt (jengelh at medozas.de) wrote:
>
>> 
>> 
>> On Tuesday 2012-01-10 23:24, Lennart Poettering wrote:
>> >
>> >http://www.freedesktop.org/wiki/Software/systemd/RootStorageDaemons
>> >
>> >If you are involved with early-boot stuff, like building initrds, or are
>> >doing storage stuff or are otherwise interested please have a look.
>> >--------------
>> >Processes (run by the root user) whose first character of the zeroth command
>> >line argument is '@' are excluded from the killing spree, much the same way as
>> >kernel threads are excluded too. [...]
>> >Note that this functionality is only to be used by programs running from the
>> >initramfs, and not for programs running from the root file system itself. 
>> 
>> Forcing the use of @ introduces a policy, which should preferably not be 
>> done. Since programs started from the initrd obviously should be having 
>> a /proc/*/{cwd,exe} symlinks pointing to the initramfs vfsmount.
>
>They are in a different namespace, so that wouldn't work.

Namespace as in clone(2)'s CLONE_NEWNS?

>> If the initramfs vfsmount (rootfs) is mounted and/or moved (pivot_root) 
>> somewhere into the main root, one can determine the special processes 
>> simply by looking for that directory prefix on the procfs links.
>
>It's not about figuring out which processes are from the initrd, it's
>about figuring out which processes want to be excluded from the killing
>spree. i.e. there are a number of processes from the initrd which stick
>around during normal operation which are still to be killed in the
>killing spree, most prominently plymouth.

Still, if you can detect the rootfs, whitelisting becomes an option.