[systemd-devel] Stricter handling of failing mounts during boot under systemd - crap idea !
Lennart Poettering
lennart at poettering.net
Mon Jun 29 09:26:11 PDT 2015
On Mon, 29.06.15 15:08, jon (jon at jonshouse.co.uk) wrote:
> https://www.debian.org/releases/stable/amd64/release-notes/ch-information.en.html#systemd-upgrade-default-init-system
>
> I just installed debian 8.1, on the whole my reaction is mixed, one
> thing however really pisses me off more than any other
>
> "5.6.1. Stricter handling of failing mounts during boot under systemd"
>
> This is not "Stricter" it is a change in default behaviour.
>
> This change is a shit idea, who do I shout at to get the behaviour
> modified to back to sensible ?
Here's a hint: it's a really bad idea to introduce yourself to the
systemd community with a mail filled with "shit idea", "pisses me of",
"shout at" and claiming the behaviour we implemented wasn't
"sensible". It's only a good idea if you try to get moderated.
You can add "nofail" to your fstab lines to get something that more
resembles the old logic.
But do note that we won't make this default since it creates a race
and is simply insecure in many cases. It's racy since mounting will
then start to race against service being started. And it's insecure
because it might happen that services get access to files and
directories that are normally not accessible due to overmounting.
We cannot allow this race and security problem to be the default, but
you can choose to opt-in to it, by adding "nofail" to the fstab lines
in question. "nofail" is actually what you should have placed in
sysvinit too for these cases, but it becomes more relevant with
systemd's exposed behaviour.
Lennart
--
Lennart Poettering, Red Hat
More information about the systemd-devel
mailing list