Bug#648208: os-prober: blockdev --setro affects running kvm instances
>> Since version 1.45, os-prober instead uses grub-mount when it's available >> -- and if grub is installed to use os-prober, it will pull it in. > >> So unless another bootloader is also using os-prober, or someone >> installs and uses it by hand, this won't happen in unstable/testing. > It's not really the case. I agree here with Jean Francois. Here the problematic code in os-probes/common/50mounted-tests line 49, simplified for better understanding if type grub-mount && type grub-probe && grub-mount "$partition" ; etc ... else blockdev --setro done fi the problem here is that when using LVM what 50mounted-tests treats as a $partition might very well be a disk image (512 first bytes will contain a MBR) In that case grub-mount will fail and pass the hand to ro_partition which will be happily set the whole device as read only, causing the file system errors in the guest poking on the idea of Michael I was wondering it would be possible to test before calling blockdev --setro if the block device we target has a file descriptor pointing to it. This would indicate that something/someone is actually doing something with the block device and we should rather leave it alone. in pseudo shell it would look like: if ls -l /proc/*/fd | grep $(realpath $partition); then debug "active file descriptor on $partition) return else blockdev --setro fi I find this a bit hacky however. What we also do would be simply to change the depency on os-prober from "recommends" to "suggests" in os-prober, and add os-prober as a dependency of the desktop task of the debian-installer (which is selected by default) so that non-server users get it installed.
Bug#648208: os-prober: blockdev --setro affects running kvm instances
Package: os-prober Version: = 1.65 Since version 1.45, os-prober instead uses grub-mount when it's available -- and if grub is installed to use os-prober, it will pull it in. So unless another bootloader is also using os-prober, or someone installs and uses it by hand, this won't happen in unstable/testing. It's not really the case: Using grub-2.02_beta2 and os-prober-1.65 If there is a KVM virtual machine using an ext4 FS on LVM and writing on it, a simple grub-mkconfig on, the server(hypervisor) create disk I/O errors on the virtual machine. So this problem is a real one. You can reproduce it easily: - Inside a KVM virtual machine: - execute a dd that write on disk - display with tail -f the kernel log (/var/log/messages) - On the hypervisor/server: - execute a grub-mkconfig with os-prober activated = You got bunches of I/O error in the virtual machine. Inactivate os-prober is not a realistic solution because there is situation where you need OS prober: automatic grub configuration file creation that take in consideration an emergency system on another partition that need os-prober to be detect for example. Another example is cluster of servers using different partitions as system upgrade path for easy roll-back. Jean-François Maeyhieux (zentoo) -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#648208: os-prober: blockdev --setro affects running kvm instances
Package: os-prober Version: 1.42 Severity: important I had the following issue with os-prober: While running an apt-get upgrade, a kvm instance running on the same machine reported journal write errors on it's virtual disk. The virtual disk is a logical volume on the host filesystem. Further investigation revealed that the apt-get upgrade triggered a grub-update, which in turn called os-prober. Os-prober then calls blockdev --setro on devices it considers not mounted. Unfortunately, it doesn't see that the device is mounted from kvm. Therefore, setting the device read-only affects the kvm instance, which in turn reports a (non-recoverable) error. Ubuntu seems to have the same problem: https://bugs.launchpad.net/ubuntu/+source/os-prober/+bug/797547 IMHO, mounting random devices to check for their contents is a bad idea. Even if one could rule out any influence on other processes using the device at the same time: What about the other direction? Consider a device some user has write access to. The user could write random changes to that device while it is mounted. That could easily trigger some untested corner cases in the filesystem code. What if there are bugs leading to crashes or even allowing exploits? It would be better if the user had a chance to select which devices should be scanned. At least the user should be warned that running os-prober while devices are used by other processes is not a safe operation. Regards, Jan -- System Information: Debian Release: 6.0.3 APT prefers stable APT policy: (990, 'stable'), (500, 'stable-updates'), (500, 'oldstable'), (500, 'testing'), (99, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 3.1.0-smapi-x61s-amd64-7-g03428a4 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages os-prober depends on: ii libc6 2.11.2-10 Embedded GNU C Library: Shared lib os-prober recommends no packages. os-prober suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#648208: os-prober: blockdev --setro affects running kvm instances
09.11.2011 19:29, Jan Niehusmann wrote: Package: os-prober Version: 1.42 Severity: important I had the following issue with os-prober: While running an apt-get upgrade, a kvm instance running on the same machine reported journal write errors on it's virtual disk. The virtual disk is a logical volume on the host filesystem. Further investigation revealed that the apt-get upgrade triggered a grub-update, which in turn called os-prober. Os-prober then calls blockdev --setro on devices it considers not mounted. Unfortunately, it doesn't see that the device is mounted from kvm. Therefore, setting the device read-only affects the kvm instance, which in turn reports a (non-recoverable) error. I think it is kernel problem - it should not let to set device to be readonly if it is already open in read-write mode. [] It would be better if the user had a chance to select which devices should be scanned. At least the user should be warned that running os-prober while devices are used by other processes is not a safe operation. It isn't really helpful - yes it will allow to work around the problem once you already hit it, but it is difficult to think about it beforehand. /mjt -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#648208: os-prober: blockdev --setro affects running kvm instances
On Wed, Nov 09, 2011 at 08:22:08PM +0400, Michael Tokarev wrote: 09.11.2011 19:29, Jan Niehusmann wrote: It would be better if the user had a chance to select which devices should be scanned. At least the user should be warned that running os-prober while devices are used by other processes is not a safe operation. It isn't really helpful - yes it will allow to work around the problem once you already hit it, but it is difficult to think about it beforehand. Well, of course the warning should come early enough (in some kind of dialog) that the user has a chance to cancel the action. Working around the problem is trivial - just uninstall os-prober. It's not a strong depencency of grub, just a recommends. A safe solution would be to not run os-prober by default, but requiring manual action of the user (together with proper information about possible issues). More desirable would be some change that is still safe, but would not disturb newbie users with messages about concurrent access to block devices. Unfortunately, at the moment, I don't know how to achieve that. Jan -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#648208: os-prober: blockdev --setro affects running kvm instances
Jan Niehusmann wrote: Os-prober then calls blockdev --setro on devices it considers not mounted. Since version 1.45, os-prober instead uses grub-mount when it's available -- and if grub is installed to use os-prober, it will pull it in. So unless another bootloader is also using os-prober, or someone installs and uses it by hand, this won't happen in unstable/testing. -- see shy jo signature.asc Description: Digital signature