From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [216.205.24.124]) by sourceware.org (Postfix) with ESMTP id 58D4A3890415 for ; Mon, 18 Jan 2021 18:20:16 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org 58D4A3890415 Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-583-NLxlIVrBNXKLMy11V8Znqw-1; Mon, 18 Jan 2021 13:20:13 -0500 X-MC-Unique: NLxlIVrBNXKLMy11V8Znqw-1 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id F19A110054FF for ; Mon, 18 Jan 2021 18:20:12 +0000 (UTC) Received: from greed.delorie.com (ovpn-113-151.rdu2.redhat.com [10.10.113.151]) by smtp.corp.redhat.com (Postfix) with ESMTPS id C245E702E9; Mon, 18 Jan 2021 18:20:12 +0000 (UTC) Received: from greed.delorie.com.redhat.com (localhost [127.0.0.1]) by greed.delorie.com (8.14.7/8.14.7) with ESMTP id 10IIKBe4012084; Mon, 18 Jan 2021 13:20:11 -0500 From: DJ Delorie To: Florian Weimer Cc: libc-alpha@sourceware.org Subject: Re: nsswitch: do not reload if "/" changes In-Reply-To: <87o8hmr06v.fsf@oldenburg.str.redhat.com> (message from Florian Weimer on Mon, 18 Jan 2021 11:47:36 +0100) Date: Mon, 18 Jan 2021 13:20:11 -0500 Message-ID: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain X-Spam-Status: No, score=-6.9 required=5.0 tests=BAYES_00, DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 18 Jan 2021 18:20:17 -0000 Florian Weimer writes: > Are you concerned with the case that there are no NSS calls before > entering the container, so that we don't initialize anything at all? The key use case for this is tools that manage/debug/investigate the contents of containers. I would expect with those, they've done many nss calls in order to authenticate, find the container, etc. The *common* case for container entry is "enter container, exec some other program". That exec resets the nss lookup since it's a new process. > Hmm. Upon second thought, I think this need to be made fail-closed by > disabling reload on stat failure. The two things aren't as unrelated as > one might think (chroot + truning on some security filter doesn't seem > to be uncommon). Now of course it's a bit unlikely that anything can be > loaded later if / can't be read, but is there a harm in macking this > explicity? Can we reuse the reloadable flag? Or do we need a second independent flag just for dll reloading? IIRC we also use the reloadable flag for test cases that override nsswitch.conf, so I would guess no.