Unintentionally formatting your system drive is a bad idea
One day, I was playing with a chroot jail. This whole incident has taken place some months ago. I wanted to test if I could install software from user mode because my apt-get was doing a system update. Well, building from source via "apt-get -b source" would have also solved the issue, though dependency handling in this case is not automatic if I understand correctly.
In order for this process to take as little overhead as possible, I wanted to simulate a manual copy-on-write filesystem by creating links to the parts that are common with my root system, and recreating directories which are partially different. I first tried to use symbolic links, but I had to realize that relative links that point outside the sandbox were dysfunctional. Hence I made a hardlink for my root in the chroot. Well, it was a read-only bind-mount to be more exact. Note that I did succeed previously with a different system and kernel (Gentoo 2005.x) by using symbolic links, that's why I gave it a try.
By the time I was done with all that, I had to realize that I would have needed to recreate both the dpkg repositories and its configuration. I decided to postpone this project until next time, because the root apt-get process was finished with the updates. I've thus installed what I needed with a normal root apt-get. Before you ask, I also use aptitude occasionally.
Later on, I wanted to have dinner, so I finished my notes, closed windows that I felt I was done with and deleted some temporary files. As didn't think the solution to the problem described earlier was elegant enough and I was considering trying out a real copy-on-write filesystem anyway, I decided to coax the whole thing.
Typing
did the trick, though I was a bit puzzled why it took so long to delete a few hundred kilobytes. Than it hit me. Something deep inside screamed for an immediate abortion. I pressed ctrl-C in less than two seconds, though I was still unsure why. I sit there for a while, and after about ten seconds, I started to feel bad and sweat badly. I was afraid to look at first, but I have started to think about what could happen if a read-only mount could be written to. I listed the root directory and it looked intact, but I knew deleting a few links and some dupes would take way less time. I was too upset to do a detailed analyzes right away, so I had dinner and went for a walk beforehand. Well, for starters, the boot directory was missing, so I know it was a bad idea to shut down the computer...
When I was on the case again, I traversed a few important directories manually with Midnight Commander, and as they seemed all right, I almost got relieved. I was so grateful this time that I've set the most conservative and slowest options possible for my root partition (dirsync,sync,commit=1,...)!
But then I wanted to do something clever with a command line program which I can't recall at the moment, but I know I wanted to activate some exotic function, so I looked it up in the respective manual page. However, as man only returned a manpage not found error, I double-checked my spelling. It still gave me an error, so I thought it may not had a manpage or something. I queried "man man" out of suspicion, and it has also returned an error. That was the point when I started to become anxious.
So I started my research on the web about how to diagnose a problem like this. I have eventually found the following handy packages:
They have indicated that the kernel, grub, almost every manpage, most icons and a few miscellaneous manpages are missing.
Fortunately, I do keep a local Debian mirror handy that I progressively build from my caches via apt-move. After reinstalling all affected packages with aptitude reinstall. As a side note, I would have been better off to simple reinstall all by:
Lessons learned? Always play in virtual machines. Or alternatively, use a filesystem driver that provides orthogonal bind mapping (i.e. that honors mount flags), like the plain file system translator Minix is said to possess.
In order for this process to take as little overhead as possible, I wanted to simulate a manual copy-on-write filesystem by creating links to the parts that are common with my root system, and recreating directories which are partially different. I first tried to use symbolic links, but I had to realize that relative links that point outside the sandbox were dysfunctional. Hence I made a hardlink for my root in the chroot. Well, it was a read-only bind-mount to be more exact. Note that I did succeed previously with a different system and kernel (Gentoo 2005.x) by using symbolic links, that's why I gave it a try.
By the time I was done with all that, I had to realize that I would have needed to recreate both the dpkg repositories and its configuration. I decided to postpone this project until next time, because the root apt-get process was finished with the updates. I've thus installed what I needed with a normal root apt-get. Before you ask, I also use aptitude occasionally.
Later on, I wanted to have dinner, so I finished my notes, closed windows that I felt I was done with and deleted some temporary files. As didn't think the solution to the problem described earlier was elegant enough and I was considering trying out a real copy-on-write filesystem anyway, I decided to coax the whole thing.
Typing
rm -R sandbox
did the trick, though I was a bit puzzled why it took so long to delete a few hundred kilobytes. Than it hit me. Something deep inside screamed for an immediate abortion. I pressed ctrl-C in less than two seconds, though I was still unsure why. I sit there for a while, and after about ten seconds, I started to feel bad and sweat badly. I was afraid to look at first, but I have started to think about what could happen if a read-only mount could be written to. I listed the root directory and it looked intact, but I knew deleting a few links and some dupes would take way less time. I was too upset to do a detailed analyzes right away, so I had dinner and went for a walk beforehand. Well, for starters, the boot directory was missing, so I know it was a bad idea to shut down the computer...
When I was on the case again, I traversed a few important directories manually with Midnight Commander, and as they seemed all right, I almost got relieved. I was so grateful this time that I've set the most conservative and slowest options possible for my root partition (dirsync,sync,commit=1,...)!
But then I wanted to do something clever with a command line program which I can't recall at the moment, but I know I wanted to activate some exotic function, so I looked it up in the respective manual page. However, as man only returned a manpage not found error, I double-checked my spelling. It still gave me an error, so I thought it may not had a manpage or something. I queried "man man" out of suspicion, and it has also returned an error. That was the point when I started to become anxious.
So I started my research on the web about how to diagnose a problem like this. I have eventually found the following handy packages:
- debsums
- cruft
They have indicated that the kernel, grub, almost every manpage, most icons and a few miscellaneous manpages are missing.
Fortunately, I do keep a local Debian mirror handy that I progressively build from my caches via apt-move. After reinstalling all affected packages with aptitude reinstall. As a side note, I would have been better off to simple reinstall all by:
aptitude reinstall ~i
Lessons learned? Always play in virtual machines. Or alternatively, use a filesystem driver that provides orthogonal bind mapping (i.e. that honors mount flags), like the plain file system translator Minix is said to possess.
Comments
Post a Comment