[Kolab-devel] [PATCH 2/2] Check if /dev/shm is mounted (Linux only)

Francesco Frassinelli fraph24 at gmail.com
Mon Sep 9 23:03:49 CEST 2013


Hi Jeroen,
thanks for your reply.
/dev/shm is just a temporary space used in almost every Linux systems,
mounted using a tmpfs with nosuid and noexec restrictions.
I found that in some modern distribution /dev/shm is just a standard
directory kept for compatibility reasons, because it was moved to /run/shm.
I agree that os.access('/dev/shm/', os.W_OK) is better than
os.path.ismount('/dev/shm'), but it could not be enough for those newer
systems. I propose to use this Python code: os.access('/dev/shm/', os.W_OK)
or os.access('/run/shm/', os.W_OK)
I don't know why but in many OpenVZ VPS /dev/shm is not mounted
automatically. I suppose that they prefer to keep it disabled for some
security reasons (every user could use this space for writing) and let the
system administrator mount it.


Kind regards,
Francesco Frassinelli

2013/9/9 Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen at kolabsys.com>

> Hi Franceso,
>
> I'm very sorry to get back to this only as late as I do now... My
> apologies. Thank you for the patch!
>
> I would consider, that often the issue is that, while /dev/shm might be
> mounted, it might still not be mounted read-write.
>
> That said, however, I'm uncertain whether an additional test for
> os.access('/dev/shm/', os.W_OK) would be appropriate, as I myself run no
> LXC/OpenVZ type of "virtual but not actually virtual" virtualization.
>
> If you could help me understand what this actually means / would actually
> do, I'd be more than happy to accept the patch and/or make the additional
> adjustments.
>
>
> On 2013-08-03 19:33, Francesco Frassinelli wrote:
>
>> ---
>>  pykolab/setup/setup_ldap.py | 11 +++++++++++
>>  1 file changed, 11 insertions(+)
>>
>> diff --git a/pykolab/setup/setup_ldap.py b/pykolab/setup/setup_ldap.py
>> index 5d97bf2..d752b27 100644
>> --- a/pykolab/setup/setup_ldap.py
>> +++ b/pykolab/setup/setup_ldap.py
>> @@ -20,6 +20,7 @@
>>  import ldap
>>  import ldap.modlist
>>  import os
>> +import platform
>>  import pwd
>>  import shutil
>>  import subprocess
>> @@ -348,6 +349,16 @@ ServerAdminPwd = %(admin_pass)s
>>              subprocess.Popen(['kill', slapd_pid.read().rstrip()])
>>          time.sleep(5)
>>
>> +    # Check if /dev/shm is mounted (Linux only)
>> +    if platform.system() == 'Linux':
>> +        if not os.path.ismount('/dev/shm'):
>> +            print >> sys.stderr, utils.multiline_message(
>> +                _("""
>> +                        You need to mount /dev/shm.
>> +                    """)
>> +                )
>> +            sys.exit(1)
>> +
>>      setup_389 = subprocess.Popen(
>>              command,
>>              stdout=subprocess.PIPE,
>>
>
> Kind regards,
>
> Jeroen van Meeuwen
>
> --
> Systems Architect, Kolab Systems AG
>
> e: vanmeeuwen at kolabsys.com
> m: +44 74 2516 3817
> w: http://www.kolabsys.com
>
> pgp: 9342 BF08
> ______________________________**_________________
> devel mailing list
> devel at lists.kolab.org
> https://lists.kolab.org/**mailman/listinfo/devel<https://lists.kolab.org/mailman/listinfo/devel>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kolab.org/pipermail/devel/attachments/20130909/7435f631/attachment-0001.html>


More information about the devel mailing list