[zfs-discuss] Failed to Import Pool via Cache File
gmm at csdoc.com
Mon Dec 18 15:33:17 EST 2017
On 18.12.2017 22:06, Gregor Kopka (@zfs-discuss) via zfs-discuss wrote:
>>> Ceterum censeo /etc/zpool.cache should be abolished.
>> zfs-import-scan.service has security vulnerabilities
> My guess would be that the issue you raise is that the /zpool import -a/
> it issues will pull in any pools it finds, a subsequent /zfs mount -a/
> will happily mount filesystems from any pool that is imported at that
> point - thus one would be able to add an USB drive, reboot, have the
> pool in it imported and eg. replace /root/.ssh to access the system.
Yes. Or replace any other file in system.
> My point isn't that zfs should scan for any pool it can find but that
> there should be a /text/ configration file (left alone by ZFS)
> containing a list of pools to import (and mount) in the given order.
> With zpool.cache being a /binary /file that is /magically /updated (by
> zpool import/export invocations) with the set of pools to import it
> dosn't look like good unix style to me.
Can you create https://github.com/zfsonlinux/zfs/issues
of your idea with text file for ZFS on Linux developers?
From my point of view this is may be good fix for
and may be in future versions of ZFS on Linux
file /etc/zpool.cache will be deprecated?
More information about the zfs-discuss