Crouton: chromeos update: failed to access '/var/run/crouton/mnt/stateful_partition/crouton/chroots/xenial/etc/resolv.conf (Blocked symlink traversal)

Created on 28 Mar 2018  Â·  7Comments  Â·  Source: dnschneid/crouton

My chromebook got updated today to Version 67.0.3376.0 (Official Build) dev (64-bit).
This is great, but my /var/run/crouton/mnt/stateful_partition/crouton/chroots/xenial now seems totally empty.

Output of my acer chromebook 14

chronos@localhost $ sudo enter-chroot
Entering /mnt/stateful_partition/crouton/chroots/xenial...
ln: failed to access '/var/run/crouton/mnt/stateful_partition/crouton/chroots/xenial/etc/resolv.conf': Permission denied
Unmounting /mnt/stateful_partition/crouton/chroots/xenial...

chronos@localhost / $ cd /mnt/stateful_partition/
chronos@localhost /mnt/stateful_partition $ ls -la
total 283084
drwxr-xr-x. 8 root root       4096 Mar 28 11:21 .
drwxr-xr-x. 3 root root       4096 Mar 22 23:36 ..
drwxr-xr-x. 3 root root       4096 Apr  6  2017 crouton
-rw-r--r--. 1 root root          0 Apr  6  2017 .developer_mode
drwxr-xr-x. 4 root root       4096 Nov  4 11:04 dev_image
drwxr-xr-x. 5 root root       4096 Apr  6  2017 encrypted
-rw-------. 1 root root 7876972544 Mar 28 12:07 encrypted.block
-rw-------. 1 root root         48 Apr  6  2017 encrypted.key
drwxr-xr-x. 6 root root       4096 Apr  6  2017 home
drwx------. 2 root root      16384 Apr  6  2017 lost+found
-rw-r--r--. 1 root root      68381 Mar 28 11:21 shutdown_stateful_umount_failure
-rw-r--r--. 1 root root          0 Apr  6  2017 .tpm_owned
-rw-------. 1 root root          2 Apr  6  2017 .tpm_status
-rw-------. 1 root root          8 Apr  6  2017 .tpm_status.sum
-rw-r--r--. 1 root root       3727 Mar 28 11:21 umount-encrypted.log
drwxr-xr-x. 6 root root       4096 Mar 16 18:16 unencrypted

chronos@localhost $ dmesg
.....
 1894.232405] WARNING: CPU: 1 PID: 10169 at ../../../../../tmp/portage/sys-kernel/chromeos-kernel-3_18-3.18-r2067/work/chromeos-kernel-3_18-3.18/security/chromiumos/lsm.c:287 chromiumos_security_inode_follow_link+0x64/0x6f()
[ 1894.232432] Blocked symlink traversal for path b3:1:/crouton/chroots/xenial/etc/resolv.conf (see https://goo.gl/8xICW6 for context and rationale)
[ 1894.232451] Modules linked in: ip6t_REJECT nf_reject_ipv6 xt_TCPMSS ip6table_mangle veth ccm rfcomm uinput iwlmvm snd_hda_codec_hdmi iwl7000_mac80211 snd_soc_sst_cht_bsw_rt5645 snd_intel_sst_acpi snd_soc_sst_acpi snd_intel_sst_core snd_soc_sst_mfld_platform zram snd_hda_intel snd_hda_codec bridge snd_hwdep iwlwifi snd_hda_core memconsole_x86_legacy memconsole snd_soc_rt5645 snd_soc_rl6231 stp llc ipt_MASQUERADE nf_nat_masquerade_ipv4 xt_mark fuse snd_seq_dummy iwl7000_cfg80211 ip6table_filter snd_seq_midi snd_seq_midi_event snd_rawmidi snd_seq snd_seq_device btusb btrtl btbcm btintel bluetooth uvcvideo videobuf2_vmalloc videobuf2_memops videobuf2_core joydev
[ 1894.232613] CPU: 1 PID: 10169 Comm: ln Tainted: G        W      3.18.0-17049-gd99a5b37a7d2 #1
[ 1894.232626] Hardware name: GOOGLE Edgar, BIOS Google_Edgar.7287.167.96 10/22/2017
[ 1894.232638]  0000000000000000 000000000b975fac ffff88006144fc58 ffffffffa6560eeb
[ 1894.232655]  0000000000000000 ffff88006144fcb0 ffff88006144fc98 ffffffffa5f8e280

Any idea?

picture coderofsalvation
👍3

Most helpful comment

A fix for this issue has been pushed, just update your chroot(s).

For more info. see:

  • Can't run prepare.sh during setup, and can't access file when run separately #3695

Hope this helps,
-DennisLfromGA

picture DennisLfromGA on 28 Mar 2018
👍2

All 7 comments

Just dealing exactly with this. Been fiddling with permissions with no success. In the mean time I am moving some stuff over to a vm under linux. At least I see I'm not the only one seeing this. Wondering if it has something to do with crostini and/or docker container support I'm seeing in the news these days....

boydkelly picture boydkelly on 28 Mar 2018

Welcome to the club :)
I didn't really notice a drop in used diskspace, so i still have hopes for my chroot.
I do have a backup, but the downside of backups is that they're not up to date ;)

coderofsalvation picture coderofsalvation on 28 Mar 2018

@coderofsalvation your chroot is still there :-). It's just mounting it that isn't :-/...

guilala picture guilala on 28 Mar 2018

A fix for this issue has been pushed, just update your chroot(s).

For more info. see:

  • Can't run prepare.sh during setup, and can't access file when run separately #3695

Hope this helps,
-DennisLfromGA

DennisLfromGA picture DennisLfromGA on 28 Mar 2018
👍2

confirmed. Thanks!

coderofsalvation picture coderofsalvation on 28 Mar 2018
👍1

Thank you!

On Wed, Mar 28, 2018 at 8:57 PM coderofsalvation notifications@github.com
wrote:

confirmed. Thanks!

—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
https://github.com/dnschneid/crouton/issues/3708#issuecomment-377033744,
or mute the thread
https://github.com/notifications/unsubscribe-auth/ADQT7ISG5kTQFlORNtHLNrSC5GInw7Dpks5ti_kugaJpZM4S-Wr3
.

boydkelly picture boydkelly on 29 Mar 2018

@DennisLfromGA's link did it for me. The particular comment in that thread is:

https://github.com/dnschneid/crouton/issues/3695#issuecomment-400212542

MatrixManAtYrService picture MatrixManAtYrService on 30 Jun 2018
👍1
Was this page helpful?
0 / 5 - 0 ratings

Related issues

anonymouseprogrammer picture anonymouseprogrammer  Â·  4Comments
jeremyckahn picture jeremyckahn  Â·  5Comments
duck955 picture duck955  Â·  5Comments
kiorpesc picture kiorpesc  Â·  4Comments
jbaum98 picture jbaum98  Â·  4Comments