Bug 809812

Compare with https://bugzilla.novell.com/show_bug.cgi?id=809806#c9 ... it seems that plymouth is broken by design as it block the consoles.

How is valid for the decision to use plymouth instead of splash?

-> Raymond

(I also took the liberty to make you bugowner of plymouth)

I'm thinking on a simply shell function for the initrd script defined the lines below the shell function die() ...

  emergency (){
      local plymouth sulogin
      if plymouth=$(type -p plymouth 2> /dev/null) ; then
          $plymouth quit
          $plymouth --wait
      fi
      cd /
      echo -n "${1+$@} -- "
      if sulogin=$(type -p sulogin 2> /dev/null); then
          echo "exiting to $sulogin"
          $sulogin
      else
          echo "exiting to /bin/sh"
          PATH=$PATH PS1='$ ' /bin/sh -i
      fi 
  }

and then replace all occurrences of

  echo ...
  cd /
  PATH=$PATH PS1='$ ' /bin/sh -i

with this shell function should solve the trouble ... beside this with the
sulogin  from sysvinit-tools or the new linux-utils it would be possible to
do the emergency on all system consoles in parallel.  Only the root lines
from /etc/passwd and /etc/shadow together with /sbin/sulogin are required.

This would require to add /sbin/sulogin to the `#%programs:' line of boot-start.sh and a view lines in setup-start.sh

  > $tmp_mnt/etc/passwd
  > $tmp_mnt/etc/shadow
  chmod 0644 $tmp_mnt/etc/passwd
  chmod 0600 $tmp_mnt/etc/shadow
  grep ^root /etc/passwd >> $tmp_mnt/etc/passwd
  grep ^root /etc/shadow >> $tmp_mnt/etc/shadow

Created attachment 534543 [details]
mkinitrd-2.7.2-sulogin.patch

Switch plymouth and/or splash off before escaping to emergency shell

As well as use sulogin to have a emergency shell on all consoles and
to enable a password check.  For this check the initrd should be set
to be readable only by root to avoid that users can to spy on the
confidential data stored within the initrd.

@Michal: What do you think about?  Clearly the emergency shell in boot-nfs.sh has to also replaced by the emergency shell function.

Created attachment 534599 [details]
mkinitrd-2.7.2-sulogin.patch

be areware that the current etc is scanned not /etc

This is an autogenerated message for OBS integration:
This bug (809812) was mentioned in
https://build.opensuse.org/request/show/174657 Factory / mkinitrd

I've been hit by a similar bug (when / couldn't be mounted due to some btrfs issue) and I couldn't type anything due to plymouth not being properly shut down before dropping to shell.

Could we, please, push this to 12.3 update ?

I've tested the patch and it works fine..

Question for Michal Marek, right?

to whoever maintains mkinitrd :)

But openSUSE maintenance team approval would be great too ;)

speaking for maintenance it is a good idea to have it, looks safe and testable too.

if you want to test a breakage fixed by this bug, here is an howto:
- install 12.3 on a VM, with btrfs as FS (make sure to install a system with a desktop environment)
- once install is done, add "crashme" to the options for / in /etc/fstab
- run mkinitrd
- reboot 
- startup will not complete, splash won't quit
- pressing quit will hide splash but you won't be able to type anything in the debug shell

*** Bug 818821 has been marked as a duplicate of this bug. ***

This is an autogenerated message for OBS integration:
This bug (809812) was mentioned in
https://build.opensuse.org/request/show/184330 Factory / open-fcoe

openSUSE-RU-2013:1416-1: An update that has 10 recommended fixes can now be installed.

Category: recommended (moderate)
Bug References: 755642,775268,784613,787075,801984,804398,805059,809742,809812,814540
CVE References: 
Sources used:
openSUSE 12.3 (src):    mkinitrd-2.7.2-3.5.1

This is an autogenerated message for OBS integration:
This bug (809812) was mentioned in
https://build.opensuse.org/request/show/202786 Factory / open-fcoe

This is an autogenerated message for OBS integration:
This bug (809812) was mentioned in
https://build.opensuse.org/request/show/202801 Factory / open-fcoe

Closing due to inactivity

Sorry but this is a major feature. Plymouth should not break any shell nor any getty not (su)login due e.g. locking the terminal line.

@ Michal : PLEASE would give an answer to comment #5

@Werner, As far as I can see in comment #15 an maintenance update was done for mkinitrd. So are you sure that this is bug still relevant or has it been resolved ?

Indeed I've submitted this.  Nevertheless AFAIK dracut as successor does not have this sulogin nor the root password feature.  And the original problem was/is that plymouth does lock the devices below /dev/console which fools e.g. sulogin as well as the following shell.

The question is:  How we can make sure that plymouth is really stopped before
an emergency shell or and sulogin followed by an emergency shell?

For mkinitrd I've used

+emergency() {
+    local plymouth sulogin
+    if plymouth=$(type -p plymouth 2> /dev/null) ; then
+	$plymouth quit
+	$plymouth --wait
+    fi
+    if test -w /proc/splash ; then
+	echo verbose >| /proc/splash
+    fi
+    cd /
+    echo -n "${1+$@} -- "
+    if sulogin=$(type -p sulogin 2> /dev/null); then
+	echo "exiting to $sulogin"
+	PATH=$PATH PS1='$ ' $sulogin /dev/console
+    else
+	echo "exiting to /bin/sh"
+	PATH=$PATH PS1='$ ' /bin/sh -i
+    fi
+}

as replacement for all /bin/bash emergency shells.  The question is if dracut does the same?

Can this be closed?  12.3 is long out of service and openSUSE has been using dracut for quite a while now.

As 12.3 is out of support and now we use dracut please open a new report for Leap/Tumbleweed if problem still occurs.