[GH-ISSUE #200] [BUG] fstab gets replaced with only a few lines #64

New issue

Closed

opened 2026-03-03 13:58:51 +03:00 by kerem · 3 comments

kerem commented 2026-03-03 13:58:51 +03:00

Owner

Copy link

Originally created by @beepboop1234 on GitHub (Nov 23, 2022).
Original GitHub issue: https://github.com/konstruktoid/hardening/issues/200

Originally assigned to: @konstruktoid on GitHub.

Describe the bug
Probably user error on my part. New 22.04 minimal install in proxmox. Set up partitions according to documentation (image attached). After running the ubuntu.sh script my fstab only contains:

# <file system> <mount point>   <type>  <options>       <dump>  <pass>
# / was on /dev/vg0/root during curtin installation
/dev/disk/by-id/dm-uuid-LVM-QRDzL9NLT0lsQ3yOwJEOddaT2Vc0dqOwrrHjdKzRUGhQVfjv9rPpQ00a9sK0SsmY / ext4 defaults 0 1
/swap.img	none	swap	sw	0	0
none /run/shm tmpfs rw,noexec,nosuid,nodev 0 0
none /dev/shm tmpfs rw,noexec,nosuid,nodev 0 0
none /proc proc rw,nosuid,nodev,noexec,relatime,hidepid=2 0 0

Prior to script it contained:

# <file system> <mount point>   <type>  <options>       <dump>  <pass>
# / was on /dev/vg0/root during curtin installation
/dev/disk/by-id/dm-uuid-LVM-QRDzL9NLT0lsQ3yOwJEOddaT2Vc0dqOwrrHjdKzRUGhQVfjv9rPpQ00a9sK0SsmY / ext4 defaults 0 1
# /var/log was on /dev/vg0/log during curtin installation
/dev/disk/by-id/dm-uuid-LVM-QRDzL9NLT0lsQ3yOwJEOddaT2Vc0dqOwfZ4smrKRNPsmsUoU9JatU819FORv0QJF /var/log ext4 rw,nosuid,nodev,noexec 0 1
# /var/log/audit was on /dev/vg0/audit during curtin installation
/dev/disk/by-id/dm-uuid-LVM-QRDzL9NLT0lsQ3yOwJEOddaT2Vc0dqOwimkBGl9f8k2dqd9n0qebolrah6Ph9Pn4 /var/log/audit ext4 rw,nosuid,nodev,noexec 0 1
# /var/tmp was on /dev/vg0/tmp during curtin installation
/dev/disk/by-id/dm-uuid-LVM-QRDzL9NLT0lsQ3yOwJEOddaT2Vc0dqOw5UwIXTIKHWzTt7LxGCJIeU5CyDureOZr /var/tmp ext4 rw,nosuid,nodev,noexec 0 1
# /home was on /dev/vg0/home during curtin installation
/dev/disk/by-id/dm-uuid-LVM-QRDzL9NLT0lsQ3yOwJEOddaT2Vc0dqOwtvv0fdFSrnnXOBXpnAvJXko8mtCRfg3k /home ext4 rw,nosuid,nodev 0 1
# /boot was on /dev/vg0/boot during curtin installation
/dev/disk/by-id/dm-uuid-LVM-QRDzL9NLT0lsQ3yOwJEOddaT2Vc0dqOw1wt6WxYijGkmQlfUKaZ65Ose0vHPBL53 /boot ext4 rw 0 1
/swap.img	none	swap	sw	0	0

First time this happened I assumed it was because I hadn't modified fstab to replace the "defaults" with nosuid, etc so I updated fstab to (I think) mirror your directions and still have the same error.

To Reproduce
Ubuntu Server 22.04 on proxmox and run ubuntu.sh

Expected behavior
Not to have all partitions removed from fstab

System (lsb_release -a):

No LSB modules are available.                                                                                                                             
Distributor ID: Ubuntu                                                                                                                                    
Description:    Ubuntu 22.04.1 LTS                                                                                                                        
Release:        22.04                                                                                                                                     
Codename:       jammy 

Additional context
Changes to ubuntu.cfg were only adding the IP of my main machine, new ssh port, verbose to 'Y', and entering an admin email, along with the CHANGEME change. I saw the same login loop as issue 157 when attempting to login via console in proxmox but was able to ssh in and swap the fstab back.

Again, I don't have a lot of experience with Ubuntu servers so this is probably user error but opening this in case it's not.

Here's a screenshot of the partitions when I set them up following your screenshots from issue 118.

Here's the log file it generated:

hardening-ubuntuserver-221123.log

If there's something I'm doing wrong or there's other info I can provide please let me know. Thanks!

Originally created by @beepboop1234 on GitHub (Nov 23, 2022). Original GitHub issue: https://github.com/konstruktoid/hardening/issues/200 Originally assigned to: @konstruktoid on GitHub. **Describe the bug** Probably user error on my part. New 22.04 minimal install in proxmox. Set up partitions according to documentation (image attached). After running the ubuntu.sh script my fstab only contains: ``` # <file system> <mount point> <type> <options> <dump> <pass> # / was on /dev/vg0/root during curtin installation /dev/disk/by-id/dm-uuid-LVM-QRDzL9NLT0lsQ3yOwJEOddaT2Vc0dqOwrrHjdKzRUGhQVfjv9rPpQ00a9sK0SsmY / ext4 defaults 0 1 /swap.img none swap sw 0 0 none /run/shm tmpfs rw,noexec,nosuid,nodev 0 0 none /dev/shm tmpfs rw,noexec,nosuid,nodev 0 0 none /proc proc rw,nosuid,nodev,noexec,relatime,hidepid=2 0 0 ``` Prior to script it contained: ``` # <file system> <mount point> <type> <options> <dump> <pass> # / was on /dev/vg0/root during curtin installation /dev/disk/by-id/dm-uuid-LVM-QRDzL9NLT0lsQ3yOwJEOddaT2Vc0dqOwrrHjdKzRUGhQVfjv9rPpQ00a9sK0SsmY / ext4 defaults 0 1 # /var/log was on /dev/vg0/log during curtin installation /dev/disk/by-id/dm-uuid-LVM-QRDzL9NLT0lsQ3yOwJEOddaT2Vc0dqOwfZ4smrKRNPsmsUoU9JatU819FORv0QJF /var/log ext4 rw,nosuid,nodev,noexec 0 1 # /var/log/audit was on /dev/vg0/audit during curtin installation /dev/disk/by-id/dm-uuid-LVM-QRDzL9NLT0lsQ3yOwJEOddaT2Vc0dqOwimkBGl9f8k2dqd9n0qebolrah6Ph9Pn4 /var/log/audit ext4 rw,nosuid,nodev,noexec 0 1 # /var/tmp was on /dev/vg0/tmp during curtin installation /dev/disk/by-id/dm-uuid-LVM-QRDzL9NLT0lsQ3yOwJEOddaT2Vc0dqOw5UwIXTIKHWzTt7LxGCJIeU5CyDureOZr /var/tmp ext4 rw,nosuid,nodev,noexec 0 1 # /home was on /dev/vg0/home during curtin installation /dev/disk/by-id/dm-uuid-LVM-QRDzL9NLT0lsQ3yOwJEOddaT2Vc0dqOwtvv0fdFSrnnXOBXpnAvJXko8mtCRfg3k /home ext4 rw,nosuid,nodev 0 1 # /boot was on /dev/vg0/boot during curtin installation /dev/disk/by-id/dm-uuid-LVM-QRDzL9NLT0lsQ3yOwJEOddaT2Vc0dqOw1wt6WxYijGkmQlfUKaZ65Ose0vHPBL53 /boot ext4 rw 0 1 /swap.img none swap sw 0 0 ``` First time this happened I assumed it was because I hadn't modified fstab to replace the "defaults" with nosuid, etc so I updated fstab to (I think) mirror your directions and still have the same error. **To Reproduce** Ubuntu Server 22.04 on proxmox and run ubuntu.sh **Expected behavior** Not to have all partitions removed from fstab **System (lsb_release -a):** ``` No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu 22.04.1 LTS Release: 22.04 Codename: jammy ``` **Additional context** Changes to ubuntu.cfg were only adding the IP of my main machine, new ssh port, verbose to 'Y', and entering an admin email, along with the CHANGEME change. I saw the same login loop as issue 157 when attempting to login via console in proxmox but was able to ssh in and swap the fstab back. Again, I don't have a lot of experience with Ubuntu servers so this is probably user error but opening this in case it's not. Here's a screenshot of the partitions when I set them up following your screenshots from issue 118.  Here's the log file it generated: [hardening-ubuntuserver-221123.log](https://github.com/konstruktoid/hardening/files/10079193/hardening-ubuntuserver-221123.log) If there's something I'm doing wrong or there's other info I can provide please let me know. Thanks!

kerem closed this issue 2026-03-03 13:58:52 +03:00

kerem commented 2026-03-03 13:58:52 +03:00

Author

Owner

Copy link

@konstruktoid commented on GitHub (Nov 24, 2022):

Thanks for creating this issue @beepboop1234, I'll have a look.

<!-- gh-comment-id:1325800079 --> @konstruktoid commented on GitHub (Nov 24, 2022): Thanks for creating this issue @beepboop1234, I'll have a look.

kerem commented 2026-03-03 13:58:52 +03:00

Author

Owner

Copy link

@konstruktoid commented on GitHub (Nov 29, 2022):

So sorry for the late reply @beepboop1234 and you are correct.
The curtin installation sets defaults 0 1 on all partitions which makes the script ignore it.

I've merged https://github.com/konstruktoid/hardening/pull/202, so can you try again?

<!-- gh-comment-id:1330420353 --> @konstruktoid commented on GitHub (Nov 29, 2022): So sorry for the late reply @beepboop1234 and you are correct. The curtin installation sets `defaults 0 1` on all partitions which makes the script ignore it. I've merged https://github.com/konstruktoid/hardening/pull/202, so can you try again?

kerem commented 2026-03-03 13:58:53 +03:00

Author

Owner

Copy link

@beepboop1234 commented on GitHub (Dec 16, 2022):

And sorry I'm just seeing and replying to this @konstruktoid. Just setup another vm and tested it and I'm no longer seeing the previous problem behavior. Thanks for getting that updated so quickly! I've only used github once or twice before and don't know how to mark this as closed or solved or similar. If this post doesn't do it, feel free to close this out.

Thanks again!

<!-- gh-comment-id:1354277777 --> @beepboop1234 commented on GitHub (Dec 16, 2022): And sorry I'm just seeing and replying to this @konstruktoid. Just setup another vm and tested it and I'm no longer seeing the previous problem behavior. Thanks for getting that updated so quickly! I've only used github once or twice before and don't know how to mark this as closed or solved or similar. If this post doesn't do it, feel free to close this out. Thanks again!

kerem referenced this issue 2026-03-03 14:29:48 +03:00

[PR #64] [MERGED] Fix grep for auto clean config #129

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

renovate/github-codeql-action-4.x

v2.2.0

v2.1.0

v2.0.0

v1.0.0

v1.0

Labels

Clear labels   

Stale

  

bug

  

bug

  

bug

  

pull-request

Mirrored from GitHub Pull Request

No labels

Stale

bug

bug

bug

pull-request

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/hardening#64

No description provided.