pool/cifs-utils
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 877264 from network:samba:STABLE

Browse Source 
OBS-URL: https://build.opensuse.org/request/show/877264
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/cifs-utils?expand=0&rev=66
This commit is contained in:
Dominique Leuenberger 2021-03-10 07:46:53 +00:00 committed by Git OBS Bridge
commit 877adba913
20 changed files with 104 additions and 1105 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

106
0001-smbinfo-Improve-help-usage-and-add-h-option.patch
View File

@ -1,106 +0,0 @@
From 12c2f088fa3d666fc5aa48a700e740523d8d2023 Mon Sep 17 00:00:00 2001
From: Kenneth D'souza <kdsouza@redhat.com>
Date: Wed, 17 Apr 2019 15:36:46 +0530
Subject: [PATCH] smbinfo: Improve help usage and add -h option.
Call usage only for -h case. This avoids cluttering the screen with long
help output.
As we are adding more options to the utility, the end error is just hidden.
Call short_usage wherever necessary.
Signed-off-by: Kenneth D'souza <kdsouza@redhat.com>
---
smbinfo.c | 27 ++++++++++++++++++++++-----
smbinfo.rst | 5 ++++-
2 files changed, 26 insertions(+), 6 deletions(-)
diff --git a/smbinfo.c b/smbinfo.c
index 4bc503a..6e258c2 100644
--- a/smbinfo.c
+++ b/smbinfo.c
@@ -64,6 +64,8 @@ usage(char *name)
{
fprintf(stderr, "Usage: %s [-V] <command> <file>\n"
"-V for verbose output\n"
+ "-h display this help text\n"
+ "-v print smbinfo version\n"
"Commands are\n"
" fileaccessinfo:\n"
" Prints FileAccessInfo for a cifs file.\n"
@@ -97,6 +99,14 @@ usage(char *name)
exit(1);
}
+static void
+short_usage(char *name)
+{
+ fprintf(stderr, "Usage: %s [-v] [-V] <command> <file>\n"
+ "Try 'smbinfo -h' for more information.\n", name);
+ exit(1);
+}
+
static void
win_to_timeval(uint64_t smb2_time, struct timeval *tv)
{
@@ -1075,7 +1085,11 @@ int main(int argc, char *argv[])
int c;
int f;
- while ((c = getopt_long(argc, argv, "vV", NULL, NULL)) != -1) {
+ if (argc < 2) {
+ short_usage(argv[0]);
+ }
+
+ while ((c = getopt_long(argc, argv, "vVh", NULL, NULL)) != -1) {
switch (c) {
case 'v':
printf("smbinfo version %s\n", VERSION);
@@ -1083,15 +1097,18 @@ int main(int argc, char *argv[])
case 'V':
verbose = 1;
break;
- default:
+ case 'h':
usage(argv[0]);
+ break;
+ default:
+ short_usage(argv[0]);
}
}
- if (optind >= argc - 1)
- usage(argv[0]);
+ if (optind >= argc -1)
+ short_usage(argv[0]);
- if ((f = open(argv[optind + 1], O_RDONLY)) < 0) {
+ if ((f = open(argv[optind + 1 ], O_RDONLY)) < 0) {
fprintf(stderr, "Failed to open %s\n", argv[optind + 1]);
exit(1);
}
diff --git a/smbinfo.rst b/smbinfo.rst
index 0c96050..be4c829 100644
--- a/smbinfo.rst
+++ b/smbinfo.rst
@@ -11,7 +11,7 @@ Userspace helper to display SMB-specific file information for the Linux SMB clie
SYNOPSIS
********
- smbinfo [-v] [-V] {command} {file system object}
+ smbinfo [-v] [-h] [-V] {command} {file system object}
***********
DESCRIPTION
@@ -38,6 +38,9 @@ OPTIONS
-V
Verbose output.
+-h
+ Print help explaining the command line options.
+
*******
COMMAND
*******
--
2.16.4

65
0002-smbinfo-Add-bash-completion-support-for-smbinfo.patch
View File

@ -1,65 +0,0 @@
From dfe497f9f51983147a7caa69f62bb6648ea507ec Mon Sep 17 00:00:00 2001
From: Kenneth D'souza <kdsouza@redhat.com>
Date: Wed, 17 Apr 2019 16:57:05 +0530
Subject: [PATCH] smbinfo: Add bash completion support for smbinfo.
This help us better populate options using <tab> <tab>.
Signed-off-by: Kenneth D'souza <kdsouza@redhat.com>
Signed-off-by: Pavel Shilovsky <pshilov@microsoft.com>
---
bash-completion/smbinfo | 42 ++++++++++++++++++++++++++++++++++++++++++
1 file changed, 42 insertions(+)
create mode 100644 bash-completion/smbinfo
diff --git a/bash-completion/smbinfo b/bash-completion/smbinfo
new file mode 100644
index 0000000..ad5d34d
--- /dev/null
+++ b/bash-completion/smbinfo
@@ -0,0 +1,42 @@
+# bash completion for smbinfo -*- shell-script -*-
+smb_info()
+{
+ local cur prev OPTS
+ COMPREPLY=()
+ cur="${COMP_WORDS[COMP_CWORD]}"
+ prev="${COMP_WORDS[COMP_CWORD-1]}"
+ OPTS="fileaccessinfo
+ filealigninfo
+ fileallinfo
+ filebasicinfo
+ fileeainfo
+ filefsfullsizeinfo
+ fileinternalinfo
+ filemodeinfo
+ filepositioninfo
+ filestandardinfo
+ fsctl-getobjid
+ list-snapshots
+ quota
+ secdesc"
+ case $prev in
+ '-v'|'-h')
+ return 0
+ ;;
+ 'fileaccessinfo'|'filealigninfo'|'fileallinfo'|'filebasicinfo'|'fileeainfo'|'filefsfullsizeinfo'|\
+ 'fileinternalinfo'|'filemodeinfo'|'filepositioninfo'|'filestandardinfo'|'fsctl-getobjid'|\
+ 'list-snapshots'|'quota'|'secdesc')
+ local IFS=$'\n'
+ compopt -o filenames
+ COMPREPLY=( $(compgen -f -o dirnames -- ${cur:-""}) )
+ return 0
+ ;;
+ '-V'|*'smbinfo')
+ COMPREPLY=( $(compgen -W "${OPTS[*]}" -- $cur) )
+ return 0
+ ;;
+ esac
+
+ return 0
+}
+complete -F smb_info smbinfo
--
2.16.4

126
0003-getcifsacl-Add-support-to-accept-more-paths.patch
View File

@ -1,126 +0,0 @@
From 9beaa8c3c895ca8460d81fb54a6a0de2bb21a277 Mon Sep 17 00:00:00 2001
From: Kenneth D'souza <kdsouza@redhat.com>
Date: Wed, 17 Apr 2019 22:49:09 +0530
Subject: [PATCH] getcifsacl: Add support to accept more paths
Accept more than one path on the getcifsacl command line.
Signed-off-by: Kenneth D'souza <kdsouza@redhat.com>
---
getcifsacl.c | 80 +++++++++++++++++++++++++++++++++---------------------------
1 file changed, 44 insertions(+), 36 deletions(-)
diff --git a/getcifsacl.c b/getcifsacl.c
index fc78881..556178a 100644
--- a/getcifsacl.c
+++ b/getcifsacl.c
@@ -340,14 +340,52 @@ getcifsacl_usage(const char *prog)
fprintf(stderr, "\nRefer to getcifsacl(1) manpage for details\n");
}
+static void
+getcifsacl(const char *filename, bool raw)
+{
+ ssize_t attrlen;
+ size_t bufsize = BUFSIZE;
+ char *attrval;
+ int failed = 0;
+cifsacl:
+ if (bufsize >= XATTR_SIZE_MAX) {
+ fprintf(stderr, "buffer to allocate exceeds max size of %d\n",
+ XATTR_SIZE_MAX);
+ exit(1);
+ }
+
+ attrval = malloc(bufsize * sizeof(char));
+ if (!attrval) {
+ fprintf(stderr, "error allocating memory for attribute value buffer\n");
+ exit(1);
+ }
+
+ attrlen = getxattr(filename, ATTRNAME, attrval, bufsize);
+ if (attrlen == -1) {
+ if (errno == ERANGE) {
+ free(attrval);
+ bufsize += BUFSIZE;
+ goto cifsacl;
+ } else {
+ fprintf(stderr, "Failed to getxattr %s: %s\n", filename,
+ strerror(errno));
+ failed = -1;
+ }
+ }
+
+ if (failed == 0) {
+ printf("# filename: %s\n", filename);
+ parse_sec_desc((struct cifs_ntsd *)attrval, attrlen, raw);
+ printf("\n");
+ }
+ free(attrval);
+}
+
int
main(const int argc, char *const argv[])
{
int c, ret = 0;
bool raw = false;
- ssize_t attrlen;
- size_t bufsize = BUFSIZE;
- char *filename, *attrval;
execname = basename(argv[0]);
if (argc < 2) {
@@ -374,8 +412,7 @@ main(const int argc, char *const argv[])
printf("you must specify a filename after options.\n");
printf("Usage: getcifsacl [option] <file_name>\n");
goto out;
- } else
- filename = argv[optind];
+ }
if (!raw && !plugin_loaded) {
ret = init_plugin(&plugin_handle);
@@ -386,38 +423,9 @@ main(const int argc, char *const argv[])
plugin_loaded = true;
}
-cifsacl:
- if (bufsize >= XATTR_SIZE_MAX) {
- printf("buffer to allocate exceeds max size of %d\n",
- XATTR_SIZE_MAX);
- ret = -1;
- goto out;
- }
-
- attrval = malloc(bufsize * sizeof(char));
- if (!attrval) {
- printf("error allocating memory for attribute value buffer\n");
- ret = -1;
- goto out;
- }
-
- attrlen = getxattr(filename, ATTRNAME, attrval, bufsize);
- if (attrlen == -1) {
- if (errno == ERANGE) {
- free(attrval);
- bufsize += BUFSIZE;
- goto cifsacl;
- } else {
- fprintf(stderr, "getxattr failed on %s: %s\n", filename, strerror(errno) );
- free(attrval);
- ret = -1;
- goto out;
- }
- }
-
- parse_sec_desc((struct cifs_ntsd *)attrval, attrlen, raw);
+ for(; optind < argc; optind++)
+ getcifsacl(argv[optind], raw);
- free(attrval);
out:
if (plugin_loaded)
exit_plugin(plugin_handle);
--
2.16.4

35
0004-getcifsacl-Fix-usage-message-to-include-multiple-fil.patch
View File

@ -1,35 +0,0 @@
From f2955af017f604003e3c8c3efe0fb0fb85584cea Mon Sep 17 00:00:00 2001
From: Pavel Shilovsky <pshilov@microsoft.com>
Date: Thu, 18 Apr 2019 12:32:02 -0700
Subject: [PATCH] getcifsacl: Fix usage message to include multiple files
Signed-off-by: Pavel Shilovsky <pshilov@microsoft.com>
---
getcifsacl.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/getcifsacl.c b/getcifsacl.c
index 556178a..bea81ee 100644
--- a/getcifsacl.c
+++ b/getcifsacl.c
@@ -330,7 +330,7 @@ getcifsacl_usage(const char *prog)
fprintf(stderr,
"%s: Display CIFS/NTFS ACL in a security descriptor of a file object\n",
prog);
- fprintf(stderr, "Usage: %s [option] <file_name>\n", prog);
+ fprintf(stderr, "Usage: %s [option] <file_name1> [<file_name2>,<file_name3>,...]\n", prog);
fprintf(stderr, "Valid options:\n");
fprintf(stderr, "\t-h Display this help text\n");
fprintf(stderr, "\n");
@@ -410,7 +410,7 @@ main(const int argc, char *const argv[])
if (optind >= argc) {
printf("you must specify a filename after options.\n");
- printf("Usage: getcifsacl [option] <file_name>\n");
+ printf("Usage: getcifsacl [option] <file_name1> [<file_name2>,<file_name3>,...]\n");
goto out;
}
--
2.16.4

100
0005-smbinfo-add-GETCOMPRESSION-support.patch
View File

@ -1,100 +0,0 @@
From 1e4fca25948d52fc29410963663f3af72275bcb6 Mon Sep 17 00:00:00 2001
From: Ronnie Sahlberg <lsahlber@redhat.com>
Date: Thu, 11 Apr 2019 12:23:06 +1000
Subject: [PATCH] smbinfo: add GETCOMPRESSION support
Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com>
---
smbinfo.c | 48 ++++++++++++++++++++++++++++++++++++++++++++++++
smbinfo.rst | 2 ++
2 files changed, 50 insertions(+)
diff --git a/smbinfo.c b/smbinfo.c
index 6e258c2..b4d497b 100644
--- a/smbinfo.c
+++ b/smbinfo.c
@@ -89,6 +89,8 @@ usage(char *name)
" Prints FileStandardInfo for a cifs file.\n"
" fsctl-getobjid:\n"
" Prints the objectid of the file and GUID of the underlying volume.\n"
+ " getcompression:\n"
+ " Prints the compression setting for the file.\n"
" list-snapshots:\n"
" List the previous versions of the volume that backs this file.\n"
" quota:\n"
@@ -252,6 +254,50 @@ fsctlgetobjid(int f)
free(qi);
}
+static void
+print_getcompression(uint8_t *sd)
+{
+ uint16_t u16;
+
+ memcpy(&u16, &sd[0], 2);
+ u16 = le16toh(u16);
+
+ printf("Compression: ");
+ switch (u16) {
+ case 0:
+ printf("(0) NONE\n");
+ break;
+ case 2:
+ printf("(2) LZNT1\n");
+ break;
+ default:
+ printf("(%d) UNKNOWN\n", u16);
+ break;
+ }
+}
+
+static void
+getcompression(int f)
+{
+ struct smb_query_info *qi;
+
+ qi = malloc(sizeof(struct smb_query_info) + 2);
+ memset(qi, 0, sizeof(qi) + 2);
+ qi->info_type = 0x9003c;
+ qi->file_info_class = 0;
+ qi->additional_information = 0;
+ qi->input_buffer_length = 2;
+ qi->flags = PASSTHRU_FSCTL;
+
+ if (ioctl(f, CIFS_QUERY_INFO, qi) < 0) {
+ fprintf(stderr, "ioctl failed with %s\n", strerror(errno));
+ exit(1);
+ }
+ print_getcompression((uint8_t *)(&qi[1]));
+
+ free(qi);
+}
+
static void
print_fileaccessinfo(uint8_t *sd, int type)
{
@@ -1135,6 +1181,8 @@ int main(int argc, char *argv[])
filestandardinfo(f);
else if (!strcmp(argv[optind], "fsctl-getobjid"))
fsctlgetobjid(f);
+ else if (!strcmp(argv[optind], "getcompression"))
+ getcompression(f);
else if (!strcmp(argv[optind], "list-snapshots"))
list_snapshots(f);
else if (!strcmp(argv[optind], "quota"))
diff --git a/smbinfo.rst b/smbinfo.rst
index be4c829..500ce0e 100644
--- a/smbinfo.rst
+++ b/smbinfo.rst
@@ -67,6 +67,8 @@ COMMAND
`fsctl-getobjid`: Prints the ObjectID
+`getcompression`: Prints the compression setting for the file.
+
`list-snapshots`: Lists the previous versions of the volume that backs this file
`quota`: Print the quota for the volume in the form
--
2.16.4

123
0006-getcifsacl-Add-support-for-R-recursive-option.patch
View File

@ -1,123 +0,0 @@
From 43f389bb3759ea49efb705acd2d314fd91a7bc57 Mon Sep 17 00:00:00 2001
From: Kenneth D'souza <kdsouza@redhat.com>
Date: Mon, 22 Apr 2019 11:23:41 +0530
Subject: [PATCH] getcifsacl: Add support for -R(recursive) option.
Add support for -R option so we can list the ACLs of all files and
directories recursively.
Signed-off-by: Kenneth D'souza <kdsouza@redhat.com>
---
getcifsacl.c | 32 +++++++++++++++++++++++++++-----
getcifsacl.rst.in | 3 +++
2 files changed, 30 insertions(+), 5 deletions(-)
diff --git a/getcifsacl.c b/getcifsacl.c
index bea81ee..d58b769 100644
--- a/getcifsacl.c
+++ b/getcifsacl.c
@@ -37,10 +37,12 @@
#include <sys/xattr.h>
#include "cifsacl.h"
#include "idmap_plugin.h"
+#include <ftw.h>
static void *plugin_handle;
static bool plugin_loaded;
static char *execname;
+static bool raw = false;
static void
print_each_ace_mask(uint32_t mask)
@@ -336,12 +338,14 @@ getcifsacl_usage(const char *prog)
fprintf(stderr, "\n");
fprintf(stderr, "\t-v Version of the program\n");
fprintf(stderr, "\n");
+ fprintf(stderr, "\t-R recurse into subdirectories\n");
+ fprintf(stderr, "\n");
fprintf(stderr, "\t-r Display raw values of the ACE fields\n");
fprintf(stderr, "\nRefer to getcifsacl(1) manpage for details\n");
}
static void
-getcifsacl(const char *filename, bool raw)
+getcifsacl(const char *filename)
{
ssize_t attrlen;
size_t bufsize = BUFSIZE;
@@ -381,12 +385,21 @@ cifsacl:
free(attrval);
}
+static int recursive(const char *filename, const struct stat *sb, int tflag, struct FTW *ftwbuf)
+{
+ (void)sb;
+ (void)tflag;
+ (void)ftwbuf;
+ getcifsacl(filename);
+ return 0;
+}
+
int
main(const int argc, char *const argv[])
{
int c, ret = 0;
- bool raw = false;
execname = basename(argv[0]);
+ int do_recursive = 0;
if (argc < 2) {
fprintf(stderr, "%s: you must specify a filename.\n", execname);
@@ -394,7 +407,7 @@ main(const int argc, char *const argv[])
goto out;
}
- while ((c = getopt_long(argc, argv, "rhv", NULL, NULL)) != -1) {
+ while ((c = getopt_long(argc, argv, "Rrhv", NULL, NULL)) != -1) {
switch (c) {
case 'v':
printf("Version: %s\n", VERSION);
@@ -402,6 +415,9 @@ main(const int argc, char *const argv[])
case 'r':
raw = true;
break;
+ case 'R':
+ do_recursive = 1;
+ break;
default:
getcifsacl_usage(execname);
goto out;
@@ -423,8 +439,14 @@ main(const int argc, char *const argv[])
plugin_loaded = true;
}
- for(; optind < argc; optind++)
- getcifsacl(argv[optind], raw);
+ for(; optind < argc; optind++) {
+ if(do_recursive) {
+ if (nftw(argv[optind], recursive, 20, 0) == -1)
+ fprintf(stderr, "Invalid filename %s: %s\n", argv[optind], strerror(errno));
+ }
+ else
+ getcifsacl(argv[optind]);
+ }
out:
if (plugin_loaded)
diff --git a/getcifsacl.rst.in b/getcifsacl.rst.in
index 21a10cd..ffde968 100644
--- a/getcifsacl.rst.in
+++ b/getcifsacl.rst.in
@@ -43,6 +43,9 @@ OPTIONS
flags are displayed in hexadecimal format, a SID is not mapped to a
name.
+-R
+ List the ACLs of all files and directories recursively.
+
*****
NOTES
*****
--
2.16.4

34
0007-smbinfo-add-bash-completion-support-for-getcompressi.patch
View File

@ -1,34 +0,0 @@
From 13c370424575d864544bfb4535832dfcffa91e82 Mon Sep 17 00:00:00 2001
From: Pavel Shilovsky <pshilov@microsoft.com>
Date: Tue, 7 May 2019 15:52:30 -0700
Subject: [PATCH] smbinfo: add bash completion support for getcompression
Signed-off-by: Pavel Shilovsky <pshilov@microsoft.com>
---
bash-completion/smbinfo | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/bash-completion/smbinfo b/bash-completion/smbinfo
index ad5d34d..282db55 100644
--- a/bash-completion/smbinfo
+++ b/bash-completion/smbinfo
@@ -16,6 +16,7 @@ smb_info()
filepositioninfo
filestandardinfo
fsctl-getobjid
+ getcompression
list-snapshots
quota
secdesc"
@@ -25,7 +26,7 @@ smb_info()
;;
'fileaccessinfo'|'filealigninfo'|'fileallinfo'|'filebasicinfo'|'fileeainfo'|'filefsfullsizeinfo'|\
'fileinternalinfo'|'filemodeinfo'|'filepositioninfo'|'filestandardinfo'|'fsctl-getobjid'|\
- 'list-snapshots'|'quota'|'secdesc')
+ 'getcompression'|'list-snapshots'|'quota'|'secdesc')
local IFS=$'\n'
compopt -o filenames
COMPREPLY=( $(compgen -f -o dirnames -- ${cur:-""}) )
--
2.16.4

73
0008-mount.cifs.c-fix-memory-leaks-in-main-func.patch
View File

@ -1,73 +0,0 @@
From bf7f48f4c7dcee623bd92b2e7a6ffd97a64a1138 Mon Sep 17 00:00:00 2001
From: Jiawen Liu <liujiawen10@huawei.com>
Date: Tue, 6 Aug 2019 10:35:29 +0800
Subject: [PATCH] mount.cifs.c: fix memory leaks in main func
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
In mount.cifs module, orgoptions and mountpoint in the main func
point to the memory allocated by func realpath and strndup respectively.
However, they are not freed before the main func returns so that the
memory leaks occurred.
The memory leak problem is reported by LeakSanitizer tool.
LeakSanitizer url: "https://github.com/google/sanitizers"
Here I free the pointers orgoptions and mountpoint before main
func returns.
Fixes7549ad5e7126 ("memory leaks: caused by func realpath and strndup")
Signed-off-by: Jiawen Liu <liujiawen10@huawei.com>
Reported-by: Jin Du <dujin1@huawei.com>
Reviewed-by: Saisai Zhang <zhangsaisai@huawei.com>
Reviewed-by: Aurélien Aptel <aaptel@suse.com>
---
mount.cifs.c | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/mount.cifs.c b/mount.cifs.c
index b3235e4..7748d54 100644
--- a/mount.cifs.c
+++ b/mount.cifs.c
@@ -1942,6 +1942,9 @@ restore_privs:
gid_t __attribute__((unused)) gignore = setfsgid(oldfsgid);
}
+ if (rc) {
+ free(*mountpointp);
+ }
return rc;
}
@@ -2044,8 +2047,10 @@ int main(int argc, char **argv)
/* chdir into mountpoint as soon as possible */
rc = acquire_mountpoint(&mountpoint);
- if (rc)
+ if (rc) {
+ free(orgoptions);
return rc;
+ }
/*
* mount.cifs does privilege separation. Most of the code to handle
@@ -2064,6 +2069,8 @@ int main(int argc, char **argv)
/* child */
rc = assemble_mountinfo(parsed_info, thisprogram, mountpoint,
orig_dev, orgoptions);
+ free(orgoptions);
+ free(mountpoint);
return rc;
} else {
/* parent */
@@ -2209,5 +2216,6 @@ mount_exit:
}
free(options);
free(orgoptions);
+ free(mountpoint);
return rc;
}
--
2.16.4

27
0009-Zero-fill-the-allocated-memory-for-new-struct-cifs_n.patch
View File

@ -1,27 +0,0 @@
From 5a468f3dcbea4bfbc380a3f86466b8e33bc40570 Mon Sep 17 00:00:00 2001
From: misku <miskuu@gmail.com>
Date: Wed, 31 Jul 2019 13:12:24 +0200
Subject: [PATCH] Zero fill the allocated memory for new `struct cifs_ntsd`
Fixes a bug where `sacloffset` may not be set at all later on and therefore it
can contain the original memory contents == trash.
---
setcifsacl.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/setcifsacl.c b/setcifsacl.c
index da1d742..f3d0189 100644
--- a/setcifsacl.c
+++ b/setcifsacl.c
@@ -206,7 +206,7 @@ alloc_sec_desc(struct cifs_ntsd *pntsd, struct cifs_ntsd **npntsd,
acessize = aces * sizeof(struct cifs_ace);
bufsize = size + acessize;
- *npntsd = malloc(bufsize);
+ *npntsd = calloc(1, bufsize);
if (!*npntsd) {
printf("%s: Memory allocation failure", __func__);
return errno;
--
2.16.4

29
0010-Zero-fill-the-allocated-memory-for-a-new-ACE.patch
View File

@ -1,29 +0,0 @@
From cb3dc2fe88f6179011acbafaaed025c5bdc96131 Mon Sep 17 00:00:00 2001
From: misku <miskuu@gmail.com>
Date: Wed, 31 Jul 2019 13:11:18 +0200
Subject: [PATCH] Zero fill the allocated memory for a new ACE
Fixes a bug inside a call to `verify_ace_flag`. When a flag string (char*)
passed as a first parameter is "0x0", the final flag value (the second
parameter - the value of a pointer to uint8_t) is not modified at all
and contains the original memory contents == trash.
---
setcifsacl.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/setcifsacl.c b/setcifsacl.c
index 1b98c37..da1d742 100644
--- a/setcifsacl.c
+++ b/setcifsacl.c
@@ -672,7 +672,7 @@ build_cmdline_aces(char **arrptr, int numcaces)
goto build_cmdline_aces_ret;
}
- cacesptr[i] = malloc(sizeof(struct cifs_ace));
+ cacesptr[i] = calloc(1, sizeof(struct cifs_ace));
if (!cacesptr[i]) {
printf("%s: ACE alloc error %d\n", __func__, errno);
goto build_cmdline_aces_ret;
--
2.16.4

78
0011-fix-doublefree.patch
View File

@ -1,78 +0,0 @@
From paulo@paulo.ac Thu Sep 5 18:49:35 2019
From: " Paulo Alcantara (SUSE) " <paulo@paulo.ac>
To: <piastryyy@gmail.com>,<samba-technical@lists.samba.org>,
<linux-cifs@vger.kernel.org>
Cc: "Aurelien Aptel" <aaptel@suse.com>
Subject: [PATCH] mount.cifs: Fix double-free issue when mounting with setuid root
Date: Thu, 5 Sep 2019 15:49:35 -0300
Message-Id: <20190905184935.30694-1-paulo@paulo.ac>
Content-Transfer-Encoding: 8bit
Content-Type: text/plain
MIME-Version: 1.0
It can be easily reproduced with the following:
# chmod +s `which mount.cifs`
# echo "//localhost/share /mnt cifs \
users,username=foo,password=XXXX" >> /etc/fstab
# su - foo
$ mount /mnt
free(): double free detected in tcache 2
Child process terminated abnormally.
The problem was that check_fstab() already freed orgoptions pointer
and then we freed it again in main() function.
Fixes: bf7f48f4c7dc ("mount.cifs.c: fix memory leaks in main func")
Signed-off-by: Paulo Alcantara (SUSE) <paulo@paulo.ac>
---
mount.cifs.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/mount.cifs.c b/mount.cifs.c
index 7748d54aa814..2116fc803311 100644
--- a/mount.cifs.c
+++ b/mount.cifs.c
@@ -247,7 +247,6 @@ check_fstab(const char *progname, const char *mountpoint, const char *devname,
* set of options. We don't want to trust what the user
* gave us, so just take whatever is in /etc/fstab.
*/
- free(*options);
*options = strdup(mnt->mnt_opts);
return 0;
}
@@ -1762,6 +1761,7 @@ assemble_mountinfo(struct parsed_mount_info *parsed_info,
const char *orig_dev, char *orgoptions)
{
int rc;
+ char *newopts = NULL;
rc = drop_capabilities(0);
if (rc)
@@ -1773,10 +1773,11 @@ assemble_mountinfo(struct parsed_mount_info *parsed_info,
if (getuid()) {
rc = check_fstab(thisprogram, mountpoint, orig_dev,
- &orgoptions);
+ &newopts);
if (rc)
goto assemble_exit;
+ orgoptions = newopts;
/* enable any default user mount flags */
parsed_info->flags |= CIFS_SETUID_FLAGS;
}
@@ -1880,6 +1881,7 @@ assemble_mountinfo(struct parsed_mount_info *parsed_info,
}
assemble_exit:
+ free(newopts);
return rc;
}
--
2.23.0

77
0012-mount.cifs-Fix-invalid-free.patch
View File

@ -1,77 +0,0 @@
From d48a8d61c07e3841ffd71f3aafa5db28dd35b6a7 Mon Sep 17 00:00:00 2001
From: "Paulo Alcantara (SUSE)" <pc@cjr.nz>
Date: Thu, 19 Sep 2019 08:35:47 -0300
Subject: [PATCH] mount.cifs: Fix invalid free
When attemping to chdir into non-existing directories, mount.cifs
crashes.
This patch fixes the following ASAN report:
$ ./mount.cifs //localhost/foo /mnt/invalid-dir -o ...
/mnt/bar -o username=foo,password=foo,vers=1.0
Couldn't chdir to /mnt/bar: No such file or directory
=================================================================
==11846==ERROR: AddressSanitizer: attempting free on address which was
not malloc()-ed: 0x7ffd86332e97 in thread T0
#0 0x7f0860ca01e7 in
__interceptor_free (/usr/lib64/libasan.so.5+0x10a1e7)
#1 0x557edece9ccb in
acquire_mountpoint (/home/paulo/src/cifs-utils/mount.cifs+0xeccb)
#2 0x557edecea63d in
main (/home/paulo/src/cifs-utils/mount.cifs+0xf63d)
#3 0x7f08609f0bca in __libc_start_main (/lib64/libc.so.6+0x26bca)
#4 0x557edece27d9 in
_start (/home/paulo/src/cifs-utils/mount.cifs+0x77d9)
Address 0x7ffd86332e97 is located in stack of thread T0 at offset 8951
in frame
#0 0x557edece9ce0 in
main (/home/paulo/src/cifs-utils/mount.cifs+0xece0)
This frame has 2 object(s):
[48, 52) 'rc' (line 1959)
[64, 72) 'mountpoint' (line 1955) <== Memory access at offset 8951
overflows this variable
HINT: this may be a false positive if your program uses some custom
stack unwind mechanism, swapcontext or vfork
(longjmp and C++ exceptions *are* supported)
SUMMARY: AddressSanitizer: bad-free (/usr/lib64/libasan.so.5+0x10a1e7)
in __interceptor_free
==11846==ABORTING
Fixes: bf7f48f4c7dc ("mount.cifs.c: fix memory leaks in main func")
Signed-off-by: Paulo Alcantara (SUSE) <pc@cjr.nz>
---
mount.cifs.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/mount.cifs.c b/mount.cifs.c
index 7748d54aa814..0c38adcd99b1 100644
--- a/mount.cifs.c
+++ b/mount.cifs.c
@@ -1893,7 +1893,7 @@ acquire_mountpoint(char **mountpointp)
int rc, dacrc;
uid_t realuid, oldfsuid;
gid_t oldfsgid;
- char *mountpoint;
+ char *mountpoint = NULL;
/*
* Acquire the necessary privileges to chdir to the mountpoint. If
@@ -1942,9 +1942,9 @@ restore_privs:
gid_t __attribute__((unused)) gignore = setfsgid(oldfsgid);
}
- if (rc) {
- free(*mountpointp);
- }
+ if (rc)
+ free(mountpoint);
+
return rc;
}
--
2.23.0

183
0013-CVE-2020-14342-mount.cifs-fix-shell-command-injectio.patch
View File

@ -1,183 +0,0 @@
From 610ea2412e2f31fbf3e662bf7dfadf7d73ce2934 Mon Sep 17 00:00:00 2001
From: Aurelien Aptel <aaptel@suse.com>
Date: Mon, 27 Jul 2020 10:34:44 +0200
Subject: [PATCH] CVE-2020-14342: mount.cifs: fix shell command injection
A bug has been reported recently for the mount.cifs utility which is
part of the cifs-utils package. The tool has a shell injection issue
where one can embed shell commands via the username mount option. Those
commands will be run via popen() in the context of the user calling
mount.
The bug requires cifs-utils to be built with --with-systemd (enabled
by default if supported).
A quick test to check if the mount.cifs binary is vulnerable is to look
for popen() calls like so:
$ nm mount.cifs | grep popen
U popen@@GLIBC_2.2.5
If the user is allowed to run mount.cifs via sudo, he can obtain a root
shell.
sudo mount.cifs -o username='`sh`' //1 /mnt
If mount.cifs has the setuid bit, the command will still be run as the
calling user (no privilege escalation).
The bug was introduced in June 2012 with commit 4e264031d0da7d3f2
("mount.cifs: Use systemd's mechanism for getting password, if
present.").
Affected versions:
cifs-utils-5.6
cifs-utils-5.7
cifs-utils-5.8
cifs-utils-5.9
cifs-utils-6.0
cifs-utils-6.1
cifs-utils-6.2
cifs-utils-6.3
cifs-utils-6.4
cifs-utils-6.5
cifs-utils-6.6
cifs-utils-6.7
cifs-utils-6.8
cifs-utils-6.9
cifs-utils-6.10
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14442
Reported-by: Vadim Lebedev <vadim@mbdsys.com>
Signed-off-by: Paulo Alcantara (SUSE) <paulo@paulo.ac>
Signed-off-by: Aurelien Aptel <aaptel@suse.com>
---
mount.cifs.c | 96 ++++++++++++++++++++++++++++++++++++++++------------
1 file changed, 75 insertions(+), 21 deletions(-)
diff --git a/mount.cifs.c b/mount.cifs.c
index 40918c1..4feb397 100644
--- a/mount.cifs.c
+++ b/mount.cifs.c
@@ -1695,6 +1695,73 @@ drop_child_privs(void)
return 0;
}
+#ifdef ENABLE_SYSTEMD
+static int get_passwd_by_systemd(const char *prompt, char *input, int capacity)
+{
+ int fd[2];
+ pid_t pid;
+ int offs = 0;
+ int rc = 1;
+
+ if (pipe(fd) == -1) {
+ fprintf(stderr, "Failed to create pipe: %s\n", strerror(errno));
+ return 1;
+ }
+
+ pid = fork();
+ if (pid == -1) {
+ fprintf(stderr, "Unable to fork: %s\n", strerror(errno));
+ close(fd[0]);
+ close(fd[1]);
+ return 1;
+ }
+ if (pid == 0) {
+ close(fd[0]);
+ dup2(fd[1], STDOUT_FILENO);
+ if (execlp("systemd-ask-password", "systemd-ask-password", prompt, NULL) == -1) {
+ fprintf(stderr, "Failed to execute systemd-ask-password: %s\n",
+ strerror(errno));
+ }
+ exit(1);
+ }
+
+ close(fd[1]);
+ for (;;) {
+ if (offs+1 >= capacity) {
+ fprintf(stderr, "Password too long.\n");
+ kill(pid, SIGTERM);
+ rc = 1;
+ break;
+ }
+ rc = read(fd[0], input + offs, capacity - offs);
+ if (rc == -1) {
+ fprintf(stderr, "Failed to read from pipe: %s\n", strerror(errno));
+ rc = 1;
+ break;
+ }
+ if (!rc)
+ break;
+ offs += rc;
+ input[offs] = '\0';
+ }
+ if (wait(&rc) == -1) {
+ fprintf(stderr, "Failed to wait child: %s\n", strerror(errno));
+ rc = 1;
+ goto out;
+ }
+ if (!WIFEXITED(rc) || WEXITSTATUS(rc)) {
+ rc = 1;
+ goto out;
+ }
+
+ rc = 0;
+
+out:
+ close(fd[0]);
+ return rc;
+}
+#endif
+
/*
* If systemd is running and systemd-ask-password --
* is available, then use that else fallback on getpass(..)
@@ -1708,35 +1775,22 @@ get_password(const char *prompt, char *input, int capacity)
int is_systemd_running;
struct stat a, b;
+ memset(input, 0, capacity);
+
/* We simply test whether the systemd cgroup hierarchy is
* mounted */
is_systemd_running = (lstat("/sys/fs/cgroup", &a) == 0)
&& (lstat("/sys/fs/cgroup/systemd", &b) == 0)
&& (a.st_dev != b.st_dev);
- if (is_systemd_running) {
- char *cmd, *ret;
- FILE *ask_pass_fp = NULL;
-
- cmd = ret = NULL;
- if (asprintf(&cmd, "systemd-ask-password \"%s\"", prompt) >= 0) {
- ask_pass_fp = popen (cmd, "re");
- free (cmd);
- }
-
- if (ask_pass_fp) {
- ret = fgets(input, capacity, ask_pass_fp);
- pclose(ask_pass_fp);
- }
-
- if (ret) {
- int len = strlen(input);
- if (input[len - 1] == '\n')
- input[len - 1] = '\0';
- return input;
- }
+ if (is_systemd_running && !get_passwd_by_systemd(prompt, input, capacity)) {
+ int len = strlen(input);
+ if (input[len - 1] == '\n')
+ input[len - 1] = '\0';
+ return input;
}
#endif
+ memset(input, 0, capacity);
/*
* Falling back to getpass(..)
--
2.27.0

3
cifs-utils-6.12.tar.bz2 Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:922ddcc3059922e80789312c386b9c569991b4350d3ae3099de3e4b82f3885ef
size 413393

17
cifs-utils-6.12.tar.bz2.asc Normal file
View File

@ -0,0 +1,17 @@
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAABCAAGBQJf7h0CAAoJEN9bqdMGQtWg7GUP/j0ls0bLmbu8vLkUIzMNkCF3
VpR8E90uH6oVaqgzmCN4sQOUjR6mr6OClugfp198sfuEQOSF+7Al88Yn/wlVwSPM
a//lqbfqt0oQW9YbdaxTHsLXAh7D/0WZQaN7fTgVMiqivy5i/ePykpBpq7druVgB
iI71383V4GBgOGlyTmmZKwLgXzg2EF5OV8S10PO8cOmoKzQNkIllGM0wdOfO06zq
Y6kRjU/JEip8aV4Wiv9Y37TfByQJVNBEAscOX6XODTaIGOjbl+INcnfzDyvQS28a
0p8QHQk02lNhOiuWIppbW1lIHAvkEWTrrguULj7ZbBfYNkmPwdzUHmLipYUaPzh+
VPqRRz83DA4ydGNYQHNbGmZN5mml7+/d673Jj3YzbHFuyHBktgSJznBPhiSJfIC0
2oPiKy5NbIi7iAWHx6A/tXYYZ6Zq6F3cig+aAt+HK4BkYQZhFqKuT1Yi74W0wXYu
97euqf2OV/ephMMdj5Cuy6CgSSvWW+p8Ysz6UqeF3sE5M4VyfQeXLbJz3p7MCF2+
PxiqUhS97HR/P3Wuo4I+W09mUE+vom8dEOGUKRDqqro9qhdhwfKUMFMoKHPL22sG
MnrMHYl5e5E+/8OIexRe79TT2R3sWGwCfaN+BZ1CZwkPftl8OBS1yf1jn6RZNdCT
R0qOv4DIo0BD62jpjZWq
=AHIm
-----END PGP SIGNATURE-----

3
cifs-utils-6.9.tar.bz2
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:18d8f1bf92c13c4d611502dbd6759e3a766ddc8467ec8a2eda3f589e40b9ac9c
size 400430

17
cifs-utils-6.9.tar.bz2.asc
View File

@ -1,17 +0,0 @@
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAABCAAGBQJcp5M4AAoJEN9bqdMGQtWgCs8P/i5KHJSpV07TCiBXIq6mdQL5
WiUVGMuYrRpyRxg9+HbM+3I6G9OZX9OJvn9/+0Ph30fWgbspa2M+4P2K1DDS+vAF
fOkdKMHKm+/gosCI5Ys45bgtKfjmlXoT0FPHQaIZv9MrX8dJwKoVxcGpb85J1H/H
rnxFPJ+Pm6UEXnJH+ejCdACTPSFtiE4UJ/vZhlIXX1BY5qKZJes3TEjeEJxKIIWi
hRgO1yDyHRt5wDmvG0gQZAazM5pgCXKro1osYmCY545TYGOWirlciRCdxZtwlvhR
6f92XuLhEMrcIIHXLVD/F3hffHaoXtggzOWkekh6yHT6zA0CNn8x+mqn8dVimE1H
YWbKX2b3ezJqcXAL4eY1r4jlAPoinNpOaJ7NIza2ZTAhH8mf5WITA9vnwB4VAp0A
vfAVliN0TgzRk7lDuP/pe41jrTEgQ6QqgyEq5g6WdEMyoIAu3AhBGTUXxlTI4qrq
wWeRf7tdntEdMcbQlV7oLsB7yK3A7t1UwG9uacG7l6EUpezT0ljN9po8Sydnvv7Q
OXhIUJgXHWlKdDavHAurnCAVD2fw3t++J0lzYXjdQV0D3xs743Y0cO1hDRkTZ+7i
gyg9/xkC7yHILSQKDfICJClrQ1Kot34FXnwnrRbneKnvlrzQz38h2jeTTlha1jsL
xGzoIqfXZnPcwgTCAL3M
=1TCn
-----END PGP SIGNATURE-----

50
cifs-utils.changes
View File

@ -1,3 +1,53 @@
-------------------------------------------------------------------
Tue Feb 23 12:15:39 UTC 2021 - Aurelien Aptel <aaptel@suse.com>
- Update to cifs-utils 6.12
* remove cifs-utils-6.11.tar.bz2
* remove cifs-utils-6.11.tar.bz2.asc
* add cifs-utils-6.12.tar.bz2
* add cifs-utils-6.12.tar.bz2.asc
- Remove backports already in 6.12
* remove 0001-cifs-utils-Respect-DESTDIR-when-installing-smb3-stuf.patch
* remove 0002-cifs-utils-fix-probabilistic-compiling-error.patch
- Refresh Makefile.am install fix
* modify fix-sbin-install-error.patch
- Hardcode python3 interpreter in shebang of smbinfo instead of
/usr/bin/env to let rpm runtime dependency detect it.
-------------------------------------------------------------------
Thu Jan 14 15:34:45 UTC 2021 - Ludwig Nussel <lnussel@suse.de>
- use new %_pamdir macro to avoid hardcoding pam module path
-------------------------------------------------------------------
Fri Dec 11 18:00:50 UTC 2020 - Aurelien Aptel <aaptel@suse.com>
- Update to cifs-utils 6.11
* remove cifs-utils-6.9.tar.bz2
* remove cifs-utils-6.9.tar.bz2.asc
* add cifs-utils-6.11.tar.bz2
* add cifs-utils-6.11.tar.bz2.asc
- Remove backports already in 6.11
* remove 0001-smbinfo-Improve-help-usage-and-add-h-option.patch
* remove 0002-smbinfo-Add-bash-completion-support-for-smbinfo.patch
* remove 0003-getcifsacl-Add-support-to-accept-more-paths.patch
* remove 0004-getcifsacl-Fix-usage-message-to-include-multiple-fil.patch
* remove 0005-smbinfo-add-GETCOMPRESSION-support.patch
* remove 0006-getcifsacl-Add-support-for-R-recursive-option.patch
* remove 0007-smbinfo-add-bash-completion-support-for-getcompressi.patch
* remove 0008-mount.cifs.c-fix-memory-leaks-in-main-func.patch
* remove 0009-Zero-fill-the-allocated-memory-for-new-struct-cifs_n.patch
* remove 0010-Zero-fill-the-allocated-memory-for-a-new-ACE.patch
* remove 0011-fix-doublefree.patch
* remove 0012-mount.cifs-Fix-invalid-free.patch
* remove 0013-CVE-2020-14342-mount.cifs-fix-shell-command-injectio.patch
- Add fixes for autoconf and make install issues
* add fix-sbin-install-error.patch
* add 0001-cifs-utils-Respect-DESTDIR-when-installing-smb3-stuf.patch
* add 0002-cifs-utils-fix-probabilistic-compiling-error.patch
- Hardcode python3 interpreter in shebang of smb2-quota instead of
/usr/bin/env to let rpm runtime dependency detect it.
-------------------------------------------------------------------
Tue Nov 17 13:42:23 UTC 2020 - Ludwig Nussel <lnussel@suse.de>

50
cifs-utils.spec
View File

@ -1,7 +1,7 @@
#
# spec file for package cifs-utils
#
# Copyright (c) 2020 SUSE LLC
# Copyright (c) 2021 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@ -16,8 +16,12 @@
#
%if %{undefined _pamdir}
%define _pamdir /%{_lib}/security
%endif
Name: cifs-utils
Version: 6.9
Version: 6.12
Release: 0
Summary: Utilities for doing and managing mounts of the Linux CIFS filesystem
License: GPL-3.0-or-later
@ -32,19 +36,7 @@ Source6: cifs-utils.keyring
Source100: README.cifstab.migration
Source1: cifs.init
Patch0: 0001-smbinfo-Improve-help-usage-and-add-h-option.patch
Patch1: 0002-smbinfo-Add-bash-completion-support-for-smbinfo.patch
Patch2: 0003-getcifsacl-Add-support-to-accept-more-paths.patch
Patch3: 0004-getcifsacl-Fix-usage-message-to-include-multiple-fil.patch
Patch4: 0005-smbinfo-add-GETCOMPRESSION-support.patch
Patch5: 0006-getcifsacl-Add-support-for-R-recursive-option.patch
Patch6: 0007-smbinfo-add-bash-completion-support-for-getcompressi.patch
Patch7: 0008-mount.cifs.c-fix-memory-leaks-in-main-func.patch
Patch8: 0009-Zero-fill-the-allocated-memory-for-new-struct-cifs_n.patch
Patch9: 0010-Zero-fill-the-allocated-memory-for-a-new-ACE.patch
Patch10: 0011-fix-doublefree.patch
Patch11: 0012-mount.cifs-Fix-invalid-free.patch
Patch12: 0013-CVE-2020-14342-mount.cifs-fix-shell-command-injectio.patch
Patch1: fix-sbin-install-error.patch
# cifs-utils 6.8 switched to python for man page generation
# we need to require either py2 or py3 package
@ -121,19 +113,14 @@ provide these credentials to the kernel automatically at login.
%prep
%setup -q
cp -a ${RPM_SOURCE_DIR}/README.cifstab.migration .
%patch0 -p1
pyscripts="smb2-quota smbinfo"
for i in $pyscripts; do
if [ -e $i ]; then
sed -i 's,^#!/usr/bin/env python.*$,#!/usr/bin/python3,' $i
fi
done
%patch1 -p1
%patch2 -p1
%patch3 -p1
%patch4 -p1
%patch5 -p1
%patch6 -p1
%patch7 -p1
%patch8 -p1
%patch9 -p1
%patch10 -p1
%patch11 -p1
%patch12 -p1
%build
export CFLAGS="%{optflags} -D_GNU_SOURCE -fpie"
@ -143,7 +130,7 @@ autoreconf -i
export ROOTSBINDIR="%{_sbindir}"
%endif
%configure \
--with-pamdir=/%{_lib}/security
--with-pamdir=%{_pamdir}
make %{?_smp_mflags}
%install
@ -180,8 +167,10 @@ touch %{buildroot}/%{_sysconfdir}/sysconfig/network/if-{down,up}.d/${script} \
%files
%if 0%{?usrmerged}
%{_sbindir}/mount.cifs
%{_sbindir}/mount.smb3
%else
/sbin/mount.cifs
/sbin/mount.smb3
%endif
%{_bindir}/getcifsacl
%{_bindir}/setcifsacl
@ -192,10 +181,13 @@ touch %{buildroot}/%{_sysconfdir}/sysconfig/network/if-{down,up}.d/${script} \
%{_bindir}/cifscreds
%{_sbindir}/cifs.upcall
%{_bindir}/smbinfo
%{_bindir}/smb2-quota
%{_mandir}/man1/cifscreds.1%{ext_man}
%{_mandir}/man1/smbinfo.1%{ext_man}
%{_mandir}/man1/smb2-quota.1%{ext_man}
%{_mandir}/man8/cifs.upcall.8%{ext_man}
%{_mandir}/man8/mount.cifs.8%{ext_man}
%{_mandir}/man8/mount.smb3.8%{ext_man}
%dir %{_sysconfdir}/request-key.d
%config(noreplace) %{_sysconfdir}/request-key.d/cifs.idmap.conf
%config(noreplace) %{_sysconfdir}/request-key.d/cifs.spnego.conf
@ -218,7 +210,7 @@ touch %{buildroot}/%{_sysconfdir}/sysconfig/network/if-{down,up}.d/${script} \
%{_includedir}/cifsidmap.h
%files -n pam_cifscreds
/%{_lib}/security/pam_cifscreds.so
/%{_pamdir}/pam_cifscreds.so
%{_mandir}/man8/pam_cifscreds.8%{ext_man}
%changelog

13
fix-sbin-install-error.patch Normal file
View File

@ -0,0 +1,13 @@
Index: cifs-utils-6.12/Makefile.am
===================================================================
--- cifs-utils-6.12.orig/Makefile.am
+++ cifs-utils-6.12/Makefile.am
@@ -118,7 +118,7 @@ endif
SUBDIRS = contrib
install-exec-hook: install-sbinPROGRAMS
- (cd $(DESTDIR)$(ROOTSBINDIR) && ln -sf mount.cifs mount.smb3)
+ (mkdir -p $(DESTDIR)$(ROOTSBINDIR) && cd $(DESTDIR)$(ROOTSBINDIR) && ln -sf mount.cifs mount.smb3)
install-data-hook:
if CONFIG_MAN