util-linux/libmount-don-t-use-nosuid-noexec-nodev-for-cifs-user.patch

From e90e7401d0c318c9dac4a0204e2bca86949b1d32 Mon Sep 17 00:00:00 2001
From: Karel Zak <kzak@redhat.com>
Date: Thu, 14 Jun 2012 14:19:26 +0200
Subject: [PATCH] libmount: don't use nosuid,noexec,nodev for cifs user=foo

   mount -t cifs //127.0.0.1/users /mnt/smb -o user=root,password=linux

is incorrectly translated to

   mount.cifs -o noexec,nosuid,nodev,user=root,password=linux ...

The command mount(8) should be sensitive to "user" (without "=<name>")
only. The correct cifs command line is:

   mount.cifs -o user=root,password=linux

Addresses: https://bugzilla.novell.com/show_bug.cgi?id=766157
Signed-off-by: Karel Zak <kzak@redhat.com>
Signed-off-by: Petr Uzel <petr.uzel@suse.cz>
---
 libmount/src/context_mount.c |   29 +++++++++++++++++++++++++++--
 libmount/src/optstr.c        |    9 +++++----
 2 files changed, 32 insertions(+), 6 deletions(-)

Index: util-linux-2.21.2/libmount/src/context_mount.c
===================================================================
--- util-linux-2.21.2.orig/libmount/src/context_mount.c
+++ util-linux-2.21.2/libmount/src/context_mount.c
@@ -53,6 +53,15 @@ static int fix_optstr(struct libmnt_cont
 	if (cxt->mountflags & MS_PROPAGATION)
 		cxt->mountflags &= (MS_PROPAGATION | MS_REC | MS_SILENT);
 
+	/*
+	 * The "user" options is our business (so we can modify the option),
+	 * but exception is command line for /sbin/mount.<type> helpers. Let's
+	 * save the original user=<name> to call the helpers with unchanged
+	 * "user" setting.
+	 *
+	 * Don't check for MNT_MS_USER in cxt->user_mountflags, the flag maybe
+	 * removed by evaluate_permissions().
+	 */
 	if (!mnt_optstr_get_option(fs->user_optstr, "user", &val, &valsz)) {
 		if (val) {
 			cxt->orig_user = strndup(val, valsz);
@@ -196,6 +205,10 @@ err:
 
 /*
  * this has to be called before fix_optstr()
+ *
+ * Note that user=<name> maybe be used by some filesystems as filesystem
+ * specific option (e.g. cifs). Yes, developers of such filesystems have
+ * allocated pretty hot place in hell...
  */
 static int evaluate_permissions(struct libmnt_context *cxt)
 {
@@ -233,10 +246,22 @@ static int evaluate_permissions(struct l
 		}
 
 		/*
-		 * Note that MS_OWNERSECURE and MS_SECURE mount options
-		 * are applied by mnt_optstr_get_flags() from mnt_context_merge_mflags()
+		 * MS_OWNERSECURE and MS_SECURE mount options are already
+		 * applied by mnt_optstr_get_flags() in mnt_context_merge_mflags()
+		 * if "user" (but no user=<name> !) options is set.
+		 *
+		 * Let's ignore all user=<name> (if <name> is set) requests.
 		 */
+		if (cxt->user_mountflags & MNT_MS_USER) {
+			size_t valsz = 0;
 
+			if (!mnt_optstr_get_option(cxt->fs->user_optstr,
+					"user", NULL, &valsz) && valsz) {
+
+				DBG(CXT, mnt_debug_h(cxt, "perms: user=<name> detected, ignore"));
+				cxt->user_mountflags &= ~MNT_MS_USER;
+			}
+		}
 
 		/*
 		 * MS_OWNER: Allow owners to mount when fstab contains the
Index: util-linux-2.21.2/libmount/src/optstr.c
===================================================================
--- util-linux-2.21.2.orig/libmount/src/optstr.c
+++ util-linux-2.21.2/libmount/src/optstr.c
@@ -579,7 +579,7 @@ int mnt_optstr_get_flags(const char *opt
 {
 	struct libmnt_optmap const *maps[2];
 	char *name, *str = (char *) optstr;
-	size_t namesz = 0;
+	size_t namesz = 0, valsz = 0;
 	int nmaps = 0;
 
 	assert(optstr);
@@ -596,7 +596,7 @@ int mnt_optstr_get_flags(const char *opt
 		 */
 		maps[nmaps++] = mnt_get_builtin_optmap(MNT_USERSPACE_MAP);
 
-	while(!mnt_optstr_next_option(&str, &name, &namesz, NULL, NULL)) {
+	while(!mnt_optstr_next_option(&str, &name, &namesz, NULL, &valsz)) {
 		const struct libmnt_optmap *ent;
 		const struct libmnt_optmap *m;
 
@@ -610,9 +610,10 @@ int mnt_optstr_get_flags(const char *opt
 			else
 				*flags |= ent->id;
 
-		} else if (nmaps == 2 && m == maps[1]) {
+		} else if (nmaps == 2 && m == maps[1] && valsz == 0) {
 			/*
-			 * Special case -- translate "user" to MS_ options
+			 * Special case -- translate "user" (but no user=) to
+			 * MS_ options
 			 */
 			if (ent->mask & MNT_INVERT)
 				continue;
- fix automount with quota (rh#825836) - mount-new-allow-sloppy-for-non-root.patch - fix wrong mount options for CIFS mounts (bnc#766157) - libmount-don-t-use-nosuid-noexec-nodev-for-cifs-user.patch OBS-URL: https://build.opensuse.org/package/show/Base:System/util-linux?expand=0&rev=138 2012-06-14 15:11:26 +02:00			`From e90e7401d0c318c9dac4a0204e2bca86949b1d32 Mon Sep 17 00:00:00 2001`
			`From: Karel Zak <kzak@redhat.com>`
			`Date: Thu, 14 Jun 2012 14:19:26 +0200`
			`Subject: [PATCH] libmount: don't use nosuid,noexec,nodev for cifs user=foo`

			`mount -t cifs //127.0.0.1/users /mnt/smb -o user=root,password=linux`

			`is incorrectly translated to`

			`mount.cifs -o noexec,nosuid,nodev,user=root,password=linux ...`

			`The command mount(8) should be sensitive to "user" (without "=<name>")`
			`only. The correct cifs command line is:`

			`mount.cifs -o user=root,password=linux`

			`Addresses: https://bugzilla.novell.com/show_bug.cgi?id=766157`
			`Signed-off-by: Karel Zak <kzak@redhat.com>`
			`Signed-off-by: Petr Uzel <petr.uzel@suse.cz>`
			`---`
			`libmount/src/context_mount.c \| 29 +++++++++++++++++++++++++++--`
			`libmount/src/optstr.c \| 9 +++++----`
			`2 files changed, 32 insertions(+), 6 deletions(-)`

			`Index: util-linux-2.21.2/libmount/src/context_mount.c`
			`===================================================================`
			`--- util-linux-2.21.2.orig/libmount/src/context_mount.c`
			`+++ util-linux-2.21.2/libmount/src/context_mount.c`
			`@@ -53,6 +53,15 @@ static int fix_optstr(struct libmnt_cont`
			`if (cxt->mountflags & MS_PROPAGATION)`
			`cxt->mountflags &= (MS_PROPAGATION \| MS_REC \| MS_SILENT);`

			`+ /*`
			`+ * The "user" options is our business (so we can modify the option),`
			`+ * but exception is command line for /sbin/mount.<type> helpers. Let's`
			`+ * save the original user=<name> to call the helpers with unchanged`
			`+ * "user" setting.`
			`+ *`
			`+ * Don't check for MNT_MS_USER in cxt->user_mountflags, the flag maybe`
			`+ * removed by evaluate_permissions().`
			`+ */`
			`if (!mnt_optstr_get_option(fs->user_optstr, "user", &val, &valsz)) {`
			`if (val) {`
			`cxt->orig_user = strndup(val, valsz);`
			`@@ -196,6 +205,10 @@ err:`

			`/*`
			`* this has to be called before fix_optstr()`
			`+ *`
			`+ * Note that user=<name> maybe be used by some filesystems as filesystem`
			`+ * specific option (e.g. cifs). Yes, developers of such filesystems have`
			`+ * allocated pretty hot place in hell...`
			`*/`
			`static int evaluate_permissions(struct libmnt_context *cxt)`
			`{`
			`@@ -233,10 +246,22 @@ static int evaluate_permissions(struct l`
			`}`

			`/*`
			`- * Note that MS_OWNERSECURE and MS_SECURE mount options`
			`- * are applied by mnt_optstr_get_flags() from mnt_context_merge_mflags()`
			`+ * MS_OWNERSECURE and MS_SECURE mount options are already`
			`+ * applied by mnt_optstr_get_flags() in mnt_context_merge_mflags()`
			`+ * if "user" (but no user=<name> !) options is set.`
			`+ *`
			`+ * Let's ignore all user=<name> (if <name> is set) requests.`
			`*/`
			`+ if (cxt->user_mountflags & MNT_MS_USER) {`
			`+ size_t valsz = 0;`

			`+ if (!mnt_optstr_get_option(cxt->fs->user_optstr,`
			`+ "user", NULL, &valsz) && valsz) {`
			`+`
			`+ DBG(CXT, mnt_debug_h(cxt, "perms: user=<name> detected, ignore"));`
			`+ cxt->user_mountflags &= ~MNT_MS_USER;`
			`+ }`
			`+ }`

			`/*`
			`* MS_OWNER: Allow owners to mount when fstab contains the`
			`Index: util-linux-2.21.2/libmount/src/optstr.c`
			`===================================================================`
			`--- util-linux-2.21.2.orig/libmount/src/optstr.c`
			`+++ util-linux-2.21.2/libmount/src/optstr.c`
			`@@ -579,7 +579,7 @@ int mnt_optstr_get_flags(const char *opt`
			`{`
			`struct libmnt_optmap const *maps[2];`
			`char name, str = (char *) optstr;`
			`- size_t namesz = 0;`
			`+ size_t namesz = 0, valsz = 0;`
			`int nmaps = 0;`

			`assert(optstr);`
			`@@ -596,7 +596,7 @@ int mnt_optstr_get_flags(const char *opt`
			`*/`
			`maps[nmaps++] = mnt_get_builtin_optmap(MNT_USERSPACE_MAP);`

			`- while(!mnt_optstr_next_option(&str, &name, &namesz, NULL, NULL)) {`
			`+ while(!mnt_optstr_next_option(&str, &name, &namesz, NULL, &valsz)) {`
			`const struct libmnt_optmap *ent;`
			`const struct libmnt_optmap *m;`

			`@@ -610,9 +610,10 @@ int mnt_optstr_get_flags(const char *opt`
			`else`
			`*flags \|= ent->id;`

			`- } else if (nmaps == 2 && m == maps[1]) {`
			`+ } else if (nmaps == 2 && m == maps[1] && valsz == 0) {`
			`/*`
			`- * Special case -- translate "user" to MS_ options`
			`+ * Special case -- translate "user" (but no user=) to`
			`+ * MS_ options`
			`*/`
			`if (ent->mask & MNT_INVERT)`
			`continue;`