From e90e7401d0c318c9dac4a0204e2bca86949b1d32 Mon Sep 17 00:00:00 2001 From: Karel Zak Date: Thu, 14 Jun 2012 14:19:26 +0200 Subject: [PATCH] libmount: don't use nosuid,noexec,nodev for cifs user=foo mount -t cifs //127.0.0.1/users /mnt/smb -o user=root,password=linux is incorrectly translated to mount.cifs -o noexec,nosuid,nodev,user=root,password=linux ... The command mount(8) should be sensitive to "user" (without "=") only. The correct cifs command line is: mount.cifs -o user=root,password=linux Addresses: https://bugzilla.novell.com/show_bug.cgi?id=766157 Signed-off-by: Karel Zak Signed-off-by: Petr Uzel --- libmount/src/context_mount.c | 29 +++++++++++++++++++++++++++-- libmount/src/optstr.c | 9 +++++---- 2 files changed, 32 insertions(+), 6 deletions(-) Index: util-linux-2.21.2/libmount/src/context_mount.c =================================================================== --- util-linux-2.21.2.orig/libmount/src/context_mount.c +++ util-linux-2.21.2/libmount/src/context_mount.c @@ -53,6 +53,15 @@ static int fix_optstr(struct libmnt_cont if (cxt->mountflags & MS_PROPAGATION) cxt->mountflags &= (MS_PROPAGATION | MS_REC | MS_SILENT); + /* + * The "user" options is our business (so we can modify the option), + * but exception is command line for /sbin/mount. helpers. Let's + * save the original user= to call the helpers with unchanged + * "user" setting. + * + * Don't check for MNT_MS_USER in cxt->user_mountflags, the flag maybe + * removed by evaluate_permissions(). + */ if (!mnt_optstr_get_option(fs->user_optstr, "user", &val, &valsz)) { if (val) { cxt->orig_user = strndup(val, valsz); @@ -196,6 +205,10 @@ err: /* * this has to be called before fix_optstr() + * + * Note that user= maybe be used by some filesystems as filesystem + * specific option (e.g. cifs). Yes, developers of such filesystems have + * allocated pretty hot place in hell... */ static int evaluate_permissions(struct libmnt_context *cxt) { @@ -233,10 +246,22 @@ static int evaluate_permissions(struct l } /* - * Note that MS_OWNERSECURE and MS_SECURE mount options - * are applied by mnt_optstr_get_flags() from mnt_context_merge_mflags() + * MS_OWNERSECURE and MS_SECURE mount options are already + * applied by mnt_optstr_get_flags() in mnt_context_merge_mflags() + * if "user" (but no user= !) options is set. + * + * Let's ignore all user= (if is set) requests. */ + if (cxt->user_mountflags & MNT_MS_USER) { + size_t valsz = 0; + if (!mnt_optstr_get_option(cxt->fs->user_optstr, + "user", NULL, &valsz) && valsz) { + + DBG(CXT, mnt_debug_h(cxt, "perms: user= detected, ignore")); + cxt->user_mountflags &= ~MNT_MS_USER; + } + } /* * MS_OWNER: Allow owners to mount when fstab contains the Index: util-linux-2.21.2/libmount/src/optstr.c =================================================================== --- util-linux-2.21.2.orig/libmount/src/optstr.c +++ util-linux-2.21.2/libmount/src/optstr.c @@ -579,7 +579,7 @@ int mnt_optstr_get_flags(const char *opt { struct libmnt_optmap const *maps[2]; char *name, *str = (char *) optstr; - size_t namesz = 0; + size_t namesz = 0, valsz = 0; int nmaps = 0; assert(optstr); @@ -596,7 +596,7 @@ int mnt_optstr_get_flags(const char *opt */ maps[nmaps++] = mnt_get_builtin_optmap(MNT_USERSPACE_MAP); - while(!mnt_optstr_next_option(&str, &name, &namesz, NULL, NULL)) { + while(!mnt_optstr_next_option(&str, &name, &namesz, NULL, &valsz)) { const struct libmnt_optmap *ent; const struct libmnt_optmap *m; @@ -610,9 +610,10 @@ int mnt_optstr_get_flags(const char *opt else *flags |= ent->id; - } else if (nmaps == 2 && m == maps[1]) { + } else if (nmaps == 2 && m == maps[1] && valsz == 0) { /* - * Special case -- translate "user" to MS_ options + * Special case -- translate "user" (but no user=) to + * MS_ options */ if (ent->mask & MNT_INVERT) continue;