diff options
| author | Karel Zak | 2012-06-14 14:19:26 +0200 |
|---|---|---|
| committer | Karel Zak | 2012-06-14 14:19:26 +0200 |
| commit | e90e7401d0c318c9dac4a0204e2bca86949b1d32 (patch) | |
| tree | 3829ed0ca2c3c46e71259116e2fbfaaa0773c6b8 /libmount/src/context_mount.c | |
| parent | libmount: don't generate empty option strings (diff) | |
| download | kernel-qcow2-util-linux-e90e7401d0c318c9dac4a0204e2bca86949b1d32.tar.gz kernel-qcow2-util-linux-e90e7401d0c318c9dac4a0204e2bca86949b1d32.tar.xz kernel-qcow2-util-linux-e90e7401d0c318c9dac4a0204e2bca86949b1d32.zip | |
libmount: don't use nosuid,noexec,nodev for cifs user=foo
mount -t cifs //127.0.0.1/users /mnt/smb -o user=root,password=linux
is incorrectly translated to
mount.cifs -o noexec,nosuid,nodev,user=root,password=linux ...
The command mount(8) should be sensitive to "user" (without "=<name>")
only. The correct cifs command line is:
mount.cifs -o user=root,password=linux
Addresses: https://bugzilla.novell.com/show_bug.cgi?id=766157
Signed-off-by: Karel Zak <kzak@redhat.com>
Diffstat (limited to 'libmount/src/context_mount.c')
| -rw-r--r-- | libmount/src/context_mount.c | 29 |
1 files changed, 27 insertions, 2 deletions
diff --git a/libmount/src/context_mount.c b/libmount/src/context_mount.c index 6661394ff..69b5bfc13 100644 --- a/libmount/src/context_mount.c +++ b/libmount/src/context_mount.c @@ -53,6 +53,15 @@ static int fix_optstr(struct libmnt_context *cxt) if (cxt->mountflags & MS_PROPAGATION) cxt->mountflags &= (MS_PROPAGATION | MS_REC | MS_SILENT); + /* + * The "user" options is our business (so we can modify the option), + * but exception is command line for /sbin/mount.<type> helpers. Let's + * save the original user=<name> to call the helpers with unchanged + * "user" setting. + * + * Don't check for MNT_MS_USER in cxt->user_mountflags, the flag maybe + * removed by evaluate_permissions(). + */ if (!mnt_optstr_get_option(fs->user_optstr, "user", &val, &valsz)) { if (val) { cxt->orig_user = strndup(val, valsz); @@ -210,6 +219,10 @@ err: /* * this has to be called before fix_optstr() + * + * Note that user=<name> maybe be used by some filesystems as filesystem + * specific option (e.g. cifs). Yes, developers of such filesystems have + * allocated pretty hot place in hell... */ static int evaluate_permissions(struct libmnt_context *cxt) { @@ -247,10 +260,22 @@ static int evaluate_permissions(struct libmnt_context *cxt) } /* - * Note that MS_OWNERSECURE and MS_SECURE mount options - * are applied by mnt_optstr_get_flags() from mnt_context_merge_mflags() + * MS_OWNERSECURE and MS_SECURE mount options are already + * applied by mnt_optstr_get_flags() in mnt_context_merge_mflags() + * if "user" (but no user=<name> !) options is set. + * + * Let's ignore all user=<name> (if <name> is set) requests. */ + if (cxt->user_mountflags & MNT_MS_USER) { + size_t valsz = 0; + if (!mnt_optstr_get_option(cxt->fs->user_optstr, + "user", NULL, &valsz) && valsz) { + + DBG(CXT, mnt_debug_h(cxt, "perms: user=<name> detected, ignore")); + cxt->user_mountflags &= ~MNT_MS_USER; + } + } /* * MS_OWNER: Allow owners to mount when fstab contains the |