mount: make NAME=value tags usable for non-root

The libmount does not care if we set source or target, it's able to swap it, but the mount.c function sanitize_paths() does not work as expected if we set NAME=value as target. It means that $ mount LABEL=foo does not work for non-root users (since 51e3530cdc, v2.24). This patch also checks if source or target is specified more than once. Signed-off-by: Karel Zak <kzak@redhat.com>
2013-11-19 17:44:21 +01:00 · 2013-11-19 17:44:21 +01:00 · 6751f0627d
parent a53cc4e0cb
commit 6751f0627d
1 changed files with 23 additions and 5 deletions
--- a/sys-utils/mount.c
+++ b/sys-utils/mount.c
@ -1030,24 +1030,41 @@ int main(int argc, char **argv)
 				 mnt_context_get_target(cxt))) {
 		/*
 		 * B) mount -L|-U|--source|--target
+		 *
+		 * non-root may specify source *or* target, but not both
 		 */
 		if (mnt_context_is_restricted(cxt) &&
 		    mnt_context_get_source(cxt) &&
 		    mnt_context_get_target(cxt))
 			exit_non_root(NULL);

-	} else if (argc == 1) {
+	} else if (argc == 1 && (!mnt_context_get_source(cxt) ||
+				 !mnt_context_get_target(cxt))) {
 		/*
 		 * C) mount [-L|-U|--source] <target>
+		 *    mount [--target <dir>] <source>
 		 *    mount <source|target>
 		 *
 		 * non-root may specify source *or* target, but not both
+		 *
+		 * It does not matter for libmount if we set source or target
+		 * here (the library is able to swap it), but it matters for
+		 * sanitize_paths().
 		 */
-		if (mnt_context_is_restricted(cxt) &&
-		    mnt_context_get_source(cxt))
-			exit_non_root(NULL);
+		int istag = mnt_tag_is_valid(argv[0]);

-		mnt_context_set_target(cxt, argv[0]);
+		if (istag && mnt_context_get_source(cxt))
+			/* -L, -U or --source together with LABEL= or UUID= */
+			errx(MOUNT_EX_USAGE, _("source specified more than once"));
+		else if (istag || mnt_context_get_target(cxt))
+			mnt_context_set_source(cxt, argv[0]);
+		else
+			mnt_context_set_target(cxt, argv[0]);
+
+		if (mnt_context_is_restricted(cxt) &&
+		    mnt_context_get_source(cxt) &&
+		    mnt_context_get_target(cxt))
+			exit_non_root(NULL);

 	} else if (argc == 2 && !mnt_context_get_source(cxt)
 			     && !mnt_context_get_target(cxt)) {
@ -1056,6 +1073,7 @@ int main(int argc, char **argv)
 		 */
 		if (mnt_context_is_restricted(cxt))
 			exit_non_root(NULL);
+
 		mnt_context_set_source(cxt, argv[0]);
 		mnt_context_set_target(cxt, argv[1]);