findmnt: add option to list all fs-independent flags
It might be useful for security auditing purposes list all possible mount flags/options including default set which are normally not listed. This patch adds "--vfs-all" option to list all fs-independent flags on VFS-OPTIONS column, as well as libmount funcionality to accomplish it. i.e.: $ findmnt -o VFS-OPTIONS VFS-OPTIONS rw,relatime rw,nosuid,nodev,noexec,relatime rw,nosuid,nodev,noexec,relatime ro,nosuid,nodev,noexec ... $ findmnt --vfs-all -o VFS-OPTIONS VFS-OPTIONS rw,exec,suid,dev,async,loud,nomand,atime,noiversion,diratime,relatime,nostrictatime,nolazytime,symfollow rw,noexec,nosuid,nodev,async,loud,nomand,atime,noiversion,diratime,relatime,nostrictatime,nolazytime,symfollow rw,noexec,nosuid,nodev,async,loud,nomand,atime,noiversion,diratime,relatime,nostrictatime,nolazytime,symfollow ro,noexec,nosuid,nodev,async,loud,nomand,atime,noiversion,diratime,norelatime,nostrictatime,nolazytime,symfollow ... [kzak@redhat.com: - cleanup coding style and comments] Signed-off-by: Roberto Bergantinos Corpas <rbergant@redhat.com> Signed-off-by: Karel Zak <kzak@redhat.com>
This commit is contained in:
parent
372ce5b74e
commit
ff21f476f8
|
@ -245,6 +245,7 @@ mnt_fs_get_usedsize
|
||||||
mnt_fs_get_userdata
|
mnt_fs_get_userdata
|
||||||
mnt_fs_get_user_options
|
mnt_fs_get_user_options
|
||||||
mnt_fs_get_vfs_options
|
mnt_fs_get_vfs_options
|
||||||
|
mnt_fs_get_vfs_options_all
|
||||||
mnt_fs_is_kernel
|
mnt_fs_is_kernel
|
||||||
mnt_fs_is_netfs
|
mnt_fs_is_netfs
|
||||||
mnt_fs_is_pseudofs
|
mnt_fs_is_pseudofs
|
||||||
|
|
|
@ -951,6 +951,38 @@ const char *mnt_fs_get_vfs_options(struct libmnt_fs *fs)
|
||||||
return fs ? fs->vfs_optstr : NULL;
|
return fs ? fs->vfs_optstr : NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* mnt_fs_get_vfs_options_all:
|
||||||
|
* @fs: fstab/mtab entry pointer
|
||||||
|
*
|
||||||
|
* Returns: pointer to newlly allocated string (can be freed by free(3)) or
|
||||||
|
* NULL in case of error. The string contains all (including defaults) mount
|
||||||
|
* options.
|
||||||
|
*/
|
||||||
|
char *mnt_fs_get_vfs_options_all(struct libmnt_fs *fs)
|
||||||
|
{
|
||||||
|
const struct libmnt_optmap *map = mnt_get_builtin_optmap(MNT_LINUX_MAP);
|
||||||
|
const struct libmnt_optmap *ent;
|
||||||
|
const char *opts = mnt_fs_get_options(fs);
|
||||||
|
char *result = NULL;
|
||||||
|
unsigned long flags = 0;
|
||||||
|
|
||||||
|
if (!opts || mnt_optstr_get_flags(opts, &flags, map))
|
||||||
|
return NULL;
|
||||||
|
|
||||||
|
for (ent = map ; ent && ent->name ; ent++){
|
||||||
|
if (ent->id & flags) { /* non-default value */
|
||||||
|
if (!(ent->mask & MNT_INVERT))
|
||||||
|
mnt_optstr_append_option(&result, ent->name, NULL);
|
||||||
|
else
|
||||||
|
continue;
|
||||||
|
} else if (ent->mask & MNT_INVERT)
|
||||||
|
mnt_optstr_append_option(&result, ent->name, NULL);
|
||||||
|
}
|
||||||
|
|
||||||
|
return result;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* mnt_fs_get_user_options:
|
* mnt_fs_get_user_options:
|
||||||
* @fs: fstab/mtab entry pointer
|
* @fs: fstab/mtab entry pointer
|
||||||
|
|
|
@ -471,6 +471,7 @@ extern int mnt_fs_get_option(struct libmnt_fs *fs, const char *name,
|
||||||
extern const char *mnt_fs_get_fs_options(struct libmnt_fs *fs);
|
extern const char *mnt_fs_get_fs_options(struct libmnt_fs *fs);
|
||||||
extern const char *mnt_fs_get_vfs_options(struct libmnt_fs *fs);
|
extern const char *mnt_fs_get_vfs_options(struct libmnt_fs *fs);
|
||||||
extern const char *mnt_fs_get_user_options(struct libmnt_fs *fs);
|
extern const char *mnt_fs_get_user_options(struct libmnt_fs *fs);
|
||||||
|
extern char *mnt_fs_get_vfs_options_all(struct libmnt_fs *fs);
|
||||||
|
|
||||||
extern const char *mnt_fs_get_attributes(struct libmnt_fs *fs);
|
extern const char *mnt_fs_get_attributes(struct libmnt_fs *fs);
|
||||||
extern int mnt_fs_set_attributes(struct libmnt_fs *fs, const char *optstr);
|
extern int mnt_fs_set_attributes(struct libmnt_fs *fs, const char *optstr);
|
||||||
|
|
|
@ -356,3 +356,7 @@ MOUNT_2_35 {
|
||||||
mnt_context_get_target_prefix;
|
mnt_context_get_target_prefix;
|
||||||
mnt_context_set_target_prefix;
|
mnt_context_set_target_prefix;
|
||||||
} MOUNT_2.34;
|
} MOUNT_2.34;
|
||||||
|
|
||||||
|
MOUNT_2_37 {
|
||||||
|
mnt_fs_get_vfs_options_all;
|
||||||
|
} MOUNT_2_35;
|
||||||
|
|
|
@ -262,6 +262,12 @@ It's possible to specify source (device) or target (mountpoint) to filter mount
|
||||||
.TP
|
.TP
|
||||||
.B \-\-verbose
|
.B \-\-verbose
|
||||||
Force findmnt to print more information (\fB\-\-verify\fP only for now).
|
Force findmnt to print more information (\fB\-\-verify\fP only for now).
|
||||||
|
.TP
|
||||||
|
.B \-\-vfs-all
|
||||||
|
When used with
|
||||||
|
.BR VFS-OPTIONS
|
||||||
|
column, print all VFS (fs-independent) flags. This option is designed for auditing purposes to
|
||||||
|
list also default VFS kernel mount options which are normally not listed.
|
||||||
.SH ENVIRONMENT
|
.SH ENVIRONMENT
|
||||||
.IP LIBMOUNT_FSTAB=<path>
|
.IP LIBMOUNT_FSTAB=<path>
|
||||||
overrides the default location of the fstab file
|
overrides the default location of the fstab file
|
||||||
|
|
|
@ -545,7 +545,9 @@ static char *get_data(struct libmnt_fs *fs, int num)
|
||||||
str = xstrdup(mnt_fs_get_options(fs));
|
str = xstrdup(mnt_fs_get_options(fs));
|
||||||
break;
|
break;
|
||||||
case COL_VFS_OPTIONS:
|
case COL_VFS_OPTIONS:
|
||||||
if (mnt_fs_get_vfs_options(fs))
|
if (flags & FL_VFS_ALL)
|
||||||
|
str = mnt_fs_get_vfs_options_all(fs);
|
||||||
|
else if (mnt_fs_get_vfs_options(fs))
|
||||||
str = xstrdup(mnt_fs_get_vfs_options(fs));
|
str = xstrdup(mnt_fs_get_vfs_options(fs));
|
||||||
break;
|
break;
|
||||||
case COL_FS_OPTIONS:
|
case COL_FS_OPTIONS:
|
||||||
|
@ -1262,6 +1264,7 @@ static void __attribute__((__noreturn__)) usage(void)
|
||||||
fputc('\n', out);
|
fputc('\n', out);
|
||||||
fputs(_(" -x, --verify verify mount table content (default is fstab)\n"), out);
|
fputs(_(" -x, --verify verify mount table content (default is fstab)\n"), out);
|
||||||
fputs(_(" --verbose print more details\n"), out);
|
fputs(_(" --verbose print more details\n"), out);
|
||||||
|
fputs(_(" --vfs-all print all VFS options\n"), out);
|
||||||
|
|
||||||
fputs(USAGE_SEPARATOR, out);
|
fputs(USAGE_SEPARATOR, out);
|
||||||
printf(USAGE_HELP_OPTIONS(24));
|
printf(USAGE_HELP_OPTIONS(24));
|
||||||
|
@ -1294,7 +1297,8 @@ int main(int argc, char *argv[])
|
||||||
FINDMNT_OPT_TREE,
|
FINDMNT_OPT_TREE,
|
||||||
FINDMNT_OPT_OUTPUT_ALL,
|
FINDMNT_OPT_OUTPUT_ALL,
|
||||||
FINDMNT_OPT_PSEUDO,
|
FINDMNT_OPT_PSEUDO,
|
||||||
FINDMNT_OPT_REAL
|
FINDMNT_OPT_REAL,
|
||||||
|
FINDMNT_OPT_VFS_ALL
|
||||||
};
|
};
|
||||||
|
|
||||||
static const struct option longopts[] = {
|
static const struct option longopts[] = {
|
||||||
|
@ -1338,6 +1342,7 @@ int main(int argc, char *argv[])
|
||||||
{ "tree", no_argument, NULL, FINDMNT_OPT_TREE },
|
{ "tree", no_argument, NULL, FINDMNT_OPT_TREE },
|
||||||
{ "real", no_argument, NULL, FINDMNT_OPT_REAL },
|
{ "real", no_argument, NULL, FINDMNT_OPT_REAL },
|
||||||
{ "pseudo", no_argument, NULL, FINDMNT_OPT_PSEUDO },
|
{ "pseudo", no_argument, NULL, FINDMNT_OPT_PSEUDO },
|
||||||
|
{ "vfs-all", no_argument, NULL, FINDMNT_OPT_VFS_ALL },
|
||||||
{ NULL, 0, NULL, 0 }
|
{ NULL, 0, NULL, 0 }
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -1512,6 +1517,9 @@ int main(int argc, char *argv[])
|
||||||
case FINDMNT_OPT_REAL:
|
case FINDMNT_OPT_REAL:
|
||||||
flags |= FL_REAL;
|
flags |= FL_REAL;
|
||||||
break;
|
break;
|
||||||
|
case FINDMNT_OPT_VFS_ALL:
|
||||||
|
flags |= FL_VFS_ALL;
|
||||||
|
break;
|
||||||
|
|
||||||
case 'h':
|
case 'h':
|
||||||
usage();
|
usage();
|
||||||
|
|
|
@ -20,6 +20,7 @@ enum {
|
||||||
FL_VERBOSE = (1 << 16),
|
FL_VERBOSE = (1 << 16),
|
||||||
FL_PSEUDO = (1 << 17),
|
FL_PSEUDO = (1 << 17),
|
||||||
FL_REAL = (1 << 18),
|
FL_REAL = (1 << 18),
|
||||||
|
FL_VFS_ALL = (1 << 19),
|
||||||
|
|
||||||
/* basic table settings */
|
/* basic table settings */
|
||||||
FL_ASCII = (1 << 20),
|
FL_ASCII = (1 << 20),
|
||||||
|
|
Loading…
Reference in New Issue