It seems like overkill to provide this #ifdef. For example coreutils
use "char *" for all selinux contexts (since 2014).
Signed-off-by: Karel Zak <kzak@redhat.com>
The commands mount and umount sanitize environment variables as it
works with suid permissions by default. Since v2.36 it's possible
that the commands drop the permissions and continue as regular user.
It seems we also need to restore the original environ to keep things
consistent for users (e.g. HOME=).
The implementation is pretty simple -- it keeps in memory removed
variables and use it after switch to non-suid mode.
Addresses: https://github.com/karelzak/util-linux/issues/880
Signed-off-by: Karel Zak <kzak@redhat.com>
This patch add support for a new tag. The tag is based on udev block
device ID (see /dev/disk/by-id). The usual use-case is to use
WWN for this purpose, for example
# mount ID=wwn-0x50026b724b09a1ff /mnt
Note that ID is not strictly defined and udevd generates various IDs
also for HW where WWN is undefined. This is reason why introduce ID=
seems better and more generic than more restrictive WWN=.
Addresses: https://github.com/karelzak/util-linux/issues/1008
Signed-off-by: Karel Zak <kzak@redhat.com>
Since v2.35 mount(8) drops suid on -EPERM and repeat necessary actions
before mount(2) syscall. This patch also improves this behavior for
X-mount.mkdir too.
mount(8):
* return -EPERM on sanitize_paths() rather than call err()
* call suid_drop() on failed sanitize_paths()
* update man page
libmount:
* mnt_context_prepare_target() refactoring
* return -EPERM when in restricted mode for X-mount.mkdir
Fixed version:
/home/kzak/mnt-foo sr.net.home:/home/kzak fuse.sshfs noauto,X-mount.mkdir
$ mount /home/kzak/mnt-foo
kzak@sr.net.home's password:
$ /home/projects/util-linux/util-linux findmnt /home/kzak/mnt-foo
TARGET SOURCE FSTYPE OPTIONS
/home/kzak/mnt-foo sr.net.home:/home/kzak fuse.sshfs rw,nosuid,nodev,relatime,user_id=1000,group_id=1000
Addresses: https://github.com/systemd/systemd/issues/14418
Signed-off-by: Karel Zak <kzak@redhat.com>
The current libmount assumes that mount(8) and umount(8) are suid
binaries. For this reason it implements internal rules which
restrict what is allowed for non-root users. Unfortunately, it's
out of reality for some use-cases where root permissions are no
required. Nice example are fuse filesystems.
So, the current situation is to call exit() always when mount, umount or
libmount are unsure with non-root user rights. This patch removes the
exit() call and replaces it with suid permissions drop, after that it
continues as usually. It means after suid-drop all depend on kernel
and no another security rule is used by libmount (simply because any
rule is no more necessary).
Example:
old version:
$ mount -t fuse.sshfs kzak@192.168.111.1:/home/kzak /home/kzak/mnt
mount: only root can use "--types" option
new version:
$ mount -t fuse.sshfs kzak@192.168.111.1:/home/kzak /home/kzak/mnt
kzak@192.168.111.1's password:
$ findmnt /home/kzak/mnt
TARGET SOURCE FSTYPE OPTIONS
/home/kzak/mnt kzak@192.168.111.1:/home/kzak fuse.sshfs rw,nosuid,nodev,relatime,user_id=1000,group_id=1000
$ umount /home/kzak/mnt
$ echo $?
0
Note that fuse user umount is supported since v2.34 due to user_id= in
kernel mount table.
Signed-off-by: Karel Zak <kzak@redhat.com>
Sorry detail-oriented people tend to wipe these out if they notice them.
Add in automated tools and lots of excess end-of-line spaces get wiped
out.
Addresses: https://github.com/karelzak/util-linux/pull/849
Signed-off-by: Karel Zak <kzak@redhat.com>
Let's consolidate the version printing code. It also seems better to
use exit() after --version, because it's handled in different way by
ASAN.
It's strange, but ASAN reports leaks after return in main(). Note that
we do not use free-before-exit.
Signed-off-by: Karel Zak <kzak@redhat.com>
Calling mnt_pretty_path() on network file systems can cause mangling of
the output:
root# mount | grep nfs
nfs.example.com:/home on /home type nfs4 ...
root# mkdir -p nfs.example.com:/home
root# mount | grep nfs
/root/nfs.example.com:/home on /home type nfs4 ...
Signed-off-by: Stanislav Brabec <sbrabec@suse.cz>
This patch add to support for remount-all operation to
libmount and mount(8).
For example:
mount --all -o remount,ro -t vfat
to remount read-only all VFAT filesystems.
Addresses: https://github.com/karelzak/util-linux/issues/589
Signed-off-by: Karel Zak <kzak@redhat.com>
The previous commit 4ebea84bb1 replaced
all operations by strings, but it does not work for MS_MOVE as this
operation is not supported in fstab by libmount.
Signed-off-by: Karel Zak <kzak@redhat.com>
It's better to inform libmount about operations by string than by
flags, because for example "rbind,slave" cannot be specified by
MS_REC|MS_BIND|MS_SLAVE.
https://bugzilla.redhat.com/show_bug.cgi?id=1584443
Signed-off-by: Karel Zak <kzak@redhat.com>
While looking earlier commit I noticed everything but formatting was removed
from a message in namei.c file. That inspired me to look if there are more
strings that does not need translation project attention. This change
removes at least some of them, if not all.
Reference: e19cc7b65b
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
changed in include/c.h and applied via sed:
sed -i 's/fprintf.*\(USAGE_MAN_TAIL.*\)/printf(\1/' $(git ls-files -- "*.c")
sed -i 's/print_usage_help_options\(.*\);/printf(USAGE_HELP_OPTIONS\1);/' $(git ls-files -- "*.c")
Signed-off-by: Ruediger Meier <ruediger.meier@ga-group.nl>
Consolidate --help and --version descriptions. We are
now able to align them to the other options.
We changed include/c.h. The rest of this patch was
generated by sed, plus manually setting the right
alignment numbers. We do not change anything but
white spaces in the --help output.
Signed-off-by: Ruediger Meier <ruediger.meier@ga-group.nl>
This feature is supported by mount(8) only. It seems better move
this code to libmount. The results is more simple mount(8) and the
feature is accessible for all libmount users.
Signed-off-by: Karel Zak <kzak@redhat.com>
text-utils/tailf.c:69:21: warning: Using plain integer as NULL pointer
Since many 'struct option' has used zero as NULL make them more readable in
same go by reindenting, and using named argument requirements.
Reference: https://lwn.net/Articles/93577/
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
Use warnx(), as there is no strerror() text associated with it.
There is currently no easy way to report name and type of conflict.
Signed-off-by: Stanislav Brabec <sbrabec@suse.cz>
If the loop device is already initialized read-only, the new code for loop
device reuse returns -EROFS. There is no solution of this situation. But mount
can behave in the same way, as it does for EROFS returned by mount syscall: Try
again in read-only mode.
Before:
mount: /mnt/2: mount failed: Read-only file system
After:
mount: /btrfs.img is used as read only loop, mounting read-only
Note: It would be nice to mention loop device name in the warning message, but
it is not available in the mount context.
Signed-off-by: Stanislav Brabec <sbrabec@suse.cz>
Earlier output did not give enough information to system admin to fix an
issue in /etc/fstab effectively.
$ sudo mount -a
mount: mount(2) failed: No such file or directory
Addresses: https://bugs.launchpad.net/bugs/1557145
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
Allow people to use nofail to ignore empty cd/dvd drive errors.
URL: https://bugs.gentoo.org/559356
Reported-by: William Hubbs <williamh@gentoo.org>
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
The libmount provides way how to deal with parsing errors in fstab --
on error callback function is executed and according to the return
libmount manipulate with the malformed line, possible are three
states:
1/ fatal error; all file ignored (callback rc < 0)
2/ recoverable error; malformed line ignored (callback rc > 0)
3/ ignore the error (callback rc == 0)
The 2/ is the default if no callback specified.
Unfortunately our utils uses 3/. The correct way is to use 2/.
Signed-off-by: Karel Zak <kzak@redhat.com>
mount(8) tries to mount read-only when the previous attempt ends with
EROFS or EACCES. This is bad idea for bind mounts as "ro,bind" has
a special semantic.
Signed-off-by: Karel Zak <kzak@redhat.com>
This adds a concise description of a tool to its usage text.
A first form of this patch was proposed by Steven Honeyman
(see http://www.spinics.net/lists/util-linux-ng/msg09994.html).
Signed-off-by: Benno Schulenberg <bensberg@justemail.net>
Karel Zak
Sebastian Rasmussen
Ville Skyttä
leeceeksdee
Elliott Mitchell
Stanislav Brabec
Vaclav Dolezal
Sami Kerola
Ruediger Meier
Yuri Chornoivan
Benno Schulenberg
Mike Frysinger