user mounts an NFS filesystem.
The first time an NFS filesystem is mounted, we start statd from
/sbin/mount.nfs. If this first time is a non-root user doing the
mount, (thanks to e.g. the 'users' option in /etc/fstab)
then we need to be sure that the 'setuid' status from mount.nfs
is inherited through to rpc.statd so that it runs as root.
There are two places where we loose our setuid status due to the shell
(/bin/sh) discarding.
1/ mount.nfs uses "system" to run /usr/sbin/start-statd. This runs a
shell which is likely to drop privileges. So change that code to use
'fork' and 'execl' explicitly.
2/ start-statd is a shell script. To convince the shell to allow the
program to run in privileged mode, we need to add a "-p" flag.
We could just call setuid(getuid()) at some appropriate time, and it
might be worth doing that as well, however I think that getting
rid of 'system()' is a good idea and once that is done, the
adding of '-p' is trivial and sufficient.
Signed-off-by: Neil Brown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
#include <sys/types.h>
#include <sys/socket.h>
+#include <sys/wait.h>
#include <netinet/in.h>
#include <rpc/rpc.h>
#include <rpc/pmap_prot.h>
#ifdef START_STATD
if (stat(START_STATD, &stb) == 0) {
if (S_ISREG(stb.st_mode) && (stb.st_mode & S_IXUSR)) {
- system(START_STATD);
+ pid_t pid = fork();
+ switch (pid) {
+ case 0: /* child */
+ execl(START_STATD, START_STATD, NULL);
+ exit(1);
+ case -1: /* error */
+ perror("Fork failed");
+ break;
+ default: /* parent */
+ waitpid(pid, NULL,0);
+ break;
+ }
if (probe_statd())
return 1;
}
-#!/bin/sh
+#!/bin/sh -p
# nfsmount calls this script when mounting a filesystem with locking
# enabled, but when statd does not seem to be running (based on
# /var/run/rpc.statd.pid).