From 6dad4d589f13ba9b871e296faf55b0f98fed9eb3 Mon Sep 17 00:00:00 2001 From: "Steinar H. Gunderson" Date: Fri, 7 Jul 2006 21:12:06 +0200 Subject: [PATCH] Imported Debian patch 1.0.8+1.0.9pre1-3 --- debian/changelog | 8 ++++ debian/rules | 2 - utils/gssd/Makefile.in | 2 +- utils/mount/Makefile.am | 1 + utils/mount/Makefile.in | 1 + utils/mount/mount.c | 84 ++++++++++++++++++++++++++++++++--------- utils/mount/nfsumount.c | 54 +++++++++++++++++++++++++- 7 files changed, 131 insertions(+), 21 deletions(-) diff --git a/debian/changelog b/debian/changelog index 85d0513..fbf249f 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,11 @@ +nfs-utils (1:1.0.8+1.0.9pre1-3) unstable; urgency=high + + * Add patch from upstream to check for common mount options like "user" + or "noauto". (Closes: #376839) + * Remove obsolete copying of config.{sub,guess} in debian/rules. + + -- Steinar H. Gunderson Fri, 7 Jul 2006 21:12:06 +0200 + nfs-utils (1:1.0.8+1.0.9pre1-2) unstable; urgency=low * Provide LSB dependency information in the nfs-common and nfs-kernel-server diff --git a/debian/rules b/debian/rules index 0c5b9de..d3ed2ca 100755 --- a/debian/rules +++ b/debian/rules @@ -9,8 +9,6 @@ DEBTMP := $(shell pwd)/debian/tmp build: build-stamp build-stamp: dh_testdir - -test -r /usr/share/misc/config.sub && cp -f /usr/share/misc/config.sub config.sub - -test -r /usr/share/misc/config.guess && cp -f /usr/share/misc/config.guess config.guess ./configure \ --mandir='$${prefix}/share/man' \ --enable-secure-statd diff --git a/utils/gssd/Makefile.in b/utils/gssd/Makefile.in index 3c425bf..c62bc22 100644 --- a/utils/gssd/Makefile.in +++ b/utils/gssd/Makefile.in @@ -285,7 +285,7 @@ gssd_SOURCES = \ write_bytes.h gssd_LDADD = $(RPCSECGSS_LIBS) $(KRBLIBS) -gssd_LDFLAGS = -Wl,-rpath=$(KRBDIR)/lib +gssd_LDFLAGS = gssd_CFLAGS = $(AM_CFLAGS) $(CFLAGS) \ $(RPCSECGSS_CFLAGS) $(KRBCFLAGS) diff --git a/utils/mount/Makefile.am b/utils/mount/Makefile.am index 4a2f437..94dbeaf 100644 --- a/utils/mount/Makefile.am +++ b/utils/mount/Makefile.am @@ -14,6 +14,7 @@ MAINTAINERCLEANFILES = Makefile.in install-exec-hook: (cd $(DESTDIR)$(sbindir) && \ + chmod +s $(sbin_PROGRAMS) && \ ln -sf $(sbin_PROGRAMS) mount.nfs4 && \ ln -sf $(sbin_PROGRAMS) umount.nfs && \ ln -sf $(sbin_PROGRAMS) umount.nfs4) diff --git a/utils/mount/Makefile.in b/utils/mount/Makefile.in index 17b1de4..9ed2803 100644 --- a/utils/mount/Makefile.in +++ b/utils/mount/Makefile.in @@ -564,6 +564,7 @@ uninstall-man: uninstall-man8 install-exec-hook: (cd $(DESTDIR)$(sbindir) && \ + chmod +s $(sbin_PROGRAMS) && \ ln -sf $(sbin_PROGRAMS) mount.nfs4 && \ ln -sf $(sbin_PROGRAMS) umount.nfs && \ ln -sf $(sbin_PROGRAMS) umount.nfs4) diff --git a/utils/mount/mount.c b/utils/mount/mount.c index ca87e3d..b1ff6a4 100644 --- a/utils/mount/mount.c +++ b/utils/mount/mount.c @@ -28,6 +28,7 @@ #include #include #include +#include #include "fstab.h" #include "xcommon.h" @@ -74,6 +75,14 @@ struct opt_map { int mask; /* flag mask value */ }; +/* Custom mount options for our own purposes. */ +/* Maybe these should now be freed for kernel use again */ +#define MS_DUMMY 0x00000000 +#define MS_USERS 0x40000000 +#define MS_USER 0x20000000 +#define MS_OWNER 0x10000000 +#define MS_GROUP 0x08000000 + static const struct opt_map opt_map[] = { { "defaults", 0, 0, 0 }, /* default options */ { "ro", 1, 0, MS_RDONLY }, /* read-only */ @@ -90,6 +99,18 @@ static const struct opt_map opt_map[] = { { "remount", 0, 0, MS_REMOUNT}, /* Alter flags of mounted FS */ { "bind", 0, 0, MS_BIND }, /* Remount part of tree elsewhere */ { "rbind", 0, 0, MS_BIND|MS_REC }, /* Idem, plus mounted subtrees */ + { "auto", 0, 0, MS_DUMMY }, /* Can be mounted using -a */ + { "noauto", 0, 0, MS_DUMMY }, /* Can only be mounted explicitly */ + { "users", 0, 0, MS_USERS }, /* Allow ordinary user to mount */ + { "nousers", 0, 0, MS_USERS }, /* Forbid ordinary user to mount */ + { "user", 0, 0, MS_USER }, /* Allow ordinary user to mount */ + { "nouser", 0, 0, MS_USER }, /* Forbid ordinary user to mount */ + { "owner", 0, 0, MS_OWNER }, /* Let the owner of the device mount */ + { "noowner", 0, 0, MS_OWNER }, /* Device owner has no special privs */ + { "group", 0, 0, MS_GROUP }, /* Let the group of the device mount */ + { "nogroup", 0, 0, MS_GROUP }, /* Device group has no special privs */ + { "_netdev", 0, 0, MS_DUMMY}, /* Device requires network */ + { "comment", 0, 0, MS_DUMMY}, /* fstab comment only (kudzu,_netdev)*/ /* add new options here */ #ifdef MS_NOSUB @@ -104,6 +125,7 @@ static const struct opt_map opt_map[] = { { "mand", 0, 0, MS_MANDLOCK }, /* Allow mandatory locks on this FS */ { "nomand", 0, 1, MS_MANDLOCK }, /* Forbid mandatory locks on this FS */ #endif + { "loop", 1, 0, MS_DUMMY }, /* use a loop device */ #ifdef MS_NOATIME { "atime", 0, 1, MS_NOATIME }, /* Update access time */ { "noatime", 0, 0, MS_NOATIME }, /* Do not update access time */ @@ -121,6 +143,12 @@ static char * fix_opts_string (int flags, const char *extra_opts) { char *new_opts; new_opts = xstrdup((flags & MS_RDONLY) ? "ro" : "rw"); + if (flags & MS_USER) { + struct passwd *pw = getpwuid(getuid()); + if(pw) + new_opts = xstrconcat3(new_opts, ",user=", pw->pw_name); + } + for (om = opt_map; om->opt != NULL; om++) { if (om->skip) continue; @@ -132,9 +160,20 @@ static char * fix_opts_string (int flags, const char *extra_opts) { if (extra_opts && *extra_opts) { new_opts = xstrconcat3(new_opts, ",", extra_opts); } + return new_opts; } +void copy_mntent(struct mntent *ment, nfs_mntent_t *nment) +{ + /* Not sure why nfs_mntent_t should exist */ + strcpy(nment->mnt_fsname, ment->mnt_fsname); + strcpy(nment->mnt_dir, ment->mnt_dir); + strcpy(nment->mnt_type, ment->mnt_type); + strcpy(nment->mnt_opts, ment->mnt_opts); + nment->mnt_freq = ment->mnt_freq; + nment->mnt_passno = ment->mnt_passno; +} int add_mtab(char *fsname, char *mount_point, char *fstype, int flags, char *opts, int freq, int passno) { @@ -146,8 +185,16 @@ int add_mtab(char *fsname, char *mount_point, char *fstype, int flags, char *opt ment.mnt_dir = mount_point; ment.mnt_type = fstype; ment.mnt_opts = fix_opts_string(flags, opts); - ment.mnt_freq = 0; - ment.mnt_passno= 0; + ment.mnt_freq = freq; + ment.mnt_passno= passno; + + if(flags & MS_REMOUNT) { + nfs_mntent_t nment; + + copy_mntent(&ment, &nment); + update_mtab(nment.mnt_dir, &nment); + return 0; + } if ((fd = open(MOUNTED"~", O_RDWR|O_CREAT|O_EXCL, 0600)) == -1) { fprintf(stderr, "Can't get "MOUNTED"~ lock file"); @@ -246,16 +293,16 @@ static void mount_error(char *node) { switch(errno) { case ENOTDIR: - printf("%s: mount point %s is not a directory\n", progname, node); + fprintf(stderr, "%s: mount point %s is not a directory\n", progname, node); break; case EBUSY: - printf("%s: %s is already mounted or busy\n", progname, node); + fprintf(stderr, "%s: %s is already mounted or busy\n", progname, node); break; case ENOENT: - printf("%s: mount point %s does not exist\n", progname, node); + fprintf(stderr, "%s: mount point %s does not exist\n", progname, node); break; default: - printf("%s: %s\n", progname, strerror(errno)); + fprintf(stderr, "%s: %s\n", progname, strerror(errno)); } } @@ -269,11 +316,6 @@ int main(int argc, char *argv[]) if ((p = strrchr(progname, '/')) != NULL) progname = p+1; - if (getuid() != 0) { - printf("%s: only root can do that.\n", progname); - exit(1); - } - if(!strncmp(progname, "umount", strlen("umount"))) { if(argc < 2) { umount_usage(); @@ -358,6 +400,11 @@ int main(int argc, char *argv[]) parse_opts(mount_opts, &flags, &extra_opts); + if (getuid() != 0 && !(flags & MS_USERS) && !(flags & MS_USER)) { + fprintf(stderr, "%s: permission denied.\n", progname); + exit(1); + } + if (!strcmp(progname, "mount.nfs4") || nfs_mount_vers == 4) { nfs_mount_vers = 4; mnt_err = nfs4mount(spec, mount_point, &flags, &extra_opts, &mount_opts, 0); @@ -370,16 +417,19 @@ int main(int argc, char *argv[]) } if (!mnt_err && !fake) { - mnt_err = do_mount_syscall(spec, mount_point, nfs_mount_vers == 4 ? "nfs4" : "nfs", flags, mount_opts); + if(!(flags & MS_REMOUNT)) { + mnt_err = do_mount_syscall(spec, mount_point, + nfs_mount_vers == 4 ? "nfs4" : "nfs", flags, mount_opts); - if(mnt_err) { - mount_error(mount_point); - exit(-1); + if(mnt_err) { + mount_error(mount_point); + exit(-1); + } } - - if(!nomtab) + if(!nomtab) { add_mtab(spec, mount_point, nfs_mount_vers == 4 ? "nfs4" : "nfs", flags, extra_opts, 0, 0); + } } return 0; diff --git a/utils/mount/nfsumount.c b/utils/mount/nfsumount.c index 28f4244..d408e2f 100644 --- a/utils/mount/nfsumount.c +++ b/utils/mount/nfsumount.c @@ -23,6 +23,7 @@ #include #include #include +#include #include "xcommon.h" #include "fstab.h" @@ -156,6 +157,42 @@ static void complain(int err, const char *dev) { } } +/* + * Look for an option in a comma-separated list + */ +static int +contains(const char *list, const char *s) { + int n = strlen(s); + + while (*list) { + if (strncmp(list, s, n) == 0 && + (list[n] == 0 || list[n] == ',')) + return 1; + while (*list && *list++ != ',') ; + } + return 0; +} + +/* + * If list contains "user=peter" and we ask for "user=", return "peter" + */ +static char * +get_value(const char *list, const char *s) { + const char *t; + int n = strlen(s); + + while (*list) { + if (strncmp(list, s, n) == 0) { + s = t = list+n; + while (*s && *s != ',') + s++; + return xstrndup(t, s-t); + } + while (*list && *list++ != ',') ; + } + return 0; +} + int add_mtab2(const char *spec, const char *node, const char *type, const char *opts, struct mntentchn *mc) { @@ -307,7 +344,7 @@ int _nfsumount(const char *spec, const char *opts) goto out_bad; return nfs_call_umount(&mnt_server, &dirname); out_bad: - printf("%s: %s: not found or not mounted\n", progname, spec); + fprintf(stderr, "%s: %s: not found or not mounted\n", progname, spec); return 0; } @@ -376,6 +413,21 @@ int nfsumount(int argc, char *argv[]) printf(_("Could not find %s in mtab\n"), spec); if(mc) { + if(contains(mc->m.mnt_opts, "user") && getuid() != 0) { + struct passwd *pw = getpwuid(getuid()); + if(!pw || strcmp(pw->pw_name, get_value(mc->m.mnt_opts, "user="))) { + fprintf(stderr, "%s: permission denied to unmount %s\n", + progname, spec); + exit(1); + } + } else { + if(!contains(mc->m.mnt_opts, "users") && getuid() != 0) { + fprintf(stderr, "%s: only root can unmount %s from %s\n", + progname, mc->m.mnt_fsname, mc->m.mnt_dir); + exit(1); + } + } + ret = _nfsumount(mc->m.mnt_fsname, mc->m.mnt_opts); if(ret) ret = add_mtab2(mc->m.mnt_fsname, mc->m.mnt_dir, -- 2.39.5