| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
We get a pointer to the end of the address string (ipaddr), but the call
snprintf and pass in tmpbuf which is a pointer to the beginning of the
address string. If someone passes in an address with a scopeid then we
end up overwriting the entire address string.
Reported-by: Björn JACKE <bj@sernet.de>
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
It's possible that the user is trying to mount onto a directory to which
he doesn't have execute perms. If that's the case then the mount will
currently fail. Fix this by reenabling CAP_DAC_READ_SEARCH before
calling mount(2). That will ensure that the kernel's permissions check
for this is bypassed.
Reported-by: Erik Logtenberg <erik@logtenberg.eu>
Signed-off-by: Jeff Layton <jlayton@samba.org>
Reviewed-by: Steve French <sfrench@us.ibm.com>
|
|
It's possible to "goto return_i" in this function at several points
before line_buf is set. At that point, the NULL pointer check won't
work correctly and we can end up with a SIGSEGV.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
Some distros replace /etc/mtab with a symlink to /proc/mounts. In that
situation, mount.cifs will hang for a while trying to lock the mtab.
/bin/mount checks to see if the mtab is a symlink. If it is or if a
stat() call on it fails, it doesn't try to to update the mtab. Have
mount.cifs do the same.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
The 4.8 release had mis-generated autoconf files (they didn't include
the libcap-ng autoconf goop). 4.8.1 will have that fixed.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
It references umount.cifs(8) which is no longer shipped as part of
cifs-utils. Replace it with a reference to cifs.upcall(8) instead.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
Allow admins to pass in a username for the cruid= mount option.
Signed-off-by: Jeff Layton <jlayton@samba.org>
Reviewed-by: Shirish Pargaonkar <shirishpargaonkar@gmail.com>
|
|
The handling of these options is quite convoluted. Change it so that
these options are stored as numbers and then appended to the option
strings.
Signed-off-by: Jeff Layton <jlayton@samba.org>
Reviewed-by: Shirish Pargaonkar <shirishpargaonkar@gmail.com>
|
|
Based on a patch from a few years ago by Igor Mammedov. This patch
adds the ability for cifs.upcall to establish a TGT using the
system-default keytab.
Signed-off-by: Jeff Layton <jlayton@samba.org>
Acked-by: Igor Mammedov <niallain@gmail.com>
|
|
Signed-off-by: Jeff Layton <jlayton@samba.org>
Acked-by: Igor Mammedov <niallain@gmail.com>
|
|
Signed-off-by: Jeff Layton <jlayton@samba.org>
Acked-by: Igor Mammedov <niallain@gmail.com>
|
|
...and switch the code to using strndup. Check for allocation errors as
well, and fix some off-by-one bugs in the ones that decode strings.
Signed-off-by: Jeff Layton <jlayton@samba.org>
Acked-by: Igor Mammedov <niallain@gmail.com>
|
|
Signed-off-by: Jeff Layton <jlayton@samba.org>
Acked-by: Igor Mammedov <niallain@gmail.com>
|
|
If cifs.upcall is passed an invalid argument then it will "goto out".
The decoded_args struct however is uninitialized at that point so it
will usually segfault when trying to free fields in it. Move the
initialization up in the function.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
Reported-by: Stefan Walter <walteste@inf.ethz.ch>
Signed-off-by: Jeff Layton <jlayton@samba.org>
Reviewed-by: Shirish Pargaonkar <shirishpargaonkar@gmail.com>
|
|
Provide changes according to new ip/port connection logic in CIFS.
Signed-off-by: Pavel Shilovsky <piastryyy@gmail.com>
|
|
checksum (bug #7890)
Some closed source SMB servers doesn't support all checksum types,
so we should try to match windows clients.
This is almost the same logic which is used by Samba.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
Fix up some small problems with pathname replacement:
1) replace the bare 'sed' with $(SED)
2) '\@' is apparently not portable, so we need to use a different scheme
in case we end up using a non-typical sed binary.
3) do the sed conversion to a new file and then move it into place. If
sed falls down halfway through the conversion we could end up with
a half-baked manpage.
4) use the $@ construct for brevity and maintainability
5) add a comment so that the rationale behind this is explained
Many thanks to several folks inside Red Hat who pointed out these
issues.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
Currently the manpages (particularly cifs.upcall.8) have hardcoded
paths in them that need to be manually adjusted. Replace those
paths with @sbindir@ and add a makefile target that will use sed
to replace those paths with the ones set by autoconf.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
Signed-off-by: Suresh Jayaraman <sjayaraman@suse.de>
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
The manpage says:
ip=arg
sets the destination IP address. This option is set automatically
if the server name portion of the requested UNC name can be
resolved so rarely needs to be specified by the user.
...but recent changes have made it not work anymore as an override if
someone specifies an ip= option as part of the mount options. Reinstate
that behavior by copying the ip= option verbatim into the addrlist of
the parsed options struct and then skipping the name resolution. That
should allow the ip= option to pass unadulterated to the kernel.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
this is especially important during the boot process, where the clock is often
being set initially and clock jumps are more common.
|
|
|
|
It is a userspace part of a new infrastructure for stashing passwords
in kernel keyring per user basis. The patch adds the "cifscreds"
utility for management keys with credentials. Assembling of the utility
from the distribution is possible with --enable-cifscreds=yes option of
configure script.
Signed-off-by: Igor Druzhinin <jaxbrigs@gmail.com>
|
|
The resolve_host routine from mount.cifs is carried out in
separate file and appropriate corrections are made.
Signed-off-by: Igor Druzhinin <jaxbrigs@gmail.com>
|
|
Avoid setting error code twice by moving error handling out of add_mtab_exit
block. We already set error code and report error in other places.
Signed-off-by: Suresh Jayaraman <sjayaraman@suse.de>
|
|
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
To silence these warnings:
data_blob.c: In function ‘data_blob_hex_string_lower’:
data_blob.c:155:16: warning: comparison between signed and unsigned integer
expressions
data_blob.c: In function ‘data_blob_hex_string_upper’:
data_blob.c:172:16: warning: comparison between signed and unsigned integer
expressions
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
gcc says:
cifs.upcall.c: In function ‘cifs_krb5_get_req’:
cifs.upcall.c:261:2: warning: missing initializer
cifs.upcall.c:261:2: warning: (near initialization for ‘in_creds.client’)
cifs.upcall.c: In function ‘main’:
cifs.upcall.c:622:9: warning: missing initializer
cifs.upcall.c:622:9: warning: (near initialization for ‘arg.ver’)
...this is probably just gcc being balky, but we can silence the
warning. It may also be a micro optimization in an error condition
if we delay zeroing out the struct until it's needed.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
...to silence -Wextra warnings.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
...for extra warning goodness.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
Changes since last post:
- added the information about the kernel CONFIG option
- also added the information that caching is currently enabled for files opened as read-only
Document the newly added local caching feature using FS-Cache. This patch
could be queued and considered once the local caching patches gets merged
upstream.
Signed-off-by: Suresh Jayaraman <sjayaraman@suse.de>
|
|
Changes since last post:
- added the information about the kernel CONFIG option
- also added the information that caching is currently enabled for files opened as read-only
Document the newly added local caching feature using FS-Cache. This patch
could be queued and considered once the local caching patches gets merged
upstream.
Signed-off-by: Suresh Jayaraman <sjayaraman@suse.de>
|
|
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
Add 'fsc' mount option to the 'Less commonly used options' section of
mount.cifs usage help text. As with the previous patch, this one too could be
queued and considered once the local caching patches gets merged upstream.
Signed-off-by: Suresh Jayaraman <sjayaraman@suse.de>
|
|
Document the newly added local caching feature using FS-Cache. This patch
could be queued and considered once the local caching patches gets merged
upstream.
Signed-off-by: Suresh Jayaraman <sjayaraman@suse.de>
|
|
These are filesystem-independent mount options that get passed to
mount.cifs too. Handle them appropriately by enabling and disabling
MS_MANDLOCK and not handing them off to the kernel.
Also, don't set MS_MANDLOCK by default. There's no reason to ask the
kernel to enforce mandatory locking by default. This also matches
up better with the way that "mand" is set in the mtab.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
This mount options is used to clue in init scripts that the filesystem
shouldn't be mounted until networking is available. /bin/mount also passes
that option to the filesystem however, and cifs currently chokes on it.
mount.nfs ignores this option -- have mount.cifs do the same.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
Even though all known kernels send the uid= parm to userspace,
cifs.upcall doesn't technically require it. It should though. If one
wasn't sent for some reason, then the setuid wouldn't occur. Error out
if there is no uid= or creduid= parm.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
When I did the original krb5 implementation, I goofed and ended up making
it so that when someone specifies the "uid=" mount option that also affects
the owner of the krb5 credential cache and not just the ownership of the
mount. I'm proposing a patch for the kernel to attempt to fix this by
making the kernel send a "creduid=" parameter in the upcall which is
intended to be the user that should own the credentials cache.
That's not necessarily the same user that has "ownership" of the mount.
Usually the creduid= will be set to the real uid of the user doing the
mounting. When multisession mounts are introduced they will usually set
this to the fsuid that walks into the mount.
To ease the transition, this patch also adds a command line switch that
makes cifs.upcall use the "legacy" uid= parameter instead. Use that if you
want it to behave like it used to.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
