| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
this is especially important during the boot process, where the clock is often
being set initially and clock jumps are more common.
|
|
|
|
It is a userspace part of a new infrastructure for stashing passwords
in kernel keyring per user basis. The patch adds the "cifscreds"
utility for management keys with credentials. Assembling of the utility
from the distribution is possible with --enable-cifscreds=yes option of
configure script.
Signed-off-by: Igor Druzhinin <jaxbrigs@gmail.com>
|
|
The resolve_host routine from mount.cifs is carried out in
separate file and appropriate corrections are made.
Signed-off-by: Igor Druzhinin <jaxbrigs@gmail.com>
|
|
Avoid setting error code twice by moving error handling out of add_mtab_exit
block. We already set error code and report error in other places.
Signed-off-by: Suresh Jayaraman <sjayaraman@suse.de>
|
|
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
To silence these warnings:
data_blob.c: In function ‘data_blob_hex_string_lower’:
data_blob.c:155:16: warning: comparison between signed and unsigned integer
expressions
data_blob.c: In function ‘data_blob_hex_string_upper’:
data_blob.c:172:16: warning: comparison between signed and unsigned integer
expressions
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
gcc says:
cifs.upcall.c: In function ‘cifs_krb5_get_req’:
cifs.upcall.c:261:2: warning: missing initializer
cifs.upcall.c:261:2: warning: (near initialization for ‘in_creds.client’)
cifs.upcall.c: In function ‘main’:
cifs.upcall.c:622:9: warning: missing initializer
cifs.upcall.c:622:9: warning: (near initialization for ‘arg.ver’)
...this is probably just gcc being balky, but we can silence the
warning. It may also be a micro optimization in an error condition
if we delay zeroing out the struct until it's needed.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
...to silence -Wextra warnings.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
...for extra warning goodness.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
Changes since last post:
- added the information about the kernel CONFIG option
- also added the information that caching is currently enabled for files opened as read-only
Document the newly added local caching feature using FS-Cache. This patch
could be queued and considered once the local caching patches gets merged
upstream.
Signed-off-by: Suresh Jayaraman <sjayaraman@suse.de>
|
|
Changes since last post:
- added the information about the kernel CONFIG option
- also added the information that caching is currently enabled for files opened as read-only
Document the newly added local caching feature using FS-Cache. This patch
could be queued and considered once the local caching patches gets merged
upstream.
Signed-off-by: Suresh Jayaraman <sjayaraman@suse.de>
|
|
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
Add 'fsc' mount option to the 'Less commonly used options' section of
mount.cifs usage help text. As with the previous patch, this one too could be
queued and considered once the local caching patches gets merged upstream.
Signed-off-by: Suresh Jayaraman <sjayaraman@suse.de>
|
|
Document the newly added local caching feature using FS-Cache. This patch
could be queued and considered once the local caching patches gets merged
upstream.
Signed-off-by: Suresh Jayaraman <sjayaraman@suse.de>
|
|
These are filesystem-independent mount options that get passed to
mount.cifs too. Handle them appropriately by enabling and disabling
MS_MANDLOCK and not handing them off to the kernel.
Also, don't set MS_MANDLOCK by default. There's no reason to ask the
kernel to enforce mandatory locking by default. This also matches
up better with the way that "mand" is set in the mtab.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
This mount options is used to clue in init scripts that the filesystem
shouldn't be mounted until networking is available. /bin/mount also passes
that option to the filesystem however, and cifs currently chokes on it.
mount.nfs ignores this option -- have mount.cifs do the same.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
Even though all known kernels send the uid= parm to userspace,
cifs.upcall doesn't technically require it. It should though. If one
wasn't sent for some reason, then the setuid wouldn't occur. Error out
if there is no uid= or creduid= parm.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
When I did the original krb5 implementation, I goofed and ended up making
it so that when someone specifies the "uid=" mount option that also affects
the owner of the krb5 credential cache and not just the ownership of the
mount. I'm proposing a patch for the kernel to attempt to fix this by
making the kernel send a "creduid=" parameter in the upcall which is
intended to be the user that should own the credentials cache.
That's not necessarily the same user that has "ownership" of the mount.
Usually the creduid= will be set to the real uid of the user doing the
mounting. When multisession mounts are introduced they will usually set
this to the fsuid that walks into the mount.
To ease the transition, this patch also adds a command line switch that
makes cifs.upcall use the "legacy" uid= parameter instead. Use that if you
want it to behave like it used to.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
The code currently uses fstab.h and _PATH_FSTAB, but uClibc apparently
doesn't have that header. It does have paths.h and _PATH_MNTTAB however
and so does glibc, so use that instead.
Fixes samba bug #7539.
Reported-and-Tested-by: Armin Kuster <linux@kama-aina.net>
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
We don't want to alter the device name in any way for the mtab as
/bin/umount depends on the string being identical for user mounts.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
The option parsing function now accepts all values for 'dir_mode' that
are supported by the kernel side code.
Signed-off-by: Scott Lovenberg <scott.lovenberg@gmail.com>
|
|
...to distinguish interim builds from official releases.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
When the mount option parsing was cleaned up recently, the detection of
the "cred=" option was dropped.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
Align CRED_ macro values to keep style consistent with last patch.
Signed-off-by: Scott Lovenberg <scott.lovenberg@gmail.com>
|
|
Moved option string parsing to function parse_opt_token(char*). Main
loop in parse_options(const char*, struct parsed_mount_info*)
transplanted to a switch block.
The parsing function folds common options to a single macro:
1.) 'unc','target', and 'path' -> 'OPT_UNC'
2.) 'dom*' and 'workg*' -> 'OPT_DOM'
3.) 'nobrl' and 'nolock' -> 'OPT_NO_LOCK'
Kept 'fmask' and 'dmask' (OPT_FMASK, OPT_DMASK), which fall through to
'file_mode' and 'dir_mode' in the main loop.
Signed-off-by: Scott Lovenberg <scott.lovenberg@gmail.com>
|
|
Signed-off-by: Steve French <smfrench@gmail.com>
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
mount.smb2 has different help (many fewer mount options) and different
fsname, but otherwise can reuse all of the good work Jeff did on
mount.cifs. This patch allow mount.cifs to detect if run as mount.smb2
(to display different help and fsname).
Signed-off-by: Steve French <smfrench@gmail.com>
|
|
Replaced max username in parse_options with the sum of its potential
parts for "domain/user%password" formatted values. Note that forward
slashes still expand to a double back slash in the parse_username
function, though.
Signed-off-by: Scott Lovenberg <scott.lovenberg@gmail.com>
|
|
...the kernel doesn't expect to see it and it causes a regression
when mounting some UNCs.
Reported-by: Ales Zelinka <azelinka@redhat.com>
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
The parsing for values has been moved to its own function and is a bit
cleaner. Temporary buffers are zeroed out before being freed to ensure
passwords/credentials aren't left in released memory.
Signed-off-by: Scott Lovenberg <scott.lovenberg@gmail.com>
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
Remove magic numbers, redundant code and extra variables from open_cred_file().
Remove check for domain length since strlcpy is safe from buffer overflows.
Signed-off-by: Scott Lovenberg <scott.lovenberg@gmail.com>
|
|
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
mount.cifs calls strchr on currentaddress, which may be a NULL pointer.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
...use $(foo) instead. That doesn't rely on an explicit AC_SUBST().
Reported-by: Lars Müller <lars@samba.org>
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
It's possible that root won't have privileges to chdir or evaluate the
paths without that capability.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
...it's already checked in AC_LIBCAP
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
...it's rather confusing since we can compile against libcap or libcap-ng
but this is helpful for testing.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
|
|
...some #defines are missing in that case. This fixes the build for
all possible libcap/libcap-ng availability scenarios.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
|
|
This patch makes the mount.cifs credentials file parameters consistent with
the command line parameters to remove ambiguity between the command line
parameter format and the credentials file format. That is, it parses for
both short and long form of the 'username', 'password', and 'domain'
parameters. This patch is against the current cifs-utils-4.2.
I'm also thinking of adding a second patch that allows for parsing a
"domain/user", "domain%user" and "domain/user%password" formats as allowed
from the command line.
Signed-off-by: Scott Lovenberg <scott.lovenberg@gmail.com>
|
|
Only the parent process will ever need CAP_DAC_OVERRIDE. The child can
get by with CAP_DAC_READ_SEARCH.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
...libcap-ng does this in a much easier fashion. If that's not
available, then we have to do it manually.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
...in preference to libcap if it's available.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
mount.cifs is being linked against the krb5 library. Fix it so that
that doesn't happen.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
|
