| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
When certain options are passed to the mount helper, we want to turn
them into mountflags for the mount() syscall. There's no need to copy
them to the options string in that case though.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
number
Sergio Conrad reported a problem trying to set up an autofs map to do
a krb5 mount. In his environment, many users have usernames that are
comprised entirely of numbers. While that's a bit odd, POSIX apparently
allows for it.
The current code assumes that when a numeric argument is passed to one
of the above options, that it's a uid or gid. Instead, try to treat the
argument as a user or group name first, and only try to treat it as a
number if that fails.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
The argv < 3 check could return true if you pass in some option flags.
If you don't provide any further arguments then you might just walk
off the end of the argv array. The values past the end aren't
guaranteed to be NULL in that case.
Fix the check to just look at whether there are 2 more arguments after
the getopt processing is done.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
removed in cifs-utils-6.0.
[jlayton: Added newline to end of warning]
Signed-off-by: Scott Lovenberg <scott.lovenberg@gmail.com>
|
|
The mount(8) manpage lists this as a fs-independent option:
nofail: Do not report errors for this device if it does not exist.
Implement that in mount.cifs by not returning an error if we were unable
to find a suitable address for the mount attempt.
Reported-by: Peter Trenholme <PTrenholme@gmail.com>
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
This patch fixes a minor regression. It used to be that when the mount
helper would run out of addresses that it would return EX_FAIL to
userspace. It now returns EX_SYSERR which is incorrect. Reinstate
the correct error code.
Reported-by: Ales Zelinka <azelinka@redhat.com>
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
In this case we explicitly don't care what these functions return, so
declare a couple of unused variables to catch the results.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
This patch is intended as a temporary workaround for krb5 users that need
to specify usernames with '/' in them. I intend to remove this hack from
mount.cifs once the legacy username handling code is removed.
The idea here is to save off the raw username string while we're parsing
options. If the mount options specify "sec=krb5" or "sec=krb5i" then
we'll not do the legacy username parsing and will instead just pass in
the username string as-is.
Obviously, this is a nasty hack and we don't really want to carry this
in perpetuity, so this can go away once the "legacy" username parsing
has gone away.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
mount.cifs has in the past allowed users to specify a username using
the above syntax, which would populate the domain and password fields
with the different pieces.
Unfortunately, there are cases where it is legit to have a '/' in a
username. krb5 SPNs generally contain a '/' and we have no clear way
to distinguish between the two.
I don't see any real value in keeping that syntax allowed. It's no
easier than specifying "pass=" and "domain=" on the command line. Ditto
for credential files.
Begin the transition away from that syntax by adding a warning message
that support for it will be removed in 5.9.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
When access() fails, use errno for a sensible error message.
Signed-off-by: Luk Claes <luk@debian.org>
|
|
If systemd is running and /bin/systemd-ask-password if available,
then use that else fallback on getpass(..).
And add a --enable-systemd configure option, which defaults to yes.
Signed-off-by: Ankit Jain <jankit@suse.com>
|
|
Thus spake Jochen:
The mount.cifs program from the cifs-utils package 5.5 did not work on
my Linux system. It just exited without an error message and did not
mount anything.
[...]
I think, when this variable rc is now used in this function, it has also
to be properly initialized there.
Reported-by: Jochen Roderburg <roderburg@uni-koeln.de>
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
|
|
This was added when it was thought that smb2 would be a different fstype
altogether. Now that we are not adding a separate fstype, this code is
no longer needed since nothing will ever call /sbin/mount.smb2.
Cc: Steve French <smfrench@gmail.com>
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
Traditionally, this ver= option was used to specify the "options
version" that we're passing in. It has always been set to '1' though
and we have never changed that.
Eventually we want to have a ver= (or vers=) option that allows users
to specify the SMB version that they want to use to talk to the server.
At that point, this option will just get in the way. Let's go ahead
and remove it now in preparation for that day.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
We handle this option in userspace, so there's little value in also
passing it to the kernel.
Also fix minor double-comma nit in the options string.
Reported-by: Ronald <ronald645@gmail.com>
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
toggle_dac_capability
I'm not sure what I was thinking when I added that check in, but it's
been there since the inception. We shouldn't care at all what the
real uid is when we call toggle_dac_capability and indeed we don't
care with the libcap-ng version. Remove that check.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
the build process of the cifs-utils for Mandriva 2011 made me notice of
the unused variable rc in toggle_dac_capability() of mount.cifs.c.
A bit up in the code we store the return value and do not make use of it
while calling return.
The attached patch intends to fix this.
The failing build result is still visible at
https://build.opensuse.org/package/live_build_log?arch=x86_64&package=cifs-utils&project=network%3Asamba%3ASTABLE&repository=Mandriva_2011
Acked-by: Suresh Jayaraman <sjayaraman@suse.com>
Signed-off-by: Lars Mueller <lmuelle@suse.com>
|
|
older gcc versions (4.3 in the case of SUSE Linux Enterprise 11 SP 1 and
SP 2) complain about uninitialized variables in the recent 5.4 release.
The attached patch makes the build process a bit quieter.
Acked-by: Suresh Jayaraman <sjayaraman@suse.com>
Signed-off-by: Lars Mueller <lmuelle@suse.com>
|
|
...and add -D_FORTIFY_SOURCE=2 to the default $CFLAGS.
Acked-by: Acked-by: Suresh Jayaraman <sjayaraman@suse.com>
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
can't chdir
If mount.cifs is installed as a setuid root program, then a user can
use it to gather information about files and directories to which he
does not have access.
One of the first things that mount.cifs does is to chdir() into the
mountpoint and then proceeds to perform the mount onto ".". A malicious
user could exploit this fact to determine information about directories
to which he does not have access. Specifically, whether the dentry in
question is a file or directory and whether it exists at all.
This patch fixes this by making the program switch the fsuid to the
real uid for unprivileged users when mounting.
Note that this is a behavior change. mount.cifs has in the past allowed
users to mount onto any directory as long as it's listed in /etc/fstab
as a user mount. With this change, the user must also be able to chdir
into the mountpoint without needing special privileges. Hopefully not
many people have such a pathological configuration.
This patch should fix CVE-2012-1586.
Reported-by: Jesus Olmos <jesus.olmos@blueliv.com>
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
autofs generally calls mount helpers with '-s'. Handle that the same
way we do for NFS -- append ",sloppy" option to the mount options.
The kernel can look for that option to decide whether to ignore
unknown mount options, warn, or error out.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
The current test just looks to see if errno was 0 after the conversion
but we need to do a bit more. According to the strtoul manpage:
If there were no digits at all, strtoul() stores the original value
of nptr in *endptr (and returns 0).
So, if you pass in a string of letters, strtoul will return 0, but
won't actually have converted anything. Luckily, in most cases, /bin/mount
papers over this bug by doing uid/gid conversions itself before calling
mount.cifs.
Fix this by also checking to ensure that strtoul() converted the entire
string in addition to checking that it didn't set errno. While we're at
it, fix the test in backupuid/backupgid options as well which don't
currently check whether errno got set.
Reported-by: Kyle Squizzato <ksquizza@redhat.com>
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
The new del_mtab code ignored errors from rename(). Make it handle that
error as well like it does other errors.
Cc: Carlos Maiolino <cmaiolino@redhat.com>
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
During a remount of a cifs filesystem, the mtab file is not properly
updated, which leads to a doubled entry of the same filesystem in the
/etc/mtab file. This patch adds a new function del_mtab() which is
called before the add_mtab() in case the fs is being remounted.
The del_mtab() function will delete from the mtab, the old entry from
the filesystem which is being remounted, and then, calls add_mtab() to
add an updated entry to the mtab file.
Signed-off-by: Carlos Maiolino <cmaiolino@redhat.com>
|
|
Add mount options backupuid and backugid and their manpage contents.
Check for either a valid uid/gid or valid user/group name.
Signed-off-by: Shirish Pargaonkar <shirishpargaonkar@gmail.com>
|
|
Both these options are started with "rw" - that's why the first one
isn't switched on even if it is specified. Fix this by adding a length
check for "rw" option check.
Signed-off-by: Pavel Shilovsky <piastry@etersoft.ru>
|
|
Reported-by: Jan Lieskovsky <jlieskov@redhat.com>
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
It's possible that when mount.cifs goes to append the mtab that there
won't be enough space to do so, and the mntent won't be appended to the
file in its entirety.
Add a my_endmntent routine that will fflush and then fsync the FILE if
that succeeds. If either fails then it will truncate the file back to
its provided size. It will then call endmntent unconditionally.
Have add_mtab call fstat on the opened mtab file in order to get the
size of the file before it has been appended. Assuming that that
succeeds, use my_endmntent to ensure that the file is not corrupted
before closing it. It's possible that we'll have a small race window
where the mtab is incorrect, but it should be quickly corrected.
This was reported some time ago as CVE-2011-1678:
http://openwall.com/lists/oss-security/2011/03/04/9
...and it seems to fix the reproducer that I was able to come up with.
Signed-off-by: Jeff Layton <jlayton@samba.org>
Reviewed-by: Suresh Jayaraman <sjayaraman@suse.de>
|
|
It currently test to see if errno == -EINVAL and whether the endptr
is '\0'. That's not correct however. What we really want it to do is
check to see if any error occurred by setting errno to 0 before the
conversion. If one did, then try to treat the value as a name.
Also fix a bogus compiler warning about cruid being uninitialized.
Reported-by: Jian Li <jiali@redhat.com>
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
Don't construct a device name, but use the original device string
to mount so the device name in /proc/mounts matches the one in
/etc/fstab.
Signed-off-by: Luk Claes <luk@debian.org>
|
|
It's possible that the user is trying to mount onto a directory to which
he doesn't have execute perms. If that's the case then the mount will
currently fail. Fix this by reenabling CAP_DAC_READ_SEARCH before
calling mount(2). That will ensure that the kernel's permissions check
for this is bypassed.
Reported-by: Erik Logtenberg <erik@logtenberg.eu>
Signed-off-by: Jeff Layton <jlayton@samba.org>
Reviewed-by: Steve French <sfrench@us.ibm.com>
|
|
It's possible to "goto return_i" in this function at several points
before line_buf is set. At that point, the NULL pointer check won't
work correctly and we can end up with a SIGSEGV.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
Some distros replace /etc/mtab with a symlink to /proc/mounts. In that
situation, mount.cifs will hang for a while trying to lock the mtab.
/bin/mount checks to see if the mtab is a symlink. If it is or if a
stat() call on it fails, it doesn't try to to update the mtab. Have
mount.cifs do the same.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
Allow admins to pass in a username for the cruid= mount option.
Signed-off-by: Jeff Layton <jlayton@samba.org>
Reviewed-by: Shirish Pargaonkar <shirishpargaonkar@gmail.com>
|
|
The handling of these options is quite convoluted. Change it so that
these options are stored as numbers and then appended to the option
strings.
Signed-off-by: Jeff Layton <jlayton@samba.org>
Reviewed-by: Shirish Pargaonkar <shirishpargaonkar@gmail.com>
|
|
The manpage says:
ip=arg
sets the destination IP address. This option is set automatically
if the server name portion of the requested UNC name can be
resolved so rarely needs to be specified by the user.
...but recent changes have made it not work anymore as an override if
someone specifies an ip= option as part of the mount options. Reinstate
that behavior by copying the ip= option verbatim into the addrlist of
the parsed options struct and then skipping the name resolution. That
should allow the ip= option to pass unadulterated to the kernel.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
The resolve_host routine from mount.cifs is carried out in
separate file and appropriate corrections are made.
Signed-off-by: Igor Druzhinin <jaxbrigs@gmail.com>
|
|
Avoid setting error code twice by moving error handling out of add_mtab_exit
block. We already set error code and report error in other places.
Signed-off-by: Suresh Jayaraman <sjayaraman@suse.de>
|
|
Add 'fsc' mount option to the 'Less commonly used options' section of
mount.cifs usage help text. As with the previous patch, this one too could be
queued and considered once the local caching patches gets merged upstream.
Signed-off-by: Suresh Jayaraman <sjayaraman@suse.de>
|
|
These are filesystem-independent mount options that get passed to
mount.cifs too. Handle them appropriately by enabling and disabling
MS_MANDLOCK and not handing them off to the kernel.
Also, don't set MS_MANDLOCK by default. There's no reason to ask the
kernel to enforce mandatory locking by default. This also matches
up better with the way that "mand" is set in the mtab.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
This mount options is used to clue in init scripts that the filesystem
shouldn't be mounted until networking is available. /bin/mount also passes
that option to the filesystem however, and cifs currently chokes on it.
mount.nfs ignores this option -- have mount.cifs do the same.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
The code currently uses fstab.h and _PATH_FSTAB, but uClibc apparently
doesn't have that header. It does have paths.h and _PATH_MNTTAB however
and so does glibc, so use that instead.
Fixes samba bug #7539.
Reported-and-Tested-by: Armin Kuster <linux@kama-aina.net>
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
We don't want to alter the device name in any way for the mtab as
/bin/umount depends on the string being identical for user mounts.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
The option parsing function now accepts all values for 'dir_mode' that
are supported by the kernel side code.
Signed-off-by: Scott Lovenberg <scott.lovenberg@gmail.com>
|
|
When the mount option parsing was cleaned up recently, the detection of
the "cred=" option was dropped.
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
|
Align CRED_ macro values to keep style consistent with last patch.
Signed-off-by: Scott Lovenberg <scott.lovenberg@gmail.com>
|
|
Moved option string parsing to function parse_opt_token(char*). Main
loop in parse_options(const char*, struct parsed_mount_info*)
transplanted to a switch block.
The parsing function folds common options to a single macro:
1.) 'unc','target', and 'path' -> 'OPT_UNC'
2.) 'dom*' and 'workg*' -> 'OPT_DOM'
3.) 'nobrl' and 'nolock' -> 'OPT_NO_LOCK'
Kept 'fmask' and 'dmask' (OPT_FMASK, OPT_DMASK), which fall through to
'file_mode' and 'dir_mode' in the main loop.
Signed-off-by: Scott Lovenberg <scott.lovenberg@gmail.com>
|
|
Signed-off-by: Steve French <smfrench@gmail.com>
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
