libmount: always ignore user=<name>

The library (on mount) cares about "user", but has to ignore
"user=name". It works as expected, but only for non-root users. We
need to ignore it also root to be compatible with /sbin/mount.cifs
where some people still use "user=" (rather than "username=").

References: fe0b1e793c9017edba72768e2e0b4c769c204604
Addresses: https://github.com/util-linux/util-linux/issues/2315
Signed-off-by: Karel Zak <kzak@redhat.com>

diff --git a/libmount/src/context_mount.c b/libmount/src/context_mount.c
index 40f9ed07337ec5eb3b79211c65ca495b0281a271..87387ae366adc50d585cc9be60ee60b03c4eef2d 100644 (file)
--- a/libmount/src/context_mount.c
+++ b/libmount/src/context_mount.c
@@ -177,6 +177,22 @@ static int evaluate_permissions(struct libmnt_context *cxt)
        if (rc)
                return rc;
 
+       /*
+       * Ignore user=<name> (if <name> is set). Let's keep it hidden
+       * for normal library operations, but visible for /sbin/mount.<type>
+       * helpers.
+       */
+       if (user_flags & MNT_MS_USER
+           && (opt = mnt_optlist_get_opt(ol, MNT_MS_USER, cxt->map_userspace))
+           && mnt_opt_has_value(opt)) {
+               DBG(CXT, ul_debugobj(cxt, "perms: user=<name> detected, ignore"));
+
+               cxt->flags |= MNT_FL_SAVED_USER;
+
+               mnt_opt_set_external(opt, 1);
+               user_flags &= ~MNT_MS_USER;
+       }
+
        if (!mnt_context_is_restricted(cxt)) {
                /*
                 * superuser mount
@@ -228,22 +244,6 @@ static int evaluate_permissions(struct libmnt_context *cxt)
                        return -EPERM;
                }
 
-               /*
-               * Ignore user=<name> (if <name> is set). Let's keep it hidden
-               * for normal library operations, but visible for /sbin/mount.<type>
-               * helpers.
-               */
-               if (user_flags & MNT_MS_USER
-                   && (opt = mnt_optlist_get_opt(ol, MNT_MS_USER, cxt->map_userspace))
-                   && mnt_opt_has_value(opt)) {
-                       DBG(CXT, ul_debugobj(cxt, "perms: user=<name> detected, ignore"));
-
-                       cxt->flags |= MNT_FL_SAVED_USER;
-
-                       mnt_opt_set_external(opt, 1);
-                       user_flags &= ~MNT_MS_USER;
-               }
-
                /*
                 * Insert MS_SECURE between system flags on position where is MNT_MS_USER
                 */

diff --git a/sys-utils/mount.8.adoc b/sys-utils/mount.8.adoc
index bb2e4c91178420e87e0555acf8441b19aeb7a783..d82815d638f132e8980ad3d929d29229517f1a12 100644 (file)
--- a/sys-utils/mount.8.adoc
+++ b/sys-utils/mount.8.adoc
@@ -184,6 +184,8 @@ Since util-linux 2.35, *mount* does not exit when user permissions are inadequat
 
 For more details, see *fstab*(5). Only the user that mounted a filesystem can unmount it again. If any user should be able to unmount it, then use *users* instead of *user* in the _fstab_ line. The *owner* option is similar to the *user* option, with the restriction that the user must be the owner of the special file. This may be useful e.g. for _/dev/fd_ if a login script makes the console user owner of this device. The *group* option is similar, with the restriction that the user must be a member of the group of the special file.
 
+The *user* mount option is accepted if no username is specified. If used in the format *user=someone*, the option is silently ignored and visible only for external mount helpers (/sbin/mount.<type>) for compatibility with some network filesystems.
+
 === Bind mount operation
 
 Remount part of the file hierarchy somewhere else. The call is: