From: Karel Zak Date: Mon, 19 Jun 2023 11:29:42 +0000 (+0200) Subject: libmount: always ignore user= X-Git-Tag: v2.40-rc1~385 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=a96b486d17775bb7f79d834ee22769dfea0ba6cd;p=thirdparty%2Futil-linux.git libmount: always ignore user= The library (on mount) cares about "user", but has to ignore "user=name". It works as expected, but only for non-root users. We need to ignore it also root to be compatible with /sbin/mount.cifs where some people still use "user=" (rather than "username="). References: fe0b1e793c9017edba72768e2e0b4c769c204604 Addresses: https://github.com/util-linux/util-linux/issues/2315 Signed-off-by: Karel Zak --- diff --git a/libmount/src/context_mount.c b/libmount/src/context_mount.c index 40f9ed0733..87387ae366 100644 --- a/libmount/src/context_mount.c +++ b/libmount/src/context_mount.c @@ -177,6 +177,22 @@ static int evaluate_permissions(struct libmnt_context *cxt) if (rc) return rc; + /* + * Ignore user= (if is set). Let's keep it hidden + * for normal library operations, but visible for /sbin/mount. + * helpers. + */ + if (user_flags & MNT_MS_USER + && (opt = mnt_optlist_get_opt(ol, MNT_MS_USER, cxt->map_userspace)) + && mnt_opt_has_value(opt)) { + DBG(CXT, ul_debugobj(cxt, "perms: user= detected, ignore")); + + cxt->flags |= MNT_FL_SAVED_USER; + + mnt_opt_set_external(opt, 1); + user_flags &= ~MNT_MS_USER; + } + if (!mnt_context_is_restricted(cxt)) { /* * superuser mount @@ -228,22 +244,6 @@ static int evaluate_permissions(struct libmnt_context *cxt) return -EPERM; } - /* - * Ignore user= (if is set). Let's keep it hidden - * for normal library operations, but visible for /sbin/mount. - * helpers. - */ - if (user_flags & MNT_MS_USER - && (opt = mnt_optlist_get_opt(ol, MNT_MS_USER, cxt->map_userspace)) - && mnt_opt_has_value(opt)) { - DBG(CXT, ul_debugobj(cxt, "perms: user= detected, ignore")); - - cxt->flags |= MNT_FL_SAVED_USER; - - mnt_opt_set_external(opt, 1); - user_flags &= ~MNT_MS_USER; - } - /* * Insert MS_SECURE between system flags on position where is MNT_MS_USER */ diff --git a/sys-utils/mount.8.adoc b/sys-utils/mount.8.adoc index bb2e4c9117..d82815d638 100644 --- a/sys-utils/mount.8.adoc +++ b/sys-utils/mount.8.adoc @@ -184,6 +184,8 @@ Since util-linux 2.35, *mount* does not exit when user permissions are inadequat For more details, see *fstab*(5). Only the user that mounted a filesystem can unmount it again. If any user should be able to unmount it, then use *users* instead of *user* in the _fstab_ line. The *owner* option is similar to the *user* option, with the restriction that the user must be the owner of the special file. This may be useful e.g. for _/dev/fd_ if a login script makes the console user owner of this device. The *group* option is similar, with the restriction that the user must be a member of the group of the special file. +The *user* mount option is accepted if no username is specified. If used in the format *user=someone*, the option is silently ignored and visible only for external mount helpers (/sbin/mount.) for compatibility with some network filesystems. + === Bind mount operation Remount part of the file hierarchy somewhere else. The call is: