]> git.ipfire.org Git - thirdparty/util-linux.git/commit
projects / thirdparty / util-linux.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d0c4300) | patch
libmount: improve X-mount.mkdir for non-root users
authorKarel Zak <kzak@redhat.com>
Fri, 3 Jan 2020 09:48:09 +0000 (10:48 +0100)
committerKarel Zak <kzak@redhat.com>
Fri, 3 Jan 2020 09:48:09 +0000 (10:48 +0100)
commit6b0094d0c12736ed6970cb2c5a6e3f14774a5f4d
tree3500caadbdecb02cec9c118a2bf7f856c3a1a579tree | snapshot
parentd0c430068206e1215222792e3aa10689f8c632a6commit | diff
libmount: improve X-mount.mkdir for non-root users

Since v2.35 mount(8) drops suid on -EPERM and repeat necessary actions
before mount(2) syscall. This patch also improves this behavior for
X-mount.mkdir too.

mount(8):
 * return -EPERM on sanitize_paths() rather than call err()
 * call suid_drop() on failed sanitize_paths()
 * update man page

libmount:
 * mnt_context_prepare_target() refactoring
 * return -EPERM when in restricted mode for X-mount.mkdir

Fixed version:
 /home/kzak/mnt-foo   sr.net.home:/home/kzak   fuse.sshfs noauto,X-mount.mkdir

 $ mount /home/kzak/mnt-foo
 kzak@sr.net.home's password:

 $ /home/projects/util-linux/util-linux  findmnt /home/kzak/mnt-foo
 TARGET             SOURCE                 FSTYPE     OPTIONS
 /home/kzak/mnt-foo sr.net.home:/home/kzak fuse.sshfs rw,nosuid,nodev,relatime,user_id=1000,group_id=1000

Addresses: https://github.com/systemd/systemd/issues/14418
Signed-off-by: Karel Zak <kzak@redhat.com>
libmount/src/context.c diff | blob | blame | history
libmount/src/context_mount.c diff | blob | blame | history
sys-utils/mount.8 diff | blob | blame | history
sys-utils/mount.c diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.