Karel Zak [Tue, 24 May 2016 09:07:08 +0000 (11:07 +0200)]
last: cleanup time formatting code
- describe difference between login and logout time formats in struct last_timefmt
- use strtime_iso()
- rename LAST_TIMEFTM_SHORT_CTIME to LAST_TIMEFTM_SHORT
- rename LAST_TIMEFTM_FULL_CTIME to LAST_TIMEFTM_CTIME
- add LAST_TIMEFTM_HHMM for internal purpose (logout format for "--time-format short")
Karel Zak [Tue, 24 May 2016 08:58:52 +0000 (10:58 +0200)]
include/timeutils: rewrite iso formatting functions
- use buffers rather than allocate memory
- support .usec and ,usec convention
- use strftime for timezone (we need to care about daylight
saving time)
Werner Fink [Fri, 22 Apr 2016 10:16:04 +0000 (12:16 +0200)]
sulogin: agetty: use the plymouth local protocol instead the plymouth binary
for stopping plymouthd. That do not depend on the existence of
the plymouth binary if it e.g. becomes uninstalled or an other
service is providing plymouthd facilities.
[kzak@redhat.com: - fix compiler warnings [-Wpointer-sign]
- use sizeof() for write_all()
- cast to char* for read_all]
Signed-off-by: Werner Fink <werner@suse.de> Signed-off-by: Karel Zak <kzak@redhat.com>
2. The partition table must be restricted in size, such as when a system
expects to find a bootloader at a location that would otherwise overlap the
partition table.
The gdisk partitioner supports this feature.
libfdisk is already capable of reading and writing partition tables of any
size, but previously could only create ones of 128 entries and could not
resize.
This change should be fairly safe, as it has no effect unless explicitly
activated.
Karel Zak [Tue, 10 May 2016 08:52:31 +0000 (10:52 +0200)]
libfdisk: use fdisk_add_partition() for unused partno
For example:
sfdisk -N <parno>
may address unused partition. In this case we need to redirect from
fdisk_set_partition() to fdisk_add_partition() and follow default
setting (used all free space).
Wayne Pollock [Wed, 4 May 2016 16:15:14 +0000 (17:15 +0100)]
write: fix setuid related regression
The write(1) is commonly a setuid binary, because common users cannot by
default write to each others terminals. Since the commit in reference, that
is part of releases v2.24 to v2.28, the write(1) has used access(2) to check
capability to write to a destination terminal. The catch is that access(2)
uses real UID and GID to when performing the accessibility. The obvious
correction is to avoid access(2) when in context of setuid binaries.
As a smaller fix, but equally important fix, ensure the 'msgsok' variable is
initialized to indicate no access. Uninitialized variable will almost
certainly do wrong thing at the time of check.
Breaking-commit: 0233a8ea18bec17dd59cfe1fec8281 Signed-off-by: Sami Kerola <kerolasa@iki.fi> Signed-off-by: Karel Zak <kzak@redhat.com> Signed-off-by: Wayne Pollock <profwaynepollock@gmail.com>
Karel Zak [Wed, 4 May 2016 10:43:35 +0000 (12:43 +0200)]
sfdisk: add --wipe-partitions=auto|never|default
The option allows to remove filesystes/RAIDs from newly created
partitions before the partition table is updated (and partition
device created).
The default is "auto" in this case wipe is enabled in interactive mode
only and user's confirmation (yes/no dialog) is required. Note that
keep filesystem signature on partition is pretty valid use-case, so we
don't erase anything by default.
Karel Zak [Wed, 4 May 2016 10:43:35 +0000 (12:43 +0200)]
fdisk: add --wipe-partitions=auto|never|default
The option allows to remove filesystes/RAIDs from newly created
partitions before the partition table is updated (and partition
device created).
The default is "auto" in this case wipe is enabled in interactive mode
only and user's confirmation (yes/no dialog) is required. Note that
keep filesystem signature on partition is pretty valid use-case, so we
don't erase anything by default.
Karel Zak [Wed, 4 May 2016 10:32:52 +0000 (12:32 +0200)]
libfdisk: add fdisk_wipe_partition()
Now libfdisk provides functionality wipe disk device only ([s]fdisk
option --wipe).
This patch allows to probe for filesystems/RAIDs on newly created
partitions. It means we can remove signatures before the partition
node (device) is created. This reduces udev events and it's
unnecessary to call wipefs for all partitions. For example
Karel Zak [Thu, 28 Apr 2016 11:54:01 +0000 (13:54 +0200)]
libblkid: make I/O errors on CDROMs non-fatal
It seems too tricky to get a real size of the data track on hybrid
disks with audio+data. It seems overkill to analyze all header in
libblkid and on some disks it's probably possible to get I/O error
almost everywhere due to crazy copy protection etc.
Karel Zak [Wed, 27 Apr 2016 12:18:41 +0000 (14:18 +0200)]
libblkid: check for multi-session CDROMs
.. and read last session if probing offset is not specified.
udev uses cdrom_id to get last session offset, so people don't see a
problem with hybrid media (audio+data), but if you execute blkid on
command line (without -O <offset>) then you get I/O errors.
It seems that we can use the same way as kernel filesystem iso9960
driver when session= mount option is not specified ... just use
CDROMMULTISESSION ioctl to get last session offset and probe this last
session rather than all medium.
Karel Zak [Fri, 22 Apr 2016 11:59:06 +0000 (13:59 +0200)]
libsmartcols remove duplicate code
For petty long time we have strdup_to_struct_member() macro to avoid
duplicate code when strdup() strings in setter functions. Let's use it
for libmount.
Karel Zak [Fri, 22 Apr 2016 11:59:06 +0000 (13:59 +0200)]
libmount: remove duplicate code
For petty long time we have strdup_to_struct_member() macro to avoid
duplicate code when strdup() strings in setter functions. Let's use it
for libmount.
Stanislav Brabec [Tue, 12 Apr 2016 18:23:25 +0000 (20:23 +0200)]
mount: Handle EROFS before calling mount() syscall
If the loop device is already initialized read-only, the new code for loop
device reuse returns -EROFS. There is no solution of this situation. But mount
can behave in the same way, as it does for EROFS returned by mount syscall: Try
again in read-only mode.
Before:
mount: /mnt/2: mount failed: Read-only file system
After:
mount: /btrfs.img is used as read only loop, mounting read-only
Note: It would be nice to mention loop device name in the warning message, but
it is not available in the mount context.
Stanislav Brabec [Tue, 12 Apr 2016 18:22:56 +0000 (20:22 +0200)]
libmount: reuse existing loop device
According to the Al Viro[1], kernel has no way to detect that a single file is
used by multiple loop devices, and multiple mounts of the same file using
different loop devices will result in a data corruption. Exactly this now
happens, if multiple btrfs sub-volumes in one file are mounted with "-oloop".
Make use of multiple -oloop mounting the same file safe: Do a loop devices
lookup, and if a loop device is already initialized, use it.
Hopefully it is possible, as "losetup -d" will return OK, even if the device
itself is in use, and is not released.
Problems:
There is a risk of race condition between the lookup and real mount.
Once loop device is initialized read-only, kernel offers no way to turn it to
read-write. It has to fail.
Process A Process B Process C
open()
[creates file]
lock()
[succeed]
open()
[open existing]
lock()...
running()
close()
[...succeed]
unlink()
running()
open()
[creates file] {BAD!}
lock()
[succeed] {BAD!}
running() {BAD!}
close()
Cons: leaves empty (unlocked/harmless) .lock files in /run/fsck/ Signed-off-by: Yuriy M. Kaminskiy <yumkam@gmail.com>
James Bottomley [Fri, 15 Apr 2016 15:10:20 +0000 (08:10 -0700)]
nsenter: enter namespaces in two passes
We have two use cases for user namespaces, one to elevate the
privilege of an unprivileged user, in which case we have to enter the
user namespace before all other namespaces (otherwise there isn't
enough permission to enter any other namespace). And the other one is
where we're deprivileging a user and thus have to enter the user
namespace last (because that's the point at which we lose the
privileges). On the first pass, we start at the position one after
the user namespace clearing the file descriptors as we close them
after calling setns(). If setns() fails on the first pass, ignore the
failure assuming that it will succeed after we enter the user
namespace.
Addresses: https://github.com/karelzak/util-linux/issues/315 Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com> Acked-by: "Eric W. Biederman" <ebiederm@xmission.com> Signed-off-by: Karel Zak <kzak@redhat.com>
Sami Kerola [Mon, 14 Mar 2016 21:06:30 +0000 (21:06 +0000)]
getopt: fix memory leaks and integer overflows [ASAN & valgrind]
The getopt(1) is short living command, and one could argue ensuring all
allocations are freed at end of execution is waste of time. There is a
point in that, but making test-suite runs to be less noisy with ASAN is also
nice as it encourages reading the errors when/if they happen.
Reviewed-by: Yuriy M. Kaminskiy <yumkam@gmail.com> Reviewed-by: Karel Zak <kzak@redhat.com> Signed-off-by: Sami Kerola <kerolasa@iki.fi>
Karel Zak [Tue, 19 Apr 2016 10:39:05 +0000 (12:39 +0200)]
libblkid: reduce probing area for crazy CDROMs
Linux kernel reports devices greater than area readable by read(2).
The readable area is usually 2-3 CD blocks smaller (CD block is
2048-bytes) than size returned by BLKGETSIZE. This patch checks for
this issues to avoid I/O errors in probing functions.
Reported-by: Thomas Schmitt <scdbackup@gmx.net> Signed-off-by: Karel Zak <kzak@redhat.com>
Petr Uzel [Mon, 18 Apr 2016 14:22:05 +0000 (16:22 +0200)]
libblkid: make blkid_do_wipe() work with probes with offset
When a probe is created with an offset, e.g. via
blkid_probe_set_device(), this offset is correctly used when looking for
the signatures, but is not respected by blkid_do_wipe() function.
Therefore the signature is removed from an invalid location.
Usecase: Wiping signatures from an area on the block device where
partition is to be created (but as it does not exist yet, there's no
device node for it and probe on the whole block device has to be used
with correct offset and length).
Steps to reproduce:
modprobe scsi_debug
parted -s /dev/sdX mklabel gpt
parted -s /dev/sdX mkpart first 2048s 4095s
mkfs.ext2 /dev/sdX1
wipefs -np /dev/sdX1
./wiper /dev/sdX1 2048 2048
Actual result: wiper gets into endless loop, because
blkid_do_wipe() wipes at wrong location (1080), leaving the signature
on /dev/sdc1. So it is again found by blkid_do_probe(), and so on.
Expected result: wiper clears the ext2 signature at offset 1049656(=1080+2048*512).
Karel Zak [Mon, 18 Apr 2016 09:01:26 +0000 (11:01 +0200)]
Merge branch '2016wk15' of git://github.com/kerolasa/lelux-utiliteetit
* '2016wk15' of git://github.com/kerolasa/lelux-utiliteetit:
mount: try to tell what mount was doing when it failed
dmesg: --notime should not suppress --show-delta
script: check status of writes when closing outputs
script: avoid trying fclose(NULL)
sulogin: make fopen O_CLOEXEC specifier usage portable
script: close file descriptors on exec
docs: optinal option arguments should be long-only
Sami Kerola [Sat, 16 Apr 2016 17:35:02 +0000 (18:35 +0100)]
dmesg: --notime should not suppress --show-delta
The --show-delta is off by default, which means it can be only on when user
has requested to see these time stamps. The --notime option should not turn
the delta outputing off, because then option order matters and no-one wants
that. Example of the old output:
$ dmesg --notime --show-delta | sed -n 's/ version.*//p; q'
[< 0.000000>] Linux
$ dmesg --show-delta --notime | sed -n 's/ version.*//p; q'
Linux
Addresses: https://bugs.launchpad.net/bugs/1544595 Signed-off-by: Sami Kerola <kerolasa@iki.fi>
Karel Zak [Thu, 14 Apr 2016 12:26:54 +0000 (14:26 +0200)]
libmount: don't support /etc/mtab by default
The file mtab is evil and already unused by mainstream distributions.
Now libmount is able to detect mtab->/proc/mounts and use
/proc/self/mountinfo if necessary. This heuristic seems overkill in
many cases. It's also dangerous on systems where mountinfo is strongly
required (systemd based distros).
This patch #ifdefs mtab code and forces libmount to always use
/proc/self/mountinfo.
The new configure option --enable-libmount-support-mtab is necessary
to enable old behavior to support mtab.
Karel Zak [Wed, 13 Apr 2016 12:41:47 +0000 (14:41 +0200)]
wipefs: force GPT detection
The library libblkid (as well as fdisks) requires protective MBR when
probe for GPT by default. This is unnecessary for wipefs where we're
more promiscuous and we want to delete as much as possible. This patch
enables BLKID_PARTS_FORCE_GPT for wipefs.
Addresses: https://bugzilla.redhat.com/show_bug.cgi?id=1326474 Signed-off-by: Karel Zak <kzak@redhat.com>
Karel Zak [Thu, 24 Mar 2016 10:51:12 +0000 (11:51 +0100)]
libmount: try absolute target before canonicalize
The path canonicalization is expensive and in many cases unwanted due
to problems with readlink() on unreachable NFS and automounters.
This patch add a possibility to search also by $(CWD)/<path> if the
<path> is relative to reduce number of situation when we convert the
path to the canonical absolute path.
Karel Zak [Wed, 13 Apr 2016 09:52:43 +0000 (11:52 +0200)]
script: use empty-slave heuristic more carefully
script(1) waits for empty slave FD (shell stdin) before it writes to
master. This feature has been intorduiced by 54c6611d6f7b73609a5331f4d0bcf63c4af6429e
to avoid misbehavior when we need to send EOF to the shell.
Unfortunately, this feature has been used all time for all messages.
This is wrong because command in the session (or shell) may ignore
stdin at all and wait forever in busy loop is really bad idea. Test
case:
This patch forces script to use empty-stave detection only when we
need to write EOF. The busy loop has been modified to use nanosleep
and it does not wait forever...
Addresses: http://bugs.debian.org/820843 Signed-off-by: Karel Zak <kzak@redhat.com>
projects / thirdparty / util-linux.git / log
