From 0bfa747f0176af4b94a4e1f6f434ddfcd9ce5099 Mon Sep 17 00:00:00 2001 From: Karel Zak Date: Thu, 19 Nov 2020 11:12:06 +0100 Subject: [PATCH] umount: ignore --no-canonicalize,-c for non-root users It seems better to ignore this option than drop-permissions and later exit with EPERMs. This change makes umount(8) more compatible with fuser user umounts by systemd where -c is used to reduce overhead etc. Addresses: https://github.com/karelzak/util-linux/issues/1192 Signed-off-by: Karel Zak --- sys-utils/umount.8 | 4 ++++ sys-utils/umount.c | 11 ++++++++++- 2 files changed, 14 insertions(+), 1 deletion(-) diff --git a/sys-utils/umount.8 b/sys-utils/umount.8 index a66d11961d..a7f6b12e03 100644 --- a/sys-utils/umount.8 +++ b/sys-utils/umount.8 @@ -89,6 +89,10 @@ system calls. These system calls may hang in some cases (for example on NFS if server is not available). The option has to be used with canonical path to the mount point. +This option is silently ignored by +.B umount +for non-root users. + For more details about this option see the .BR mount (8) man page. Note that \fBumount\fR does not pass this option to the diff --git a/sys-utils/umount.c b/sys-utils/umount.c index 056ffb895a..8b7e1ddea3 100644 --- a/sys-utils/umount.c +++ b/sys-utils/umount.c @@ -504,8 +504,17 @@ int main(int argc, char **argv) /* only few options are allowed for non-root users */ - if (mnt_context_is_restricted(cxt) && !strchr("hdilqVv", c)) + if (mnt_context_is_restricted(cxt) && !strchr("hdilqVv", c)) { + + /* Silently ignore options without direct impact to the + * umount operation, but with security sensitive + * side-effects */ + if (strchr("c", c)) + continue; /* ignore */ + + /* drop permissions, continue as regular user */ suid_drop(cxt); + } err_exclusive_options(c, longopts, excl, excl_st); -- 2.47.3