umount: ignore --no-canonicalize,-c for non-root users

It seems better to ignore this option than drop-permissions and later
exit with EPERMs. This change makes umount(8) more compatible with
fuser user umounts by systemd where -c is used to reduce overhead etc.

Addresses: https://github.com/karelzak/util-linux/issues/1192
Signed-off-by: Karel Zak <kzak@redhat.com>

diff --git a/sys-utils/umount.8 b/sys-utils/umount.8
index a66d11961dac7a171efeeaefb71b5d4751882de8..a7f6b12e03a5747ddbe8277ebbf9328de430e1fd 100644 (file)
--- a/sys-utils/umount.8
+++ b/sys-utils/umount.8
@@ -89,6 +89,10 @@ system calls. These system calls may hang in some cases (for example on NFS if
 server is not available). The option has to be used with canonical path to the
 mount point.
 
+This option is silently ignored by
+.B umount
+for non-root users.
+
 For more details about this option see the
 .BR mount (8)
 man page. Note that \fBumount\fR does not pass this option to the

diff --git a/sys-utils/umount.c b/sys-utils/umount.c
index 056ffb895a4a04fe7d5abb42f936278d739652f9..8b7e1ddea33aeb5ff7bf1132cc867b4e3ed6365d 100644 (file)
--- a/sys-utils/umount.c
+++ b/sys-utils/umount.c
@@ -504,8 +504,17 @@ int main(int argc, char **argv)
 
 
                /* only few options are allowed for non-root users */
-               if (mnt_context_is_restricted(cxt) && !strchr("hdilqVv", c))
+               if (mnt_context_is_restricted(cxt) && !strchr("hdilqVv", c)) {
+
+                       /* Silently ignore options without direct impact to the
+                        * umount operation, but with security sensitive
+                        * side-effects */
+                       if (strchr("c", c))
+                               continue;       /* ignore */
+
+                       /* drop permissions, continue as regular user */
                        suid_drop(cxt);
+               }
 
                err_exclusive_options(c, longopts, excl, excl_st);