Karel Zak [Wed, 24 Aug 2022 14:54:10 +0000 (16:54 +0200)]
libmount: keep context fs and optlist synchronized
The new code uses cxt->optlist to maintain mount options, but for backward
compatibility and for some stuff in the library we need to keep context->fs
up to date with the optlist. It seems the best is to to keep it on-demand
and automatic.
Karel Zak [Thu, 18 Aug 2022 10:04:43 +0000 (12:04 +0200)]
libmount: (mount) de-duplicate when apply MS_SECURE
The options string "users,exec" is "users,nodev,nosuid,noexec,exec",
the option "noexec" is unnecessary here. The last option is the winner
("exec" in this case).
Karel Zak [Thu, 14 Jul 2022 09:00:45 +0000 (11:00 +0200)]
libmount: add mnt_optlist_remove_flags() and mnt_opt_set_external()
- add mnt_optlist_remove_flags() to make it easy to work with flags
- add mnt_opt_set_external() to hidde unnecessary options
- clean up private library header file
Karel Zak [Tue, 28 Jun 2022 08:43:30 +0000 (10:43 +0200)]
libmount: (optlist) support merged optlist
For backward compatibility in mnt_context_* interface we need a way how
to work independently with mount flags and mount options. The library
merges all the options and flags later during mnt_context_prepare_*.
Karel Zak [Fri, 10 Jun 2022 08:24:10 +0000 (10:24 +0200)]
libmount: fix mount hooks use
The function do_mount() is possible to call in loop, for example when
libmount try FS types ("mount -t foo,bar,ext4 /dev/sdc1 /mnt"). In
this case it's bad idea to call in the loop also hooks that do
non-mount operations.
This adds a new mount option X-mount.idmap. This mount option can be
used to create an idmapped mount.
An idmapped mount allows to change ownership of all files located under
a mount according to the ID-mapping associated with a user namespace.
The ownership change is tied to the lifetime and localized to the
relevant mount. The relevant ID-mapping can be specified in two ways:
* A user can specify the ID-mapping directly.
The ID-mapping must be specified using the syntax
id-type:id-mount:id-host:id-range
Specifying "u" as the id-type prefix creates a UID-mapping, "g"
creates a GID-mapping and omitting id-type or specifying "b"
creates both a UID- and GID-mapping.
The id-mount parameter indicates the starting ID in the new mount.
The id-host parameter indicates the starting ID in the filesystem.
The id-range parameter indicates how many IDs are to be mapped.
It is possible to specify multiple ID-mappings.
The individual ID-mappings must be separated by spaces.
For example, the ID-mapping
X-mount.idmap=u:1000:0:1 g:1001:1:2 5000:1000:2
creates an idmapped mount where UID 0 is mapped to UID 1000, GID 1 is
mapped to GUID 1001, GID 2 is mapped to GID 1002, UID and GID 1000 are
mapped to 5000, and UID and GID 1001 are mapped to 5001 in the mount.
When an ID-mapping is specified directly a new user namespace will be
allocated with the requested ID-mapping.
The newly created user namespace will be attached to the mount.
* A user can specify a user namespace file.
The user namespace will then be attached to the mount and the
ID-mapping of the user namespace will become the ID-mapping of the
mount.
For example, *X-mount.idmap=/proc/PID/ns/user* will attach the user
namespace of the process PID to the mount.
Even more details about idmapped mounts can be found in the
mount_setattr(2) manpage of the linux-manpage project.
[kzak@redhat.com: - port Christian's patch to the new libmount hooks API]
Signed-off-by: Christian Brauner (Microsoft) <brauner@kernel.org> Signed-off-by: Karel Zak <kzak@redhat.com>
Karel Zak [Thu, 19 May 2022 11:55:43 +0000 (13:55 +0200)]
libmount: implement hooks for a legacy mount(2)
* replaces context "addmounts" functionality with more generic hooks
* "hooksets" handles complex functionality by a set of hooks.
During initialization (or later), the hookset can define
arbitrary hook function(s). The library will call the functions from
a specified place ("stage"). Now supported stages are
prepare-options, pre-mount, mount, and post-mount.
This solution looks complex at first glance, but it will help
keep all extensions separated from core library code (IDs mapping,
X-mount.chown/chmod, X-mount.subdir, etc.). It will also be possible to
support multiple implementations for the same functionality (classic
mount(2) vs. new fsmount(2)) without #ifdefs storms etc.
Maybe later we can also use hooksets for external library modules
(like verity support).
* __legacy-mount hookset implements support for the classic mount(2)
syscall. Supported hooks:
prepare-options - analyzes the current setting (libmnt_context)
and setup other hooks when necessary
mount - calls mount(2) for standard "/dev to /mnt" use-cases
post-mount (two possible hooks):
- calls mount(2) to modify propagation flags
- calls mount(2) to implement bind-remount (mount --bind -oro)
Karel Zak [Mon, 2 Jan 2023 12:32:58 +0000 (13:32 +0100)]
Merge branch 'libblkid/topology-diskseq' of https://github.com/t-8ch/util-linux
* 'libblkid/topology-diskseq' of https://github.com/t-8ch/util-linux:
libblkid: topology: probe diskseq
libblkid: topology: allow setting of 64bit values
lib/sysfs: allow parent redirect even for non-queue files
blockdev: add support for ioctl BLKGETDISKSEQ
libblkid: topology: add test
tests: functions: allow partitions on loopdevs
Karel Zak [Mon, 2 Jan 2023 12:02:51 +0000 (13:02 +0100)]
Merge branch 'stat-parsing' of https://github.com/t-8ch/util-linux
* 'stat-parsing' of https://github.com/t-8ch/util-linux:
procfs: get_stat_nth: handle braces in process name
lib: procfs: add parsing cmd containing newline
lib: procfs: add unittests
lib: procfs: prefix support for tests
lib: procfs: fix error message during test
lib: procfs: fix typo in argument specification
lib: procfs: clarify name of procfs_process_get_data_for()
Karel Zak [Mon, 2 Jan 2023 11:23:11 +0000 (12:23 +0100)]
Merge branch 'meson-debian' of https://github.com/zeha/util-linux
* 'meson-debian' of https://github.com/zeha/util-linux:
meson: install uuidd.rc with -Dsysvinit=enabled
meson: fix pkg-config name of libaudit
meson: fix build with -Dselinux=enabled
projects / thirdparty / util-linux.git / log
