It defined its own xgetlogin, which queried geteuid() instead of getuid(),
with a fallback to "<someone>" when lookup fails. This has been the case
since the function was introduced in 019b97024fde3f07eaf541eef990762483369a11, so geteuid() has always been
used. Since using geteuid for identification isn't consistent with the
rest of util-linux, switching to xgetlogin(), which uses getuid(),
should be correct.
getlogin(3) shouldn't be used for identification here. This also removes
the bug where a missing entry for getuid() in passwd database wouldn't
print a warning, because whom would be set to "???".
For consistency, switch to "<someone>" when pw look up fails.
Per the man page, it shouldn't be used for security purposes. This is an
issue especially on musl, where getlogin is implemented as
getenv("LOGNAME"). Since xgetlogin is being used as user identity in su(1), to
set PAM_RUSER, we simply switch to always using getpwuid(getuid()).
Karel Zak [Thu, 29 Jul 2021 18:37:32 +0000 (20:37 +0200)]
libmount: don't use setgroups at all()
It's probably good idea to call setgroups() to cleanup groups,
but it introduces a regression as some mount helpers depend on
supplementary groups like "network" etc.
Fixes: https://github.com/karelzak/util-linux/issues/1398 Signed-off-by: Karel Zak <kzak@redhat.com>
Karel Zak [Tue, 27 Jul 2021 09:10:53 +0000 (11:10 +0200)]
libfdisk: (dos) don't ignore MBR+FAT use-case
Since libblkid commit 751eca28fcfa1e325770904d7181b22e48c72b29 it does
not ignore FAT on whole-disks, so now libfdisk sees collision between
FAT and MBR. It's fine to report the collision to users, but we should
not ignore the MBR.
Thomas Abraham [Thu, 22 Jul 2021 19:43:13 +0000 (15:43 -0400)]
blockdev: allow for larger values for start sector
commit 9147d2ad8a ("blockdev: Don't fail on missing start sector") limits
the size of the start sector to 10 digits.
Multi-terrabyte devices can have partitions with a start sector larger than
10 digits, which will cause an sprintf() to abort due to overflowing the buffer.
Karel Zak [Thu, 22 Jul 2021 09:03:54 +0000 (11:03 +0200)]
lslogins: use sd_journal_get_data() in proper way
man sd_journal_get_data:
The returned data is in a read-only memory map and is only valid until the next invocation
of sd_journal_get_data().
It means that use data after 3x sd_journal_get_data() is really bad
idea. It also seems better to not assume the fields are zero
terminated as journal API works with void* and size_t to address the
data.
Addresses: https://bugzilla.redhat.com/show_bug.cgi?id=1984704 Signed-off-by: Karel Zak <kzak@redhat.com>
fdisk: move reorder diag messages to fdisk_reorder_partitions()
The function fdisk_reorder_partitions() is also used in sfdisk and cfdisk
and these commands assume info/warn messages from the library. So move all
messages from fdisk to fdisk_reorder_partitions().
verity: fix verity.roothashsig only working as last parameter
Parsing of verity.roothashsig did not take into consideration that other options
might follow, and used the whole string as a file path. But mnt_optstr_get_option
just returns a pointer in the mount option string, it doesn't extract it, so it
would have other subsequent options too. The length parameter has to be used.
FAT32 can be formatted with boot sign 0x28 to indicate that only serial id
is present or with boot sign 0x29 which indicates that both boot label and
serial id is present.
libblkid: vfat: Fix reading FAT16 boot label and serial id
Older FAT16 variants do not have to contain boot label or serial id. Boot
sign 0x28 indicates that only serial id is present and boot sign 0x29
indicates that both boot label and serial id is present. Other boot sign
values (e.g. zero) indicates older FAT16 variant without boot label and
boot sign.
dlopen is treated as a dependency, but that's not quite right, it
should be an alternative way to link to libcryptsetup.
Search for it only if cryptsetup is not disabled, and if the cryptsetup-dlopen
is explicitly set to enabled. If it is, do not link to libcryptsetup.
Add cryptsetup support status to the meson summary.
It should set HAVE_CRYPT_ACTIVATE_BY_SIGNED_KEY, rather than HAVE_CRYPTSETUP
which enables the verity features, as it needs to detect the availability of
the crypt_activate_by_signed_key API
Ross Burton [Thu, 1 Jul 2021 19:44:31 +0000 (20:44 +0100)]
test/eject: guard asan LD_PRELOAD with use-system-commands check
This test tries to add asan to LD_PRELOAD because the just-built eject
will call the host /bin/umount, and apparently asan doesn't like this.
However, if ldd isn't present, this fails as the path to asan is the
error message saying that ldd isn't present.
As the asan workaround is only needed when executing the binaries that
have just been built and not the system binaries, only use it if the
test is on the built binaries.
Ross Burton [Tue, 29 Jun 2021 15:34:20 +0000 (16:34 +0100)]
tests: don't hardcode /bin/kill in the kill tests
If the 'kill' test is executed with --use-system-commands, it calls
/bin/kill to avoid the shell's own kill command being invoked.
However, this doesn't work if the kill we want to test isn't in fact in
/bin. Instead, use $(which kill) to find a kill on the PATH and call
that directly.
Karel Zak [Wed, 23 Jun 2021 09:37:31 +0000 (11:37 +0200)]
more: fix null-pointer dereference
The command allows executing arbitrary shell commands while viewing a file by
entering '!' followed by the command. Entering a command that contains a '%',
'!', or '\' causes a segmentation violation.
The same more(1) function has a problem when not file is specified (cat
/etc/passwd | more) on command line.
Addresses: https://bugzilla.redhat.com/show_bug.cgi?id=1975153 Signed-off-by: Karel Zak <kzak@redhat.com>
The exclusivity between the {fscontext, defcontext} and context options
was removed in kernel 2.6.25[1]. No specific verification on these
options is done in mount(8)[2].
Tj [Thu, 17 Jun 2021 12:13:22 +0000 (13:13 +0100)]
mount: man-page; add all overlayfs options
The section in man (8) mount for overlay is missing nine options which
aren't documented elsewhere either and are useful features to be aware
of and use.
Alex Xu [Wed, 16 Jun 2021 13:58:25 +0000 (13:58 +0000)]
build-sys: Update configure.ac
1. the test incorrectly used AC_COMPILE_IFELSE instead of
AC_LINK_IFELSE, defeating the purpose of checking -lcrypt.
2. the test did not properly restore LIBS, causing later checks to all
fail if libcrypt wasn't found.
3. HAVE_LIBCRYPT only controls whether to use -lcrypt, it is not
needed or used in any source files.
[kzak@redhat.com: - improve commit message
- use UL_{SET,RESTORE}_FLAGS() rather than directly
modify $LIBS]
projects / thirdparty / util-linux.git / log
