|
|
531551 |
From 945d26162e639fd9ae3a774f1debaaa9511c7919 Mon Sep 17 00:00:00 2001
|
|
|
531551 |
From: Karel Zak <kzak@redhat.com>
|
|
|
531551 |
Date: Wed, 8 Nov 2017 16:47:40 +0100
|
|
|
531551 |
Subject: [PATCH] libmount: fix access() utab write test
|
|
|
531551 |
|
|
|
531551 |
The commit c08396c7691e1e6a04b6b45892e7e4612ceed8d7 replaces
|
|
|
531551 |
open(O_CREATE) with ecaccess(). Unfortunately, another code depends on
|
|
|
531551 |
the original behavior.
|
|
|
531551 |
|
|
|
531551 |
* let's make utab when really necessary rather than in the try_write() test
|
|
|
531551 |
|
|
|
531551 |
* __mnt_new_table_from_file() returns NULL if tab-file does not
|
|
|
531551 |
exists. This is incorrect for tab_update.c stuff. We need empty table
|
|
|
531551 |
in this case.
|
|
|
531551 |
|
|
|
531551 |
* we can check /run/mount/ directory for write access if
|
|
|
531551 |
eaccess(filename) return ENOENT (because file does not exist)
|
|
|
531551 |
|
|
|
531551 |
Addresses: https://bugzilla.redhat.com/show_bug.cgi?id=1499760
|
|
|
531551 |
Upstream: http://github.com/karelzak/util-linux/commit/06ff935ec3ad2290025b555ff32b590680af565f
|
|
|
531551 |
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
531551 |
---
|
|
|
531551 |
libmount/src/mountP.h | 2 +-
|
|
|
531551 |
libmount/src/tab_parse.c | 11 +++++++----
|
|
|
531551 |
libmount/src/tab_update.c | 9 +++++----
|
|
|
531551 |
libmount/src/utils.c | 42 +++++++++++++++++++++++++++++++-----------
|
|
|
531551 |
4 files changed, 44 insertions(+), 20 deletions(-)
|
|
|
531551 |
|
|
|
531551 |
diff --git a/libmount/src/mountP.h b/libmount/src/mountP.h
|
|
|
531551 |
index 6cabcedeb..8b3f92e17 100644
|
|
|
531551 |
--- a/libmount/src/mountP.h
|
|
|
531551 |
+++ b/libmount/src/mountP.h
|
|
|
531551 |
@@ -278,7 +278,7 @@ struct libmnt_table {
|
|
|
531551 |
struct list_head ents; /* list of entries (libmnt_fs) */
|
|
|
531551 |
};
|
|
|
531551 |
|
|
|
531551 |
-extern struct libmnt_table *__mnt_new_table_from_file(const char *filename, int fmt);
|
|
|
531551 |
+extern struct libmnt_table *__mnt_new_table_from_file(const char *filename, int fmt, int empty_for_enoent);
|
|
|
531551 |
|
|
|
531551 |
/*
|
|
|
531551 |
* Tab file format
|
|
|
531551 |
diff --git a/libmount/src/tab_parse.c b/libmount/src/tab_parse.c
|
|
|
531551 |
index 987e671fa..c629c67ad 100644
|
|
|
531551 |
--- a/libmount/src/tab_parse.c
|
|
|
531551 |
+++ b/libmount/src/tab_parse.c
|
|
|
531551 |
@@ -714,7 +714,7 @@ int mnt_table_parse_dir(struct libmnt_table *tb, const char *dirname)
|
|
|
531551 |
return __mnt_table_parse_dir(tb, dirname);
|
|
|
531551 |
}
|
|
|
531551 |
|
|
|
531551 |
-struct libmnt_table *__mnt_new_table_from_file(const char *filename, int fmt)
|
|
|
531551 |
+struct libmnt_table *__mnt_new_table_from_file(const char *filename, int fmt, int empty_for_enoent)
|
|
|
531551 |
{
|
|
|
531551 |
struct libmnt_table *tb;
|
|
|
531551 |
struct stat st;
|
|
|
531551 |
@@ -723,7 +723,8 @@ struct libmnt_table *__mnt_new_table_from_file(const char *filename, int fmt)
|
|
|
531551 |
if (!filename)
|
|
|
531551 |
return NULL;
|
|
|
531551 |
if (stat(filename, &st))
|
|
|
531551 |
- return NULL;
|
|
|
531551 |
+ return empty_for_enoent ? mnt_new_table() : NULL;
|
|
|
531551 |
+
|
|
|
531551 |
tb = mnt_new_table();
|
|
|
531551 |
if (tb) {
|
|
|
531551 |
tb->fmt = fmt;
|
|
|
531551 |
@@ -748,8 +749,10 @@ struct libmnt_table *__mnt_new_table_from_file(const char *filename, int fmt)
|
|
|
531551 |
*/
|
|
|
531551 |
struct libmnt_table *mnt_new_table_from_file(const char *filename)
|
|
|
531551 |
{
|
|
|
531551 |
- assert(filename);
|
|
|
531551 |
- return __mnt_new_table_from_file(filename, MNT_FMT_GUESS);
|
|
|
531551 |
+ if (!filename)
|
|
|
531551 |
+ return NULL;
|
|
|
531551 |
+
|
|
|
531551 |
+ return __mnt_new_table_from_file(filename, MNT_FMT_GUESS, 0);
|
|
|
531551 |
}
|
|
|
531551 |
|
|
|
531551 |
/**
|
|
|
531551 |
diff --git a/libmount/src/tab_update.c b/libmount/src/tab_update.c
|
|
|
531551 |
index 1e7f32be0..5f503cad7 100644
|
|
|
531551 |
--- a/libmount/src/tab_update.c
|
|
|
531551 |
+++ b/libmount/src/tab_update.c
|
|
|
531551 |
@@ -567,6 +567,7 @@ leave:
|
|
|
531551 |
|
|
|
531551 |
unlink(uq); /* be paranoid */
|
|
|
531551 |
free(uq);
|
|
|
531551 |
+ DBG(UPDATE, mnt_debug_h(upd, "%s: done [rc=%d]", upd->filename, rc));
|
|
|
531551 |
return rc;
|
|
|
531551 |
}
|
|
|
531551 |
|
|
|
531551 |
@@ -600,7 +601,7 @@ static int update_add_entry(struct libmnt_update *upd, struct libmnt_lock *lc)
|
|
|
531551 |
return rc;
|
|
|
531551 |
|
|
|
531551 |
tb = __mnt_new_table_from_file(upd->filename,
|
|
|
531551 |
- upd->userspace_only ? MNT_FMT_UTAB : MNT_FMT_MTAB);
|
|
|
531551 |
+ upd->userspace_only ? MNT_FMT_UTAB : MNT_FMT_MTAB, 1);
|
|
|
531551 |
if (tb)
|
|
|
531551 |
rc = add_file_entry(tb, upd);
|
|
|
531551 |
if (lc)
|
|
|
531551 |
@@ -626,7 +627,7 @@ static int update_remove_entry(struct libmnt_update *upd, struct libmnt_lock *lc
|
|
|
531551 |
return rc;
|
|
|
531551 |
|
|
|
531551 |
tb = __mnt_new_table_from_file(upd->filename,
|
|
|
531551 |
- upd->userspace_only ? MNT_FMT_UTAB : MNT_FMT_MTAB);
|
|
|
531551 |
+ upd->userspace_only ? MNT_FMT_UTAB : MNT_FMT_MTAB, 1);
|
|
|
531551 |
if (tb) {
|
|
|
531551 |
struct libmnt_fs *rem = mnt_table_find_target(tb, upd->target, MNT_ITER_BACKWARD);
|
|
|
531551 |
if (rem) {
|
|
|
531551 |
@@ -656,7 +657,7 @@ static int update_modify_target(struct libmnt_update *upd, struct libmnt_lock *l
|
|
|
531551 |
return rc;
|
|
|
531551 |
|
|
|
531551 |
tb = __mnt_new_table_from_file(upd->filename,
|
|
|
531551 |
- upd->userspace_only ? MNT_FMT_UTAB : MNT_FMT_MTAB);
|
|
|
531551 |
+ upd->userspace_only ? MNT_FMT_UTAB : MNT_FMT_MTAB, 1);
|
|
|
531551 |
if (tb) {
|
|
|
531551 |
struct libmnt_fs *cur = mnt_table_find_target(tb,
|
|
|
531551 |
mnt_fs_get_srcpath(upd->fs), MNT_ITER_BACKWARD);
|
|
|
531551 |
@@ -693,7 +694,7 @@ static int update_modify_options(struct libmnt_update *upd, struct libmnt_lock *
|
|
|
531551 |
return rc;
|
|
|
531551 |
|
|
|
531551 |
tb = __mnt_new_table_from_file(upd->filename,
|
|
|
531551 |
- upd->userspace_only ? MNT_FMT_UTAB : MNT_FMT_MTAB);
|
|
|
531551 |
+ upd->userspace_only ? MNT_FMT_UTAB : MNT_FMT_MTAB, 1);
|
|
|
531551 |
if (tb) {
|
|
|
531551 |
struct libmnt_fs *cur = mnt_table_find_target(tb,
|
|
|
531551 |
mnt_fs_get_target(fs),
|
|
|
531551 |
diff --git a/libmount/src/utils.c b/libmount/src/utils.c
|
|
|
531551 |
index a275d0a0e..fa33bd9a1 100644
|
|
|
531551 |
--- a/libmount/src/utils.c
|
|
|
531551 |
+++ b/libmount/src/utils.c
|
|
|
531551 |
@@ -651,18 +651,37 @@ done:
|
|
|
531551 |
return rc;
|
|
|
531551 |
}
|
|
|
531551 |
|
|
|
531551 |
-static int try_write(const char *filename)
|
|
|
531551 |
+static int try_write(const char *filename, const char *directory)
|
|
|
531551 |
{
|
|
|
531551 |
int rc = 0;
|
|
|
531551 |
|
|
|
531551 |
if (!filename)
|
|
|
531551 |
return -EINVAL;
|
|
|
531551 |
|
|
|
531551 |
+ DBG(UTILS, mnt_debug("try write %s dir: %s", filename, directory));
|
|
|
531551 |
+
|
|
|
531551 |
#ifdef HAVE_EACCESS
|
|
|
531551 |
- if (eaccess(filename, R_OK|W_OK) != 0)
|
|
|
531551 |
- rc = -errno;
|
|
|
531551 |
-#else
|
|
|
531551 |
+ /* Try eaccess() first, because open() is overkill, may be monitored by
|
|
|
531551 |
+ * audit and we don't want to fill logs by our checks...
|
|
|
531551 |
+ */
|
|
|
531551 |
+ if (eaccess(filename, R_OK|W_OK) == 0) {
|
|
|
531551 |
+ DBG(UTILS, mnt_debug(" access OK"));
|
|
|
531551 |
+ return 0;
|
|
|
531551 |
+ } else if (errno != ENOENT) {
|
|
|
531551 |
+ DBG(UTILS, mnt_debug(" access FAILED"));
|
|
|
531551 |
+ return -errno;
|
|
|
531551 |
+ } else if (directory) {
|
|
|
531551 |
+ /* file does not exist; try if directory is writable */
|
|
|
531551 |
+ if (eaccess(directory, R_OK|W_OK) != 0)
|
|
|
531551 |
+ rc = -errno;
|
|
|
531551 |
+
|
|
|
531551 |
+ DBG(UTILS, mnt_debug(" access %s [%s]", rc ? "FAILED" : "OK", directory));
|
|
|
531551 |
+ return rc;
|
|
|
531551 |
+ } else
|
|
|
531551 |
+#endif
|
|
|
531551 |
{
|
|
|
531551 |
+ DBG(UTILS, mnt_debug(" doing open-write test"));
|
|
|
531551 |
+
|
|
|
531551 |
int fd = open(filename, O_RDWR|O_CREAT|O_CLOEXEC,
|
|
|
531551 |
S_IWUSR|S_IRUSR|S_IRGRP|S_IROTH);
|
|
|
531551 |
if (fd < 0)
|
|
|
531551 |
@@ -670,7 +689,6 @@ static int try_write(const char *filename)
|
|
|
531551 |
else
|
|
|
531551 |
close(fd);
|
|
|
531551 |
}
|
|
|
531551 |
-#endif
|
|
|
531551 |
return rc;
|
|
|
531551 |
}
|
|
|
531551 |
|
|
|
531551 |
@@ -704,7 +722,7 @@ int mnt_has_regular_mtab(const char **mtab, int *writable)
|
|
|
531551 |
/* file exist */
|
|
|
531551 |
if (S_ISREG(st.st_mode)) {
|
|
|
531551 |
if (writable)
|
|
|
531551 |
- *writable = !try_write(filename);
|
|
|
531551 |
+ *writable = !try_write(filename, NULL);
|
|
|
531551 |
return 1;
|
|
|
531551 |
}
|
|
|
531551 |
goto done;
|
|
|
531551 |
@@ -712,7 +730,7 @@ int mnt_has_regular_mtab(const char **mtab, int *writable)
|
|
|
531551 |
|
|
|
531551 |
/* try to create the file */
|
|
|
531551 |
if (writable) {
|
|
|
531551 |
- *writable = !try_write(filename);
|
|
|
531551 |
+ *writable = !try_write(filename, NULL);
|
|
|
531551 |
if (*writable)
|
|
|
531551 |
return 1;
|
|
|
531551 |
}
|
|
|
531551 |
@@ -750,7 +768,7 @@ int mnt_has_regular_utab(const char **utab, int *writable)
|
|
|
531551 |
/* file exist */
|
|
|
531551 |
if (S_ISREG(st.st_mode)) {
|
|
|
531551 |
if (writable)
|
|
|
531551 |
- *writable = !try_write(filename);
|
|
|
531551 |
+ *writable = !try_write(filename, NULL);
|
|
|
531551 |
return 1;
|
|
|
531551 |
}
|
|
|
531551 |
goto done; /* it's not regular file */
|
|
|
531551 |
@@ -767,11 +785,13 @@ int mnt_has_regular_utab(const char **utab, int *writable)
|
|
|
531551 |
rc = mkdir(dirname, S_IWUSR|
|
|
|
531551 |
S_IRUSR|S_IRGRP|S_IROTH|
|
|
|
531551 |
S_IXUSR|S_IXGRP|S_IXOTH);
|
|
|
531551 |
- free(dirname);
|
|
|
531551 |
- if (rc && errno != EEXIST)
|
|
|
531551 |
+ if (rc && errno != EEXIST) {
|
|
|
531551 |
+ free(dirname);
|
|
|
531551 |
goto done; /* probably EACCES */
|
|
|
531551 |
+ }
|
|
|
531551 |
|
|
|
531551 |
- *writable = !try_write(filename);
|
|
|
531551 |
+ *writable = !try_write(filename, dirname);
|
|
|
531551 |
+ free(dirname);
|
|
|
531551 |
if (*writable)
|
|
|
531551 |
return 1;
|
|
|
531551 |
}
|
|
|
531551 |
--
|
|
|
531551 |
2.13.6
|
|
|
531551 |
|