| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
This code pattern is repeated on many places, let's move it to
simple inline function.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
* add ul_restricted_path_oper() to fileutils.c
* use it as backed for canonicalize_path_restricted()
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Unfortunately, the basename() function can be affected by the
creativity of different libc authors, resulting in varying behavior
across implementations.
Instead, use a local implementation to ensure consistency and
portability.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Using sys/stat.h and linux/stat is too tricky.h together. It seems
better to rely on libc and use sys/stat.h only. Users affected
by old libc must update to use recent util-linux.
Fixes: https://github.com/util-linux/util-linux/issues/2448
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Let's ensure struct statx exists before we try to use it. Checking for
the existence of linux/stat.h is not sufficient. This is because
[uapi/]linux/stat.h has existed since Linux 3.7, however struct statx
was only introduced with Linux 4.11.
The problem arises if one happens ot be using kernel headers from within
the aforementioned range, such as Linux 4.9.
CC libmount/src/la-utils.lo
In file included from libmount/src/utils.c:31:
./include/fileutils.h:100:33: warning: declaration of 'struct statx' will not
be visible outside of this function [-Wvisibility]
unsigned int mask, struct statx *stx)
^
libmount/src/utils.c:117:16: error: variable has incomplete type 'struct statx'
struct statx stx = { 0 };
^
libmount/src/utils.c:117:10: note: forward declaration of 'struct statx'
struct statx stx = { 0 };
^
libmount/src/utils.c:125:5: error: use of undeclared identifier 'STATX_TYPE'
STATX_TYPE
^
libmount/src/utils.c:126:8: error: use of undeclared identifier 'STATX_MODE'
| STATX_MODE
^
libmount/src/utils.c:127:8: error: use of undeclared identifier 'STATX_INO'
| STATX_INO,
^
1 warning and 4 errors generated.
make[4]: *** [Makefile:11269: libmount/src/la-utils.lo] Error 1
Checking for the presence of struct statx explicitly avoids this
problem.
Signed-off-by: Markus Mayer <mmayer@broadcom.com>
|
|
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Addresses: https://github.com/util-linux/util-linux/pull/2065
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
* let's use && operator rather than if-if
* define HAVE_CLOSE_RANGE only if callback is really avalable
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Fixes: https://github.com/util-linux/util-linux/pull/2065
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
The header files are usually based on code from lib/. This commit
copies relevant license headers from lib/ to include/ to keep
things consistent. The very generic things (e.g. MBR definitions)
are always public domain.
Fixes: https://github.com/util-linux/util-linux/issues/2010
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Vladimir Sementsov-Ogievskiy wrote:
> The commit "floppy: reintroduce O_NDELAY fix" was removed from kernel,
> so we faced the bug described and discussed here:
> https://bugzilla.suse.com/show_bug.cgi?id=3D1181018
>
> Discussion in kernel list on reverting the commit:
> https://www.spinics.net/lists/stable/msg493061.html
>
> In short, I can quote Jiri Kosina's comment:
>
> opening floppy device node with O_NONBLOCK is asking for all kinds
> of trouble
>
> So opening floppy with O_NONBLOCK in blkid leads to failure of blkid,
> probable failure of mount and unpleasant error messages in dmesg (see
> also patch 02 for details).
Based on patch from Vladimir.
CC: Jiri Kosina <jkosina@suse.cz>
Reported-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Tested-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Some platforms do not provide sys/syscall.h. The configure script already
checks for the existance of the file. Include sys/syscall.h only in case
HAVE_SYS_SYSCALL_H has been set.
|
|
Let's make it more robust for old kernels where is no close_range() or
in cases when it's unsuccessful.
Reported-by: Florian Weimer <fweimer@redhat.com>
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
This new syscall comes with three arguments (see kernel commit
278a5fbaed89dacd04e9d052f4594ffd0e0585de). Not sure why util-linux
assume only two.
Addresses: https://bugzilla.redhat.com/show_bug.cgi?id=1981729
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Signed-off-by: Masatake YAMATO <yamato@redhat.com>
|
|
The names are too generic and it makes problems in static libraries.
Addresses: https://gitlab.com/cryptsetup/cryptsetup/-/issues/623
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
The util-linux close_all_fds() serves the same purpose as close_range()
that will over time obsolete local implementation completely. For
upcoming few years it is best to have a fallback that uses same input
arguments as the new system call. That allows surrounding code and
variables not to be affected by version of mass file descriptor closing
function.
Proposed-by: Karel Zak <kzak@redhat.com>
Reference: https://github.com/karelzak/util-linux/pull/1205#discussion_r534080128
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
|
This system call was added while back, but does not have glibc support yet.
Lets try to use the new facility early on. The promise in reference link is
that the new call is faster, and works when /proc is not mounted.
Reference: https://lwn.net/Articles/789000/
Reference: https://lwn.net/Articles/789023/
Reference: https://kernelnewbies.org/LinuxChanges#Linux_5.9.New_close_range.28.29_system_call_for_easier_closing_of_file_descriptors
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
|
Suggested-by: Sami Kerola <kerolasa@iki.fi>
Signed-off-by: Egor Chelak <egor.chelak@gmail.com>
|
|
Also, a bug in pw_tmpfile was fixed: copyfile used tmp_file to report
errors, but pw_tmpfile only assigned that variable _after_ calling
copyfile.
Suggested-by: Sami Kerola <kerolasa@iki.fi>
Reviewed-by: Sami Kerola <kerolasa@iki.fi>
Signed-off-by: Egor Chelak <egor.chelak@gmail.com>
|
|
The classic way which is based on file-descriptors table size is
pretty expensive (due to table size) and forces code to do many
unnecessary close() calls. It seems better to use /proc/self/fds and
close used descriptors only.
Addresses: https://github.com/karelzak/util-linux/issues/883
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Remove duplicate code and keep only one implementation in
include/fileutils.h.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Signed-off-by: Ruediger Meier <ruediger.meier@ga-group.nl>
|
|
Signed-off-by: Ruediger Meier <ruediger.meier@ga-group.nl>
|
|
It's missing on OSX.
CC: Yuriy M. Kaminskiy <yumkam@gmail.com>
Signed-off-by: Ruediger Meier <ruediger.meier@ga-group.nl>
|
|
Check if a file descriptor and path or stat structure are represent the same
file. This function is needed for TACTOU avoidance.
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
|
The utils when compiled WITHOUT libuser then mkostemp()ing
"/etc/%s.XXXXXX" where the filename prefix is argv[0] basename.
An attacker could repeatedly execute the util with modified argv[0]
and after many many attempts mkostemp() may generate suffix which
makes sense. The result maybe temporary file with name like rc.status
ld.so.preload or krb5.keytab, etc.
Note that distros usually use libuser based ch{sh,fn} or stuff from
shadow-utils.
It's probably very minor security bug.
Addresses: CVE-2015-5224
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
This function duplicates and marks a file descriptor as close-on-exec.
Takes care of build and run-time support for the fcntl F_DUPFD_CLOEXEC
command, and other errors.
Signed-off-by: Guillem Jover <guillem@hadrons.org>
|
|
It's usually enough to us [e]poll() to monitor kernel mount table, but
there is no way how to monitor changes in userspace mount options
(e.g. _netdev). The management of these mount options is completely
hidden in libmount and /rub/mount/utab is private libmount file.
This patch introduces new libmnt_mount API to monitor also userspace
mount table.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
We can not let the user control where TMPDIR is for this tempfile.
This will be where we write the updated passwd file, and must be
capable of being moved atomically with rename(2). Therefore, it
cannot be on a different device, or setpwnam() and vipw/vigr programs
will invariably fail with EXDEV.
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
|
as a fallback for the function getdtablesize()
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Let developer to choose, case by case, what sort of return value is
best in her code. The xmkstemp() is for users who want file
descriptor as return value of the function, xfmkstemp() will return
FILE pointer.
Proposed-By: Karel Zak <kzak@redhat.com>
CC: Davidlohr Bueso <dave@gnu.org>
Reference: http://marc.info/?l=util-linux-ng&m=133129570124003&w=2
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
|
The fileutils contains xmkstemp function will create temporary file
safe and reusable manner.
Reference: http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO.html#TEMPORARY-FILES
CC: Davidlohr Bueso <dave@gnu.org>
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
