| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Fix const qualifier discarded warning in mnt_parse_mountinfo_line().
This warning is reported by gcc 15 which defaults to the C23 standard.
The strstr() function returns a pointer into a const string, so
introduce a separate 'sep' variable to hold this const pointer,
keeping 'p' for non-const unmangle() results that need to be freed.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Fix const qualifier discarded warnings in optlist_add_flags(),
mnt_opt_value_with(), and mnt_optstr_apply_flags() functions.
These warnings are reported by gcc 15 which defaults to the C23 standard.
The strchr() and strstr() functions return pointers into const strings,
so the receiving variables must be declared as const char *.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
The noun is "setup" while the verb is "set up".
|
|
If a helper function was executed to unmount, we simply return
without any user feedback. That can unintentionally surpress
verbose messages (`--verbose`) for non-root users who use udisks2
to mount filesystems, and unmount via the unmount.udisks2 helper.
It would be better to check the helper return status as well for
completeness and a more reliable way to test the success of the
unmount operation.
mnt_context_get_helper_status() is only called if the helper was
executed, i.e. mnt_context_helper_executed == 1, anything else
wouldnt make sense anyways.
Addresses: #3790
Signed-off-by: Christian Goeschel Ndjomouo <cgoesc2@wgu.edu>
|
|
Signed-off-by: Wu Guanghao <wuguanghao3@huawei.com>
|
|
The new kernel API returns EINVAL on FSCONFIG_CMD_CREATE if the mount
source is inaccessible. We do not want to report this as an error when
the "nofail" mount option is specified.
Note that EINVAL may also be returned by other fsconfig() settings, so
we need to check whether a source is specified and whether it is really
inaccessible. This is just a heuristic (as with the old mount(2)).
Fixes: https://github.com/util-linux/util-linux/issues/3741
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Fixes: https://github.com/util-linux/util-linux/issues/2604
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
This function returns a unique filesystem ID to the caller.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
* add mnt_monitor_enable_fanotify() to add the new monitor
* add MNT_MONITOR_TYPE_FANOTIFY to identify events
* add new monitor to the test
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
There will be more kernel monitors in the future. Ensure the API is
easy to understand.
* Rename MNT_MONITOR_TYPE_KERNEL to MNT_MONITOR_TYPE_MOUNTINFO
* Rename mnt_monitor_enable_kernel() to mnt_monitor_enable_mountinfo()
The change is backward compatible; the old names are still usable.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
There will be more kernel monitors in the future. It's better to use
names specific to the monitoring method rather than the generic
"kernel."
This commit renames only internal components.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Let's use these simple functions to report what the last operation or
status detected by the library means to the filesystem. It will be
used by the fanotify monitor as well.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Also, monitor for "rm -rf /run/mount" to reinitialize the monitor.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Don't repeat no-op inotify_add_watch() calls. This happens when we
monitor the /run[/mount] directory before the utab.event file exists.
The old version just tries to create a watch and ignores ENOENT
errors. It seems better to remember the path of the last created watch
and not repeat it.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Let's use usual concept (<0 error; 0 success; 1 nothing).
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
The epoll_wait() and op_process_event() are called in two places. Move
the code to read_epoll_events() and process everything in one place
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
In future changes, we need to process active monitor entries in entry
type-specific code to return data from events.
This requires a slight change in the function's logic, so it makes
sense to rename the function according to the new logic, meaning
changes --> active, verify --> process.
The patch also replaces bit fields with booleans.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
This is necessary to support multiple monitors of the same type.
Currently, only one monitor per type is supported.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
* Add API functions mnt_context_enable_exclusive() and mnt_context_is_exclusive()
* Use the new flag when creating the superblock
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Addresses: https://github.com/util-linux/util-linux/issues/3626
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Addresses: https://github.com/util-linux/util-linux/issues/3626
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Addresses: https://github.com/util-linux/util-linux/issues/3626
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
The functions are originally from systemd/udev, so it's possible that
during static linking, they may collide with other systemd-based
components.
Fixes: https://github.com/util-linux/util-linux/issues/3626
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
It's bad idea to try update /run/mount/utab when moving any directory
in way to the file (like /run).
It's also unnecessary to prepare any updates if the utab file is
empty. This is already done for umount, and we can use it for mount
move as well.
Fixes: https://github.com/util-linux/util-linux/issues/3619
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Change the returned filesystem type from 'ntfs' to 'ntfs3', to match
what the kernel/fs/ntfs3 driver calls register_filesystem on [1][2].
This same driver also registers itself as 'ntfs', but then runs in a
"legacy" mode [3] which forces the mount to stay RO.
Link: [1]: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/fs/ntfs3/super.c?h=v6.12#n1794
Link: [2]: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/fs/ntfs3/super.c?h=v6.12#n1874
Link: [3]: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/fs/ntfs3/super.c?h=v6.12#n412
Signed-off-by: Johannes Schneider <johannes.schneider@leica-geosystems.com>
|
|
This brings the license specifier into the internet age.
Signed-off-by: Benno Schulenberg <bensberg@telfort.nl>
|
|
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
libmount/src/hook_veritydev.c: In function 'setup_veritydev':
libmount/src/hook_veritydev.c:457:13: warning: '%s' directive argument is null [-Wformat-overflow=]
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Fixes: https://github.com/util-linux/util-linux/issues/3592
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Let's enhance portability and readability slightly.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
PR/AT_SECURE
* 'at_secure' of https://github.com/MaxKellermann/util-linux:
lib/env, ...: use getauxval(AT_SECURE) for SUID check
|
|
Comparing effective and real uid/gid is not a proper way to check for
SUID execution:
1. this does not consider file capabilities
2. this check breaks when NO_NEW_PRIVS is used as the Linux kernel
resets effective ids during execve(); this means the check is
false, but the process still has raised capabilities
For more details about the NO_NEW_PRIVS problem, check this post and
the surrounding thread:
https://lore.kernel.org/lkml/20250509184105.840928-1-max.kellermann@ionos.com/
Signed-off-by: Max Kellermann <max.kellermann@ionos.com>
|
|
Follow-up: 8a69fa852dd5f41f8456756d18bfac6d8208219f https://github.com/util-linux/util-linux/pull/3541
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
This is primarily to satisfy static analyzers, as memset() is defined
as a non-null function (although it does nothing when bufsiz=0).
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
* Rename the raw version of the syscall from ul_statmount() to
ul_statmount_syscall().
* Rename `sys_statmount()` to `ul_statmount()`. The goal is to use the
same naming convention as `ul_listmount()` for a function that is
expected to be called from code.
* Move ul_statmount() to be in the same #ifdef block as the rest of
the statmount code in the header file.
* Add has_statmount() to make it easy to verify the usability of the
statmount syscall.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
The latest kernel can open a directory as a tree (open_tree()) on a
detached mount tree. This means we do not need to unshare and
attach the root of the filesystem to a private temporary directory. All
this machinery can be replaced by one open_tree() call.
Old version:
fsopen("ext4", FSOPEN_CLOEXEC) = 3
unshare(CLONE_NEWNS) = 0
fsconfig(3, FSCONFIG_SET_STRING, "source", "/dev/sdc", 0) = 0
fsconfig(3, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = 0
fsmount(3, FSMOUNT_CLOEXEC, 0) = 6
move_mount(6, "", AT_FDCWD, "/run/mount/tmptgt", MOVE_MOUNT_F_EMPTY_PATH) = 0
open_tree(6, "subdir", OPEN_TREE_CLONE|OPEN_TREE_CLOEXEC) = 7
setns(4, CLONE_NEWNS) = 0
move_mount(7, "", AT_FDCWD, "/mnt/test", MOVE_MOUNT_F_EMPTY_PATH) = 0
setns(5, CLONE_NEWNS) = 0
umount2("/run/mount/tmptgt", 0) = 0
setns(4, CLONE_NEWNS) = 0
New version:
fsopen("ext4", FSOPEN_CLOEXEC) = 3
fsconfig(3, FSCONFIG_SET_STRING, "source", "/dev/sda", 0) = 0
fsconfig(3, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = 0
fsmount(3, FSMOUNT_CLOEXEC, 0) = 4
open_tree(4, "subdir", OPEN_TREE_CLONE|OPEN_TREE_CLOEXEC|AT_SYMLINK_NOFOLLOW|AT_NO_AUTOMOUNT|AT_RECURSIVE
move_mount(5, "", AT_FDCWD, "/mnt/test", MOVE_MOUNT_F_EMPTY_PATH) = 0
Note that this commit does not completely deactivate hook_subdir.c
because it is better to keep things in one place. It only adds a "subdir"
to the struct libmnt_sysapi to force hook_mount.c to call open_tree(subdir),
but all the logic and checks are still in hook_subdir.c.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
It's now possible to use, for example, for bind operations, but it
does not make sense as you can specify the target with the
subdirectory.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
The optlist already handles quoted values, so there's no need to do it
in the callers.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
C23[1] and CPP17[2] introduced the 'fallthrough' attribute to let the
compiler know that we're intentionally falling through a case statement.
This suppress a warning with new compilers when doing an implicit fallthrough.
[1] https://en.cppreference.com/w/c/language/attributes/fallthrough
[2] https://en.cppreference.com/w/cpp/language/attributes/fallthrough
|
|
Use cctype.h for locale-independent string comparison and to avoid
tricky string conversions like in tr_TR locales.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Fixes: https://github.com/util-linux/util-linux/issues/3474
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
[coverity scan]
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
* read mount source by statmount() 9requires kernel >=6.14
* add new STATMOUNT_* masks
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
When executed as root, libmount replaces the "owner" and "group" mount
options with "nosuid, nodev, ..." However, this can result in an
"invalid argument" error because libmount removes the unwanted options
first and then tries to address the location for the new options using
the already removed options. To fix this, we need to reverse the order
of operations.
Reported-by: hxinzhe <hxinzhe1024@163.com>
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Addresses: 8ab1890df4481ddabfa34a8c7fbed09fdd818eba
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
* remove dead code in mnt_fs_fetch_statmount()
* fix use-after-free in table_init_listmount()
* return from lsmnt_to_table() if list not defined
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
* save failed syscall status
* allow to read messages from kernel
* add proper error messages if kernel is silent
OLD:
mount: /foo: mount failed: Unknown error 5013.
NEW:
mount: /foo: mount_setattr() failed: cannot set ID-mapping: Operation not permitted.
Addresses: https://github.com/util-linux/util-linux/issues/3373
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Add a more generic function for reading messages from a file
descriptor. The new mount API is already used in multiple files.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
The current version is too long.
OLD:
mount: /mnt/test/fileA: mount_setattr system call failed: cannot set ID-mapping: Operation not permitted.
NEW:
mount: /mnt/test/fileA: mount_setattr() failed: cannot set ID-mapping: Operation not permitted.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Fixes output of findmnt --real (opensuse#1234736).
Reported-by: Stephan Wefing <wefing@gmx.de>
Co-authored-by: Anthony Iliopoulos <ailiopoulos@suse.com>
Signed-off-by: Stanislav Brabec <sbrabec@suse.cz>
|
|
This fixes non-Linux builds, by:
- making sfdisk discard option conditioned by availability of BLKDISCARD
- defining and using blkid_probe_get_buffer only if O_DIRECT is
available
- always building src/fs_statmount.c and src/tab_listmount.c, they
already contain proper conditions to make them void if support is not
available.
Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
|
|
The change is not backwardly compatible, see https://github.com/util-linux/util-linux/issues/3355
This reverts commit 2d680b72ac61644e4ba177e6569d8ca13580c248.
|
|
https://github.com/karelzak/util-linux-work
* 'PR/libmount-statmount' of https://github.com/karelzak/util-linux-work: (40 commits)
libmount: map unsupported LISTMOUNT_REVERSE to ENOSYS
findmnt: add --id and --uniq-id options
findmnt: improve --help output
findmnt: improve reliability of match testing
libmount: add mnt_table_find_[uniq]_id() function
findmnt: add UNIQ-ID column
findmnt: add docs for --kernel
tests: add findmnt --kernel=listmount
libmount: fix mnt_fs_match_target()
libmount: improve fs->stmnt_done mask use
libmount: improve how library generates fs->optstr
findmnt: add --kernel=listmount
findmnt: add optional argument to --kernel
meson: fix after rebase
libmount: remove unnecessary include
test_sysinfo; fix fsopen() ifdef
libmount: Add integer type headers to private header file
libmount: use __unused__ for dummy get_mnt_id()
libmount: update tests
include/mount-api-utils: fix typo
...
|
|
Previously, libmount only read error messages from fsopen() file
descriptor. This commit improves the library to read all messages
and keep them in their original format ("<type> <mesg>") in the library mount context.
Applications can now read all messages by using mnt_context_get_mesgs().
Furthermore, private functions have been implemented to include new
library-specific messages in the log. Currently, these messages are
only managed in mnt_context_get_excode(), but it would be beneficial
to relocate them to the appropriate locations where errors are
triggered.
In the future, mnt_context_get_excode() should only be utilized by
basic applications that require an one error message. For more
critical purposes (e.g. mount(8)), it will be recommended to utilize
the messages array.
The public function mnt_context_get_excode() has been modified to use
the new functionality and provide messages in a backwardly compatible
way.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
For testing purposes, report the missing LISTMOUNT_REVERSE as missing
in the complete listmount() function.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Addresses: https://github.com/util-linux/util-linux/issues/3275
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
It is possible that one field in the libmnt_fs struct requires
fetching multiple statmount fields using multiple STATMOUNT_* mask
items. This requires changes to the way the fs->stmnt_done mask is
used.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
* add missing STATMOUNT_* items
* reuse merging code
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
We use uintX_t in many places in the library, and it seems useful to
include inttypes.h and stdint.h to have access to the PRI* macros everywhere.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
* introduce mnt_fs_try_statmount() macro to simplify mnt_fs_fetch_statmount() calls
* define dummy API functions when HAVE_STATMOUNT_API undefined
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
The new listmount() syscall returns a list of unique mount IDs (just
uint64_t per node, nothing else). It makes it very fast and efficient.
* libmount supports two scenarios:
- fetch the whole mount table by mnt_table_fetch_listmount(); this is
an alternative to mnt_table_parse_file()
- on demand; this mode is an extension to the current functionality,
when enabled by mnt_table_enable_listmount(), then mnt_table_next_fs()
will ask the kernel for data by listmount.
If mnt_table_next_fs() iterates on the mount table in reverse order
(MNT_ITER_BACKWARD), then it reads mount nodes from the kernel in
reverse order too.
The advantage of the on-demand mode is that on machines with a huge
mount table (thousands of nodes), we can work with only a subset of
the table (usually the last few nodes with the most recently
mounted filesystems), and the kernel does not have to compose a complete
huge table. This should be an improvement over the mountinfo file.
The default is to read 512 nodes (IDs) by one listmount() call. This
size can be altered by mnt_table_listmount_set_stepsiz(). The default
size should be large enough for usual Linux machines.
It's also possible to set a sub-tree by mnt_table_listmount_set_id()
and a namespace by mnt_table_listmount_set_ns().
If libmnt_statmnt (on-demand statmount()) is assigned to the table,
then all filesystems in the table are automatically assigned to this
statmount() setup too. This allows for a completely on-demand
scenario.
tb = mnt_new_table();
sm = mnt_new_statmnt();
mnt_table_refer_statmnt(tb, sm); /* enable statmount() */
mnt_table_enable_listmount(tb, 1); /* enable listmount() */
while (mnt_table_next_fs(tb, itr, &fs) == 0) {
if (strcmp("vfat", mnt_fs_get_fstype(fs)) == 0)
print("%s", mnt_fs_get_fs_options(fs));
}
In this example, mnt_table_next_fs() serves as the frontend for
listmount() and mnt_fs_get_...() serves as the frontend for
statmount(). The fs-options are read from kernel only for "vfat"
filesystems.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
* introduce libmnt_statmnt object to store statmount mask and buffer
(etc.)
* add API for libmnt_fs to retrieve data from the kernel using
statmount()
* support on-demand statmount() from old mnt_fs_get_...() functions
* allow libmnt_statmnt to be shared and reused between libmnt_fs
instances
* allow libmnt_statmnt to be assigned and used for filesystems in the
table (assign libmnt_statmnt to the table to make it usable for all
filesystems).
* allow temporary disabling of fetching data from the kernel to avoid
unwanted recursion in certain use-cases
* support namespaces for statmount() based on the libmnt_fs namespace
ID setting
* allow user-defined statmount masks to overwrite the default
* add a sample program
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Since the Linux kernel version 6.8, there are two types of IDs
available: the "old" ID used in /proc/self/mountinfo, and a new 64-bit
unique ID that is never recycled. This new ID is provided by the
statx(STATX_MNT_ID_UNIQUE) and statmount() syscalls.
Note that this patch only adds the API for retrieving these unique
IDs, but the backing code has not been implemented yet.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
This change allows propagation flags to be retained from another
source, such as statmount().
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
The new syscalls (statmount and fd-based mount) are already being
utilized in various areas within the library. Therefore, it would be
more efficient to include the syscalls header file in the private main
library header file.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
The EROFS can mount regular files with a filesystem image without the
need for a loop device.
For backward compatibility with previous versions of EROFS, a loop
device will only be created if the first attempt to mount results
ENOTBLK error.
Addresses: https://github.com/util-linux/util-linux/pull/3288
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
This improves compatibility with non-gnu userspaces.
On systems where the libc provides posix getopt instead of gnu getopt,
mount helpers which use getopt to parse arguments will not parse
options which appear after non-option arguments. This patch ensures
mount/unmount work as expected in this situation.
mount: fix expected argument order for mount helpers in tests
|
|
|
|
* 'bitfield-eradication' of https://github.com/keszybz/util-linux:
Drop pointless bitfields
|
|
https://github.com/karelzak/util-linux-work
* 'PR/libmount-noloopdev' of https://github.com/karelzak/util-linux-work:
libmount: support X-mount.noloop
|
|
Bitfields have their uses, but the uses here didn't make any sense.
Code generated to read or write bitfields is more complicated (and
slower) because, well, the bits need to be manipulated with special
instructions. So bitfields should be used when we have a structure
that is repeated hundreds or thousands of times in memory and those
saving are higher than the cost of having more complicated code. This
can happen for example in the kernel code. But the code here has
structures that are instantiated once or or at most few times.
In addition, a bitfield often does not save any memory because of
alignment requirements. In the majority of cases modified here, the
bitfield was the last field in a structure, so no memory savings were
made.
$ size build*/{mkswap,more,ul,col,rtcwake,lsmem,lscpu,eject,dmesg,uuidd,taskset,login}
text data bss dec hex filename
132014 1988 88 134090 20bca build/mkswap
129342 1852 88 131282 200d2 build2/mkswap
55161 1480 128 56769 ddc1 build/more
54265 1480 128 55873 da41 build2/more
14364 868 112 15344 3bf0 build/ul
14316 868 112 15296 3bc0 build2/ul
28547 1000 112 29659 73db build/col
28435 1000 112 29547 736b build2/col
46914 1960 112 48986 bf5a build/rtcwake
46834 1960 112 48906 bf0a build2/rtcwake
63419 1744 176 65339 ff3b build/lsmem
63403 1744 176 65323 ff2b build2/lsmem
159885 2864 464 163213 27d8d build/lscpu
159757 2864 464 163085 27d0d build2/lscpu
90041 1704 88 91833 166b9 build/eject
89737 1704 88 91529 16589 build2/eject
82150 5152 1032 88334 1590e build/dmesg
81846 5152 1032 88030 157de build2/dmesg
37601 1368 80 39049 9889 build/uuidd
37585 1368 80 39033 9879 build2/uuidd
58906 1336 56 60298 eb8a build/taskset
58890 1336 56 60282 eb7a build2/taskset
84761 2128 152 87041 15401 build/login
84672 2128 152 86952 153a8 build2/login
(To be clear: those small savings are not particularly important. The
motivation for this patch is to eradicate the antipattern of making
things more complicated without any benefit.)
|
|
libmount automatically creates a loop device and mounts it if the
source of the mount is a regular file that contains a well-known
filesystem. However, in some cases, this feature may be unwanted. The
new mount option "X-mount.noloop" forces libmount to use the file
directly as the mount source.
Addresses: https://github.com/util-linux/util-linux/pull/3288
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
The pointed-to structures were const, but the pointers were not.
|
|
The new mount API allows for specifying whether to use a read-only
setting on the VFS or FS. Let's export this feature to the mount(8)
command line and fstab by adding new optional arguments "fs" and "vfs"
for the readonly mount flags. If nothing is specified, then the
default will be to mount as read-only on both layers for a normal
mount.
# mount -o ro=vfs /dev/sdc /mnt/test
...
fsopen("ext4", FSOPEN_CLOEXEC) = 3
fsconfig(3, FSCONFIG_SET_STRING, "source", "/dev/sdc", 0) = 0
fsconfig(3, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = 0
mount_setattr(4, "", AT_EMPTY_PATH, {attr_set=MOUNT_ATTR_RDONLY, attr_clr=0, propagation=0 /* MS_??? */, userns_fd=0}, 32) = 0
move_mount(4, "", AT_FDCWD, "/mnt/test", MOVE_MOUNT_F_EMPTY_PATH) = 0
# mount -o ro=fs /dev/sdc /mnt/test
...
fsopen("ext4", FSOPEN_CLOEXEC) = 3
fsconfig(3, FSCONFIG_SET_STRING, "source", "/dev/sdc", 0) = 0
fsconfig(3, FSCONFIG_SET_FLAG, "ro", NULL, 0) = 0
fsconfig(3, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = 0
move_mount(4, "", AT_FDCWD, "/mnt/test", MOVE_MOUNT_F_EMPTY_PATH) = 0
# mount -o ro /dev/sdc /mnt/test
...
fsopen("ext4", FSOPEN_CLOEXEC) = 3
fsconfig(3, FSCONFIG_SET_STRING, "source", "/dev/sdc", 0) = 0
fsconfig(3, FSCONFIG_SET_FLAG, "ro", NULL, 0) = 0
fsconfig(3, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = 0
mount_setattr(4, "", AT_EMPTY_PATH, {attr_set=MOUNT_ATTR_RDONLY, attr_clr=0, propagation=0 /* MS_??? */, userns_fd=0}, 32) = 0
move_mount(4, "", AT_FDCWD, "/mnt/test", MOVE_MOUNT_F_EMPTY_PATH) = 0
The patch improves also the mount(8) man page to provide clearer
information about VFS.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
The function name mnt_optlist_is_recursive() is not accurate. It is
only used for propagation operations based on the MS_REC flag and
should not be confused with any other recursive stuff, such as
ro=recursive.
A more appropriate name for this function would be mnt_optlist_is_rpropagation().
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
The new mount API allows for the use of AT_SYMLINK_NOFOLLOW when
opening a mount tree (aka the "mount source" for libmount).
As a result, you can now replace one symlink with another by using a
bind mount.
By default, the mount(8) command follows symlinks and canonicalizes
all paths. However, with the X-mount.nocanonicalize=source option, it
is possible to open the symlink itself. Similarly, with the
X-mount.nocanonicalize=target option, the path of the mount point can
be kept as the original symlink. (Using X-mount.nocanonicalize without
any argument works for both the "source" and "target".)
Example:
# file /mnt/test/symlinkA /mnt/test/symlinkB
/mnt/test/symlinkA: symbolic link to /mnt/test/fileA
/mnt/test/symlinkB: symbolic link to /mnt/test/fileB
# strace -e open_tree,move_mount \
./mount --bind -o X-mount.nocanonicalize /mnt/test/symlinkA /mnt/test/symlinkB
...
open_tree(AT_FDCWD, "/mnt/test/symlinkA", OPEN_TREE_CLONE|OPEN_TREE_CLOEXEC|AT_SYMLINK_NOFOLLOW) = 3
move_mount(3, "", AT_FDCWD, "/mnt/test/symlinkB", MOVE_MOUNT_F_EMPTY_PATH) = 0
# ls -la /mnt/test/symlinkB
lrwxrwxrwx 1 root root 15 Sep 26 13:41 /mnt/test/symlinkB -> /mnt/test/fileA
The result is that 'symlinkB' is still a symlink, but it now points to
a different file.
This commit also modifies umount(8) because it does not work with
symlinks by default. The solution is to call umount2(UMOUNT_NOFOLLOW)
for symlinks after a failed regular umount(). For example:
# strace -e umount,umount2 \
./umount /mnt/test/symlinkB
...
umount2("/mnt/test/symlinkB", 0) = -1 EINVAL (Invalid argument)
umount2("/mnt/test/symlinkB", UMOUNT_NOFOLLOW) = 0
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
The new kernel mount API can bind-mount over a symlink. However, this
feature does not work with libmount because it canonicalizes all paths
by default. A possible workaround is to use the --no-canonicalize
option on the mount(8) command line, but this is a heavy-handed
solution as it disables all conversions for all paths and tags (such
as LABEL=) and fstab processing.
This commit introduces the X-mount.nocanonicalize userspace mount
option to control canonicalization. It only affects paths used for
mounting and does not affect tags and searching in fstab. Additionally,
this setting possible to use in fstab.
If the optional argument [=source|target] is not specified, then paths
canonicalization is disabled for both the source and target paths.
Adresses: https://github.com/util-linux/util-linux/issues/2370
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
But still need rewrite of opaque comments @ libmount/src/context_umount.c:350-353 and libmount/src/context.c:1149-1150.
|
|
A good start. Some lines moved because they were under a misspelled duplicate heading.
|
|
These occurrences should be "trailing" instead of "tailing".
|
|
Use the same error handling logic as do_mount_by_pattern() to better
handle the case where EROFS is returned from the first filesystem in a
list but subsequent filesystems overwrite this status with, for example,
ENODEV.
This allows read-only devices to mount without the user needing to
explicitly specify "ro" while specifying a list of potential
filesystems, some of which may not be available.
Signed-off-by: John Keeping <jkeeping@inmusicbrands.com>
|
|
Extract the logic for whether to continue trying more filesystem types
to a function so that it can be reused to make this consistent between
do_mount_by_pattern() and do_mount_by_types().
Signed-off-by: John Keeping <jkeeping@inmusicbrands.com>
|
|
* Ensure data termination from read() function
* Allocate space for terminator using "sizeof(buf)-1"
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Signed-off-by: Ville Skyttä <ville.skytta@iki.fi>
|
|
* Initialize the tree file descriptor in the hook_subdir.c module if
it has not been initialized yet. (hook_mount.c does not open the
tree if the mount.<type> helper will be executed.)
* Move the function to open the tree to context.c to make it more
generic and usable in more places.
Reported-by: Linus Heckemann <git@sphalerite.org>
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
* Introduce special exit status 126 to inform about failed execl of
the /sbin/[u]mount.<type> helpers.
* Introduce MNT_ERR_EXEC as an API return code to inform about failed
execl() calls.
* Add mount and umount messages for failed execl() calls.
* Add EXIT STATUS section to umount man page.
Addresses: https://github.com/util-linux/util-linux/pull/3063
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Fixed: https://github.com/util-linux/util-linux/issues/2605
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Let's make it easy to create error message and return the message to
applications also when not generated by a syscall (kernel).
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
* Add mnt_context_set_errmsg() and mnt_context_append_errmsg() functions.
* Replace custom code with mnt_context_syscall_save_status() function.
* Optionally use syscall name when generating error message.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
This commit is just cleanup to keep internal API consistent.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
All atime settings are mutually exclusive, and the attr_set mask for
the mount_setattr() syscall cannot contain multiple MOUNT_ATTR_ atime
related options.
Unfortunately, during a remount, the list of options is composed of
both old and new options. In this case, libmount sets more atime
options to the mask. The correct behavior is to use the last atime
related option from the list.
Fixes: https://github.com/util-linux/util-linux/issues/3032
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
* 'PR/libmount-fix-umount-r' of github.com:karelzak/util-linux-work:
libmount: fix umount --read-only
|
|
Reported-by: Krzysztof Olędzki <ole@ans.pl>
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
The function mnt_has_regular_utab() properly detects that the utab is
not writable, but this is ignored by the high-level context API. As a
result, the library later attempts to update the file and ends up with
a warning in mount(8):
$ mkdir sys
$ unshare --map-root-user --mount
$ mount --rbind /sys sys
$ umount --lazy sys; echo $?
umount: /home/user/sys: filesystem was unmounted, but failed to update userspace mount table.
16
In this case, the utab should be ignored.
Fixes: https://github.com/util-linux/util-linux/issues/2981
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
|
|
See 477401f0de
|
|
Signed-off-by: Thorsten Kukuk <kukuk@suse.com>
|
|
mount(8) cares about case when option specified as "name=" (it means
without data). See for example 727c689908c5e68c92aa1dd65e0d3bdb6d91c1e5.
We need this also for new mount API and use FSCONFIG_SET_STRING rather
than FSCONFIG_SET_FLAG.
strace -e fsconfig ./mount -o usrjquota= /dev/sdc1 /mnt/test
Old:
fsconfig(3, FSCONFIG_SET_STRING, "source", "/dev/sdc1", 0) = 0
fsconfig(3, FSCONFIG_SET_FLAG, "usrjquota", NULL, 0) = -1 EINVAL (Invalid argument)
Fixed:
fsconfig(3, FSCONFIG_SET_STRING, "source", "/dev/sdc1", 0) = 0
fsconfig(3, FSCONFIG_SET_STRING, "usrjquota", "", 0) = 0
Fixes: https://github.com/util-linux/util-linux/issues/2837
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
[kzak@redhat.com: - fix also function docs]
Bug: https://bugs.gentoo.org/927258
Closes: https://github.com/util-linux/util-linux/issues/2844
Fixes: 3d1c41c8c ("libmount: add --onlyonce")
Signed-off-by: Matt Turner <mattst88@gmail.com>
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
This is a very minimalistic implementation for v2.40 designed to print
error messages from the kernel. It exclusively displays errors, and
the patch does not introduce any new library interface for this
purpose. Instead, it simply replaces hardcoded messages within
libmount with kernel messages.
It's worth noting that the final implementation will necessitate
per-hook error handling in libmount and likely a new library API to
access other types of messages (warnings, notices, etc.).
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Avoid holding writeable fd to a loop device that is being mounted. In
the hardened configurations (CONFIG_BLK_DEV_WRITE_MOUNTED = n) the
kernel wants to make sure nobody else has the block device writeably
open when mounting so this makes the mount fail.
Reported-by: JunChao Sun <sunjunchao2870@gmail.com>
Signed-off-by: Jan Kara <jack@suse.cz>
Acked-by: Christian Brauner <brauner@kernel.org>
|
|
This reverts commit 1b2d8187360157b00b47f52522fc039d82e34e6b.
Unfortunately, this new feature introduces a regression. We need a
better solution (probably mount options option to enable the feature)
rather than enable it by default.
Fixes: https://github.com/util-linux/util-linux/issues/2773
References: https://github.com/util-linux/util-linux/issues/2370
|
|
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
If the mount operation requires multiple steps, it's optimal for the
libmount monitor to ignore the steps until we get a complete mount
(reported by the utab.event file).
This commit adds a new API function, mnt_monitor_veil_kernel(), to
ignore unwanted kernel mount events.
Note that this only makes sense when the application monitors kernel
and userspace events simultaneously.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
The file exists when libmount works with utab, and more steps are
expected during a single mount operation (more kernel events, more
updates to utab, etc.).
It is possible to monitor the file through the mnt_monitor_...() API
by a simple access() after any event. No locks are expected in
monitor, making it usable for non-root users without any security
impact. The monitor can ignore events if the file exist.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
* use reference counting for libmnt_lock
* remove lock use from mnt_update_already_done(), it's read-only
operation and utab update is atomic (based on rename(2))
* keep the lock instance mandatory for all low-level update_*
functions. The lock is always initialized, so all the 'if(lc)'
are unnecessary.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Reported-by: Thomas Weißschuh <thomas@t-8ch.de>
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
The mnt_monitor_...() API uses /run/mount/utab.lock to monitor utab
changes. The same file is used to control access to the utab file.
The utab can be updated more than once during one mount(8) call, for
example, one update is done in /sbin/mount.nfs and next in mount(8).
This situation triggers two (e.g. inotify) events when monitoring is
based on the lock file.
It seems better to introduce separate file to trigger the event and do
not trigger this event in /sbin/mount.<type> helpers.
References: 477401f0de404aafbc7630f70c2f8b1d670e32f8
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Signed-off-by: Thomas Weißschuh <thomas@t-8ch.de>
|
|
Signed-off-by: Thomas Weißschuh <thomas@t-8ch.de>
|
|
Signed-off-by: Thomas Weißschuh <thomas@t-8ch.de>
|
|
Signed-off-by: Thomas Weißschuh <thomas@t-8ch.de>
|
|
Signed-off-by: Thomas Weißschuh <thomas@t-8ch.de>
|
|
* 'PR/libmount-utab-external' of github.com:karelzak/util-linux-work:
tests: make mount/special more robust
tests: add missing file and improve options-missing test
libmount: test utab options after helper call
libmount: add missing utab options after helper call
libmount: add private mnt_optstr_get_missing()
|
|
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
libmount is able to add missing entry to /run/mount/utab after
external /sbin/mouht.<type> helper execution. This is not enough, it's
possible that the helper write proper entry to the utab, but there is
missing some options expected by libmount (usually because the options
are irrelevant fro the helper.
Reproducer:
Create a stupid mount.foo which writes x-foo=123 to utab:
# echo -e '#!/bin/bash\n\n/bin/mount -i "$1" "$2" -o x-foo=123' > /sbin/mount.foo
# chmod +x /sbin/mount.foo
Run mount which needs to write x-bar=BAR options to utab and executes
the helper (due to "-t foo", /dev/sdc1 is ext4):
# mount -t foo /dev/sdc1 /mnt/test -o x-bar=BAR
old mount:
# cat /run/mount/utab
ID=121 SRC=/dev/sdc1 TARGET=/mnt/test ROOT=/ OPTS=x-foo=123
fixed mount:
# cat /run/mount/utab
ID=121 SRC=/dev/sdc1 TARGET=/mnt/test ROOT=/ OPTS=x-foo=123,x-bar=BAR
Fixes: https://github.com/util-linux/util-linux/issues/2554
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
The function compares two options strings and returns options which
are missing.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
The libmount library can accept any characters as an option value when
the value is quoted (e.g., foo="b,a,r"). However, overlayfs users have
been using '\' as an escape character (e.g., lowerdir=foo\,bar).
Although this escaping mechanism was never officially supported by
libmount/mount, it worked for the old mount(2) API because it kept the
options string unparsed for the mount(2) syscall.
The introduction of the new mount API, which utilizes fsconfig(2) per
option, has brought attention to this issue.
This patch addresses the problem by introducing official support for
'\' as an escape character for options separator.
Suggested-by: Miklos Szeredi <miklos@szeredi.hu>
References: https://lore.kernel.org/all/CAOQ4uxhgUSPkYAV8SJu-SFszkJcVO3-M4DXf46nJUtXODrPk2g@mail.gmail.com/T/#ma8e6cfc1ce7229abc089e03eed99b23b90d701e5
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
The autotools build used -Wno-unused-parameter to silence these warnings
for a few files. On meson however this configuration was not duplicated
leading to persistent warnings, preventing the usage of -Werror.
Instead of having to maintain the exceptions in two buildsystems, mark
the exceptions directly in the source code.
Afterward clean up autotools to not use -Wno-unused-parameter anymore.
Signed-off-by: Thomas Weißschuh <thomas@t-8ch.de>
|
|
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
The function utilizes the struct libmnt_itr to iterate through the mountinfo file
but neglects the direction specified by the iterator. This a bug. The application
must manage the direction, as, for instance, umount(8) requires the children of
the mountpoint in reverse order.
Fixes: https://github.com/util-linux/util-linux/issues/2552
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Signed-off-by: Thomas Weißschuh <thomas@t-8ch.de>
|
|
Signed-off-by: Thomas Weißschuh <thomas@t-8ch.de>
|
|
The kernel helpfully provides feedback about failed operations via the
filesystem descriptor. Read that information and expose it via libmounts
debug facilities.
Signed-off-by: Thomas Weißschuh <thomas@t-8ch.de>
|
|
Functions are easier to modify and reason about.
Signed-off-by: Thomas Weißschuh <thomas@t-8ch.de>
|
|
coverity claims that this is now a use-after-free.
Let's revert the original change and make the code clearer before trying
another fix.
This reverts commit d36306a560fd6d747e18ab22fc1279f4a373f43d.
Signed-off-by: Thomas Weißschuh <thomas@t-8ch.de>
|
|
Signed-off-by: Thomas Weißschuh <thomas@t-8ch.de>
|
|
* 'analyzer1' of https://github.com/t-8ch/util-linux:
libsmartcols: handle nameless tables in export format
ldattach: don't call exit() from signal handler
lslogins: fix realloc() loop allocation size
more: avoid out-of-bound access
libfdisk: handle allocation failure in fdisk_new_partition
lib/env: fix function name remote_entry -> remove_entry
libmount: gracefully handle NULL path in mnt_resolve_target()
libblkid: avoid memory leak of cachefile path
lib/env: avoid underflow of read_all_alloc() return value
|
|
Signed-off-by: Thomas Weißschuh <thomas@t-8ch.de>
|
|
reallocarray() prevents overflow of the multiplication.
It also avoids issues with operator precedence like in libmount/src/context.c:
pids = realloc(cxt->children, sizeof(pid_t) * cxt->nchildren + 1);
This only allocated one additional byte, and not enough space for
another child.
Signed-off-by: Thomas Weißschuh <thomas@t-8ch.de>
|
|
Reported-by: Samuel Thibault <samuel.thibault@aquilenet.fr>
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Let's make statx() support visible in "mount -V" output.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Using sys/stat.h and linux/stat is too tricky.h together. It seems
better to rely on libc and use sys/stat.h only. Users affected
by old libc must update to use recent util-linux.
Fixes: https://github.com/util-linux/util-linux/issues/2448
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
A regression was introduced in v2.39 that causes mounting with the atime
option to fail:
$ mkfs.ext4 -F /dev/sdi
$ mount -o atime /dev/sdi /mnt/sdi
mount: /mnt/sdi: not mount point or bad option.
dmesg(1) may have more information after failed mount system call.
The failure comes from the mount_setattr(2) call returning -EINVAL. This
is because we pass an invalid value for the attr_clr argument. From a
strace capture we have:
mount_setattr(4, "", AT_EMPTY_PATH, {attr_set=0, attr_clr=MOUNT_ATTR_NOATIME, propagation=0 /* MS_??? */, userns_fd=0}, 32) = -1 EINVAL (Invalid argument)
We can't pass MOUNT_ATTR_NOATIME to mount_setattr(2) through the attr_clr
argument because all atime options are exclusive, so in order to set atime
one has to pass MOUNT_ATTR__ATIME to attr_clr and leave attr_set as
MOUNT_ATTR_RELATIME (which is defined as a value of 0).
This can be read from the man page for mount_setattr(2) and also from the
kernel source:
$ cat fs/namespace.c
static int build_mount_kattr(const struct mount_attr *attr, size_t usize,
struct mount_kattr *kattr, unsigned int flags)
{
(...)
/*
* Since the MOUNT_ATTR_<atime> values are an enum, not a bitmap,
* users wanting to transition to a different atime setting cannot
* simply specify the atime setting in @attr_set, but must also
* specify MOUNT_ATTR__ATIME in the @attr_clr field.
* So ensure that MOUNT_ATTR__ATIME can't be partially set in
* @attr_clr and that @attr_set can't have any atime bits set if
* MOUNT_ATTR__ATIME isn't set in @attr_clr.
*/
if (attr->attr_clr & MOUNT_ATTR__ATIME) {
if ((attr->attr_clr & MOUNT_ATTR__ATIME) != MOUNT_ATTR__ATIME)
return -EINVAL;
/*
* Clear all previous time settings as they are mutually
* exclusive.
*/
kattr->attr_clr |= MNT_RELATIME | MNT_NOATIME;
switch (attr->attr_set & MOUNT_ATTR__ATIME) {
case MOUNT_ATTR_RELATIME:
kattr->attr_set |= MNT_RELATIME;
break;
case MOUNT_ATTR_NOATIME:
kattr->attr_set |= MNT_NOATIME;
break;
case MOUNT_ATTR_STRICTATIME:
break;
default:
return -EINVAL;
}
(...)
So fix this by setting attr_clr MOUNT_ATTR__ATIME if we want to clear any
atime related option.
Signed-off-by: Filipe Manana <fdmanana@kernel.org>
|
|
libmnt_<image>
If the roothash is the same among two volumes, then the images are guaranteed
to be equivalent. The filename of the image on the other hand does not imply
that the images are equivalent.
In systemd we open verity devices as '<roothash>-verity', so that we know for
sure we can reuse them. Do the same here, so that we are a bit more confident
that images can be reused before the safety check, and also so that we can
take advantage of the kernel refcounting together with images used by systemd,
as setting up verity is expensive.
Signed-off-by: Luca Boccassi <bluca@debian.org>
|
|
In some cases mount(2)/open_tree(2) returns EPERM for root user. In
this case libmount reports it as "mount point is not a directory".
It does not makes sense for bind mount where target could be a
regular file.
This patch is not ideal, the error handler is generic, but semantic
for new mount API and mount(2) is different. For example now it checks
for regular file, but the new API supports bind over symlinks, so
proper fix will require lstat() and S_ISLNK(), etc. We need to move
error messages to hook_mount.c and mount_mount_legacy.c to make it
more specific.
Fixes: https://github.com/util-linux/util-linux/issues/2413
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
In this case the statx() is use to get mount ID. It's optional and not
required. Let's #ifdef the statx() call and also check for stx_mnt_id
struct member.
Fixes: https://github.com/util-linux/util-linux/issues/2415
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Let's ensure struct statx exists before we try to use it. Checking for
the existence of linux/stat.h is not sufficient. This is because
[uapi/]linux/stat.h has existed since Linux 3.7, however struct statx
was only introduced with Linux 4.11.
The problem arises if one happens ot be using kernel headers from within
the aforementioned range, such as Linux 4.9.
CC libmount/src/la-utils.lo
In file included from libmount/src/utils.c:31:
./include/fileutils.h:100:33: warning: declaration of 'struct statx' will not
be visible outside of this function [-Wvisibility]
unsigned int mask, struct statx *stx)
^
libmount/src/utils.c:117:16: error: variable has incomplete type 'struct statx'
struct statx stx = { 0 };
^
libmount/src/utils.c:117:10: note: forward declaration of 'struct statx'
struct statx stx = { 0 };
^
libmount/src/utils.c:125:5: error: use of undeclared identifier 'STATX_TYPE'
STATX_TYPE
^
libmount/src/utils.c:126:8: error: use of undeclared identifier 'STATX_MODE'
| STATX_MODE
^
libmount/src/utils.c:127:8: error: use of undeclared identifier 'STATX_INO'
| STATX_INO,
^
1 warning and 4 errors generated.
make[4]: *** [Makefile:11269: libmount/src/la-utils.lo] Error 1
Checking for the presence of struct statx explicitly avoids this
problem.
Signed-off-by: Markus Mayer <mmayer@broadcom.com>
|
|
Check that linux/mount.h is present before using features that rely on
it.
It is necessary to check for the presence of linux/mount.h explicitly.
Simply relying on the presence of several syscalls (e.g. SYS_move_mount,
SYS_open_tree) does not work reliably, at least not in a cross-compiling
environment.
The syscall definitions are provided by the C library. Meanwhile,
linux/mount.h is provided by the kernel. This opens the possibility for
discrepancies.
A problem arises if the C library (e.g. musl-1.2.3) defines all "mount
fd API" syscalls (and HAVE_MOUNTFD_API becomes true), but the kernel
headers are old enough to not provide linux/mount.h. The resulting error
looks as follows. This example is using an LLVM-13 cross-compiler from
x86_64 to aarch64 with musl-1.2.3 as the C library.
CC libmount/src/la-hooks.lo
In file included from libmount/src/hooks.c:30:
./include/mount-api-utils.h:11:10: fatal error: 'linux/mount.h' file not found
^~~~~~~~~~~~~~~
1 error generated.
make[4]: *** [Makefile:11185: libmount/src/la-hooks.lo] Error 1
To prevent this condition, we add a check to configure that will test
for the presence of linux/mount.h in addition to testing for the mount
fd API. Only if both conditions are met can we actually use the mount
fd API.
Signed-off-by: Markus Mayer <mmayer@broadcom.com>
|
|
* 'mount/statx-enosys' of https://github.com/t-8ch/util-linux:
libmount: (utils) fix statx fallback
|
|
* 'PR/libmount-fake' of github.com:karelzak/util-linux-work:
libmount: cleanup --fake mode
|
|
The new kernel mount API can bind over symlink by default.
Unfortunately, libmount always canonicalizes all paths (due to
backward compatibility, search in mountinfo, search in fstab, etc.).
Possible workaround is -c, --no-canonicalize but it disable all paths
canonicalization, tags to paths conversions etc.
This patch disables the canonicalization only for the target path
(if symlink) on bind operation.
Fixes: https://github.com/util-linux/util-linux/issues/2370
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
If the systemcall is not available ENOSYS is returned.
Under glibc the statx implementation also has its own fallback logic.
As AT_STATX_DONT_SYNC can't be implemented correctly in that fallback
logic the wrapper will return EINVAL in case the emulation is needed and
AT_STATX_DONT_SYNC is set.
So also use our own fallback in that case.
Fixes: #2409
Signed-off-by: Thomas Weißschuh <thomas@t-8ch.de>
|
|
It was originally designed to play nasty games with /etc/mtab (mount
when /etc is read-only and update later when it's write-able).
The --fake is completely useless with the new API due to complexity
where we cannot skip any step, because the next stuff depends on it.
So, it makes more sense skip all functionality where libmount does
anything significant.
This commit add --fake check to hooks logic to skip all hooks as the
hooks are place where libmount implements mount related invasive
operations (create mountpoint, namespaces, create superblock, move,
mount, etc.).
Frankly, --fake without mtab is useless.
Fixes: https://github.com/util-linux/util-linux/issues/2395
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
The old mount(2) API usually utilizes MS_* flags to set up the VFS
node. However, there are some exceptions like "sync" (MS_SYNCHRONOUS),
where the flag is used (by kernel) for the superblock instead. The new
API addresses this issue, ensuring that these options are used for
fsconfig().
This commit introduces MNT_SUPERBLOCK to identify these options in the
libmount options Linux map, and it enforces the new mount code to
utilize these options for fsconfig(FSCONFIG_SET_FLAG).
Reported-by: Abbink Esger <esger.abbink.ext@siemens.com>
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
If a mount operation with extra flags runs into an EPERM when applying
the flags, then mnt_context_get_mount_excode() returns 'Unknown error
5005' and MNT_EX_FAIL. Here's an example:
Create a mount point on the host with 'nodev,nosuid,noexec':
$ dd if=/dev/zero of=/var/tmp/loopfile bs=40960 count=1024
$ sudo losetup --find /var/tmp/loopfile
$ sudo mkfs.ext4 /dev/loop0
$ sudo mkdir /mnt/a
$ sudo mount -o nosuid,nodev,noexec /dev/loop0 /mnt/a
Check the mount options to be sure:
$ findmnt --output OPTIONS,PROPAGATION /mnt/a
OPTIONS PROPAGATION
rw,nosuid,nodev,noexec,relatime,seclabel shared
Enter a mount and user namespace:
$ podman run \
--interactive \
--privileged \
--rm \
--tty \
--volume /:/run/host:rslave \
registry.fedoraproject.org/fedora:38 \
/bin/bash
Try to bind mount the mount point from the host inside the namespace
with some extra flags:
# mkdir ~/b
# mount --bind -o ro /run/host/mnt/a ~/b
mount: /root/b: filesystem was mounted, but any subsequent operation
failed: Unknown error 5005.
# echo $?
32
It will be better to show something more human-readable than 'Unknown
error 5005'.
Secondly, an exit code of 32 means 'mount failure', which isn't quite
correct here. The mount operation is split into two mount(2) calls,
where the first one uses MS_BIND to create the bind mount, and the
second uses MS_REMOUNT | MS_BIND | MS_RDONLY to apply the 'ro' flag.
Here, the first mount(2) does succeed:
# findmnt --output OPTIONS,PROPAGATION ~/b
OPTIONS PROPAGATION
rw,nosuid,nodev,noexec,relatime,seclabel private,slave
It's only the application of the 'ro' flag with the second mount(2) that
fails with an EPERM. Hence, an exit code of 1 that means 'incorrect
invocation or permissions' seems more appropriate.
Signed-off-by: Debarshi Ray <rishi@fedoraproject.org>
|
|
https://github.com/debarshiray/util-linux
* 'wip/rishi/libmount-src-hook-mount-move_setattr-typo' of https://github.com/debarshiray/util-linux:
libmount: fix typo
|
|
The implementation using the new FD based mount kernel API (ie.,
fsconfig/fsopen) uses MNT_ERR_APPLYFLAGS for failed mount_setattr(2)
calls, which involves more mount attributes (eg., MOUNT_ATTR_RDONLY,
MOUNT_ATTR_NOSUID, etc.) in addition to the MS_PROPAGATION flags (eg.,
MS_SHARED, MS_UNBINDABLE, etc.).
Note that mount_setattr(2) is part of the new FD based mount kernel API,
and is not used by the classic mount(2) based version.
Fallout from 987d844cdbc0f91ca81de3c1e5d0628a60eb458f
Signed-off-by: Debarshi Ray <rishi@fedoraproject.org>
|
|
Similar to e80f8e46127e45907db25b4ffd58c699fdf4c35f and fallout from
6753e6f6912658e836966a6316df956e1af5fcae
Signed-off-by: Debarshi Ray <rishi@fedoraproject.org>
|
|
Since v2.39 libmount prefers "struct libmnt_optlist" to keep mount options
rather than the original "struct libmnt_fs". This is problem if the
"fs" struct is defined and maintained outside the context.
The library has already a way how to sync "fs" and "optlist", but this
needs to be improved and used more widely. Changes:
* force "fs" from context to always read options from "optlist"
* copy options from "fs" to "optlist" in mnt_context_set_fs()
* internally redirect mnt_fs_* API for options to "optlist" if optlist
defined
* add simple test to make sure options from different sources are
always merged together
Addresses: https://github.com/util-linux/util-linux/issues/2326
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
The library (on mount) cares about "user", but has to ignore
"user=name". It works as expected, but only for non-root users. We
need to ignore it also root to be compatible with /sbin/mount.cifs
where some people still use "user=" (rather than "username=").
References: fe0b1e793c9017edba72768e2e0b4c769c204604
Addresses: https://github.com/util-linux/util-linux/issues/2315
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Signed-off-by: Thomas Weißschuh <thomas@t-8ch.de>
|
|
Fixes #2305
Signed-off-by: Thomas Weißschuh <thomas@t-8ch.de>
|
|
* 'PR/libmount-force-mount2' of github.com:karelzak/util-linux-work:
libmount: introduce LIBMOUNT_FORCE_MOUNT2={always,never,auto}
|
|
Let's introduce a stable workaround for use cases where new kernel API
is not ready to use.
The patch does not use "goto enosys" to exit as nothing in the hookset
is initialized yet.
Addresses: https://github.com/util-linux/util-linux/issues/1992
Addresses: https://github.com/util-linux/util-linux/issues/2283
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
It seems mount_setattr() is supported on Linux < 5.14, but it's without
MOUNT_ATTR_NOSYMFOLLOW. That's problem for remount where we reset all
VFS flags.
The most simple (but not elegant) is to check for kernel version and
fallback to mount(2) on remount.
Addresses: https://github.com/util-linux/util-linux/issues/2283
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
In case more filesystems are specified (or when libmount follows
/{etc,proc}/filesystems) then the library may try to use and
initialize the new API because for some filesystems, we need
exec(/sbin/mount.<type>) and for another fsopen().
The hooks that use the API have to smart and detect that the mount
operation was done in external /sbin/mount.<type> helper. And in this
case, the new API file descriptors must be ignored.
The exception is propagation flags, mount(8) can set the flags after
exec(/sbin/mount.<type>), for example, "mount -t ntfs --make-private".
Fixes: https://github.com/util-linux/util-linux/issues/2267
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
* 'libmount/mount_setattr' of https://github.com/t-8ch/util-linux:
libmount: check for availability of mount_setattr
|
|
This is v2.39 regression. The "user" mount option is internally
converted to "user=<name>", but this should not be exported to
the mount helpers.
The mount helper accepts the <name> only if specified in mount options
(cifs uses user=). The real username as generated by libmount is not
relevant in this case.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
* the order of the new options should not be changed
(for example prepend "a,b,c" to list with "d" has to generate "a,b,c,d", not "c,b,a,d")
* make sure that options map is defined when merging options
Fixes: https://github.com/util-linux/util-linux/issues/2238
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
If mount_setattr is not available but needed fall back to the legacy
mount API.
Fixes #2247
Signed-off-by: Thomas Weißschuh <thomas@t-8ch.de>
|
|
"defaults" is only a pseudo-option that expands to other options.
It should not be passed to helpers.
Reported-by: Quentin Rameau <quinq@fifth.space>
Closes: https://lore.kernel.org/util-linux/20230521181814.0b0f2d38.quinq@fifth.space/
Signed-off-by: Thomas Weißschuh <thomas@t-8ch.de>
|
|
|
|
This is unnecessary for classic mount-like tasks, but application
may use libmount in situation when the default for probing is not
optimal.
Addresses: https://github.com/util-linux/util-linux/issues/2214
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
* enter original namespace for the final move_mount(), it means that
the original unshare() (to create the temporary mount) will be
ineffective for this final step. God bless FD based APIs (setns()
and open_tree())! ;-)
* improve cleanup code (call umount only once)
* remember private namespace
* update note in man page
Addresses: https://github.com/util-linux/util-linux/pull/2198
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Signed-off-by: Thomas Weißschuh <thomas@t-8ch.de>
|
|
Addresses: https://github.com/util-linux/util-linux/pull/2197
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
In some cases, for example:
# mount -t foo,bar,ext4 /dev/sdc /mnt/test
libmount calls fsopen() later (after mount preparation stage), but we
need during preparation check if hook_mount.c stuff (new API) is usable.
Let's do it by dummy fsopen() call.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
