diff options
| author | Gordon Ross <Gordon.Ross@Sun.COM> | 2010-03-26 20:19:35 -0400 |
|---|---|---|
| committer | Gordon Ross <Gordon.Ross@Sun.COM> | 2010-03-26 20:19:35 -0400 |
| commit | 42d159821800ff240cc201c8fe07f575b9e8a62b (patch) | |
| tree | a4e901af0d3640fb37060cb6a0a085bcb2fd18c5 /usr/src/cmd/fs.d/smbclnt | |
| parent | 1e81ac6e0a5d3782b6bdbcc7e2cbda4fda909ab9 (diff) | |
| download | illumos-joyent-42d159821800ff240cc201c8fe07f575b9e8a62b.tar.gz | |
6905120 mount -F smbfs as the Primary Administrator renders the mount point owned by root.
6912466 mount of share from Quantel server fails
6927024 Should defend against opens without closes
6935160 smbfs does not compile with gcc
Diffstat (limited to 'usr/src/cmd/fs.d/smbclnt')
| -rw-r--r-- | usr/src/cmd/fs.d/smbclnt/mount/Makefile | 6 | ||||
| -rw-r--r-- | usr/src/cmd/fs.d/smbclnt/mount/mount.c | 25 | ||||
| -rw-r--r-- | usr/src/cmd/fs.d/smbclnt/umount/Makefile | 9 | ||||
| -rw-r--r-- | usr/src/cmd/fs.d/smbclnt/umount/umount.c | 27 |
4 files changed, 54 insertions, 13 deletions
diff --git a/usr/src/cmd/fs.d/smbclnt/mount/Makefile b/usr/src/cmd/fs.d/smbclnt/mount/Makefile index 5d5da5ec5c..a21e37dd93 100644 --- a/usr/src/cmd/fs.d/smbclnt/mount/Makefile +++ b/usr/src/cmd/fs.d/smbclnt/mount/Makefile @@ -19,7 +19,7 @@ # CDDL HEADER END # # -# Copyright 2009 Sun Microsystems, Inc. All rights reserved. +# Copyright 2010 Sun Microsystems, Inc. All rights reserved. # Use is subject to license terms. # @@ -34,10 +34,12 @@ ROOTFS_PROG= $(LIBPROG) include ../../Makefile.fstype OBJS= $(LIBPROG).o -SRCS= $(LIBPROG).c $(FSLIBSRC) +SRCS= $(LIBPROG).c POFILE= $(LIBPROG).po CLOBBERFILES += $(LIBPROG) +$(ROOTLIBFSTYPE)/mount := FILEMODE= 04555 + CFLAGS += $(CCVERBOSE) C99MODE= $(C99_ENABLE) diff --git a/usr/src/cmd/fs.d/smbclnt/mount/mount.c b/usr/src/cmd/fs.d/smbclnt/mount/mount.c index 03ade9f329..1e2422d4e4 100644 --- a/usr/src/cmd/fs.d/smbclnt/mount/mount.c +++ b/usr/src/cmd/fs.d/smbclnt/mount/mount.c @@ -50,6 +50,7 @@ #include <libintl.h> #include <locale.h> #include <libscf.h> +#include <priv_utils.h> #include <sys/types.h> #include <sys/stat.h> @@ -175,6 +176,21 @@ main(int argc, char *argv[]) #define TEXT_DOMAIN "SYS_TEST" #endif (void) textdomain(TEXT_DOMAIN); + + /* + * Normal users are allowed to run "mount -F smbfs ..." + * to mount on a directory they own. To allow that, this + * program is installed setuid root, and it adds SYS_MOUNT + * privilege here (if needed), and then restores the user's + * normal privileges. When root runs this, it's a no-op. + */ + if (__init_suid_priv(0, PRIV_SYS_MOUNT, (char *)NULL) < 0) { + (void) fprintf(stderr, + gettext("Insufficient privileges, " + "%s must be set-uid root\n"), argv[0]); + exit(RET_ERR); + } + if (argc == 2) { if (strcmp(argv[1], "-h") == 0) { usage(); @@ -363,9 +379,14 @@ again: */ mdata.devfd = ctx->ct_dev_fd; - if (mount(mnt.mnt_special, mnt.mnt_mountp, + /* Need sys_mount privilege for the mount call. */ + (void) __priv_bracket(PRIV_ON); + err2 = mount(mnt.mnt_special, mnt.mnt_mountp, mntflags, fstype, &mdata, sizeof (mdata), - mnt.mnt_mntopts, MAX_MNTOPT_STR) < 0) { + mnt.mnt_mntopts, MAX_MNTOPT_STR); + (void) __priv_bracket(PRIV_OFF); + + if (err2 < 0) { if (errno != ENOENT) { err(EX_MNT, gettext("mount_smbfs: %s"), mnt.mnt_mountp); diff --git a/usr/src/cmd/fs.d/smbclnt/umount/Makefile b/usr/src/cmd/fs.d/smbclnt/umount/Makefile index 2cae8a40eb..d85891b6db 100644 --- a/usr/src/cmd/fs.d/smbclnt/umount/Makefile +++ b/usr/src/cmd/fs.d/smbclnt/umount/Makefile @@ -19,10 +19,10 @@ # CDDL HEADER END # # -# Copyright 2008 Sun Microsystems, Inc. All rights reserved. +# Copyright 2010 Sun Microsystems, Inc. All rights reserved. # Use is subject to license terms. # -# ident "%Z%%M% %I% %E% SMI" + # # cmd/fs.d/smbclnt/umount/Makefile # @@ -37,12 +37,13 @@ COMMON= $(FSLIB) OBJS= $(LIBPROG).o $(COMMON) SRCS= $(LIBPROG).c $(FSLIBSRC) POFILE= $(LIBPROG).po +CLOBBERFILES += $(LIBPROG) + +$(ROOTLIBFSTYPE)/umount := FILEMODE= 04555 CPPFLAGS += -I../.. -I../lib CFLAGS += $(CCVERBOSE) -CLOBBERFILES += $(LIBPROG) - .KEEP_STATE: all: $(ROOTFS_PROG) diff --git a/usr/src/cmd/fs.d/smbclnt/umount/umount.c b/usr/src/cmd/fs.d/smbclnt/umount/umount.c index 3540392bac..5bf6984e78 100644 --- a/usr/src/cmd/fs.d/smbclnt/umount/umount.c +++ b/usr/src/cmd/fs.d/smbclnt/umount/umount.c @@ -19,12 +19,10 @@ * CDDL HEADER END */ /* - * Copyright 2007 Sun Microsystems, Inc. All rights reserved. + * Copyright 2010 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ -#pragma ident "%Z%%M% %I% %E% SMI" - /* * smbfs umount */ @@ -43,7 +41,7 @@ #include <errno.h> #include <locale.h> #include <fslib.h> -#include <priv.h> +#include <priv_utils.h> #define RET_OK 0 #define RET_ERR 32 @@ -70,6 +68,19 @@ main(int argc, char *argv[]) #endif (void) textdomain(TEXT_DOMAIN); + /* + * Normal users are allowed to umount smbfs mounts they own. + * To allow that, this program is installed setuid root, and + * it adds SYS_MOUNT privilege here (if needed), and then + * restores the user's normal privileges. + */ + if (__init_suid_priv(0, PRIV_SYS_MOUNT, (char *)NULL) < 0) { + (void) fprintf(stderr, + gettext("Insufficient privileges, " + "%s must be set-uid root\n"), argv[0]); + exit(RET_ERR); + } + myname = strrchr(argv[0], '/'); myname = myname ? myname+1 : argv[0]; (void) sprintf(typename, "smbfs %s", myname); @@ -120,13 +131,19 @@ static int smbfs_unmount(char *pathname, int umnt_flag) { struct extmnttab *mntp; + int rc; mntp = mnttab_find(pathname); if (mntp) { pathname = mntp->mnt_mountp; } - if (umount2(pathname, umnt_flag) < 0) { + /* Need sys_mount privilege for the umount call. */ + (void) __priv_bracket(PRIV_ON); + rc = umount2(pathname, umnt_flag); + (void) __priv_bracket(PRIV_OFF); + + if (rc < 0) { pr_err(gettext("%s: %s\n"), pathname, strerror(errno)); return (RET_ERR); } |