Merge remote branch 'origin/master'

7 files changed, 66 insertions, 31 deletions

diff --git a/mount/Makefile.am b/mount/Makefile.am
index 5ff4fc9e..3e88a64d 100644
--- a/mount/Makefile.am
+++ b/mount/Makefile.am
@@ -33,7 +33,7 @@ mount_CFLAGS = $(SUID_CFLAGS) $(cflags_common)
 mount_LDFLAGS = $(SUID_LDFLAGS) $(AM_LDFLAGS)
 mount_LDADD = $(ldadd_common)
 
-umount_SOURCES = umount.c $(srcs_mount)
+umount_SOURCES = umount.c $(srcs_mount) $(top_srcdir)/lib/strtosize.c
 umount_CFLAGS = $(SUID_CFLAGS) $(cflags_common)
 umount_LDFLAGS = $(SUID_LDFLAGS) $(AM_LDFLAGS)
 umount_LDADD = $(ldadd_common)
diff --git a/mount/devname.c b/mount/devname.c
index 585d259f..05da092f 100644
--- a/mount/devname.c
+++ b/mount/devname.c
@@ -8,7 +8,7 @@ spec_to_devname(const char *spec)
 {
 	if (!spec)
 		return NULL;
-	if (is_pseudo_fs(spec))
+	if (nocanonicalize || is_pseudo_fs(spec))
 		return xstrdup(spec);
 	return fsprobe_get_devname_by_spec(spec);
 }
diff --git a/mount/fstab.5 b/mount/fstab.5
index c10490a4..99557194 100644
--- a/mount/fstab.5
+++ b/mount/fstab.5
@@ -87,6 +87,11 @@ writing LABEL=<label> or UUID=<uuid>,
 e.g., `LABEL=Boot' or `UUID=3e6be9de\%-8139\%-11d1\%-9106\%-a43f08d823a6'.
 This will make the system more robust: adding or removing a SCSI disk
 changes the disk device name but not the filesystem volume label.
+.LP
+Note that
+.BR mount (8)
+uses UUIDs as strings. The string representation of the UUID should be based on
+lower case characters.
 .RE
 
 .B The second field
diff --git a/mount/mount.8 b/mount/mount.8
index d8797e4e..b33e62f5 100644
--- a/mount/mount.8
+++ b/mount/mount.8
@@ -136,9 +136,19 @@ or
 The recommended setup is to use LABEL=<label> or UUID=<uuid> tags rather than
 .B /dev/disk/by-{label,uuid}
 udev symlinks in the /etc/fstab file. The tags are
-more readable, robust and portable. The mount(8) command internally uses udev
+more readable, robust and portable. The
+.BR mount (8)
+command internally uses udev
 symlinks, so use the symlinks in /etc/fstab is not advantage over LABEL=/UUID=.
-For more details see libblkid(3).
+For more details see
+.BR libblkid (3).
+
+Note that
+.BR mount (8)
+uses UUIDs as strings. The UUIDs from command line or
+.BR fstab (5)
+are not converted to internal binary representation. The string representation
+of the UUID should be based on lower case characters.
 
 The
 .I proc
@@ -830,6 +840,9 @@ option allows you to explicitly label the root inode of a FS being mounted
 before that FS or inode because visable to userspace. This was found to be
 useful for things like stateless linux.
 
+Note that kernel rejects any remount request that includes the context
+option even if unchanged from the current context.
+
 For more details, see
 .BR selinux (8)
 
@@ -1370,8 +1383,8 @@ compatible change and will be ignored by older kernels.
 .TP
 .BR journal_async_commit
 Commit block can be written to disk without waiting for descriptor blocks. If
-enabled older kernels cannot mount the device. This will enable
-'journal_checksum' internally.
+enabled older kernels cannot mount the device.
+This will enable 'journal_checksum' internally.
 .TP
 .BR journal=update
 Update the ext4 filesystem's journal to the current format.
@@ -2326,7 +2339,7 @@ preferred display. There are four modes:
 .TP
 .I lower
 Force the short name to lower case upon display; store a long name when
-the short name is not all upper case. This mode is the default.
+the short name is not all upper case.
 .TP
 .I win95
 Force the short name to upper case upon display; store a long name when
@@ -2338,7 +2351,7 @@ not all lower case or all upper case.
 .TP
 .I mixed
 Display the short name as is; store a long name when the short name is not
-all upper case.
+all upper case. This mode is the default since Linux 2.6.32.
 .RE
 
 
diff --git a/mount/mount.c b/mount/mount.c
index 0c02bdaa..fb3af554 100644
--- a/mount/mount.c
+++ b/mount/mount.c
@@ -1323,38 +1323,46 @@ cdrom_setspeed(const char *spec) {
 }
 
 /*
- * Check if @node is read-only filesystem by access() or futimens().
- *
- * Note that access(2) uses real-UID (= useless for suid programs)
- * and euidaccess(2) does not check for read-only FS.
+ * Check if @path is on read-only filesystem independently on file permissions.
  */
 static int
-is_readonly(const char *node)
+is_readonly(const char *path)
 {
-	int res = 0;
+	int fd;
+
+	if (access(path, W_OK) == 0)
+		return 0;
+	if (errno == EROFS)
+		return 1;
+	if (errno != EACCES)
+		return 0;
 
-	if (getuid() == geteuid()) {
-		if (access(node, W_OK) == -1 && errno == EROFS)
-			res = 1;
-	}
 #ifdef HAVE_FUTIMENS
-	else {
+	/*
+	 * access(2) returns EACCES on read-only FS:
+	 *
+	 * - for set-uid application if one component of the path is not
+	 *   accessible for the current rUID. (Note that euidaccess(2) does not
+	 *   check for EROFS at all).
+	 *
+	 * - for read-write filesystem with read-only VFS node (aka -o remount,ro,bind)
+	 */
+	fd = open(path, O_RDONLY);
+	if (fd >= 0) {
 		struct timespec times[2];
-		int fd = open(node, O_RDONLY);
-
-		if (fd < 0)
-			goto done;
+		int errsv = 0;
 
 		times[0].tv_nsec = UTIME_NOW;	/* atime */
 		times[1].tv_nsec = UTIME_OMIT;	/* mtime */
 
-		if (futimens(fd, times) == -1 && errno == EROFS)
-			res = 1;
+		if (futimens(fd, times) == -1)
+			errsv = errno;
 		close(fd);
+
+		return errsv == EROFS;
 	}
-done:
 #endif
-	return res;
+	return 0;
 }
 
 /*
@@ -1812,7 +1820,8 @@ mount_one (const char *spec, const char *node, const char *types,
 	}
 
 	/* Handle possible LABEL= and UUID= forms of spec */
-	if (types == NULL || (strncmp(types, "nfs", 3) &&
+	if (types == NULL || (strncmp(types, "9p", 2) &&
+			      strncmp(types, "nfs", 3) &&
 			      strncmp(types, "cifs", 4) &&
 			      strncmp(types, "smbfs", 5))) {
 		nspec = spec_to_devname(spec);
diff --git a/mount/swapon.c b/mount/swapon.c
index c7006550..d5114925 100644
--- a/mount/swapon.c
+++ b/mount/swapon.c
@@ -392,6 +392,10 @@ swapon_checks(const char *special)
 			warnx(_("%s: insecure permissions %04o, %04o suggested."),
 				special, st.st_mode & 07777,
 				~permMask & 0666);
+
+		if (S_ISREG(st.st_mode) && st.st_uid != 0)
+			warnx(_("%s: insecure file owner %d, 0 (root) suggested."),
+				special, st.st_uid);
 	}
 
 	/* test for holes by LBT */
diff --git a/mount/umount.c b/mount/umount.c
index 0ad7c5f9..49741a51 100644
--- a/mount/umount.c
+++ b/mount/umount.c
@@ -20,6 +20,7 @@
 #include "fstab.h"
 #include "env.h"
 #include "nls.h"
+#include "strtosize.h"
 
 #if defined(MNT_FORCE)
 /* Interesting ... it seems libc knows about MNT_FORCE and presumably
@@ -463,7 +464,7 @@ get_value(const char *list, const char *s) {
 static int
 is_valid_loop(struct mntentchn *mc, struct mntentchn *fs)
 {
-	unsigned long long offset = 0;
+	uintmax_t offset = 0;
 	char *p;
 
 	/* check if it begins with /dev/loop */
@@ -477,8 +478,11 @@ is_valid_loop(struct mntentchn *mc, struct mntentchn *fs)
 
 	/* check for offset option in fstab */
 	p = get_value(fs->m.mnt_opts, "offset=");
-	if (p)
-		offset = strtoull(p, NULL, 10);
+	if (p && strtosize(p, &offset)) {
+		if (verbose > 1)
+			printf(_("failed to parse 'offset=%s' options\n"), p);
+		return 0;
+	}
 
 	/* check association */
 	if (loopfile_used_with((char *) mc->m.mnt_fsname,