summaryrefslogtreecommitdiffstats
path: root/debian/patches/upstream/libmount-allow-read-only-for-not-root-users.patch
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-27 13:14:45 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-27 13:14:45 +0000
commit1ceecc69711e82bee12203b95ac8fccfaad58b2d (patch)
treeef6b46cbd3d743073ea886c5d1eea074a0a2e295 /debian/patches/upstream/libmount-allow-read-only-for-not-root-users.patch
parentAdding upstream version 2.36.1. (diff)
downloadutil-linux-1ceecc69711e82bee12203b95ac8fccfaad58b2d.tar.xz
util-linux-1ceecc69711e82bee12203b95ac8fccfaad58b2d.zip
Adding debian version 2.36.1-8+deb11u1.debian/2.36.1-8+deb11u1debian
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'debian/patches/upstream/libmount-allow-read-only-for-not-root-users.patch')
-rw-r--r--debian/patches/upstream/libmount-allow-read-only-for-not-root-users.patch102
1 files changed, 102 insertions, 0 deletions
diff --git a/debian/patches/upstream/libmount-allow-read-only-for-not-root-users.patch b/debian/patches/upstream/libmount-allow-read-only-for-not-root-users.patch
new file mode 100644
index 0000000..9929f7e
--- /dev/null
+++ b/debian/patches/upstream/libmount-allow-read-only-for-not-root-users.patch
@@ -0,0 +1,102 @@
+From: Karel Zak <kzak@redhat.com>
+Date: Mon, 25 Jan 2021 11:11:05 +0100
+Subject: libmount: allow --read-only for not-root users
+
+The command "mount -r" was supported for non-root users in very old
+mount(8) versions. Unfortunately, in this case libmount replaces all
+mount options from command line by options from fstab. We need
+exception for MS_RDONLY.
+
+Fixes: https://github.com/karelzak/util-linux/issues/1235
+Signed-off-by: Karel Zak <kzak@redhat.com>
+---
+ libmount/src/context.c | 31 ++++++++++++++++++++++++-------
+ 1 file changed, 24 insertions(+), 7 deletions(-)
+
+diff --git a/libmount/src/context.c b/libmount/src/context.c
+index 46e2010..e4e9f8f 100644
+--- a/libmount/src/context.c
++++ b/libmount/src/context.c
+@@ -2319,9 +2319,12 @@ end:
+ return rc;
+ }
+
+-/* apply @fs to @cxt -- use mnt_context_apply_fstab() if not sure
++/* apply @fs to @cxt;
++ *
++ * @mflags are mount flags as specified on command-line -- used only to save
++ * MS_RDONLY which is allowed for non-root users.
+ */
+-int mnt_context_apply_fs(struct libmnt_context *cxt, struct libmnt_fs *fs)
++static int apply_fs(struct libmnt_context *cxt, struct libmnt_fs *fs, unsigned long mflags)
+ {
+ int rc;
+
+@@ -2333,6 +2336,7 @@ int mnt_context_apply_fs(struct libmnt_context *cxt, struct libmnt_fs *fs)
+ DBG(CXT, ul_debugobj(cxt, "use default optsmode"));
+ cxt->optsmode = MNT_OMODE_AUTO;
+ }
++
+ }
+
+ DBG(CXT, ul_debugobj(cxt, "apply entry:"));
+@@ -2360,9 +2364,15 @@ int mnt_context_apply_fs(struct libmnt_context *cxt, struct libmnt_fs *fs)
+
+ if (cxt->optsmode & MNT_OMODE_IGNORE)
+ ;
+- else if (cxt->optsmode & MNT_OMODE_REPLACE)
++ else if (cxt->optsmode & MNT_OMODE_REPLACE) {
+ rc = mnt_fs_set_options(cxt->fs, mnt_fs_get_options(fs));
+
++ /* mount --read-only for non-root users is allowed */
++ if (rc == 0 && (mflags & MS_RDONLY)
++ && mnt_context_is_restricted(cxt)
++ && cxt->optsmode == MNT_OMODE_USER)
++ rc = mnt_fs_append_options(cxt->fs, "ro");
++ }
+ else if (cxt->optsmode & MNT_OMODE_APPEND)
+ rc = mnt_fs_append_options(cxt->fs, mnt_fs_get_options(fs));
+
+@@ -2380,7 +2390,7 @@ done:
+ }
+
+ static int apply_table(struct libmnt_context *cxt, struct libmnt_table *tb,
+- int direction)
++ int direction, unsigned long mflags)
+ {
+ struct libmnt_fs *fs = NULL;
+ const char *src, *tgt;
+@@ -2418,7 +2428,14 @@ static int apply_table(struct libmnt_context *cxt, struct libmnt_table *tb,
+ if (!fs)
+ return -MNT_ERR_NOFSTAB; /* not found */
+
+- return mnt_context_apply_fs(cxt, fs);
++ return apply_fs(cxt, fs, mflags);
++}
++
++/* apply @fs to @cxt -- use mnt_context_apply_fstab() if not sure
++ */
++int mnt_context_apply_fs(struct libmnt_context *cxt, struct libmnt_fs *fs)
++{
++ return apply_fs(cxt, fs, 0);
+ }
+
+ /**
+@@ -2498,7 +2515,7 @@ int mnt_context_apply_fstab(struct libmnt_context *cxt)
+ DBG(CXT, ul_debugobj(cxt, "trying to apply fstab (src=%s, target=%s)", src, tgt));
+ rc = mnt_context_get_fstab(cxt, &tab);
+ if (!rc)
+- rc = apply_table(cxt, tab, MNT_ITER_FORWARD);
++ rc = apply_table(cxt, tab, MNT_ITER_FORWARD, mflags);
+ }
+
+ /* try mtab */
+@@ -2510,7 +2527,7 @@ int mnt_context_apply_fstab(struct libmnt_context *cxt)
+ else
+ rc = mnt_context_get_mtab(cxt, &tab);
+ if (!rc)
+- rc = apply_table(cxt, tab, MNT_ITER_BACKWARD);
++ rc = apply_table(cxt, tab, MNT_ITER_BACKWARD, mflags);
+ }
+
+ if (!mnt_context_switch_ns(cxt, ns_old))