diff options
Diffstat (limited to '')
| -rw-r--r-- | debian/patches/upstream/libmount-allow-read-only-for-not-root-users.patch | 102 |
1 files changed, 102 insertions, 0 deletions
diff --git a/debian/patches/upstream/libmount-allow-read-only-for-not-root-users.patch b/debian/patches/upstream/libmount-allow-read-only-for-not-root-users.patch new file mode 100644 index 0000000..9929f7e --- /dev/null +++ b/debian/patches/upstream/libmount-allow-read-only-for-not-root-users.patch @@ -0,0 +1,102 @@ +From: Karel Zak <kzak@redhat.com> +Date: Mon, 25 Jan 2021 11:11:05 +0100 +Subject: libmount: allow --read-only for not-root users + +The command "mount -r" was supported for non-root users in very old +mount(8) versions. Unfortunately, in this case libmount replaces all +mount options from command line by options from fstab. We need +exception for MS_RDONLY. + +Fixes: https://github.com/karelzak/util-linux/issues/1235 +Signed-off-by: Karel Zak <kzak@redhat.com> +--- + libmount/src/context.c | 31 ++++++++++++++++++++++++------- + 1 file changed, 24 insertions(+), 7 deletions(-) + +diff --git a/libmount/src/context.c b/libmount/src/context.c +index 46e2010..e4e9f8f 100644 +--- a/libmount/src/context.c ++++ b/libmount/src/context.c +@@ -2319,9 +2319,12 @@ end: + return rc; + } + +-/* apply @fs to @cxt -- use mnt_context_apply_fstab() if not sure ++/* apply @fs to @cxt; ++ * ++ * @mflags are mount flags as specified on command-line -- used only to save ++ * MS_RDONLY which is allowed for non-root users. + */ +-int mnt_context_apply_fs(struct libmnt_context *cxt, struct libmnt_fs *fs) ++static int apply_fs(struct libmnt_context *cxt, struct libmnt_fs *fs, unsigned long mflags) + { + int rc; + +@@ -2333,6 +2336,7 @@ int mnt_context_apply_fs(struct libmnt_context *cxt, struct libmnt_fs *fs) + DBG(CXT, ul_debugobj(cxt, "use default optsmode")); + cxt->optsmode = MNT_OMODE_AUTO; + } ++ + } + + DBG(CXT, ul_debugobj(cxt, "apply entry:")); +@@ -2360,9 +2364,15 @@ int mnt_context_apply_fs(struct libmnt_context *cxt, struct libmnt_fs *fs) + + if (cxt->optsmode & MNT_OMODE_IGNORE) + ; +- else if (cxt->optsmode & MNT_OMODE_REPLACE) ++ else if (cxt->optsmode & MNT_OMODE_REPLACE) { + rc = mnt_fs_set_options(cxt->fs, mnt_fs_get_options(fs)); + ++ /* mount --read-only for non-root users is allowed */ ++ if (rc == 0 && (mflags & MS_RDONLY) ++ && mnt_context_is_restricted(cxt) ++ && cxt->optsmode == MNT_OMODE_USER) ++ rc = mnt_fs_append_options(cxt->fs, "ro"); ++ } + else if (cxt->optsmode & MNT_OMODE_APPEND) + rc = mnt_fs_append_options(cxt->fs, mnt_fs_get_options(fs)); + +@@ -2380,7 +2390,7 @@ done: + } + + static int apply_table(struct libmnt_context *cxt, struct libmnt_table *tb, +- int direction) ++ int direction, unsigned long mflags) + { + struct libmnt_fs *fs = NULL; + const char *src, *tgt; +@@ -2418,7 +2428,14 @@ static int apply_table(struct libmnt_context *cxt, struct libmnt_table *tb, + if (!fs) + return -MNT_ERR_NOFSTAB; /* not found */ + +- return mnt_context_apply_fs(cxt, fs); ++ return apply_fs(cxt, fs, mflags); ++} ++ ++/* apply @fs to @cxt -- use mnt_context_apply_fstab() if not sure ++ */ ++int mnt_context_apply_fs(struct libmnt_context *cxt, struct libmnt_fs *fs) ++{ ++ return apply_fs(cxt, fs, 0); + } + + /** +@@ -2498,7 +2515,7 @@ int mnt_context_apply_fstab(struct libmnt_context *cxt) + DBG(CXT, ul_debugobj(cxt, "trying to apply fstab (src=%s, target=%s)", src, tgt)); + rc = mnt_context_get_fstab(cxt, &tab); + if (!rc) +- rc = apply_table(cxt, tab, MNT_ITER_FORWARD); ++ rc = apply_table(cxt, tab, MNT_ITER_FORWARD, mflags); + } + + /* try mtab */ +@@ -2510,7 +2527,7 @@ int mnt_context_apply_fstab(struct libmnt_context *cxt) + else + rc = mnt_context_get_mtab(cxt, &tab); + if (!rc) +- rc = apply_table(cxt, tab, MNT_ITER_BACKWARD); ++ rc = apply_table(cxt, tab, MNT_ITER_BACKWARD, mflags); + } + + if (!mnt_context_switch_ns(cxt, ns_old)) |