path: root/mount.cifs.c
Commit message (Collapse)AuthorAgeFilesLines
* mount.cifs: add fallthrough comments on fmask/dmask option casesJeff Layton2017-08-271-0/+2
| | | | | | ...to silence a couple of compiler warnings. Signed-off-by: Jeff Layton <jlayton@samba.org>
* mount.cifs: document SMBv3.1.1 and new seal optionAurelien Aptel2017-04-221-1/+1
| | | | Signed-off-by: Aurelien Aptel <aaptel@suse.com>
* mount.cifs: Remove data_blob.h includeThomas Witt2017-03-161-1/+0
| | | | | | | | data_blob.h includes talloc.h from libtalloc, but that is only marked as a dependency for cifs.upcall. No symbols from that header are used by cifs.mount, so remove it to avoid the libtalloc dependency Signed-off-by: Thomas Witt <pyromaniac@exherbo.org>
* treewide: Eliminate SAFE_FREEJeff Layton2017-02-241-11/+5
| | | | | | | | It just frees and then zeroes out the pointer. That's of dubious value in the places where it's currently being used. Just use free() instead. Signed-off-by: Jeff Layton <jlayton@samba.org>
* mount.cifs: Remove unneeded stdbool header includeGermano Percossi2016-11-271-1/+0
| | | | Signed-off-by: Germano Percossi <germano.percossi@citrix.com>
* mount.cifs: Fixed command line parsing and aligned with kernelGermano Percossi2016-11-271-35/+47
| | | | | | | | | | | | | | | | | | | | | | | The way token matching was done was consuming the parameters namespace quickly. For example, anything starting with "dom" was interpreted with domain, while it could have been a completely different word. The same is true even for "ro". Moreover, many perfectly valid options like "addr" where not accepted. The cifs kernel module is very strict when it comes to names: 'dom' and 'domain' are valid while 'domai' is not, so the userspace tool needs to comply otherwise it becomes very difficult to come up with new names for options. Now, checking is strict and as close as possible to kernel. When it is not, it is just to avoid breaking compatibility with some users. However, workg has been removed because it is too lazy and undocumented. The only variable left without strict checking is 'x-' because the intent is to ignore anything starting in that way Signed-off-by: Germano Percossi <germano.percossi@citrix.com>
* mount.cifs: Accept empty domains on the command lineGermano Percossi2016-11-271-3/+12
| | | | | | | | | | | | | | | | If we do not allow empty domains on the command line we are preventing the kernel module from taking different actions if the domain has not been specified at all or just passed empty. In fact, with this fix the cifs module behaves differently once an empty domain is passed: the find_domain_name function is not invoked when an empty domain is passed. It is possible to pass both 'domain=' or 'domain=""' even though the kernel module will accept the former only when associated with the sloppy option. Signed-off-by: Germano Percossi <germano.percossi@citrix.com>
* mount.cifs: Removed extra comma in front of domainGermano Percossi2016-11-271-1/+1
| | | | Signed-off-by: Germano Percossi <germano.percossi@citrix.com>
* mount.cifs: ignore x-* mount optionsKarel Zak2016-01-071-0/+2
| | | | | | | | | | | | | | | | | | x-* prefix is used for userspace mount options and it's pretty commonly used to extend fstab configuration in systemd world (e.g. x-systemd.automount). These options is necessary to ignored. The command mount(8) does not pass x-* mount options to mount.<type> helpers, but in some use-cases it's possible that the cifs helper reads mount options from fstab or users directly call mount.cifs and copy & past mount options, etc. This patch marks all options prefixed by "x-" as OPT_IGNORE to make things more robust for end-users. We already uses the same concept for _netdev. Signed-off-by: Karel Zak <kzak@redhat.com> Signed-off-by: Jeff Layton <jlayton@samba.org>
* mount.cifs: on 2nd try mount.cifs must also uppercase "orig_dev"Guenter Kukkukk2014-07-011-1/+2
| | | | | | | | | | | Recent kernels now ignore "unc=..." mount option. mount.cifs, when getting errno=ENXIO, retries the mount with uppercased hostname, sharename and prefixpath in the "unc=..." mount option, which is ignored now in the kernel. Used e.g. during OS/2 mounts, which fail now. Also uppercase the now used "orig_dev" parameter. Signed-off-by: Guenter Kukkukk <kukks@samba.org>
* mount.cifs: fix bad free() of string returned by dirname()Jeff Layton2013-10-111-11/+18
| | | | | | | | | | | | | | | | | | | | | | Coverity says: Error: CPPCHECK_WARNING: [#def10] cifs-utils-6.2/mount.cifs.c:1518: error[memleakOnRealloc]: Common realloc mistake: 'mtabdir' nulled but not freed upon failure del_mtab has a number of bugs in handling of allocated memory: a) the return value of strdup() is not checked b) It calls realloc() on a pointer that wasn't returned by an allocation function (e.g. malloc, calloc, etc.) c) If realloc() fails, it doesn't call free() on the original memory returned by strdup() Fix all of these bugs and add newlines to the end of the error messages in del_mtab. Signed-off-by: Jeff Layton <jlayton@samba.org>
* Do not rely on hardcoded path to systemd-ask-password.Michał Górny2013-07-301-2/+2
| | | | | | | | | | Relying on hardcoded /bin/systemd-ask-password path breaks systemd that install systemd-ask-password in /usr/bin. Since both paths are supposed to be in ${PATH} and popen() passes the command to shell, just pass 'systemd-ask-password' and let the shell find it. Fixes: https://bugzilla.samba.org/show_bug.cgi?id=10054 Signed-off-by: Michał Górny <mgorny@gentoo.org>
* cifs-utils: Correct max string lengths v2Scott Lovenberg2013-07-221-7/+16
| | | | | | | The max size of the username, domain, and password strings are now consistent with the kernel and Microsoft's documentation. Signed-off-by: Scott Lovenberg <scott.lovenberg@gmail.com>
* cifs-utils: fix some sparse warningsJeff Layton2013-07-181-3/+3
| | | | Signed-off-by: Jeff Layton <jlayton@samba.org>
* mount.cifs: Trivial comment fixesScott Lovenberg2013-04-101-2/+2
| | | | | | Two trivial comment fixes. Signed-off-by: Scott Lovenberg <scott.lovenberg@gmail.com>
* mount.cifs: remove support for "NFS syntax"Jeff Layton2013-03-221-28/+10
| | | | | | | ...as promised for version 6.0. Cc: Scott Lovenberg <scott.lovenberg@gmail.com> Signed-off-by: Jeff Layton <jlayton@samba.org>
* mount.cifs: set parsed_info->got_user when a cred file supplies a usernameJeff Layton2013-01-131-1/+2
| | | | | | | | | | | commit 85d18a1ed introduced a regression when using a credentials file. It set the username in the parsed mount info properly, but didn't set the "got_user" flag in it. Also, fix an incorrect strlcpy length specifier in open_cred_file. Reported-by: "Mantas M." <grawity@gmail.com> Signed-off-by: Jeff Layton <jlayton@samba.org>
* mount.cifs: remove support for "complex" usernames from mount.cifsJeff Layton2013-01-071-102/+9
| | | | | | | | In commit 569cfcb3a, we added a warning of the removal for support for username= options in the form of DOMAIN/username%password. This patch removes that support as promised prior to the 5.9 release. Signed-off-by: Jeff Layton <jlayton@samba.org>
* mount.cifs: don't pass "flag" options to the kernelJeff Layton2012-12-031-16/+8
| | | | | | | | When certain options are passed to the mount helper, we want to turn them into mountflags for the mount() syscall. There's no need to copy them to the options string in that case though. Signed-off-by: Jeff Layton <jlayton@samba.org>
* mount.cifs: treat uid=,gid=,cruid= options as name before assuming they're a ↵Jeff Layton2012-12-031-26/+24
| | | | | | | | | | | | | | | | number Sergio Conrad reported a problem trying to set up an autofs map to do a krb5 mount. In his environment, many users have usernames that are comprised entirely of numbers. While that's a bit odd, POSIX apparently allows for it. The current code assumes that when a numeric argument is passed to one of the above options, that it's a uid or gid. Instead, try to treat the argument as a user or group name first, and only try to treat it as a number if that fails. Signed-off-by: Jeff Layton <jlayton@samba.org>
* mount.cifs: fix argument count checkJeff Layton2012-11-091-1/+1
| | | | | | | | | | | | The argv < 3 check could return true if you pass in some option flags. If you don't provide any further arguments then you might just walk off the end of the argv array. The values past the end aren't guaranteed to be NULL in that case. Fix the check to just look at whether there are 2 more arguments after the getopt processing is done. Signed-off-by: Jeff Layton <jlayton@samba.org>
* mount.cifs: add warning that NFS syntax is deprecated and will beScott Lovenberg2012-10-231-0/+4
| | | | | | | removed in cifs-utils-6.0. [jlayton: Added newline to end of warning] Signed-off-by: Scott Lovenberg <scott.lovenberg@gmail.com>
* mount.cifs: implement the "nofail" optionJeff Layton2012-10-081-1/+8
| | | | | | | | | | | | The mount(8) manpage lists this as a fs-independent option: nofail: Do not report errors for this device if it does not exist. Implement that in mount.cifs by not returning an error if we were unable to find a suitable address for the mount attempt. Reported-by: Peter Trenholme <PTrenholme@gmail.com> Signed-off-by: Jeff Layton <jlayton@samba.org>
* mount.cifs: running out of addresses is not a system errorJeff Layton2012-09-121-1/+1
| | | | | | | | | | This patch fixes a minor regression. It used to be that when the mount helper would run out of addresses that it would return EX_FAIL to userspace. It now returns EX_SYSERR which is incorrect. Reinstate the correct error code. Reported-by: Ales Zelinka <azelinka@redhat.com> Signed-off-by: Jeff Layton <jlayton@samba.org>
* mount.cifs: silence compiler warnings about ignoring return codeJeff Layton2012-08-231-2/+2
| | | | | | | In this case we explicitly don't care what these functions return, so declare a couple of unused variables to catch the results. Signed-off-by: Jeff Layton <jlayton@samba.org>
* mount.cifs: handle username= differently depending on sec= optionJeff Layton2012-08-071-11/+34
| | | | | | | | | | | | | | | | | This patch is intended as a temporary workaround for krb5 users that need to specify usernames with '/' in them. I intend to remove this hack from mount.cifs once the legacy username handling code is removed. The idea here is to save off the raw username string while we're parsing options. If the mount options specify "sec=krb5" or "sec=krb5i" then we'll not do the legacy username parsing and will instead just pass in the username string as-is. Obviously, this is a nasty hack and we don't really want to carry this in perpetuity, so this can go away once the "legacy" username parsing has gone away. Signed-off-by: Jeff Layton <jlayton@samba.org>
* mount.cifs: deprecate the DOMAIN/username%password username syntaxJeff Layton2012-08-071-0/+14
| | | | | | | | | | | | | | | | | | | mount.cifs has in the past allowed users to specify a username using the above syntax, which would populate the domain and password fields with the different pieces. Unfortunately, there are cases where it is legit to have a '/' in a username. krb5 SPNs generally contain a '/' and we have no clear way to distinguish between the two. I don't see any real value in keeping that syntax allowed. It's no easier than specifying "pass=" and "domain=" on the command line. Ditto for credential files. Begin the transition away from that syntax by adding a warning message that support for it will be removed in 5.9. Signed-off-by: Jeff Layton <jlayton@samba.org>
* mount.cifs: Use errno instead of having unknown errorLuk Claes2012-07-191-0/+1
| | | | | | When access() fails, use errno for a sensible error message. Signed-off-by: Luk Claes <luk@debian.org>
* mount.cifs: Use systemd's mechanism for getting password, if present.Ankit Jain2012-07-181-5/+71
| | | | | | | | | If systemd is running and /bin/systemd-ask-password if available, then use that else fallback on getpass(..). And add a --enable-systemd configure option, which defaults to yes. Signed-off-by: Ankit Jain <jankit@suse.com>
* mount.cifs: set rc to 0 in libcap toggle_dac_capabilityJeff Layton2012-06-141-1/+1
| | | | | | | | | | | | | | | | Thus spake Jochen: The mount.cifs program from the cifs-utils package 5.5 did not work on my Linux system. It just exited without an error message and did not mount anything. [...] I think, when this variable rc is now used in this function, it has also to be properly initialized there. Reported-by: Jochen Roderburg <roderburg@uni-koeln.de> Signed-off-by: Jeff Layton <jlayton@samba.org>
* mount.cifs: unused variablesLuk Claes2012-05-191-2/+2
* mount.cifs: remove smb2 multicall binary codeJeff Layton2012-05-171-57/+4
| | | | | | | | | This was added when it was thought that smb2 would be a different fstype altogether. Now that we are not adding a separate fstype, this code is no longer needed since nothing will ever call /sbin/mount.smb2. Cc: Steve French <smfrench@gmail.com> Signed-off-by: Jeff Layton <jlayton@samba.org>
* mount.cifs: don't send a mandatory ver= option to the kernelJeff Layton2012-05-171-13/+7
| | | | | | | | | | | | | | Traditionally, this ver= option was used to specify the "options version" that we're passing in. It has always been set to '1' though and we have never changed that. Eventually we want to have a ver= (or vers=) option that allows users to specify the SMB version that they want to use to talk to the server. At that point, this option will just get in the way. Let's go ahead and remove it now in preparation for that day. Signed-off-by: Jeff Layton <jlayton@samba.org>
* mount.cifs: don't pass credentials= option to the kernelJeff Layton2012-05-021-2/+4
| | | | | | | | | | We handle this option in userspace, so there's little value in also passing it to the kernel. Also fix minor double-comma nit in the options string. Reported-by: Ronald <ronald645@gmail.com> Signed-off-by: Jeff Layton <jlayton@samba.org>
* mount.cifs: remove unnecessary getuid() check in libcap version of ↵Jeff Layton2012-04-201-3/+0
| | | | | | | | | | | toggle_dac_capability I'm not sure what I was thinking when I added that check in, but it's been there since the inception. We shouldn't care at all what the real uid is when we call toggle_dac_capability and indeed we don't care with the libcap-ng version. Remove that check. Signed-off-by: Jeff Layton <jlayton@samba.org>
* mount.cifs: toggle_dac_capability() stores return codeLars Mueller2012-04-201-1/+1
| | | | | | | | | | | | | | | | the build process of the cifs-utils for Mandriva 2011 made me notice of the unused variable rc in toggle_dac_capability() of mount.cifs.c. A bit up in the code we store the return value and do not make use of it while calling return. The attached patch intends to fix this. The failing build result is still visible at https://build.opensuse.org/package/live_build_log?arch=x86_64&package=cifs-utils&project=network%3Asamba%3ASTABLE&repository=Mandriva_2011 Acked-by: Suresh Jayaraman <sjayaraman@suse.com> Signed-off-by: Lars Mueller <lmuelle@suse.com>
* mount.cifs: uninitialized variables in mount.cifsLars Mueller2012-04-201-2/+2
| | | | | | | | | | older gcc versions (4.3 in the case of SUSE Linux Enterprise 11 SP 1 and SP 2) complain about uninitialized variables in the recent 5.4 release. The attached patch makes the build process a bit quieter. Acked-by: Suresh Jayaraman <sjayaraman@suse.com> Signed-off-by: Lars Mueller <lmuelle@suse.com>
* mount.cifs: fix up some -D_FORTIFY_SOURCE=2 warningsJeff Layton2012-04-191-6/+8
| | | | | | | ...and add -D_FORTIFY_SOURCE=2 to the default $CFLAGS. Acked-by: Acked-by: Suresh Jayaraman <sjayaraman@suse.com> Signed-off-by: Jeff Layton <jlayton@samba.org>
* mount.cifs: don't allow unprivileged users to mount onto dirs to which theyJeff Layton2012-04-021-19/+66
| | | | | | | | | | | | | | | | | | | | | | | | | | | | can't chdir If mount.cifs is installed as a setuid root program, then a user can use it to gather information about files and directories to which he does not have access. One of the first things that mount.cifs does is to chdir() into the mountpoint and then proceeds to perform the mount onto ".". A malicious user could exploit this fact to determine information about directories to which he does not have access. Specifically, whether the dentry in question is a file or directory and whether it exists at all. This patch fixes this by making the program switch the fsuid to the real uid for unprivileged users when mounting. Note that this is a behavior change. mount.cifs has in the past allowed users to mount onto any directory as long as it's listed in /etc/fstab as a user mount. With this change, the user must also be able to chdir into the mountpoint without needing special privileges. Hopefully not many people have such a pathological configuration. This patch should fix CVE-2012-1586. Reported-by: Jesus Olmos <jesus.olmos@blueliv.com> Signed-off-by: Jeff Layton <jlayton@samba.org>
* mount.cifs: add support for -s optionJeff Layton2012-03-061-1/+9
| | | | | | | | | | autofs generally calls mount helpers with '-s'. Handle that the same way we do for NFS -- append ",sloppy" option to the mount options. The kernel can look for that option to decide whether to ignore unknown mount options, warn, or error out. Signed-off-by: Jeff Layton <jlayton@samba.org>
* mount.cifs: fix tests for strtoul successJeff Layton2012-02-231-5/+7
| | | | | | | | | | | | | | | | | | | | | The current test just looks to see if errno was 0 after the conversion but we need to do a bit more. According to the strtoul manpage: If there were no digits at all, strtoul() stores the original value of nptr in *endptr (and returns 0). So, if you pass in a string of letters, strtoul will return 0, but won't actually have converted anything. Luckily, in most cases, /bin/mount papers over this bug by doing uid/gid conversions itself before calling mount.cifs. Fix this by also checking to ensure that strtoul() converted the entire string in addition to checking that it didn't set errno. While we're at it, fix the test in backupuid/backupgid options as well which don't currently check whether errno got set. Reported-by: Kyle Squizzato <ksquizza@redhat.com> Signed-off-by: Jeff Layton <jlayton@samba.org>
* util: move getusername to util.cJeff Layton2012-01-171-11/+0
| | | | Signed-off-by: Jeff Layton <jlayton@samba.org>
* mount.cifs: handle errors from rename() in del_mtabJeff Layton2012-01-161-1/+5
| | | | | | | | The new del_mtab code ignored errors from rename(). Make it handle that error as well like it does other errors. Cc: Carlos Maiolino <cmaiolino@redhat.com> Signed-off-by: Jeff Layton <jlayton@samba.org>
* mount.cifs: Properly update mtab during remountCarlos Maiolino2012-01-161-1/+98
| | | | | | | | | | | | | During a remount of a cifs filesystem, the mtab file is not properly updated, which leads to a doubled entry of the same filesystem in the /etc/mtab file. This patch adds a new function del_mtab() which is called before the add_mtab() in case the fs is being remounted. The del_mtab() function will delete from the mtab, the old entry from the filesystem which is being remounted, and then, calls add_mtab() to add an updated entry to the mtab file. Signed-off-by: Carlos Maiolino <cmaiolino@redhat.com>
* mount.cifs: Add mount options for backup intent and their manpages (try #8)Shirish Pargaonkar2011-10-191-2/+78
| | | | | | | Add mount options backupuid and backugid and their manpage contents. Check for either a valid uid/gid or valid user/group name. Signed-off-by: Shirish Pargaonkar <shirishpargaonkar@gmail.com>
* mount.cifs: fix the conflict between rwpidforward and rw mount optionsPavel Shilovsky2011-08-291-1/+1
| | | | | | | | Both these options are started with "rw" - that's why the first one isn't switched on even if it is specified. Fix this by adding a length check for "rw" option check. Signed-off-by: Pavel Shilovsky <piastry@etersoft.ru>
* mount.cifs: check_newline returns EX_USAGE on error, not -1Jeff Layton2011-07-291-2/+1
| | | | | Reported-by: Jan Lieskovsky <jlieskov@redhat.com> Signed-off-by: Jeff Layton <jlayton@samba.org>
* mtab: handle ENOSPC/EFBIG condition properly when altering mtabJeff Layton2011-07-121-2/+25
| | | | | | | | | | | | | | | | | | | | | | | | | It's possible that when mount.cifs goes to append the mtab that there won't be enough space to do so, and the mntent won't be appended to the file in its entirety. Add a my_endmntent routine that will fflush and then fsync the FILE if that succeeds. If either fails then it will truncate the file back to its provided size. It will then call endmntent unconditionally. Have add_mtab call fstat on the opened mtab file in order to get the size of the file before it has been appended. Assuming that that succeeds, use my_endmntent to ensure that the file is not corrupted before closing it. It's possible that we'll have a small race window where the mtab is incorrect, but it should be quickly corrected. This was reported some time ago as CVE-2011-1678: http://openwall.com/lists/oss-security/2011/03/04/9 ...and it seems to fix the reproducer that I was able to come up with. Signed-off-by: Jeff Layton <jlayton@samba.org> Reviewed-by: Suresh Jayaraman <sjayaraman@suse.de>
* mount.cifs: fix test for strtoul failure in mount.cifsJeff Layton2011-04-151-4/+7
| | | | | | | | | | | | It currently test to see if errno == -EINVAL and whether the endptr is '\0'. That's not correct however. What we really want it to do is check to see if any error occurred by setting errno to 0 before the conversion. If one did, then try to treat the value as a name. Also fix a bogus compiler warning about cruid being uninitialized. Reported-by: Jian Li <jiali@redhat.com> Signed-off-by: Jeff Layton <jlayton@samba.org>
* mount.cifs: Use original device string all the wayLuk Claes2011-04-081-24/+3
| | | | | | | | Don't construct a device name, but use the original device string to mount so the device name in /proc/mounts matches the one in /etc/fstab. Signed-off-by: Luk Claes <luk@debian.org>