diff mbox

Error chdir with mount.cifs 4.3 and autofs.

Message ID 20100411195350.70c8ade2@corrin.poochiereds.net
State New
Headers show

Commit Message

Jeff Layton April 11, 2010, 11:53 p.m. UTC 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Sun, 11 Apr 2010 19:42:58 -0400
Jeff Layton <jlayton@samba.org> wrote:

> On Sun, 11 Apr 2010 17:57:34 +0200

> Stef Bon <stefbon@gmail.com> wrote:

> 

> > Hello,

> > 

> > I;m working with a combination of cifs and autofs (and a fuse module).

> > 

> > Now I'v tried the new version 4.3, and I get mount error's when

> > mount.cifs is used incombination with autofs.

> > When doing a mount manual, there is no problem.

> > 

> > The error is:

> > 

> > Couldn't chdir to

> > /mnt/mount.md5key/sbon/mount/8fa6f400cdf2f053817f3965188f4acc:

> > Permission denied

> > 

> 

> We'll probably have to do some troubleshooting to figure out what's

> wrong. Can you open a bug at bugzilla.samba.org and cc me on it?

> 

> Thanks,


Actually, scratch that. Does this patch fix it?

- -- 
Jeff Layton <jlayton@samba.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)

iEYEARECAAYFAkvCYRMACgkQyP0gxQMdzIC3DgCeN5P7GnTUcYuVaeeRqA+7ghxF
ZyIAmwR2WfIZLQfsdX/Y+gJzOGvCChSe
=+DAf
-----END PGP SIGNATURE-----

Comments

Stef Bon April 12, 2010, 8:07 a.m. UTC | #1 
Yes it's working again!

Stef

2010/4/12 Jeff Layton <jlayton@samba.org>:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Sun, 11 Apr 2010 19:42:58 -0400
> Jeff Layton <jlayton@samba.org> wrote:
>
>> On Sun, 11 Apr 2010 17:57:34 +0200
>> Stef Bon <stefbon@gmail.com> wrote:
>>
>> > Hello,
>> >
>> > I;m working with a combination of cifs and autofs (and a fuse module).
>> >
>> > Now I'v tried the new version 4.3, and I get mount error's when
>> > mount.cifs is used incombination with autofs.
>> > When doing a mount manual, there is no problem.
>> >
>> > The error is:
>> >
>> > Couldn't chdir to
>> > /mnt/mount.md5key/sbon/mount/8fa6f400cdf2f053817f3965188f4acc:
>> > Permission denied
>> >
>>
>> We'll probably have to do some troubleshooting to figure out what's
>> wrong. Can you open a bug at bugzilla.samba.org and cc me on it?
>>
>> Thanks,
>
> Actually, scratch that. Does this patch fix it?
>
> - --
> Jeff Layton <jlayton@samba.org>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.14 (GNU/Linux)
>
> iEYEARECAAYFAkvCYRMACgkQyP0gxQMdzIC3DgCeN5P7GnTUcYuVaeeRqA+7ghxF
> ZyIAmwR2WfIZLQfsdX/Y+gJzOGvCChSe
> =+DAf
> -----END PGP SIGNATURE-----
>
Jeff Layton April 12, 2010, 10:57 a.m. UTC | #2 
On Mon, 12 Apr 2010 10:07:28 +0200
Stef Bon <stefbon@gmail.com> wrote:

> Yes it's working again!
> 
> Stef
> 

Thanks for testing it. Committed to cifs-utils git repo. It should make
4.4 release.

Cheers,
diff mbox

Patch

From ff574b050ad9622330247ac5d4a056e931362b82 Mon Sep 17 00:00:00 2001
From: Jeff Layton <jlayton@samba.org>
Date: Sun, 11 Apr 2010 19:51:43 -0400
Subject: [PATCH] cifs: enable CAP_DAC_READ_SEARCH before chdir() and realpath() calls

It's possible that root won't have privileges to chdir or evaluate the
paths without that capability.

Signed-off-by: Jeff Layton <jlayton@samba.org>
---
 mount.cifs.c |    6 ++++++
 1 files changed, 6 insertions(+), 0 deletions(-)

diff --git a/mount.cifs.c b/mount.cifs.c
index 1aa3329..acab8c8 100644
--- a/mount.cifs.c
+++ b/mount.cifs.c
@@ -1596,6 +1596,9 @@  int main(int argc, char **argv)
 	mountpoint = argv[optind + 1];
 
 	/* chdir into mountpoint as soon as possible */
+	rc = toggle_dac_capability(0, 1);
+	if (rc)
+		return rc;
 	rc = chdir(mountpoint);
 	if (rc) {
 		fprintf(stderr, "Couldn't chdir to %s: %s\n", mountpoint,
@@ -1611,6 +1614,9 @@  int main(int argc, char **argv)
 		rc = EX_SYSERR;
 		goto mount_exit;
 	}
+	rc = toggle_dac_capability(0, 0);
+	if (rc)
+		return rc;
 
 	/*
 	 * mount.cifs does privilege separation. Most of the code to handle
-- 
1.6.6.1