mirror of
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git
synced 2025-01-11 17:04:19 +01:00
52bf64c787
Obtained from: Whistle Communications tree Add an option to the way UFS works dependent on the SUID bit of directories This changes makes things a whole lot simpler on systems running as fileservers for PCs and MACS. to enable the new code you must 1/ enable option SUIDDIR on the kernel. 2/ mount the filesystem with option suiddir. hopefully this makes it difficult enough for people to do this accidentally. see the new chmod(2) man page for detailed info.
615 lines
14 KiB
C
615 lines
14 KiB
C
/*-
|
|
* Copyright (c) 1980, 1989, 1993, 1994
|
|
* The Regents of the University of California. All rights reserved.
|
|
*
|
|
* Redistribution and use in source and binary forms, with or without
|
|
* modification, are permitted provided that the following conditions
|
|
* are met:
|
|
* 1. Redistributions of source code must retain the above copyright
|
|
* notice, this list of conditions and the following disclaimer.
|
|
* 2. Redistributions in binary form must reproduce the above copyright
|
|
* notice, this list of conditions and the following disclaimer in the
|
|
* documentation and/or other materials provided with the distribution.
|
|
* 3. All advertising materials mentioning features or use of this software
|
|
* must display the following acknowledgement:
|
|
* This product includes software developed by the University of
|
|
* California, Berkeley and its contributors.
|
|
* 4. Neither the name of the University nor the names of its contributors
|
|
* may be used to endorse or promote products derived from this software
|
|
* without specific prior written permission.
|
|
*
|
|
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
|
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
|
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
* SUCH DAMAGE.
|
|
*/
|
|
|
|
#ifndef lint
|
|
static const char copyright[] =
|
|
"@(#) Copyright (c) 1980, 1989, 1993, 1994\n\
|
|
The Regents of the University of California. All rights reserved.\n";
|
|
#endif /* not lint */
|
|
|
|
#ifndef lint
|
|
#if 0
|
|
static char sccsid[] = "@(#)mount.c 8.25 (Berkeley) 5/8/95";
|
|
#else
|
|
static const char rcsid[] =
|
|
"$Id: mount.c,v 1.20 1997/09/27 13:44:17 kato Exp $";
|
|
#endif
|
|
#endif /* not lint */
|
|
|
|
#include <sys/param.h>
|
|
#include <sys/mount.h>
|
|
#include <sys/stat.h>
|
|
#include <sys/wait.h>
|
|
|
|
#include <err.h>
|
|
#include <errno.h>
|
|
#include <fstab.h>
|
|
#include <pwd.h>
|
|
#include <signal.h>
|
|
#include <stdio.h>
|
|
#include <stdlib.h>
|
|
#include <string.h>
|
|
#include <unistd.h>
|
|
|
|
#include "extern.h"
|
|
#include "pathnames.h"
|
|
|
|
int debug, fstab_style, verbose;
|
|
|
|
char *catopt __P((char *, const char *));
|
|
struct statfs
|
|
*getmntpt __P((const char *));
|
|
int hasopt __P((const char *, const char *));
|
|
int ismounted __P((struct fstab *, struct statfs *, int));
|
|
int isremountable __P((const char *));
|
|
void mangle __P((char *, int *, const char **));
|
|
int mountfs __P((const char *, const char *, const char *,
|
|
int, const char *, const char *));
|
|
void prmount __P((struct statfs *));
|
|
void putfsent __P((const struct statfs *));
|
|
void usage __P((void));
|
|
|
|
/* Map from mount otions to printable formats. */
|
|
static struct opt {
|
|
int o_opt;
|
|
const char *o_name;
|
|
} optnames[] = {
|
|
{ MNT_ASYNC, "asynchronous" },
|
|
{ MNT_EXPORTED, "NFS exported" },
|
|
{ MNT_LOCAL, "local" },
|
|
{ MNT_NOATIME, "noatime" },
|
|
{ MNT_NODEV, "nodev" },
|
|
{ MNT_NOEXEC, "noexec" },
|
|
{ MNT_NOSUID, "nosuid" },
|
|
{ MNT_QUOTA, "with quotas" },
|
|
{ MNT_RDONLY, "read-only" },
|
|
{ MNT_SYNCHRONOUS, "synchronous" },
|
|
{ MNT_UNION, "union" },
|
|
{ MNT_NOCLUSTERR, "noclusterr" },
|
|
{ MNT_NOCLUSTERW, "noclusterw" },
|
|
{ MNT_SUIDDIR, "suiddir" },
|
|
{ NULL }
|
|
};
|
|
|
|
/*
|
|
* List of VFS types that can be remounted without becoming mounted on top
|
|
* of each other.
|
|
* XXX Is this list correct?
|
|
*/
|
|
static const char *
|
|
remountable_fs_names[] = {
|
|
"ufs", "ffs", "lfs", "ext2fs",
|
|
0
|
|
};
|
|
|
|
int
|
|
main(argc, argv)
|
|
int argc;
|
|
char * const argv[];
|
|
{
|
|
const char *mntfromname, **vfslist, *vfstype;
|
|
struct fstab *fs;
|
|
struct statfs *mntbuf;
|
|
FILE *mountdfp;
|
|
pid_t pid;
|
|
int all, ch, i, init_flags, mntsize, rval;
|
|
char *options;
|
|
|
|
all = init_flags = 0;
|
|
options = NULL;
|
|
vfslist = NULL;
|
|
vfstype = "ufs";
|
|
while ((ch = getopt(argc, argv, "adfo:prwt:uv")) != -1)
|
|
switch (ch) {
|
|
case 'a':
|
|
all = 1;
|
|
break;
|
|
case 'd':
|
|
debug = 1;
|
|
break;
|
|
case 'f':
|
|
init_flags |= MNT_FORCE;
|
|
break;
|
|
case 'o':
|
|
if (*optarg)
|
|
options = catopt(options, optarg);
|
|
break;
|
|
case 'p':
|
|
fstab_style = 1;
|
|
verbose = 1;
|
|
break;
|
|
case 'r':
|
|
init_flags |= MNT_RDONLY;
|
|
break;
|
|
case 't':
|
|
if (vfslist != NULL)
|
|
errx(1, "only one -t option may be specified.");
|
|
vfslist = makevfslist(optarg);
|
|
vfstype = optarg;
|
|
break;
|
|
case 'u':
|
|
init_flags |= MNT_UPDATE;
|
|
break;
|
|
case 'v':
|
|
verbose = 1;
|
|
break;
|
|
case 'w':
|
|
init_flags &= ~MNT_RDONLY;
|
|
break;
|
|
case '?':
|
|
default:
|
|
usage();
|
|
/* NOTREACHED */
|
|
}
|
|
argc -= optind;
|
|
argv += optind;
|
|
|
|
#define BADTYPE(type) \
|
|
(strcmp(type, FSTAB_RO) && \
|
|
strcmp(type, FSTAB_RW) && strcmp(type, FSTAB_RQ))
|
|
|
|
rval = 0;
|
|
switch (argc) {
|
|
case 0:
|
|
if ((mntsize = getmntinfo(&mntbuf, MNT_NOWAIT)) == 0)
|
|
err(1, "getmntinfo");
|
|
if (all) {
|
|
while ((fs = getfsent()) != NULL) {
|
|
if (BADTYPE(fs->fs_type))
|
|
continue;
|
|
if (checkvfsname(fs->fs_vfstype, vfslist))
|
|
continue;
|
|
if (hasopt(fs->fs_mntops, "noauto"))
|
|
continue;
|
|
if (ismounted(fs, mntbuf, mntsize))
|
|
continue;
|
|
if (mountfs(fs->fs_vfstype, fs->fs_spec,
|
|
fs->fs_file, init_flags, options,
|
|
fs->fs_mntops))
|
|
rval = 1;
|
|
}
|
|
} else if (fstab_style) {
|
|
for (i = 0; i < mntsize; i++) {
|
|
if (checkvfsname(mntbuf[i].f_fstypename, vfslist))
|
|
continue;
|
|
putfsent(&mntbuf[i]);
|
|
}
|
|
} else {
|
|
for (i = 0; i < mntsize; i++) {
|
|
if (checkvfsname(mntbuf[i].f_fstypename,
|
|
vfslist))
|
|
continue;
|
|
prmount(&mntbuf[i]);
|
|
}
|
|
}
|
|
exit(rval);
|
|
case 1:
|
|
if (vfslist != NULL)
|
|
usage();
|
|
|
|
if (init_flags & MNT_UPDATE) {
|
|
if ((mntbuf = getmntpt(*argv)) == NULL)
|
|
errx(1,
|
|
"unknown special file or file system %s.",
|
|
*argv);
|
|
if ((fs = getfsfile(mntbuf->f_mntonname)) != NULL)
|
|
mntfromname = fs->fs_spec;
|
|
else
|
|
mntfromname = mntbuf->f_mntfromname;
|
|
rval = mountfs(mntbuf->f_fstypename, mntfromname,
|
|
mntbuf->f_mntonname, init_flags, options, 0);
|
|
break;
|
|
}
|
|
if ((fs = getfsfile(*argv)) == NULL &&
|
|
(fs = getfsspec(*argv)) == NULL)
|
|
errx(1, "%s: unknown special file or file system.",
|
|
*argv);
|
|
if (BADTYPE(fs->fs_type))
|
|
errx(1, "%s has unknown file system type.",
|
|
*argv);
|
|
rval = mountfs(fs->fs_vfstype, fs->fs_spec, fs->fs_file,
|
|
init_flags, options, fs->fs_mntops);
|
|
break;
|
|
case 2:
|
|
/*
|
|
* If -t flag has not been specified, and spec contains either
|
|
* a ':' or a '@' then assume that an NFS filesystem is being
|
|
* specified ala Sun.
|
|
*/
|
|
if (vfslist == NULL && strpbrk(argv[0], ":@") != NULL)
|
|
vfstype = "nfs";
|
|
rval = mountfs(vfstype,
|
|
argv[0], argv[1], init_flags, options, NULL);
|
|
break;
|
|
default:
|
|
usage();
|
|
/* NOTREACHED */
|
|
}
|
|
|
|
/*
|
|
* If the mount was successfully, and done by root, tell mountd the
|
|
* good news. Pid checks are probably unnecessary, but don't hurt.
|
|
*/
|
|
if (rval == 0 && getuid() == 0 &&
|
|
(mountdfp = fopen(_PATH_MOUNTDPID, "r")) != NULL) {
|
|
if (fscanf(mountdfp, "%d", &pid) == 1 &&
|
|
pid > 0 && kill(pid, SIGHUP) == -1 && errno != ESRCH)
|
|
err(1, "signal mountd");
|
|
(void)fclose(mountdfp);
|
|
}
|
|
|
|
exit(rval);
|
|
}
|
|
|
|
int
|
|
ismounted(fs, mntbuf, mntsize)
|
|
struct fstab *fs;
|
|
struct statfs *mntbuf;
|
|
int mntsize;
|
|
{
|
|
int i;
|
|
|
|
if (fs->fs_file[0] == '/' && fs->fs_file[1] == '\0')
|
|
/* the root file system can always be remounted */
|
|
return (0);
|
|
|
|
for (i = mntsize - 1; i >= 0; --i)
|
|
if (strcmp(fs->fs_file, mntbuf[i].f_mntonname) == 0 &&
|
|
(!isremountable(fs->fs_vfstype) ||
|
|
strcmp(fs->fs_spec, mntbuf[i].f_mntfromname) == 0))
|
|
return (1);
|
|
return (0);
|
|
}
|
|
|
|
int
|
|
isremountable(vfsname)
|
|
const char *vfsname;
|
|
{
|
|
const char **cp;
|
|
|
|
for (cp = remountable_fs_names; *cp; cp++)
|
|
if (strcmp(*cp, vfsname) == 0)
|
|
return (1);
|
|
return (0);
|
|
}
|
|
|
|
int
|
|
hasopt(mntopts, option)
|
|
const char *mntopts, *option;
|
|
{
|
|
int negative, found;
|
|
char *opt, *optbuf;
|
|
|
|
if (option[0] == 'n' && option[1] == 'o') {
|
|
negative = 1;
|
|
option += 2;
|
|
} else
|
|
negative = 0;
|
|
optbuf = strdup(mntopts);
|
|
found = 0;
|
|
for (opt = optbuf; (opt = strtok(opt, ",")) != NULL; opt = NULL) {
|
|
if (opt[0] == 'n' && opt[1] == 'o') {
|
|
if (!strcasecmp(opt + 2, option))
|
|
found = negative;
|
|
} else if (!strcasecmp(opt, option))
|
|
found = !negative;
|
|
}
|
|
free(optbuf);
|
|
return (found);
|
|
}
|
|
|
|
int
|
|
mountfs(vfstype, spec, name, flags, options, mntopts)
|
|
const char *vfstype, *spec, *name, *options, *mntopts;
|
|
int flags;
|
|
{
|
|
/* List of directories containing mount_xxx subcommands. */
|
|
static const char *edirs[] = {
|
|
_PATH_SBIN,
|
|
_PATH_USRSBIN,
|
|
NULL
|
|
};
|
|
const char *argv[100], **edir;
|
|
struct stat sb;
|
|
struct statfs sf;
|
|
pid_t pid;
|
|
int argc, i, status;
|
|
char *optbuf, execname[MAXPATHLEN + 1], mntpath[MAXPATHLEN];
|
|
|
|
#if __GNUC__
|
|
(void)&optbuf;
|
|
(void)&name;
|
|
#endif
|
|
|
|
if (realpath(name, mntpath) != NULL && stat(mntpath, &sb) == 0) {
|
|
if (!S_ISDIR(sb.st_mode)) {
|
|
warnx("%s: Not a directory", mntpath);
|
|
return (1);
|
|
}
|
|
} else {
|
|
warn("%s", mntpath);
|
|
return (1);
|
|
}
|
|
|
|
name = mntpath;
|
|
|
|
if (mntopts == NULL)
|
|
mntopts = "";
|
|
if (options == NULL) {
|
|
if (*mntopts == '\0') {
|
|
options = "rw";
|
|
} else {
|
|
options = mntopts;
|
|
mntopts = "";
|
|
}
|
|
}
|
|
optbuf = catopt(strdup(mntopts), options);
|
|
|
|
if (strcmp(name, "/") == 0)
|
|
flags |= MNT_UPDATE;
|
|
if (flags & MNT_FORCE)
|
|
optbuf = catopt(optbuf, "force");
|
|
if (flags & MNT_RDONLY)
|
|
optbuf = catopt(optbuf, "ro");
|
|
/*
|
|
* XXX
|
|
* The mount_mfs (newfs) command uses -o to select the
|
|
* optimisation mode. We don't pass the default "-o rw"
|
|
* for that reason.
|
|
*/
|
|
if (flags & MNT_UPDATE)
|
|
optbuf = catopt(optbuf, "update");
|
|
|
|
argc = 0;
|
|
argv[argc++] = vfstype;
|
|
mangle(optbuf, &argc, argv);
|
|
argv[argc++] = spec;
|
|
argv[argc++] = name;
|
|
argv[argc] = NULL;
|
|
|
|
if (debug) {
|
|
(void)printf("exec: mount_%s", vfstype);
|
|
for (i = 1; i < argc; i++)
|
|
(void)printf(" %s", argv[i]);
|
|
(void)printf("\n");
|
|
return (0);
|
|
}
|
|
|
|
switch (pid = fork()) {
|
|
case -1: /* Error. */
|
|
warn("fork");
|
|
free(optbuf);
|
|
return (1);
|
|
case 0: /* Child. */
|
|
if (strcmp(vfstype, "ufs") == 0)
|
|
exit(mount_ufs(argc, (char * const *) argv));
|
|
|
|
/* Go find an executable. */
|
|
for (edir = edirs; *edir; edir++) {
|
|
(void)snprintf(execname,
|
|
sizeof(execname), "%s/mount_%s", *edir, vfstype);
|
|
execv(execname, (char * const *)argv);
|
|
}
|
|
if (errno == ENOENT) {
|
|
int len = 0;
|
|
char *cp;
|
|
for (edir = edirs; *edir; edir++)
|
|
len += strlen(*edir) + 2; /* ", " */
|
|
if ((cp = malloc(len)) == NULL) {
|
|
warn(NULL);
|
|
exit(1);
|
|
}
|
|
cp[0] = '\0';
|
|
for (edir = edirs; *edir; edir++) {
|
|
strcat(cp, *edir);
|
|
if (edir[1] != NULL)
|
|
strcat(cp, ", ");
|
|
}
|
|
warn("exec mount_%s not found in %s", vfstype, cp);
|
|
}
|
|
exit(1);
|
|
/* NOTREACHED */
|
|
default: /* Parent. */
|
|
free(optbuf);
|
|
|
|
if (waitpid(pid, &status, 0) < 0) {
|
|
warn("waitpid");
|
|
return (1);
|
|
}
|
|
|
|
if (WIFEXITED(status)) {
|
|
if (WEXITSTATUS(status) != 0)
|
|
return (WEXITSTATUS(status));
|
|
} else if (WIFSIGNALED(status)) {
|
|
warnx("%s: %s", name, sys_siglist[WTERMSIG(status)]);
|
|
return (1);
|
|
}
|
|
|
|
if (verbose) {
|
|
if (statfs(name, &sf) < 0) {
|
|
warn("statfs %s", name);
|
|
return (1);
|
|
}
|
|
if (fstab_style)
|
|
putfsent(&sf);
|
|
else
|
|
prmount(&sf);
|
|
}
|
|
break;
|
|
}
|
|
|
|
return (0);
|
|
}
|
|
|
|
void
|
|
prmount(sfp)
|
|
struct statfs *sfp;
|
|
{
|
|
int flags;
|
|
struct opt *o;
|
|
struct passwd *pw;
|
|
int f;
|
|
|
|
(void)printf("%s on %s", sfp->f_mntfromname, sfp->f_mntonname);
|
|
|
|
flags = sfp->f_flags & MNT_VISFLAGMASK;
|
|
for (f = 0, o = optnames; flags && o->o_opt; o++)
|
|
if (flags & o->o_opt) {
|
|
(void)printf("%s%s", !f++ ? " (" : ", ", o->o_name);
|
|
flags &= ~o->o_opt;
|
|
}
|
|
if (sfp->f_owner) {
|
|
(void)printf("%smounted by ", !f++ ? " (" : ", ");
|
|
if ((pw = getpwuid(sfp->f_owner)) != NULL)
|
|
(void)printf("%s", pw->pw_name);
|
|
else
|
|
(void)printf("%d", sfp->f_owner);
|
|
}
|
|
(void)printf(f ? ")\n" : "\n");
|
|
}
|
|
|
|
struct statfs *
|
|
getmntpt(name)
|
|
const char *name;
|
|
{
|
|
struct statfs *mntbuf;
|
|
int i, mntsize;
|
|
|
|
mntsize = getmntinfo(&mntbuf, MNT_NOWAIT);
|
|
for (i = 0; i < mntsize; i++)
|
|
if (strcmp(mntbuf[i].f_mntfromname, name) == 0 ||
|
|
strcmp(mntbuf[i].f_mntonname, name) == 0)
|
|
return (&mntbuf[i]);
|
|
return (NULL);
|
|
}
|
|
|
|
char *
|
|
catopt(s0, s1)
|
|
char *s0;
|
|
const char *s1;
|
|
{
|
|
size_t i;
|
|
char *cp;
|
|
|
|
if (s0 && *s0) {
|
|
i = strlen(s0) + strlen(s1) + 1 + 1;
|
|
if ((cp = malloc(i)) == NULL)
|
|
err(1, NULL);
|
|
(void)snprintf(cp, i, "%s,%s", s0, s1);
|
|
} else
|
|
cp = strdup(s1);
|
|
|
|
if (s0)
|
|
free(s0);
|
|
return (cp);
|
|
}
|
|
|
|
void
|
|
mangle(options, argcp, argv)
|
|
char *options;
|
|
int *argcp;
|
|
const char **argv;
|
|
{
|
|
char *p, *s;
|
|
int argc;
|
|
|
|
argc = *argcp;
|
|
for (s = options; (p = strsep(&s, ",")) != NULL;)
|
|
if (*p != '\0')
|
|
if (*p == '-') {
|
|
argv[argc++] = p;
|
|
p = strchr(p, '=');
|
|
if (p) {
|
|
*p = '\0';
|
|
argv[argc++] = p+1;
|
|
}
|
|
} else if (strcmp(p, "rw") != 0) {
|
|
argv[argc++] = "-o";
|
|
argv[argc++] = p;
|
|
}
|
|
|
|
*argcp = argc;
|
|
}
|
|
|
|
void
|
|
usage()
|
|
{
|
|
|
|
(void)fprintf(stderr,
|
|
"usage: mount %s %s\n mount %s\n mount %s\n",
|
|
"[-dfpruvw] [-o options] [-t ufs | external_type]",
|
|
"special node",
|
|
"[-adfpruvw] [-t ufs | external_type]",
|
|
"[-dfpruvw] special | node");
|
|
exit(1);
|
|
}
|
|
|
|
void
|
|
putfsent(ent)
|
|
const struct statfs *ent;
|
|
{
|
|
struct fstab *fst;
|
|
|
|
printf("%s\t%s\t%s %s", ent->f_mntfromname, ent->f_mntonname,
|
|
ent->f_fstypename, (ent->f_flags & MNT_RDONLY) ? "ro" : "rw");
|
|
|
|
/* XXX should use optnames[] - put shorter names in it. */
|
|
if (ent->f_flags & MNT_SYNCHRONOUS)
|
|
printf(",sync");
|
|
if (ent->f_flags & MNT_NOEXEC)
|
|
printf(",noexec");
|
|
if (ent->f_flags & MNT_NOSUID)
|
|
printf(",nosuid");
|
|
if (ent->f_flags & MNT_NODEV)
|
|
printf(",nodev");
|
|
if (ent->f_flags & MNT_UNION)
|
|
printf(",union");
|
|
if (ent->f_flags & MNT_ASYNC)
|
|
printf(",async");
|
|
if (ent->f_flags & MNT_NOATIME)
|
|
printf(",noatime");
|
|
if (ent->f_flags & MNT_NOCLUSTERR)
|
|
printf(",noclusterr");
|
|
if (ent->f_flags & MNT_NOCLUSTERW)
|
|
printf(",noclusterw");
|
|
|
|
if ((fst = getfsspec(ent->f_mntfromname)))
|
|
printf("\t%u %u\n", fst->fs_freq, fst->fs_passno);
|
|
else if ((fst = getfsfile(ent->f_mntonname)))
|
|
printf("\t%u %u\n", fst->fs_freq, fst->fs_passno);
|
|
else if (ent->f_type == MOUNT_UFS)
|
|
printf("\t1 1\n");
|
|
else
|
|
printf("\t0 0\n");
|
|
}
|