From nobody Sat Dec 28 21:26:07 2024 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4YLFlz2ky4z5jDN7; Sat, 28 Dec 2024 21:26:07 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4YLFlz1x8Tz44vW; Sat, 28 Dec 2024 21:26:07 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1735421167; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=2F5N6PKUiuqL1kdIxhgwzFCu/4KDxqL9IpEDc1b6Tbg=; b=yNP3AToavlr4NbJH6n40fslSYiYeuoDabKBH14u3Ns82YWC7PfNcJk9M7kcD7SZLu1wxzs tbUmZfNXfNIMeRmC2f7yRR4I/1eTE66UGNOYEsoMzGmcccsfoiEe/9KxoKVNtc0YC6kXPJ 1R6dKoaqcea0k0p1ZWH6VljssltfnkWjoHyJCKYNWcoqb8dB9KwE9ylA81JvCkR75xmu5S lfJQ/rD0fBBwshDQMu0v3kLOqcoddG6kcMroIBm2caeLYmpq4mgWR1xqv17ox1iDzGZ+YE xpW7L3wUyAm2tGDBWXfEJH6xOTqomOXjKv5rLcz/swJ7+9McGMXhROjcnUwe+Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1735421167; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=2F5N6PKUiuqL1kdIxhgwzFCu/4KDxqL9IpEDc1b6Tbg=; b=AYaWDD6g1OMb8xffZFqjGPcrQEj4GrQvxrHO+iPce0VcS4GpiIGt8+nohXqjnk2GqPfKRx 7x+lhE0yeKREU67WEp51JMb0YVEwhDMobDnZfLzkmyYPVAfiCBRWN49hIyW2swaCgGNsSR ytSH2mVDJyY2xA5f49nTjilvWNnqd1+3vcBxMGEPgVQpAgG8ApyejhLcJ1ytVHP+IBIrzN xnq+y5j4oSTIdoZ4kh3fA7yQKxVfN6d89nwqOzDkVqvM21IDyP4yxmAEkLdbB5/Mdta6RK pAe+pUaPgQ+qyG4vhinlER7TLvMkkDagymOzQ9XPd+FGtpCRdGghY1W8OICghA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1735421167; a=rsa-sha256; cv=none; b=tbDb7orPuoDfcxqZPvBvo+//D2RTuyeVcLwqh75PjzvdnQe7UXDhCd0bIlT3N66NEJP339 HQsCi9AxmPU6z1VGcoJ+nTZYQvNDEMFhbjpI6ZHrT1l0VVbqs3RWy8zGfIZb1jSjFwAZyP LWA6ec2WzlZbedReNoqgFEWQEcS8wqS6XjyrsiIuoaL0qkodVi2VfUp852/VEfnmUadDPo ediKMO4JSUVuInMTlS/mDnH76hFL15hjHkSlp2hASOyMi7l30+II1wvspDN5GqXOs6aZBx oCBr520E605bhm3KNM2RxljRw4IkZq1ud4wWMUPB+dvGokIU0iZIScdXw5sKaA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4YLFlz1NPbzh0v; Sat, 28 Dec 2024 21:26:07 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 4BSLQ7vA019944; Sat, 28 Dec 2024 21:26:07 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 4BSLQ77b019941; Sat, 28 Dec 2024 21:26:07 GMT (envelope-from git) Date: Sat, 28 Dec 2024 21:26:07 GMT Message-Id: <202412282126.4BSLQ77b019941@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Rick Macklem Subject: git: 07cd69e272da - main - mountd.c: Define a new -a command line option List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: rmacklem X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 07cd69e272da2f116950f2bde6dfcc404f869f0c Auto-Submitted: auto-generated The branch main has been updated by rmacklem: URL: https://cgit.FreeBSD.org/src/commit/?id=07cd69e272da2f116950f2bde6dfcc404f869f0c commit 07cd69e272da2f116950f2bde6dfcc404f869f0c Author: Rick Macklem AuthorDate: 2024-12-28 21:24:51 +0000 Commit: Rick Macklem CommitDate: 2024-12-28 21:24:51 +0000 mountd.c: Define a new -a command line option Bugzilla PR#282995 reported that, when a file system was exported with the "-alldirs" flag, the export succeeded even if the directory path was not a server file system mount point. This behaviour for "-alldirs" was only documented in the Example section of exports(5) and had not been enforced since FreeBSD2. (A patch applied between FreeBSD1 and FreeBSD2 broke the check for file system mount point.) Since the behaviour of allowing the export has existed since FreeBSD2, the concensus on a mailing list was that it would be a POLA violation to change it now. Therefore, this patch adds a new "-a" mountd command line option to enforce a check for the exported directory being a server file system mount point. PR: 282995 MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D48137 --- usr.sbin/mountd/mountd.c | 51 +++++++++++++++++++++++++++++++----------------- 1 file changed, 33 insertions(+), 18 deletions(-) diff --git a/usr.sbin/mountd/mountd.c b/usr.sbin/mountd/mountd.c index cb87535f6c3b..4457a925c2ed 100644 --- a/usr.sbin/mountd/mountd.c +++ b/usr.sbin/mountd/mountd.c @@ -215,7 +215,8 @@ static int do_export_mount(struct exportlist *, struct statfs *); static int do_mount(struct exportlist *, struct grouplist *, uint64_t, struct expcred *, char *, int, struct statfs *, int, int *); static int do_opt(char **, char **, struct exportlist *, - struct grouplist *, int *, uint64_t *, struct expcred *); + struct grouplist *, int *, uint64_t *, struct expcred *, + char *); static struct exportlist *ex_search(fsid_t *, struct exportlisthead *); static struct exportlist *get_exp(void); static void free_dir(struct dirlist *); @@ -292,6 +293,7 @@ static int sock_fdpos; static int suspend_nfsd = 0; static int nofork = 0; static int skiplocalhost = 0; +static int alldirs_fail = 0; static int opt_flags; static int have_v6 = 1; @@ -320,6 +322,7 @@ static gid_t *tmp_groups = NULL; #define OP_MASKLEN 0x200 #define OP_SEC 0x400 #define OP_CLASSMASK 0x800 /* mask not specified, is Class A/B/C default */ +#define OP_NOTROOT 0x1000 /* Mark the the mount path is not a fs root */ #ifdef DEBUG static int debug = 1; @@ -458,7 +461,7 @@ main(int argc, char **argv) else close(s); - while ((c = getopt(argc, argv, "2Adeh:lNnp:RrSs")) != -1) + while ((c = getopt(argc, argv, "2Aadeh:lNnp:RrSs")) != -1) switch (c) { case '2': force_v2 = 1; @@ -466,6 +469,9 @@ main(int argc, char **argv) case 'A': warn_admin = 0; break; + case 'a': + alldirs_fail = 1; + break; case 'e': /* now a no-op, since this is the default */ break; @@ -1590,6 +1596,7 @@ get_exportlist_one(int passno) v4root_phase = 0; dirhead = (struct dirlist *)NULL; unvis_dir[0] = '\0'; + fsb.f_mntonname[0] = '\0'; while (get_line()) { if (debug) @@ -1650,7 +1657,7 @@ get_exportlist_one(int passno) warnx("doing opt %s", cp); got_nondir = 1; if (do_opt(&cp, &endcp, ep, grp, &has_host, - &exflags, &anon)) { + &exflags, &anon, unvis_dir)) { getexp_err(ep, tgrp, NULL); goto nextline; } @@ -1731,19 +1738,9 @@ get_exportlist_one(int passno) fsb.f_fsid.val[1]); } - if (warn_admin != 0 && - (ep->ex_flag & EX_ADMINWARN) == 0 && - strcmp(unvis_dir, fsb.f_mntonname) != - 0) { - if (debug) - warnx("exporting %s exports entire " - "%s file system", unvis_dir, - fsb.f_mntonname); - syslog(LOG_ERR, "Warning: exporting %s " - "exports entire %s file system", - unvis_dir, fsb.f_mntonname); - ep->ex_flag |= EX_ADMINWARN; - } + if (strcmp(unvis_dir, fsb.f_mntonname) != + 0) + opt_flags |= OP_NOTROOT; /* * Add dirpath to export mount point. @@ -1813,6 +1810,17 @@ get_exportlist_one(int passno) "WARNING: No mask specified for %s, " "using out-of-date default", (&grp->gr_ptr.gt_net)->nt_name); + if ((opt_flags & OP_NOTROOT) != 0 && warn_admin != 0 && + (ep->ex_flag & EX_ADMINWARN) == 0 && unvis_dir[0] != '\0' && + fsb.f_mntonname[0] != '\0') { + if (debug) + warnx("exporting %s exports entire %s file " + "system", unvis_dir, fsb.f_mntonname); + syslog(LOG_ERR, "Warning: exporting %s exports " + "entire %s file system", unvis_dir, + fsb.f_mntonname); + ep->ex_flag |= EX_ADMINWARN; + } if (check_options(dirhead)) { getexp_err(ep, tgrp, NULL); goto nextline; @@ -2836,7 +2844,7 @@ parsesec(char *seclist, struct exportlist *ep) */ static int do_opt(char **cpp, char **endcpp, struct exportlist *ep, struct grouplist *grp, - int *has_hostp, uint64_t *exflagsp, struct expcred *cr) + int *has_hostp, uint64_t *exflagsp, struct expcred *cr, char *unvis_dir) { char *cpoptarg, *cpoptend; char *cp, *endcp, *cpopt, savedc, savedc2; @@ -2921,6 +2929,12 @@ do_opt(char **cpp, char **endcpp, struct exportlist *ep, struct grouplist *grp, syslog(LOG_ERR, "= after op: %s", cpopt); return (1); } + if ((opt_flags & OP_NOTROOT) != 0) { + syslog(LOG_ERR, "%s: path %s not mount point", + cpopt, unvis_dir); + if (alldirs_fail != 0) + return (1); + } opt_flags |= OP_ALLDIRS; } else if (!strcmp(cpopt, "public")) { if (fnd_equal == 1) { @@ -3317,7 +3331,8 @@ do_mount(struct exportlist *ep, struct grouplist *grp, uint64_t exflags, ret = 1; goto error_exit; } - if (opt_flags & OP_ALLDIRS) { + if ((opt_flags & OP_ALLDIRS) && + alldirs_fail != 0) { if (errno == EINVAL) syslog(LOG_ERR, "-alldirs requested but %s is not a filesystem mountpoint",