From nobody Sun Jan 19 23:54:18 2025 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Ybr0p6Xc4z5lt7x; Sun, 19 Jan 2025 23:54:18 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Ybr0p5THnz3Zwr; Sun, 19 Jan 2025 23:54:18 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1737330858; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=EOZTE/hKGUJvG512YViQRSQKjW6RW0rMElVvbd+0isk=; b=wlNZHBmcBSefndNhOlQfXb36nj9aKFItJmZQGw4YNZ/c4MzSEnyn1dhWYgud+oWf0ka5ZP hGGrrzvYf9sRnHCXmtRk5HRON/LDW0Z5CNWR104qWsiGaCbWwhV1+RVCNJfqLZXKoobC3v EYDnyyiksIp+qunAHbGc0UddzhE8u1kNli/w40O8B3Xzq9K9ViC7nfnmyOdcQom2JA+qP9 Pd5I8sN2kJn1rdXUXLju30jkLTEwgYI7jMGjZPEzIpknc/YQL8TN7KIJc+wXhppgtBFK1m RwZiQCMGhvxT6QSc6IkunnyGz1V9lMPpOkQEROACHzFgLmqnCYdX+c+7D0s9PA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1737330858; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=EOZTE/hKGUJvG512YViQRSQKjW6RW0rMElVvbd+0isk=; b=dBByQy3PzyfzfjDvpBWKP0l4pft7kj6+pFlQ0dhvwoZY5sqW9KZXLFkf1Kji/fPSKT4ff8 CKb1Rx9xEfg35r64yEz0EV2pXcms8zlec/ZTGip6MnLBaM8WnHhF9NyNZCme7uI0scEf6p ITfX+5DAIlMGqXvgoIMmme4n9dgvcz3+pIp824MonqQZBb5r7IdPnwoSu6sQbt1PfJh4jk oOH+/OfPeZ9FoxqJaI5H1kG/B3loHRRvJYOvvU7bC0D/31C0ZStrWaDxnoMhyzwX1quUui VbCOM7DiCocOcBHOEc+ilaCTl6lONDE+zx9VSCQow7aa61oYoxB/gRmjGKbUUA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1737330858; a=rsa-sha256; cv=none; b=pRNoFN8mW86ewkhELuYrgg46iFWzgAn05T8Ag7DB0kBpj8q5OpVnzhfg8bxw1BFueP0olT /Ffu+hbNz6FtzCCBZuBnnobUYZGrREjvohFoBRd+7aw3e99NYyCqR7DvUjnbpRnCVWwEwZ KQWIKpF6BclbiLpjz2bwV4cKXOC86PTTon6+hHEBrpWYzHuMjm6n7mg+ChR1kOnhY1dB5b Utg5Mtnh1rIuiNsmqXZqxBXUqDZSpfGrIszevg72rCil11sprJXz2njw6yDnWAnoWftVXm NkoZG/Ji//b3J/P2qyqAAYP6c1a2xns0LfMJ+OdZv/+2BCcCqd9H0KLhoVySgA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Ybr0p52vLz1BC3; Sun, 19 Jan 2025 23:54:18 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 50JNsIuw060822; Sun, 19 Jan 2025 23:54:18 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 50JNsIZ9060819; Sun, 19 Jan 2025 23:54:18 GMT (envelope-from git) Date: Sun, 19 Jan 2025 23:54:18 GMT Message-Id: <202501192354.50JNsIZ9060819@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Rick Macklem Subject: git: ead3cd3ef628 - stable/14 - mountd.c: Define a new -a command line option List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: rmacklem X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: ead3cd3ef628ab11e814eea7c673eb6407f96c55 Auto-Submitted: auto-generated The branch stable/14 has been updated by rmacklem: URL: https://cgit.FreeBSD.org/src/commit/?id=ead3cd3ef628ab11e814eea7c673eb6407f96c55 commit ead3cd3ef628ab11e814eea7c673eb6407f96c55 Author: Rick Macklem AuthorDate: 2024-12-28 21:24:51 +0000 Commit: Rick Macklem CommitDate: 2025-01-19 23:52:48 +0000 mountd.c: Define a new -a command line option Bugzilla PR#282995 reported that, when a file system was exported with the "-alldirs" flag, the export succeeded even if the directory path was not a server file system mount point. This behaviour for "-alldirs" was only documented in the Example section of exports(5) and had not been enforced since FreeBSD2. (A patch applied between FreeBSD1 and FreeBSD2 broke the check for file system mount point.) Since the behaviour of allowing the export has existed since FreeBSD2, the concensus on a mailing list was that it would be a POLA violation to change it now. Therefore, this patch adds a new "-a" mountd command line option to enforce a check for the exported directory being a server file system mount point. PR: 282995 (cherry picked from commit 07cd69e272da2f116950f2bde6dfcc404f869f0c) --- usr.sbin/mountd/mountd.c | 51 +++++++++++++++++++++++++++++++----------------- 1 file changed, 33 insertions(+), 18 deletions(-) diff --git a/usr.sbin/mountd/mountd.c b/usr.sbin/mountd/mountd.c index 20055d885b08..f412adbe741e 100644 --- a/usr.sbin/mountd/mountd.c +++ b/usr.sbin/mountd/mountd.c @@ -228,7 +228,8 @@ static int do_export_mount(struct exportlist *, struct statfs *); static int do_mount(struct exportlist *, struct grouplist *, uint64_t, struct expcred *, char *, int, struct statfs *, int, int *); static int do_opt(char **, char **, struct exportlist *, - struct grouplist *, int *, uint64_t *, struct expcred *); + struct grouplist *, int *, uint64_t *, struct expcred *, + char *); static struct exportlist *ex_search(fsid_t *, struct exportlisthead *); static struct exportlist *get_exp(void); static void free_dir(struct dirlist *); @@ -303,6 +304,7 @@ static int *sock_fd; static int sock_fdcnt; static int sock_fdpos; static int suspend_nfsd = 0; +static int alldirs_fail = 0; static int opt_flags; static int have_v6 = 1; @@ -331,6 +333,7 @@ static gid_t *tmp_groups = NULL; #define OP_MASKLEN 0x200 #define OP_SEC 0x400 #define OP_CLASSMASK 0x800 /* mask not specified, is Class A/B/C default */ +#define OP_NOTROOT 0x1000 /* Mark the the mount path is not a fs root */ #ifdef DEBUG static int debug = 1; @@ -469,7 +472,7 @@ main(int argc, char **argv) else close(s); - while ((c = getopt(argc, argv, "2Adeh:lnp:RrS")) != -1) + while ((c = getopt(argc, argv, "2Aadeh:lnp:RrS")) != -1) switch (c) { case '2': force_v2 = 1; @@ -477,6 +480,9 @@ main(int argc, char **argv) case 'A': warn_admin = 0; break; + case 'a': + alldirs_fail = 1; + break; case 'e': /* now a no-op, since this is the default */ break; @@ -1592,6 +1598,7 @@ get_exportlist_one(int passno) v4root_phase = 0; dirhead = (struct dirlist *)NULL; unvis_dir[0] = '\0'; + fsb.f_mntonname[0] = '\0'; while (get_line()) { if (debug) @@ -1652,7 +1659,7 @@ get_exportlist_one(int passno) warnx("doing opt %s", cp); got_nondir = 1; if (do_opt(&cp, &endcp, ep, grp, &has_host, - &exflags, &anon)) { + &exflags, &anon, unvis_dir)) { getexp_err(ep, tgrp, NULL); goto nextline; } @@ -1733,19 +1740,9 @@ get_exportlist_one(int passno) fsb.f_fsid.val[1]); } - if (warn_admin != 0 && - (ep->ex_flag & EX_ADMINWARN) == 0 && - strcmp(unvis_dir, fsb.f_mntonname) != - 0) { - if (debug) - warnx("exporting %s exports entire " - "%s file system", unvis_dir, - fsb.f_mntonname); - syslog(LOG_ERR, "Warning: exporting %s " - "exports entire %s file system", - unvis_dir, fsb.f_mntonname); - ep->ex_flag |= EX_ADMINWARN; - } + if (strcmp(unvis_dir, fsb.f_mntonname) != + 0) + opt_flags |= OP_NOTROOT; /* * Add dirpath to export mount point. @@ -1815,6 +1812,17 @@ get_exportlist_one(int passno) "WARNING: No mask specified for %s, " "using out-of-date default", (&grp->gr_ptr.gt_net)->nt_name); + if ((opt_flags & OP_NOTROOT) != 0 && warn_admin != 0 && + (ep->ex_flag & EX_ADMINWARN) == 0 && unvis_dir[0] != '\0' && + fsb.f_mntonname[0] != '\0') { + if (debug) + warnx("exporting %s exports entire %s file " + "system", unvis_dir, fsb.f_mntonname); + syslog(LOG_ERR, "Warning: exporting %s exports " + "entire %s file system", unvis_dir, + fsb.f_mntonname); + ep->ex_flag |= EX_ADMINWARN; + } if (check_options(dirhead)) { getexp_err(ep, tgrp, NULL); goto nextline; @@ -2838,7 +2846,7 @@ parsesec(char *seclist, struct exportlist *ep) */ static int do_opt(char **cpp, char **endcpp, struct exportlist *ep, struct grouplist *grp, - int *has_hostp, uint64_t *exflagsp, struct expcred *cr) + int *has_hostp, uint64_t *exflagsp, struct expcred *cr, char *unvis_dir) { char *cpoptarg, *cpoptend; char *cp, *endcp, *cpopt, savedc, savedc2; @@ -2923,6 +2931,12 @@ do_opt(char **cpp, char **endcpp, struct exportlist *ep, struct grouplist *grp, syslog(LOG_ERR, "= after op: %s", cpopt); return (1); } + if ((opt_flags & OP_NOTROOT) != 0) { + syslog(LOG_ERR, "%s: path %s not mount point", + cpopt, unvis_dir); + if (alldirs_fail != 0) + return (1); + } opt_flags |= OP_ALLDIRS; } else if (!strcmp(cpopt, "public")) { if (fnd_equal == 1) { @@ -3319,7 +3333,8 @@ do_mount(struct exportlist *ep, struct grouplist *grp, uint64_t exflags, ret = 1; goto error_exit; } - if (opt_flags & OP_ALLDIRS) { + if ((opt_flags & OP_ALLDIRS) && + alldirs_fail != 0) { if (errno == EINVAL) syslog(LOG_ERR, "-alldirs requested but %s is not a filesystem mountpoint",