Jeff Layton [Wed, 1 Jun 2011 19:41:45 +0000 (15:41 -0400)]
autoconf: bump release to 5.0
Signed-off-by: Jeff Layton <jlayton@samba.org>
Jeff Layton [Wed, 1 Jun 2011 19:27:17 +0000 (15:27 -0400)]
manpage: fix some manpage nits
Fix alignment of columns and trailing whitespace in cifs.idmap(8). Fix
request-key.conf(5) reference in cifs.idmap(8) and cifs.upcall(8).
Signed-off-by: Jeff Layton <jlayton@samba.org>
Shirish Pargaonkar [Wed, 1 Jun 2011 19:27:10 +0000 (15:27 -0400)]
cifs-utils: Create man pages for cifs.idmap program (try #2)
Create man pages for program cifs.idmap
Enable cifs.idmap config option by default.
Signed-off-by: Shirish Pargaonkar <shirishpargaonkar@gmail.com>
Jeff Layton [Wed, 1 Jun 2011 12:47:21 +0000 (08:47 -0400)]
README: suggest use of autoreconf -i
Otherwise you get warnings about missing files with recent autotools.
Signed-off-by: Jeff Layton <jlayton@samba.org>
Jeff Layton [Tue, 31 May 2011 00:05:01 +0000 (20:05 -0400)]
manpage: change mention of kernel 2.6.40 to 3.0.0
...to match the change in versioning.
Signed-off-by: Jeff Layton <jlayton@samba.org>
Pavel Shilovsky [Tue, 31 May 2011 00:02:27 +0000 (20:02 -0400)]
manpage: add entry for rwpidforward option
Signed-off-by: Pavel Shilovsky <piastry@etersoft.ru>
Pavel Shilovsky [Tue, 31 May 2011 00:02:19 +0000 (20:02 -0400)]
manpage: add decription about matching superblock to wsize= option
...according to shared superblock capability merged into cifs-2.6
git tree recently.
Signed-off-by: Pavel Shilovsky <piastry@etersoft.ru>
Jeff Layton [Thu, 26 May 2011 18:56:37 +0000 (14:56 -0400)]
manpage: update the description of the wsize= option
...to account for the changes in the async write patchset.
Signed-off-by: Jeff Layton <jlayton@samba.org>
Jeff Layton [Tue, 24 May 2011 18:50:00 +0000 (14:50 -0400)]
cifs.upcall: don't syslog usage message
Signed-off-by: Jeff Layton <jlayton@samba.org>
Jeff Layton [Tue, 24 May 2011 18:49:58 +0000 (14:49 -0400)]
cifs.idmap: remove 2 unused variables
cifs.idmap.c: In function ‘cifs_idmap’:
cifs.idmap.c:85:16: warning: unused variable ‘gr’ [-Wunused-variable]
cifs.idmap.c:84:17: warning: unused variable ‘pw’ [-Wunused-variable]
Signed-off-by: Jeff Layton <jlayton@samba.org>
Shirish Pargaonkar [Tue, 24 May 2011 18:49:56 +0000 (14:49 -0400)]
cifs-utils: Create new binary cifs.idmap for sid to uid/gid mapping (try #4)
Handle cifs.idmap type of key. Extract a SID string from the description
and map it to either an uid or gid using winbind APIs.
If that fails (e.g. because winbind is not installed/running or winbind
returns an error), kernel assigns uid and gid (from mount superblock).
Enable including winbind header files and idmapping code conditional
to winbind devel rpms (header and library).
An entry such as this
create cifs.idmap * * /usr/sbin/cifs.idmap %k
is needed in the file /etc/request-key.conf.
[Note: Modified to not build new tool by default, and to fix up some
whitespace munging]
Modified-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Shirish Pargaonkar <shirishpargaonkar@gmail.com>
Pavel Shilovsky [Fri, 20 May 2011 11:36:33 +0000 (07:36 -0400)]
manpage: make serverino and noserverino option descriptions clear
Signed-off-by: Pavel Shilovsky <piastry@etersoft.ru>
Jeff Layton [Fri, 15 Apr 2011 11:49:51 +0000 (07:49 -0400)]
mount.cifs: fix test for strtoul failure in mount.cifs
It currently test to see if errno == -EINVAL and whether the endptr
is '\0'. That's not correct however. What we really want it to do is
check to see if any error occurred by setting errno to 0 before the
conversion. If one did, then try to treat the value as a name.
Also fix a bogus compiler warning about cruid being uninitialized.
Reported-by: Jian Li <jiali@redhat.com>
Signed-off-by: Jeff Layton <jlayton@samba.org>
Luk Claes [Fri, 8 Apr 2011 18:13:35 +0000 (14:13 -0400)]
mount.cifs: Use original device string all the way
Don't construct a device name, but use the original device string
to mount so the device name in /proc/mounts matches the one in
/etc/fstab.
Signed-off-by: Luk Claes <luk@debian.org>
Pavel Shilovsky [Tue, 15 Mar 2011 17:30:44 +0000 (13:30 -0400)]
manpage: add entry for strictcache option
Signed-off-by: Pavel Shilovsky <piastry@etersoft.ru>
Jeff Layton [Tue, 15 Mar 2011 17:30:37 +0000 (13:30 -0400)]
autoconf: bump version to 4.9.1 for interim builds
Signed-off-by: Jeff Layton <jlayton@samba.org>
Jeff Layton [Fri, 4 Mar 2011 19:54:18 +0000 (14:54 -0500)]
autoconf: bump release to 4.9
Signed-off-by: Jeff Layton <jlayton@samba.org>
Jeff Layton [Tue, 15 Feb 2011 18:30:47 +0000 (13:30 -0500)]
mount.cifs: fix handling of scopeid in resolve_host
We get a pointer to the end of the address string (ipaddr), but the call
snprintf and pass in tmpbuf which is a pointer to the beginning of the
address string. If someone passes in an address with a scopeid then we
end up overwriting the entire address string.
Reported-by: Björn JACKE <bj@sernet.de>
Signed-off-by: Jeff Layton <jlayton@samba.org>
Jeff Layton [Tue, 8 Feb 2011 20:33:09 +0000 (15:33 -0500)]
mount.cifs: reacquire CAP_DAC_READ_SEARCH before calling mount(2)
It's possible that the user is trying to mount onto a directory to which
he doesn't have execute perms. If that's the case then the mount will
currently fail. Fix this by reenabling CAP_DAC_READ_SEARCH before
calling mount(2). That will ensure that the kernel's permissions check
for this is bypassed.
Reported-by: Erik Logtenberg <erik@logtenberg.eu>
Signed-off-by: Jeff Layton <jlayton@samba.org>
Reviewed-by: Steve French <sfrench@us.ibm.com>
Jeff Layton [Tue, 1 Feb 2011 19:24:30 +0000 (14:24 -0500)]
mount.cifs: fix possible use of uninitialized variable
It's possible to "goto return_i" in this function at several points
before line_buf is set. At that point, the NULL pointer check won't
work correctly and we can end up with a SIGSEGV.
Signed-off-by: Jeff Layton <jlayton@samba.org>
Jeff Layton [Mon, 31 Jan 2011 20:04:35 +0000 (15:04 -0500)]
mount.cifs: don't try to alter mtab if it's a symlink
Some distros replace /etc/mtab with a symlink to /proc/mounts. In that
situation, mount.cifs will hang for a while trying to lock the mtab.
/bin/mount checks to see if the mtab is a symlink. If it is or if a
stat() call on it fails, it doesn't try to to update the mtab. Have
mount.cifs do the same.
Signed-off-by: Jeff Layton <jlayton@samba.org>
Jeff Layton [Mon, 31 Jan 2011 16:54:44 +0000 (11:54 -0500)]
autoconf: bump release to 4.8.2 for interim builds
Signed-off-by: Jeff Layton <jlayton@samba.org>
Jeff Layton [Thu, 20 Jan 2011 02:04:14 +0000 (21:04 -0500)]
autoconf: bump release to 4.8.1
The 4.8 release had mis-generated autoconf files (they didn't include
the libcap-ng autoconf goop). 4.8.1 will have that fixed.
Signed-off-by: Jeff Layton <jlayton@samba.org>
Jeff Layton [Sun, 16 Jan 2011 01:24:58 +0000 (20:24 -0500)]
autoconf: bump release to 4.8
Signed-off-by: Jeff Layton <jlayton@samba.org>
Jeff Layton [Fri, 14 Jan 2011 20:37:34 +0000 (15:37 -0500)]
manpage: fix the SEE ALSO section
It references umount.cifs(8) which is no longer shipped as part of
cifs-utils. Replace it with a reference to cifs.upcall(8) instead.
Signed-off-by: Jeff Layton <jlayton@samba.org>
Jeff Layton [Fri, 14 Jan 2011 20:37:14 +0000 (15:37 -0500)]
mount.cifs: add cruid= mount option
Allow admins to pass in a username for the cruid= mount option.
Signed-off-by: Jeff Layton <jlayton@samba.org>
Reviewed-by: Shirish Pargaonkar <shirishpargaonkar@gmail.com>
Jeff Layton [Fri, 14 Jan 2011 20:37:01 +0000 (15:37 -0500)]
mount.cifs: clean up handling of uid= and gid=
The handling of these options is quite convoluted. Change it so that
these options are stored as numbers and then appended to the option
strings.
Signed-off-by: Jeff Layton <jlayton@samba.org>
Reviewed-by: Shirish Pargaonkar <shirishpargaonkar@gmail.com>
Jeff Layton [Fri, 14 Jan 2011 20:32:07 +0000 (15:32 -0500)]
cifs.upcall: add keytab support for unattended mounts
Based on a patch from a few years ago by Igor Mammedov. This patch
adds the ability for cifs.upcall to establish a TGT using the
system-default keytab.
Signed-off-by: Jeff Layton <jlayton@samba.org>
Acked-by: Igor Mammedov <niallain@gmail.com>
Jeff Layton [Fri, 14 Jan 2011 20:31:56 +0000 (15:31 -0500)]
cifs.upcall: debug logging for the key description parser
Signed-off-by: Jeff Layton <jlayton@samba.org>
Acked-by: Igor Mammedov <niallain@gmail.com>
Jeff Layton [Fri, 14 Jan 2011 20:31:50 +0000 (15:31 -0500)]
cifs.upcall: save off username field from key description
Signed-off-by: Jeff Layton <jlayton@samba.org>
Acked-by: Igor Mammedov <niallain@gmail.com>
Jeff Layton [Fri, 14 Jan 2011 20:31:44 +0000 (15:31 -0500)]
cifs.upcall: clean up key description decoding routine
...and switch the code to using strndup. Check for allocation errors as
well, and fix some off-by-one bugs in the ones that decode strings.
Signed-off-by: Jeff Layton <jlayton@samba.org>
Acked-by: Igor Mammedov <niallain@gmail.com>
Jeff Layton [Fri, 7 Jan 2011 03:57:08 +0000 (22:57 -0500)]
cifs.upcall: consolidate find_krb5_cc calls
Signed-off-by: Jeff Layton <jlayton@samba.org>
Acked-by: Igor Mammedov <niallain@gmail.com>
Jeff Layton [Wed, 5 Jan 2011 15:52:19 +0000 (10:52 -0500)]
cifs.upcall: fix crash when trying to free uninitialized var
If cifs.upcall is passed an invalid argument then it will "goto out".
The decoded_args struct however is uninitialized at that point so it
will usually segfault when trying to free fields in it. Move the
initialization up in the function.
Signed-off-by: Jeff Layton <jlayton@samba.org>
Jeff Layton [Wed, 5 Jan 2011 15:52:19 +0000 (10:52 -0500)]
cifs.upcall: add 'l' to getopt_long string
Reported-by: Stefan Walter <walteste@inf.ethz.ch>
Signed-off-by: Jeff Layton <jlayton@samba.org>
Reviewed-by: Shirish Pargaonkar <shirishpargaonkar@gmail.com>
Pavel Shilovsky [Wed, 5 Jan 2011 12:23:37 +0000 (07:23 -0500)]
manpage: change port option description
Provide changes according to new ip/port connection logic in CIFS.
Signed-off-by: Pavel Shilovsky <piastryyy@gmail.com>
Stefan Metzmacher [Tue, 28 Dec 2010 19:21:34 +0000 (14:21 -0500)]
cifs.upcall: use krb5_auth_con_set_req_cksumtype() and pass a GSSAPI checksum (bug #7890)
Some closed source SMB servers doesn't support all checksum types,
so we should try to match windows clients.
This is almost the same logic which is used by Samba.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Tue, 28 Dec 2010 19:21:31 +0000 (14:21 -0500)]
cifs.upcall: use krb5_auth_con_init() to create an explicit auth_context
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Tue, 28 Dec 2010 19:21:26 +0000 (14:21 -0500)]
cifs.upcall: fix memory and call krb5_auth_con_free()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Jeff Layton [Tue, 14 Dec 2010 17:05:04 +0000 (12:05 -0500)]
cifs-utils: fixes for manpage pathname replacement scheme
Fix up some small problems with pathname replacement:
1) replace the bare 'sed' with $(SED)
2) '\@' is apparently not portable, so we need to use a different scheme
in case we end up using a non-typical sed binary.
3) do the sed conversion to a new file and then move it into place. If
sed falls down halfway through the conversion we could end up with
a half-baked manpage.
4) use the $@ construct for brevity and maintainability
5) add a comment so that the rationale behind this is explained
Many thanks to several folks inside Red Hat who pointed out these
issues.
Signed-off-by: Jeff Layton <jlayton@samba.org>
Jeff Layton [Thu, 9 Dec 2010 14:37:52 +0000 (09:37 -0500)]
cifs-utils: rewrite hardcoded paths in manpages
Currently the manpages (particularly cifs.upcall.8) have hardcoded
paths in them that need to be manually adjusted. Replace those
paths with @sbindir@ and add a makefile target that will use sed
to replace those paths with the ones set by autoconf.
Signed-off-by: Jeff Layton <jlayton@samba.org>
Suresh Jayaraman [Thu, 9 Dec 2010 14:37:52 +0000 (09:37 -0500)]
mount.cifs: manpage: add entry for "actimeo" option
Signed-off-by: Suresh Jayaraman <sjayaraman@suse.de>
Signed-off-by: Jeff Layton <jlayton@samba.org>
Jeff Layton [Thu, 9 Dec 2010 14:30:03 +0000 (09:30 -0500)]
cifs-utils: bump version number to 4.7.1 for interim builds
Signed-off-by: Jeff Layton <jlayton@samba.org>
Jeff Layton [Tue, 19 Oct 2010 18:59:49 +0000 (14:59 -0400)]
autoconf: bump release to 4.7
Signed-off-by: Jeff Layton <jlayton@samba.org>
Jeff Layton [Fri, 8 Oct 2010 19:11:58 +0000 (15:11 -0400)]
manpage: add mount.cifs manpage entry for "multiuser" option
Signed-off-by: Jeff Layton <jlayton@samba.org>
Jeff Layton [Fri, 8 Oct 2010 19:11:57 +0000 (15:11 -0400)]
mount.cifs: reinstate ip= as an override for address resolution
The manpage says:
ip=arg
sets the destination IP address. This option is set automatically
if the server name portion of the requested UNC name can be
resolved so rarely needs to be specified by the user.
...but recent changes have made it not work anymore as an override if
someone specifies an ip= option as part of the mount options. Reinstate
that behavior by copying the ip= option verbatim into the addrlist of
the parsed options struct and then skipping the name resolution. That
should allow the ip= option to pass unadulterated to the kernel.
Signed-off-by: Jeff Layton <jlayton@samba.org>
Björn Jacke [Tue, 24 Aug 2010 17:30:05 +0000 (13:30 -0400)]
mount.cifs: use monotonic time for timeouts
this is especially important during the boot process, where the clock is often
being set initially and clock jumps are more common.
Björn Jacke [Tue, 24 Aug 2010 17:29:59 +0000 (13:29 -0400)]
autoconf: add checks for clock_gettime
Igor Druzhinin [Fri, 20 Aug 2010 18:53:38 +0000 (14:53 -0400)]
cifs-utils: infrastructure for stashing passwords in keyring
It is a userspace part of a new infrastructure for stashing passwords
in kernel keyring per user basis. The patch adds the "cifscreds"
utility for management keys with credentials. Assembling of the utility
from the distribution is possible with --enable-cifscreds=yes option of
configure script.
Signed-off-by: Igor Druzhinin <jaxbrigs@gmail.com>
Igor Druzhinin [Fri, 20 Aug 2010 18:53:05 +0000 (14:53 -0400)]
cifs-utils: moving resolve_host into separate file
The resolve_host routine from mount.cifs is carried out in
separate file and appropriate corrections are made.
Signed-off-by: Igor Druzhinin <jaxbrigs@gmail.com>
Suresh Jayaraman [Wed, 4 Aug 2010 11:55:54 +0000 (07:55 -0400)]
mount.cifs: remove redundant error assignment
Avoid setting error code twice by moving error handling out of add_mtab_exit
block. We already set error code and report error in other places.
Signed-off-by: Suresh Jayaraman <sjayaraman@suse.de>
Jeff Layton [Wed, 4 Aug 2010 10:35:24 +0000 (06:35 -0400)]
autoconf: bump version number to 4.6.1 for non-release builds
Signed-off-by: Jeff Layton <jlayton@samba.org>
Jeff Layton [Fri, 30 Jul 2010 12:17:01 +0000 (08:17 -0400)]
autoconf: bump version to 4.6
Signed-off-by: Jeff Layton <jlayton@samba.org>
Jeff Layton [Tue, 27 Jul 2010 19:24:04 +0000 (15:24 -0400)]
data_blob: change for loop indices to a unsigned int
To silence these warnings:
data_blob.c: In function ‘data_blob_hex_string_lower’:
data_blob.c:155:16: warning: comparison between signed and unsigned integer
expressions
data_blob.c: In function ‘data_blob_hex_string_upper’:
data_blob.c:172:16: warning: comparison between signed and unsigned integer
expressions
Signed-off-by: Jeff Layton <jlayton@samba.org>
Jeff Layton [Tue, 27 Jul 2010 19:20:44 +0000 (15:20 -0400)]
cifs.upcall: swap c99 initializers for memset calls
gcc says:
cifs.upcall.c: In function ‘cifs_krb5_get_req’:
cifs.upcall.c:261:2: warning: missing initializer
cifs.upcall.c:261:2: warning: (near initialization for ‘in_creds.client’)
cifs.upcall.c: In function ‘main’:
cifs.upcall.c:622:9: warning: missing initializer
cifs.upcall.c:622:9: warning: (near initialization for ‘arg.ver’)
...this is probably just gcc being balky, but we can silence the
warning. It may also be a micro optimization in an error condition
if we delay zeroing out the struct until it's needed.
Signed-off-by: Jeff Layton <jlayton@samba.org>
Jeff Layton [Tue, 27 Jul 2010 19:09:27 +0000 (15:09 -0400)]
mtab: add __attribute__((unused)) to unused variables
...to silence -Wextra warnings.
Signed-off-by: Jeff Layton <jlayton@samba.org>
Jeff Layton [Tue, 27 Jul 2010 19:09:23 +0000 (15:09 -0400)]
automake: add -Wextra to CFLAGS
...for extra warning goodness.
Signed-off-by: Jeff Layton <jlayton@samba.org>
Suresh Jayaraman [Tue, 27 Jul 2010 17:35:59 +0000 (13:35 -0400)]
mount.cifs: document the 'fsc' mount option
Changes since last post:
- added the information about the kernel CONFIG option
- also added the information that caching is currently enabled for files opened as read-only
Document the newly added local caching feature using FS-Cache. This patch
could be queued and considered once the local caching patches gets merged
upstream.
Signed-off-by: Suresh Jayaraman <sjayaraman@suse.de>
Suresh Jayaraman [Tue, 27 Jul 2010 16:52:44 +0000 (12:52 -0400)]
mount.cifs: clarify 'fsc' mount option
Changes since last post:
- added the information about the kernel CONFIG option
- also added the information that caching is currently enabled for files opened as read-only
Document the newly added local caching feature using FS-Cache. This patch
could be queued and considered once the local caching patches gets merged
upstream.
Signed-off-by: Suresh Jayaraman <sjayaraman@suse.de>
Jeff Layton [Tue, 27 Jul 2010 16:33:33 +0000 (12:33 -0400)]
autoconf: bump version to 4.5.2
Signed-off-by: Jeff Layton <jlayton@samba.org>
Suresh Jayaraman [Tue, 27 Jul 2010 15:11:43 +0000 (11:11 -0400)]
mount.cifs: add 'fsc' mount option to the usage help text
Add 'fsc' mount option to the 'Less commonly used options' section of
mount.cifs usage help text. As with the previous patch, this one too could be
queued and considered once the local caching patches gets merged upstream.
Signed-off-by: Suresh Jayaraman <sjayaraman@suse.de>
Suresh Jayaraman [Tue, 27 Jul 2010 15:10:26 +0000 (11:10 -0400)]
manpages: document 'fsc' mount option
Document the newly added local caching feature using FS-Cache. This patch
could be queued and considered once the local caching patches gets merged
upstream.
Signed-off-by: Suresh Jayaraman <sjayaraman@suse.de>
Jeff Layton [Tue, 27 Jul 2010 11:37:05 +0000 (07:37 -0400)]
mount.cifs: handle the "mand" and "nomand" mount options (try #2)
These are filesystem-independent mount options that get passed to
mount.cifs too. Handle them appropriately by enabling and disabling
MS_MANDLOCK and not handing them off to the kernel.
Also, don't set MS_MANDLOCK by default. There's no reason to ask the
kernel to enforce mandatory locking by default. This also matches
up better with the way that "mand" is set in the mtab.
Signed-off-by: Jeff Layton <jlayton@samba.org>
Jeff Layton [Tue, 27 Jul 2010 11:33:51 +0000 (07:33 -0400)]
mount.cifs: ignore the "_netdev" mount option
This mount options is used to clue in init scripts that the filesystem
shouldn't be mounted until networking is available. /bin/mount also passes
that option to the filesystem however, and cifs currently chokes on it.
mount.nfs ignores this option -- have mount.cifs do the same.
Signed-off-by: Jeff Layton <jlayton@samba.org>
Jeff Layton [Mon, 26 Jul 2010 17:00:44 +0000 (13:00 -0400)]
cifs.upcall: require a uid= or creduid= parm
Even though all known kernels send the uid= parm to userspace,
cifs.upcall doesn't technically require it. It should though. If one
wasn't sent for some reason, then the setuid wouldn't occur. Error out
if there is no uid= or creduid= parm.
Signed-off-by: Jeff Layton <jlayton@samba.org>
Jeff Layton [Fri, 23 Jul 2010 19:28:32 +0000 (15:28 -0400)]
cifs.upcall: use "creduid=" parm by default when available
When I did the original krb5 implementation, I goofed and ended up making
it so that when someone specifies the "uid=" mount option that also affects
the owner of the krb5 credential cache and not just the ownership of the
mount. I'm proposing a patch for the kernel to attempt to fix this by
making the kernel send a "creduid=" parameter in the upcall which is
intended to be the user that should own the credentials cache.
That's not necessarily the same user that has "ownership" of the mount.
Usually the creduid= will be set to the real uid of the user doing the
mounting. When multisession mounts are introduced they will usually set
this to the fsuid that walks into the mount.
To ease the transition, this patch also adds a command line switch that
makes cifs.upcall use the "legacy" uid= parameter instead. Use that if you
want it to behave like it used to.
Signed-off-by: Jeff Layton <jlayton@samba.org>
Jeff Layton [Wed, 7 Jul 2010 14:48:39 +0000 (10:48 -0400)]
mount.cifs: switch to using _PATH_MNTTAB and paths.h
The code currently uses fstab.h and _PATH_FSTAB, but uClibc apparently
doesn't have that header. It does have paths.h and _PATH_MNTTAB however
and so does glibc, so use that instead.
Fixes samba bug #7539.
Reported-and-Tested-by: Armin Kuster <linux@kama-aina.net>
Signed-off-by: Jeff Layton <jlayton@samba.org>
Jeff Layton [Wed, 16 Jun 2010 14:50:54 +0000 (10:50 -0400)]
mount.cifs: use original device name as-is for mtab
We don't want to alter the device name in any way for the mtab as
/bin/umount depends on the string being identical for user mounts.
Signed-off-by: Jeff Layton <jlayton@samba.org>
Scott Lovenberg [Sun, 6 Jun 2010 11:33:40 +0000 (07:33 -0400)]
mount.cifs: accept all supported values for dir_mode
The option parsing function now accepts all values for 'dir_mode' that
are supported by the kernel side code.
Signed-off-by: Scott Lovenberg <scott.lovenberg@gmail.com>
Jeff Layton [Sun, 6 Jun 2010 11:31:42 +0000 (07:31 -0400)]
cifs-utils: bump version number to 4.5.1
...to distinguish interim builds from official releases.
Signed-off-by: Jeff Layton <jlayton@samba.org>
Jeff Layton [Sun, 30 May 2010 11:47:26 +0000 (07:47 -0400)]
mount.cifs: fix parsing of "cred=" option
When the mount option parsing was cleaned up recently, the detection of
the "cred=" option was dropped.
Signed-off-by: Jeff Layton <jlayton@samba.org>
Jeff Layton [Fri, 21 May 2010 20:04:14 +0000 (16:04 -0400)]
cifs-utils: bump version number to 4.5
Signed-off-by: Jeff Layton <jlayton@samba.org>
Scott Lovenberg [Fri, 14 May 2010 23:34:26 +0000 (19:34 -0400)]
mount.cifs: cosmetic alignment patch
Align CRED_ macro values to keep style consistent with last patch.
Signed-off-by: Scott Lovenberg <scott.lovenberg@gmail.com>
Scott Lovenberg [Fri, 14 May 2010 23:32:05 +0000 (19:32 -0400)]
mount.cifs: clean up option parsing
Moved option string parsing to function parse_opt_token(char*). Main
loop in parse_options(const char*, struct parsed_mount_info*)
transplanted to a switch block.
The parsing function folds common options to a single macro:
1.) 'unc','target', and 'path' -> 'OPT_UNC'
2.) 'dom*' and 'workg*' -> 'OPT_DOM'
3.) 'nobrl' and 'nolock' -> 'OPT_NO_LOCK'
Kept 'fmask' and 'dmask' (OPT_FMASK, OPT_DMASK), which fall through to
'file_mode' and 'dir_mode' in the main loop.
Signed-off-by: Scott Lovenberg <scott.lovenberg@gmail.com>
Steve French [Fri, 14 May 2010 19:30:07 +0000 (15:30 -0400)]
mount.cifs: unitialized variable in cred parsing error path
Signed-off-by: Steve French <smfrench@gmail.com>
Signed-off-by: Jeff Layton <jlayton@samba.org>
Steve French [Tue, 11 May 2010 13:32:34 +0000 (09:32 -0400)]
mount.cifs: turn into a multicall binary for smb2
mount.smb2 has different help (many fewer mount options) and different
fsname, but otherwise can reuse all of the good work Jeff did on
mount.cifs. This patch allow mount.cifs to detect if run as mount.smb2
(to display different help and fsname).
Signed-off-by: Steve French <smfrench@gmail.com>
Scott Lovenberg [Tue, 11 May 2010 13:32:34 +0000 (09:32 -0400)]
mount.cifs: removed magic number for max username in parse_options
Replaced max username in parse_options with the sum of its potential
parts for "domain/user%password" formatted values. Note that forward
slashes still expand to a double back slash in the parse_username
function, though.
Signed-off-by: Scott Lovenberg <scott.lovenberg@gmail.com>
Jeff Layton [Sun, 2 May 2010 10:32:34 +0000 (06:32 -0400)]
mount.cifs: strip leading delimiter off of prefixpath option
...the kernel doesn't expect to see it and it causes a regression
when mounting some UNCs.
Reported-by: Ales Zelinka <azelinka@redhat.com>
Signed-off-by: Jeff Layton <jlayton@samba.org>
Jeff Layton [Sun, 2 May 2010 10:32:30 +0000 (06:32 -0400)]
cifs-utils: bump version number to 4.4.1 for interim builds
Signed-off-by: Jeff Layton <jlayton@samba.org>
Jeff Layton [Wed, 28 Apr 2010 11:19:24 +0000 (07:19 -0400)]
cifs-utils: bump version number to 4.4
Signed-off-by: Jeff Layton <jlayton@samba.org>
Jeff Layton [Wed, 28 Apr 2010 11:13:17 +0000 (07:13 -0400)]
mount.cifs: fix parsing of password in parse_username
Signed-off-by: Jeff Layton <jlayton@samba.org>
Scott Lovenberg [Sun, 25 Apr 2010 13:35:13 +0000 (09:35 -0400)]
mount.cifs: continued cleanup of open_cred_file and zero out buffer
The parsing for values has been moved to its own function and is a bit
cleaner. Temporary buffers are zeroed out before being freed to ensure
passwords/credentials aren't left in released memory.
Signed-off-by: Scott Lovenberg <scott.lovenberg@gmail.com>
Signed-off-by: Jeff Layton <jlayton@samba.org>
Scott Lovenberg [Fri, 23 Apr 2010 10:50:34 +0000 (06:50 -0400)]
mount.cifs: clean up credential file parsing
Remove magic numbers, redundant code and extra variables from open_cred_file().
Remove check for domain length since strlcpy is safe from buffer overflows.
Signed-off-by: Scott Lovenberg <scott.lovenberg@gmail.com>
Jeff Layton [Sat, 17 Apr 2010 10:21:02 +0000 (06:21 -0400)]
mount.cifs: remove unneeded newline in verbose output
Signed-off-by: Jeff Layton <jlayton@samba.org>
Jeff Layton [Wed, 14 Apr 2010 18:11:37 +0000 (14:11 -0400)]
mount.cifs: check for NULL pointer before calling strchr()
mount.cifs calls strchr on currentaddress, which may be a NULL pointer.
Signed-off-by: Jeff Layton <jlayton@samba.org>
Jeff Layton [Tue, 13 Apr 2010 14:18:13 +0000 (10:18 -0400)]
automake: don't use @foo@ constructs in Makefile.am
...use $(foo) instead. That doesn't rely on an explicit AC_SUBST().
Reported-by: Lars Müller <lars@samba.org>
Signed-off-by: Jeff Layton <jlayton@samba.org>
Jeff Layton [Mon, 12 Apr 2010 10:55:24 +0000 (06:55 -0400)]
cifs: enable CAP_DAC_READ_SEARCH before chdir() and realpath() calls
It's possible that root won't have privileges to chdir or evaluate the
paths without that capability.
Signed-off-by: Jeff Layton <jlayton@samba.org>
Jeff Layton [Fri, 9 Apr 2010 13:08:08 +0000 (09:08 -0400)]
cifs-utils: bump version number to 4.3
Signed-off-by: Jeff Layton <jlayton@samba.org>
Jeff Layton [Fri, 9 Apr 2010 12:47:11 +0000 (08:47 -0400)]
autoconf: remove explicit check for prctl
...it's already checked in AC_LIBCAP
Signed-off-by: Jeff Layton <jlayton@samba.org>
Jeff Layton [Tue, 6 Apr 2010 19:45:00 +0000 (15:45 -0400)]
autotools: add --with-libcap autoconf option
...it's rather confusing since we can compile against libcap or libcap-ng
but this is helpful for testing.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Jeff Layton [Tue, 6 Apr 2010 19:22:05 +0000 (15:22 -0400)]
mount.cifs: fix capability issues when libcap isn't present
...some #defines are missing in that case. This fixes the build for
all possible libcap/libcap-ng availability scenarios.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Scott Lovenberg [Tue, 6 Apr 2010 18:52:07 +0000 (14:52 -0400)]
mount.cifs: make credentials file parameters consistent with mount options
This patch makes the mount.cifs credentials file parameters consistent with
the command line parameters to remove ambiguity between the command line
parameter format and the credentials file format. That is, it parses for
both short and long form of the 'username', 'password', and 'domain'
parameters. This patch is against the current cifs-utils-4.2.
I'm also thinking of adding a second patch that allows for parsing a
"domain/user", "domain%user" and "domain/user%password" formats as allowed
from the command line.
Signed-off-by: Scott Lovenberg <scott.lovenberg@gmail.com>
Jeff Layton [Mon, 5 Apr 2010 15:23:37 +0000 (11:23 -0400)]
mount.cifs: restrict capabilities further
Only the parent process will ever need CAP_DAC_OVERRIDE. The child can
get by with CAP_DAC_READ_SEARCH.
Signed-off-by: Jeff Layton <jlayton@samba.org>
Jeff Layton [Mon, 5 Apr 2010 15:23:32 +0000 (11:23 -0400)]
mount.cifs: properly prune the capabilities bounding set
...libcap-ng does this in a much easier fashion. If that's not
available, then we have to do it manually.
Signed-off-by: Jeff Layton <jlayton@samba.org>
Jeff Layton [Sun, 4 Apr 2010 14:09:38 +0000 (10:09 -0400)]
mount.cifs: use libcap-ng to manage capabilities
...in preference to libcap if it's available.
Signed-off-by: Jeff Layton <jlayton@samba.org>
Jeff Layton [Sun, 4 Apr 2010 13:51:31 +0000 (09:51 -0400)]
autotools: don't link mount.cifs against krb5 library
mount.cifs is being linked against the krb5 library. Fix it so that
that doesn't happen.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Jeff Layton [Sat, 3 Apr 2010 11:12:06 +0000 (07:12 -0400)]
mount.cifs: fix toggle_cap_dac_override
...it clears the capability set completely, which it shouldn't do. It
also doesn't call cap_set_proc to make the new capability set active.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Jeff Layton [Sat, 3 Apr 2010 10:49:43 +0000 (06:49 -0400)]
mount.cifs: only enable CAP_DAC_OVERRIDE when needed
When dropping capabilities, drop CAP_DAC_OVERRIDE from the effective set
but not the permitted. When we need to open credential or password
files, make it effective again and drop it after the open completes.
This reduces CAP_DAC_OVERRIDE exposure.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Jeff Layton [Fri, 2 Apr 2010 20:02:37 +0000 (16:02 -0400)]
mount.cifs: if real uid is 0, child must keep CAP_DAC_OVERRIDE
...otherwise, root may not be able to read credential files. The ideal
thing would be to remove it from the effective set, and only turn it
on when needed, but for now this should fix the immediate problem.
Signed-off-by: Jeff Layton <jlayton@samba.org>
Jeff Layton [Fri, 2 Apr 2010 10:42:20 +0000 (06:42 -0400)]
cifs-utils: bump version to 4.2
- fix URL's and email addresses
- update copyright notices
Signed-off-by: Jeff Layton <jlayton@samba.org>
Jeff Layton [Fri, 2 Apr 2010 02:05:47 +0000 (22:05 -0400)]
cifs.upcall: run it through Lindent
...coding style cleanup.
Signed-off-by: Jeff Layton <jlayton@redhat.com>