[pam_mount/f20: 3/3] Remove usage of deprecated -p0 mount option (#1167684)

Till Maas till at fedoraproject.org
Fri Nov 28 10:16:57 UTC 2014 

commit c8de4775e39c073af5c9eb772c19eea7714a43df
Author: Till Maas <opensource at till.name>
Date:   Fri Nov 28 11:13:23 2014 +0100

    Remove usage of deprecated -p0 mount option (#1167684)
    
    - Support utab (#1161601)

 0001-Remove-unsupported-p0-mount-option.patch      |   43 +++++++++
 ...Make-config-default-values-match-man-page.patch |   25 +++++
 ...-helper-crypt-option-to-call-umount.crypt.patch |   96 ++++++++++++++++++++
 pam_mount.spec                                     |   12 +++-
 4 files changed, 175 insertions(+), 1 deletions(-)
---
diff --git a/0001-Remove-unsupported-p0-mount-option.patch b/0001-Remove-unsupported-p0-mount-option.patch
new file mode 100644
index 0000000..5e4a3a9
--- /dev/null
+++ b/0001-Remove-unsupported-p0-mount-option.patch
@@ -0,0 +1,43 @@
+From 07dd37ed816292157b0d01b7c9ca1901de4516e6 Mon Sep 17 00:00:00 2001
+From: Till Maas <opensource at till.name>
+Date: Wed, 26 Nov 2014 15:03:31 +0100
+Subject: [PATCH 1/3] Remove unsupported -p0 mount option
+
+The -p0 mount options was removed in util-linux v2.23.
+
+References:
+https://bugzilla.redhat.com/show_bug.cgi?id=1167684
+---
+ doc/pam_mount.conf.5.in | 2 +-
+ src/rdconf1.c           | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/doc/pam_mount.conf.5.in b/doc/pam_mount.conf.5.in
+index 455ea9d..b942f55 100644
+--- a/doc/pam_mount.conf.5.in
++++ b/doc/pam_mount.conf.5.in
+@@ -240,7 +240,7 @@ specify either absolute paths, or relative ones, in which case $PATH will be
+ searched. Since login programs have differing default PATHs, pam_mount has its
+ own path definition (see above).
+ .TP
+-\fB<lclmount>\fP\fImount \-p0 \-t %(FSTYPE) ...\fP\fB</lclmount>\fP
++\fB<lclmount>\fP\fImount \-t %(FSTYPE) ...\fP\fB</lclmount>\fP
+ The regular mount program.
+ .TP
+ \fB<umount>\fP\fIumount %(MNTPT)\fP\fB</umount>\fP
+diff --git a/src/rdconf1.c b/src/rdconf1.c
+index f767f92..a90b8d9 100644
+--- a/src/rdconf1.c
++++ b/src/rdconf1.c
+@@ -1428,7 +1428,7 @@ static const struct pmt_command default_command[] = {
+ 	 */
+ 	{CMD_NFSMOUNT,    "nfs",   {"mount", "%(if %(OPTIONS),-o%(OPTIONS))", "-t%(FSTYPE)", "%(COMBOPATH)", "%(MNTPT)", NULL}},
+ 	{CMD_NFSMOUNT,    "nfs4"},
+-	{CMD_LCLMOUNT,    NULL,    {"mount", "-p0", "%(if %(OPTIONS),-o%(OPTIONS))", "-t%(FSTYPE)", "%(VOLUME)", "%(MNTPT)", NULL}},
++	{CMD_LCLMOUNT,    NULL,    {"mount", "%(if %(OPTIONS),-o%(OPTIONS))", "-t%(FSTYPE)", "%(VOLUME)", "%(MNTPT)", NULL}},
+ 	{CMD_CRYPTMOUNT,  "crypt", {"mount", "-t", "crypt", "%(if %(CIPHER),-ocipher=%(CIPHER))", "%(if %(FSKEYCIPHER),-ofsk_cipher=%(FSKEYCIPHER))", "%(if %(FSKEYHASH),-ofsk_hash=%(FSKEYHASH))", "%(if %(FSKEYPATH),-okeyfile=%(FSKEYPATH))", "%(if %(OPTIONS),-o%(OPTIONS))", "%(VOLUME)", "%(MNTPT)", NULL}},
+ 	{CMD_CRYPTMOUNT,  "crypt_LUKS"},
+ 	{CMD_CRYPTMOUNT,  "crypto_LUKS"},
+-- 
+1.8.3.1
+
diff --git a/0002-Make-config-default-values-match-man-page.patch b/0002-Make-config-default-values-match-man-page.patch
new file mode 100644
index 0000000..7bda79d
--- /dev/null
+++ b/0002-Make-config-default-values-match-man-page.patch
@@ -0,0 +1,25 @@
+From 3ef9ca046beb3d2fb05359d5406baad2fa808e06 Mon Sep 17 00:00:00 2001
+From: Till Maas <opensource at till.name>
+Date: Wed, 26 Nov 2014 15:06:47 +0100
+Subject: [PATCH 2/3] Make config default values match man page
+
+---
+ config/pam_mount.conf.xml | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/config/pam_mount.conf.xml b/config/pam_mount.conf.xml
+index d649dfa..e273c54 100644
+--- a/config/pam_mount.conf.xml
++++ b/config/pam_mount.conf.xml
+@@ -33,7 +33,7 @@
+ <mntoptions require="nosuid,nodev" />
+ 
+ <!-- requires ofl from hxtools to be present -->
+-<logout wait="0" hup="0" term="0" kill="0" />
++<logout wait="0" hup="no" term="no" kill="no" />
+ 
+ 
+ 		<!-- pam_mount parameters: Volume-related -->
+-- 
+1.8.3.1
+
diff --git a/0003-Use-helper-crypt-option-to-call-umount.crypt.patch b/0003-Use-helper-crypt-option-to-call-umount.crypt.patch
new file mode 100644
index 0000000..05d58e5
--- /dev/null
+++ b/0003-Use-helper-crypt-option-to-call-umount.crypt.patch
@@ -0,0 +1,96 @@
+From 02339a0670948e90193cac81814a1065b44da000 Mon Sep 17 00:00:00 2001
+From: Till Maas <opensource at till.name>
+Date: Wed, 26 Nov 2014 20:49:03 +0100
+Subject: [PATCH 3/3] Use helper=crypt option to call umount.crypt
+
+This allows to use plain umount to umount crypto volumes, eliminating selinux problems.
+
+Reference:
+https://bugzilla.redhat.com/show_bug.cgi?id=1161601
+---
+ src/mtcrypt.c | 20 ++++++++++++--------
+ src/rdconf1.c |  2 +-
+ 2 files changed, 13 insertions(+), 9 deletions(-)
+
+diff --git a/src/mtcrypt.c b/src/mtcrypt.c
+index 65a6ab5..898ea23 100644
+--- a/src/mtcrypt.c
++++ b/src/mtcrypt.c
+@@ -72,6 +72,7 @@ struct umount_options {
+ 	hxmc_t *object;
+ 	unsigned int no_update, ro_fallback;
+ 	bool is_cont, blkdev;
++	char *type;
+ };
+ 
+ static unsigned int mtcr_debug;
+@@ -538,6 +539,13 @@ static int mtcr_mount(struct mount_options *opt)
+ 		mount_args[argk++] = "-t";
+ 		mount_args[argk++] = opt->fstype;
+ 	}
++	if (opt->extra_opts == NULL) {
++		opt->extra_opts = "helper=crypt";
++	} else if (*opt->extra_opts != '\0') {
++		HXmc_strcat(&opt->extra_opts, ",");
++		HXmc_strcat(&opt->extra_opts, "helper=crypt");
++	}
++
+ 	if (opt->extra_opts != NULL) {
+ 		mount_args[argk++] = "-o";
+ 		mount_args[argk++] = opt->extra_opts;
+@@ -591,6 +599,8 @@ static bool mtcr_get_umount_options(int *argc, const char ***argv,
+ 		 .help = "Do not update /etc/mtab"},
+ 		{.sh = 'r', .type = HXTYPE_NONE, .ptr = &opt->ro_fallback,
+ 		 .help = "(Option ignored)"},
++		{.sh = 't', .type = HXTYPE_STRING, .ptr = &opt->type,
++		 .help = "(Option ignored)"},
+ 		{.sh = 'v', .type = HXTYPE_NONE, .ptr = &mtcr_debug,
+ 		 .help = "Be verbose - enable debugging"},
+ 		HXOPT_AUTOHELP,
+@@ -707,7 +717,7 @@ static void mtcr_log_contents(const char *file)
+  */
+ static int mtcr_umount(struct umount_options *opt)
+ {
+-	const char *umount_args[3];
++	const char *umount_args[4];
+ 	int final_ret, ret, argk = 0;
+ 	struct ehd_mount_info mount_info;
+ 	char *mountpoint = NULL;
+@@ -740,6 +750,7 @@ static int mtcr_umount(struct umount_options *opt)
+ 	pmt_cmtab_remove(mountpoint);
+ 
+ 	umount_args[argk++] = "umount";
++	umount_args[argk++] = "-i";
+ 	umount_args[argk++] = mountpoint;
+ 	umount_args[argk]   = NULL;
+ 
+@@ -800,13 +811,6 @@ int main(int argc, const char **argv)
+ 	struct stat sb;
+ 	int ret;
+ 
+-	if (stat("/etc/mtab", &sb) == 0 && (sb.st_mode & S_IWUGO) == 0)
+-		fprintf(stderr, "NOTE: mount.crypt does not support utab "
+-		        "(systems with no mtab or read-only mtab) yet. This "
+-		        "means that you will temporarily need to call "
+-		        "umount.crypt(8) rather than umount(8) to get crypto "
+-		        "volumes unmounted.\n");
+-
+ 	ret = HX_init();
+ 	if (ret <= 0) {
+ 		fprintf(stderr, "HX_init: %s\n", strerror(errno));
+diff --git a/src/rdconf1.c b/src/rdconf1.c
+index a90b8d9..b323b53 100644
+--- a/src/rdconf1.c
++++ b/src/rdconf1.c
+@@ -1432,7 +1432,7 @@ static const struct pmt_command default_command[] = {
+ 	{CMD_CRYPTMOUNT,  "crypt", {"mount", "-t", "crypt", "%(if %(CIPHER),-ocipher=%(CIPHER))", "%(if %(FSKEYCIPHER),-ofsk_cipher=%(FSKEYCIPHER))", "%(if %(FSKEYHASH),-ofsk_hash=%(FSKEYHASH))", "%(if %(FSKEYPATH),-okeyfile=%(FSKEYPATH))", "%(if %(OPTIONS),-o%(OPTIONS))", "%(VOLUME)", "%(MNTPT)", NULL}},
+ 	{CMD_CRYPTMOUNT,  "crypt_LUKS"},
+ 	{CMD_CRYPTMOUNT,  "crypto_LUKS"},
+-	{CMD_CRYPTUMOUNT, "crypt", {"umount.crypt", "%(MNTPT)", NULL}},
++	{CMD_CRYPTUMOUNT, "crypt", {"umount", "%(MNTPT)", NULL}},
+ 	{CMD_UMOUNT,     NULL,     {"umount", "%(MNTPT)", NULL}},
+ 	{CMD_FSCK,       NULL,     {"fsck", "-p", "%(FSCKTARGET)", NULL}},
+ 	{CMD_PMVARRUN,   NULL,     {"pmvarrun", "-u", "%(USER)", "-o", "%(OPERATION)", NULL}},
+-- 
+1.8.3.1
+
diff --git a/pam_mount.spec b/pam_mount.spec
index e3a83d7..c9fd7c3 100644
--- a/pam_mount.spec
+++ b/pam_mount.spec
@@ -1,6 +1,6 @@
 Name:           pam_mount
 Version:        2.14
-Release:        3%{?dist}
+Release:        4%{?dist}
 #Release:        4.20130707git966c6bea%{?dist}
 Summary:        A PAM module that can mount volumes for a user session
 
@@ -13,6 +13,9 @@ URL:            http://pam-mount.sourceforge.net/
 #Source0:        pam_mount-2.13git966c6bea.tar.bz2
 Source0:        http://downloads.sourceforge.net/pam-mount/%{name}-%{version}.tar.xz
 Source1:        http://downloads.sourceforge.net/pam-mount/%{name}-%{version}.tar.xz.asc
+Patch1:         0001-Remove-unsupported-p0-mount-option.patch
+Patch2:         0002-Make-config-default-values-match-man-page.patch
+Patch3:         0003-Use-helper-crypt-option-to-call-umount.crypt.patch
 #VCS: git:git://pam-mount.git.sf.net/gitroot/pam-mount/pam-mount
 # Updated using:
 # http://git.fedorahosted.org/git/?p=fedora-packager.git;a=shortlog;h=refs/heads/fedpkg-vcs
@@ -73,6 +76,9 @@ potential threats.
 %prep
 #setup -q -n pam_mount-2.13git966c6bea
 %setup -q
+%patch1 -p1
+%patch2 -p1
+%patch3 -p1
 
 
 %build
@@ -146,6 +152,10 @@ rm -rf $RPM_BUILD_ROOT
 %exclude %{_libdir}/pkgconfig/libcryptmount.pc
 
 %changelog
+* Fri Nov 28 2014 Till Maas <opensource at till.name> - 2.14-4
+- Remove usage of deprecated -p0 mount option (#1167684)
+- Support utab (#1161601)
+
 * Sun Aug 17 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.14-3
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild

More information about the scm-commits mailing list