[pam_mount/f20: 3/3] Remove usage of deprecated -p0 mount option (#1167684)
Till Maas
till at fedoraproject.org
Fri Nov 28 10:16:57 UTC 2014
commit c8de4775e39c073af5c9eb772c19eea7714a43df
Author: Till Maas <opensource at till.name>
Date: Fri Nov 28 11:13:23 2014 +0100
Remove usage of deprecated -p0 mount option (#1167684)
- Support utab (#1161601)
0001-Remove-unsupported-p0-mount-option.patch | 43 +++++++++
...Make-config-default-values-match-man-page.patch | 25 +++++
...-helper-crypt-option-to-call-umount.crypt.patch | 96 ++++++++++++++++++++
pam_mount.spec | 12 +++-
4 files changed, 175 insertions(+), 1 deletions(-)
---
diff --git a/0001-Remove-unsupported-p0-mount-option.patch b/0001-Remove-unsupported-p0-mount-option.patch
new file mode 100644
index 0000000..5e4a3a9
--- /dev/null
+++ b/0001-Remove-unsupported-p0-mount-option.patch
@@ -0,0 +1,43 @@
+From 07dd37ed816292157b0d01b7c9ca1901de4516e6 Mon Sep 17 00:00:00 2001
+From: Till Maas <opensource at till.name>
+Date: Wed, 26 Nov 2014 15:03:31 +0100
+Subject: [PATCH 1/3] Remove unsupported -p0 mount option
+
+The -p0 mount options was removed in util-linux v2.23.
+
+References:
+https://bugzilla.redhat.com/show_bug.cgi?id=1167684
+---
+ doc/pam_mount.conf.5.in | 2 +-
+ src/rdconf1.c | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/doc/pam_mount.conf.5.in b/doc/pam_mount.conf.5.in
+index 455ea9d..b942f55 100644
+--- a/doc/pam_mount.conf.5.in
++++ b/doc/pam_mount.conf.5.in
+@@ -240,7 +240,7 @@ specify either absolute paths, or relative ones, in which case $PATH will be
+ searched. Since login programs have differing default PATHs, pam_mount has its
+ own path definition (see above).
+ .TP
+-\fB<lclmount>\fP\fImount \-p0 \-t %(FSTYPE) ...\fP\fB</lclmount>\fP
++\fB<lclmount>\fP\fImount \-t %(FSTYPE) ...\fP\fB</lclmount>\fP
+ The regular mount program.
+ .TP
+ \fB<umount>\fP\fIumount %(MNTPT)\fP\fB</umount>\fP
+diff --git a/src/rdconf1.c b/src/rdconf1.c
+index f767f92..a90b8d9 100644
+--- a/src/rdconf1.c
++++ b/src/rdconf1.c
+@@ -1428,7 +1428,7 @@ static const struct pmt_command default_command[] = {
+ */
+ {CMD_NFSMOUNT, "nfs", {"mount", "%(if %(OPTIONS),-o%(OPTIONS))", "-t%(FSTYPE)", "%(COMBOPATH)", "%(MNTPT)", NULL}},
+ {CMD_NFSMOUNT, "nfs4"},
+- {CMD_LCLMOUNT, NULL, {"mount", "-p0", "%(if %(OPTIONS),-o%(OPTIONS))", "-t%(FSTYPE)", "%(VOLUME)", "%(MNTPT)", NULL}},
++ {CMD_LCLMOUNT, NULL, {"mount", "%(if %(OPTIONS),-o%(OPTIONS))", "-t%(FSTYPE)", "%(VOLUME)", "%(MNTPT)", NULL}},
+ {CMD_CRYPTMOUNT, "crypt", {"mount", "-t", "crypt", "%(if %(CIPHER),-ocipher=%(CIPHER))", "%(if %(FSKEYCIPHER),-ofsk_cipher=%(FSKEYCIPHER))", "%(if %(FSKEYHASH),-ofsk_hash=%(FSKEYHASH))", "%(if %(FSKEYPATH),-okeyfile=%(FSKEYPATH))", "%(if %(OPTIONS),-o%(OPTIONS))", "%(VOLUME)", "%(MNTPT)", NULL}},
+ {CMD_CRYPTMOUNT, "crypt_LUKS"},
+ {CMD_CRYPTMOUNT, "crypto_LUKS"},
+--
+1.8.3.1
+
diff --git a/0002-Make-config-default-values-match-man-page.patch b/0002-Make-config-default-values-match-man-page.patch
new file mode 100644
index 0000000..7bda79d
--- /dev/null
+++ b/0002-Make-config-default-values-match-man-page.patch
@@ -0,0 +1,25 @@
+From 3ef9ca046beb3d2fb05359d5406baad2fa808e06 Mon Sep 17 00:00:00 2001
+From: Till Maas <opensource at till.name>
+Date: Wed, 26 Nov 2014 15:06:47 +0100
+Subject: [PATCH 2/3] Make config default values match man page
+
+---
+ config/pam_mount.conf.xml | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/config/pam_mount.conf.xml b/config/pam_mount.conf.xml
+index d649dfa..e273c54 100644
+--- a/config/pam_mount.conf.xml
++++ b/config/pam_mount.conf.xml
+@@ -33,7 +33,7 @@
+ <mntoptions require="nosuid,nodev" />
+
+ <!-- requires ofl from hxtools to be present -->
+-<logout wait="0" hup="0" term="0" kill="0" />
++<logout wait="0" hup="no" term="no" kill="no" />
+
+
+ <!-- pam_mount parameters: Volume-related -->
+--
+1.8.3.1
+
diff --git a/0003-Use-helper-crypt-option-to-call-umount.crypt.patch b/0003-Use-helper-crypt-option-to-call-umount.crypt.patch
new file mode 100644
index 0000000..05d58e5
--- /dev/null
+++ b/0003-Use-helper-crypt-option-to-call-umount.crypt.patch
@@ -0,0 +1,96 @@
+From 02339a0670948e90193cac81814a1065b44da000 Mon Sep 17 00:00:00 2001
+From: Till Maas <opensource at till.name>
+Date: Wed, 26 Nov 2014 20:49:03 +0100
+Subject: [PATCH 3/3] Use helper=crypt option to call umount.crypt
+
+This allows to use plain umount to umount crypto volumes, eliminating selinux problems.
+
+Reference:
+https://bugzilla.redhat.com/show_bug.cgi?id=1161601
+---
+ src/mtcrypt.c | 20 ++++++++++++--------
+ src/rdconf1.c | 2 +-
+ 2 files changed, 13 insertions(+), 9 deletions(-)
+
+diff --git a/src/mtcrypt.c b/src/mtcrypt.c
+index 65a6ab5..898ea23 100644
+--- a/src/mtcrypt.c
++++ b/src/mtcrypt.c
+@@ -72,6 +72,7 @@ struct umount_options {
+ hxmc_t *object;
+ unsigned int no_update, ro_fallback;
+ bool is_cont, blkdev;
++ char *type;
+ };
+
+ static unsigned int mtcr_debug;
+@@ -538,6 +539,13 @@ static int mtcr_mount(struct mount_options *opt)
+ mount_args[argk++] = "-t";
+ mount_args[argk++] = opt->fstype;
+ }
++ if (opt->extra_opts == NULL) {
++ opt->extra_opts = "helper=crypt";
++ } else if (*opt->extra_opts != '\0') {
++ HXmc_strcat(&opt->extra_opts, ",");
++ HXmc_strcat(&opt->extra_opts, "helper=crypt");
++ }
++
+ if (opt->extra_opts != NULL) {
+ mount_args[argk++] = "-o";
+ mount_args[argk++] = opt->extra_opts;
+@@ -591,6 +599,8 @@ static bool mtcr_get_umount_options(int *argc, const char ***argv,
+ .help = "Do not update /etc/mtab"},
+ {.sh = 'r', .type = HXTYPE_NONE, .ptr = &opt->ro_fallback,
+ .help = "(Option ignored)"},
++ {.sh = 't', .type = HXTYPE_STRING, .ptr = &opt->type,
++ .help = "(Option ignored)"},
+ {.sh = 'v', .type = HXTYPE_NONE, .ptr = &mtcr_debug,
+ .help = "Be verbose - enable debugging"},
+ HXOPT_AUTOHELP,
+@@ -707,7 +717,7 @@ static void mtcr_log_contents(const char *file)
+ */
+ static int mtcr_umount(struct umount_options *opt)
+ {
+- const char *umount_args[3];
++ const char *umount_args[4];
+ int final_ret, ret, argk = 0;
+ struct ehd_mount_info mount_info;
+ char *mountpoint = NULL;
+@@ -740,6 +750,7 @@ static int mtcr_umount(struct umount_options *opt)
+ pmt_cmtab_remove(mountpoint);
+
+ umount_args[argk++] = "umount";
++ umount_args[argk++] = "-i";
+ umount_args[argk++] = mountpoint;
+ umount_args[argk] = NULL;
+
+@@ -800,13 +811,6 @@ int main(int argc, const char **argv)
+ struct stat sb;
+ int ret;
+
+- if (stat("/etc/mtab", &sb) == 0 && (sb.st_mode & S_IWUGO) == 0)
+- fprintf(stderr, "NOTE: mount.crypt does not support utab "
+- "(systems with no mtab or read-only mtab) yet. This "
+- "means that you will temporarily need to call "
+- "umount.crypt(8) rather than umount(8) to get crypto "
+- "volumes unmounted.\n");
+-
+ ret = HX_init();
+ if (ret <= 0) {
+ fprintf(stderr, "HX_init: %s\n", strerror(errno));
+diff --git a/src/rdconf1.c b/src/rdconf1.c
+index a90b8d9..b323b53 100644
+--- a/src/rdconf1.c
++++ b/src/rdconf1.c
+@@ -1432,7 +1432,7 @@ static const struct pmt_command default_command[] = {
+ {CMD_CRYPTMOUNT, "crypt", {"mount", "-t", "crypt", "%(if %(CIPHER),-ocipher=%(CIPHER))", "%(if %(FSKEYCIPHER),-ofsk_cipher=%(FSKEYCIPHER))", "%(if %(FSKEYHASH),-ofsk_hash=%(FSKEYHASH))", "%(if %(FSKEYPATH),-okeyfile=%(FSKEYPATH))", "%(if %(OPTIONS),-o%(OPTIONS))", "%(VOLUME)", "%(MNTPT)", NULL}},
+ {CMD_CRYPTMOUNT, "crypt_LUKS"},
+ {CMD_CRYPTMOUNT, "crypto_LUKS"},
+- {CMD_CRYPTUMOUNT, "crypt", {"umount.crypt", "%(MNTPT)", NULL}},
++ {CMD_CRYPTUMOUNT, "crypt", {"umount", "%(MNTPT)", NULL}},
+ {CMD_UMOUNT, NULL, {"umount", "%(MNTPT)", NULL}},
+ {CMD_FSCK, NULL, {"fsck", "-p", "%(FSCKTARGET)", NULL}},
+ {CMD_PMVARRUN, NULL, {"pmvarrun", "-u", "%(USER)", "-o", "%(OPERATION)", NULL}},
+--
+1.8.3.1
+
diff --git a/pam_mount.spec b/pam_mount.spec
index e3a83d7..c9fd7c3 100644
--- a/pam_mount.spec
+++ b/pam_mount.spec
@@ -1,6 +1,6 @@
Name: pam_mount
Version: 2.14
-Release: 3%{?dist}
+Release: 4%{?dist}
#Release: 4.20130707git966c6bea%{?dist}
Summary: A PAM module that can mount volumes for a user session
@@ -13,6 +13,9 @@ URL: http://pam-mount.sourceforge.net/
#Source0: pam_mount-2.13git966c6bea.tar.bz2
Source0: http://downloads.sourceforge.net/pam-mount/%{name}-%{version}.tar.xz
Source1: http://downloads.sourceforge.net/pam-mount/%{name}-%{version}.tar.xz.asc
+Patch1: 0001-Remove-unsupported-p0-mount-option.patch
+Patch2: 0002-Make-config-default-values-match-man-page.patch
+Patch3: 0003-Use-helper-crypt-option-to-call-umount.crypt.patch
#VCS: git:git://pam-mount.git.sf.net/gitroot/pam-mount/pam-mount
# Updated using:
# http://git.fedorahosted.org/git/?p=fedora-packager.git;a=shortlog;h=refs/heads/fedpkg-vcs
@@ -73,6 +76,9 @@ potential threats.
%prep
#setup -q -n pam_mount-2.13git966c6bea
%setup -q
+%patch1 -p1
+%patch2 -p1
+%patch3 -p1
%build
@@ -146,6 +152,10 @@ rm -rf $RPM_BUILD_ROOT
%exclude %{_libdir}/pkgconfig/libcryptmount.pc
%changelog
+* Fri Nov 28 2014 Till Maas <opensource at till.name> - 2.14-4
+- Remove usage of deprecated -p0 mount option (#1167684)
+- Support utab (#1161601)
+
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.14-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
More information about the scm-commits
mailing list