mirrors/libfuse
0
0
Fork 0
mirror of https://github.com/libfuse/libfuse.git synced 2024-11-23 04:04:31 +08:00
Code Issues Packages Projects Releases Wiki Activity

Rearrange util/fusermount.c umount_fuse_locked() so that

Browse Source 
umount2 is called with privs dropped, not raised.  This
works around a clash with NFS permissions: if FUSE mounted
on NFS client directory with root_squash in effect, and
some directory in the path leading to the mount point denies
permissions to others, umount2 will fail because userid 0
cannot search it.  Since drop_privs merely sets the file-
system user- and group-ID without changing the CAP_SYS_ADMIN
capability needed to unmount a file system (which fusermount
has because it is set-user-ID root), umount2 works fine.
This commit is contained in:
Norman Wilson 2024-08-12 14:16:30 -04:00 committed by Bernd Schubert
parent 0750b4a194
commit c9bf7d3e20
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
util/fusermount.c
View File

@ -523,11 +523,13 @@ static int unmount_fuse_locked(const char *mnt, int quiet, int lazy)
drop_privs();
res = chdir_to_parent(copy, &last);
restore_privs();
if (res == -1)
if (res == -1) {
restore_privs();
goto out;
}
res = umount2(last, umount_flags);
restore_privs();
if (res == -1 && !quiet) {
fprintf(stderr, "%s: failed to unmount %s: %s\n",
progname, mnt, strerror(errno));