diff options
| author | Nicolas Iooss | 2023-05-31 21:14:18 +0200 |
|---|---|---|
| committer | Nicolas Iooss | 2023-05-31 21:14:18 +0200 |
| commit | 5808976b7b49a28dae6d1c2a800456bd95c10148 (patch) | |
| tree | 0fff234640f0498a35b05b0487d6bfffa95e993e | |
| parent | 856c4f47d28b6afdc939219a5f6b2e31b01e934b (diff) | |
| download | aur-5808976b7b49a28dae6d1c2a800456bd95c10148.tar.gz | |
util-linux-selinux 2.39-4 update
| -rw-r--r-- | .SRCINFO | 19 | ||||
| -rw-r--r-- | 0001-libmount-don-t-call-hooks-after-mount-type-helper.patch | 82 | ||||
| -rw-r--r-- | 0002-libmount-check-for-availability-of-mount-setattr.patch | 98 | ||||
| -rw-r--r-- | PKGBUILD | 18 |
4 files changed, 207 insertions, 10 deletions
@@ -1,6 +1,6 @@ pkgbase = util-linux-selinux pkgdesc = SELinux aware miscellaneous system utilities for Linux - pkgver = 2.38.1 + pkgver = 2.39 pkgrel = 4 url = https://github.com/karelzak/util-linux arch = x86_64 @@ -14,8 +14,10 @@ pkgbase = util-linux-selinux makedepends = systemd makedepends = libselinux options = strip - source = https://www.kernel.org/pub/linux/utils/util-linux/v2.38/util-linux-2.38.1.tar.xz - source = https://www.kernel.org/pub/linux/utils/util-linux/v2.38/util-linux-2.38.1.tar.sign + source = https://www.kernel.org/pub/linux/utils/util-linux/v2.39/util-linux-2.39.tar.xz + source = https://www.kernel.org/pub/linux/utils/util-linux/v2.39/util-linux-2.39.tar.sign + source = 0001-libmount-don-t-call-hooks-after-mount-type-helper.patch + source = 0002-libmount-check-for-availability-of-mount-setattr.patch source = pam-login source = pam-common source = pam-runuser @@ -25,8 +27,10 @@ pkgbase = util-linux-selinux source = rfkill-unblock_.service source = rfkill-block_.service validpgpkeys = B0C64D14301CC6EFAEDF60E4E4B71D5EEC39C284 - sha256sums = 60492a19b44e6cf9a3ddff68325b333b8b52b6c59ce3ebd6a0ecaa4c5117e84f + sha256sums = 32b30a336cda903182ed61feb3e9b908b762a5e66fe14e43efb88d37162075cb sha256sums = SKIP + sha256sums = e7c6a0375ca1bd4606f7a42882f20b8e3ce7c7107c790694e55699376377c0e1 + sha256sums = 6266b8733450af97bcf0f31fa9b21bad171b53b7b49a2954812c39ea70552cb5 sha256sums = 99cd77f21ee44a0c5e57b0f3670f711a00496f198fc5704d7e44f5d817c81a0f sha256sums = 57e057758944f4557762c6def939410c04ca5803cbdd2bfa2153ce47ffe7a4af sha256sums = 48d6fba767631e3dd3620cf02a71a74c5d65a525d4c4ce4b5a0b7d9f41ebfea1 @@ -53,8 +57,8 @@ pkgname = util-linux-selinux optdepends = words: default dictionary for look provides = rfkill provides = hardlink - provides = util-linux=2.38.1-4 - provides = selinux-util-linux=2.38.1-4 + provides = util-linux=2.39-4 + provides = selinux-util-linux=2.39-4 conflicts = rfkill conflicts = hardlink conflicts = util-linux @@ -70,13 +74,14 @@ pkgname = util-linux-selinux pkgname = util-linux-libs-selinux pkgdesc = util-linux-selinux runtime libraries depends = libselinux + optdepends = python: python bindings to libmount provides = libutil-linux provides = libblkid.so provides = libfdisk.so provides = libmount.so provides = libsmartcols.so provides = libuuid.so - provides = util-linux-libs=2.38.1-4 + provides = util-linux-libs=2.39-4 provides = libutil-linux-selinux conflicts = util-linux-libs conflicts = libutil-linux-selinux diff --git a/0001-libmount-don-t-call-hooks-after-mount-type-helper.patch b/0001-libmount-don-t-call-hooks-after-mount-type-helper.patch new file mode 100644 index 000000000000..3a4f7a9c0fb9 --- /dev/null +++ b/0001-libmount-don-t-call-hooks-after-mount-type-helper.patch @@ -0,0 +1,82 @@ +From f94a7760ed7ce81389a6059f020238981627a70d Mon Sep 17 00:00:00 2001 +From: Karel Zak <kzak@redhat.com> +Date: Thu, 25 May 2023 11:48:24 +0200 +Subject: [PATCH] libmount: don't call hooks after mount.<type> helper + +In case more filesystems are specified (or when libmount follows +/{etc,proc}/filesystems) then the library may try to use and +initialize the new API because for some filesystems, we need +exec(/sbin/mount.<type>) and for another fsopen(). + +The hooks that use the API have to smart and detect that the mount +operation was done in external /sbin/mount.<type> helper. And in this +case, the new API file descriptors must be ignored. + +The exception is propagation flags, mount(8) can set the flags after +exec(/sbin/mount.<type>), for example, "mount -t ntfs --make-private". + +Fixes: https://github.com/util-linux/util-linux/issues/2267 +Signed-off-by: Karel Zak <kzak@redhat.com> +--- + libmount/src/context_mount.c | 2 ++ + libmount/src/hook_mount.c | 13 +++++++++++++ + 2 files changed, 15 insertions(+) + +diff --git a/libmount/src/context_mount.c b/libmount/src/context_mount.c +index cbb4f1fdfa..40f9ed0733 100644 +--- a/libmount/src/context_mount.c ++++ b/libmount/src/context_mount.c +@@ -508,6 +508,8 @@ static int do_mount(struct libmnt_context *cxt, const char *try_type) + assert(cxt->fs); + assert((cxt->flags & MNT_FL_MOUNTFLAGS_MERGED)); + ++ mnt_context_reset_status(cxt); ++ + if (try_type) { + rc = mnt_context_prepare_helper(cxt, "mount", try_type); + if (rc) +diff --git a/libmount/src/hook_mount.c b/libmount/src/hook_mount.c +index 924c714448..91483afa68 100644 +--- a/libmount/src/hook_mount.c ++++ b/libmount/src/hook_mount.c +@@ -239,6 +239,10 @@ static int hook_create_mount(struct libmnt_context *cxt, + int rc = 0; + + assert(cxt); ++ ++ if (mnt_context_helper_executed(cxt)) ++ return 0; ++ + assert(cxt->fs); + + api = get_sysapi(cxt); +@@ -309,6 +313,9 @@ static int hook_reconfigure_mount(struct libmnt_context *cxt, + + assert(cxt); + ++ if (mnt_context_helper_executed(cxt)) ++ return 0; ++ + api = get_sysapi(cxt); + assert(api); + assert(api->fd_tree >= 0); +@@ -379,6 +386,9 @@ static int hook_set_vfsflags(struct libmnt_context *cxt, + uint64_t set = 0, clr = 0; + int rc = 0; + ++ if (mnt_context_helper_executed(cxt)) ++ return 0; ++ + DBG(HOOK, ul_debugobj(hs, "setting VFS flags")); + + ol = mnt_context_get_optlist(cxt); +@@ -471,6 +481,9 @@ static int hook_attach_target(struct libmnt_context *cxt, + const char *target; + int rc = 0; + ++ if (mnt_context_helper_executed(cxt)) ++ return 0; ++ + target = mnt_fs_get_target(cxt->fs); + if (!target) + return -EINVAL; diff --git a/0002-libmount-check-for-availability-of-mount-setattr.patch b/0002-libmount-check-for-availability-of-mount-setattr.patch new file mode 100644 index 000000000000..10a6f41105ee --- /dev/null +++ b/0002-libmount-check-for-availability-of-mount-setattr.patch @@ -0,0 +1,98 @@ +commit 1bd85b64632280d6bf0e86b4ff29da8b19321c5f +Author: Thomas Weißschuh <thomas@t-8ch.de> +Date: Sat May 20 06:38:20 2023 +0200 + + libmount: check for availability of mount_setattr + + If mount_setattr is not available but needed fall back to the legacy + mount API. + + Fixes #2247 + + Signed-off-by: Thomas Weißschuh <thomas@t-8ch.de> + +diff --git a/libmount/src/hook_mount.c b/libmount/src/hook_mount.c +index a324637cb..01de9e1c5 100644 +--- a/libmount/src/hook_mount.c ++++ b/libmount/src/hook_mount.c +@@ -510,6 +510,15 @@ static inline int fsopen_is_supported(void) + return rc; + } + ++static inline int mount_setattr_is_supported(void) ++{ ++ int rc; ++ ++ errno = 0; ++ rc = mount_setattr(-1, NULL, 0, NULL, 0); ++ return !(rc == -1 && errno == ENOSYS); ++} ++ + /* + * open_tree() and fsopen() + */ +@@ -675,9 +684,14 @@ static int hook_prepare(struct libmnt_context *cxt, + /* call mount_setattr() */ + if (!rc + && cxt->helper == NULL +- && (set != 0 || clr != 0 || (flags & MS_REMOUNT))) ++ && (set != 0 || clr != 0 || (flags & MS_REMOUNT))) { ++ if (!mount_setattr_is_supported()) { ++ hookset_deinit(cxt, hs); ++ return 1; ++ } + rc = mnt_context_append_hook(cxt, hs, MNT_STAGE_MOUNT, NULL, + hook_set_vfsflags); ++ } + + /* call move_mount() to attach target */ + if (!rc +@@ -688,9 +702,14 @@ static int hook_prepare(struct libmnt_context *cxt, + hook_attach_target); + + /* set propagation (has to be attached to VFS) */ +- if (!rc && mnt_optlist_get_propagation(ol)) ++ if (!rc && mnt_optlist_get_propagation(ol)) { ++ if (!mount_setattr_is_supported()) { ++ hookset_deinit(cxt, hs); ++ return 1; ++ } + rc = mnt_context_append_hook(cxt, hs, MNT_STAGE_MOUNT_POST, NULL, + hook_set_propagation); ++ } + + DBG(HOOK, ul_debugobj(hs, "prepare mount done [rc=%d]", rc)); + return rc; +diff --git a/tests/expected/mount/fallback-mount_setattr b/tests/expected/mount/fallback-mount_setattr +new file mode 100644 +index 000000000..3e18ebf09 +--- /dev/null ++++ b/tests/expected/mount/fallback-mount_setattr +@@ -0,0 +1 @@ ++private +diff --git a/tests/ts/mount/fallback b/tests/ts/mount/fallback +index 6033eb575..b225be189 100755 +--- a/tests/ts/mount/fallback ++++ b/tests/ts/mount/fallback +@@ -68,5 +68,21 @@ $TS_CMD_UMOUNT $MOUNTPOINT + ts_finalize_subtest + + ++ts_init_subtest "mount_setattr" ++"$TS_CMD_MOUNT" "$DEVICE" "$MOUNTPOINT" >> $TS_OUTPUT 2>> $TS_ERRLOG ++ts_is_mounted $DEVICE || ts_log "Cannot find $DEVICE in /proc/mounts" ++$TS_CMD_ENOSYS -s mount_setattr -- \ ++ "$TS_CMD_MOUNT" -o remount,ro "$MOUNTPOINT" \ ++ >> $TS_OUTPUT 2>> $TS_ERRLOG ++$TS_CMD_FINDMNT --kernel --mountpoint "$MOUNTPOINT" --options "ro" &> /dev/null ++[ "$?" == "0" ] || ts_die "Cannot find read-only in $MOUNTPOINT in /proc/self/mountinfo" ++$TS_CMD_ENOSYS -s mount_setattr -- \ ++ "$TS_CMD_MOUNT" --make-slave "$MOUNTPOINT" \ ++ >> $TS_OUTPUT 2>> $TS_ERRLOG ++$TS_CMD_FINDMNT -n --kernel --mountpoint "$MOUNTPOINT" -o PROPAGATION >> $TS_OUTPUT ++$TS_CMD_UMOUNT $MOUNTPOINT ++ts_finalize_subtest ++ ++ + ts_finalize + @@ -10,8 +10,8 @@ pkgbase=util-linux-selinux pkgname=(util-linux-selinux util-linux-libs-selinux) -_pkgmajor=2.38 -_realver=${_pkgmajor}.1 +_pkgmajor=2.39 +_realver=${_pkgmajor} pkgver=${_realver/-/} pkgrel=4 pkgdesc='SELinux aware miscellaneous system utilities for Linux' @@ -28,13 +28,17 @@ license=('GPL2') options=('strip') validpgpkeys=('B0C64D14301CC6EFAEDF60E4E4B71D5EEC39C284') # Karel Zak source=("https://www.kernel.org/pub/linux/utils/util-linux/v${_pkgmajor}/${pkgbase/-selinux}-${_realver}.tar."{xz,sign} + '0001-libmount-don-t-call-hooks-after-mount-type-helper.patch' + '0002-libmount-check-for-availability-of-mount-setattr.patch' pam-{login,common,runuser,su} 'util-linux.sysusers' '60-rfkill.rules' 'rfkill-unblock_.service' 'rfkill-block_.service') -sha256sums=('60492a19b44e6cf9a3ddff68325b333b8b52b6c59ce3ebd6a0ecaa4c5117e84f' +sha256sums=('32b30a336cda903182ed61feb3e9b908b762a5e66fe14e43efb88d37162075cb' 'SKIP' + 'e7c6a0375ca1bd4606f7a42882f20b8e3ce7c7107c790694e55699376377c0e1' + '6266b8733450af97bcf0f31fa9b21bad171b53b7b49a2954812c39ea70552cb5' '99cd77f21ee44a0c5e57b0f3670f711a00496f198fc5704d7e44f5d817c81a0f' '57e057758944f4557762c6def939410c04ca5803cbdd2bfa2153ce47ffe7a4af' '48d6fba767631e3dd3620cf02a71a74c5d65a525d4c4ce4b5a0b7d9f41ebfea1' @@ -44,6 +48,13 @@ sha256sums=('60492a19b44e6cf9a3ddff68325b333b8b52b6c59ce3ebd6a0ecaa4c5117e84f' '8ccec10a22523f6b9d55e0d6cbf91905a39881446710aa083e935e8073323376' 'a22e0a037e702170c7d88460cc9c9c2ab1d3e5c54a6985cd4a164ea7beff1b36') +prepare() { + cd "${pkgbase/-selinux}-${_realver}" + + patch -Np1 < ../0001-libmount-don-t-call-hooks-after-mount-type-helper.patch + patch -Np1 < ../0002-libmount-check-for-availability-of-mount-setattr.patch +} + build() { cd "${pkgbase/-selinux}-${_realver}" @@ -139,6 +150,7 @@ package_util-linux-libs-selinux() { depends=('libselinux') conflicts=("${pkgname/-selinux}" 'libutil-linux-selinux') replaces=('libutil-linux-selinux') + optdepends=('python: python bindings to libmount') _python_stdlib="$(python -c 'import sysconfig; print(sysconfig.get_paths()["stdlib"])')" |