1 /* $NetBSD: mount_umap.c,v 1.27 2020/07/26 08:20:23 mlelstv Exp $ */ 2 3 /* 4 * Copyright (c) 1992, 1993, 1994 5 * The Regents of the University of California. All rights reserved. 6 * 7 * This code is derived from software donated to Berkeley by 8 * Jan-Simon Pendry. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. Neither the name of the University nor the names of its contributors 19 * may be used to endorse or promote products derived from this software 20 * without specific prior written permission. 21 * 22 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 25 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 32 * SUCH DAMAGE. 33 */ 34 35 #include <sys/cdefs.h> 36 #ifndef lint 37 __COPYRIGHT("@(#) Copyright (c) 1992, 1993, 1994\ 38 The Regents of the University of California. All rights reserved."); 39 #endif /* not lint */ 40 41 #ifndef lint 42 #if 0 43 static char sccsid[] = "@(#)mount_umap.c 8.5 (Berkeley) 4/26/95"; 44 #else 45 __RCSID("$NetBSD: mount_umap.c,v 1.27 2020/07/26 08:20:23 mlelstv Exp $"); 46 #endif 47 #endif /* not lint */ 48 49 #include <sys/param.h> 50 #include <sys/mount.h> 51 #include <sys/stat.h> 52 53 #include <miscfs/umapfs/umap.h> 54 55 #include <err.h> 56 #include <stdio.h> 57 #include <stdlib.h> 58 #include <string.h> 59 #include <unistd.h> 60 61 #include <mntopts.h> 62 63 #include "mountprog.h" 64 65 #define ROOTUSER 0 66 /* 67 * This define controls whether any user but the superuser can own and 68 * write mapfiles. If other users can, system security can be gravely 69 * compromised. If this is not a concern, undefine SECURITY. 70 */ 71 #define MAPSECURITY 1 72 73 /* 74 * This routine provides the user interface to mounting a umap layer. 75 * It takes 4 mandatory parameters. The mandatory arguments are the place 76 * where the next lower level is mounted, the place where the umap layer is to 77 * be mounted, the name of the user mapfile, and the name of the group 78 * mapfile. The routine checks the ownerships and permissions on the 79 * mapfiles, then opens and reads them. Then it calls mount(), which 80 * will, in turn, call the umap version of mount. 81 */ 82 83 static const struct mntopt mopts[] = { 84 MOPT_STDOPTS, 85 MOPT_NULL, 86 }; 87 88 int mount_umap(int argc, char **argv); 89 __dead static void usage(void); 90 91 #ifndef MOUNT_NOMAIN 92 int 93 main(int argc, char **argv) 94 { 95 return mount_umap(argc, argv); 96 } 97 #endif 98 99 int 100 mount_umap(int argc, char *argv[]) 101 { 102 static char not[] = "; not mounted."; 103 struct stat statbuf; 104 struct umap_args args; 105 FILE *fp, *gfp; 106 long d1, d2; 107 u_long mapdata[MAPFILEENTRIES][2]; 108 u_long gmapdata[GMAPFILEENTRIES][2]; 109 u_long fsid; 110 int ch, count, gnentries, mntflags, nentries; 111 char *gmapfile, *mapfile, buf[20]; 112 char source[MAXPATHLEN], target[MAXPATHLEN]; 113 mntoptparse_t mp; 114 115 fsid = mntflags = 0; 116 mapfile = gmapfile = NULL; 117 while ((ch = getopt(argc, argv, "g:i:o:u:")) != -1) 118 switch (ch) { 119 case 'g': 120 gmapfile = optarg; 121 break; 122 case 'i': 123 fsid = strtoul(optarg, NULL, 16); 124 break; 125 case 'o': 126 mp = getmntopts(optarg, mopts, &mntflags, 0); 127 if (mp == NULL) 128 err(1, "getmntopts"); 129 freemntopts(mp); 130 break; 131 case 'u': 132 mapfile = optarg; 133 break; 134 case '?': 135 default: 136 usage(); 137 } 138 argc -= optind; 139 argv += optind; 140 141 if (argc != 2 || mapfile == NULL || gmapfile == NULL) 142 usage(); 143 144 pathadj(argv[0], source); 145 pathadj(argv[1], target); 146 147 /* Read in uid mapping data. */ 148 if ((fp = fopen(mapfile, "r")) == NULL) 149 err(1, "%s%s", mapfile, not); 150 151 #ifdef MAPSECURITY 152 /* 153 * Check that group and other don't have write permissions on 154 * this mapfile, and that the mapfile belongs to root. 155 */ 156 if (fstat(fileno(fp), &statbuf)) 157 err(1, "%s%s", mapfile, not); 158 if (statbuf.st_mode & S_IWGRP || statbuf.st_mode & S_IWOTH) { 159 strmode(statbuf.st_mode, buf); 160 err(1, "%s: improper write permissions (%s)%s", 161 mapfile, buf, not); 162 } 163 if (statbuf.st_uid != ROOTUSER) 164 errx(1, "%s does not belong to root%s", mapfile, not); 165 #endif /* MAPSECURITY */ 166 167 if ((fscanf(fp, "%d\n", &nentries)) != 1) 168 errx(1, "%s: nentries not found%s", mapfile, not); 169 if (nentries > MAPFILEENTRIES) 170 errx(1, 171 "maximum number of entries is %d%s", MAPFILEENTRIES, not); 172 #if 0 173 (void)printf("reading %d entries\n", nentries); 174 #endif 175 for (count = 0; count < nentries; ++count) { 176 if ((fscanf(fp, "%lu %lu\n", &d1, &d2)) != 2) { 177 if (ferror(fp)) 178 err(1, "%s%s", mapfile, not); 179 if (feof(fp)) 180 errx(1, "%s: unexpected end-of-file%s", 181 mapfile, not); 182 errx(1, "%s: illegal format (line %d)%s", 183 mapfile, count + 2, not); 184 } 185 mapdata[count][0] = d1; 186 mapdata[count][1] = d2; 187 #if 0 188 /* Fix a security hole. */ 189 if (mapdata[count][1] == 0) 190 errx(1, "mapping id 0 not permitted (line %d)%s", 191 count + 2, not); 192 #endif 193 } 194 195 /* Read in gid mapping data. */ 196 if ((gfp = fopen(gmapfile, "r")) == NULL) 197 err(1, "%s%s", gmapfile, not); 198 199 #ifdef MAPSECURITY 200 /* 201 * Check that group and other don't have write permissions on 202 * this group mapfile, and that the file belongs to root. 203 */ 204 if (fstat(fileno(gfp), &statbuf)) 205 err(1, "%s%s", gmapfile, not); 206 if (statbuf.st_mode & S_IWGRP || statbuf.st_mode & S_IWOTH) { 207 strmode(statbuf.st_mode, buf); 208 err(1, "%s: improper write permissions (%s)%s", 209 gmapfile, buf, not); 210 } 211 if (statbuf.st_uid != ROOTUSER) 212 errx(1, "%s does not belong to root%s", gmapfile, not); 213 #endif /* MAPSECURITY */ 214 215 if ((fscanf(gfp, "%d\n", &gnentries)) != 1) 216 errx(1, "nentries not found%s", not); 217 if (gnentries > MAPFILEENTRIES) 218 errx(1, 219 "maximum number of entries is %d%s", GMAPFILEENTRIES, not); 220 #if 0 221 (void)printf("reading %d group entries\n", gnentries); 222 #endif 223 224 for (count = 0; count < gnentries; ++count) { 225 if ((fscanf(gfp, "%lu %lu\n", 226 &(gmapdata[count][0]), &(gmapdata[count][1]))) != 2) { 227 if (ferror(gfp)) 228 err(1, "%s%s", gmapfile, not); 229 if (feof(gfp)) 230 errx(1, "%s: unexpected end-of-file%s", 231 gmapfile, not); 232 errx(1, "%s: illegal format (line %d)%s", 233 gmapfile, count + 2, not); 234 } 235 } 236 237 238 /* Setup mount call args. */ 239 args.la.target = source; 240 args.nentries = nentries; 241 args.mapdata = mapdata; 242 args.gnentries = gnentries; 243 args.gmapdata = gmapdata; 244 args.fsid = fsid; 245 246 if (mount(MOUNT_UMAP, target, mntflags, &args, sizeof args) == -1) 247 err(1, "%s on %s", source, target); 248 if (mntflags & MNT_GETARGS) { 249 printf("nentries=%d, gnentries=%d\n", args.nentries, 250 args.gnentries); 251 } 252 exit(0); 253 } 254 255 static void 256 usage(void) 257 { 258 (void)fprintf(stderr, 259 "usage: mount_umap [-i fsid] [-o options] -g groupmap -u usermap target_fs mount_point\n"); 260 exit(1); 261 } 262
Indexes created Mon Oct 13 16:09:52 GMT 2025