Karel Zak [Wed, 25 Apr 2007 23:49:28 +0000 (01:49 +0200)]
mount: fix list logic in update_mtab
If mtab does not contain the new entry, then only mc0->prev is updated
to point to absent, but not the old mc0->prev's nxt pointer. Because
we then use the nxt pointers to write the new mtab, absent is not
added to the new mtab.
(Note: fortunately, the mount doesn't use the update_mtab() for new
mounts, but for remount, move and umount only -- kzak)
If mtab is empty, absent->prev should be set to mc0, and not
mc0->prev, as it will be NULL.
Signed-off-by: Mike Frysinger <vapier@gentoo.org> Signed-off-by: Martin Schlemmer <azarah@gentoo.org> Signed-off-by: Karel Zak <kzak@redhat.com>
Karel Zak [Tue, 24 Apr 2007 09:44:19 +0000 (11:44 +0200)]
build-sys: add SUID_CFLAGS
The patch allows to define special CFLAGS for typical suid programs
(like mount, umount, chfn, ...). Some distributions use for example
"-fpic" for suid binaries.
Karel Zak [Thu, 12 Apr 2007 12:35:46 +0000 (14:35 +0200)]
mount: add support for mtab "uhelper" option
The helper is an external /sbin/umount.<suffix> program where the
suffix is a value from the uhelper= option from /etc/mtab.
The uhelper (unprivileged umount helper) is possible to used when
non-root user wants to umount a mountpoint which is not defined in the
/etc/fstab file (e.g devices mounted by HAL).
Karel Zak [Wed, 11 Apr 2007 21:18:08 +0000 (23:18 +0200)]
schedutils: define SCHED_BATCH when compile with old glibc
This is temporary workaround and it will be removed in 2.14 when
minimal number of people will use old systems where is not defined
SCHED_BATCH in (bits/)sched.h.
Valerie Henson [Sat, 9 Dec 2006 03:15:14 +0000 (19:15 -0800)]
mount: relative atime support
Add the "relatime" (relative atime) option support to mount. Relative
atime only updates the atime if the previous atime is older than the
mtime or ctime. Like noatime, but useful for applications like mutt
that need to know when a file has been read since it was last
modified.
Cc: Adrian Bunk <bunk@stusta.de> Cc: Al Viro <viro@zeniv.linux.org.uk> Cc: Karel Zak <kzak@redhat.com> Signed-off-by: Valerie Henson <val_henson@linux.intel.com>
Karel Zak [Fri, 30 Mar 2007 11:10:59 +0000 (13:10 +0200)]
mount: fix mtab_lock
* the lock function uses F_SETLK / F_SETLKW as a conditional wait.
It's more reliable and better for performance to close the
MOUNTED_LOCK file in unlock_mtab(), otherwise concurrent process will
be wait by while () { link() } loop instead on fcntl(F_SETLKW).
Thanks to Jeff Moyer <moyer@redhat.com> who found the problem two
year ago.
* when open(MOUNTED_LOCK) failed, we need to try everything again, but
the original code didn't zeroize "we_created_lockfile" and the old
version in particular case left lock_mtab() without locked /etc/mtab.
This is nasty bug.
* the original locking code had bad performance due too long sleep
(1s), between attempts. Now we're more aggressive and we use
5000ms. The result is that more processes is able to lock mtab in
short time slice.
Thanks to Peter Rockai <prockai@redhat.com> who found the problem
and suggest a first version of the code with usleep.
* now we don't count number of attempts anymore, but we count sum of
time which we spend in the mtab_lock(). The number of attempts is
not important (and it also depends on CPU performance, load,
scheduler, ...), the important thing is how long we spend with
locking. Now time limit is 30s.
Karel Zak [Thu, 22 Mar 2007 00:56:54 +0000 (01:56 +0100)]
mount: call /sbin/mount.<type> also when mounting without "-t"
The mount uses /sbin/mount.<type> when the type is *defined* on
command line or in fstab only. It's not a consistent solution, because
we also support fylesystem type autodetection. The patch allows to
mount OCFS2 by label for example.
Karel Zak [Wed, 21 Mar 2007 22:07:25 +0000 (23:07 +0100)]
newgrp: add support for /etc/gshadow
The original newgrp command doesn't expect group pasword in /etc/gshadow
although almost all distributions use this file (and the gpasswd command).
The newgrp from util-linux is deprecated and better is use shadow-utils only.
Unfortunately, shadow-utils are broken too (see RH version where is bugfix).
In this case it's better fix util-linux version at least...
Karel Zak [Wed, 21 Mar 2007 13:12:05 +0000 (14:12 +0100)]
hwclock: add support for audit system
If you compile --with-audit the hwclock tool reports changes in sys/hw clock to
audit system. The real long-term and final solution is probably add hooks for
/dev/rtc to kernel, but it's not implemented yet.
Signed-off-by: Steve Grubb <sgrubb@redhat.com> Signed-off-by: Karel Zak <kzak@redhat.com>
The kernel code, when setting the BIOS clock notes that the clock time
ticks to the next second 0.5 seconds after adjusting it (see
linux/arch/i386/kernel/time.c).
hwclock --systohc sets the CMOS clock at the 1 second boundry and thus
causes the clock to be wrong by 500ms each time it is reset. If the
clock is set every shutdown then the clock will have a reboot-count
related drift as well as the natural drift problems of the clock. Note
that this also mucks up the drift calculations, of course.
Karel Zak [Wed, 14 Mar 2007 13:10:18 +0000 (14:10 +0100)]
tests: add library for LD_PRELOAD to manipulate with time() in tests
The cal command generates output that depends on time(). For reliable
regression tests we need to use still same time. It seems that LD_PRELOAD is
pretty simple way.
Karel Zak [Thu, 8 Mar 2007 22:22:06 +0000 (23:22 +0100)]
login: update 32bit utmp correctly on 64bit system
On 64-bit platforms such as x86_64, glibc is usually built with 32-bit
compatibility for various structures. One of them is utmp.
What this means is that gettimeofday(&ut.ut_tv, NULL) on x86_64 will
end up overwriting the first parts of ut_addr_v6, leading to garbage
in the utmp file.
Karel Zak [Thu, 8 Mar 2007 21:42:50 +0000 (22:42 +0100)]
login: omits PAM account validation when auth is skipped (CVE-2006-7108)
The login omits pam_acct_mgmt & chauth_tok when authentication is skipped.
Authentication may be skipped, for example, during krlogin because Kerberos
already took care of it. The problem with skipping pam_acct_mgmt is that it
allows users to use the system when maybe they should not be allowed, such that
if they have a Kerberos ticket, the other checks do not apply.
If a user had to use password authentication, pam_acct_mgmt may reject the user
for several reasons: not allowed to use the system at this time, not allowed to
use this system, user's account has been disabled, etc. Why should these tests
be skipped just because the user has a ticket?
Same with pam_chauthtok: the user may have a valid ticket, but if their
password has expired, they need to enter a new one right now.
Karel Zak [Thu, 8 Mar 2007 21:35:38 +0000 (22:35 +0100)]
login: attempt to run if it has no read/write access to its terminal
If you manage to exec login with a userid other than root, and its
input / output directed to a terminal for which it does not have
read/write access, it will attempt to proceed (and can potentially
hang forever -- but this hang has been fixed in a previous commit).
It's better to check if we have permissions for terminal rather than
do any useless things.
From: Jason Vas Dias <jvdias@redhat.com> Signed-off-by: Karel Zak <kzak@redhat.com>
Karel Zak [Thu, 8 Mar 2007 21:21:15 +0000 (22:21 +0100)]
login: login's timeout can fail
Login tries to set a timeout in main() by SIGALARM. If any restartable system
call is entered, such system calls can block indefinitely and will NOT be
interrupted by the SIGALRM.
The bug appears when the login program is run for a terminal for which it
doens't have read or write permission.
In that case, login hung until manually killed by the administrator in its
tcsetattr(...) call at login.c, line 460:
/* Kill processes left on this tty */
tcsetattr(0,TCSAFLUSH,&ttt);
This may possibly be a kernel bug - instead of returning EIO / EPERM, the
kernel continously sends an infinite number of SIGTTOU signals to the process .
An 80MB strace log file was generated, consisting of >1,000,000 repetitions
of :
4964 11:00:18 ioctl(0, SNDCTL_TMR_CONTINUE or TCSETSF, {c_iflags=0x106,
c_oflags=0x1805, c_cflags=0x800000be, c_lflags=0x3b, c_line=0,
c_cc="\x03\x1c\x7f\x15\x04\x00\x01\x00\x11\x13\x1a\x00\x12\x0f\x17\x16\x00\x00\x00"})
= ? ERESTARTSYS (To be restarted)
4964 11:00:18 --- SIGTTOU (Stopped (tty output)) @ 0 (0) ---
4964 11:00:18 --- SIGTTOU (Stopped (tty output)) @ 0 (0) ---
Login's alarm signal handler DOES get the SIGALRM after the 60 second timeout,
and timedout() is called; but then timedout2 calls ioctl(0, TCSETA, &ti), which
also blocks, because the ioctl(0, TCSETSF...) of tcsetattr is in progress, and
the exit() call of timedout2 is never reached, and the tcsetattr call is
restarted.
From: Jason Vas Dias <jvdias@redhat.com> Signed-off-by: Karel Zak <kzak@redhat.com>
Karel Zak [Thu, 8 Mar 2007 20:57:48 +0000 (21:57 +0100)]
login: improve work with signals
The login cannot ignore signals, because:
* SIGHUP is only way how inform session leader that controlling
tty goes away. The leader has to inform others processes in same
process group about the signal.
* SIGHUP/SIGTERM cannot kill wait(2)-ing login, we have to wait as long
as any child process exists. The PAM session has to be closed correctly.
* The child process (before setsid()) has to call exit() if a controlling
tty goes away.
This patch is inspired by patch from Red Hat that is very well tested for last
4 years in all Red Hat distros.
Karel Zak [Thu, 8 Feb 2007 14:19:36 +0000 (15:19 +0100)]
build-sys: configure.am selinux support cleanup
Changes:
- don't include SELinux as default (--with-selinux is required)
- the SELinux is not useful for login-utils only
- clean up PAM and login-utils tests in the configure.am
Karel Zak [Tue, 6 Feb 2007 10:35:15 +0000 (11:35 +0100)]
Clean up pagesize/PAGE_SIZE usage.
Now all code in util-linux uses sysconf(_SC_PAGESIZE) that is standardized and
preferred way of querying page size. The asm/page.h file is not included to the
code anymore. (This patch doesn't change mount's FS detection code which will
be removed later).
Karel Zak [Tue, 30 Jan 2007 12:18:51 +0000 (13:18 +0100)]
col: getwchar() errors shouldn't be hidden
The col truncates output when multibyte errors is detected, but the problem is
not reported to stderr and return code is still same like for successful exit.
This stupid behaviour is fixed by this patch.
Karel Zak [Tue, 30 Jan 2007 12:49:50 +0000 (13:49 +0100)]
build-sys: fix ifdef ENABLE_WIDECHAR usage
There has been unexpected mix of HAVE_WIDECHAR and ENABLE_WIDECHAR macros. The
ENABLE_WIDECHAR is old version and has to be replaced everywhere otherwise we
will see bugs with multibyte stuff.
Karel Zak [Fri, 29 Dec 2006 00:13:58 +0000 (01:13 +0100)]
ipcs: max total shared memory in kbytes instead pages
The ipcs command has reported "max total shared memory" as a number of pages.
The others IPC limits are reported in (k)bytes, so it doesn't make sense mix
pages and bytes in the same output. Now "max total shared memory" is reported in
kbytes.