]>
Commit | Line | Data |
---|---|---|
3d551623 PG |
1 | diff --git a/CHANGELOG b/CHANGELOG |
2 | index c486a7b..0fcdfd4 100644 | |
3 | --- a/CHANGELOG | |
4 | +++ b/CHANGELOG | |
5 | @@ -53,6 +53,7 @@ | |
6 | - add authentication option for using an external credential cache. | |
7 | - expand support for the "%" hack. | |
8 | - fix to quoting for exports gathered by hosts map. | |
9 | +- use mount option "nosuid" for "-hosts" map unless "suid" is explicily specified. | |
10 | ||
11 | 18/06/2007 autofs-5.0.2 | |
12 | ----------------------- | |
13 | diff --git a/man/auto.master.5.in b/man/auto.master.5.in | |
14 | index d488960..56aaa5d 100644 | |
15 | --- a/man/auto.master.5.in | |
16 | +++ b/man/auto.master.5.in | |
17 | @@ -195,6 +195,9 @@ For example, with an entry in the master map of | |
18 | .hy | |
19 | accessing /net/myserver will mount exports from myserver on directories below | |
20 | /net/myserver. | |
21 | +.P | |
22 | +NOTE: mounts done from a hosts map will be mounted with the "nosuid" option | |
23 | +unless the "suid" option is explicitly given in the master map entry. | |
24 | .SH LDAP MAPS | |
25 | If the map type \fBldap\fP is specified the mapname is of the form | |
26 | \fB[//servername/]dn\fP, where the optional \fBservername\fP is | |
27 | diff --git a/modules/parse_sun.c b/modules/parse_sun.c | |
28 | index 186e567..9a97329 100644 | |
29 | --- a/modules/parse_sun.c | |
30 | +++ b/modules/parse_sun.c | |
31 | @@ -496,6 +496,7 @@ static int sun_mount(struct autofs_point *ap, const char *root, | |
32 | int rv, cur_state; | |
33 | char *mountpoint; | |
34 | char *what; | |
35 | + char *type; | |
36 | ||
37 | if (*options == '\0') | |
38 | options = NULL; | |
39 | @@ -585,6 +586,36 @@ static int sun_mount(struct autofs_point *ap, const char *root, | |
40 | mountpoint = alloca(namelen + 1); | |
41 | sprintf(mountpoint, "%.*s", namelen, name); | |
42 | ||
43 | + type = ap->entry->maps->type; | |
44 | + if (type && !strcmp(type, "hosts")) { | |
45 | + if (options) { | |
46 | + if (!strstr(options, "suid")) { | |
47 | + char *tmp = alloca(strlen(options) + 8); | |
48 | + if (!tmp) { | |
49 | + error(ap->logopt, MODPREFIX | |
50 | + "alloca failed for options"); | |
51 | + if (nonstrict) | |
52 | + return -1; | |
53 | + return 1; | |
54 | + } | |
55 | + strcpy(tmp, options); | |
56 | + strcat(tmp, ",nosuid"); | |
57 | + options = tmp; | |
58 | + } | |
59 | + } else { | |
60 | + char *tmp = alloca(7); | |
61 | + if (!tmp) { | |
62 | + error(ap->logopt, | |
63 | + MODPREFIX "alloca failed for options"); | |
64 | + if (nonstrict) | |
65 | + return -1; | |
66 | + return 1; | |
67 | + } | |
68 | + strcpy(tmp, "nosuid"); | |
69 | + options = tmp; | |
70 | + } | |
71 | + } | |
72 | + | |
73 | pthread_setcancelstate(PTHREAD_CANCEL_DISABLE, &cur_state); | |
74 | if (!strcmp(fstype, "nfs")) { | |
75 | what = alloca(loclen + 1); | |
76 | diff --git a/samples/auto.master b/samples/auto.master | |
77 | index d4796a3..4995976 100644 | |
78 | --- a/samples/auto.master | |
79 | +++ b/samples/auto.master | |
80 | @@ -5,6 +5,11 @@ | |
81 | # For details of the format look at autofs(5). | |
82 | # | |
83 | /misc /etc/auto.misc | |
84 | +# | |
85 | +# NOTE: mounts done from a hosts map will be mounted with the | |
86 | +# "nosuid" option unless the "suid" option is explicitly | |
87 | +# given. | |
88 | +# | |
89 | /net -hosts | |
90 | # | |
91 | # Include central master map if it can be found using |