X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=src%2Fsecure-mount.c;h=afab07c41dd5ddca0632087c8ad2cc504d14726d;hb=fc28db1eb4146796ec27c2fb15780d6303120261;hp=520a0859c0d90c033b918148f9735ce11279d55d;hpb=8cf13bb177d92c93eb73dc8939777150536c2d00;p=util-vserver.git

diff --git a/src/secure-mount.c b/src/secure-mount.c
index 520a085..afab07c 100644
--- a/src/secure-mount.c
+++ b/src/secure-mount.c
@@ -1,4 +1,4 @@
-// $Id: secure-mount.c,v 1.24 2005/03/24 12:45:06 ensc Exp $    --*- c++ -*--
+// $Id: secure-mount.c 2403 2006-11-24 23:06:08Z dhozac $    --*- c++ -*--
 
 // Copyright (C) 2003 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de>
 //  
@@ -52,6 +52,7 @@
 #include <sys/wait.h>
 #include <libgen.h>
 #include <signal.h>
+#include <stdlib.h>
 
 #define ENSC_WRAPPERS_FCNTL	1
 #define ENSC_WRAPPERS_UNISTD	1
@@ -398,6 +399,27 @@ secureChdir(char const *dir, struct Options const *opt)
   return false;
 }
 
+static bool
+canHandleInternal(struct MountInfo const *mnt)
+{
+  static char const *	FS[] = {
+    "tmpfs", "sysfs", "proc", "sockfs", "pipefs", "futexfs",
+    "inotifyfs", "devpts", "ext3", "ext2", "ramfs",
+    "hugetlbfs", "usbfs", "binfmt_misc",
+    0
+  };
+  char const **		i;
+  
+  if (!mnt)                                 return false;
+  else if ((mnt->flag & (MS_BIND|MS_MOVE))) return true;
+  else if (mnt->type==0)                    return false;
+
+  for (i=FS+0; *i!=0; ++i)
+    if (strcmp(mnt->type, *i)==0) return true;
+
+  return false;
+}
+
 static bool
 mountSingle(struct MountInfo const *mnt, struct Options const *opt)
 {
@@ -406,13 +428,10 @@ mountSingle(struct MountInfo const *mnt, struct Options const *opt)
   if (!secureChdir(mnt->dst, opt))
     return false;
 
-  if (mnt->flag & (MS_BIND|MS_MOVE)) {
-    unsigned long	flag = mnt->flag;
-    if ((flag & MS_NODEV)==0) flag |= MS_NODEV;
-    
+  if (canHandleInternal(mnt)) {
     if (mount(mnt->src, ".",
 	      mnt->type ? mnt->type : "",
-	      flag,  mnt->data)==-1) {
+	      mnt->flag,  mnt->data)==-1) {
       perror("secure-mount: mount()");
       return false;
     }
@@ -443,6 +462,8 @@ static bool
 transformOptionList(struct MountInfo *info, size_t UNUSED *col)
 {
   char const *			ptr = info->data;
+  char *			data = malloc(strlen(info->data));
+  char *			dst = data;
 
   do {
     char const *		pos = strchr(ptr, ',');
@@ -457,6 +478,13 @@ transformOptionList(struct MountInfo *info, size_t UNUSED *col)
       info->mask  |=  opt->mask;
       info->xflag |=  opt->xflag;
     }
+    else {
+      if (dst != data)
+        *(dst++) = ',';
+      strncpy(dst, ptr, pos-ptr);
+      dst += pos - ptr;
+      *dst = '\0';
+    }
 
     if (*pos!='\0')
       ptr = pos+1;
@@ -465,6 +493,7 @@ transformOptionList(struct MountInfo *info, size_t UNUSED *col)
 
   } while (*ptr!='\0');
 
+  info->data = data;
   return true;
 }
 
@@ -500,7 +529,10 @@ static enum {prDOIT, prFAIL, prIGNORE}
 
   if      (strcmp(info->type, "swap")  ==0) return prIGNORE;
   else if (strcmp(info->type, "none")  ==0) info->type  = 0;
-  else if (strcmp(info->type, "devpts")==0) info->mask |= MS_NODEV;
+  else if (strcmp(info->type, "devpts")==0) {
+    info->mask |=  MS_NODEV;
+    info->flag &= ~MS_NODEV;
+  }
 
   if (col) *col = err_col;
   if (!transformOptionList(info,col)) return prFAIL;
@@ -624,7 +656,7 @@ int main(int argc, char *argv[])
     .src         = 0,
     .dst         = 0,
     .type        = 0,
-    .flag        = 0,
+    .flag        = MS_NODEV,
     .xflag	 = 0,
     .data        = 0,
   };
@@ -664,7 +696,7 @@ int main(int argc, char *argv[])
       default		:
 	WRITE_MSG(2, "Try '");
 	WRITE_STR(2, argv[0]);
-	WRITE_MSG(2, " --help\" for more information.\n");
+	WRITE_MSG(2, " --help' for more information.\n");
 	return EXIT_FAILURE;
 	break;
     }