• Jeff Layton's avatar
    cifs: make overriding of ownership conditional on new mount options · 4ae1507f
    Jeff Layton authored
    We have a bit of a problem with the uid= option. The basic issue is that
    it means too many things and has too many side-effects.
    
    It's possible to allow an unprivileged user to mount a filesystem if the
    user owns the mountpoint, /bin/mount is setuid root, and the mount is
    set up in /etc/fstab with the "user" option.
    
    When doing this though, /bin/mount automatically adds the "uid=" and
    "gid=" options to the share. This is fortunate since the correct uid=
    option is needed in order to tell the upcall what user's credcache to
    use when generating the SPNEGO blob.
    
    On a mount without unix extensions this is fine -- you generally will
    want the files to be owned by the "owner" of the mount. The problem
    comes in on a mount with unix extensions. With those enabled, the
    uid/gid options cause the ownership of files to be overriden even though
    the server is sending along the ownership info.
    
    This means that it's not possible to have a mount by an unprivileged
    user that shows the server's file ownership info. The result is also
    inode permissions that have no reflection at all on the server. You
    simply cannot separate ownership from the mode in this fashion.
    
    This behavior also makes MultiuserMount option less usable. Once you
    pass in the uid= option for a mount, then you can't use unix ownership
    info and allow someone to share the mount.
    
    While I'm not thrilled with it, the only solution I can see is to stop
    making uid=/gid= force the overriding of ownership on mounts, and to add
    new mount options that turn this behavior on.
    Signed-off-by: default avatarJeff Layton <jlayton@redhat.com>
    Signed-off-by: default avatarSteve French <sfrench@us.ibm.com>
    4ae1507f
connect.c 81.9 KB