Package: davfs2 Version: 1.6.1-1 Severity: normal Hello,
Not making /usr/sbin/mount.davfs setuid has a problematic consequence: if I run $ sudo mount /net/foo $ sudo reboot the reboot stays stuck for 90s, waiting for mount.davfs to exit. In the syslog, we can see août 05 13:46:03 begin mount.davfs[19302]: pid 19302, got signal 15 août 05 13:46:03 begin mount.davfs[19302]: unmounting /net/foo so it did get the SIGTERM signal from systemd and ran /bin/umount /net/foo, but stracing that shows: 20189 umount2("/net/foo", 0) = -1 EPERM (Operation not permitted) 20189 write(2, "umount: ", 8) = 8 20189 write(2, "/net/foo: must be superuser to unmount", 38) = 38 That is because mount.davfs is running as user davfs2, not as root, and thus cannot actually trigger the umount of /net/foo, and things stay stuck there until 90s later, when systemd gets impatient and sends a SIGKILL. Adding the uid=davfs2 option to /etc/fstab allows the umount to work and thus fix the 90s delay, but davfs should automatically add that option when it is not already defined, to avoid the davfs2-vs-root incoherency above. Samuel -- System Information: Debian Release: bookworm/sid APT prefers testing APT policy: (990, 'testing'), (500, 'unstable-debug'), (500, 'testing-debug'), (500, 'stable-security'), (500, 'stable-debug'), (500, 'proposed-updates-debug'), (500, 'proposed-updates'), (500, 'oldstable-proposed-updates-debug'), (500, 'oldstable-proposed-updates'), (500, 'oldoldstable'), (500, 'buildd-unstable'), (500, 'unstable'), (500, 'stable'), (500, 'oldstable'), (1, 'experimental-debug'), (1, 'buildd-experimental'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386, arm64 Kernel: Linux 5.19.0 (SMP w/8 CPU threads; PREEMPT) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages davfs2 depends on: ii adduser 3.123 ii cdebconf [debconf-2.0] 0.263 ii debconf [debconf-2.0] 1.5.79 ii libc6 2.33-8 ii libneon27 0.32.2-1+b1 davfs2 recommends no packages. davfs2 suggests no packages. -- Configuration Files: /etc/davfs2/secrets [Errno 13] Permission non accordée: '/etc/davfs2/secrets' -- debconf information: * davfs2/new_user: true * davfs2/user_name: davfs2 * davfs2/new_group: true * davfs2/suid_file: false * davfs2/non_root_users_confimed: * davfs2/group_name: davfs2 -- Samuel --- Pour une évaluation indépendante, transparente et rigoureuse ! Je soutiens la Commission d'Évaluation de l'Inria.