Package: davfs2 Version: 1.4.6-1ubuntu2 Severity: important Tags: squeeze sid upstream lenny patch
If the sysadmin set system wide options in /etc/davfs2/davfs2.conf and she allows for unprivileged users to mount WebDAV resources then they will experience inconsistent results. Example: sysadmin@host:~$ echo "davfs2 davfs2/suid_file boolean true" | sudo debconf- set-selections -- sysadmin@host:~$ sudo dpkg-reconfigure davfs2 sysadmin@host:~$ sudo sh -c 'echo "http://webdav.cyberteams.com:8080/ /mnt davfs noauto,user 0 0" > /etc/fstab' user@host:~$ mount /mnt Please enter the username to authenticate with server http://webdav.cyberteams.com:8080 or hit enter for none. Username: guest Please enter the password to authenticate user guest with server http://webdav.cyberteams.com:8080 or hit enter for none. Password: guest user@host:~$ ls /mnt aaa [snip] user@host:~$ umount /mnt /sbin/umount.davfs: waiting while mount.davfs (pid 13147) synchronizes the cache . user@host:~$ mount /mnt /sbin/mount.davfs:/home/user/.davfs2/davfs2.conf:24: unknown option user@host:~$ ls /mnt user@host:~$ This happens because /etc/davfs2/davfs2.conf is copied to ~/.davfs/ if ~/.davfs2 doesn't exist when mount.davfs2 is called. Due to #620163 Debian needs to include a system option in /etc/davfs2/davfs2.conf Fix: Warn instead of exiting when system options are in the users configuration and vice-versa -- System Information: Debian Release: squeeze/sid APT prefers maverick-updates APT policy: (500, 'maverick-updates'), (500, 'maverick-security'), (500, 'maverick-proposed'), (500, 'maverick-backports'), (500, 'maverick') Architecture: amd64 (x86_64) Kernel: Linux 2.6.35-28-generic (SMP w/2 CPU cores) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages davfs2 depends on: ii adduser 3.112ubuntu1 add and remove users and groups ii debconf [debconf-2.0] 1.5.32ubuntu3 Debian configuration management sy ii libc6 2.12.1-0ubuntu10.3 Embedded GNU C Library: Shared lib ii libneon27-gnutls 0.29.3-2 An HTTP and WebDAV client library davfs2 recommends no packages. davfs2 suggests no packages. -- Configuration Files: /etc/davfs2/secrets [Errno 13] Permission denied: u'/etc/davfs2/secrets' -- debconf information: davfs2/user_name: davfs2 * davfs2/suid_file: true davfs2/group_name: davfs2 davfs2/new_group: true davfs2/non_root_users_confimed: davfs2/new_user: true
--- src/mount_davfs.c 2010-05-09 02:20:30 +0000 +++ src/mount_davfs.c 2011-03-31 20:31:46 +0000 @@ -2174,18 +2174,33 @@ } else if (applies && count == 2) { - if (system && strcmp(parmv[0], "dav_user") == 0) { - if (args->dav_user) - free(args->dav_user); - args->dav_user = ne_strdup(parmv[1]); - } else if (system && strcmp(parmv[0], "dav_group") == 0) { - if (args->dav_group) - free(args->dav_group); - args->dav_group = ne_strdup(parmv[1]); - } else if (system && strcmp(parmv[0], "ignore_home") == 0) { - if (args->ignore_home) - free(args->ignore_home); - args->ignore_home = ne_strdup(parmv[1]); + if (strcmp(parmv[0], "dav_user") == 0) { + if (system) { + if (args->dav_user) + free(args->dav_user); + args->dav_user = ne_strdup(parmv[1]); + } else { + error_at_line(0, 0, filename, lineno, + _("system option in user configuration file")); + } + } else if (strcmp(parmv[0], "dav_group") == 0) { + if (system) { + if (args->dav_group) + free(args->dav_group); + args->dav_group = ne_strdup(parmv[1]); + } else { + error_at_line(0, 0, filename, lineno, + _("system option in user configuration file")); + } + } else if (strcmp(parmv[0], "ignore_home") == 0) { + if (system) { + if (args->ignore_home) + free(args->ignore_home); + args->ignore_home = ne_strdup(parmv[1]); + } else { + error_at_line(0, 0, filename, lineno, + _("system option in user configuration file")); + } } else if (strcmp(parmv[0], "kernel_fs") == 0) { if (args->kernel_fs) free(args->kernel_fs); @@ -2196,21 +2211,36 @@ if (args->servercert) free(args->servercert); args->servercert = ne_strdup(parmv[1]); - } else if (!system && strcmp(parmv[0], "secrets") == 0) { - if (args->secrets) - free(args->secrets); - args->secrets = ne_strdup(parmv[1]); + } else if (strcmp(parmv[0], "secrets") == 0) { + if (system) { + error_at_line(0, 0, filename, lineno, + _("user option in system configuration file")); + } else { + if (args->secrets) + free(args->secrets); + args->secrets = ne_strdup(parmv[1]); + } } else if (strcmp(parmv[0], "clientcert") == 0) { if (args->clicert) free(args->clicert); args->clicert = ne_strdup(parmv[1]); - } else if (system && strcmp(parmv[0], "proxy") == 0) { - if (split_uri(NULL, &args->p_host, &args->p_port, NULL, - parmv[1]) != 0) - error_at_line(EXIT_FAILURE, 0, filename, lineno, - _("malformed line")); - } else if (system && strcmp(parmv[0], "use_proxy") == 0) { - args->useproxy = arg_to_int(parmv[1], 10, parmv[0]); + } else if (strcmp(parmv[0], "proxy") == 0) { + if (system) { + if (split_uri(NULL, &args->p_host, &args->p_port, NULL, + parmv[1]) != 0) + error_at_line(EXIT_FAILURE, 0, filename, lineno, + _("malformed line")); + } else { + error_at_line(0, 0, filename, lineno, + _("system option in user configuration file")); + } + } else if (strcmp(parmv[0], "use_proxy") == 0) { + if (system) { + args->useproxy = arg_to_int(parmv[1], 10, parmv[0]); + } else { + error_at_line(0, 0, filename, lineno, + _("system option in non-system config")); + } } else if (strcmp(parmv[0], "ask_auth") == 0) { args->askauth = arg_to_int(parmv[1], 10, parmv[0]); } else if (strcmp(parmv[0], "use_locks") == 0) { @@ -2249,14 +2279,24 @@ if (args->s_charset) free(args->s_charset); args->s_charset = ne_strdup(parmv[1]); - } else if (system && strcmp(parmv[0], "cache_dir") == 0) { - if (args->sys_cache) - free(args->sys_cache); - args->sys_cache = ne_strdup(parmv[1]); - } else if (!system && strcmp(parmv[0], "cache_dir") == 0) { - if (args->cache_dir != NULL) - free(args->cache_dir); - args->cache_dir = ne_strdup(parmv[1]); + } else if (strcmp(parmv[0], "cache_dir") == 0) { + if (system) { + if (args->sys_cache) + free(args->sys_cache); + args->sys_cache = ne_strdup(parmv[1]); + } else { + error_at_line(0, 0, filename, lineno, + _("system option in user configuration file")); + } + } else if (strcmp(parmv[0], "cache_dir") == 0) { + if (system) { + if (args->cache_dir != NULL) + free(args->cache_dir); + args->cache_dir = ne_strdup(parmv[1]); + } else { + error_at_line(0, 0, filename, lineno, + _("user option in system configuration file")); + } } else if (strcmp(parmv[0], "backup_dir") == 0) { if (args->backup_dir) free(args->backup_dir);