usermount is dead. Ok?
natano
Index: lib/libc/gen/sysctl.3
===================================================================
RCS file: /cvs/src/lib/libc/gen/sysctl.3,v
retrieving revision 1.267
diff -u -p -r1.267 sysctl.3
--- lib/libc/gen/sysctl.3 20 Jul 2016 09:15:28 -0000 1.267
+++ lib/libc/gen/sysctl.3 4 Sep 2016 21:11:14 -0000
@@ -474,7 +474,6 @@ information.
.It Dv KERN_TIMECOUNTER Ta "node" Ta "not applicable"
.It Dv KERN_TTY Ta "node" Ta "not applicable"
.It Dv KERN_TTYCOUNT Ta "integer" Ta "no"
-.It Dv KERN_USERMOUNT Ta "integer" Ta "yes"
.It Dv KERN_VERSION Ta "string" Ta "no"
.It Dv KERN_WATCHDOG Ta "node" Ta "not applicable"
.It Dv KERN_WXABORT Ta "integer" Ta "yes"
@@ -1016,8 +1015,6 @@ Returns the number of input characters i
Number of available
.Xr tty 4
devices.
-.It Dv KERN_USERMOUNT
-Currently a no-op.
.It Dv KERN_VERSION
The system version string.
.It Dv KERN_WATCHDOG
Index: sbin/sysctl/sysctl.8
===================================================================
RCS file: /cvs/src/sbin/sysctl/sysctl.8,v
retrieving revision 1.204
diff -u -p -r1.204 sysctl.8
--- sbin/sysctl/sysctl.8 27 Jul 2016 20:51:46 -0000 1.204
+++ sbin/sysctl/sysctl.8 4 Sep 2016 21:04:44 -0000
@@ -139,7 +139,6 @@ and a few require a kernel compiled with
.It kern.osversion Ta string Ta no
.It kern.somaxconn Ta integer Ta yes
.It kern.sominconn Ta integer Ta yes
-.It kern.usermount Ta integer Ta yes
.It kern.nosuidcoredump Ta integer Ta yes
.It kern.fsync Ta integer Ta no
.It kern.sysvmsg Ta integer Ta no
Index: sys/isofs/cd9660/cd9660_vfsops.c
===================================================================
RCS file: /cvs/src/sys/isofs/cd9660/cd9660_vfsops.c,v
retrieving revision 1.82
diff -u -p -r1.82 cd9660_vfsops.c
--- sys/isofs/cd9660/cd9660_vfsops.c 2 Sep 2016 10:16:03 -0000 1.82
+++ sys/isofs/cd9660/cd9660_vfsops.c 4 Sep 2016 20:02:52 -0000
@@ -179,19 +179,6 @@ cd9660_mount(mp, path, data, ndp, p)
return (ENXIO);
}
- /*
- * If mount by non-root, then verify that user has necessary
- * permissions on the device.
- */
- if (suser(p, 0) != 0) {
- vn_lock(devvp, LK_EXCLUSIVE | LK_RETRY, p);
- error = VOP_ACCESS(devvp, VREAD, p->p_ucred, p);
- if (error) {
- vput(devvp);
- return (error);
- }
- VOP_UNLOCK(devvp, p);
- }
if ((mp->mnt_flag & MNT_UPDATE) == 0)
error = iso_mountfs(devvp, mp, p, &args);
else {
Index: sys/isofs/udf/udf_vfsops.c
===================================================================
RCS file: /cvs/src/sys/isofs/udf/udf_vfsops.c,v
retrieving revision 1.54
diff -u -p -r1.54 udf_vfsops.c
--- sys/isofs/udf/udf_vfsops.c 25 Aug 2016 00:06:44 -0000 1.54
+++ sys/isofs/udf/udf_vfsops.c 4 Sep 2016 20:04:57 -0000
@@ -170,17 +170,6 @@ udf_mount(struct mount *mp, const char *
return (ENXIO);
}
- /* Check the access rights on the mount device */
- if (p->p_ucred->cr_uid) {
- vn_lock(devvp, LK_EXCLUSIVE | LK_RETRY, p);
- error = VOP_ACCESS(devvp, VREAD, p->p_ucred, p);
- VOP_UNLOCK(devvp, p);
- if (error) {
- vrele(devvp);
- return (error);
- }
- }
-
if ((error = udf_mountfs(devvp, mp, args.lastblock, p))) {
vrele(devvp);
return (error);
Index: sys/kern/kern_sysctl.c
===================================================================
RCS file: /cvs/src/sys/kern/kern_sysctl.c,v
retrieving revision 1.308
diff -u -p -r1.308 kern_sysctl.c
--- sys/kern/kern_sysctl.c 4 Sep 2016 09:22:29 -0000 1.308
+++ sys/kern/kern_sysctl.c 4 Sep 2016 21:07:46 -0000
@@ -414,10 +414,6 @@ kern_sysctl(int *name, u_int namelen, vo
return (sysctl_int(oldp, oldlenp, newp, newlen, &somaxconn));
case KERN_SOMINCONN:
return (sysctl_int(oldp, oldlenp, newp, newlen, &sominconn));
- case KERN_USERMOUNT: {
- int usermount = 0;
- return (sysctl_rdint(oldp, oldlenp, newp, usermount));
- }
case KERN_ARND: {
char buf[512];
Index: sys/kern/vfs_syscalls.c
===================================================================
RCS file: /cvs/src/sys/kern/vfs_syscalls.c,v
retrieving revision 1.263
diff -u -p -r1.263 vfs_syscalls.c
--- sys/kern/vfs_syscalls.c 14 Jul 2016 15:39:40 -0000 1.263
+++ sys/kern/vfs_syscalls.c 4 Sep 2016 20:28:57 -0000
@@ -110,7 +110,6 @@ sys_mount(struct proc *p, void *v, regis
int error, mntflag = 0;
char fstypename[MFSNAMELEN];
char fspath[MNAMELEN];
- struct vattr va;
struct nameidata nd;
struct vfsconf *vfsp;
int flags = SCARG(uap, flags);
@@ -150,29 +149,6 @@ sys_mount(struct proc *p, void *v, regis
return (EOPNOTSUPP); /* Needs translation */
}
- /*
- * Only root, or the user that did the original mount is
- * permitted to update it.
- */
- if (mp->mnt_stat.f_owner != p->p_ucred->cr_uid &&
- (error = suser(p, 0))) {
- vput(vp);
- return (error);
- }
- /*
- * Do not allow NFS export by non-root users. Silently
- * enforce MNT_NOSUID and MNT_NODEV for non-root users, and
- * inherit MNT_NOEXEC from the mount point.
- */
- if (suser(p, 0) != 0) {
- if (flags & MNT_EXPORTED) {
- vput(vp);
- return (EPERM);
- }
- flags |= MNT_NOSUID | MNT_NODEV;
- if (mntflag & MNT_NOEXEC)
- flags |= MNT_NOEXEC;
- }
if ((error = vfs_busy(mp, VB_READ|VB_NOWAIT)) != 0) {
vput(vp);
return (error);
@@ -180,30 +156,6 @@ sys_mount(struct proc *p, void *v, regis
mp->mnt_flag |= flags & (MNT_RELOAD | MNT_UPDATE);
goto update;
}
- /*
- * If the user is not root, ensure that they own the directory
- * onto which we are attempting to mount.
- */
- if ((error = VOP_GETATTR(vp, &va, p->p_ucred, p)) ||
- (va.va_uid != p->p_ucred->cr_uid &&
- (error = suser(p, 0)))) {
- vput(vp);
- return (error);
- }
- /*
- * Do not allow NFS export by non-root users. Silently
- * enforce MNT_NOSUID and MNT_NODEV for non-root users, and inherit
- * MNT_NOEXEC from the mount point.
- */
- if (suser(p, 0) != 0) {
- if (flags & MNT_EXPORTED) {
- vput(vp);
- return (EPERM);
- }
- flags |= MNT_NOSUID | MNT_NODEV;
- if (vp->v_mount->mnt_flag & MNT_NOEXEC)
- flags |= MNT_NOEXEC;
- }
if ((error = vinvalbuf(vp, V_SAVE, p->p_ucred, p, 0, 0)) != 0) {
vput(vp);
return (error);
@@ -374,22 +326,15 @@ sys_unmount(struct proc *p, void *v, reg
int error;
struct nameidata nd;
+ if ((error = suser(p, 0)) != 0)
+ return (error);
+
NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF, UIO_USERSPACE,
SCARG(uap, path), p);
if ((error = namei(&nd)) != 0)
return (error);
vp = nd.ni_vp;
mp = vp->v_mount;
-
- /*
- * Only root, or the user that did the original mount is
- * permitted to unmount this filesystem.
- */
- if ((mp->mnt_stat.f_owner != p->p_ucred->cr_uid) &&
- (error = suser(p, 0))) {
- vput(vp);
- return (error);
- }
/*
* Don't allow unmounting the root file system.
Index: sys/msdosfs/msdosfs_vfsops.c
===================================================================
RCS file: /cvs/src/sys/msdosfs/msdosfs_vfsops.c,v
retrieving revision 1.79
diff -u -p -r1.79 msdosfs_vfsops.c
--- sys/msdosfs/msdosfs_vfsops.c 13 Aug 2016 20:53:17 -0000 1.79
+++ sys/msdosfs/msdosfs_vfsops.c 4 Sep 2016 20:06:48 -0000
@@ -106,7 +106,6 @@ msdosfs_mount(struct mount *mp, const ch
char fname[MNAMELEN];
char fspec[MNAMELEN];
int error, flags;
- mode_t accessmode;
error = copyin(data, &args, sizeof(struct msdosfs_args));
if (error)
@@ -138,22 +137,9 @@ msdosfs_mount(struct mount *mp, const ch
if (error)
return (error);
if ((pmp->pm_flags & MSDOSFSMNT_RONLY) &&
- (mp->mnt_flag & MNT_WANTRDWR)) {
- /*
- * If upgrade to read-write by non-root, then verify
- * that user has necessary permissions on the device.
- */
- if (suser(p, 0) != 0) {
- devvp = pmp->pm_devvp;
- vn_lock(devvp, LK_EXCLUSIVE | LK_RETRY, p);
- error = VOP_ACCESS(devvp, VREAD | VWRITE,
- p->p_ucred, p);
- VOP_UNLOCK(devvp, p);
- if (error)
- return (error);
- }
+ (mp->mnt_flag & MNT_WANTRDWR))
pmp->pm_flags &= ~MSDOSFSMNT_RONLY;
- }
+
if (args.fspec == NULL) {
#ifdef __notyet__ /* doesn't work correctly with current mountd
XXX */
if (args.flags & MSDOSFSMNT_MNTOPT) {
@@ -195,21 +181,6 @@ msdosfs_mount(struct mount *mp, const ch
if (major(devvp->v_rdev) >= nblkdev) {
error = ENXIO;
goto error_devvp;
- }
-
- /*
- * If mount by non-root, then verify that user has necessary
- * permissions on the device.
- */
- if (suser(p, 0) != 0) {
- accessmode = VREAD;
- if ((mp->mnt_flag & MNT_RDONLY) == 0)
- accessmode |= VWRITE;
- vn_lock(devvp, LK_EXCLUSIVE | LK_RETRY, p);
- error = VOP_ACCESS(devvp, accessmode, p->p_ucred, p);
- VOP_UNLOCK(devvp, p);
- if (error)
- goto error_devvp;
}
if ((mp->mnt_flag & MNT_UPDATE) == 0)
Index: sys/ntfs/ntfs_vfsops.c
===================================================================
RCS file: /cvs/src/sys/ntfs/ntfs_vfsops.c,v
retrieving revision 1.54
diff -u -p -r1.54 ntfs_vfsops.c
--- sys/ntfs/ntfs_vfsops.c 1 Sep 2016 08:40:39 -0000 1.54
+++ sys/ntfs/ntfs_vfsops.c 4 Sep 2016 20:13:08 -0000
@@ -187,18 +187,6 @@ ntfs_mount(struct mount *mp, const char
goto error_2;
}
- /*
- * If we are not root, make sure we have permission to access the
- * requested device.
- */
- if (p->p_ucred->cr_uid) {
- vn_lock(devvp, LK_EXCLUSIVE | LK_RETRY, p);
- err = VOP_ACCESS(devvp, VREAD, p->p_ucred, p);
- VOP_UNLOCK(devvp, p);
- if (err)
- goto error_2;
- }
-
if (mp->mnt_flag & MNT_UPDATE) {
#if 0
/*
Index: sys/sys/sysctl.h
===================================================================
RCS file: /cvs/src/sys/sys/sysctl.h,v
retrieving revision 1.164
diff -u -p -r1.164 sysctl.h
--- sys/sys/sysctl.h 4 Sep 2016 09:22:29 -0000 1.164
+++ sys/sys/sysctl.h 4 Sep 2016 21:06:28 -0000
@@ -130,7 +130,7 @@ struct ctlname {
#define KERN_OSVERSION 27 /* string: kernel build version
*/
#define KERN_SOMAXCONN 28 /* int: listen queue maximum */
#define KERN_SOMINCONN 29 /* int: half-open controllable
param */
-#define KERN_USERMOUNT 30 /* int: users may mount
filesystems */
+/* was KERN_USERMOUNT 30 */
/* was KERN_RND 31 */
#define KERN_NOSUIDCOREDUMP 32 /* int: no setuid coredumps
ever */
#define KERN_FSYNC 33 /* int: file synchronization
support */
@@ -217,7 +217,7 @@ struct ctlname {
{ "osversion", CTLTYPE_STRING }, \
{ "somaxconn", CTLTYPE_INT }, \
{ "sominconn", CTLTYPE_INT }, \
- { "usermount", CTLTYPE_INT }, \
+ { "gap", 0 }, \
{ "random", CTLTYPE_STRUCT }, \
{ "nosuidcoredump", CTLTYPE_INT }, \
{ "fsync", CTLTYPE_INT }, \
Index: sys/ufs/ext2fs/ext2fs_vfsops.c
===================================================================
RCS file: /cvs/src/sys/ufs/ext2fs/ext2fs_vfsops.c,v
retrieving revision 1.95
diff -u -p -r1.95 ext2fs_vfsops.c
--- sys/ufs/ext2fs/ext2fs_vfsops.c 13 Aug 2016 21:28:09 -0000 1.95
+++ sys/ufs/ext2fs/ext2fs_vfsops.c 4 Sep 2016 20:14:49 -0000
@@ -170,7 +170,6 @@ ext2fs_mount(struct mount *mp, const cha
char fname[MNAMELEN];
char fspec[MNAMELEN];
int error, flags;
- mode_t accessmode;
error = copyin(data, &args, sizeof(struct ufs_args));
if (error)
@@ -204,19 +203,6 @@ ext2fs_mount(struct mount *mp, const cha
return (error);
}
if (fs->e2fs_ronly && (mp->mnt_flag & MNT_WANTRDWR)) {
- /*
- * If upgrade to read-write by non-root, then verify
- * that user has necessary permissions on the device.
- */
- if (suser(p, 0) != 0) {
- devvp = ump->um_devvp;
- vn_lock(devvp, LK_EXCLUSIVE | LK_RETRY, p);
- error = VOP_ACCESS(devvp, VREAD | VWRITE,
- p->p_ucred, p);
- VOP_UNLOCK(devvp, p);
- if (error)
- return (error);
- }
fs->e2fs_ronly = 0;
if (fs->e2fs.e2fs_state == E2FS_ISCLEAN)
fs->e2fs.e2fs_state = 0;
@@ -255,20 +241,6 @@ ext2fs_mount(struct mount *mp, const cha
if (major(devvp->v_rdev) >= nblkdev) {
error = ENXIO;
goto error_devvp;
- }
- /*
- * If mount by non-root, then verify that user has necessary
- * permissions on the device.
- */
- if (suser(p, 0) != 0) {
- accessmode = VREAD;
- if ((mp->mnt_flag & MNT_RDONLY) == 0)
- accessmode |= VWRITE;
- vn_lock(devvp, LK_EXCLUSIVE | LK_RETRY, p);
- error = VOP_ACCESS(devvp, accessmode, p->p_ucred, p);
- VOP_UNLOCK(devvp, p);
- if (error)
- goto error_devvp;
}
if ((mp->mnt_flag & MNT_UPDATE) == 0)
error = ext2fs_mountfs(devvp, mp, p);
Index: sys/ufs/ffs/ffs_vfsops.c
===================================================================
RCS file: /cvs/src/sys/ufs/ffs/ffs_vfsops.c,v
retrieving revision 1.162
diff -u -p -r1.162 ffs_vfsops.c
--- sys/ufs/ffs/ffs_vfsops.c 13 Aug 2016 21:28:09 -0000 1.162
+++ sys/ufs/ffs/ffs_vfsops.c 4 Sep 2016 20:14:33 -0000
@@ -213,7 +213,6 @@ ffs_mount(struct mount *mp, const char *
char fspec[MNAMELEN];
int error = 0, flags;
int ronly;
- mode_t accessmode;
error = copyin(data, &args, sizeof(struct ufs_args));
if (error)
@@ -305,19 +304,6 @@ ffs_mount(struct mount *mp, const char *
goto error_1;
if (ronly && (mp->mnt_flag & MNT_WANTRDWR)) {
- /*
- * If upgrade to read-write by non-root, then verify
- * that user has necessary permissions on the device.
- */
- if (suser(p, 0)) {
- vn_lock(devvp, LK_EXCLUSIVE | LK_RETRY, p);
- error = VOP_ACCESS(devvp, VREAD | VWRITE,
- p->p_ucred, p);
- VOP_UNLOCK(devvp, p);
- if (error)
- goto error_1;
- }
-
if (fs->fs_clean == 0) {
#if 0
/*
@@ -394,21 +380,6 @@ ffs_mount(struct mount *mp, const char *
if (major(devvp->v_rdev) >= nblkdev) {
error = ENXIO;
goto error_2;
- }
-
- /*
- * If mount by non-root, then verify that user has necessary
- * permissions on the device.
- */
- if (suser(p, 0)) {
- accessmode = VREAD;
- if ((mp->mnt_flag & MNT_RDONLY) == 0)
- accessmode |= VWRITE;
- vn_lock(devvp, LK_EXCLUSIVE | LK_RETRY, p);
- error = VOP_ACCESS(devvp, accessmode, p->p_ucred, p);
- VOP_UNLOCK(devvp, p);
- if (error)
- goto error_2;
}
if (mp->mnt_flag & MNT_UPDATE) {
