From: Archie C. <ar...@de...> - 2013-05-14 15:24:12
|
On Tue, May 7, 2013 at 1:25 PM, Archie Cobbs <ar...@de...> wrote: > On Tue, May 7, 2013 at 10:00 AM, Miklos Szeredi <mi...@sz...> wrote: > >> On Tue, May 7, 2013 at 4:25 PM, Archie Cobbs <ar...@de...> wrote: >> > Presumably, at some point this option has to be communicated to the >> kernel. >> > So that system call can return an error if the user is not root, right? >> >> Yes. The problem is that fusermount is suid-root and calls the >> mount(2) syscall with superuser privileges whether it was invoked by >> root or not. So the kernel cannot check for the usual >> capable(CAP_FOO_BAR) when checking whether the user has enough >> privileges for -osync_umount. >> >> But fusermount does pass "user_id=UID" option to the kernel. And the >> kernel can check for user_id=0. Which is not very nice but looks like >> the only option. >> > > Got it. If time permits I will try to look into this idea further. > I've attached a partial patch. Not being at all familiar with the code, it's likely incomplete and/or wrong, and I didn't even attempt to address the kernel side. Note the fuse_kernel.h file was not up-to-date wrt. Linux (minor version 21 instead of 22) so I included the version 22 update as well. Miklos please let me know your thoughts. Thanks, -Archie -- Archie L. Cobbs |