Bug 917678 - mount in RHEL 6.4 ignores user option
Summary: mount in RHEL 6.4 ignores user option
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: util-linux-ng
Version: 6.4
Hardware: Unspecified
OS: Unspecified
urgent
high
Target Milestone: rc
: ---
Assignee: Karel Zak
QA Contact: qe-baseos-daemons
URL:
Whiteboard:
Depends On:
Blocks: 955520
TreeView+ depends on / blocked
 
Reported: 2013-03-04 14:44 UTC by Jens Kuehnel
Modified: 2018-12-01 15:46 UTC (History)
8 users (show)

Fixed In Version: util-linux-ng-2.17.2-12.12.el6
Doc Type: Bug Fix
Doc Text:
Due to a regression in the code, if a symbolic link was used for a mount point in the fstab configuration file, mount attempts to that mount point failed. This update ensures that all paths in fstab are made canonical and such mount points can now be mounted as expected.
Clone Of:
Environment:
Last Closed: 2013-11-21 20:45:23 UTC


Attachments (Terms of Use)
proposed patch (973 bytes, patch)
2013-03-13 08:51 UTC, Karel Zak
no flags Details | Diff


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2013:1648 normal SHIPPED_LIVE util-linux-ng bug fix and enhancement update 2013-11-20 21:53:24 UTC

Description Jens Kuehnel 2013-03-04 14:44:36 UTC
Description of problem:
Since RHEL6.4 a mount with option user requires root privileges.

Version-Release number of selected component (if applicable):
util-linux-ng-2.17.2-12.9.el6.x86_64

How reproducible:
100%, tested on 3 of my systems and reports on the Internet (only german): http://lists.mathias-kettner.de/pipermail/checkmk-de/2013-February/002585.html 


Steps to Reproduce:
1. echo "tmpfs  /omd/sites/test/tmp tmpfs noauto,user,mode=755,uid=test,gid=test 0 0 " >> /etc/fstab
2. mkdir -p /omd/sites/test/tmp
3. useradd test
4. su - test -c 'mount /omd/sites/test/tmp'
  
Actual results:
mount: can't find /omd/sites/test/tmp in /etc/fstab or /etc/mtab


Expected results:
is simply mounts


Additional info:
Worked with util-linux-ng-2.17.2-12.7.el6.x86_64

Downgrade is a problem because of some device-mapper dependency. Take a RHEL6.3 and only upgrade util-linux-ng, than you can downgrade with:
yum downgrade util-linux-ng-2.17.2-12.7.el6.x86_64 libblkid-2.17.2-12.7.el6.x86_64 libuuid-2.17.2-12.7.el6.x86_64

Comment 1 Karel Zak 2013-03-07 18:20:46 UTC
Works for me:

[root@el6 ~]# echo "tmpfs  /omd/sites/test/tmp tmpfs noauto,user,mode=755,uid=test,gid=test 0 0 " >> /etc/fstab
[root@el6 ~]# mkdir -p /omd/sites/test/tmp
[root@el6 ~]# useradd test
[root@el6 ~]# su - test -c 'mount /omd/sites/test/tmp'

[root@el6 ~]# findmnt --mtab /omd/sites/test/tmp
TARGET              SOURCE FSTYPE OPTIONS
/omd/sites/test/tmp tmpfs  tmpfs  rw,noexec,nosuid,nodev,mode=755,uid=500,gid=500,user=test

[root@el6 ~]# rpm -qf /bin/mount
util-linux-ng-2.17.2-12.9.el6.i686

Please, try mount with -v (verbose mode), for example:

su - test -c 'mount -vvv /omd/sites/test/tmp'

Comment 2 Jens Kuehnel 2013-03-07 18:38:42 UTC
I checked it here with yet another installation, but all our installation x86_64. Maybe it is only 64bit.
Output with -vvv:

[root@XXXXX ~]# su - test -c 'mount -vvv /omd/sites/test/tmp'
mount: fstab path: "/etc/fstab"
mount: mtab path:  "/etc/mtab"
mount: lock path:  "/etc/mtab~"
mount: temp path:  "/etc/mtab.tmp"
mount: UID:        500
mount: eUID:       0
mount: can't find /omd/sites/test/tmp in /etc/fstab or /etc/mtab

Comment 3 Ralf Ertzinger 2013-03-10 22:08:53 UTC
I have the exact same problem (also with OMD), and it's not the user option. It's the fact that the path in /etc/fstab contains a symlink (/omd is a symlink to /opt/omd)

Replacing /omd with /opt/omd in /etc/fstab (effectively resolving the symlink) makes this work again.

Probably something from the fix in https://bugzilla.redhat.com/show_bug.cgi?id=892330 broke this.

Comment 4 Jens Kuehnel 2013-03-11 07:39:33 UTC
I can confirm comment #3. It only happens when a symlink is part of the path.

Comment 5 Karel Zak 2013-03-11 09:44:47 UTC
You're right.

The old code in mount/fstab.c: getfs_by_dir() does not expect non-canonical paths in fstab, but now (since bug #892330) all paths from non-root users are always canonicalized.

The workaround is to use canonicalized (real) paths in /etc/fstab for user mounts, something like:

echo "tmpfs $(cd /omd/sites/test/tmp; pwd -P) tmpfs noauto,user,mode=755,uid=test,gid=test 0 0 " >>  /etc/fstab

Comment 6 Jens Kuehnel 2013-03-11 12:42:16 UTC
If I understand BZ892330 correctly the patch should fix a problem where a normal user can create a symlink and detect by the error message if a file exist even when the user can not look into the directory.

By fixing this problem, instead of checking if a symlink is resolvable by the user, the patch disabled the usage of symlinks completly for non-users.

Do I understand the problem correctly?

I have already a workaround, because I mount the tmpfs directory as user root. Not nice but working.

But I think this should be fixed permanently. There a lot of omd Users that complain about broken RHEL6.4.

Comment 7 Karel Zak 2013-03-13 08:09:10 UTC
(In reply to comment #6)
> If I understand BZ892330 correctly the patch should fix a problem where a
> normal user can create a symlink and detect by the error message if a file
> exist even when the user can not look into the directory.

Yes.

> By fixing this problem, instead of checking if a symlink is resolvable by
> the user, the patch disabled the usage of symlinks completly for non-users.

No, the old code used root permissions (as mount(8) is suid) to evaluate sysmlinks, the new fixed version uses non-root user's UID to evaluate paths from command line and then the new canonical path is used for all next operations in mount(8). 

Unfortunately some another part of the mount(8) command does not expect canonical paths if there is a symlink in fstab... 

It means that bug #892330 helps us to find another fragile code in mount(8).

(Fortunately, we don't use this code in RHEL7 any more.)

> But I think this should be fixed permanently. 

Sure, it's obvious bug.

Comment 8 Karel Zak 2013-03-13 08:51:49 UTC
Created attachment 709415 [details]
proposed patch

with the patch:

mkdir -p /mnt/test
ln -s /mnt/test /mnt/sym-test

echo "tmpfs /mnt/sym-test tmpfs noauto,user,mode=755  0 0" >> /etc/fstab

as non-root user:
   $ mount /mnt/sym-test

findmnt /mnt/test
TARGET    SOURCE FSTYPE OPTIONS
/mnt/test tmpfs  tmpfs rw,nosuid,nodev,noexec,relatime,mode=755,uid=1000,gid=1000

Comment 9 Jens Kuehnel 2013-03-13 12:31:57 UTC
the patch works and fixes the problem. I created a rpm and installed it on one machine.

Comment 10 Jens Kuehnel 2013-04-04 13:40:40 UTC
Any ETA for this bug in RHEL6.4?

Comment 15 Jens Kuehnel 2013-04-09 15:11:41 UTC
@Marcel Kolaja: Why did you mark this bug as private? Please open it up again!

Comment 16 J.H.M. Dassen (Ray) 2013-04-09 15:34:48 UTC
Reinstating this as a public entry. Let's leave the private BZ dance for a 6.4.z clone.

Comment 17 Marcel Kolaja 2013-04-09 16:14:46 UTC
(In reply to comment #15)
> @Marcel Kolaja: Why did you mark this bug as private? Please open it up
> again!

Sorry, I did that by mistake. Ray already fixed that. Thanks Ray!

Comment 21 Jens Kuehnel 2013-04-17 17:15:50 UTC
A test repo can be found at http://jens.fedorapeople.org/rhel64-bz917678/.
If you want to check the patch.

Comment 26 errata-xmlrpc 2013-11-21 20:45:23 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2013-1648.html


Note You need to log in before you can comment on or make changes to this bug.