ru.unix.bsd

 
 - RU.UNIX.BSD ------------------------------------------------------------------
 From : Dima Panov                           2:5020/400     08 Mar 2003  15:29:19
 To : Alexandr Kovalenko
 Subject : Ответ: noexec
 -------------------------------------------------------------------------------- 
 

 On Saturday March 8 2003 19:43, Alexandr Kovalenko wrote in article
 <b4cdt4$ihn$3@hyppo.gu.net>:
 
 > Denis Nikolayev <Denis.Nikolayev@p86.f3.n5043.z2.fidonet.org> wrote:
 >> Как заставить mount монтировать fat разделы, чтобы файлы не имели атрибyт
 >> +x ? noexec или noexecute в fstab не помогает :((
 >> FreeBSD 4.7
 > 
 > man mount_msdos ?
 
 Hе всё так просто. Штатный mount_msdos позволяет снят аррибут +x, но при этом
 он снимается и с каталогов, т.е. кроме рута никто доступ не получит.
 
 Есть патч, в GNATS висит уже года долтора-два. Hомер PR не помню.
 Сам патч в доработаном виде (подправлен для FreeBSD 4.7):
 ===
 - --- sbin/mount_msdos/mount_msdos.8    8 Dec 2000 14:03:59 -0000       1.19.2.1
 +++ sbin/mount_msdos/mount_msdos.8      19 Jan 2002 05:55:22 -0000
 @@ -42,6 +42,7 @@
  .Op Fl u Ar uid
  .Op Fl g Ar gid
  .Op Fl m Ar mask
 +.Op Fl M Ar mask
  .Op Fl s
  .Op Fl l
  .Op Fl 9
 @@ -105,11 +106,22 @@
  for more information about octal file modes.)
  Only the nine low-order bits of
  .Ar mask
 -are used.
 +are used. The value of
 +.Ar -M
 +is used if it is supplied and
 +.Ar -m
 +is omitted.
  The default
  .Ar mask
  is taken from the
  directory on which the file system is being mounted.
 +.It Fl M Ar mask
 +Specify the maximum file permissions for directories
 +in the file system. The value of
 +.Ar -m
 +is used if it is supplied and
 +.Ar -M
 +is omitted. See description of previous option for details.
  .It Fl s
  Force behaviour to
  ignore and not generate Win'95 long filenames.
 - --- sbin/mount_msdos/mount_msdos.c.orig Thu Jul 20 21:35:13 2000
 +++ sbin/mount_msdos/mount_msdos.c      Sun Nov  3 18:20:04 2002
 @@ -88,15 +88,15 @@
  {
         struct msdosfs_args args;
         struct stat sb;
 -       int c, error, mntflags, set_gid, set_uid, set_mask;
 +       int c, error, mntflags, set_gid, set_uid, set_mask, set_dirmask;
         char *dev, *dir, mntpath[MAXPATHLEN];
         struct vfsconf vfc;
  
 -       mntflags = set_gid = set_uid = set_mask = 0;
 +       mntflags = set_gid = set_uid = set_mask = set_dirmask = 0;
         (void)memset(&args, '\0', sizeof(args));
         args.magic = MSDOSFS_ARGSMAGIC;
  
 -       while ((c = getopt(argc, argv, "sl9u:g:m:o:L:W:")) != -1) {
 +       while ((c = getopt(argc, argv, "sl9u:g:m:M:o:L:W:")) != -1) {
                 switch (c) {
  #ifdef MSDOSFSMNT_GEMDOSFS
                 case 'G':
 @@ -124,6 +124,10 @@
                         args.mask = a_mask(optarg);
                         set_mask = 1;
                         break;
 +                case 'M':
 +                        args.dirmask = a_mask(optarg);
 +                        set_dirmask = 1;
 +                        break;
                 case 'L':
                         load_ultable(&args, optarg);
                         args.flags |= MSDOSFSMNT_ULTABLE;
 @@ -145,6 +149,15 @@
         if (optind + 2 != argc)
                 usage();
  
 +        if (set_mask && !set_dirmask) {
 +                args.dirmask = args.mask;
 +                set_dirmask = 1;
 +        }
 +        else if (set_dirmask && !set_mask) {
 +                args.mask = args.dirmask;
 +                set_mask = 1;
 +        }
 +       
         dev = argv[optind];
         dir = argv[optind + 1];
  
 @@ -170,7 +183,8 @@
                 if (!set_gid)
                         args.gid = sb.st_gid;
                 if (!set_mask)
 -                       args.mask = sb.st_mode & (S_IRWXU | S_IRWXG | S_IRWXO);
 +                        args.mask = args.dirmask =
 +                                sb.st_mode & (S_IRWXU | S_IRWXG | S_IRWXO);
         }
  
         error = getvfsbyname("msdos", &vfc);
 - --- sys/msdosfs/msdosfs_vfsops.c.orig   Sat Sep 14 03:59:11 2002
 +++ sys/msdosfs/msdosfs_vfsops.c        Sun Nov  3 18:09:10 2002
 @@ -113,6 +113,7 @@
         pmp->pm_gid = argp->gid;
         pmp->pm_uid = argp->uid;
         pmp->pm_mask = argp->mask & ALLPERMS;
 +        pmp->pm_dirmask = argp->dirmask & ALLPERMS;
         pmp->pm_flags |= argp->flags & MSDOSFSMNT_MNTOPT;
         if (pmp->pm_flags & MSDOSFSMNT_U2WTABLE) {
                 bcopy(argp->u2w, pmp->pm_u2w, sizeof(pmp->pm_u2w));
 @@ -184,7 +185,7 @@
         args.flags = 0;
         args.uid = 0;
         args.gid = 0;
 -       args.mask = 0777;
 +        args.mask = args.dirmask = 0777;
  
         if ((error = mountmsdosfs(rootvp, mp, p, &args)) != 0) {
                 free(mp, M_MOUNT);
 - --- sys/msdosfs/msdosfs_vnops.c.orig    Sun Apr 21 18:19:46 2002
 +++ sys/msdosfs/msdosfs_vnops.c Sun Nov  3 18:10:48 2002
 @@ -259,7 +259,7 @@
  
         file_mode = (S_IXUSR|S_IXGRP|S_IXOTH) | (S_IRUSR|S_IRGRP|S_IROTH) |
             ((dep->de_Attributes & ATTR_READONLY) ? 0 :
 (S_IWUSR|S_IWGRP|S_IWOTH));
 -       file_mode &= pmp->pm_mask;
 +        file_mode &= (vp->v_type == VDIR ? pmp->pm_dirmask : pmp->pm_mask);
  
         /*
          * Disallow write attempts on read-only file systems;
 @@ -358,7 +358,8 @@
                 mode = S_IRWXU|S_IRWXG|S_IRWXO;
         else
                 mode = S_IRUSR|S_IXUSR|S_IRGRP|S_IXGRP|S_IROTH|S_IXOTH;
 -       vap->va_mode = mode & pmp->pm_mask;
 +        vap->va_mode = mode &
 +                (ap->a_vp->v_type == VDIR ? pmp->pm_dirmask : pmp->pm_mask);
         vap->va_uid = pmp->pm_uid;
         vap->va_gid = pmp->pm_gid;
         vap->va_nlink = 1;
 - --- sys/msdosfs/msdosfsmount.h.orig     Fri Oct 27 20:45:07 2000
 +++ sys/msdosfs/msdosfsmount.h  Sun Nov  3 18:12:15 2002
 @@ -65,7 +65,10 @@
         dev_t pm_dev;           /* block special device mounted */
         uid_t pm_uid;           /* uid to set as owner of the files */
         gid_t pm_gid;           /* gid to set as owner of the files */
 -       mode_t pm_mask;         /* mask to and with file protection bits */
 +        mode_t pm_mask;         /* mask to and with file protection bits
 +                                   for files */
 +        mode_t pm_dirmask;      /* mask to and with file protection bits
 +                                   for directories */
         struct vnode *pm_devvp; /* vnode for block device mntd */
         struct bpb50 pm_bpb;    /* BIOS parameter blk for this fs */
         u_long pm_BlkPerSec;    /* How many DEV_BSIZE blocks fit inside a
 physical sector */
 @@ -211,7 +214,8 @@
         struct  export_args export;     /* network export information */
         uid_t   uid;            /* uid that owns msdosfs files */
         gid_t   gid;            /* gid that owns msdosfs files */
 -       mode_t  mask;           /* mask to be applied for msdosfs perms */
 +        mode_t  mask;           /* file mask to be applied for msdosfs perms */
 +        mode_t  dirmask;        /* dir  mask to be applied for msdosfs perms */
         int     flags;          /* see below */
         int magic;              /* version number */
         u_int16_t u2w[128];     /* Local->Unicode table */
 ===
 
 -- 
 //Dima
 --- ifmail v.2.15dev5
  * Origin: Twilight Zone (2:5020/400)
 
 

Вернуться к списку тем, сортированных по: возрастание даты  уменьшение даты  тема  автор 

Тема:    Автор:    Дата:    noexec   Denis Nikolayev   08 Mar 2003 15:16:58   Re: noexec   Alexandr Kovalenko   08 Mar 2003 13:43:26   Ответ: noexec   Dima Panov   08 Mar 2003 15:29:19   Ответ: noexec   eugeny chernetcki   09 Mar 2003 03:00:14   Re: Ответ: noexec   Eugene Grosbein   09 Mar 2003 12:46:34   noexec   Denis Nikolayev   09 Mar 2003 23:42:30   noexec   eugeny chernetcki   11 Mar 2003 02:35:38   noexec   Vladislav Zhuk   14 Mar 2003 14:16:34   Re: noexec   Sergey Kuprianov   14 Mar 2003 17:22:30   noexec   Vladislav Zhuk   14 Mar 2003 18:05:46   Re: noexec   Sergey Kuprianov   14 Mar 2003 20:53:12   noexec   Vladislav Zhuk   26 Mar 2003 11:46:02   Re: noexec   Roman V. Palagin   29 Mar 2003 01:07:25