create /run/media/$USER on demand; add configure --with-setfacl-prog
This commit is contained in:
IgnorantGuru
parent
eceef6002d
commit
438b05c3e0
|
|
@ -1,3 +1,6 @@
|
|||
0.2.3 2012-05-27:
|
||||
create /run/media/$USER on demand; add configure --with-setfacl-prog
|
||||
corrected Arch Linux udevil-git AUR package overwriting udevil.conf
|
||||
0.2.2 2012-05-26:
|
||||
build with large file support for stat64 files >2GB on 32 bit fixes #1
|
||||
accept relative arguments on command line
|
||||
|
|
|
|||
2
README
2
README
|
|
@ -1,4 +1,4 @@
|
|||
README for udevil v0.2.2 ALPHA TEST VERSION
|
||||
README for udevil v0.2.3 ALPHA TEST VERSION
|
||||
|
||||
|
||||
THIS RELEASE IS FOR INITIAL TESTING PURPOSES ONLY - USE AT YOUR OWN RISK.
|
||||
|
|
|
|||
|
|
@ -82,6 +82,9 @@
|
|||
/* Define to the version of this package. */
|
||||
#undef PACKAGE_VERSION
|
||||
|
||||
/* path to setfacl */
|
||||
#undef SETFACLPROG
|
||||
|
||||
/* Define to 1 if you have the ANSI C header files. */
|
||||
#undef STDC_HEADERS
|
||||
|
||||
|
|
|
|||
46
configure
vendored
46
configure
vendored
|
|
@ -798,6 +798,7 @@ enable_libtool_lock
|
|||
with_mount_prog
|
||||
with_umount_prog
|
||||
with_losetup_prog
|
||||
with_setfacl_prog
|
||||
'
|
||||
ac_precious_vars='build_alias
|
||||
host_alias
|
||||
|
|
@ -1456,6 +1457,8 @@ Optional Packages:
|
|||
--with-umount-prog=PATH Path to umount program (default: /bin/umount)
|
||||
--with-losetup-prog=PATH
|
||||
Path to losetup program (default: /sbin/losetup)
|
||||
--with-setfacl-prog=PATH
|
||||
Path to setfacl program (default: /usr/bin/setfacl)
|
||||
|
||||
Some influential environment variables:
|
||||
CC C compiler command
|
||||
|
|
@ -2727,7 +2730,7 @@ fi
|
|||
|
||||
# Define the identity of the package.
|
||||
PACKAGE=udevil
|
||||
VERSION=0.2.2
|
||||
VERSION=0.2.3
|
||||
|
||||
|
||||
cat >>confdefs.h <<_ACEOF
|
||||
|
|
@ -12071,6 +12074,7 @@ _ACEOF
|
|||
|
||||
fi
|
||||
|
||||
mountprog="$withval"
|
||||
|
||||
# Check whether --with-umount-prog was given.
|
||||
if test "${with_umount_prog+set}" = set; then :
|
||||
|
|
@ -12087,6 +12091,7 @@ _ACEOF
|
|||
|
||||
fi
|
||||
|
||||
umountprog="$withval"
|
||||
|
||||
# Check whether --with-losetup-prog was given.
|
||||
if test "${with_losetup_prog+set}" = set; then :
|
||||
|
|
@ -12103,6 +12108,24 @@ _ACEOF
|
|||
|
||||
fi
|
||||
|
||||
losetupprog="$withval"
|
||||
|
||||
# Check whether --with-setfacl-prog was given.
|
||||
if test "${with_setfacl_prog+set}" = set; then :
|
||||
withval=$with_setfacl_prog;
|
||||
cat >>confdefs.h <<_ACEOF
|
||||
#define SETFACLPROG "$withval"
|
||||
_ACEOF
|
||||
|
||||
else
|
||||
|
||||
cat >>confdefs.h <<_ACEOF
|
||||
#define SETFACLPROG "/usr/bin/setfacl"
|
||||
_ACEOF
|
||||
|
||||
fi
|
||||
|
||||
setfaclprog="$withval"
|
||||
|
||||
|
||||
# check for libs gobject-2.0 gmodule-2.0 gthread-2.0
|
||||
|
|
@ -15557,11 +15580,30 @@ echo
|
|||
echo udevil....................................... : Version $VERSION ALPHA TEST
|
||||
echo
|
||||
echo Linux device support......................... : libudev
|
||||
if test x"$mountprog" != x""; then
|
||||
echo mount program................................ : $mountprog
|
||||
else
|
||||
echo mount program................................ : /bin/mount
|
||||
fi
|
||||
if test x"$umountprog" != x""; then
|
||||
echo umount program............................... : $umountprog
|
||||
else
|
||||
echo umount program............................... : /bin/umount
|
||||
fi
|
||||
if test x"$losetupprog" != x""; then
|
||||
echo losetup program.............................. : $losetupprog
|
||||
else
|
||||
echo losetup program.............................. : /sbin/losetup
|
||||
fi
|
||||
if test x"$setfaclprog" != x""; then
|
||||
echo setfacl program.............................. : $setfaclprog
|
||||
else
|
||||
echo setfacl program.............................. : /usr/bin/setfacl
|
||||
fi
|
||||
echo
|
||||
echo Installation Prefix.......................... : $prefix
|
||||
echo " The binary will be installed as $prefix/bin/udevil"
|
||||
echo
|
||||
echo 'Homepage: http://ignorantguru.github.com/udevil/'
|
||||
echo
|
||||
echo
|
||||
|
||||
|
|
|
|||
31
configure.ac
31
configure.ac
|
|
@ -3,7 +3,7 @@ AC_PREREQ(2.52)
|
|||
AC_INIT(src/udevil.c)
|
||||
AM_CONFIG_HEADER(config.h)
|
||||
AC_CONFIG_SRCDIR(src)
|
||||
AM_INIT_AUTOMAKE(udevil, 0.2.2)
|
||||
AM_INIT_AUTOMAKE(udevil, 0.2.3)
|
||||
|
||||
AC_PROG_INTLTOOL([0.21])
|
||||
|
||||
|
|
@ -57,14 +57,22 @@ AC_ARG_WITH(mount-prog,
|
|||
AC_HELP_STRING([--with-mount-prog=PATH], [Path to mount program (default: /bin/mount)]),
|
||||
AC_DEFINE_UNQUOTED(MOUNTPROG, "$withval", [path to mount]),
|
||||
AC_DEFINE_UNQUOTED(MOUNTPROG, "/bin/mount", [path to mount]))
|
||||
mountprog="$withval"
|
||||
AC_ARG_WITH(umount-prog,
|
||||
AC_HELP_STRING([--with-umount-prog=PATH], [Path to umount program (default: /bin/umount)]),
|
||||
AC_DEFINE_UNQUOTED(UMOUNTPROG, "$withval", [path to umount]),
|
||||
AC_DEFINE_UNQUOTED(UMOUNTPROG, "/bin/umount", [path to umount]))
|
||||
umountprog="$withval"
|
||||
AC_ARG_WITH(losetup-prog,
|
||||
AC_HELP_STRING([--with-losetup-prog=PATH], [Path to losetup program (default: /sbin/losetup)]),
|
||||
AC_DEFINE_UNQUOTED(LOSETUPPROG, "$withval", [path to losetup]),
|
||||
AC_DEFINE_UNQUOTED(LOSETUPPROG, "/sbin/losetup", [path to losetup]))
|
||||
losetupprog="$withval"
|
||||
AC_ARG_WITH(setfacl-prog,
|
||||
AC_HELP_STRING([--with-setfacl-prog=PATH], [Path to setfacl program (default: /usr/bin/setfacl)]),
|
||||
AC_DEFINE_UNQUOTED(SETFACLPROG, "$withval", [path to setfacl]),
|
||||
AC_DEFINE_UNQUOTED(SETFACLPROG, "/usr/bin/setfacl", [path to setfacl]))
|
||||
setfaclprog="$withval"
|
||||
|
||||
|
||||
# check for libs gobject-2.0 gmodule-2.0 gthread-2.0
|
||||
|
|
@ -123,11 +131,30 @@ echo
|
|||
echo udevil....................................... : Version $VERSION ALPHA TEST
|
||||
echo
|
||||
echo Linux device support......................... : libudev
|
||||
if test x"$mountprog" != x""; then
|
||||
echo mount program................................ : $mountprog
|
||||
else
|
||||
echo mount program................................ : /bin/mount
|
||||
fi
|
||||
if test x"$umountprog" != x""; then
|
||||
echo umount program............................... : $umountprog
|
||||
else
|
||||
echo umount program............................... : /bin/umount
|
||||
fi
|
||||
if test x"$losetupprog" != x""; then
|
||||
echo losetup program.............................. : $losetupprog
|
||||
else
|
||||
echo losetup program.............................. : /sbin/losetup
|
||||
fi
|
||||
if test x"$setfaclprog" != x""; then
|
||||
echo setfacl program.............................. : $setfaclprog
|
||||
else
|
||||
echo setfacl program.............................. : /usr/bin/setfacl
|
||||
fi
|
||||
echo
|
||||
echo Installation Prefix.......................... : $prefix
|
||||
echo " The binary will be installed as $prefix/bin/udevil"
|
||||
echo
|
||||
echo 'Homepage: http://ignorantguru.github.com/udevil/'
|
||||
echo
|
||||
echo
|
||||
|
||||
|
|
|
|||
4
debian/changelog
vendored
4
debian/changelog
vendored
|
|
@ -1,5 +1,5 @@
|
|||
udevil (0.2.2-1) unstable; urgency=low
|
||||
udevil (0.2.2+-1) unstable; urgency=low
|
||||
|
||||
* release
|
||||
|
||||
-- IgnorantGuru <ignorantguru@gmx.com> Sat, 26 May 2012 16:58:56 +0000
|
||||
-- IgnorantGuru <ignorantguru@gmx.com> Sun, 27 May 2012 15:27:41 +0000
|
||||
|
|
|
|||
|
|
@ -95,6 +95,9 @@ allowed_groups = *
|
|||
# nfs and ftpfs mounts, use these two lines:
|
||||
# allowed_media_dirs_nfs = /media/network, /media, /run/media/$USER
|
||||
# allowed_media_dirs_ftpfs = /media/network, /media, /run/media/$USER
|
||||
# NOTE: If you want only the user who mounted a device to have access to it
|
||||
# and be allowed to unmount it, specify /run/media/$USER as the first
|
||||
# allowed media directory.
|
||||
# IMPORTANT: If an allowed file is mounted to a media directory, the user may
|
||||
# be permitted to unmount its associated loop device even though internal.
|
||||
# INCLUDING /MNT HERE IS NOT RECOMMENDED. ALL ALLOWED MEDIA DIRECTORIES
|
||||
|
|
@ -257,6 +260,7 @@ mount_point_mode_ftpfs =
|
|||
# mount_program = /bin/mount
|
||||
# umount_program = /bin/umount
|
||||
# losetup_program = /sbin/losetup
|
||||
# setfacl_program = /usr/bin/setfacl
|
||||
|
||||
|
||||
# validate_exec specifies a program or script which provides additional
|
||||
|
|
|
|||
|
|
@ -19,7 +19,7 @@
|
|||
|
||||
GETTEXT_PACKAGE = udevil
|
||||
PACKAGE = udevil
|
||||
VERSION = 0.2.2
|
||||
VERSION = 0.2.3
|
||||
|
||||
SHELL = /bin/bash
|
||||
|
||||
|
|
|
|||
81
src/udevil.c
81
src/udevil.c
|
|
@ -1981,6 +1981,55 @@ static gboolean valid_mount_path( const char* path, char** errmsg )
|
|||
return !msg;
|
||||
}
|
||||
|
||||
static gboolean create_run_media()
|
||||
{
|
||||
char* str;
|
||||
gboolean ret = FALSE;
|
||||
|
||||
// create /run/media/$USER
|
||||
char* run_media = g_build_filename( "/run/media", g_get_user_name(), NULL );
|
||||
restore_privileges();
|
||||
wlog( "udevil: mkdir %s\n", run_media, 0 );
|
||||
mkdir( "/run/media", S_IRWXU | S_IRGRP | S_IXGRP | S_IROTH | S_IXOTH );
|
||||
chown( "/run/media", 0, 0 );
|
||||
mkdir( run_media, S_IRWXU );
|
||||
chown( run_media, 0, 0 );
|
||||
// set acl /usr/bin/setfacl -m u:$USER:rx /run/media/$USER
|
||||
gchar *argv[5] = { NULL };
|
||||
int a = 0;
|
||||
argv[a++] = g_strdup( read_config( "setfacl_program", NULL ) );
|
||||
argv[a++] = g_strdup( "-m" );
|
||||
argv[a++] = g_strdup_printf( "u:%s:rx", g_get_user_name() );
|
||||
argv[a++] = g_strdup( run_media );
|
||||
str = g_strdup_printf( "udevil: %s -m u:%s:rx %s\n",
|
||||
read_config( "setfacl_program", NULL ),
|
||||
g_get_user_name(), run_media );
|
||||
wlog( str, NULL, 0 );
|
||||
g_free( str );
|
||||
if ( !g_spawn_sync( NULL, argv, NULL,
|
||||
0, //G_SPAWN_STDERR_TO_DEV_NULL,
|
||||
NULL, NULL, NULL, NULL, NULL, NULL ) )
|
||||
wlog( "udevil: warning: unable to run setfacl (%s)\n",
|
||||
read_config( "setfacl_program", NULL ), 1 );
|
||||
drop_privileges( 0 );
|
||||
// test
|
||||
if ( g_file_test( run_media, G_FILE_TEST_IS_DIR ) &&
|
||||
g_access( run_media, R_OK | X_OK ) != 0 )
|
||||
{
|
||||
// setfacl apparently failed so fallback to normal permissions
|
||||
wlog( "udevil: warning: setfacl on %s failed, falling back to 'rwxr-xr-x'\n",
|
||||
run_media, 1 );
|
||||
restore_privileges();
|
||||
chmod( run_media, S_IRWXU | S_IRGRP | S_IXGRP | S_IROTH | S_IXOTH );
|
||||
drop_privileges( 0 );
|
||||
}
|
||||
if ( g_file_test( run_media, G_FILE_TEST_IS_DIR ) &&
|
||||
g_access( run_media, R_OK | X_OK ) == 0 )
|
||||
ret = TRUE;
|
||||
g_free( run_media );
|
||||
return ret;
|
||||
}
|
||||
|
||||
static char* get_default_mount_dir( const char* type )
|
||||
{
|
||||
char* list = NULL;
|
||||
|
|
@ -1992,6 +2041,7 @@ static char* get_default_mount_dir( const char* type )
|
|||
if ( !( list = read_config( "allowed_media_dirs", type ) ) )
|
||||
return NULL;
|
||||
|
||||
char* run_media = g_build_filename( "/run/media", g_get_user_name(), NULL );
|
||||
while ( list && list[0] )
|
||||
{
|
||||
if ( comma = strchr( list, ',' ) )
|
||||
|
|
@ -2010,14 +2060,25 @@ static char* get_default_mount_dir( const char* type )
|
|||
if ( selement[0] != '/' )
|
||||
continue;
|
||||
if ( !strchr( selement, '*' ) && !strchr( selement, '?' ) &&
|
||||
g_file_test( selement, G_FILE_TEST_IS_DIR ) )
|
||||
g_file_test( selement, G_FILE_TEST_IS_DIR ) &&
|
||||
g_access( selement, R_OK | X_OK ) == 0 )
|
||||
{
|
||||
str = g_strdup( selement );
|
||||
g_free( element );
|
||||
g_free( run_media );
|
||||
return str;
|
||||
}
|
||||
else if ( !g_strcmp0( selement, run_media ) )
|
||||
{
|
||||
if ( create_run_media() )
|
||||
{
|
||||
g_free( element );
|
||||
return run_media;
|
||||
}
|
||||
}
|
||||
g_free( element );
|
||||
}
|
||||
g_free( run_media );
|
||||
return NULL;
|
||||
}
|
||||
|
||||
|
|
@ -2695,8 +2756,18 @@ _get_type:
|
|||
ret = 1;
|
||||
goto _finish;
|
||||
}
|
||||
// canonicalize parent
|
||||
// get parent dir
|
||||
parent_dir = g_path_get_dirname( data->point );
|
||||
// create parent dir /run/media/$USER ?
|
||||
char* run_media = g_build_filename( "/run/media", g_get_user_name(), NULL );
|
||||
if ( !g_strcmp0( parent_dir, run_media ) &&
|
||||
validate_in_list( "allowed_media_dirs", fstype, parent_dir ) &&
|
||||
!g_file_test( parent_dir, G_FILE_TEST_EXISTS ) )
|
||||
{
|
||||
create_run_media();
|
||||
}
|
||||
g_free( run_media );
|
||||
// canonicalize parent
|
||||
if ( !get_realpath( &parent_dir ) )
|
||||
{
|
||||
wlog( "udevil: error: cannot canonicalize mount point path\n", NULL, 2 );
|
||||
|
|
@ -3272,7 +3343,7 @@ _get_type:
|
|||
char* mount_dir = get_default_mount_dir( fstype );
|
||||
if ( !mount_dir )
|
||||
{
|
||||
wlog( "udevil: error: no existing directory in allowed_media_dirs\n",
|
||||
wlog( "udevil: error: no valid existing directory in allowed_media_dirs\n",
|
||||
NULL, 2 );
|
||||
ret = 1;
|
||||
goto _finish;
|
||||
|
|
@ -3847,6 +3918,10 @@ printf("\n-----------------------\n");
|
|||
if ( !str )
|
||||
config = g_list_prepend( config, g_strdup_printf( "umount_program=%s",
|
||||
UMOUNTPROG ) );
|
||||
str = read_config( "setfacl_program", NULL );
|
||||
if ( !str )
|
||||
config = g_list_prepend( config, g_strdup_printf( "setfacl_program=%s",
|
||||
SETFACLPROG ) );
|
||||
str = read_config( "losetup_program", NULL );
|
||||
if ( !str )
|
||||
{
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user