[LU-7003] append_context_for_mount() must quote the value of the context option Created: 13/Aug/15  Updated: 27/Jan/17  Resolved: 14/Mar/16

Status: Resolved
Project: Lustre
Component/s: None
Affects Version/s: Lustre 2.5.0, Lustre 2.7.0, Lustre 2.8.0
Fix Version/s: Lustre 2.9.0

Type: Bug Priority: Minor
Reporter: John Hammond Assignee: John Hammond
Resolution: Fixed Votes: 0
Labels: SELinux

Issue Links:
Related
Severity: 3
Rank (Obsolete): 9223372036854775807

 Description   

In append_context_for_mount() the SELinux context of the temporary directory is appended to the mount options by

strcat(mop->mo_ldd.ldd_mount_opts, ",context=");
strcat(mop->mo_ldd.ldd_mount_opts, fcontext);

This is incorrect since as mount.8 notes

Warning: the context value might contain commas, in which case the  value
has to be properly quoted, otherwise mount(8) will interpret the comma as
a separator between mount options.  Don't forget that  the  shell  strips
off quotes and thus double quoting is required.  For example:

    mount -t tmpfs none /mnt -o 'context="system_u:object_r:tmp_t:s0:c127,c456",noexec'

For more details, see selinux(8).


 Comments   
Comment by Joseph Gmitter (Inactive) [ 13/Aug/15 ]

John,
Assigning to you as I understand you are taking on this work.
Thanks.
Joe

Comment by Gerrit Updater [ 04/Feb/16 ]

Frederic Saunier (frederic.saunier@atos.net) uploaded a new patch: http://review.whamcloud.com/18294
Subject: LU-7003 utils: must quote the value of the context option
Project: fs/lustre-release
Branch: master
Current Patch Set: 1
Commit: 0d065c5be87fa4719f887fab6162739434d61887

Comment by Gerrit Updater [ 14/Mar/16 ]

Oleg Drokin (oleg.drokin@intel.com) merged in patch http://review.whamcloud.com/18294/
Subject: LU-7003 utils: must quote the value of the context option
Project: fs/lustre-release
Branch: master
Current Patch Set:
Commit: 33690b1276cf9730d680a789c7786f45e961fbf5

Generated at Sat Feb 10 02:05:09 UTC 2024 using Jira 9.4.14#940014-sha1:734e6822bbf0d45eff9af51f82432957f73aa32c.