The function mkostemp() does not have to be available everywhere,
and for this reason, we have mkstemp_cloexec() as a fallback solution.
Unfortunately, some codes (usually fuzzy tests) do not use the
fallback. Let's fix it.
Signed-off-by: Karel Zak <kzak@redhat.com>
Small timing changes in the kernel loop device handling broke the
following loop:
while :; do mount -o loop,ro isofs.iso isofs/; umount isofs/; done
which quickly reports:
mount: /mnt: can't read superblock on /dev/loop0.
umount: /mnt: not mounted.
And this loop is broken because of a subtle interaction with
systemd-udevd that also opens the loop device. The race seems to be in
mount(8) handling itself and the altered kernel timing makes it happen.
It look like:
bash systemd-udevd
mount -o loop,ro isofs.iso isofs/
/dev/loop0 is created and bound to isofs.iso, autoclear is set for
loop0
opens /dev/loop0
umount isofs/
loop0 still lives because systemd-udev still has device open
mount -o loop,ro isofs.iso isofs/
gets to mnt_context_setup_loopdev()
loopcxt_find_overlap()
sees loop0 is still valid and with proper parameters
reuse = true;
close /dev/loop0
last fd closed => loop0 is
cleaned up
loopcxt_get_fd()
opens loop0 but it is no longer the device we wanted!
calls mount(2) which fails because we cannot read from the loop device
Fix the problem by rechecking that loop device is still attached after
opening the device. This makes sure the kernel will not autoclear the
device anymore.
Signed-off-by: Jan Kara <jack@suse.cz>
The "(deleted)" suffix has been originally used by kernel for deleted
mountpoints. Since kernel commit 9d4d65748a5ca26ea8650e50ba521295549bf4e3
(Dec 2014) kernel does not use this suffix for mount stuff in /proc at
all. Let's remove this support from libmount too.
Signed-off-by: Karel Zak <kzak@redhat.com>
Now 'mount --all' ends with error if /proc is not mounted and there is
some other entry before /proc in fstab. This commit improves this
situation and ignores all mount table related errors if the table is
empty.
This is important for situation when there is for example "/" as the
first line in fstab.
Addresses: https://github.com/util-linux/util-linux/issues/1492
Signed-off-by: Karel Zak <kzak@redhat.com>
We do not need to create a new mount node from /run/mount/tmptgt
(where we mount filesystem root), because /run is already mount
node in all mainstream distros, and we can use MS_PRIVATE for
this top-level directory. There is still fallback if /run is
on root filesystem.
This solution reduces number of mount operations, with the patch the
subdir implementation is:
* open current namespace from /proc/self/ns/mnt
* mkdir /run/mount/tmptg (if it does not exist)
* make /run private by mount(MS_PRIVATE)
* mount filesystem to /run/mount/tmptg
* bind mount /run/mount/tmptg/<subdir> to <target>
* umount /run/mount/tmptg
* setns() to the original namespace
Signed-off-by: Karel Zak <kzak@redhat.com>
The unshared namespace is per-process, so we can use the same
directory in all mount(8) instances. It's unnecessary to create
and remove process specific directory.
Signed-off-by: Karel Zak <kzak@redhat.com>
Like btrfs subvol=, but more generic and for all filesystems. This
feature is marked as EXPERIMENTAL (may be removed).
# mount /dev/sdc /mnt/test -o X-mount.subdir=AAA
# findmnt /dev/sdc
TARGET SOURCE FSTYPE OPTIONS
/mnt/test /dev/sdc[/AAA] ext4 rw,relatime,stripe=512
Implemented as:
* open current namespace from /proc/self/ns/mnt
* mkdir /tmp/mount/mount.<pid>
* unshare mount namespace
* create mount node from /tmp/mount/mount.<pid> by mount(MS_BIND)
* mark /tmp/mount/mount.<pid> private by mount(MS_PRIVATE|MS_REC)
* bind mount /tmp/mount/mount.<pid>/subdir to <target>
* umount /tmp/mount/mount.<pid>
* rmdir /tmp/mount/mount.<pid>
* setns() to the original namespace
Note that /tmp/mount/mount.<pid> conversion to mount node and call for
MS_PRIVATE are visible (propagated to the system) if /tmp is a shared
filesystem, the rest (all operations with the desired filesystem) is
atomic for a parental namespace.
Maybe one day it will be possible to reimplement it in more
elegant way with new mount kernel APIs (open_tree(), etc.).
Fixes: https://github.com/karelzak/util-linux/issues/1103
Signed-off-by: Karel Zak <kzak@redhat.com>
Parsing of verity.roothashsig did not take into consideration that other options
might follow, and used the whole string as a file path. But mnt_optstr_get_option
just returns a pointer in the mount option string, it doesn't extract it, so it
would have other subsequent options too. The length parameter has to be used.
Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
Add verity.oncorruption= to let users override the default kernel
behaviour, using libcrypsetup's relevant flags.
Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
dlopen is treated as a dependency, but that's not quite right, it
should be an alternative way to link to libcryptsetup.
Search for it only if cryptsetup is not disabled, and if the cryptsetup-dlopen
is explicitly set to enabled. If it is, do not link to libcryptsetup.
Add cryptsetup support status to the meson summary.
Unfortunately libtools is not smart enough to link libblkid
dynamically if we link in-tree static libmount.a for libmount tests.
In this case libtools always uses also libblkid.a, but it's problem
for libcryptsetup which requires versioned symbols from libblkid.so
This is no problem for normal binaries, but for libmount tests only
(where we need static library to by-pass public library API).
Signed-off-by: Karel Zak <kzak@redhat.com>
The whole thing is complicated by the fact that we have two layers
of libraries: e.g. libmount also needs libblkid. If we just tell meson
to make libmount static, this is not enough, because we also need it
to link to a static libblkid. Hence in the case of libs that link to
other libs internally, we need to create a different object with a
a different set of link_with items.
To avoid building the libraries twice, libfdisk and libmount are first
built into an internal "convenience" library, which is then linked into
the static and shared versions as appropriate.
To build: meson build && ninja -C build
To run tests: ninja -C build check
To install for packaging: DESTDIR=/var/tmp/inst ninja -C build install
To install for realz: sudo ninja -C build install
v2:
- Optional items are now based on the 'feature' feature in meson.
Built libraries which are disabled turn into disabler() objects
and also poison any executables which link to them.
What is there:
- building of the binaries and libs and the python module
- installation of binaries, libs, python module, localization files,
man pages, pkgconfig files
- running of tests
- most options to configure build equivalently to the
./configure settings
Partially implemented:
- disabling of stuff when things missing. In the C code, the defines
are all used, so that should be fine. In the build system, some
files should be skipped, but that is probably not always done properly.
Getting this right might require some testing of various build option
combinations to get the details right.
Not implemented:
- static builds of fdisk and other binaries
- things marked with XXX or FIXME
- ???
Differences:
- .la files are not created. They are useless and everybody hates them.
- Requires.private in pkgconfig files are not present in the
autogenerated .pc file. Not sure if they should be there or not. If
necessary, they can be added by hand.
- man pages and systemd units are installed by the install target. Not
sure why 'make install' doesn't do that.
- the split between / and /usr is probably wrong. But it's all pointless
anyway, so maybe we could simplify things but not implementing it at
all under meson?
Karel Zak