Skip to content

Commit

Permalink
Only set allow_other when running as root
Browse files Browse the repository at this point in the history
  • Loading branch information
trapexit committed Oct 29, 2023
1 parent 7890a49 commit d6a2f06
Show file tree
Hide file tree
Showing 3 changed files with 24 additions and 14 deletions.
21 changes: 11 additions & 10 deletions libfuse/lib/mount_generic.c
Original file line number Diff line number Diff line change
Expand Up @@ -61,6 +61,7 @@ enum {
};

struct mount_opts {
int allow_other;
int ishelp;
int flags;
int auto_unmount;
Expand All @@ -76,13 +77,15 @@ struct mount_opts {
#define FUSE_MOUNT_OPT(t, p) { t, offsetof(struct mount_opts, p), 1 }

static const struct fuse_opt fuse_mount_opts[] = {
FUSE_MOUNT_OPT("allow_other", allow_other),
FUSE_MOUNT_OPT("blkdev", blkdev),
FUSE_MOUNT_OPT("auto_unmount", auto_unmount),
FUSE_MOUNT_OPT("auto_unmount", auto_unmount),
FUSE_MOUNT_OPT("fsname=%s", fsname),
FUSE_MOUNT_OPT("subtype=%s", subtype),
FUSE_OPT_KEY("allow_other", KEY_KERN_OPT),
FUSE_OPT_KEY("auto_unmount", KEY_FUSERMOUNT_OPT),
FUSE_OPT_KEY("blkdev", KEY_FUSERMOUNT_OPT),
FUSE_OPT_KEY("fsname=", KEY_FUSERMOUNT_OPT),
FUSE_OPT_KEY("blkdev", KEY_FUSERMOUNT_OPT),
FUSE_OPT_KEY("fsname=", KEY_FUSERMOUNT_OPT),
FUSE_OPT_KEY("subtype=", KEY_SUBTYPE_OPT),
FUSE_OPT_KEY("large_read", KEY_KERN_OPT),
FUSE_OPT_KEY("blksize=", KEY_KERN_OPT),
Expand All @@ -98,18 +101,18 @@ static const struct fuse_opt fuse_mount_opts[] = {
FUSE_OPT_KEY("ro", KEY_KERN_FLAG),
FUSE_OPT_KEY("rw", KEY_KERN_FLAG),
FUSE_OPT_KEY("suid", KEY_KERN_FLAG),
FUSE_OPT_KEY("nosuid", KEY_KERN_FLAG),
FUSE_OPT_KEY("nosuid", KEY_KERN_FLAG),
FUSE_OPT_KEY("dev", KEY_KERN_FLAG),
FUSE_OPT_KEY("nodev", KEY_KERN_FLAG),
FUSE_OPT_KEY("exec", KEY_KERN_FLAG),
FUSE_OPT_KEY("noexec", KEY_KERN_FLAG),
FUSE_OPT_KEY("noexec", KEY_KERN_FLAG),
FUSE_OPT_KEY("async", KEY_KERN_FLAG),
FUSE_OPT_KEY("sync", KEY_KERN_FLAG),
FUSE_OPT_KEY("dirsync", KEY_KERN_FLAG),
FUSE_OPT_KEY("dirsync", KEY_KERN_FLAG),
FUSE_OPT_KEY("atime", KEY_KERN_FLAG),
FUSE_OPT_KEY("noatime", KEY_KERN_FLAG),
FUSE_OPT_KEY("noatime", KEY_KERN_FLAG),
FUSE_OPT_KEY("-h", KEY_HELP),
FUSE_OPT_KEY("--help", KEY_HELP),
FUSE_OPT_KEY("--help", KEY_HELP),
FUSE_OPT_KEY("-V", KEY_VERSION),
FUSE_OPT_KEY("--version", KEY_VERSION),
FUSE_OPT_END
Expand Down Expand Up @@ -549,8 +552,6 @@ int fuse_kern_mount(const char *mountpoint, struct fuse_args *args)
fuse_opt_parse(args, &mo, fuse_mount_opts, fuse_mount_opt_proc) == -1)
return -1;

fuse_opt_add_opt(&mo.kernel_opts,"allow_other");

res = 0;
if (mo.ishelp)
goto out;
Expand Down
11 changes: 8 additions & 3 deletions src/mergerfs.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -249,6 +249,7 @@ namespace l
main(const int argc_,
char **argv_)
{
int rv;
Config::Read cfg;
Config::ErrVec errs;
fuse_args args;
Expand Down Expand Up @@ -283,9 +284,13 @@ namespace l

procfs::init();

return fuse_main(args.argc,
args.argv,
&ops);
rv = fuse_main(args.argc,
args.argv,
&ops);

syslog_info("exiting main loop with return code %d",rv);

return rv;
}
}

Expand Down
6 changes: 5 additions & 1 deletion src/option_parser.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,7 @@
#include "num.hpp"
#include "policy.hpp"
#include "str.hpp"
#include "syslog.hpp"
#include "version.hpp"

#include "fuse.h"
Expand Down Expand Up @@ -116,6 +117,10 @@ void
set_default_options(fuse_args *args_)
{
set_option("default_permissions",args_);
if(geteuid() == 0)
set_option("allow_other",args_);
else
syslog_notice("not auto setting allow_other since not running as root");
}

static
Expand All @@ -124,7 +129,6 @@ should_ignore(const std::string &key_)
{
static const std::set<std::string> IGNORED_KEYS =
{
"allow_other",
"atomic_o_trunc",
"big_writes",
"cache.open",
Expand Down

0 comments on commit d6a2f06

Please sign in to comment.