diff --git a/ChangeLog b/ChangeLog index d20a97e..e653eb0 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,5 @@ +0.2.8+ + users can mount/umount tmpfs and ramfs if in allowed_types; updated conf 0.2.8 ssh:// support use cifs by default instead of smbfs diff --git a/etc/udevil.conf b/etc/udevil.conf index 43b8996..edc7794 100644 --- a/etc/udevil.conf +++ b/etc/udevil.conf @@ -41,7 +41,7 @@ log_keep_days = 10 # allowed_types_jim = vfat # Setting allowed_types = * does NOT allow all types, as this is a security # risk, but does allow all recognized types. -# allowed_types = $KNOWN_FILESYSTEMS, file, cifs, smbfs, nfs, curlftpfs, ftpfs, sshfs +# allowed_types = $KNOWN_FILESYSTEMS, file, cifs, smbfs, nfs, curlftpfs, ftpfs, sshfs, tmpfs, ramfs allowed_types = $KNOWN_FILESYSTEMS @@ -223,6 +223,8 @@ default_options_smbfs = nosuid, noexec, nodev, noatime, uid=$UID, gid=$GID, default_options_sshfs = nosuid, noexec, nodev, noatime, uid=$UID, gid=$GID, nonempty, allow_other default_options_curlftpfs = nosuid, noexec, nodev, noatime, uid=$UID, gid=$GID, nonempty, allow_other default_options_ftpfs = nosuid, noexec, nodev, noatime, uid=$UID, gid=$GID +default_options_tmpfs = nosuid, noexec, nodev, noatime, uid=$UID, gid=$GID +default_options_ramfs = nosuid, noexec, nodev, noatime, uid=$UID, gid=$GID # allowed_options determines all options that a user may specify when mounting. diff --git a/src/udevil.c b/src/udevil.c index 02bc4a1..39f0e43 100644 --- a/src/udevil.c +++ b/src/udevil.c @@ -2516,6 +2516,9 @@ _get_type: { if ( data->cmd_type == CMD_UNMOUNT ) type = MOUNT_MISSING; + else if ( !g_strcmp0( data->device_file, "tmpfs" ) || + !g_strcmp0( data->device_file, "ramfs" ) ) + type = MOUNT_FILE; else { str = g_strdup_printf( "udevil: error: cannot stat %s: %s\n", @@ -2640,7 +2643,7 @@ _get_type: data->device_file = NULL; if ( path_is_mounted_block( data->point, &data->device_file ) && data->device_file && data->device_file[0] != '\0' ) - type = MOUNT_BLOCK; + type = MOUNT_BLOCK; else { g_free( data->device_file ); @@ -2653,7 +2656,9 @@ _get_type: && data->device_file && data->device_file[0] != '\0' && !g_file_test( data->device_file, G_FILE_TEST_IS_DIR ) ) { - goto _get_type; + if ( g_strcmp0( data->device_file, "tmpfs" ) && + g_strcmp0( data->device_file, "ramfs" ) ) + goto _get_type; } else { @@ -2728,19 +2733,25 @@ _get_type: } else if ( type == MOUNT_FILE ) { - if ( stat64( data->device_file, &statbuf ) != 0 ) - { - str = g_strdup_printf( "udevil: error: cannot stat %s: %s\n", - data->device_file, g_strerror( errno ) ); - wlog( str, NULL, 2 ); - g_free( str ); - ret = 1; - goto _finish; - } - if ( data->fstype && data->fstype[0] != '\0' ) - fstype = g_strdup( data->fstype ); + if ( !g_strcmp0( data->device_file, "tmpfs" ) || + !g_strcmp0( data->device_file, "ramfs" ) ) + fstype = g_strdup( data->device_file ); else - fstype = g_strdup( "file" ); + { + if ( stat64( data->device_file, &statbuf ) != 0 ) + { + str = g_strdup_printf( "udevil: error: cannot stat %s: %s\n", + data->device_file, g_strerror( errno ) ); + wlog( str, NULL, 2 ); + g_free( str ); + ret = 1; + goto _finish; + } + if ( data->fstype && data->fstype[0] != '\0' ) + fstype = g_strdup( data->fstype ); + else + fstype = g_strdup( "file" ); + } } else if ( type == MOUNT_MISSING ) { @@ -3110,7 +3121,9 @@ _get_type: ret = 2; goto _finish; } - if ( g_access( data->device_file, R_OK ) != 0 ) + if ( g_strcmp0( data->device_file, "tmpfs" ) && + g_strcmp0( data->device_file, "ramfs" ) && + g_access( data->device_file, R_OK ) != 0 ) { wlog( "udevil: denied: you don't have read permission for file '%s'\n", data->device_file, 2 );