| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Comparisson of different signedness can result in unexpected results due
to implicit conversions.
../network.c:81:34: warning: comparison of integer expressions of different signedness: ‘__u32’ {aka ‘unsigned int’} and ‘int’ [-Wsign-compare]
81 | if (rheader->nlmsg_seq != seq_nr)
| ^~
../network.c:83:34: warning: comparison of integer expressions of different signedness: ‘__u32’ {aka ‘unsigned int’} and ‘__pid_t’ {aka ‘int’} [-Wsign-compare]
83 | if (rheader->nlmsg_pid != getpid ())
| ^~
../bind-mount.c:268:17: warning: comparison of integer expressions of different signedness: ‘int’ and ‘unsigned int’ [-Wsign-compare]
268 | assert (i < n_lines);
| ^
../bind-mount.c:309:13: warning: comparison of integer expressions of different signedness: ‘int’ and ‘unsigned int’ [-Wsign-compare]
309 | assert (i == n_lines);
| ^~
../bind-mount.c:318:17: warning: comparison of integer expressions of different signedness: ‘int’ and ‘unsigned int’ [-Wsign-compare]
318 | for (i = 0; i < n_lines; i++)
| ^
../bind-mount.c:321:17: warning: comparison of integer expressions of different signedness: ‘int’ and ‘unsigned int’ [-Wsign-compare]
321 | for (i = 0; i < n_lines; i++)
| ^
../utils.c:818:19: warning: comparison of integer expressions of different signedness: ‘size_t’ {aka ‘long unsigned int’} and ‘ssize_t’ {aka ‘long int’} [-Wsign-compare]
818 | while (size - 2 < n);
| ^
../bubblewrap.c:489:13: warning: comparison of integer expressions of different signedness: ‘int’ and ‘long unsigned int’ [-Wsign-compare]
489 | assert (j < sizeof(dont_close)/sizeof(*dont_close));
| ^
../bubblewrap.c:994:25: warning: comparison of integer expressions of different signedness: ‘int’ and ‘uid_t’ {aka ‘unsigned int’} [-Wsign-compare]
994 | if (setfsuid (-1) != real_uid)
| ^~
../bubblewrap.c:1042:61: warning: comparison of integer expressions of different signedness: ‘ssize_t’ {aka ‘long int’} and ‘size_t’ {aka ‘long unsigned int’} [-Wsign-compare]
1042 | if (write (privileged_op_socket, buffer, buffer_size) != buffer_size)
| ^~
../bubblewrap.c:1232:25: warning: comparison of integer expressions of different signedness: ‘int’ and ‘long unsigned int’ [-Wsign-compare]
1232 | for (i = 0; i < N_ELEMENTS (cover_proc_dirs); i++)
| ^
../bubblewrap.c:1260:25: warning: comparison of integer expressions of different signedness: ‘int’ and ‘long unsigned int’ [-Wsign-compare]
1260 | for (i = 0; i < N_ELEMENTS (devnodes); i++)
| ^
../bubblewrap.c:1272:25: warning: comparison of integer expressions of different signedness: ‘int’ and ‘long unsigned int’ [-Wsign-compare]
1272 | for (i = 0; i < N_ELEMENTS (stdionodes); i++)
| ^
../bubblewrap.c: In function ‘read_priv_sec_op’:
../bubblewrap.c:1556:15: warning: comparison of integer expressions of different signedness: ‘ssize_t’ {aka ‘long int’} and ‘long unsigned int’ [-Wsign-compare]
1556 | if (rec_len < sizeof (PrivSepOp))
| ^
../bubblewrap.c:1626:28: warning: comparison of integer expressions of different signedness: ‘int’ and ‘uint32_t’ {aka ‘unsigned int’} [-Wsign-compare]
1626 | if (*total_parsed_argc_p > MAX_ARGS)
| ^
../bubblewrap.c:1681:40: warning: comparison of integer expressions of different signedness: ‘int’ and ‘uint32_t’ {aka ‘unsigned int’} [-Wsign-compare]
1681 | if (*total_parsed_argc_p > MAX_ARGS)
| ^
../bubblewrap.c:2265:31: warning: comparison of integer expressions of different signedness: ‘uid_t’ {aka ‘unsigned int’} and ‘int’ [-Wsign-compare]
2265 | if (opt_sandbox_uid != -1)
| ^~
../bubblewrap.c:2285:31: warning: comparison of integer expressions of different signedness: ‘gid_t’ {aka ‘unsigned int’} and ‘int’ [-Wsign-compare]
2285 | if (opt_sandbox_gid != -1)
| ^~
../bubblewrap.c:2678:23: warning: comparison of integer expressions of different signedness: ‘uid_t’ {aka ‘unsigned int’} and ‘int’ [-Wsign-compare]
2678 | if (opt_sandbox_uid == -1)
| ^~
../bubblewrap.c:2680:23: warning: comparison of integer expressions of different signedness: ‘gid_t’ {aka ‘unsigned int’} and ‘int’ [-Wsign-compare]
2680 | if (opt_sandbox_gid == -1)
| ^~
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
|
|
|
|
|
|
|
|
| |
Prompted by flatpak/flatpak#4731, in which a misconfigured SMB automount
was failing to be remounted with ENODEV. This would have been easier to
debug if we knew which path could not be remounted.
Signed-off-by: Simon McVittie <smcv@collabora.com>
|
|
|
|
|
|
|
|
|
| |
When compiled with -Wwrite-strings as part of a larger project, gcc and
clang both warn that we're assigning a string constant to a mutable
struct member. There's actually no reason why it should be mutable, so
make it const.
Signed-off-by: Simon McVittie <smcv@collabora.com>
|
|
|
|
|
|
|
| |
This is a step towards REUSE compliance. Third-party files that we do
not otherwise edit (git.mk, m4/attributes.m4) are excluded here.
Signed-off-by: Simon McVittie <smcv@collabora.com>
|
|
|
|
| |
Signed-off-by: Simon McVittie <smcv@collabora.com>
|
|
|
|
|
|
|
|
| |
This gives us better diagnostic messages on failure, particularly for
BIND_MOUNT_ERROR_FIND_DEST_MOUNT where we previously said "Invalid
argument".
Signed-off-by: Simon McVittie <smcv@collabora.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If we are using a case-insensitive filesystem the bind-mount operation
might fail when `/proc/self/mountinfo` is checked.
In a case-insensitive filesystem, if we ask to mount a certain
directory, e.g. '/CI_fs/foo', the kernel might add its entry in
`mountinfo` as '/CI_fs/FOO'. This happens because the kernel populates
`mountinfo` with whatever case combination first appeared in the dcache.
With this patch we open the requested path and look at its
`/proc/self/fd`, using readlink(), to get the path case combination that
the kernel is also expected to be using.
Signed-off-by: Ludovico de Nittis <ludovico.denittis@collabora.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There's an effort to migrate Linux filesystems to handle the y2038
problem, which is great. However, recently a kernel change landed
that emits a warning when mounting a filesystem that doesn't
handle it, and this notably shows up even when *remounting* e.g.
for a read-only bind mount:
Using e.g. `rpm-ostree install cowsay` there's a spam of:
```
[ 189.529594] xfs filesystem being remounted at /sysroot supports timestamps until 2038 (0x7fffffff)
```
Now particularly when creating a our bind mounts, let's
ask the kernel to be quiet about it. This is not a major event
worthy of a kernel log.
|
|
|
|
|
|
|
|
|
|
|
|
| |
As specified by mount(2):
Specifying MS_MGC_VAL was required in kernel versions prior to 2.4, but
since Linux 2.4 is no longer required and is ignored if specified.
Signed-off-by: Marcos Paulo de Souza <marcos.souza.org@gmail.com>
Closes: #220
Approved by: cgwalters
|
|
|
|
|
| |
Closes: #129
Approved by: cgwalters
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The mount operation always fully resolves any symlinks before mounting
so we need to do the same when we're looking for the new mount
in the mount tables.
Without this something like
--symlink /dst /link --bind-mount /src /link
would fail because it would look for mount flags in /link, but the
mount would be on /dst.
Closes: #119
Approved by: alexlarsson
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Its not uncommon for mountpoints to cover other mountpoints, for instance
if /a/b is mounted first, then /a/b or /a can be mounted again effectively
making the old /a/b unreachable. This happens sometimes on the host
system, but it happens also often in the context of bubblewrap
where you migth do something like:
bwrap --bind / / --bind /my/foo /foo
In this case, we're covering whatever is on /foo on the host with
different content, and if /foo had submount under it these will be
covered.
There is a problem with bind mounts and covered mountpoints though.
Bubblewrap always does recursive bind-mounts (because a non-recursive
bind-mount could expose content that was otherwise covered), and the
linux recursive bind mount doesn't let you modify flags (such as
adding readonly). So we have to first bind-mount, and then change the
flags for the destination and all the submounts under it.
The existing naive implementation of submount enumeration in
bubblewrap also returns the covered mount points, and when we try
to change the flags on these we run into issues, because mount()
can't find the pathnames.
This implementation does a more thorough parsing of the mountinfo
file, looking at the "mount id" and "parent mount id" to reconstruct
exactly which mountpoints that are accessible.
This fixes https://github.com/projectatomic/bubblewrap/issues/14
Closes: #118
Approved by: alexlarsson
|
|
|
|
|
|
|
|
|
|
|
| |
This allows to remount a mount point as read only.
It will allow us, by remounting / after other mount points are created,
to handle a readonly rootfs as specified in the OCI specs:
https://github.com/opencontainers/runtime-spec/blob/master/config.md#root-configuration
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|
|
|
|
| |
Closes: #67
Approved by: cgwalters
|
| |
|
|
|
|
|
| |
There can be multiple matches for a mountpoint, but the last one
is the visible one.
|
| |
|
| |
|
|
|
|
|
| |
We're not mounting things on CWD, but on /oldroot, so we need
to update this code.
|
| |
|
| |
|
|
|