diff options
| author | Shirish Pargaonkar <shirishpargaonkar@gmail.com> | 2011-09-26 10:56:44 -0400 |
|---|---|---|
| committer | Steve French <smfrench@gmail.com> | 2011-10-13 00:42:17 -0400 |
| commit | 3d3ea8e64efbeb3e4289675dbbfab82333395642 (patch) | |
| tree | 3f7c52039dceefeae2abf010a1a3ec8abef0c459 /fs/cifs/connect.c | |
| parent | 8bc4392a1e50f346e97f8777aaefd9cfc3d45c9f (diff) | |
cifs: Add mount options for backup intent (try #6)
Add mount options backupuid and backugid.
It allows an authenticated user to access files with the intent to back them
up including their ACLs, who may not have access permission but has
"Backup files and directories user right" on them (by virtue of being part
of the built-in group Backup Operators.
When mount options backupuid is specified, cifs client restricts the
use of backup intents to the user whose effective user id is specified
along with the mount option.
When mount options backupgid is specified, cifs client restricts the
use of backup intents to the users whose effective user id belongs to the
group id specified along with the mount option.
If an authenticated user is not part of the built-in group Backup Operators
at the server, access to such files is denied, even if allowed by the client.
Signed-off-by: Shirish Pargaonkar <shirishpargaonkar@gmail.com>
Reviewed-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <smfrench@gmail.com>
Diffstat (limited to 'fs/cifs/connect.c')
| -rw-r--r-- | fs/cifs/connect.c | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c index abbc6c3fe3f1..70dd2c418276 100644 --- a/fs/cifs/connect.c +++ b/fs/cifs/connect.c | |||
| @@ -831,6 +831,7 @@ cifs_parse_mount_options(const char *mountdata, const char *devname, | |||
| 831 | { | 831 | { |
| 832 | char *value, *data, *end; | 832 | char *value, *data, *end; |
| 833 | char *mountdata_copy = NULL, *options; | 833 | char *mountdata_copy = NULL, *options; |
| 834 | int err; | ||
| 834 | unsigned int temp_len, i, j; | 835 | unsigned int temp_len, i, j; |
| 835 | char separator[2]; | 836 | char separator[2]; |
| 836 | short int override_uid = -1; | 837 | short int override_uid = -1; |
| @@ -887,6 +888,8 @@ cifs_parse_mount_options(const char *mountdata, const char *devname, | |||
| 887 | cFYI(1, "Null separator not allowed"); | 888 | cFYI(1, "Null separator not allowed"); |
| 888 | } | 889 | } |
| 889 | } | 890 | } |
| 891 | vol->backupuid_specified = false; /* no backup intent for a user */ | ||
| 892 | vol->backupgid_specified = false; /* no backup intent for a group */ | ||
| 890 | 893 | ||
| 891 | while ((data = strsep(&options, separator)) != NULL) { | 894 | while ((data = strsep(&options, separator)) != NULL) { |
| 892 | if (!*data) | 895 | if (!*data) |
| @@ -1446,6 +1449,22 @@ cifs_parse_mount_options(const char *mountdata, const char *devname, | |||
| 1446 | vol->mfsymlinks = true; | 1449 | vol->mfsymlinks = true; |
| 1447 | } else if (strnicmp(data, "multiuser", 8) == 0) { | 1450 | } else if (strnicmp(data, "multiuser", 8) == 0) { |
| 1448 | vol->multiuser = true; | 1451 | vol->multiuser = true; |
| 1452 | } else if (!strnicmp(data, "backupuid", 9) && value && *value) { | ||
| 1453 | err = kstrtouint(value, 0, &vol->backupuid); | ||
| 1454 | if (err < 0) { | ||
| 1455 | cERROR(1, "%s: Invalid backupuid value", | ||
| 1456 | __func__); | ||
| 1457 | goto cifs_parse_mount_err; | ||
| 1458 | } | ||
| 1459 | vol->backupuid_specified = true; | ||
| 1460 | } else if (!strnicmp(data, "backupgid", 9) && value && *value) { | ||
| 1461 | err = kstrtouint(value, 0, &vol->backupgid); | ||
| 1462 | if (err < 0) { | ||
| 1463 | cERROR(1, "%s: Invalid backupgid value", | ||
| 1464 | __func__); | ||
| 1465 | goto cifs_parse_mount_err; | ||
| 1466 | } | ||
| 1467 | vol->backupgid_specified = true; | ||
| 1449 | } else | 1468 | } else |
| 1450 | printk(KERN_WARNING "CIFS: Unknown mount option %s\n", | 1469 | printk(KERN_WARNING "CIFS: Unknown mount option %s\n", |
| 1451 | data); | 1470 | data); |
| @@ -2737,6 +2756,10 @@ void cifs_setup_cifs_sb(struct smb_vol *pvolume_info, | |||
| 2737 | 2756 | ||
| 2738 | cifs_sb->mnt_uid = pvolume_info->linux_uid; | 2757 | cifs_sb->mnt_uid = pvolume_info->linux_uid; |
| 2739 | cifs_sb->mnt_gid = pvolume_info->linux_gid; | 2758 | cifs_sb->mnt_gid = pvolume_info->linux_gid; |
| 2759 | if (pvolume_info->backupuid_specified) | ||
| 2760 | cifs_sb->mnt_backupuid = pvolume_info->backupuid; | ||
| 2761 | if (pvolume_info->backupgid_specified) | ||
| 2762 | cifs_sb->mnt_backupgid = pvolume_info->backupgid; | ||
| 2740 | cifs_sb->mnt_file_mode = pvolume_info->file_mode; | 2763 | cifs_sb->mnt_file_mode = pvolume_info->file_mode; |
| 2741 | cifs_sb->mnt_dir_mode = pvolume_info->dir_mode; | 2764 | cifs_sb->mnt_dir_mode = pvolume_info->dir_mode; |
| 2742 | cFYI(1, "file mode: 0x%x dir mode: 0x%x", | 2765 | cFYI(1, "file mode: 0x%x dir mode: 0x%x", |
| @@ -2767,6 +2790,10 @@ void cifs_setup_cifs_sb(struct smb_vol *pvolume_info, | |||
| 2767 | cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_RWPIDFORWARD; | 2790 | cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_RWPIDFORWARD; |
| 2768 | if (pvolume_info->cifs_acl) | 2791 | if (pvolume_info->cifs_acl) |
| 2769 | cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_ACL; | 2792 | cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_ACL; |
| 2793 | if (pvolume_info->backupuid_specified) | ||
| 2794 | cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPUID; | ||
| 2795 | if (pvolume_info->backupgid_specified) | ||
| 2796 | cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPGID; | ||
| 2770 | if (pvolume_info->override_uid) | 2797 | if (pvolume_info->override_uid) |
| 2771 | cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_UID; | 2798 | cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_UID; |
| 2772 | if (pvolume_info->override_gid) | 2799 | if (pvolume_info->override_gid) |