1 /* $NetBSD: mount_umap.c,v 1.7 1997/09/16 12:32:33 lukem Exp $ */ 2 3 /* 4 * Copyright (c) 1992, 1993, 1994 5 * The Regents of the University of California. All rights reserved. 6 * 7 * This code is derived from software donated to Berkeley by 8 * Jan-Simon Pendry. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. All advertising materials mentioning features or use of this software 19 * must display the following acknowledgement: 20 * This product includes software developed by the University of 21 * California, Berkeley and its contributors. 22 * 4. Neither the name of the University nor the names of its contributors 23 * may be used to endorse or promote products derived from this software 24 * without specific prior written permission. 25 * 26 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 28 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 29 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 */ 38 39 #include <sys/cdefs.h> 40 #ifndef lint 41 __COPYRIGHT("@(#) Copyright (c) 1992, 1993, 1994\n\ 42 The Regents of the University of California. All rights reserved.\n"); 43 #endif /* not lint */ 44 45 #ifndef lint 46 #if 0 47 static char sccsid[] = "@(#)mount_umap.c 8.5 (Berkeley) 4/26/95"; 48 #else 49 __RCSID("$NetBSD: mount_umap.c,v 1.7 1997/09/16 12:32:33 lukem Exp $"); 50 #endif 51 #endif /* not lint */ 52 53 #include <sys/param.h> 54 #include <sys/mount.h> 55 #include <sys/stat.h> 56 57 #include <miscfs/umapfs/umap.h> 58 59 #include <err.h> 60 #include <stdio.h> 61 #include <stdlib.h> 62 #include <string.h> 63 #include <unistd.h> 64 65 #include "mntopts.h" 66 67 #define ROOTUSER 0 68 /* 69 * This define controls whether any user but the superuser can own and 70 * write mapfiles. If other users can, system security can be gravely 71 * compromised. If this is not a concern, undefine SECURITY. 72 */ 73 #define MAPSECURITY 1 74 75 /* 76 * This routine provides the user interface to mounting a umap layer. 77 * It takes 4 mandatory parameters. The mandatory arguments are the place 78 * where the next lower level is mounted, the place where the umap layer is to 79 * be mounted, the name of the user mapfile, and the name of the group 80 * mapfile. The routine checks the ownerships and permissions on the 81 * mapfiles, then opens and reads them. Then it calls mount(), which 82 * will, in turn, call the umap version of mount. 83 */ 84 85 const struct mntopt mopts[] = { 86 MOPT_STDOPTS, 87 { NULL } 88 }; 89 90 int main __P((int, char *[])); 91 void usage __P((void)); 92 93 int 94 main(argc, argv) 95 int argc; 96 char *argv[]; 97 { 98 static char not[] = "; not mounted."; 99 struct stat statbuf; 100 struct umap_args args; 101 FILE *fp, *gfp; 102 long d1, d2; 103 u_long mapdata[MAPFILEENTRIES][2]; 104 u_long gmapdata[GMAPFILEENTRIES][2]; 105 int ch, count, gnentries, mntflags, nentries; 106 char *gmapfile, *mapfile, *source, *target, buf[20]; 107 108 mntflags = 0; 109 mapfile = gmapfile = NULL; 110 while ((ch = getopt(argc, argv, "g:o:u:")) != -1) 111 switch (ch) { 112 case 'g': 113 gmapfile = optarg; 114 break; 115 case 'o': 116 getmntopts(optarg, mopts, &mntflags, 0); 117 break; 118 case 'u': 119 mapfile = optarg; 120 break; 121 case '?': 122 default: 123 usage(); 124 } 125 argc -= optind; 126 argv += optind; 127 128 if (argc != 2 || mapfile == NULL || gmapfile == NULL) 129 usage(); 130 131 source = argv[0]; 132 target = argv[1]; 133 134 /* Read in uid mapping data. */ 135 if ((fp = fopen(mapfile, "r")) == NULL) 136 err(1, "%s%s", mapfile, not); 137 138 #ifdef MAPSECURITY 139 /* 140 * Check that group and other don't have write permissions on 141 * this mapfile, and that the mapfile belongs to root. 142 */ 143 if (fstat(fileno(fp), &statbuf)) 144 err(1, "%s%s", mapfile, not); 145 if (statbuf.st_mode & S_IWGRP || statbuf.st_mode & S_IWOTH) { 146 strmode(statbuf.st_mode, buf); 147 err(1, "%s: improper write permissions (%s)%s", 148 mapfile, buf, not); 149 } 150 if (statbuf.st_uid != ROOTUSER) 151 errx(1, "%s does not belong to root%s", mapfile, not); 152 #endif /* MAPSECURITY */ 153 154 if ((fscanf(fp, "%d\n", &nentries)) != 1) 155 errx(1, "%s: nentries not found%s", mapfile, not); 156 if (nentries > MAPFILEENTRIES) 157 errx(1, 158 "maximum number of entries is %d%s", MAPFILEENTRIES, not); 159 #if 0 160 (void)printf("reading %d entries\n", nentries); 161 #endif 162 for (count = 0; count < nentries; ++count) { 163 if ((fscanf(fp, "%lu %lu\n", &d1, &d2)) != 2) { 164 if (ferror(fp)) 165 err(1, "%s%s", mapfile, not); 166 if (feof(fp)) 167 errx(1, "%s: unexpected end-of-file%s", 168 mapfile, not); 169 errx(1, "%s: illegal format (line %d)%s", 170 mapfile, count + 2, not); 171 } 172 mapdata[count][0] = d1; 173 mapdata[count][1] = d2; 174 #if 0 175 /* Fix a security hole. */ 176 if (mapdata[count][1] == 0) 177 errx(1, "mapping id 0 not permitted (line %d)%s", 178 count + 2, not); 179 #endif 180 } 181 182 /* Read in gid mapping data. */ 183 if ((gfp = fopen(gmapfile, "r")) == NULL) 184 err(1, "%s%s", gmapfile, not); 185 186 #ifdef MAPSECURITY 187 /* 188 * Check that group and other don't have write permissions on 189 * this group mapfile, and that the file belongs to root. 190 */ 191 if (fstat(fileno(gfp), &statbuf)) 192 err(1, "%s%s", gmapfile, not); 193 if (statbuf.st_mode & S_IWGRP || statbuf.st_mode & S_IWOTH) { 194 strmode(statbuf.st_mode, buf); 195 err(1, "%s: improper write permissions (%s)%s", 196 gmapfile, buf, not); 197 } 198 if (statbuf.st_uid != ROOTUSER) 199 errx(1, "%s does not belong to root%s", gmapfile, not); 200 #endif /* MAPSECURITY */ 201 202 if ((fscanf(gfp, "%d\n", &gnentries)) != 1) 203 errx(1, "nentries not found%s", not); 204 if (gnentries > MAPFILEENTRIES) 205 errx(1, 206 "maximum number of entries is %d%s", GMAPFILEENTRIES, not); 207 #if 0 208 (void)printf("reading %d group entries\n", gnentries); 209 #endif 210 211 for (count = 0; count < gnentries; ++count) { 212 if ((fscanf(gfp, "%lu %lu\n", 213 &(gmapdata[count][0]), &(gmapdata[count][1]))) != 2) { 214 if (ferror(gfp)) 215 err(1, "%s%s", gmapfile, not); 216 if (feof(gfp)) 217 errx(1, "%s: unexpected end-of-file%s", 218 gmapfile, not); 219 errx(1, "%s: illegal format (line %d)%s", 220 gmapfile, count + 2, not); 221 } 222 gmapdata[count][0] = d1; 223 gmapdata[count][1] = d2; 224 } 225 226 227 /* Setup mount call args. */ 228 args.target = source; 229 args.nentries = nentries; 230 args.mapdata = mapdata; 231 args.gnentries = gnentries; 232 args.gmapdata = gmapdata; 233 234 if (mount(MOUNT_UMAP, argv[1], mntflags, &args)) 235 err(1, "%s", ""); 236 exit(0); 237 } 238 239 void 240 usage() 241 { 242 (void)fprintf(stderr, 243 "usage: mount_umap [-o options] -u usermap -g groupmap target_fs mount_point\n"); 244 exit(1); 245 } 246