[linux-cifs-client] Re: user umount

Richard Hughes ee21rh at eim.surrey.ac.uk
Mon May 31 23:03:20 GMT 2004 

Steve, 

> With a cifs entry in fstab presumably (user or owner specified on the
> entry) users are already allowed unmount of cifs today (via umount) -
> albeit more restrictively than with a umount util.

I don't think this is true, well, not for the case of Fedora (rawhide) -
my shares will not umount without root access.

> If people are satisfied with the approach of setting umount.cifs
> setuid and doing an ioctl to get the kernel_uid_t of the mounter and
> matching it to the local processes uid_t, I could probably do
> something similar although my instinct is to do the matching in kernel
> - basically umount.cifs would ioctl into cifs to do the check and
> umount itself (perhaps limits races, but also eliminates the problem
> of differing sizes of uid_t and kernel_uid_t) - and the user space
> tool would only have to clean up mtab (if anything at all).

Lots of my system files have to be chmod+s'd so users can actually do
things - I don't see a problem there. I can see the benefit of ioctl'ing
into cifsd and unmounting, just from a simplicity viewpoint.

I have glanced at fs/jfs/jfs_umount.c, which might be worth a look.

> I could probably allow the admin to toggle user unmounts on to provide
> slightly more security - the utility would have to be present and the
> /proc/fs/cifs/umount_user would have to be set.

This is a GOOD idea. But probably best to have default on, so that joe
average doesn't have to google.

> smbfs has a umount utility but I don't know what the community thinks
> about its security.

If CIFS can't do everything smbfs can do - people can't migrate. Redhat
used to (I think still does) switch off smbfs in their default kernel
spec - so I think this umount functionality should be a priority. Plus I
need it to complete my corporate W2K => CIFS/Samba migration :-)

On a side note, CIFS is faster than ever, and I haven't had a transfer
problem in weeks. 

 Richard Hughes

On Mon, 2004-05-31 at 21:59, Steven French wrote:
> I don't provide a tiny user umount utility for cifs yet because I
> wanted time to think through the security implications. Ideas would be
> welcome. smbfs has a umount utility but I don't know what the
> community thinks about its security.
> 
> With a cifs entry in fstab presumably (user or owner specified on the
> entry) users are already allowed unmount of cifs today (via umount) -
> albeit more restrictively than with a umount util.
> 
> If people are satisfied with the approach of setting umount.cifs
> setuid and doing an ioctl to get the kernel_uid_t of the mounter and
> matching it to the local processes uid_t, I could probably do
> something similar although my instinct is to do the matching in kernel
> - basically umount.cifs would ioctl into cifs to do the check and
> umount itself (perhaps limits races, but also eliminates the problem
> of differing sizes of uid_t and kernel_uid_t) - and the user space
> tool would only have to clean up mtab (if anything at all). I could
> probably allow the admin to toggle user unmounts on to provide
> slightly more security - the utility would have to be present and the
> /proc/fs/cifs/umount_user would have to be set.
> 
> 
> 
> 
> Steve French
> Senior Software Engineer
> Linux Technology Center - IBM Austin
> phone: 512-838-2294
> email: sfrench at-sign us dot ibm dot com
> Inactive hide details for Richard Hughes
> <ee21rh at eim.surrey.ac.uk>Richard Hughes <ee21rh at eim.surrey.ac.uk>
> 
> 
>                                 Richard Hughes <ee21rh at eim.surrey.ac.uk>
>                                 
>                                 05/31/2004 05:29 AM
>                         
>                 
>         
> 
>                To
> 
> Steven
> French/Austin/IBM at IBMUS, CIFS Development List <linux-cifs-client at lists.samba.org>
> 
>                cc
> 
> 
> 
> 
> 
> 
>           Subject
> 
> user umount
> 
> 
> Steve, 
> 
> The user mount option works flawlessly on my (Fedora Core 2) linux
> machines, the only issue I have now is that when users log off, they
> cannot umount their own shares. e.g.
> 
> user$ umount /mnt/home
> umount: only root can unmount //ns1/write from /mnt/ns1-write
> 
> umount has +s bit set, and the mount option contained "user".
> Is this an issue for mount.cifs.c or a more generic redhat thing?
> I'm running 2.6.7rc2, cifs 1.16 fwiw.
> 
> 
> Richard Hughes
> 
> 
>

More information about the linux-cifs-client mailing list