From 7297044ada625da583211f0a574410cddb4f7d8d Mon Sep 17 00:00:00 2001 From: Matthias Görgens Date: Wed, 12 Apr 2023 15:39:32 +0800 Subject: Fuse mount: make auto_unmount compatible with suid/dev mount options (#762) * Fuse mount: make auto_unmount compatible with suid/dev mount options > When you run as root, fuse normally does not call fusermount but uses > the mount system call directly. When you specify auto_unmount, it goes > through fusermount instead. However, fusermount is a setuid binary that > is normally called by regular users, so it cannot in general accept suid > or dev options. In this patch, we split up how fuse mounts as root when `auto_unmount` is specified. First, we mount using system calls directly, then we reach out to fusermount to set up auto_unmount only (with no actual mounting done in fusermount). Fixes: #148 --- test/test_examples.py | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) (limited to 'test/test_examples.py') diff --git a/test/test_examples.py b/test/test_examples.py index a7ba998..f0aa63d 100755 --- a/test/test_examples.py +++ b/test/test_examples.py @@ -372,6 +372,37 @@ def test_notify_inval_entry(tmpdir, only_expire, notify, output_checker): else: umount(mount_process, mnt_dir) +@pytest.mark.parametrize("intended_user", ('root', 'non_root')) +def test_dev_auto_unmount(short_tmpdir, output_checker, intended_user): + """Check that root can mount with dev and auto_unmount + (but non-root cannot). + Split into root vs non-root, so that the output of pytest + makes clear what functionality is being tested.""" + if os.getuid() == 0 and intended_user == 'non_root': + pytest.skip('needs to run as non-root') + if os.getuid() != 0 and intended_user == 'root': + pytest.skip('needs to run as root') + mnt_dir = str(short_tmpdir.mkdir('mnt')) + src_dir = str('/dev') + cmdline = base_cmdline + \ + [ pjoin(basename, 'example', 'passthrough_ll'), + '-o', f'source={src_dir},dev,auto_unmount', + '-f', mnt_dir ] + mount_process = subprocess.Popen(cmdline, stdout=output_checker.fd, + stderr=output_checker.fd) + try: + wait_for_mount(mount_process, mnt_dir) + if os.getuid() == 0: + open(pjoin(mnt_dir, 'null')).close() + else: + with pytest.raises(PermissionError): + open(pjoin(mnt_dir, 'null')).close() + except: + cleanup(mount_process, mnt_dir) + raise + else: + umount(mount_process, mnt_dir) + @pytest.mark.skipif(os.getuid() != 0, reason='needs to run as root') def test_cuse(output_checker): -- cgit v1.2.3