adamwill / rpms / openscap

Forked from rpms/openscap 3 years ago
Clone
Blob Blame History Raw
diff --git a/src/OVAL/probes/fsdev.c b/src/OVAL/probes/fsdev.c
index 82356d5e0..983675098 100644
--- a/src/OVAL/probes/fsdev.c
+++ b/src/OVAL/probes/fsdev.c
@@ -62,6 +62,7 @@
 #endif
 
 #include "fsdev.h"
+#include "common/util.h"
 
 /**
  * Compare two dev_t variables.
@@ -79,10 +80,6 @@ static int fsdev_cmp(const void *a, const void *b)
 #if defined(OS_LINUX)
 static int is_local_fs(struct mntent *ment)
 {
-// todo: would it be usefull to provide the choice during build-time?
-#if 1
-	char *s;
-
 	/*
 	 * When type of the filesystem is autofs, it means the mtab entry
 	 * describes the autofs configuration, which means ment->mnt_fsname
@@ -97,37 +94,42 @@ static int is_local_fs(struct mntent *ment)
 		return 0;
 	}
 
-	if (ment->mnt_fsname == NULL) {
-		return 0;
-	}
-
-	s = ment->mnt_fsname;
-	/* If the fsname begins with "//", it is probably CIFS. */
-	if (s[0] == '/' && s[1] == '/')
-		return 0;
-
-	/* If there's a ':' in the fsname and it occurs before any
-	 * '/', then this is probably NFS and the file system is
-	 * considered "remote".
+	/*
+	 * The following code is inspired by systemd, function fstype_is_network:
+	 * https://github.com/systemd/systemd/blob/21fd6bc263f49b57867d90d2e1f9f255e5509134/src/basic/mountpoint-util.c#L290
 	 */
-	s = strpbrk(s, "/:");
-	if (s && *s == ':')
-		return 0;
 
+	const char *fstype = ment->mnt_type;
+	if (oscap_str_startswith(fstype, "fuse.")) {
+		fstype += strlen("fuse.");
+	}
+	const char *network_fs[] = {
+		"afs",
+		"ceph",
+		"cifs",
+		"smb3",
+		"smbfs",
+		"sshfs",
+		"ncpfs",
+		"ncp",
+		"nfs",
+		"nfs4",
+		"gfs",
+		"gfs2",
+		"glusterfs",
+		"gpfs",
+		"pvfs2", /* OrangeFS */
+		"ocfs2",
+		"lustre",
+		"davfs",
+		NULL
+	};
+	for (int i = 0; network_fs[i]; i++) {
+		if (!strcmp(network_fs[i], fstype)) {
+			return 0;
+		}
+	}
 	return 1;
-#else
-	struct stat st;
-
-	/* If the file system is not backed-up by a real file, it is
-	   considered remote. A notable exception is "tmpfs" to allow
-	   traversal of /tmp et al. */
-	if (strcmp(ment->mnt_fsname, "tmpfs") != 0
-	    && (stat(ment->mnt_fsname, &st) != 0
-		|| !(S_ISBLK(st.st_mode))))
-		return 0;
-	else
-		return 1;
-#endif
 }
 
 #elif defined(OS_AIX)