From be81ba8e4760b03e40209dfcc4155c4de7dc0d49 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Jul 21 2021 10:27:10 +0000 Subject: import util-linux-2.32.1-28.el8 --- diff --git a/SOURCES/0057-mesg-use-only-stat-to-get-the-current-terminal-statu.patch b/SOURCES/0057-mesg-use-only-stat-to-get-the-current-terminal-statu.patch new file mode 100644 index 0000000..62ff51f --- /dev/null +++ b/SOURCES/0057-mesg-use-only-stat-to-get-the-current-terminal-statu.patch @@ -0,0 +1,52 @@ +From 7ad815523618c2a053d28061054a44ae9108ceb0 Mon Sep 17 00:00:00 2001 +From: Karel Zak +Date: Mon, 12 Apr 2021 09:39:59 +0200 +Subject: [PATCH 57/63] mesg: use only stat() to get the current terminal + status + +open()+stat() does not work for example after su(1) (from root to +non-root). It seems better to use only stat() to get the current +terminal status. + +Addresses: https://bugzilla.redhat.com/show_bug.cgi?id=1906157 +Upstream: http://github.com/karelzak/util-linux/commit/c0246ce059503bbc078122a50d564ca36a66f348 +Signed-off-by: Karel Zak +--- + term-utils/mesg.c | 12 +++++++----- + 1 file changed, 7 insertions(+), 5 deletions(-) + +diff --git a/term-utils/mesg.c b/term-utils/mesg.c +index 8714ad1aa..21a4a8581 100644 +--- a/term-utils/mesg.c ++++ b/term-utils/mesg.c +@@ -123,13 +123,10 @@ int main(int argc, char *argv[]) + + if ((tty = ttyname(STDERR_FILENO)) == NULL) + err(MESG_EXIT_FAILURE, _("ttyname failed")); +- if ((fd = open(tty, O_RDONLY)) < 0) +- err(MESG_EXIT_FAILURE, _("cannot open %s"), tty); +- if (fstat(fd, &sb)) +- err(MESG_EXIT_FAILURE, _("stat of %s failed"), tty); + + if (!*argv) { +- close(fd); ++ if (stat(tty, &sb)) ++ err(MESG_EXIT_FAILURE, _("stat of %s failed"), tty); + if (sb.st_mode & (S_IWGRP | S_IWOTH)) { + puts(_("is y")); + return IS_ALLOWED; +@@ -138,6 +135,11 @@ int main(int argc, char *argv[]) + return IS_NOT_ALLOWED; + } + ++ if ((fd = open(tty, O_RDONLY)) < 0) ++ err(MESG_EXIT_FAILURE, _("cannot open %s"), tty); ++ if (fstat(fd, &sb)) ++ err(MESG_EXIT_FAILURE, _("stat of %s failed"), tty); ++ + switch (rpmatch(argv[0])) { + case RPMATCH_YES: + #ifdef USE_TTY_GROUP +-- +2.31.1 + diff --git a/SOURCES/0058-findmnt-add-option-to-list-all-fs-independent-flags.patch b/SOURCES/0058-findmnt-add-option-to-list-all-fs-independent-flags.patch new file mode 100644 index 0000000..827ab0c --- /dev/null +++ b/SOURCES/0058-findmnt-add-option-to-list-all-fs-independent-flags.patch @@ -0,0 +1,212 @@ +From 2f04609de018013a36396e6a10b317607fb0b625 Mon Sep 17 00:00:00 2001 +From: Roberto Bergantinos Corpas +Date: Tue, 12 Jan 2021 11:58:53 +0100 +Subject: [PATCH 58/63] findmnt: add option to list all fs-independent flags + +It might be useful for security auditing purposes list all possible +mount flags/options including default set which are normally not listed. + +This patch adds "--vfs-all" option to list all fs-independent flags +on VFS-OPTIONS column, as well as libmount funcionality to accomplish +it. + +i.e.: + +$ findmnt -o VFS-OPTIONS +VFS-OPTIONS +rw,relatime +rw,nosuid,nodev,noexec,relatime +rw,nosuid,nodev,noexec,relatime +ro,nosuid,nodev,noexec +... + +$ findmnt --vfs-all -o VFS-OPTIONS +VFS-OPTIONS +rw,exec,suid,dev,async,loud,nomand,atime,noiversion,diratime,relatime,nostrictatime,nolazytime,symfollow +rw,noexec,nosuid,nodev,async,loud,nomand,atime,noiversion,diratime,relatime,nostrictatime,nolazytime,symfollow +rw,noexec,nosuid,nodev,async,loud,nomand,atime,noiversion,diratime,relatime,nostrictatime,nolazytime,symfollow +ro,noexec,nosuid,nodev,async,loud,nomand,atime,noiversion,diratime,norelatime,nostrictatime,nolazytime,symfollow +... + +[kzak@redhat.com: - cleanup coding style and comments] + +Addresses: https://bugzilla.redhat.com/show_bug.cgi?id=1917852 +Upstream: http://github.com/karelzak/util-linux/commit/ff21f476f85ac9855452f4aac43a231c3c1e2ebc +Signed-off-by: Roberto Bergantinos Corpas +Signed-off-by: Karel Zak +--- + libmount/docs/libmount-sections.txt | 1 + + libmount/src/fs.c | 32 +++++++++++++++++++++++++++++ + libmount/src/libmount.h.in | 1 + + libmount/src/libmount.sym | 4 ++++ + misc-utils/findmnt.8 | 6 ++++++ + misc-utils/findmnt.c | 15 +++++++++++--- + misc-utils/findmnt.h | 2 ++ + 7 files changed, 58 insertions(+), 3 deletions(-) + +diff --git a/libmount/docs/libmount-sections.txt b/libmount/docs/libmount-sections.txt +index dea724b2f..f296c0611 100644 +--- a/libmount/docs/libmount-sections.txt ++++ b/libmount/docs/libmount-sections.txt +@@ -224,6 +224,7 @@ mnt_fs_get_usedsize + mnt_fs_get_userdata + mnt_fs_get_user_options + mnt_fs_get_vfs_options ++mnt_fs_get_vfs_options_all + mnt_fs_is_kernel + mnt_fs_is_netfs + mnt_fs_is_pseudofs +diff --git a/libmount/src/fs.c b/libmount/src/fs.c +index aae4961c3..34c09d66b 100644 +--- a/libmount/src/fs.c ++++ b/libmount/src/fs.c +@@ -924,6 +924,38 @@ const char *mnt_fs_get_vfs_options(struct libmnt_fs *fs) + return fs ? fs->vfs_optstr : NULL; + } + ++/** ++ * mnt_fs_get_vfs_options_all: ++ * @fs: fstab/mtab entry pointer ++ * ++ * Returns: pointer to newlly allocated string (can be freed by free(3)) or ++ * NULL in case of error. The string contains all (including defaults) mount ++ * options. ++ */ ++char *mnt_fs_get_vfs_options_all(struct libmnt_fs *fs) ++{ ++ const struct libmnt_optmap *map = mnt_get_builtin_optmap(MNT_LINUX_MAP); ++ const struct libmnt_optmap *ent; ++ const char *opts = mnt_fs_get_options(fs); ++ char *result = NULL; ++ unsigned long flags = 0; ++ ++ if (!opts || mnt_optstr_get_flags(opts, &flags, map)) ++ return NULL; ++ ++ for (ent = map ; ent && ent->name ; ent++){ ++ if (ent->id & flags) { /* non-default value */ ++ if (!(ent->mask & MNT_INVERT)) ++ mnt_optstr_append_option(&result, ent->name, NULL); ++ else ++ continue; ++ } else if (ent->mask & MNT_INVERT) ++ mnt_optstr_append_option(&result, ent->name, NULL); ++ } ++ ++ return result; ++} ++ + /** + * mnt_fs_get_user_options: + * @fs: fstab/mtab entry pointer +diff --git a/libmount/src/libmount.h.in b/libmount/src/libmount.h.in +index c61514b59..1d9a053e0 100644 +--- a/libmount/src/libmount.h.in ++++ b/libmount/src/libmount.h.in +@@ -452,6 +452,7 @@ extern int mnt_fs_get_option(struct libmnt_fs *fs, const char *name, + extern const char *mnt_fs_get_fs_options(struct libmnt_fs *fs); + extern const char *mnt_fs_get_vfs_options(struct libmnt_fs *fs); + extern const char *mnt_fs_get_user_options(struct libmnt_fs *fs); ++extern char *mnt_fs_get_vfs_options_all(struct libmnt_fs *fs); + + extern const char *mnt_fs_get_attributes(struct libmnt_fs *fs); + extern int mnt_fs_set_attributes(struct libmnt_fs *fs, const char *optstr); +diff --git a/libmount/src/libmount.sym b/libmount/src/libmount.sym +index ca16cafa1..636c564eb 100644 +--- a/libmount/src/libmount.sym ++++ b/libmount/src/libmount.sym +@@ -322,3 +322,7 @@ MOUNT_2.30 { + mnt_context_enable_rwonly_mount; + mnt_context_get_excode; + } MOUNT_2.28; ++ ++MOUNT_2_37 { ++ mnt_fs_get_vfs_options_all; ++} MOUNT_2.30; +diff --git a/misc-utils/findmnt.8 b/misc-utils/findmnt.8 +index 58dd38625..41a37cb5f 100644 +--- a/misc-utils/findmnt.8 ++++ b/misc-utils/findmnt.8 +@@ -249,6 +249,12 @@ It's possible to specify source (device) or target (mountpoint) to filter mount + .TP + .BR "\-\-verbose" + Force findmnt to print more information (\fB\-\-verify\fP only for now). ++.TP ++.B \-\-vfs-all ++When used with ++.BR VFS-OPTIONS ++column, print all VFS (fs-independent) flags. This option is designed for auditing purposes to ++list also default VFS kernel mount options which are normally not listed. + .SH EXAMPLES + .IP "\fBfindmnt \-\-fstab \-t nfs\fP" + Prints all NFS filesystems defined in +diff --git a/misc-utils/findmnt.c b/misc-utils/findmnt.c +index 184b6f7d7..a7b3af4f4 100644 +--- a/misc-utils/findmnt.c ++++ b/misc-utils/findmnt.c +@@ -542,7 +542,10 @@ static char *get_data(struct libmnt_fs *fs, int num) + str = xstrdup(mnt_fs_get_options(fs)); + break; + case COL_VFS_OPTIONS: +- str = xstrdup(mnt_fs_get_vfs_options(fs)); ++ if (flags & FL_VFS_ALL) ++ str = mnt_fs_get_vfs_options_all(fs); ++ else if (mnt_fs_get_vfs_options(fs)) ++ str = xstrdup(mnt_fs_get_vfs_options(fs)); + break; + case COL_FS_OPTIONS: + str = xstrdup(mnt_fs_get_fs_options(fs)); +@@ -1243,6 +1246,7 @@ static void __attribute__((__noreturn__)) usage(void) + fputc('\n', out); + fputs(_(" -x, --verify verify mount table content (default is fstab)\n"), out); + fputs(_(" --verbose print more details\n"), out); ++ fputs(_(" --vfs-all print all VFS options\n"), out); + + fputs(USAGE_SEPARATOR, out); + printf(USAGE_HELP_OPTIONS(24)); +@@ -1271,8 +1275,9 @@ int main(int argc, char *argv[]) + struct libscols_table *table = NULL; + + enum { +- FINDMNT_OPT_VERBOSE = CHAR_MAX + 1, +- FINDMNT_OPT_TREE ++ FINDMNT_OPT_VERBOSE = CHAR_MAX + 1, ++ FINDMNT_OPT_TREE, ++ FINDMNT_OPT_VFS_ALL + }; + + static const struct option longopts[] = { +@@ -1313,6 +1318,7 @@ int main(int argc, char *argv[]) + { "version", no_argument, NULL, 'V' }, + { "verbose", no_argument, NULL, FINDMNT_OPT_VERBOSE }, + { "tree", no_argument, NULL, FINDMNT_OPT_TREE }, ++ { "vfs-all", no_argument, NULL, FINDMNT_OPT_VFS_ALL }, + { NULL, 0, NULL, 0 } + }; + +@@ -1479,6 +1485,9 @@ int main(int argc, char *argv[]) + case FINDMNT_OPT_TREE: + force_tree = 1; + break; ++ case FINDMNT_OPT_VFS_ALL: ++ flags |= FL_VFS_ALL; ++ break; + default: + errtryhelp(EXIT_FAILURE); + } +diff --git a/misc-utils/findmnt.h b/misc-utils/findmnt.h +index fbaa38e82..9a277b68a 100644 +--- a/misc-utils/findmnt.h ++++ b/misc-utils/findmnt.h +@@ -19,6 +19,8 @@ enum { + FL_STRICTTARGET = (1 << 15), + FL_VERBOSE = (1 << 16), + ++ FL_VFS_ALL = (1 << 19), ++ + /* basic table settings */ + FL_ASCII = (1 << 20), + FL_RAW = (1 << 21), +-- +2.31.1 + diff --git a/SOURCES/0059-nologin-Prevent-error-from-su-c.patch b/SOURCES/0059-nologin-Prevent-error-from-su-c.patch new file mode 100644 index 0000000..9dd8b4a --- /dev/null +++ b/SOURCES/0059-nologin-Prevent-error-from-su-c.patch @@ -0,0 +1,83 @@ +From ae227f0eb3500b49fb78623f51ec9bd4366346ef Mon Sep 17 00:00:00 2001 +From: Stanislav Brabec +Date: Thu, 10 Oct 2019 01:08:25 +0200 +Subject: [PATCH 59/63] nologin: Prevent error from su -c + +"su -c" can pass "-c" to nologin. It causes ugly error: + +su -c "echo OK" - man +-nologin: invalid option -- 'c' +Try '-nologin --help' for more information. + +Accept -c to prevent this error. + +Upstream: http://github.com/karelzak/util-linux/commit/a174eefb41a2ce8b467bb7e1546953c8bd1223dd +Addresses: https://bugzilla.redhat.com/show_bug.cgi?id=1922299 +Signed-off-by: Josef Cejka +Signed-off-by: Stanislav Brabec +--- + login-utils/nologin.8 | 11 +++++++++-- + login-utils/nologin.c | 9 +++++++-- + 2 files changed, 16 insertions(+), 4 deletions(-) + +diff --git a/login-utils/nologin.8 b/login-utils/nologin.8 +index ee5948443..9389a86c6 100644 +--- a/login-utils/nologin.8 ++++ b/login-utils/nologin.8 +@@ -18,9 +18,16 @@ The exit code returned by + is always 1. + .PP + .SH OPTIONS +-.IP "\fB\-h, \-\-help\fP" ++ ++ ++.TP ++.IP "\fB\-c\fR, \fB\-\-command\fR \fIcommand\fR" ++Ignored. For compatibility with ++.I su -c "command" - user ++that would cause error otherwise. ++.IP "\fB\-h\fR, \fB\-\-help\fR" + Display help text and exit. +-.IP "\fB-V, \-\-version" ++.IP "\fB-V\fR, \fB\-\-version\fR" + Display version information and exit. + .SH NOTES + .B nologin +diff --git a/login-utils/nologin.c b/login-utils/nologin.c +index b0b6a721c..293f568c1 100644 +--- a/login-utils/nologin.c ++++ b/login-utils/nologin.c +@@ -30,7 +30,8 @@ static void __attribute__((__noreturn__)) usage(void) + fputs(_("Politely refuse a login.\n"), out); + + fputs(USAGE_OPTIONS, out); +- printf(USAGE_HELP_OPTIONS(16)); ++ fputs(_(" -c, --command does nothing (for compatibility with su -c)\n"), out); ++ printf(USAGE_HELP_OPTIONS(26)); + + printf(USAGE_MAN_TAIL("nologin(8)")); + exit(EXIT_FAILURE); +@@ -41,6 +42,7 @@ int main(int argc, char *argv[]) + int c, fd = -1; + struct stat st; + static const struct option longopts[] = { ++ { "command", required_argument, NULL, 'c' }, + { "help", 0, NULL, 'h' }, + { "version", 0, NULL, 'V' }, + { NULL, 0, NULL, 0 } +@@ -50,8 +52,11 @@ int main(int argc, char *argv[]) + bindtextdomain(PACKAGE, LOCALEDIR); + textdomain(PACKAGE); + +- while ((c = getopt_long(argc, argv, "hV", longopts, NULL)) != -1) { ++ while ((c = getopt_long(argc, argv, "c:hV", longopts, NULL)) != -1) { + switch (c) { ++ case 'c': ++ /* Ignore the command, just don't print unknown option error. */ ++ break; + case 'h': + usage(); + break; +-- +2.31.1 + diff --git a/SOURCES/0060-nologin-silently-ignore-well-known-shell-command-lin.patch b/SOURCES/0060-nologin-silently-ignore-well-known-shell-command-lin.patch new file mode 100644 index 0000000..03983d6 --- /dev/null +++ b/SOURCES/0060-nologin-silently-ignore-well-known-shell-command-lin.patch @@ -0,0 +1,124 @@ +From bfa7d299f8a497a835bc250bd765094ee06b8a01 Mon Sep 17 00:00:00 2001 +From: Sami Kerola +Date: Sun, 17 Nov 2019 08:33:04 +0000 +Subject: [PATCH 60/63] nologin: silently ignore well known shell command-line + options + +nologin is typically used in /etc/passwd as a shell replacement. Hence it +is reasonable to ignore well known command-line options silently to avoid +unwanted ugly error messages. + +Addresses: https://github.com/karelzak/util-linux/issues/895 +Addresses: https://bugzilla.redhat.com/show_bug.cgi?id=1922299 +Upstream: http://github.com/karelzak/util-linux/commit/beb61b07c20ab902fec883a4bd087c45d2742dea +Requested-by: Lennart Poettering +Signed-off-by: Sami Kerola +--- + login-utils/nologin.8 | 32 ++++++++++++++++++++++++-------- + login-utils/nologin.c | 33 ++++++++++++++++++++++++++++----- + 2 files changed, 52 insertions(+), 13 deletions(-) + +diff --git a/login-utils/nologin.8 b/login-utils/nologin.8 +index 9389a86c6..d3882e2b1 100644 +--- a/login-utils/nologin.8 ++++ b/login-utils/nologin.8 +@@ -1,4 +1,4 @@ +-.TH NOLOGIN 8 "September 2013" "util-linux" "System Administration" ++.TH NOLOGIN 8 "November 2019" "util-linux" "System Administration" + .SH NAME + nologin \- politely refuse a login + .SH SYNOPSIS +@@ -18,13 +18,29 @@ The exit code returned by + is always 1. + .PP + .SH OPTIONS +- +- +-.TP +-.IP "\fB\-c\fR, \fB\-\-command\fR \fIcommand\fR" +-Ignored. For compatibility with +-.I su -c "command" - user +-that would cause error otherwise. ++\fB\-c\fR, \fB\-\-command\fR \fIcommand\fR ++.br ++\fB\-\-init-file\fR ++.br ++\fB\-i\fR \fB\-\-interactive\fR ++.br ++\fB\-\-init-file\fR \fIfile\fR ++.br ++\fB\-i\fR, \fB\-\-interactive\fR ++.br ++\fB\-l\fR, \fB\-\-login\fR ++.br ++\fB\-\-noprofile\fR ++.br ++\fB\-\-norc\fR ++.br ++\fB\-\-posix\fR ++.br ++\fB\-\-rcfile\fR \fIfile\fR ++.br ++\fB\-r\fR, \fB\-\-restricted\fR ++.IP ++These shell command-line options are ignored to avoid nologin error. + .IP "\fB\-h\fR, \fB\-\-help\fR" + Display help text and exit. + .IP "\fB-V\fR, \fB\-\-version\fR" +diff --git a/login-utils/nologin.c b/login-utils/nologin.c +index 293f568c1..567a9a2ca 100644 +--- a/login-utils/nologin.c ++++ b/login-utils/nologin.c +@@ -41,10 +41,25 @@ int main(int argc, char *argv[]) + { + int c, fd = -1; + struct stat st; ++ enum { ++ OPT_INIT_FILE = CHAR_MAX + 1, ++ OPT_NOPROFILE, ++ OPT_NORC, ++ OPT_POSIX, ++ OPT_RCFILE ++ }; + static const struct option longopts[] = { +- { "command", required_argument, NULL, 'c' }, +- { "help", 0, NULL, 'h' }, +- { "version", 0, NULL, 'V' }, ++ { "command", required_argument, NULL, 'c' }, ++ { "init-file", required_argument, NULL, OPT_INIT_FILE }, ++ { "interactive", no_argument, NULL, 'i' }, ++ { "login", no_argument, NULL, 'l' }, ++ { "noprofile", no_argument, NULL, OPT_NOPROFILE }, ++ { "norc", no_argument, NULL, OPT_NORC }, ++ { "posix", no_argument, NULL, OPT_POSIX }, ++ { "rcfile", required_argument, NULL, OPT_RCFILE }, ++ { "restricted", no_argument, NULL, 'r' }, ++ { "help", no_argument, NULL, 'h' }, ++ { "version", no_argument, NULL, 'V' }, + { NULL, 0, NULL, 0 } + }; + +@@ -52,10 +67,18 @@ int main(int argc, char *argv[]) + bindtextdomain(PACKAGE, LOCALEDIR); + textdomain(PACKAGE); + +- while ((c = getopt_long(argc, argv, "c:hV", longopts, NULL)) != -1) { ++ while ((c = getopt_long(argc, argv, "c:ilrhV", longopts, NULL)) != -1) { + switch (c) { + case 'c': +- /* Ignore the command, just don't print unknown option error. */ ++ case OPT_INIT_FILE: ++ case 'i': ++ case 'l': ++ case OPT_NOPROFILE: ++ case OPT_NORC: ++ case OPT_POSIX: ++ case OPT_RCFILE: ++ case 'r': ++ /* Ignore well known shell command-line options */ + break; + case 'h': + usage(); +-- +2.31.1 + diff --git a/SOURCES/0061-libsmartcols-introduce-default-sort-column.patch b/SOURCES/0061-libsmartcols-introduce-default-sort-column.patch new file mode 100644 index 0000000..861d5b6 --- /dev/null +++ b/SOURCES/0061-libsmartcols-introduce-default-sort-column.patch @@ -0,0 +1,213 @@ +From 543e87865c5b9b7cb08ce8d55da1ef414154d213 Mon Sep 17 00:00:00 2001 +From: Karel Zak +Date: Wed, 24 Mar 2021 12:43:17 +0100 +Subject: [PATCH 61/63] libsmartcols: introduce default sort column + +* add default sort column, set by scols_sort_table() + +* sort tree according to default sort column also in scols_sort_table_by_tree() + +The function scols_sort_table() does not sort tree branches if tree +is not enabled. The function scols_sort_table_by_tree() does not care +if tree is enabled and it always follows parent->child relations. For +scols_sort_table_by_tree() we need to follow order in branches if +previously scols_sort_table() has been called. + +For example lsblk calls + + scols_sort_table(tb, cl); + scols_sort_table_by_tree(tb); + +for list-like output (for example lsblk -P) and users assume the +same order as for tree (lsblk --tree). + +Addresses: https://bugzilla.redhat.com/show_bug.cgi?id=1940607 +Upstream: http://github.com/karelzak/util-linux/commit/529b51706ef06611a8165023f14e6593e06901de +Signed-off-by: Karel Zak +--- + libsmartcols/src/smartcolsP.h | 3 ++ + libsmartcols/src/table.c | 60 ++++++++++++++++++++++++---------- + libsmartcols/src/table_print.c | 6 ++-- + misc-utils/lsblk.c | 6 ++-- + 4 files changed, 52 insertions(+), 23 deletions(-) + +diff --git a/libsmartcols/src/smartcolsP.h b/libsmartcols/src/smartcolsP.h +index 510e7a980..8037fb9f5 100644 +--- a/libsmartcols/src/smartcolsP.h ++++ b/libsmartcols/src/smartcolsP.h +@@ -160,6 +160,9 @@ struct libscols_table { + + struct list_head tb_columns; + struct list_head tb_lines; ++ ++ struct libscols_column *dflt_sort_column; /* default sort column, set by scols_sort_table() */ ++ + struct libscols_symbols *symbols; + struct libscols_cell title; /* optional table title (for humans) */ + +diff --git a/libsmartcols/src/table.c b/libsmartcols/src/table.c +index 979a09a39..bbabc0817 100644 +--- a/libsmartcols/src/table.c ++++ b/libsmartcols/src/table.c +@@ -224,6 +224,8 @@ int scols_table_remove_column(struct libscols_table *tb, + + if (cl->flags & SCOLS_FL_TREE) + tb->ntreecols--; ++ if (tb->dflt_sort_column == cl) ++ tb->dflt_sort_column = NULL; + + DBG(TAB, ul_debugobj(tb, "remove column")); + list_del_init(&cl->cl_columns); +@@ -1362,41 +1364,63 @@ static int sort_line_children(struct libscols_line *ln, struct libscols_column * + return 0; + } + ++static int __scols_sort_tree(struct libscols_table *tb, struct libscols_column *cl) ++{ ++ struct libscols_line *ln; ++ struct libscols_iter itr; ++ ++ if (!tb || !cl || !cl->cmpfunc) ++ return -EINVAL; ++ ++ scols_reset_iter(&itr, SCOLS_ITER_FORWARD); ++ while (scols_table_next_line(tb, &itr, &ln) == 0) ++ sort_line_children(ln, cl); ++ return 0; ++} ++ + /** + * scols_sort_table: + * @tb: table +- * @cl: order by this column ++ * @cl: order by this column or NULL + * + * Orders the table by the column. See also scols_column_set_cmpfunc(). If the + * tree output is enabled then children in the tree are recursively sorted too. + * ++ * The column @cl is saved as the default sort column to the @tb and the next time ++ * is possible to call scols_sort_table(tb, NULL). The saved column is also used by ++ * scols_sort_table_by_tree(). ++ * + * Returns: 0, a negative value in case of an error. + */ + int scols_sort_table(struct libscols_table *tb, struct libscols_column *cl) + { +- if (!tb || !cl || !cl->cmpfunc) ++ if (!tb) ++ return -EINVAL; ++ if (!cl) ++ cl = tb->dflt_sort_column; ++ if (!cl || !cl->cmpfunc) + return -EINVAL; + +- DBG(TAB, ul_debugobj(tb, "sorting table")); ++ DBG(TAB, ul_debugobj(tb, "sorting table by %zu column", cl->seqnum)); + list_sort(&tb->tb_lines, cells_cmp_wrapper_lines, cl); + +- if (scols_table_is_tree(tb)) { +- struct libscols_line *ln; +- struct libscols_iter itr; ++ if (scols_table_is_tree(tb)) ++ __scols_sort_tree(tb, cl); + +- scols_reset_iter(&itr, SCOLS_ITER_FORWARD); +- while (scols_table_next_line(tb, &itr, &ln) == 0) +- sort_line_children(ln, cl); +- } ++ if (cl && cl != tb->dflt_sort_column) ++ tb->dflt_sort_column = cl; + + return 0; + } + ++/* ++ * Move all @ln's children after @ln in the table. ++ */ + static struct libscols_line *move_line_and_children(struct libscols_line *ln, struct libscols_line *pre) + { + if (pre) { + list_del_init(&ln->ln_lines); /* remove from old position */ +- list_add(&ln->ln_lines, &pre->ln_lines); /* add to the new place (behind @pre) */ ++ list_add(&ln->ln_lines, &pre->ln_lines); /* add to the new place (after @pre) */ + } + pre = ln; + +@@ -1418,7 +1442,10 @@ static struct libscols_line *move_line_and_children(struct libscols_line *ln, st + * @tb: table + * + * Reorders lines in the table by parent->child relation. Note that order of +- * the lines in the table is independent on the tree hierarchy. ++ * the lines in the table is independent on the tree hierarchy by default. ++ * ++ * The children of the lines are sorted according to the default sort column ++ * if scols_sort_table() has been previously called. + * + * Since: 2.30 + * +@@ -1434,13 +1461,12 @@ int scols_sort_table_by_tree(struct libscols_table *tb) + + DBG(TAB, ul_debugobj(tb, "sorting table by tree")); + +- scols_reset_iter(&itr, SCOLS_ITER_FORWARD); +- while (scols_table_next_line(tb, &itr, &ln) == 0) { +- if (ln->parent) +- continue; ++ if (tb->dflt_sort_column) ++ __scols_sort_tree(tb, tb->dflt_sort_column); + ++ scols_reset_iter(&itr, SCOLS_ITER_FORWARD); ++ while (scols_table_next_line(tb, &itr, &ln) == 0) + move_line_and_children(ln, NULL); +- } + + return 0; + } +diff --git a/libsmartcols/src/table_print.c b/libsmartcols/src/table_print.c +index 8ecfc30e2..337dbbd84 100644 +--- a/libsmartcols/src/table_print.c ++++ b/libsmartcols/src/table_print.c +@@ -585,11 +585,9 @@ static int cell_to_buffer(struct libscols_table *tb, + + ce = scols_line_get_cell(ln, cl->seqnum); + data = ce ? scols_cell_get_data(ce) : NULL; +- if (!data) +- return 0; + + if (!scols_column_is_tree(cl)) +- return buffer_set_data(buf, data); ++ return data ? buffer_set_data(buf, data) : 0; + + /* + * Tree stuff +@@ -605,7 +603,7 @@ static int cell_to_buffer(struct libscols_table *tb, + buffer_set_art_index(buf); + } + +- if (!rc) ++ if (!rc && data) + rc = buffer_append_data(buf, data); + return rc; + } +diff --git a/misc-utils/lsblk.c b/misc-utils/lsblk.c +index d0369d3e7..cc7894ecf 100644 +--- a/misc-utils/lsblk.c ++++ b/misc-utils/lsblk.c +@@ -1894,10 +1894,12 @@ int main(int argc, char *argv[]) + * /sys is no more sorted */ + lsblk->sort_id = COL_MAJMIN; + +- /* For --inverse --list we still follow parent->child relation */ +- if (lsblk->inverse && !(lsblk->flags & LSBLK_TREE)) ++ /* For --{inverse,raw,pairs} --list we still follow parent->child relation */ ++ if (!(lsblk->flags & LSBLK_TREE) ++ && (lsblk->inverse || lsblk->flags & LSBLK_EXPORT || lsblk->flags & LSBLK_RAW)) + lsblk->force_tree_order = 1; + ++ + if (lsblk->sort_id >= 0 && column_id_to_number(lsblk->sort_id) < 0) { + /* the sort column is not between output columns -- add as hidden */ + add_column(lsblk->sort_id); +-- +2.31.1 + diff --git a/SOURCES/0062-libmount-accept-another-flags-on-MS_REMOUNT-MS_BIND.patch b/SOURCES/0062-libmount-accept-another-flags-on-MS_REMOUNT-MS_BIND.patch new file mode 100644 index 0000000..5a02957 --- /dev/null +++ b/SOURCES/0062-libmount-accept-another-flags-on-MS_REMOUNT-MS_BIND.patch @@ -0,0 +1,120 @@ +From 8681757ee08361d78e4c74da8abae9d6df8623e7 Mon Sep 17 00:00:00 2001 +From: Karel Zak +Date: Mon, 28 May 2018 15:46:28 +0200 +Subject: [PATCH 62/63] libmount: accept another flags on MS_REMOUNT|MS_BIND + +The current libmount MS_REMOUNT|MS_BIND support is restricted to +MS_RDONLY (read-only bind mount). This is too restrictive as Linux +kernel supports bind-remount for arbitrary VFS flags. + +After this update you can use + + # mount /dev/sdc1 /mnt/A + # mount --bind -onosuid,noexec /mnt/A /mnt/B + + # findmnt /dev/sdc1 -oTARGET,SOURCE,FS-OPTIONS,VFS-OPTIONS + TARGET SOURCE FS-OPTIONS VFS-OPTIONS + /mnt/A /dev/sdc1 rw,stripe=512,data=ordered rw,relatime + /mnt/B /dev/sdc1 rw,stripe=512,data=ordered rw,nosuid,noexec,relatime + +The "mount --bind" is composed from two syscalls of course (1st is +bind, 2nd is bind,remount,nosuid,noexec). + +Addresses: https://github.com/karelzak/util-linux/issues/637 +Addresses: https://bugzilla.redhat.com/show_bug.cgi?id=1919529 +Upstream: http://github.com/karelzak/util-linux/commit/e82b77e9696a6dada96a7f3ea3ec20a63e8e7b9e +Signed-off-by: Karel Zak +--- + libmount/src/context_mount.c | 22 ++++++++-------------- + libmount/src/mountP.h | 3 +++ + sys-utils/mount.8 | 5 +++-- + 3 files changed, 14 insertions(+), 16 deletions(-) + +diff --git a/libmount/src/context_mount.c b/libmount/src/context_mount.c +index a6de36178..b88e60507 100644 +--- a/libmount/src/context_mount.c ++++ b/libmount/src/context_mount.c +@@ -107,22 +107,16 @@ static int init_propagation(struct libmnt_context *cxt) + } + + /* +- * add additional mount(2) syscall request to implement "ro,bind", the first regular +- * mount(2) is the "bind" operation, the second is "remount,ro,bind" call. +- * +- * Note that we don't remove "ro" from the first syscall (kernel silently +- * ignores this flags for bind operation) -- maybe one day kernel will support +- * read-only binds in one step and then all will be done by the first mount(2) and the +- * second remount will be noop... ++ * add additional mount(2) syscall request to implement "bind,", the first regular ++ * mount(2) is the "bind" operation, the second is "remount,bind," call. + */ +-static int init_robind(struct libmnt_context *cxt) ++static int init_bind_remount(struct libmnt_context *cxt) + { + struct libmnt_addmount *ad; + int rc; + + assert(cxt); + assert(cxt->mountflags & MS_BIND); +- assert(cxt->mountflags & MS_RDONLY); + assert(!(cxt->mountflags & MS_REMOUNT)); + + DBG(CXT, ul_debugobj(cxt, "mount: initialize additional ro,bind mount")); +@@ -131,9 +125,9 @@ static int init_robind(struct libmnt_context *cxt) + if (!ad) + return -ENOMEM; + +- ad->mountflags = MS_REMOUNT | MS_BIND | MS_RDONLY; +- if (cxt->mountflags & MS_REC) +- ad->mountflags |= MS_REC; ++ ad->mountflags = cxt->mountflags; ++ ad->mountflags |= (MS_REMOUNT | MS_BIND); ++ + rc = mnt_context_append_additional_mount(cxt, ad); + if (rc) + return rc; +@@ -254,9 +248,9 @@ static int fix_optstr(struct libmnt_context *cxt) + return rc; + } + if ((cxt->mountflags & MS_BIND) +- && (cxt->mountflags & MS_RDONLY) ++ && (cxt->mountflags & MNT_BIND_SETTABLE) + && !(cxt->mountflags & MS_REMOUNT)) { +- rc = init_robind(cxt); ++ rc = init_bind_remount(cxt); + if (rc) + return rc; + } +diff --git a/libmount/src/mountP.h b/libmount/src/mountP.h +index 52a238ef3..64a507e61 100644 +--- a/libmount/src/mountP.h ++++ b/libmount/src/mountP.h +@@ -363,6 +363,9 @@ struct libmnt_context + /* default flags */ + #define MNT_FL_DEFAULT 0 + ++/* Flags usable with MS_BIND|MS_REMOUNT */ ++#define MNT_BIND_SETTABLE (MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_NOATIME|MS_NODIRATIME|MS_RELATIME|MS_RDONLY) ++ + /* lock.c */ + extern int mnt_lock_use_simplelock(struct libmnt_lock *ml, int enable); + +diff --git a/sys-utils/mount.8 b/sys-utils/mount.8 +index a4d7de2c0..291e65cb1 100644 +--- a/sys-utils/mount.8 ++++ b/sys-utils/mount.8 +@@ -410,8 +410,9 @@ will be writable, but the + will be read-only. + + It's also possible to change nosuid, nodev, noexec, noatime, nodiratime and +-relatime VFS entry flags by "remount,bind" operation. It's impossible to change +-mount options recursively (for example with \fB-o rbind,ro\fR). ++relatime VFS entry flags by "remount,bind" operation. The another (for example ++filesystem specific flags) are silently ignored. It's impossible to change mount ++options recursively (for example with \fB-o rbind,ro\fR). + + .BR mount (8) + since v2.31 ignores the \fBbind\fR flag from +-- +2.31.1 + diff --git a/SOURCES/0063-libmount-improve-MS_REC-usage.patch b/SOURCES/0063-libmount-improve-MS_REC-usage.patch new file mode 100644 index 0000000..467f70b --- /dev/null +++ b/SOURCES/0063-libmount-improve-MS_REC-usage.patch @@ -0,0 +1,135 @@ +From 9f7fe1b83fcc508dc3e05815d03dbbb752a1cfba Mon Sep 17 00:00:00 2001 +From: Karel Zak +Date: Fri, 1 Jun 2018 12:16:19 +0200 +Subject: [PATCH 63/63] libmount: improve MS_REC usage + +libmount allows to split one library (mount(8)) call to multiple mount(2) +syscalls, for example + + --rbind --make-rslave + +in this case we have to be careful with MS_REC because the flag is +applied to multiple operations. + + # strace -e mount mount --rbind --make-rslave /mnt/A /mnt/B + +Old version: + + mount("/mnt/A", "/mnt/B", 0x13ecac0, MS_MGC_VAL|MS_BIND, NULL) = 0 + mount("none", "/mnt/B", NULL, MS_REC|MS_SLAVE, NULL) = 0 + +Fixed version: + + mount("/mnt/A", "/mnt/B", 0x1f22ac0, MS_MGC_VAL|MS_BIND|MS_REC, NULL) = 0 + mount("none", "/mnt/B", NULL, MS_REC|MS_SLAVE, NULL) = 0 + +Addresses: https://bugzilla.redhat.com/show_bug.cgi?id=1946921 +Upstream: http://github.com/karelzak/util-linux/commit/816773b475900909d42c2c8282a6ac50252cac22 +Signed-off-by: Karel Zak +--- + libmount/src/context.c | 5 +++++ + libmount/src/context_mount.c | 25 ++++++++++++++++++++++--- + libmount/src/optstr.c | 9 ++++++--- + 3 files changed, 33 insertions(+), 6 deletions(-) + +diff --git a/libmount/src/context.c b/libmount/src/context.c +index e7f1ee934..8e00b75a9 100644 +--- a/libmount/src/context.c ++++ b/libmount/src/context.c +@@ -1375,6 +1375,11 @@ struct libmnt_lock *mnt_context_get_lock(struct libmnt_context *cxt) + * + * both of these calls have the same effect. + * ++ * Be careful if you want to use MS_REC flag -- in this case the bit is applied ++ * to all bind/slave/etc. options. If you want to mix more propadation flags ++ * and/or bind, move operations than it's better to specify mount options by ++ * strings. ++ * + * Returns: 0 on success, negative number in case of error. + */ + int mnt_context_set_mflags(struct libmnt_context *cxt, unsigned long flags) +diff --git a/libmount/src/context_mount.c b/libmount/src/context_mount.c +index b88e60507..a8e84127c 100644 +--- a/libmount/src/context_mount.c ++++ b/libmount/src/context_mount.c +@@ -73,6 +73,7 @@ static int init_propagation(struct libmnt_context *cxt) + char *opts = (char *) mnt_fs_get_vfs_options(cxt->fs); + size_t namesz; + struct libmnt_optmap const *maps[1]; ++ int rec_count = 0; + + if (!opts) + return 0; +@@ -86,9 +87,19 @@ static int init_propagation(struct libmnt_context *cxt) + struct libmnt_addmount *ad; + int rc; + +- if (!mnt_optmap_get_entry(maps, 1, name, namesz, &ent) +- || !ent +- || !(ent->id & MS_PROPAGATION)) ++ if (!mnt_optmap_get_entry(maps, 1, name, namesz, &ent) || !ent) ++ continue; ++ ++ DBG(CXT, ul_debugobj(cxt, " checking %s", ent->name)); ++ ++ /* Note that MS_REC may be used for more flags, so we have to keep ++ * track about number of recursive options to keep the MS_REC in the ++ * mountflags if necessary. ++ */ ++ if (ent->id & MS_REC) ++ rec_count++; ++ ++ if (!(ent->id & MS_PROPAGATION)) + continue; + + ad = mnt_new_addmount(); +@@ -96,13 +107,21 @@ static int init_propagation(struct libmnt_context *cxt) + return -ENOMEM; + + ad->mountflags = ent->id; ++ DBG(CXT, ul_debugobj(cxt, " adding extra mount(2) call for %s", ent->name)); + rc = mnt_context_append_additional_mount(cxt, ad); + if (rc) + return rc; + ++ DBG(CXT, ul_debugobj(cxt, " removing %s from primary mount(2) call", ent->name)); + cxt->mountflags &= ~ent->id; ++ ++ if (ent->id & MS_REC) ++ rec_count--; + } + ++ if (rec_count) ++ cxt->mountflags |= MS_REC; ++ + return 0; + } + +diff --git a/libmount/src/optstr.c b/libmount/src/optstr.c +index 8248f0dee..cc077ffd9 100644 +--- a/libmount/src/optstr.c ++++ b/libmount/src/optstr.c +@@ -800,14 +800,17 @@ int mnt_optstr_apply_flags(char **optstr, unsigned long flags, + if (rc) + goto err; + } +- if (!(ent->mask & MNT_INVERT)) ++ if (!(ent->mask & MNT_INVERT)) { + fl &= ~ent->id; ++ if (ent->id & MS_REC) ++ fl |= MS_REC; ++ } + } + } + } + +- /* add missing options */ +- if (fl) { ++ /* add missing options (but ignore fl if contains MS_REC only) */ ++ if (fl && fl != MS_REC) { + const struct libmnt_optmap *ent; + char *p; + +-- +2.31.1 + diff --git a/SPECS/util-linux.spec b/SPECS/util-linux.spec index bbf8f05..b61c233 100644 --- a/SPECS/util-linux.spec +++ b/SPECS/util-linux.spec @@ -2,7 +2,7 @@ Summary: A collection of basic system utilities Name: util-linux Version: 2.32.1 -Release: 27%{?dist} +Release: 28%{?dist} License: GPLv2 and GPLv2+ and LGPLv2+ and BSD with advertising and Public Domain Group: System Environment/Base URL: http://en.wikipedia.org/wiki/Util-linux @@ -205,6 +205,22 @@ Patch55: 0055-lscpu-arm-read-vendor-and-model-from-BIOS.patch # 1900498 - libfdisk/libmount: backport two patches for upstream systemd Patch56: 0056-tests-update-sfdisk-resize.patch +### RHEL-8.5 +### +# 1906157 - after su from root to a normal user mesg is unable to show current status +Patch57: 0057-mesg-use-only-stat-to-get-the-current-terminal-statu.patch +# 1917852 - findmnt: add option to list all fs-independent flags +Patch58: 0058-findmnt-add-option-to-list-all-fs-independent-flags.patch +# 1922299 - throws error using /sbin/nologin: invalid option -- 'c' +Patch59: 0059-nologin-Prevent-error-from-su-c.patch +Patch60: 0060-nologin-silently-ignore-well-known-shell-command-lin.patch +# 1940607 - lsblk sometimes returns block devices in wrong order with --pairs +Patch61: 0061-libsmartcols-introduce-default-sort-column.patch +# 1919529 - [RFE] RHEL-8: Support option flags with mount(8) --bind +Patch62: 0062-libmount-accept-another-flags-on-MS_REMOUNT-MS_BIND.patch +# 1946921 - RHEL8: mount --rbind -o rprivate doesn't do recursive bind mount +Patch63: 0063-libmount-improve-MS_REC-usage.patch + %description The util-linux package contains a large variety of low-level system @@ -1070,6 +1086,14 @@ fi %{_libdir}/python*/site-packages/libmount/ %changelog +* Mon Jun 07 2021 Karel Zak 2.32.1-28 +- fix #1906157 - after su from root to a normal user mesg is unable to show current status +- fix #1917852 - findmnt: add option to list all fs-independent flags +- fix #1922299 - throws error using /sbin/nologin: invalid option -- 'c' +- fix #1940607 - lsblk sometimes returns block devices in wrong order with --pairs +- fix #1919529 - [RFE] RHEL-8: Support option flags with mount(8) --bind +- fix #1946921 - RHEL8: mount --rbind -o rprivate doesn't do recursive bind mount + * Tue Jan 19 2021 Karel Zak 2.32.1-27 - update lscpu-show-physical-socket-on-aarch64-without-ACPI-P.patch (#1882740)