Autofs parameter substitution broken in kernel 4.4.0-38 and 4.4.0-40
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux (Ubuntu) |
Fix Released
|
High
|
Seth Forshee | ||
Xenial |
Fix Released
|
High
|
Seth Forshee | ||
Yakkety |
Fix Released
|
High
|
Seth Forshee |
Bug Description
SRU Justification
Impact: ca6fe3344554 "fs: Call d_automount with the filesystems creds" causes a regression in the requester uid and gid passed to userspace during automount, as the current credentials during automount are those of root and not the user who requested the mount.
Fix: Use current->real_cred instead of current->cred for getting the requester's uid and gid.
Regression Potential: Minimal. current->cred and current->real_cred are the same except when credentials are overridden, thus current->real_cred contains the same credentials that autofs had been using prior to the change which overrides the credentials during automount.
---
Hello,
I have run into a bug relating autofs's parameter substitution (e.g. UID, GID, etc) with kernel versions 4.4.0-38 and proposed 4.4.0-40. Kernel version 4.4.0-28 does things correctly but testing intermediate kernel versions is hard due to earlier bugs related with fs's. Incorrect parameter substitution makes CIFS mounting with variable credentials impossible.
Wat was expected:
$UID in autofs map are substituted by the uid of the user that starts the auto-mounting process.
What actually happens:
Root's uid (0) is substituted instead.
This ill parameter substitution likely caused by recent fixes resolving permissions problems for nfs/cifs mounts and dfs referrals (#1626112 and #1612135). And possibly the fix 'fs: Call d_automount with the filesystems creds' but that is a wild guess.
Furthermore; playing with the force_standard_
Yours kindly,
Chris
---- Additional info ----
lsb_release -rd
Description: Ubuntu 16.04.1 LTS
Release: 16.04
---
ApportVersion: 2.20.1-0ubuntu2.1
Architecture: amd64
AudioDevicesInUse:
USER PID ACCESS COMMAND
/dev/snd/
DistroRelease: Ubuntu 16.04
HibernationDevice: RESUME=
InstallationDate: Installed on 2016-09-19 (10 days ago)
InstallationMedia: Kubuntu 16.04.1 LTS "Xenial Xerus" - Release amd64 (20160719)
IwConfig:
enp0s8 no wireless extensions.
enp0s3 no wireless extensions.
lo no wireless extensions.
Lsusb:
Bus 001 Device 002: ID 80ee:0021 VirtualBox USB Tablet
Bus 001 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
MachineType: innotek GmbH VirtualBox
Package: linux (not installed)
ProcEnviron:
LANGUAGE=
TERM=xterm
PATH=(custom, no user)
LANG=en_US.UTF-8
SHELL=/bin/bash
ProcFB: 0 vboxdrmfb
ProcKernelCmdLine: BOOT_IMAGE=
ProcVersionSign
PulseList:
Error: command ['pacmd', 'list'] failed with exit code 1: Home directory not accessible: Permission denied
No PulseAudio daemon running, or not running as session daemon.
RelatedPackageV
linux-
linux-
linux-firmware 1.157.3
RfKill:
Tags: xenial
Uname: Linux 4.4.0-40-generic x86_64
UpgradeStatus: No upgrade log present (probably fresh install)
UserGroups:
_MarkForUpload: True
dmi.bios.date: 12/01/2006
dmi.bios.vendor: innotek GmbH
dmi.bios.version: VirtualBox
dmi.board.name: VirtualBox
dmi.board.vendor: Oracle Corporation
dmi.board.version: 1.2
dmi.chassis.type: 1
dmi.chassis.vendor: Oracle Corporation
dmi.modalias: dmi:bvninnotekG
dmi.product.name: VirtualBox
dmi.product.
dmi.sys.vendor: innotek GmbH
Changed in linux (Ubuntu): | |
status: | Incomplete → Confirmed |
Changed in linux (Ubuntu): | |
status: | Confirmed → In Progress |
description: | updated |
Changed in linux (Ubuntu Xenial): | |
assignee: | nobody → Seth Forshee (sforshee) |
importance: | Undecided → High |
status: | New → In Progress |
Changed in linux (Ubuntu Xenial): | |
status: | In Progress → Fix Committed |
Changed in linux (Ubuntu Yakkety): | |
status: | In Progress → Fix Committed |
You can easily check this bug by:
1 setting logging in autofs.conf to 'debug'
2 create a simple autofs map:
/etc/ auto.master:
/mnt/test auto.test
/etc/auto.test: autofs, uid=$UID, gid=$GID :/dev/sda1
root -fstype=
3 look at journalctl -xfe --unit autofs output while with a non-root user trying to navigate to /mnt/test/root. Especially the log lines with parse_mount: parse(sun).