Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 70873

Summary: patches for mount: ignore managed/kudzu options
Product: Gentoo Linux Reporter: foser (RETIRED) <foser>
Component: [OLD] UnspecifiedAssignee: Gentoo's Team for Core System packages <base-system>
Status: RESOLVED FIXED    
Severity: enhancement    
Priority: High    
Version: unspecified   
Hardware: All   
OS: All   
Whiteboard:
Package list:
Runtime testing required: ---
Attachments: mount managed noop keyword patch
add pamconsole option to mount

Description foser (RETIRED) gentoo-dev 2004-11-11 15:06:16 UTC 
Here's 2 patches I'd like to be considered for addition to util-linux .

1. managed.patch : add the 'managed' noop keyword that can be used by hal to remove entries it creates (manages) from fstab
2. console.patch : add a pamconsole option to mount options, so only user at the console can mount. This is a safety measure so only local users should be able to mount removable devices.

Both are RH patches. According to some mail i read on this (1) is supposed to be added mainstream anyway. 2 is a RH-ism (?), but our pam seems to support it already, so adding it here doesn't seem to be too intrusive.

Both patches were taken from rawhide rpms.
Comment 1 foser (RETIRED) gentoo-dev 2004-11-11 15:07:56 UTC 
Created attachment 43744 [details, diff]
mount managed noop keyword patch

this adds the 'managed' keyword.. because it's a RH patch it also adds 'kudzu'
as noop. We could probably remove that.
Comment 2 foser (RETIRED) gentoo-dev 2004-11-11 15:08:33 UTC 
Created attachment 43745 [details, diff]
add pamconsole option to mount
Comment 3 SpanKY gentoo-dev 2004-11-11 15:10:06 UTC 
i dont see how (2) is really useful ... someone could simply compile their own version of mount and get around the pam requirement
Comment 4 foser (RETIRED) gentoo-dev 2004-11-11 15:30:36 UTC 
You don't even have to compile your own version of mount to get around it, thats not really the point. It's just a basic measure to have a somewhat safer default policy.
Comment 5 SpanKY gentoo-dev 2004-11-11 18:25:48 UTC 
util-linux-2.12i now includes the mount ignore managed patch, thanks
Comment 6 foser (RETIRED) gentoo-dev 2004-11-12 05:39:37 UTC 
there's 2 patches here..
Comment 7 SpanKY gentoo-dev 2004-11-12 08:45:28 UTC 
going by comments #3 and #4 here, the second patch wont be added since it has no real merit
Comment 8 foser (RETIRED) gentoo-dev 2004-11-12 09:27:41 UTC 
it has a real merit, just because it's not secure to a paranoia degree it doesn't mean it has no use at all, it is safer than the default. The patch is hardly intrusive, so i see no reason not to add it.
Comment 9 SpanKY gentoo-dev 2004-11-12 10:04:12 UTC 
so feel free to add it to a local ebuild on your machine, it's not going into portage