From: Norman Wilson Date: Mon, 12 Aug 2024 18:16:30 +0000 (-0400) Subject: Rearrange util/fusermount.c umount_fuse_locked() so that X-Git-Tag: fuse-3.17.1-rc0~79 X-Git-Url: http://git.maquefel.me/?a=commitdiff_plain;h=c9bf7d3e20ec5c86dd590f695b92e65142491d0e;p=qemu-gpiodev%2Flibfuse.git Rearrange util/fusermount.c umount_fuse_locked() so that umount2 is called with privs dropped, not raised. This works around a clash with NFS permissions: if FUSE mounted on NFS client directory with root_squash in effect, and some directory in the path leading to the mount point denies permissions to others, umount2 will fail because userid 0 cannot search it. Since drop_privs merely sets the file- system user- and group-ID without changing the CAP_SYS_ADMIN capability needed to unmount a file system (which fusermount has because it is set-user-ID root), umount2 works fine. --- diff --git a/util/fusermount.c b/util/fusermount.c index e40c457..f37c616 100644 --- a/util/fusermount.c +++ b/util/fusermount.c @@ -523,11 +523,13 @@ static int unmount_fuse_locked(const char *mnt, int quiet, int lazy) drop_privs(); res = chdir_to_parent(copy, &last); - restore_privs(); - if (res == -1) + if (res == -1) { + restore_privs(); goto out; + } res = umount2(last, umount_flags); + restore_privs(); if (res == -1 && !quiet) { fprintf(stderr, "%s: failed to unmount %s: %s\n", progname, mnt, strerror(errno));