From eugen@D00015.dialonly.kemerovo.su  Fri Mar  8 19:48:20 2002
Return-Path: <eugen@D00015.dialonly.kemerovo.su>
Received: from D00015.dialonly.kemerovo.su (D00015.dialonly.kemerovo.su [213.184.66.105])
	by hub.freebsd.org (Postfix) with ESMTP id 3E35C37B400
	for <FreeBSD-gnats-submit@freebsd.org>; Fri,  8 Mar 2002 19:47:18 -0800 (PST)
Received: (from eugen@localhost)
	by D00015.dialonly.kemerovo.su (8.11.6/8.11.6) id g293a1O19853;
	Sat, 9 Mar 2002 10:36:01 +0700 (KRAT)
	(envelope-from eugen)
Message-Id: <200203090336.g293a1O19853@D00015.dialonly.kemerovo.su>
Date: Sat, 9 Mar 2002 10:36:01 +0700 (KRAT)
From: Eugene Grosbein <eugen@grosbein.pp.ru>
To: FreeBSD-gnats-submit@freebsd.org
Subject: [PATCH] msdosfs: differrent masks for directories and other files
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         35699
>Category:       kern
>Synopsis:       [PATCH] msdosfs: differrent masks for directories and other files
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    trhodes
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Fri Mar 08 19:50:01 PST 2002
>Closed-Date:    Sat Aug 16 11:44:22 PDT 2003
>Last-Modified:  Sat Aug 16 11:44:22 PDT 2003
>Originator:     Eugene Grosbein
>Release:        FreeBSD 4.5-STABLE i386
>Organization:
Svyaz Service
>Environment:
System: FreeBSD 4.5-STABLE #1: Sun Feb 3 15:03:19 KRAT 2002 i386

>Description:
	It is not possible to mount msdosfs so that one can walk 
	a hierarchy as not root (755 permissions for directories)
	and so that files are not marked as executable (644 for othe objects).
	The 'noexec' mount option does not help here - it does not
	clear 'executable' flag for files. 

	There are some inconviniences. F.e., the mkisofs marks all files
	as executable in Rock Ridge extentions for ISO9660 image;
	the Midnight Commander tries to 'execute' archives instead of
	'entering into' them etc.

	The only solution here is using '-m 644' mount option, but then
	it's possible to walk the hierarchy as root only. The perfect
	solution would be using different masks for directories and for
	other filesystem objects.

>How-To-Repeat:
	See description

>Fix:

	This patch introduces new '-M mask' mount option for mount_msdosfs.
	This mask is used for directories only, if supplied.
	If -M is used and -m is not then supplied mask is used for all objects.
	I do not run CURRENT so this patch is for 4.5-STABLE.
	The patch is for STABLE. It patches kernel, /sbin/mount_msdos
	and mount_msdos(8) man page.
	
	The problem will be solved of using '-M 755 -m 644' mount options.

Index: sbin/mount_msdos/mount_msdos.8
===================================================================
RCS file: /home/ncvs/src/sbin/mount_msdos/Attic/mount_msdos.8,v
retrieving revision 1.19.2.1
diff -u -r1.19.2.1 mount_msdos.8
--- sbin/mount_msdos/mount_msdos.8	8 Dec 2000 14:03:59 -0000	1.19.2.1
+++ sbin/mount_msdos/mount_msdos.8	19 Jan 2002 05:55:22 -0000
@@ -42,6 +42,7 @@
 .Op Fl u Ar uid
 .Op Fl g Ar gid
 .Op Fl m Ar mask
+.Op Fl M Ar mask
 .Op Fl s
 .Op Fl l
 .Op Fl 9
@@ -105,11 +106,22 @@
 for more information about octal file modes.)
 Only the nine low-order bits of
 .Ar mask
-are used.
+are used. The value of 
+.Ar -M
+is used if it is supplied and 
+.Ar -m
+is omitted.
 The default
 .Ar mask
 is taken from the
 directory on which the file system is being mounted.
+.It Fl M Ar mask
+Specify the maximum file permissions for directories
+in the file system. The value of 
+.Ar -m
+is used if it is supplied and 
+.Ar -M
+is omitted. See description of previous option for details.
 .It Fl s
 Force behaviour to
 ignore and not generate Win'95 long filenames.
Index: sbin/mount_msdos/mount_msdos.c
===================================================================
RCS file: /home/ncvs/src/sbin/mount_msdos/Attic/mount_msdos.c,v
retrieving revision 1.19.2.1
diff -u -r1.19.2.1 mount_msdos.c
--- sbin/mount_msdos/mount_msdos.c	20 Jul 2000 10:35:13 -0000	1.19.2.1
+++ sbin/mount_msdos/mount_msdos.c	19 Jan 2002 04:30:27 -0000
@@ -88,15 +88,15 @@
 {
 	struct msdosfs_args args;
 	struct stat sb;
-	int c, error, mntflags, set_gid, set_uid, set_mask;
+	int c, error, mntflags, set_gid, set_uid, set_mask, set_dirmask;
 	char *dev, *dir, mntpath[MAXPATHLEN];
 	struct vfsconf vfc;
 
-	mntflags = set_gid = set_uid = set_mask = 0;
+	mntflags = set_gid = set_uid = set_mask = set_dirmask = 0;
 	(void)memset(&args, '\0', sizeof(args));
 	args.magic = MSDOSFS_ARGSMAGIC;
 
-	while ((c = getopt(argc, argv, "sl9u:g:m:o:L:W:")) != -1) {
+	while ((c = getopt(argc, argv, "sl9u:g:m:M:o:L:W:")) != -1) {
 		switch (c) {
 #ifdef MSDOSFSMNT_GEMDOSFS
 		case 'G':
@@ -124,6 +124,10 @@
 			args.mask = a_mask(optarg);
 			set_mask = 1;
 			break;
+		case 'M':
+			args.dirmask = a_mask(optarg);
+			set_dirmask = 1;
+			break;
 		case 'L':
 			load_ultable(&args, optarg);
 			args.flags |= MSDOSFSMNT_ULTABLE;
@@ -144,7 +148,16 @@
 
 	if (optind + 2 != argc)
 		usage();
-
+	
+	if (set_mask && !set_dirmask) {
+		args.dirmask = args.mask;
+		set_dirmask = 1;
+	}
+	else if (set_dirmask && !set_mask) {
+		args.mask = args.dirmask;
+		set_mask = 1;
+	}
+	
 	dev = argv[optind];
 	dir = argv[optind + 1];
 
@@ -170,7 +183,8 @@
 		if (!set_gid)
 			args.gid = sb.st_gid;
 		if (!set_mask)
-			args.mask = sb.st_mode & (S_IRWXU | S_IRWXG | S_IRWXO);
+			args.mask = args.dirmask = 
+				sb.st_mode & (S_IRWXU | S_IRWXG | S_IRWXO);
 	}
 
 	error = getvfsbyname("msdos", &vfc);
Index: sys/msdosfs/msdosfs_vfsops.c
===================================================================
RCS file: /home/ncvs/src/sys/msdosfs/Attic/msdosfs_vfsops.c,v
retrieving revision 1.60.2.5
diff -u -r1.60.2.5 msdosfs_vfsops.c
--- sys/msdosfs/msdosfs_vfsops.c	4 Nov 2001 18:57:51 -0000	1.60.2.5
+++ sys/msdosfs/msdosfs_vfsops.c	19 Jan 2002 04:47:43 -0000
@@ -113,6 +113,7 @@
 	pmp->pm_gid = argp->gid;
 	pmp->pm_uid = argp->uid;
 	pmp->pm_mask = argp->mask & ALLPERMS;
+	pmp->pm_dirmask = argp->dirmask & ALLPERMS;
 	pmp->pm_flags |= argp->flags & MSDOSFSMNT_MNTOPT;
 	if (pmp->pm_flags & MSDOSFSMNT_U2WTABLE) {
 		bcopy(argp->u2w, pmp->pm_u2w, sizeof(pmp->pm_u2w));
@@ -184,7 +185,7 @@
 	args.flags = 0;
 	args.uid = 0;
 	args.gid = 0;
-	args.mask = 0777;
+	args.mask = args.dirmask = 0777;
 
 	if ((error = mountmsdosfs(rootvp, mp, p, &args)) != 0) {
 		free(mp, M_MOUNT);
Index: sys/msdosfs/msdosfs_vnops.c
===================================================================
RCS file: /home/ncvs/src/sys/msdosfs/Attic/msdosfs_vnops.c,v
retrieving revision 1.95.2.1
diff -u -r1.95.2.1 msdosfs_vnops.c
--- sys/msdosfs/msdosfs_vnops.c	18 Jul 2000 13:19:13 -0000	1.95.2.1
+++ sys/msdosfs/msdosfs_vnops.c	19 Jan 2002 05:36:00 -0000
@@ -259,7 +259,7 @@
 
 	file_mode = (S_IXUSR|S_IXGRP|S_IXOTH) | (S_IRUSR|S_IRGRP|S_IROTH) |
 	    ((dep->de_Attributes & ATTR_READONLY) ? 0 : (S_IWUSR|S_IWGRP|S_IWOTH));
-	file_mode &= pmp->pm_mask;
+	file_mode &= (vp->v_type == VDIR ? pmp->pm_dirmask : pmp->pm_mask);
 
 	/*
 	 * Disallow write attempts on read-only file systems;
@@ -358,7 +358,8 @@
 		mode = S_IRWXU|S_IRWXG|S_IRWXO;
 	else
 		mode = S_IRUSR|S_IXUSR|S_IRGRP|S_IXGRP|S_IROTH|S_IXOTH;
-	vap->va_mode = mode & pmp->pm_mask;
+	vap->va_mode = mode & 
+		(ap->a_vp->v_type == VDIR ? pmp->pm_dirmask : pmp->pm_mask);
 	vap->va_uid = pmp->pm_uid;
 	vap->va_gid = pmp->pm_gid;
 	vap->va_nlink = 1;
Index: sys/msdosfs/msdosfsmount.h
===================================================================
RCS file: /home/ncvs/src/sys/msdosfs/Attic/msdosfsmount.h,v
retrieving revision 1.20.2.2
diff -u -r1.20.2.2 msdosfsmount.h
--- sys/msdosfs/msdosfsmount.h	27 Oct 2000 09:45:07 -0000	1.20.2.2
+++ sys/msdosfs/msdosfsmount.h	19 Jan 2002 04:42:41 -0000
@@ -65,7 +65,10 @@
 	dev_t pm_dev;		/* block special device mounted */
 	uid_t pm_uid;		/* uid to set as owner of the files */
 	gid_t pm_gid;		/* gid to set as owner of the files */
-	mode_t pm_mask;		/* mask to and with file protection bits */
+	mode_t pm_mask;		/* mask to and with file protection bits 
+				   for files */
+	mode_t pm_dirmask;	/* mask to and with file protection bits
+				   for directories */
 	struct vnode *pm_devvp;	/* vnode for block device mntd */
 	struct bpb50 pm_bpb;	/* BIOS parameter blk for this fs */
 	u_long pm_BlkPerSec;	/* How many DEV_BSIZE blocks fit inside a physical sector */
@@ -211,7 +214,8 @@
 	struct	export_args export;	/* network export information */
 	uid_t	uid;		/* uid that owns msdosfs files */
 	gid_t	gid;		/* gid that owns msdosfs files */
-	mode_t	mask;		/* mask to be applied for msdosfs perms */
+	mode_t	mask;		/* file mask to be applied for msdosfs perms */
+	mode_t	dirmask;	/* dir  mask to be applied for msdosfs perms */
 	int	flags;		/* see below */
 	int magic;		/* version number */
 	u_int16_t u2w[128];     /* Local->Unicode table */


Eugene Grosbein
>Release-Note:
>Audit-Trail:

From: "Crist J. Clark" <cjc@FreeBSD.ORG>
To: Eugene Grosbein <eugen@grosbein.pp.ru>
Cc: FreeBSD-gnats-submit@FreeBSD.ORG
Subject: Re: kern/35699: [PATCH] msdosfs: differrent masks for directories and other files
Date: Fri, 8 Mar 2002 23:19:45 -0800

 On Sat, Mar 09, 2002 at 10:36:01AM +0700, Eugene Grosbein wrote:
 [snip]
 
 > 	The 'noexec' mount option does not help here - it does not
 > 	clear 'executable' flag for files. 
 
 'noexec' works fine. If you try to execute a file on an MSDOS
 filesystem marked 'noexec,' you get permission denied. The 'noexec'
 option has no effect on permission bits for MSDOS, UFS, or any other
 filesystem.
 
 As for the rest of the problems, IMHO, MSDOS filesystems have
 limitations. Live with them or don't use MSDOS filesystems.
 -- 
 Crist J. Clark                     |     cjclark@alum.mit.edu
                                    |     cjclark@jhu.edu
 http://people.freebsd.org/~cjc/    |     cjc@freebsd.org

From: Eugene Grosbein <eugen@grosbein.pp.ru>
To: "Crist J. Clark" <cjc@FreeBSD.ORG>
Cc: FreeBSD-gnats-submit@FreeBSD.ORG
Subject: Re: kern/35699: [PATCH] msdosfs: differrent masks for directories and 
 other files
Date: Sat, 09 Mar 2002 15:14:21 +0700

 "Crist J. Clark" wrote:
 > 
 > >       The 'noexec' mount option does not help here - it does not
 > >       clear 'executable' flag for files.
 > 
 > 'noexec' works fine. If you try to execute a file on an MSDOS
 > filesystem marked 'noexec,' you get permission denied. The 'noexec'
 > option has no effect on permission bits for MSDOS, UFS, or any other
 > filesystem.
 
 Exactly. And sometimes it's desirable for files to "look like" non-executable.
 
 > As for the rest of the problems, IMHO, MSDOS filesystems have
 > limitations. Live with them or don't use MSDOS filesystems.
 
 Why just not get rid of some limitations?
 
 Eugene Grosbein
Responsible-Changed-From-To: freebsd-bugs->trhodes 
Responsible-Changed-By: trhodes 
Responsible-Changed-When: Fri Sep 13 19:52:54 PDT 2002 
Responsible-Changed-Why:  
Over to me, I'll review this. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=35699 

From: Eugene Grosbein <eugen@kuzbass.ru>
To: bug-followup@freebsd.org
Cc: trhodes@freebsd.org
Subject: Re: kern/35699: [PATCH] msdosfs: differrent masks for directories and 
 other files
Date: Tue, 04 Feb 2003 17:54:19 +0700

 Hi!
 
 Will this be commited before 4.8-RELEASE?
 
 Eugene Grosbein

From: Andriy Gapon <agapon@cv-nj.com>
To: FreeBSD-gnats-submit@FreeBSD.ORG
Cc:  
Subject: Re: kern/35699: [PATCH] msdosfs: differrent masks for directories and
 other files
Date: Tue, 11 Feb 2003 00:10:56 -0500 (EST)

 just want to "vote" for this PR.
 It will be absolutely neat thing to have and I really hope this patch
 makes it to 4.8.
 
 P.S. looks like "Crist J. Clark" <cjc@FreeBSD.ORG> completely missed the
 point of this patch.
 
 -- 
 Andriy Gapon

From: Tom Rhodes <trhodes@FreeBSD.org>
To: Andriy Gapon <agapon@cv-nj.com>, FreeBSD-gnats-submit@FreeBSD.org
Cc:  
Subject: Re: kern/35699: [PATCH] msdosfs: differrent masks for directories
 and other files
Date: Tue, 11 Feb 2003 11:38:39 -0500

 On Mon, 10 Feb 2003 21:20:12 -0800 (PST)
 Andriy Gapon <agapon@cv-nj.com> wrote:
 
 > 
 >  just want to "vote" for this PR.
 >  It will be absolutely neat thing to have and I really hope this patch
 >  makes it to 4.8.
 
 I highly doubt it will.  New functionality, such as this, goes into
 the development branch first.  There are major differences between
 these versions which requires a bit of time for merging before it
 can be committed into CURRENT.  Then it would be MFC'ed.
 
 I'm extremely busy right now and will not find the time to work
 on this for awhile, sorry.  If someone wants to do the merge work
 for me and submit a patch against CURRENT then I'll take the time
 to test-apply-commit.
 
 >  
 >  P.S. looks like "Crist J. Clark" <cjc@FreeBSD.ORG> completely missed
 >  the point of this patch.
 
 Christ does have a valid point here, whether you agree with him or not.
 
 --
 Tom Rhodes

From: Andriy Gapon <agapon@cv-nj.com>
To: FreeBSD-gnats-submit@FreeBSD.ORG
Cc:  
Subject: Re: kern/35699: [PATCH] msdosfs: differrent masks for directories and
 other files
Date: Sun, 16 Feb 2003 00:11:53 -0500 (EST)

 Btw, this thing is already implemented in mount_smbfs: -f mode, -d mode.
 
 -- 
 Andriy Gapon

From: Eugene Grosbein <eugen@kuzbass.ru>
To: bug-followup@freebsd.org
Cc: trhodes@freebsd.org
Subject: Re: kern/35699: [PATCH] msdosfs: differrent masks for directories and 
 other files
Date: Mon, 07 Apr 2003 19:40:05 +0800

 Hi!
 
 Are you going to take up this PR soon?
 If not, would you like to return responsibility to freebsd-bugs@
 so someone else could take it?
 
 Eugene Grosbein
State-Changed-From-To: open->patched 
State-Changed-By: trhodes 
State-Changed-When: Tue Aug 12 13:13:58 PDT 2003 
State-Changed-Why:  
Patched in CURRENT, I'll MFC in a few days.  Thanks! 

http://www.freebsd.org/cgi/query-pr.cgi?pr=35699 
State-Changed-From-To: patched->closed 
State-Changed-By: trhodes 
State-Changed-When: Sat Aug 16 11:43:59 PDT 2003 
State-Changed-Why:  
MFC Complete, thanks for the submission! 

http://www.freebsd.org/cgi/query-pr.cgi?pr=35699 
>Unformatted:
