From ba90bd4db70e1cb40a5fcb8a5c3349bd3d43f71e Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Thu, 16 Jun 2022 04:43:21 +0000 Subject: [PATCH] Auto sync2gitlab import of gvfs-1.36.2-12.el8.src.rpm --- gvfs.spec | 21 ++++++- smb-Ignore-EINVAL-for-kerberos-login.patch | 43 ++++++++++++++ ...k-anonymous-handling-to-avoid-EINVAL.patch | 57 +++++++++++++++++++ 3 files changed, 120 insertions(+), 1 deletion(-) create mode 100644 smb-Ignore-EINVAL-for-kerberos-login.patch create mode 100644 smb-Rework-anonymous-handling-to-avoid-EINVAL.patch diff --git a/gvfs.spec b/gvfs.spec index d80d0ce..01e3049 100644 --- a/gvfs.spec +++ b/gvfs.spec @@ -25,7 +25,7 @@ Name: gvfs Version: 1.36.2 -Release: 11%{?dist} +Release: 12%{?dist} Summary: Backends for the gio framework in GLib License: GPLv3 and LGPLv2+ and BSD and MPLv2.0 @@ -66,6 +66,10 @@ Patch10: smb-Improve-enumeration-performance.patch # https://bugzilla.redhat.com/show_bug.cgi?id=1889411 Patch11: goa-Add-support-for-certificate-prompts.patch +# https://bugzilla.redhat.com/show_bug.cgi?id=2095712 +Patch12: smb-Ignore-EINVAL-for-kerberos-login.patch +Patch13: smb-Rework-anonymous-handling-to-avoid-EINVAL.patch + BuildRequires: pkgconfig BuildRequires: pkgconfig(glib-2.0) >= %{glib2_version} BuildRequires: pkgconfig(dbus-glib-1) @@ -352,9 +356,11 @@ killall -USR1 gvfsd >&/dev/null || : %{_libexecdir}/gvfsd-recent %{_mandir}/man1/gvfsd.1* %{_mandir}/man1/gvfsd-metadata.1* +%if ! 0%{?flatpak} %{_userunitdir}/gvfs-daemon.service %{_userunitdir}/gvfs-metadata.service %{_userunitdir}/gvfs-udisks2-volume-monitor.service +%endif %files client -f gvfs.lang %{!?_licensedir:%global license %%doc} @@ -376,7 +382,9 @@ killall -USR1 gvfsd >&/dev/null || : %files fuse %{_libexecdir}/gvfsd-fuse %{_mandir}/man1/gvfsd-fuse.1* +%if ! 0%{?flatpak} %{_tmpfilesdir}/gvfsd-fuse-tmpfiles.conf +%endif %files smb %{_libexecdir}/gvfsd-smb @@ -396,7 +404,9 @@ killall -USR1 gvfsd >&/dev/null || : %{_libexecdir}/gvfs-gphoto2-volume-monitor %{_datadir}/dbus-1/services/org.gtk.vfs.GPhoto2VolumeMonitor.service %{_datadir}/gvfs/remote-volume-monitors/gphoto2.monitor +%if ! 0%{?flatpak} %{_userunitdir}/gvfs-gphoto2-volume-monitor.service +%endif %ifnarch s390 s390x %files afc @@ -405,8 +415,10 @@ killall -USR1 gvfsd >&/dev/null || : %{_libexecdir}/gvfs-afc-volume-monitor %{_datadir}/dbus-1/services/org.gtk.vfs.AfcVolumeMonitor.service %{_datadir}/gvfs/remote-volume-monitors/afc.monitor +%if ! 0%{?flatpak} %{_userunitdir}/gvfs-afc-volume-monitor.service %endif +%endif %files afp %{_libexecdir}/gvfsd-afp @@ -420,7 +432,9 @@ killall -USR1 gvfsd >&/dev/null || : %{_libexecdir}/gvfs-mtp-volume-monitor %{_datadir}/dbus-1/services/org.gtk.vfs.MTPVolumeMonitor.service %{_datadir}/gvfs/remote-volume-monitors/mtp.monitor +%if ! 0%{?flatpak} %{_userunitdir}/gvfs-mtp-volume-monitor.service +%endif %if ! 0%{?rhel} %files nfs @@ -436,7 +450,9 @@ killall -USR1 gvfsd >&/dev/null || : %{_datadir}/gvfs/remote-volume-monitors/goa.monitor %{_datadir}/gvfs/mounts/google.mount %{_libexecdir}/gvfsd-google +%if ! 0%{?flatpak} %{_userunitdir}/gvfs-goa-volume-monitor.service +%endif %files tests %dir %{_libexecdir}/installed-tests @@ -444,6 +460,9 @@ killall -USR1 gvfsd >&/dev/null || : %{_datadir}/installed-tests %changelog +* Tue Jun 14 2022 Ondrej Holy - 1.48.1-4 +- Ignore EINVAL for kerberos login to fix SMB mounting (#2095712) + * Tue Nov 03 2020 Ondrej Holy - 1.36.2-11 - Add support for certificates prompts for GOA mounts (rhbz#1889411) diff --git a/smb-Ignore-EINVAL-for-kerberos-login.patch b/smb-Ignore-EINVAL-for-kerberos-login.patch new file mode 100644 index 0000000..aa42bd9 --- /dev/null +++ b/smb-Ignore-EINVAL-for-kerberos-login.patch @@ -0,0 +1,43 @@ +diff --git a/daemon/gvfsbackendsmb.c b/daemon/gvfsbackendsmb.c +index 33d1a209..776b67bc 100644 +--- a/daemon/gvfsbackendsmb.c ++++ b/daemon/gvfsbackendsmb.c +@@ -513,7 +513,13 @@ do_mount (GVfsBackend *backend, + if (res == 0) + break; + +- if (op_backend->mount_cancelled || (errsv != EACCES && errsv != EPERM)) ++ if (errsv == EINVAL && op_backend->mount_try == 0 && op_backend->user == NULL) ++ { ++ /* EINVAL is "expected" when kerberos/ccache is misconfigured, see: ++ * https://gitlab.gnome.org/GNOME/gvfs/-/issues/611 ++ */ ++ } ++ else if (op_backend->mount_cancelled || (errsv != EACCES && errsv != EPERM)) + { + g_debug ("do_mount - (errno != EPERM && errno != EACCES), cancelled = %d, breaking\n", op_backend->mount_cancelled); + break; +diff --git a/daemon/gvfsbackendsmbbrowse.c b/daemon/gvfsbackendsmbbrowse.c +index 57bae9db..7e8facfb 100644 +--- a/daemon/gvfsbackendsmbbrowse.c ++++ b/daemon/gvfsbackendsmbbrowse.c +@@ -967,8 +967,14 @@ do_mount (GVfsBackend *backend, + uri, op_backend->mount_try, dir, op_backend->mount_cancelled, + errsv, g_strerror (errsv)); + +- if (dir == NULL && +- (op_backend->mount_cancelled || (errsv != EPERM && errsv != EACCES))) ++ if (errsv == EINVAL && op_backend->mount_try == 0 && op_backend->user == NULL) ++ { ++ /* EINVAL is "expected" when kerberos is misconfigured, see: ++ * https://gitlab.gnome.org/GNOME/gvfs/-/issues/611 ++ */ ++ } ++ else if (dir == NULL && ++ (op_backend->mount_cancelled || (errsv != EPERM && errsv != EACCES))) + { + g_debug ("do_mount - (errno != EPERM && errno != EACCES), cancelled = %d, breaking\n", op_backend->mount_cancelled); + break; +-- +2.35.1 + diff --git a/smb-Rework-anonymous-handling-to-avoid-EINVAL.patch b/smb-Rework-anonymous-handling-to-avoid-EINVAL.patch new file mode 100644 index 0000000..3486aa7 --- /dev/null +++ b/smb-Rework-anonymous-handling-to-avoid-EINVAL.patch @@ -0,0 +1,57 @@ +diff --git a/daemon/gvfsbackendsmb.c b/daemon/gvfsbackendsmb.c +index 776b67bc..a1e3eacd 100644 +--- a/daemon/gvfsbackendsmb.c ++++ b/daemon/gvfsbackendsmb.c +@@ -80,7 +80,6 @@ struct _GVfsBackendSmb + int mount_try; + gboolean mount_try_again; + gboolean mount_cancelled; +- gboolean use_anonymous; + + gboolean password_in_keyring; + GPasswordSave password_save; +@@ -215,13 +214,6 @@ auth_callback (SMBCCTX *context, + backend->mount_try_again = TRUE; + g_debug ("auth_callback - kerberos pass\n"); + } +- else if (backend->use_anonymous) +- { +- /* Try again if anonymous login fails */ +- backend->use_anonymous = FALSE; +- backend->mount_try_again = TRUE; +- g_debug ("auth_callback - anonymous login pass\n"); +- } + else + { + gboolean in_keyring = FALSE; +@@ -304,10 +296,13 @@ auth_callback (SMBCCTX *context, + /* Try again if this fails */ + backend->mount_try_again = TRUE; + ++ smbc_setOptionNoAutoAnonymousLogin (backend->smb_context, ++ !anonymous); ++ + if (anonymous) + { +- backend->use_anonymous = TRUE; + backend->password_save = FALSE; ++ g_debug ("auth_callback - anonymous enabled\n"); + } + else + { +@@ -535,12 +530,6 @@ do_mount (GVfsBackend *backend, + smbc_setOptionFallbackAfterKerberos (op_backend->smb_context, 1); + } + +- /* If the AskPassword reply requested anonymous login, enable the +- * anonymous fallback and try again. +- */ +- smbc_setOptionNoAutoAnonymousLogin (op_backend->smb_context, +- !op_backend->use_anonymous); +- + op_backend->mount_try ++; + } + while (op_backend->mount_try_again); +-- +2.36.0 +