rpms/udisks2
7
0
Fork 0
Code Issues Pull Requests Releases Activity

import udisks2-2.9.0-8.el8

Browse Source
This commit is contained in:
CentOS Sources 2021-10-28 04:23:04 +00:00 committed by Stepan Oksanichenko
parent cdf09f1e4f
commit 49b5a57c13
2 changed files with 61 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

54
SOURCES/udisks-2.9.4-ext-mount-options.patch Normal file
View File

@ -0,0 +1,54 @@
From 2d5d2b7570b0f44c14b34b5dc831f174205c10f2 Mon Sep 17 00:00:00 2001
From: Tomas Bzatek <tbzatek@redhat.com>
Date: Wed, 15 Sep 2021 14:34:49 +0200
Subject: [PATCH] mount options: Always use errors=remount-ro for ext
filesystems
Default mount options are focused primarily on data safety, mounting
damaged ext2/3/4 filesystem as readonly would indicate something's wrong.
---
data/builtin_mount_options.conf | 9 +++++++++
src/tests/dbus-tests/test_80_filesystem.py | 6 ++++++
2 files changed, 15 insertions(+)
diff --git a/data/builtin_mount_options.conf b/data/builtin_mount_options.conf
index 37715cfa4..e0bd0ee1f 100644
--- a/data/builtin_mount_options.conf
+++ b/data/builtin_mount_options.conf
@@ -27,3 +27,12 @@ f2fs_allow=discard,nodiscard,compress_algorithm,compress_log_size,compress_exten
btrfs_allow=compress,compress-force,datacow,nodatacow,datasum,nodatasum,degraded,device,discard,nodiscard,subvol,subvolid,space_cache
f2fs_allow=discard,nodiscard,compress_algorithm,compress_log_size,compress_extension,alloc_mode
+
+ext2_defaults=errors=remount-ro
+ext2_allow=errors=remount-ro
+
+ext3_defaults=errors=remount-ro
+ext3_allow=errors=remount-ro
+
+ext4_defaults=errors=remount-ro
+ext4_allow=errors=remount-ro
diff --git a/src/tests/dbus-tests/test_80_filesystem.py b/src/tests/dbus-tests/test_80_filesystem.py
index 019880f57..2d1933240 100644
--- a/src/tests/dbus-tests/test_80_filesystem.py
+++ b/src/tests/dbus-tests/test_80_filesystem.py
@@ -321,6 +321,8 @@ def test_mount_auto(self):
_ret, out = self.run_command('mount | grep %s' % block_fs_dev)
self.assertIn(mnt_path, out)
self.assertIn('ro', out)
+ if self._fs_name.startswith('ext'):
+ self.assertIn('errors=remount-ro', out)
# dbus mountpoint
dbus_mounts = self.get_property(block_fs, '.Filesystem', 'MountPoints')
@@ -478,6 +480,10 @@ def test_custom_option(self, should_fail, dbus_option, should_be_present, config
if self._fs_name == "udf":
test_custom_option(self, False, None, False, "[defaults]\ndefaults=\nallow=exec,noexec,nodev,nosuid,atime,noatime,nodiratime,ro,rw,sync,dirsync,noload,uid=ignore,uid=forget\n")
test_custom_option(self, True, "uid=notallowed", True, "[defaults]\nallow=exec,noexec,nodev,nosuid,atime,noatime,nodiratime,ro,rw,sync,dirsync,noload,uid=ignore\n")
+ if self._fs_name.startswith("ext"):
+ test_custom_option(self, False, "errors=remount-ro", True, "", match_mount_option="errors=remount-ro")
+ test_custom_option(self, True, "errors=panic", False, "")
+ test_custom_option(self, True, "errors=continue", False, "")
# udev rules overrides
test_readonly(self, False, "", udev_rules_content = { "UDISKS_MOUNT_OPTIONS_DEFAULTS": "rw" })

8
SPECS/udisks2.spec
View File

@ -56,7 +56,7 @@
Name: udisks2 Name: udisks2
Summary: Disk Manager Summary: Disk Manager
Version: 2.9.0 Version: 2.9.0
Release: 7%{?dist} Release: 8%{?dist}
License: GPLv2+ License: GPLv2+
Group: System Environment/Libraries Group: System Environment/Libraries
URL: https://github.com/storaged-project/udisks URL: https://github.com/storaged-project/udisks
@ -73,6 +73,8 @@ Patch13: udisks-2.9.1-iscsi-Always-flush-interface-property-changes.patch
Patch14: udisks-2.9.1-zram-Always-flush-interface-property-changes.patch Patch14: udisks-2.9.1-zram-Always-flush-interface-property-changes.patch
Patch15: udisks-2.9.2-udisksdaemonutil-Refactor-udisks_daemon_util_trigger.patch Patch15: udisks-2.9.2-udisksdaemonutil-Refactor-udisks_daemon_util_trigger.patch
Patch16: udisks-2.9.2-udiskslinuxmanager-Trigger-uevent-after-loop-device-setup.patch Patch16: udisks-2.9.2-udiskslinuxmanager-Trigger-uevent-after-loop-device-setup.patch
# https://bugzilla.redhat.com/show_bug.cgi?id=2004422
Patch17: udisks-2.9.4-ext-mount-options.patch
Patch20: udisks-2.10.0-tests-drive_ata-apm.patch Patch20: udisks-2.10.0-tests-drive_ata-apm.patch
Patch21: udisks-2.10.0-tests-no-dev_disk-by-path.patch Patch21: udisks-2.10.0-tests-no-dev_disk-by-path.patch
Patch22: tests-disable-zram.patch Patch22: tests-disable-zram.patch
@ -290,6 +292,7 @@ This package contains module for VDO management.
%patch14 -p1 %patch14 -p1
%patch15 -p1 %patch15 -p1
%patch16 -p1 %patch16 -p1
%patch17 -p1
%patch20 -p1 %patch20 -p1
%patch21 -p1 %patch21 -p1
%patch22 -p1 %patch22 -p1
@ -485,6 +488,9 @@ fi
%endif %endif
%changelog %changelog
* Mon Oct 25 2021 Tomas Bzatek <tbzatek@redhat.com> - 2.9.0-8
- CVE-2021-3802: Harden the default mount options for ext filesystems (#2004422)
* Fri Apr 23 2021 Tomas Bzatek <tbzatek@redhat.com> - 2.9.0-7 * Fri Apr 23 2021 Tomas Bzatek <tbzatek@redhat.com> - 2.9.0-7
- Do not build udisks2-zram (#1923078) - Do not build udisks2-zram (#1923078)
- Fix Drive.ATA test failures (#1926827) - Fix Drive.ATA test failures (#1926827)