When compiling with dietlibc, sys/syscall.h isn't supported; as of
dietlibc 0.30, it exists but it references a non-existent asm/unistd.h
header file. So we have to test for its existence and avoid using it
in lib/uuid/gen_uuid.c if it is not supported.
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Add a configure option which causes the uuidd helper daemon not to be
built or used by the uuid library.
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
inode_uid() and inode_gid() weren't getting defined on systems that
were not Linux, Hurd, or Masix.
Addresses-Sourceforge-Bug: #1859778
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Add some additional checks, primarily in resize2fs and in the rarely
used (and soon to-be-deprecated) e2fsck byte-swap filesystem function.
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Use an improved locking protocol based on the pid file to assure that
only one uuidd is started. Apparently the kernel does not prevent
multiple processes from racing to bind to a Unix domain socket.
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
If we fail to create the uuidd daemon after 5 or 6 tries, another
10,000 tries probably won't be successful.
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
The uuidd process will fork and let the parent process exit to create
the daemon. So use waitpid to reap the zombie, as well as using it to
time when it is safe to try to connect to the daemon.
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
/var/run can get completely removed at reboot, and uuidd doesn't have
permissions to recreate /var/run/uuidd. So instead use
/var/lib/libuuidd for the unix domain socket and pid files.
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Also store the clock sequence information in a state file in
/var/lib/misc/uuid-clock so that if the time goes backwards the clock
sequence counter can get bumped. This allows us to completely
correctly generate time-based (version 1) UUID's according to the
algorithm specified RFC 4122.
Addresses-Sourceforge-Bug: #1529672
Addresses-Red-Hat-Bugzilla: #233471
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Fuse and ssh fstab lines such as:
wdfs#https://dav.hoster.com/foo/bar /mnt/hoster fuse user,noauto 0 0
will cause fsck to issue warnings about invalid fstab lines, because
fsck was previously treating '#' as a comment when it appeared
anywhere in an fstab line, not just at the beginning of the line.
Addresses-Gentoo-bug: #195405
Addresses-Sourceforge-bug: #1826147
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
When printing the value of tags in a formatted format, print control
characters and characters with the high eight bit set using the ^ and
M- notation, respectively. This prevents a filesystem with a garbage
label from potentially screwing up the user's screen (for example,
putting it into graphical mode).
Addresses-Ubuntu-Bug: #78087
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Upon the advice of Benno Schulenberg; the translation had already been
removed on the Translation Project site.
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
On 64-bit systems (or anything with sizeof(long) > sizeof(int)), we
sometimes get error codes passed to error_message which have been cast
from an (int) to an (unsigned int). This almost always happens if
you're using libgssapi_krb5, which returns an error code which is less
than 0 but is returned in an (unsigned int).
For example, -1765328377L gets cast to 2529638919, which is
0x96c73a07, not 0xffffffff96c73a07, so error_message() fails to find a
matching error table.
When error_message() then calls the error_table_name() function to get a
name to use in the "unknown code" message, it gets a correct value back.
This happens because error_table_name() drops most of the higher bits of
the parameter it's passed before doing anything else with it (& 077777777f,
or & 0xffffff). If we did the same thing in error_message(), we wouldn't
have a problem there, either.
Problem reported and fixed by: Nalin Dahyabhai
Addresses-Sourceforge-Bug: #1809658
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
The "make check" test in lib/ss would fail if '.' is not in the user's
PATH, and if the libss shared library had not yet been installed yet.
Addresses-Sourceforge-Bug: #1848974
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Now that e2fsck tries to backup the primary superblock to the backups
when the feature sets ar different, it's important when tune2fs writes
out a changed superblock, that we filter out the
EXT3_FEATURE_INCOMPAT_RECOVER feature to the backup superblocks, since
it will be removed from the primary superblock either when the
filesystem is mounted uncleanly or when journal is replayed.
Addresses-Debian-Bug: #454926
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
This addresses a potential security vulnerability where an untrusted
filesystem can be corrupted in such a way that a program using
libext2fs will allocate a buffer which is far too small. This can
lead to either a crash or potentially a heap-based buffer overflow
crash. No known exploits exist, but main concern is where an
untrusted user who possesses privileged access in a guest Xen
environment could corrupt a filesystem which is then accessed by the
pygrub program, running as root in the dom0 host environment, thus
allowing the untrusted user to gain privileged access in the host OS.
Thanks to the McAfee AVERT Research group for reporting this issue.
Addresses CVE-2007-5497.
Signed-off-by: Rafal Wojtczuk <rafal_wojtczuk@mcafee.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Ubuntu has init script and installer issues which cause them to have
significant problems with time zones. This is compounded with a
relatively inexperienced user base who want to dual boot with Windows
and so have their hardware clocks tick localtime.
Addresses-Ubuntu-Bug: #131201
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
A missing dependency on ss_err.h meant that std_rqs.o could fail when
e2fsprogs was being built using make -j.
Thanks to Robert Kerr for reporting this bug.
Addresses-Sourceforge-Bug: #1842331
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
The heuristics in blkid/devname.c probe_all() for scanning whole disks
with no partitions assume that a device name with no digit on the end
will always be present as a delineator, i.e.:
sda
sda1
sdb
sdc
In this case, when sdc is seen, it's the clue to go back and scan sdb.
However, for something like:
sda
sda1
sdb
loop0
this falls down, and sdb is never scanned.
(thanks to Karel Zak for pointing this out).
Addresses-Red-Hat-Bugzilla: #400321
Signed-off-by: Eric Sandeen <sandeen@redhat.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
We cannot merge a removed directory entry to just arbitrary previous
directory entry. The previous entry must be in the same block. So
really bad things can happen when are deleting the first directory
entry in a block where the last directory entry in the previous
directory block is not in use. We fix this bug by checking to see if
the current entry is not the first one in the block before trying to
merge it to the previous entry.
Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
On my FC8 install, ismounted.c fails to build because open(O_CREAT) is
used without passing a mode. The following trivial patch fixes it.
Signed-off-by: Andreas Dilger <adilger@dilger.ca>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
In raw mode (-r), e2image appends an extra byte to the image-file's
end if the last block requires a sparse write. Consequently, the
resulting image-file is one byte larger than the original in
size. This patch fixes the problem by seeking to one less than the
given offset, so that the byte write does not overflow into the next
block.
This problem can be reproduced by doing an e2image -r dev image-file
and comparing the original and resulting image sizes. This assumes the
image is sparse at the end. For my tests, I created a 100MB sparse
image with two files.
Signed-off-by: Arun Thomas <thomasar@us.ibm.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
The -R option is only used for backwards compatibility, and -E is
preferred, so change the usage message accordingly.
Signed-off-by: Coly Li <coyli@suse.de>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
squashfs has no uuid or labels, so all we need is the magic
(for big-endian too!)
Addresses-Red-Hat-Bugzilla: #305151
Signed-off-by: Eric Sandeen <sandeen@redhat.com>
libblkid: recognize squashfs filesystems
squashfs has no uuid or labels, so all we need is the magic.
Addresses-Red-Hat-Bugzilla: #305151
Signed-off-by: Eric Sandeen <sandeen@redhat.com>
If the primary superblock differs from the backup superblock in
certain key respects, force a full check (if e2fsck was invoked in
preen mode). If the filesystem check passes cleanly, and the
filesystem was opened in read/write mode, then write the primary
superblock to all of the backups.
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
If e2fsck adds or deletes any of the feature bitmasks, clear
EXT2_FLAG_MASTER_SB_ONLY so the backup superblocks are updated when
e2fsck finishes.
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
ext2fs_dblist_dir_iterate() calls ext2fs_dblist_iterate(), which calls
ext2fs_process_dir_block(), which in turn calls the helper function
db_dir_proc() which calls callback function passed into
ext2fs_dblist_dir_iterate(). At each stage the conventions for
signalling requests to abort the iteration or to signal errors
changes, db_dir_proc() was not properly mapping the abort request back
to ext2fs_dblist_iterate().
Currently db_dir_proc() is ignoring errors (i/o errors or directory
block corrupt errors) from ext2fs_process_dir_block(), since the main
user of ext2fs_dblist_dir_iterate() is e2fsck, for which this is the
correct behavior. In the future ext2fs_dblist_dir_iterate() could
take a flag which would cause it to abort if
ext2fs_process_dir_block() returns an error; however, it's not clear
how useful this would be since we don't have a way of signalling the
exact nature of which block had the error, and the caller wouldn't
have a good way of knowing what percentage of the directory block list
had been processed. Ultimately this may not be the best interface for
applications that need that level of error reporting.
Thanks to Vladimir V. Saveliev <vs@clusterfs.com> for pointing out
this problem.
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
The FAT filesystem doesn't have its superblock with a set of magic
strings in a fixed location. Therefore, we must also check for the
FAT filesystem if it looks like we have an MBR at the beginning of the
partition. We previously checked if the first byte was a jump
instruction but that missed some USB disks with only one bootable
partition. Now we check for the MBR signature (0x55AA at offset 510)
as well as any partition where byte 0 is \351 or \353.
Signed-off-by: Karel Zak <kzak@redhat.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
If superblock mount time or last write time is in the future, and the
user refuses to fix the problem, don't mark the filesystem as being
invalid and needing to be checked.
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
The Ubuntu init scripts don't properly set the system time correctly
from hardware clock if the hardware clock is configured to tick local
time instead of GMT time.
Work around this as best as we can by providing an option in
/etc/e2fsck.conf which can be set on Ubuntu systems:
[options]
buggy_init_scripts = 1
Addresses-Debian-Bug: #441093
Addresses-Ubuntu-Bug: #131201
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
If a user specifies a bind mount with a non-zero fsck pass number, for
example:
/foo /bar ext3 bind,defaults 1 3
print a warning and ignore the fstab entry.
Addresses-Red-Hat-Bugzilla: #151533
Signed-off-by: Eric Sandeen <sandeen@redhat.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Older e2fsck's would crash; e2fsck should now automatically retry
using the backup superblock if it is present.
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>