diff --git a/autofs-5.0.2-fd-close-on-exec-mutex.patch b/autofs-5.0.2-fd-close-on-exec-mutex.patch new file mode 100644 index 0000000..503de3b --- /dev/null +++ b/autofs-5.0.2-fd-close-on-exec-mutex.patch @@ -0,0 +1,737 @@ +diff --git a/daemon/automount.c b/daemon/automount.c +index f31ec11..d14f079 100644 +--- a/daemon/automount.c ++++ b/daemon/automount.c +@@ -85,6 +85,7 @@ static int umount_all(struct autofs_point *ap, int force); + + extern pthread_mutex_t master_mutex; + extern struct master *master_list; ++extern pthread_mutex_t fd_mutex; + + static int do_mkdir(const char *parent, const char *path, mode_t mode) + { +@@ -994,7 +995,7 @@ int do_expire(struct autofs_point *ap, const char *name, int namelen) + + static int autofs_init_ap(struct autofs_point *ap) + { +- int pipefd[2], cl_flags; ++ int pipefd[2], cl_flags, status; + + if ((ap->state != ST_INIT)) { + /* This can happen if an autofs process is already running*/ +@@ -1004,11 +1005,18 @@ static int autofs_init_ap(struct autofs_point *ap) + + ap->pipefd = ap->kpipefd = ap->ioctlfd = -1; + ++ status = pthread_mutex_lock(&fd_mutex); ++ if (status) ++ fatal(status); ++ + /* Pipe for kernel communications */ + if (pipe(pipefd) < 0) { + crit(ap->logopt, + "failed to create commumication pipe for autofs path %s", + ap->path); ++ status = pthread_mutex_unlock(&fd_mutex); ++ if (status) ++ fatal(status); + return -1; + } + +@@ -1031,6 +1039,9 @@ static int autofs_init_ap(struct autofs_point *ap) + "failed create state pipe for autofs path %s", ap->path); + close(ap->pipefd); + close(ap->kpipefd); /* Close kernel pipe end */ ++ status = pthread_mutex_unlock(&fd_mutex); ++ if (status) ++ fatal(status); + return -1; + } + +@@ -1049,6 +1060,10 @@ static int autofs_init_ap(struct autofs_point *ap) + logmsg("dynamic log level changes not available for %s", ap->path); + } + ++ status = pthread_mutex_unlock(&fd_mutex); ++ if (status) ++ fatal(status); ++ + return 0; + } + +diff --git a/daemon/direct.c b/daemon/direct.c +index 619efce..6e76deb 100644 +--- a/daemon/direct.c ++++ b/daemon/direct.c +@@ -53,6 +53,8 @@ pthread_once_t key_mnt_params_once = PTHREAD_ONCE_INIT; + static pthread_mutex_t ma_mutex = PTHREAD_MUTEX_INITIALIZER; + static pthread_mutex_t ea_mutex = PTHREAD_MUTEX_INITIALIZER; + ++extern pthread_mutex_t fd_mutex; ++ + static void key_mnt_params_destroy(void *arg) + { + struct mnt_params *mp; +@@ -107,7 +109,11 @@ int do_umount_autofs_direct(struct autofs_point *ap, struct mnt_list *mnts, stru + } + ioctlfd = me->ioctlfd; + } else { +- int cl_flags; ++ int cl_flags, status; ++ ++ status = pthread_mutex_lock(&fd_mutex); ++ if (status) ++ fatal(status); + + ioctlfd = open(me->key, O_RDONLY); + if (ioctlfd != -1) { +@@ -116,6 +122,10 @@ int do_umount_autofs_direct(struct autofs_point *ap, struct mnt_list *mnts, stru + fcntl(ioctlfd, F_SETFD, cl_flags); + } + } ++ ++ status = pthread_mutex_unlock(&fd_mutex); ++ if (status) ++ fatal(status); + } + + +@@ -309,11 +319,15 @@ int do_mount_autofs_direct(struct autofs_point *ap, struct mnt_list *mnts, struc + if (tree_get_mnt_list(mnts, &list, me->key, 1)) { + if (ap->state == ST_READMAP) { + time_t tout = ap->exp_timeout; +- int save_ioctlfd, ioctlfd; ++ int save_ioctlfd, ioctlfd, status; + + save_ioctlfd = ioctlfd = me->ioctlfd; + + if (ioctlfd == -1) { ++ status = pthread_mutex_lock(&fd_mutex); ++ if (status) ++ fatal(status); ++ + ioctlfd = open(me->key, O_RDONLY); + if (ioctlfd != -1) { + cl_flags = fcntl(ioctlfd, F_GETFD, 0); +@@ -322,6 +336,11 @@ int do_mount_autofs_direct(struct autofs_point *ap, struct mnt_list *mnts, struc + fcntl(ioctlfd, F_SETFD, cl_flags); + } + } ++ ++ status = pthread_mutex_unlock(&fd_mutex); ++ if (status) ++ fatal(status); ++ + } + + if (ioctlfd < 0) { +@@ -402,10 +421,17 @@ int do_mount_autofs_direct(struct autofs_point *ap, struct mnt_list *mnts, struc + goto out_err; + } + ++ status = pthread_mutex_lock(&fd_mutex); ++ if (status) ++ fatal(status); ++ + /* Root directory for ioctl()'s */ + ioctlfd = open(me->key, O_RDONLY); + if (ioctlfd < 0) { + crit(ap->logopt, "failed to create ioctl fd for %s", me->key); ++ status = pthread_mutex_unlock(&fd_mutex); ++ if (status) ++ fatal(status); + goto out_umount; + } + +@@ -414,6 +440,10 @@ int do_mount_autofs_direct(struct autofs_point *ap, struct mnt_list *mnts, struc + fcntl(ioctlfd, F_SETFD, cl_flags); + } + ++ status = pthread_mutex_unlock(&fd_mutex); ++ if (status) ++ fatal(status); ++ + /* Calculate the timeouts */ + ap->exp_runfreq = (timeout + CHECK_RATIO - 1) / CHECK_RATIO; + +@@ -548,6 +578,8 @@ int umount_autofs_offset(struct autofs_point *ap, struct mapent *me) + } + ioctlfd = me->ioctlfd; + } else { ++ int status; ++ + /* offset isn't mounted, return success and try to recover */ + if (!is_mounted(_PROC_MOUNTS, me->key, MNTS_AUTOFS)) { + debug(ap->logopt, +@@ -556,6 +588,10 @@ int umount_autofs_offset(struct autofs_point *ap, struct mapent *me) + return 0; + } + ++ status = pthread_mutex_lock(&fd_mutex); ++ if (status) ++ fatal(status); ++ + ioctlfd = open(me->key, O_RDONLY); + if (ioctlfd != -1) { + if ((cl_flags = fcntl(ioctlfd, F_GETFD, 0)) != -1) { +@@ -563,6 +599,10 @@ int umount_autofs_offset(struct autofs_point *ap, struct mapent *me) + fcntl(ioctlfd, F_SETFD, cl_flags); + } + } ++ ++ status = pthread_mutex_unlock(&fd_mutex); ++ if (status) ++ fatal(status); + } + + if (ioctlfd >= 0) { +@@ -760,10 +800,17 @@ int mount_autofs_offset(struct autofs_point *ap, struct mapent *me) + goto out_err; + } + ++ status = pthread_mutex_lock(&fd_mutex); ++ if (status) ++ fatal(status); ++ + /* Root directory for ioctl()'s */ + ioctlfd = open(me->key, O_RDONLY); + if (ioctlfd < 0) { + crit(ap->logopt, "failed to create ioctl fd for %s", me->key); ++ status = pthread_mutex_unlock(&fd_mutex); ++ if (status) ++ fatal(status); + goto out_umount; + } + +@@ -772,6 +819,10 @@ int mount_autofs_offset(struct autofs_point *ap, struct mapent *me) + fcntl(ioctlfd, F_SETFD, cl_flags); + } + ++ status = pthread_mutex_unlock(&fd_mutex); ++ if (status) ++ fatal(status); ++ + ioctl(ioctlfd, AUTOFS_IOC_SETTIMEOUT, &timeout); + + ret = fstat(ioctlfd, &st); +@@ -1470,6 +1521,10 @@ int handle_packet_missing_direct(struct autofs_point *ap, autofs_packet_missing_ + return 1; + } + ++ status = pthread_mutex_lock(&fd_mutex); ++ if (status) ++ fatal(status); ++ + if (me->ioctlfd != -1) { + /* Maybe someone did a manual umount, clean up ! */ + ioctlfd = me->ioctlfd; +@@ -1479,6 +1534,9 @@ int handle_packet_missing_direct(struct autofs_point *ap, autofs_packet_missing_ + + if (ioctlfd == -1) { + cache_unlock(mc); ++ status = pthread_mutex_unlock(&fd_mutex); ++ if (status) ++ fatal(status); + pthread_setcancelstate(state, NULL); + crit(ap->logopt, "failed to create ioctl fd for %s", me->key); + /* TODO: how do we clear wait q in kernel ?? */ +@@ -1490,6 +1548,10 @@ int handle_packet_missing_direct(struct autofs_point *ap, autofs_packet_missing_ + fcntl(ioctlfd, F_SETFD, cl_flags); + } + ++ status = pthread_mutex_unlock(&fd_mutex); ++ if (status) ++ fatal(status); ++ + debug(ap->logopt, "token %ld, name %s, request pid %u", + (unsigned long) pkt->wait_queue_token, me->key, pkt->pid); + +diff --git a/daemon/indirect.c b/daemon/indirect.c +index f6b93d0..2b81ec5 100644 +--- a/daemon/indirect.c ++++ b/daemon/indirect.c +@@ -43,6 +43,8 @@ extern pthread_attr_t thread_attr; + static pthread_mutex_t ma_mutex = PTHREAD_MUTEX_INITIALIZER; + static pthread_mutex_t ea_mutex = PTHREAD_MUTEX_INITIALIZER; + ++extern pthread_mutex_t fd_mutex; ++ + static int unlink_mount_tree(struct autofs_point *ap, struct mnt_list *mnts) + { + struct mnt_list *this; +@@ -93,7 +95,7 @@ static int do_mount_autofs_indirect(struct autofs_point *ap) + const char *type, *map_name = NULL; + struct stat st; + struct mnt_list *mnts; +- int cl_flags, ret; ++ int cl_flags, ret, status; + + mnts = get_mnt_list(_PROC_MOUNTS, ap->path, 1); + if (mnts) { +@@ -147,11 +149,18 @@ static int do_mount_autofs_indirect(struct autofs_point *ap) + + options = NULL; + ++ status = pthread_mutex_lock(&fd_mutex); ++ if (status) ++ fatal(status); ++ + /* Root directory for ioctl()'s */ + ap->ioctlfd = open(ap->path, O_RDONLY); + if (ap->ioctlfd < 0) { + crit(ap->logopt, + "failed to create ioctl fd for autofs path %s", ap->path); ++ status = pthread_mutex_unlock(&fd_mutex); ++ if (status) ++ fatal(status); + goto out_umount; + } + +@@ -160,6 +169,10 @@ static int do_mount_autofs_indirect(struct autofs_point *ap) + fcntl(ap->ioctlfd, F_SETFD, cl_flags); + } + ++ status = pthread_mutex_unlock(&fd_mutex); ++ if (status) ++ fatal(status); ++ + ap->exp_runfreq = (timeout + CHECK_RATIO - 1) / CHECK_RATIO; + + ioctl(ap->ioctlfd, AUTOFS_IOC_SETTIMEOUT, &timeout); +diff --git a/daemon/spawn.c b/daemon/spawn.c +index 78d69c6..d096460 100644 +--- a/daemon/spawn.c ++++ b/daemon/spawn.c +@@ -29,6 +29,7 @@ + + #include "automount.h" + ++pthread_mutex_t fd_mutex = PTHREAD_MUTEX_INITIALIZER; + static pthread_mutex_t spawn_mutex = PTHREAD_MUTEX_INITIALIZER; + + #define SPAWN_OPT_NONE 0x0000 +@@ -123,6 +124,10 @@ static int do_spawn(unsigned logopt, unsigned int options, const char *prog, con + egid = tsv->gid; + } + ++ status = pthread_mutex_lock(&fd_mutex); ++ if (status) ++ fatal(status); ++ + f = fork(); + if (f == 0) { + reset_signals(); +@@ -131,6 +136,10 @@ static int do_spawn(unsigned logopt, unsigned int options, const char *prog, con + dup2(pipefd[1], STDERR_FILENO); + close(pipefd[1]); + ++ status = pthread_mutex_unlock(&fd_mutex); ++ if (status) ++ fatal(status); ++ + /* Bind mount - check target exists */ + if (use_access) { + char **pargv = (char **) argv; +@@ -166,6 +175,10 @@ static int do_spawn(unsigned logopt, unsigned int options, const char *prog, con + } else { + tmpsig = oldsig; + ++ status = pthread_mutex_unlock(&fd_mutex); ++ if (status) ++ fatal(status); ++ + sigaddset(&tmpsig, SIGCHLD); + pthread_sigmask(SIG_SETMASK, &tmpsig, NULL); + +diff --git a/lib/nss_parse.y b/lib/nss_parse.y +index 90b7d25..7fbc42a 100644 +--- a/lib/nss_parse.y ++++ b/lib/nss_parse.y +@@ -31,6 +31,7 @@ + #include "nss_parse.tab.h" + + static pthread_mutex_t parse_mutex = PTHREAD_MUTEX_INITIALIZER; ++extern pthread_mutex_t fd_mutex; + + static struct list_head *nss_list; + static struct nss_source *src; +@@ -163,16 +164,24 @@ static void parse_close_nsswitch(void *arg) + int nsswitch_parse(struct list_head *list) + { + FILE *nsswitch; +- int fd, cl_flags, status; ++ int fd, cl_flags, status, cur_state; ++ ++ status = pthread_mutex_lock(&fd_mutex); ++ if (status) ++ fatal(status); ++ ++ pthread_setcancelstate(PTHREAD_CANCEL_DISABLE, &cur_state); + + nsswitch = fopen(NSSWITCH_FILE, "r"); + if (!nsswitch) { + logerr("couldn't open %s\n", NSSWITCH_FILE); ++ status = pthread_mutex_unlock(&fd_mutex); ++ if (status) ++ fatal(status); ++ pthread_setcancelstate(cur_state, NULL); + return 1; + } + +- pthread_cleanup_push(parse_close_nsswitch, nsswitch); +- + fd = fileno(nsswitch); + + if ((cl_flags = fcntl(fd, F_GETFD, 0)) != -1) { +@@ -180,9 +189,16 @@ int nsswitch_parse(struct list_head *list) + fcntl(fd, F_SETFD, cl_flags); + } + ++ status = pthread_mutex_unlock(&fd_mutex); ++ if (status) ++ fatal(status); ++ + parse_mutex_lock(); ++ pthread_cleanup_push(parse_close_nsswitch, nsswitch); + pthread_cleanup_push(parse_mutex_unlock, NULL); + ++ pthread_setcancelstate(cur_state, NULL); ++ + nss_in = nsswitch; + + nss_automount_found = 0; +diff --git a/lib/rpc_subs.c b/lib/rpc_subs.c +index 5797639..5cf7fc3 100644 +--- a/lib/rpc_subs.c ++++ b/lib/rpc_subs.c +@@ -54,6 +54,8 @@ + + inline void dump_core(void); + ++extern pthread_mutex_t fd_mutex; ++ + /* + * Create a UDP RPC client + */ +@@ -105,20 +107,31 @@ got_addr: + raddr.sin_port = htons(info->port); + + if (!info->client) { ++ int status = pthread_mutex_lock(&fd_mutex); ++ if (status) ++ fatal(status); + /* + * bind to any unused port. If we left this up to the rpc + * layer, it would bind to a reserved port, which has been shown + * to exhaust the reserved port range in some situations. + */ + fd = socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP); +- if (fd < 0) ++ if (fd < 0) { ++ status = pthread_mutex_unlock(&fd_mutex); ++ if (status) ++ fatal(status); + return NULL; ++ } + + if ((cl_flags = fcntl(fd, F_GETFD, 0)) != -1) { + cl_flags |= FD_CLOEXEC; + fcntl(fd, F_SETFD, cl_flags); + } + ++ status = pthread_mutex_unlock(&fd_mutex); ++ if (status) ++ fatal(status); ++ + laddr.sin_family = AF_INET; + laddr.sin_port = 0; + laddr.sin_addr.s_addr = htonl(INADDR_ANY); +@@ -314,15 +327,27 @@ got_addr: + addr.sin_port = htons(info->port); + + if (!info->client) { ++ int status = pthread_mutex_lock(&fd_mutex); ++ if (status) ++ fatal(status); ++ + fd = socket(PF_INET, SOCK_STREAM, info->proto->p_proto); +- if (fd < 0) ++ if (fd < 0) { ++ status = pthread_mutex_unlock(&fd_mutex); ++ if (status) ++ fatal(status); + return NULL; ++ } + + if ((cl_flags = fcntl(fd, F_GETFD, 0)) != -1) { + cl_flags |= FD_CLOEXEC; + fcntl(fd, F_SETFD, cl_flags); + } + ++ status = pthread_mutex_unlock(&fd_mutex); ++ if (status) ++ fatal(status); ++ + ret = connect_nb(fd, &addr, &info->timeout); + if (ret < 0) + goto out_close; +diff --git a/modules/lookup_file.c b/modules/lookup_file.c +index a77068a..4bdd57e 100644 +--- a/modules/lookup_file.c ++++ b/modules/lookup_file.c +@@ -36,6 +36,8 @@ + + #define MAX_INCLUDE_DEPTH 16 + ++extern pthread_mutex_t fd_mutex; ++ + typedef enum { + st_begin, st_compare, st_star, st_badent, st_entspc, st_getent + } LOOKUP_STATE; +@@ -395,7 +397,7 @@ int lookup_read_master(struct master *master, time_t age, void *context) + char *ent; + struct stat st; + FILE *f; +- int fd, cl_flags; ++ int fd, cl_flags, status; + unsigned int path_len, ent_len; + int entry, cur_state; + +@@ -422,11 +424,18 @@ int lookup_read_master(struct master *master, time_t age, void *context) + return NSS_STATUS_UNAVAIL; + } + ++ status = pthread_mutex_lock(&fd_mutex); ++ if (status) ++ fatal(status); ++ + f = fopen(ctxt->mapname, "r"); + if (!f) { + error(logopt, + MODPREFIX "could not open master map file %s", + ctxt->mapname); ++ status = pthread_mutex_unlock(&fd_mutex); ++ if (status) ++ fatal(status); + return NSS_STATUS_UNAVAIL; + } + +@@ -437,6 +446,10 @@ int lookup_read_master(struct master *master, time_t age, void *context) + fcntl(fd, F_SETFD, cl_flags); + } + ++ status = pthread_mutex_unlock(&fd_mutex); ++ if (status) ++ fatal(status); ++ + while(1) { + entry = read_one(logopt, f, path, &path_len, ent, &ent_len); + if (!entry) { +@@ -640,7 +653,7 @@ int lookup_read_map(struct autofs_point *ap, time_t age, void *context) + char *mapent; + struct stat st; + FILE *f; +- int fd, cl_flags; ++ int fd, cl_flags, status; + unsigned int k_len, m_len; + int entry; + +@@ -673,10 +686,17 @@ int lookup_read_map(struct autofs_point *ap, time_t age, void *context) + return NSS_STATUS_UNAVAIL; + } + ++ status = pthread_mutex_lock(&fd_mutex); ++ if (status) ++ fatal(status); ++ + f = fopen(ctxt->mapname, "r"); + if (!f) { + error(ap->logopt, + MODPREFIX "could not open map file %s", ctxt->mapname); ++ status = pthread_mutex_unlock(&fd_mutex); ++ if (status) ++ fatal(status); + return NSS_STATUS_UNAVAIL; + } + +@@ -687,6 +707,10 @@ int lookup_read_map(struct autofs_point *ap, time_t age, void *context) + fcntl(fd, F_SETFD, cl_flags); + } + ++ status = pthread_mutex_unlock(&fd_mutex); ++ if (status) ++ fatal(status); ++ + while(1) { + entry = read_one(ap->logopt, f, key, &k_len, mapent, &m_len); + if (!entry) { +@@ -773,7 +797,7 @@ static int lookup_one(struct autofs_point *ap, + char mapent[MAPENT_MAX_LEN + 1]; + time_t age = time(NULL); + FILE *f; +- int fd, cl_flags; ++ int fd, cl_flags, status; + unsigned int k_len, m_len; + int entry, ret; + +@@ -783,10 +807,17 @@ static int lookup_one(struct autofs_point *ap, + + mc = source->mc; + ++ status = pthread_mutex_lock(&fd_mutex); ++ if (status) ++ fatal(status); ++ + f = fopen(ctxt->mapname, "r"); + if (!f) { + error(ap->logopt, + MODPREFIX "could not open map file %s", ctxt->mapname); ++ status = pthread_mutex_unlock(&fd_mutex); ++ if (status) ++ fatal(status); + return CHE_FAIL; + } + +@@ -797,6 +828,10 @@ static int lookup_one(struct autofs_point *ap, + fcntl(fd, F_SETFD, cl_flags); + } + ++ status = pthread_mutex_unlock(&fd_mutex); ++ if (status) ++ fatal(status); ++ + while(1) { + entry = read_one(ap->logopt, f, mkey, &k_len, mapent, &m_len); + if (entry) { +@@ -886,7 +921,7 @@ static int lookup_wild(struct autofs_point *ap, struct lookup_context *ctxt) + char mapent[MAPENT_MAX_LEN + 1]; + time_t age = time(NULL); + FILE *f; +- int fd, cl_flags; ++ int fd, cl_flags, status; + unsigned int k_len, m_len; + int entry, ret; + +@@ -896,10 +931,17 @@ static int lookup_wild(struct autofs_point *ap, struct lookup_context *ctxt) + + mc = source->mc; + ++ status = pthread_mutex_lock(&fd_mutex); ++ if (status) ++ fatal(status); ++ + f = fopen(ctxt->mapname, "r"); + if (!f) { + error(ap->logopt, + MODPREFIX "could not open map file %s", ctxt->mapname); ++ status = pthread_mutex_unlock(&fd_mutex); ++ if (status) ++ fatal(status); + return CHE_FAIL; + } + +@@ -910,6 +952,10 @@ static int lookup_wild(struct autofs_point *ap, struct lookup_context *ctxt) + fcntl(fd, F_SETFD, cl_flags); + } + ++ status = pthread_mutex_unlock(&fd_mutex); ++ if (status) ++ fatal(status); ++ + while(1) { + entry = read_one(ap->logopt, f, mkey, &k_len, mapent, &m_len); + if (entry) { +diff --git a/modules/mount_changer.c b/modules/mount_changer.c +index 08d9147..3bec011 100644 +--- a/modules/mount_changer.c ++++ b/modules/mount_changer.c +@@ -34,6 +34,8 @@ + + #define MODPREFIX "mount(changer): " + ++extern pthread_mutex_t fd_mutex; ++ + int mount_version = AUTOFS_MOUNT_VERSION; /* Required by protocol */ + + int swapCD(const char *device, const char *slotName); +@@ -158,11 +160,18 @@ int swapCD(const char *device, const char *slotName) + + slot = atoi(slotName) - 1; + ++ status = pthread_mutex_lock(&fd_mutex); ++ if (status) ++ fatal(status); ++ + /* open device */ + fd = open(device, O_RDONLY | O_NONBLOCK); + if (fd < 0) { + logerr(MODPREFIX "Opening device %s failed : %s", + device, strerror(errno)); ++ status = pthread_mutex_unlock(&fd_mutex); ++ if (status) ++ fatal(status); + return 1; + } + +@@ -171,6 +180,10 @@ int swapCD(const char *device, const char *slotName) + fcntl(fd, F_SETFD, cl_flags); + } + ++ status = pthread_mutex_unlock(&fd_mutex); ++ if (status) ++ fatal(status); ++ + /* Check CD player status */ + total_slots_available = ioctl(fd, CDROM_CHANGER_NSLOTS); + if (total_slots_available <= 1) { +diff --git a/modules/replicated.c b/modules/replicated.c +index 90b2925..21cb9da 100644 +--- a/modules/replicated.c ++++ b/modules/replicated.c +@@ -74,6 +74,8 @@ + #define max(x, y) (x >= y ? x : y) + #define mmax(x, y, z) (max(x, y) == x ? max(x, z) : max(y, z)) + ++extern pthread_mutex_t fd_mutex; ++ + void seed_random(void) + { + int fd; +@@ -102,7 +104,7 @@ static unsigned int get_proximity(const char *host_addr, int addr_len) + char tmp[20], buf[MAX_ERR_BUF], *ptr; + struct ifconf ifc; + struct ifreq *ifr, nmptr; +- int sock, cl_flags, ret, i; ++ int sock, cl_flags, ret, i, status; + uint32_t mask, ha, ia; + + memcpy(tmp, host_addr, addr_len); +@@ -110,10 +112,17 @@ static unsigned int get_proximity(const char *host_addr, int addr_len) + + ha = ntohl((uint32_t) hst_addr->s_addr); + ++ status = pthread_mutex_lock(&fd_mutex); ++ if (status) ++ fatal(status); ++ + sock = socket(AF_INET, SOCK_DGRAM, 0); + if (sock < 0) { + char *estr = strerror_r(errno, buf, MAX_ERR_BUF); + logerr("socket creation failed: %s", estr); ++ status = pthread_mutex_unlock(&fd_mutex); ++ if (status) ++ fatal(status); + return PROXIMITY_ERROR; + } + +@@ -122,6 +131,10 @@ static unsigned int get_proximity(const char *host_addr, int addr_len) + fcntl(sock, F_SETFD, cl_flags); + } + ++ status = pthread_mutex_unlock(&fd_mutex); ++ if (status) ++ fatal(status); ++ + ifc.ifc_len = sizeof(buf); + ifc.ifc_req = (struct ifreq *) buf; + ret = ioctl(sock, SIOCGIFCONF, &ifc); diff --git a/autofs.spec b/autofs.spec index b823a23..8d41b81 100644 --- a/autofs.spec +++ b/autofs.spec @@ -4,7 +4,7 @@ Summary: A tool for automatically mounting and unmounting filesystems Name: autofs Version: 5.0.2 -Release: 21 +Release: 23 Epoch: 1 License: GPL Group: System Environment/Daemons @@ -56,6 +56,7 @@ Patch42: autofs-5.0.2-report-failed-lookups.patch Patch43: autofs-5.0.2-dynamic-logging-non-sasl.patch Patch44: autofs-5.0.2-singleton-host-list.patch Patch45: autofs-5.0.2-hosts-nosuid-default.patch +Patch46: autofs-5.0.2-fd-close-on-exec-mutex.patch Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: autoconf, hesiod-devel, openldap-devel, bison, flex, libxml2-devel, cyrus-sasl-devel, openssl-devel module-init-tools util-linux nfs-utils e2fsprogs Conflicts: kernel < 2.6.17 @@ -143,6 +144,7 @@ echo %{version}-%{release} > .version %patch43 -p1 %patch44 -p1 %patch45 -p1 +%patch46 -p1 %build #CFLAGS="$RPM_OPT_FLAGS" ./configure --prefix=/usr --libdir=%{_libdir} @@ -195,6 +197,10 @@ fi %{_libdir}/autofs/ %changelog +* Tue Dec 18 2007 Ian Kent - 5.0.2-23 +- Bug 397591 SELinux is preventing /sbin/rpc.statd (rpcd_t) "search" to (sysctl_fs_t). + - prevent fork between fd open and setting of FD_CLOEXEC. + * Thu Dec 13 2007 Ian Kent - 5.0.2-21 - Bug 421371: CVE-2007-5964 autofs defaults don't restrict suid in /net [rawhide] - use mount option "nosuid" for "-hosts" map unless "suid" is explicily specified.