From: Crystal Kolipe Subject: [patch] mount_mfs allow specifying permissions To: tech@openbsd.org Cc: Stuart , Rafael Sadowski Date: Thu, 21 Aug 2025 13:53:08 +0100 This patch was circulated on -tech a couple of months ago and gained some interest. Any further OKs? It would be nice to get this in before the next release. --- newfs.c Mon Apr 7 04:25:02 2025 +++ newfs.c Mon Jul 21 08:15:41 2025 @@ -147,7 +147,7 @@ static void waitformount(char *, pid_t); static int do_exec(const char *, const char *, char *const[]); static int isdir(const char *); -static void copy(char *, char *); +static void copy(char *, char *, mode_t); static int gettmpmnt(char *, size_t); #endif @@ -179,6 +179,7 @@ #ifdef MFS char mountfromname[BUFSIZ]; char *pop = NULL, node[PATH_MAX]; + char *ep; pid_t pid; struct stat mountpoint; #endif @@ -203,7 +204,7 @@ fatal("insane maxpartitions value %d", maxpartitions); opstring = mfs ? - "O:P:T:b:c:e:f:i:m:o:s:" : + "O:P:T:b:c:e:f:i:m:o:p:s:" : "NO:S:T:b:c:e:f:g:h:i:m:o:qs:t:"; while ((ch = getopt(argc, argv, opstring)) != -1) { switch (ch) { @@ -286,6 +287,19 @@ optarg); } break; + case 'p': + errno = 0; + mfsmode = strtoul(optarg, &ep, 8); + if (optarg[0] == '\0' || *ep != '\0') + fatal("invalid mode: not a number"); + if (errno == ERANGE) + fatal("invalid mode: out of range"); + if ((mfsmode & ALLPERMS) != mfsmode) + fatal("unrecognised permission bits"); + if (mfsmode == 0) + warnx("invalid mode, will inherit " + "mount point permissions"); + break; case 'q': quiet = 1; break; @@ -506,7 +520,8 @@ err(ECANCELED, "stat %s", node); mfsuid = mountpoint.st_uid; mfsgid = mountpoint.st_gid; - mfsmode = mountpoint.st_mode & ALLPERMS; + if (mfsmode == 0) + mfsmode = mountpoint.st_mode & ALLPERMS; } #endif @@ -543,7 +558,7 @@ default: if (pop != NULL) { waitformount(tmpnode, pid); - copy(pop, tmpnode); + copy(pop, tmpnode, mfsmode); unmount(tmpnode, 0); rmdir(tmpnode); } @@ -754,13 +769,18 @@ } static void -copy(char *src, char *dst) +copy(char *src, char *dst, mode_t mfsmode) { int ret, dir, created = 0; + int fd; struct ufs_args mount_args; char mountpoint[MNAMELEN]; char *const argv[] = { "pax", "-rw", "-pe", ".", dst, NULL } ; + if ((fd = open(dst, O_RDONLY)) == -1) { + err(1, "failed opening %s", dst); + } + dir = isdir(src); if (dir) strlcpy(mountpoint, src, sizeof(mountpoint)); @@ -788,6 +808,10 @@ warn("unmount %s", dst); errx(1, "copy %s to %s failed", mountpoint, dst); } + if (fchmodat(fd, ".", mfsmode, 0) == -1) { + warn("failed to set requested permissions"); + } + close (fd); } static int --- newfs.8 Mon Apr 7 04:25:02 2025 +++ newfs.8 Thu Jul 24 20:35:55 2025 @@ -67,6 +67,7 @@ .Op Fl m Ar free-space .Op Fl O Ar filesystem-format .Op Fl o Ar options +.Op Fl p Ar mode .Op Fl P Ar file .Op Fl s Ar size .Ar special node @@ -270,7 +271,8 @@ are as described for .Nm , except for the -.Fl o +.Fl o , +.Fl p and .Fl P options. @@ -284,6 +286,11 @@ See the .Xr mount 8 man page for possible options and their meanings. +.It Fl p Ar mode +Set permissions on the mount point after the mfs filesystem has been mounted. +The +.Ar mode +argument must be specified in octal notation. .It Fl P Ar file If .Ar file @@ -295,9 +302,11 @@ contents of the FFS file system contained on the device. .El .Pp -If the +If neither of the +.Fl p Ar mode +or .Fl P Ar file -option is not used, the owner and mode of the created mfs file +options is used, the owner and mode of the created mfs file system will be the same as the owner and mode of the mount point. .Sh ENVIRONMENT .Bl -tag -width COLUMNS @@ -308,6 +317,11 @@ .Nm defaults to the terminal width, or 80 columns if the output is not a terminal. .El +.Sh EXAMPLES +The following line added to /etc/fstab will mount a 512MB mfs filesystem on +/tmp at boot time, setting appropriate permissions: +.Pp +.Dl swap /tmp mfs rw,nodev,nosuid,-s=512m,-p=01777 0 0 .Sh SEE ALSO .Xr disktab 5 , .Xr fs 5 ,