From mboxrd@z Thu Jan  1 00:00:00 1970
From: Diego Nicola Barbato <dnbarbato@posteo.de>
Subject: bug#37569: Mount does not honor 'user' option.
Date: Fri, 04 Oct 2019 08:59:22 +0200
Message-ID: <87k19lt2r9.fsf@GlaDOS.home>
References: <87lfu4wpjs.fsf@GlaDOS.home>
 <20191001212726.62b763e1@scratchpost.org> <87h84sw39p.fsf@GlaDOS.home>
Mime-Version: 1.0
Content-Type: text/plain
Return-path: <bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org>
Received: from eggs.gnu.org ([2001:470:142:3::10]:49160)
 by lists.gnu.org with esmtp (Exim 4.90_1)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1iGHZQ-0005Mu-H2
 for bug-guix@gnu.org; Fri, 04 Oct 2019 03:00:09 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1iGHZO-0002ZU-8D
 for bug-guix@gnu.org; Fri, 04 Oct 2019 03:00:07 -0400
Received: from debbugs.gnu.org ([209.51.188.43]:32793)
 by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
 (Exim 4.71) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1iGHZN-0002Z6-Oy
 for bug-guix@gnu.org; Fri, 04 Oct 2019 03:00:06 -0400
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1iGHZK-0000vM-UJ
 for bug-guix@gnu.org; Fri, 04 Oct 2019 03:00:05 -0400
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-Message-ID: <handler.37569.B37569.15701723733485@debbugs.gnu.org>
In-Reply-To: <87h84sw39p.fsf@GlaDOS.home> (Diego Nicola Barbato's message of
 "Tue, 01 Oct 2019 23:43:14 +0200")
List-Id: Bug reports for GNU Guix <bug-guix.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/bug-guix>,
 <mailto:bug-guix-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/bug-guix>
List-Post: <mailto:bug-guix@gnu.org>
List-Help: <mailto:bug-guix-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/bug-guix>,
 <mailto:bug-guix-request@gnu.org?subject=subscribe>
Errors-To: bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org
Sender: "bug-Guix" <bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org>
To: Danny Milosavljevic <dannym@scratchpost.org>
Cc: 37569@debbugs.gnu.org

Diego Nicola Barbato <dnbarbato@posteo.de> writes:

> Hello Danny,
>
> Danny Milosavljevic <dannym@scratchpost.org> writes:
>
>> Hmm, how is that solved with other distributions?  Is "mount" suid root there?
>
> Indeed, in Debian both mount and umount are suid root:
>
>   $ stat -c "%a %U:%G %n" /bin/*mount
>   4755 root:root /bin/fusermount
>   4755 root:root /bin/mount
>   4755 root:root /bin/umount

I've tried adding "mount" and "umount" to `setuid-programs' in my
operating-system config:

--8<---------------cut here---------------start------------->8---
(setuid-programs (cons*                                       
                  #~(string-append #$util-linux "/bin/mount") 
                  #~(string-append #$util-linux "/bin/umount")
                  %setuid-programs))
--8<---------------cut here---------------end--------------->8---

Mounting as an unprivileged user now works as expected (even the fancy
9p stuff).  Is there any rationale for not adding "mount" and "umount"
to `%setuid-programs' by default?

Thanks,

Diego