Hello community,
here is the log from the commit of package bindfs for openSUSE:Factory checked
in at 2018-02-09 15:46:50
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/bindfs (Old)
and /work/SRC/openSUSE:Factory/.bindfs.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "bindfs"
Fri Feb 9 15:46:50 2018 rev:17 rq:573921 version:1.13.9
Changes:
--------
--- /work/SRC/openSUSE:Factory/bindfs/bindfs.changes 2017-11-09
14:07:48.145242950 +0100
+++ /work/SRC/openSUSE:Factory/.bindfs.new/bindfs.changes 2018-02-09
15:46:52.708829510 +0100
@@ -1,0 +2,6 @@
+Wed Feb 7 23:07:49 UTC 2018 - jeng...@inai.de
+
+- Update to new upstream release 1.13.9
+ * Added options --delete-deny and --rename-deny
+
+-------------------------------------------------------------------
Old:
----
bindfs-1.13.8.tar.gz
New:
----
bindfs-1.13.9.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ bindfs.spec ++++++
--- /var/tmp/diff_new_pack.U2ad9x/_old 2018-02-09 15:46:53.424803800 +0100
+++ /var/tmp/diff_new_pack.U2ad9x/_new 2018-02-09 15:46:53.428803656 +0100
@@ -1,7 +1,7 @@
#
# spec file for package bindfs
#
-# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -17,7 +17,7 @@
Name: bindfs
-Version: 1.13.8
+Version: 1.13.9
Release: 0
Summary: Mount Directories to other Locations and alter Permission Bits
License: GPL-2.0+
++++++ bindfs-1.13.8.tar.gz -> bindfs-1.13.9.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/bindfs-1.13.8/ChangeLog new/bindfs-1.13.9/ChangeLog
--- old/bindfs-1.13.8/ChangeLog 2017-10-26 17:00:28.000000000 +0200
+++ new/bindfs-1.13.9/ChangeLog 2017-11-30 11:30:07.000000000 +0100
@@ -1,3 +1,8 @@
+2017-11-30 Martin Pärtel <martin dot partel at gmail dot com>
+
+ * Added options --delete-deny and --rename-deny as suggested by @roojs.
+ * Released 1.13.9
+
2017-10-26 Martin Pärtel <martin dot partel at gmail dot com>
* Released 1.13.8
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/bindfs-1.13.8/README.md new/bindfs-1.13.9/README.md
--- old/bindfs-1.13.8/README.md 2017-10-26 17:00:28.000000000 +0200
+++ new/bindfs-1.13.9/README.md 2017-11-30 11:30:07.000000000 +0100
@@ -1,7 +1,7 @@
## Overview ##
-bindfs - http://bindfs.org/
+bindfs - https://bindfs.org/
bindfs is a FUSE filesystem for mirroring a directory to another
directory, similarly to `mount --bind`. The permissions of the mirrored
@@ -20,7 +20,10 @@
## Installation ##
-Make sure FUSE 2.6.0 or above is installed (http://fuse.sf.net/).
+Make sure FUSE 2.6.0 or above is installed
(https://github.com/libfuse/libfuse).
+
+Download a [release](https://bindfs.org/downloads/) or clone this repository.
+
Then compile and install as usual:
./configure
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/bindfs-1.13.8/configure new/bindfs-1.13.9/configure
--- old/bindfs-1.13.8/configure 2017-10-26 17:00:32.000000000 +0200
+++ new/bindfs-1.13.9/configure 2017-11-30 11:30:11.000000000 +0100
@@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for bindfs 1.13.8.
+# Generated by GNU Autoconf 2.69 for bindfs 1.13.9.
#
# Report bugs to <martin.par...@gmail.com>.
#
@@ -590,8 +590,8 @@
# Identity of this package.
PACKAGE_NAME='bindfs'
PACKAGE_TARNAME='bindfs'
-PACKAGE_VERSION='1.13.8'
-PACKAGE_STRING='bindfs 1.13.8'
+PACKAGE_VERSION='1.13.9'
+PACKAGE_STRING='bindfs 1.13.9'
PACKAGE_BUGREPORT='martin.par...@gmail.com'
PACKAGE_URL=''
@@ -1340,7 +1340,7 @@
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures bindfs 1.13.8 to adapt to many kinds of systems.
+\`configure' configures bindfs 1.13.9 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1411,7 +1411,7 @@
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of bindfs 1.13.8:";;
+ short | recursive ) echo "Configuration of bindfs 1.13.9:";;
esac
cat <<\_ACEOF
@@ -1531,7 +1531,7 @@
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-bindfs configure 1.13.8
+bindfs configure 1.13.9
generated by GNU Autoconf 2.69
Copyright (C) 2012 Free Software Foundation, Inc.
@@ -1809,7 +1809,7 @@
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by bindfs $as_me 1.13.8, which was
+It was created by bindfs $as_me 1.13.9, which was
generated by GNU Autoconf 2.69. Invocation command line was
$ $0 $@
@@ -2673,7 +2673,7 @@
# Define the identity of the package.
PACKAGE='bindfs'
- VERSION='1.13.8'
+ VERSION='1.13.9'
cat >>confdefs.h <<_ACEOF
@@ -12910,7 +12910,7 @@
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by bindfs $as_me 1.13.8, which was
+This file was extended by bindfs $as_me 1.13.9, which was
generated by GNU Autoconf 2.69. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -12976,7 +12976,7 @@
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //;
s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
-bindfs config.status 1.13.8
+bindfs config.status 1.13.9
configured by $0, generated by GNU Autoconf 2.69,
with options \\"\$ac_cs_config\\"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/bindfs-1.13.8/configure.ac
new/bindfs-1.13.9/configure.ac
--- old/bindfs-1.13.8/configure.ac 2017-10-26 17:00:28.000000000 +0200
+++ new/bindfs-1.13.9/configure.ac 2017-11-30 11:30:07.000000000 +0100
@@ -1,4 +1,4 @@
-AC_INIT([bindfs],[1.13.8],[martin.par...@gmail.com])
+AC_INIT([bindfs],[1.13.9],[martin.par...@gmail.com])
AM_INIT_AUTOMAKE([foreign serial-tests])
AC_CONFIG_HEADERS([config.h])
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/bindfs-1.13.8/src/bindfs.1
new/bindfs-1.13.9/src/bindfs.1
--- old/bindfs-1.13.8/src/bindfs.1 2017-10-26 17:00:28.000000000 +0200
+++ new/bindfs-1.13.9/src/bindfs.1 2017-11-30 11:30:07.000000000 +0100
@@ -219,6 +219,20 @@
file permissions inside the mount.
+.SH OTHER FILE OPERATIONS
+
+.TP
+.B \-\-delete\-deny, \-o delete\-deny
+Makes all file delete operations fail with a 'permission denied'.
+By default, files can still be modified if they have write permission,
+and renamed if the directory has write permission.
+
+.TP
+.B \-\-rename\-deny, \-o rename\-deny
+Makes all file rename/move operations \fBwithin the mountpoint\fP fail with
+a 'permission denied'. Programs that move files out of a mountpoint do so
+by copying and deleting the original.
+
.SH RATE LIMITS
Reads and writes through the mount point can be throttled. Throttling works
by sleeping the required amount of time on each read or write request.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/bindfs-1.13.8/src/bindfs.c
new/bindfs-1.13.9/src/bindfs.c
--- old/bindfs-1.13.8/src/bindfs.c 2017-10-26 17:00:28.000000000 +0200
+++ new/bindfs-1.13.9/src/bindfs.c 2017-11-30 11:30:07.000000000 +0100
@@ -159,6 +159,9 @@
XATTR_READ_WRITE
} xattr_policy;
+ int delete_deny;
+ int rename_deny;
+
int mirrored_users_only;
uid_t *mirrored_users;
int num_mirrored_users;
@@ -184,7 +187,7 @@
int enable_lock_forwarding;
int enable_ioctl;
-
+
uid_t uid_offset;
gid_t gid_offset;
@@ -476,6 +479,9 @@
char *unlink_first = NULL;
int (*main_delete_func)(const char*) = target_delete_func;
+ if (settings.delete_deny)
+ return -EPERM;
+
real_path = process_path(path, false);
if (real_path == NULL)
return -errno;
@@ -817,6 +823,9 @@
int res;
char *real_from, *real_to;
+ if (settings.rename_deny)
+ return -EPERM;
+
real_from = process_path(from, false);
if (real_from == NULL)
return -errno;
@@ -1458,6 +1467,10 @@
" --xattr-ro Read-only xattr operations.\n"
" --xattr-rw Read-write xattr operations (the
default).\n"
"\n"
+ "Other file operations:\n"
+ " --delete-deny Disallow deleting files.\n"
+ " --rename-deny Disallow renaming files (within the
mount).\n"
+ "\n"
"Rate limits:\n"
" --read-rate=... Limit to bytes/sec that can be read.\n"
" --write-rate=... Limit to bytes/sec that can be
written.\n"
@@ -1508,6 +1521,8 @@
OPTKEY_XATTR_NONE,
OPTKEY_XATTR_READ_ONLY,
OPTKEY_XATTR_READ_WRITE,
+ OPTKEY_DELETE_DENY,
+ OPTKEY_RENAME_DENY,
OPTKEY_REALISTIC_PERMISSIONS,
OPTKEY_CTIME_FROM_MTIME,
OPTKEY_ENABLE_LOCK_FORWARDING,
@@ -1587,6 +1602,13 @@
settings.xattr_policy = XATTR_READ_WRITE;
return 0;
+ case OPTKEY_DELETE_DENY:
+ settings.delete_deny = 1;
+ return 0;
+ case OPTKEY_RENAME_DENY:
+ settings.rename_deny= 1;
+ return 0;
+
case OPTKEY_REALISTIC_PERMISSIONS:
settings.realistic_permissions = 1;
return 0;
@@ -1939,6 +1961,9 @@
OPT2("--xattr-ro", "xattr-ro", OPTKEY_XATTR_READ_ONLY),
OPT2("--xattr-rw", "xattr-rw", OPTKEY_XATTR_READ_WRITE),
+ OPT2("--delete-deny", "delete-deny", OPTKEY_DELETE_DENY),
+ OPT2("--rename-deny", "rename-deny", OPTKEY_RENAME_DENY),
+
OPT2("--hide-hard-links", "hide-hard-links", OPTKEY_HIDE_HARD_LINKS),
OPT2("--resolve-symlinks", "resolve-symlinks",
OPTKEY_RESOLVE_SYMLINKS),
OPT_OFFSET2("--resolved-symlink-deletion=%s",
"resolved-symlink-deletion=%s", resolved_symlink_deletion, -1),
@@ -1950,9 +1975,12 @@
OPT2("--disable-lock-forwarding", "disable-lock-forwarding",
OPTKEY_DISABLE_LOCK_FORWARDING),
OPT2("--enable-ioctl", "enable-ioctl", OPTKEY_ENABLE_IOCTL),
OPT_OFFSET2("--multithreaded", "multithreaded", multithreaded, -1),
-
OPT_OFFSET2("--uid-offset=%s", "uid-offset=%s", uid_offset, 0),
OPT_OFFSET2("--gid-offset=%s", "gid-offset=%s", gid_offset, 0),
+
+
+
+
FUSE_OPT_END
};
@@ -1983,6 +2011,8 @@
settings.chmod_allow_x = 0;
settings.chmod_permchain = permchain_create();
settings.xattr_policy = XATTR_READ_WRITE;
+ settings.delete_deny = 0;
+ settings.rename_deny = 0;
settings.mirrored_users_only = 0;
settings.mirrored_users = NULL;
settings.num_mirrored_users = 0;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/bindfs-1.13.8/tests/test_bindfs.rb
new/bindfs-1.13.9/tests/test_bindfs.rb
--- old/bindfs-1.13.8/tests/test_bindfs.rb 2017-10-26 17:00:28.000000000
+0200
+++ new/bindfs-1.13.9/tests/test_bindfs.rb 2017-11-30 11:30:07.000000000
+0100
@@ -293,6 +293,20 @@
assert { File.stat('src/file').mode & 0777 == 0640 }
end
+testenv("--delete-deny") do
+ touch('src/file')
+ mkdir('src/dir')
+ assert_exception(EPERM) { rm('mnt/file') }
+ assert_exception(EPERM) { rmdir('mnt/dir') }
+end
+
+testenv("--rename-deny") do
+ touch('src/file')
+ mkdir('src/dir')
+ assert_exception(EPERM) { mv('mnt/file', 'mnt/file2') }
+ assert_exception(EPERM) { mv('mnt/dir', 'mnt/dir2') }
+end
+
root_testenv("--map=nobody/root:@#{nobody_group}/@#{root_group}") do
touch('src/file')
chown('nobody', nobody_group, 'src/file')
