Package: davfs2 Version: 1.4.5-1 Severity: normal
Davfs2 allows normal mount by root (or a sudoer). Yes, I dpkg-reconfigured davfs2 to set mount.davfs setuid root. charp...@eee-ec:~$ sudo mount -t davfs https://alpha.bacbuc.dyndns.org/WebDAV/ /home/charpent/alpha-dav/ -o uid=charpent,gid=charpent Please enter the username to authenticate with server https://alpha.bacbuc.dyndns.org/WebDAV/ or hit enter for none. Username: charpent Please enter the password to authenticate user charpent with server https://alpha.bacbuc.dyndns.org/WebDAV/ or hit enter for none. Password: /sbin/mount.davfs: the server certificate is not trusted issuer: Bacbuc-OpenVPN, Paris, Ãle-de-France, FR subject: Bacbuc-OpenVPN, Paris, Ãle-de-France, FR identity: alpha.bacbuc.dyndns.org fingerprint: 78:cb:4e:bc:42:3a:c3:23:d7:76:3f:0a:05:fe:9f:ce:4c:e2:0d:b4 You only should accept this certificate, if you can verify the fingerprint! The server might be faked or there might be a man-in-the-middle-attack. Accept certificate for this session? [y,N] y charp...@eee-ec:~$ mount /dev/sda4 on / type ext4 (rw,errors=remount-ro) tmpfs on /lib/init/rw type tmpfs (rw,nosuid,mode=0755) proc on /proc type proc (rw,noexec,nosuid,nodev) sysfs on /sys type sysfs (rw,noexec,nosuid,nodev) udev on /dev type tmpfs (rw,mode=0755) tmpfs on /dev/shm type tmpfs (rw,nosuid,nodev) devpts on /dev/pts type devpts (rw,noexec,nosuid,gid=5,mode=620) fusectl on /sys/fs/fuse/connections type fusectl (rw) binfmt_misc on /proc/sys/fs/binfmt_misc type binfmt_misc (rw,noexec,nosuid,nodev) gvfs-fuse-daemon on /home/charpent/.gvfs type fuse.gvfs-fuse-daemon (rw,nosuid,nodev,user=charpent) https://alpha.bacbuc.dyndns.org/WebDAV/ on /home/charpent/alpha-dav type davfs (rw,nosuid,nodev,_netdev,uid=1000,gid=1000) charp...@eee-ec:~$ However, I have been unable to use it to allow mounting by a non-root user. My /etc/fstab has : https://alpha.bacbuc.dyndns.org/WebDAV/ /home/charpent/alpha-dav/ davfs noauto,user 0 0 But : charp...@eee-ec:~$ mount /home/charpent/alpha-dav/ /sbin/mount.davfs: no entry for https://alpha.bacbuc.dyndns.org/WebDAV/ found in /etc/fstab Also : charp...@eee-ec:~$ mount https://alpha.bacbuc.dyndns.org/WebDAV/ /sbin/mount.davfs: no entry for https://alpha.bacbuc.dyndns.org/WebDAV/ found in /etc/fstab charp...@eee-ec:~$ I tried to create myself ~/.davfs2 directory and relevant files (the README.gz hinted that they shoud have been created by first mount), to no avail. I also tried to dpkg-statoverride to set the *group* ownetship of /usr/sbin/mount.davfs to "davfs2" ; ditto for /sbin/mount.davfs (symlink to the former), while respecting the setuidbit of the former and setting it for the latter. To no avail. I must have been either 1) doing something extremely stupid, or 2 ) dug up a nice buglet. Could you please let me know which ? Thanks in advance, Emmanuel Charpentier -- System Information: Debian Release: squeeze/sid APT prefers testing-proposed-updates APT policy: (500, 'testing-proposed-updates'), (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.32-3-686 (SMP w/2 CPU cores) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages davfs2 depends on: ii adduser 3.112 add and remove users and groups ii debconf [debconf-2.0] 1.5.32 Debian configuration management sy ii libc6 2.10.2-6 Embedded GNU C Library: Shared lib ii libneon27-gnutls 0.29.3-2 An HTTP and WebDAV client library davfs2 recommends no packages. davfs2 suggests no packages. -- Configuration Files: /etc/davfs2/davfs2.conf changed: dav_user davfs2 # system wide config file only dav_group davfs2 # system wide config file only # httpauth, locks, ssl, httpbody, secrets, most /etc/davfs2/secrets [Errno 13] Permission non accordée: u'/etc/davfs2/secrets' -- debconf information: davfs2/user_name: davfs2 davfs2/non_root_users_confimed: * davfs2/suid_file: true davfs2/new_user: true davfs2/group_name: davfs2 davfs2/new_group: true -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
