You can use statvfs()
struct statvfs st;
inr rc = statvfs("/mnt/foo", &st);
if (rc == -1)
error();
if (st.f_flag & ST_NOEXEC) {
//no exec flags was set
}
Вопрос
My program calls exec() on a binary that has been written to a directory specified by the user. If the directory resides in a tree mounted with "noexec", the exec() fails with EACCES.
Instead of failing the exec(), I would like to be able to figure out if a directory was mounted with noexec, but none of fcntl(), stat() or mount() return this info (from reading the manpages). Looking at the kernel source for the exec system call, it looks like this info is stored in the metadata of the inode, and I don't see this info being returned from any system call.
673 struct nameidata nd;
(..)
677 err = path_lookup_open(AT_FDCWD, name, LOOKUP_FOLLOW, &nd, FMODE_READ|FMODE_EXEC);
678 file = ERR_PTR(err);
(..)
682 file = ERR_PTR(-EACCES);
683 if (!(nd.mnt->mnt_flags & MNT_NOEXEC) &&
684 S_ISREG(inode->i_mode)) {
Does anyone know of a way to do this?
Thanks.
Решение
You can use statvfs()
struct statvfs st;
inr rc = statvfs("/mnt/foo", &st);
if (rc == -1)
error();
if (st.f_flag & ST_NOEXEC) {
//no exec flags was set
}
Другие советы
Did you consider reading /proc/mounts
then determining which file system your program binary resides on, perhaps using statfs(2) and/or realpath(3)?
But you always should care about, and handle, the failure of execve(2) and related exec
functions, which can fail for a variety of reasons.
There are many ways execve
can fail, and some of them are not easily reproducible; likewise for the failure of fork
or any other syscall.
I would either leave and report the EACCESS
error (of execve
), or, if you absolutely want to catch & explain more the noexec
mount option, do the more complex thing (statfs
and/or realpath
and scanning of /proc/mounts
or /proc/self/mounts
) after such an EACCESS
failure.
There is no much point in testing a binary path before execve
-ing it ... just report the error after...