[PATCH open-vm-tools] Enable fuse block device - Dev

28 May 2019

Fixups for enabling fuse and correcting the setuid utility to actually
be setuid/gid/sticky in order for it to open device nodes and launch
the vmware daemon with the correct permissions.
---
Looking through the setuid wrapper it looked safe, just operating off of hardcoded paths
(after getting sbindir from the system) and hard coded options.

Thanks to Antonio for the patch inspiration and service file!
---
 .gitignore                  |  1 +
 attrs                       |  1 +
 configure                   |  2 --
 install_append              |  3 +++
 open-vm-tools.spec          | 30 +++++++++++++++++++++++-------
 pkgconfig_add               |  2 ++
 release                     |  2 +-
 symbols                     |  1 +
 used_libs                   | 17 ++++++++++-------
 vmware-vmblock-fuse.service | 12 ++++++++++++
 10 files changed, 54 insertions(+), 17 deletions(-)
 create mode 100644 attrs
 create mode 100644 vmware-vmblock-fuse.service

diff --git a/.gitignore b/.gitignore
index fd14cc3..edbcfda 100644
--- a/.gitignore
+++ b/.gitignore
@@ -11,3 +11,4 @@ build.log.round*
 commitmsg
 results/
 rpms/
+for-review.txt
diff --git a/attrs b/attrs
new file mode 100644
index 0000000..8b3cd5c
--- /dev/null
+++ b/attrs
@@ -0,0 +1 @@
+7755 root root /usr/bin/vmware-user-suid-wrapper
diff --git a/configure b/configure
index 1b53ba4..b4f8cd8 100644
--- a/configure
+++ b/configure
@@ -1,6 +1,4 @@
---without-gtkmm
 --without-dnet
---without-gtkmm3
 --without-gtk2
 --with-gtk3
 --with-pam-prefix=/usr/share
diff --git a/install_append b/install_append
index 0cb9596..77b60ae 100644
--- a/install_append
+++ b/install_append
@@ -1,3 +1,6 @@
 rm %{buildroot}/sbin/mount.vmhgfs
 mkdir -p %{buildroot}//usr/lib/systemd/system/multi-user.target.wants
 ln -s ../open-vm-tools.service 
%{buildroot}//usr/lib/systemd/system/multi-user.target.wants
+ln -s ../vmware-vmblock-fuse.service
%{buildroot}/usr/lib/systemd/system/multi-user.target.wants
+mkdir -p %{buildroot}/usr/share/xdg/autostart
+ln -s  ../../../defaults/open-vm-tools/xdg/autostart/vmware-user.desktop
%{buildroot}/usr/share/xdg/autostart
diff --git a/open-vm-tools.spec b/open-vm-tools.spec
index cdfbdb5..b2c6c66 100644
--- a/open-vm-tools.spec
+++ b/open-vm-tools.spec
@@ -4,10 +4,11 @@
 #
 Name     : open-vm-tools
 Version  : 10.3.5
-Release  : 26
+Release  : 28
 URL      :
https://github.com/vmware/open-vm-tools/releases/download/stable-10.3.5/ope…
 Source0  :
https://github.com/vmware/open-vm-tools/releases/download/stable-10.3.5/ope…
 Source1  : open-vm-tools.service
+Source2  : vmware-vmblock-fuse.service
 Summary  : Library for unpacking and executing VMware Guest Customization package.
 Group    : Development/Tools
 License  : BSD-2-Clause CDDL-1.0 GPL-2.0 LGPL-2.1 MIT
@@ -24,6 +25,7 @@ BuildRequires : automake
 BuildRequires : automake-dev
 BuildRequires : compat-fuse-soname2-dev
 BuildRequires : doxygen
+BuildRequires : fuse
 BuildRequires : fuse-dev
 BuildRequires : gettext-bin
 BuildRequires : glib-dev
@@ -37,6 +39,7 @@ BuildRequires : libtool-dev
 BuildRequires : m4
 BuildRequires : openssl-dev
 BuildRequires : pkg-config-dev
+BuildRequires : pkgconfig(gtkmm-3.0)
 BuildRequires : pkgconfig(ice)
 BuildRequires : pkgconfig(libdrm)
 BuildRequires : pkgconfig(libtirpc)
@@ -98,6 +101,7 @@ Requires: open-vm-tools-lib = %{version}-%{release}
 Requires: open-vm-tools-bin = %{version}-%{release}
 Requires: open-vm-tools-data = %{version}-%{release}
 Provides: open-vm-tools-devel = %{version}-%{release}
+Requires: open-vm-tools = %{version}-%{release}
 
 %description dev
 dev components for the open-vm-tools package.
@@ -156,10 +160,13 @@ export http_proxy=http://127.0.0.1:9/
 export https_proxy=http://127.0.0.1:9/
 export no_proxy=localhost,127.0.0.1,0.0.0.0
 export LANG=C
-export SOURCE_DATE_EPOCH=1546268181
-%reconfigure --disable-static --without-gtkmm \
---without-dnet \
---without-gtkmm3 \
+export SOURCE_DATE_EPOCH=1559065312
+export GCC_IGNORE_WERROR=1
+export CFLAGS="$CFLAGS -fno-lto "
+export FCFLAGS="$CFLAGS -fno-lto "
+export FFLAGS="$CFLAGS -fno-lto "
+export CXXFLAGS="$CXXFLAGS -fno-lto "
+%reconfigure --disable-static --without-dnet \
 --without-gtk2 \
 --with-gtk3 \
 --with-pam-prefix=/usr/share \
@@ -178,7 +185,7 @@ export no_proxy=localhost,127.0.0.1,0.0.0.0
 make VERBOSE=1 V=1 %{?_smp_mflags} check
 
 %install
-export SOURCE_DATE_EPOCH=1546268181
+export SOURCE_DATE_EPOCH=1559065312
 rm -rf %{buildroot}
 mkdir -p %{buildroot}/usr/share/package-licenses/open-vm-tools
 cp COPYING %{buildroot}/usr/share/package-licenses/open-vm-tools/COPYING
@@ -230,10 +237,14 @@ cp xferlogs/COPYING
%{buildroot}/usr/share/package-licenses/open-vm-tools/xferlo
 %make_install
 mkdir -p %{buildroot}/usr/lib/systemd/system
 install -m 0644 %{SOURCE1} %{buildroot}/usr/lib/systemd/system/open-vm-tools.service
+install -m 0644 %{SOURCE2}
%{buildroot}/usr/lib/systemd/system/vmware-vmblock-fuse.service
 ## install_append content
 rm %{buildroot}/sbin/mount.vmhgfs
 mkdir -p %{buildroot}//usr/lib/systemd/system/multi-user.target.wants
 ln -s ../open-vm-tools.service 
%{buildroot}//usr/lib/systemd/system/multi-user.target.wants
+ln -s ../vmware-vmblock-fuse.service
%{buildroot}/usr/lib/systemd/system/multi-user.target.wants
+mkdir -p %{buildroot}/usr/share/xdg/autostart
+ln -s  ../../../defaults/open-vm-tools/xdg/autostart/vmware-user.desktop
%{buildroot}/usr/share/xdg/autostart
 ## install_append end
 
 %files
@@ -242,9 +253,11 @@ ln -s ../open-vm-tools.service 
%{buildroot}//usr/lib/systemd/system/multi-user.
 %files autostart
 %defattr(-,root,root,-)
 /usr/lib/systemd/system/multi-user.target.wants/open-vm-tools.service
+/usr/lib/systemd/system/multi-user.target.wants/vmware-vmblock-fuse.service
 
 %files bin
 %defattr(-,root,root,-)
+%attr(7755,root,root) /usr/bin/vmware-user-suid-wrapper
 /usr/bin/mount.vmhgfs
 /usr/bin/vmhgfs-fuse
 /usr/bin/vmtoolsd
@@ -255,7 +268,6 @@ ln -s ../open-vm-tools.service 
%{buildroot}//usr/lib/systemd/system/multi-user.
 /usr/bin/vmware-rpctool
 /usr/bin/vmware-toolbox-cmd
 /usr/bin/vmware-user
-/usr/bin/vmware-user-suid-wrapper
 /usr/bin/vmware-vmblock-fuse
 /usr/bin/vmware-xferlogs
 
@@ -282,6 +294,7 @@ ln -s ../open-vm-tools.service 
%{buildroot}//usr/lib/systemd/system/multi-user.
 /usr/share/open-vm-tools/messages/ko/vmtoolsd.vmsg
 /usr/share/open-vm-tools/messages/zh_CN/toolboxcmd.vmsg
 /usr/share/pam.d/vmtoolsd
+/usr/share/xdg/autostart/vmware-user.desktop
 
 %files dev
 %defattr(-,root,root,-)
@@ -335,6 +348,7 @@ ln -s ../open-vm-tools.service 
%{buildroot}//usr/lib/systemd/system/multi-user.
 /usr/lib64/open-vm-tools/plugins/vmsvc/libresolutionKMS.so
 /usr/lib64/open-vm-tools/plugins/vmsvc/libtimeSync.so
 /usr/lib64/open-vm-tools/plugins/vmsvc/libvmbackup.so
+/usr/lib64/open-vm-tools/plugins/vmusr/libdndcp.so
 
 %files license
 %defattr(0644,root,root,0755)
@@ -388,4 +402,6 @@ ln -s ../open-vm-tools.service 
%{buildroot}//usr/lib/systemd/system/multi-user.
 %files services
 %defattr(-,root,root,-)
 %exclude /usr/lib/systemd/system/multi-user.target.wants/open-vm-tools.service
+%exclude /usr/lib/systemd/system/multi-user.target.wants/vmware-vmblock-fuse.service
 /usr/lib/systemd/system/open-vm-tools.service
+/usr/lib/systemd/system/vmware-vmblock-fuse.service
diff --git a/pkgconfig_add b/pkgconfig_add
index 97b67fc..c81f093 100644
--- a/pkgconfig_add
+++ b/pkgconfig_add
@@ -1,7 +1,9 @@
 # This file contains additional pkgconfig build requirements that did
 # not get picked up automatically. One name per line, no whitespace.
+gtkmm-3.0
 x11
 ice
 xtst
 udev
 libtirpc
+
diff --git a/release b/release
index 6f4247a..9902f17 100644
--- a/release
+++ b/release
@@ -1 +1 @@
-26
+28
diff --git a/symbols b/symbols
index 100b791..218ac4b 100644
--- a/symbols
+++ b/symbols
@@ -268,6 +268,7 @@ libhgfs.so.0:HgfsUpdateNodeAppendFlag
 libhgfs.so.0:HgfsUpdateNodeFileDesc
 libhgfs.so.0:HgfsUpdateNodeNames
 libhgfs.so.0:HgfsUpdateNodeServerLock
+libhgfs.so.0:HgfsUri_ConvertFromPathToHgfsUri
 libhgfs.so.0:HgfsValidateRenameFile
 libhgfs.so.0:HgfsValidateReplySize
 libhgfs.so.0:futimes
diff --git a/used_libs b/used_libs
index e2d292e..0da250e 100644
--- a/used_libs
+++ b/used_libs
@@ -1,17 +1,12 @@
 ld-linux-x86-64.so.2
-libICE.so.6
-libSM.so.6
 libX11.so.6
-libXext.so.6
-libXi.so.6
-libXinerama.so.1
-libXrandr.so.2
-libXrender.so.1
 libXtst.so.6
 libatk-1.0.so.0
+libatkmm-1.6.so.1
 libc.so.6
 libcairo-gobject.so.2
 libcairo.so.2
+libcairomm-1.0.so.1
 libcrypt.so.1
 libcrypto.so.1.1
 libdl.so.2
@@ -20,19 +15,27 @@ libfuse.so.2
 libgcc_s.so.1
 libgdk-3.so.0
 libgdk_pixbuf-2.0.so.0
+libgdkmm-3.0.so.1
 libgio-2.0.so.0
+libgiomm-2.4.so.1
 libglib-2.0.so.0
+libglibmm-2.4.so.1
 libgmodule-2.0.so.0
 libgobject-2.0.so.0
 libgthread-2.0.so.0
 libgtk-3.so.0
+libgtkmm-3.0.so.1
 libicudata.so.63
 libicui18n.so.63
 libicuuc.so.63
+libm.so.6
 libmspack.so.0
 libpango-1.0.so.0
 libpangocairo-1.0.so.0
+libpangomm-1.4.so.1
 libpthread.so.0
 librt.so.1
+libsigc-2.0.so.0
 libssl.so.1.1
+libstdc++.so.6
 libudev.so.1
diff --git a/vmware-vmblock-fuse.service b/vmware-vmblock-fuse.service
new file mode 100644
index 0000000..9e4d2a3
--- /dev/null
+++ b/vmware-vmblock-fuse.service
@@ -0,0 +1,12 @@
+[Unit]
+Description=Open Virtual Machine Tools (vmware-vmblock-fuse)
+ConditionVirtualization=vmware
+
+[Service]
+Type=simple
+RuntimeDirectory=vmblock-fuse
+RuntimeDirectoryMode=755
+ExecStart=/usr/bin/vmware-vmblock-fuse -d -f -o
subtype=vmware-vmblock,default_permissions,allow_other /run/vmblock-fuse
+
+[Install]
+WantedBy=multi-user.target
-- 
2.21.0


    