index : drakx	distro/mdv2007.1 distro/mdv2008.0 distro/mdv2008.1 distro/mdv2009.0 distro/mdv2009.1 distro/mdv2010.0 distro/mes5 distro/mes5-2.6.33 distro/mes6 distro/mga1 distro/mga2 distro/mga3 distro/mga4 distro/mga5 distro/mga6 distro/mga7 distro/mga8 distro/mga9 master topic/Corpo_2_1 topic/KA9_0 topic/MDK-10-update topic/MDK-10_1-update topic/MDK-10_2-update topic/MDK-2006_0-update topic/MDK92-branch topic/MDKC_1_0 topic/PCMCIA_CS_DISTRO topic/R9_0-64bit-branch topic/R9_1_HP-branch topic/a topic/before_matchbox_wm topic/bug-13680 topic/dietlibc topic/efi topic/extlinux topic/firewall topic/gdk-pixbuf-0-branch topic/gi-ppc topic/ia64-8_1 topic/mandrakesoft topic/mlcd4 topic/ppp topic/rp-pppoe topic/switching_to_dnf topic/switching_to_urpmi topic/unlabeled-1.1.1 topic/v_webmin_0_87 topic/x86_64-branch user/animtim/designWork user/colin/rescue-systemd user/ennael/mga6 user/erwan/bug-13680 user/jibz/aarch64 user/martinw/mga6 user/pterjan/arm64
	Mageia Installer and base platform for many utilities	Thierry Vignaud [tv]

summaryrefslogtreecommitdiffstats

log msg author committer range

path: root/perl-install/security

	Commit message (Expand)	Author	Age	Files	Lines
*	fix/adjust some help pages (#42986)	Thierry Vignaud	2008-09-30	1	-1/+1
*	(level_choose) remove wrongly commited debug stuff	Thierry Vignaud	2008-09-19	1	-1/+1
*	(level_choose) fix defaulting to current security level in GUI	Thierry Vignaud	2008-09-15	1	-1/+1
*	(level_choose) remove dead code	Thierry Vignaud	2008-09-15	1	-1/+1
*	do not bother set now unused $o->{libsafe}) ; drop security::various::config_...	Thierry Vignaud	2008-09-15	1	-11/+0
*	(level_choose) drop now unused 'libsafe' parameter	Thierry Vignaud	2008-09-15	1	-1/+1
*	(level_choose) kill 'libsafe' option which isn't visible since libsafe	Thierry Vignaud	2008-09-15	1	-3/+0
*	(level_choose) explain to translators	Thierry Vignaud	2008-08-29	1	-1/+4
*	(level_choose) remove debug statement	Thierry Vignaud	2008-08-29	1	-1/+1
*	(level_choose) refresh "Security" step	Thierry Vignaud	2008-08-29	1	-4/+6
*	stop setting banner icon now we do not display them anymore	Thierry Vignaud	2008-07-29	1	-1/+0
*	improve explanations (#6969): do not shout, add quotes	Thierry Vignaud	2007-07-30	1	-4/+4
*	improve explanations (#6969): explain umask	Thierry Vignaud	2007-07-30	1	-2/+2
*	improve explanations (#6969): prevent introducing confusion into explanations	Thierry Vignaud	2007-07-30	1	-26/+26
*	re-sync after the big svn loss	Pascal Rigaux	2007-04-25	2	-7/+7
*	fill in missing titles for banners and specify icons	Thierry Vignaud	2005-08-27	1	-1/+2
*	don't need use MDK::Common... when we have "use common" (which is the standar...	Pascal Rigaux	2005-06-10	1	-1/+0
*	use addVarsInSh()	Pascal Rigaux	2005-05-27	1	-8/+8
*	really default security level 3	Pascal Rigaux	2005-03-24	1	-1/+1
*	(load_values) fix getting value when it's defined but 0 (#14364)	Thierry Vignaud	2005-03-08	1	-1/+1
*	(get_function_value) fix getting value when it's 0 (#14364)	Thierry Vignaud	2005-03-08	1	-1/+1
*	add translator hints; real fix will be in mdk10.2:	Thierry Vignaud	2004-09-20	1	-2/+6
*	- fix label of entry in help	Thierry Vignaud	2004-09-13	1	-1/+1
*	typo fixes	Thierry Vignaud	2004-08-19	1	-1/+1
*	use difference2() as suggested by new perl_checker warning	Pascal Rigaux	2004-08-12	1	-1/+1
*	cleanup	Pascal Rigaux	2004-08-12	1	-3/+2
*	perl_checker compliance	Pascal Rigaux	2004-08-12	1	-1/+1
*	sync with msec-0.44	Thierry Vignaud	2004-07-30	3	-1/+7
*	(get) default to standard level; else security::msec won't be able to	Thierry Vignaud	2004-06-10	1	-1/+1
*	(apply_checks) reindent	Thierry Vignaud	2004-02-10	1	-7/+7
*	(apply_checks) fix unable to save checks when config file is empty	Thierry Vignaud	2004-02-10	1	-10/+8
*	fix draksec not saving options when config file do not exists :-(	Thierry Vignaud	2004-02-06	1	-0/+2
*	add help for newly introduced MAIL_EMPTY_CONTENT item	Thierry Vignaud	2004-01-29	1	-0/+1
*	notify that timeout is in seconds	Thierry Vignaud	2004-01-29	1	-1/+1
*	fix parsing of default values for multi argument msec functions	Thierry Vignaud	2004-01-29	1	-1/+1
*	fix #6103:	Thierry Vignaud	2003-10-08	1	-3/+8
*	fix english (thanks to Arpad Biro)	Pascal Rigaux	2003-08-20	1	-3/+3
*	perl_checker compliance	Pascal Rigaux	2003-08-11	2	-2/+2
*	better help	Thierry Vignaud	2003-07-24	1	-25/+40
*	describe	Thierry Vignaud	2003-07-24	1	-1/+4
*	- filter dumb characters	Thierry Vignaud	2003-07-24	1	-103/+45
*	sort functions & checks when writing configuration	Thierry Vignaud	2003-07-19	1	-2/+2
*	translate default values qw(yes no all ignore ...) and provide english	Thierry Vignaud	2003-07-14	1	-0/+62
*	perl_checker fixes	Thierry Vignaud	2003-05-23	1	-3/+3
*	- fix #3616 (draksec discarding changes)	Thierry Vignaud	2003-05-20	1	-2/+2
*	fix #3618	Thierry Vignaud	2003-04-30	1	-1/+1
*	perl_checker adaptations + fixes	Pascal Rigaux	2003-04-24	1	-4/+4
*	new perl_checker compliance	Pascal Rigaux	2003-04-17	1	-2/+4
*	resync with msec	Thierry Vignaud	2003-02-18	1	-1/+1
*	replace %level_list with level_list() so that N("...") is called at runtime	Pascal Rigaux	2003-02-17	1	-13/+13

• [next]

generated by cgit v1.2.1 (git 2.21.0) at 2025-01-23 13:03:51 +0000

package fs; # $Id$

use diagnostics;
use strict;

use MDK::Common::System;
use MDK::Common::Various;
use common;
use log;
use devices;
use partition_table qw(:types);
use run_program;
use swap;
use detect_devices;
use modules;
use fsedit;
use loopback;


sub read_fstab {
    my ($prefix, $file, @reading_options) = @_;

    my %comments;
    my $comment;
    my @l = grep {
	if (/^\s*#/) {
	    $comment .= chomp_($_) . "\n";
	    0;
	} else {
	    $comments{$_} = $comment if $comment;
	    $comment = '';
	    1;
	}
    } cat_("$prefix$file");

    #- attach comments at the end of fstab to the previous line
    $comments{$l[-1]} = $comment if $comment;

    map {
	my ($dev, $mntpoint, $type, $options, $freq, $passno) = split;
	my $comment = $comments{$_};

	$options = 'defaults' if $options eq 'rw'; # clean-up for mtab read

	$type = fs2type($type);
	if ($type eq 'supermount') {
	    # normalize this bloody supermount
	    $options = join(",", 'supermount', grep {
		if (/fs=(.*)/) {
		    $type = $1;
		    0;
		} elsif (/dev=(.*)/) {
		    $dev = $1;
		    0;
		} elsif ($_ eq '--') {
		    0;
		} else {
		    1;
		}
	    } split(',', $options));
	} elsif ($type eq 'smb') {
	    # prefering type "smbfs" over "smb"
	    $type = 'smbfs';
	}
	$mntpoint =~ s/\\040/ /g;
	$dev =~ s/\\040/ /g;

	my $h = { 
		 device => $dev, mntpoint => $mntpoint, type => $type, 
		 options => $options, comment => $comment,
		 if_(member('keep_freq_passno', @reading_options), freq => $freq, passno => $passno),
		};

	if ($dev =~ /^LABEL=/) {
	    if (my $e = find { $_->{mntpoint} eq $mntpoint } read_fstab('', '/proc/mounts')) {
		$h->{device_LABEL} = $dev;
		$dev = $h->{device} = $e->{device};
	    }
        }
	if ($dev =~ m,/(tmp|dev)/,) {
	    ($h->{major}, $h->{minor}) = unmakedev((stat "$prefix$dev")[6]);

	    my $symlink = readlink("$prefix$dev");
	    $dev =~ s,/(tmp|dev)/,,;

	    if ($symlink =~ m|^[^/]+$|) {
		$h->{device_alias} = $dev;
		$h->{device} = $symlink;
	    } else {
		$h->{device} = $dev;
	    }
	}

	if ($h->{options} =~ /credentials=/ && !member('verbatim_credentials', @reading_options)) {
	    require network::smb;
	    #- remove credentials=file with username=foo,password=bar,domain=zoo
	    #- the other way is done in fstab_to_string
	    my ($options, $unknown) = mount_options_unpack($h);
	    my $file = delete $options->{'credentials='};
	    my $credentials = network::smb::read_credentials_raw($file);
	    if ($credentials->{username}) {
		$options->{"$_="} = $credentials->{$_} foreach qw(username password domain);
		mount_options_pack($h, $options, $unknown);
	    }
	}

	$h;
    } @l;
}

sub merge_fstabs {
    my ($loose, $fstab, @l) = @_;

    foreach my $p (@$fstab) {
	my ($l1, $l2) = partition { fsedit::is_same_hd($_, $p) } @l;
	my ($p2) = @$l1 or next;
	@l = @$l2;

	$p->{mntpoint} = $p2->{mntpoint} if delete $p->{unsafeMntpoint};

	$p->{type} = $p2->{type} if $p2->{type} && !$loose;
	$p->{options} = $p2->{options} if $p2->{options} && !$loose;
	#- important to get isMounted property else DrakX may try to mount already mounted partitions :-(
	add2hash($p, $p2);
	$p->{device_alias} ||= $p2->{device_alias} || $p2->{device} if $p->{device} ne $p2->{device} && $p2->{device} !~ m|/|;

	$p->{type} && $p2->{type} && $p->{type} ne $p2->{type} && type2fs($p) ne type2fs($p2) &&
	  $p->{type} ne 'auto' && $p2->{type} ne 'auto' and
	    log::l("err, fstab and partition table do not agree for $p->{device} type: " .
		   (type2fs($p) || type2name($p->{type})) . " vs ", (type2fs($p2) || type2name($p2->{type})));
    }
    @l;
}

sub add2all_hds {
    my ($all_hds, @l) = @_;

    @l = merge_fstabs('', [ fsedit::get_really_all_fstab($all_hds) ], @l);

    foreach (@l) {
	my $s = 
	    isThisFs('nfs', $_) ? 'nfss' :
	    isThisFs('smbfs', $_) ? 'smbs' :
	    isThisFs('davfs', $_) ? 'davs' :
	    isTrueFS($_) || isSwap($_) || isOtherAvailableFS($_) ? '' :
	    'special';
	push @{$all_hds->{$s}}, $_ if $s;
    }
}

sub get_major_minor {
    eval {
	my (undef, $major, $minor) = devices::entry($_->{device});
	($_->{major}, $_->{minor}) = ($major, $minor);
    } foreach @_;
}

sub merge_info_from_mtab {
    my ($fstab) = @_;

    my @l1 = map { my $l = $_; 
		   my %l = (type => fs2type('swap')); 
		   $l{$_} = $l->{$_} foreach qw(device major minor); 
		   \%l;
	       } read_fstab('', '/proc/swaps');
    
    my @l2 = map { read_fstab('', $_) } '/etc/mtab', '/proc/mounts';

    foreach (@l1, @l2) {
	log::l("found mounted partition on $_->{device} with $_->{mntpoint}");
	if ($::isInstall && $_->{mntpoint} eq '/tmp/hdimage') {
	    log::l("found hdimage on $_->{device}");
	    $_->{real_mntpoint} = delete $_->{mntpoint};
	    $_->{mntpoint} = common::usingRamdisk() && "/mnt/hd"; #- remap for hd install.
	}
	$_->{isMounted} = $_->{isFormatted} = 1;
	delete $_->{options};
    } 
    merge_fstabs('loose', $fstab, @l1, @l2);
}

# - when using "$loose", it does not merge in type&options from the fstab
sub merge_info_from_fstab {
    my ($fstab, $prefix, $uniq, $loose) = @_;

    my @l = grep { 
	if ($uniq) {
	    my $part = fsedit::mntpoint2part($_->{mntpoint}, $fstab);
	    !$part || fsedit::is_same_hd($part, $_); #- keep it only if it is the mountpoint AND the same device
	} else {
	    1;
	}
    } read_fstab($prefix, "/etc/fstab", 'keep_freq_passno');

    merge_fstabs($loose, $fstab, @l);
}

# - when using "$loose", it does not merge in type&options from the fstab
sub get_info_from_fstab {
    my ($all_hds, $prefix) = @_;
    my @l = read_fstab($prefix, "/etc/fstab", 'keep_freq_passno');
    add2all_hds($all_hds, @l)
}

sub prepare_write_fstab {
    my ($fstab, $prefix, $keep_smb_credentials) = @_;
    $prefix ||= '';

    my %new;
    my @smb_credentials;
    my @l = map { 
	my $device = 
	  isLoopback($_) ? 
	      ($_->{mntpoint} eq '/' ? "/initrd/loopfs" : $_->{loopback_device}{mntpoint}) . $_->{loopback_file} :
	  part2device($prefix, $_->{device}, $_->{type});

	my $real_mntpoint = $_->{mntpoint} || ${{ '/tmp/hdimage' => '/mnt/hd' }}{$_->{real_mntpoint}};
	mkdir_p("$prefix$real_mntpoint") if $real_mntpoint =~ m|^/|;
	my $mntpoint = loopback::carryRootLoopback($_) ? '/initrd/loopfs' : $real_mntpoint;

	my ($freq, $passno) =
	  exists $_->{freq} ?
	    ($_->{freq}, $_->{passno}) :
	  isTrueFS($_) && $_->{options} !~ /encryption=/ ? 
	    (1, $_->{mntpoint} eq '/' ? 1 : loopback::carryRootLoopback($_) ? 0 : 2) : 
	    (0, 0);

	if (($device eq 'none' || !$new{$device}) && ($mntpoint eq 'swap' || !$new{$mntpoint})) {
	    #- keep in mind the new line for fstab.
	    $new{$device} = 1;
	    $new{$mntpoint} = 1;

	    my $options = $_->{options};

	    if (isThisFs('smbfs', $_) && $options =~ /password=/ && !$keep_smb_credentials) {
		require network::smb;
		if (my ($opts, $smb_credentials) = network::smb::fstab_entry_to_credentials($_)) {
		    $options = $opts;
		    push @smb_credentials, $smb_credentials;
		}
	    }

	    my $type = type2fs($_);

	    my $dev = 
	      $_->{device_LABEL} ? $_->{device_LABEL} :
	      $_->{device_alias} ? "/dev/$_->{device_alias}" : $device;

	    $mntpoint =~ s/ /\\040/g;
	    $dev =~ s/ /\\040/g;

	    # handle bloody supermount special case
	    if ($options =~ /supermount/) {
		my @l = grep { $_ ne 'supermount' } split(',', $options);
		my @l1 = grep { member($_, 'ro', 'exec') } @l;
		my @l2 = difference2(\@l, \@l1);
		$options = join(",", "dev=$dev", "fs=$type", @l1, if_(@l2, '--', @l2));
		($dev, $type) = ('none', 'supermount');
	    }

	    [ $mntpoint, $_->{comment} . join(' ', $dev, $mntpoint, $type, $options || 'defaults', $freq, $passno) . "\n" ];
	} else {
	    ()
	}
    } grep { $_->{device} && ($_->{mntpoint} || $_->{real_mntpoint}) && $_->{type} } @$fstab;

    join('', map { $_->[1] } sort { $a->[0] cmp $b->[0] } @l), \@smb_credentials;
}

sub fstab_to_string {
    my ($all_hds, $prefix) = @_;
    my $fstab = [ fsedit::get_really_all_fstab($all_hds), @{$all_hds->{special}} ];
    my ($s, undef) = prepare_write_fstab($fstab, $prefix, 'keep_smb_credentials');
    $s;
}

sub write_fstab {
    my ($all_hds, $prefix) = @_;
    log::l("writing $prefix/etc/fstab");
    my $fstab = [ fsedit::get_really_all_fstab($all_hds), @{$all_hds->{special}} ];
    my ($s, $smb_credentials) = prepare_write_fstab($fstab, $prefix, '');
    output("$prefix/etc/fstab", $s);
    network::smb::save_credentials($_) foreach @$smb_credentials;
}

sub part2device {
    my ($prefix, $dev, $type) = @_;
    $dev eq 'none' || member($type, qw(nfs smbfs davfs)) ? 
      $dev : 
      do {
	  my $dir = $dev =~ m!^(/|LABEL=)! ? '' : '/dev/';
	  eval { devices::make("$prefix$dir$dev") };
	  "$dir$dev";
      };
}

sub auto_fs() {
    grep { chop; $_ && !/nodev/ } cat_("/etc/filesystems");
}

sub mount_options {
    my %non_defaults = (
			sync => 'async', noatime => 'atime', noauto => 'auto', ro => 'rw', 
			user => 'nouser', nodev => 'dev', noexec => 'exec', nosuid => 'suid',
		       );
    my @user_implies = qw(noexec nodev nosuid);
    \%non_defaults, \@user_implies;
}

sub mount_options_unpack {
    my ($part) = @_;
    my $packed_options = $part->{options};

    my ($non_defaults, $user_implies) = mount_options();

    my @auto_fs = auto_fs();
    my %per_fs = (
		  iso9660 => [ qw(unhide) ],
		  vfat => [ qw(umask=0) ],
		  ntfs => [ qw(umask=0) ],
		  nfs => [ qw(rsize=8192 wsize=8192) ],
		  smbfs => [ qw(username= password=) ],
		  davfs => [ qw(username= password= uid= gid=) ],
		  reiserfs => [ 'notail' ],
		 );
    push @{$per_fs{$_}}, 'usrquota', 'grpquota' foreach 'ext2', 'ext3', 'xfs';

    while (my ($fs, $l) = each %per_fs) {
	isThisFs($fs, $part) || $part->{type} eq 'auto' && member($fs, @auto_fs) or next;
	$non_defaults->{$_} = 1 foreach @$l;
    }

    $non_defaults->{encrypted} = 1 if !$part->{isFormatted} || isSwap($part);

    $non_defaults->{supermount} = 1 if member(type2fs($part), 'auto', @auto_fs);

    my $defaults = { reverse %$non_defaults };
    my %options = map { $_ => '' } keys %$non_defaults;
    my @unknown;
    foreach (split(",", $packed_options)) {
	if ($_ eq 'user') {
	    $options{$_} = 1 foreach 'user', @$user_implies;
	} elsif (exists $non_defaults->{$_}) {
	    $options{$_} = 1;
	} elsif ($defaults->{$_}) {
	    $options{$defaults->{$_}} = 0;
	} elsif (/(.*?=)(.*)/) {
	    $options{$1} = $2;
	} else {
	    push @unknown, $_;
	}
    }
    # merge those, for cleaner help
    $options{'rsize=8192,wsize=8192'} = delete $options{'rsize=8192'} && delete $options{'wsize=8192'}
      if exists $options{'rsize=8192'};

    my $unknown = join(",", @unknown);
    \%options, $unknown;
}

sub mount_options_pack_ {
    my ($_part, $options, $unknown) = @_;

    my ($non_defaults, $user_implies) = mount_options();
    my @l;

    if (delete $options->{user}) {
	push @l, 'user';
	foreach (@$user_implies) {
	    if (!delete $options->{$_}) {
		# overriding
		$options->{$non_defaults->{$_}} = 1;
	    }
	}
    }
    push @l, map_each { if_($::b, $::a =~ /=$/ ? "$::a$::b" : $::a) } %$options;
    push @l, $unknown;

    join(",", uniq(grep { $_ } @l));
}
sub mount_options_pack {
    my ($part, $options, $unknown) = @_;
    $part->{options} = mount_options_pack_($part, $options, $unknown);
    noreturn();
}

sub mount_options_help {
    my %help = map { $_ => '' } @_;
    my %short = map { if_(/(.*?)=/, "$1=" => $_) } keys %help;

    foreach (split(':', $ENV{LANGUAGE}), '') {
	my $manpage = "/usr/share/man/$_/man8/mount.8.bz2";
	-e $manpage or next;

	my ($tp, $option);
	foreach (`bzip2 -dc $manpage`) {
	    my $prev_tp = $tp;
	    $tp = /^\.(TP|RE)/;
	    my ($s) = /^\.B (.*)/;
	    if (($prev_tp && $s eq '\-o') .. /X^/) {
		if (my $v = ($prev_tp && $s =~ /^[a-z]/i) .. $tp) {
		    if ($v == 1) {
			$s = $short{$s} || $s;
			$option = exists $help{$s} && !$help{$s} ? $s : '';
		    } elsif ($v !~ /E0/) {
			s/\\//g;
			s/\s*"(.*?)"\s*/$1/g if s/^\.BR\s+//;
			s/^\.B\s+//;
			$help{$option} .= $_ if $option;
		    }
		}        
	    }
	}
    }
    %help;
}

sub set_default_options {
    my ($part, $is_removable, $useSupermount, $security, $iocharset, $codepage) = @_;

    my ($options, $unknown) = mount_options_unpack($part);

    if ($is_removable) {
	$options->{supermount} = $useSupermount;
	$part->{type} = 'auto';
    }

    my $is_auto = isThisFs('auto', $part);

    if ($part->{media_type} eq 'cdrom') {
	$options->{ro} = 1;
    }

    if ($part->{media_type} eq 'fd') {
	# slow device so don't loose time, write now!
	$options->{sync} = 1;
    }

    if (isTrueFS($part)) {
	#- noatime on laptops (do not wake up the hd)
	#- Do  not  update  inode  access times on this
	#- file system (e.g, for faster access  on  the
	#- news spool to speed up news servers).
	$options->{noatime} = detect_devices::isLaptop();
    }
    if (isThisFs('nfs', $part)) {
	put_in_hash($options, { 
			       nosuid => 1, 'rsize=8192,wsize=8192' => 1, soft => 1,
			      });
    }
    if (isThisFs('smbfs', $part)) {
	add2hash($options, { 'username=' => '%' }) if !$options->{'credentials='};
    }
    if (isFat($part) || $is_auto) {

	put_in_hash($options, {
			       user => 1, noexec => 0,
			      }) if $is_removable;

	put_in_hash($options, {
			       'umask=0' => $security < 3, 'iocharset=' => $iocharset, 'codepage=' => $codepage,
			      });
    }
    if (isThisFs('ntfs', $part)) {
	put_in_hash($options, { ro => 1, 'umask=0' => $security < 3, 'iocharset=' => $iocharset });
    }
    if (isThisFs('iso9660', $part) || $is_auto) {
	put_in_hash($options, { user => 1, noexec => 0, 'iocharset=' => $iocharset });
    }
    if (isThisFs('reiserfs', $part)) {
	$options->{notail} = 1;
    } else {
	$options->{notail} = 0;
    }
    if (isLoopback($part) && !isSwap($part)) { #- no need for loop option for swap files
	$options->{loop} = 1;
    }

    # rationalize: no need for user
    if ($options->{autofs} || $options->{supermount}) {
	$options->{user} = 0;
    }

    # have noauto when we have user
    $options->{noauto} = 1 if $options->{user}; 

    if ($options->{user}) {
	# ensure security  (user_implies - noexec as noexec is not a security matter)
	$options->{$_} = 1 foreach 'nodev', 'nosuid';
    }

    mount_options_pack($part, $options, $unknown);
}

sub set_all_default_options {
    my ($all_hds, $useSupermount, $security, $iocharset, $codepage) = @_;

    my @removables = @{$all_hds->{raw_hds}};

    foreach my $part (fsedit::get_really_all_fstab($all_hds)) {
	set_default_options($part, member($part, @removables), $useSupermount, $security, $iocharset, $codepage);
    }
}

sub set_removable_mntpoints {
    my ($all_hds) = @_;

    my %names;
    foreach (@{$all_hds->{raw_hds}}) {
	my $name = detect_devices::suggest_mount_point($_) or next;
	
	my $s = ++$names{$name};
	$_->{mntpoint} ||= "/mnt/$name" . ($s == 1 ? '' : $s);
    }
}

sub get_raw_hds {
    my ($prefix, $all_hds) = @_;

    $all_hds->{raw_hds} = [ detect_devices::removables() ];
    get_major_minor(@{$all_hds->{raw_hds}});

    my @fstab = read_fstab($prefix, "/etc/fstab", 'keep_freq_passno');
    $all_hds->{nfss} = [ grep { isThisFs('nfs', $_) } @fstab ];
    $all_hds->{smbs} = [ grep { isThisFs('smbfs', $_) } @fstab ];
    $all_hds->{davs} = [ grep { isThisFs('davfs', $_) } @fstab ];
    $all_hds->{special} = [
       (grep { isThisFs('tmpfs', $_) } @fstab),
       { device => 'none', mntpoint => '/proc', type => 'proc' },
       { device => 'none', mntpoint => '/dev/pts', type => 'devpts', options => 'mode=0620' },
    ];
}

################################################################################
# formatting functions
################################################################################
sub disable_forced_fsck {
    my ($dev) = @_;
    run_program::run("tune2fs", "-c0", "-i0", devices::make($dev));
}

sub format_ext2($@) {
    #- mke2fs -b (1024|2048|4096) -c -i(1024 > 262144) -N (1 > 100000000) -m (0-100%) -L volume-label
    #- tune2fs
    my ($dev, @options) = @_;
    $dev =~ m,(rd|ida|cciss)/, and push @options, qw(-b 4096 -R stride=16); #- For RAID only.
    push @options, qw(-b 1024 -O none) if arch() =~ /alpha/;
    run_program::raw({ timeout => 60 * 60 }, 'mke2fs', '-F', @options, devices::make($dev)) or die \N("%s formatting of %s failed", any { $_ eq '-j' } @options ? "ext3" : "ext2", $dev);
}
sub format_ext3 {
    my ($dev, @options) = @_;
    format_ext2($dev, "-j", @options);
    disable_forced_fsck($dev);
}
sub format_reiserfs {
    my ($dev, @options) = @_;
    #TODO add -h tea
    run_program::raw({ timeout => 60 * 60 }, "mkreiserfs", "-ff", @options, devices::make($dev)) or die \N("%s formatting of %s failed", "reiserfs", $dev);
}
sub format_xfs {
    my ($dev, @options) = @_;
    run_program::raw({ timeout => 60 * 60 }, "mkfs.xfs", "-f", "-q", @options, devices::make($dev)) or die \N("%s formatting of %s failed", "xfs", $dev);
}
sub format_jfs {
    my ($dev, @options) = @_;
    run_program::raw({ timeout => 60 * 60 }, "mkfs.jfs", "-f", @options, devices::make($dev)) or die \N("%s formatting of %s failed", "jfs", $dev);
}
sub format_dos {
    my ($dev, @options) = @_;
    run_program::raw({ timeout => 60 * 60 }, "mkdosfs", @options, devices::make($dev)) or die \N("%s formatting of %s failed", "dos", $dev);
}
sub format_hfs {
    my ($dev, @options) = @_;
    run_program::raw({ timeout => 60 * 60 }, "hformat", @options, devices::make($dev)) or die \N("%s formatting of %s failed", "HFS", $dev);
}
sub real_format_part {
    my ($part) = @_;

    $part->{isFormatted} and return;

    my $dev = $part->{real_device} || $part->{device};

    my @options = if_($part->{toFormatCheck}, "-c");
    log::l("formatting device $dev (type ", type2name($part->{type}), ")");

    if (isExt2($part)) {
	push @options, "-F" if isLoopback($part);
	push @options, "-m", "0" if $part->{mntpoint} =~ m|^/home|;
	format_ext2($dev, @options);
    } elsif (isThisFs("ext3", $part)) {
	push @options, "-m", "0" if $part->{mntpoint} =~ m|^/home|;
        format_ext3($dev, @options);
    } elsif (isThisFs("reiserfs", $part)) {
        format_reiserfs($dev, @options, if_(c::kernel_version() =~ /^\Q2.2/, "-v", "1"));
    } elsif (isThisFs("xfs", $part)) {
        format_xfs($dev, @options);
    } elsif (isThisFs("jfs", $part)) {
        format_jfs($dev, @options);
    } elsif (isDos($part)) {
        format_dos($dev, @options);
    } elsif (isWin($part)) {
        format_dos($dev, @options, '-F', 32);
    } elsif (isThisFs('hfs', $part)) {
        format_hfs($dev, @options, '-l', "Untitled");
    } elsif (isAppleBootstrap($part)) {
        format_hfs($dev, @options, '-l', "bootstrap");
    } elsif (isSwap($part)) {
	my $check_blocks = any { /^-c$/ } @options;
        swap::make($dev, $check_blocks);
    } else {
	die \N("I don't know how to format %s in type %s", $part->{device}, type2name($part->{type}));
    }
    $part->{isFormatted} = 1;
}
sub format_part {
    my ($raids, $part, $prefix, $wait_message) = @_;
    if (isRAID($part)) {
	$wait_message->(N("Formatting partition %s", $part->{device})) if $wait_message;
	require raid;
	raid::format_part($raids, $part);
    } elsif (isLoopback($part)) {
	$wait_message->(N("Creating and formatting file %s", $part->{loopback_file})) if $wait_message;
	loopback::format_part($part, $prefix);
    } else {
	$wait_message->(N("Formatting partition %s", $part->{device})) if $wait_message;
	real_format_part($part);
    }
}

################################################################################
# mounting functions
################################################################################
sub set_loop {
    my ($part) = @_;
    if (!$part->{real_device}) {
	eval { modules::load('loop') };
	$part->{real_device} = devices::set_loop(devices::make($part->{device}), $part->{encrypt_key}, $part->{options} =~ /encryption=(\w+)/);
    }
}

sub formatMount_part {
    my ($part, $raids, $fstab, $prefix, $wait_message) = @_;

    if (isLoopback($part)) {
	formatMount_part($part->{loopback_device}, $raids, $fstab, $prefix, $wait_message);
    }
    if (my $p = up_mount_point($part->{mntpoint}, $fstab)) {
	formatMount_part($p, $raids, $fstab, $prefix, $wait_message) unless loopback::carryRootLoopback($part);
    }
    if ($part->{encrypt_key}) {
	set_loop($part);
    }
    if ($part->{toFormat}) {
	format_part($raids, $part, $prefix, $wait_message);
    }
    mount_part($part, $prefix, 0, $wait_message);
}

sub formatMount_all {
    my ($raids, $fstab, $prefix, $wait_message) = @_;
    formatMount_part($_, $raids, $fstab, $prefix, $wait_message) 
      foreach sort { isLoopback($a) ? 1 : isSwap($a) ? -1 : 0 } grep { $_->{mntpoint} } @$fstab;

    #- ensure the link is there
    loopback::carryRootCreateSymlink($_, $prefix) foreach @$fstab;

    #- for fun :)
    #- that way, when install exits via ctrl-c, it gives hand to partition
    eval {
	local $SIG{__DIE__} = 'ignore';
	my ($_type, $major, $minor) = devices::entry(fsedit::get_root($fstab)->{device});
	output "/proc/sys/kernel/real-root-dev", makedev($major, $minor);
    };
}

sub mount {
    my ($dev, $where, $fs, $rdonly, $options, $wait_message) = @_;
    log::l("mounting $dev on $where as type $fs, options $options");

    -d $where or mkdir_p($where);

    $dev = part2device('', $dev, $fs);

    my @fs_modules = qw(vfat hfs romfs ufs reiserfs xfs jfs ext3);

    if (member($fs, 'smb', 'smbfs', 'nfs', 'davfs', 'ntfs') && $::isStandalone) {
	$wait_message->(N("Mounting partition %s", $dev)) if $wait_message;
	system('mount', '-t', $fs, $dev, $where, if_($options, '-o', $options)) == 0 or die \N("mounting partition %s in directory %s failed", $dev, $where);
	return; #- do not update mtab, already done by mount(8)
    } elsif (member($fs, 'ext2', 'proc', 'usbdevfs', 'iso9660', @fs_modules)) {
	$where =~ s|/$||;

	my $flag = c::MS_MGC_VAL();
	$flag |= c::MS_RDONLY() if $rdonly;
	my $mount_opt = "";

	if ($fs eq 'vfat') {
	    $mount_opt = 'check=relaxed';
	} elsif ($fs eq 'reiserfs') {
	    #- could be better if we knew if there is a /boot or not
	    #- without knowing it, / is forced to be mounted with notail
	    # if $where =~ m|/(boot)?$|;
	    $mount_opt = 'notail'; #- notail in any case
	} elsif ($fs eq 'jfs' && !$rdonly) {
	    $wait_message->(N("Checking %s", $dev)) if $wait_message;
	    #- needed if the system is dirty otherwise mounting read-write simply fails
	    run_program::raw({ timeout => 60 * 60 }, "fsck.jfs", $dev) or do {
		my $err = $?;
		die "fsck.jfs failed" if $err & 0xfc00;
	    };
	} elsif ($fs eq 'ext2' || $fs eq 'ext3' && $::isInstall) {
	    if (!$rdonly) {
		$wait_message->(N("Checking %s", $dev)) if $wait_message;
		foreach ('-a', '-y') {
		    run_program::raw({ timeout => 60 * 60 }, "fsck.ext2", $_, $dev);
		    my $err = $?;
		    if ($err & 0x0100) {
			log::l("fsck corrected partition $dev");
		    }
		    if ($err & 0xfeff) {
			my $txt = sprintf("fsck failed on %s with exit code %d or signal %d", $dev, $err >> 8, $err & 255);
			$_ eq '-y' ? die($txt) : cdie($txt);
		    } else {
			last;
		    }
		}
	    }
	    # really mount as ext2 during install for speed up
	    $fs = 'ext2';
	}
	if (member($fs, @fs_modules)) {
	    eval { modules::load($fs) };
	} elsif ($fs eq 'iso9660') {
	    eval { modules::load('isofs') };
	}
	log::l("calling mount($dev, $where, $fs, $flag, $mount_opt)");
	$wait_message->(N("Mounting partition %s", $dev)) if $wait_message;
	syscall_('mount', $dev, $where, $fs, $flag, $mount_opt) or die \(N("mounting partition %s in directory %s failed", $dev, $where) . " ($!)");
    } else {
	log::l("skipping mounting $fs partition");
	return;
    }
    eval { #- fail silently, /etc must be read-only
	append_to_file("/etc/mtab", "$dev $where $fs defaults 0 0\n");
    };
}

#- takes the mount point to umount (can also be the device)
sub umount {
    my ($mntpoint) = @_;
    $mntpoint =~ s|/$||;
    log::l("calling umount($mntpoint)");
    syscall_('umount', $mntpoint) or die \N("error unmounting %s: %s", $mntpoint, $!);

    substInFile { $_ = '' if /(^|\s)$mntpoint\s/ } '/etc/mtab'; #- don't care about error, if we can't read, we won't manage to write... (and mess mtab)
}

sub mount_part {
    my ($part, $prefix, $rdonly, $wait_message) = @_;

    #- root carrier's link can't be mounted
    loopback::carryRootCreateSymlink($part, $prefix);

    log::l("isMounted=$part->{isMounted}, real_mntpoint=$part->{real_mntpoint}, mntpoint=$part->{mntpoint}");
    if ($part->{isMounted} && $part->{real_mntpoint} && $part->{mntpoint}) {
	log::l("remounting partition on $prefix$part->{mntpoint} instead of $part->{real_mntpoint}");
	if ($::isInstall) { #- ensure partition will not be busy.
	    require install_any;
	    install_any::getFile('XXX');
	}
	eval {
	    umount($part->{real_mntpoint});
	    rmdir $part->{real_mntpoint};
	    symlinkf "$prefix$part->{mntpoint}", $part->{real_mntpoint};
	    delete $part->{real_mntpoint};
	    $part->{isMounted} = 0;
	};
    }

    return if $part->{isMounted};

    unless ($::testing) {
	if (isSwap($part)) {
	    $wait_message->(N("Enabling swap partition %s", $part->{device})) if $wait_message;
	    swap::swapon($part->{device});
	} else {
	    $part->{mntpoint} or die "missing mount point for partition $part->{device}";

	    my $mntpoint = ($prefix || '') . $part->{mntpoint};
	    if (isLoopback($part) || $part->{encrypt_key}) {
		set_loop($part);
	    } elsif (loopback::carryRootLoopback($part)) {
		$mntpoint = "/initrd/loopfs";
	    }
	    my $dev = $part->{real_device} || $part->{device};
	    mount($dev, $mntpoint, type2fs($part), $rdonly, $part->{options}, $wait_message);
	    rmdir "$mntpoint/lost+found";
	}
    }
    $part->{isMounted} = $part->{isFormatted} = 1; #- assume that if mount works, partition is formatted
}

sub umount_part {
    my ($part, $prefix) = @_;

    $part->{isMounted} || $part->{real_mntpoint} or return;

    unless ($::testing) {
	if (isSwap($part)) {
	    swap::swapoff($part->{device});
	} elsif (loopback::carryRootLoopback($part)) {
	    umount("/initrd/loopfs");
	} else {
	    umount(($prefix || '') . $part->{mntpoint} || devices::make($part->{device}));
	    devices::del_loop(delete $part->{real_device}) if $part->{real_device};
	}
    }
    $part->{isMounted} = 0;
}

sub umount_all($;$) {
    my ($fstab, $prefix) = @_;

    log::l("unmounting all filesystems");

    foreach (sort { $b->{mntpoint} cmp $a->{mntpoint} } @$fstab) {
	$_->{mntpoint} and umount_part($_, $prefix);
    }
}

################################################################################
# various functions
################################################################################
sub df {
    my ($part, $prefix) = @_;
    my $dir = "/tmp/tmp_fs_df";

    return $part->{free} if exists $part->{free};

    if ($part->{isMounted}) {
	$dir = ($prefix || '') . $part->{mntpoint};
    } elsif ($part->{notFormatted} && !$part->{isFormatted}) {
	return; #- won't even try!
    } else {
	mkdir_p($dir);
	eval { mount($part->{device}, $dir, type2fs($part), 'readonly') };
	if ($@) {
	    $part->{notFormatted} = 1;
	    $part->{isFormatted} = 0;
	    unlink $dir;
	    return;
	}
    }
    my (undef, $free) = MDK::Common::System::df($dir);

    if (!$part->{isMounted}) {
	umount($dir);
	unlink($dir)
    }

    $part->{free} = 2 * $free if defined $free;
    $part->{free};
}

sub up_mount_point {
    my ($mntpoint, $fstab) = @_;
    while (1) {
	$mntpoint = dirname($mntpoint);
	$mntpoint ne "." or return;
	$_->{mntpoint} eq $mntpoint and return $_ foreach @$fstab;
    }
}

1;