From 4aa39b894dbb80eab45af53a011224a43b687b94 Mon Sep 17 00:00:00 2001
From: Karel Zak <kzak@redhat.com>
Date: Mon, 24 Feb 2025 14:04:53 +0100
Subject: [PATCH] Libmount: Fix removal of "owner" option when executed as root

When executed as root, libmount replaces the "owner" and "group" mount
options with "nosuid, nodev, ..." However, this can result in an
"invalid argument" error because libmount removes the unwanted options
first and then tries to address the location for the new options using
the already removed options. To fix this, we need to reverse the order
of operations.

Reported-by: hxinzhe <hxinzhe1024@163.com>
Signed-off-by: Karel Zak <kzak@redhat.com>
---
 libmount/src/context_mount.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/libmount/src/context_mount.c b/libmount/src/context_mount.c
index 50e4a62..4eaeb31 100644
--- a/libmount/src/context_mount.c
+++ b/libmount/src/context_mount.c
@@ -202,10 +202,6 @@ static int evaluate_permissions(struct libmnt_context *cxt)
 		 *
 		 * The old deprecated way is to use mnt_optstr_get_flags().
 		 */
-		if (user_flags & (MNT_MS_OWNER | MNT_MS_GROUP))
-			rc = mnt_optlist_remove_flags(ol,
-					MNT_MS_OWNER | MNT_MS_GROUP, cxt->map_userspace);
-
 		if (!rc && (user_flags & MNT_MS_OWNER))
 			rc = mnt_optlist_insert_flags(ol,
 					MS_OWNERSECURE, cxt->map_linux,
@@ -226,6 +222,10 @@ static int evaluate_permissions(struct libmnt_context *cxt)
 			rc = mnt_optlist_insert_flags(ol, MS_SECURE, cxt->map_linux,
 					MNT_MS_USERS, cxt->map_userspace);
 
+		if (user_flags & (MNT_MS_OWNER | MNT_MS_GROUP))
+			rc = mnt_optlist_remove_flags(ol,
+					MNT_MS_OWNER | MNT_MS_GROUP, cxt->map_userspace);
+
 		DBG(CXT, ul_debugobj(cxt, "perms: superuser [rc=%d]", rc));
 		if (rc)
 			return rc;
-- 
2.43.0