2 * utils/exportfs/exportfs.c
4 * Export file systems to knfsd
6 * Copyright (C) 1995, 1996, 1997 Olaf Kirch <okir@monad.swb.de>
8 * Extensive changes, 1999, Neil Brown <neilb@cse.unsw.edu.au>
15 #include <sys/types.h>
37 static void export_all(int verbose);
38 static void exportfs(char *arg, char *options, int verbose);
39 static void unexportfs(char *arg, int verbose);
40 static void exports_update(int verbose);
41 static void dump(int verbose);
42 static void error(nfs_export *exp, int err);
43 static void usage(const char *progname, int n);
44 static void validate_export(nfs_export *exp);
45 static int matchhostname(const char *hostname1, const char *hostname2);
46 static void export_d_read(const char *dname);
47 static void grab_lockfile(void);
48 static void release_lockfile(void);
50 static const char *lockfile = EXP_LOCKFILE;
51 static int _lockfd = -1;
54 * If we aren't careful, changes made by exportfs can be lost
55 * when multiple exports process run at once:
57 * exportfs process 1 exportfs process 2
58 * ------------------------------------------
59 * reads etab version A reads etab version A
60 * adds new export B adds new export C
61 * writes A+B writes A+C
63 * The locking in support/export/xtab.c will prevent mountd from
64 * seeing a partially written version of etab, and will prevent
65 * the two writers above from writing simultaneously and
66 * corrupting etab, but to prevent problems like the above we
67 * need these additional lockfile() routines.
72 _lockfd = open(lockfile, O_CREAT|O_RDWR, 0666);
74 lockf(_lockfd, F_LOCK, 0);
80 lockf(_lockfd, F_ULOCK, 0);
84 main(int argc, char **argv)
87 char *progname = NULL;
97 if ((progname = strrchr(argv[0], '/')) != NULL)
108 while ((c = getopt(argc, argv, "afhio:ruv")) != EOF) {
141 if (optind != argc && f_all) {
142 xlog(L_ERROR, "extra arguments are not permitted with -a or -r");
145 if (f_ignore && (f_all || ! f_export)) {
146 xlog(L_ERROR, "-i not meaningful with -a, -r or -u");
149 if (f_reexport && ! f_export) {
150 xlog(L_ERROR, "-r and -u are incompatible");
153 new_cache = check_new_cache();
154 if (optind == argc && ! f_all) {
159 xlog(L_ERROR, "-f is available only "
160 "with new cache controls. "
161 "Mount /proc/fs/nfsd first");
173 * Serialize things as best we can
176 atexit(release_lockfile);
178 if (f_export && ! f_ignore) {
179 export_read(_PATH_EXPORTS);
180 export_d_read(_PATH_EXPORTS_D);
184 export_all(f_verbose);
186 for (i = optind; i < argc ; i++)
187 exportfs(argv[i], options, f_verbose);
189 /* If we are unexporting everything, then
190 * don't care about what should be exported, as that
191 * may require DNS lookups..
193 if (! ( !f_export && f_all)) {
194 /* note: xtab_*_read does not update entries if they already exist,
195 * so this will not lose new options
200 for (i = optind ; i < argc ; i++)
201 unexportfs(argv[i], f_verbose);
207 exports_update(f_verbose);
211 cache_flush(force_flush);
219 exports_update_one(nfs_export *exp, int verbose)
221 /* check mountpoint option */
222 if (exp->m_mayexport &&
223 exp->m_export.e_mountpoint &&
224 !is_mountpoint(exp->m_export.e_mountpoint[0]?
225 exp->m_export.e_mountpoint:
226 exp->m_export.e_path)) {
227 printf("%s not exported as %s not a mountpoint.\n",
228 exp->m_export.e_path, exp->m_export.e_mountpoint);
229 exp->m_mayexport = 0;
231 if (exp->m_mayexport && ((exp->m_exported<1) || exp->m_changed)) {
233 printf("%sexporting %s:%s to kernel\n",
234 exp->m_exported ?"re":"",
235 exp->m_client->m_hostname,
236 exp->m_export.e_path);
237 if (!export_export(exp))
240 if (exp->m_exported && ! exp->m_mayexport) {
242 printf("unexporting %s:%s from kernel\n",
243 exp->m_client->m_hostname,
244 exp->m_export.e_path);
245 if (!export_unexport(exp))
251 /* we synchronise intention with reality.
252 * entries with m_mayexport get exported
253 * entries with m_exported but not m_mayexport get unexported
254 * looking at m_client->m_type == MCL_FQDN and m_client->m_type == MCL_GSS only
257 exports_update(int verbose)
261 for (exp = exportlist[MCL_FQDN].p_head; exp; exp=exp->m_next) {
262 exports_update_one(exp, verbose);
264 for (exp = exportlist[MCL_GSS].p_head; exp; exp=exp->m_next) {
265 exports_update_one(exp, verbose);
270 * export_all finds all entries and
271 * marks them xtabent and mayexport so that they get exported
274 export_all(int verbose)
279 for (i = 0; i < MCL_MAXTYPES; i++) {
280 for (exp = exportlist[i].p_head; exp; exp = exp->m_next) {
282 printf("exporting %s:%s\n",
283 exp->m_client->m_hostname,
284 exp->m_export.e_path);
286 exp->m_mayexport = 1;
289 validate_export(exp);
296 exportfs(char *arg, char *options, int verbose)
298 struct exportent *eep;
299 nfs_export *exp = NULL;
300 struct addrinfo *ai = NULL;
305 if ((path = strchr(arg, ':')) != NULL)
308 if (!path || *path != '/') {
309 xlog(L_ERROR, "Invalid exporting option: %s", arg);
313 if ((htype = client_gettype(hname)) == MCL_FQDN) {
314 ai = host_addrinfo(hname);
316 exp = export_find(ai, path);
317 hname = ai->ai_canonname;
320 exp = export_lookup(hname, path, 0);
323 if (!(eep = mkexportent(hname, path, options)) ||
324 !(exp = export_create(eep, 0)))
326 } else if (!updateexportent(&exp->m_export, options))
330 printf("exporting %s:%s\n", exp->m_client->m_hostname,
331 exp->m_export.e_path);
333 exp->m_mayexport = 1;
336 validate_export(exp);
343 unexportfs(char *arg, int verbose)
346 struct addrinfo *ai = NULL;
351 if ((path = strchr(arg, ':')) != NULL)
354 if (!path || *path != '/') {
355 xlog(L_ERROR, "Invalid unexporting option: %s", arg);
359 if ((htype = client_gettype(hname)) == MCL_FQDN) {
360 ai = host_addrinfo(hname);
362 hname = ai->ai_canonname;
365 for (exp = exportlist[htype].p_head; exp; exp = exp->m_next) {
366 if (path && strcmp(path, exp->m_export.e_path))
368 if (htype != exp->m_client->m_type)
370 if (htype == MCL_FQDN
371 && !matchhostname(exp->m_export.e_hostname,
374 if (htype != MCL_FQDN
375 && strcasecmp(exp->m_export.e_hostname, hname))
379 if (exp->m_exported) {
380 printf("unexporting %s:%s from kernel\n",
381 exp->m_client->m_hostname,
382 exp->m_export.e_path);
386 printf("unexporting %s:%s\n",
387 exp->m_client->m_hostname,
388 exp->m_export.e_path);
391 if (exp->m_exported && !export_unexport(exp))
395 exp->m_mayexport = 0;
401 static int can_test(void)
405 char *setup = "nfsd 0.0.0.0 2147483647 -test-client-\n";
406 fd = open("/proc/net/rpc/auth.unix.ip/channel", O_WRONLY);
407 if ( fd < 0) return 0;
408 n = write(fd, setup, strlen(setup));
412 fd = open("/proc/net/rpc/nfsd.export/channel", O_WRONLY);
413 if ( fd < 0) return 0;
418 static int test_export(char *path, int with_fsid)
423 sprintf(buf, "-test-client- %s 3 %d -1 -1 0\n",
425 with_fsid ? NFSEXP_FSID : 0);
426 fd = open("/proc/net/rpc/nfsd.export/channel", O_WRONLY);
429 n = write(fd, buf, strlen(buf));
437 validate_export(nfs_export *exp)
439 /* Check that the given export point is potentially exportable.
440 * We just give warnings here, don't cause anything to fail.
441 * If a path doesn't exist, or is not a dir or file, give an warning
442 * otherwise trial-export to '-test-client-' and check for failure.
445 char *path = exp->m_export.e_path;
449 if (stat(path, &stb) < 0) {
450 xlog(L_ERROR, "Failed to stat %s: %m", path);
453 if (!S_ISDIR(stb.st_mode) && !S_ISREG(stb.st_mode)) {
454 xlog(L_ERROR, "%s is neither a directory nor a file. "
455 "Remote access will fail", path);
461 if (!statfs64(path, &stf) &&
462 (stf.f_fsid.__val[0] || stf.f_fsid.__val[1]))
465 if ((exp->m_export.e_flags & NFSEXP_FSID) || exp->m_export.e_uuid ||
467 if ( !test_export(path, 1)) {
468 xlog(L_ERROR, "%s does not support NFS export", path);
471 } else if ( ! test_export(path, 0)) {
472 if (test_export(path, 1))
473 xlog(L_ERROR, "%s requires fsid= for NFS export", path);
475 xlog(L_ERROR, "%s does not support NFS export", path);
482 is_hostname(const char *sp)
484 if (*sp == '\0' || *sp == '@')
487 for (; *sp != '\0'; sp++) {
488 if (*sp == '*' || *sp == '?' || *sp == '[' || *sp == '/')
490 if (*sp == '\\' && sp[1] != '\0')
498 * Take care to perform an explicit reverse lookup on presentation
499 * addresses. Otherwise we don't get a real canonical name or a
500 * complete list of addresses.
502 static struct addrinfo *
503 address_list(const char *hostname)
508 ai = host_pton(hostname);
510 /* @hostname was a presentation address */
511 cname = host_canonname(ai->ai_addr);
516 /* @hostname was a hostname or had no reverse mapping */
517 cname = strdup(hostname);
522 ai = host_addrinfo(cname);
528 matchhostname(const char *hostname1, const char *hostname2)
530 struct addrinfo *results1 = NULL, *results2 = NULL;
531 struct addrinfo *ai1, *ai2;
534 if (strcasecmp(hostname1, hostname2) == 0)
538 * Don't pass export wildcards or netgroup names to DNS
540 if (!is_hostname(hostname1) || !is_hostname(hostname2))
543 results1 = address_list(hostname1);
544 if (results1 == NULL)
546 results2 = address_list(hostname2);
547 if (results2 == NULL)
550 if (strcasecmp(results1->ai_canonname, results2->ai_canonname) == 0) {
555 for (ai1 = results1; ai1 != NULL; ai1 = ai1->ai_next)
556 for (ai2 = results2; ai2 != NULL; ai2 = ai2->ai_next)
557 if (nfs_compare_sockaddr(ai1->ai_addr, ai2->ai_addr)) {
563 freeaddrinfo(results1);
564 freeaddrinfo(results2);
568 /* Based on mnt_table_parse_dir() in
569 util-linux-ng/shlibs/mount/src/tab_parse.c */
571 export_d_read(const char *dname)
574 struct dirent **namelist = NULL;
577 n = scandir(dname, &namelist, NULL, versionsort);
580 /* Silently return */
582 xlog(L_NOTICE, "scandir %s: %s", dname, strerror(errno));
586 for (i = 0; i < n; i++) {
587 struct dirent *d = namelist[i];
589 char fname[PATH_MAX + 1];
593 if (d->d_type != DT_UNKNOWN
594 && d->d_type != DT_REG
595 && d->d_type != DT_LNK)
597 if (*d->d_name == '.')
600 #define _EXT_EXPORT_SIZ (sizeof(_EXT_EXPORT) - 1)
601 namesz = strlen(d->d_name);
603 || namesz < _EXT_EXPORT_SIZ + 1
604 || strcmp(d->d_name + (namesz - _EXT_EXPORT_SIZ),
608 fname_len = snprintf(fname, PATH_MAX +1, "%s/%s", dname, d->d_name);
609 if (fname_len > PATH_MAX) {
610 xlog(L_WARNING, "Too long file name: %s in %s", d->d_name, dname);
617 for (i = 0; i < n; i++)
625 dumpopt(char c, char *fmt, ...)
640 struct exportent *ep;
644 for (htype = 0; htype < MCL_MAXTYPES; htype++) {
645 for (exp = exportlist[htype].p_head; exp; exp = exp->m_next) {
648 continue; /* neilb */
649 if (htype == MCL_ANONYMOUS)
652 hname = ep->e_hostname;
653 if (strlen(ep->e_path) > 14)
654 printf("%-14s\n\t\t%s", ep->e_path, hname);
656 printf("%-14s\t%s", ep->e_path, hname);
662 if (ep->e_flags & NFSEXP_READONLY)
663 c = dumpopt(c, "ro");
665 c = dumpopt(c, "rw");
666 if (ep->e_flags & NFSEXP_ASYNC)
667 c = dumpopt(c, "async");
668 if (ep->e_flags & NFSEXP_GATHERED_WRITES)
669 c = dumpopt(c, "wdelay");
670 if (ep->e_flags & NFSEXP_NOHIDE)
671 c = dumpopt(c, "nohide");
672 if (ep->e_flags & NFSEXP_CROSSMOUNT)
673 c = dumpopt(c, "crossmnt");
674 if (ep->e_flags & NFSEXP_INSECURE_PORT)
675 c = dumpopt(c, "insecure");
676 if (ep->e_flags & NFSEXP_ROOTSQUASH)
677 c = dumpopt(c, "root_squash");
679 c = dumpopt(c, "no_root_squash");
680 if (ep->e_flags & NFSEXP_ALLSQUASH)
681 c = dumpopt(c, "all_squash");
682 if (ep->e_flags & NFSEXP_NOSUBTREECHECK)
683 c = dumpopt(c, "no_subtree_check");
684 if (ep->e_flags & NFSEXP_NOAUTHNLM)
685 c = dumpopt(c, "insecure_locks");
686 if (ep->e_flags & NFSEXP_NOACL)
687 c = dumpopt(c, "no_acl");
688 if (ep->e_flags & NFSEXP_FSID)
689 c = dumpopt(c, "fsid=%d", ep->e_fsid);
691 c = dumpopt(c, "fsid=%s", ep->e_uuid);
692 if (ep->e_mountpoint)
693 c = dumpopt(c, "mountpoint%s%s",
694 ep->e_mountpoint[0]?"=":"",
696 if (ep->e_anonuid != 65534)
697 c = dumpopt(c, "anonuid=%d", ep->e_anonuid);
698 if (ep->e_anongid != 65534)
699 c = dumpopt(c, "anongid=%d", ep->e_anongid);
700 switch(ep->e_fslocmethod) {
704 c = dumpopt(c, "refer=%s", ep->e_fslocdata);
707 c = dumpopt(c, "replicas=%s", ep->e_fslocdata);
711 c = dumpopt(c, "fsloc=stub");
715 secinfo_show(stdout, ep);
716 printf("%c\n", (c != '(')? ')' : ' ');
722 error(nfs_export *exp, int err)
724 xlog(L_ERROR, "%s:%s: %s", exp->m_client->m_hostname,
725 exp->m_export.e_path, strerror(err));
729 usage(const char *progname, int n)
731 fprintf(stderr, "usage: %s [-afhioruv] [host:/path]\n", progname);