+2001-11-26 Chip Salzenberg <chip@pobox.com>
+
+ * utils/showmount/showmount.c (main): Don't assume that strings
+ starting with digits are IP addresses.
+ * utils/nfsd/nfsd.c (main): Close all fds and reopen 0,1,2 on
+ /dev/null before nfssvc(). Use syslog to report nfssvc errors.
+ * support/misc/tcpwrapper.c, utils/mountd/mountd.man,
+ utils/rquotad/rquotad.man, utils/statd/statd.man: Fix comments and
+ man pages: We check host names *and* addresses with tcpwrappers.
+
2001-11-21 Chip Salzenberg <chip@pobox.com>
* support/nfs/clients.c (cfname): Added: current clients file name.
* authorized by the /etc/hosts.{allow,deny} files. The local system is
* always treated as an authorized host. The access control tables are never
* consulted for requests from the local system, and are always consulted
- * for requests from other hosts. Access control is based on IP addresses
- * only; attempts to map an address to a host name might cause the
- * portmapper to hang.
+ * for requests from other hosts.
*
* Author: Wietse Venema (wietse@wzv.win.tue.nl), dept. of Mathematics and
* Computing Science, Eindhoven University of Technology, The Netherlands.
You have to use the daemon name
.B mountd
-for the daemon name (even if the binary has a different name). For the
-client names you can only use the keyword ALL or IP addresses (NOT
-host or domain names).
+for the daemon name (even if the binary has a different name).
For further information please have a look at the
.BR tcpd (8),
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
+#include <fcntl.h>
#include <string.h>
#include <errno.h>
#include <getopt.h>
+#include <syslog.h>
#include "nfslib.h"
static void usage(const char *);
int
main(int argc, char **argv)
{
- int count = 1, c, error, port;
+ int count = 1, c, error, port, fd;
port = 2049;
}
}
- if ((error = nfssvc(port, count)) < 0)
- perror("nfssvc");
+ /* KLUDGE ALERT:
+ Some kernels let nfsd kernel threads inherit open files
+ from the program that spawns them (i.e. us). So close
+ everything before spawning kernel threads. --Chip */
+ fd = open("/dev/null", O_RDWR);
+ if (fd == -1)
+ perror("/dev/null");
+ else {
+ (void) dup2(fd, 0);
+ (void) dup2(fd, 1);
+ (void) dup2(fd, 2);
+ }
+ fd = sysconf(_SC_OPEN_MAX);
+ while (--fd > 2)
+ (void) close(fd);
+
+ if ((error = nfssvc(port, count)) < 0) {
+ int e = errno;
+ openlog("nfsd", LOG_PID, LOG_DAEMON);
+ syslog(LOG_ERR, "nfssvc: %s", strerror(e));
+ closelog();
+ }
return (error != 0);
}
You have to use the daemon name
.BR rquotad
-for the daemon name (even if the binary has a different name). For the
-client names you can only use the keyword ALL or IP addresses (NOT
-host or domain names).
+for the daemon name (even if the binary has a different name).
For further information please have a look at the
.BR tcpd (8),
break;
}
- if (hostname[0] >= '0' && hostname[0] <= '9') {
+ if (inet_aton(hostname, &server_addr.sin_addr.s_addr)) {
server_addr.sin_family = AF_INET;
- server_addr.sin_addr.s_addr = inet_addr(hostname);
}
else {
if ((hp = gethostbyname(hostname)) == NULL) {
You have to use the daemon name
.B statd
-for the daemon name (even if the binary has a different name). For the
-client names you can only use the keyword ALL or IP addresses (NOT
-host or domain names).
+for the daemon name (even if the binary has a different name).
For further information please have a look at the
.BR tcpd (8),
projects / nfs-utils.git / commitdiff