Chuck Lever [Mon, 16 Jul 2007 20:28:41 +0000 (16:28 -0400)]
mount.nfs: Eliminate some C macros that use implicit arguments
Get rid of nfs_probelist, mnt_probelist, and proto_probelist in order to
remove the use of HAVE_RELIABLE_TCP, MAX_NFSPROT, and MAX_MNTPROT.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Neil Brown <neilb@suse.de>
Chuck Lever [Mon, 16 Jul 2007 20:28:36 +0000 (16:28 -0400)]
mount.nfs: Always preset nfs_mount_version
nfs_mount_version is a global integer that is set based on a guess
about which nfs_mount_data version is appropriate for the kernel we're
running on.
Make it always available and have the correct value before calling mount
and unmount so they don't have to worry about setting it themselves.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Neil Brown <neilb@suse.de>
Chuck Lever [Mon, 16 Jul 2007 20:28:31 +0000 (16:28 -0400)]
mount.nfs: Create a common source module for reporting mount errors
Clean up, and pre-requisite for subsequent fixes.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Neil Brown <neilb@suse.de>
Chuck Lever [Mon, 16 Jul 2007 20:28:26 +0000 (16:28 -0400)]
mount.nfs: clean-up add_mtab
Clean up add_mtab(), and make /sbin/mount.nfs[4] return a proper error if
it fails.
Also include an unbalanced unlock_mtab() noticed by Steve D.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Neil Brown <neilb@suse.de>
Chuck Lever [Mon, 16 Jul 2007 20:28:20 +0000 (16:28 -0400)]
mount.nfs: /bin/mount already handles --bind & friends
Clean-up: remove logic to handle --bind and other such command-line
options from mount.nfs[4].
These options are already handled in /bin/mount, and the logic for handling
them in the NFS helper is currently disabled. Other helpers such as
mount.ocfs2 appear not to support --bind (ie. they rely on /bin/mount to
do it).
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Neil Brown <neilb@suse.de>
Chuck Lever [Mon, 16 Jul 2007 20:28:15 +0000 (16:28 -0400)]
mount.nfs: Remove support for "-t" option
/bin/mount will never pass "-t" to a mount helper, since it passes the
fs-type in the name of the program it is executing.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Neil Brown <neilb@suse.de>
Chuck Lever [Mon, 16 Jul 2007 20:28:10 +0000 (16:28 -0400)]
mount.nfs: Simplify generation of progname
Use basename() instead of our own majick.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Neil Brown <neilb@suse.de>
Chuck Lever [Mon, 16 Jul 2007 20:28:05 +0000 (16:28 -0400)]
rpcdebug: Update 'rpcdebug' tool with recently added debugging flags
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Neil Brown <neilb@suse.de>
Steinar H. Gunderson [Sat, 14 Jul 2007 09:18:48 +0000 (11:18 +0200)]
Fix umount.nfs exit status
Hi,
As per a bug report from a user:
mount.c seems to assume that nfsumount() uses standard C true/false
return values, and inverts them for the exit status (where 0 is
traditionally considered success). However, nfsumount() consistently
seems to use 0 for success, and thus a success gets returned as exit
status 1 and a failure as exit status 0. This confuses at least
the GNOME drive manager applet, and probably others as well.
Signed-off-by: Steinar H. Gunderson <sesse@debian.org>
Signed-off-by: Neil Brown <neilb@suse.de>
Steve Dickson [Thu, 10 May 2007 20:02:15 +0000 (16:02 -0400)]
Added missing unlock_mtab() call in the add_mtab()
routine.
Signed-off-by: Steve Dickson <steved@redhat.com>
Steve Dickson [Thu, 10 May 2007 19:04:07 +0000 (15:04 -0400)]
The wrong bit field is being passed to NFSCTL_TCPISSET()
during one of the sanity checks in rpc.nfsd.
Signed-off-by: Steve Dickson <steved@redhat.com>
J. Bruce Fields [Thu, 5 Jul 2007 17:45:54 +0000 (13:45 -0400)]
document the sec= option
Document the sec= option in the exports man page.
Not done: it would be nice to have an example or two here (and not just
in the final "EXAMPLE" section, though that would be nice too). I was
just too lazy to figure out the formatting.
Signed-off-by: "J. Bruce Fields" <bfields@citi.umich.edu>
Signed-off-by: Neil Brown <neilb@suse.de>
J. Bruce Fields [Thu, 5 Jul 2007 17:45:53 +0000 (13:45 -0400)]
Support sec= option to specify export security
This adds support for reading sec= option and sending security data
through cache via "... secinfo n flavor1 flag1 ... flavorN flagN".
If sec= is missing, no secinfo option will be passed down.
Signed-off-by: Fred Isaman <iisaman@citi.umich.edu>
Signed-off-by: "J. Bruce Fields" <bfields@citi.umich.edu>
Signed-off-by: Neil Brown <neilb@suse.de>
J. Bruce Fields [Thu, 5 Jul 2007 17:45:52 +0000 (13:45 -0400)]
move pseudoflavor information to common code
I'd like to be able to use the same pseudoflavor data in exportfs and
mountd; so move it to nfslib and a common include.
Signed-off-by: "J. Bruce Fields" <bfields@citi.umich.edu>
Signed-off-by: Neil Brown <neilb@suse.de>
J. Bruce Fields [Thu, 5 Jul 2007 17:45:51 +0000 (13:45 -0400)]
fix warnings in mount.c
The compiler is warning because we aren't properly specifying the type
of the chk_mountpoint argument.
Signed-off-by: "J. Bruce Fields" <bfields@citi.umich.edu>
Signed-off-by: Neil Brown <neilb@suse.de>
J. Bruce Fields [Thu, 5 Jul 2007 17:45:50 +0000 (13:45 -0400)]
gitignore updates
Update gitignore to ignore some generated files.
Signed-off-by: "J. Bruce Fields" <bfields@citi.umich.edu>
Signed-off-by: Neil Brown <neilb@suse.de>
Flavio Leitner [Tue, 10 Jul 2007 00:23:27 +0000 (10:23 +1000)]
mount.nfs: Fix retry= to handle lack of reserved port situation
In the case of several (>500) mounts running at the same time
with -o tcp, the number of attempts that succeed is about 300-500
because it run out of priviledged port (they are busy in TIME_WAIT
state).
Signed-off-by: Flavio Leitner <flavio.leitner@gmail.com>
Signed-off-by: Neil Brown <neilb@suse.de>
Neil Brown [Tue, 10 Jul 2007 00:07:25 +0000 (10:07 +1000)]
configure changed to corrently report the default for --enable-mount
The default for "--enable-mount" was changed to 'yes' sometime ago,
but the help message in ./configure wasn't updated to match this.
Thanks to Chuck Level for pointing this out.
Signed-off-by: Neil Brown <neilb@suse.de>
Trond Myklebust [Tue, 10 Jul 2007 00:03:22 +0000 (10:03 +1000)]
mount.nfs: Add the mount option "nosharecache"
Prior to David Howell's mount changes in 2.6.18, users who mounted
different directories which happened to be from the same filesystem on the
server would get different super blocks, and hence could choose different
mount options. As long as there were no hard linked files that crossed from
one subtree to another, this was quite safe.
Post the changes, if the two directories are on the same filesystem (have
the same 'fsid'), they will share the same super block, and hence the same
mount options.
Add a flag to allow users to elect not to share the NFS super block with
another mount point, even if the fsids are the same. This will allow
users to set different mount options for the two different super blocks, as
was previously possible. It is still up to the user to ensure that there
are no cache coherency issues when doing this, however the default
behaviour will be to share super blocks whenever two paths result in
the same fsid.
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Signed-off-by: Neil Brown <neilb@suse.de>
Steve Dickson [Thu, 17 May 2007 00:04:19 +0000 (10:04 +1000)]
mount.nfs - NFSv4 mounts give wrong error message when server denies the mount
When nfs4 mount fail because the exported directory does
not exist, the mount command claims the local mount point
does not exist which is wrong. This patch fixes that problem
as well as makes the v4 mount failures look like v3/v2 failures.
Signed-off-by: Steve Dickson <steved@redhat.com>
Signed-off-by: Neil Brown <neilb@suse.de>
Steinar H. Gunderson [Fri, 11 May 2007 11:02:09 +0000 (21:02 +1000)]
Memory leak in mountd
In client_compose(), free() the hostent structure returned before
exiting. Normally, gethostbyaddr() returns a pointer to a static
struct, but this hostent comes from either get_reliable_hostbyaddr() or
get_hostent(), both which return a pointer they privately xmalloc()ed,
which thus can and should be free()d.
Signed-Off-By: Steinar H. Gunderson <sesse@debian.org>
Neil Brown [Fri, 11 May 2007 03:40:57 +0000 (13:40 +1000)]
Release 1.1.0
Update verison numbers(s) and make sure NEWS is uptodate.
Jeff Layton [Wed, 9 May 2007 14:19:33 +0000 (10:19 -0400)]
nfs-utils: have mountd hold open etab file to force inode number to change
This patch changes mountd to hold the etab file open so that when it's
changed by exportfs, the inode number should change. We then change
auth_reload to reload the file based on whether st_ino is different
from the last time it was checked. It also changes auth_reload to
maintain a static counter value and return it instead of a timestamp
and fixes up get_exportlist accordingly. Finally, it adds some
comments to xtab_write to warn people about editing the etab in place.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: NeilBrown <neilb@suse.de>
Neil Brown [Fri, 11 May 2007 03:28:53 +0000 (13:28 +1000)]
mount.nfs4: Remove checks for idmapd and gssd running.
While it is nice to have the checks, nothing in this package
creates the files that are checked, so we shouldn't check them
yet.
Neil Brown [Tue, 8 May 2007 04:43:28 +0000 (14:43 +1000)]
Remove rquotad
rquotad isn't really used by anyone - as you can tell by the fact that
it only works for ext2 and ext3 (if those).
The 'quota' package contains a working and maintained rquota and all
distros appear to use that one. So remove rquotad from this package
to avoid confusion.
Jeff Layton [Mon, 7 May 2007 11:53:32 +0000 (07:53 -0400)]
update manpages for showmount and mountd
This patch updates the manpages for showmount and mountd. It adds a
description of the new mountd -r option, and a caveat about the unreliability
of showmount -a.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Neil Brown [Thu, 3 May 2007 00:46:02 +0000 (10:46 +1000)]
Detect version of libblkid and act accordingly.
libblkid earlier than 1.40 has a memory leak bug that make it unsuitable
for use in mountd.
So detect the version and default to not using it if too old. Give appropriate
warnings in various cases.
Kevin Coffman [Tue, 24 Apr 2007 16:26:55 +0000 (12:26 -0400)]
Always get addressless tickets
Make sure we get addressless tickets so we can function behind a NAT.
(Must use a different function to accomplish this with Heimdal.)
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
Signed-off-by: Neil Brown <neilb@suse.de>
Neil Brown [Wed, 2 May 2007 23:33:20 +0000 (09:33 +1000)]
statd - the files created are named for dns_name, so use that when unlinking.
Also free dns_name when freeing an 'nlist', so do the unlink before the free.
Neil Brown [Fri, 20 Apr 2007 05:15:50 +0000 (15:15 +1000)]
Change version to 1.1.0-rc2
Neil Brown [Fri, 20 Apr 2007 05:14:35 +0000 (15:14 +1000)]
Don't hide my_name in statd.
statd now passes the 'my_name' from the SM_MON call faithfully to the
ha-callout and records it in the sm/ files.
Neil Brown [Fri, 20 Apr 2007 04:41:51 +0000 (14:41 +1000)]
Release notes updates: portmap and kerberos versions.
Kevin Coffman [Thu, 19 Apr 2007 21:39:27 +0000 (17:39 -0400)]
Update libgssapi requirements
Update the required version of libgssapi from 0.9 to 0.11.
(Working with Heimdal requires 0.11. Symbol versioning was
introduced in 0.10 and should be used everywhere, although
not absolutely required.)
Kevin Coffman [Thu, 19 Apr 2007 18:45:19 +0000 (14:45 -0400)]
Factor out error message printing differences between MIT and Heimdal
Use a common function that factors out differences between MIT
and Heimdal in getting the right error message printed.
Add an autoconf check to see if the newer error message function
is available.
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
Kevin Coffman [Wed, 18 Apr 2007 23:01:59 +0000 (19:01 -0400)]
Tell Heimdal gss code the correct credential to use
Always use the gss_krb5_ccache_name() function to tell Heimdal
which credentials to use.
Neil Brown [Mon, 16 Apr 2007 01:20:24 +0000 (11:20 +1000)]
Make that last patch compile...
Neil Brown [Mon, 16 Apr 2007 01:15:40 +0000 (11:15 +1000)]
Be more cautious about use for privilege ports (<1024).
Ports < 1024 are a scarce resource and should not be used
carelessly. Technically they should be not used at all without
registration with IANA, but sometimes we need them despite that.
So: for the socket that RPC services listen on, don't use a <1024 port
by default. There is no need.
For sockets that we send messages on, that are long-lived, and that might
need to appear 'privileged', avoid using a number that is registered in
/etc/services if possible.
Kevin Coffman [Wed, 4 Apr 2007 02:57:21 +0000 (12:57 +1000)]
README - updates to daemon start order.
Kevin Coffman [Wed, 4 Apr 2007 02:47:35 +0000 (12:47 +1000)]
NEWS - add info about gssd changes.
Neil Brown [Tue, 3 Apr 2007 01:26:58 +0000 (11:26 +1000)]
NEWS and README updates.
Particularly details of daemon startup order have been added to README.
Neil Brown [Tue, 3 Apr 2007 00:37:59 +0000 (10:37 +1000)]
statd - fix some compile warnings
Neil Brown [Mon, 2 Apr 2007 03:26:05 +0000 (13:26 +1000)]
exportfs - test exportability of filesystems when exportfs is run.
When exporting a filesystem test to see if the kernel is likely
to accept the export and print suitable warning message if not.
Don't actually fail the 'exportfs' as by the time a MOUNT request
arrives, the filesystem might be exportable.
Signed-off-by: Neil Brown <neilb@suse.de>
Neil Brown [Mon, 2 Apr 2007 03:26:01 +0000 (13:26 +1000)]
mountd - improve checks and error messages for export failure.
If an attempt is made to export a non-(dir|file), just ignore it.
This should get caught by exportfs.
If an attempt is made to export a non-exportable filesystem, report
an error. Hopefully exportfs can trap some these as well, but
catching them in mountd as well is good.
Signed-off-by: Neil Brown <neilb@suse.de>
Neil Brown [Mon, 2 Apr 2007 03:25:40 +0000 (13:25 +1000)]
Tell NFS/lockd client what that local state number is.
Both SM_STAT and SM_MON can return the state of an NSM, but it is
unclear which NSM they return the state of, so the value cannot be
used, and lockd doesn't use it.
Document this confusion, and give the current state to the kernel
via a sysctl if that sysctl is available (since about 2.6.19).
This should make is possible for the NFS server to detect a small
class of bad SM_NOTIFY packets and not flush locks in that case.
Signed-off-by: Neil Brown <neilb@suse.de>
Kevin Coffman [Fri, 30 Mar 2007 22:32:21 +0000 (18:32 -0400)]
Add a debug message indicating that gssd is ready to process requests
Add a debug message indicating that gssd is ready to process requests
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
Signed-off-by: Neil Brown <neilb@suse.de>
Kevin Coffman [Fri, 30 Mar 2007 22:32:19 +0000 (18:32 -0400)]
Remove the now unused functions
Remove functions that are no longer used when when obtaining
machine credentials.
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
Signed-off-by: Neil Brown <neilb@suse.de>
Kevin Coffman [Fri, 30 Mar 2007 22:32:17 +0000 (18:32 -0400)]
Clean up gssd_get_single_krb5_cred and its debugging messages
Clean up gssd_get_single_krb5_cred and its debugging messages
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
Signed-off-by: Neil Brown <neilb@suse.de>
Kevin Coffman [Fri, 30 Mar 2007 22:32:14 +0000 (18:32 -0400)]
Use newly added keytab functions
Use the new functions added in the previous patch.
Obtain machine credentials in a pre-determined order
Look for appropriate machine credentials in the following order:
root/<fqdn>@REALM
nfs/<fqdn>@REALM
host/<fqdn>@REALM
root/<any-name>@REALM
nfs/<any-name>@REALM
host/<any-name>@REALM
The first matching credential will be used.
Also, the machine credentials to be used are now determined
"on-demand" rather than at gssd startup. This allows keytab
additions to be noticed and used without requiring a restart of gssd.
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
Signed-off-by: Neil Brown <neilb@suse.de>
Kevin Coffman [Fri, 30 Mar 2007 22:32:12 +0000 (18:32 -0400)]
Add new keytab handling functions for dealing with machine credentials
Add new functions that will be used in the next patch. The new behavior
is to search for particular keytab entries in a specified order:
root/<fqdn>@<REALM>
nfs/<fqdn>@<REALM>
host/<fqdn>@<REALM>
root/<any-name>@<REALM>
nfs/<any-name>@<REALM>
host/<any-name>@<REALM>
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
Signed-off-by: Neil Brown <neilb@suse.de>
Kevin Coffman [Fri, 30 Mar 2007 22:32:10 +0000 (18:32 -0400)]
Hide differences between MIT and Heimdal in macros
Clean up a lot of #ifdef'd code using macros, masking
the differences between MIT and Heimdal implementations.
The currently unused macros will be used in later patches.
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
Signed-off-by: Neil Brown <neilb@suse.de>
Kevin Coffman [Fri, 30 Mar 2007 22:32:08 +0000 (18:32 -0400)]
Fix memory leak on error path of limit_krb5_enctypes()
Return credential on error path of limit_krb5_enctypes()
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
Signed-off-by: Neil Brown <neilb@suse.de>
Kevin Coffman [Fri, 30 Mar 2007 22:32:05 +0000 (18:32 -0400)]
Add missing newlines
Add missing newlines to error messages.
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
Signed-off-by: Neil Brown <neilb@suse.de>
Neil Brown [Thu, 29 Mar 2007 03:55:33 +0000 (13:55 +1000)]
Update version to 1.1.0-rc1
Neil Brown [Thu, 29 Mar 2007 03:54:45 +0000 (13:54 +1000)]
New 'NEWS' file with release-notes for 1.1.0
Neil Brown [Thu, 29 Mar 2007 03:51:20 +0000 (13:51 +1000)]
Add start-statd script.
This script is used by mount.nfs to run statd if needed.
It can be locally modified to change arguements if required.
Neil Brown [Thu, 29 Mar 2007 03:39:16 +0000 (13:39 +1000)]
Rename configure.in to configure.ac
It is a more standard name...
Neil Brown [Thu, 29 Mar 2007 03:20:20 +0000 (13:20 +1000)]
Change default to use system rpcgen.
If system-installed rpcgen if such exists.
If none is found, build our own.
Override with
./configure --with-rpcgen=internal
for internal rpcgen or
./configure --with-rpcgen=/local/rpcgen
for a non-standard location.
Neil Brown [Thu, 29 Mar 2007 03:08:09 +0000 (13:08 +1000)]
sm-notify: Try all addresses of a multihomed host.
When sending an SM_NOTIFY to multi-homed host, try all the addresses
in rotation. After 4 failures on one address, try the next.
Signed-off-by: Neil Brown <neilb@suse.de>
Neil Brown [Thu, 29 Mar 2007 03:08:08 +0000 (13:08 +1000)]
statd - use dnsname to ensure correct matching of NOTIFY requests.
When lockd asks to monitor a host, we find the FQDN from the DNS
and remember that, both internally and in the /var/lib/nfs/sm/*
file.
When we receive an SM_NOTIFY request, we compare both the
mon_name and the source IP address against that DNS name to find
a match.
If a DNS name is not available, we fall back to the name provided by
lockd, which at least is known to map to an IP address via
gethostbyname.
Signed-off-by: Neil Brown <neilb@suse.de>
Neil Brown [Thu, 29 Mar 2007 03:08:07 +0000 (13:08 +1000)]
statd - check for 'priv' when looking for duplicate registrations.
From the point of view of the client (lockd), the 'priv' blob is probably
the most important key, so make sure to not throw away requests with
new 'priv' information.
Signed-off-by: Neil Brown <neilb@suse.de>
Neil Brown [Thu, 29 Mar 2007 03:08:06 +0000 (13:08 +1000)]
statd - remove a pointless if
The if contains a while with essentially the same condition.
Signed-off-by: Neil Brown <neilb@suse.de>
Steve Dickson [Thu, 29 Mar 2007 03:08:06 +0000 (13:08 +1000)]
mount.nfs - nordirplus option
From: Steve Dickson <steved@redhat.com>
Adds the -o nordirplus mount option that will disable
NFS clients from using the READDIRPLUS RPC.
Signed-off-by: Steve Dickson <steved@redhat.com>
Signed-off-by: Neil Brown <neilb@suse.de>
Neil Brown [Thu, 29 Mar 2007 03:08:04 +0000 (13:08 +1000)]
mount.nfs.man - Use nolocks for /, /usr, /var
Make it clear in manpage for mount.nfs that using nolock is
appropriate for /, /usr and /var.
Signed-off-by: Neil Brown <neilb@suse.de>
Neil Brown [Thu, 29 Mar 2007 03:08:04 +0000 (13:08 +1000)]
mount.nfs - require statd to be running to mount without nolocks
If we are mounting nfsv2 or nfsv3 and statd isn't running and we
cannot start statd, then fail the mount request.
Also use an RPC ping to check on statd.
Signed-off-by: Neil Brown <neilb@suse.de>
Neil Brown [Thu, 29 Mar 2007 03:08:03 +0000 (13:08 +1000)]
statd - only unregister/register once.
The for loop that restarts on SIGUSR or simu_reboot currently includes
several once-only things, that are probably best taken out of the loop.
We also take the unregister/register out of the loop as if statd does
drop privileges, then the second register won't use a privileged port
properly.
On the whole, cleaner code.
Signed-off-by: Neil Brown <neilb@suse.de>
Neil Brown [Thu, 29 Mar 2007 03:08:01 +0000 (13:08 +1000)]
mountd - better response to failed attempts to export filesystems
If the kernel rejects an attempt to export a filesystem - e.g. because
it is not exportable, we shouldn't just ignore the error, but rather
should tell the kernel that the relevant filehandle or path cannot be supported.
We should really print out some error messages too.
Signed-off-by: Neil Brown <neilb@suse.de>
Neil Brown [Thu, 29 Mar 2007 03:07:58 +0000 (13:07 +1000)]
sm-notify - fix bugs related to run-only-once.
Make sure that sm-notify really runs only once per reboot.
Signed-off-by: Neil Brown <neilb@suse.de>
Neil Brown [Thu, 29 Mar 2007 03:07:48 +0000 (13:07 +1000)]
statd - keep persistent state in sm/* files.
If statd dies and is restarted, it forgets what peers the kernel
is interested in monitoring, and so will not forward NOTIFY
requests properly.
With this patch the required information is recorded in the files
in /var/lib/nfs/sm/* so that a kill/restart does what you might
hope.
Signed-off-by: Neil Brown <neilb@suse.de>
Neil Brown [Fri, 23 Mar 2007 01:36:36 +0000 (12:36 +1100)]
statd - fix bug so statd can talk to kernel again.
We need to call statd_get_socket before dropping privileges so that we
have a privileged port. We use to do that when initialising
notification as the same socket was used for reboot notication as for
callbacks to the kernel. Now it is a different socket..
Neil Brown [Thu, 22 Mar 2007 06:05:29 +0000 (17:05 +1100)]
sm-notify - Fix typos in Usage message.
Neil Brown [Thu, 22 Mar 2007 05:56:20 +0000 (16:56 +1100)]
mount.nfs: Fix issue with -o user,exec
It would seem to make sense for mount.nfs to impose the
"-o user" => "-o noexec,nodev,nosuid"
rule. However if you give "user,exec" to /sbin/mount,
it will pass down
nodev,nosuid,user
with the 'exec' flag :-(
So we have to leave that handling of that particular rule to
/sbin/mount.
Neil Brown [Thu, 22 Mar 2007 05:22:07 +0000 (16:22 +1100)]
Fix errors in statd calling sm-notify.
The option for set-source-address is '-v', not '-N'.
And only warn about -N if -N was actually used.
Neil Brown [Thu, 22 Mar 2007 05:06:22 +0000 (16:06 +1100)]
Never set SO_REUSEADDR on a UDP socket.
The effect is quite different from TCP sockets.
For TCP, it allows you to listen for new connections even if there
are outstanding old connections with the same local address.
For UDP, it allows other people to steal your packets by
binding to the same address.
Kevin Coffman [Tue, 20 Mar 2007 22:52:17 +0000 (18:52 -0400)]
Fix a couple of problems that crept into mount
Commit
6facb22402a0bd8cd49be2ed1a0856b24fef42f4 changed the allocation
of len to no longer get 20 extra bytes. It needs to get at least one
extra byte for a null character, otherwise a single extra option such
as "sec=krb5" is never copied in parse_opt() and is dropped.
Commit
44a3727a3243e674a1f1fdad5cbbc639aa25d01c added a typo when
checking the program name.
Signed-off-by: Neil Brown <neilb@suse.de>
Neil Brown [Tue, 20 Mar 2007 05:17:27 +0000 (16:17 +1100)]
statd - remove try_to_resolve
try_to_resolve is used to resolve a hostname when sending a notification.
But we now only send notifications to localhost, so name resolution is not
needed.
Neil Brown [Tue, 20 Mar 2007 05:16:04 +0000 (16:16 +1100)]
umount should succeed even if we cannot contact the server.
Failure to tell mountd about the unmount should not be classes
and an error and DEFINTELY should not stop the filesystem
from being unmounted.
Karel Zak [Mon, 19 Mar 2007 20:02:40 +0000 (21:02 +0100)]
Add support for quoted mount options
The patch avoid the collision between commas in security contexts and the
delimiter between mount options.
Try:
mount.nfs foo://mnt/bar /mnt/bar -o context=\"aaa,bbb,ccc\",ro
Signed-off-by: Cory Olmo <colmo@TrustedCS.com>
Signed-off-by: Karel Zak <kzak@redhat.com>
Signed-off-by: Neil Brown <neilb@suse.de>
Neil Brown [Tue, 20 Mar 2007 03:18:41 +0000 (14:18 +1100)]
Build mount.nfs by default, and install setuid
Also fix a few bugs that came up in initial testing.
Neil Brown [Tue, 20 Mar 2007 01:53:32 +0000 (12:53 +1100)]
mount.nfs - make sure program name in error message is correct.
getopt_long uses argv[0] in error messages. So it it is given
argv+2 for example, we need to make sure that argv[2] has the
correct program name.
Neil Brown [Tue, 20 Mar 2007 01:50:04 +0000 (12:50 +1100)]
umount.nfs - more strict checks on command line args.
Reject if there are non-flag args,
Reject if the filesystem is not an NFS filesystem.
Neil Brown [Tue, 20 Mar 2007 01:39:06 +0000 (12:39 +1100)]
mount.nfs - Tidy up option parsing.
Make sure all possible invalid arguments are discovered and reported.
Make sure nothing gets by for uid!=0 that doesn't perfectly match fstab.
Neil Brown [Tue, 20 Mar 2007 00:50:14 +0000 (11:50 +1100)]
sm-notify - use state directory provided via ./configure
Neil Brown [Tue, 20 Mar 2007 00:47:28 +0000 (11:47 +1100)]
Allow disabling of libblkid usage.
Some versions of libblkid have a terrible memory leak which makes
mounted grow toooo big. So support
--disable-uuid
to remove the uuid functionality and liblkid with it.
Neil Brown [Tue, 20 Mar 2007 00:15:29 +0000 (11:15 +1100)]
Add --with-rpcgen= for configure so that the system rpcgen can be used.
Ultimately it makes sense to remove remove rpcgen from the nfs-utils
release as it is already in the glibc release. With this patch
you can use the system rpcgen to make sure it works.
It is not default yet, but it might be in a future release.
Neil Brown [Tue, 20 Mar 2007 00:13:42 +0000 (11:13 +1100)]
Handle -o remount better
On -o remount, we need to update the entry in mtab rather than
add a new one. update_mtab does this so use that.
However it might free some strings that shouldn't be freed, so
stop it from calling free - the program will exit soon anyway
so no exit is needed.
Neil Brown [Mon, 19 Mar 2007 23:14:44 +0000 (10:14 +1100)]
statd - delay drop-privs until sockets have been setup.
Registering sockets with portmap might require root privs,
so don't drop privs until that has been done.
Neil Brown [Mon, 19 Mar 2007 23:13:00 +0000 (10:13 +1100)]
Allow rpc.statd to *not* run sm-notify.
With -L (for Listen-only) or --no-notify, statd will not run
sm-notify.
Neil Brown [Mon, 19 Mar 2007 23:09:50 +0000 (10:09 +1100)]
Remove notify functionality from statd in favour of sm-notify
statd now execs sm-notify to notify peers and only listens to
monitor requests and remote notifications itself.
Neil Brown [Mon, 19 Mar 2007 23:04:16 +0000 (10:04 +1100)]
sm-notify - compile and install
Add sm-notify to the compile/install scripts,
(and fix a compile warning).
Neil Brown [Mon, 19 Mar 2007 23:03:28 +0000 (10:03 +1100)]
sm-notify - drop privileges before receiving packets from network.
If /var/lib/nfs/sm is owned by non-root, setuid to that uid
after opening sockets but before receiving answers.
Neil Brown [Mon, 19 Mar 2007 22:50:33 +0000 (09:50 +1100)]
Prevent sm-notify from being run multiple times per reboot.
As "mount.nfs" can start statd, and as statd can start sm-notify,
the risk of sm-notify being run multiple times increases.
As this is not normally appropriate, sm-notify now creates a
file in /var/run which will stop future instances from being
run (though ofcourse this behaviour can be controlled by a
new command line option).
Neil Brown [Mon, 19 Mar 2007 22:48:21 +0000 (09:48 +1100)]
sm-notify - make the manpage a little more up-to-date
Neil Brown [Mon, 19 Mar 2007 22:41:00 +0000 (09:41 +1100)]
sm-notify: remove addr_parse
This functionality is alreday present in getaddrinfo so it isn't
needed explicitly.
Neil Brown [Mon, 19 Mar 2007 22:40:26 +0000 (09:40 +1100)]
sm-notify: Allow base path to be set by command line option.
for compat with statd.
Neil Brown [Mon, 19 Mar 2007 22:36:28 +0000 (09:36 +1100)]
Add sm-notify from SuSE
Not included in build yet.
Karel Zak [Mon, 19 Mar 2007 19:33:17 +0000 (20:33 +0100)]
Correctly handle -f (fake) mount option.
The fake option has to write to mtab like a normal mount. Read mount(8) man
page for more details. It's very important for system init scripts that use
"-f" as a way how write info about mount points to /etc/mtab.
Signed-off-by: Karel Zak <kzak@redhat.com>
Signed-off-by: Neil Brown <neilb@suse.de>
Neil Brown [Mon, 19 Mar 2007 01:06:08 +0000 (12:06 +1100)]
When finding an export for an fsid, check submounts too.
When looking for the exportpoint to match a given fsid,
if an NFSEXP_CROSSMOUNT export is found, also check all filesystems
mounted below there.
Neil Brown [Mon, 19 Mar 2007 00:52:30 +0000 (11:52 +1100)]
Handle 'crossmnt' when kernel asked for export options for a directory.
If the kernel finds a mountpoint below a 'crossmnt' export, it will ask
mounted what export options to use. With this patch it will return
the same export options as for the top 'crossmnt' export unless
more specific options have been given.
Neil Brown [Mon, 19 Mar 2007 00:41:21 +0000 (11:41 +1100)]
Allow exporting of a subfilesystem when 'crossmnt' is set.
If we are asked to export a filesystem which is not explicitly
exported, but an ancestor is exported as 'crossmnt', export the
filesystems with the same options as the ancestor.
This is the first step to making 'crossmnt' effectively export
a tree of filesystems.
Neil Brown [Mon, 19 Mar 2007 00:12:34 +0000 (11:12 +1100)]
Work around svc_getreqset in glibc 3
Without this fix, mountd ignores sockets with filedescriptor > 31,
so if there are more than about 26 concurrent connections, mountd
starts spinning.
projects / nfs-utils.git / log