Jeff Layton [Mon, 18 Dec 2006 20:44:11 +0000 (15:44 -0500)]
add -r flag to make mountd do reverse resolve of ipaddress on the fly
For those that want "traditional" showmount -a behavior from their mountd
(hostname:/path instead of ipaddr:/path). This patch adds a '-r' flag that
does a reverse-resolve for each IP address listed in the rmtab when
a dump operation is called.
Probably not a good idea for those concerned about performance, but since it's
not the default option, I don't see it being an issue.
Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Neil Brown <neilb@suse.de>
Jeff Layton [Mon, 18 Dec 2006 20:43:56 +0000 (15:43 -0500)]
remove extraneous mountlist_add/del calls and change remaining ones to use IP addresses
Neil suggested a patch to change the mountlist_add and mountlist_del calls to
use IP addresses instead of the names returned by client_compose based on a
command line option flag.
I don't see any real reason to put client_compose strings into the rmtab, so
this patch makes it so that it adds IP addresses instead of those strings to
the rmtab by default.
It also removes all mountlist_add calls that are being done from kernel cache
routines. My main concern there is NFSv4. We don't seem to make any upcalls to
mountd on NFSv4 unmounts, and I don't see a way to reliably remove NFSv4
entries. So, I figured I'd stick with having mountlist_add only called when
a v2 or v3 mount call is made, and mountlist_del called only on the
corresponding unmount call.
Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Neil Brown <neilb@suse.de>
Jeff Layton [Mon, 18 Dec 2006 20:43:16 +0000 (15:43 -0500)]
Don't rely on old info in my_client
Here's a new set of patches to fix up "showmount -a", based on the approach
suggested by Neil. This first patch is fairly simple. It just stops
the current caching of my_client.
For an explanation, consider this situation with the current code:
1) Client mounts an NFS export from server that is restricted to a particular
hostname or netgroup.
2) DNS or netgroup changes so that the client would be denied.
3) Client attempts mount again. Mount succeeds, even though it shouldn't due
to the fact that mountd relies on cached info in my_client.
This situation can occur as long as no other client attempts a mount between
1 and 3 above. The patch below removes this caching, and causes a new
invocation of client_compose for each pass through auth_authenticate:
Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Neil Brown <neilb@suse.de>
Ian Kent [Thu, 14 Dec 2006 11:34:52 +0000 (20:34 +0900)]
nfs-utils - mtab locking needed on add as well as update
Hi all,
I noticed some mtab corruption the other day when doing some autofs
testing but thought nothing of it.
When investigating another issue I came across utils/mount.c:add_mtab
which looks like it adds an entry to /etc/mtab without performing
correct locking. Perhaps this is not needed when adding entries but I
think it is.
The getopt_long() option string in mountd was having a spurious
colon after the 'n', leading to the short form of --no-tcp not
being usable (expecting a parameter, contrary to the long form
and the documentation). Fix.
The exports(8) man page already mentions that some non-root users,
such as bin, might be just as sensitive as root, and that root_squash
thus might not be as effective as one could hope for. Update the
documentation to also mention that this could be the case for non-root
groups, such as staff.
Kevin Coffman [Fri, 13 Oct 2006 19:36:03 +0000 (15:36 -0400)]
Allow gssd ccaches in MEMORY: rather than FILE:
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
Add option to store gssd ccaches in a MEMORY: cache rather
than the default FILE: cache. In response to suggestion
from Steve Dickson <steved@redhat.com> and
Nalin Dahyabhai <nalin@redhat.com>.
Signed-off-by: Olga Kornievskaia <aglo@citi.umich.edu> Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
Implement a new version of lucid spkm3 context which is passed
down to the kernel.
J. Bruce Fields [Fri, 13 Oct 2006 19:35:52 +0000 (15:35 -0400)]
Don't always use default mapping to "nobody".
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
We've been ignoring all mapping errors and instead mapping to a "nobody" user
or group.
This is arguably OK for the cases where we're returning a value to the user
(so, id->name mapping on the server or name->id mapping on the client).
But it's a disaster in the other direction (id->name on the server or id->name
on the client): for example, a chown to an unknown user should *not*
automatically be translated into a succesful chown to "nobody".
This patch fixes that problem on the server side.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
did447@gmail.com [Fri, 13 Oct 2006 19:35:38 +0000 (15:35 -0400)]
On a glibc system gethostbyname is in libc not libnsl
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
Change configure test for gethostbyname, and properly
determine whether "-lnsl" or "-lsocket" are really
required.
Kevin Coffman [Fri, 13 Oct 2006 19:35:32 +0000 (15:35 -0400)]
Restore extra help for PKG_CONFIG error
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
Fix the error message printed when pkg-config is unable to locate
information for librpcsecgss so the message is actually printed.
Neil Brown [Mon, 7 Aug 2006 06:40:50 +0000 (16:40 +1000)]
Set version to 1.0.10
Note: 1.0.10 should be used in preference to
1.0.9 especially with kernels 2.6.18 and later
otherwise 'rpc.nfsd N' won't work to change the
number of threads after nfsd has been started.
Neil Brown [Mon, 7 Aug 2006 06:37:13 +0000 (16:37 +1000)]
"rpc.nfsd XX" should not fail if ports are already open.
support/nfs/nfssvc.c: if any ports are already open,
don't try to open any more.
This means that once nfsd is running
rpc.nfsd X
will just change the number of threads, not the
ports in use.
Kevin Coffman [Sat, 8 Jul 2006 00:01:40 +0000 (10:01 +1000)]
Use uid/gid of -1 to indicate the export's anonuid/anongid should be used
Kernel routine nfsd_setuser() in fs/nfsd/auth.c checks for the
value -1 and defaults the credential's fsuid/fsgid to the
correct anonuid/anongid values for the given export. We should
be passing this value (-1) down when a name mapping cannot be found.
Thanks to J. Bruce Fields <bfields@fieldses.org> for the reference.
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu> Acked-by: J. Bruce Fields <bfields@fieldses.org>
Neil Brown [Fri, 7 Jul 2006 23:41:58 +0000 (09:41 +1000)]
Disable building/installing mount.nfs by default.
mount.nfs does not yet support 'user' option and some others.
To make it support this we need to make it setuid-root, and
some security isses need to be resolved before that can be done
safely.
Don't depend on Kerberos headers when checking librpcsecgss in configure
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
Older versions of MIT Kerberos are missing an OID definition, causing
the configure checks for librpcsecgss to fail. We shouldn't be depending
on their libraries during the configure.
- unused variable 'buf'
- emit a declaration for `buf' on demand.
- unused variable 'i'
- declare i immediately before use
- unused value from IXDR_PUT_
- cast to (void)
- type-punned pointer reference
- cast to (void*) first :-(
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
Temporary patch to do default mapping if we get an error while trying to
map a gss principal to the appropriate uid/gid. This currently returns
hardcoded values. This may be correct, or we may need to try and figure
out the correct values to match the anonuid/anongid for the export.
Change default buffer size increment for readline()
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
The readline routine expects much smaller messages than we are passing.
Change the default initial allocation and increment value from 128
to 2048. This saves many calls to realloc().
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
Update the printerr() function to:
1) Determine whether we'll print the message before going to all the
work of formatting it.
2) Don't just toss away messages that are too long for the buffer.
Print what we can and give an indication of the truncation with
"..." at the end.
3) Use a single buffer rather than two.
4) Messages either go to syslog (with level ERR) or stderr. Don't
send some messages to syslog level DEBUG.
Use setfsuid() rather than seteuid() while creating contexts
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
As suggested by Olaf Kirch <okir@suse.de>, use setfsuid() rather than
seteuid() when creating a gss context. This prevents users from using
credentials that do not belong to them, while also preventing them from
doing things like killing, renicing, or changing the priority of the
gssd process while it is processing the context creation.
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
Specify that the acquire_cred call should only be concerned with returning
Kerberos credentials since this is Kerberos-only functionality.
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
Do a call to determine mechanisms supported by the gssapi library early.
This allows us to discover early in case the gssapi library is somehow
misconfigured. We can bail out early and give a meaningful message
rather than getting errors on each attempt at a context negotiation.
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
Correct the definition of mech_used in the gss context to use gss_OID_desc.
This fixes problems on 64-bit machines when referencing the OID.
Also updates write_buffer function to use u_int rather than size_t when
doing calculations.
Steve Dickson [Sun, 2 Jul 2006 23:52:00 +0000 (09:52 +1000)]
Allow rpc.nfsd to suppress tcp or udp, and listen on a specific address.
-T - will suppressing listening for TCP connection.
-U - will suppress UDP
-H host - will only listen on that local address
-p port - will listen on that port.
This requires kernel patches which will hopefully be in 2.6.19 and possibly some
earlier test and vendor kernels.
Greg Banks [Tue, 27 Jun 2006 11:22:59 +0000 (21:22 +1000)]
Comment out the decades-old SCCS id strings from the original Sun
distribution. They cause compile warnings, there is no longer any
reason to try to build them into the binaries, and gcc seems to be
eliding some of them anyway.
Neil Brown [Fri, 23 Jun 2006 03:37:08 +0000 (13:37 +1000)]
Try to make sure that clientid used for NFSv4 is reliable.
We need to give an IP address to identify this client to the
server.
The current code does a gethostbyname of the hostname. One
some systems this returns 127.0.0.1 or similar, which is not useful.
Instead, use getsockname of the sock used to connect to the server
to confirm that the server is working. This gives the address on the
interface that was chosen to talk to that server, which is the
best address we can find (if there is a NAT in the way, it might
still not work, but in that case there is nothing we can do).
Greg Banks [Wed, 14 Jun 2006 12:48:10 +0000 (22:48 +1000)]
multiple threads for mountd
How about the attached patch against nfs-utils tot? It
adds a -t option to set the number of forked workers.
Default is 1 thread, i.e. the old behaviour.
I've verified that showmount -e, the Ogata mount client,
and a real mount from Linux and IRIX boxes work with and
without the new option.
I've verified that you can manually kill any of the workers
without the portmap registration going away, that killing
all the workers causes the manager process to wake up and
unregister, and killing the manager process causes the
workers to be killed and portmap unregistered.
I've verified that all the workers have file descriptors
for the udp socket and the tcp rendezvous socket, that
connections are balanced across all the workers if service
times are sufficiently long, and that performance is
improved by that parallelism, at least for small numbers
of threads. For example, with 60 parallel MOUNT calls
and a testing patch to make DNS lookups take 100 milliseconds
time to perform all mounts (averaged over 5 runs) is:
Neil Brown [Mon, 5 Jun 2006 02:47:00 +0000 (12:47 +1000)]
fix nhfsrun signal
nhfsrun is supposed to be able to be signalled with SIGUSR1, but
the signal trapped is number 30, which is something else
entirely (SIGPWR). This patch simply changes it to say "USR1",
which gets it right no matter what the value is.
"Steinar H. Gunderson" <sesse@debian.org>
Neil Brown [Mon, 5 Jun 2006 02:45:01 +0000 (12:45 +1000)]
mountd state directory
Let the user select (via a new parameter) the path to the NFS
state directory for mountd, to match the statd functionality.
"Steinar H. Gunderson" <sesse@debian.org>
Neil Brown [Mon, 5 Jun 2006 02:39:07 +0000 (12:39 +1000)]
document sync option:
Document the 'sync' option in the exports(5) man page -- ATM
only the 'async' option is documented, which is not very
symmetric. :-) "Steinar H. Gunderson" <sesse@debian.org>
Neil Brown [Mon, 5 Jun 2006 02:27:35 +0000 (12:27 +1000)]
escape hashes in exports
Makes sure any # signs in the printed-out exports file are
escaped (as with quotes, spaces, etc.), so they won't be treated
as a comment when they're read back in again.
"Steinar H. Gunderson" <sesse@debian.org>
Neil Brown [Mon, 5 Jun 2006 02:16:20 +0000 (12:16 +1000)]
fix exportfs with multiple matches
Fixes a problem with exportfs -o
and multiple entries of the same type for the same patch that matches
a given client. The entire rationale and problem description can be found
at http://bugs.debian.org/245449 (fumihiko kakuma <kakmy@mvh.biglobe.ne.jp>)
Neil Brown [Mon, 17 Apr 2006 07:07:39 +0000 (17:07 +1000)]
Remove **/Makefile.in, aclocal.m4, configure, and
support/include/config.h.in from source control
These are auto autogenerated by
aclocal -I aclocal ; autoheader ; automake ; autoconf
2006-04-10 NeilBrown <neilb@suse.de>
Various paranoia checks:
gssd_proc.c: pass max_field sizes to sscanf to avoid buffer
overflow
svcgssd_proc.c: range_check name.length, to ensure name.length+1
doesn't wrap
idmapd.c(nfsdcb): make sure at least one byte is read before
zeroing the last byte that was read, otherwise memory corruption
is possible.
neilbrown [Tue, 28 Mar 2006 00:53:30 +0000 (00:53 +0000)]
Use PKGCONFIG to locate gssapi and rpcsecgss header files
Instead of having separate copies of the gssapi and rpcsecgss
header files, or depending on the Kerberos gssapi header,
locate the headers now installed with the libgssapi and librpcsecgss
libraries.
Remove local copies of the gssapi and rpcsecgss header files.
This depends on the configure_use_autotools patch.
neilbrown [Tue, 28 Mar 2006 00:51:14 +0000 (00:51 +0000)]
Add debugging to better detect negotiation of enctype not supported by kernel
Print debugging message indicating the type of encryption keys being sent
down to the kernel. This should make it easier to detect cases where
unsupported encryption types are being negotiated.
(really this time)
neilbrown [Tue, 28 Mar 2006 00:50:44 +0000 (00:50 +0000)]
Don't close and reopen all pipes on every DNOTIFY signal.
From: Vince Busam <vbusam@google.com> Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
Don't unnecessarily close and re-open all pipes after every DNOTIFY
signal. These unnecessary closes were triggering a kernel Oops.
Original patch modified to correct segfault when unmounting last
NFSv4 mount.
neilbrown [Tue, 28 Mar 2006 00:50:03 +0000 (00:50 +0000)]
Add option to specify directory to search for credentials cache files
From: Vince Busam <vbusam@google.com> Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
Add command line option to specify which directory should be searched
to find credentials caches.
(really this time)
neilbrown [Tue, 28 Mar 2006 00:49:29 +0000 (00:49 +0000)]
Must still use knowledge of the glue context for pre-1.4 versions of MIT krb5
We need to get access to the internal krb5 context pointer for
older (pre-1.4) versions of MIT Kerberos. We get a pointer to
the gss glue's context. Get the right pointer before accessing
the context information.
(really this time)