]> git.decadent.org.uk Git - nfs-utils.git/log
nfs-utils.git
15 years agosvcgssd: check the return code from qword_eol() and log failures
Kevin Coffman [Fri, 3 Apr 2009 19:18:16 +0000 (15:18 -0400)]
svcgssd: check the return code from qword_eol() and log failures

If qword_eol() fails while writing the context information, log
an indication of the failure.

This addresses at least one cause of the intermittent, and
previously undiagnosed, problem of the server returning
GSS_S_NO_CONTEXT when a context was seemingly successfully
created and sent down to the kernel.  In my case there was a
mis-match between kernel and user-land configuration resulting in
the proper kernel module not being loaded. Therefore the write
of the context failed, but was not logged by svcgssd.  When the
kernel goes to find the resulting context, it was really not
there and correctly returned GSS_S_NO_CONTEXT to the client.

Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agoMountd should use separate lockfiles
Ben Myers [Fri, 3 Apr 2009 19:13:10 +0000 (15:13 -0400)]
Mountd should use separate lockfiles

Mountd keeps file descriptors used for locks separate from
those used for io and seems to assume that the lock will
only be released on close of the file descriptor that was used
with fcntl.  Actually the lock is released when any file
descriptor for that file is closed.  When setexportent() is called
after xflock() he closes and reopens the io file descriptor and defeats the
lock.

This patch fixes that by using a separate file for locking, cleaning
them up when finished.

Signed-off-by: Ben Myers <bpm@sgi.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agonfs-utils: fix AC_CHECK_FUNC calls in configure.ac
Chuck Lever [Fri, 3 Apr 2009 19:03:15 +0000 (15:03 -0400)]
nfs-utils: fix AC_CHECK_FUNC calls in configure.ac

AC_CHECK_FUNC and AC_CHECK_FUNCS take 3 args. Any ones beyond that are
ignored. In several places, we're passing the "action-if-not-found" in
as the 4th arg so it's being ignored.

Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agoIn recent Fedora builds, the '-D _FORTIFY_SOURCE=2' compile nfs-utils-1-1-6-rc3
Steve Dickson [Mon, 23 Mar 2009 21:13:01 +0000 (17:13 -0400)]
In recent Fedora builds, the '-D _FORTIFY_SOURCE=2' compile
flag has been set. This cause warnings to be generated when
return values from reads/writes (and other calls) are not
checked. The patch address those warnings.

Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agoRegardless though, it's dangerous to keep invalid pointers around like
Jeff Layton [Mon, 23 Mar 2009 12:13:01 +0000 (08:13 -0400)]
Regardless though, it's dangerous to keep invalid pointers around like
this. Later code changes may make it more likely for this problem to
occur.

Also eliminate some unneeded NULL pointer checks before freeing memory.

Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agogssd: free buffer allocated by gssd_k5_err_msg
Jeff Layton [Mon, 23 Mar 2009 12:12:37 +0000 (08:12 -0400)]
gssd: free buffer allocated by gssd_k5_err_msg

There's no way for the caller of gssd_k5_err_msg to know whether to free
the string it returns. It can call krb5_get_error_message which returns
a string that must be freed via krb5_free_error_string. The other ways
that it can return a string require that the memory not be freed.

Deal with this by copying the string to a new buffer in all cases. Then
we can properly free the string allocated by krb5_get_error_message.

Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agogssd: NULL-terminate buffer after read in read_service_info (try #2)
Jeff Layton [Mon, 23 Mar 2009 12:12:14 +0000 (08:12 -0400)]
gssd: NULL-terminate buffer after read in read_service_info (try #2)

Valgrind complains that we're passing an unintialized buffer to sscanf
here. The main problem seems to be that we're not ensuring that the
buffer is NULL terminated before we pass it off.

This is the second version of this patch, the first one did not increase
the buffer allocation by 1 which could have led to clobbering the next
byte on the stack if nbytes == INFOBUFLEN.

Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agogssd: initialize fakeseed in prepare_krb5_rfc1964_buffer
Jeff Layton [Mon, 23 Mar 2009 12:11:41 +0000 (08:11 -0400)]
gssd: initialize fakeseed in prepare_krb5_rfc1964_buffer

This causes a compiler warning and also means that we're stuffing
the buffer with uninitialized junk from the stack. Other places in
this code initialize "fakeseed" to 0. Do the same here.

Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agonfs-utils: clean up handling of libgssglue in gssd Makefile nfs-utils-1-1-6-rc2
Chuck Lever [Mon, 16 Mar 2009 17:42:44 +0000 (13:42 -0400)]
nfs-utils: clean up handling of libgssglue in gssd Makefile

From: Jeff Layton <jlayton@redhat.com>

Make the pkgconfig check for libgssglue conditional on tirpc being
enabled. When it's disabled, the pkgconfig check for librpcsecgss will
pull in the gssglue lib and include dir automatically.

Also, make sure we include GSSGLUE_CFLAGS and the GSSGLUE_LIBS to the
appropriate places in utils/gssd/Makefile.am so that we pick up
the gssglue libs when tirpc is enabled.

Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agonfs-utils: Include legacy or TI-RPC headers, not both
Chuck Lever [Mon, 16 Mar 2009 17:40:47 +0000 (13:40 -0400)]
nfs-utils: Include legacy or TI-RPC headers, not both

Data type incompatibilities between the legacy RPC headers and the
TI-RPC headers mean we can't use libtirpc with code that was compiled
against the legacy RPC headers.  The definition of rpcprog_t for
example is "unsigned long" in the legacy library, but it's "uint32_t"
for TI-RPC.  On 32-bit systems, these types happen to have the same
width, but on 64-bit systems they don't, making more complex data
structures that use these types in fields ABI incompatible.

Adopt a new strategy to deal with this issue.  When --enable-tirpc is
set, append "-I/usr/include/tirpc" to the compilation steps.  This
should cause the compiler to grab the tirpc/ headers instead of the
legacy headers.  Now, for TI-RPC builds, the TI-RPC legacy functions
and the TI-RPC headers will be used.  On legacy systems, the legacy
headers and legacy glibc RPC implementation will be used.

A new ./configure option is introduced to allow system integrators to
use TI-RPC headers in some other location than /usr/include/tirpc.
/usr/include/tirpc remains the default setting for this new option.

The gssd implementation presents a few challenges, but it turns out
the gssglue library is similar to the auth_gss pieces of TI-RPC.  To
avoid similar header incompatibility issues, gssd now uses libtirpc
instead of libgssglue if --enable-tirpc is specified.  There may be
other issues to tackle with gssd, but for now, we just make sure it
builds with --enable-tirpc.

Note also: svc_getcaller() is a macro in both cases that points to
a sockaddr field in the svc_req structure.  The legacy version points
to a sockaddr_in type field, but the TI-RPC version points to a
sockaddr_in6 type field.

rpc.mountd unconditionally casts the result of svc_getcaller() to a
sockaddr_in *.  This should be OK for TI-RPC as well, since rpc.mountd
still uses legacy RPC calls (provided by glibc, or emulated by TI-RPC)
to set up its listeners, and therefore rpc.mountd callers will always
be from AF_INET addresses for now.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agoconfigure: move IPv6 feature checks into aclocal
Chuck Lever [Mon, 16 Mar 2009 17:37:09 +0000 (13:37 -0400)]
configure: move IPv6 feature checks into aclocal

Clean up: for consistency with other local feature checks, move IPv6
feature checks into aclocal/

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agonfs-utils: don't need extra libs to do AC_CHECK_LIBS for librpcsecgss
Chuck Lever [Mon, 16 Mar 2009 17:32:49 +0000 (13:32 -0400)]
nfs-utils: don't need extra libs to do AC_CHECK_LIBS for librpcsecgss

From: Jeff Layton <jlayton@redhat.com>

The conftest should work without these extra libs being included.

Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agoconfigure: Move rpcsecgss checking into aclocal
Chuck Lever [Mon, 16 Mar 2009 17:31:27 +0000 (13:31 -0400)]
configure: Move rpcsecgss checking into aclocal

Clean up: Introduce two more aclocal scripts for handling rpcsecgss
dependency checking.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agoconfigure: pull common nfsidmap and event checks into aclocal/
Chuck Lever [Mon, 16 Mar 2009 17:30:26 +0000 (13:30 -0400)]
configure: pull common nfsidmap and event checks into aclocal/

Clean up: Create an aclocal script for the nfsidmap library and
headers checks used for both --enable-gss and --enable-nfsv4.
Move libevent checks out too.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agonfs-utils: replace function-specific switches with HAVE_LIBTIRPC
Chuck Lever [Mon, 16 Mar 2009 17:29:18 +0000 (13:29 -0400)]
nfs-utils: replace function-specific switches with HAVE_LIBTIRPC

Instead of switching in TI-RPC-specific logic with a function-specific
switch like HAVE_CLNT_VG_CREATE, let's use the more generic
HAVE_LIBTIRPC macro everywhere.

This simplifies ./configure (always a good thing), and makes it more
clear in the source code exactly what the extra conditionally compiled
code is for.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agoconfigure: move TI-RPC checks into aclocal
Chuck Lever [Mon, 16 Mar 2009 17:28:42 +0000 (13:28 -0400)]
configure: move TI-RPC checks into aclocal

Define an aclocal test for TI-RPC headers and library, and move the
TI-RPC checks earlier in our configure script so other feature checks
can use the availability of TI-RPC to decide what to do.

Since bindresvport_sa is required just for IPv6 support, move that
check to the IPv6 feature tests.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agoconfigure: add defensive quoting in some function checks
Chuck Lever [Mon, 16 Mar 2009 17:26:34 +0000 (13:26 -0400)]
configure: add defensive quoting in some function checks

Clean up: Add proper m4 quoting in macros that check for the presence
of some functions in configure.ac.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agoAdded back the some logging variables which are no nfs-utils-1-1-5-rc1 nfs-utils-1-1-6-rc1
Steve Dickson [Sun, 8 Mar 2009 14:10:25 +0000 (10:10 -0400)]
Added back the some logging variables which are no
longer used but, unfortunately, they are extern-ed by
public headers files which are not under the control
of this package.

Spotted-by: Juergen Daubert <jue@jue.li>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agoRelease 1.1.5 nfs-utils-1-1-5
Steve Dickson [Thu, 5 Mar 2009 11:42:56 +0000 (06:42 -0500)]
Release 1.1.5

Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agogssd: include gssapi/gssapi.h before write_bytes.h
Chuck Lever [Thu, 5 Mar 2009 11:23:25 +0000 (06:23 -0500)]
gssd: include gssapi/gssapi.h before write_bytes.h

In gssd/context_lucid.c, ensure that gss_buffer_desc and gss_OID_desc
are defined before write_bytes.h, which uses these definitions, is
included.  With TI-RPC, these definitions are not provided by
rpc/rpc.h.

It appears that <gssapi/gssapi_krb5.h> already includes krb5.h and
gssapi.h (on my system, anyway) so let's drop those includes.

Ideally write_bytes.h itself should include the needed headers, but
some source files that use Heimdal include a different, Heimdal-
compatible, header to get these definitions.

Pointed-out-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agogssd: Use same style for including config.h that rest of nfs-utils uses
Chuck Lever [Thu, 5 Mar 2009 11:22:31 +0000 (06:22 -0500)]
gssd: Use same style for including config.h that rest of nfs-utils uses

Clean up.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agomount.nfs: squelch compiler warning for TI-RPC builds
Chuck Lever [Thu, 5 Mar 2009 11:21:34 +0000 (06:21 -0500)]
mount.nfs: squelch compiler warning for TI-RPC builds

The printf format string in nfs_pp_debug() assumes the @program and
@version arguments are unsigned long, because the legacy RPC headers
define both rpcprog_t and rpcvers_t as unsigned long types.

However, the TI-RPC headers define both types as uint32_t, which
requires a different printf format type.  If we replace the legacy
headers with TI-RPC headers, this type mismatch generates compiler
warnings that are nothing but noise.

We are about to provide a switch at ./configure time to allow the use
of either the legacy RPC headers or the TI-RPC headers, so we need
a printf format that works in both cases.

To squelch the compiler warnings that occur when using the TI-RPC
headers, cast both arguments in the fprintf statement to the widest of
the two types ("unsigned long" or "uint32_t").

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agonfs-utils: Provide type-checked version of svc_getcaller()
Chuck Lever [Thu, 5 Mar 2009 11:20:40 +0000 (06:20 -0500)]
nfs-utils: Provide type-checked version of svc_getcaller()

TI-RPC's version of the svc_getcaller() macro points to a sockaddr_in6,
not a sockaddr_in, though for AF_INET callers, an AF_INET address
resides there.  To squelch compiler warnings when the TI-RPC version of
the svc_req structure is used, add inline helpers with appropriate
type casting.

Note that tcp_wrappers support only AF_INET addresses for now.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agoconfigure: Remove CPPFLAGS substitution
Chuck Lever [Thu, 5 Mar 2009 11:16:04 +0000 (06:16 -0500)]
configure: Remove CPPFLAGS substitution

At least on my systems, the AM_CPPFLAGS substitution at the end of
configure.ac is not needed.  It adds an extra copy of
"-I../../support/includes" to each compile step.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agonfs-utils: Replace getservbyname(3)
Chuck Lever [Thu, 5 Mar 2009 11:13:33 +0000 (06:13 -0500)]
nfs-utils: Replace getservbyname(3)

The getservbyname(3) function is not re-entrant, and anyway,
the man page says it is obsolete.  Replace it with a call
to getaddrinfo(3).

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agoUpdate example in exports(5) man page
Valerie Aurora Henson [Wed, 4 Mar 2009 22:53:41 +0000 (17:53 -0500)]
Update example in exports(5) man page

Signed-off-by: Valerie Aurora Henson <vaurora@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agoHave sizeof using the correct value in nfs_getlocalport()
Ben Greear [Wed, 4 Mar 2009 22:07:55 +0000 (17:07 -0500)]
Have sizeof using the correct value in nfs_getlocalport()

Signed-off-by: Ben Greear <greearb@candelatech.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agonfs-utils: Remove fprintf() call from support/nfs/getport.c
Chuck Lever [Wed, 4 Mar 2009 21:58:47 +0000 (16:58 -0500)]
nfs-utils: Remove fprintf() call from support/nfs/getport.c

getport.c is effectively a library, so it should not be emitting
messages via printf.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agoshowmount command: remove legacy RPC logic
Chuck Lever [Wed, 4 Mar 2009 21:31:10 +0000 (16:31 -0500)]
showmount command: remove legacy RPC logic

Turns out both legacy RPC and TI-RPC have a clnt_create(3) API.  So
there's
really no need to keep the old open-coded transport logic around.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agonfs(5): document new [no]resvport option
Chuck Lever [Wed, 4 Mar 2009 21:29:29 +0000 (16:29 -0500)]
nfs(5): document new [no]resvport option

Kernel 2.6.25 deprecates intr/nointr.  Reflect this change in nfs(5).

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agonfs(5): document new [no]resvport option
Chuck Lever [Wed, 4 Mar 2009 21:27:36 +0000 (16:27 -0500)]
nfs(5): document new [no]resvport option

Kernel 2.6.28 adds a new mount option: [no]resvport.  Document the new
option in the nfs(5) man page.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agoThe legacy version of nfs_name_to_address() returned an incorrect
Chuck Lever [Wed, 4 Mar 2009 21:26:48 +0000 (16:26 -0500)]
The legacy version of nfs_name_to_address() returned an incorrect
value for the size of the returned address.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agoconfigure: fix AC_CACHE_VAL warnings on Fedora 10
Chuck Lever [Wed, 4 Mar 2009 20:54:39 +0000 (15:54 -0500)]
configure: fix AC_CACHE_VAL warnings on Fedora 10

Autoconf 2.63 (and maybe earlier releases) complains about the cache
variable name used in aclocal/libblkid.m4:

configure.ac:217: warning: AC_CACHE_VAL(libblkid_is_recent, ...):
suspicious cache-id, must contain _cv_ to be cached
../../lib/autoconf/general.m4:1974: AC_CACHE_VAL is expanded from...
aclocal/libblkid.m4:2: AC_BLKID_VERS is expanded from...
configure.ac:217: the top level

This addresses
  https://bugzilla.redhat.com/attachment.cgi?bugid=481386 .

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agoGeneral clean up. Removed unused routines. Reworked syslog
Steve Dickson [Wed, 4 Mar 2009 20:36:27 +0000 (15:36 -0500)]
General clean up. Removed unused routines. Reworked syslog
message to (hopefully) make it more sensible. Move
"#ifdef HAVE_LIBWRAP" around so nothing will be defined
when tcp wrapper is not configured.

Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agoConverted good_client() to correctly use the tcp wrapper
Steve Dickson [Wed, 4 Mar 2009 20:24:58 +0000 (15:24 -0500)]
Converted good_client() to correctly use the tcp wrapper
interface and added a note to the mountd man page saying
hostnames will be ignored when they can not be looked up.

Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agoOnly hash on IP address and Program number. Including the Procedure
Steve Dickson [Wed, 4 Mar 2009 20:22:37 +0000 (15:22 -0500)]
Only hash on IP address and Program number. Including the Procedure
number only creates needles extra hash entries.

Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agoExportfs and rpc.mountd optimalization
Tomas Richter [Wed, 18 Feb 2009 18:33:27 +0000 (13:33 -0500)]
Exportfs and rpc.mountd optimalization

There were some problems with exportfs and rpc.mountd for long export
lists - see https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=76643
I do optimalization as my bachelors thesis (Facuulty of informatics,
Masaryk's university Brno, Czech Republic), under lead of Yenya
Kasprzak.

Both exportfs and rpc.mount build linked list of exports (shared
functions in export.c). Every time they are inserting new export into
list, they search for same export in list.
I replaced linked list by hash table and functions export_add and
export_lookup by functions hash_export_add and hash_export_lookup
(export.c).

Because some other functions required exportlist as linked list, hash
table has some implementation modification im comparison with ordinary
hash table. It also keeps exports in linked list  and has pointer to
head of the list. So there's no need of implementation function
<for_all_in_hash_table>.

Signed-off-by: Tomas Richter <krik3t@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agorpc.idmapd should tell the user more verbosely if Dnotify
Lukas Hejtmanek [Wed, 18 Feb 2009 12:48:11 +0000 (07:48 -0500)]
rpc.idmapd should tell the user more verbosely if Dnotify
support is missing in kernel.

Signed-off-by: Lukas Hejtmanek <xhejtman@ics.muni.cz>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agoumount command: remove do_nfs_umount23 function
Chuck Lever [Tue, 17 Feb 2009 21:27:43 +0000 (16:27 -0500)]
umount command: remove do_nfs_umount23 function

Remove do_nfs_umount23() now that it is unused.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agoumount.nfs command: Support AF_INET6 server addresses
Chuck Lever [Tue, 17 Feb 2009 21:26:31 +0000 (16:26 -0500)]
umount.nfs command: Support AF_INET6 server addresses

Replace existing mount option parser in nfsumount.c with the new pmap
stuffer
function nfs_options2pmap().  Mount option parsing for umount.nfs now
works
the same as it does for mount option rewriting in the text-based
mount.nfs
command.

This adds a number of new features:

  1.  The new logic supports resolving AF_INET6 server addresses
  2.  Support is added for the recently introduced "mountaddr" option.
  3.  Parsing numeric option values is much more careful
  4.  Option parsing no longer uses xmalloc/xstrdup, so it won't fail
      silently if memory can't be allocated
  5.  Mount program number set in /etc/rpc is respected
  6.  Mount doesn't exit with EX_USAGE if the hostname lookup fails

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agoumount.nfs command: Add an AF_INET6-capable version of nfs_call_unmount()
Chuck Lever [Tue, 17 Feb 2009 21:25:27 +0000 (16:25 -0500)]
umount.nfs command: Add an AF_INET6-capable version of nfs_call_unmount()

We need an AF_INET6-capable version of nfs_call_unmount() to allow the
umount.nfs command to support unmounting NFS servers over IPv6.  The
legacy
mount.nfs command still likes to use nfs_call_umount(), so we leave it
in
place and introduce a new API that can take a "struct sockaddr *".

The umount.nfs command will invoke this new API, but we'll leave the
legacy
mount.nfs command and the umount.nfs4 command alone.  The umount.nfs4
command does not need this support because NFSv4 unmount operations are
entirely local.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agonfs-utils: git should ignore cscope.* files
Chuck Lever [Tue, 17 Feb 2009 21:22:53 +0000 (16:22 -0500)]
nfs-utils: git should ignore cscope.* files

Tell git to ignore cscope database files.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agoThe mount sockaddr len (mnt_salen) is not be set in
Steve Dickson [Tue, 17 Feb 2009 20:33:58 +0000 (15:33 -0500)]
The mount sockaddr len (mnt_salen) is not be set in
nfs_extract_server_addresses() which causes the mount.nfs
command to segmentation fault when a NFS server only
supports UDP mounts.

Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agotext-based mount command: fix return value from po_rightmost()
Chuck Lever [Tue, 17 Feb 2009 20:19:58 +0000 (15:19 -0500)]
text-based mount command: fix return value from po_rightmost()

Recently commit 0dcb83a8 changed the po_rightmost() function to
distinguish among several possible mount options by taking a table
containing the alternatives, and returning the table index of the
entry which is rightmost in the mount option string.

If it didn't find any mount option that matches an entry from the
passed-in table, it returned zero.  This was the same behavior it had
before, when it only checked for two options at a time.  It returned
PO_NEITHER_FOUND, which was zero.

Since this is C, however, zero also happens to be a valid index into
the passed-in array of options.

Modify the po_rightmost() function to return -1 if the entry wasn't
found, and fix up the callers to look for a C-style array index that
starts at zero.

Thanks to Steve Dickson for troubleshooting the problem.  His solution
was merely to bump the return value, as callers already expected an
ordinal index instead of a C-style index.

I prefer this equivalent but slightly more extensive change because it
makes the behavior of po_rightmost() more closely match how humans
understand C arrays to work.  Let's address some of the confusion that
caused this bug, as well as fixing the run-time behavior.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agotext-based mount command: support AF_INET6 in rewrite_mount_options()
Chuck Lever [Tue, 27 Jan 2009 22:48:17 +0000 (17:48 -0500)]
text-based mount command: support AF_INET6 in rewrite_mount_options()

Now that we have an AF_INET6-capable probe_bothports(), we can support
AF_INET6 when rewriting text-based NFS mount options.  This should be
adequate to support NFS transport protocol and version negotiation with
AF_INET6 NFS servers.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agotext-based mount command: fix mount option rewriting logic
Chuck Lever [Tue, 27 Jan 2009 22:47:06 +0000 (17:47 -0500)]
text-based mount command: fix mount option rewriting logic

Fix a bunch of corner cases in the text-based mount option rewriting logic.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agotext-based mount options: Use new pmap stuffer when rewriting mount options
Chuck Lever [Tue, 27 Jan 2009 22:45:48 +0000 (17:45 -0500)]
text-based mount options: Use new pmap stuffer when rewriting mount options

all nfs_options2pmap() in nfs_rewrite_mount_options() instead of
open-coding the logic to convert mount options to a pmap struct.
The new nfs_options2pmap() function is more careful about avoiding
invalid mount option values, and handles multiply-specified transport
protocol options correctly.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agotext-based mount command: Function to stuff "struct pmap" from mount options
Chuck Lever [Tue, 27 Jan 2009 22:43:29 +0000 (17:43 -0500)]
text-based mount command: Function to stuff "struct pmap" from mount options

Both the text-based mount.nfs command and the umount.nfs command need
to fill in a pmap structure based on string mount options.  Introduce
a shared function that can do this.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agotext-based mount command: make po_rightmost() work for N options
Chuck Lever [Tue, 27 Jan 2009 22:41:02 +0000 (17:41 -0500)]
text-based mount command: make po_rightmost() work for N options

Sometimes we need to choose the rightmost option among multiple
different mount options.  For example, we want to find the rightmost
of "proto," "tcp," and "udp".  Or, the rightmost of "vers," "nfsvers,"
"v2," and "v3".

Update po_rightmost() to choose among N options instead of just two.

Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agoshowmount command: Quiesce warning when TI-RPC is disabled
Chuck Lever [Wed, 7 Jan 2009 17:33:09 +0000 (12:33 -0500)]
showmount command: Quiesce warning when TI-RPC is disabled

Make sure nfs_sm_pgmtbl is not compiled if TI-RPC functions are not
available.  This quiesces the following compiler warning:

  showmount.c:53: warning: nfs_sm_pgmtbl defined but not used

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agoconfigure: Add new build option "--enable-tirpc"
Chuck Lever [Wed, 7 Jan 2009 17:18:11 +0000 (12:18 -0500)]
configure: Add new build option "--enable-tirpc"

Allow easier testing of nfs-utils in legacy environments by providing
a "configure" option to force the build not to use libtirpc, even if
it's present on the build system.  This can also be tried as a
fallback if problems are found with the new TI-RPC-based nfs-utils
code.

The new option is:

  --enable-tirpc          enable use of TI-RPC [default=no]

Build option matrix:

   --disable-tirpc   --disable-ipv6 Default; IPv4 only, glibc RPC
   --disable-tirpc   --enable-ipv6 'configure' will fail
   --enable-tirpc    --disable-ipv6 IPv4 only, TI-RPC
   --enable-tirpc    --enable-ipv6 IPv4 and IPv6, TI-RPC

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agoconfigure: Remove inet_ntop(3) check from configure.ac
Chuck Lever [Wed, 7 Jan 2009 17:06:14 +0000 (12:06 -0500)]
configure: Remove inet_ntop(3) check from configure.ac

nfs-utils no longer uses inet_ntop(3) so remove checks for it from
configure.ac.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agoMerge branch 'master' of git://linux-nfs.org/nfs-utils
Steve Dickson [Wed, 7 Jan 2009 17:03:07 +0000 (12:03 -0500)]
Merge branch 'master' of git://linux-nfs.org/nfs-utils

15 years agoconfigure: use "--disable-uuid" instead of "--without-uuid"
Chuck Lever [Tue, 6 Jan 2009 17:35:15 +0000 (12:35 -0500)]
configure: use "--disable-uuid" instead of "--without-uuid"

Reported by Kevin Coffman and Jonathan Andrews.  Apparently --without-uuid
doesn't work with some older versions of autoconf, so correct the help text
to document the option that actually does the trick.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agomount command: Random clean up
Chuck Lever [Tue, 6 Jan 2009 17:12:55 +0000 (12:12 -0500)]
mount command: Random clean up

Fix some documenting comments and an error message in configure.ac.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agomount: getport: don't use getaddrinfo(3) on old systems
Chuck Lever [Tue, 6 Jan 2009 17:08:33 +0000 (12:08 -0500)]
mount: getport: don't use getaddrinfo(3) on old systems

Older glibc versions have a getaddrinfo(3) that doesn't support
AI_ADDRCONFIG.  Detect that case and build something else for
getport.c that will work adequately on those systems.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agomount command: use gethostbyname(3) when building on old systems
Chuck Lever [Tue, 6 Jan 2009 17:07:04 +0000 (12:07 -0500)]
mount command: use gethostbyname(3) when building on old systems

Glibc's getaddrinfo(3) implementation was added over time.  Some old
versions support AI_ADDRCONFIG, but don't define it in header files.
Some older versions don't support AI_ADDRCONFIG at all.

Let's add specific checks to configure.ac to see that the local
getaddrinfo(3) implementation is complete.  If it isn't, we will make
available a resolver that uses gethostbyname(3) and disable IPv6
entirely.

This patch should apply to 1.1.4 as well as the current nfs-utils repo.
The next patch has a fix for the getaddrinfo(3) call added since 1.1.4
in support/nfs/getport.c.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agomount: revert recent fix for build problems on old systems
Chuck Lever [Tue, 6 Jan 2009 17:03:26 +0000 (12:03 -0500)]
mount: revert recent fix for build problems on old systems

Revert the patch that added local definitions of AI_ADDRCONFIG and
friends to utils/mount/network.c.  While old header versions don't
have those flags, even older versions of getaddrinfo(3) don't
support those flags at all.

The result is this error:

  mount.nfs: DNS resolution failed for 10.10.10.10: Bad value for ai_flags

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agogssd: By default, don't spam syslog when users' credentials expire
Kevin Coffman [Mon, 5 Jan 2009 19:07:05 +0000 (14:07 -0500)]
gssd: By default, don't spam syslog when users' credentials expire

Change the priority of "common" log messages so that syslog doesn't get
slammed/spammed when users' credentials expire, or there is another
common
problem which would cause error messages for all context creation
requests.

Note that this will now require that gssd or svcgssd option "-v" is used
to
debug these common cases.

Original patch from Andrew Pollock <apollock@google.com>.

Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
Signed-off-by: Steve Dickson <steved@redhat.com>
CC: Andrew Pollock <apollock@google.com>
15 years agoNow that the TCP wrapper actually works, mounts will
Steve Dickson [Sat, 3 Jan 2009 19:08:25 +0000 (14:08 -0500)]
Now that the TCP wrapper actually works, mounts will
be denied with misconfigured DNS configurations. Warnings
will be logged when these types of configurations are
detected.

Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agoTo ensure the hash table of clients has valid
Steve Dickson [Fri, 19 Dec 2008 19:20:14 +0000 (14:20 -0500)]
To ensure the hash table of clients has valid
access rights, check the modification times on
both access files. If one of them have change,
update the hash entry instead of creating a
new entry.

Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agoClients IP address and host names are check on
Steve Dickson [Fri, 19 Dec 2008 19:11:09 +0000 (14:11 -0500)]
Clients IP address and host names are check on
every RPC request, to both mountd and statd
when TCP wrappers are enabled. To help this
process scale better the access rights are stored
in a hash table, which are hashed per IP address,
RPC program and procudure numbers.

Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agoWhen clients are define as IP addresses in /etc/hosts.deny,
Steve Dickson [Fri, 19 Dec 2008 19:09:59 +0000 (14:09 -0500)]
When clients are define as IP addresses in /etc/hosts.deny,
access is allow due to misinterpreting the return value of
hosts_ctl(). This patch reworks that logic which closes
that hole.

Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agostatd: not unlinking host files
Steve Dickson [Wed, 17 Dec 2008 21:41:35 +0000 (16:41 -0500)]
statd: not unlinking host files

Statd is not unlinking host files during SM_UNMON and
SM_UNMON_ALL calls because the given host is still on the run-time
notify list (rtnl) and the check flag is set when xunlink() is
called. But the next thing the caller of xunlink() does is
remove the host from the rtnl list which means the
unlink will never happen.

So this patch removes the check flag from xunlink() since
its not needed and correctly allocates and frees memory
used by xunlink().

Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agosm-notify command: fix a use-after-free bug
Chuck Lever [Wed, 17 Dec 2008 19:42:14 +0000 (14:42 -0500)]
sm-notify command: fix a use-after-free bug

The recv_reply() function was referencing host->ai in a freeaddrinfo(3)
call after it had freed @host.

This is not likely to be harmful in a single-threaded user context,
but it's still bad form, and it will get called out if testing
sm-notify with poisoned free memory.  The less noise, the better we
are able to see real problems.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agotext-based mount command: use po_get_numeric() for handling retry
Chuck Lever [Wed, 17 Dec 2008 19:23:43 +0000 (14:23 -0500)]
text-based mount command: use po_get_numeric() for handling retry

Replace the logic in nfs_parse_retry_option() with a call to the new
po_get_numeric() function.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agotext-based mount command: add function to parse numeric mount options
Chuck Lever [Wed, 17 Dec 2008 19:21:10 +0000 (14:21 -0500)]
text-based mount command: add function to parse numeric mount options

Introduce a function that is especially for parsing keyword mount options
that take a numeric value.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agosvcgssd: use the actual context expiration for cache
Kevin Coffman [Thu, 11 Dec 2008 16:43:31 +0000 (11:43 -0500)]
svcgssd: use the actual context expiration for cache

Instead of sending down an infinite expiration value for the rsi(init) and
rsc(context) cache entries, use a reasonable value for the rsi cache, and
the actual context expiration value for the rsc cache.

Prompted by a proposal from Neil Brown as a result of a complaint of a
server running out of kernel memory when under heavy load of rpcsec_gss
traffic.  Neil's original patch used one minute for the init cache and one
hour for the context cache.  Using the actual expiration time prevents
unnecessary context re-negotiation.

Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agogssd/svcgssd: add support to retrieve actual context expiration
Kevin Coffman [Thu, 11 Dec 2008 16:39:38 +0000 (11:39 -0500)]
gssd/svcgssd: add support to retrieve actual context expiration

Add some plumbing so that the context expiration can be returned while
serializing the information.  Later patch(es) will actually get the
expiration and pass it down to the kernel.

Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agomount command: AF_INET6 support for probe_bothports()
Chuck Lever [Thu, 11 Dec 2008 15:30:20 +0000 (10:30 -0500)]
mount command: AF_INET6 support for probe_bothports()

Introduce an AF_INET6 capable probe_bothports() API.  This means replacing
"struct sockaddr_in *" arguments with a "struct sockaddr *" and a socklen_t
arguments.

These functions often combine a "struct sockaddr_in" and a "struct pmap" into
a single "clnt_addr_t" argument.  Instead of modifying "clnt_addr_t" and all
the legacy code that uses it, I'm going to create a new probe_bothports() API
for the text-based mount command that takes a "struct sockaddr *" and
sockaddr length, and leave the existing probe_bothports() interface, which
takes "clnt_addr_t" arguments, for legacy use.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agomount command: support AF_INET6 in probe_nfsport() and probe_mntport()
Chuck Lever [Thu, 11 Dec 2008 15:28:57 +0000 (10:28 -0500)]
mount command: support AF_INET6 in probe_nfsport() and probe_mntport()

Flesh out support for AF_INET6 in the intermediate helper functions
probe_nfsport() and probe_mntport().

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agomount command: full support for AF_INET6 addresses in probe_port()
Chuck Lever [Thu, 11 Dec 2008 15:27:34 +0000 (10:27 -0500)]
mount command: full support for AF_INET6 addresses in probe_port()

Now that probe_port() uses an AF_INET6-capable rpcbind query and RPC ping,
finish updating probe_port() to support AF_INET6 addresses fully.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agosm-notify: always exiting without any notification
Steve Dickson [Sat, 6 Dec 2008 13:31:29 +0000 (08:31 -0500)]
sm-notify: always exiting without any notification

Added curly brackets around the record_pid() check which
stop sm-notify from exiting when a pid file does not
exist.

Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agomount command: remove local getport() implementation
Chuck Lever [Tue, 2 Dec 2008 12:43:54 +0000 (07:43 -0500)]
mount command: remove local getport() implementation

Eliminate local getport() implementation from utils/mount/network.c, as
it is no longer used.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agomount command: Replace clnt_ping() and getport() calls in probe_port()
Chuck Lever [Tue, 2 Dec 2008 12:43:01 +0000 (07:43 -0500)]
mount command: Replace clnt_ping() and getport() calls in probe_port()

Update the mount command's probe_port() function to call the new shared
rpcbind query and RPC ping functions.  This provides immediate support
for
rpcbind v3/v4 queries, and paves the way for supporting AF_INET6 in the
probe_bothports() path.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agomount command: Use nfs_error() instead of perror()
Chuck Lever [Tue, 2 Dec 2008 12:40:16 +0000 (07:40 -0500)]
mount command: Use nfs_error() instead of perror()

So we can ensure that error output is directed appropriately, use
nfs_error() instead of perror() in start_statd().

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agomount command: Use nfs_pmap_getport() in probe_statd()
Chuck Lever [Tue, 2 Dec 2008 12:39:06 +0000 (07:39 -0500)]
mount command: Use nfs_pmap_getport() in probe_statd()

Repace the getport() and clnt_ping() calls in probe_statd() with their
new shared equivalents.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
15 years agoEnsure statd gets started if required when non-root
Neil Brown [Wed, 26 Nov 2008 17:01:06 +0000 (12:01 -0500)]
Ensure statd gets started if required when non-root
user mounts an NFS filesystem.

The first time an NFS filesystem is mounted, we start statd from
/sbin/mount.nfs.  If this first time is a non-root user doing the
 mount, (thanks to e.g.  the 'users' option in /etc/fstab)
then we need to be sure that the 'setuid' status from mount.nfs
is inherited through to rpc.statd so that it runs as root.

There are two places where we loose our setuid status due to the shell
(/bin/sh) discarding.

1/ mount.nfs uses "system" to run /usr/sbin/start-statd.  This runs a
   shell which is likely to drop privileges.  So change that code to use
  'fork' and 'execl' explicitly.
2/ start-statd is a shell script.  To convince the shell to allow the
  program to run in privileged mode, we need to add a "-p" flag.

We could just call setuid(getuid()) at some appropriate time, and it
might be worth doing that as well, however I think that getting
rid of 'system()' is a good idea and once that is done, the
adding of '-p' is trivial and sufficient.

Signed-off-by: Neil Brown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
16 years agogssd: unblock DNOTIFY_SIGNAL in case it was blocked.
Neil Brown [Wed, 26 Nov 2008 13:48:03 +0000 (08:48 -0500)]
gssd:  unblock DNOTIFY_SIGNAL in case it was blocked.

I have a situation where rpc.gssd appears to not be working.
Mount attempts which need to communicate with it block.

I've narrowed down the problem to that fact that all realtime signals
have been blocked.  This means that DNOTIFY_SIGNAL (which is a
realtime signal) is never delivered, so gssd never rescans the
rpc_pipe/nfs directory.

It seems start_kde (or whatever it is called) and all descendants have
these
signals blocked.  xfce seems to do the same thing.  gnome doesn't.

So if you start rpc.gssd from a terminal window while logged in via
KDE, it doesn't behave as expected.

Signed-off-by: Neil Brown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
16 years agoshowmount command: support querying IPv6 servers
Chuck Lever [Tue, 25 Nov 2008 13:39:47 +0000 (08:39 -0500)]
showmount command: support querying IPv6 servers

Introduce a version of nfs_get_mount_client() that supports AF_INET6 and
AF_INET server addresses.  If the TI-RPC library is not available when
the showmount command is built, fall back to the legacy RPC user-space
API.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
16 years agoshowmount command: move logic to acquire RPC client handle out of main()
Chuck Lever [Tue, 25 Nov 2008 13:38:01 +0000 (08:38 -0500)]
showmount command: move logic to acquire RPC client handle out of main()

In preparation to support IPv6 in the showmount command, extract the
logic that parses/acquires the target hostname and converts it into an RPC
client handle to contact the remote mountd service, and move it into its
own function.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
16 years agoshowmount command: Remove unused local getport() implementation
Chuck Lever [Tue, 25 Nov 2008 13:35:10 +0000 (08:35 -0500)]
showmount command: Remove unused local getport() implementation

Clean up: remove showmount.c's local getport() implementation, now that
the showmount command uses the shared one.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
16 years agoshowmount command: call nfs_getport instead of local getport
Chuck Lever [Tue, 25 Nov 2008 13:15:51 +0000 (08:15 -0500)]
showmount command: call nfs_getport instead of local getport

Have the showmount command invoke the shared nfs_getport() function
instead of its own local version.  This gives the showmount command
immediate support for querying via rpcbindv3/v4 in addition to
portmapper, and sets the stage for AF_INET6 support in showmount.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
16 years agoAdded support/nfs/getport.c
Steve Dickson [Tue, 18 Nov 2008 17:59:41 +0000 (12:59 -0500)]
Added support/nfs/getport.c

Signed-off-by: Steve Dickson <steved@redhat.com>
16 years agoIntroduce rpcbind client utility functions
Chuck Lever [Mon, 17 Nov 2008 21:13:48 +0000 (16:13 -0500)]
Introduce rpcbind client utility functions

It turns out that at least the mount command and the showmount command
need to query a server's rpcbind daemon.  They need to query over
AF_INET6 as well as AF_INET.

libtirpc provides an rpcbind query capability with the rpcb_getaddr(3)
interface, but it takes a hostname and netconfig entry rather than a
sockaddr and a protocol type, and always uses a lengthy timeout.  The
former is important to the mount command because it sometimes must
operate using a specific port and IP address rather than depending on
rpcbind and DNS to convert a [hostname, RPC program, netconfig] tuple
to a [socket address, port number, transport protocol] tuple.

The rpcb_getaddr(3) API also always uses a privileged port (at least
for setuid root executables like mount.nfs), which is not required for
an rpcbind query.  This can exhaust the local system's reserved port
space quickly.

This patch provides a reserved-port-friendly AF_INET6-capable rpcbind
query C API that can be shared among commands and tools in nfs-utils,
and allows a query to a specified socket address and port rather than
a hostname.

In addition to an rpcbind query interface, this patch also provides a
facility to ping the remote RPC service to ensure that it is operating
as advertised by rpcbind.  It's useful to combine an RPC ping with an
rpcbind query because in many cases, components of nfs-utils already
ping an RPC service immediately after receiving a successful GETPORT
result.

There are also a handful of utility routines provided, such as a
functions that can map between [sockaddr, port] and a universal
address.

I've made an attempt to make these new functions build and operate on
systems that do not have libtirpc.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
16 years agoAdd AF_INET6-capable API to acquire an RPC CLIENT *
Chuck Lever [Mon, 17 Nov 2008 21:08:03 +0000 (16:08 -0500)]
Add AF_INET6-capable API to acquire an RPC CLIENT *

Provide a simple interface that any component of nfs-utils can use to acquire
an RPC CLIENT *.  This is an AF_INET6-enabled API, and can also handle
PF_LOCAL sockets if libtirpc is present on the system.

When libtirpc is not available, legacy RPC services will be used instead,
and an attempt to connect to an AF_INET6 address will fail.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
16 years agoGet rid of empty AUTHORS file
Jan Engelhardt [Tue, 21 Oct 2008 13:34:58 +0000 (09:34 -0400)]
Get rid of empty AUTHORS file

build: remove redundant AUTHORS file

One can use the --foreign automake option to make it not enforce
presence of an AUTHORS file.

Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
16 years agoRelease 1.1.4 nfs-utils-1-1-4
Steve Dickson [Fri, 17 Oct 2008 14:20:09 +0000 (10:20 -0400)]
Release 1.1.4

Signed-off-by: Steve Dickson <steved@redhat.com>
16 years agosm-notify should exit as soon as its determined
Phil Endecott [Tue, 14 Oct 2008 18:36:58 +0000 (14:36 -0400)]
sm-notify should exit as soon as its determined
there are no hosts to notify. This also decreases
start up time by a few seconds.

Signed-off-by: Steve Dickson <steved@redhat.com>
16 years agorpcgen: include sys/ioctl.h on linux systems
Mike Frysinger [Wed, 8 Oct 2008 15:08:55 +0000 (11:08 -0400)]
rpcgen: include sys/ioctl.h on linux systems

The rpcgen tool included with nfs-utils will generate calls to ioctl() but not
actually generate the sys/ioctl.h header include.  Attached patch should fix
this.

Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Signed-off-by: Steve Dickson <steved@redhat.com>
16 years agonfs(5): Clarify behavior of the mountproto= and proto= options
Chuck Lever [Wed, 8 Oct 2008 14:59:53 +0000 (10:59 -0400)]
nfs(5): Clarify behavior of the mountproto= and proto= options

Document the interaction between the mountproto= and the proto= mount
options in a new subsection of nfs(5).

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
16 years agonfs-utils: make makesock() static
Chuck Lever [Wed, 8 Oct 2008 14:45:12 +0000 (10:45 -0400)]
nfs-utils: make makesock() static

Clean up:  The makesock() function can become static since it is only used in
rpcmisc.c, where it is defined.  Fix some minor nits while we're in the area:

 o  Move it so we can remove it's forward declaration.

 o  Get rid of unneeded newlines in the xlog() format strings.

 o  Use htonl(INADDR_ANY) instead of INADDR_ANY to initialize sin_addr.
    Should make no run-time difference, but is slightly more proper,
    as the standard definition of INADDR_ANY is in host byte-order.

 o  Remove the parentheses in the "return" statements.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
16 years agonfs-utils: Clean up support/nfs/rpcmisc.c:closedown()
Chuck Lever [Wed, 8 Oct 2008 14:42:41 +0000 (10:42 -0400)]
nfs-utils: Clean up support/nfs/rpcmisc.c:closedown()

Clean up: update closedown()'s synopsis to modern C style, and move the
function so we can remove the forward declaration.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
16 years agoCleaned up the wording in the rpc.nfsd(8) manpage
Steve Dickson [Wed, 1 Oct 2008 18:36:25 +0000 (14:36 -0400)]
Cleaned up the wording in the rpc.nfsd(8) manpage
(BZ: https://bugzilla.linux-nfs.org/show_bug.cgi?id=159)

Signed-off-by: Steve Dickson <steved@redhat.com>
16 years agoCleared up a contradiction in the export(5) man page
Steve Dickson [Wed, 1 Oct 2008 18:30:12 +0000 (14:30 -0400)]
Cleared up a contradiction in the export(5) man page
(BZ: https://bugzilla.linux-nfs.org/show_bug.cgi?id=161)

Signed-off-by: Steve Dickson <steved@redhat.com>
16 years agomountd: change "unknown host" error message to "unmatched host"
Jeff Layton [Mon, 29 Sep 2008 14:20:57 +0000 (10:20 -0400)]
mountd: change "unknown host" error message to "unmatched host"

mount request from unknown host 10.11.14.99 for /export

The hosts are listed in DNS with proper reverse records, so the reason
why the host is "unknown" isn't clear. This patch just changes the
wording of this error to hopefully make it more clear why the mount
request was rejected. This also makes this error message use a format
more similar to the other error messages in auth_authenticate().

Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
16 years agonfs(5): Replace the term "netid" in mount option descriptions
Chuck Lever [Mon, 29 Sep 2008 11:52:40 +0000 (07:52 -0400)]
nfs(5): Replace the term "netid" in mount option descriptions

TI-RPC introduced the concept of "netid" which is a string that is
mapped to a set of transport capabilities via a netconfig database.
RPC services register a netid and bindaddr with their local rpcbind
daemon to advertise their ability to support particular transports.

Mike Eisler noted that the use of the term "netid" in nfs(5) is not
appropriate, since Linux does not treat the value of the proto= or
mountproto= options as a netid proper, but rather to select a
particular transport capability provided locally on the client.

The Linux NFS client currently uses a simple internal mapping between
these names and its own transport capabilities rather than using the
names as part of an rpcbind query, thus these strings are really not
netids.  They are more akin to what TI-RPC calls "protocol names".

Remove the term "netid" from nfs(5) for now.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Cc: Mike Eisler <mike.eisler@netapp.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
16 years agonfs(5): Replace the term "netid" in mount option descriptions
Chuck Lever [Mon, 29 Sep 2008 11:34:59 +0000 (07:34 -0400)]
nfs(5): Replace the term "netid" in mount  option descriptions

Mike Eisler noted that the use of the term "netid" in the descriptions
of the "proto=" option is not appropriate, since Linux does not allow
"udp6" or "tcp6".

Replaced the term "netid" with "transport" in nfs(5).

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Tom Talpey <Thomas.Talpey@netapp.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
16 years agorpc.statd: Stop overloading sockfd in utils/statd/rmtcall.c
Chuck Lever [Fri, 26 Sep 2008 20:16:09 +0000 (16:16 -0400)]
rpc.statd: Stop overloading sockfd in utils/statd/rmtcall.c

The Linux kernel's lockd requires that rpc.statd perform notification
callbacks from a privileged source port.  To guarantee rpc.statd gets a
privileged source port but runs unprivileged, it calls
statd_get_socket() then drops root privileges before starting it's svc
request processing loop.

Statd's svc request loop is the only caller of the process_foo()
functions in utils/statd/rmtcall.c, but one of them,
process_notify_list() attempts to invoke statd_get_socket() again.

In today's code, this is unneeded because statd_get_socket() is always
invoked before my_svc_run().  However, if it ever succeeded, it would
get an unprivileged source port anyway, causing the kernel to reject
all subsequent requests from statd.

Thus the process_notify_list() function should not ever call
statd_get_socket() because root privileges have been dropped by this
point, and statd_get_socket() wouldn't get a privileged source port,
causing the kernel to reject all subsequent SM_NOTIFY requests.

So all of the process_foo functions in utils/statd/rmtcall.c should use
the global sockfd instead of a local copy, as it already has a
privileged source port.

I've seen some unexplained behavior where statd starts making calls to
the kernel via an unprivileged port.  This could be one way that might
occur.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
16 years agorpc.statd: Use __func__ in dprintf
Chuck Lever [Fri, 26 Sep 2008 20:14:49 +0000 (16:14 -0400)]
rpc.statd: Use __func__ in dprintf

Clean up: The named function in many of the debugging messages in
utils/statd/rmtcall.c is out of date.  To prevent this from happening
in the future, replace these with __func__.

Also, note() and dprintf() do not require a terminating '\n' in their
format string.  So make all invocations consistent.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>