]> git.decadent.org.uk Git - nfs-utils.git/log
nfs-utils.git
12 years agomountd: Add lookup_export_parent()
Chuck Lever [Fri, 19 Oct 2012 14:29:28 +0000 (10:29 -0400)]
mountd: Add lookup_export_parent()

In a moment I will be adding some logic that needs to know an
junction's parent export.

Here's a function that can discover an export's parent.  It takes
the target export's pathname, chops off the rightmost component, and
tries a lookup_export().  If that succeeds, we have our answer.
If not, it chops off the next rightmost component and tries again,
until the root is reached.

At the same time, infrastructure is added to pass the parent export
down into the functions that convert locations into a new junction
export entry.  For now the parent export remains unused.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agomountd: Set e_fslocdata field directly
Chuck Lever [Fri, 19 Oct 2012 14:27:26 +0000 (10:27 -0400)]
mountd: Set e_fslocdata field directly

To create an export entry for a junction, an options string is
constructed from the set of locations in the junction.  This options
string is then passed to mkexportent() where it is parsed and
converted into an exportent.

There is only one export option that is used to create a junction's
exportent: "refer=".  When that option is parsed, it's value is
simply copied to a fresh string and planted in the new export's
e_fslocdata field.

Let's avoid the option parsing and extra string copy.  Construct
a string for the new e_fslocdata field and plant it in the exportent
directly.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agomountd: Use static buffer when constructing junction export options
Chuck Lever [Fri, 19 Oct 2012 14:25:14 +0000 (10:25 -0400)]
mountd: Use static buffer when constructing junction export options

Clean up: Simplify locations_to_export() by constructing a junction's
export options in a static buffer.

We can do this because all of this code is called serially, in one
thread, and the result is thrown away immediately after the caller
is finished.  The returned exportent itself is static.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agomountd: Warn when a broken junction is encountered
Chuck Lever [Fri, 19 Oct 2012 14:24:07 +0000 (10:24 -0400)]
mountd: Warn when a broken junction is encountered

A broken junction is a problem that administrators will want to
know about and correct.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agoGSSD: Pass GSS_context lifetime to the kernel.
Andy Adamson [Thu, 18 Oct 2012 17:21:09 +0000 (13:21 -0400)]
GSSD: Pass GSS_context lifetime to the kernel.

From: Andy Adamson <andros@netapp.com>

The kernel gss_cl_ctx stores the context lifetime in gc_expiry, set
by gssd in do_downcall() called by process_krb5_upcall(). The lifetime
value is currently not related at all to the Kerberos TGS lifetime.
It is either set to the value of gssd -t <timeout>, or to a kernel
default of 3600 seconds.

Most of the time the gssd -t command line is not set, and a timeout
value of zero was sent to the kernel triggering the use of the 3600
second kernel default timeout.

In order for the kernel to properly know when to renew a context, or to
stop buffering writes for a context about to expire, the gc_expiry value
needs to reflect the credential lifetime used to create the context.

Note that gss_inquire_cred returns the number of seconds for which the
context remains valid in the lifetime_rec parameter.

Send the actual TGS remaining lifetime to the kernel. It can still be
overwritten by the gssd -t command line option, or set to the kernel
default if the gss_inquire_cred call fails (which sets the lifetime_rec
to zero).

Signed-off-by: Andy Adamson <andros@netapp.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agoutils: Return status 0 on clean exits
Mantas Mikulenas [Mon, 15 Oct 2012 20:08:34 +0000 (16:08 -0400)]
utils: Return status 0 on clean exits

Some init systems actually expect daemons to return 0 on success.

Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agomount.nfs4: Backgrounding mount broken with NFS versions <4
Wolfram Gloger [Mon, 15 Oct 2012 19:31:23 +0000 (15:31 -0400)]
mount.nfs4: Backgrounding mount broken with NFS versions <4

When the NFS version isn't specified in the mount options, mount.nfs
attempts V4 first and appends 'vers=4' to the extra_options string in
the mount options.  If the server isn't immediately reachable, this
attempt fails.  However, if the background option is specified and the
server comes up later on, the extra_options are used again for all
further attempts and thus they fail if the server only supports
vers<4.

Fix this by only amending extra_options on a successful vers=4 mount.

This is now Debian bug #690181 and has apparently been around for
ages.

Reviewed-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Wolfram Gloger <bugzilla1@malloc.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agomount.nfs mapage: clear up confusion between 'proto' and 'transport'
Neil Brown [Mon, 15 Oct 2012 16:50:35 +0000 (12:50 -0400)]
mount.nfs mapage: clear up confusion between 'proto' and 'transport'

The mount option "proto=" actually set the "transport" which in
netconfig usage is the pairing of a protocol (e.g. UDP, TCP) with
a protocol family (e.g. INET, INET6).

This can cause confusion if people naively except "proto=udp" to work
equally well on IPv6.

So add some text to both nfs(5) and nfsmount.conf(5) to hopefully
clarify this.

Acked-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agoExportfs crashes with long path
Ivan Romanov [Mon, 15 Oct 2012 16:41:36 +0000 (12:41 -0400)]
Exportfs crashes with long path

Acked-by: Bruce Fields <bfields@fieldses.org>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agoAdded fsc and nofsc to the mount manpage.
Steve Dickson [Thu, 23 Aug 2012 17:41:56 +0000 (13:41 -0400)]
Added fsc and nofsc to the mount manpage.

Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agoblkmapd: proper signal handling
Peng Tao [Thu, 23 Aug 2012 17:03:34 +0000 (13:03 -0400)]
blkmapd: proper signal handling

Signed-off-by: Peng Tao <tao.peng@emc.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agoblkmapd: allow blocklayoutdriver module to load/unload
Peng Tao [Thu, 23 Aug 2012 16:50:33 +0000 (12:50 -0400)]
blkmapd: allow blocklayoutdriver module to load/unload

User may load/unload blocklayoutdriver module dynanmically.
So we handle it by watching the pipe file creation/deletion.

Signed-off-by: Peng Tao <tao.peng@emc.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agogssd: Use /run/user/${UID} instead of /run/user/${USER}
Nalin Dahyabhai [Wed, 22 Aug 2012 18:43:05 +0000 (14:43 -0400)]
gssd: Use /run/user/${UID} instead of /run/user/${USER}

Newer versions of systemd create a /run/user/${UID} directory
instead of the /run/user/${USER} directory, so switch to
scanning for that.  To make the per-user directory bit a little
less magical, change the default to incorporate a "%U", which
gets dynamically expanded to the user's UID when needed.

Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agogssd: scan for DIR: ccaches, too
Nalin Dahyabhai [Wed, 22 Aug 2012 18:35:17 +0000 (14:35 -0400)]
gssd: scan for DIR: ccaches, too

In addition to matching "FILE:krb5cc_*" in the specified directory or
directories, also match "DIR:krb5cc*", if we find subdirectories with
names that match the search pattern.

Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agorpc.gssd: don't call poll(2) twice a second
Chuck Lever [Mon, 6 Aug 2012 13:08:53 +0000 (09:08 -0400)]
rpc.gssd: don't call poll(2) twice a second

Use ppoll() instead.

[ cel Wed Aug  1 11:44:46 EDT 2012 - autoconfiscated Bruce's version ]

Related clean-up: Since we're pulling the poll/ppoll call out into a
separate function, note that the second argument of poll(2) and
ppoll(2) is not an int, it's an unsigned long.  The nfds_t typedef
is a recent invention, so use the raw type for compatibility with
older glibc headers.

Acked-by: J. Bruce Fields" <bfields@redhat.com>
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agorpc.gssd: handle error to open toplevel directory
J. Bruce Fields [Mon, 6 Aug 2012 12:57:19 +0000 (08:57 -0400)]
rpc.gssd: handle error to open toplevel directory

From: "J. Bruce Fields" <bfields@redhat.com>

Reverse the sense of the test here, and also add debugging and cleanup
in the error case.

(Though the lack of cleanup isn't currently a problem in practice since
we'll eventually exit in this case.)

Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agorpc.gssd: don't call printerr from signal handler
J. Bruce Fields [Mon, 6 Aug 2012 12:55:45 +0000 (08:55 -0400)]
rpc.gssd: don't call printerr from signal handler

From: "J. Bruce Fields" <bfields@redhat.com>

printerr() isn't actually safe to call from a signal handler.  It might
be possible to make it so, but I think this is the only case in
nfs-utils where we try to, and I'm not convince it's worth it.

This fixes a bug that would eventually cause mounts to hang when gssd
is run with -vv.

Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agorpc.gssd: simplify signal handling
J. Bruce Fields [Mon, 6 Aug 2012 12:54:11 +0000 (08:54 -0400)]
rpc.gssd: simplify signal handling

From: "J. Bruce Fields" <bfields@redhat.com>

We're not actually using the extra sa_sigaction parameters.

Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agoumount: use correct return value for is_vers4.
NeilBrown [Mon, 6 Aug 2012 12:41:13 +0000 (08:41 -0400)]
umount: use correct return value for is_vers4.

is_vers4 in mount_libmount.c is based on nfs_umount_is_vers4
in nfsumount.c, except the return values are reversed.
The result of this is:
 - a MOUNT_UMNT call is not sent when an NFSv3 or NFSv2
   filesystem is unmounted
 - a MOUNT_UMNT call *is* sent when and 'nfs4' filesystem
   is unmounted (but not when an 'nfs -o vers=4 filesystem
   is unmounted, as that is checked elsewhere).

Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agoumount.nfs: ignore non-nfs filesystems
Karel Zak [Wed, 1 Aug 2012 15:14:21 +0000 (11:14 -0400)]
umount.nfs: ignore non-nfs filesystems

 # umount.nfs /boot; echo $?
  umount.nfs: /boot: device is busy
  32

expected and fixed behavior:

 # umount.nfs /boot; echo $?
 # umount.nfs: /boot: is not an NFS filesystem
 1

Note that the function mnt_context_set_fstype_pattern() has never
been used for mtab/fstab evaluation. It's usable only for "umount -a"
and for "mount -t" operations.

Reported-by: NeilBrown <neilb@suse.de>
Signed-off-by: Karel Zak <kzak@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agorpc.gssd: close upcall pipe on POLLHUP
Chuck Lever [Thu, 19 Jul 2012 13:40:30 +0000 (09:40 -0400)]
rpc.gssd: close upcall pipe on POLLHUP

When a POLLHUP event is received on a pipe file descriptor, that
means the other side has closed its end of the pipe.  If the
receiver does not close its end of the pipe, the pipe is left in an
open-but-unlinked state.

For a "gssd" upcall pipe, the kernel may close its end, removing the
directory entry for it, and then later create a fresh pipe named
"gssd" in the same directory.  In this case, rpc.gssd continues to
listen on the open-but-unlinked previous "gssd" pipe.  Thus upcalls
on the new "gssd" pipe are left unanswered.

In addition, poll(2) continues to return POLLHUP on the old pipe.
Since there is no logic to close the pipe in rpc.gssd, poll(2) always
returns immediately, and rpc.gssd goes into a tight loop.

Typically, the kernel closes upcall pipes and destroys their
parent directory at the same time.  When an RPC client's directory
vanishes, rpc.gssd sees the change via dnotify and eventually
invokes destroy_client() which closes the user-space end of the
pipes.

However, if the kernel wants to switch authentication flavors (say
from AUTH_KRB5 to AUTH_UNIX) on an RPC client without destroying it,
the upcall pipes go away, but the RPC client's directory remains.
rpc.gssd invokes update_client_list(), but that logic never closes
upcall pipes if the client directory is still in place.

After a POLLHUP on a pipe, close it when rpc.gssd reconstructs its
list of upcall clients.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agomount.nfs: restore correct error status when umount fails
NeilBrown [Mon, 16 Jul 2012 12:43:28 +0000 (08:43 -0400)]
mount.nfs: restore correct error status when umount fails

If nfs-utils is built without --enable-libmount-mount, then
an unmount that failed due to the filesystem being busy will
exit with '16' - EX_FILEIO.
Autofs apparently relies on this.

When built with --enable-libmount-mount, the same case will
exit with '32' - EX_FAIL.  Normally this is reserved for
internal errors.

This patch restores the use of EX_FILEIO for errors from umount.

Reviewed-by: Karel Zak <kzak@redhat.com>
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agonfsidmap: Default domain not being set.
Steve Dickson [Thu, 5 Jul 2012 12:58:47 +0000 (08:58 -0400)]
nfsidmap: Default domain not being set.

nfsidmap is not calling the nfs4_init_name_mapping()
function which initializes the default domain from
either the DNS domain or the Domain variable in /etc/idmap.conf

Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agoexportfs: Update exportfs flush option list in usage message.
Namjae Jeon [Thu, 5 Jul 2012 19:33:18 +0000 (15:33 -0400)]
exportfs: Update exportfs flush option list in usage message.

Update exportfs flush option list in usage message.
And sorted these cases in alphabetical order.

Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agomount.nfs: try the next address after mount fails with ETIMEDOUT
Jeff Layton [Tue, 19 Jun 2012 14:57:55 +0000 (10:57 -0400)]
mount.nfs: try the next address after mount fails with ETIMEDOUT

If a NFS mount attempt fails with an ETIMEDOUT error, the mount.nfs code
doesn't currently attempt the next address in the list. For a NFSv4
mount the initial mount() call almost always ends up going over
NFS_DEF_FG_TIMEOUT_MINUTES and the mount is never retried.

For a v3 mount, it ends up continually retrying against the same IPv6
address, and never tries the IPv4 address. Eventually it gives up once
it hits the NFS_DEF_FG_TIMEOUT_MINUTES timeout.

It's possible that a server is just unreachable via IPv6 (due to a
routing misconfiguration for instance), or is dropping IPv6 frames on
the floor. In that situation, it might still be reachable via IPv4 and
trying the next address could have allowed the mount to succeed.

Fix this by treating ETIMEDOUT in a similar fashion to ECONNREFUSED.
Have the client try the next address in the list before giving up and
returning an error.

Our QA folks noticed this after a routing problem in one of our test
labs. I was able to reproduce it by having the server drop incoming
IPv6 frames from the client's address.

With this patch, the mount eventually succeeds over IPv4 instead of
returning an error.

Cc: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agonfsdcld: Before clearing the capability bounding set, check if we have the cap
Harald Hoyer [Tue, 19 Jun 2012 14:53:29 +0000 (10:53 -0400)]
nfsdcld: Before clearing the capability bounding set, check if we have the cap

From: Harald Hoyer <harald@redhat.com>

PR_CAPBSET_DROP can return EINVAL, if an older kernel does support
some capabilities, which are defined by CAP_LAST_CAP, which results in
a failure of the service.

For example kernel 3.4 errors on CAP_EPOLLWAKEUP, which was newly
introduced in 3.5.

So, for future capabilities, we clear until we get an EINVAL for
PR_CAPBSET_READ.

Reviewed-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agorpcdebug: Add new "state" flag for the nfs module
Chuck Lever [Tue, 19 Jun 2012 14:34:20 +0000 (10:34 -0400)]
rpcdebug: Add new "state" flag for the nfs module

Kernel 3.5 adds a debugging flag for showing NFS client debugging
messages having to do with NFSv4 state operations.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agomountd: Honor the no_root_squash flag on pseudo roots
J. Bruce Fields [Tue, 29 May 2012 18:40:38 +0000 (14:40 -0400)]
mountd: Honor the no_root_squash flag on pseudo roots

From: "J. Bruce Fields" <bfields@redhat.com>

If root squashing is turned off on a export that
has multiple directories, the parent directories
of the pseudo exports that's built, also needs to
have root squashing turned off.

Tested-by: Steve Dickson <steved@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agonsm_client: nsm_client needs to link with libtirpc
Adam Sampson [Tue, 29 May 2012 18:37:22 +0000 (14:37 -0400)]
nsm_client: nsm_client needs to link with libtirpc

nsm_client needs to link against libtirpc.

Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agoUpdated the version number.
Steve Dickson [Tue, 29 May 2012 18:31:57 +0000 (14:31 -0400)]
Updated the version number.

Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agonfsidmap: Allow verbosity level to be set in the config file
Steve Dickson [Tue, 29 May 2012 18:27:24 +0000 (14:27 -0400)]
nfsidmap: Allow verbosity level to be set in the config file

To make it easier to enable ID mapping debugging, nfsidmap
should read /etc/idmap.conf to see if the verbosity level
is set, similar to what rpc.idmapd does

Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agostatd: drop all capabilities from the bounding set as well
Jeff Layton [Tue, 29 May 2012 18:23:18 +0000 (14:23 -0400)]
statd: drop all capabilities from the bounding set as well

statd drops all capabilities except for CAP_NET_BIND when it starts.
It's possible though that if it ever had a compromise that an attacker would
be able to invoke a setuid process (or something with file capabilities) in
order to reinstate some caps.

This could happen as a result of the daemon becoming compromised, or
possibly as a result of the ha-callout program becoming compromised.

In order to prevent that, have statd also prune the capability bounding
set to nothing prior to dropping capabilities. That ensures that the
process won't be able to reacquire capabilities via any means --
including exec'ing a setuid program.

We do however need to be cognizant of the fact that PR_CAPBSET_DROP was
only added in 2.6.25, so check to make sure that #define exists via
autoconf before we rely on it. In order to do that, we must add
ax_check_define.m4 from the GNU autoconf macro archive.

Furthermore, do a runtime check to see if /proc/sys/kernel/cap-bound
exists before attempting to clear the bounding set. If it does, then
don't bother trying since it won't work. In that event though, do
throw a warning however since the presence of that file indicates that
there is a disconnect between the build and runtime environments.

Acked-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agobuild: avoid AM_CONDITIONAL in conditional execution.
Diego Elio Pettenò [Tue, 29 May 2012 18:15:32 +0000 (14:15 -0400)]
build: avoid AM_CONDITIONAL in conditional execution.

Automake does not support conditional AM_CONDITIONAL calls; what that
means is that you always have to execute AM_CONDITIONAL one way or the
other. Both the libsqlite3.m4 file and the nfsdcld conditionals are
executed only when NFSv4 is enabled, which breaks building with
--disable-nfsv4.

Remove the SQLite3 conditional altogether as it's never used, and move
the nfsdcld conditional outside of the conditional code.

Acked-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Diego Elio Pettenò <flameeyes@flameeyes.eu>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agoautoconf: make the test for prctl have an effect
Jeff Layton [Tue, 29 May 2012 17:53:09 +0000 (13:53 -0400)]
autoconf: make the test for prctl have an effect

We currently test to ensure that prctl() is available, but the results
of that test are a no-op either way. statd calls prctl()
unconditionally, so make configure bail out if prctl() isn't available
since the build will fail in that event anyway.

Cc: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agoMakefile.am: Corrected a misspelling of overridden
Steve Dickson [Thu, 17 May 2012 12:16:29 +0000 (08:16 -0400)]
Makefile.am: Corrected a misspelling of overridden

Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agoosd_login - ensure /sbin is created before installation.
NeilBrown [Thu, 17 May 2012 12:14:57 +0000 (08:14 -0400)]
osd_login - ensure /sbin is created before installation.

If we use a more standard approach to describing the osd_login
script, the automake infrastructure will create /sbin before
attempting installation.
This is important for: make DESTDIR=/empty-dir install

Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agoblkmapd: remove pretty_sig()
Jim Rees [Tue, 15 May 2012 14:10:01 +0000 (10:10 -0400)]
blkmapd: remove pretty_sig()

This really only works against EMC servers.  There is at least one server
that returns unprintable signatures, which fill the log with garbage (the
spec does not mandate printable signatures).  It could be made more generic,
for example by checking each byte for isprint().  But the signatures are
really only of interest to developers, not admins, so it seems better to
just remove it.

Signed-off-by: Jim Rees <rees@umich.edu>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agoRelease 1.2.6 nfs-utils-1-2-6
Steve Dickson [Mon, 14 May 2012 14:40:52 +0000 (10:40 -0400)]
Release 1.2.6

Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agoManpage: Add a warning to the nfs manpage regarding using NFS over UDP on
Olaf Kirch [Wed, 9 May 2012 18:12:16 +0000 (14:12 -0400)]
Manpage: Add a warning to the nfs manpage regarding using NFS over UDP on
high-speed links

* Using NFS over UDP on high-speed links such as Gigabit can cause
  silent data corruption.
* The man page text was written by Olaf Kirch and committed to (but not
  upstream):
https://build.opensuse.org/package/view_file?file=warn-nfs-udp.patch&package=nfs-utils&project=openSUSE%3AFactory&rev=8e3e60c70e8270cd4afa036e13f6b2bb

Signed-off-by: Harshula Jayasuriya <harshula@redhat.com>
Acked-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Olaf Kirch <okir@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agonfsdcld: add support for dropping capabilities
Jeff Layton [Wed, 9 May 2012 17:25:34 +0000 (13:25 -0400)]
nfsdcld: add support for dropping capabilities

As a long running daemon, we need to be security-conscious with nfsdcld,
so let's prune what it can do down to nearly nothing.

We want the daemon to run as root so that it has access to open and
reopen the rpc_pipefs pipe, but we don't actually need any of the
superuser caps that come with it. Have it drop all capabilities early
on. We don't need any of them as long as the fsuid continues to be 0.

Once we do that though, check to ensure that the db dir is actually
usable by root w/o CAP_DAC_OVERRIDE. Do an access() check on it and
throw a warning if it's not. Hopefully that will assist users in
debugging if they get the ownership of the DB dir wrong.

Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agonfsdcld: demote pipe opening error to D_GENERAL
Jeff Layton [Wed, 9 May 2012 16:36:02 +0000 (12:36 -0400)]
nfsdcld: demote pipe opening error to D_GENERAL

It's actually expected that this will fail initially when we start the
daemon. Until knfsd has been started, the pipe doesn't exist, and we
generally want to start nfsdcld before starting knfsd.

Avoid the scary error message by demoting this message to D_GENERAL.

Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agomountd: handle allocation failures in auth_unix_ip upcall nfs-utils-1-2-6-rc7
J. Bruce Fields [Thu, 3 May 2012 19:09:09 +0000 (15:09 -0400)]
mountd: handle allocation failures in auth_unix_ip upcall

From: "J. Bruce Fields" <bfields@redhat.com>

Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agomountd: prepend '$' to make use_ipaddr clients self-describing
J. Bruce Fields [Thu, 3 May 2012 19:06:21 +0000 (15:06 -0400)]
mountd: prepend '$' to make use_ipaddr clients self-describing

From: "J. Bruce Fields" <bfields@redhat.com>

Mountd is responsible for filling three interrelated kernel caches:

- auth_unix_ip maps an incoming ip addresses to a "domain".
- nfsd_fh maps (domain, filehandle-fragment) pairs to paths.
- nfsd_export maps (domain, path) pairs to export options.

Note that each export is assocated with a "client" string--the part
before the parentheses in an /etc/export line--which may be a domain
name, a netgroup, etc.

The "domain" string in the above three caches may be either:

- in the !use_ipaddr case, a comma-separated list of client
  strings.
- in the use_ipaddr case, an ip address.

In the former case, mountd does the hard work of matching an ip address
to the clients when doing the auth_unix_ip mapping.  In the latter case,
it delays that until the nfsd_fh or nfsd_export upcall.

We're currently depending on being able to flush the kernel caches
completely when switching between the use_ipaddr and !use_ipaddr cases.
However, the kernel's cache-flushing doesn't really provide reliable
guarantees on return; it's still possible we could see nfsd_fh or
nfsd_export upcalls with the old domain-type after flushing.

So, instead, make the two domain types self-describing by prepending a
"$" in the use_ipaddr case.

Reviewed-by: NeilBrown <neilb@suse.de>
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agomountd: add trivial helpers for client-matching
J. Bruce Fields [Thu, 3 May 2012 19:01:20 +0000 (15:01 -0400)]
mountd: add trivial helpers for client-matching

From: "J. Bruce Fields" <bfields@redhat.com>

Pull out a tiny bit of common logic from three functions.

Possibly minor overkill, but simplifies the next patch.

Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agomountd: parse ip address earlier
J. Bruce Fields [Thu, 3 May 2012 18:59:27 +0000 (14:59 -0400)]
mountd: parse ip address earlier

I don't see the point of waiting to the last minute to parse the ip
address.  If the client name isn't a legal ip address then this will
fail fairly quickly, so there's not much of a performance penalty.

Also, note the previous code incorrectly assumed client_resolve would
always return non-NULL.

Also factor out some common code.

Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agomountd: fix export upcall failure in use_ipaddr case
J. Bruce Fields [Thu, 3 May 2012 18:56:19 +0000 (14:56 -0400)]
mountd: fix export upcall failure in use_ipaddr case

After 0509d3428f523 "mountd: Replace "struct hostent" with "struct
addinfo"", the export upcall fails in the use_ipaddr case.

I think we never noticed because a) the use_ipaddr case is rarer than
the !use_ipaddr case, and b) the nfsd_fh upcall does a preemptive export
downcall that renders the nfsd export call unnecessary in some cases.

Cc: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agomounts.nfs: v2 and v3 background mounts should retry when server is down.
Steve Dickson [Tue, 1 May 2012 19:34:34 +0000 (15:34 -0400)]
mounts.nfs: v2 and v3 background mounts should retry when server is down.

The point of background mounts is to have the mount
retried if the mount fails. This patch allows the v2/v3
background mount to proceed in the case when the server
is down by not making EOPNOTSUPP a permanent error.

Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agov4_root_add_parents: remove a possible buffer overflow.
NeilBrown [Tue, 1 May 2012 19:26:54 +0000 (15:26 -0400)]
v4_root_add_parents: remove a possible buffer overflow.

The loop in v4root_add_parents() is a little odd.
The first time through, 'ptr' points immediately "beyond"
a '/' character (the first).  For every other iterration it points
directly "at" a '/' character.
Such inconsistency is error prone and infact there is an error.
If "path" is precisely "/", then the first call to
   ptr = strchr(ptr, '/')

will be given a 'ptr' which is beyond the '\0' at the end of
"path".  This could potentially contain anything and the strchr()
could search well beyond a buffer (though this depends on exactly how
the string is set up which depends on separate code).

So change the loop to have 'ptr' always point at a '/', and
handle the special case of "/" explicitly.

Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agov4root: set the time-to-live for V4ROOT exports to the DEFAULT.
NeilBrown [Tue, 1 May 2012 19:25:17 +0000 (15:25 -0400)]
v4root: set the time-to-live for V4ROOT exports to the DEFAULT.

e_ttl is set to the default in init_exportent().
However V4ROOT exports never see init_exportent() as they are created
with dupexportent from a template.  So e_ttl does not get set and
export entries expire immediately.
This results in an upcall to mountd every time a V4ROOT directory
in accessed.

So set e_ttl in the template.

Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years ago4set_root: force "fsid=0" for all exports of '/'
NeilBrown [Tue, 1 May 2012 19:24:39 +0000 (15:24 -0400)]
4set_root: force "fsid=0" for all exports of '/'

When "fsid=0" is not explicitly given in /etc/exports,
v4set_root creates a pseudo (NFSEXP_V4ROOT) export for '/'
with fsid 0 so that an NFSv4 client can find the root.

However if '/' is explicitly exported to the client, then that
explicit export must be used, and it will not have fsid=0.
So we must impose fsid=0 on all exports of '/'.
Without this, if '/' is exported to a client, that client will
not be able to mount '/' with NFSv4.

Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agonfsd_fh: if two exports are possible, choose the one without V4ROOT
NeilBrown [Tue, 1 May 2012 19:22:57 +0000 (15:22 -0400)]
nfsd_fh: if two exports are possible, choose the one without V4ROOT

When nfsd_fh it looking for an export for a particular
client and file-handle, it might find two exports for the same path:
one with NFSEXP_V4ROOT, one with out.

As nfsd_fh calls cache_export_ent to give the export information to
the kernel it much choose the same export that auth_authenticate
chooses for get_rootfh which it also passes cache_export_ent (via
cache_export).
i.e. it must choose the non-V4ROOT on where possible.

Also change
   strcmp(foo, bar)
to
   strcmp(foo, bar) == 0
because I have a pathological fear of the former.

Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agoauth_authenticate_newcache: prefer non-V4ROOT export over V4ROOT exports
NeilBrown [Tue, 1 May 2012 19:20:31 +0000 (15:20 -0400)]
auth_authenticate_newcache: prefer non-V4ROOT export over V4ROOT exports

Currently auth_authenticate_internal finds an export and if it
is a V4ROOT export, it reports that there is no match.  Unlike
lookup_export() it doesn't keep looking for an acceptable export.

So remove the test from auth_authenticate_internal(), and add it to
auth_authenticate_newcache(), where the search can be allowed to
continue.

Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agolookup_export: really prefer nonV4ROOT exports.
NeilBrown [Tue, 1 May 2012 19:14:43 +0000 (15:14 -0400)]
lookup_export: really prefer nonV4ROOT exports.

lookup_export() claims to "Always prefer non-V4ROOT mounts" (meaning
"exports") but actually prefers V4ROOT exports - once it has 'found'
one it will never replace it.

So fix that inversion, and add code so that it proactively prefers a
non-V4ROOT whether it is found before or after a V4ROOT.

Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agoosd_login: Commit the files that go along with autologin script
Sachin Bhamare [Tue, 1 May 2012 19:17:01 +0000 (15:17 -0400)]
osd_login: Commit the files that go along with autologin script

Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agomountd: support IPv6 [] escaping with fsloc hosts
Weston Andros Adamson [Tue, 1 May 2012 18:54:39 +0000 (14:54 -0400)]
mountd: support IPv6 [] escaping with fsloc hosts

mountd uses colons to split fsloc hosts, but this doesn't work with IPv6
addresses (they contain ':').

To fix this, mountd is changed to expect all IPv6 addresses to be escaped
by '[' and ']' so colons that are part of the address may be skipped.
To fix IPv6 referrals, this patch must be used with the nfsd patch that
properly parses escaped IPv6 addresses in fs_location->hosts.

Signed-off-by: Weston Andros Adamson <dros@netapp.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agoosd_login: Add autologin script for objlayoutdriver
Sachin Bhamare [Tue, 1 May 2012 18:36:51 +0000 (14:36 -0400)]
osd_login: Add autologin script for objlayoutdriver

From: Sachin Bhamare <sbhamare@panasas.com>

This script is part of the autologin feature mandated by the
pnfs-objects standard.
It is called from objlayoutdriver.ko in the kernel.

It invokes iscsiadm program to perform the iscsi login to OSDs.
It also features a watchdog which will make sure that control
returns to kernel after 15s timeout.

Signed-off-by: Sachin Bhamare <sbhamare@panasas.com>
Signed-off-by: Boaz Harrosh <bharrosh@panasas.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agonfsdcld: General clean up. nfs-utils-1-2-5-rc4
Steve Dickson [Thu, 26 Apr 2012 16:31:48 +0000 (12:31 -0400)]
nfsdcld: General clean up.

- Added header clean up some warnings
- Updated the .gitignore file.

Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agonfsdcld: update the README
Jeff Layton [Thu, 26 Apr 2012 15:59:00 +0000 (11:59 -0400)]
nfsdcld: update the README

Add info to the README about when this daemon should be started, and
its build and runtime requirements.

Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agonfsdcld: add a manpage for nfsdcld
Jeff Layton [Thu, 26 Apr 2012 15:58:08 +0000 (11:58 -0400)]
nfsdcld: add a manpage for nfsdcld

Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agonfsdcld: make it watch for inotify events in the containing directory
Jeff Layton [Thu, 26 Apr 2012 15:54:37 +0000 (11:54 -0400)]
nfsdcld: make it watch for inotify events in the containing directory

Before opening the pipe, set an inotify watch on the containing dir and
then try to open the pipe. If it succeeds, then set up pipe and inotify
events and return success. If it fails with -ENOENT, then just set up
the inotify event and return success. If it fails with any other error
then return the error and the caller can then abort the program.

Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agonfsdcld: add function to remove unreclaimed client records
Jeff Layton [Thu, 26 Apr 2012 15:48:52 +0000 (11:48 -0400)]
nfsdcld: add function to remove unreclaimed client records

This should remove any client record that has a timestamp prior to
the given time.

Eventually, this call will need to be made cluster aware when this is
run in a clustered configuration. For now, this is only suitable for
single-host configurations.

Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agonfsdcld: add check/update functionality
Jeff Layton [Thu, 26 Apr 2012 15:47:58 +0000 (11:47 -0400)]
nfsdcld: add check/update functionality

Add functions to check whether a client is allowed to reclaim, and
update its timestamp in the DB if so. If either the query or update
fails, then the host is not allowed to reclaim state.

Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agonfsdcld: add remove functionality
Jeff Layton [Thu, 26 Apr 2012 15:46:14 +0000 (11:46 -0400)]
nfsdcld: add remove functionality

Allow the kernel to ask for removal of a client record.

Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agonfsdcld: add routines for a sqlite backend database
Jeff Layton [Thu, 26 Apr 2012 15:43:30 +0000 (11:43 -0400)]
nfsdcld: add routines for a sqlite backend database

Rather than roll our own "storage engine", use sqlite instead. It fits
the bill nicely as it does:

- durable on-disk storage
- the ability to constrain record uniqueness
- a facility for collating and searching the host records

...it does add a build dependency to nfs-utils, but almost all modern
distros provide those packages.

The current incarnation of this code dynamically links against a
provided sqlite library, but we could also consider including their
single-file "amalgamation" to reduce dependencies (though with all
the caveats that that entails).

Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agonfsdcld: add autoconf goop for sqlite
Jeff Layton [Thu, 26 Apr 2012 15:29:22 +0000 (11:29 -0400)]
nfsdcld: add autoconf goop for sqlite

Mostly cribbed from Chuck Lever's new-statd rewrite a few years ago...

This adds an autoconf test for the sqlite3 library and includes. If
they're not working properly and nfsdcld was enabled, then configure
will error out.

Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agonfsdcld: add client tracking daemon stub
Jeff Layton [Thu, 26 Apr 2012 15:22:46 +0000 (11:22 -0400)]
nfsdcld: add client tracking daemon stub

This program opens and "listens" on the new nfsd/cld rpc_pipefs pipe.
The code here doesn't actually do anything on stable storage yet. That
will be added in a later patch.

The patch also adds a autoconf enable switch for the new daemon that
defaults to "no", and a test for the upcall description header file.

Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agoAdd -l option to gssd to force legacy behaviour
Michael Weiser [Mon, 16 Apr 2012 10:49:21 +0000 (06:49 -0400)]
Add -l option to gssd to force legacy behaviour

Implement a new option -l to force gssd to ignore its kernel's crypto
capabilities and use just the Single DES legacy encryption types to be
compatible with old servers. This is only relevant if those servers have
strong keys in their keytab.

Signed-off-by: Steve Dickson <steved@redhat.com>
Tested-by: Michael Weiser <weiser@science-computing.de>
12 years agorpc.gssd: Links directly with libgssapi_krb5 which not needed.
Steve Dickson [Thu, 26 Jan 2012 19:56:13 +0000 (14:56 -0500)]
rpc.gssd: Links directly with libgssapi_krb5 which not needed.

rpc.gssd and rpc.svcgssd both link with the libgssapi_krb5 and
libgssglue libraries which is not needed since libgssglue
will dynamically load the gssapi interface defined in the
/etc/gssapi_mech.conf. Most likely the libgssapi_krb5 library.

Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agogssd: Look for user creds in user defined directory
Steve Dickson [Thu, 22 Mar 2012 15:02:46 +0000 (11:02 -0400)]
gssd: Look for user creds in user defined directory

The user credential cache currently is kept in /tmp.
In upcoming Kerberos release that will be moved to
/run/user/<username>/. This patch enables gssd to
look in both the old and new caches

Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agonfsd: Bump up the default to 8 nprocs
Steve Dickson [Fri, 16 Mar 2012 13:34:43 +0000 (09:34 -0400)]
nfsd: Bump up the default to 8 nprocs

When the nproc argument is not given the rpc.nfsd
a default number of processes is created. This
patch bumps that default up from 1 to 8.

Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agorpc.idmap: Hide global symbols from libidmap plugins
Noah Friedman [Thu, 15 Mar 2012 16:52:50 +0000 (12:52 -0400)]
rpc.idmap: Hide global symbols from libidmap plugins

This patch limits the visibility of the symbols in the nfs-utils
conffile.c so that they are only visible to programs linked directly to
it.  This forces the objects dynamically loaded via libnfsidmap to use
the functions defined in that shared library instead.

Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agoKill SPKM3: Remove also the dependent lipkey mechanism
Simo Sorce [Mon, 12 Mar 2012 21:06:41 +0000 (17:06 -0400)]
Kill SPKM3: Remove also the dependent lipkey mechanism

Signed-off-by: Simo Sorce <simo@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agoKill SPKM3: Remove mentions of SPKM3 from README
Simo Sorce [Mon, 12 Mar 2012 19:52:09 +0000 (15:52 -0400)]
Kill SPKM3: Remove mentions of SPKM3 from README

Signed-off-by: Simo Sorce <simo@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agoKill SPKM3: Stop checking for spkm3.h in configure
Simo Sorce [Mon, 12 Mar 2012 19:51:33 +0000 (15:51 -0400)]
Kill SPKM3: Stop checking for spkm3.h in configure

Signed-off-by: Simo Sorce <simo@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agoKill SPKM3: Remove spkm3 support from exports
Simo Sorce [Mon, 12 Mar 2012 19:49:50 +0000 (15:49 -0400)]
Kill SPKM3: Remove spkm3 support from exports

signed-off-by: Simo Sorce <simo@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agoKill SPKM3: Remove spkm3 support from nfs.mount
Simo Sorce [Mon, 12 Mar 2012 19:48:50 +0000 (15:48 -0400)]
Kill SPKM3: Remove spkm3 support from nfs.mount

Signed-off-by: Simo Sorce <simo@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agoKill SPKM3: remove spkm3 from common gssd code
Simo Sorce [Mon, 12 Mar 2012 19:48:04 +0000 (15:48 -0400)]
Kill SPKM3: remove spkm3 from common gssd code

Signed-off-by: Simo Sorce <simo@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agoKill SPKM3: Remove spkm3 support from gssd
Simo Sorce [Mon, 12 Mar 2012 19:44:26 +0000 (15:44 -0400)]
Kill SPKM3: Remove spkm3 support from gssd

Signed-off-by: Simo Sorce <simo@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agoKill SPKM3: Remove spkm3 references from svcgssd
Simo Sorce [Mon, 12 Mar 2012 19:43:22 +0000 (15:43 -0400)]
Kill SPKM3: Remove spkm3 references from svcgssd

Signed-off-by: Simo Sorce <simo@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agoexportfs: Removed warnings about routines not being prototyped
Steve Dickson [Mon, 12 Mar 2012 19:39:19 +0000 (15:39 -0400)]
exportfs: Removed warnings about routines not being prototyped

Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agoexportfs: Stop racing exportfs on clusters
Steve Dickson [Mon, 12 Mar 2012 17:17:15 +0000 (13:17 -0400)]
exportfs: Stop racing exportfs on clusters

This problem can occur when multiple cluster services fail over
at the same time, causing missing high-available exports.
Having a lot of nfs-exports will trigger this issue easier.

https://bugzilla.linux-nfs.org/show_bug.cgi?id=224

Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agonfsmount: Fixed parsing error in the nfsmount.conf code.
Steve Dickson [Tue, 6 Mar 2012 16:03:38 +0000 (11:03 -0500)]
nfsmount: Fixed parsing error in the nfsmount.conf code.

When the options where prefixed with spaces (instead of tabs)
the second option in the list was missed to so a miscalculation
the the nfsmount.conf parsing code.

Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agonfs-utils: exports man page: no_acl is not supported
Harshula Jayasuriya [Wed, 29 Feb 2012 20:41:17 +0000 (15:41 -0500)]
nfs-utils: exports man page: no_acl is not supported

The inclusion of no_acl in the exports man page is confusing since it is
not actually supported (v3.3-rc3):

1090 static struct flags {
1091         int flag;
1092         char *name[2];
1093 } expflags[] = {
1094         { NFSEXP_READONLY, {"ro", "rw"}},
1095         { NFSEXP_INSECURE_PORT, {"insecure", ""}},
1096         { NFSEXP_ROOTSQUASH, {"root_squash", "no_root_squash"}},
1097         { NFSEXP_ALLSQUASH, {"all_squash", ""}},
1098         { NFSEXP_ASYNC, {"async", "sync"}},
1099         { NFSEXP_GATHERED_WRITES, {"wdelay", "no_wdelay"}},
1100         { NFSEXP_NOHIDE, {"nohide", ""}},
1101         { NFSEXP_CROSSMOUNT, {"crossmnt", ""}},
1102         { NFSEXP_NOSUBTREECHECK, {"no_subtree_check", ""}},
1103         { NFSEXP_NOAUTHNLM, {"insecure_locks", ""}},
1104         { NFSEXP_V4ROOT, {"v4root", ""}},
1105         { 0, {"", ""}}
1106 };

Signed-off-by: Harshula Jayasuriya <harshula@redhat.com>
Acked-by: J. Bruce Fields <bfields@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agoautoconf: only link binaries that need it to libtirpc nfs-utils-1-2-6-rc6
Jeff Layton [Mon, 16 Jan 2012 19:39:25 +0000 (14:39 -0500)]
autoconf: only link binaries that need it to libtirpc

This patch is essentially the same as the previous version, but has
been respun to fix up some merge conflicts with some of Chuck's
recent changes.

When we first added tirpc support, we took a "big hammer" approach, and
had it add libtirpc to $LIBS. That had the effect of making it so that
that library was linked into every binary. That's unnecessary, and
wasteful with memory.

Don't let AC_CHECK_LIB add -ltirpc to $LIBS. Instead, have the autoconf
tests set $(LIBTIRPC) in the makefiles, and have the programs that
need it explicitly include that library. In the event that we're not
using libtirpc, then set $LIBTIRPC to a blank string.

This necessitates a change to the bindresvport_sa check too. Since that
library is no longer included in $LIBS, we need to convert that check
to use AC_CHECK_LIB instead of AC_CHECK_FUNCS.

This patch also fixes a subtle bug. If the library was usable, but the
includes were not, the test would set $enable_tirpc to "no", but
HAVE_LIBTIRPC would still be true. That configuration would likely
fail to build.

Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agonfsidmap: Purge the keyring when its full.
Steve Dickson [Thu, 12 Jan 2012 20:09:49 +0000 (15:09 -0500)]
nfsidmap: Purge the keyring when its full.

When a key can not be added to a keyring because
the keyring is full or there is no memory for
the playload, keyctl_instantiate() will fail
and set the errno to -EDQUOT, -ENFILE or
-ENOMEM

When this happens, purge the keyring to
free things up and then try to re-add
the key.

Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agomountd: Support junction management plug-ins nfs-utils-1-2-6-rc5
Chuck Lever [Thu, 5 Jan 2012 21:24:16 +0000 (16:24 -0500)]
mountd: Support junction management plug-ins

To support FedFS and NFS junctions without introducing additional
build-time or run-time dependencies on nfs-utils, the community has
chosen to use a dynamically loadable library to handle junction
resolution.

There is one plug-in library for mountd that will handle any NFS-
related junction type.  Currently there are two types:

  o nfs-basic locally stored file set location data, and

  o nfs-fedfs file set location data stored on an LDAP server

mountd's support for this library is enabled at build time by the
presence of the junction API definition header:

  /usr/include/nfs-plugin.h

If this header is not found on the build system, mountd will build
without junction support, and will operate as before.

Note that mountd does not cache junction resolution results.  NFSD
already caches these results in its exports cache.  Thus each time
NFSD calls up to mountd, it is, in essence, requesting a fresh
junction resolution operation, not a cached response.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agomountd: remove newline from xlog() format specifier strings
Chuck Lever [Thu, 5 Jan 2012 21:03:08 +0000 (16:03 -0500)]
mountd: remove newline from xlog() format specifier strings

Clean up: xlog() already adds a newline to the end of each line of
output.  Remove the superfluous newline from a number of xlog()
call sites in mountd.

Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agomountd: Plug v4root memory leak
Chuck Lever [Thu, 5 Jan 2012 21:01:22 +0000 (16:01 -0500)]
mountd: Plug v4root memory leak

Valgrind reports that the memory allocated for eep's e_hostname field
was not being freed.  eep is not visible outside of v4root_create(),
so we don't need to strdup() that string.

Introduced by commit 3b777b0 "exports: NFSv4 pseudoroot support
routines" (Dec 1, 2009).

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agoconfigure.ac: Don't check for AI_ADDRCONFIG
Chuck Lever [Thu, 5 Jan 2012 20:54:00 +0000 (15:54 -0500)]
configure.ac: Don't check for AI_ADDRCONFIG

Commit 1ea2c3be: "nfs-utils: Remove all uses of AI_ADDRCONFIG,"
(October 28, 2010) removed the last use of AI_ADDRCONFIG.  Even so,
ipv6.m4 uses this check to ensure that the local getaddrinfo(3)
implementation is recent.  Maybe we shouldn't bother.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agoconfigure.ac: Clean up help string for --with-statdpath
Chuck Lever [Thu, 5 Jan 2012 20:51:42 +0000 (15:51 -0500)]
configure.ac: Clean up help string for --with-statdpath

Neither m4 nor the vim colorizer like unbalanced single quotes.
Similar change as commit 34ee5730.

Also, the default value of the command line option is conventionally
listed in the right-hand side argument of AC_HELP_STRING.

Introduced by commit 5c3e2665: "statd: Decouple statd's state
directory from the NFS state directory," (September 20, 2011).

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agoautoconf: don't let libnfsidmap test add -lnfsidmap to $LIBS
Jeff Layton [Fri, 23 Dec 2011 19:41:11 +0000 (14:41 -0500)]
autoconf: don't let libnfsidmap test add -lnfsidmap to $LIBS

...as that makes that library get linked into every binary. Also,
replace "hardcoded" -lnfsidmap linker flag in Makefiles with
a AC_SUBST variable.

This fixes a regression introduced in commit d7c64dd.

Signed-off-by: Jeff Layton <jlayton@redhat.com>
12 years agoautoconf: fix up libevent autoconf test
Jeff Layton [Fri, 23 Dec 2011 14:04:54 +0000 (09:04 -0500)]
autoconf: fix up libevent autoconf test

Have it set LIBEVENT to -levent and use that in the Makefiles instead
of hardcoding it.

Signed-off-by: Jeff Layton <jlayton@redhat.com>
12 years agogssd: avoid double-free upon write failure
Jim Meyering [Thu, 5 Jan 2012 18:37:04 +0000 (13:37 -0500)]
gssd: avoid double-free upon write failure

Free just calloc'd enc_key.data from one place, unconditionally,
after calling write_lucid_keyblock, rather than from three places.

Coverity spotted the possible double free.

Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agomount.nfs: don't overwrite mount options from /etc/nfsmount.conf
Karel Zak [Thu, 5 Jan 2012 18:32:26 +0000 (13:32 -0500)]
mount.nfs: don't overwrite mount options from /etc/nfsmount.conf

The libmount (as well as mount(8)) ignores mount options from command
line if running in restricted mode (suid, non-root-user) and all
options are read from fstab only.

It means that all options are replaced with stuff from fstab,
including mount options from nfsmount.conf. This is bug.

We have to apply fstab and then nfsmount.conf.

Signed-off-by: Karel Zak <kzak@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agonfsctl: fix building with newer arches
Mike Frysinger [Thu, 5 Jan 2012 18:21:24 +0000 (13:21 -0500)]
nfsctl: fix building with newer arches

Newer arches omitting both nfsctl and nfsservctl which breaks nfsctl.

Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agonfsidmap: Stack variable not being initialized. nfs-utils-1-2-6-rc4
Steve Dickson [Tue, 13 Dec 2011 19:49:00 +0000 (14:49 -0500)]
nfsidmap: Stack variable not being initialized.

The 'clearing' variable was not being initialized
to zero which was cause the default key ring to
always be cleared.

Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agomount.nfs: Background mounts failing on time out errors.
Steve Dickson [Mon, 5 Dec 2011 14:48:46 +0000 (09:48 -0500)]
mount.nfs: Background mounts failing on time out errors.

Mounting with the "-o v3,bg,proto=udp" options will
fail, instead of retrying, when the server is down.
The reason being nfs_rewrite_pmap_mount_options()
does not interrupt RPC timeouts correctly.

Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agonfsidmap: Allow a particular key to be revoked.
Steve Dickson [Thu, 17 Nov 2011 19:39:43 +0000 (14:39 -0500)]
nfsidmap: Allow a particular key to be revoked.

Introducing three new command line arguments
that allow particular keys to be revoke

  -u will remove a uid key
  -g will revoke a gid key
  -r will revoke both the uid and gid keys

A user name has also needs to be supply with
these new flags.

Signed-off-by: Steve Dickson <steved@redhat.com>
12 years agonfsidmap: Allow keys to be cleared from the keyring
Steve Dickson [Thu, 17 Nov 2011 18:02:38 +0000 (13:02 -0500)]
nfsidmap: Allow keys to be cleared from the keyring

Added the '-c' command line argument that will
clear all the keys from the keyring.

Signed-off-by: Steve Dickson <steved@redhat.com>
13 years agorpc.idmapd: Sections in idmapd.conf are ignored. nfs-utils-1-2-6-rc3
Steve Dickson [Mon, 14 Nov 2011 14:54:47 +0000 (09:54 -0500)]
rpc.idmapd: Sections in idmapd.conf are ignored.

In the parsing routine, conf_parse_line(), a string
is not being null terminated which is causing
section of the config file to be ignored.

https://bugzilla.linux-nfs.org/show_bug.cgi?id=205

Signed-off-by: Steve Dickson <steved@redhat.com>