From 6b6945c52f6dbcdb2768e0b43ef3a865fe89b6ba Mon Sep 17 00:00:00 2001 From: "Steinar H. Gunderson" Date: Tue, 4 Jul 2006 18:55:51 +0200 Subject: [PATCH] Imported Debian patch 1.0.8+1.0.9pre1-1 --- debian/changelog | 35 +++++++++++++++++ debian/control | 4 +- debian/nfs-common.init | 74 +++++++++++++++++++++++++---------- debian/nfs-common.install | 6 +++ debian/nfs-common.manpages | 2 + debian/nfs-kernel-server.init | 69 ++++++++++++++++++++++---------- utils/gssd/Makefile.in | 2 +- utils/gssd/svcgssd_proc.c | 12 +++--- 8 files changed, 154 insertions(+), 50 deletions(-) diff --git a/debian/changelog b/debian/changelog index 5c6d8b0..f8705ac 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,38 @@ +nfs-utils (1:1.0.8+1.0.9pre1-1) unstable; urgency=low + + * New upstream release. + * debian/ directory removed from upstream; no need to repack or do ugly + hacks in debian/rules anymore. + * Obsoletes most Debian-specific patches, as they are already included + upstream. For reference, the patches that are still Debian-specific are: + * Use 65534 instead of -2 for anonuid, update manpage accordingly. + * Debian-specific information in exports man page. + * Don't use -rpath for gssd. + * Hardcode default mapping in svcgssd. Adjust patch to use uid/gid + 65534 instead of -2, for consistency; also remove double error + message. + * Spelling fixes in nfsstat, showmount and statd man pages. + * Supports options to bind to specific IPs. (Closes: #246939, #312720) + * Include mount.nfs and friends, which will over time take over the job of + doing NFS mounting from util-linux. + * Complete sync with Ubuntu: + * Pull in changes to use LSB display functions in init scripts; adapted + to give output more like what was already in Debian, to fix a few bugs, + and use plain echo in "status" targets, where using LSB functions makes + no sense. + * Depend on lsb-base from nfs-common and nfs-kernel-server. + * Init script updates: + * Document "status" option in the nfs-common init script's help message. + * Drop "set -e"; it makes error checking wrt. the LSB functions harder. + * Drop obsolete "cd /". + * Fix syntax errors in "status" target. + * In the "status" target, don't check that the output of pidof matches the + pidfiles for gssd and idmapd, as they fork after start and thus get a + different pid. + * Include gss_clnt_send_err and gss_destroy_creds binaries. + + -- Steinar H. Gunderson Tue, 4 Jul 2006 18:55:51 +0200 + nfs-utils (1:1.0.8-10) unstable; urgency=high * Added nfs-common dependency on coreutils (>= 5.93-1). The readlink diff --git a/debian/control b/debian/control index 1e45462..c4ac65c 100644 --- a/debian/control +++ b/debian/control @@ -9,7 +9,7 @@ Standards-Version: 3.7.2 Package: nfs-kernel-server Priority: optional Architecture: any -Depends: nfs-common (>= 1:1.0.8-1), sysvinit (>= 2.80-1), ucf, ${shlibs:Depends} +Depends: nfs-common (>= 1:1.0.8-1), sysvinit (>= 2.80-1), ucf, lsb-base (>= 1.3-9ubuntu3), ${shlibs:Depends} Provides: knfs, nfs-server Conflicts: knfs, nfs-server Replaces: knfs, nfs-server @@ -25,7 +25,7 @@ Description: Kernel NFS server support Package: nfs-common Architecture: any -Depends: coreutils (>= 5.93-1), portmap, sysvinit (>= 2.80-1), adduser, ucf, ${shlibs:Depends} +Depends: coreutils (>= 5.93-1), portmap, sysvinit (>= 2.80-1), adduser, ucf, lsb-base (>= 1.3-9ubuntu3), ${shlibs:Depends} Provides: nfs-client Conflicts: nfs-client Replaces: nfs-client, nfs-kernel-server (<< 1:1.0.7-5) diff --git a/debian/nfs-common.init b/debian/nfs-common.init index 6de8336..8501601 100644 --- a/debian/nfs-common.init +++ b/debian/nfs-common.init @@ -9,8 +9,6 @@ # locking functionality. # -set -e - # What is this? DESC="NFS common utilities" @@ -28,6 +26,8 @@ if [ -f $DEFAULTFILE ]; then . $DEFAULTFILE fi +. /lib/lsb/init-functions + # Determine whether lockd daemon is required. case "$NEED_LOCKD" in yes|no) ;; @@ -124,16 +124,25 @@ do_umount() { # See how we were called. case "$1" in start) - cd / # daemons should have root dir as cwd - printf "Starting $DESC:" - printf " statd" + log_daemon_msg "Starting $DESC" + + log_progress_msg "statd" start-stop-daemon --start --oknodo --quiet \ --exec $PREFIX/sbin/rpc.statd -- $STATDOPTS + if [ $? != 0 ]; then + log_end_msg $? + exit $? + fi + if [ "$NEED_LOCKD" = yes ] then - printf " lockd" + log_progress_msg "lockd" start-stop-daemon --start --oknodo --quiet \ - --exec $PREFIX/sbin/rpc.lockd || true + --exec $PREFIX/sbin/rpc.lockd + if [ $? != 0 ]; then + log_end_msg $? + exit $? + fi fi if [ "$NEED_IDMAPD" = yes ] || [ "$NEED_GSSD" = yes ] then @@ -143,53 +152,78 @@ case "$1" in then if [ "$NEED_IDMAPD" = yes ] then - printf " idmapd" + log_progress_msg "idmapd" start-stop-daemon --start --oknodo --quiet \ --make-pidfile --pidfile $IDMAPD_PIDFILE \ --exec /usr/sbin/rpc.idmapd + if [ $? != 0 ]; then + log_end_msg $? + exit $? + fi fi if [ "$NEED_GSSD" = yes ] then do_modprobe rpcsec_gss_krb5 - printf " gssd" + log_progress_msg "gssd" start-stop-daemon --start --oknodo --quiet \ --make-pidfile --pidfile $GSSD_PIDFILE \ --exec /usr/sbin/rpc.gssd -- $RPCGSSDOPTS + if [ $? != 0 ]; then + log_end_msg $? + exit $? + fi fi fi fi - echo "." + log_end_msg 0 ;; stop) - printf "Stopping $DESC:" + log_daemon_msg "Stopping $DESC" + if [ "$NEED_GSSD" = yes ] then - printf " gssd" + log_progress_msg "gssd" start-stop-daemon --stop --oknodo --quiet \ --name rpc.gssd + if [ $? != 0 ]; then + log_end_msg $? + exit $? + fi rm -f $GSSD_PIDFILE fi if [ "$NEED_IDMAPD" = yes ] then - printf " idmapd" + log_progress_msg "idmapd" start-stop-daemon --stop --oknodo --quiet \ --name rpc.idmapd + if [ $? != 0 ]; then + log_end_msg $? + exit $? + fi rm -f $IDMAPD_PIDFILE fi if [ "$NEED_LOCKD" = yes ] then - printf " lockd" + log_progress_msg "lockd" start-stop-daemon --stop --oknodo --quiet \ - --name rpc.lockd || true + --name rpc.lockd + if [ $? != 0 ]; then + log_end_msg $? + exit $? + fi else pkill -KILL -u root -x lockd || true fi - printf " statd" + log_progress_msg "statd" start-stop-daemon --stop --oknodo --quiet \ --name rpc.statd + if [ $? != 0 ]; then + log_end_msg $? + exit $? + fi do_umount $PIPEFS_MOUNTPOINT 2>/dev/null || true - echo "." + log_end_msg 0 ;; status) @@ -201,7 +235,7 @@ case "$1" in if [ "$NEED_GSSD" = yes ] then - if [ ! -f "$GSSD_PIDFILE" ] || [ "$( pidof rpc.gssd )" != "$( cat $GSSD_PIDFILE )"] + if [ ! -f "$GSSD_PIDFILE" ] || ! pidof rpc.gssd >/dev/null then echo "rpc.statd running, but rpc.gssd halted" exit 3 @@ -219,7 +253,7 @@ case "$1" in if [ "$NEED_IDMAPD" = yes ] then - if [ ! -f "$IDMAPD_PIDFILE" ] || [ "$( pidof rpc.idmapd )" != "$( cat $IDMAPD_PIDFILE )"] + if [ ! -f "$IDMAPD_PIDFILE" ] || ! pidof rpc.idmapd >/dev/null then echo "rpc.statd running, but rpc.idmapd halted" exit 3 @@ -237,7 +271,7 @@ case "$1" in ;; *) - echo "Usage: nfs-common {start|stop|restart}" + log_success_msg "Usage: nfs-common {start|stop|status|restart}" exit 1 ;; esac diff --git a/debian/nfs-common.install b/debian/nfs-common.install index 45c637d..9657884 100644 --- a/debian/nfs-common.install +++ b/debian/nfs-common.install @@ -1,9 +1,15 @@ debian/tmp/usr/sbin/rpc.lockd sbin/ debian/tmp/usr/sbin/rpc.statd sbin/ debian/tmp/usr/sbin/showmount sbin/ +debian/tmp/usr/sbin/mount.nfs sbin/ +debian/tmp/usr/sbin/mount.nfs4 sbin/ +debian/tmp/usr/sbin/umount.nfs sbin/ +debian/tmp/usr/sbin/umount.nfs4 sbin/ debian/tmp/usr/sbin/nfsstat debian/tmp/usr/sbin/rpc.gssd debian/tmp/usr/sbin/rpc.idmapd +debian/tmp/usr/sbin/gss_clnt_send_err +debian/tmp/usr/sbin/gss_destroy_creds debian/idmapd.conf usr/share/nfs-common/conffiles/ debian/idmapd.conf.md5sum usr/share/nfs-common/conffiles/ debian/nfs-common.default usr/share/nfs-common/conffiles/ diff --git a/debian/nfs-common.manpages b/debian/nfs-common.manpages index 0e57332..dccdeb2 100644 --- a/debian/nfs-common.manpages +++ b/debian/nfs-common.manpages @@ -6,3 +6,5 @@ debian/tmp/usr/share/man/man8/statd.8 debian/tmp/usr/share/man/man8/nfsstat* debian/tmp/usr/share/man/man8/showmount* debian/tmp/usr/share/man/man8/idmapd* +debian/tmp/usr/share/man/man8/mount.nfs.8 +debian/tmp/usr/share/man/man8/umount.nfs.8 diff --git a/debian/nfs-kernel-server.init b/debian/nfs-kernel-server.init index fb85f6c..15b3254 100644 --- a/debian/nfs-kernel-server.init +++ b/debian/nfs-kernel-server.init @@ -10,8 +10,6 @@ # which is configured via the /etc/exports file. # -set -e - # What is this? DESC="NFS kernel daemon" PREFIX=/usr @@ -34,6 +32,8 @@ if [ -f $DEFAULTFILE ]; then . $DEFAULTFILE fi +. /lib/lsb/init-functions + do_modprobe() { if [ -x /sbin/modprobe ] then @@ -57,29 +57,34 @@ do_mount() { # See how we were called. case "$1" in start) - cd / # daemons should have root dir as cwd if [ -f /etc/exports ] then do_modprobe nfsd # See if our running kernel supports the NFS kernel server if [ -f /proc/kallsyms ] && ! grep -qE 'init_nf(sd| )' /proc/kallsyms; then - echo "Not starting $DESC: no support in current kernel." + log_warning_msg "Not starting $DESC: no support in current kernel." exit 0 fi do_mount nfsd $PROCNFSD_MOUNTPOINT || NEED_SVCGSSD=no - printf "Exporting directories for $DESC..." + log_begin_msg "Exporting directories for $DESC..." $PREFIX/sbin/exportfs -r - echo "done." + if [ $? != 0 ]; then + log_end_msg $? + exit $? + fi + log_end_msg 0 - printf "Starting $DESC:" - printf " nfsd" + log_daemon_msg "Starting $DESC" + log_progress_msg "nfsd" start-stop-daemon --start --oknodo --quiet \ --nicelevel $RPCNFSDPRIORITY \ --exec $PREFIX/sbin/rpc.nfsd -- $RPCNFSDCOUNT - - printf " mountd" + if [ $? != 0 ]; then + log_end_msg $? + exit $? + fi # make sure 127.0.0.1 is a valid source for requests ClearAddr= @@ -96,30 +101,53 @@ case "$1" in [ -z "$ClearAddr" ] || echo "nfsd 127.0.0.1 1" >/proc/net/rpc/auth.unix.ip/channel + log_progress_msg "mountd" start-stop-daemon --start --oknodo --quiet \ --exec $PREFIX/sbin/rpc.mountd -- $RPCMOUNTDOPTS - echo "." + if [ $? != 0 ]; then + log_end_msg $? + exit $? + fi + + log_end_msg 0 else - echo "Not starting $DESC: No exports." + log_warning_msg "Not starting $DESC: no exports." fi ;; stop) - printf "Stopping $DESC: mountd" + log_daemon_msg "Stopping $DESC" + + log_progress_msg "mountd" start-stop-daemon --stop --oknodo --quiet \ --name rpc.mountd --user 0 - printf " nfsd" + if [ $? != 0 ]; then + log_end_msg $? + exit $? + fi + + log_progress_msg "nfsd" start-stop-daemon --stop --oknodo --quiet \ --name nfsd --user 0 --signal 2 - echo "." + if [ $? != 0 ]; then + log_end_msg $? + exit $? + fi - printf "Unexporting directories for $DESC..." + log_end_msg 0 + + log_begin_msg "Unexporting directories for $DESC..." $PREFIX/sbin/exportfs -au + if [ $? != 0 ]; then + log_end_msg $? + exit $? + fi + log_end_msg 0 + if mountpoint -q /proc/nfs/nfsd then $PREFIX/sbin/exportfs -f fi - echo "done." ;; status) @@ -134,9 +162,10 @@ case "$1" in ;; reload | force-reload) - printf "Re-exporting directories for $DESC..." + log_begin_msg "Re-exporting directories for $DESC..." $PREFIX/sbin/exportfs -r - echo "done." + log_end_msg $? + exit $? ;; restart) @@ -146,7 +175,7 @@ case "$1" in ;; *) - echo "Usage: nfs-kernel-server {start|stop|status|reload|force-reload|restart}" + log_success_msg "Usage: nfs-kernel-server {start|stop|status|reload|force-reload|restart}" exit 1 ;; esac diff --git a/utils/gssd/Makefile.in b/utils/gssd/Makefile.in index c62bc22..3c425bf 100644 --- a/utils/gssd/Makefile.in +++ b/utils/gssd/Makefile.in @@ -285,7 +285,7 @@ gssd_SOURCES = \ write_bytes.h gssd_LDADD = $(RPCSECGSS_LIBS) $(KRBLIBS) -gssd_LDFLAGS = +gssd_LDFLAGS = -Wl,-rpath=$(KRBDIR)/lib gssd_CFLAGS = $(AM_CFLAGS) $(CFLAGS) \ $(RPCSECGSS_CFLAGS) $(KRBCFLAGS) diff --git a/utils/gssd/svcgssd_proc.c b/utils/gssd/svcgssd_proc.c index 3d67dc6..79f5f50 100644 --- a/utils/gssd/svcgssd_proc.c +++ b/utils/gssd/svcgssd_proc.c @@ -220,23 +220,21 @@ get_ids(gss_name_t client_name, gss_OID mech, struct svc_cred *cred) nfs4_init_name_mapping(NULL); /* XXX: should only do this once */ res = nfs4_gss_princ_to_ids(secname, sname, &uid, &gid); if (res < 0) { - printerr(0, "WARNING: get_ids: unable to map " - "name '%s' to a uid\n", sname); + printerr(0, "WARNING: get_ids: failed to map name '%s' " + "to uid/gid: %s\n", sname, strerror(-res)); /* * -ENOENT means there was no mapping, any other error * value means there was an error trying to do the * mapping. */ if (res == -ENOENT) { - cred->cr_uid = -2; /* XXX */ - cred->cr_gid = -2; /* XXX */ - cred->cr_groups[0] = -2;/* XXX */ + cred->cr_uid = 65534; /* XXX */ + cred->cr_gid = 65534; /* XXX */ + cred->cr_groups[0] = 65534;/* XXX */ cred->cr_ngroups = 1; res = 0; goto out_free; } - printerr(0, "WARNING: get_ids: failed to map name '%s' " - "to uid/gid: %s\n", sname, strerror(-res)); goto out_free; } cred->cr_uid = uid; -- 2.39.5