2 * utils/exportfs/exportfs.c
4 * Export file systems to knfsd
6 * Copyright (C) 1995, 1996, 1997 Olaf Kirch <okir@monad.swb.de>
8 * Extensive changes, 1999, Neil Brown <neilb@cse.unsw.edu.au>
15 #include <sys/types.h>
37 static void export_all(int verbose);
38 static void exportfs(char *arg, char *options, int verbose);
39 static void unexportfs(char *arg, int verbose);
40 static void exports_update(int verbose);
41 static void dump(int verbose);
42 static void error(nfs_export *exp, int err);
43 static void usage(const char *progname);
44 static void validate_export(nfs_export *exp);
45 static int matchhostname(const char *hostname1, const char *hostname2);
46 static void export_d_read(const char *dname);
48 static const char *lockfile = EXP_LOCKFILE;
49 static int _lockfd = -1;
52 * If we aren't careful, changes made by exportfs can be lost
53 * when multiple exports process run at once:
55 * exportfs process 1 exportfs process 2
56 * ------------------------------------------
57 * reads etab version A reads etab version A
58 * adds new export B adds new export C
59 * writes A+B writes A+C
61 * The locking in support/export/xtab.c will prevent mountd from
62 * seeing a partially written version of etab, and will prevent
63 * the two writers above from writing simultaneously and
64 * corrupting etab, but to prevent problems like the above we
65 * need these additional lockfile() routines.
70 _lockfd = open(lockfile, O_CREAT|O_RDWR, 0666);
72 lockf(_lockfd, F_LOCK, 0);
78 lockf(_lockfd, F_ULOCK, 0);
82 main(int argc, char **argv)
85 char *progname = NULL;
95 if ((progname = strrchr(argv[0], '/')) != NULL)
106 while ((c = getopt(argc, argv, "aio:ruvf")) != EOF) {
136 if (optind != argc && f_all) {
137 xlog(L_ERROR, "extra arguments are not permitted with -a or -r");
140 if (f_ignore && (f_all || ! f_export)) {
141 xlog(L_ERROR, "-i not meaningful with -a, -r or -u");
144 if (f_reexport && ! f_export) {
145 xlog(L_ERROR, "-r and -u are incompatible");
148 new_cache = check_new_cache();
149 if (optind == argc && ! f_all) {
154 xlog(L_ERROR, "-f is available only "
155 "with new cache controls. "
156 "Mount /proc/fs/nfsd first");
168 * Serialize things as best we can
171 atexit(release_lockfile);
173 if (f_export && ! f_ignore) {
174 export_read(_PATH_EXPORTS);
175 export_d_read(_PATH_EXPORTS_D);
179 export_all(f_verbose);
181 for (i = optind; i < argc ; i++)
182 exportfs(argv[i], options, f_verbose);
184 /* If we are unexporting everything, then
185 * don't care about what should be exported, as that
186 * may require DNS lookups..
188 if (! ( !f_export && f_all)) {
189 /* note: xtab_*_read does not update entries if they already exist,
190 * so this will not lose new options
195 for (i = optind ; i < argc ; i++)
196 unexportfs(argv[i], f_verbose);
202 exports_update(f_verbose);
206 cache_flush(force_flush);
214 exports_update_one(nfs_export *exp, int verbose)
216 /* check mountpoint option */
217 if (exp->m_mayexport &&
218 exp->m_export.e_mountpoint &&
219 !is_mountpoint(exp->m_export.e_mountpoint[0]?
220 exp->m_export.e_mountpoint:
221 exp->m_export.e_path)) {
222 printf("%s not exported as %s not a mountpoint.\n",
223 exp->m_export.e_path, exp->m_export.e_mountpoint);
224 exp->m_mayexport = 0;
226 if (exp->m_mayexport && ((exp->m_exported<1) || exp->m_changed)) {
228 printf("%sexporting %s:%s to kernel\n",
229 exp->m_exported ?"re":"",
230 exp->m_client->m_hostname,
231 exp->m_export.e_path);
232 if (!export_export(exp))
235 if (exp->m_exported && ! exp->m_mayexport) {
237 printf("unexporting %s:%s from kernel\n",
238 exp->m_client->m_hostname,
239 exp->m_export.e_path);
240 if (!export_unexport(exp))
246 /* we synchronise intention with reality.
247 * entries with m_mayexport get exported
248 * entries with m_exported but not m_mayexport get unexported
249 * looking at m_client->m_type == MCL_FQDN and m_client->m_type == MCL_GSS only
252 exports_update(int verbose)
256 for (exp = exportlist[MCL_FQDN].p_head; exp; exp=exp->m_next) {
257 exports_update_one(exp, verbose);
259 for (exp = exportlist[MCL_GSS].p_head; exp; exp=exp->m_next) {
260 exports_update_one(exp, verbose);
265 * export_all finds all entries and
266 * marks them xtabent and mayexport so that they get exported
269 export_all(int verbose)
274 for (i = 0; i < MCL_MAXTYPES; i++) {
275 for (exp = exportlist[i].p_head; exp; exp = exp->m_next) {
277 printf("exporting %s:%s\n",
278 exp->m_client->m_hostname,
279 exp->m_export.e_path);
281 exp->m_mayexport = 1;
284 validate_export(exp);
291 exportfs(char *arg, char *options, int verbose)
293 struct exportent *eep;
294 nfs_export *exp = NULL;
295 struct addrinfo *ai = NULL;
300 if ((path = strchr(arg, ':')) != NULL)
303 if (!path || *path != '/') {
304 xlog(L_ERROR, "Invalid exporting option: %s", arg);
308 if ((htype = client_gettype(hname)) == MCL_FQDN) {
309 ai = host_addrinfo(hname);
311 exp = export_find(ai, path);
312 hname = ai->ai_canonname;
315 exp = export_lookup(hname, path, 0);
318 if (!(eep = mkexportent(hname, path, options)) ||
319 !(exp = export_create(eep, 0)))
321 } else if (!updateexportent(&exp->m_export, options))
325 printf("exporting %s:%s\n", exp->m_client->m_hostname,
326 exp->m_export.e_path);
328 exp->m_mayexport = 1;
331 validate_export(exp);
338 unexportfs(char *arg, int verbose)
341 struct addrinfo *ai = NULL;
346 if ((path = strchr(arg, ':')) != NULL)
349 if (!path || *path != '/') {
350 xlog(L_ERROR, "Invalid unexporting option: %s", arg);
354 if ((htype = client_gettype(hname)) == MCL_FQDN) {
355 ai = host_addrinfo(hname);
357 hname = ai->ai_canonname;
360 for (exp = exportlist[htype].p_head; exp; exp = exp->m_next) {
361 if (path && strcmp(path, exp->m_export.e_path))
363 if (htype != exp->m_client->m_type)
365 if (htype == MCL_FQDN
366 && !matchhostname(exp->m_export.e_hostname,
369 if (htype != MCL_FQDN
370 && strcasecmp(exp->m_export.e_hostname, hname))
374 if (exp->m_exported) {
375 printf("unexporting %s:%s from kernel\n",
376 exp->m_client->m_hostname,
377 exp->m_export.e_path);
381 printf("unexporting %s:%s\n",
382 exp->m_client->m_hostname,
383 exp->m_export.e_path);
386 if (exp->m_exported && !export_unexport(exp))
390 exp->m_mayexport = 0;
396 static int can_test(void)
400 char *setup = "nfsd 0.0.0.0 2147483647 -test-client-\n";
401 fd = open("/proc/net/rpc/auth.unix.ip/channel", O_WRONLY);
402 if ( fd < 0) return 0;
403 n = write(fd, setup, strlen(setup));
407 fd = open("/proc/net/rpc/nfsd.export/channel", O_WRONLY);
408 if ( fd < 0) return 0;
413 static int test_export(char *path, int with_fsid)
418 sprintf(buf, "-test-client- %s 3 %d -1 -1 0\n",
420 with_fsid ? NFSEXP_FSID : 0);
421 fd = open("/proc/net/rpc/nfsd.export/channel", O_WRONLY);
424 n = write(fd, buf, strlen(buf));
432 validate_export(nfs_export *exp)
434 /* Check that the given export point is potentially exportable.
435 * We just give warnings here, don't cause anything to fail.
436 * If a path doesn't exist, or is not a dir or file, give an warning
437 * otherwise trial-export to '-test-client-' and check for failure.
440 char *path = exp->m_export.e_path;
444 if (stat(path, &stb) < 0) {
445 xlog(L_ERROR, "Failed to stat %s: %m", path);
448 if (!S_ISDIR(stb.st_mode) && !S_ISREG(stb.st_mode)) {
449 xlog(L_ERROR, "%s is neither a directory nor a file. "
450 "Remote access will fail", path);
456 if (!statfs64(path, &stf) &&
457 (stf.f_fsid.__val[0] || stf.f_fsid.__val[1]))
460 if ((exp->m_export.e_flags & NFSEXP_FSID) || exp->m_export.e_uuid ||
462 if ( !test_export(path, 1)) {
463 xlog(L_ERROR, "%s does not support NFS export", path);
466 } else if ( ! test_export(path, 0)) {
467 if (test_export(path, 1))
468 xlog(L_ERROR, "%s requires fsid= for NFS export", path);
470 xlog(L_ERROR, "%s does not support NFS export", path);
477 is_hostname(const char *sp)
479 if (*sp == '\0' || *sp == '@')
482 for (; *sp != '\0'; sp++) {
483 if (*sp == '*' || *sp == '?' || *sp == '[' || *sp == '/')
485 if (*sp == '\\' && sp[1] != '\0')
493 * Take care to perform an explicit reverse lookup on presentation
494 * addresses. Otherwise we don't get a real canonical name or a
495 * complete list of addresses.
497 static struct addrinfo *
498 address_list(const char *hostname)
503 ai = host_pton(hostname);
505 /* @hostname was a presentation address */
506 cname = host_canonname(ai->ai_addr);
511 /* @hostname was a hostname or had no reverse mapping */
512 cname = strdup(hostname);
517 ai = host_addrinfo(cname);
523 matchhostname(const char *hostname1, const char *hostname2)
525 struct addrinfo *results1 = NULL, *results2 = NULL;
526 struct addrinfo *ai1, *ai2;
529 if (strcasecmp(hostname1, hostname2) == 0)
533 * Don't pass export wildcards or netgroup names to DNS
535 if (!is_hostname(hostname1) || !is_hostname(hostname2))
538 results1 = address_list(hostname1);
539 if (results1 == NULL)
541 results2 = address_list(hostname2);
542 if (results2 == NULL)
545 if (strcasecmp(results1->ai_canonname, results2->ai_canonname) == 0) {
550 for (ai1 = results1; ai1 != NULL; ai1 = ai1->ai_next)
551 for (ai2 = results2; ai2 != NULL; ai2 = ai2->ai_next)
552 if (nfs_compare_sockaddr(ai1->ai_addr, ai2->ai_addr)) {
558 freeaddrinfo(results1);
559 freeaddrinfo(results2);
563 /* Based on mnt_table_parse_dir() in
564 util-linux-ng/shlibs/mount/src/tab_parse.c */
566 export_d_read(const char *dname)
569 struct dirent **namelist = NULL;
572 n = scandir(dname, &namelist, NULL, versionsort);
575 /* Silently return */
577 xlog(L_NOTICE, "scandir %s: %s", dname, strerror(errno));
581 for (i = 0; i < n; i++) {
582 struct dirent *d = namelist[i];
584 char fname[PATH_MAX + 1];
588 if (d->d_type != DT_UNKNOWN
589 && d->d_type != DT_REG
590 && d->d_type != DT_LNK)
592 if (*d->d_name == '.')
595 #define _EXT_EXPORT_SIZ (sizeof(_EXT_EXPORT) - 1)
596 namesz = strlen(d->d_name);
598 || namesz < _EXT_EXPORT_SIZ + 1
599 || strcmp(d->d_name + (namesz - _EXT_EXPORT_SIZ),
603 fname_len = snprintf(fname, PATH_MAX +1, "%s/%s", dname, d->d_name);
604 if (fname_len > PATH_MAX) {
605 xlog(L_WARNING, "Too long file name: %s in %s", d->d_name, dname);
612 for (i = 0; i < n; i++)
620 dumpopt(char c, char *fmt, ...)
635 struct exportent *ep;
639 for (htype = 0; htype < MCL_MAXTYPES; htype++) {
640 for (exp = exportlist[htype].p_head; exp; exp = exp->m_next) {
643 continue; /* neilb */
644 if (htype == MCL_ANONYMOUS)
647 hname = ep->e_hostname;
648 if (strlen(ep->e_path) > 14)
649 printf("%-14s\n\t\t%s", ep->e_path, hname);
651 printf("%-14s\t%s", ep->e_path, hname);
657 if (ep->e_flags & NFSEXP_READONLY)
658 c = dumpopt(c, "ro");
660 c = dumpopt(c, "rw");
661 if (ep->e_flags & NFSEXP_ASYNC)
662 c = dumpopt(c, "async");
663 if (ep->e_flags & NFSEXP_GATHERED_WRITES)
664 c = dumpopt(c, "wdelay");
665 if (ep->e_flags & NFSEXP_NOHIDE)
666 c = dumpopt(c, "nohide");
667 if (ep->e_flags & NFSEXP_CROSSMOUNT)
668 c = dumpopt(c, "crossmnt");
669 if (ep->e_flags & NFSEXP_INSECURE_PORT)
670 c = dumpopt(c, "insecure");
671 if (ep->e_flags & NFSEXP_ROOTSQUASH)
672 c = dumpopt(c, "root_squash");
674 c = dumpopt(c, "no_root_squash");
675 if (ep->e_flags & NFSEXP_ALLSQUASH)
676 c = dumpopt(c, "all_squash");
677 if (ep->e_flags & NFSEXP_NOSUBTREECHECK)
678 c = dumpopt(c, "no_subtree_check");
679 if (ep->e_flags & NFSEXP_NOAUTHNLM)
680 c = dumpopt(c, "insecure_locks");
681 if (ep->e_flags & NFSEXP_NOACL)
682 c = dumpopt(c, "no_acl");
683 if (ep->e_flags & NFSEXP_FSID)
684 c = dumpopt(c, "fsid=%d", ep->e_fsid);
686 c = dumpopt(c, "fsid=%s", ep->e_uuid);
687 if (ep->e_mountpoint)
688 c = dumpopt(c, "mountpoint%s%s",
689 ep->e_mountpoint[0]?"=":"",
691 if (ep->e_anonuid != 65534)
692 c = dumpopt(c, "anonuid=%d", ep->e_anonuid);
693 if (ep->e_anongid != 65534)
694 c = dumpopt(c, "anongid=%d", ep->e_anongid);
695 switch(ep->e_fslocmethod) {
699 c = dumpopt(c, "refer=%s", ep->e_fslocdata);
702 c = dumpopt(c, "replicas=%s", ep->e_fslocdata);
706 c = dumpopt(c, "fsloc=stub");
710 secinfo_show(stdout, ep);
711 printf("%c\n", (c != '(')? ')' : ' ');
717 error(nfs_export *exp, int err)
719 xlog(L_ERROR, "%s:%s: %s", exp->m_client->m_hostname,
720 exp->m_export.e_path, strerror(err));
724 usage(const char *progname)
726 fprintf(stderr, "usage: %s [-aruv] [host:/path]\n", progname);