#include "misc.h"
#include "mountd.h"
#include "rpcmisc.h"
+#include "pseudoflavors.h"
extern void cache_open(void);
extern struct nfs_fh_len *cache_get_filehandle(nfs_export *exp, int len, char *p);
static void usage(const char *, int exitcode);
static exports get_exportlist(void);
-static struct nfs_fh_len *get_rootfh(struct svc_req *, dirpath *, mountstat3 *, int v3);
+static struct nfs_fh_len *get_rootfh(struct svc_req *, dirpath *, nfs_export **, mountstat3 *, int v3);
int reverse_resolve = 0;
int new_cache = 0;
static void
unregister_services (void)
{
- if (nfs_version & 0x1)
+ if (nfs_version & (0x1 << 1)) {
pmap_unset (MOUNTPROG, MOUNTVERS);
- if (nfs_version & (0x1 << 1))
pmap_unset (MOUNTPROG, MOUNTVERS_POSIX);
+ }
if (nfs_version & (0x1 << 2))
pmap_unset (MOUNTPROG, MOUNTVERS_NFSV3);
}
+static void
+cleanup_lockfiles (void)
+{
+ unlink(_PATH_XTABLCK);
+ unlink(_PATH_ETABLCK);
+ unlink(_PATH_RMTABLCK);
+}
+
/* Wait for all worker child processes to exit and reap them */
static void
wait_for_workers (void)
/* in parent */
wait_for_workers();
unregister_services();
+ cleanup_lockfiles();
xlog(L_NOTICE, "mountd: no more workers, exiting\n");
exit(0);
}
kill(0, SIGTERM);
wait_for_workers();
}
+ cleanup_lockfiles();
xlog (L_FATAL, "Caught signal %d, un-registering and exiting.", sig);
}
}
bool_t
-mount_null_1_svc(struct svc_req *rqstp, void *argp, void *resp)
+mount_null_1_svc(struct svc_req *UNUSED(rqstp), void *UNUSED(argp),
+ void *UNUSED(resp))
{
return 1;
}
struct nfs_fh_len *fh;
xlog(D_CALL, "MNT1(%s) called", *path);
- fh = get_rootfh(rqstp, path, &res->fhs_status, 0);
+ fh = get_rootfh(rqstp, path, NULL, &res->fhs_status, 0);
if (fh)
memcpy(&res->fhstatus_u.fhs_fhandle, fh->fh_handle, 32);
return 1;
}
bool_t
-mount_dump_1_svc(struct svc_req *rqstp, void *argp, mountlist *res)
+mount_dump_1_svc(struct svc_req *rqstp, void *UNUSED(argp), mountlist *res)
{
- struct sockaddr_in *addr =
- (struct sockaddr_in *) svc_getcaller(rqstp->rq_xprt);
+ struct sockaddr_in *addr = nfs_getrpccaller_in(rqstp->rq_xprt);
xlog(D_CALL, "dump request from %s.", inet_ntoa(addr->sin_addr));
*res = mountlist_list();
}
bool_t
-mount_umnt_1_svc(struct svc_req *rqstp, dirpath *argp, void *resp)
+mount_umnt_1_svc(struct svc_req *rqstp, dirpath *argp, void *UNUSED(resp))
{
- struct sockaddr_in *sin
- = (struct sockaddr_in *) svc_getcaller(rqstp->rq_xprt);
+ struct sockaddr_in *sin = nfs_getrpccaller_in(rqstp->rq_xprt);
nfs_export *exp;
char *p = *argp;
char rpath[MAXPATHLEN+1];
p = rpath;
}
- if (!(exp = auth_authenticate("unmount", sin, p))) {
+ exp = auth_authenticate("unmount", (struct sockaddr *)sin, p);
+ if (exp == NULL)
return 1;
- }
mountlist_del(inet_ntoa(sin->sin_addr), p);
return 1;
}
bool_t
-mount_umntall_1_svc(struct svc_req *rqstp, void *argp, void *resp)
+mount_umntall_1_svc(struct svc_req *rqstp, void *UNUSED(argp),
+ void *UNUSED(resp))
{
/* Reload /etc/xtab if necessary */
auth_reload();
- mountlist_del_all((struct sockaddr_in *) svc_getcaller(rqstp->rq_xprt));
+ mountlist_del_all(nfs_getrpccaller_in(rqstp->rq_xprt));
return 1;
}
bool_t
-mount_export_1_svc(struct svc_req *rqstp, void *argp, exports *resp)
+mount_export_1_svc(struct svc_req *rqstp, void *UNUSED(argp), exports *resp)
{
- struct sockaddr_in *addr =
- (struct sockaddr_in *) svc_getcaller(rqstp->rq_xprt);
+ struct sockaddr_in *addr = nfs_getrpccaller_in(rqstp->rq_xprt);
xlog(D_CALL, "export request from %s.", inet_ntoa(addr->sin_addr));
*resp = get_exportlist();
}
bool_t
-mount_exportall_1_svc(struct svc_req *rqstp, void *argp, exports *resp)
+mount_exportall_1_svc(struct svc_req *rqstp, void *UNUSED(argp), exports *resp)
{
- struct sockaddr_in *addr =
- (struct sockaddr_in *) svc_getcaller(rqstp->rq_xprt);
+ struct sockaddr_in *addr = nfs_getrpccaller_in(rqstp->rq_xprt);
xlog(D_CALL, "exportall request from %s.", inet_ntoa(addr->sin_addr));
*resp = get_exportlist();
bool_t
mount_pathconf_2_svc(struct svc_req *rqstp, dirpath *path, ppathcnf *res)
{
- struct sockaddr_in *sin
- = (struct sockaddr_in *) svc_getcaller(rqstp->rq_xprt);
+ struct sockaddr_in *sin = nfs_getrpccaller_in(rqstp->rq_xprt);
struct stat stb;
nfs_export *exp;
char rpath[MAXPATHLEN+1];
}
/* Now authenticate the intruder... */
- exp = auth_authenticate("pathconf", sin, p);
- if (!exp) {
+ exp = auth_authenticate("pathconf", (struct sockaddr *)sin, p);
+ if (exp == NULL)
return 1;
- } else if (stat(p, &stb) < 0) {
+ else if (stat(p, &stb) < 0) {
xlog(L_WARNING, "can't stat exported dir %s: %s",
p, strerror(errno));
return 1;
return 1;
}
+/*
+ * We should advertise the preferred flavours first. (See RFC 2623
+ * section 2.7.) We leave that to the administrator, by advertising
+ * flavours in the order they were listed in /etc/exports. AUTH_NULL is
+ * dropped from the list to avoid backward compatibility issue with
+ * older Linux clients, who inspect the list in reversed order.
+ *
+ * XXX: It might be more helpful to rearrange these so that flavors
+ * giving more access (as determined from readonly and id-squashing
+ * options) come first. (If we decide to do that we should probably do
+ * that when reading the exports rather than here.)
+ */
+static void set_authflavors(struct mountres3_ok *ok, nfs_export *exp)
+{
+ struct sec_entry *s;
+ static int flavors[SECFLAVOR_COUNT];
+ int i = 0;
+
+ for (s = exp->m_export.e_secinfo; s->flav; s++) {
+ if (s->flav->fnum == AUTH_NULL)
+ continue;
+ flavors[i] = s->flav->fnum;
+ i++;
+ }
+ if (i == 0) {
+ /* default when there is no sec= option: */
+ i = 1;
+ flavors[0] = AUTH_UNIX;
+ }
+ ok->auth_flavors.auth_flavors_val = flavors;
+ ok->auth_flavors.auth_flavors_len = i;
+}
+
/*
* NFSv3 MOUNT procedure
*/
bool_t
mount_mnt_3_svc(struct svc_req *rqstp, dirpath *path, mountres3 *res)
{
-#define AUTH_GSS_KRB5 390003
-#define AUTH_GSS_KRB5I 390004
-#define AUTH_GSS_KRB5P 390005
- static int flavors[] = { AUTH_UNIX, AUTH_GSS_KRB5, AUTH_GSS_KRB5I, AUTH_GSS_KRB5P};
- /*
- * We should advertise the preferred flavours first. (See RFC 2623
- * section 2.7.) AUTH_UNIX is arbitrarily ranked over the GSS's.
- * AUTH_NULL is dropped from the list to avoid backward compatibility
- * issue with older Linux clients, who inspect the list in reversed
- * order.
- */
struct mountres3_ok *ok = &res->mountres3_u.mountinfo;
+ nfs_export *exp;
struct nfs_fh_len *fh;
xlog(D_CALL, "MNT3(%s) called", *path);
- fh = get_rootfh(rqstp, path, &res->fhs_status, 1);
+ fh = get_rootfh(rqstp, path, &exp, &res->fhs_status, 1);
if (!fh)
return 1;
ok->fhandle.fhandle3_len = fh->fh_size;
ok->fhandle.fhandle3_val = (char *)fh->fh_handle;
- ok->auth_flavors.auth_flavors_len = sizeof(flavors)/sizeof(flavors[0]);
- ok->auth_flavors.auth_flavors_val = flavors;
+ set_authflavors(ok, exp);
return 1;
}
static struct nfs_fh_len *
-get_rootfh(struct svc_req *rqstp, dirpath *path, mountstat3 *error, int v3)
+get_rootfh(struct svc_req *rqstp, dirpath *path, nfs_export **expret,
+ mountstat3 *error, int v3)
{
- struct sockaddr_in *sin =
- (struct sockaddr_in *) svc_getcaller(rqstp->rq_xprt);
+ struct sockaddr_in *sin = nfs_getrpccaller_in(rqstp->rq_xprt);
struct stat stb, estb;
nfs_export *exp;
struct nfs_fh_len *fh;
}
/* Now authenticate the intruder... */
- exp = auth_authenticate("mount", sin, p);
- if (!exp) {
+ exp = auth_authenticate("mount", (struct sockaddr *)sin, p);
+ if (exp == NULL) {
*error = NFSERR_ACCES;
return NULL;
}
return NULL;
}
} else {
- if (exp->m_exported<1)
+ int did_export = 0;
+ retry:
+ if (exp->m_exported<1) {
export_export(exp);
+ did_export = 1;
+ }
if (!exp->m_xtabent)
xtab_append(exp);
if (v3)
- fh = getfh_size ((struct sockaddr *) sin, p, 64);
+ fh = getfh_size(sin, p, 64);
if (!v3 || (fh == NULL && errno == EINVAL)) {
/* We first try the new nfs syscall. */
- fh = getfh ((struct sockaddr *) sin, p);
+ fh = getfh(sin, p);
if (fh == NULL && errno == EINVAL)
/* Let's try the old one. */
- fh = getfh_old ((struct sockaddr *) sin,
- stb.st_dev, stb.st_ino);
+ fh = getfh_old(sin, stb.st_dev, stb.st_ino);
}
+ if (fh == NULL && !did_export) {
+ exp->m_exported = 0;
+ goto retry;
+ }
+
if (fh == NULL) {
xlog(L_WARNING, "getfh failed: %s", strerror(errno));
*error = NFSERR_ACCES;
}
*error = NFS_OK;
mountlist_add(inet_ntoa(sin->sin_addr), p);
+ if (expret)
+ *expret = exp;
return fh;
}
+static void remove_all_clients(exportnode *e)
+{
+ struct groupnode *g, *ng;
+
+ for (g = e->ex_groups; g; g = ng) {
+ ng = g->gr_next;
+ xfree(g->gr_name);
+ xfree(g);
+ }
+ e->ex_groups = NULL;
+}
+
+static void free_exportlist(exports *elist)
+{
+ struct exportnode *e, *ne;
+
+ for (e = *elist; e != NULL; e = ne) {
+ ne = e->ex_next;
+ remove_all_clients(e);
+ xfree(e->ex_dir);
+ xfree(e);
+ }
+ *elist = NULL;
+}
+
+static void prune_clients(nfs_export *exp, struct exportnode *e)
+{
+ struct addrinfo *ai = NULL;
+ struct groupnode *c, **cp;
+
+ cp = &e->ex_groups;
+ while ((c = *cp) != NULL) {
+ if (client_gettype(c->gr_name) == MCL_FQDN
+ && (ai = host_addrinfo(c->gr_name))) {
+ if (client_check(exp->m_client, ai)) {
+ *cp = c->gr_next;
+ xfree(c->gr_name);
+ xfree(c);
+ freeaddrinfo(ai);
+ continue;
+ }
+ freeaddrinfo(ai);
+ }
+ cp = &(c->gr_next);
+ }
+}
+
+static exportnode *lookup_or_create_elist_entry(exports *elist, nfs_export *exp)
+{
+ exportnode *e;
+
+ for (e = *elist; e != NULL; e = e->ex_next) {
+ if (!strcmp(exp->m_export.e_path, e->ex_dir))
+ return e;
+ }
+ e = xmalloc(sizeof(*e));
+ e->ex_next = *elist;
+ e->ex_groups = NULL;
+ e->ex_dir = xstrdup(exp->m_export.e_path);
+ *elist = e;
+ return e;
+}
+
+static void insert_group(struct exportnode *e, char *newname)
+{
+ struct groupnode *g;
+
+ for (g = e->ex_groups; g; g = g->gr_next)
+ if (strcmp(g->gr_name, newname))
+ return;
+
+ g = xmalloc(sizeof(*g));
+ g->gr_name = xstrdup(newname);
+ g->gr_next = e->ex_groups;
+ e->ex_groups = g;
+}
+
static exports
get_exportlist(void)
{
static exports elist = NULL;
- struct exportnode *e, *ne;
- struct groupnode *g, *ng, *c, **cp;
+ struct exportnode *e;
nfs_export *exp;
int i;
static unsigned int ecounter;
ecounter = acounter;
- for (e = elist; e != NULL; e = ne) {
- ne = e->ex_next;
- for (g = e->ex_groups; g != NULL; g = ng) {
- ng = g->gr_next;
- xfree(g->gr_name);
- xfree(g);
- }
- xfree(e->ex_dir);
- xfree(e);
- }
- elist = NULL;
+ free_exportlist(&elist);
for (i = 0; i < MCL_MAXTYPES; i++) {
- for (exp = exportlist[i]; exp; exp = exp->m_next) {
- for (e = elist; e != NULL; e = e->ex_next) {
- if (!strcmp(exp->m_export.e_path, e->ex_dir))
- break;
- }
- if (!e) {
- e = (struct exportnode *) xmalloc(sizeof(*e));
- e->ex_next = elist;
- e->ex_groups = NULL;
- e->ex_dir = xstrdup(exp->m_export.e_path);
- elist = e;
- }
-
- /* We need to check if we should remove
- previous ones. */
- if (i == MCL_ANONYMOUS && e->ex_groups) {
- for (g = e->ex_groups; g; g = ng) {
- ng = g->gr_next;
- xfree(g->gr_name);
- xfree(g);
- }
- e->ex_groups = NULL;
+ for (exp = exportlist[i].p_head; exp; exp = exp->m_next) {
+ /* Don't show pseudo exports */
+ if (exp->m_export.e_flags & NFSEXP_V4ROOT)
continue;
- }
-
- if (i != MCL_FQDN && e->ex_groups) {
- struct hostent *hp;
+ e = lookup_or_create_elist_entry(&elist, exp);
- cp = &e->ex_groups;
- while ((c = *cp) != NULL) {
- if (client_gettype (c->gr_name) == MCL_FQDN
- && (hp = gethostbyname(c->gr_name))) {
- hp = hostent_dup (hp);
- if (client_check(exp->m_client, hp)) {
- *cp = c->gr_next;
- xfree(c->gr_name);
- xfree(c);
- xfree (hp);
+ /* exports to "*" absorb any others */
+ if (i == MCL_ANONYMOUS && e->ex_groups) {
+ remove_all_clients(e);
continue;
- }
- xfree (hp);
- }
- cp = &(c->gr_next);
- }
}
+ /* non-FQDN's absorb FQDN's they contain: */
+ if (i != MCL_FQDN && e->ex_groups)
+ prune_clients(exp, e);
- if (exp->m_export.e_hostname [0] != '\0') {
- for (g = e->ex_groups; g; g = g->gr_next)
- if (strcmp (exp->m_export.e_hostname,
- g->gr_name) == 0)
- break;
- if (g)
- continue;
- g = (struct groupnode *) xmalloc(sizeof(*g));
- g->gr_name = xstrdup(exp->m_export.e_hostname);
- g->gr_next = e->ex_groups;
- e->ex_groups = g;
- }
+ if (exp->m_export.e_hostname[0] != '\0')
+ insert_group(e, exp->m_export.e_hostname);
}
}
usage(argv [0], 1);
}
- /* No more arguments allowed. */
- if (optind != argc || !(nfs_version & 0x7))
+ /* No more arguments allowed.
+ * Require at least one valid version (2, 3, or 4)
+ */
+ if (optind != argc || !(nfs_version & 0xE))
usage(argv [0], 1);
if (chdir(state_dir)) {
if (new_cache)
cache_open();
- if (nfs_version & 0x1)
+ if (nfs_version & (0x1 << 1)) {
rpc_init("mountd", MOUNTPROG, MOUNTVERS,
mount_dispatch, port);
- if (nfs_version & (0x1 << 1))
rpc_init("mountd", MOUNTPROG, MOUNTVERS_POSIX,
mount_dispatch, port);
+ }
if (nfs_version & (0x1 << 2))
rpc_init("mountd", MOUNTPROG, MOUNTVERS_NFSV3,
mount_dispatch, port);
projects / nfs-utils.git / blobdiff