X-Git-Url: https://git.decadent.org.uk/gitweb/?p=nfs-utils.git;a=blobdiff_plain;f=ChangeLog;h=08230ab89c28b44513cd3dbce532c1ca3103a249;hp=26fc697c1016605f49943a4a89776115c820145e;hb=aaf1ebff9c894f341dfb7db5ced2c47a5d50e750;hpb=430052cab3c8044ef6d1be7b5a5ded13c45d0c40 diff --git a/ChangeLog b/ChangeLog index 26fc697..08230ab 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,810 @@ +2006-03-28 NeilBrown + 1.0.8-pre3, aclocal/autoconf/automake + +2006-03-28 kwc@citi.umich.edu + Use PKGCONFIG to locate gssapi and rpcsecgss header files + + Instead of having separate copies of the gssapi and rpcsecgss + header files, or depending on the Kerberos gssapi header, + locate the headers now installed with the libgssapi and librpcsecgss + libraries. + + Remove local copies of the gssapi and rpcsecgss header files. + + This depends on the configure_use_autotools patch. + +2006-03-28 kwc@citi.umich.edu + Add debugging to better detect negotiation of enctype not supported by kernel + + Print debugging message indicating the type of encryption keys being sent + down to the kernel. This should make it easier to detect cases where + unsupported encryption types are being negotiated. + (really this time) + +2006-03-28 kwc@citi.umich.edu + + Don't close and reopen all pipes on every DNOTIFY signal. + + From: Vince Busam + Signed-off-by: Kevin Coffman + + Don't unnecessarily close and re-open all pipes after every DNOTIFY + signal. These unnecessary closes were triggering a kernel Oops. + Original patch modified to correct segfault when unmounting last + NFSv4 mount. + +2006-03-28 kwc@citi.umich.edu + Add option to specify directory to search for credentials cache files + + + From: Vince Busam + Signed-off-by: Kevin Coffman + + Add command line option to specify which directory should be searched + to find credentials caches. + (really this time) + +2006-03-28 kwc@citi.umich.edu + Must still use knowledge of the glue context for pre-1.4 versions of MIT krb5 + + We need to get access to the internal krb5 context pointer for + older (pre-1.4) versions of MIT Kerberos. We get a pointer to + the gss glue's context. Get the right pointer before accessing + the context information. + (really this time) + +2006-03-28 kwc@citi.umich.edu + + Remove unused groups variable from get_ids() which was causing a compiler warning. + (really this time) + +2006-03-28 kwc@citi.umich.edu + Update krb5 code to use glue routine lucid context functions + + + + The gssd code should not know about the glue layer's context structure. + A previous patch added gss_export_lucid_sec_context() and + gss_free_lucid_sec_context() functions to the gssapi glue layer. + Use these functions rather than calling directly to the Kerberos + gssapi code (which requires the Kerberos context handle rather + than the glue's context handle). + + (really this time) + +2006-03-28 kwc@citi.umich.edu + + Separate out context handling code for MIT Kerberos and SPKM3 + into their own file. + (Really this time) + +2006-03-28 Kevin Coffman + User-selectable idmapping cache lifetime + + Read and process new configuration option, Cache-Expiration, and use + the value to determine how long idmapping entries are cached. + (Really this time) + +2006-03-27 NeilBrown + 1.0.8-rc3 + +2006-03-27 kwc@citi.umich.edu + Add debugging to better detect negotiation of enctype not supported by kernel + + Print debugging message indicating the type of encryption keys being sent + down to the kernel. This should make it easier to detect cases where + unsupported encryption types are being negotiated. + +2006-03-27 + Don't close and reopen all pipes on every DNOTIFY signal. + + Don't unnecessarily close and re-open all pipes after every DNOTIFY + signal. These unnecessary closes were triggering a kernel Oops. + Original patch modified to correct segfault when unmounting last + NFSv4 mount. + +2006-03-27 + Add option to specify directory to search for credentials cache files + + Add command line option to specify which directory should be searched + to find credentials caches. + +2006-03-27 kwc@citi.umich.edu + Must still use knowledge of the glue context for pre-1.4 versions of MIT krb5 + + We need to get access to the internal krb5 context pointer for + older (pre-1.4) versions of MIT Kerberos. We get a pointer to + the gss glue's context. Get the right pointer before accessing + the context information. + +2006-03-27 Kevin Coffman + Remove unused variable causing compile warning + + Remove unused groups variable from get_ids() which was causing a compiler warning. + +2006-03-27 kwc@citi.umich.edu + Update krb5 code to use glue routine lucid context functions + + The gssd code should not know about the glue layer's context structure. + A previous patch added gss_export_lucid_sec_context() and + gss_free_lucid_sec_context() functions to the gssapi glue layer. + Use these functions rather than calling directly to the Kerberos + gssapi code (which requires the Kerberos context handle rather + than the glue's context handle). + +2006-03-27 Kevin Coffman + Separate out context handling code for MIT Kerberos and SPKM3 + into their own file. + +2006-03-27 Kevin Coffman + Consolidate gssd and svcgssd since they share much code + + Remove directory svcgssd which was only created because the old + build system could not handle building two daemons in the same + directory. This eliminates build complications since gssd and + svcgssd also share many source files. + + This patch effectively removes the utils/svcgssd directory, moving + all its files to the utils/gssd directory. File utils/gssd/Makefile.am + is modified with directions to build both gssd and svcgssd. + +2006-03-27 Kevin Coffman + Use PKGCONFIG to locate gssapi and rpcsecgss header files + + Instead of having separate copies of the gssapi and rpcsecgss + header files, or depending on the Kerberos gssapi header, + locate the headers now installed with the libgssapi and librpcsecgss + libraries. + + Remove local copies of the gssapi and rpcsecgss header files. + + This depends on the configure_use_autotools patch. + +2006-03-27 Kevin Coffman + User-selectable idmapping cache lifetime + + Read and process new configuration option, Cache-Expiration, and use + the value to determine how long idmapping entries are cached. + +2006-03-27 Steve Dickson + Set libnfsidmap library debugging level and logging function. + + This patch adds a call to the new libnfsidmap library function + nfs4_set_debug(), which defines the verbosity level libnfsidmap + should use as well as the logging function. + +2006-03-27 Kevin Coffman + Don't close file descriptor until after calling event_del(). + + Delete event processing for a file descriptor before closing it. + This was causing hangs when used in combination with libevent-1.0b. + +2006-03-27 kwc@citi.umich.edu + Find krb5-config on SuSE 10 + + SuSE 10.0 puts krb5-config in yet another obscure location. + Look for it there and use it if found. + +2006-03-27 Kevin Coffman + Update debian package information. + +2006-03-27 Kevin Coffman + Install /var/lib/nfs files using DESTDIR and add rpcsec headers to distribution + + Add "$(DESTDIR)" to the paths for the "$(statedir)" files so they are + put in the right place when DESTDIR is defined. + + Add the rpcsec header files to EXTRA_DIST list. + +2005-12-21 NeilBrown + *utils/rquotad/rquota_server.c: Detect and handle both old-style + (2.4) and new-style(2.6) quotactl. + *utils/gssd/gss_destroy_cred: remove dependence on "head -1" which + might need to be "head -n 1" + *utils/nhfsstone/nhfsrun: convert "tail -1" to "tail -n 1" + +2005-12-20 Kevin Coffman NeilBrown + Substantial Makefile/configure rewrite. + Run 'autogen.sh' to create "Makefile.in" etc. + + Also add -D_FILE_OFFSET_BITS=64 to CPP_FLAGS so that mountd can + stat and export files larger than 2Gig. + + 1.0.8-rc2 released + +2005-12-20 NeilBrown + support/nfs/exports.c(getexportent): is a null host name is given, + replace it with '*' so we have a non-empty host name for messages + etc. + utils/exportfs/exportfs.man: Correct documentation about default + export options. + +2005-12-20 Kevin Coffman + utils/gssd/gssd_proc.c(create_auth_rpc_client): Use service + portion of clp->servicename rather than hard-coding "nfs". + +2005-12-16 NeilBrown + 1.0.8-rc1 released + +2005-12-16 Kevin Coffman + svcgssd needs -lnfs when using new function closeall(). + + --- + Remove unused argument from nfsdopen() + + After previous changes, the arguement to nfsdopen() has become unused. + Remove it. + + --- + Fix idmapd error reporting after call to mydaemon() + + After call to mydaemon(), calls to err[x] and warn[x] result + in the message going nowhere. Change to using idmapd_* + versions of these routines which write to syslog. + Original problem reported by Vincent Roqueta + with a different patch. + + --- + Don't add @domain to names that cannot be mapped. + + Per rfc3530 section 5.8: when unable to map a uid to a name, don't + add the @domain to the "nobody" name. + + --- + Fix idmapd for systems where sizeof(uid_t)!=4 and sizeof(gid_t)!=4 + + Fix conversion cases where uid_t and gid_t are not 32 bits. + + --- + Don't segfault because mech wasn't filled in because of an error + + From Kevin Coffman + + Initialize mech to null to avoid segfault if an error occurs + and mech is never returned from gss_accept_sec_context. + + --- + Remove use of static buffer in do_downcall + + Signed-off-by: Kevin Coffman + + Dynamically allocate buffer of the correct length rather + than using fixed-length buffer. + + --- + Print better error message if rpc routine clnt_create() fails. + + --- + Print appropriate error messages after gss calls. + + Print gss error messages after calls to gss functions, even if they + are for Kerberos only. + + --- + Update gssd and svcgssd to use the new gss mech glue lucid context calls. + + Signed-off-by: Kevin Coffman + + Update gssd and svcgssd to use a lucid context from SPKM3 to send down + to the kernel. + Update gssd and svcgssd to use the new gss mech glue lucid context calls. + Add configure check to see if spkm3 support is available. + + --- + Add support for CONTINUE_NEEDED return from gss_accept_sec_context. + + Signed-off-by: Kevin Coffman + + Add CONTINUE_INIT handling to svcgssd. Store the partially complete spkm + context handle in the out_handle of CONTINUE_INIT messages so that it is + returned in the in_handle of subsequent messages. + + --- + Replace GSS_C_ANON_FLAG with GSS_C_MUTUAL_FLAG. + + Signed-off-by: Kevin Coffman + + Specify GSS_C_MUTUAL_FLAG rather than GSS_C_ANON_FLAG for + spkm3. + + NOTE: we need a way to pass the appropriate value rather than + hard-coding this flag. + + --- + Increase size of rpc send/receive buffers + + Change the clnt_create() to use routines which allow us to set the + send and receive buffer size. This is needed for larger spkm3 + exchanges including certificate chains. + + This has the side-effect of skipping the portmap call since + we specify the port (by specifying the service) when getting + the server's address information. + + --- + Define _LINUX_QUOTA_VERSION to 1 + + The rquotad code is written against the "old" kernel quota interface. + Fedora Core 4 is the only platform known to check for different + versions, so this should not have any affect on other platforms + and fixes the build for FC4. + + --- + +2005-12-12 Usha Ketineni , NeilBrown + *support/nfs/rpcmisc.c(rpc_init): is stdin is a socket, but + is already connected (as e.g. from ssh), don't assume we + were started by inetd. + +2005-11-03 Steve Dickson NeilBrown + *utils/idmapd/idmaps.c: + + I've recently updated the nfs-utils in rawhide with the + latest patches from the SourceForge CVS tree and the + latest CITI patches (1.0.7-4). + + In testing these patches, I notice that when the server was started + and a SIGHUP was sent to rpc.idmapd to open the nfs4.nametoid/channel + and nfs4.idtoname/channel files, the second open (the nfs4.idtoname one) + failed because the path (i.e. ic->ic_path) was NULL. + + Now the reason the ic_path was NULL was because it was never set + during the call to nfsdopen(). nfsdopen() looks like: + nfsdopen(char *path) + { + return ((nfsdopenone(&nfsd_ic[IC_NAMEID], IC_NAMEID, path) == 0 && + nfsdopenone(&nfsd_ic[IC_IDNAME], IC_IDNAME, path) == 0) ? 0 + : -1); + } + + Note: the call to nfsdopenone() is how the path is set in each nfsd_ic[] + entry and nfsdopen() is only called once. + + So when rpc.idmap comes up and the first call to nfsdopenone() fails + (because the server is not running) the path in nfsd_ic[IC_IDNAME] is + never filled in because the second nfsdopenone() never happen... + + Now there was a CITI patche (idmapd_revert_fix_reopen_on_sighup.dif) + that tried to address this problem but did seem to fix it.. The + attached patch fix the problem by initializing both nfsd_ic[IC_IDNAME] + and nfsd_ic[IC_NAMEID] structures with the needed info... + I figured since there is no way of changing these paths or filenames + by command line args, why not just set them during compile time... + so that's what this patch does. + + This patch also changes how nfsdreopen_one() handles the + case where the event has already been set. Unlike the CITI + patch (idmapd_revert_fix_reopen_on_sighup.dif) which just + just does not register the second event, my patch deletes + the old event and the registers the new one. It just seems like + the right thing to do since a SIGHUP means a new server just + started so we probably should create a new event as well... + + steved. + +2005-10-14 NeilBrown + *utils/mountd/cache.c(nfsd_fh): Understand type 2 and type 3 + filesystem identifiers, which are used with device numbers + That don't fit into 16 bits. + +2005-10-07 Olaf Kirch + * utils/mountd/mountd.c(get_exportlist): Without this patch, + showmount -e would sometimes display host names that should really + have been subsumed under a wildcard entry. + + The problem was that the code in get_exportlist would always + skip the next group entry after removing one FQDN. + +2005-10-06 Steve Dickson NeilBrown + * support/nfs/export.c: don't warn about sync/async for readonly + exports + * support/nfs/closeall.c: new file with function to close all + file descriptors from a give minimum upwards. + * nfsd/mountd/statd/idmapd/gsssvcd: use closeall. + * utils/mountd/mountd.c: Eliminate 3 syslog message that are + logged for successful events. + * utils/mountd/mountd.c: make sure the correct hostname is used in + the SM_NOTIFY message that is sent from a rebooted server which + has multiple network interfaces. (bz 139101) + + Details can be found in: + https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=139101 + + *utils/idmapd/idmapd.c:Fixed subscripting problem in idmapd (bz + 158188) This fixes the following problem: + rpc.idmapd: nfsdreopen: Opening '' failed: errno 2 (No such file or directory) + + Details can be found in: + https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=158188 + + *utils/statd/statd.c(drop_privs): clear st_gid as well as st_uid + of stat fails. + *utils/statd/svc_run.c(my_svc_run): remove usage of undocumented + %m format specifier. + *utils/statd/montor.c(sm_mon_1_svc): as above + *support/nfs/xlog.c(xlog): Changed xlog to use LOG_INFO instead of + LOG_DEBUG so debug messages will appear w/out any config changes + to syslog.conf. + + +2005-09-02 Mike Frysinger + * utils/rquotad/rquota_server.c(getquotainfo): use explicit + struture-member copying rather than memcpy, as the element + sizes are the same on all architectures. + +2005-08-26 Kevin Coffman + Add option to set rpcsec_gss debugging level (if available) + + Changes to allow gssd/svcgssd to build when using Hiemdal Kerberos + libraries. Note that there are still run-time issues preventing + this from working when shared libraries for libgssapi and librpcsecgss + are used. + +2005-08-26 Kevin Coffman + Remove the rpcsec_gss code and rely on an external library instead. + +2005-08-26 Kevin Coffman + *utils/mountd/mountd.c: + mountd currently always returns AUTH_NULL and AUTH_SYS as the + allowable flavors in mount replies. We want it to also return gss + flavors when appropriate. For now as a hack we just have it always + return the KRB5 flavors as well. + + *utils/mountd/cache.c: + + When attempting to mount an NFSv4 pseudofilesystem (fsid=0) and the + actual exported directory does not exist on the server, rpc.mountd + doesn't check the directory exists (when fsidtype=1, i.e. using fsid, + but does check for fsidtype=0, i.e. using dev/ino). The non-existent + exported directory path with fsid=0 is written to the kernel via + /proc/net/rpc/nfsd.export/channel, which leads to path_lookup() to + return ENOENT (seems appropriate). Unfortunately, the new_cache + approach ignores errors returned when writing via the channel file so + that particular error is lost and the mount request is silently ignored. + + Assuming it doesn't make sense to revamp the new_cache/up-call method to + not ignore returned errors, it seems appropriate to fix the case where + rpc.mountd doesn't check for the existence of an exported directory with + fsid= semantics. The following patch does this by moving the stat() up + so it is done for both fsidtype's. I'm not certain whether the other + tests need to be executed for fsidtype=1, but it doesn't appear to hurt + [Not exactly true: the comparison of inode numbers caused problems so + now it's kept for fsidtype=0 only]. + + Would it be also desirable to log a warning for every error, if any, + returned by a write to any of the /proc/net/rpc/*/channel files which + would otherwise be ignored (maybe under a debug flag)? + + * gssd/mountd/svcgssd: Changes gssd, svcgssd, and mountd to ignore a + SIGHUP rather than dying. + + * many: Remove the gssapi code and rely on an external library instead. + +2005-08-26 Kevin Coffman + * utils/exportfs/exports.man: Document the "crossmnt" export export option + * utils/gssd/krb5_util.c: + Add better debugging and partially revert the function + check for gss_krb5_ccache_name. + + For MIT Kerberos releases up to and including 1.3.1, we *must* + use the routine gss_krb5_ccache_name to get the K5 gssapi code + to use a different credentials cache. + + For releases 1.3.2 and on, we want to use the KRB5CCNAME + environment variable to tell it what to use. + (A problem was reported where 1.3.5 was being used, our + code was using gss_krb5_ccache_name, but the underlying + code continued to use the first (or default?) credentials + cache. Switching to using the env variable fixed the problem. + I cannot recreate this problem. + + *utils/gssd/krb5_util.c: + Andrew Mahone reported that reiser4 + always has DT_UNKNOWN. He supplied patch to move the check + for regular files after the stat() call to correctly find + ccache files in reiser4 filesystem. + + Also change the name comparison so that the wrong file is + not selected when the substring comparison is done. + + *utils/gssd/krb5_util.c: + Limit the set of encryption types that can be negotiated by + the Kerberos library to those that the kernel code currently + supports. + + This should eventually query the kernel for the list of + supported enctypes. + + *utils/gssd/gss_util.c, utils/svcgssd/svcgssd_main_loop.c: + Print more information in error messages to help debugging failures. + + *utils/svcgssd/svcgssd_proc.c: Increase token buffer size and + update error handling so that a response is always sent. + + *utils/svcgssd/svcgssd_proc.c: Add support to retrieve + supplementary groups. + + +2005-08-26 Kevin Coffman + * configure.in etc + Consolidate some of the Kerberos checking instead of repeating + the same things for MIT and Heimdal. + Also adds more checks to distinguish 32-bit from 64-bit + (mainly for gssapi.h) + Fix svcgssd Makefile so make TOP=../../ works correctly there. + Enable running a modern autoheader. + * utils/gssd/gss_oids.c: Use correct OID value for SPKM-3 + * utils/gssd/gss_util.c: Fix build with older MIT releases that do not define GSS_C_NT_HOSTBASED_SERVICE + * utils/gssd/write_bytes.h, support/include/gssapi/gssapi.h: + Length of gss_buffer_desc is a size_t which is 64-bits on a + 64-bit machine. Kernel code expects 32-bit integer for length. + Coerce length value into a 32-bit value when reading from or + writing to the kernel. + Change gssapi.h to use datatype size values obtained from + configure rather than hard-coded values. + * utils/idmapd/idmapd.c: The EV_INIT check here was wrong, and was + causing idmapd to become unresponsive to server requests after + receiving a sighup. + * utils/idmapd/idmapd.c: Idmapd should flush the server id<->name + caches when its started. + +2005-04-12 G. Allen Morris III + + * All Makefile: added TOP as needed for easier compile. + + * utils/nfsstat/nfsstat.c: added NFS V4 support; added the -m + option; Added -2, -3, and -4 options; changed -a option to -v + option; added long options; changed default output to not + show V2 NFS statistics unless used. + + * utils/nfsstat/nfsstat.man: Documented above changes; changed + authors email address; added BUGS section. + +2005-04-07 Chip Salzenberg + + * debian/changelog: Version 1.0.7-2. + +2005-04-06 Chip Salzenberg + + * config.guess, config.sub: Update. + + * support/rpc/svc_auth_gss.c (_svcauth_gss): Avoid using a cast as + an lvalue, as it is non-portable. + + * support/nfs/exports.c (parseopts): Accept "acl" option to mean + ~NFSEXP_NOACL, and "no_acl" to mean NFSEXP_NOACL. + (putexportent): Report NFSEXP_NOACL as "no_acl", and ~NFSEXP_NOACL + as "acl". + * utils/exportfs/exportfs.c (dump): Report NFSEXP_NOACL as + "no_acl". + * utils/exportfs/exports.man: Document "no_acl". + +2005-03-14 NeilBrown + Denis Vlasenko + * support/export/client.c(client_init and client_gettype): + treat N.N.N.N as a special case of MCL_SUBNETWORK instead of + MCL_FQDN + +2005-03-06 G. Allen Morris III + * support/nfs/cacheio.c(readline): Could not read lines greater + than 128 bytes. [1157791] + * utils/exportfs/exports.man: Added a SEE ALSO section and + fixed 2 typos. [1018450] + +2005-02-28 Trond Myklebust + * utils/statd/rmtcall.c(statd_get_socket): If a port number is + explicitly given, make sure to try to bind to that. + +2005-01-11 Chip Salzenberg + + * debian/changelog: Version 1.0.7-1. + * debian/nfs-common.default (NEED_IDMAPD, NEED_GSSD): + Disable by default, on advice of upstream. + * debian/nfs-kernel-server.default (NEED_SVCGSSD): + Likewise. + + * utils/svcgssd/Makefile (predep): Symbolically link duplicated + source files. + (distclean): Remove symlinks to duplicated files. + +2004-12-17 NeilBrown + Release 1.0.7 + + * config.mk, configure.in: update version number, run autoconf + * configure.in: require nfsidmap.h if gss is enabled. + +2004-12-10 NeilBrown + Release 1.0.7-pre2 + + * config.mk, configure.in: update version number, run autoconf + +2004-12-10 Neil Brown + * README : note dependancy on kerberos, libevent, and nfsidmap + * configure.in : fail if --enable-nfsv4 and libevent or + libnfsidmap are missing. + * configuyre.in: improve message if krb5 support is missing + +2004-12-06 Paul Clements + * support/include/ha-callout.h: get return status from waitpid + correctly. + * support/include/ha-callout.h: don't ignore SIGCHLD while waiting + for a callout to complete. + * utils/statd/statd.c(sigusr): print current start when re-reading + notify list due to SIGUSR1 + * utils/statd/svc_run.c(my_svc_run): call change_state when + re-notifying clients. + +2004-12-06 Marc Eshel + * utils/statd/svc_run.c(my_svc_run): allow loop to exit when in + MODE_NOTIFY_ONLY + *utils/statd/rmtcall.c(statd_get_socket): if a hostname is given + to statd with -n, prefer it's IP address to the default for + listening on. + +2004-12-06 Bruce Allan + * utils/mountd/auth.c(auth_reload) Clear the "my_client" cache on + an auth_reload to avoid old data getting used. + +2004-12-03 NeilBrown + Release 1.0.7-pre1 for testing + + * config.mk, configure.in: update version number, run autoconf + +2004-12-03 Trond Myklebust + + * utils/statd/statd.c(main): ignore SIGPIPE + +2004-11-22 "J. Bruce Fields" + + * tools/rpcdebug/rpcdebug.c: support aliases "nfsdebug" and + "nfsddebug" and update flag names. + * configure.in, nodist/* redhat/* nfs-utils.spec*: remove redhat + specific files (as no-one actually uses them, especially not + redhat), and the nodist /etc files (as they drift out-of-date, and + the debian directory provides a suitable example. + * utils/svcgssd_proc.c(get_ids): fix memory leak + * utils/svcgssd/svcgssd_proc.c: Rely on count of the number of + groups instead of using a special guard value to identify the end + of the list. + * utils/idmapd/idmapd.c: don't allow Default domain and anon-uid + or -gid to be specified on command line. + * utils/idmapd/idmapd.c: improve error messages + * utils/idmapd/idmapd.c: Reopen nfsd files on sighup. Allows us + to start up client side only (even when nfsd module not loaded), + and then sighup later after insmodding nfsd module. + * utils/idmapd/idmapd.c: Make sure we catch all errors on + daemonizing by waiting for child to report succesfull startup + using a pipe. + * utils/idmapd/idmapd.c: Let libnfsidmapd parse the idmapd.conf + file for the default domain, instead of doing that ourselves. + * utils/gssd/gssd_proc.c: Make sure we get an error when a gssd + downcall fails. + * utils/gssd/gssd_proc.c: We were forgetting to restore the euid + on certain failures, which meant gssd could get stuck in a state + where it didn't have permissions to read the files in rpc_pipefs + that it needed to. + * utils/gssd/gssd_proc.c: Use libnfsidmapd to map gss principals + to uids. + * debian/nfs-kernel-server.default: Document the NEED_SVCGSSD + variable in /etc/default/nfs-kernel-server. + + +2004-11-22 NeilBrown + + * utils/exportfs/nfsd.man: corrected typo in .BR macro usage - + reported by Eric Raymond + +2004-10-19 "J. Bruce Fields" + + * support/gssapi/* support/rpc/* utils/gssd/* utils/svcgssd/* etc + initial support for GSSAPI authentication + +2004-09-15 Neil Brown + + * utils/statd/monitor.c(sm_unmon_1_svc): is RESTRICTED_STATD, then + check IP address and force my_name to 127.0.0.1 to match + what happens in sm_mon_1_svc. This avoid spurious "erroneous + SM_UNMON" messages. + * utils/statd.monitor.c(sm_unmon_all_1_svc): likewise + +2004-09-15 "J. Bruce Fields" + + * Assorted changes to support "gss/*" style authentication + * utils/idmapd: new idmapd daemon for nfsv4 username lookup + +2004-09-06 Trond Myklebust + Neil Brown + + * utils/mountd/auth.c(auth_authenticate_internal): fix + uninitialsed variable problem (causes bad error messages). + +2004-09-06 Paul Clements + Neil Brown + + * utils/mountd/mountd.c(main): support --ha-callout (-H) for + specifying a callout program + * utils/mountd/rmtab.c: Call ha_callout on mount/unmount + * utils/statd/monitor.c: Call ha_callout on add/del client + * utils/statd/rmtcall.c: as above + * utils/statd/statd.c: handle --ha-callout (-H) + * utils/statd/svc_run.c: call notify_hosts is we have received a + sighup + * support/include/ha-callout.h: define ha_callout function + + +2004-08-31 NeilBrown + * utils/mountd/cache.c(cache_process_req): clear fd after + processing so as not to confused libc/sunrpc into thinking + it need to do something with that fd. + +2004-08-31 NeilBrown + + * debian/nfs-kernel-server.init(start,stop) mount the nfsd + filesystem, if available, before starting nfs services, and + unmount it afterwards. + * etc/nodist/nfs-server: ditto + * etc/redhat/nfs.init: likewise + * etc/redhat/nfs: add "MOUNT_NFSD" flag to control above. + +2004-06-08 NeilBrown + + * utils/exportfs/exportfs.c: Don't rmtab_read if new_cache, it + isn't necessary. + * support/nfs/cacheio.c(cache_flush): Change order in which caches + are flushed so that dependancies don't keep things in the cache + too long. + +2004-03-18 Chip Salzenberg + + * debian/changelog: Version 1.0.6-2. + +2004-02-24 NeilBrown + from "J. Bruce Fields" + + * utils/mountd/cache.c: call auth_reload to make sure auth data is + current before responding to kernel upcall. + +2004-02-24 NeilBrown + Based on patch from Greg Banks + + * utils/exportfs/exports.man: Document fsid= option. + +2003-09-15 NeilBrown + + Release 1.0.6 + + * rules.mk: Add dep: rule when no OBJS, so "make dep" works in + support/include, and depend in "predep" + * support/export/Makefile, tools/rpcgen/Makefile, + utils/statd/Makefile: add "predep" rule so that "make dep" works. + * Makefile: allow a simple "make" to run ./configure and "make dep" + if needed. + * configure.in, nfs-utils.spec: Update version to 1.0.6 + * run autoconf + +2003-09-12 Chip Salzenberg + + * debian/changelog: Version 1.0.6-1. + +2003-09-12 NeilBrown + + * utils/mountd/mountd.c(main): Impose FD_SETSIZE as an upper limit + for RLIMIT_NOFILE + * utils/statd/statd.c(main): Ditto. + + michael discovered that svc_setreqsize + in glibc can segfault if RLIMIT_NOFILE is bigger than + FD_SETSIZE, so a simple solution is to impose a hard limit. + +2003-09-09 Chip Salzenberg + + * debian/changelog: Version 1.0.5-3. + * support/export/hostname.c (get_reliable_hostbyaddr): Fix crash + on invalid reverse DNS. + * utils/showmount/showmount.c (main): Fix inet_ntoa() parameter. + * tools/rpcgen/rpc_cout.c (print_header): Remove unused vars. + * tools/rpcgen/rpc_parse.c (def_union): Likewise. + 2003-08-22 Chip Salzenberg * utils/statd/{log.h,log.c}: Rename log() to note() and L_* to