X-Git-Url: https://git.decadent.org.uk/gitweb/?p=nfs-utils.git;a=blobdiff_plain;f=ChangeLog;h=1a9e642d33c7df87608b4a589f52eab82199b746;hp=382eba37b462ca7945873a1dab5573745553aefc;hb=c3203ff9a940e1e2270e06673eca77066aabd77c;hpb=fe3b14834fc863200b6cba08cff348688e37243b diff --git a/ChangeLog b/ChangeLog index 382eba3..1a9e642 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,674 @@ +Author: Steinar H. Gunderson +Date: Wed Sep 13 22:23:23 CEST 2006 + + Fix -n option to mountd + + The getopt_long() option string in mountd was having a spurious + colon after the 'n', leading to the short form of --no-tcp not + being usable (expecting a parameter, contrary to the long form + and the documentation). Fix. + +Author: Steinar H. Gunderson +Date: Wed Sep 13 22:19:39 CEST 2006 + + Document sensitive gids + + The exports(8) man page already mentions that some non-root users, + such as bin, might be just as sensitive as root, and that root_squash + thus might not be as effective as one could hope for. Update the + documentation to also mention that this could be the case for non-root + groups, such as staff. + +Author: NeilBrown +Date: Mon Aug 7 16:35:03 AEST 2006 + + Set version to 1.0.10 + Note: 1.0.10 should be used in preference to + 1.0.9 especially with kernels 2.6.18 and later + otherwise 'rpc.nfsd N' won't work to change the + number of threads after nfsd has been started. + +Author: NeilBrown +Date: Mon Aug 7 16:35:03 AEST 2006 + + support/nfs/nfssvc.c: if any ports are already open, + don't try to open any more. + This means that once nfsd is running + rpc.nfsd X + will just change the number of threads, not the + ports in use. + +Author: NeilBrown +Date: Mon Aug 7 14:01:35 AEST 2006 + + Remove warning if neither 'sync' or 'async' present. + Add warning of neither 'subtree_check' or 'no_subtree_check' present. + +commit 7194d7d6320736c14f40d31c3738d40f3119ead5 +Author: Kevin Coffman +Date: Sat Jul 8 10:01:40 2006 +1000 + + Use uid/gid of -1 to indicate the export's anonuid/anongid should be used + + Kernel routine nfsd_setuser() in fs/nfsd/auth.c checks for the + value -1 and defaults the credential's fsuid/fsgid to the + correct anonuid/anongid values for the given export. We should + be passing this value (-1) down when a name mapping cannot be found. + Thanks to J. Bruce Fields for the reference. + + Signed-off-by: Kevin Coffman + Acked-by: J. Bruce Fields + +commit b0604c623f7a98c6061dff19988722d3ae848bd7 +Author: Kevin Coffman +Date: Sat Jul 8 09:58:03 2006 +1000 + + Change svcgssd_LDFLAGS to match gssd_LDFLAGS + +commit 99414bd3eecf93f23c378d3bb3d45bc98f364abc +Author: Neil Brown +Date: Sat Jul 8 09:41:58 2006 +1000 + + Disable building/installing mount.nfs by default. + + mount.nfs does not yet support 'user' option and some others. + To make it support this we need to make it setuid-root, and + some security isses need to be resolved before that can be done + safely. + +commit b0c3cbfee702c019dab0a22557bbf38e24dfcee1 +Author: Steve Dickson +Date: Sat Jul 8 09:35:02 2006 +1000 + + Call nfssvc_versbits before nfssvc_setfds + + nfssvc_versbits() has to be called before nfssvc_setfds() + for the version processing to work correctly + +commit 26fff911b21943f20e3937ae3f2d29a1572d2309 +Author: Neil Brown +Date: Thu Jul 6 13:05:11 2006 +1000 + + Only use -rpath for Kerberos libs when actually needed. + + Avoid usage of -rpath is generally safer, and is required by Debian policy. + +commit 28a7603b719f8d35bf22fd3018b610b489fec78f +Author: Neil Brown +Date: Thu Jul 6 12:28:33 2006 +1000 + + Use 65534 instead of -2 in svcgssd_proc.c + + as this is more consistant across achitectures. + +commit 904de920ea4da3ad5604c417f0d784fcda83ed2a +Author: Shankar Anand +Date: Tue Jul 4 08:50:56 2006 -0600 + + This patch adds code to nfsstat to read /proc/net/rpc/nfsd for nfsv4 server statistics and print them. + + Submitted by: Shankar Anand + +commit 2179c112b9a386ca3d51d0e19390ddfadd745030 +Author: Steinar H. Gunderson +Date: Wed Jul 5 15:55:45 2006 +1000 + + Fix typos in various man pages. + +commit 3419e37500dfd19cb2c246260dbd2bc0ee4704d4 +Author: Steinar H. Gunderson +Date: Wed Jul 5 15:51:30 2006 +1000 + + Use 65534 for anon uid/gid rather than -2 + + This is more consistant across platforms. + +commit 65735eef8a9441901245f6047edafc50f2d97c97 +Author: Greg Banks +Date: Wed Jul 5 13:37:21 2006 +1000 + + Update rpcdebug to know about new 2.6 debug flags. Added + a manpage and installed rpcdebug (in sbindir). + +commit 23b3a9d0284d78cb6bf96b8cd44e9a4662ff60ae +Author: Greg Banks +Date: Wed Jul 5 12:22:45 2006 +1000 + + Ignore new generated files. + +commit 89053f3f440b629911cb994a293d5be73bb79bf9 +Author: Greg Banks +Date: Wed Jul 5 12:20:20 2006 +1000 + + Add rquota.h to BUILT_SOURCES so rquotad builds on the first try. + +commit 66f9d8251c92124e46a209c47e5c0f7d3a0c4e6e +Author: Neil Brown +Date: Wed Jul 5 11:06:09 2006 +1000 + + Generate rquota_xdr.c and rquota.h from rquota.x + + rquota_svc.c is still by-hand as it contains alot of extras. + These should really be moved to rquota_server.c + +commit 9f5b40b7a68fe0a2648565ecbd4b08bf60287130 +Author: Neil Brown +Date: Wed Jul 5 10:41:03 2006 +1000 + + Remove some files that old, unused, unneeded. + + deleted: support/export/keys.c + deleted: support/include/rpcdispatch.h + deleted: support/include/rpcsec.h + deleted: support/include/version.h + deleted: support/include/ypupdate.h + deleted: support/nfs/clients.c + deleted: support/nfs/keytab.c + deleted: support/nfs/ypupdate_xdr.c + deleted: support/rpc/include/Makefile.am + deleted: tools/rpcdebug/neat_idea.c + deleted: utils/mountd/mount_xdr.c + deleted: utils/rquotad/pathnames.h + +commit fbb1602bbd34cbe89dd55ca6eaaa19432237db1d +Author: Neil Brown +Date: Wed Jul 5 10:30:51 2006 +1000 + + Avoid error creating an existing symlink + + Just remove the link first. + +commit 0bc710a5a2b695039613a917e009dba3552ab1cc +Author: kwc@citi.umich.edu +Date: Mon Jul 3 18:33:54 2006 -0400 + + Don't depend on Kerberos headers when checking librpcsecgss in configure + + Signed-off-by: Kevin Coffman + + Older versions of MIT Kerberos are missing an OID definition, causing + the configure checks for librpcsecgss to fail. We shouldn't be depending + on their libraries during the configure. + +commit 5bfa10c94c44f082dc211a5fb431e2202ea9bb35 +Author: Greg Banks +Date: Tue Jul 4 18:33:56 2006 +1000 + + Eliminate warnings from code generated by rpcgen + + - unused variable 'buf' + - emit a declaration for `buf' on demand. + - unused variable 'i' + - declare i immediately before use + - unused value from IXDR_PUT_ + - cast to (void) + - type-punned pointer reference + - cast to (void*) first :-( + +commit acae444246635ec2ca8990d53e685c9062d73091 +Author: kwc@citi.umich.edu +Date: Mon Jul 3 18:34:43 2006 -0400 + + Handle mapping failure from get_ids. + + Signed-off-by: Kevin Coffman + + Temporary patch to do default mapping if we get an error while trying to + map a gss principal to the appropriate uid/gid. This currently returns + hardcoded values. This may be correct, or we may need to try and figure + out the correct values to match the anonuid/anongid for the export. + +commit 1f1b05a65ef3dc6597c7bc1e2a38f38ae95bf230 +Author: kwc@citi.umich.edu +Date: Mon Jul 3 18:34:38 2006 -0400 + + Properly report errors in readline() function + + Signed-off-by: Kevin Coffman + + Change message priorities for errors and debug messages. + +commit ee664fd246d77010af13fb557407c612752a5ea8 +Author: kwc@citi.umich.edu +Date: Mon Jul 3 18:34:33 2006 -0400 + + Change default buffer size increment for readline() + + Signed-off-by: Kevin Coffman + + The readline routine expects much smaller messages than we are passing. + Change the default initial allocation and increment value from 128 + to 2048. This saves many calls to realloc(). + +commit 3da69ce5c4fac5677e91aa20e60750ab8de2ab97 +Author: kwc@citi.umich.edu +Date: Mon Jul 3 18:34:27 2006 -0400 + + Clean up the printerr() logging function. + + Signed-off-by: Kevin Coffman + + Update the printerr() function to: + + 1) Determine whether we'll print the message before going to all the + work of formatting it. + 2) Don't just toss away messages that are too long for the buffer. + Print what we can and give an indication of the truncation with + "..." at the end. + 3) Use a single buffer rather than two. + 4) Messages either go to syslog (with level ERR) or stderr. Don't + send some messages to syslog level DEBUG. + +commit 0b2a5b574c7ffd99aa3226d36e1d261826405625 +Author: kwc@citi.umich.edu +Date: Mon Jul 3 18:34:21 2006 -0400 + + Use setfsuid() rather than seteuid() while creating contexts + + Signed-off-by: Kevin Coffman + + As suggested by Olaf Kirch , use setfsuid() rather than + seteuid() when creating a gss context. This prevents users from using + credentials that do not belong to them, while also preventing them from + doing things like killing, renicing, or changing the priority of the + gssd process while it is processing the context creation. + +commit 0f899e6d862994ffb437ae73e087c4a21ab59723 +Author: kwc@citi.umich.edu +Date: Mon Jul 3 18:34:16 2006 -0400 + + Limit acquire_cred call to to Kerberos only + + Signed-off-by: Kevin Coffman + + Specify that the acquire_cred call should only be concerned with returning + Kerberos credentials since this is Kerberos-only functionality. + +commit 3829bb90e764cd72c0009cb32a8b39d0fab89d81 +Author: kwc@citi.umich.edu +Date: Mon Jul 3 18:34:10 2006 -0400 + + Check that the gssapi library is usable early on. + + Signed-off-by: Kevin Coffman + + Do a call to determine mechanisms supported by the gssapi library early. + This allows us to discover early in case the gssapi library is somehow + misconfigured. We can bail out early and give a meaningful message + rather than getting errors on each attempt at a context negotiation. + +commit 119c3e9aafe84c0f7c2846c46ad5e6f5eeece0da +Author: kwc@citi.umich.edu +Date: Mon Jul 3 18:34:05 2006 -0400 + + Fix problems with 64-bit big-endian machines + + Signed-off-by: Kevin Coffman + + Correct the definition of mech_used in the gss context to use gss_OID_desc. + This fixes problems on 64-bit machines when referencing the OID. + + Also updates write_buffer function to use u_int rather than size_t when + doing calculations. + +commit c3f05548d7b3d586e7eebbdde9339617e88530f3 +Author: kwc@citi.umich.edu +Date: Mon Jul 3 18:33:59 2006 -0400 + + Define CFLAGS for gss_clnt_send_err compile + + Signed-off-by: Kevin Coffman + + Add CFLAGS to make sure we find and use the correct gssapi.h when + building gss_clnt_send_err + +commit 4e9ed06f8f8a0cd9f34a6830c0ff14344a528042 +Author: Greg Banks +Date: Mon Jul 3 15:59:54 2006 +1000 + + Use socklen_t some more to avoid warnings. + +commit 6c40236820fda8960af891f41aa9d53f8bbe50a2 +Author: Greg Banks +Date: Mon Jul 3 15:39:41 2006 +1000 + + Fix warning about pointer signedness differing. + +commit 3bf702b1a914b3867117b74d519c55fa68f4dc28 +Author: Greg Banks +Date: Mon Jul 3 15:17:34 2006 +1000 + + Include the right header to get xmalloc() declaration. + +commit 940c7c304d4a43c00c27529cdddc7c87db6eef87 +Merge: b90d201... a503848... +Author: Greg Banks +Date: Mon Jul 3 14:21:48 2006 +1000 + + Merge branch 'master' of git://linux-nfs.org/nfs-utils + +commit b90d201551aaa712c011c3d5de900fad714a26a6 +Author: Greg Banks +Date: Tue Jun 27 21:30:18 2006 +1000 + + Comment out unused variable. + +commit 33beb42d3d2cd13a82ddbbdc4275d2a048030ae3 +Author: Greg Banks +Date: Tue Jun 27 21:22:59 2006 +1000 + + Comment out the decades-old SCCS id strings from the original Sun + distribution. They cause compile warnings, there is no longer any + reason to try to build them into the binaries, and gcc seems to be + eliding some of them anyway. + +commit 3172063ead6b99611d049a59938808a6358f48a4 +Author: Greg Banks +Date: Tue Jun 27 20:55:07 2006 +1000 + + Detect if glibc provides socklen_t and use that instead + of int in those cases which generate compile warnings, + e.g. the last argument of recvfrom(). + +commit a09eeb36c2c45151b9bb89f5015da0c584799716 +Author: Greg Banks +Date: Tue Jun 27 20:28:02 2006 +1000 + + Replace the deprecated sigblock() with more modern + signal functions to avoid compile warnings. + +commit 93608a52655abf5ac23404c4b5cc05fe575a9c04 +Author: Greg Banks +Date: Thu Jun 22 18:01:10 2006 +1000 + + Fix a number of the easier compile warnings: unused variables, + unused labels, constness, signedness. + +commit a07343ee0da4f0974a23b673ae1b0d482c7426a1 +Author: Greg Banks +Date: Thu Jun 22 17:31:24 2006 +1000 + + Detect presence of nfs4_set_debug() in libnfsidmap and + don't bother calling it if it's missing. + +commit dcfcb677b39443b6392db3234fd50498bc158507 +Author: Greg Banks +Date: Thu Jun 22 17:19:17 2006 +1000 + + Remove useless m4 quoting around args to PKG_CHECK_MODULES(). + +commit 24d303ffae686192bda0a5996e8590219dcc82e7 +Author: Greg Banks +Date: Thu Jun 22 17:16:19 2006 +1000 + + Do m4 quoting of AC_MSG_ERROR() and AC_MSG_WARN() as + the autoconf people intended. This avoids errors in + autoconf on SLES10. + +commit 66a699d953727d3a992cc09ed5304b83d661a737 +Author: Greg Banks +Date: Thu Jun 22 16:51:44 2006 +1000 + + Add a .gitignore file to suppress the files generated + during autogen, configure and build. +commit 49b164d978ee6266df7ba0bd335cb34337e7c381 +Author: Steve Dickson +Date: Mon Jul 3 09:52:00 2006 +1000 + + Allow rpc.nfsd to suppress tcp or udp, and listen on a specific address. + + -T - will suppressing listening for TCP connection. + -U - will suppress UDP + -H host - will only listen on that local address + -p port - will listen on that port. + + This requires kernel patches which will hopefully be in 2.6.19 and possibly some + earlier test and vendor kernels. + +commit fde2ae7794047a698feeaf17963d690a1e660a80 +Author: Steve Dickson +Date: Mon Jun 26 15:23:19 2006 +1000 + + Add support for suppressing different NFS versions. + + e.g. -N 2 + means that NFSv2 won't be supported, just v3 and v4 (if the kernel + supports them). + +commit 0523fd513c6baa8dbf45d1a7afea2044262aeb3d +Author: Neil Brown +Date: Fri Jun 23 17:10:56 2006 +1000 + + Further coverity related cleanups. + + Greg Banks suggested some variations, particularly improved + use of xmalloc/xstrdup functions. Thanks. + +commit 2e075a16da4963f54cd556403ca9e15a68de27fd +Author: Neil Brown +Date: Fri Jun 23 14:38:33 2006 +1000 + + Fix various issues discovered by Coverity + + Thanks to Michael Halcrow for finding them. + +commit ff42180930a444cea7f19e55e2cd2bfe6d3f108b +Author: Neil Brown +Date: Fri Jun 23 14:06:00 2006 +1000 + + Fix comment parsing (again) + + Bruce Fields noticed that I broke comment parsing... + + as xskip() is always called before xgettok(), that is the + best place to put xskipcomment and still maintain proper + semantics of xskip and xgettok. + +commit bec968578d97eabc63ae4a12bdeb2b33f40baec4 +Author: Amit Gud +Date: Thu Jun 22 12:51:04 2006 -0400 + + Change mount configure option to --enable-mount + + Change the configure option from --with-mount to --enable-mount. + + Signed-off-by: Amit Gud + Signed-off-by: Steve Dickson + +commit ceeffc1f76485b4084b2c61f4ff3c40e4f51c3b8 +Author: Amit Gud +Date: Thu Jun 22 12:49:24 2006 -0400 + + Merge nfsmount.x and mount.x into mount.x + + + Merge utils/mount/nfsmount.x and support/export/mount.x into support/export/mount.x. + + Signed-off-by: Amit Gud + Signed-off-by: Steve Dickson + +commit c2db41e8abb6ddc9d03a0c91c6db043fa0f85a8f +Author: Neil Brown +Date: Fri Jun 23 13:37:08 2006 +1000 + + Try to make sure that clientid used for NFSv4 is reliable. + + We need to give an IP address to identify this client to the + server. + The current code does a gethostbyname of the hostname. One + some systems this returns 127.0.0.1 or similar, which is not useful. + + Instead, use getsockname of the sock used to connect to the server + to confirm that the server is working. This gives the address on the + interface that was chosen to talk to that server, which is the + best address we can find (if there is a NAT in the way, it might + still not work, but in that case there is nothing we can do). + +commit 11d34d11153df198103a57291937ea9ff8b7356e +Author: Greg Banks +Date: Wed Jun 14 22:48:10 2006 +1000 + + multiple threads for mountd + + + How about the attached patch against nfs-utils tot? It + adds a -t option to set the number of forked workers. + Default is 1 thread, i.e. the old behaviour. + + I've verified that showmount -e, the Ogata mount client, + and a real mount from Linux and IRIX boxes work with and + without the new option. + + I've verified that you can manually kill any of the workers + without the portmap registration going away, that killing + all the workers causes the manager process to wake up and + unregister, and killing the manager process causes the + workers to be killed and portmap unregistered. + + I've verified that all the workers have file descriptors + for the udp socket and the tcp rendezvous socket, that + connections are balanced across all the workers if service + times are sufficiently long, and that performance is + improved by that parallelism, at least for small numbers + of threads. For example, with 60 parallel MOUNT calls + and a testing patch to make DNS lookups take 100 milliseconds + time to perform all mounts (averaged over 5 runs) is: + + num elapsed + threads time (sec) + ------ ---------- + 1 13.125 + 2 6.859 + 3 4.836 + 4 3.841 + 5 3.303 + 6 3.100 + 7 3.078 + 8 3.018 + + Greg. + -- + Greg Banks, R&D Software Engineer, SGI Australian Software Group. + I don't speak for SGI. + +commit db96d056578338dd1bb0371dc84638973c187ec6 +Author: Neil Brown +Date: Fri Jun 16 13:16:09 2006 +1000 + + Remove some temporary files that shouldn't be in 'git'. + + deleted: compile + deleted: config.guess + deleted: config.sub + deleted: depcomp + deleted: install-sh + deleted: ltmain.sh + deleted: missing + +commit 82b53188aaffad0e237461f8f1274794166feb3a +Author: Neil Brown +Date: Fri Jun 16 13:09:26 2006 +1000 + + Add support to auto-generate nfsmount* files for new nfs.mount program + +commit 4e2bae795e5eaf9922f0b966ab5df64994c836a2 +Author: Amit Gud +Date: Mon Jun 12 19:08:27 2006 -0400 + + Move NFS mount code from util-linux to nfs-utils - part 2 + + Adds the support functions needed for mount and umount. This + functionality will someday be available in the form of shared mount + library. + + Signed-off-by: Amit Gud + Signed-off-by: Steve Dickson + +commit a0520fa1a41bd33815b331b660b4545f2723495c +Author: Amit Gud +Date: Mon Jun 12 19:06:36 2006 -0400 + + Move NFS mount code from util-linux to nfs-utils - part 1 + + Adds the mount directory and the code to mount and umount the NFS file system. + + Signed-off-by: Amit Gud + Signed-off-by: Steve Dickson + +2006-06-05 NeilBrown + - Remove debian/ at request of Debian maintainer "Steinar H. Gunderson" + - fix_exportfs_with_multiple_matches.diff: Fixes a problem with exportfs -o + and multiple entries of the same type for the same patch that matches + a given client. The entire rationale and problem description can be found + at http://bugs.debian.org/245449 (fumihiko kakuma ) + - escape hashes in exports + Makes sure any # signs in the printed-out exports file are + escaped (as with quotes, spaces, etc.), so they won't be treated + as a comment when they're read back in again. + "Steinar H. Gunderson" + - Only treat '#' as starting a comment when at the start of a + token, otherwise '#' in filenames cannot be read. + NeilBrown + - document sync option: + Document the 'sync' option in the exports(5) man page -- ATM + only the 'async' option is documented, which is not very + symmetric. :-) "Steinar H. Gunderson" + - mountd state directory: + Let the user select (via a new parameter) the path to the NFS + state directory for mountd, to match the statd functionality. + "Steinar H. Gunderson" + - fix nhfsrun signal: + nhfsrun is supposed to be able to be signalled with SIGUSR1, but + the signal trapped is number 30, which is something else + entirely (SIGPWR). This patch simply changes it to say "USR1", + which gets it right no matter what the value is. + "Steinar H. Gunderson" + - Minor man page tidy up + +2006-04-12 NeilBrown + Remove **/Makefile.in, aclocal.m4, configure, and + support/include/config.h.in from source control + These are auto autogenerated by + aclocal -I aclocal ; autoheader ; automake ; autoconf + +2006-04-12 NeilBrown + utils/statd/rmtcall.c: use HAVE_IFADDRS_H to control compilation + of code using ifaddrs.h + configure.in: test for present of ifaddrs.h + + Old glibc's don't have ifaddrs.h + +2006-06-12 Amit Gud + Added the mount functionality from util-linux. + Added --without-mount configure option. + +2006-04-12 NeilBrown + Set version to 1.0.8, + aclocal -I aclocal ; autoheader ; automake ; autoconf + +2006-04-10 NeilBrown + Various paranoia checks: + gssd_proc.c: pass max_field sizes to sscanf to avoid buffer + overflow + svcgssd_proc.c: range_check name.length, to ensure name.length+1 + doesn't wrap + idmapd.c(nfsdcb): make sure at least one byte is read before + zeroing the last byte that was read, otherwise memory corruption + is possible. + + Found by SuSE security audit. + +2006-04-10 "Kevin Coffman" + Check for sufficient version of librpcsecgss and libgssapi + in configure.in + +2006-04-10 "Kevin Coffman" + Update aclocal/tcp-wrappers.m4 to define HAVE_LIBWRAP and + HAVE_TCP_WRAPPERS as appropriate. + +2006-04-10 NeilBrown + Add checking for innetgr back to configure.in + 2006-04-10 kwc@citi.umich.edu Update calls to gss_export_lucid_sec_context()