14 years agoAllow gssd ccaches in MEMORY: rather than FILE:
Kevin Coffman [Fri, 13 Oct 2006 19:36:03 +0000 (15:36 -0400)]
Allow gssd ccaches in MEMORY: rather than FILE:

Signed-off-by: Kevin Coffman <>
Add option to store gssd ccaches in a MEMORY: cache rather
than the default FILE: cache.  In response to suggestion
from Steve Dickson <> and
Nalin Dahyabhai <>.

14 years agoImplement a new version of lucid spkm3 context.
Olga Kornievskaia [Fri, 13 Oct 2006 19:35:57 +0000 (15:35 -0400)]
Implement a new version of lucid spkm3 context.

Signed-off-by: Olga Kornievskaia <>
Signed-off-by: Kevin Coffman <>
Implement a new version of lucid spkm3 context which is passed
down to the kernel.

14 years agoDon't always use default mapping to "nobody".
J. Bruce Fields [Fri, 13 Oct 2006 19:35:52 +0000 (15:35 -0400)]
Don't always use default mapping to "nobody".

Signed-off-by: Kevin Coffman <>
We've been ignoring all mapping errors and instead mapping to a "nobody" user
or group.

This is arguably OK for the cases where we're returning a value to the user
(so, id->name mapping on the server or name->id mapping on the client).

But it's a disaster in the other direction (id->name on the server or id->name
on the client): for example, a chown to an unknown user should *not*
automatically be translated into a succesful chown to "nobody".

This patch fixes that problem on the server side.

Signed-off-by: J. Bruce Fields <>
14 years agoFix misc warning messages
Kevin Coffman [Fri, 13 Oct 2006 19:35:43 +0000 (15:35 -0400)]
Fix misc warning messages

Signed-off-by: Kevin Coffman <>
Clean up a few warning messages.

14 years agoOn a glibc system gethostbyname is in libc not libnsl [Fri, 13 Oct 2006 19:35:38 +0000 (15:35 -0400)]
On a glibc system gethostbyname is in libc not libnsl

Signed-off-by: Kevin Coffman <>
Change configure test for gethostbyname, and properly
determine whether "-lnsl" or "-lsocket" are really

14 years agoRestore extra help for PKG_CONFIG error
Kevin Coffman [Fri, 13 Oct 2006 19:35:32 +0000 (15:35 -0400)]
Restore extra help for PKG_CONFIG error

Signed-off-by: Kevin Coffman <>
Fix the error message printed when pkg-config is unable to locate
information for librpcsecgss so the message is actually printed.

14 years agoAdd a SEE ALSO in nfsd man page
Mike Frysinger [Mon, 21 Aug 2006 02:53:11 +0000 (12:53 +1000)]
Add a SEE ALSO in nfsd man page

14 years agoOne final step in convertion of anon = -2 -> 65534
Neil Brown [Tue, 8 Aug 2006 22:08:10 +0000 (08:08 +1000)]
One final step in convertion of anon = -2 -> 65534

Printing export options should avoid printing 'anonuid=65534'
rather than avoiding 'anonuid=-2'.

14 years agoSet version to 1.0.10 nfs-utils-1-0-10
Neil Brown [Mon, 7 Aug 2006 06:40:50 +0000 (16:40 +1000)]
Set version to 1.0.10

Note: 1.0.10 should be used in preference to
 1.0.9 especially with kernels 2.6.18 and later
 otherwise 'rpc.nfsd N' won't work to change the
 number of threads after nfsd has been started.

14 years ago"rpc.nfsd XX" should not fail if ports are already open.
Neil Brown [Mon, 7 Aug 2006 06:37:13 +0000 (16:37 +1000)]
"rpc.nfsd XX" should not fail if ports are already open.

    support/nfs/nfssvc.c:  if any ports are already open,
   don't try to open any more.
 This means that once nfsd is running
     rpc.nfsd  X
 will just change the number of threads, not the
 ports in use.

14 years agoRemove warning if neither 'sync' or 'async' present.
Neil Brown [Mon, 7 Aug 2006 04:19:32 +0000 (14:19 +1000)]
Remove warning if neither 'sync' or 'async' present.

Add warning of neither 'subtree_check' or 'no_subtree_check' present.

14 years agoFix compilation problem - write_oid not defined
Kevin Coffman [Wed, 12 Jul 2006 03:09:59 +0000 (23:09 -0400)]
Fix compilation problem - write_oid not defined

14 years agoFix off-by-one error in rpcgen
Richard Guenther [Thu, 20 Jul 2006 01:41:08 +0000 (11:41 +1000)]
Fix off-by-one error in rpcgen

We obviously need to allocate space for the terminating nul too.

14 years agoUpdate changelog and set version to 1.0.9 nfs-utils-1-0-9
Neil Brown [Sat, 8 Jul 2006 00:04:32 +0000 (10:04 +1000)]
Update changelog and set version to 1.0.9

14 years agoUse uid/gid of -1 to indicate the export's anonuid/anongid should be used
Kevin Coffman [Sat, 8 Jul 2006 00:01:40 +0000 (10:01 +1000)]
Use uid/gid of -1 to indicate the export's anonuid/anongid should be used

Kernel routine nfsd_setuser() in fs/nfsd/auth.c checks for the
value -1 and defaults the credential's fsuid/fsgid to the
correct anonuid/anongid values for the given export.  We should
be passing this value (-1) down when a name mapping cannot be found.
Thanks to J. Bruce Fields <> for the reference.

Signed-off-by: Kevin Coffman <>
Acked-by: J. Bruce Fields <>
14 years agoChange svcgssd_LDFLAGS to match gssd_LDFLAGS
Kevin Coffman [Fri, 7 Jul 2006 23:58:03 +0000 (09:58 +1000)]
Change svcgssd_LDFLAGS to match gssd_LDFLAGS

14 years agoDisable building/installing mount.nfs by default.
Neil Brown [Fri, 7 Jul 2006 23:41:58 +0000 (09:41 +1000)]
Disable building/installing mount.nfs by default.

mount.nfs does not yet support 'user' option and some others.
To make it support this we need to make it setuid-root, and
some security isses need to be resolved before that can be done

14 years agoCall nfssvc_versbits before nfssvc_setfds
Steve Dickson [Fri, 7 Jul 2006 23:35:02 +0000 (09:35 +1000)]
Call nfssvc_versbits before nfssvc_setfds

nfssvc_versbits() has to be called before nfssvc_setfds()
for the version processing to work correctly

14 years agoOnly use -rpath for Kerberos libs when actually needed.
Neil Brown [Thu, 6 Jul 2006 03:05:11 +0000 (13:05 +1000)]
Only use -rpath for Kerberos libs when actually needed.

Avoid usage of -rpath is generally safer, and is required by Debian policy.

14 years agoUse 65534 instead of -2 in svcgssd_proc.c
Neil Brown [Thu, 6 Jul 2006 02:28:33 +0000 (12:28 +1000)]
Use 65534 instead of -2 in svcgssd_proc.c

as this is more consistant across achitectures.

14 years agoThis patch adds code to nfsstat to read /proc/net/rpc/nfsd for nfsv4 server statistic...
Shankar Anand [Tue, 4 Jul 2006 14:50:56 +0000 (08:50 -0600)]
This patch adds code to nfsstat to read /proc/net/rpc/nfsd for nfsv4 server statistics and print them.

Submitted by: Shankar Anand <>

14 years agoFix typos in various man pages.
Steinar H. Gunderson [Wed, 5 Jul 2006 05:55:45 +0000 (15:55 +1000)]
Fix typos in various man pages.

14 years agoUse 65534 for anon uid/gid rather than -2
Steinar H. Gunderson [Wed, 5 Jul 2006 05:51:30 +0000 (15:51 +1000)]
Use 65534 for anon uid/gid rather than -2

This is more consistant across platforms.

14 years agoUpdate rpcdebug to know about new 2.6 debug flags. Added
Greg Banks [Wed, 5 Jul 2006 03:37:21 +0000 (13:37 +1000)]
Update rpcdebug to know about new 2.6 debug flags.  Added
a manpage and installed rpcdebug (in sbindir).

14 years agoIgnore new generated files.
Greg Banks [Wed, 5 Jul 2006 02:22:45 +0000 (12:22 +1000)]
Ignore new generated files.

14 years agoAdd rquota.h to BUILT_SOURCES so rquotad builds on the first try.
Greg Banks [Wed, 5 Jul 2006 02:20:20 +0000 (12:20 +1000)]
Add rquota.h to BUILT_SOURCES so rquotad builds on the first try.

14 years agoGenerate rquota_xdr.c and rquota.h from rquota.x
Neil Brown [Wed, 5 Jul 2006 01:06:09 +0000 (11:06 +1000)]
Generate rquota_xdr.c and rquota.h from rquota.x

rquota_svc.c is still by-hand as it contains alot of extras.
These should really be moved to rquota_server.c

14 years agoRemove some files that old, unused, unneeded.
Neil Brown [Wed, 5 Jul 2006 00:41:03 +0000 (10:41 +1000)]
Remove some files that old, unused, unneeded.

deleted:  support/export/keys.c
deleted:  support/include/rpcdispatch.h
deleted:  support/include/rpcsec.h
deleted:  support/include/version.h
deleted:  support/include/ypupdate.h
deleted:  support/nfs/clients.c
deleted:  support/nfs/keytab.c
deleted:  support/nfs/ypupdate_xdr.c
deleted:  support/rpc/include/
deleted:  tools/rpcdebug/neat_idea.c
deleted:  utils/mountd/mount_xdr.c
deleted:  utils/rquotad/pathnames.h

14 years agoAvoid error creating an existing symlink
Neil Brown [Wed, 5 Jul 2006 00:30:51 +0000 (10:30 +1000)]
Avoid error creating an existing symlink

Just remove the link first.

14 years agoDon't depend on Kerberos headers when checking librpcsecgss in configure [Mon, 3 Jul 2006 22:33:54 +0000 (18:33 -0400)]
Don't depend on Kerberos headers when checking librpcsecgss in configure

Signed-off-by: Kevin Coffman <>
Older versions of MIT Kerberos are missing an OID definition, causing
the configure checks for librpcsecgss to fail.  We shouldn't be depending
on their libraries during the configure.

14 years agoEliminate warnings from code generated by rpcgen
Greg Banks [Tue, 4 Jul 2006 08:33:56 +0000 (18:33 +1000)]
Eliminate warnings from code generated by rpcgen

 - unused variable 'buf'
    - emit a declaration for `buf' on demand.
 - unused variable 'i'
    - declare i immediately before use
 - unused value from IXDR_PUT_
    - cast to (void)
 - type-punned pointer reference
    - cast to (void*) first :-(

14 years agoHandle mapping failure from get_ids. [Mon, 3 Jul 2006 22:34:43 +0000 (18:34 -0400)]
Handle mapping failure from get_ids.

Signed-off-by: Kevin Coffman <>
Temporary patch to do default mapping if we get an error while trying to
map a gss principal to the appropriate uid/gid.  This currently returns
hardcoded values.  This may be correct, or we may need to try and figure
out the correct values to match the anonuid/anongid for the export.

14 years agoProperly report errors in readline() function [Mon, 3 Jul 2006 22:34:38 +0000 (18:34 -0400)]
Properly report errors in readline() function

Signed-off-by: Kevin Coffman <>
Change message priorities for errors and debug messages.

14 years agoChange default buffer size increment for readline() [Mon, 3 Jul 2006 22:34:33 +0000 (18:34 -0400)]
Change default buffer size increment for readline()

Signed-off-by: Kevin Coffman <>
The readline routine expects much smaller messages than we are passing.
Change the default initial allocation and increment value from 128
to 2048.  This saves many calls to realloc().

14 years agoClean up the printerr() logging function. [Mon, 3 Jul 2006 22:34:27 +0000 (18:34 -0400)]
Clean up the printerr() logging function.

Signed-off-by: Kevin Coffman <>
Update the printerr() function to:

1) Determine whether we'll print the message before going to all the
   work of formatting it.
2) Don't just toss away messages that are too long for the buffer.
   Print what we can and give an indication of the truncation with
   "..." at the end.
3) Use a single buffer rather than two.
4) Messages either go to syslog (with level ERR) or stderr.  Don't
   send some messages to syslog level DEBUG.

14 years agoUse setfsuid() rather than seteuid() while creating contexts [Mon, 3 Jul 2006 22:34:21 +0000 (18:34 -0400)]
Use setfsuid() rather than seteuid() while creating contexts

Signed-off-by: Kevin Coffman <>
As suggested by Olaf Kirch <>, use setfsuid() rather than
seteuid() when creating a gss context.  This prevents users from using
credentials that do not belong to them, while also preventing them from
doing things like killing, renicing, or changing the priority of the
gssd process while it is processing the context creation.

14 years agoLimit acquire_cred call to to Kerberos only [Mon, 3 Jul 2006 22:34:16 +0000 (18:34 -0400)]
Limit acquire_cred call to to Kerberos only

Signed-off-by: Kevin Coffman <>
Specify that the acquire_cred call should only be concerned with returning
Kerberos credentials since this is Kerberos-only functionality.

14 years agoCheck that the gssapi library is usable early on. [Mon, 3 Jul 2006 22:34:10 +0000 (18:34 -0400)]
Check that the gssapi library is usable early on.

Signed-off-by: Kevin Coffman <>
Do a call to determine mechanisms supported by the gssapi library early.
This allows us to discover early in case the gssapi library is somehow
misconfigured.  We can bail out early and give a meaningful message
rather than getting errors on each attempt at a context negotiation.

14 years agoFix problems with 64-bit big-endian machines [Mon, 3 Jul 2006 22:34:05 +0000 (18:34 -0400)]
Fix problems with 64-bit big-endian machines

Signed-off-by: Kevin Coffman <>
Correct the definition of mech_used in the gss context to use gss_OID_desc.
This fixes problems on 64-bit machines when referencing the OID.

Also updates write_buffer function to use u_int rather than size_t when
doing calculations.

14 years agoDefine CFLAGS for gss_clnt_send_err compile [Mon, 3 Jul 2006 22:33:59 +0000 (18:33 -0400)]
Define CFLAGS for gss_clnt_send_err compile

Signed-off-by: Kevin Coffman <>
Add CFLAGS to make sure we find and use the correct gssapi.h when
building gss_clnt_send_err

14 years agoUse socklen_t some more to avoid warnings.
Greg Banks [Mon, 3 Jul 2006 05:59:54 +0000 (15:59 +1000)]
Use socklen_t some more to avoid warnings.

14 years agoFix warning about pointer signedness differing.
Greg Banks [Mon, 3 Jul 2006 05:39:41 +0000 (15:39 +1000)]
Fix warning about pointer signedness differing.

14 years agoInclude the right header to get xmalloc() declaration.
Greg Banks [Mon, 3 Jul 2006 05:17:34 +0000 (15:17 +1000)]
Include the right header to get xmalloc() declaration.

14 years agoMerge branch 'master' of git://
Greg Banks [Mon, 3 Jul 2006 04:21:48 +0000 (14:21 +1000)]
Merge branch 'master' of git://

14 years agonfs-utils 1.0.9-pre1 nfs-utils-1-0-9-pre1
Neil Brown [Mon, 3 Jul 2006 00:02:03 +0000 (10:02 +1000)]
nfs-utils 1.0.9-pre1

Update change log and change version number

14 years agoAllow rpc.nfsd to suppress tcp or udp, and listen on a specific address.
Steve Dickson [Sun, 2 Jul 2006 23:52:00 +0000 (09:52 +1000)]
Allow rpc.nfsd to suppress tcp or udp, and listen on a specific address.

 -T       - will suppressing listening for TCP connection.
 -U       - will suppress UDP
 -H host  - will only listen on that local address
 -p port  - will listen on that port.

This requires kernel patches which will hopefully be in 2.6.19 and possibly some
earlier test and vendor kernels.

14 years agoComment out unused variable.
Greg Banks [Tue, 27 Jun 2006 11:30:18 +0000 (21:30 +1000)]
Comment out unused variable.

14 years agoComment out the decades-old SCCS id strings from the original Sun
Greg Banks [Tue, 27 Jun 2006 11:22:59 +0000 (21:22 +1000)]
Comment out the decades-old SCCS id strings from the original Sun
distribution.  They cause compile warnings, there is no longer any
reason to try to build them into the binaries, and gcc seems to be
eliding some of them anyway.

14 years agoDetect if glibc provides socklen_t and use that instead
Greg Banks [Tue, 27 Jun 2006 10:55:07 +0000 (20:55 +1000)]
Detect if glibc provides socklen_t and use that instead
of int in those cases which generate compile warnings,
e.g. the last argument of recvfrom().

14 years agoReplace the deprecated sigblock() with more modern
Greg Banks [Tue, 27 Jun 2006 10:28:02 +0000 (20:28 +1000)]
Replace the deprecated sigblock() with more modern
signal functions to avoid compile warnings.

14 years agoAdd support for suppressing different NFS versions.
Steve Dickson [Mon, 26 Jun 2006 05:23:19 +0000 (15:23 +1000)]
Add support for suppressing different NFS versions.

e.g.  -N 2
means that NFSv2 won't be supported, just v3 and v4 (if the kernel
supports them).

14 years agoFurther coverity related cleanups.
Neil Brown [Fri, 23 Jun 2006 07:10:56 +0000 (17:10 +1000)]
Further coverity related cleanups.

Greg Banks suggested some variations, particularly improved
use of xmalloc/xstrdup functions.  Thanks.

14 years agoFix various issues discovered by Coverity
Neil Brown [Fri, 23 Jun 2006 04:38:33 +0000 (14:38 +1000)]
Fix various issues discovered by Coverity

Thanks to Michael Halcrow for finding them.

14 years agoFix comment parsing (again)
Neil Brown [Fri, 23 Jun 2006 04:06:00 +0000 (14:06 +1000)]
Fix comment parsing (again)

Bruce Fields noticed that I broke comment parsing...

as xskip() is always called before xgettok(), that is the
best place to put xskipcomment and still maintain proper
semantics of xskip and xgettok.

14 years agoChange mount configure option to --enable-mount
Amit Gud [Thu, 22 Jun 2006 16:51:04 +0000 (12:51 -0400)]
Change mount configure option to --enable-mount

Change the configure option from --with-mount to --enable-mount.

Signed-off-by: Amit Gud <>
Signed-off-by: Steve Dickson <>
14 years agoMerge nfsmount.x and mount.x into mount.x
Amit Gud [Thu, 22 Jun 2006 16:49:24 +0000 (12:49 -0400)]
Merge nfsmount.x and mount.x into mount.x

Merge utils/mount/nfsmount.x and support/export/mount.x into support/export/mount.x.

Signed-off-by: Amit Gud <>
Signed-off-by: Steve Dickson <>
14 years agoTry to make sure that clientid used for NFSv4 is reliable.
Neil Brown [Fri, 23 Jun 2006 03:37:08 +0000 (13:37 +1000)]
Try to make sure that clientid used for NFSv4 is reliable.

We need to give an IP address to identify this client to the
The current code does a gethostbyname of the hostname. One
some systems this returns or similar, which is not useful.

Instead, use getsockname of the sock used to connect to the server
to confirm that the server is working.  This gives the address on the
interface that was chosen to talk to that server, which is the
best address we can find (if there is a NAT in the way, it might
still not work, but in that case there is nothing we can do).

14 years agoFix a number of the easier compile warnings: unused variables,
Greg Banks [Thu, 22 Jun 2006 08:01:10 +0000 (18:01 +1000)]
Fix a number of the easier compile warnings: unused variables,
unused labels, constness, signedness.

14 years agoDetect presence of nfs4_set_debug() in libnfsidmap and
Greg Banks [Thu, 22 Jun 2006 07:31:24 +0000 (17:31 +1000)]
Detect presence of nfs4_set_debug() in libnfsidmap and
don't bother calling it if it's missing.

14 years agoRemove useless m4 quoting around args to PKG_CHECK_MODULES().
Greg Banks [Thu, 22 Jun 2006 07:19:17 +0000 (17:19 +1000)]
Remove useless m4 quoting around args to PKG_CHECK_MODULES().

14 years agoDo m4 quoting of AC_MSG_ERROR() and AC_MSG_WARN() as
Greg Banks [Thu, 22 Jun 2006 07:16:19 +0000 (17:16 +1000)]
Do m4 quoting of AC_MSG_ERROR() and AC_MSG_WARN() as
the autoconf people intended.  This avoids errors in
autoconf on SLES10.

14 years agoAdd a .gitignore file to suppress the files generated
Greg Banks [Thu, 22 Jun 2006 06:51:44 +0000 (16:51 +1000)]
Add a .gitignore file to suppress the files generated
during autogen, configure and build.

14 years agomultiple threads for mountd
Greg Banks [Wed, 14 Jun 2006 12:48:10 +0000 (22:48 +1000)]
multiple threads for mountd

How about the attached patch against nfs-utils tot?  It
adds a -t option to set the number of forked workers.
Default is 1 thread, i.e. the old behaviour.

I've verified that showmount -e, the Ogata mount client,
and a real mount from Linux and IRIX boxes work with and
without the new option.

I've verified that you can manually kill any of the workers
without the portmap registration going away, that killing
all the workers causes the manager process to wake up and
unregister, and killing the manager process causes the
workers to be killed and portmap unregistered.

I've verified that all the workers have file descriptors
for the udp socket and the tcp rendezvous socket, that
connections are balanced across all the workers if service
times are sufficiently long, and that performance is
improved by that parallelism, at least for small numbers
of threads.  For example, with 60 parallel MOUNT calls
and a testing patch to make DNS lookups take 100 milliseconds
time to perform all mounts (averaged over 5 runs) is:

num elapsed
threads time (sec)
 ------ ----------
1 13.125
2   6.859
3  4.836
4    3.841
5  3.303
6  3.100
7  3.078
8  3.018

Greg Banks, R&D Software Engineer, SGI Australian Software Group.
I don't speak for SGI.

14 years agoRemove some temporary files that shouldn't be in 'git'.
Neil Brown [Fri, 16 Jun 2006 03:16:09 +0000 (13:16 +1000)]
Remove some temporary files that shouldn't be in 'git'.

deleted:  compile
deleted:  config.guess
deleted:  config.sub
deleted:  depcomp
deleted:  install-sh
deleted:  missing

14 years agoAdd support to auto-generate nfsmount* files for new nfs.mount program
Neil Brown [Fri, 16 Jun 2006 03:09:26 +0000 (13:09 +1000)]
Add support to auto-generate nfsmount* files for new nfs.mount program

14 years agoMove NFS mount code from util-linux to nfs-utils - part 2
Amit Gud [Mon, 12 Jun 2006 23:08:27 +0000 (19:08 -0400)]
Move NFS mount code from util-linux to nfs-utils - part 2

Adds the support functions needed for mount and umount. This
functionality will someday be available in the form of shared mount

Signed-off-by: Amit Gud <>
Signed-off-by: Steve Dickson <>
14 years agoMove NFS mount code from util-linux to nfs-utils - part 1
Amit Gud [Mon, 12 Jun 2006 23:06:36 +0000 (19:06 -0400)]
Move NFS mount code from util-linux to nfs-utils - part 1

Adds the mount directory and the code to mount and umount the NFS file system.

Signed-off-by: Amit Gud <>
Signed-off-by: Steve Dickson <>
14 years agoMinor man page tidyup
Neil Brown [Mon, 5 Jun 2006 02:54:42 +0000 (12:54 +1000)]
Minor man page tidyup

14 years agofix nhfsrun signal
Neil Brown [Mon, 5 Jun 2006 02:47:00 +0000 (12:47 +1000)]
fix nhfsrun signal

  nhfsrun is supposed to be able to be signalled with SIGUSR1, but
  the signal trapped is number 30, which is something else
  entirely (SIGPWR). This patch simply changes it to say "USR1",
  which gets it right no matter what the value is.
         "Steinar H. Gunderson" <>

14 years agomountd state directory
Neil Brown [Mon, 5 Jun 2006 02:45:01 +0000 (12:45 +1000)]
mountd state directory

  Let the user select (via a new parameter) the path to the NFS
  state directory for mountd, to match the statd functionality.
         "Steinar H. Gunderson" <>

14 years agodocument sync option:
Neil Brown [Mon, 5 Jun 2006 02:39:07 +0000 (12:39 +1000)]
document sync option:
  Document the 'sync' option in the exports(5) man page -- ATM
  only the 'async' option is documented, which is not very
  symmetric. :-)  "Steinar H. Gunderson" <>

14 years agoOnly treat '#' as starting a comment when at the start of a token
Neil Brown [Mon, 5 Jun 2006 02:36:52 +0000 (12:36 +1000)]
Only treat '#' as starting a comment when at the start of a token

otherwise '#' in filenames cannot be read.

14 years agoescape hashes in exports
Neil Brown [Mon, 5 Jun 2006 02:27:35 +0000 (12:27 +1000)]
escape hashes in exports
  Makes sure any # signs in the printed-out exports file are
  escaped (as with quotes, spaces, etc.), so they won't be treated
  as a comment when they're read back in again.
        "Steinar H. Gunderson" <>

14 years agofix exportfs with multiple matches
Neil Brown [Mon, 5 Jun 2006 02:16:20 +0000 (12:16 +1000)]
fix exportfs with multiple matches

  Fixes a problem with exportfs -o
  and multiple entries of the same type for the same patch that matches
  a given client. The entire rationale and problem description can be found
  at (fumihiko kakuma <>)

14 years agoRemove debian/
Neil Brown [Mon, 5 Jun 2006 02:13:31 +0000 (12:13 +1000)]
Remove debian/

.. at request of Debian maintainer "Steinar H. Gunderson" <>

14 years ago Remove **/, aclocal.m4, configure, and
Neil Brown [Mon, 17 Apr 2006 07:07:39 +0000 (17:07 +1000)]
Remove **/, aclocal.m4, configure, and
 support/include/ from source control
These are auto autogenerated by
  aclocal -I aclocal ; autoheader ; automake ; autoconf

14 years agoDefine and use HIAVE_IFADDRS_H
Neil Brown [Mon, 17 Apr 2006 06:54:54 +0000 (16:54 +1000)]
Define and use HIAVE_IFADDRS_H

14 years ago1.0.8 nfs-utils-1-0-8
neilbrown [Wed, 12 Apr 2006 02:55:50 +0000 (02:55 +0000)]

14 years ago2006-04-10 NeilBrown <>
neilbrown [Mon, 10 Apr 2006 09:57:17 +0000 (09:57 +0000)]
2006-04-10 NeilBrown <>
Various paranoia checks:
gssd_proc.c: pass max_field sizes to sscanf to avoid buffer
svcgssd_proc.c: range_check name.length, to ensure name.length+1
  doesn't wrap
idmapd.c(nfsdcb): make sure at least one byte is read before
 zeroing the last byte that was read, otherwise memory corruption
 is possible.

Found by SuSE security audit.

14 years ago2006-04-10 "Kevin Coffman" <>
neilbrown [Mon, 10 Apr 2006 04:00:31 +0000 (04:00 +0000)]
2006-04-10 "Kevin Coffman" <>
Check for sufficient version of librpcsecgss and libgssapi

14 years ago2006-04-10 "Kevin Coffman" <>
neilbrown [Mon, 10 Apr 2006 03:53:14 +0000 (03:53 +0000)]
2006-04-10 "Kevin Coffman" <>
Update aclocal/tcp-wrappers.m4 to define HAVE_LIBWRAP and
HAVE_TCP_WRAPPERS as appropriate.

14 years ago Add checking for innetgr back to
neilbrown [Mon, 10 Apr 2006 01:39:14 +0000 (01:39 +0000)]
Add checking for innetgr back to

14 years ago2006-04-10
neilbrown [Sun, 9 Apr 2006 23:51:59 +0000 (23:51 +0000)]
Update calls to gss_export_lucid_sec_context()

Change the calls to gss_export_lucid_sec_context() to match the corrected
interface definition in libgssapi-0.9.

14 years ago2006-04-10
neilbrown [Sun, 9 Apr 2006 23:50:42 +0000 (23:50 +0000)]
Plug memory leaks in svcgssd

Various memory leaks in the svcgssd context processing are eliminated.

14 years ago2006-04-10
neilbrown [Sun, 9 Apr 2006 23:49:36 +0000 (23:49 +0000)]
Fix memory leak of the AUTH structure on context negotiations

Free AUTH structure after completing context negotiation and sending
context information to the kernel.

14 years ago2006-04-10
neilbrown [Sun, 9 Apr 2006 23:47:08 +0000 (23:47 +0000)]
Fix support/include/ such as would be done be running autoheader.

14 years agoaclocal/autoconf/automake, properly this time.
neilbrown [Tue, 28 Mar 2006 04:22:44 +0000 (04:22 +0000)]
aclocal/autoconf/automake, properly this time.

14 years agoUpdate version, autoconf, automake
neilbrown [Tue, 28 Mar 2006 01:28:14 +0000 (01:28 +0000)]
Update version, autoconf, automake

14 years ago Use PKGCONFIG to locate gssapi and rpcsecgss header files
neilbrown [Tue, 28 Mar 2006 00:53:30 +0000 (00:53 +0000)]
Use PKGCONFIG to locate gssapi and rpcsecgss header files

Instead of having separate copies of the gssapi and rpcsecgss
header files, or depending on the Kerberos gssapi header,
locate the headers now installed with the libgssapi and librpcsecgss

Remove local copies of the gssapi and rpcsecgss header files.

This depends on the configure_use_autotools patch.

14 years ago Add debugging to better detect negotiation of enctype not supported by kernel
neilbrown [Tue, 28 Mar 2006 00:51:14 +0000 (00:51 +0000)]
Add debugging to better detect negotiation of enctype not supported by kernel

Print debugging message indicating the type of encryption keys being sent
down to the kernel.  This should make it easier to detect cases where
unsupported encryption types are being negotiated.
(really this time)

14 years ago Don't close and reopen all pipes on every DNOTIFY signal.
neilbrown [Tue, 28 Mar 2006 00:50:44 +0000 (00:50 +0000)]
Don't close and reopen all pipes on every DNOTIFY signal.

From: Vince Busam <>
Signed-off-by: Kevin Coffman <>
Don't unnecessarily close and re-open all pipes after every DNOTIFY
signal.  These unnecessary closes were triggering a kernel Oops.
Original patch modified to correct segfault when unmounting last
NFSv4 mount.

14 years ago Add option to specify directory to search for credentials cache files
neilbrown [Tue, 28 Mar 2006 00:50:03 +0000 (00:50 +0000)]
Add option to specify directory to search for credentials cache files

From: Vince Busam <>
Signed-off-by: Kevin Coffman <>
Add command line option to specify which directory should be searched
to find credentials caches.
(really this time)

14 years ago Must still use knowledge of the glue context for pre-1.4 versions of MIT krb5
neilbrown [Tue, 28 Mar 2006 00:49:29 +0000 (00:49 +0000)]
Must still use knowledge of the glue context for pre-1.4 versions of MIT krb5

We need to get access to the internal krb5 context pointer for
older (pre-1.4) versions of MIT Kerberos.  We get a pointer to
the gss glue's context.  Get the right pointer before accessing
the context information.
(really this time)

14 years ago Remove unused groups variable from get_ids() which was causing a compiler warning.
neilbrown [Tue, 28 Mar 2006 00:48:56 +0000 (00:48 +0000)]
Remove unused groups variable from get_ids() which was causing a compiler warning.
(really this time)

14 years ago Update krb5 code to use glue routine lucid context functions
neilbrown [Tue, 28 Mar 2006 00:48:27 +0000 (00:48 +0000)]
Update krb5 code to use glue routine lucid context functions

The gssd code should not know about the glue layer's context structure.
A previous patch added gss_export_lucid_sec_context() and
gss_free_lucid_sec_context() functions to the gssapi glue layer.
Use these functions rather than calling directly to the Kerberos
gssapi code (which requires the Kerberos context handle rather
than the glue's context handle).

(really this time)

14 years agoadd missing files from previous update
neilbrown [Tue, 28 Mar 2006 00:47:06 +0000 (00:47 +0000)]
add missing files from previous update

14 years ago Separate out context handling code for MIT Kerberos and SPKM3
neilbrown [Tue, 28 Mar 2006 00:45:33 +0000 (00:45 +0000)]
Separate out context handling code for MIT Kerberos and SPKM3
into their own file.
(Really this time)

14 years ago User-selectable idmapping cache lifetime
neilbrown [Tue, 28 Mar 2006 00:33:55 +0000 (00:33 +0000)]
User-selectable idmapping cache lifetime

Read and process new configuration option, Cache-Expiration, and use
the value to determine how long idmapping entries are cached.
(Really this time)

14 years agoautoconf/automake
neilbrown [Mon, 27 Mar 2006 00:41:10 +0000 (00:41 +0000)]

14 years agoupdate version to -rc3
neilbrown [Mon, 27 Mar 2006 00:34:34 +0000 (00:34 +0000)]
update version to -rc3