Age | Commit message (Collapse) | Author | Files | Lines |
|
Patch for 497ffdf8 ('manpage: remove the no longer supported value
"vers2"') [1] didn't contain printf in exportfs.c (looks like debugging
info) and errno handling in stropts.c (maybe work on other patch) which
were applied. Thus removing it.
[1] https://lore.kernel.org/linux-nfs/20220117031356.13361-1-yoyang@redhat.com/raw
Signed-off-by: Petr Vorel <pvorel@suse.cz>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Signed-off-by: Yongcheng Yang <yongcheng.yang@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Commit f054365d removed the unnecessary bind() call
but did not remove the error lable.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
__DARWIN_ONLY_64_BIT_INO_T is true on macos arm64 so struct stat64
and stat64() are not available. This patch defines stat64 as stat if
__DARWIN_ONLY_64_BIT_INO_T is true
Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
This patch removes the ability to do NFS v2
mounts. They will now fail with EOPNOTSUPP.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
When clnt_ping() calls get_socket(), get_socket() will create a socket,
call bind() to choose an unused local port, and then connect to the
given address.
The "bind()" call is unnecessary and problematic.
It is unnecessary as the "connect()" call will bind the socket as
required.
It is problematic as it requires a completely unused port number, rather
than just a port number which isn't currently in use for connecting to
the given remote address.
If all local ports (net.ipv4.ip_local_port_range) are in use, the bind()
will fail. However the connect() call will only fail if all those port
are in use for connecting to the same address.
So remove the unnecessary bind() call.
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
mount.nfs* umount.nfs* and nfsdcltrack are currently always installed in
/sbin.
Many distros are moving to a "merged /usr" where /sbin and others are
symlinks into /usr/sbin or similar. In these cases it is inelegant to
install in /sbin (i.e. install through a symlink).
So we add "--disable-sbin-override" as a configure option. This causes
the same sbindir to be used for *mount.nfs* and nfsdcltrack as for other
system binaries.
Note that autotools notices if we simply define "sbindir=/sbin"
inside an "if CONFIG_foo" clause, gives a warning, and defeats our
intent.
So instead, we use the @CONFIG_SBIN_OVERRIDE_TRUE@ prefix to find
the new declaration when we don't want it.
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
When rpcsends is 0 this is the error seen when mounstats is run on a
NFSv4.2 mount
Fixes: https://bugzilla.linux-nfs.org/show_bug.cgi?id=367
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1979816
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
`command -v' is shell builtin required by POSIX [1] and supported on all
common shells (bash, zsh, dash, busybox sh, mksh). `which' utility is not
presented on some containers (e.g. Fedora, openSUSE), also going to be
removed from future Debian versions.
Also remove stderr redirection to /dev/null as it's unnecessary when
using 'command': POSIX says "no output shall be written" if the command
isn't found.
[1] https://pubs.opengroup.org/onlinepubs/9699919799/utilities/command.html
[2] https://salsa.debian.org/debian/debianutils/-/commit/3a8dd10b4502f7bae8fc6973c13ce23fc9da7efb
Signed-off-by: Petr Vorel <pvorel@suse.cz>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
When client discovers trunkable servers, instead of dropping newly
created trunkable connections, add this connection to the existing
RPC client.
Signed-off-by: Olga Kornievskaia <kolga@netapp.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
A recent cleanup of debug messages added func and tid format specifiers
to a debug message (when full hostname was different), but the func name
and tid were NOT added as arguments.
Consequently there weren't enough args, random bytes of the stack were
interpreted as a pointer, and rpc.gssd crashed (when -v was specified).
Fixes: b538862a5135 ("gssd: Cleaned up debug messages")
Reviewed-by: Petr Vorel <pvorel@suse.cz>
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
While it is possible to configure the systemd unit files directory on
configure time with --with-systemd=unit-dir-path, this path is not taken
into account for installing the systemd unit generators, as they are
installed unconditionally in /usr/lib/systemd/system-generators.
Signed-off-by: Salvatore Bonaccorso <carnil@debian.org>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
The used variable is named unitdir in configure.ac and
systemd/Makefile.am otherwise but is used in a single place as unit_dir.
The setting has no effect, but if later commits would use a base to the
systemd unit files directory for installing further files this would
void the possibility to explicitly set a systemd unit files directory
via configure with --with-systemd=unit-dir-path.
Fixes: 0fbf91a4fd90 ("Include systemd unit files in "dist" and "install".")
Signed-off-by: Salvatore Bonaccorso <carnil@debian.org>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Whenever user want to compile and install from source code, they
have to constantly install dependencies based on error message.
Verified on RHEL-8/Fedora-34/debian-10/openSUSE-15.3
Signed-off-by: Jianhong Yin <yin-jianhong@163.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
leak of mountlist struct and content on error
Signed-off-by: Alice Mitchell <ajmitchell@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
query_krb5_ccache: if the ret_realm strdup fails then ret_princname leaks
gssd_get_krb5_machine_cred_list: l was being leaked if the realloc failed
it was also leaked if the strdup of ccname failed
Signed-off-by: Alice Mitchell <ajmitchell@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
ccachedir_copy isnt used properly and is leaking, ccachedir gets modified
by a strtok, altering the original argv or conf parameter which is an
undesirable side-effect
Signed-off-by: Alice Mitchell <ajmitchell@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
regex.c: regex_getpwnam() would leak memory if the name was not found.
nss.c: nss_name_to_gid() the conditional frees look like a potential
memory leak, removed the unnecessary conditions.
Signed-off-by: Alice Mitchell <ajmitchell@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
With recent commits (4f2a5b64,5a53426c) that fixed
compile errors on x86_64 machines, caused similar
errors on i686 machines.
The variable type that was being used was a time_t,
which changes size between architects, which
caused the compile error.
Changing the variable to uint64_t fixed the issue.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Make the state directory configurable.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
nfsdcltrack.c: In function 'cltrack_gracedone':
nfsdcltrack.c:528:47: error: format '%ld' expects argument of type 'long int', but argument 4 has type 'time_t' {aka 'long long int'} [-Werror=format=]
Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
sqlite.c: In function 'sqlite_remove_unreclaimed':
sqlite.c:547:71: error: format '%ld' expects argument of type 'long int', but argument 4 has type 'time_t' {aka 'long long int'} [-Werror=format=]
Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
The new mount API broke how the sloppy option is parsed.
So the option processing needs to be moved up in
the mount.nfs command.
The option needs to be the first option in the string
that is passed into the kernel with the -s mount(8)
and/or the -o sloppy is used.
Commit 92b664ef fixed the process of the -s flag
and this version fixes the -o sloppy processing
as well works when libmount-mount is and is not
enabled plus cleans up the mount options passed
to the kernel.
Reviewed-and-tested-by: Dave Wysochanski <dwysocha@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Added tids to a number of statements
Broke the lifetime_rec secs into a readable format
Printed tids out correctly
Trim down the output of both '-v' and '-vv'
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Previously, the 'sloppy' option was appended to other options
so that when kernel parses the options sequentially, the
'sloppy' option will not work if there's a invalid option in
front of it.
use 'po_insert' instead 'po_append'
Signed-off-by: Jianhong Yin <yin-jianhong@163.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Add a global list of active upcalls and a watchdog thread that walks the
list, looking for threads running longer than timeout seconds. By
default, an error message will by logged to the syslog.
The upcall timeout can be specified by passing the -U option or by
setting the upcall-timeout parameter in nfs.conf.
Passing the -C option or setting cancel-timed-out-upcalls=1 in nfs.conf
causes the watchdog thread to also cancel timed-out upcall threads and
report an error of -ETIMEDOUT to the kernel.
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
If we fail to create a thread to handle an upcall, we still need to do a
downcall to tell the kernel about the failure, otherwise the process
that is trying to establish gss credentials will hang.
This patch shifts the thread creation down a level in the call chain so
now the main thread does a little more work up front (reading & parsing
the data from the pipefs file) so it has the info it needs to be able
to do the error downcall.
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Recent versions of glibc (since 2.26?) no longer supply rpc/rpc.h, and
in previous versions, RPC was optional. Detect such cases and prompt the
user to build with libtirpc instead.
Signed-off-by: Roland Hieber <rhi@pengutronix.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
The old URL is no longer available. Update to the new URL that is
mentioned on https://linux-nfs.org.
Signed-off-by: Roland Hieber <rhi@pengutronix.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
There are two global "struct stat_paths" structures: etab and rmtab.
They are currently needed by some library code so any program which is
linked with that library code needs to declare the structures even if it
doesn't use the functionality. This is clumsy and error-prone.
Instead: have the library declare the structure and put the definition
in a header file. Now programs only need to know about these structures
if they use the functionality.
'rmtab' is now declared in libnfs.a (rmtab.c). 'etab' is declared in
export.a (xtab.c).
Reviewed-by: Petr Vorel <pvorel@suse.cz>
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Since v4.17 the timestamp written to 'flush' is ignored,
so there isn't much point choosing too precisely.
For kernels since v4.3-rc3-13-g778620364ef5 it is safe
to write 1 second beyond the current time.
For earlier kernels, nothing is really safe (even the current
behaviour), but writing one second beyond the current time isn't too bad
in the unlikely case the people use a new nfs-utils on a 5 year old
kernel.
This remove a dependency for libnfs.a on 'etab' being declare,
so svcgssd no longer needs to declare it.
Reviewed-by: Petr Vorel <pvorel@suse.cz>
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Some filesystems cannot be exported without an fsid or uuid.
tmpfs is the main example.
When mountd (or exportd) creates nfsv4 pseudo-root exports for the path
leading down to an export point it exports each directory without any
fsid or uuid. If one of these directories is on tmpfs, that will fail.
The net result is that exporting a subdirectory of a tmpfs filesystem
will not work over NFSv4 as the parents within the filesystem cannot be
exported. It will either fail, or fall-back to NFSv3 (depending on the
version of the mount.nfs program).
To fix this we need to provide an fsid or uuid for these pseudo-root
exports. This patch does that by creating an RFC-4122 V5 compatible
UUID based on an arbitrary seed and the path to the export.
To check if an export needs a uuid, text_export() is moved from exportfs
to libexport.a, modified slightly and renamed to export_test().
Reported-by: Petr Vorel <pvorel@suse.cz>
Reviewed-by: Petr Vorel <pvorel@suse.cz>
Tested-by: Petr Vorel <pvorel@suse.cz>
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
The decrement of the "ple" refcount is not protected so it can race with
increments or decrements from other threads. An increment could be lost
and then the ple would be freed early, leading to memory corruption.
So use the mutex to protect decrements (increments are already
protected).
As gssd_destroy_krb5_principals() calls release_ple() while holding the
mutex, we need a "release_pte_locked()" which doesn't take the mutex.
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Config entries sometimes contain variable expansions, this adds options
to retrieve the config entry rather than its current expanded value.
Signed-off-by: Alice Mitchell <ajmitchell@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Signed-off-by: Alice Mitchell <ajmitchell@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
FHS 3.0 deprecated /var/run in favour of /run.
FHS 3.0 was released over 5 years ago.
I think it is time for nfs-utils to catch up.
Note that some places, particularly systemd unit files, already use just
"/run".
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Ever since commit 76c21e3f (mountd: Check the stat() return values in
match_fsid(), 2020-05-08), it wasn't possible to export filesystems
on my musl based system anymore.
The root cause of this is the innocuous-looking change to decide based
on `errno` whether `is_mountpoint()` raised a real error or whether it
simply didn't match. The issue is that `is_mountpoint()` transitively
calls into our `xlstat()` wrapper, which either executes `statx()` if
the system supports it or otherwise falls back to `fstatat()`. But if
`statx()` is not supported, then we'll always first set `errno = ENOSYS`
before calling `fstatat()`. So effectively, all systems which do not
have `statx()` and whose `fstatat()` doesn't reset `errno` will cause us
to end up with errno set to `ENOSYS`.
Fix the issue by resetting `errno` before calling `fstatat()` in both
`xlstat()` and `xstat()`.
Fixes: 76c21e3f (mountd: Check the stat() return values in match_fsid(), 2020-05-08)
Signed-off-by: Patrick Steinhardt <ps@pks.im>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Signed-off-by: Yongcheng Yang <yongcheng.yang@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Product is shipped with NFS/RDMA disabled by default.
An extra step is needed when setting up an NFS server
to support NFS/RDMA clients.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1931565
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
It is possible (and common with the Linux NFS client) for the nfs server
to receive multiple SET_CLIENT_ID or EXCHANGE_ID requests when starting
a connection. This results in some clients appearing in
/proc/fs/nfsd/clients
which never get confirmed. mountd currently logs these, but they aren't
really helpful.
If the kernel supports the reporting of the confirmation status of
clients, we can suppress the message until a client is confirmed.
With this patch we:
- record if the client is confirmed, assuming it is if the status is
not reported
- don't log unconfirmed clients
- request MODIFY notification from unconfirmed clients.
- recheck an info file when it is modified.
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
The code that has been added to strip trailing slashes from path in
unexportfs_parsed() forgot to account for the case of the root
directory, which is simply '/'. In that case it accesses path[-1] and
reduces the path to an empty string, which then fails to match any
export.
Fix it by stopping the stripping when the path is just a single
character - it doesn't matter if it's a '/' or not, we want to keep it
either way in that case.
Reproducer:
exportfs localhost:/
exportfs -u localhost:/
Without this patch, the unexport step fails with "exportfs: Could not
find 'localhost:/' to unexport."
Fixes: a9a7728d8743 ("exportfs: Deal with path's trailing "/" in unexportfs_parsed()")
Link: https://bugzilla.redhat.com/show_bug.cgi?id=1941171
Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1868828
Signed-off-by: Kenneth D'souza <kennethdsouza94@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
NFSv4 does not have a MOUNT request like NFSv3 does (via the MOUNT
protocol). So these cannot be logged.
NFSv4 does have SETCLIENTID and EXCHANGE_ID. These are indirectly
visible though changes in /proc/fs/nfsd/clients.
When a new client attaches, a directory appears. When the client
detaches, through a timeout (v4.0) or DESTROY_SESSION (v4.1+)
the directory disappears.
This patch adds tracking of these changes using inotify, with log
messages when a client attaches or detaches.
Unfortuantely clients are created in two steps, the second being a
confirmation. This results in a temporary client appearing and
disappearing. It is not possible (in Linux 5.10) to detect the
unconfirmed client, so extra attach/detach messages are generated.
This patch also moves some cache* function declarations into a header
file, and makes a few related changes to #includes.
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
The DEFAULT_TTL affects the rate at which authentication messages are
logged. So it is useful to make it settable.
Add "-ttl" and "-T", and add clear statement in the documentation of
both the benefits and the possible negative effects of choosing a larger
value
Signed-off-by: NeilBrown <neil@brown.name>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
When logging authentication requests, it can be easier to read the logs
if clients are always identified by IP address, not intermediate names
like netgroups or subnets.
To allow this, add --cache-use-ipaddr or -i which tell mountd to always
enable use_ipaddr.
Signed-off-by: NeilBrown <neil@brown.name>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
When NFSv3 is used to mount a filesystem, success/failure messages are
logged by mountd and can be used for auditing. When NFSv4 is used,
there is no distinct "MOUNT" request, and nothing is logged.
We can instead log authentication requests from the kernel. These will
happen regularly - typically every 15 minutes of ongoing access - so
they may be too noisy, or might be more useful. As they might not be
wanted, make them selectable with the "AUTH" facility in xlog().
Add a "-l" to enable these logs. Alternately "debug = auth" will have
the same effect.
The same changes are made to both rpc.mountd and nfsv4.exportd.
Signed-off-by: NeilBrown <neil@brown.name>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
The text in the manpages about the export table is a bit outdated, and
doesn't mention the in-kernel cache which is an import part of
that table.
As a future patch will enable logging of updates to that cache, it is
important to have the caching behaviour documented. So update that
section of both man pages, and make a few other minor improvements.
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
When an "nfsd.fh" request is received from the kernel, we map the
file-handle prefix to a path name and report that (as required) and then
also add "nfsd.export" information with export flags applicable to that
path.
This is not necessary and was added as a perceived optimisation.
When updating data already in the kernel, it is unlikely to help as the
kernel can be expected to ask for both details at much the same time.
With NFSv3, new information is normally added by a MOUNT rpc request, so
this is irrelevant.
With NFSv4, the kernel requests the "nfsd.export" information when
walking down from ROOT, *before* requesting the nfsd.fh information, so
this "optimisation" causes unnecessary work.
A future patch will add logging of authentication requests, and this
double-handling would result in extra unnecessary log messages.
As this "optimisation" appears to have no practical value and some
(small) cost, let's remove it.
Signed-off-by: NeilBrown <neil@brown.name>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
When use_ipaddr is not in effect, an auth_unix_ip lookup
request from the kernel for an unknown client will be
rejected. When it IS in effect, these requests are
always granted with the IP address being mapped to a
string form of the address, preceded by a '$'.
This is inconsistent behaviour and could present a small
information leak. It means that, for example, a SETCLIENT
NFSv4 request may or may not succeed depending on an
internal setting in rpc.mountd.
This is easily rectified by always checking if the
client is known.
Signed-off-by: NeilBrown <neil@brown.name>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Since commit 2f682f25c642fcfe7c511d04bc9d67e732282348 $HOME
has been set to '/' to avoid a deadlock when accessing
Kerberized NFS shares. While this works for most use cases,
users who depend on the use of $HOME/.k5identity files are
negatively impacted by this commit. This patch allows for
users to use their $HOME/.k5identity to access subsequent
Kerberized resources based on the credentials in said file.
The default set by commit 2f682f25c still remains the same,
but a user can pass '-H' to change rpc.gssd behavior to not
set $HOME to '/'. Setting 'set-home=0' in /etc/nfs.conf
has the same effect as passing '-H' directly to rpc.gssd.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1868087
Signed-off-by: Jacob Shivers <jshivers@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Ported manage-gids option from mountd
Signed-off-by: Daniel Kobras <kobras@puzzle-itc.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Added the --enable-nfsv4server configuration flag
that will compile/install nfsv4.exportd and
install the systemd unit files.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Created two new systemd unit services
based on nfs-mountd and nfs-service
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Moved the junction support from mountd to libexport.a
so both exportd and mountd can use the code.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Ported state-directory-path option from mountd (commit a15bd948)
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Ported the multiple thread code from mountd (commit 11d34d11)
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Move the cache management code into libexport.a
so both mountd and exportd can use it.
Introduce cache_proccess_loop() which will
be used by exportd, instead of my_svc_run().
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Standardized how config setting are set as
well as the rename
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
A recent patch to change configfile.c to use parse_opt.c contained code
which was intended to remove all "default*" options from the list before
that could be passed to the kernel. This code didn't work, so default*
options WERE passed to the kernel, and the kernel complained and failed
the mount attempt.
A more recent patch attempted to fix this by not including the
"default*" options in the option list at all. This resulting in
global-default defaults over-riding per-mount or per-server defaults.
This patch reverse the "more recent" patch, and fixes the original patch
by providing correct code to remove all "default*" options before the
kernel can see them.
Fixes: 88c22f924f1b ("mount: convert configfile.c to use parse_opt.c")
Fixes: 8142542bda28 ("mount: parse default values correctly")
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Commit 88c22f92 converted the configfile.c routines
to use the parse_opt interfaces which broke how
default values from nfsmount.conf are managed.
Default values can not be added to the mount string
handed to the kernel. They must be interpreted into
the correct mount options then passed to the kernel.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1912877
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
As with security flavors and "secure" ports, we tried to code this so
that pseudofs directories would inherit root squashing from their
children, but it doesn't really work as coded and I'm not sure it's
useful.
Let's just not root squash. The risk is pretty low since the pseudofs
is readonly, and we'd rather not risk failing a mount unnecessarily.
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
We originally tried to grant permissions on the v4 pseudoroot filesystem
that were the absolute minimum required for a client to reach a given
export. This turns out to be complicated, and we've never gotten it
quite right. Also, the tradition from the MNT protocol was to allow
anyone to browse the list of exports.
So, do as we already did with security flavors and just allow clients
from high ports to access the whole pseudofilesystem.
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Multiple changes including:
- using \[dq] for double quotes rather than \(lq and \(rq.
In almost every case, a regular ASCII double quote is being
referred to, so that is what we should use.
- clean up indenting in examples.
- be explicit about case-insensitive matching.
- give more details about permitted options, including the
need to use =true and =false for flags
- explain Backgroud, Forground and Sloppy
- remain trailing white space
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
If there is already an option specifying the protocol version, whether
from the command line or from an earlier config section, don't add new
version options.
There are multiple different version options, so they need to be handled
differently from other options. There could in the future be more
options that start "v4.", e.g. "v4.3" might happen one day. So rather
than list possible "v4.x" options, handle "v4." separately.
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
When reading from the config file, we already ignore options that exist
on the command line, or that were already found earlier in the config
file. However this only works for exact matches of options.
e.g. if "noac" is on the command line and "ac=true" is in the config file,
then "ac" will be added, and this will be used.
Add tests for the "no" prefix, and also for "fg" vs "bg", so that if
"fg" is set on the command line, a "bg" or "background" setting in the
config file does not over-ride it.
Note that this *doesn't* handle the different protocol version
specifiers. That will come later.
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
configfile.c contains some ad-hoc parsing of the comma-separated option
list, which uses a simple 'strstr' and can find options that don't
really match the searched-for option (the found options might have a
prefix).
It also has a list of options which duplicates the functionality in
parse_opt.
This can be simplified by using parse_opt directly. We split the
original arguments, optionally append new arguments if they don't
already exist, then recombine.
"defaultfoo" config options require special handling. The
default_value() call is now made as soon as the option has been parsed.
It is left on the options list so that new instances of the value are
ignored. Then all "defaultfoo" options are remove from the list at the
end.
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
This reverts commit 8110103404b35d9e86057ef0764f8aa87585f455.
Using mnt_alias_tab[] to handle options which are synonyms isn't really
a good fit. This sort-of works, but in part only because 'strstr()'
is used for matching so "vers=" is found when "nfsvers=" is present.
This doesn't handle other version-setting options like v2, v3, v4.x.
So remove this commit to make room for a better solution.
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
The NFS version can be requested with multiple different options:
v2 v3 v4 v4.x vers=x nfsvers=
If multiple versions are given with different options, the choice of
which wins is quite ideosyncratic. It certainly isn't simple "last one
wins" as with some other options.
Rather than providing a coherent rule, simply make multiple version
specifiers illegal.
This requires enhancing po_contains_prefix() to be able to look beyond
the first match, it see if there are multiple matches with the same
prefix, as well as checking all prefixes to see if more than one
matches.
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
While space at end of line is ugly.. especially when your editor is
configured to show it in RED.
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Presumably by mistake in commit [1] the unknown option 'i' slipped in together
with a duplicated 't', so remove them from the optstring.
[1] fbd7623dd8d5 ("nfsd: don't enable a UDP socket by default")
Signed-off-by: Ulrich Olmann <u.oelmann@pengutronix.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Years ago, commit 6a7d90cea765 removed the warning
this verbiage was talking about, but was never
removed from the man page.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
With some recent commits, exportfs will continue on trying to
export filesystems even when an entry is invalid or does
not exist, but will still have a non-zero exit to report
the error.
This situation should not stop the nfs-server service
from comingup so nfs-server.service file should
ignore these types of failures
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
To allow v4 only clients, create an systemd
nfs-client target that does not "Wants" a
rpc-statd notify
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1886634
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Update the man pages to explain how the config.d
directories will be use.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
To allow admins or admin systems to change configurations
by renaming the files, only process file that end with ".conf"
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
When a /etc/nfs.conf.d or /etc/nfsmount.conf.d directory
exists and config file(s) do exist in those directories,
those file(s) will be used and will override the same
settings that are set in the main config files.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
After updating to nfs-utils-2.5.2 I noticed extra output on the console
when exporting mounts. Apparently commit 482e72ba04 forgot to remove some
debugging messages and accidentally committed them.
Signed-off-by: Holger Hoffst?tte <holger@applied-asynchrony.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
While printing Nfsv4ops from older /proc/self/mountstats
e.g. in 2.6.32-754.el6.x86_64 from RHEL 6.10,
it will not have all the Keys present leading to a KeyError
like below :
Traceback (most recent call last):
File "nfs-utils/tools/mountstats/mountstats.py", line 1131, in <module>
res = main()
File "nfs-utils/tools/mountstats/mountstats.py", line 1120, in main
return args.func(args)
File "nfs-utils/tools/mountstats/mountstats.py", line 860, in mountstats_command
print_mountstats(stats, args.nfs_only, args.rpc_only, args.raw, args.xprt_only)
File "nfs-utils/tools/mountstats/mountstats.py", line 813, in print_mountstats
stats.display_raw_stats()
File "nfs-utils/tools/mountstats/mountstats.py", line 381, in display_raw_stats
print('\t%12s: %s' % (op, " ".join(str(x) for x in self.__rpc_data[op])))
KeyError: 'FSID_PRESENT'
Signed-off-by: Rohan Sable <rsable@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Added the missing v3-only mount option to
list that should cause v4 mount to fail.
Found-by: Kenneth D'souza <kdsouza@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Unfortunately the nfsdcld man page wasn't told.
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
If the mount point check in nfsd_export fails due to a transient error,
then ignore it to avoid spurious NFSERR_STALE errors being returned by
knfsd.
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Return ENOENT if the UID/GID attributes are not found in ldap response.
Signed-off-by: Srikrishan Malik <srikrishanmalik@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
nfsiostat/mountstats can fail with below KeyError when old stat and
new stat data go out of sync.
$ mountstats iostat 1 3
Traceback (most recent call last):
File "/usr/sbin/mountstats", line 1092, in <module>
res = main()
File "/usr/sbin/mountstats", line 1081, in main
return args.func(args)
File "/usr/sbin/mountstats", line 965, in iostat_command
print_iostat_summary(old_mountstats, mountstats, devices, sample_time)
File "/usr/sbin/mountstats", line 920, in print_iostat_summary
diff_stats = stats.compare_iostats(old_stats)
File "/usr/sbin/mountstats", line 528, in compare_iostats
if old_stats.__nfs_data['age'] > self.__nfs_data['age']:
KeyError: 'age'
Frequent mount and umount can cause autofs entries to be processed in
compare_iostats. We need to filter the devices list and drop autofs
entries to fix the issue. This way we pass only nfs mounts and
not autofs entries.
Signed-off-by: Kenneth D'souza <kdsouza@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Commit 93e8f092e added a conf_cleanup() call to clean
up memory after the config file was parsed. It turns
out that memory still needed and it is not very much
so the call is removed.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1873965
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Removed an errant call to gss_release_oid()
to try and deal with memory leaks
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
nfs-utils contains 4 python scripts, two request
/usr/bin/python3
in their shebang line, two request
/usr/bin/python
Those latter two run perfectly well with python3 and as python2 is on the
way out, change them so they requrest /usr/bin/python3.
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
When an export is freshly mounted, /proc/self/mountstats displays age = 0.
This causes nfs-iostat to divide by zero throwing an error.
When we have age = 0, other stats are greater than 0, so we'll set age = 1 and
print the relevant stats.
This will prevent a backtrace like this from occurring if nfsiostat is run.
nfsiostat -s 1
Traceback (most recent call last):
File "/usr/sbin/nfsiostat", line 662, in <module>
iostat_command(prog)
File "/usr/sbin/nfsiostat", line 644, in iostat_command
print_iostat_summary(old_mountstats, mountstats, devices, sample_time, options)
File "/usr/sbin/nfsiostat", line 490, in print_iostat_summary
devicelist.sort(key=lambda x: stats[x].ops(time), reverse=True)
File "/usr/sbin/nfsiostat", line 490, in <lambda>
devicelist.sort(key=lambda x: stats[x].ops(time), reverse=True)
File "/usr/sbin/nfsiostat", line 383, in ops
return (sends / sample_time)
ZeroDivisionError: float division by zero
Signed-off-by: Kenneth D'souza <kdsouza@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
-v means only error
-vv errors and informational messages
-vvv all debugging messages will be displayed
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Commit 27a8e146 introduce a debugging message
that was not cover by a check if verbose
is set, which cause a large number of message
to be logged on every kerberos mount
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1867172
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Signed-off-by: Doug Nazar <nazard@nazar.ca>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
The inotify event was never rearmed, so we wouldn't get any notice
after the first event. Even if it had been re-added, we never read
the pending events so it would continously fire. Fix this by
moving to persistent events and reading any pending inotify events.
Effect was we'd leak any clients that existed after the first event.
Switch from dnotify to inotify on the client dir if the idmap file
isn't available yet.
Signed-off-by: Doug Nazar <nazard@nazar.ca>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Signed-off-by: Doug Nazar <nazard@nazar.ca>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Signed-off-by: Doug Nazar <nazard@nazar.ca>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Signed-off-by: Doug Nazar <nazard@nazar.ca>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Signed-off-by: Doug Nazar <nazard@nazar.ca>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Signed-off-by: Doug Nazar <nazard@nazar.ca>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Signed-off-by: Doug Nazar <nazard@nazar.ca>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Found with valgrind.
Signed-off-by: Doug Nazar <nazard@nazar.ca>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Signed-off-by: Doug Nazar <nazard@nazar.ca>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
xlog.c: In function 'xlog_backend':
xlog.c:202:3: warning: 'args2' may be used uninitialized in this function [-Wmaybe-uninitialized]
202 | vfprintf(stderr, fmt, args2);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~
Signed-off-by: Doug Nazar <nazard@nazar.ca>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Fix silly mistake on my part due to a rebase error.
Signed-off-by: Doug Nazar <nazard@nazar.ca>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Signed-off-by: Doug Nazar <nazard@nazar.ca>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Signed-off-by: Doug Nazar <nazard@nazar.ca>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Calling stat() on recdirname so that we can see if it's a directory is
unnecessary anyways, since opendir() will report an error if it's not.
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
This will prevent a backtrace like this from occurring if nfsiostat is run
with <interval> <count>, eg: nfsiostat 1 3
This issue can occur if old_stats.__rpc_data['ops'] keys are not up to
date with result.__rpc_data['ops'].
I belive this issue can also affect mountstats due to similar code,
hence fix it too.
nfsiostat:217:compare_iostats:KeyError: 'NULL'
Traceback (most recent call last):
File "/usr/sbin/nfsiostat", line 649, in <module>
iostat_command(prog)
File "/usr/sbin/nfsiostat", line 617, in iostat_command
print_iostat_summary(old_mountstats, mountstats, devices, sample_time, options)
File "/usr/sbin/nfsiostat", line 468, in print_iostat_summary
diff_stats[device] = stats[device].compare_iostats(old_stats)
File "/usr/sbin/nfsiostat", line 217, in compare_iostats
difference, self.__rpc_data[op], old_stats.__rpc_data[op]))
KeyError: 'NULL'
Signed-off-by: Kenneth D'souza <kdsouza@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Although whitespaces immediately before or after the "=" are ignored,
removing the extra whitespaces in some of the key=value assignments
makes the style more consistent.
At least since systemd v242-rc1[1] this has been clarified that
whitespaces immediately before and after the "=" are allowed.
[1] https://github.com/systemd/systemd/commit/170342c90be07f418ab786718d95ef76289126a0
Signed-off-by: Salvatore Bonaccorso <carnil@debian.org>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Added thread_ids to the upcall debugging
and turned off a fairly useless printf
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Signed-off-by: Doug Nazar <nazard@nazar.ca>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Signed-off-by: Doug Nazar <nazard@nazar.ca>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Currently when we receive a '*' srchost, we scan our keytab for a matching
host but of course none match. We then fall back to scanning for any
service/realm match and eventually find our hostname. Let's lookup our
hostname instead and quickly find our specific match.
Signed-off-by: Doug Nazar <nazard@nazar.ca>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Signed-off-by: Doug Nazar <nazard@nazar.ca>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Add missing locking for some scans of the global list. There was
also no prevention of ple->ccname being changed concurrently so
use the same lock to protect that. Reference counting was also added
to ensure that the ple is not freed out from under us in the few
places we now drop the lock while doing work.
Signed-off-by: Doug Nazar <nazard@nazar.ca>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Signed-off-by: Doug Nazar <nazard@nazar.ca>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Signed-off-by: Doug Nazar <nazard@nazar.ca>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Signed-off-by: Doug Nazar <nazard@nazar.ca>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Struct clnt_info is shared with the various upcall threads so
we need to ensure that it stays around even if the client dir
gets removed.
Reported-by: Sebastian Kraus <sebastian.kraus@tu-berlin.de>
Signed-off-by: Doug Nazar <nazard@nazar.ca>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
understanding.
This patch adds printing of 'Days, Hours:Mins:Sec' like below to --nfs in mountstats :
NFS mount age : 12 days, 23:59:59
Signed-off-by: Rohan Sable <rsable@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
The rpc-timeout is equivalent to -T and context-timeout to -t options,
not vice versa.
Signed-off-by: Robert Milkowski <rmilkowski@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Change shebang to /usr/bin/python3 which is widely accepted.
Signed-off-by: Kenneth D'souza <kdsouza@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Add new option --file to process specific states file,
provided the info file resides in the same directory as
states file. If the info file is not valid or present the
fields would be marked as "N/A".
--verbose option will be helpful for debugging purpose.
Signed-off-by: Kenneth D'souza <kdsouza@redhat.com>
Signed-off-by: Achilles Gaikwad <agaikwad@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
This patch makes sure that "info" and "states" file are sane.
If "info" file is not sane this patch would populate the fields as "N/A".
This helps us to go ahead and process next "states" file.
Signed-off-by: Kenneth D'souza <kdsouza@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Because of the <anyname> wildcard feature in rpc.gssd, it's possible
for a customer to deploy the same keytab on many of her NFSv4 clients
to reduce the overhead of keytab distribution.
However, the practice of sharing the same service principal amongst
NFSv4 clients brings with it some hazards. Add documentation of those
exposures in our man pages.
The rpc.gssd(8) changes:
- Remove some needless redundancy
- Clarify the definition of "machine credentials"
- Update the use of <anyname> to explicitly not recommend sharing
service principals
The nfs(5) changes add two things:
- A brief discussion of the primary security exposure of sharing
service principals
- A mention of the nfs4.nfs_unique_id module parameter
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
This patch adds man page for the tool nfsdclnts.
Signed-off-by: Achilles Gaikwad <agaikwad@redhat.com>
Signed-off-by: Kenneth D'souza <kdsouza@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
This tool parses the output from the following files
/proc/fs/nfsd/clients/*/{states,info}
Signed-off-by: Achilles Gaikwad <agaikwad@redhat.com>
Signed-off-by: Kenneth D'souza <kdsouza@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
To try to maintain some type of name convention
rename clddb-tool to nfsdclddb
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Propagate errors from the stat() calls in match_fsid() so that the
caller can be more careful about how they are handled.
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
In nfsd_fh(), if the error returned by the downcall is transient,
then we should ignore it. Only reject the export if the filesystem
path is truly not exportable.
This fixes a case where we can see spurious NFSERR_STALE errors
being returned by knfsd.
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
cache_write() will set errno if it returns -1, so that callers can
handle errors appropriately, however dump_to_cache() needs to do
so too.
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
It was failing because fcntl.h is not one of the standard
includes.
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Convert 'same_path()' so that it works when 'rootdir'
is set in the [exports] section of nfs.conf.
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
When running nfsd_name_to_handle_at(), we usually want to see the same
namespace as knfsd, so add helpers.
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Ensure uuid_by_path() works correctly when 'rootdir'
is set in the [exports] section of nfs.conf.
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
LDAP library follows referrals received in ldap response by default.
This commit adds a param ldap_follow_referrals for umich_schema to control
the behaviour. The default value of this tunable is 'true' i.e set to
follow referrals. This is similar to nslcd::referrals param.
Signed-off-by: Srikrishan Malik <srikrishanmalik@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Allow referral paths to contain special character by adding an
escaping mechanism.
Signed-off-by: Lance Shelton <lance.shelton@hammerspace.com>
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Don't allow writing beyond the end of the buffer.
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Prior to release, cp_data was originally intended to hold the gss
principal string. When it was changed to hold a hash of the principal
instead, the size of the field was changed but the 'n' arg of the
memcpy() in sqlite_iterate_recovery() was not.
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
umich_ldap can now do a sasl interactive bind to LDAP server based
on the values of new tunables added.
The tunables are similar to the ones in nslcd for SASL binds.
Signed-off-by: Srikrishan Malik <srikrishanmalik@gmail.com
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
uClibc-ng does not define it.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
musl 1.2.0 defines time_t as 64-bit, even under 32-bit OSes.
Fixes -Wformat errors.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
libintl.h is not available everywhere. This fixes compilation.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
The patch below adds a new nfsidmap plugin that uses regex to extract
ids from NFSv4 names. Names are created from ids by pre- and appending
static strings. It works with both idmapd on servers and nfsidmap on
clients.
This plugin is especially useful in environments with Active Directory
where distributed NFS servers use a mix of short (uname) and long
(domain\uname) names. Combining it with the nsswitch plugin covers both
variants.
Currently this plugin has its own git project on github but I think
it could be helpful if it would be incorporated in the main nfs-utils
plugin set.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
A recent commit added the possibility of optional config files for which
warning messages would be suppressed.
Unfortunately only one of the possible warning messages - the least
likely one - was suppressed.
This patch suppresses the other.
Fixes: c6fdcbe0a5cf ("conffile: allow optional include files")
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
To help people find it when search for common NFS error:
mount.nfs: requested NFS version or transport protocol is not supported
Signed-off-by: Petr Vorel <pvorel@suse.cz>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
We should really say more, but this is at least a starting point.
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
The nfsd(7) man page has some useful documentation of the files under
/proc/fs/nfsd/ and proc/net/rpc, but it's many years out of date.
As a start, banish any discussion of the long-deprecated nfsctl
systemcall to a NOTES section at the end, and admit that there are more
than 3 files under /proc/fs/nfsd/.
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Subdirectory exports have a number of problems which have been poorly
documented.
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
As part commit e0eb6ebb which cleaned up the
dnotify to inotify conversion (commit 55197c98)
ignore pipe files that don't exist
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Commit ae9e9760 plugged up some memory leaks
by freeing memory via free(2). The proper
way to free memory that has been allocated by
krb5 functions is with krb5_free_string()
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
argc number checking should be after getopt_long(), otherwise
we'll get follow result:
'''
~]# mount.nfs -V
usage: mount.nfs remotetarget dir [-rvVwfnsh] [-o nfsoptions]
options:
-r Mount file system readonly
-v Verbose
-V Print version
-w Mount file system read-write
-f Fake mount, do not actually mount
-n Do not update /etc/mtab
-s Tolerate sloppy mount options rather than fail
-h Print this help
nfsoptions Refer to mount.nfs(8) or nfs(5)
'''
after fix:
'''
~]# mount.nfs -V
mount.nfs: (linux nfs-utils 2.4.3)
'''
Signed-off-by: Jianhong Yin <yin-jianhong@163.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
When 'adhostoverride' is "not set", which
is most of the time, adhostoverride is not freed.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Signed-off-by: Kenneth D'souza <kdsouza@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
When compiled with -fno-common, global variables that are declared
multple times cause an error. With -fcommon (the default), they are
merged.
Declaring such variable multiple times is probably not a good idea, and
is definitely not necessary.
This patch changes all the global variables defined in include files to
be explicitly "extern", and where necessary, adds the variable
declaration to a suitable .c file.
To test, run
CFLAGS=-fno-common ./configure
make
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Add a description of the 'softreval' / 'nosoftreval' mount options on
the 'nfs' generic manpage.
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Add a description of the 'nconnect' mount option on the 'nfs' generic
manpage.
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Currently locktest can be built only for host because CC_FOR_BUILD is
specified as CC, but this leads to build failure when passing CFLAGS not
available on host gcc(i.e. -mlongcalls) and most of all locktest would
be available on target systems the same way as rpcgen etc. So remove CC
and LIBTOOL assignments.
Reviewed-by: Petr Vorel <petr.vorel@gmail.com>
Tested-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
It became wrong when commit 78240c41be17bd20d5fb5b70b6f470d8e779adee
("mountd: fix mount issue due to comparison with uninitialized uuid") was
applied back in 2015. The final case of the switch statement no longer ends
with a 'return true' and the final 'return false' is relevant now.
Signed-off-by: Christian Bartolom?us <use_v6@aglaz.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
If HAVE_LIBTIRPC is not defined salen parameter is unused and not taken
into account, so compiler emits warning. Add a (void) salen; in that
case.
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Silence format-nonliteral warning with #pragma GCC diagnostic ignored.
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Bump rpcgen to latest version keeping as upstream:
https://github.com/thkukuk/rpcsvc-proto
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Commit 2dcce8ec introduced setting a pointer
to NULL which causes statd to crash when the
state directories have the incorrect permissions
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1776096
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Remove useless space before closing parenthesys.
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
f_print()'s argument "separator" is not known because it's passed as an
argument and with -Wformat-security will cause a useless warning. Let's
ignore by adding "#pragma GCC diagnostic ignored/warning" before and
after f_print().
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
get_definition() prototype has no arguments and this can cause warnings
during building. Let's add void argument to prototype according to its
implementation.
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
findval() prototype has no arguments and this can cause warnings during
building. Let's add its arguments to prototype according to its
implementation.
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
storeval() prototype has no arguments and this can cause warnings during
building. Let's add its arguments to prototype according to its
implementation.
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
In emit_enum() argument def is not used and can cause a warning. So
let's mark it with __attribute__((unused)).
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
This closes a bug on older 32-bit platforms, where the 16-bit setgroups
syscall has been replaced by setgroups32 and is not available anymore.
Fixes: https://bugzilla.linux-nfs.org/show_bug.cgi?id=340
Signed-off-by: Markus Schaaf <markuschaaf@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Commit f080188e changed the library's verbosity
to be on by default. The patch turns it off by
default
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1774787
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
If ticket cache was removed manually, but gssd thinks it has a valid
credentials it will fail mount creation as it can't get a service
ticket (due to lack of the tgt).
Check if file-based ticket cache is not there and set the "nocache"
to 1 forcing the client to get a new tgt.
Signed-off-by: Olga Kornievskaia <kolga@netapp.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
The getrpcbynumber() function may not be available in the C library,
but only in the libtirpc library. Take this into account when checking
for the existence of getrpcbynumber() and getrpcbynumber_r().
Reviewed-by: Petr Vorel <petr.vorel@gmail.com>
[ pvorel: patch taken from Buildroot distribution ]
Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
On older kernels without statx, glibc with statx support will attempt
to emulate the call. However it doesn't support AT_STATX_DONT_SYNC and
will return EINVAL. This causes all xstat/xlstat calls to fail.
Signed-off-by: Doug Nazar <nazard@nazar.ca>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
This was causing nfsdcld to spit out a usage message instead of starting
up on non-x86_64 arches.
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
According to the guidelines in hier(7), nfsdcld should live in /usr/sbin
and not /sbin. Plus, the nfsdcld.service systemd unit file is looking
for it in /usr/sbin.
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
This fixes build on musl, which has index() only in legacy <strings.h>
(not in <string.h> unlike glibc/uclibc).
[ gustavo: rebased to 1.2.6 ]
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
[ pvorel: taken from Buildroot distribution, rebased ]
Reviewed-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Frederik Pasch <fpasch@googlemail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|