| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
| |
Update SYNOPSIS and OPTIONS for the -h flag.
Signed-off-by: Yongcheng Yang <yongcheng.yang@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
with threads, we don't need to distinguish zero uid.
Signed-off-by: Olga Kornievskaia <kolga@netapp.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
This patch moves reading of the upcall information from the child thread
into the main thread. It removes the need to synchronize between the
parent and child thread before processing upcall. Also it creates the
thread in a detached state.
Signed-off-by: Olga Kornievskaia <kolga@netapp.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
If we fall back to using the numeric host then we shouldn't call
xlog with D_GENERAL. That can cause 'exportfs -u' to exit with a 1
if, for example, you have exports using ip addresses that can't be
resolved to hostnames. Use D_PARSE instead.
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
Since calling xlog(D_GENERAL) will cause exportfs to exit with a status
of 1, there really should be a way to see those messages for debugging
purposes.
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The dependencies on rpcbind have been changed a few times and I think
they are still wrong. So I'll go into some detail to justify this
change.
Firstly: rpcbind.target rpcbind.socket or rpcbind.service?
The systemd documentation talks about targets as "synchronization
points" and likens them to SysV init run levels. Run levels are about
ordering but not dependencies.
The systemd.special man page describes rpcbind.target as intended
explicitly for ordering sysvinit scripts, with "After=" dependencies.
So while I think it is valid to use rpcbind.target for ordering
(before/after) it shouldn't be used for dependencies (Wants/Requires).
The rpcbind.target file included in systemd does not "Require" the
actual service, so requiring rpcbind.target itself is pointless.
I think we shouldn't use rpcbind.target at all. Leave it for sysvinit
synchronization.
So: .socket or .service?
I think nfs only needs the socket to be active. On first connection
the service will be started. But nfs does not need to wait for the
service to start, only the socket. So I think we should exclusively
use rpcbind.socket.
Next: Wants or Requires.
rpc.statd definitely Requires rpcbind. It needs to register to be
useful, and without rpcbind it cannot register.
nfs-server does not necesarily require rpcbind. Specifically if
configured for NFSv4 only, nfs-server will work quite happily without
rpcbind.
Someone with an NFSv4 only setup who wants rpcbind to not run can use
systemctl mask rpcbind.socket
to ensure it never runs.
So nfs-server should only "Wants: rpcbind.socket".
I think
Commit: 4fabfcd08206 ("systemd: Decouple the starting and stopping of
rpcbind/nfs-server")
should have changed "Requires" to "Wants" rather than "server" to
"target"
to fix the dependency problem.
Finally: After?
It only makes sense to declare an ordering relation as "After:"
something that will actually be started. If "foo.service" is not part
of the systemd transaction, then "After: foo.service" has no effect.
So having:
Requires: rpcbind.target
After: rpcbind.socket
doesn't make much sense unless there is some relationship between
rpcbind.target and rpcbind.socket, and there is no general guarantee
of that (though what individual distros do, I don't know).
So the "After" should match the "Wants" or "Requires".
It might make sense to
Requires: rpcbind.socket
After: rpcbind.target
as it is reasonable to assume that rpcbind.target will be ordered with
rpcbind.socket, but as we can use rpcbind.socket explictly, that is
clearer.
So my conclusion is that nfs-server should:
Wants: rpcbind.socket
After: rpcbind.socket
and rpc-statd should
Requires: rpcbind.socket
After: rpcbind.socket
which is what this patch puts into effect.
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Previously the location of the credential cache was passed in either
using environment variable KRB5CCNAME or gss_krb5_ccache_name() if
supported. For threaded-gssd, we can't use an environment variable
as it's shared among all thread. Thus always use the api call.
Reviewed-by: Steve Dickson <steved@redhat.com>
Signed-off-by: Olga Kornievskaia <kolga@netapp.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
For the threaded version we have to set uid,gid per thread instead
of per process. glibc setresuid() when called from a thread, it'll
send a signal to all other threads to synchronize the uid in all
other threads. To bypass this, we have to call syscall() directly.
Reviewed-by: Jeff Layton <jlayton@poochiereds.net>
Reviewed-by: Steve Dickson <steved@redhat.com>
Signed-off-by: Olga Kornievskaia <kolga@netapp.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Currently, to persevere global data over multiple mounts,
the root process does not fork when handling an upcall.
Instead on not-forking create a pthread to handle the
upcall since global data can be shared among threads.
Reviewed-by: Jeff Layton <jlayton@poochiereds.net>
Signed-off-by: Olga Kornievskaia <kolga@netapp.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
librpcsecgss has not been used in years
so and there is no longer an upstream for
it so the support for the library has
been removed
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If a "user" mount is the first NFSv3 mount, mount.nfs will be running
setuid to root (with non-root as the real-uid) when it executes
START_STATD.
start-statd is a shell script and many shells refuse to run setuid,
dropping privileges immediately. This results in start-statd running
as an unprivileged user and so statd fails to start.
To fix this, call "setuid(0)" to set real uid to zero. Also call
"setgid(0)"
for consistency.
The behaviour of a shell can often be affected by the environment,
such as the "shell functions" that bash includes from the environment.
To avoid the user being able to pass such environment to the shell,
explicitly pass an empty environment. The start-statd script explicitly
sets the PATH which is all it really needs.
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Linux C libraries are moving away from implicitly including the header
sys/sysmacros.h via sys/types.h. We would like to do this for glibc
now, but others (musl/etc...) have been doing it already. This means
any code using major/minor/makedevs functions will fail to build when
they don't include that header.
Leverage the AC_HEADER_MAJOR macro that configure is already using to
pull in the right header.
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
A remount might fail if name resolution returns a different
server address, as might occur if there are multiple name
records for the server. Since we cannot change the server's
address on a remount anyway, skip the lookup and remove
any set addresses in the options.
Reviewed-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Benjamin Coddington <bcodding@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
Currently nfs-utils_env.sh is installed in a
directory that is own by systemd. They requested
via https://bugzilla.redhat.com/show_bug.cgi?id=1303113
to move the script into /usr/libexec/nfs-utils
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Back when commit aba5ea5c and commit 55197c98
happen that replaced dnotify with inotify the
ignoring of non-existent upcall directories
got dropped. The patch adds it back and stops
following error log
ERROR: inotify_add_watch failed for nfs/clntXX:
No such file or directory
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The nfs-config service translates distro-specific startup
configuration into "environment" variable read and used
by systemd unit files.
Currently it is only run once, so subsequent changes to the
distro-specific files do not take effect when an nfs service is
restarted.
If we change "RemainAfterExit=yes" to "RemainAfterExit=no" then the
service will be restarted before any dependant service is started, so
the environment file will always be up to date.
Reported-and-tested-by: Benjamin Coddington <bcodding@redhat.com>
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
From: Yongcheng Yang <yongcheng.yang@gmail.com>
Signed-off-by: Yongcheng Yang <yongcheng.yang@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
statd calls atexit(statd_unregister) to unregister statd service on
exit, which actually has a side-effect that ha_callout() unregisters statd
service even when the child callout process exits on execl() failure.
Certain clustering software's deployment script adds -H option with its
specified file non-existent, when it is configured not to use callout.
In other words, -H seems to be used no matter if callout is needed or
not, but when callout is unnecessary, the specified callout program is not
deployed.
This causes statd not to work once a lock is requested by its NFS
client,
as execl() in ha_callout() results in ENOENT and exit() of the child
process calls exit-handler statd_unregister(). Eventually, the NFS
client
gets stuck with messages "lockd: cannot monitor xxx" on the NFS server.
Also, execl() could fail for other reasons like ENFILE or EIO as well.
A forked child must not unregister the statd RPC server, so use
_exit(), which does not call any exit-handlers, instead of exit().
Reviewed-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Toshiaki Makita <makita.toshiaki@lab.ntt.co.jp>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
The var "i" is already in use iterating realmnames.
Fixes: "6597e391 gssd: Don't assume the machine account will be in
uppercase"
Signed-off-by: Benjamin Coddington <bcodding@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
An if statement has been missing a brace since host_ntop() was added in
commit 94ce1eb94babb4c587b2826452fb053cba745098 ("libexport.a: Add
helpers to manage DNS lookups").
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Linux only returns EBUSY for a non-remount mount if the exact
requested filesystem is already mounted. Arguably this is not an
error.
"mount -a" tries to see if each requested filesystem is already mounted.
Sometimes it gets it wrong - e.g. hostname aliases can confuse it.
So "mount -a" will report a failure "already mounted", which is
wrong because it should filter those out.
An easy fix it just to be silent about EBUSY. As the requested
result (a given filesystem being mounted at a given location) is in
effect after the EBUSY return, we can just treat it as success.
This removes the confusing "already mounted" errors.
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
xlog_err() never returns. Change the xlog_err(),
when invalid arguments are use, to xlog_warn()
so the second xlog_warn, displaying the usage,
will be called.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
Use the verbose command flag to turn on or off
logging to stderr.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
Change some debugging levels in populate_port() to
make easier to follow the code.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
commit 1201d5d8 introduced some new debugging messages
that needed some formatting
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
The returned port from getservbyname() is in
network order. Convert the port to host order
before writing it to the portlist file.
Reported-by: Chuck Lever <chuck.lever@oracle.com>
Reviewed-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
Show the correct arguments when invalid
arguments are used.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
In general the -h flag should at least show
a usage message
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
The "-r | --reverse-lookup" arguments were missing
from the usage string.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
both connect() and select() can receive EINTR signals that we need to
recover from.
In Unix Network Programming, volume 1, section 5.9, W. Richard Stevens
states:
What we are doing [?] is restarting the interrupted system call ourself.
This is fine for accept, along with the functions such as read, write,
select and open. But there is one function that we cannot restart ourself:
connect. If this function returns EINTR, we cannot call it again, as doing
so will return an immediate error. When connect is interrupted by a caught
signal and is not automatically restarted, we must call select to wait for
the connection to complete,
Thus for connect() treat both EINPROGRESS and EINTR the same -- call
select().
For select(), it should be re-tried again upon receiving EINTR.
Signed-off-by: Olga Kornievskaia <kolga@netapp.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
There are 59 client rpc procedures, not 60.
The order of rpc name must be the same as define of
NFSPROC4_CLNT_xx in include/linux/nfs4.h,
not nfs4_procedures in nfs4xdr.c.
Drop duplicate rpc name "getdevlist".
Reviewed-by: Benjamin Coddington <bcodding@redhat.com>
Signed-off-by: Kinglong Mee <kinglongmee@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
URL: https://bugzilla.redhat.com/show_bug.cgi?id=1287468
Signed-off-by: Rinku Kothiya <rkothiya@redhat.com>
Signed-off-by: Mohit Agrawal <moagrawa@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
If rpc.statd is running but slow to respond, mount.nfs will
run "start-statd" which might start a new statd. This is not a good
ideas as can result in lots of rpc.statds.
So inf start-statd check the pid file and if rpc.statd seems to be
running, exit with success.
(also "cd /" before running rpc.statd, just in case).
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If DNS service is particularly slow, nfs_probe_statd() can fail even
though rpc.statd is actually running. This happens because rpc.statd
is single threaded and could be waiting longer for DNS than
nfs_probe_statd() will wait for it.
This causes problems when mount.nfs uses nfs_probe_statd() to see if
statd is running, as is needed for NFSv3.
Currently in these circumstances there are two possible outcomes.
1/ if systemd is in use, it will be told to start rpc-statd, which
is already running so no change.
mount.nfs will try pinging rpc.statd a few more times and could
eventually give up and fail the mount.
While slow DNS may well result in slow service, it shouldn't cause
a mount attempt to fail.
2/ if systemd is not in use, a new rpc.statd will be started. This
can (and has) lead to a large number of rpc.statd processes running
on the one machine.
This patch addresses the first scenario. If START_STATD is run and
exits with a success status, mount.nfs assumes statd is running and
allows the mount to succeed. A separate patch will address the other
scenario.
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
mount.nfs currently expects mount(2) to fail with EPROTONOSUPPORT if
the kernel doesn't understand the requested NFS version.
Unfortunately if the requested minor is not known to the kernel
it returns -EINVAL.
In kernels since 3.11 this can happen in nfs4_alloc_client(), if
compiled without NFS_V4_2.
More generally it can happen in in nfs_validate_text_mount_data()
when nfs_parse_mount_options() returns 0 because
nfs_parse_version_string()
didn't recognise the version.
EPROTONOSUPPORT is only returned if NFSv4 support is completely compiled
out.
So nfs_autonegotiate needs to check for EINVAL as well as
EPROTONOSUPPORT.
URL: https://bugzilla.opensuse.org/show_bug.cgi?id=959211
Reported-by: Takashi Iwai <tiwai@suse.com>
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Commit 5bea22e33b7a introduced a regression. Prior to that commit
nfs_nfs_version would set *version to 0 if NFS version wasn't specified.
Since that commit, version.v_mode is set to V_DEFAULT if the NFS version
isn't specified, but nfs_options2pmap uses version.major without
checking
v_mode. This can lead to incorrect behaviour.
In particular fall-ack to v3 if server doesn't support v4 can fail.
So test v_mode before using version.major.
URL: https://bugzilla.opensuse.org/show_bug.cgi?id=956743
Fixes: 5bea22e33b7a ("mount.nfs: Add struct nfs_version and generalize
version parsing")
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Commit 9a92ef6f to add netgroup lookup of resolvable
IP addresses inadvertently broke the netgroup
check for short hostnames.
This patch fixes that breakage by changing the IP address
lookup to use a separate variable.
Signed-off-by: Frank Sorenson <sorenson@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
| |
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This will prevent a backtrace like this from occurring in 'mountstats
nfsstat' if a new NFSv4 operation is added to the kernel but not to the
Nfsv4ops list in mountstats.py:
Traceback (most recent call last):
File "/sbin/mountstats", line 988, in <module>
res = main()
File "/sbin/mountstats", line 977, in main
return args.func(args)
File "/sbin/mountstats", line 792, in nfsstat_command
v4stats.accumulate_iostats(acc_stats)
File "/sbin/mountstats", line 566, in accumulate_iostats
self.__rpc_data[op] = list(map(add, self.__rpc_data[op],
new_stats.__rpc_data[op]))
KeyError: 'SEEK'
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
| |
Signed-off-by: Benjamin Coddington <bcodding@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
FSID_PRESENT was missing, and LAYOUTGET and GETDEVICEINFO were switched.
Update all the client operations. Also, increase the output width a bit
and pull out a column for these longer new operation names.
Signed-off-by: Benjamin Coddington <bcodding@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
The C and S flags were missing for the SYNOPSIS
Signed-off-by: Steve Dickson <steved@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
Show the correct arguments when invalid
arguments are used.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
to an empty
Certain name resolution misconfigurations (for example, a hosts file
entry with an ip address but no hostnames) can cause get_nameinfo() to
return an empty string in buf, which will lead to this cryptic failure:
Dec 7 09:37:44 hostname rpc.statd[8024]: Failed to insert: creating
/var/lib/nfs/statd/sm/: Is a directory
Dec 7 09:37:44 hostname rpc.statd[8024]: STAT_FAIL to
hostname.example.com for SM_MON of 192.168.1.2
Dec 7 09:37:44 hostname kernel: lockd: cannot monitor 192.168.1.2
It's better in that case to just go ahead and use the presentation
address instead.
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
When unexport directory, it's possible that the specified path ends with
a '/'. So we need to deal with it to find the matched entry.
If not, there will be error like "Could not find '*:/some_path/' to
unexport."
Signed-off-by: Yongcheng Yang <yongcheng.yang@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
In function nfs_parse_simple_hostname, hostname can be NULL,
dereferncing it while passing it to free(*hostname) may result in
segfault.
Signed-off-by: Vivek Trivedi <t.vivek@samsung.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
If file open failed, no need to issue close system call in
nsm_get_state and closeall.
Signed-off-by: Vivek Trivedi <t.vivek@samsung.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
If the id_resolver keyring doesn't exist, the kernel has no cached
idmap information to expunge. AFAIK it's not an error.
If nfsidmap is run by a non-privileged user, the id_resolver keyring
is never visible. IMO that should be reported, but the error message
should report the privilege problem, not the missing keyring.
Reported-by: Amy Shi <amy.shi@oracle.com>
Fixes: 69aa69e7de80 ('nfsidmap: Allow keys to be cleared from the ')
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
This prevents rpc.statd's in-memory (and on-disk) monitor lists from
winding up with multiple records for the same peer with outdated
cookie values. This happens in some HA-NFS configurations where
rpc.statd is always running.
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
