| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
| |
Commit 273b4647 introduced the following warning:
mydaemon.c:125:2: warning: implicit declaration of function 'closelog'
[-Wimplicit-function-declaration]
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When the kernel's IPv6 module isn't loaded:
rpc.nfsd: knfsd is currently down
rpc.nfsd: Writing version string to kernel: -2 +3 +4
rpc.nfsd: Creating AF_INET TCP socket.
rpc.nfsd: Creating AF_INET UDP socket.
rpc.nfsd: Creating AF_INET6 TCP socket.
rpc.nfsd: Creating AF_INET6 UDP socket.
The last two messages are misleading, since creation of AF_INET6
sockets now fails silently without kernel IPv6 support.
Fixes: c31fef7f4beb ('nfsd: ignore unsupported address types')
Signed-off-by: Juergen Daubert <jue@jue.il>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
No failure case if gssd doesn't recognize the kernel's requested
protocol. Caught with "protocol=rdma" upcall.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
Commit d89e3fc7 removed the EAI_NONAME check altogether instead of just
moving the NULL check. This causes exportfs -u to incorrectly exit
with 1 whenever there's more than one MCL_FQDN export in the exportlist.
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
Also, fixed erroneously closing file descriptor 0 at init time.
Signed-off-by: Malahal Naineni <malahal@us.ibm.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If a netgroup entry specifies an IP address, and that
IP address can be resolved to a name, mountd will
currently only test whether the canonical name and
any aliases are in the netgroup, and does not test
whether the IP address is in the netgroup (IP
addresses which do not resolve to a name are
already checked against the netgroup).
This patch adds the check to see whether the IP
addresses are in the netgroup.
Signed-off-by: Frank Sorenson <sorenson@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
If we build without rpc-svcgssd (the default), don't install matching
.service file.
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
find_keytab_entry() first looks for an entry of the form
<HOSTNAME>$@<DOMAIN>, which corresponds to the Active Directory machine
account. It assumes that <HOSTNAME> will be in uppercase because that's
how the entry is created if the machine is joined to the domain using
Samba.
But that's not necessarily the case if the another identity management
solution is used... for example a keytab entry for a machine account
created by Centrify will match the actual computer account in Active
Directory, whether that be in upper case, lower case, or mixed case.
So first look for an entry that matches the unmodified hostname and then
convert it to uppercase and try again only if that failed.
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
The interface for controlling the debug level in libtirpc was added
over a year ago, but nothing's taking advantage of it.
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Commit 7addf9d (cleanup daemonization code) added the following line to
mydaemon_init():
dup2(pipefds[1], 3);
If we've already called vsyslog() before the fork(), then chances are fd
3 was being used for the syslog socket. In that case the next vsyslog()
call will cause the data to appear on the read end of the pipe, causing
the parent to exit with a nonzero status. If systemd is running, it
will see the parent's nonzero exit status and will terminate the child
as well.
So just call closelog() to close the fd. The next call to vsyslog()
will open a new one if need be.
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
There is a hack which uses the bottom-level RPC improperly as below
in the current statd implementation: insert a socket in the
svc_fdset without a corresponding transport handle
and passes the socket to the svc_getreqset subroutine,
this usage causes a segfault of statd on a huge amount of sm-notifications.
Fix the issue by separating the non-RPC-server socket from RPC
dispatcher.
Signed-off-by: Shan Hai <shan.hai@windriver.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Just continue and try a different record returned from getaddrinfo
if the kernel does not support an address family. This fixes nfsd
startup on kernels without IPv6 support.
Suggested-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since we no longer fork for uid 0, gssd_atexit()
is only called when uid != 0, and fails as permissions
on the /tmp/krb5ccmachine_REALM file prohibit the
clean up of machine credentials (as it should).
Move the reaping of machine credentials back into a
SIGINT sighandler so that <Ctrl-C> destroyes
machine credentials.
Signed-off-by: Andy Adamson <andros@netapp.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
commit f9cac65972da588d5218236de60a7be11247a8aa
added the fork to process_krb5_upcall so that the
child assumes the uid of the principal requesting
service.
When machine credentials are used, a gssd_k5_kt_princ
entry is added to a global list and used by future
upcalls to note when valid machine credentials have
been obtained. When a child process performs this task,
the entry to the global list is lost upon exit, and
all upcalls for machine credentials re-fetch a TGT,
even when a valid TGT is in the machine kerberos
credential cache.
Since forking is not necessary when the principal has
uid=0, solve the gssd_k5_kt_princ_list issue by only
forking when the uid != 0.
Acked-by: Jeff Layton <jlayton@poochiereds.net>
Signed-off-by: Andy Adamson <andros@netapp.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
| |
Signed-off-by: Andy Adamson <andros@netapp.com>
Signed-off-by: Jeff Layton <jlayton@poochiereds.net>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
| |
Signed-off-by: Andy Adamson <andros@netapp.com>
Signed-off-by: Jeff Layton <jlayton@poochiereds.net>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
These have no effect on the rendering of the man page, but they do cause
the following error if you try to pipe or redirect the output:
`R' is a string (producing the registered sign), not a macro.
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Tastky <tastky@gmail.com> reports:
> There appears to be a bug in nfs-utils exposed by musl, which
> makes rpc.statd loop with:
>
> my_svc_run() - select: Bad file descriptor
OpenGroup says getservbyport(3) is supposed to return NULL when
no entry exists for the specified port. But musl's getservbyport(3)
never returns NULL (likely a bug).
Thus statd_get_socket() tries bindresvport(3) 100 times, then gives
up and returns the last socket it created. This should work fine,
but there's a bug in the retry loop:
Rich Felker <dalias@libc.org> says:
> The logic bug is the count-down loop that closes all the temp
> sockets. In the case where the loop terminates via break, it
> leaves the last one open and only closes the extras. But in the
> case where where the loop terminates via the end condition in the
> for statement, the close loop closes all the sockets _including_
> the one it intends to use.
(emphasis mine). The closed socket fd is then passed to select(2).
See also: http://www.openwall.com/lists/musl/2015/08
The fix is to perform the loop termination test before adding sockfd
to the set of fds to be closed. As additional clean ups, remove the
use of the variable-length stack array, and switch to variable names
that better document the purpose of this logic.
Reported-by: Tastky <tastky@gmail.com>
Fixes: eb8229338f06 ("rpc.statd: Fix socket binding loop.")
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix mount issue due to comparison of uninitialized variable
u(uuid) with parsed->fhuuid when uuid_by_path return 0.
/tmp/usb
192.168.1.0/16(ro,no_root_squash,no_subtree_check,fsid=0)
/tmp/usb/sda1 192.168.1.0/16(ro,no_root_squash,no_subtree_check)
/tmp/usb/sdb1 192.168.1.0/16(ro,no_root_squash,no_subtree_check)
mount -t nfs -o nolock,nfsvers=3 192.168.1.2:/tmp/usb/sda1 /tmp/sda1
mount -t nfs -o nolock,nfsvers=3 192.168.1.2:/tmp/usb/sdb1 /tmp/sdb1
results in below mountd error:
mountd: /tmp/usb and /tmp/usb/sdb1 have same filehandle for
192.168.1.0/16, using first
when uuid_by_path returned 0, by chance, garbage value of u was same as
parsed->fhuuid(of sdb1), and comparison of these resulted in above
error.
Signed-off-by: Vivek Trivedi <t.vivek@samsung.com>
Reviewed-by: Amit Sahrawat <a.sahrawat@samsung.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
Make it unambiguous where 0 or 1 represent an exit status.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As near as I can tell, the exit status of nfsidmap is supposed to be
zero (success) or one (failure).
The return value of name_lookup() becomes the exit status, so it
should return only zero or one.
The libnfsidmap calls return a signed integer, either 0 or negative
errno values. These have to be translated to an exit status.
libkeyutils calls return a signed long, either 0 or -1. These also
have to be translated to an exit status.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As near as I can tell, the exit status of nfsidmap is supposed to be
zero (success) or one (failure).
The return value of id_lookup() becomes the exit status, so it
should return only zero or one.
The libnfsidmap calls return a signed integer, either 0 or negative
errno values. These have to be translated to an exit status.
libkeyutils calls return a signed long, either 0 or -1. These also
have to be translated to an exit status.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
User space can see the keys, but not their contents.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Recent versions of libkeyutils have find_key_by_type_and_desc()
which replaces the open-coded keyring search in keyring_clear().
I don't quite understand what's going on in key_invalidate(),
so I didn't touch it.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
Sorry for the extensive man page changes. I added the description
for the new "-d" option, then realized there was no explanation
about what an "NFSv4 domain name" is.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
The with-systemd config flag was not using the
default directory when a directory was not given
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
| |
Signed-off-by: Aurelien Chabot <aurelien@chabot.fr>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
| |
This reverts commit 21f10369965bb183d1a72df1da0c2811cd2b1d5c
due to child processes not exiting on upcalls.
|
| |
|
|
|
|
|
|
|
|
|
| |
From: Andy Adamson <andros@netapp.com>
exit(0) silenty reaps the gssd_k5_kt_princ struct, the in-memory
rpc.gssd cache which means that rpc.gssd will get a new TGT and TGS for
each upcall, ignoring a valid TGT in the kerberos credential cache.
Signed-off-by: Andy Adamson <andros@netapp.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
In gssd_search_krb5_keytab() an error code can be
cleared by blindly setting retval to zero.
Reported-by: Jianhong Yin <jiyin@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In vmware linux, the iscsi device contains more than one SCSI ID,
and the second one's data length is zero.
If there are two iSCSI devices with the second SCSI ID's data length
is zero, the first iSCSI device will record with an invalid SCSI ID
as zero length, the second one will be treat as the first one for
the SCSI ID is zero length too.
It means the only the first iSCSI device is exist in blkmapd's cache,
the request for the second iSCSI device will failed as,
"blkmapd: Could not find disk for device" and,
"bl_resolve_deviceid failed to decode device: 2".
v2, update comments
v3, add a comment in the code
v4, update comment as Christoph's suggestion
Signed-off-by: Kinglong Mee <kinglongmee@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Sean Elble <elbles@sessys.com> says:
> [rpc.nfsd --host] throws an error/warning (where nfs-server is
> defined in /etc/hosts for the IPv4 address of the interface I wish
> for TCP port 2049 to be opened on):
>
> rpc.nfsd: unable to resolve nfs-server:nfs to inet6 address: Name
> or service not known
I think we can simplify the use of getaddrinfo(3) so that only one
call is needed to gather both IPv4 and IPv6 addresses. The call
should fail, and an error should be reported, only when there are
_no_ addresses bound to a hostname.
Reported-by: Sean Elble <elbles@sessys.com>
Reviewed-by: Kinglong Mee <kinglongmee@gmail.com>
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
If (dev_id->ids & 0xf) < current_id, must updates pos when continue.
Otherwise an infinite loop.
No other places use the pos value, just move to the top of while.
Signed-off-by: Kinglong Mee <kinglongmee@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
OSTree is a mechanism for atomic updates of operating systems, with
designs for how system state is managed; in particular, `/var` should
start out empty, and components are responsible for creating content
there at runtime.
rpm-ostree consumes RPMs and commits them to an OSTree repository.
It has some support for automatically synthesizing systemd `tmpfiles.d`
snippets from RPM content in `/var` using systemd-tmpfiles.
However, in this case nfs-utils wants a mount point directory, and
it's running before systemd-tmpfiles. It should be perfectly fine to
do this mount after tmpfiles has run.
A better fix for this would be to move transient directories to
`/run`; However, that would be an invasive change, which can happen
after this fix.
Signed-off-by: Colin Walters <walters@verbum.org>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
To trigger the systemd socket activation support
in rpcbind, nfs-service needs to Requires/After
rpcbind.service instead of rpbind.target
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
Add nfsmount.conf to both the FILES and SEE ALSO
sections
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
Add nfsmount.conf to both the FILES and SEE ALSO
sections
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
| |
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
It's caused by commit 4a1ad4aa30,
"mountd: Enable all auth flavors on pseudofs exports"
This patch removes duplicate secinfo and invalid secinfo (zero).
Acked-by: Scott Mayhew <smayhew@redhat.com>
Signed-off-by: Kinglong Mee <kinglongmee@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
When mounting nfs with -overs=4,minorversion=2, want getting
nfs mounts with vers=4.2, but got vers=4.0 as,
It's caused by mount.nfs writing bad vers to kernel. This patch
lets mount.nfs writing signal number to kernel as command line.
Reviewed-by: Benjamin Coddington <bcodding@redhat.com>
Signed-off-by: Kinglong Mee <kinglongmee@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
mount -t nfs -ov4 192.168.31.12:/ /testidr/
mount.nfs: access denied by server while mounting 192.168.31.12:/
Fixes: f980298853 "mount.nfs: configurable minor version defaults"
Reviewed-by: Benjamin Coddington <bcodding@redhat.com>
Signed-off-by: Kinglong Mee <kinglongmee@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Configure using the following command
./configure --prefix=/home/username/installs/tmp
--exec-prefix=/home/username/installs/tmp
When running "make install" most of the packages are put under
/home/username/installs/tmp, but for some reason the install script
tries to put osd_login under /sbin, which results in an error:
Making install in osd_login
make[2]: Entering directory
`/home/username/installs/nfs-utils-1.3.2/utils/osd_login'
make[3]: Entering directory
`/home/username/installs/nfs-utils-1.3.2/utils/osd_login'
/usr/bin/mkdir -p '/sbin'
/usr/bin/install -c osd_login '/sbin'
/usr/bin/install: cannot remove ‘/sbin/osd_login’:
Permission denied
make[3]: *** [install-dist_sbinSCRIPTS] Error 1
Reported-by: Eino Juhani Oltedal <e.j.oltedal@fys.uio.no>
Signed-off-by: Kinglong Mee <kinglongmee@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Configure fail as,
./configure --disable-mount
:
checking for suitable libblkid version... yes
checking for mnt_context_do_mount in -lmount... no
configure: error: libmount needed
Signed-off-by: Kinglong Mee <kinglongmee@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
| |
Signed-off-by: Kinglong Mee <kinglongmee@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
Detect when a given argument is invalid. Log
the error and exit gracefully
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
When using pnfs with "fsid=0", exportfs prints error as,
$ exportfs -a
exportfs: /var/lib/nfs/etab:1: unknown keyword "no_pnfsfsid=0"
Commit cdd16bef98 ("nfs-utils: add support for the "pnfs" export option")
miss the comma after "pnfs"/"on_pnfs" operation.
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Kinglong Mee <kinglongmee@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
This goes along with the patch just sent to Bruce to make pnfs
support conditional.
Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
