| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When running mountstats under "watch," occassionally the output
shows "close failed in file object desctructor: sys.excepthook is
missing" and the data display is messed up. This seems to be a
common problem when Python script output is piped to another
program.
Ensure stdout/stderr is completely flushed before mountstats exits,
and add an IOError exception handler to catch these exceptions
gracefully.
Solution suggested by: http://bugs.python.org/issue11380
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch is experimental. In works fine in that it removes the
vulnerability against a DOS attack. rpc.mountd can be blocked by
a bad client, that sends many RPC requests but never reads the
responses. This might happen intentionally or caused by a wrong
network config (MTU). The patch switches on the nonblocking
mode of libtirpc. In that mode writes can block for a max of 2 seconds.
Attackers are forced to send requests slower, as libtirpc will close
a connection if it finds two requests to read at the same time.
Reviewed-by: NeilBrown <neilb@suse.de>
Signed-off-by: Bodo Stroesser <bstroesser@ts.fujitsu.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
If mountd is built with libtirpc the tcp listeners and the sockets
waiting for UDP messages are not in non-blocking mode. Thus if running
with multiple threads (-t XX), all threads will wake up from select on
a connection request or a UDP message, but only one thread will succeed.
All others will wait on accept() or read() for the next event.
Reviewed-by: NeilBrown <neilb@suse.de>
Signed-off-by: Bodo Stroesser <bstroesser@ts.fujitsu.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
If mountd is built without libtirpc and it is started using "-p XXX"
option, the tcp listeners and the sockets waiting for UDP messages
are not in non-blocking mode. Thus if running with multiple threads (-t XX),
all threads will wake up from select on a connection request or a UDP
message, but only one thread will succeed. All others will wait on
accept() or read() for the next event.
Reviewed-by: NeilBrown <neilb@suse.de>
Signed-off-by: Bodo Stroesser <bstroesser@ts.fujitsu.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
The patch to nfs/exportfs to allow nfsd to start when
there are some, but not all, unresolvable entries in
/etc/exports.
Signed-off-by: Henrique Martins <linux@martins.cc>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
The caller must be a possesor of the key to set the attributes, so link the
destination keyring to the current thread's keyring before instantiation so
that after instantiation the timeout can be set.
Signed-off-by: Benjamin Coddington <bcodding@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
| |
Signed-off-by: Benjamin Coddington <bcodding@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
Change the keyctl_invalidate call to use the syscall interface
directly so that when building with libkeyutils missing keyctl_invalidate
the build succeeds. Attempt to use _invalidate and fall back to
_revoke if the current kernel is missing _invalidate.
Signed-off-by: Benjamin Coddington <bcodding@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
Clean up display of RPC statistics by omitting retransmit statistics
when there have been no retransmissions.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
Let's print verbose messages like original non-libmount version.
Signed-off-by: Karel Zak <kzak@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
linux/net/sunrpc/stats.c has:
/*
* Get RPC server stats
*/
void svc_seq_show(struct seq_file *seq, const struct svc_stat *statp) {
...
seq_printf(seq,
"rpc %u %u %u %u %u\n",
statp->rpccnt,
statp->rpcbadfmt+statp->rpcbadauth+statp->rpcbadclnt,
statp->rpcbadfmt,
statp->rpcbadauth,
statp->rpcbadclnt);
...
But when /proc/net/rpc/nfsd contains
rpc 1 2 3 4 5
nfsstat -sv prints:
Server rpc stats:
calls badcalls badclnt badauth xdrcall
1 2 3 4 5
Change this to match the kernel:
Server rpc stats:
calls badcalls badfmt badauth badclnt
1 2 3 4 5
Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1142842.
Signed-off-by: Marko Myllynen <myllynen@redhat.com>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
With this patch either gssproxy or rpc.svcgssd are started only if the
auth module is requested, and it finds a keytab.
If the wants are in the main nfs-client or nfs-server unit files then
the two deamons are started unconditionally and would require
conditions which we can test once and for all in a single unit file
instead.
Change also Before and After statments accordingly to properly
serialize loading modules and starting daemons in 3 steps
1. load kernel GSS auth module
2. start GSS handling daemons
3. start NFS client/server daemons
Signed-off-by: Simo Sorce <simo@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
On a VM that boots very fast and with out kerberos
enabled a systemd ordering cycle happens between
nfs-client and nfs-server units when both were
enabled.
Having nfs-client start the gssd daemons in the
same matter as the nfs-server does ('After=') seemed
to eliminated the ordering cycle.
Acked-by: J. Bruce Fields <bfields@fieldses.org>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When kernel have gssproxy support the the gssproxy
daemon should be used to manage the GSSAPI creds.
So this patch adds "calls" to the gssproxy daemon
from the NFS server systemd unit file.
When gssproxy is installed, gssproxy will be start
and rpc.svcgssd will not be. When gssproxy is not
installed the rpc.svcgssd daemon will be started.
Note, there are already existing hooks in the
rpc-svcgssd service file that will ensure the
gssproxy will be started before rpc.svcgssd
which allows the script not to start rpc.svcsdd
when gssproxy is installed and running.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
Now that gssproxy is supported on modern kernels,
the svcgssd is no longer needed. This switch
disables the building of the daemon.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We need to insert the auth_rpcgss module before starting rpc.svcgssd or
gss-proxy, for two reasons:
- gss-proxy needs access to the /proc/net/rpc/use-gss-proxy file
to set up communication with knfsd.
- the unit files need to able to test for the existance of the
same path in order to decide whether the kernel supports
gss-proxy or not.
Currently we're using dependencies on proc-fs-nfsd.mount for this, but
that works only because of the nfsd kernel module references some
symbols in auth_rpcgss, which is an odd implementation detail we're
likely to fix some day.
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
Document the newly added nfsstat io/ra server facilities.
Signed-off-by: Marko Myllynen <myllynen@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
Add server read ahead cache statistics to nfsstat.
Signed-off-by: Marko Myllynen <myllynen@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
Add server io statistics to nfsstat.
Signed-off-by: Marko Myllynen <myllynen@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Allow the fetching of NFSDCLTRACK_GRACE_START out of environment
variables. If it's present in the "create" or "init" upcalls, then we
can use that to query the database to see whether there are any clients
that have not issued a RECLAIM_COMPLETE since that time.
If there aren't any, then we know that all reclaim activity is now done
and we can then cue the kernel to lift the grace period.
Signed-off-by: Jeff Layton <jlayton@primarydata.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
...and set the has_session field in the DB based on whether it's
true or not. Since we no longer set the timestamp for v4.1+ clients on
a check operation, we must be careful to set the timestamp to zero
for v4.1+ clients found via the legacy tracker.
Signed-off-by: Jeff Layton <jlayton@primarydata.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
From: Jeff Layton <jlayton@poochiereds.net>
In order to allow knfsd's lock manager to lift its grace period early,
we need to figure out whether all clients have finished reclaiming
their state not. Unfortunately, the current code doesn't allow us to
ascertain this. All we track for each client is a timestamp that tells
us when the last "check" or "create" operation came in.
Not only is this insufficient with clients that use sessions, it's also
wrong. We only want to update the timestamp on v4.1 clients when the
"create" operation comes in or we can leave the server susceptible to
edge condition #2 in RFC5661, section 8.4.3. Once the grace period is
lifted, we disallow reclaim on subsequent reboots for clients that
have not sent a RECLAIM_COMPLETE.
Signed-off-by: Jeff Layton <jlayton@primarydata.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We have some possibility for races with nfsdcltrack when the DB schema
is upgraded.
Suppose we update the nfs-utils package on a machine after the DB has
been initialized. With the current scheme of initializing the DB only
during the "init" phase, we could end up with a new program that expects
a new schema with an old database.
We could try to do a one-time update when the package is installed, but
that could be racy. We could get an upcall between when the program is
installed and when we run the update. Also, relying on packaging to get
that right is tricky at best. To fix this, change how the database
initialization and checking of the schema revision works.
On every upcall, attempt to open the db as we normally would. If that
fails, then try to create the directory if it doesn't exist and then
retry the open. If it fails again, then give up.
If we get a successful open, then query the DB for the schema version.
If it matches what we expect, then declare success and move on. If the
query fails then assume that the DB isn't set up yet. Start an exclusive
transaction, check the schema version again and then set up the DB if no
one raced in to create it in the meantime.
This should only add a tiny bit of overhead on most upcalls (just an
extra select of the parameters table), and should improve the
performance of the "init" upcall. It'll also make it possible to handle
DB schema changes sanely.
Signed-off-by: Jeff Layton <jlayton@primarydata.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
Since nfsdcld has been dead for a few years now, clean up the prefixes
on the constants.
Signed-off-by: Jeff Layton <jlayton@primarydata.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
Clean up and fix some inaccuracies.
Signed-off-by: Jeff Layton <jlayton@primarydata.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
In the event that there no hosts to be notified after a reboot, there's
no real reason to force lockd to wait the entire grace period before
handing out locks. We're not expecting any reclaim requests to come in
that situation.
Have sm-notify do a write to /proc/fs/lockd/nlm_end_grace if that file
is present. That informs the kernel that it's OK to go ahead and lift
lockd's grace period early.
Signed-off-by: Jeff Layton <jlayton@primarydata.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
nfsdcltrack isn't a daemon, and we should make mention of the section
in RFC5661.
Signed-off-by: Jeff Layton <jlayton@primarydata.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The original implementation was using strncpy() with a truncation
length to an uninitialized stack buffer, leaving a string that
was only null terminated by luck.
While here, change to use no-copy semantics (no extra buffer) to
avoid buffer overflows altogether. exportfs already modifies argv
contents elsewhere, so this doesn't break anything anew.
Fixes: 4663c648 (exportfs: Support raw IPv6 addresses with
"client:/path")
Signed-off-by: Todd Vierling <todd.vierling@oracle.com>
Reviewed-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When attempting to establish a local ephemeral endpoint for a TCP or UDP
socket, do not explicitly call bind(2), instead let it happen implicilty
when the socket is first used.
The main motivating factor for this change is when TCP runs out of unique
ephemeral ports (i.e. cannot find any ephemeral ports which are not a
part of *any* TCP connection). In this situation if you explicitly call
bind(2), then the call will fail with EADDRINUSE. However, if you allow the
allocation of an ephemeral port to happen implicitly as part of connect(2)
(or other functions), then ephemeral ports can be reused, so long as
the combination of (local_ip, local_port, remote_ip, remote_port)
is unique for TCP sockets on the system.
This doesn't matter for UDP sockets, but it seemed easiest to treat TCP
and UDP sockets the same.
This can allow mount.nfs(8) to continue to function successfully, even
in the face of misbehaving applications which are creating a large number of
TCP connections.
Signed-off-by: Chris Perl <chris.perl@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
It's possible for "preferred_realm" to be NULL, in which case we
don't want to pass it to strcmp. Other places that use this variable
test whether it's NULL first -- we need to do the same here.
This should fix the gssd crash reported here:
https://bugzilla.redhat.com/show_bug.cgi?id=1108615
Reported-by: Brian J. Murrell <brian@interlinx.bc.ca>
Signed-off-by: Jeff Layton <jlayton@primarydata.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
This fixes the problem reported in:
https://bugzilla.redhat.com/show_bug.cgi?id=1083018
Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
According POSIX basename(3) should have an #include <libgen.h>
There are a different GNU implementation too, that can be used with
_GNU_SOURCE, but the POSIX version is good enough and more portable.
Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
| |
Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
| |
Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
| |
Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
The __dev_t is a GNU libc internal. Use the standard dev_t instead,
which is specified in POSIX.
Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
| |
Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
Use AC_USE_SYSTEM_EXTENSIONS to enable GNU_SOURCE, which is needed
for:
- stat64 in utils/exportfs/exportfs.c
- statfs64 in utils/mountd/cache.c
Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
NULL is defined in stdlib.h so we need to include that.
Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
Use the standard integer types. This fixes compiling errors with musl libc.
Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
One of our customer's application only needs file names, not file
attributes. With directories having 10K+ inodes (assuming buffer cache
has directory blocks cached having file names, but inode cache is
limited and hence need eviction of older cached inodes), older inodes
are evicted periodically. So if they keep on doing readdir(2) from NSF
client on multiple directories, some directory's files are periodically
removed from inode cache and hence new readdir(2) on same directory
requires disk access to bring back inodes again to inode cache.
As READDIRPLUS request fetches attributes also, doing getattr on each
file on server, it causes unnecessary disk accesses. If READDIRPLUS on
NFS client is returned with -ENOTSUPP, NFS client uses READDIR request
which just gets the names of the files in a directory, not attributes,
hence avoiding disk accesses on server.
There's already a corresponding client-side mount option, but an export
option reduces the need for configuration across multiple clients.
This flag affects NFSv3 only. If it turns out it's needed for NFSv4 as
well then we may have to figure out how to extend the behavior to NFSv4,
but it's not currently obvious how to do that.
Signed-off-by: Rajesh Ghanekar <rajesh_ghanekar@symantec.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
If you don't have systemd, then this script dumps:
/usr/sbin/start-statd: line 8: systemctl: command not found
This isn't terribly useful since we ultimately fall back to running
the daemon ourselves, so probe for systemd's existence before we try
to use it.
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This enable kerberized NFS mounts to succeed even if the
principal is not <HOSTNAME>$.
It works by reading another principal name from the [appdefaults]
section of krb5.conf:
[appdefaults]
nfs = {
ad_principal_name = 129.125.39.115$
}
Signed-off-by: Jurjen Bokma <j.bokma@rug.nl>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
Dump some information about used devices to syslog so that an admin
can troubleshoot failing blocklayout mounts.
Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We do want to use the dm-multipath device if it exists, which the
code is generally prepared for, except that this check excludes them
early. In addition this will also add the passive path to the device
list, which is harmless if an active one exists as that or the multipath
device will be preferred, and at least allows us to work if it doesn't.
Also fix up the check if an path needs to be updated to remove the silly
partition check - pNFS block offset are relative to the device so partion
should never match it instead of the full device. On the other hand the
simplistic check easily creates false positives, e.g. dm-10 is
considered a partition of dm-1.
Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
