| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
| |
User may load/unload blocklayoutdriver module dynanmically.
So we handle it by watching the pipe file creation/deletion.
Signed-off-by: Peng Tao <tao.peng@emc.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
Newer versions of systemd create a /run/user/${UID} directory
instead of the /run/user/${USER} directory, so switch to
scanning for that. To make the per-user directory bit a little
less magical, change the default to incorporate a "%U", which
gets dynamically expanded to the user's UID when needed.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
| |
In addition to matching "FILE:krb5cc_*" in the specified directory or
directories, also match "DIR:krb5cc*", if we find subdirectories with
names that match the search pattern.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use ppoll() instead.
[ cel Wed Aug 1 11:44:46 EDT 2012 - autoconfiscated Bruce's version ]
Related clean-up: Since we're pulling the poll/ppoll call out into a
separate function, note that the second argument of poll(2) and
ppoll(2) is not an int, it's an unsigned long. The nfds_t typedef
is a recent invention, so use the raw type for compatibility with
older glibc headers.
Acked-by: J. Bruce Fields" <bfields@redhat.com>
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
From: "J. Bruce Fields" <bfields@redhat.com>
Reverse the sense of the test here, and also add debugging and cleanup
in the error case.
(Though the lack of cleanup isn't currently a problem in practice since
we'll eventually exit in this case.)
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
From: "J. Bruce Fields" <bfields@redhat.com>
printerr() isn't actually safe to call from a signal handler. It might
be possible to make it so, but I think this is the only case in
nfs-utils where we try to, and I'm not convince it's worth it.
This fixes a bug that would eventually cause mounts to hang when gssd
is run with -vv.
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
| |
From: "J. Bruce Fields" <bfields@redhat.com>
We're not actually using the extra sa_sigaction parameters.
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
is_vers4 in mount_libmount.c is based on nfs_umount_is_vers4
in nfsumount.c, except the return values are reversed.
The result of this is:
- a MOUNT_UMNT call is not sent when an NFSv3 or NFSv2
filesystem is unmounted
- a MOUNT_UMNT call *is* sent when and 'nfs4' filesystem
is unmounted (but not when an 'nfs -o vers=4 filesystem
is unmounted, as that is checked elsewhere).
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
# umount.nfs /boot; echo $?
umount.nfs: /boot: device is busy
32
expected and fixed behavior:
# umount.nfs /boot; echo $?
# umount.nfs: /boot: is not an NFS filesystem
1
Note that the function mnt_context_set_fstype_pattern() has never
been used for mtab/fstab evaluation. It's usable only for "umount -a"
and for "mount -t" operations.
Reported-by: NeilBrown <neilb@suse.de>
Signed-off-by: Karel Zak <kzak@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When a POLLHUP event is received on a pipe file descriptor, that
means the other side has closed its end of the pipe. If the
receiver does not close its end of the pipe, the pipe is left in an
open-but-unlinked state.
For a "gssd" upcall pipe, the kernel may close its end, removing the
directory entry for it, and then later create a fresh pipe named
"gssd" in the same directory. In this case, rpc.gssd continues to
listen on the open-but-unlinked previous "gssd" pipe. Thus upcalls
on the new "gssd" pipe are left unanswered.
In addition, poll(2) continues to return POLLHUP on the old pipe.
Since there is no logic to close the pipe in rpc.gssd, poll(2) always
returns immediately, and rpc.gssd goes into a tight loop.
Typically, the kernel closes upcall pipes and destroys their
parent directory at the same time. When an RPC client's directory
vanishes, rpc.gssd sees the change via dnotify and eventually
invokes destroy_client() which closes the user-space end of the
pipes.
However, if the kernel wants to switch authentication flavors (say
from AUTH_KRB5 to AUTH_UNIX) on an RPC client without destroying it,
the upcall pipes go away, but the RPC client's directory remains.
rpc.gssd invokes update_client_list(), but that logic never closes
upcall pipes if the client directory is still in place.
After a POLLHUP on a pipe, close it when rpc.gssd reconstructs its
list of upcall clients.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If nfs-utils is built without --enable-libmount-mount, then
an unmount that failed due to the filesystem being busy will
exit with '16' - EX_FILEIO.
Autofs apparently relies on this.
When built with --enable-libmount-mount, the same case will
exit with '32' - EX_FAIL. Normally this is reserved for
internal errors.
This patch restores the use of EX_FILEIO for errors from umount.
Reviewed-by: Karel Zak <kzak@redhat.com>
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
| |
nfsidmap is not calling the nfs4_init_name_mapping()
function which initializes the default domain from
either the DNS domain or the Domain variable in /etc/idmap.conf
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
| |
Update exportfs flush option list in usage message.
And sorted these cases in alphabetical order.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If a NFS mount attempt fails with an ETIMEDOUT error, the mount.nfs code
doesn't currently attempt the next address in the list. For a NFSv4
mount the initial mount() call almost always ends up going over
NFS_DEF_FG_TIMEOUT_MINUTES and the mount is never retried.
For a v3 mount, it ends up continually retrying against the same IPv6
address, and never tries the IPv4 address. Eventually it gives up once
it hits the NFS_DEF_FG_TIMEOUT_MINUTES timeout.
It's possible that a server is just unreachable via IPv6 (due to a
routing misconfiguration for instance), or is dropping IPv6 frames on
the floor. In that situation, it might still be reachable via IPv4 and
trying the next address could have allowed the mount to succeed.
Fix this by treating ETIMEDOUT in a similar fashion to ECONNREFUSED.
Have the client try the next address in the list before giving up and
returning an error.
Our QA folks noticed this after a routing problem in one of our test
labs. I was able to reproduce it by having the server drop incoming
IPv6 frames from the client's address.
With this patch, the mount eventually succeeds over IPv4 instead of
returning an error.
Cc: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
From: Harald Hoyer <harald@redhat.com>
PR_CAPBSET_DROP can return EINVAL, if an older kernel does support
some capabilities, which are defined by CAP_LAST_CAP, which results in
a failure of the service.
For example kernel 3.4 errors on CAP_EPOLLWAKEUP, which was newly
introduced in 3.5.
So, for future capabilities, we clear until we get an EINVAL for
PR_CAPBSET_READ.
Reviewed-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
| |
Kernel 3.5 adds a debugging flag for showing NFS client debugging
messages having to do with NFSv4 state operations.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
From: "J. Bruce Fields" <bfields@redhat.com>
If root squashing is turned off on a export that
has multiple directories, the parent directories
of the pseudo exports that's built, also needs to
have root squashing turned off.
Tested-by: Steve Dickson <steved@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
| |
nsm_client needs to link against libtirpc.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
| |
To make it easier to enable ID mapping debugging, nfsidmap
should read /etc/idmap.conf to see if the verbosity level
is set, similar to what rpc.idmapd does
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
statd drops all capabilities except for CAP_NET_BIND when it starts.
It's possible though that if it ever had a compromise that an attacker would
be able to invoke a setuid process (or something with file capabilities) in
order to reinstate some caps.
This could happen as a result of the daemon becoming compromised, or
possibly as a result of the ha-callout program becoming compromised.
In order to prevent that, have statd also prune the capability bounding
set to nothing prior to dropping capabilities. That ensures that the
process won't be able to reacquire capabilities via any means --
including exec'ing a setuid program.
We do however need to be cognizant of the fact that PR_CAPBSET_DROP was
only added in 2.6.25, so check to make sure that #define exists via
autoconf before we rely on it. In order to do that, we must add
ax_check_define.m4 from the GNU autoconf macro archive.
Furthermore, do a runtime check to see if /proc/sys/kernel/cap-bound
exists before attempting to clear the bounding set. If it does, then
don't bother trying since it won't work. In that event though, do
throw a warning however since the presence of that file indicates that
there is a disconnect between the build and runtime environments.
Acked-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Automake does not support conditional AM_CONDITIONAL calls; what that
means is that you always have to execute AM_CONDITIONAL one way or the
other. Both the libsqlite3.m4 file and the nfsdcld conditionals are
executed only when NFSv4 is enabled, which breaks building with
--disable-nfsv4.
Remove the SQLite3 conditional altogether as it's never used, and move
the nfsdcld conditional outside of the conditional code.
Acked-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Diego Elio Pettenò <flameeyes@flameeyes.eu>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
We currently test to ensure that prctl() is available, but the results
of that test are a no-op either way. statd calls prctl()
unconditionally, so make configure bail out if prctl() isn't available
since the build will fail in that event anyway.
Cc: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
If we use a more standard approach to describing the osd_login
script, the automake infrastructure will create /sbin before
attempting installation.
This is important for: make DESTDIR=/empty-dir install
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
This really only works against EMC servers. There is at least one server
that returns unprintable signatures, which fill the log with garbage (the
spec does not mandate printable signatures). It could be made more generic,
for example by checking each byte for isprint(). But the signatures are
really only of interest to developers, not admins, so it seems better to
just remove it.
Signed-off-by: Jim Rees <rees@umich.edu>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
high-speed links
* Using NFS over UDP on high-speed links such as Gigabit can cause
silent data corruption.
* The man page text was written by Olaf Kirch and committed to (but not
upstream):
https://build.opensuse.org/package/view_file?file=warn-nfs-udp.patch&package=nfs-utils&project=openSUSE%3AFactory&rev=8e3e60c70e8270cd4afa036e13f6b2bb
Signed-off-by: Harshula Jayasuriya <harshula@redhat.com>
Acked-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Olaf Kirch <okir@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As a long running daemon, we need to be security-conscious with nfsdcld,
so let's prune what it can do down to nearly nothing.
We want the daemon to run as root so that it has access to open and
reopen the rpc_pipefs pipe, but we don't actually need any of the
superuser caps that come with it. Have it drop all capabilities early
on. We don't need any of them as long as the fsuid continues to be 0.
Once we do that though, check to ensure that the db dir is actually
usable by root w/o CAP_DAC_OVERRIDE. Do an access() check on it and
throw a warning if it's not. Hopefully that will assist users in
debugging if they get the ownership of the DB dir wrong.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
It's actually expected that this will fail initially when we start the
daemon. Until knfsd has been started, the pipe doesn't exist, and we
generally want to start nfsdcld before starting knfsd.
Avoid the scary error message by demoting this message to D_GENERAL.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
| |
From: "J. Bruce Fields" <bfields@redhat.com>
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
From: "J. Bruce Fields" <bfields@redhat.com>
Mountd is responsible for filling three interrelated kernel caches:
- auth_unix_ip maps an incoming ip addresses to a "domain".
- nfsd_fh maps (domain, filehandle-fragment) pairs to paths.
- nfsd_export maps (domain, path) pairs to export options.
Note that each export is assocated with a "client" string--the part
before the parentheses in an /etc/export line--which may be a domain
name, a netgroup, etc.
The "domain" string in the above three caches may be either:
- in the !use_ipaddr case, a comma-separated list of client
strings.
- in the use_ipaddr case, an ip address.
In the former case, mountd does the hard work of matching an ip address
to the clients when doing the auth_unix_ip mapping. In the latter case,
it delays that until the nfsd_fh or nfsd_export upcall.
We're currently depending on being able to flush the kernel caches
completely when switching between the use_ipaddr and !use_ipaddr cases.
However, the kernel's cache-flushing doesn't really provide reliable
guarantees on return; it's still possible we could see nfsd_fh or
nfsd_export upcalls with the old domain-type after flushing.
So, instead, make the two domain types self-describing by prepending a
"$" in the use_ipaddr case.
Reviewed-by: NeilBrown <neilb@suse.de>
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
From: "J. Bruce Fields" <bfields@redhat.com>
Pull out a tiny bit of common logic from three functions.
Possibly minor overkill, but simplifies the next patch.
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
I don't see the point of waiting to the last minute to parse the ip
address. If the client name isn't a legal ip address then this will
fail fairly quickly, so there's not much of a performance penalty.
Also, note the previous code incorrectly assumed client_resolve would
always return non-NULL.
Also factor out some common code.
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
After 0509d3428f523 "mountd: Replace "struct hostent" with "struct
addinfo"", the export upcall fails in the use_ipaddr case.
I think we never noticed because a) the use_ipaddr case is rarer than
the !use_ipaddr case, and b) the nfsd_fh upcall does a preemptive export
downcall that renders the nfsd export call unnecessary in some cases.
Cc: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
| |
The point of background mounts is to have the mount
retried if the mount fails. This patch allows the v2/v3
background mount to proceed in the case when the server
is down by not making EOPNOTSUPP a permanent error.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The loop in v4root_add_parents() is a little odd.
The first time through, 'ptr' points immediately "beyond"
a '/' character (the first). For every other iterration it points
directly "at" a '/' character.
Such inconsistency is error prone and infact there is an error.
If "path" is precisely "/", then the first call to
ptr = strchr(ptr, '/')
will be given a 'ptr' which is beyond the '\0' at the end of
"path". This could potentially contain anything and the strchr()
could search well beyond a buffer (though this depends on exactly how
the string is set up which depends on separate code).
So change the loop to have 'ptr' always point at a '/', and
handle the special case of "/" explicitly.
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
e_ttl is set to the default in init_exportent().
However V4ROOT exports never see init_exportent() as they are created
with dupexportent from a template. So e_ttl does not get set and
export entries expire immediately.
This results in an upcall to mountd every time a V4ROOT directory
in accessed.
So set e_ttl in the template.
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When "fsid=0" is not explicitly given in /etc/exports,
v4set_root creates a pseudo (NFSEXP_V4ROOT) export for '/'
with fsid 0 so that an NFSv4 client can find the root.
However if '/' is explicitly exported to the client, then that
explicit export must be used, and it will not have fsid=0.
So we must impose fsid=0 on all exports of '/'.
Without this, if '/' is exported to a client, that client will
not be able to mount '/' with NFSv4.
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When nfsd_fh it looking for an export for a particular
client and file-handle, it might find two exports for the same path:
one with NFSEXP_V4ROOT, one with out.
As nfsd_fh calls cache_export_ent to give the export information to
the kernel it much choose the same export that auth_authenticate
chooses for get_rootfh which it also passes cache_export_ent (via
cache_export).
i.e. it must choose the non-V4ROOT on where possible.
Also change
strcmp(foo, bar)
to
strcmp(foo, bar) == 0
because I have a pathological fear of the former.
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently auth_authenticate_internal finds an export and if it
is a V4ROOT export, it reports that there is no match. Unlike
lookup_export() it doesn't keep looking for an acceptable export.
So remove the test from auth_authenticate_internal(), and add it to
auth_authenticate_newcache(), where the search can be allowed to
continue.
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
lookup_export() claims to "Always prefer non-V4ROOT mounts" (meaning
"exports") but actually prefers V4ROOT exports - once it has 'found'
one it will never replace it.
So fix that inversion, and add code so that it proactively prefers a
non-V4ROOT whether it is found before or after a V4ROOT.
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
mountd uses colons to split fsloc hosts, but this doesn't work with IPv6
addresses (they contain ':').
To fix this, mountd is changed to expect all IPv6 addresses to be escaped
by '[' and ']' so colons that are part of the address may be skipped.
To fix IPv6 referrals, this patch must be used with the nfsd patch that
properly parses escaped IPv6 addresses in fs_location->hosts.
Signed-off-by: Weston Andros Adamson <dros@netapp.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
From: Sachin Bhamare <sbhamare@panasas.com>
This script is part of the autologin feature mandated by the
pnfs-objects standard.
It is called from objlayoutdriver.ko in the kernel.
It invokes iscsiadm program to perform the iscsi login to OSDs.
It also features a watchdog which will make sure that control
returns to kernel after 15s timeout.
Signed-off-by: Sachin Bhamare <sbhamare@panasas.com>
Signed-off-by: Boaz Harrosh <bharrosh@panasas.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
| |
- Added header clean up some warnings
- Updated the .gitignore file.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
| |
Add info to the README about when this daemon should be started, and
its build and runtime requirements.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
| |
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Before opening the pipe, set an inotify watch on the containing dir and
then try to open the pipe. If it succeeds, then set up pipe and inotify
events and return success. If it fails with -ENOENT, then just set up
the inotify event and return success. If it fails with any other error
then return the error and the caller can then abort the program.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
This should remove any client record that has a timestamp prior to
the given time.
Eventually, this call will need to be made cluster aware when this is
run in a clustered configuration. For now, this is only suitable for
single-host configurations.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|