| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
| |
As nfs-utils as an ordering of client types (hostname, netmask,
wildcard, netgroup), it is expected that sometimes the one IP will
match two or more of these and the first will over-ride. So
don't both complaining when that happens.
|
| |
|
|
|
|
| |
This patch is now hard-coded in the Makefile.am and cannot
be changed by configure. But as it needs to match what
util-linux does, that is probably a good thing.
|
| |
|
|
| |
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
|
|
|
|
|
| |
If statd is not running (/var/run/rpc.statd.pid) when an nfs filesystem
is mounted (v2 or v3, with remote locking enabled), and if
/usr/sbin/start-statd (or other program specified at config time) is
present, then run that program to start statd.
This means that statd does not need to be running "just in case".
It only needs to be started at boot time if the nfs server is
started.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
i.e. you now need --disable-secure-statd if you want any client
other than lockd to talk to statd.
Also relax the RESTRICTED_STATD checks so that a recent kernel
with /proc/sys/fs/nfs/nsm_use_hostnames set can still talk to
statd.
Finally, restrict access to simulate_crash so that only privileged
processes on localhost can call it. Having it accessible by the
whole world is probably not much more than a minor inconvenience,
but it really should be kept closed.
|
| |
|
|
|
|
| |
It was already commented out, and it will never be wanted.
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
|
|
| |
It appears that this is used only by unfsd, and is obscure enough that
we should be able to just rip it out with no special precautions.
Signed-off-by: "J. Bruce Fields" <bfields@citi.umich.edu>
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
|
|
|
| |
Solaris servers, when asked to share a filesystem with an anon-uid, will
report the only available authentication style as AUTH_NONE in the
reply from mountd (even though they actually accept AUTH_SYS and simply
ignore the credentiuals).
So if no sec= is specified we should really accept anything that can easily
be handled. ie. AUTH_SYS or AUTH_NONE.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
/* The fsid -> path lookup can be quite expensive as it
* potentially stats and reads lots of devices, and some of those
* might have spun-down. The Answer is not likely to
* change underneath us, and an 'exportfs -f' can always
* remove this from the kernel, so use a really log
* timeout. Maybe this should be configurable on the command
* line.
*/
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
|
|
| |
Only create a mount-time reserved port socket for kernels
which require it (pre-2.1.32/nfs_mount_version 1).
Signed-off-by: Tom Talpey <tmt@netapp.com>
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When connecting to an NFSv4 server we need to find out IP address
as it would be seen by the server, to register an address for
callbacks.
This is most easily done by connecting the socket to the
servers address and then getting the address of our endpoint.
However with a connected UDP socket, replies that come from a
different IP address - as can happen with non-Linux multi-homed
servers - will be rejected.
So if we connected our UDP socket, we need to be sure to
disconnect it before using it.
This patch adds an option to get_socket to say if we want it
connected or not and, in the case where we do, we disconnect
a UDP socket after the connection information has been used.
Also clean up the error handling in clnt_ping which was getting
clumsy.
|
| |
|
|
| |
For completeness... and who knows, someone might want it.
|
| | |
|
| |\ |
|
| | |
| |
| |
| |
| |
| | |
A stray '$'.
Signed-off-by: Neil Brown <neilb@suse.de>
|
| | |
| |
| |
| |
| |
| |
| | |
Wrong pointer test meant mountd would alway do gid lookups
instead of only if asked to with '-g'.
Signed-off-by: Neil Brown <neilb@suse.de>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Fix up a few issues with the fsloc code.
Signed-off-by: Fred Isaman <iisaman@citi.umich.edu>
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
Signed-off-by: Neil Brown <neilb@suse.de>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Use the correct pointer when writing fslocations data to the cache.
Also write the fsloc stuff before the uuid stuff so userland code
will work with or without the uuid kernel patches.
Signed-off-by: Neil Brown <neilb@suse.de>
|
| | | |
|
| | |
| |
| |
| |
| |
| | |
This was only needed for kernels 2.2.14 through 2.2.17.
These have long since been superceded, so remove some dead weight.
|
| |/
|
|
|
|
|
| |
subtree_check causes more problems than it is worth,
and it isn't worth much in the first place..
Signed-off-by: Neil Brown <neilb@suse.de>
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
Extend exportfs interface to pass fslocations info into the kernel,
using syntax modelled after AIX. Adds "refer=" and "replicas="
options to /etc/exports to enable use of the kernel fslocation code.
Signed-off-by: Fred Isaman <iisaman@citi.umich.edu>
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
|
| |
When doing a nonblocked connect, we need to select for 'write', not 'read'.
Also, when a tcp socket has been connected, we should use clnttcp_create
to make a tcp client, not clntudp_bufcreate !!
|
| |
|
|
|
|
|
| |
With "-g" mountd will listen for uid -> gidlist requests
from the kernel and provide the required mapping.
This is specific to AUTH_USER (aka AUTH_SYS) and is designed
to overcome the 16-gid limit in the AUTH_UNIX protocol.
|
| |
|
|
|
|
|
|
|
|
|
| |
This introduces a new dependancy on libblkid.
If a filesystem being exported has a UUID that libblkid
can extract, then that is passed to the kernel for use
in identifying the filesystem in filehandles.
This means that 'fsid=' is no longer needed to work around the
problem of device numbers changing.
fsid= is still needed for fielsystems that have no device,
and can now be given 16byute uuid instead of just a 32bit one.
|
| |
|
|
| |
writting -> writing
|
| |
|
|
|
|
|
|
|
|
| |
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
As suggested by Glenn Machin <GMachin@sandia.gov>. Allow svcgssd
to turn on libnfsidmap debugging. This uses a new command-line
parameter so that it can be enabled independently from other
debugging.
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
|
|
| |
Signed-off-by: Fred Isaman <iisaman@citi.umich.edu>
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
Remove duplicated code.
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
The 0.8 release of Heimdal has (will have) support for the lucid context.
The handling of lucid_sec_context can be shared between builds with MIT
or Heimdal Kerberos.
Split out the lucid_sec_context code from context_mit.c
and make a new common file, context_lucid.c.
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
|
|
|
|
|
| |
Signed-off-by: Glenn Machin <gmachin@sandia.gov>
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
Some installations use different name formats for their credentials
caches. Instead of checking that the uid is part of the name, just
make sure that uid is the owner of the file.
This is a modification of the original patch from Glenn.
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Signed-off-by: Steinar H. Gunderson <sgunderson@bigfoot.com>
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
This mostly takes care of the difference between - and \-; in
man pages, the former is hyphen (which indicates, among others,
that a line might be split at that point), while the latter is a
dash. For options, the latter is correct.
There's also one minor grammatical fix.
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
|
| |
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
Remove Kerberos implementation dependency from svcgssd_mech2file.c
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
The previous patch seems to expose a use after free bug in dirscancb. At
least, I could reliably reproduce a segfault by doing a bunch of mounts
and then unmounting them all. The code uses the following list macro:
TAILQ_FOREACH(ic, icq, ic_next) {
...to iterate over all of the ic entries and clean up any that no longer
have a corresponding directory in rpc_pipefs. This macro unrolls into:
for(ic=icq->tqh_first; ic != NULL; ic=ic->ic_next.tqe_next) {
...but within this loop, we can free ic, and then the for loop can trip
over that when it tries to do the iteration. The attached patch works
around this by not using the TAILQ_FOREACH macro and saving off the
tqe_next pointer prior to the free.
Again, this was tested on a patched 1.0.6, but the 1.0.10 code is very
similar, and I think the problem exists there as well.
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
There is a pretty nasty memory leak in idmapd in dirscancb(). Some of
our customers have reported that idmapd can eat gigabytes of memory on
machines with a large number of mounts and unmounts and a long uptime.
That function uses scandir(), which malloc's an array of strings, but
dirscancb() never frees the strings or the array. The following patch
should correct this, but I've not yet tested it on 1.0.10 (only on the
RHEL4 1.0.6 version). Still, the code is very similar and I'm fairly
certain the problem exists in both versions.
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
|
|
|
|
| |
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
GSSAPI error codes (major and minor) are defined as unsigned values.
However, we treat them as signed while passing them down to the
kernel where conversion fails if they include the minus sign.
Convert them as unsigned.
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
As requested by "Steinar H. Gunderson" <sgunderson@bigfoot.com>, add
AM_MAINTAINER_MODE to configure.in. See the description of this
macro below:
`AM_MAINTAINER_MODE' disables the so called "rebuild rules" bys
default. If you have `AM_MAINTAINER_MODE' in `configure.ac', and
run `./configure && make', then `make' will *never* attempt to
rebuild `configure', `Makefile.in's, Lex or Yacc outputs, etc.
I.e., this disables build rules for files which are usually
distributed and that users should normally not have to update.
If you run `./configure --enable-maintainer-mode', then these
rebuild rules will be active.
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
this patch touches up the autotool code a bit in nfs-utils:
- run autogen.sh with -e so if something fails, it'll abort properly
- set ACLOCAL_AMFLAGS so that when running autoreconf or when
autotools re-runs itself, the m4 files are found properly
- make sure we include bsdsignals.m4 in the final tarball
- add some cross-compiling fallback logic to bsdsignals.m4 so that
when cross-compiling nfs-utils, the configure is a bit more nice
than simply:
checking for BSD signal semantics... configure: error: cannot run test program while cross compiling
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
|
|
|
| |
This is needs if mountd is running multithreaded else multiple threads
will be blocked on a UDP port with nothing to read and so won't
be able to serve up-calls from the kernel.
Thanks to "Murali Krishna V" <vm.krishna@gmail.com> for highlighting
the problem.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
The README has bit-rotted: redhat and debian packaging scripts are no
longer included, util-linux mount is (in theory) no longer required, and
instructions on building from latest git would be useful.
Signed-off-by: "J. Bruce Fields" <bfields@citi.umich.edu>
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
| |
This used to be the default but we lost it at about 1.0.8
|
| |
|
|
|
| |
Just like statd, the path isn't needs in the man page and different
distros install it in different places.
|
| |
|
|
|
|
|
|
|
| |
bzero has been deprecated
for years (and anything starting with __ is an internal
function anyhow), and __bzero seems to have broken on ia64
not too long ago.
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
| |
Matching utils/statd, make sure generated files get cleaned.
|
| |
|
|
|
| |
As the man page doesn't need it, and different distros put it in
different places.
|
| |
|
|
| |
https://bugs.launchpad.net/ubuntu/+source/nfs-utils/+bug/76409
|
| |
|
|
|
|
|
|
|
|
| |
This mostly takes care of the difference between
- and \-; in man pages, the former is hyphen
(which indicates, among others, that a line might
be split at that point), while the latter is a
dash. For options, the latter is correct.
There's also one minor grammatical fix.
|
| |
|
|
|
| |
This is not used, does not seem useful, and causes compile
problems on some distgributions.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Implement default options in /etc/exports, to fix a long-standing wishlist
bug in Debian. (The user claims the syntax matches that of OpenBSD.) This
makes it possible to write "/srv/www -sync,no_subtree_check host1 host2 host3"
instead of having to write (sync,no_subtree_check) over and over and over
again, driving the administrator slowly mad. Such option lines can be
placed anywhere on the line, and affects anything after them (I do not
know if OpenBSD allows this). The patch is slightly convoluted in order to
avoid triggering spurious warnings; for instance, we want
"/srv/www -sync host1" to trigger a warning, but not "/srv/www
-sync,no_subtree_check host1" or "/srv/www -sync host1(no_subtree_check)".
There was also a suggestion for a truly global (ie. per-file) option list,
but this seemed like the safest bet, given that it matches that of other
implementations.
Also, the man page is updated with information on the new possibilities,
and an example.
Signed-off-by: Steinar H. Gunderson <sesse@debian.org>
Signed-off-by: Neil Brown <neilb@suse.de>
|
