| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
| |
Previously the location of the credential cache was passed in either
using environment variable KRB5CCNAME or gss_krb5_ccache_name() if
supported. For threaded-gssd, we can't use an environment variable
as it's shared among all thread. Thus always use the api call.
Reviewed-by: Steve Dickson <steved@redhat.com>
Signed-off-by: Olga Kornievskaia <kolga@netapp.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
For the threaded version we have to set uid,gid per thread instead
of per process. glibc setresuid() when called from a thread, it'll
send a signal to all other threads to synchronize the uid in all
other threads. To bypass this, we have to call syscall() directly.
Reviewed-by: Jeff Layton <jlayton@poochiereds.net>
Reviewed-by: Steve Dickson <steved@redhat.com>
Signed-off-by: Olga Kornievskaia <kolga@netapp.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Currently, to persevere global data over multiple mounts,
the root process does not fork when handling an upcall.
Instead on not-forking create a pthread to handle the
upcall since global data can be shared among threads.
Reviewed-by: Jeff Layton <jlayton@poochiereds.net>
Signed-off-by: Olga Kornievskaia <kolga@netapp.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
librpcsecgss has not been used in years
so and there is no longer an upstream for
it so the support for the library has
been removed
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If a "user" mount is the first NFSv3 mount, mount.nfs will be running
setuid to root (with non-root as the real-uid) when it executes
START_STATD.
start-statd is a shell script and many shells refuse to run setuid,
dropping privileges immediately. This results in start-statd running
as an unprivileged user and so statd fails to start.
To fix this, call "setuid(0)" to set real uid to zero. Also call
"setgid(0)"
for consistency.
The behaviour of a shell can often be affected by the environment,
such as the "shell functions" that bash includes from the environment.
To avoid the user being able to pass such environment to the shell,
explicitly pass an empty environment. The start-statd script explicitly
sets the PATH which is all it really needs.
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Linux C libraries are moving away from implicitly including the header
sys/sysmacros.h via sys/types.h. We would like to do this for glibc
now, but others (musl/etc...) have been doing it already. This means
any code using major/minor/makedevs functions will fail to build when
they don't include that header.
Leverage the AC_HEADER_MAJOR macro that configure is already using to
pull in the right header.
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
A remount might fail if name resolution returns a different
server address, as might occur if there are multiple name
records for the server. Since we cannot change the server's
address on a remount anyway, skip the lookup and remove
any set addresses in the options.
Reviewed-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Benjamin Coddington <bcodding@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
Currently nfs-utils_env.sh is installed in a
directory that is own by systemd. They requested
via https://bugzilla.redhat.com/show_bug.cgi?id=1303113
to move the script into /usr/libexec/nfs-utils
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Back when commit aba5ea5c and commit 55197c98
happen that replaced dnotify with inotify the
ignoring of non-existent upcall directories
got dropped. The patch adds it back and stops
following error log
ERROR: inotify_add_watch failed for nfs/clntXX:
No such file or directory
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The nfs-config service translates distro-specific startup
configuration into "environment" variable read and used
by systemd unit files.
Currently it is only run once, so subsequent changes to the
distro-specific files do not take effect when an nfs service is
restarted.
If we change "RemainAfterExit=yes" to "RemainAfterExit=no" then the
service will be restarted before any dependant service is started, so
the environment file will always be up to date.
Reported-and-tested-by: Benjamin Coddington <bcodding@redhat.com>
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
From: Yongcheng Yang <yongcheng.yang@gmail.com>
Signed-off-by: Yongcheng Yang <yongcheng.yang@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
statd calls atexit(statd_unregister) to unregister statd service on
exit, which actually has a side-effect that ha_callout() unregisters statd
service even when the child callout process exits on execl() failure.
Certain clustering software's deployment script adds -H option with its
specified file non-existent, when it is configured not to use callout.
In other words, -H seems to be used no matter if callout is needed or
not, but when callout is unnecessary, the specified callout program is not
deployed.
This causes statd not to work once a lock is requested by its NFS
client,
as execl() in ha_callout() results in ENOENT and exit() of the child
process calls exit-handler statd_unregister(). Eventually, the NFS
client
gets stuck with messages "lockd: cannot monitor xxx" on the NFS server.
Also, execl() could fail for other reasons like ENFILE or EIO as well.
A forked child must not unregister the statd RPC server, so use
_exit(), which does not call any exit-handlers, instead of exit().
Reviewed-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Toshiaki Makita <makita.toshiaki@lab.ntt.co.jp>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
The var "i" is already in use iterating realmnames.
Fixes: "6597e391 gssd: Don't assume the machine account will be in
uppercase"
Signed-off-by: Benjamin Coddington <bcodding@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
An if statement has been missing a brace since host_ntop() was added in
commit 94ce1eb94babb4c587b2826452fb053cba745098 ("libexport.a: Add
helpers to manage DNS lookups").
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Linux only returns EBUSY for a non-remount mount if the exact
requested filesystem is already mounted. Arguably this is not an
error.
"mount -a" tries to see if each requested filesystem is already mounted.
Sometimes it gets it wrong - e.g. hostname aliases can confuse it.
So "mount -a" will report a failure "already mounted", which is
wrong because it should filter those out.
An easy fix it just to be silent about EBUSY. As the requested
result (a given filesystem being mounted at a given location) is in
effect after the EBUSY return, we can just treat it as success.
This removes the confusing "already mounted" errors.
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
xlog_err() never returns. Change the xlog_err(),
when invalid arguments are use, to xlog_warn()
so the second xlog_warn, displaying the usage,
will be called.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
Use the verbose command flag to turn on or off
logging to stderr.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
Change some debugging levels in populate_port() to
make easier to follow the code.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
commit 1201d5d8 introduced some new debugging messages
that needed some formatting
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
The returned port from getservbyname() is in
network order. Convert the port to host order
before writing it to the portlist file.
Reported-by: Chuck Lever <chuck.lever@oracle.com>
Reviewed-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
Show the correct arguments when invalid
arguments are used.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
In general the -h flag should at least show
a usage message
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
The "-r | --reverse-lookup" arguments were missing
from the usage string.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
both connect() and select() can receive EINTR signals that we need to
recover from.
In Unix Network Programming, volume 1, section 5.9, W. Richard Stevens
states:
What we are doing [?] is restarting the interrupted system call ourself.
This is fine for accept, along with the functions such as read, write,
select and open. But there is one function that we cannot restart ourself:
connect. If this function returns EINTR, we cannot call it again, as doing
so will return an immediate error. When connect is interrupted by a caught
signal and is not automatically restarted, we must call select to wait for
the connection to complete,
Thus for connect() treat both EINPROGRESS and EINTR the same -- call
select().
For select(), it should be re-tried again upon receiving EINTR.
Signed-off-by: Olga Kornievskaia <kolga@netapp.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
There are 59 client rpc procedures, not 60.
The order of rpc name must be the same as define of
NFSPROC4_CLNT_xx in include/linux/nfs4.h,
not nfs4_procedures in nfs4xdr.c.
Drop duplicate rpc name "getdevlist".
Reviewed-by: Benjamin Coddington <bcodding@redhat.com>
Signed-off-by: Kinglong Mee <kinglongmee@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
URL: https://bugzilla.redhat.com/show_bug.cgi?id=1287468
Signed-off-by: Rinku Kothiya <rkothiya@redhat.com>
Signed-off-by: Mohit Agrawal <moagrawa@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
If rpc.statd is running but slow to respond, mount.nfs will
run "start-statd" which might start a new statd. This is not a good
ideas as can result in lots of rpc.statds.
So inf start-statd check the pid file and if rpc.statd seems to be
running, exit with success.
(also "cd /" before running rpc.statd, just in case).
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If DNS service is particularly slow, nfs_probe_statd() can fail even
though rpc.statd is actually running. This happens because rpc.statd
is single threaded and could be waiting longer for DNS than
nfs_probe_statd() will wait for it.
This causes problems when mount.nfs uses nfs_probe_statd() to see if
statd is running, as is needed for NFSv3.
Currently in these circumstances there are two possible outcomes.
1/ if systemd is in use, it will be told to start rpc-statd, which
is already running so no change.
mount.nfs will try pinging rpc.statd a few more times and could
eventually give up and fail the mount.
While slow DNS may well result in slow service, it shouldn't cause
a mount attempt to fail.
2/ if systemd is not in use, a new rpc.statd will be started. This
can (and has) lead to a large number of rpc.statd processes running
on the one machine.
This patch addresses the first scenario. If START_STATD is run and
exits with a success status, mount.nfs assumes statd is running and
allows the mount to succeed. A separate patch will address the other
scenario.
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
mount.nfs currently expects mount(2) to fail with EPROTONOSUPPORT if
the kernel doesn't understand the requested NFS version.
Unfortunately if the requested minor is not known to the kernel
it returns -EINVAL.
In kernels since 3.11 this can happen in nfs4_alloc_client(), if
compiled without NFS_V4_2.
More generally it can happen in in nfs_validate_text_mount_data()
when nfs_parse_mount_options() returns 0 because
nfs_parse_version_string()
didn't recognise the version.
EPROTONOSUPPORT is only returned if NFSv4 support is completely compiled
out.
So nfs_autonegotiate needs to check for EINVAL as well as
EPROTONOSUPPORT.
URL: https://bugzilla.opensuse.org/show_bug.cgi?id=959211
Reported-by: Takashi Iwai <tiwai@suse.com>
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Commit 5bea22e33b7a introduced a regression. Prior to that commit
nfs_nfs_version would set *version to 0 if NFS version wasn't specified.
Since that commit, version.v_mode is set to V_DEFAULT if the NFS version
isn't specified, but nfs_options2pmap uses version.major without
checking
v_mode. This can lead to incorrect behaviour.
In particular fall-ack to v3 if server doesn't support v4 can fail.
So test v_mode before using version.major.
URL: https://bugzilla.opensuse.org/show_bug.cgi?id=956743
Fixes: 5bea22e33b7a ("mount.nfs: Add struct nfs_version and generalize
version parsing")
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Commit 9a92ef6f to add netgroup lookup of resolvable
IP addresses inadvertently broke the netgroup
check for short hostnames.
This patch fixes that breakage by changing the IP address
lookup to use a separate variable.
Signed-off-by: Frank Sorenson <sorenson@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
| |
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This will prevent a backtrace like this from occurring in 'mountstats
nfsstat' if a new NFSv4 operation is added to the kernel but not to the
Nfsv4ops list in mountstats.py:
Traceback (most recent call last):
File "/sbin/mountstats", line 988, in <module>
res = main()
File "/sbin/mountstats", line 977, in main
return args.func(args)
File "/sbin/mountstats", line 792, in nfsstat_command
v4stats.accumulate_iostats(acc_stats)
File "/sbin/mountstats", line 566, in accumulate_iostats
self.__rpc_data[op] = list(map(add, self.__rpc_data[op],
new_stats.__rpc_data[op]))
KeyError: 'SEEK'
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
| |
Signed-off-by: Benjamin Coddington <bcodding@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
FSID_PRESENT was missing, and LAYOUTGET and GETDEVICEINFO were switched.
Update all the client operations. Also, increase the output width a bit
and pull out a column for these longer new operation names.
Signed-off-by: Benjamin Coddington <bcodding@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
The C and S flags were missing for the SYNOPSIS
Signed-off-by: Steve Dickson <steved@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
Show the correct arguments when invalid
arguments are used.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
to an empty
Certain name resolution misconfigurations (for example, a hosts file
entry with an ip address but no hostnames) can cause get_nameinfo() to
return an empty string in buf, which will lead to this cryptic failure:
Dec 7 09:37:44 hostname rpc.statd[8024]: Failed to insert: creating
/var/lib/nfs/statd/sm/: Is a directory
Dec 7 09:37:44 hostname rpc.statd[8024]: STAT_FAIL to
hostname.example.com for SM_MON of 192.168.1.2
Dec 7 09:37:44 hostname kernel: lockd: cannot monitor 192.168.1.2
It's better in that case to just go ahead and use the presentation
address instead.
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
When unexport directory, it's possible that the specified path ends with
a '/'. So we need to deal with it to find the matched entry.
If not, there will be error like "Could not find '*:/some_path/' to
unexport."
Signed-off-by: Yongcheng Yang <yongcheng.yang@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
In function nfs_parse_simple_hostname, hostname can be NULL,
dereferncing it while passing it to free(*hostname) may result in
segfault.
Signed-off-by: Vivek Trivedi <t.vivek@samsung.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
If file open failed, no need to issue close system call in
nsm_get_state and closeall.
Signed-off-by: Vivek Trivedi <t.vivek@samsung.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
If the id_resolver keyring doesn't exist, the kernel has no cached
idmap information to expunge. AFAIK it's not an error.
If nfsidmap is run by a non-privileged user, the id_resolver keyring
is never visible. IMO that should be reported, but the error message
should report the privilege problem, not the missing keyring.
Reported-by: Amy Shi <amy.shi@oracle.com>
Fixes: 69aa69e7de80 ('nfsidmap: Allow keys to be cleared from the ')
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
This prevents rpc.statd's in-memory (and on-disk) monitor lists from
winding up with multiple records for the same peer with outdated
cookie values. This happens in some HA-NFS configurations where
rpc.statd is always running.
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
When the mountversion option is used, there should
not be any mount negotiations with the server.
Also, when the option is used, its know that the mount
is a v4 mount and a V_SPECFIC type.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
To help debug rpcbind failures, make sure all
errors are logged and log as much info about
the error as possible.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
Trimmed down the number messages being logged
by moving them into level 3 or 4 of debugging
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
| |
When gssd exist ensure a error message is logged.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
Cleaned up first level of debugging. Only
errors and warnings are logged.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Commit b98f2af15 introduced a regression that cause the
starting and stop of rpcbind and the nfs-server to
be depended on each other
The starting of the NFS server should start rpcbind
but bring rpcbind down should not bring the NFS
server down.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
