summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Remove rquotadNeil Brown2007-05-0812-1087/+0
| | | | | | | | rquotad isn't really used by anyone - as you can tell by the fact that it only works for ext2 and ext3 (if those). The 'quota' package contains a working and maintained rquota and all distros appear to use that one. So remove rquotad from this package to avoid confusion.
* update manpages for showmount and mountdJeff Layton2007-05-082-2/+11
| | | | | | | | This patch updates the manpages for showmount and mountd. It adds a description of the new mountd -r option, and a caveat about the unreliability of showmount -a. Signed-off-by: Jeff Layton <jlayton@redhat.com>
* Detect version of libblkid and act accordingly.Neil Brown2007-05-032-6/+38
| | | | | | | libblkid earlier than 1.40 has a memory leak bug that make it unsuitable for use in mountd. So detect the version and default to not using it if too old. Give appropriate warnings in various cases.
* Always get addressless ticketsKevin Coffman2007-05-032-2/+36
| | | | | | | | Make sure we get addressless tickets so we can function behind a NAT. (Must use a different function to accomplish this with Heimdal.) Signed-off-by: Kevin Coffman <kwc@citi.umich.edu> Signed-off-by: Neil Brown <neilb@suse.de>
* statd - the files created are named for dns_name, so use that when unlinking.Neil Brown2007-05-032-2/+3
| | | | Also free dns_name when freeing an 'nlist', so do the unlink before the free.
* Change version to 1.1.0-rc2Neil Brown2007-04-201-1/+1
|
* Don't hide my_name in statd.Neil Brown2007-04-201-7/+22
| | | | | statd now passes the 'my_name' from the SM_MON call faithfully to the ha-callout and records it in the sm/ files.
* Release notes updates: portmap and kerberos versions.Neil Brown2007-04-201-0/+6
|
* Update libgssapi requirementsKevin Coffman2007-04-201-1/+1
| | | | | | | Update the required version of libgssapi from 0.9 to 0.11. (Working with Heimdal requires 0.11. Symbol versioning was introduced in 0.10 and should be used everywhere, although not absolutely required.)
* Factor out error message printing differences between MIT and HeimdalKevin Coffman2007-04-204-23/+55
| | | | | | | | | | Use a common function that factors out differences between MIT and Heimdal in getting the right error message printed. Add an autoconf check to see if the newer error message function is available. Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
* Tell Heimdal gss code the correct credential to useKevin Coffman2007-04-201-0/+2
| | | | | Always use the gss_krb5_ccache_name() function to tell Heimdal which credentials to use.
* Make that last patch compile...Neil Brown2007-04-161-2/+3
|
* Be more cautious about use for privilege ports (<1024).Neil Brown2007-04-163-14/+33
| | | | | | | | | | | | | Ports < 1024 are a scarce resource and should not be used carelessly. Technically they should be not used at all without registration with IANA, but sometimes we need them despite that. So: for the socket that RPC services listen on, don't use a <1024 port by default. There is no need. For sockets that we send messages on, that are long-lived, and that might need to appear 'privileged', avoid using a number that is registered in /etc/services if possible.
* README - updates to daemon start order.Kevin Coffman2007-04-041-5/+13
|
* NEWS - add info about gssd changes.Kevin Coffman2007-04-041-0/+20
|
* NEWS and README updates.Neil Brown2007-04-032-17/+114
| | | | Particularly details of daemon startup order have been added to README.
* statd - fix some compile warningsNeil Brown2007-04-031-0/+2
|
* exportfs - test exportability of filesystems when exportfs is run.Neil Brown2007-04-021-1/+85
| | | | | | | | | When exporting a filesystem test to see if the kernel is likely to accept the export and print suitable warning message if not. Don't actually fail the 'exportfs' as by the time a MOUNT request arrives, the filesystem might be exportable. Signed-off-by: Neil Brown <neilb@suse.de>
* mountd - improve checks and error messages for export failure.Neil Brown2007-04-021-6/+18
| | | | | | | | | | | If an attempt is made to export a non-(dir|file), just ignore it. This should get caught by exportfs. If an attempt is made to export a non-exportable filesystem, report an error. Hopefully exportfs can trap some these as well, but catching them in mountd as well is good. Signed-off-by: Neil Brown <neilb@suse.de>
* Tell NFS/lockd client what that local state number is.Neil Brown2007-04-024-9/+68
| | | | | | | | | | | | Both SM_STAT and SM_MON can return the state of an NSM, but it is unclear which NSM they return the state of, so the value cannot be used, and lockd doesn't use it. Document this confusion, and give the current state to the kernel via a sysctl if that sysctl is available (since about 2.6.19). This should make is possible for the NFS server to detect a small class of bad SM_NOTIFY packets and not flush locks in that case. Signed-off-by: Neil Brown <neilb@suse.de>
* Add a debug message indicating that gssd is ready to process requestsKevin Coffman2007-03-311-0/+1
| | | | | | | Add a debug message indicating that gssd is ready to process requests Signed-off-by: Kevin Coffman <kwc@citi.umich.edu> Signed-off-by: Neil Brown <neilb@suse.de>
* Remove the now unused functionsKevin Coffman2007-03-312-235/+0
| | | | | | | | Remove functions that are no longer used when when obtaining machine credentials. Signed-off-by: Kevin Coffman <kwc@citi.umich.edu> Signed-off-by: Neil Brown <neilb@suse.de>
* Clean up gssd_get_single_krb5_cred and its debugging messagesKevin Coffman2007-03-311-8/+12
| | | | | | | Clean up gssd_get_single_krb5_cred and its debugging messages Signed-off-by: Kevin Coffman <kwc@citi.umich.edu> Signed-off-by: Neil Brown <neilb@suse.de>
* Use newly added keytab functionsKevin Coffman2007-03-315-20/+31
| | | | | | | | | | | | | | | | | | | | | | | Use the new functions added in the previous patch. Obtain machine credentials in a pre-determined order Look for appropriate machine credentials in the following order: root/<fqdn>@REALM nfs/<fqdn>@REALM host/<fqdn>@REALM root/<any-name>@REALM nfs/<any-name>@REALM host/<any-name>@REALM The first matching credential will be used. Also, the machine credentials to be used are now determined "on-demand" rather than at gssd startup. This allows keytab additions to be noticed and used without requiring a restart of gssd. Signed-off-by: Kevin Coffman <kwc@citi.umich.edu> Signed-off-by: Neil Brown <neilb@suse.de>
* Add new keytab handling functions for dealing with machine credentialsKevin Coffman2007-03-312-0/+468
| | | | | | | | | | | | | | | Add new functions that will be used in the next patch. The new behavior is to search for particular keytab entries in a specified order: root/<fqdn>@<REALM> nfs/<fqdn>@<REALM> host/<fqdn>@<REALM> root/<any-name>@<REALM> nfs/<any-name>@<REALM> host/<any-name>@<REALM> Signed-off-by: Kevin Coffman <kwc@citi.umich.edu> Signed-off-by: Neil Brown <neilb@suse.de>
* Hide differences between MIT and Heimdal in macrosKevin Coffman2007-03-312-25/+20
| | | | | | | | | Clean up a lot of #ifdef'd code using macros, masking the differences between MIT and Heimdal implementations. The currently unused macros will be used in later patches. Signed-off-by: Kevin Coffman <kwc@citi.umich.edu> Signed-off-by: Neil Brown <neilb@suse.de>
* Fix memory leak on error path of limit_krb5_enctypes()Kevin Coffman2007-03-311-0/+1
| | | | | | | Return credential on error path of limit_krb5_enctypes() Signed-off-by: Kevin Coffman <kwc@citi.umich.edu> Signed-off-by: Neil Brown <neilb@suse.de>
* Add missing newlinesKevin Coffman2007-03-311-6/+6
| | | | | | | Add missing newlines to error messages. Signed-off-by: Kevin Coffman <kwc@citi.umich.edu> Signed-off-by: Neil Brown <neilb@suse.de>
* Update version to 1.1.0-rc1Neil Brown2007-03-291-1/+1
|
* New 'NEWS' file with release-notes for 1.1.0Neil Brown2007-03-291-1/+43
|
* Add start-statd script.Neil Brown2007-03-292-0/+10
| | | | | This script is used by mount.nfs to run statd if needed. It can be locally modified to change arguements if required.
* Rename configure.in to configure.acNeil Brown2007-03-291-0/+0
| | | | It is a more standard name...
* Change default to use system rpcgen.Neil Brown2007-03-291-5/+8
| | | | | | | | | | If system-installed rpcgen if such exists. If none is found, build our own. Override with ./configure --with-rpcgen=internal for internal rpcgen or ./configure --with-rpcgen=/local/rpcgen for a non-standard location.
* sm-notify: Try all addresses of a multihomed host.Neil Brown2007-03-291-17/+28
| | | | | | | When sending an SM_NOTIFY to multi-homed host, try all the addresses in rotation. After 4 failures on one address, try the next. Signed-off-by: Neil Brown <neilb@suse.de>
* statd - use dnsname to ensure correct matching of NOTIFY requests.Neil Brown2007-03-293-17/+36
| | | | | | | | | | | | | | | When lockd asks to monitor a host, we find the FQDN from the DNS and remember that, both internally and in the /var/lib/nfs/sm/* file. When we receive an SM_NOTIFY request, we compare both the mon_name and the source IP address against that DNS name to find a match. If a DNS name is not available, we fall back to the name provided by lockd, which at least is known to map to an IP address via gethostbyname. Signed-off-by: Neil Brown <neilb@suse.de>
* statd - check for 'priv' when looking for duplicate registrations.Neil Brown2007-03-291-1/+2
| | | | | | | | From the point of view of the client (lockd), the 'priv' blob is probably the most important key, so make sure to not throw away requests with new 'priv' information. Signed-off-by: Neil Brown <neilb@suse.de>
* statd - remove a pointless ifNeil Brown2007-03-291-19/+17
| | | | | | The if contains a while with essentially the same condition. Signed-off-by: Neil Brown <neilb@suse.de>
* mount.nfs - nordirplus optionSteve Dickson2007-03-293-0/+11
| | | | | | | | | | From: Steve Dickson <steved@redhat.com> Adds the -o nordirplus mount option that will disable NFS clients from using the READDIRPLUS RPC. Signed-off-by: Steve Dickson <steved@redhat.com> Signed-off-by: Neil Brown <neilb@suse.de>
* mount.nfs.man - Use nolocks for /, /usr, /varNeil Brown2007-03-291-5/+12
| | | | | | | Make it clear in manpage for mount.nfs that using nolock is appropriate for /, /usr and /var. Signed-off-by: Neil Brown <neilb@suse.de>
* mount.nfs - require statd to be running to mount without nolocksNeil Brown2007-03-292-9/+48
| | | | | | | | | If we are mounting nfsv2 or nfsv3 and statd isn't running and we cannot start statd, then fail the mount request. Also use an RPC ping to check on statd. Signed-off-by: Neil Brown <neilb@suse.de>
* statd - only unregister/register once.Neil Brown2007-03-291-16/+13
| | | | | | | | | | | | | The for loop that restarts on SIGUSR or simu_reboot currently includes several once-only things, that are probably best taken out of the loop. We also take the unregister/register out of the loop as if statd does drop privileges, then the second register won't use a privileged port properly. On the whole, cleaner code. Signed-off-by: Neil Brown <neilb@suse.de>
* mountd - better response to failed attempts to export filesystemsNeil Brown2007-03-291-3/+6
| | | | | | | | | | If the kernel rejects an attempt to export a filesystem - e.g. because it is not exportable, we shouldn't just ignore the error, but rather should tell the kernel that the relevant filehandle or path cannot be supported. We should really print out some error messages too. Signed-off-by: Neil Brown <neilb@suse.de>
* sm-notify - fix bugs related to run-only-once.Neil Brown2007-03-291-2/+2
| | | | | | Make sure that sm-notify really runs only once per reboot. Signed-off-by: Neil Brown <neilb@suse.de>
* statd - keep persistent state in sm/* files.Neil Brown2007-03-293-1/+83
| | | | | | | | | | | | If statd dies and is restarted, it forgets what peers the kernel is interested in monitoring, and so will not forward NOTIFY requests properly. With this patch the required information is recorded in the files in /var/lib/nfs/sm/* so that a kill/restart does what you might hope. Signed-off-by: Neil Brown <neilb@suse.de>
* statd - fix bug so statd can talk to kernel again.Neil Brown2007-03-231-0/+2
| | | | | | | We need to call statd_get_socket before dropping privileges so that we have a privileged port. We use to do that when initialising notification as the same socket was used for reboot notication as for callbacks to the kernel. Now it is a different socket..
* sm-notify - Fix typos in Usage message.Neil Brown2007-03-221-1/+1
|
* mount.nfs: Fix issue with -o user,execNeil Brown2007-03-221-4/+2
| | | | | | | | | | | | It would seem to make sense for mount.nfs to impose the "-o user" => "-o noexec,nodev,nosuid" rule. However if you give "user,exec" to /sbin/mount, it will pass down nodev,nosuid,user with the 'exec' flag :-( So we have to leave that handling of that particular rule to /sbin/mount.
* Fix errors in statd calling sm-notify.Neil Brown2007-03-221-4/+5
| | | | | | The option for set-source-address is '-v', not '-N'. And only warn about -N if -N was actually used.
* Never set SO_REUSEADDR on a UDP socket.Neil Brown2007-03-222-3/+6
| | | | | | | | The effect is quite different from TCP sockets. For TCP, it allows you to listen for new connections even if there are outstanding old connections with the same local address. For UDP, it allows other people to steal your packets by binding to the same address.
* Fix a couple of problems that crept into mountKevin Coffman2007-03-211-2/+2
| | | | | | | | | | | | Commit 6facb22402a0bd8cd49be2ed1a0856b24fef42f4 changed the allocation of len to no longer get 20 extra bytes. It needs to get at least one extra byte for a null character, otherwise a single extra option such as "sec=krb5" is never copied in parse_opt() and is dropped. Commit 44a3727a3243e674a1f1fdad5cbbc639aa25d01c added a typo when checking the program name. Signed-off-by: Neil Brown <neilb@suse.de>
generated by cgit (git 2.34.1) at 2025-09-25 10:52:27 +0000