| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
Fix a copy-paste error introduced in nfs_mount_protocol(). It should
return an IPPROTO_ number, not an NFS version number.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Turns out we do actually need to use a privileged port for UMNT. The
Linux rpc.mountd complains if an ephemeral source port is used:
Apr 17 15:52:19 ingres mountd[2061]: refused unmount request from
192.168.0.59 for /export (/export): illegal port 60932
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
We needed to guarantee that some RPC programs, such as PMAP, got an
unprivileged port, to prevent exhausting the local privileged port
space sending RPC requests that don't need such privileges.
nfs_get_rpcclient() provides that feature.
However, some RPC programs, such as MNT and UMNT, require a privileged
port. So, let's provide an additional API for this that also supports
IPv6 and setting a destination port.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
as currently printed c is the version number, not a string char,
therefore is should be printed as %d not %c. That said, just print
optarg as %s since it might be non-numeric.
Signed-off-by: Benny Halevy <bhalevy@panasas.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
Squelch a compiler warning in getport.c:
getport.c:65: warning: ¿static¿ is not at beginning of declaration
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The check that validates the version of librpcsecgss also needs to
have libgssglue installed. Without libgssglue, ./configure complains
that it can't find rpcsecgss, even though it's installed.
It also turns out that the error message generated by pkg-config is
more complete than the one we have in aclocal/rpcsec_vers.m4, so just
let those PKG_CHECK_MODULES m4 macros use the default error message.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
All of the pieces to handle IPv6 are now in place. Add IPv6-specific
code wrapped in the proper #ifdef's so that IPv6 support works when
it's enabled at build-time.
Reviewed-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
We already have a common function for setting up an RPC client. That
function uses the tirpc API when tirpc is enabled and is also already
IPv6 enabled. Switch gssd to use it.
Reviewed-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We already have the server's address from the upcall, so we don't really
need to look it up again, and querying the local services DB for the
port that the remote server is listening on is just plain wrong.
Use rpcbind to set the port for the program and version that we were
given in the upcall. The exception here is NFSv4. Since NFSv4 mounts
are supposed to use a well-defined port then skip the rpcbind query
for that and just set the port to the standard one (2049).
Reviewed-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The current upcall could be more efficient. We first convert the address
to a hostname, and then later when we set up the RPC client, we do a
hostname lookup to convert it back to an address.
Begin to change this by keeping the address in the clnt_info that we get
out of the upcall. Since a sockaddr has a port field, we can also
eliminate the port from the clnt_info.
Finally, switch to getnameinfo() instead of gethostbyaddr(). We'll need
to use that call anyway when we add support for IPv6.
Reviewed-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Systems that are so old that they don't have getnameinfo() in glibc are
probably also running kernels that are so old that they don't support
gssapi upcalls anyway.
Make --enable-gss dependent on the presence of the getnameinfo()
function. This allows us to reduce some conditional compilation.
Reviewed-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The print_stats_list() routine was using the client's
stats to decide whether to display any stats. This did
not work when there was only server stats.
This patch breaks up print_stats_list into two different
routines allowing both server and clients stats to be
listed.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
| |
-Z options causing the stats to be incorrect.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
is specified (-2, -3, -4) the -Z and or --list options.
When a particular protocol is specified and either
the -Z or --list options are used, zeros or blank lines
are echoed to the screen when there is not any NFS traffic.
This cause any useful data to be scroll off the screen.
With this patch only non-zero stats will be shown, which
makes the output of these options more condensed and
in turn more useful.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
nfsstat.c: Adds the --list flag to print information in a list format
instead of the standard multi-column format
nfsstat.man: Updates the manpage to include the --list flag.
Signed-off-by: Kevin Constantine <kevin.constantine@disneyanimation.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The 'nfsstat -Z5' command continually outputs the following
when there is no NFS traffic.
Client rpc stats:
calls retrans authrefrsh
0 0 0
This patch adds code that will keep the interval output
quite so real results will not be scrolled of the screen
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
nfsstat.c: Implements an optional "interval" argument to --sleep
nfsstat.man: Explains the use of --sleep[interval]
Reviewed-By: Greg Banks <gnb@fmeh.org>
Signed-off-by: Kevin Constantine <kevin.constantine@disneyanimation.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
If the initial fflush() fails in qword_eol, log the failure
and return the indication of the original failure, not the
successful cover-up.
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If qword_eol() fails while writing the context information, log
an indication of the failure.
This addresses at least one cause of the intermittent, and
previously undiagnosed, problem of the server returning
GSS_S_NO_CONTEXT when a context was seemingly successfully
created and sent down to the kernel. In my case there was a
mis-match between kernel and user-land configuration resulting in
the proper kernel module not being loaded. Therefore the write
of the context failed, but was not logged by svcgssd. When the
kernel goes to find the resulting context, it was really not
there and correctly returned GSS_S_NO_CONTEXT to the client.
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Mountd keeps file descriptors used for locks separate from
those used for io and seems to assume that the lock will
only be released on close of the file descriptor that was used
with fcntl. Actually the lock is released when any file
descriptor for that file is closed. When setexportent() is called
after xflock() he closes and reopens the io file descriptor and defeats the
lock.
This patch fixes that by using a separate file for locking, cleaning
them up when finished.
Signed-off-by: Ben Myers <bpm@sgi.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
AC_CHECK_FUNC and AC_CHECK_FUNCS take 3 args. Any ones beyond that are
ignored. In several places, we're passing the "action-if-not-found" in
as the 4th arg so it's being ignored.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
flag has been set. This cause warnings to be generated when
return values from reads/writes (and other calls) are not
checked. The patch address those warnings.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
this. Later code changes may make it more likely for this problem to
occur.
Also eliminate some unneeded NULL pointer checks before freeing memory.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
There's no way for the caller of gssd_k5_err_msg to know whether to free
the string it returns. It can call krb5_get_error_message which returns
a string that must be freed via krb5_free_error_string. The other ways
that it can return a string require that the memory not be freed.
Deal with this by copying the string to a new buffer in all cases. Then
we can properly free the string allocated by krb5_get_error_message.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Valgrind complains that we're passing an unintialized buffer to sscanf
here. The main problem seems to be that we're not ensuring that the
buffer is NULL terminated before we pass it off.
This is the second version of this patch, the first one did not increase
the buffer allocation by 1 which could have led to clobbering the next
byte on the stack if nbytes == INFOBUFLEN.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
This causes a compiler warning and also means that we're stuffing
the buffer with uninitialized junk from the stack. Other places in
this code initialize "fakeseed" to 0. Do the same here.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
From: Jeff Layton <jlayton@redhat.com>
Make the pkgconfig check for libgssglue conditional on tirpc being
enabled. When it's disabled, the pkgconfig check for librpcsecgss will
pull in the gssglue lib and include dir automatically.
Also, make sure we include GSSGLUE_CFLAGS and the GSSGLUE_LIBS to the
appropriate places in utils/gssd/Makefile.am so that we pick up
the gssglue libs when tirpc is enabled.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Data type incompatibilities between the legacy RPC headers and the
TI-RPC headers mean we can't use libtirpc with code that was compiled
against the legacy RPC headers. The definition of rpcprog_t for
example is "unsigned long" in the legacy library, but it's "uint32_t"
for TI-RPC. On 32-bit systems, these types happen to have the same
width, but on 64-bit systems they don't, making more complex data
structures that use these types in fields ABI incompatible.
Adopt a new strategy to deal with this issue. When --enable-tirpc is
set, append "-I/usr/include/tirpc" to the compilation steps. This
should cause the compiler to grab the tirpc/ headers instead of the
legacy headers. Now, for TI-RPC builds, the TI-RPC legacy functions
and the TI-RPC headers will be used. On legacy systems, the legacy
headers and legacy glibc RPC implementation will be used.
A new ./configure option is introduced to allow system integrators to
use TI-RPC headers in some other location than /usr/include/tirpc.
/usr/include/tirpc remains the default setting for this new option.
The gssd implementation presents a few challenges, but it turns out
the gssglue library is similar to the auth_gss pieces of TI-RPC. To
avoid similar header incompatibility issues, gssd now uses libtirpc
instead of libgssglue if --enable-tirpc is specified. There may be
other issues to tackle with gssd, but for now, we just make sure it
builds with --enable-tirpc.
Note also: svc_getcaller() is a macro in both cases that points to
a sockaddr field in the svc_req structure. The legacy version points
to a sockaddr_in type field, but the TI-RPC version points to a
sockaddr_in6 type field.
rpc.mountd unconditionally casts the result of svc_getcaller() to a
sockaddr_in *. This should be OK for TI-RPC as well, since rpc.mountd
still uses legacy RPC calls (provided by glibc, or emulated by TI-RPC)
to set up its listeners, and therefore rpc.mountd callers will always
be from AF_INET addresses for now.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
Clean up: for consistency with other local feature checks, move IPv6
feature checks into aclocal/
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
From: Jeff Layton <jlayton@redhat.com>
The conftest should work without these extra libs being included.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
Clean up: Introduce two more aclocal scripts for handling rpcsecgss
dependency checking.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
Clean up: Create an aclocal script for the nfsidmap library and
headers checks used for both --enable-gss and --enable-nfsv4.
Move libevent checks out too.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Instead of switching in TI-RPC-specific logic with a function-specific
switch like HAVE_CLNT_VG_CREATE, let's use the more generic
HAVE_LIBTIRPC macro everywhere.
This simplifies ./configure (always a good thing), and makes it more
clear in the source code exactly what the extra conditionally compiled
code is for.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Define an aclocal test for TI-RPC headers and library, and move the
TI-RPC checks earlier in our configure script so other feature checks
can use the availability of TI-RPC to decide what to do.
Since bindresvport_sa is required just for IPv6 support, move that
check to the IPv6 feature tests.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
Clean up: Add proper m4 quoting in macros that check for the presence
of some functions in configure.ac.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
longer used but, unfortunately, they are extern-ed by
public headers files which are not under the control
of this package.
Spotted-by: Juergen Daubert <jue@jue.li>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In gssd/context_lucid.c, ensure that gss_buffer_desc and gss_OID_desc
are defined before write_bytes.h, which uses these definitions, is
included. With TI-RPC, these definitions are not provided by
rpc/rpc.h.
It appears that <gssapi/gssapi_krb5.h> already includes krb5.h and
gssapi.h (on my system, anyway) so let's drop those includes.
Ideally write_bytes.h itself should include the needed headers, but
some source files that use Heimdal include a different, Heimdal-
compatible, header to get these definitions.
Pointed-out-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
Clean up.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The printf format string in nfs_pp_debug() assumes the @program and
@version arguments are unsigned long, because the legacy RPC headers
define both rpcprog_t and rpcvers_t as unsigned long types.
However, the TI-RPC headers define both types as uint32_t, which
requires a different printf format type. If we replace the legacy
headers with TI-RPC headers, this type mismatch generates compiler
warnings that are nothing but noise.
We are about to provide a switch at ./configure time to allow the use
of either the legacy RPC headers or the TI-RPC headers, so we need
a printf format that works in both cases.
To squelch the compiler warnings that occur when using the TI-RPC
headers, cast both arguments in the fprintf statement to the widest of
the two types ("unsigned long" or "uint32_t").
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
TI-RPC's version of the svc_getcaller() macro points to a sockaddr_in6,
not a sockaddr_in, though for AF_INET callers, an AF_INET address
resides there. To squelch compiler warnings when the TI-RPC version of
the svc_req structure is used, add inline helpers with appropriate
type casting.
Note that tcp_wrappers support only AF_INET addresses for now.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
At least on my systems, the AM_CPPFLAGS substitution at the end of
configure.ac is not needed. It adds an extra copy of
"-I../../support/includes" to each compile step.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
The getservbyname(3) function is not re-entrant, and anyway,
the man page says it is obsolete. Replace it with a call
to getaddrinfo(3).
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
| |
Signed-off-by: Valerie Aurora Henson <vaurora@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
| |
Signed-off-by: Ben Greear <greearb@candelatech.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
getport.c is effectively a library, so it should not be emitting
messages via printf.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
Turns out both legacy RPC and TI-RPC have a clnt_create(3) API. So
there's
really no need to keep the old open-coded transport logic around.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
Kernel 2.6.25 deprecates intr/nointr. Reflect this change in nfs(5).
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
Kernel 2.6.28 adds a new mount option: [no]resvport. Document the new
option in the nfs(5) man page.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
