| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The original implementation was using strncpy() with a truncation
length to an uninitialized stack buffer, leaving a string that
was only null terminated by luck.
While here, change to use no-copy semantics (no extra buffer) to
avoid buffer overflows altogether. exportfs already modifies argv
contents elsewhere, so this doesn't break anything anew.
Fixes: 4663c648 (exportfs: Support raw IPv6 addresses with
"client:/path")
Signed-off-by: Todd Vierling <todd.vierling@oracle.com>
Reviewed-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When attempting to establish a local ephemeral endpoint for a TCP or UDP
socket, do not explicitly call bind(2), instead let it happen implicilty
when the socket is first used.
The main motivating factor for this change is when TCP runs out of unique
ephemeral ports (i.e. cannot find any ephemeral ports which are not a
part of *any* TCP connection). In this situation if you explicitly call
bind(2), then the call will fail with EADDRINUSE. However, if you allow the
allocation of an ephemeral port to happen implicitly as part of connect(2)
(or other functions), then ephemeral ports can be reused, so long as
the combination of (local_ip, local_port, remote_ip, remote_port)
is unique for TCP sockets on the system.
This doesn't matter for UDP sockets, but it seemed easiest to treat TCP
and UDP sockets the same.
This can allow mount.nfs(8) to continue to function successfully, even
in the face of misbehaving applications which are creating a large number of
TCP connections.
Signed-off-by: Chris Perl <chris.perl@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
It's possible for "preferred_realm" to be NULL, in which case we
don't want to pass it to strcmp. Other places that use this variable
test whether it's NULL first -- we need to do the same here.
This should fix the gssd crash reported here:
https://bugzilla.redhat.com/show_bug.cgi?id=1108615
Reported-by: Brian J. Murrell <brian@interlinx.bc.ca>
Signed-off-by: Jeff Layton <jlayton@primarydata.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
This fixes the problem reported in:
https://bugzilla.redhat.com/show_bug.cgi?id=1083018
Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
According POSIX basename(3) should have an #include <libgen.h>
There are a different GNU implementation too, that can be used with
_GNU_SOURCE, but the POSIX version is good enough and more portable.
Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
| |
Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
| |
Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
| |
Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
The __dev_t is a GNU libc internal. Use the standard dev_t instead,
which is specified in POSIX.
Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
| |
Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
Use AC_USE_SYSTEM_EXTENSIONS to enable GNU_SOURCE, which is needed
for:
- stat64 in utils/exportfs/exportfs.c
- statfs64 in utils/mountd/cache.c
Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
NULL is defined in stdlib.h so we need to include that.
Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
Use the standard integer types. This fixes compiling errors with musl libc.
Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
One of our customer's application only needs file names, not file
attributes. With directories having 10K+ inodes (assuming buffer cache
has directory blocks cached having file names, but inode cache is
limited and hence need eviction of older cached inodes), older inodes
are evicted periodically. So if they keep on doing readdir(2) from NSF
client on multiple directories, some directory's files are periodically
removed from inode cache and hence new readdir(2) on same directory
requires disk access to bring back inodes again to inode cache.
As READDIRPLUS request fetches attributes also, doing getattr on each
file on server, it causes unnecessary disk accesses. If READDIRPLUS on
NFS client is returned with -ENOTSUPP, NFS client uses READDIR request
which just gets the names of the files in a directory, not attributes,
hence avoiding disk accesses on server.
There's already a corresponding client-side mount option, but an export
option reduces the need for configuration across multiple clients.
This flag affects NFSv3 only. If it turns out it's needed for NFSv4 as
well then we may have to figure out how to extend the behavior to NFSv4,
but it's not currently obvious how to do that.
Signed-off-by: Rajesh Ghanekar <rajesh_ghanekar@symantec.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
If you don't have systemd, then this script dumps:
/usr/sbin/start-statd: line 8: systemctl: command not found
This isn't terribly useful since we ultimately fall back to running
the daemon ourselves, so probe for systemd's existence before we try
to use it.
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This enable kerberized NFS mounts to succeed even if the
principal is not <HOSTNAME>$.
It works by reading another principal name from the [appdefaults]
section of krb5.conf:
[appdefaults]
nfs = {
ad_principal_name = 129.125.39.115$
}
Signed-off-by: Jurjen Bokma <j.bokma@rug.nl>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
Dump some information about used devices to syslog so that an admin
can troubleshoot failing blocklayout mounts.
Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We do want to use the dm-multipath device if it exists, which the
code is generally prepared for, except that this check excludes them
early. In addition this will also add the passive path to the device
list, which is harmless if an active one exists as that or the multipath
device will be preferred, and at least allows us to work if it doesn't.
Also fix up the check if an path needs to be updated to remove the silly
partition check - pNFS block offset are relative to the device so partion
should never match it instead of the full device. On the other hand the
simplistic check easily creates false positives, e.g. dm-10 is
considered a partition of dm-1.
Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When using rpc.gssd to secure NFSv3 FS using krb5, the following errors
can happen as a result of network congestion.
"rpc.gssd WARNING: can't create tcp rpc_clnt to server ... : RPC: Remote
system error - Connection timed out"
we had a successful reproducer of the problem which we tested using this
patch by starting rpc.gssd with "-T 60" as the option which solved the
problem. reproducer steps were to throttle the network using tc command
and then in a never ending loop mount the share, then write some data in
the file on the share and unmount it. keep a delay of 5 sec between the
iteration of each loop.
CC: Christian Horn <chorn@redhat.com>
Signed-off-by: Rinku Kothiya <rkothiya@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
When there is no kernel modules loaded the rpc_pipefs
directory is empty, which cause rpc.gssd to silently
exit.
This patch adds a check to see if the topdirs_list
is empty. If so error out without dropping a core.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Case insensitive filesystems support textually distinct names for the
same directory. i.e. you can access it with a name other than the
canonical name.
For example if you
mkdir /mnt/export
then add /mnt/EXPORT to /etc/exports, and on a client
mount server:/mnt/EXPORT /import
then the mount will work, but if the kernel on the server needs to
refresh the export information, it will ask about "/mnt/export", which
is not listed in /etc/exports and so will fail.
To fix this we need mountd to perform case-insensitive name
comparisons, but only when the filesystem would, and in exactly the
same way that the filesystem would.
So, when comparing paths for equality first try some simple heuristics
which will not be fooled by case and then ask the kernel if they are
the same.
By preference we use name_to_handle_at() as it reports the mntid which
can distinguish between bind mounts. If that is not available, use
lstat() and compare rdev and ino.
Acked-by: J. Bruce Fields <bfields@fieldses.org>
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
Create the given path set with --with-statdpath
Signed-off-by: chendt.fnst@cn.fujitsu.com
Reported-by: yaoxp@cn.fujitsu.com
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
In commit 51fda07a "gssd: scrape the acceptor name out of the context"
the allocated buffer size is not large enough to hold the actual data
that is written to the buffer. This fixes the allocated buffer size.
Reviewed-by: Jeff Layton <jlayton@poochiereds.net>
Signed-off-by: Veli-Matti Lintu <veli-matti.lintu@opinsys.fi>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds a callback for incoming sm_notify to better handle
stale lock issue in client crash recovery in HA-NFS environment
1. "sm-notify" - callout name
2. monitored client name as in the SM_NOTIFY request
3. IP of the sender of the SM_NOITFY request.
4. state value in the SM_NOTIFY request
This new interface can be used by different HA-NFS product
in its specific configuration and environment to
recover from the client crash and stale lock scenarios.
Signed-off-by: Rong Zeng <rongzeng@us.ibm.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When mounting spec of a regular file, mount.nfs print error message as,
mount.nfs: mount point /mnt is not a directory
mount.nfs: mount point /mnt/testfile is not a directory
This patch lets mount.nfs print more useful message,
mount.nfs: mount spec 127.0.0.1:/root/testfile or point /mnt is not a
directory
mount.nfs: mount point /mnt/testfile is not a directory
Signed-off-by: Kinglong Mee <kinglongmee@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
I hit a segfault in add_name with a mountd built with gcc-4.9.0. Some
NULL pointer checks got reordered such that a pointer was dereferenced
before checking to see whether it was NULL. The problem was due to
nfs-utils relying on undefined behavior, which tricked gcc into assuming
that the pointer would never be NULL.
At first I assumed that this was a compiler bug, but Jakub Jelinek and
Jeff Law pointed out:
"If old is NULL, then:
strncpy(new, old, cp-old);
is undefined behavior (even when cp == old == NULL in that case),
therefore gcc assumes that old is never NULL, as otherwise it would be
invalid.
Just guard
strncpy(new, old, cp-old);
new[cp-old] = 0;
with if (old) { ... }."
This patch does that. If old is NULL though, then we still need to
ensure that new is NULL terminated, lest the subsequent strcats walk off
the end of it.
Cc: Jeff Law <law@redhat.com>
Cc: Jakub Jelinek <jakub@redhat.com>
Signed-off-by: Jeff Layton <jlayton@poochiereds.net>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
The kernel "knows" this lives in /sbin, so just like
mount.nfs and osd_login, it must unconditionally be installed
there.
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
nfsd.c:347:15: warning: comparison between signed and unsigned integer
expressions [-Wsign-compare]
nfsd.c:385:13: warning: comparison between signed and unsigned integer
expressions [-Wsign-compare]
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
...and pass it to the kernel in the downcall. Legacy kernels will just
ignore the extra data, but with a proposed kernel patch the kernel will
grab this info and use it to verify requests on the v4.0 callback
channel.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
Contrary to the comment here, the lifetime_rec is not necessarily set
to zero on failure. That's only guaranteed to be the case if the context
has expired.
Cc: Andy Adamson <androsadamson@gmail.com>
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
We'll need a gss_buffer_t to pass to the downcall marshalling code.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
In a later patch, we'll need gssd to call into this code as well as
svcgssd. Move it into a common file that both can link in.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
...since its return code is ignored anyway.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
...and get rid of some pointless NULL ptr checks.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
"nfs-iostat.py --attr" was displaying nonsense (like negative
counts and percentages).
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
| |
Note: format() is new with Python 2.6
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The 1.3.0 release adds a call to systemctl fails for it's in /usr/bin.
[root@localhost nfs-utils]# start-statd
/usr/sbin/start-statd: line 9: systemctl: command not found
Statd service already running!
Reported-by: Allan Duncan <amd1234@fastmail.com.au>
Signed-off-by: Kinglong Mee <kinglongmee@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
With some recent kernel changes to the key ring
for a key to be removed they need to be invalidated
instead of revoked.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
Only two of our daemons write out pid files.
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
For NFSv4.0 callbacks, the server needs the client code and
the client needs the server code.
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
This isn't used so currently is inconvenient.
Once we decide how to handle this sort of thing we can apply
the change uniformly.
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
