| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
| |
Don't restrict machine credentials to be "nfs/<machine.name>".
Use any usable credentials contained in the keytab file.
[We actually attempt to use the first entry found for each
realm, not every entry, in the keytab.]
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a new option ("-n") to rpc.gssd to indicate that accesses as root
(uid 0) should not use machine credentials, but should instead use
"normal" Kerberos credentials obtained by root.
This change was prompted by a suggestion and patch from Daniel
Muntz <Dan.Muntz@netapp.com>. That patch suggested trying "normal"
credentials first and falling back to using machine creds for
uid 0 if normal creds failed.
This opens up the case where root may have credentials as "foo@REALM"
and begins accessing files. Then the context using those credentials
expires and must be renewed. If the credentials are now expired, then
root's new context would fall back and be created with the machine
credentials.
Instead, this patch insists that the administrator choose to use either
machine credentials for accesses by uid 0 (the default behavior, as
it was before) or "normal" credentials. In the latter case, arrangements
must be made to obtain credentials before attempting a mount. There
should be no doubts which credentials are used for uid 0.
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
|
| |
Free keytab entries while processing keytab file.
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
Signed-off-by: Neil Brown <neilb@suse.de>
|
| | |
|
| | |
|
| |
|
|
| |
Providing user=username or users is listed in mtab.
|
| |
|
|
| |
They are identical and the later allows us to use hasmntent.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
If "user" or "users" is given, then allow mount.nfs to be run
by a non-root user providing that the mountpoint, filesystem, and options
exactly match what is found in fstab.
For "user", record the user name in mtab so they can unmount the
filesystem later.
Also alwasys ignore auto, owner, group and their negations as well
as "_netdev", "comment" and "loop".
|
| |
|
|
|
| |
The version of the interface to the kernel for requesting a mount
it entirely different to the version of NFS that is being mounted.
|
| |
|
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
Signed-off-by: Neil Brown <neilb@suse.de>
|
| | |
|
| |
|
|
|
|
| |
Because, ofcourse, we haven't.
When we do finally let-go of the mount, the server won't get told,
but the same would happen on a crash, and the server just has to cope.
|
| |
|
|
|
|
| |
nfsumount() returns 1 for success and 0 for failure.
Take proper account of this when producing an exit
status.
|
| |
|
|
|
| |
Defaults are now tcp/v3.
Several bugs have been fixed.
|
| | |
|
| |
|
|
|
| |
We don't need it (any more).
Also add AM_PROG_CC_C_O as we seem to need it..
|
| |
|
|
|
|
| |
rather than explicit -D_FILE_OFFSET_BITS=64
Taken from Redhat -5 sources.
|
| |
|
|
|
|
| |
On distros that support 32 and 64bit userspace, we need to look
a bit more broadly for libraries
(taken from Redhat sources for RHEL5 - thanks).
|
| |
|
|
|
| |
Providing write access to the DESTDIR is ok, we shouldn't
fail the install just because 'chown' fails.
|
| |
|
|
|
| |
As this is a file in /tmp, a symlink could take us anywhere...
If it was a NFS filesystem with a dead server, we could block for a long time..
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
- remove non-used arguments from del_mtab.
- Don't try to pass a "host:/path" string to umount.
It used to be possible to umount("/dev/whatever"). It has never
been possible to umount("host:/path").
- Don't try to read /proc/mounts first. Some mount options (mount_vers)
are only stored in /etc/mtab, not in /proc/mounts. So we have to
prefer /etc/mtab as getmntXbackwards do.
- Only every call one of getmnt{dir,dev}backwards, depending on whether
'spec' looks like a path name or a host:/path.
- Don't call _nfsumount unless we have a host:/path, or del_mtab unless we
have a path name.
|
| |
|
|
| |
It is only used in one place.
|
| |
|
|
|
|
|
| |
add_mtab2 is used to remove an entry from mtab, rename it to del_mtab.
Signed-off-by: Wei Yongjun <yjwei@nanjing-fnst.com>
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This patch do following things:
1. When unmounting, we should try /proc/mounts first. Only then in
/etc/mtab if it wasn't found.
2. Reject name passed to us which is not starts with a '/' or not
contains a ':'
3. Fix the method to get UMNT protocol
Signed-off-by: Wei Yongjun <yjwei@nanjing-fnst.com>
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
|
|
|
|
|
| |
This fix umount.nfs4's BUG, patch cleanup some useless code.
1. Combine nfs3_umount() and nfs2_umount() to nfs_umount()
2. If it is a nfs4 remote file system or unkown mount version, do not
probe remote mount port and not send UMNT request wich is not necessary
Signed-off-by: Wei Yongjun <yjwei@nanjing-fnst.com>
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
|
|
|
| |
This patch lets umount to use correct UMNT version to do umount.
In latest kernel, the version format is "vers=3" etc., and in old kernel
the version format is "v3","v4" etc.
Signed-off-by: Wei Yongjun <yjwei@nanjing-fnst.com>
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
|
| |
As nfs-utils as an ordering of client types (hostname, netmask,
wildcard, netgroup), it is expected that sometimes the one IP will
match two or more of these and the first will over-ride. So
don't both complaining when that happens.
|
| |
|
|
|
|
| |
This patch is now hard-coded in the Makefile.am and cannot
be changed by configure. But as it needs to match what
util-linux does, that is probably a good thing.
|
| |
|
|
| |
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
|
|
|
|
|
| |
If statd is not running (/var/run/rpc.statd.pid) when an nfs filesystem
is mounted (v2 or v3, with remote locking enabled), and if
/usr/sbin/start-statd (or other program specified at config time) is
present, then run that program to start statd.
This means that statd does not need to be running "just in case".
It only needs to be started at boot time if the nfs server is
started.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
i.e. you now need --disable-secure-statd if you want any client
other than lockd to talk to statd.
Also relax the RESTRICTED_STATD checks so that a recent kernel
with /proc/sys/fs/nfs/nsm_use_hostnames set can still talk to
statd.
Finally, restrict access to simulate_crash so that only privileged
processes on localhost can call it. Having it accessible by the
whole world is probably not much more than a minor inconvenience,
but it really should be kept closed.
|
| |
|
|
|
|
| |
It was already commented out, and it will never be wanted.
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
|
|
| |
It appears that this is used only by unfsd, and is obscure enough that
we should be able to just rip it out with no special precautions.
Signed-off-by: "J. Bruce Fields" <bfields@citi.umich.edu>
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
|
|
|
| |
Solaris servers, when asked to share a filesystem with an anon-uid, will
report the only available authentication style as AUTH_NONE in the
reply from mountd (even though they actually accept AUTH_SYS and simply
ignore the credentiuals).
So if no sec= is specified we should really accept anything that can easily
be handled. ie. AUTH_SYS or AUTH_NONE.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
/* The fsid -> path lookup can be quite expensive as it
* potentially stats and reads lots of devices, and some of those
* might have spun-down. The Answer is not likely to
* change underneath us, and an 'exportfs -f' can always
* remove this from the kernel, so use a really log
* timeout. Maybe this should be configurable on the command
* line.
*/
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
|
|
| |
Only create a mount-time reserved port socket for kernels
which require it (pre-2.1.32/nfs_mount_version 1).
Signed-off-by: Tom Talpey <tmt@netapp.com>
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When connecting to an NFSv4 server we need to find out IP address
as it would be seen by the server, to register an address for
callbacks.
This is most easily done by connecting the socket to the
servers address and then getting the address of our endpoint.
However with a connected UDP socket, replies that come from a
different IP address - as can happen with non-Linux multi-homed
servers - will be rejected.
So if we connected our UDP socket, we need to be sure to
disconnect it before using it.
This patch adds an option to get_socket to say if we want it
connected or not and, in the case where we do, we disconnect
a UDP socket after the connection information has been used.
Also clean up the error handling in clnt_ping which was getting
clumsy.
|
| |
|
|
| |
For completeness... and who knows, someone might want it.
|
| | |
|
| |\ |
|
| | |
| |
| |
| |
| |
| | |
A stray '$'.
Signed-off-by: Neil Brown <neilb@suse.de>
|
| | |
| |
| |
| |
| |
| |
| | |
Wrong pointer test meant mountd would alway do gid lookups
instead of only if asked to with '-g'.
Signed-off-by: Neil Brown <neilb@suse.de>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Fix up a few issues with the fsloc code.
Signed-off-by: Fred Isaman <iisaman@citi.umich.edu>
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
Signed-off-by: Neil Brown <neilb@suse.de>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Use the correct pointer when writing fslocations data to the cache.
Also write the fsloc stuff before the uuid stuff so userland code
will work with or without the uuid kernel patches.
Signed-off-by: Neil Brown <neilb@suse.de>
|
| | | |
|
| | |
| |
| |
| |
| |
| | |
This was only needed for kernels 2.2.14 through 2.2.17.
These have long since been superceded, so remove some dead weight.
|
| |/
|
|
|
|
|
| |
subtree_check causes more problems than it is worth,
and it isn't worth much in the first place..
Signed-off-by: Neil Brown <neilb@suse.de>
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
Extend exportfs interface to pass fslocations info into the kernel,
using syntax modelled after AIX. Adds "refer=" and "replicas="
options to /etc/exports to enable use of the kernel fslocation code.
Signed-off-by: Fred Isaman <iisaman@citi.umich.edu>
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
|
| |
When doing a nonblocked connect, we need to select for 'write', not 'read'.
Also, when a tcp socket has been connected, we should use clnttcp_create
to make a tcp client, not clntudp_bufcreate !!
|
