summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* Assorted man page fixesNeil Brown2006-10-243-9/+11
| | | | Mostly thanks to Sylvain Cherrier <sylvain.cherrier@free.fr>
* Allow gssd ccaches in MEMORY: rather than FILE:Kevin Coffman2006-10-173-2/+13
| | | | | | | | | Signed-off-by: Kevin Coffman <kwc@citi.umich.edu> Add option to store gssd ccaches in a MEMORY: cache rather than the default FILE: cache. In response to suggestion from Steve Dickson <steved@redhat.com> and Nalin Dahyabhai <nalin@redhat.com>.
* Implement a new version of lucid spkm3 context.Olga Kornievskaia2006-10-171-20/+19
| | | | | | | | Signed-off-by: Olga Kornievskaia <aglo@citi.umich.edu> Signed-off-by: Kevin Coffman <kwc@citi.umich.edu> Implement a new version of lucid spkm3 context which is passed down to the kernel.
* Don't always use default mapping to "nobody".J. Bruce Fields2006-10-171-17/+35
| | | | | | | | | | | | | | | | | | Signed-off-by: Kevin Coffman <kwc@citi.umich.edu> We've been ignoring all mapping errors and instead mapping to a "nobody" user or group. This is arguably OK for the cases where we're returning a value to the user (so, id->name mapping on the server or name->id mapping on the client). But it's a disaster in the other direction (id->name on the server or id->name on the client): for example, a chown to an unknown user should *not* automatically be translated into a succesful chown to "nobody". This patch fixes that problem on the server side. Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
* Fix misc warning messagesKevin Coffman2006-10-173-1/+3
| | | | | | Signed-off-by: Kevin Coffman <kwc@citi.umich.edu> Clean up a few warning messages.
* On a glibc system gethostbyname is in libc not libnsldid447@gmail.com2006-10-171-3/+7
| | | | | | | | Signed-off-by: Kevin Coffman <kwc@citi.umich.edu> Change configure test for gethostbyname, and properly determine whether "-lnsl" or "-lsocket" are really required.
* Restore extra help for PKG_CONFIG errorKevin Coffman2006-10-171-3/+1
| | | | | | | Signed-off-by: Kevin Coffman <kwc@citi.umich.edu> Fix the error message printed when pkg-config is unable to locate information for librpcsecgss so the message is actually printed.
* Add a SEE ALSO in nfsd man pageMike Frysinger2006-08-211-0/+1
|
* One final step in convertion of anon = -2 -> 65534Neil Brown2006-08-091-2/+2
| | | | | Printing export options should avoid printing 'anonuid=65534' rather than avoiding 'anonuid=-2'.
* Set version to 1.0.10Neil Brown2006-08-072-1/+10
| | | | | | | Note: 1.0.10 should be used in preference to 1.0.9 especially with kernels 2.6.18 and later otherwise 'rpc.nfsd N' won't work to change the number of threads after nfsd has been started.
* "rpc.nfsd XX" should not fail if ports are already open.Neil Brown2006-08-073-3/+38
| | | | | | | | | support/nfs/nfssvc.c: if any ports are already open, don't try to open any more. This means that once nfsd is running rpc.nfsd X will just change the number of threads, not the ports in use.
* Remove warning if neither 'sync' or 'async' present.Neil Brown2006-08-073-14/+30
| | | | Add warning of neither 'subtree_check' or 'no_subtree_check' present.
* Fix compilation problem - write_oid not definedKevin Coffman2006-07-211-0/+13
|
* Fix off-by-one error in rpcgenRichard Guenther2006-07-201-1/+1
| | | | We obviously need to allocate space for the terminating nul too.
* Update changelog and set version to 1.0.9Neil Brown2006-07-082-1/+368
|
* Use uid/gid of -1 to indicate the export's anonuid/anongid should be usedKevin Coffman2006-07-081-2/+5
| | | | | | | | | | | Kernel routine nfsd_setuser() in fs/nfsd/auth.c checks for the value -1 and defaults the credential's fsuid/fsgid to the correct anonuid/anongid values for the given export. We should be passing this value (-1) down when a name mapping cannot be found. Thanks to J. Bruce Fields <bfields@fieldses.org> for the reference. Signed-off-by: Kevin Coffman <kwc@citi.umich.edu> Acked-by: J. Bruce Fields <bfields@fieldses.org>
* Change svcgssd_LDFLAGS to match gssd_LDFLAGSKevin Coffman2006-07-081-1/+1
|
* Disable building/installing mount.nfs by default.Neil Brown2006-07-081-2/+2
| | | | | | | mount.nfs does not yet support 'user' option and some others. To make it support this we need to make it setuid-root, and some security isses need to be resolved before that can be done safely.
* Call nfssvc_versbits before nfssvc_setfdsSteve Dickson2006-07-081-2/+5
| | | | | nfssvc_versbits() has to be called before nfssvc_setfds() for the version processing to work correctly
* Only use -rpath for Kerberos libs when actually needed.Neil Brown2006-07-062-1/+13
| | | | Avoid usage of -rpath is generally safer, and is required by Debian policy.
* Use 65534 instead of -2 in svcgssd_proc.cNeil Brown2006-07-061-4/+3
| | | | as this is more consistant across achitectures.
* This patch adds code to nfsstat to read /proc/net/rpc/nfsd for nfsv4 server ↵Shankar Anand2006-07-051-1/+18
| | | | | | statistics and print them. Submitted by: Shankar Anand <shanand@novell.com>
* Fix typos in various man pages.Steinar H. Gunderson2006-07-053-6/+6
|
* Use 65534 for anon uid/gid rather than -2Steinar H. Gunderson2006-07-052-5/+5
| | | | This is more consistant across platforms.
* Update rpcdebug to know about new 2.6 debug flags. AddedGreg Banks2006-07-054-2/+100
| | | | a manpage and installed rpcdebug (in sbindir).
* Ignore new generated files.Greg Banks2006-07-051-0/+3
|
* Add rquota.h to BUILT_SOURCES so rquotad builds on the first try.Greg Banks2006-07-051-0/+2
|
* Generate rquota_xdr.c and rquota.h from rquota.xNeil Brown2006-07-055-206/+27
| | | | | rquota_svc.c is still by-hand as it contains alot of extras. These should really be moved to rquota_server.c
* Remove some files that old, unused, unneeded.Neil Brown2006-07-0517-1149/+3
| | | | | | | | | | | | | | | deleted: support/export/keys.c deleted: support/include/rpcdispatch.h deleted: support/include/rpcsec.h deleted: support/include/version.h deleted: support/include/ypupdate.h deleted: support/nfs/clients.c deleted: support/nfs/keytab.c deleted: support/nfs/ypupdate_xdr.c deleted: support/rpc/include/Makefile.am deleted: tools/rpcdebug/neat_idea.c deleted: utils/mountd/mount_xdr.c deleted: utils/rquotad/pathnames.h
* Avoid error creating an existing symlinkNeil Brown2006-07-051-0/+1
| | | | Just remove the link first.
* Don't depend on Kerberos headers when checking librpcsecgss in configurekwc@citi.umich.edu2006-07-041-2/+2
| | | | | | | | Signed-off-by: Kevin Coffman <kwc@citi.umich.edu> Older versions of MIT Kerberos are missing an OID definition, causing the configure checks for librpcsecgss to fail. We shouldn't be depending on their libraries during the configure.
* Eliminate warnings from code generated by rpcgenGreg Banks2006-07-041-22/+20
| | | | | | | | | | | - unused variable 'buf' - emit a declaration for `buf' on demand. - unused variable 'i' - declare i immediately before use - unused value from IXDR_PUT_ - cast to (void) - type-punned pointer reference - cast to (void*) first :-(
* Handle mapping failure from get_ids.kwc@citi.umich.edu2006-07-041-2/+15
| | | | | | | | | Signed-off-by: Kevin Coffman <kwc@citi.umich.edu> Temporary patch to do default mapping if we get an error while trying to map a gss principal to the appropriate uid/gid. This currently returns hardcoded values. This may be correct, or we may need to try and figure out the correct values to match the anonuid/anongid for the export.
* Properly report errors in readline() functionkwc@citi.umich.edu2006-07-042-4/+8
| | | | | | Signed-off-by: Kevin Coffman <kwc@citi.umich.edu> Change message priorities for errors and debug messages.
* Change default buffer size increment for readline()kwc@citi.umich.edu2006-07-041-3/+5
| | | | | | | | Signed-off-by: Kevin Coffman <kwc@citi.umich.edu> The readline routine expects much smaller messages than we are passing. Change the default initial allocation and increment value from 128 to 2048. This saves many calls to realloc().
* Clean up the printerr() logging function.kwc@citi.umich.edu2006-07-041-30/+31
| | | | | | | | | | | | | | | Signed-off-by: Kevin Coffman <kwc@citi.umich.edu> Update the printerr() function to: 1) Determine whether we'll print the message before going to all the work of formatting it. 2) Don't just toss away messages that are too long for the buffer. Print what we can and give an indication of the truncation with "..." at the end. 3) Use a single buffer rather than two. 4) Messages either go to syslog (with level ERR) or stderr. Don't send some messages to syslog level DEBUG.
* Use setfsuid() rather than seteuid() while creating contextskwc@citi.umich.edu2006-07-041-7/+7
| | | | | | | | | | Signed-off-by: Kevin Coffman <kwc@citi.umich.edu> As suggested by Olaf Kirch <okir@suse.de>, use setfsuid() rather than seteuid() when creating a gss context. This prevents users from using credentials that do not belong to them, while also preventing them from doing things like killing, renicing, or changing the priority of the gssd process while it is processing the context creation.
* Limit acquire_cred call to to Kerberos onlykwc@citi.umich.edu2006-07-041-1/+6
| | | | | | | Signed-off-by: Kevin Coffman <kwc@citi.umich.edu> Specify that the acquire_cred call should only be concerned with returning Kerberos credentials since this is Kerberos-only functionality.
* Check that the gssapi library is usable early on.kwc@citi.umich.edu2006-07-044-0/+34
| | | | | | | | | Signed-off-by: Kevin Coffman <kwc@citi.umich.edu> Do a call to determine mechanisms supported by the gssapi library early. This allows us to discover early in case the gssapi library is somehow misconfigured. We can bail out early and give a meaningful message rather than getting errors on each attempt at a context negotiation.
* Fix problems with 64-bit big-endian machineskwc@citi.umich.edu2006-07-042-4/+4
| | | | | | | | | | Signed-off-by: Kevin Coffman <kwc@citi.umich.edu> Correct the definition of mech_used in the gss context to use gss_OID_desc. This fixes problems on 64-bit machines when referencing the OID. Also updates write_buffer function to use u_int rather than size_t when doing calculations.
* Define CFLAGS for gss_clnt_send_err compilekwc@citi.umich.edu2006-07-041-0/+3
| | | | | | | Signed-off-by: Kevin Coffman <kwc@citi.umich.edu> Add CFLAGS to make sure we find and use the correct gssapi.h when building gss_clnt_send_err
* Use socklen_t some more to avoid warnings.Greg Banks2006-07-031-1/+6
|
* Fix warning about pointer signedness differing.Greg Banks2006-07-031-2/+3
|
* Include the right header to get xmalloc() declaration.Greg Banks2006-07-031-1/+1
|
* Merge branch 'master' of git://linux-nfs.org/nfs-utilsGreg Banks2006-07-0327-448/+519
|\
| * nfs-utils 1.0.9-pre1Neil Brown2006-07-032-1/+185
| | | | | | | | Update change log and change version number
| * Allow rpc.nfsd to suppress tcp or udp, and listen on a specific address.Steve Dickson2006-07-035-7/+160
| | | | | | | | | | | | | | | | | | | | -T - will suppressing listening for TCP connection. -U - will suppress UDP -H host - will only listen on that local address -p port - will listen on that port. This requires kernel patches which will hopefully be in 2.6.19 and possibly some earlier test and vendor kernels.
| * Add support for suppressing different NFS versions.Steve Dickson2006-06-265-12/+89
| | | | | | | | | | | | e.g. -N 2 means that NFSv2 won't be supported, just v3 and v4 (if the kernel supports them).
| * Further coverity related cleanups.Neil Brown2006-06-233-14/+10
| | | | | | | | | | Greg Banks suggested some variations, particularly improved use of xmalloc/xstrdup functions. Thanks.
| * Fix various issues discovered by CoverityNeil Brown2006-06-239-28/+37
| | | | | | | | Thanks to Michael Halcrow for finding them.