| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is more of a clean-up than a behavioral change.
POSIX requires that a "struct sockaddr" is the same size as a "struct
sockaddr_in". Therefore, a variable or field of type "struct sockaddr"
cannot contain an AF_INET6 address. However, "struct sockaddr *" is
often used to reference a generic (ie non-address family specific)
socket address, generating some confusion about this.
The nfsctl_arg struct uses a struct sockaddr (not a pointer) to pass
the client's IP address to the kernel. This means the legacy nfsctl()
kernel API can never support IPv6. Fortunately for us, this legacy
interface was replaced by a text-based cache interface a few years
back. We don't need to support non-AF_INET addresses here.
The getfh() functions in nfs-utils provide a handy C API for the
kernel's nfsctl interface. The getfh() functions still take a struct
sockaddr *, though, and that can imply that a non-IPv4 address can be
passed via this API. To make it abundantly clear that only IPv4
addresses can be used with this interface, change the synopses of
getfh() and friends to take a struct sockaddr_in * instead of a struct
sockaddr * .
This makes these functions conform with other places in mountd and
exportfs that already grok the difference between a struct sockaddr
and a struct sockaddr_in.
While we're here...
Introduce some nice documenting comments for the get_fh() functions,
and...
Since mountd will support IPv6 in the near future, assert that the
family of client addresses passed to this API is indeed AF_INET, in
order to prevent non-AF_INET addresses from ever being passed to the
legacy nfsctl() interface.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The mount.nfs command must recognize the values of "rdma" and "rdma6"
with the "proto=" mount option. Typically the mount.nfs command
relies on libtirpc or getprotobyname(3) to recognize netids and
translate them to protocol numbers.
RFCs 5665 and 5666 define the "rdma" and "rdma6" netids. IANA defines
a specific port number for NFS over RDMA (20049), but has not provided
a protocol name and number for RDMA transports, and is not expected
to. The best we can do is translate these by hand, as needed, to get
RDMA mount requests to the kernel without erroring out.
Only the forward translation is needed until such time that "rdma" and
"rdma6" start to appear in rpcbind registries. For now, the version
and transport negotiation logic is skipped, avoiding rpcbind queries
for RDMA mounts.
Note: As of kernel 2.6.36, the kernel's NFS over RDMA transport
capability does not support IPv6.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
conffile.c: In function 'conf_parse_line':
conffile.c:301: warning: comparison between signed and unsigned integer expressions
conffile.c: In function 'conf_load_defaults':
conffile.c:356: warning: unused parameter 'tr'
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
nfs_mntent.c: In function 'mangle':
nfs_mntent.c:36: warning: comparison between signed and unsigned integer expressions
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
cacheio.c: In function 'cache_flush':
cacheio.c:352: warning: comparison between signed and unsigned integer expressions
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
svc_socket.c: In function 'svcudp_socket':
svc_socket.c:160: warning: unused parameter 'reuse'
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
rpcdispatch.c: In function 'rpc_dispatch':
rpcdispatch.c:30: warning: comparison between signed and unsigned
integer expressions
rpcdispatch.c:35: warning: comparison between signed and unsigned
integer expressions
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The /var/lib/nfs/rmtab file delineates fields in each of its lines
with a ":". The first field contains the IP address of a client, in
presentation format. IPv6 presentation format addresses contain
colons, which screws up the field delineation of rmtab.
Use a simple simple scheme to convert the colons in incoming client
names to some other character, and then convert them back when the
rmtab file is read.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
A uid or gid should be represented as unsigned, not signed.
The conversion to signed here could cause a hang on access by an unknown
user to a server running mountd with --manage-gids; such a user is
likely to be mapped to 232-1, which may be converted to 231-1 when
represented as an int, resulting in a downcall for uid 231-1, hence the
original rpc hanging forever waiting for a cache downcall for 232-1.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Commit 409b8 introduced a regression when the --disable-tirpc
configuration flag is set. The authsys_create() interface, which
was introduced, does not exist in the legacy glibc library.
Since the authsys_create() interface is a redefined of the
authunix_create() interface, which is defined in glibc, using
authunix_create() resolves the regression,
Acked-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The current mount, umount and showmount code uses
authunix_create_default to get an auth handle. The one provided by glibc
returned a truncated list of groups when there were more than 16 groups.
libtirpc however currently does an abort() in this case, which causes
the program to crash and dump core.
nfs-utils just uses these auth handles for the MNT protocol, so the
group list doesn't make a lot of difference here. Add a new function
that creates an auth handle with a supplemental gids list that consists
only of the primary gid. Have nfs-utils use that function anywhere that
it currently uses authunix_create_default. Also, have the caller
properly check for a NULL return from that function.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
If we're using the new caching interface the rmtab will be ignored by
exportfs so there is no need to fdatasync. This improves mountd performance.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
Remove this 10 second timeout which can cause unexpected behavior and
corruption in the rmtab when hit.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If TI-RPC is available, use it to create statd's svc listener. If
not, use the old function, rpc_init(), to create statd's listener.
IPv6 can be supported if TI-RPC is available. In this case,
/etc/netconfig is searched to determine which transports to advertise.
Add the new listener creation API in libnfs.a since other components
of nfs-utils (such as rpc.mountd) will eventually want to share it.
A little re-arrangement of when the statd listener is created is done
to make unregistration of the statd service more reliable. As it is
now, the statd service is never unregistered when it exits. After it
is gone, other programs usually hang when trying to access statd or
see if it's running, since the registration is still there but statd
itself does not respond.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Introduce generic helpers for managing socket addresses. These are
general enough that they are useful for pretty much any component of
nfs-utils.
We also include the definition of nfs_sockaddr here, so it can be
shared. See:
https://bugzilla.redhat.com/show_bug.cgi?id=448743
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This partially reverts commit ec637de16210c1c6fcb3a0df34d7889592f577dc.
Only NFSv4 clients will actually want to see referall points--others are
better off just seeing an empty directory, that they can manually (or
with automount) mount the appropriate filesystem on.
So we want the kernel to automatically traverse only in the v4 case (as
recent kernels do).
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
|
| |
|
|
|
|
| |
Consolidate duplicated initialization code.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
|
| |
|
|
|
|
|
|
|
| |
Create v4root exports for each directory that is a parent of an explicit
export. Give each the minimal security required to traverse to any of
its children.
Signed-off-by: Steve Dickson <steved@redhat.com>
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
|
| |
|
|
|
|
|
|
|
| |
Query the kernel to ask which flavors vary by pseudoflavor, and use that
instead of a fixed constant. To allow the possibility of more flags
varying by pseudoflavor, use the set/clear_flags functions for all
options instead of setting some by hand.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
|
| |
|
|
|
|
|
| |
Move this into a helper function. (We'll be adding a little more code
here.)
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
|
| |
|
|
|
|
|
|
| |
Introduce a couple of shared functions that can convert netids to
protocol numbers and families, and back.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
Also had mount_config_init() call xlog_open() so
the program name is set on xlog() calls.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
| |
help with readability with in the configuration file.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
the mount code has to make sure the the mount options
given to the kernel are in the correct case.
Fixed a couple of warnings on #ifndefs
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
with the format being:
[ Section <"argument"> ]
This will help group similar functioning Section
together. The argument is conditional but must be
surrounded by the '"' characters.
The new conf_get_section() interface can used
to locate a Section by its Section name and/or
argument.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
help in locating them resulting in make the config
files a bit less error prone
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
| |
'[section]' parsing and before the assignment statements
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
the shared libnfs.a library, making them available to\
other daemons and programs.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
rpc.nfsd is the only user of nfssvc.c, so we might as well move it
out of libnfs.a.
Also, don't link in libexport.a and libmisc.a, they aren't needed.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Changed both nfs_advise_umount() and nfs_gp_ping() to
set the errno by calling CLNT_GETERR() after a CLNT_CALL()
error. Also added code to rpc_strerror() that will log
the errno value, when set, via strerror().
These changes added essential information to the error message
making it much easier to detect errorsuch as "Connection refused"
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
Introduce address family-agnostic functions that get and set IP port
numbers in socket addresses. We can already replace a few similar
functions in the mount command, and a few more will come up with
statd and sm-notify.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
In a similar vein to the timeout logic we just restored, a refused
TCP connection should be mapped to an equivalent UDP error code:
RPC_CANTRECV.
This is new behavior for TCP connections; the legacy mount command
appears to have simply failed immediately if a TCP connection was
refused during an rpcbind query.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The latest versions of mount.nfs appear not to fall back to
UDP if TCP isn't available on the server.
Our new nfs_getport() implementation is missing a bit of logic
from the original mount getport() implementation. Without it,
nfs_probe_port() sees a TCP connect timeout as a permanent error,
so it fails immediately instead of attempting to try again with
UDP.
Similar changes for our new ping API (see the old clnt_ping()
function, which is still in utils/mount/network.c).
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
Some RPC errors set fields in rpc_createerr.cf_error in addition
to cf_stat. Be sure to clear _all_ error fields in rpc_createerr
each time through the rpcbind API.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
rpcbind returns RPC_PROGNOTREGISTERED if it knows for certain that an
RPC program is not supported for a given transport. This is a
permanent and authoritative error, so the library's rpcbind query API
should never retry the query -- it will only get the same answer.
A similar change was submitted for libtirpc. Unlike rpcb_getaddr(3t),
mount.nfs's rpcbind client only retries once (with RPCB3PROC_GETADDR),
but an extra TCP socket in this case would leave another port in
TIME_WAIT. It's infrequent enough, but might as well get rid of it.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
Instead of setting the total timeout and the retransmit timeout to the
same value for datagram transports, use a 1 second retransmit timeout,
so we actually get a retransmit or two before failing.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
RPC_UNKNOWNHOST means a hostname isn't known -- basically it's
EAI_NONAME from getaddrinfo(3). Since the functions in rpc_socket.c
don't take a hostname argument, RPC_UNKNOWNHOST is not an appropriate
return code from these functions.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
commit 383a026d99624c88c0e802103ef4c4865db8eb71, which fixed an
earlier commit, is still not quite correct.
bindresvport_sa(3t) is available whenever libtirpc is linked.
There's no need to use IPV6_SUPPORTED here.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
Clean up: Now that getnameinfo(3) is no longer used, the @salen
argument to nfs_sockaddr2universal() is no longer needed.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
getnameinfo(3) with the NI_NUMERICHOST flag is used in
support/nfs/getport.c to convert socket addresses to universal address
strings.
Older versions of glibc do not have getnameinfo(3), however. In order
for nfs-utils to build on older systems we switch in legacy code via
HAVE_GETNAMEINFO and use inet_ntoa(3).
A problem with this is that we have to double our test matrix to be
sure that both versions of these routines build and operate correctly.
Another minor problem is that inet_ntoa(3) is officially deprecated.
So let's always use a single implementation based on inet_ntop(3).
Universal address strings do not support link-local / scope IDs, so we
don't lose any functionality by using inet_ntop(3) here.
This means we open code a bit of logic that is available in most
modern versions of glibc, but in return we can use exactly the same
code for all builds (on systems with getnameinfo(3) and without).
An additional benefit is we can avoid using NI_MAXHOST for character
buffers that live on the stack: it's 1025 bytes. Instead,
INET6_ADDRSTRLEN is used, which is just 46 bytes, plus an additional
eight bytes for the port information. We add beefier buffer overflow
detection logic as well.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
AI_ADDRCONFIG was used ostensibly to figure out if the local system
had IPv6 available when generating a loopback address.
A legacy version of nfs_gp_loopback_address() was created to handle
ANYADDR address generation for old versions of glibc where
AI_ADDRCONFIG doesn't exist. This means we have to be careful to
test both the normal and legacy versions when committing changes in
this area.
But it turns out that even contemporary versions of glibc ignore
AI_ADDRCONFIG when the hostname string is NULL. getaddrinfo(3)
always returns an AF_INET and an AF_INET6 loopback address in this
case, no matter how the system is configured.
Change nfs_gp_loopback_address() to have one version that simply looks
up "localhost" instead of doing anything fancy. If "localhost" is an
IPv6 address, we'll use that. Otherwise, it should nearly always be
an AF_INET loopback address.
This eliminates the need for AI_ADDRCONFIG, and removes the duplicate
version of nfs_gp_loopback_address(). Note that callers never used
the port number in the returned socket address, so get rid of the
"sunrpc" service string too.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Similar to a change made to the kernel's rpcbind client. See
kernel commit 143b6c4008a7928de7e139c3a77a90e4cad8db2c.
The r_addr argument of RPCB_GETADDR procedures contains the
rpcbind server's address and port number.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Some servers reject RPCB_GETADDR requests with a non-empty r_owner
field. "RPC: Server can't decode arguments"
An empty string is already used by libtirpc and the kernel
for RPCB_GETADDR requests.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
closes any file descriptors. It's calling strtol on the text
representation of the file descriptor, and then checking to see if the
value of *endptr is not '\0' before trying to close the file. This check
is wrong.
When strtol returns an endptr that points to a NULL byte, that indicates
that the conversion was completely successful. I believe this check
should instead be requiring that endptr is pointing to '\0' before
closing the fd.
Also, fix up the function to check for conversion errors from strtol. If
one occurs, just skip the close on that entry.
Finally, as Trond pointed out, it's unlikely that readdir will return a
blank string in d_name but that situation wouldn't be detected by the
current code. This patch adds such a check and skips the close if it
occurs.
Reported-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Use the correct #ifdef variable to enable IPv6 support for privileged
RPC clients. Without this fix, unmounting an IPv6 NFSv2/v3 server
fails.
Introduced by commit 8c94296bc84f3a204f2061c0391a1d2350e4f37e.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
minorvers4 can be used to either enable or disable nfsv4.x.
If minorvers4 is a positive integer n, in the allowed range (only
minorversion 1 is supported for now), the string "+4.n" is appended
to the versions string written onto /proc/fs/nfsd/versions.
Correspondingly, if minorver4 is a negative integer -n, the string
"-4.n" is written.
With the default value, minorvers4==0, the minor version
setting is not changed.
Note that unlike the protocol versions 2, 3, or 4. The minor version
setting controls the *maximum* minor version nfsd supports. Particular
minor version cannot be controlled on their own. With only minor
version 1 supported at the moment the difference doesn't matter,
but for future minor versions greater than 1, enabling minor
version X will enable support for all minor versions 1 through X.
Disabling minor version X will disable support for minor
versions X and up, enabling 1 through X-1.
Signed-off-by: Benny Halevy <bhalevy@panasas.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
We needed to guarantee that some RPC programs, such as PMAP, got an
unprivileged port, to prevent exhausting the local privileged port
space sending RPC requests that don't need such privileges.
nfs_get_rpcclient() provides that feature.
However, some RPC programs, such as MNT and UMNT, require a privileged
port. So, let's provide an additional API for this that also supports
IPv6 and setting a destination port.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
Squelch a compiler warning in getport.c:
getport.c:65: warning: ¿static¿ is not at beginning of declaration
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
