| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
| |
writting -> writing
|
| |
|
|
|
|
|
|
|
| |
This is needs if mountd is running multithreaded else multiple threads
will be blocked on a UDP port with nothing to read and so won't
be able to serve up-calls from the kernel.
Thanks to "Murali Krishna V" <vm.krishna@gmail.com> for highlighting
the problem.
|
| |
|
|
|
|
|
|
|
| |
bzero has been deprecated
for years (and anything starting with __ is an internal
function anyhow), and __bzero seems to have broken on ia64
not too long ago.
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Implement default options in /etc/exports, to fix a long-standing wishlist
bug in Debian. (The user claims the syntax matches that of OpenBSD.) This
makes it possible to write "/srv/www -sync,no_subtree_check host1 host2 host3"
instead of having to write (sync,no_subtree_check) over and over and over
again, driving the administrator slowly mad. Such option lines can be
placed anywhere on the line, and affects anything after them (I do not
know if OpenBSD allows this). The patch is slightly convoluted in order to
avoid triggering spurious warnings; for instance, we want
"/srv/www -sync host1" to trigger a warning, but not "/srv/www
-sync,no_subtree_check host1" or "/srv/www -sync host1(no_subtree_check)".
There was also a suggestion for a truly global (ie. per-file) option list,
but this seemed like the safest bet, given that it matches that of other
implementations.
Also, the man page is updated with information on the new possibilities,
and an example.
Signed-off-by: Steinar H. Gunderson <sesse@debian.org>
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
| |
If 'etab' happens to have a timestamp in the future, this will get
copied to the flush-time for various caches, and no exports will
work until that time arrives. So clamp the flushtime to 'now'.
|
| |
|
|
|
|
| |
And make sure that if we fail to export a filesystem in mountd,
then we don't try to get a filehandle on it, or a deadlock
might occur.
|
| |
|
|
|
|
|
|
|
| |
support/nfs/nfssvc.c: if any ports are already open,
don't try to open any more.
This means that once nfsd is running
rpc.nfsd X
will just change the number of threads, not the
ports in use.
|
| |
|
|
| |
Add warning of neither 'subtree_check' or 'no_subtree_check' present.
|
| |
|
|
|
| |
nfssvc_versbits() has to be called before nfssvc_setfds()
for the version processing to work correctly
|
| |
|
|
| |
This is more consistant across platforms.
|
| |
|
|
| |
a manpage and installed rpcdebug (in sbindir).
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
deleted: support/export/keys.c
deleted: support/include/rpcdispatch.h
deleted: support/include/rpcsec.h
deleted: support/include/version.h
deleted: support/include/ypupdate.h
deleted: support/nfs/clients.c
deleted: support/nfs/keytab.c
deleted: support/nfs/ypupdate_xdr.c
deleted: support/rpc/include/Makefile.am
deleted: tools/rpcdebug/neat_idea.c
deleted: utils/mountd/mount_xdr.c
deleted: utils/rquotad/pathnames.h
|
| |
|
|
| |
Just remove the link first.
|
| | |
|
| | |
|
| | |
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
-T - will suppressing listening for TCP connection.
-U - will suppress UDP
-H host - will only listen on that local address
-p port - will listen on that port.
This requires kernel patches which will hopefully be in 2.6.19 and possibly some
earlier test and vendor kernels.
|
| | |
| |
| |
| |
| |
| | |
e.g. -N 2
means that NFSv2 won't be supported, just v3 and v4 (if the kernel
supports them).
|
| | |
| |
| |
| |
| | |
Greg Banks suggested some variations, particularly improved
use of xmalloc/xstrdup functions. Thanks.
|
| | |
| |
| |
| | |
Thanks to Michael Halcrow for finding them.
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Bruce Fields noticed that I broke comment parsing...
as xskip() is always called before xgettok(), that is the
best place to put xskipcomment and still maintain proper
semantics of xskip and xgettok.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We need to give an IP address to identify this client to the
server.
The current code does a gethostbyname of the hostname. One
some systems this returns 127.0.0.1 or similar, which is not useful.
Instead, use getsockname of the sock used to connect to the server
to confirm that the server is working. This gives the address on the
interface that was chosen to talk to that server, which is the
best address we can find (if there is a NAT in the way, it might
still not work, but in that case there is nothing we can do).
|
| | |
| |
| |
| |
| |
| | |
distribution. They cause compile warnings, there is no longer any
reason to try to build them into the binaries, and gcc seems to be
eliding some of them anyway.
|
| | |
| |
| |
| |
| | |
of int in those cases which generate compile warnings,
e.g. the last argument of recvfrom().
|
| |/
|
|
| |
unused labels, constness, signedness.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
How about the attached patch against nfs-utils tot? It
adds a -t option to set the number of forked workers.
Default is 1 thread, i.e. the old behaviour.
I've verified that showmount -e, the Ogata mount client,
and a real mount from Linux and IRIX boxes work with and
without the new option.
I've verified that you can manually kill any of the workers
without the portmap registration going away, that killing
all the workers causes the manager process to wake up and
unregister, and killing the manager process causes the
workers to be killed and portmap unregistered.
I've verified that all the workers have file descriptors
for the udp socket and the tcp rendezvous socket, that
connections are balanced across all the workers if service
times are sufficiently long, and that performance is
improved by that parallelism, at least for small numbers
of threads. For example, with 60 parallel MOUNT calls
and a testing patch to make DNS lookups take 100 milliseconds
time to perform all mounts (averaged over 5 runs) is:
num elapsed
threads time (sec)
------ ----------
1 13.125
2 6.859
3 4.836
4 3.841
5 3.303
6 3.100
7 3.078
8 3.018
Greg.
--
Greg Banks, R&D Software Engineer, SGI Australian Software Group.
I don't speak for SGI.
|
| |
|
|
|
|
|
|
|
| |
Adds the support functions needed for mount and umount. This
functionality will someday be available in the form of shared mount
library.
Signed-off-by: Amit Gud <agud@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
| |
otherwise '#' in filenames cannot be read.
|
| |
|
|
|
|
|
| |
Makes sure any # signs in the printed-out exports file are
escaped (as with quotes, spaces, etc.), so they won't be treated
as a comment when they're read back in again.
"Steinar H. Gunderson" <sesse@debian.org>
|
| |
|
|
|
|
|
| |
Fixes a problem with exportfs -o
and multiple entries of the same type for the same patch that matches
a given client. The entire rationale and problem description can be found
at http://bugs.debian.org/245449 (fumihiko kakuma <kakmy@mvh.biglobe.ne.jp>)
|
| |
|
|
|
|
| |
support/include/config.h.in from source control
These are auto autogenerated by
aclocal -I aclocal ; autoheader ; automake ; autoconf
|
| |
|
|
|
| |
Check for sufficient version of librpcsecgss and libgssapi
in configure.in
|
| |
|
|
|
| |
Update aclocal/tcp-wrappers.m4 to define HAVE_LIBWRAP and
HAVE_TCP_WRAPPERS as appropriate.
|
| | |
|
| |
|
|
| |
Fix support/include/config.h.in such as would be done be running autoheader.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
Instead of having separate copies of the gssapi and rpcsecgss
header files, or depending on the Kerberos gssapi header,
locate the headers now installed with the libgssapi and librpcsecgss
libraries.
Remove local copies of the gssapi and rpcsecgss header files.
This depends on the configure_use_autotools patch.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*utils/mountd/mountd.c:
mountd currently always returns AUTH_NULL and AUTH_SYS as the
allowable flavors in mount replies. We want it to also return gss
flavors when appropriate. For now as a hack we just have it always
return the KRB5 flavors as well.
*utils/mountd/cache.c:
When attempting to mount an NFSv4 pseudofilesystem (fsid=0) and the
actual exported directory does not exist on the server, rpc.mountd
doesn't check the directory exists (when fsidtype=1, i.e. using fsid,
but does check for fsidtype=0, i.e. using dev/ino). The non-existent
exported directory path with fsid=0 is written to the kernel via
/proc/net/rpc/nfsd.export/channel, which leads to path_lookup() to
return ENOENT (seems appropriate). Unfortunately, the new_cache
approach ignores errors returned when writing via the channel file so
that particular error is lost and the mount request is silently ignored.
Assuming it doesn't make sense to revamp the new_cache/up-call method to
not ignore returned errors, it seems appropriate to fix the case where
rpc.mountd doesn't check for the existence of an exported directory with
fsid= semantics. The following patch does this by moving the stat() up
so it is done for both fsidtype's. I'm not certain whether the other
tests need to be executed for fsidtype=1, but it doesn't appear to hurt
[Not exactly true: the comparison of inode numbers caused problems so
now it's kept for fsidtype=0 only].
Would it be also desirable to log a warning for every error, if any,
returned by a write to any of the /proc/net/rpc/*/channel files which
would otherwise be ignored (maybe under a debug flag)?
* gssd/mountd/svcgssd: Changes gssd, svcgssd, and mountd to ignore a
SIGHUP rather than dying.
* many: Remove the gssapi code and rely on an external library instead.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* utils/exportfs/exports.man: Document the "crossmnt" export export option
* utils/gssd/krb5_util.c:
Add better debugging and partially revert the function
check for gss_krb5_ccache_name.
For MIT Kerberos releases up to and including 1.3.1, we *must*
use the routine gss_krb5_ccache_name to get the K5 gssapi code
to use a different credentials cache.
For releases 1.3.2 and on, we want to use the KRB5CCNAME
environment variable to tell it what to use.
(A problem was reported where 1.3.5 was being used, our
code was using gss_krb5_ccache_name, but the underlying
code continued to use the first (or default?) credentials
cache. Switching to using the env variable fixed the problem.
I cannot recreate this problem.
*utils/gssd/krb5_util.c:
Andrew Mahone <andrew.mahone@gmail.com> reported that reiser4
always has DT_UNKNOWN. He supplied patch to move the check
for regular files after the stat() call to correctly find
ccache files in reiser4 filesystem.
Also change the name comparison so that the wrong file is
not selected when the substring comparison is done.
*utils/gssd/krb5_util.c:
Limit the set of encryption types that can be negotiated by
the Kerberos library to those that the kernel code currently
supports.
This should eventually query the kernel for the list of
supported enctypes.
*utils/gssd/gss_util.c, utils/svcgssd/svcgssd_main_loop.c:
Print more information in error messages to help debugging failures.
*utils/svcgssd/svcgssd_proc.c: Increase token buffer size and
update error handling so that a response is always sent.
*utils/svcgssd/svcgssd_proc.c: Add support to retrieve
supplementary groups.
|
