| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
| |
Prior to merge libnfsidmap leaked many private symbols that were
not defined in its API, creating an accidental ABI.
This patch renames and unhides symbols in order to match that ABI
until a cleaned up API can be established and released.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
To allow better reuse of the code we split conffile and xlog
into their own separate convenience library, then merge it
back so as to not create extra dependancies for everything
Signed-off-by: Justin Mitchell <jumitche@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Both auth-rpcgss-module and rpc-statd-notify only
ever need to be run once - the effect they have
is permanent.
We can give this information to systemd by setting
RemainAfterExit=yes
This avoids the minor cost of running them a second time
if something "Wants" either service after it was first run,
(e.g. both client and server startup can Want these),
and avoids systemd complaining that it restarts to fast
if multiple Wants happen at nearly the same time.
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
This is helpful for users that have a krb5.keytab but do not want to use
secure NFS. Also fixed a typo that appears earlier on the page.
Reviewed-by: NeilBrown <neilb@suse.com>
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
Working towards an nfs.conf library and API for system config tools,
first step, replace the conf_path global with a parameter to conf_init
Signed-off-by: Justin Mitchell <jumitche@rehat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Commit 9d4fc3fb added Wants=network-online.target which
is not enough to ensure the network is completely up
before the NFS server is started. After=network-online.target
is also needed.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1419351
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There has been an number startup problems where parts of
the NFS server fails to start due to DNS and other
parts of the network not be up.
Reading the systemd.special it seems network.target is
a passive unit which does not wait for the entire
network to come up and network-online.target is an
active unit which does wait.
So this adds Wants=network-online.target to all of
the NFS server services
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The nfs.conf has config options for the rpc_pipefs mountpoint.
Currently, changing these from the default also requires manually
overriding the systemd unit files that are hard-coded to mount the
filesystem on /var/lib/nfs/rpc_pipefs.
This patch adds a generator that creates a mount unit file for the
rpc_pipefs when a non-default value is specified in /etc/nfs.conf, as
well as a target unit file to override the dependencies for the systemd
units using the rpc_pipefs. The blkmapd, idmapd, and gssd service unit
files have been modified to define their dependencies on the rpc_pipefs
mountpoint indirectly via the rpc_pipefs target unit file. Since both
rpc-pipefs-generator.c and nfs-server-generator.c need to convert path
names to unit file names, that functionality has been moved to
systemd.c.
This patch also removes the dependency on the rpc_pipefs from the
rpc-svcgssd.service unit file. rpc.svcgssd uses the sunrpc cache
mechanism to exchange data with the kernel, not the rpc_pipefs.
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
Allow the rpc_pipefs mountpoint to be overriden via the pipefs-directory
variable in the [general] section of /etc/nfs.conf.
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
All the daemons should use the same rpc_pipefs, so pipefs-directory
should be specified in the [general] section.
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Changed idmapd to read its value for the pipefs-directory from
/etc/nfs.conf rather than /etc/idmapd.conf. All other configurations
related to id mapping still reside in /etc/idmapd.conf for now.
Added a warning to indicate that idmapd's -c option is deprecated.
Corrected a misspelling of 'configuration' in nfs.conf.
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There has been an number startup problem where parts of
the NFS server fail to start due to DNS and other
parts of the network not be up.
Reading the systemd.special it seems network.target is
a passive unit which does not wait and network-online.target
is an active unit which does not wait so that
should be used.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1419351
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When this code was written, the systemd documentation stated
that "RequiresMountsFor" ignored mountpoints marked as "noauto".
Unfortunately this is incorrect. Consquently a filesystem marked
as noauto that is also NFS exported will currently be mounted when
the NFS server is started. This is not what people expect.
So add a check for the noauto flag. If any ancestor of a given
export point has the noauto flag, no RequiresMountsFor will be
generated for that point.
Also skip RequiresMountsFor for exports marked 'mountpoint', as their
absence is, theoretically, already handled by mountd.
URL: https://github.com/systemd/systemd/issues/5249
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Following commit 91da135f - it replaced "rpcbind.target" by "rpcbind.socket" in
some unit files - "rpcbind.socket" should also be added to "nfs-mountd.service"
as a dependency to avoid race conditions.
Usually "rpcbind.socket" is either started as a "sockets.target" dependency, or
as a dependency for "nfs-server.service", when unit files include it in
"BindsTo" or "After". Unfortunately there is a possilibility to have
"nfs-mountd.service" started when the rpcbind socket is not yet created:
systemd[1]: Starting NFS Mount Daemon...
systemd[1]: nfs-mountd.service: Control process exited, code=exited status=1
systemd[1]: Failed to start NFS Mount Daemon.
systemd[1]: nfs-mountd.service: Unit entered failed state.
systemd[1]: nfs-mountd.service: Failed with result 'exit-code'.
Nowadays "nfs-mountd.service" uses "BindTo" directive to "nfs-server.service".
That, per se, doesn't guarantee ordering for NFS server to start rpcbind and for
nfs-mountd to depend on it.
https://bugs.launchpad.net/bugs/1590799
Reviewed-by: NeilBrown <neilb@suse.com>
Signed-off-by: Rafael David Tinoco <rafael.tinoco@canonical.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
| |
Reviewed-by: NeilBrown <neilb@suse.com>
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
nfs-server-generator is run very early when a lot of services
are not yet started, so it mustn't depend on them.
It already avoids using DNS, but it should avoid syslog too.
If it tries to log error to syslog, it can deadlock. So just let
messages go to stderr.
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
| |
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
| |
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
| |
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
The value is from the list general, call, auth, parse, all.
Most daemons recognise this in their dedicated section.
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
A comma separate list of hosts can be given.
If any host name is given with "--host" or "-H", then all hosts
listed in nfs.conf are ignored.
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
| |
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
This discusses some of the behaviors of the various
unit files, and how best to work with them to achieve
various results.
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Now that we have /etc/nfs.conf, a lot of configuration can be
read directly. So nfs-config isn't really needed any more.
Some distributions allow command-line arguments for various
daemons to be set in an environment file (/etc/sysconfig,
/etc/defaults).
Passing these through /etc/nfs.conf is not possible.
Instead, a distro that needs this functionality can create drop-in
files which select the required value. As no commands are given
default arguments by systemd unit files, the drop-in can just add
distro-specific args.
For example
/lib/systemd/system/nfs-mountd.service.d/local.conf
[Service]
EnvironmentFile=/etc/sysconfig/nfs
ExecStart=
ExecStart=/usr/sbin/rpc.mountd $RPCMOUNTDOPTS
Note the need for the empty assignment to remove existing definitions
first.
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
The significant value of allowing this is that it means that
for default operation, systemd unit files do not need to pass any
options to any programs. The purpose of this will become apparent in
the next patch.
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If the value for a tag starts with '$', then the remainder
of the value is treated as an environment variable name.
It is looked up in the environment (getenv) and if not found,
it is looked for in the [environment] section of the config file.
This lookup is formed as access time e.g. by conf_get_str(), not at
parse time.
The expected usage is that the config file can contain something like
[environment]
include = /etc/sysconfig/nfs
[other-section]
tag = $NAME
and conf_get_str("other-section","tag") will report the value of "NAME"
in the given file.
As different distributions used different environment files, and
different
variable names with-in them, a distro could provide a static config file
which maps from names in that environment file to config tags requires
by NFS daemons.
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
A value setting like
foo =
is now equivalent to not setting "foo" at all.
This is likely to be least confusing.
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
When "include = " is used to read and "environment" file such as
/etc/sysconfig/nfs, there might be quotes around values.
Stripe those off, just like a 'shell' reading the file would.
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A tag
include = filename
will be replaced by the content of the file.
This must appear after a section heading, and any assignments
not in their own section will be included in the section that this
directive is in.
e.g
[environment]
include = /etc/sysconfig/nfs
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
| |
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
Some options appear in the [lockd] section.
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
Some values are taken from the [nfsd] section
to ensure consistency.
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
I haven't added -H support, but everything else should be able to be
set through /etc/nfs.conf.
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
conf_get_bool() interprets various strings as 'true' or 'false'.
If no suitable value is found, the default is returned.
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
It may seem a little odd placing this in the "systemd" directory,
but it is a conveninent place, and /etc/nfs.conf was added in
part to help with systemd integration.
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
nfs-server-generator is run very early when a lot of services are not
yet started, so it mustn't depend on them. Currently it can try to
use hostname lookup and syslog. Using hostname lookup can cause
errors and when these are logged via syslog, it can cause the
generator to block indefinitely
Hostname-lookup is not needed, as we don't use the host issue,
and sending message to stderr is sufficient for the generator.
Disabling syslog is easy - call a function that sets a static variable.
Disabling hostname lookup requires adding an "ignore_hosts" flags to
export_read and export_d_read().
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
Kerberos keytabs don't always live in the '/etc'
directory. Allow --sysconfdir flag to define where
the keytab directory is in rpc-gssd.service
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
A recent patch moved this file to /usr/libexec/...
That directory isn't universal, and doesn't exist on openSUSE or
Debian for example. So change it to use the $libexecdir
directory determined by configure
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
Added a couple checks to handle failures correctly
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1369714
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Commit: 1e41488f428c ("systemd: Order NFS server before client")
added an ordering dependency between network mounts and nfs-server.
This is good for loop-back NFS mounts as it ensures the server
will remain until after the mountpoint is unmounted.
However is is bad for _net mounts (such as those via iSCSI) which
are being NFS exported.
nfs-server needs to be start *after* exported filesystems are mounted,
and *before* NFS filesystems are mounted. systemd isn't able to make
this distinction natively, so we need to help it.
This patch adds a systemd generator which creates a drop-in for
nfs-server.services so that it is started "Before" any "nfs" or "nfs4"
mount, and so that it has a "RequiresMountsFor" dependency on any
exported filesystem. This creates the required ordering.
Note that if you try to export an "nfs" mount, systemd will detect an
ordering loop and will refused to start the nfs server. This is
probably the correct thing to do.
This patch also removes the ordering dependency with
remote-fs-pre.target which the above-mentioned commit added. It is no
longer needed.
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The dependencies on rpcbind have been changed a few times and I think
they are still wrong. So I'll go into some detail to justify this
change.
Firstly: rpcbind.target rpcbind.socket or rpcbind.service?
The systemd documentation talks about targets as "synchronization
points" and likens them to SysV init run levels. Run levels are about
ordering but not dependencies.
The systemd.special man page describes rpcbind.target as intended
explicitly for ordering sysvinit scripts, with "After=" dependencies.
So while I think it is valid to use rpcbind.target for ordering
(before/after) it shouldn't be used for dependencies (Wants/Requires).
The rpcbind.target file included in systemd does not "Require" the
actual service, so requiring rpcbind.target itself is pointless.
I think we shouldn't use rpcbind.target at all. Leave it for sysvinit
synchronization.
So: .socket or .service?
I think nfs only needs the socket to be active. On first connection
the service will be started. But nfs does not need to wait for the
service to start, only the socket. So I think we should exclusively
use rpcbind.socket.
Next: Wants or Requires.
rpc.statd definitely Requires rpcbind. It needs to register to be
useful, and without rpcbind it cannot register.
nfs-server does not necesarily require rpcbind. Specifically if
configured for NFSv4 only, nfs-server will work quite happily without
rpcbind.
Someone with an NFSv4 only setup who wants rpcbind to not run can use
systemctl mask rpcbind.socket
to ensure it never runs.
So nfs-server should only "Wants: rpcbind.socket".
I think
Commit: 4fabfcd08206 ("systemd: Decouple the starting and stopping of
rpcbind/nfs-server")
should have changed "Requires" to "Wants" rather than "server" to
"target"
to fix the dependency problem.
Finally: After?
It only makes sense to declare an ordering relation as "After:"
something that will actually be started. If "foo.service" is not part
of the systemd transaction, then "After: foo.service" has no effect.
So having:
Requires: rpcbind.target
After: rpcbind.socket
doesn't make much sense unless there is some relationship between
rpcbind.target and rpcbind.socket, and there is no general guarantee
of that (though what individual distros do, I don't know).
So the "After" should match the "Wants" or "Requires".
It might make sense to
Requires: rpcbind.socket
After: rpcbind.target
as it is reasonable to assume that rpcbind.target will be ordered with
rpcbind.socket, but as we can use rpcbind.socket explictly, that is
clearer.
So my conclusion is that nfs-server should:
Wants: rpcbind.socket
After: rpcbind.socket
and rpc-statd should
Requires: rpcbind.socket
After: rpcbind.socket
which is what this patch puts into effect.
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
Currently nfs-utils_env.sh is installed in a
directory that is own by systemd. They requested
via https://bugzilla.redhat.com/show_bug.cgi?id=1303113
to move the script into /usr/libexec/nfs-utils
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The nfs-config service translates distro-specific startup
configuration into "environment" variable read and used
by systemd unit files.
Currently it is only run once, so subsequent changes to the
distro-specific files do not take effect when an nfs service is
restarted.
If we change "RemainAfterExit=yes" to "RemainAfterExit=no" then the
service will be restarted before any dependant service is started, so
the environment file will always be up to date.
Reported-and-tested-by: Benjamin Coddington <bcodding@redhat.com>
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Commit b98f2af15 introduced a regression that cause the
starting and stop of rpcbind and the nfs-server to
be depended on each other
The starting of the NFS server should start rpcbind
but bring rpcbind down should not bring the NFS
server down.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
If we build without rpc-svcgssd (the default), don't install matching
.service file.
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
| |
Signed-off-by: Aurelien Chabot <aurelien@chabot.fr>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
OSTree is a mechanism for atomic updates of operating systems, with
designs for how system state is managed; in particular, `/var` should
start out empty, and components are responsible for creating content
there at runtime.
rpm-ostree consumes RPMs and commits them to an OSTree repository.
It has some support for automatically synthesizing systemd `tmpfiles.d`
snippets from RPM content in `/var` using systemd-tmpfiles.
However, in this case nfs-utils wants a mount point directory, and
it's running before systemd-tmpfiles. It should be perfectly fine to
do this mount after tmpfiles has run.
A better fix for this would be to move transient directories to
`/run`; However, that would be an invasive change, which can happen
after this fix.
Signed-off-by: Colin Walters <walters@verbum.org>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
To trigger the systemd socket activation support
in rpcbind, nfs-service needs to Requires/After
rpcbind.service instead of rpbind.target
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
| |
Fixes: https://bugzilla.linux-nfs.org/show_bug.cgi?id=281
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It seems that the purpose of nfs-blkmap.target was to enable and
disable nfs-blkmap.service. This can be done directly by adding
an [Install] section in nfs-blkmap.service.
The downside of the previous arrangement, apart from the unnecessary
complexity, was a warning during boot:
[ INFO ] PNFS blkmaping enablement. is not active.
[DEPEND] Dependency failed for pNFS block layout mapping daemon.
https://bugzilla.redhat.com/show_bug.cgi?id=1088665
Signed-off-by: Zbigniew J?drzejewski-Szmek <zbyszek@in.waw.pl>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
