| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
| |
Document IPv6 support in rpc.mountd and exportfs, and clarify existing
language in the man page.
Clean up: Use bold consistently for program names, and italics
consistently for file names. Use "rpc.mountd" consistently as the
name of the mountd daemon.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
To gain IPv6 support in matchhostname(), simply replace the socket
address comparison helpers with the generic versions that can handle
IPv4 and IPv6.
host_addrinfo() (called by matchhostname()) returns IPv6 addresses
only if IPv6 support is enabled.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
exportfs already invokes xlog_open() because libexport.a uses xlog()
exclusively for error reporting and debugging messages. If we can
use xlog() throughout exportfs itself, that enables xlog debugging
messages everywhere in the code path.
In addition, use xlog() instead of fprintf(stderr) for reporting
errors in exportfs.c, to be consistent with libexport.a and other
components of nfs-utils.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
Clean up: No calls to xmalloc() or xstrdup() here. No need for the
double #include of xmalloc.h.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
So that exportfs can eventually support IPv6 addresses, copy statd's
getaddrinfo(3)-based matchhostname to exportfs, with adjustments for
dealing with export wildcards and netgroups. Until exportfs has full
IPv6 support, however, we want to ensure that IPv6 addresses continue
to remain blocked in the address comparison code used by exportfs. At
a later point we'll replace much of this with the generic functions
in sockaddr.h.
Since it contains special logic for handling wildcard and netgroups,
this function is specialized for exportfs, and does not belong in
one of the shared libraries.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
struct hostent can store either IPv4 or IPv6 addresses, but it can't
store both address families concurrently for the same host. Neither
can hostent deal with parts of socket addresses that are outside of
the sin{,6}_addr field.
Replace the use of "struct hostent" everywhere in libexport.a, mountd,
and exportfs with "struct addrinfo". This is a large change, but
there are so many strong dependencies on struct hostent that this
can't easily be broken into smaller pieces.
One benefit of this change is that hostent_dup() is no longer
required, since the results of getaddrinfo(3) are already dynamically
allocated.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
Clean up: Reduce code duplication by introducing a goto label for
freeing hp and exiting. This will make replacing "struct hostent *"
with "struct addrinfo *" more straightforward in this code.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Introduce DNS query helpers based on getaddrinfo(3) and
getnameinfo(3). These will eventually replace the existing
hostent-based functions in support/export/hostname.c.
Put some of these new helpers to immediate use, where convenient.
As they are part of libexport.a, I've added the forward declarations
for these new functions in exportfs.h rather than misc.h, where the
hostent-based forward declarations are currently.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
| |
files which ensure the S_ISDIR() macro is defined.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
| |
Signed-off-by: Valerie Aurora Henson <vaurora@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There were some problems with exportfs and rpc.mountd for long export
lists - see https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=76643
I do optimalization as my bachelors thesis (Facuulty of informatics,
Masaryk's university Brno, Czech Republic), under lead of Yenya
Kasprzak.
Both exportfs and rpc.mount build linked list of exports (shared
functions in export.c). Every time they are inserting new export into
list, they search for same export in list.
I replaced linked list by hash table and functions export_add and
export_lookup by functions hash_export_add and hash_export_lookup
(export.c).
Because some other functions required exportlist as linked list, hash
table has some implementation modification im comparison with ordinary
hash table. It also keeps exports in linked list and has pointer to
head of the list. So there's no need of implementation function
<for_all_in_hash_table>.
Signed-off-by: Tomas Richter <krik3t@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
| |
(BZ: https://bugzilla.linux-nfs.org/show_bug.cgi?id=161)
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
| |
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
| |
instead of /var/lib/nfs/xtab
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
| |
bz: http://bugzilla.linux-nfs.org/show_bug.cgi?id=160
Signed-off-by: Filipus Klutiero <chealer@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
| |
Signed-off-by: Steinar H. Gunderson <sgunderson@bigfoot.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
that "exportfs -u :/foo" will unexport /foo from all hosts, which it won't.
This patch cleans that wording up and adds a couple examples on how to
unexport directories
Signed-off-by: Steinar H. Gunderson <sesse@debian.org>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Document the sec= option in the exports man page.
Not done: it would be nice to have an example or two here (and not just
in the final "EXAMPLE" section, though that would be nice too). I was
just too lazy to figure out the formatting.
Signed-off-by: "J. Bruce Fields" <bfields@citi.umich.edu>
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
|
|
|
|
|
| |
This adds support for reading sec= option and sending security data
through cache via "... secinfo n flavor1 flag1 ... flavorN flagN".
If sec= is missing, no secinfo option will be passed down.
Signed-off-by: Fred Isaman <iisaman@citi.umich.edu>
Signed-off-by: "J. Bruce Fields" <bfields@citi.umich.edu>
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
|
|
|
| |
When exporting a filesystem test to see if the kernel is likely
to accept the export and print suitable warning message if not.
Don't actually fail the 'exportfs' as by the time a MOUNT request
arrives, the filesystem might be exportable.
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
| |
1/ only warn once per export, as it could get too noisy.
2/ make it a little clearer why this might be a problem.
|
| |
|
|
|
|
| |
It was already commented out, and it will never be wanted.
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
|
|
| |
It appears that this is used only by unfsd, and is obscure enough that
we should be able to just rip it out with no special precautions.
Signed-off-by: "J. Bruce Fields" <bfields@citi.umich.edu>
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
|
|
| |
Fix up a few issues with the fsloc code.
Signed-off-by: Fred Isaman <iisaman@citi.umich.edu>
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
|
|
|
|
| |
Extend exportfs interface to pass fslocations info into the kernel,
using syntax modelled after AIX. Adds "refer=" and "replicas="
options to /etc/exports to enable use of the kernel fslocation code.
Signed-off-by: Fred Isaman <iisaman@citi.umich.edu>
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
|
|
|
|
|
| |
This introduces a new dependancy on libblkid.
If a filesystem being exported has a UUID that libblkid
can extract, then that is passed to the kernel for use
in identifying the filesystem in filehandles.
This means that 'fsid=' is no longer needed to work around the
problem of device numbers changing.
fsid= is still needed for fielsystems that have no device,
and can now be given 16byute uuid instead of just a 32bit one.
|
| |
|
|
|
|
|
|
|
|
| |
This mostly takes care of the difference between
- and \-; in man pages, the former is hyphen
(which indicates, among others, that a line might
be split at that point), while the latter is a
dash. For options, the latter is correct.
There's also one minor grammatical fix.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Implement default options in /etc/exports, to fix a long-standing wishlist
bug in Debian. (The user claims the syntax matches that of OpenBSD.) This
makes it possible to write "/srv/www -sync,no_subtree_check host1 host2 host3"
instead of having to write (sync,no_subtree_check) over and over and over
again, driving the administrator slowly mad. Such option lines can be
placed anywhere on the line, and affects anything after them (I do not
know if OpenBSD allows this). The patch is slightly convoluted in order to
avoid triggering spurious warnings; for instance, we want
"/srv/www -sync host1" to trigger a warning, but not "/srv/www
-sync,no_subtree_check host1" or "/srv/www -sync host1(no_subtree_check)".
There was also a suggestion for a truly global (ie. per-file) option list,
but this seemed like the safest bet, given that it matches that of other
implementations.
Also, the man page is updated with information on the new possibilities,
and an example.
Signed-off-by: Steinar H. Gunderson <sesse@debian.org>
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
|
|
| |
The exports(8) man page already mentions that some non-root users,
such as bin, might be just as sensitive as root, and that root_squash
thus might not be as effective as one could hope for. Update the
documentation to also mention that this could be the case for non-root
groups, such as staff.
|
| |
|
|
| |
Mostly thanks to Sylvain Cherrier <sylvain.cherrier@free.fr>
|
| |
|
|
|
| |
Printing export options should avoid printing 'anonuid=65534'
rather than avoiding 'anonuid=-2'.
|
| |
|
|
| |
Add warning of neither 'subtree_check' or 'no_subtree_check' present.
|
| |
|
|
| |
This is more consistant across platforms.
|
| |
|
|
|
|
| |
Document the 'sync' option in the exports(5) man page -- ATM
only the 'async' option is documented, which is not very
symmetric. :-) "Steinar H. Gunderson" <sesse@debian.org>
|
| |
|
|
|
|
| |
support/include/config.h.in from source control
These are auto autogenerated by
aclocal -I aclocal ; autoheader ; automake ; autoconf
|
| |
|
|
|
| |
Check for sufficient version of librpcsecgss and libgssapi
in configure.in
|
| |
|
|
|
| |
Update aclocal/tcp-wrappers.m4 to define HAVE_LIBWRAP and
HAVE_TCP_WRAPPERS as appropriate.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* utils/exportfs/exports.man: Document the "crossmnt" export export option
* utils/gssd/krb5_util.c:
Add better debugging and partially revert the function
check for gss_krb5_ccache_name.
For MIT Kerberos releases up to and including 1.3.1, we *must*
use the routine gss_krb5_ccache_name to get the K5 gssapi code
to use a different credentials cache.
For releases 1.3.2 and on, we want to use the KRB5CCNAME
environment variable to tell it what to use.
(A problem was reported where 1.3.5 was being used, our
code was using gss_krb5_ccache_name, but the underlying
code continued to use the first (or default?) credentials
cache. Switching to using the env variable fixed the problem.
I cannot recreate this problem.
*utils/gssd/krb5_util.c:
Andrew Mahone <andrew.mahone@gmail.com> reported that reiser4
always has DT_UNKNOWN. He supplied patch to move the check
for regular files after the stat() call to correctly find
ccache files in reiser4 filesystem.
Also change the name comparison so that the wrong file is
not selected when the substring comparison is done.
*utils/gssd/krb5_util.c:
Limit the set of encryption types that can be negotiated by
the Kerberos library to those that the kernel code currently
supports.
This should eventually query the kernel for the list of
supported enctypes.
*utils/gssd/gss_util.c, utils/svcgssd/svcgssd_main_loop.c:
Print more information in error messages to help debugging failures.
*utils/svcgssd/svcgssd_proc.c: Increase token buffer size and
update error handling so that a response is always sent.
*utils/svcgssd/svcgssd_proc.c: Add support to retrieve
supplementary groups.
|
| | |
|
| | |
|
| |
|
|
| |
And added SEE ALSO section.
|
| | |
|
| | |
|
| | |
|
