| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
cache.c:812: warning: missing initializer
cache.c:812: warning: (near initialization for 'cachelist[0].f')
cache.c:813: warning: missing initializer
cache.c:813: warning: (near initialization for 'cachelist[1].f')
cache.c:814: warning: missing initializer
cache.c:814: warning: (near initialization for 'cachelist[2].f')
cache.c:815: warning: missing initializer
cache.c:815: warning: (near initialization for 'cachelist[3].f')
cache.c:816: warning: missing initializer
cache.c:816: warning: (near initialization for 'cachelist[4].f')
cache.c: In function 'cache_export_ent':
cache.c:887: warning: comparison between signed and unsigned integer expressions
cache.c:907: warning: comparison between signed and unsigned integer expressions
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
fsloc.c: In function 'replicas_lookup':
fsloc.c:149: warning: unused parameter 'key'
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
| |
Fixed Small typo in the new fs uuid comparison code
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
struct hostent can store either IPv4 or IPv6 addresses, but it can't
store both address families concurrently for the same host. Neither
can hostent deal with parts of socket addresses that are outside of
the sin{,6}_addr field.
Replace the use of "struct hostent" everywhere in libexport.a, mountd,
and exportfs with "struct addrinfo". This is a large change, but
there are so many strong dependencies on struct hostent that this
can't easily be broken into smaller pieces.
One benefit of this change is that hostent_dup() is no longer
required, since the results of getaddrinfo(3) are already dynamically
allocated.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Introduce DNS query helpers based on getaddrinfo(3) and
getnameinfo(3). These will eventually replace the existing
hostent-based functions in support/export/hostname.c.
Put some of these new helpers to immediate use, where convenient.
As they are part of libexport.a, I've added the forward declarations
for these new functions in exportfs.h rather than misc.h, where the
hostent-based forward declarations are currently.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If you export two subvolumes of a btrfs filesystem, they will both be
given the same uuid so lookups will be confused.
blkid cannot differentiate the two, so we must use the fsid from
statfs64 to identify the filesystem.
We cannot tell if blkid or statfs is best without knowing internal
details of the filesystem in question, so we need to encode specific
knowledge of btrfs in mountd. This is unfortunate.
To ensure smooth handling of this and possible future changes in uuid
generation, we add infrastructure for multiple different uuids to be
recognised on old filehandles, but only the preferred on is used on
new filehandles.
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To store non-AF_INET addresses in the nfs_client structure, we need to
use more than in_addr for the m_addrlist field. Make m_addrlist
larger, then add a few helper functions to handle type casting and
array indexing cleanly.
We could treat the nfs_client address list as if all the addresses
in the list were the same family. This might work for MCL_SUBNETWORK
type nfs_clients. However, during the transition to IPv6, most hosts
will have at least one IPv4 and one IPv6 address. For MCL_FQDN, I
think we need to have the ability to store addresses from both
families in one nfs_client.
Additionally, IPv6 scope IDs are not part of struct sin6_addr. To
support link-local IPv6 addresses and the like, a scope ID must be
stored.
Thus, each slot in the address list needs to be capable of storing an
entire socket address, and not simply the network address part.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
Part of the reason for the previous bug was confusion between "subpath"
and "path"; which is the shorter path, and which the longer?
"child" and "parent" seem less ambiguous.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
This was obviously wrong, since path[strlen(path)] == '\0'
should always be true.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
A uid or gid should be represented as unsigned, not signed.
The conversion to signed here could cause a hang on access by an unknown
user to a server running mountd with --manage-gids; such a user is
likely to be mapped to 232-1, which may be converted to 231-1 when
represented as an int, resulting in a downcall for uid 231-1, hence the
original rpc hanging forever waiting for a cache downcall for 232-1.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If paths A and A/B are both exported, then we have a choice of exports
to return for A (or under A but still above A/B): we could return A
itself, or we could return a V4ROOT export leading to B.
For now, we will always prefer the non-V4ROOT export, whenever that is
an option. This will allow clients to reach A/B as long as
adminstrators keep to the rule that the security on a parent permits the
union of the access permitted on any descendant.
In the future we may support more complicated arrangements.
(Note: this can't be avoided by simply not creating v4root exports with
the same domain and path, because different domains may have some
overlap.)
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently,
mount --bind /path /path
where /path is a subdirectory of a crossmnt export, can cause client
hangs, since the kernel detects that as a mountpoint, but nfs-util's
is_mountpoint() function does not.
I don't see any sure-fire way to detect such mountpoints. But that's
OK: it's harmless to allow this upcall to succeed even when the
directory is not a mountpoint, so let's just remove this check.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
|
| |
|
|
|
|
|
| |
More trivial cleanup (no change in functionality) to group logical
operations together into a single function.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
|
| |
|
|
|
|
|
|
|
|
|
| |
Move this main loop to a separate function, to make it a little easier
to follow the logic of the caller.
Also, instead of waiting till we find an export to do the dns
resolution, do it at the start; it will normally be needed anyway, and
this simplifies the control flow.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
2d77e3a27b7b211f303f.. "Fix bug when both crossmnt and fsid are set"
Subexports automatically created by "crossmnt" get the NFSEXP_FSID flag
cleared. That flag should also be cleared in the
security-flavor-specific flag fields. Otherwise the kernel detects the
inconsistent flags and rejects the export.
The symptoms are clients hanging the first time they export a filesystem
mounted under a filesystem that was exported with something like:
/exports *(crossmnt,fsid=0,sec=krb5)
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There were some problems with exportfs and rpc.mountd for long export
lists - see https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=76643
I do optimalization as my bachelors thesis (Facuulty of informatics,
Masaryk's university Brno, Czech Republic), under lead of Yenya
Kasprzak.
Both exportfs and rpc.mount build linked list of exports (shared
functions in export.c). Every time they are inserting new export into
list, they search for same export in list.
I replaced linked list by hash table and functions export_add and
export_lookup by functions hash_export_add and hash_export_lookup
(export.c).
Because some other functions required exportlist as linked list, hash
table has some implementation modification im comparison with ordinary
hash table. It also keeps exports in linked list and has pointer to
head of the list. So there's no need of implementation function
<for_all_in_hash_table>.
Signed-off-by: Tomas Richter <krik3t@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
| |
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
| |
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Fix a couple of bugs which show up if you try to explicitly set a
16-byte UUID when exporting a file system. First, exportfs cuts the
first two bytes off the UUID and writes something invalid to etab.
Second, mountd writes the _ascii_ form of the UUID to the kernel,
instead of converting it to hex.
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
Make sure are zero len group list is sent down to the
kernel when the gids do not exist on the server.
Tested-by: Alex Samad <alex@samad.com.au>
Signed-off-by: Neil Brown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
idle disks to spin up for basically no reason.
Signed-off-by: Steinar H. Gunderson <sgunderson@bigfoot.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
places in the mountd code.
Signed-off-by: Steve Dickson <steved@redhat.com>
Signed-off-by: Frank Filz <ffilzlnx@us.ibm.com>
|
| |
|
|
|
|
|
|
|
| |
When exported a filesystems with option inherited (by the crossmnt
option) from a higherlevel filesystem, ignore filesystem specific
options like FSID and explicit UUID.
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
explicitly exported, but is below an export point that is flagged as
"crossmnt", it passes the wrong path name to the kernel for the
"filehandle -> directory"
mapping.
This can badly confuse the NFS client, and is certainly wrong.
So use the correct path names.
Signed-off-by: Neil Brown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If a host is a member of a large number of netgroups, it becomes easily
possible for client_compose to generate a m_hostname string that
overflows the maximum string length allowed by the kernel caches.
This patch adds a new mode for mountd where it will map IP address to IP
address in the auth.unix.ip cache. When this enabled, mountd doesn't
bother using client_compose to build the m_hostname string. It just
populates it with the dotted-quad ip address. When mountd handles a
mount request, it then has an IP address and a path. It then calls
client_check to check the host against export entries where the path has
already matched.
Since we don't bother looking up netgroups which have no relation to the
mount, this can be a big performance gain in netgroup-heavy
configurations. The downside is that every host has a corresponding
entry in the nfsd.export and nfsd.fh caches as well as the auth.unix.ip
cache.
The new behavior is automatically enabled if the length of all of the
concatenated netgroup names in the export table is longer than half
NFSCLNT_IDMAX. The rationale for this logic is that this should allow
for a host to be a member of a long list of netgroups while still
allowing for other matches.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Acked-by: Steve Dickson <steved@redhat.com>
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
hostent arg
This moves the resolution of IP address to hostent into a helper function
and has other functions call it. Having client_compose take a hostent arg
allows us to avoid an extra hostname lookup in the auth_authenticate
codepath as well. Instead of redoing this lookup in client_compose, we can
simply reuse the hostent that was already generated in auth_authenticate.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Acked-by: Steve Dickson <steved@redhat.com>
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
|
|
|
|
|
| |
nfsd_fh() uses strdup for creating found_path and doesn't check the
return value. It also doesn't free this memory when the function
returns. Check the return value of strdup and return immediately
if it's NULL. Also, free found_path on exit.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Acked-by: Steve Dickson <steved@redhat.com>
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
|
|
|
| |
commit dbfcba5b03481d49f3e78946fe8fd066e2025545
incorrectly added some mountlist_add calls.
Removed them again.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
|
|
|
|
|
| |
This adds support for reading sec= option and sending security data
through cache via "... secinfo n flavor1 flag1 ... flavorN flagN".
If sec= is missing, no secinfo option will be passed down.
Signed-off-by: Fred Isaman <iisaman@citi.umich.edu>
Signed-off-by: "J. Bruce Fields" <bfields@citi.umich.edu>
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
|
|
|
|
|
| |
If an attempt is made to export a non-(dir|file), just ignore it.
This should get caught by exportfs.
If an attempt is made to export a non-exportable filesystem, report
an error. Hopefully exportfs can trap some these as well, but
catching them in mountd as well is good.
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
|
|
|
|
| |
If the kernel rejects an attempt to export a filesystem - e.g. because
it is not exportable, we shouldn't just ignore the error, but rather
should tell the kernel that the relevant filehandle or path cannot be supported.
We should really print out some error messages too.
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
|
| |
Some versions of libblkid have a terrible memory leak which makes
mounted grow toooo big. So support
--disable-uuid
to remove the uuid functionality and liblkid with it.
|
| |
|
|
|
|
| |
When looking for the exportpoint to match a given fsid,
if an NFSEXP_CROSSMOUNT export is found, also check all filesystems
mounted below there.
|
| |
|
|
|
|
|
| |
If the kernel finds a mountpoint below a 'crossmnt' export, it will ask
mounted what export options to use. With this patch it will return
the same export options as for the top 'crossmnt' export unless
more specific options have been given.
|
| |
|
|
|
|
|
|
|
| |
If we are asked to export a filesystem which is not explicitly
exported, but an ancestor is exported as 'crossmnt', export the
filesystems with the same options as the ancestor.
This is the first step to making 'crossmnt' effectively export
a tree of filesystems.
|
| |
|
|
|
| |
1/ only warn once per export, as it could get too noisy.
2/ make it a little clearer why this might be a problem.
|
| |
|
|
|
|
|
| |
As nfs-utils as an ordering of client types (hostname, netmask,
wildcard, netgroup), it is expected that sometimes the one IP will
match two or more of these and the first will over-ride. So
don't both complaining when that happens.
|
| |
|
|
|
|
|
|
| |
It appears that this is used only by unfsd, and is obscure enough that
we should be able to just rip it out with no special precautions.
Signed-off-by: "J. Bruce Fields" <bfields@citi.umich.edu>
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
/* The fsid -> path lookup can be quite expensive as it
* potentially stats and reads lots of devices, and some of those
* might have spun-down. The Answer is not likely to
* change underneath us, and an 'exportfs -f' can always
* remove this from the kernel, so use a really log
* timeout. Maybe this should be configurable on the command
* line.
*/
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
|
| |
Wrong pointer test meant mountd would alway do gid lookups
instead of only if asked to with '-g'.
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
|
|
| |
Use the correct pointer when writing fslocations data to the cache.
Also write the fsloc stuff before the uuid stuff so userland code
will work with or without the uuid kernel patches.
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
|
|
|
|
| |
Extend exportfs interface to pass fslocations info into the kernel,
using syntax modelled after AIX. Adds "refer=" and "replicas="
options to /etc/exports to enable use of the kernel fslocation code.
Signed-off-by: Fred Isaman <iisaman@citi.umich.edu>
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
|
| |
With "-g" mountd will listen for uid -> gidlist requests
from the kernel and provide the required mapping.
This is specific to AUTH_USER (aka AUTH_SYS) and is designed
to overcome the 16-gid limit in the AUTH_UNIX protocol.
|
| |
|
|
|
|
|
|
|
|
|
| |
This introduces a new dependancy on libblkid.
If a filesystem being exported has a UUID that libblkid
can extract, then that is passed to the kernel for use
in identifying the filesystem in filehandles.
This means that 'fsid=' is no longer needed to work around the
problem of device numbers changing.
fsid= is still needed for fielsystems that have no device,
and can now be given 16byute uuid instead of just a 32bit one.
|
| |
|
|
|
|
|
|
| |
Signed-off-by: Fred Isaman <iisaman@citi.umich.edu>
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
Remove duplicated code.
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The NFS kernel server does not support uid mappings, activated with flags
such as "map_daemon" in exports. There is already code that parses these
flags, and gives an error at mount time if an unsupported flag (ie. any
but the default) is given. However, at some point the kernel changed the
export interface, and the new code forgot to include the relevant check.
Thus, simply copy the check from the old to the new code, which makes
sure mountd behaves the same in this aspect regardless of kernel version,
and makes sure the admin does not inadvertently use map_daemon and expect
it to work.
Signed-off-by: Steinar H. Gunderson <sesse@debian.org>
|
| |
|
|
|
|
| |
And make sure that if we fail to export a filesystem in mountd,
then we don't try to get a filehandle on it, or a deadlock
might occur.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
IP addresses
Neil suggested a patch to change the mountlist_add and mountlist_del calls to
use IP addresses instead of the names returned by client_compose based on a
command line option flag.
I don't see any real reason to put client_compose strings into the rmtab, so
this patch makes it so that it adds IP addresses instead of those strings to
the rmtab by default.
It also removes all mountlist_add calls that are being done from kernel cache
routines. My main concern there is NFSv4. We don't seem to make any upcalls to
mountd on NFSv4 unmounts, and I don't see a way to reliably remove NFSv4
entries. So, I figured I'd stick with having mountlist_add only called when
a v2 or v3 mount call is made, and mountlist_del called only on the
corresponding unmount call.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
| |
unused labels, constness, signedness.
|
