| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
| |
Some init systems actually expect daemons to return 0 on success.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
| |
Fixed the usage of strcmp in the duplicate check in insert groups.
Fixes an issue with showmount and other commands that required
the group information.
Signed-off-by: Matthew Treinish <treinish@linux.vnet.ibm.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
| |
Clear stale MNT registrations before mountd tries to create fresh
listeners, to ensure that mountd starts. This is also what statd does.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
| |
Clean up: The MNT protocol has its own enum type defining error
status values. While the values can be the same as the NFSERR enum
type on some systems, it's not guaranteed to be true everywhere.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
| |
Clean up: rpc.mountd is no longer known as kmountd. Use the program's
basename rather than the full pathname for the usage message. Display
a version message at start up similar to statd's.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Fix a long standing bug: when my_svc_run() returns, mountd should
unregister itself with the local rpcbind so that it can subsequently
start cleanly.
Log a more helpful error message in this case.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
If TI-RPC is available, use it to create mountd's svc listener. If
not, use the old function, rpc_init(), to create mountd's listener.
IPv6 can be supported if TI-RPC is available. In this case,
/etc/netconfig is searched to determine which transports to advertise.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
| |
Ensure users and programmers specify NFS version numbers correctly.
This also makes the next patch more clean.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Clean up: Squelch compiler warnings and document public parts of
cache API.
cache.c: At top level:
cache.c:67: warning: no previous prototype for auth_unix_ip
cache.c:123: warning: no previous prototype for auth_unix_gid
cache.c:217: warning: no previous prototype for get_uuid
cache.c:247: warning: no previous prototype for uuid_by_path
cache.c:326: warning: no previous prototype for nfsd_fh
cache.c:745: warning: no previous prototype for nfsd_export
cache.c:820: warning: no previous prototype for cache_open
cache.c:832: warning: no previous prototype for cache_set_fd
cache.c:841: warning: no previous prototype for
cache_process_req
cache.c:921: warning: no previous prototype for cache_export
cache.c:953: warning: no previous prototype for
cache_get_filehandle
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
| |
Replace IPv4-specific code in the mountlist_del_all() path with code
that is address family agnostic.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Replace IPv4-specific code with use of our generic hostname helpers
in the routines that handle incoming MNT RPC requests.
These functions will support IPv6 without additional changes, once
IPv6 is enabled in the generic hostname helpers.
As part of this update, I've modified all of mountd's _svc routines
to use a debug message format that is consistent with statd. It may
be overkill for some of these; if so we can pull them out later.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
| |
Make the entire auth_authenticate() code path address-family agnostic.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is more of a clean-up than a behavioral change.
POSIX requires that a "struct sockaddr" is the same size as a "struct
sockaddr_in". Therefore, a variable or field of type "struct sockaddr"
cannot contain an AF_INET6 address. However, "struct sockaddr *" is
often used to reference a generic (ie non-address family specific)
socket address, generating some confusion about this.
The nfsctl_arg struct uses a struct sockaddr (not a pointer) to pass
the client's IP address to the kernel. This means the legacy nfsctl()
kernel API can never support IPv6. Fortunately for us, this legacy
interface was replaced by a text-based cache interface a few years
back. We don't need to support non-AF_INET addresses here.
The getfh() functions in nfs-utils provide a handy C API for the
kernel's nfsctl interface. The getfh() functions still take a struct
sockaddr *, though, and that can imply that a non-IPv4 address can be
passed via this API. To make it abundantly clear that only IPv4
addresses can be used with this interface, change the synopses of
getfh() and friends to take a struct sockaddr_in * instead of a struct
sockaddr * .
This makes these functions conform with other places in mountd and
exportfs that already grok the difference between a struct sockaddr
and a struct sockaddr_in.
While we're here...
Introduce some nice documenting comments for the get_fh() functions,
and...
Since mountd will support IPv6 in the near future, assert that the
family of client addresses passed to this API is indeed AF_INET, in
order to prevent non-AF_INET addresses from ever being passed to the
legacy nfsctl() interface.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
mountd.c: In function 'mount_null_1_svc':
mountd.c:195: warning: unused parameter 'rqstp'
mountd.c:195: warning: unused parameter 'argp'
mountd.c:195: warning: unused parameter 'resp'
mountd.c: In function 'mount_dump_1_svc':
mountd.c:213: warning: unused parameter 'argp'
mountd.c: In function 'mount_umnt_1_svc':
mountd.c:224: warning: unused parameter 'resp'
mountd.c: In function 'mount_umntall_1_svc':
mountd.c:248: warning: unused parameter 'argp'
mountd.c:248: warning: unused parameter 'resp'
mountd.c: In function 'mount_export_1_svc':
mountd.c:258: warning: unused parameter 'argp'
mountd.c: In function 'mount_exportall_1_svc':
mountd.c:269: warning: unused parameter 'argp'
mountd.c: In function 'mount_dump_1_svc':
mountd.c:216: warning: unused parameter 'argp'
mountd.c: In function 'mount_umnt_1_svc':
mountd.c:227: warning: unused parameter 'resp'
mountd.c: In function 'mount_umntall_1_svc':
mountd.c:251: warning: unused parameter 'argp'
mountd.c:251: warning: unused parameter 'resp'
mountd.c: In function 'mount_export_1_svc':
mountd.c:261: warning: unused parameter 'argp'
mountd.c: In function 'mount_exportall_1_svc':
mountd.c:272: warning: unused parameter 'argp'
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
struct hostent can store either IPv4 or IPv6 addresses, but it can't
store both address families concurrently for the same host. Neither
can hostent deal with parts of socket addresses that are outside of
the sin{,6}_addr field.
Replace the use of "struct hostent" everywhere in libexport.a, mountd,
and exportfs with "struct addrinfo". This is a large change, but
there are so many strong dependencies on struct hostent that this
can't easily be broken into smaller pieces.
One benefit of this change is that hostent_dup() is no longer
required, since the results of getaddrinfo(3) are already dynamically
allocated.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
and one for NFSv3 (MOUNTv3)
When --no-nfs-version requests an NFS version to be disabled, the
code actually disabled the MOUNT version. This works is several cases,
but requires --no-nfs-version 1 to completely disable NFSv2, which
is wrong.
So if we do disable 1, 2, and 3. mountd complain and won't run, it
is not possible to run just v4 - i.e. not listening for MOUNT requests
at all (as v4 doesn't need them).
So change the handling of "--no-nfs-version 2" it disable MOUNTv1 as
well as
MOUNTv2, and allow mountd to continue running as long as one of
NFSv2 NFSv3 NFSv4 is enabled.
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
| |
Comment clarification, minor style cleanup.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
|
|
|
|
|
|
|
|
|
|
|
|
| |
I needed to understand get_exportlist() recently, and it gave me
trouble.
Move detail work into helper functions to make the basic logic clear,
and to remove need for excessive nesting (and fix inconsistent
indentation levels). Also remove unnecessary casts of void returns from
xmalloc().
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
|
|
|
|
|
|
|
| |
Don't show pseudo exports when clients ask to see what
is exported via the showmount mount command.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In the absence of an explicit sec= option on an export, rpc.mountd
is returning a zero-length flavor list to clients in the MOUNT results.
The linux client doesn't seem to mind, but the Solaris client
(reasonably enough) is giving up; the symptom is a "security mode
does not match" error on mount.
We could modify the export-parsing code to ensure the secinfo array
is nonzero. But I think it's slightly simpler to handle this default
case in the implementation of the MOUNT call. This is more-or-less the
same thing the kernel does when mountd passes it an export without any
security flavors specified.
Thanks to Tom Haynes for bug report and diagnosis.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
mountd tries to avoid telling the kernel to export something
when the kernel already knows to do that.
However sometimes (exportfs -r) the kernel can be told
to forget something without mountd realising.
So if mountd finds that it cannot get a valid filehandle,
make sure it really has been exported to the kernel.
This only applies if the nfsd filesystem is not mounted.
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Mountd keeps file descriptors used for locks separate from
those used for io and seems to assume that the lock will
only be released on close of the file descriptor that was used
with fcntl. Actually the lock is released when any file
descriptor for that file is closed. When setexportent() is called
after xflock() he closes and reopens the io file descriptor and defeats the
lock.
This patch fixes that by using a separate file for locking, cleaning
them up when finished.
Signed-off-by: Ben Myers <bpm@sgi.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
TI-RPC's version of the svc_getcaller() macro points to a sockaddr_in6,
not a sockaddr_in, though for AF_INET callers, an AF_INET address
resides there. To squelch compiler warnings when the TI-RPC version of
the svc_req structure is used, add inline helpers with appropriate
type casting.
Note that tcp_wrappers support only AF_INET addresses for now.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There were some problems with exportfs and rpc.mountd for long export
lists - see https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=76643
I do optimalization as my bachelors thesis (Facuulty of informatics,
Masaryk's university Brno, Czech Republic), under lead of Yenya
Kasprzak.
Both exportfs and rpc.mount build linked list of exports (shared
functions in export.c). Every time they are inserting new export into
list, they search for same export in list.
I replaced linked list by hash table and functions export_add and
export_lookup by functions hash_export_add and hash_export_lookup
(export.c).
Because some other functions required exportlist as linked list, hash
table has some implementation modification im comparison with ordinary
hash table. It also keeps exports in linked list and has pointer to
head of the list. So there's no need of implementation function
<for_all_in_hash_table>.
Signed-off-by: Tomas Richter <krik3t@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
| |
Instead of using a static list of supported flavors, we should be taking
the list from the export.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
| |
I find it more readable to have the normal (non-error) case unindented,
and to keep conditionals relatively simple, as is the usual kernel
style. Fix some inconsistent indentation while we're there.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Contrary to the comment above its definition, the field m_path always
has the same value as e_path: the *only* modifications of m_path are all
of the form:
strncpy(exp->m_export.m_path, exp->m_export.e_path,
sizeof (exp->m_export.m_path) - 1);
exp->m_export.m_path[sizeof (exp->m_export.m_path) - 1] = '\0';
So m_path is always just a copy of e_path. In places where we need to
store a path to a submount of a CROSSMNT-exported filesystem, as in
cache.c, we just use a local variable.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Mountd used to advertise AUTH_NULL as the first flavour on
the list, which means that it prefers AUTH_NULL to anything
else (as per RFC 2623 section 2.7).
- Mount.nfs used to scan the returned list in reverse order,
and stopping at the first AUTH_NULL or AUTH_SYS encountered.
If a server advertises (AUTH_SYS, AUTH_NULL), it will by
default choose AUTH_NULL and have degraded access.
I've fixed mount.nfs to scan from the beginning. For mountd,
it does not advertise AUTH_NULL anymore. This is necessary
to avoid backward compatibility issue. If AUTH_NULL appears
in the list, either the new or the old client will choose
that over AUTH_SYS.
Tested the server/client combination against the previous
versions, as well as Solaris and FreeBSD.
Signed-off-by: bc Wong <bcwong@cisco.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
should not be considered a failure. It just means that there are no
exports on the system.
The practical problem with the current code is that a showmount -e
results in a syslog message from mountd that looks like:
rpc.mountd: export request from 10.250.100.2 failed.
Reviewed-by: Greg Banks <gnb@sgi.com>
Signed-off-by: Harshula Jayasuriya <harshula@sgi.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If a host is a member of a large number of netgroups, it becomes easily
possible for client_compose to generate a m_hostname string that
overflows the maximum string length allowed by the kernel caches.
This patch adds a new mode for mountd where it will map IP address to IP
address in the auth.unix.ip cache. When this enabled, mountd doesn't
bother using client_compose to build the m_hostname string. It just
populates it with the dotted-quad ip address. When mountd handles a
mount request, it then has an IP address and a path. It then calls
client_check to check the host against export entries where the path has
already matched.
Since we don't bother looking up netgroups which have no relation to the
mount, this can be a big performance gain in netgroup-heavy
configurations. The downside is that every host has a corresponding
entry in the nfsd.export and nfsd.fh caches as well as the auth.unix.ip
cache.
The new behavior is automatically enabled if the length of all of the
concatenated netgroup names in the export table is longer than half
NFSCLNT_IDMAX. The rationale for this logic is that this should allow
for a host to be a member of a long list of netgroups while still
allowing for other matches.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Acked-by: Steve Dickson <steved@redhat.com>
Signed-off-by: Neil Brown <neilb@suse.de>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch changes mountd to hold the etab file open so that when it's
changed by exportfs, the inode number should change. We then change
auth_reload to reload the file based on whether st_ino is different
from the last time it was checked. It also changes auth_reload to
maintain a static counter value and return it instead of a timestamp
and fixes up get_exportlist accordingly. Finally, it adds some
comments to xtab_write to warn people about editing the etab in place.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: NeilBrown <neilb@suse.de>
|
|
|
|
|
|
|
|
|
| |
If we are asked to export a filesystem which is not explicitly
exported, but an ancestor is exported as 'crossmnt', export the
filesystems with the same options as the ancestor.
This is the first step to making 'crossmnt' effectively export
a tree of filesystems.
|
|
|
|
|
|
|
| |
With "-g" mountd will listen for uid -> gidlist requests
from the kernel and provide the required mapping.
This is specific to AUTH_USER (aka AUTH_SYS) and is designed
to overcome the 16-gid limit in the AUTH_UNIX protocol.
|
|
|
|
|
|
| |
If auth_reload has been called by someone else, get_exportlist
can incorrectly return old data. So track modify times better
and only use cached data if the modify time matches.
|
|
|
|
|
|
| |
And make sure that if we fail to export a filesystem in mountd,
then we don't try to get a filehandle on it, or a deadlock
might occur.
|
|
|
|
|
|
|
|
|
| |
I forgot a bit of code that needs to go into patch 3 that I posted yesterday.
This adds a long option for the -r option. I'll post manpage update patches
once I get them written up.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Neil Brown <neilb@suse.de>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For those that want "traditional" showmount -a behavior from their mountd
(hostname:/path instead of ipaddr:/path). This patch adds a '-r' flag that
does a reverse-resolve for each IP address listed in the rmtab when
a dump operation is called.
Probably not a good idea for those concerned about performance, but since it's
not the default option, I don't see it being an issue.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Neil Brown <neilb@suse.de>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
IP addresses
Neil suggested a patch to change the mountlist_add and mountlist_del calls to
use IP addresses instead of the names returned by client_compose based on a
command line option flag.
I don't see any real reason to put client_compose strings into the rmtab, so
this patch makes it so that it adds IP addresses instead of those strings to
the rmtab by default.
It also removes all mountlist_add calls that are being done from kernel cache
routines. My main concern there is NFSv4. We don't seem to make any upcalls to
mountd on NFSv4 unmounts, and I don't see a way to reliably remove NFSv4
entries. So, I figured I'd stick with having mountlist_add only called when
a v2 or v3 mount call is made, and mountlist_del called only on the
corresponding unmount call.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Neil Brown <neilb@suse.de>
|
|
|
|
|
|
|
| |
The getopt_long() option string in mountd was having a spurious
colon after the 'n', leading to the short form of --no-tcp not
being usable (expecting a parameter, contrary to the long form
and the documentation). Fix.
|
|
|
|
| |
unused labels, constness, signedness.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
How about the attached patch against nfs-utils tot? It
adds a -t option to set the number of forked workers.
Default is 1 thread, i.e. the old behaviour.
I've verified that showmount -e, the Ogata mount client,
and a real mount from Linux and IRIX boxes work with and
without the new option.
I've verified that you can manually kill any of the workers
without the portmap registration going away, that killing
all the workers causes the manager process to wake up and
unregister, and killing the manager process causes the
workers to be killed and portmap unregistered.
I've verified that all the workers have file descriptors
for the udp socket and the tcp rendezvous socket, that
connections are balanced across all the workers if service
times are sufficiently long, and that performance is
improved by that parallelism, at least for small numbers
of threads. For example, with 60 parallel MOUNT calls
and a testing patch to make DNS lookups take 100 milliseconds
time to perform all mounts (averaged over 5 runs) is:
num elapsed
threads time (sec)
------ ----------
1 13.125
2 6.859
3 4.836
4 3.841
5 3.303
6 3.100
7 3.078
8 3.018
Greg.
--
Greg Banks, R&D Software Engineer, SGI Australian Software Group.
I don't speak for SGI.
|
|
|
|
|
|
| |
Let the user select (via a new parameter) the path to the NFS
state directory for mountd, to match the statd functionality.
"Steinar H. Gunderson" <sesse@debian.org>
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*utils/mountd/mountd.c:
mountd currently always returns AUTH_NULL and AUTH_SYS as the
allowable flavors in mount replies. We want it to also return gss
flavors when appropriate. For now as a hack we just have it always
return the KRB5 flavors as well.
*utils/mountd/cache.c:
When attempting to mount an NFSv4 pseudofilesystem (fsid=0) and the
actual exported directory does not exist on the server, rpc.mountd
doesn't check the directory exists (when fsidtype=1, i.e. using fsid,
but does check for fsidtype=0, i.e. using dev/ino). The non-existent
exported directory path with fsid=0 is written to the kernel via
/proc/net/rpc/nfsd.export/channel, which leads to path_lookup() to
return ENOENT (seems appropriate). Unfortunately, the new_cache
approach ignores errors returned when writing via the channel file so
that particular error is lost and the mount request is silently ignored.
Assuming it doesn't make sense to revamp the new_cache/up-call method to
not ignore returned errors, it seems appropriate to fix the case where
rpc.mountd doesn't check for the existence of an exported directory with
fsid= semantics. The following patch does this by moving the stat() up
so it is done for both fsidtype's. I'm not certain whether the other
tests need to be executed for fsidtype=1, but it doesn't appear to hurt
[Not exactly true: the comparison of inode numbers caused problems so
now it's kept for fsidtype=0 only].
Would it be also desirable to log a warning for every error, if any,
returned by a write to any of the /proc/net/rpc/*/channel files which
would otherwise be ignored (maybe under a debug flag)?
* gssd/mountd/svcgssd: Changes gssd, svcgssd, and mountd to ignore a
SIGHUP rather than dying.
* many: Remove the gssapi code and rely on an external library instead.
|
| |
|
| |
|
| |
|
| |
|