| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
mountd.c: In function 'mount_null_1_svc':
mountd.c:195: warning: unused parameter 'rqstp'
mountd.c:195: warning: unused parameter 'argp'
mountd.c:195: warning: unused parameter 'resp'
mountd.c: In function 'mount_dump_1_svc':
mountd.c:213: warning: unused parameter 'argp'
mountd.c: In function 'mount_umnt_1_svc':
mountd.c:224: warning: unused parameter 'resp'
mountd.c: In function 'mount_umntall_1_svc':
mountd.c:248: warning: unused parameter 'argp'
mountd.c:248: warning: unused parameter 'resp'
mountd.c: In function 'mount_export_1_svc':
mountd.c:258: warning: unused parameter 'argp'
mountd.c: In function 'mount_exportall_1_svc':
mountd.c:269: warning: unused parameter 'argp'
mountd.c: In function 'mount_dump_1_svc':
mountd.c:216: warning: unused parameter 'argp'
mountd.c: In function 'mount_umnt_1_svc':
mountd.c:227: warning: unused parameter 'resp'
mountd.c: In function 'mount_umntall_1_svc':
mountd.c:251: warning: unused parameter 'argp'
mountd.c:251: warning: unused parameter 'resp'
mountd.c: In function 'mount_export_1_svc':
mountd.c:261: warning: unused parameter 'argp'
mountd.c: In function 'mount_exportall_1_svc':
mountd.c:272: warning: unused parameter 'argp'
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
cache.c:812: warning: missing initializer
cache.c:812: warning: (near initialization for 'cachelist[0].f')
cache.c:813: warning: missing initializer
cache.c:813: warning: (near initialization for 'cachelist[1].f')
cache.c:814: warning: missing initializer
cache.c:814: warning: (near initialization for 'cachelist[2].f')
cache.c:815: warning: missing initializer
cache.c:815: warning: (near initialization for 'cachelist[3].f')
cache.c:816: warning: missing initializer
cache.c:816: warning: (near initialization for 'cachelist[4].f')
cache.c: In function 'cache_export_ent':
cache.c:887: warning: comparison between signed and unsigned integer expressions
cache.c:907: warning: comparison between signed and unsigned integer expressions
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
fsloc.c: In function 'replicas_lookup':
fsloc.c:149: warning: unused parameter 'key'
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
| |
Fixed Small typo in the new fs uuid comparison code
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
struct hostent can store either IPv4 or IPv6 addresses, but it can't
store both address families concurrently for the same host. Neither
can hostent deal with parts of socket addresses that are outside of
the sin{,6}_addr field.
Replace the use of "struct hostent" everywhere in libexport.a, mountd,
and exportfs with "struct addrinfo". This is a large change, but
there are so many strong dependencies on struct hostent that this
can't easily be broken into smaller pieces.
One benefit of this change is that hostent_dup() is no longer
required, since the results of getaddrinfo(3) are already dynamically
allocated.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Introduce DNS query helpers based on getaddrinfo(3) and
getnameinfo(3). These will eventually replace the existing
hostent-based functions in support/export/hostname.c.
Put some of these new helpers to immediate use, where convenient.
As they are part of libexport.a, I've added the forward declarations
for these new functions in exportfs.h rather than misc.h, where the
hostent-based forward declarations are currently.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If you export two subvolumes of a btrfs filesystem, they will both be
given the same uuid so lookups will be confused.
blkid cannot differentiate the two, so we must use the fsid from
statfs64 to identify the filesystem.
We cannot tell if blkid or statfs is best without knowing internal
details of the filesystem in question, so we need to encode specific
knowledge of btrfs in mountd. This is unfortunate.
To ensure smooth handling of this and possible future changes in uuid
generation, we add infrastructure for multiple different uuids to be
recognised on old filehandles, but only the preferred on is used on
new filehandles.
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
and one for NFSv3 (MOUNTv3)
When --no-nfs-version requests an NFS version to be disabled, the
code actually disabled the MOUNT version. This works is several cases,
but requires --no-nfs-version 1 to completely disable NFSv2, which
is wrong.
So if we do disable 1, 2, and 3. mountd complain and won't run, it
is not possible to run just v4 - i.e. not listening for MOUNT requests
at all (as v4 doesn't need them).
So change the handling of "--no-nfs-version 2" it disable MOUNTv1 as
well as
MOUNTv2, and allow mountd to continue running as long as one of
NFSv2 NFSv3 NFSv4 is enabled.
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To store non-AF_INET addresses in the nfs_client structure, we need to
use more than in_addr for the m_addrlist field. Make m_addrlist
larger, then add a few helper functions to handle type casting and
array indexing cleanly.
We could treat the nfs_client address list as if all the addresses
in the list were the same family. This might work for MCL_SUBNETWORK
type nfs_clients. However, during the transition to IPv6, most hosts
will have at least one IPv4 and one IPv6 address. For MCL_FQDN, I
think we need to have the ability to store addresses from both
families in one nfs_client.
Additionally, IPv6 scope IDs are not part of struct sin6_addr. To
support link-local IPv6 addresses and the like, a scope ID must be
stored.
Thus, each slot in the address list needs to be capable of storing an
entire socket address, and not simply the network address part.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
Part of the reason for the previous bug was confusion between "subpath"
and "path"; which is the shorter path, and which the longer?
"child" and "parent" seem less ambiguous.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
This was obviously wrong, since path[strlen(path)] == '\0'
should always be true.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
A uid or gid should be represented as unsigned, not signed.
The conversion to signed here could cause a hang on access by an unknown
user to a server running mountd with --manage-gids; such a user is
likely to be mapped to 232-1, which may be converted to 231-1 when
represented as an int, resulting in a downcall for uid 231-1, hence the
original rpc hanging forever waiting for a cache downcall for 232-1.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
| |
Don't leak this file descriptor if stat should fail.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
Assuming the tcp_wrappers library can actually support IPv6 addresses,
here's a crack at IPv6 support in nfs-utils' TCP wrapper shim.
Some reorganization is done to limit the number of times that @sap
is converted to a presentation address string.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Eliminate these compiler warnings:
tcpwrapper.c: In function logit
tcpwrapper.c:225: warning: unused parameter procnum
tcpwrapper.c:225: warning: unused parameter prognum
Actually, @procnum is not used anywhere in our tcpwrapper.c, so
let's just get rid of it.
Since there is only one logit() call site in tcpwrapper.c, the macro
wrapper just adds needless clutter. Let's get rid of that too.
Finally, both mountd and statd now use xlog(), which adds an
appropriate program name prefix to every message. Replace the
open-coded syslog(2) call with an xlog() call in order to
consistently identify the RPC service reporting the intrusion.
Since logit() no longer references "deny_severity" and no nfs-utils
caller sets either allow_severity or deny_severity, we remove them.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
We've hidden v4root exports from get_exportlist (hence from the
showmount command), but not from other mountd operations--allowing
clients to attempt to mount exports when they should be getting an
immediate error.
Symptoms observed on a linux client were that a mount that previously
would have returned an error immediately now hung. This restores the
previous behavior.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Move more of v4root_set into a helper function.
Also, check the return value from strdup. (We don't really handle the
error well yet--we'll end up giving negative replies to export upcalls
when we should be giving the kernel exports, resulting in spurious
-ENOENTs or -ESTALE's--but that's better than crashing with a NULL
dereference.)
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
|
| |
|
|
|
|
|
| |
We're adding new entries, but not deleting them, so we don't need to do
the usual double-counter trick here.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since we're adding new exports as we traverse the export list, it's
possible we may find ourselves revisiting an export we just added. It's
harmless to reprocess those exports, as we're currently doing. But it's
also pointless.
(Actually, the current code appears to always add new export entries at
the head of each list, so we shouldn't hit this case. It still may be a
good idea to keep this check, though, as insulation against future
changes to that data structure.)
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
|
| |
|
|
|
|
|
|
| |
Only exportfs uses m_mayexport; mountd always populates the export list
with auth_reload(), which always sets m_mayexport on the entries it
creates.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
|
| |
|
|
|
|
| |
Common exit code.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
|
| |
|
|
|
|
| |
Move newcache case into its own function.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
|
| |
|
|
|
|
| |
Break up another big function.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
|
| |
|
|
|
|
| |
Comment clarification, minor style cleanup.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
I needed to understand get_exportlist() recently, and it gave me
trouble.
Move detail work into helper functions to make the basic logic clear,
and to remove need for excessive nesting (and fix inconsistent
indentation levels). Also remove unnecessary casts of void returns from
xmalloc().
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
|
| |
|
|
|
|
|
|
| |
If a pseudo root is not defined in the export file, the
v4root_needed global variable will be set, signaling
v4root_set() create the dynamic pseudo root.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
Don't show pseudo exports when clients ask to see what
is exported via the showmount mount command.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If paths A and A/B are both exported, then we have a choice of exports
to return for A (or under A but still above A/B): we could return A
itself, or we could return a V4ROOT export leading to B.
For now, we will always prefer the non-V4ROOT export, whenever that is
an option. This will allow clients to reach A/B as long as
adminstrators keep to the rule that the security on a parent permits the
union of the access permitted on any descendant.
In the future we may support more complicated arrangements.
(Note: this can't be avoided by simply not creating v4root exports with
the same domain and path, because different domains may have some
overlap.)
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
|
| |
|
|
|
|
|
|
|
| |
Create v4root exports for each directory that is a parent of an explicit
export. Give each the minimal security required to traverse to any of
its children.
Signed-off-by: Steve Dickson <steved@redhat.com>
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently,
mount --bind /path /path
where /path is a subdirectory of a crossmnt export, can cause client
hangs, since the kernel detects that as a mountpoint, but nfs-util's
is_mountpoint() function does not.
I don't see any sure-fire way to detect such mountpoints. But that's
OK: it's harmless to allow this upcall to succeed even when the
directory is not a mountpoint, so let's just remove this check.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
|
| |
|
|
|
|
|
| |
More trivial cleanup (no change in functionality) to group logical
operations together into a single function.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
|
| |
|
|
|
|
|
|
|
|
|
| |
Move this main loop to a separate function, to make it a little easier
to follow the logic of the caller.
Also, instead of waiting till we find an export to do the dns
resolution, do it at the start; it will normally be needed anyway, and
this simplifies the control flow.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
|
| |
|
|
|
|
|
|
|
|
|
| |
In nfs-utils 1.2.0, I noticed that the insecure option validates that
the client port is a
subset of IPPORT_RESERVED as opposed to just validating it is a valid
reserved port. The following proposed patch would correct that issue.
Acked-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Robert Gordon <rbg@openrbg.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In the absence of an explicit sec= option on an export, rpc.mountd
is returning a zero-length flavor list to clients in the MOUNT results.
The linux client doesn't seem to mind, but the Solaris client
(reasonably enough) is giving up; the symptom is a "security mode
does not match" error on mount.
We could modify the export-parsing code to ensure the secinfo array
is nonzero. But I think it's slightly simpler to handle this default
case in the implementation of the MOUNT call. This is more-or-less the
same thing the kernel does when mountd passes it an export without any
security flavors specified.
Thanks to Tom Haynes for bug report and diagnosis.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
2d77e3a27b7b211f303f.. "Fix bug when both crossmnt and fsid are set"
Subexports automatically created by "crossmnt" get the NFSEXP_FSID flag
cleared. That flag should also be cleared in the
security-flavor-specific flag fields. Otherwise the kernel detects the
inconsistent flags and rejects the export.
The symptoms are clients hanging the first time they export a filesystem
mounted under a filesystem that was exported with something like:
/exports *(crossmnt,fsid=0,sec=krb5)
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
mountd tries to avoid telling the kernel to export something
when the kernel already knows to do that.
However sometimes (exportfs -r) the kernel can be told
to forget something without mountd realising.
So if mountd finds that it cannot get a valid filehandle,
make sure it really has been exported to the kernel.
This only applies if the nfsd filesystem is not mounted.
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
with the explicit permission of Sun Microsystems
Signed-off-by: Tom "spot" Callaway <tcallawa@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Mountd keeps file descriptors used for locks separate from
those used for io and seems to assume that the lock will
only be released on close of the file descriptor that was used
with fcntl. Actually the lock is released when any file
descriptor for that file is closed. When setexportent() is called
after xflock() he closes and reopens the io file descriptor and defeats the
lock.
This patch fixes that by using a separate file for locking, cleaning
them up when finished.
Signed-off-by: Ben Myers <bpm@sgi.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Data type incompatibilities between the legacy RPC headers and the
TI-RPC headers mean we can't use libtirpc with code that was compiled
against the legacy RPC headers. The definition of rpcprog_t for
example is "unsigned long" in the legacy library, but it's "uint32_t"
for TI-RPC. On 32-bit systems, these types happen to have the same
width, but on 64-bit systems they don't, making more complex data
structures that use these types in fields ABI incompatible.
Adopt a new strategy to deal with this issue. When --enable-tirpc is
set, append "-I/usr/include/tirpc" to the compilation steps. This
should cause the compiler to grab the tirpc/ headers instead of the
legacy headers. Now, for TI-RPC builds, the TI-RPC legacy functions
and the TI-RPC headers will be used. On legacy systems, the legacy
headers and legacy glibc RPC implementation will be used.
A new ./configure option is introduced to allow system integrators to
use TI-RPC headers in some other location than /usr/include/tirpc.
/usr/include/tirpc remains the default setting for this new option.
The gssd implementation presents a few challenges, but it turns out
the gssglue library is similar to the auth_gss pieces of TI-RPC. To
avoid similar header incompatibility issues, gssd now uses libtirpc
instead of libgssglue if --enable-tirpc is specified. There may be
other issues to tackle with gssd, but for now, we just make sure it
builds with --enable-tirpc.
Note also: svc_getcaller() is a macro in both cases that points to
a sockaddr field in the svc_req structure. The legacy version points
to a sockaddr_in type field, but the TI-RPC version points to a
sockaddr_in6 type field.
rpc.mountd unconditionally casts the result of svc_getcaller() to a
sockaddr_in *. This should be OK for TI-RPC as well, since rpc.mountd
still uses legacy RPC calls (provided by glibc, or emulated by TI-RPC)
to set up its listeners, and therefore rpc.mountd callers will always
be from AF_INET addresses for now.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
TI-RPC's version of the svc_getcaller() macro points to a sockaddr_in6,
not a sockaddr_in, though for AF_INET callers, an AF_INET address
resides there. To squelch compiler warnings when the TI-RPC version of
the svc_req structure is used, add inline helpers with appropriate
type casting.
Note that tcp_wrappers support only AF_INET addresses for now.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
interface and added a note to the mountd man page saying
hostnames will be ignored when they can not be looked up.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There were some problems with exportfs and rpc.mountd for long export
lists - see https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=76643
I do optimalization as my bachelors thesis (Facuulty of informatics,
Masaryk's university Brno, Czech Republic), under lead of Yenya
Kasprzak.
Both exportfs and rpc.mount build linked list of exports (shared
functions in export.c). Every time they are inserting new export into
list, they search for same export in list.
I replaced linked list by hash table and functions export_add and
export_lookup by functions hash_export_add and hash_export_lookup
(export.c).
Because some other functions required exportlist as linked list, hash
table has some implementation modification im comparison with ordinary
hash table. It also keeps exports in linked list and has pointer to
head of the list. So there's no need of implementation function
<for_all_in_hash_table>.
Signed-off-by: Tomas Richter <krik3t@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
mount request from unknown host 10.11.14.99 for /export
The hosts are listed in DNS with proper reverse records, so the reason
why the host is "unknown" isn't clear. This patch just changes the
wording of this error to hopefully make it more clear why the mount
request was rejected. This also makes this error message use a format
more similar to the other error messages in auth_authenticate().
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
Instead of using a static list of supported flavors, we should be taking
the list from the export.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
I find it more readable to have the normal (non-error) case unindented,
and to keep conditionals relatively simple, as is the usual kernel
style. Fix some inconsistent indentation while we're there.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Contrary to the comment above its definition, the field m_path always
has the same value as e_path: the *only* modifications of m_path are all
of the form:
strncpy(exp->m_export.m_path, exp->m_export.e_path,
sizeof (exp->m_export.m_path) - 1);
exp->m_export.m_path[sizeof (exp->m_export.m_path) - 1] = '\0';
So m_path is always just a copy of e_path. In places where we need to
store a path to a submount of a CROSSMNT-exported filesystem, as in
cache.c, we just use a local variable.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
| |
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
| |
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Fix a couple of bugs which show up if you try to explicitly set a
16-byte UUID when exporting a file system. First, exportfs cuts the
first two bytes off the UUID and writes something invalid to etab.
Second, mountd writes the _ascii_ form of the UUID to the kernel,
instead of converting it to hex.
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
Make sure are zero len group list is sent down to the
kernel when the gids do not exist on the server.
Tested-by: Alex Samad <alex@samad.com.au>
Signed-off-by: Neil Brown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
