| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The Linux kernel's lockd requires that rpc.statd perform notification
callbacks from a privileged source port. To guarantee rpc.statd gets a
privileged source port but runs unprivileged, it calls
statd_get_socket() then drops root privileges before starting it's svc
request processing loop.
Statd's svc request loop is the only caller of the process_foo()
functions in utils/statd/rmtcall.c, but one of them,
process_notify_list() attempts to invoke statd_get_socket() again.
In today's code, this is unneeded because statd_get_socket() is always
invoked before my_svc_run(). However, if it ever succeeded, it would
get an unprivileged source port anyway, causing the kernel to reject
all subsequent requests from statd.
Thus the process_notify_list() function should not ever call
statd_get_socket() because root privileges have been dropped by this
point, and statd_get_socket() wouldn't get a privileged source port,
causing the kernel to reject all subsequent SM_NOTIFY requests.
So all of the process_foo functions in utils/statd/rmtcall.c should use
the global sockfd instead of a local copy, as it already has a
privileged source port.
I've seen some unexplained behavior where statd starts making calls to
the kernel via an unprivileged port. This could be one way that might
occur.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Both SM_STAT and SM_MON can return the state of an NSM, but it is
unclear which NSM they return the state of, so the value cannot be
used, and lockd doesn't use it.
Document this confusion, and give the current state to the kernel
via a sysctl if that sysctl is available (since about 2.6.19).
This should make is possible for the NFS server to detect a small
class of bad SM_NOTIFY packets and not flush locks in that case.
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The for loop that restarts on SIGUSR or simu_reboot currently includes
several once-only things, that are probably best taken out of the loop.
We also take the unregister/register out of the loop as if statd does
drop privileges, then the second register won't use a privileged port
properly.
On the whole, cleaner code.
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
If statd dies and is restarted, it forgets what peers the kernel
is interested in monitoring, and so will not forward NOTIFY
requests properly.
With this patch the required information is recorded in the files
in /var/lib/nfs/sm/* so that a kill/restart does what you might
hope.
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
|
| |
We need to call statd_get_socket before dropping privileges so that we
have a privileged port. We use to do that when initialising
notification as the same socket was used for reboot notication as for
callbacks to the kernel. Now it is a different socket..
|
| |
|
|
|
|
| |
The option for set-source-address is '-v', not '-N'.
And only warn about -N if -N was actually used.
|
| |
|
|
|
| |
Registering sockets with portmap might require root privs,
so don't drop privs until that has been done.
|
| |
|
|
|
| |
With -L (for Listen-only) or --no-notify, statd will not run
sm-notify.
|
| |
|
|
|
| |
statd now execs sm-notify to notify peers and only listens to
monitor requests and remote notifications itself.
|
| |
|
|
| |
unused labels, constness, signedness.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
H.J. Lu <hjl@lucon.org>
* etc/redhat/nfslock.init (STATDARG): New. Pass it to rpc.statd.
* utils/statd/statd.c (longopts): Add "name".
(usage): Add "-n/--name".
(main): Set MY_NAME with "-n/--name".
* utils/statd/state.c (change_state): Set MY_NAME only if it
is NULL.
* utils/statd/statd.man: Updated for "-n/--name".
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* nfs-utils.spec: Regenerated.
(Release): Set to 3.
2001-03-21 Ion Badulescu <ionut@cs.columbia.edu>
* utils/statd/statd.c (main): make sure file descriptors 0-2
are open to /dev/null.
2001-03-21 H.J. Lu <hjl@lucon.org>
* support/nfs/rpcmisc.c: Restore the change made on 2001-03-10.
* support/nfs/rpcmisc.c: Likewise.
* utils/rquotad/rquota_svc.c: Likewise.
* utils/rquotad/rquotad.man: Likewise.
* utils/statd/Makefile: Likewise.
* utils/statd/rmtcall.c: Likewise.
* utils/statd/simulate.c: Likewise.
* utils/statd/statd.c: Likewise.
* utils/statd/statd.man: Likewise.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* support/include/rpcmisc.h: Undo the change made on 2001-03-10.
* support/nfs/rpcmisc.c: Likewise.
* utils/rquotad/rquota_svc.c: Likewise.
* utils/rquotad/rquotad.man: Likewise.
* utils/statd/Makefile: Likewise.
* utils/statd/rmtcall.c: Likewise.
* utils/statd/simulate.c: Likewise.
* utils/statd/statd.c: Likewise.
* utils/statd/statd.man: Likewise.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* utils/rquotad/rquotad.man: Updated for -p.
* utils/statd/statd.man: Likewise.
2001-03-10 Ion Badulescu <ionut@cs.columbia.edu>
* support/nfs/rpcmisc.[ch]: export makesock()
* utils/statd/statd.c: added longopts, added support for
specifying the port to bind to on the command line.
* utils/statd/statd.c: ditto, also specify port used for
outgoing connections.
* utils/statd/Makefile (LIBS): link with our own libnfs
|
| |
|
|
|
|
|
|
| |
* support/include/xio.h (xgetc): Declare to return int.
* support/nfs/xio.c (xgetc): Return int.
(xgettok, xskip, xskipcomment): Use int for value of xgetc.
* utils/statd/statd.c (main): Use int for value of getopt.
* debian/changelog: Version 0.2.1-5.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* utils/rquotad/rquotad.man, utils/statd/statd.man,
utils/mountd/mountd.man: updated
* utils/mountd/Makefile (LIBS): added -lmisc $(LIBWRAP) $(LIBNSL)
* utils/rquotad/Makefile: fix comment
* support/misc/tcpwrapper.c (logit): added comment about waiting
for the children after fork()
* utils/mountd/mountd.c (main): ignore SIGCHLD to prevent leaving
zombies behind (from logit()'s fork)
* utils/rquotad/rquota_svc.c (main): ditto
* utils/statd/statd.c (main): ditto
* utils/rquotad/rquota_svc.c (rquotaprog_1): pass RQUOTAPROG
to check_default instead of 0, for prognum
* utils/statd/statd.c (sm_prog_1_wrapper): pass SM_PROG
to check_default instead of 0, for prognum
* utils/mountd/mount_dispatch.c: Include "tcpwrapper.h" if
HAVE_TCP_WRAPPER is defined.
(mount_dispatch): Call check_default () if HAVE_TCP_WRAPPER is
defined. Reject an RPC call if check_default () fails.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* support/include/tcpwrapper.h: New for the tcp wrapper
support.
* support/misc/Makefile: Likewise.
* support/misc/from_local.c: Likewise.
* support/misc/tcpwrapper.c: Likewise.
* aclocal.m4 (AC_TCP_WRAPPER): New.
* configure.in: Use it. Substitute LIBWRAP.
* configure: Rebuilt.
* config.mk.in (LIBNSL): New.
(LIBWRAP): Likewise.
* support/Makefile (SUBDIRS): Add misc.
* support/lib/Makefile (LIBS): Add libmisc.a.
* utils/rquotad/Makefile (LIBS): Add
-lmisc $(LIBWRAP) $(LIBNSL)
* utils/statd/Makefile (LIBS): Likewise.
* utils/rquotad/rquota_svc.c: Include "tcpwrapper.h" if
HAVE_TCP_WRAPPER is defined.
(rquotaprog_1): Call check_default () if HAVE_TCP_WRAPPER is
defined. Reject an RPC call if check_default () fails.
* utils/statd/statd.c: Include "tcpwrapper.h" if
HAVE_TCP_WRAPPER is defined.
(sm_prog_1_wrapper): New. A wrapper for sm_prog_1. Call
check_default () before calling sm_prog_1 (). Define it as
sm_prog_1_wrapper if HAVE_TCP_WRAPPER is defined.
|
| |
|
|
|
| |
* utils/statd/statd.c (main): Use sysconf (_SC_OPEN_MAX)
instead of OPEN_MAX.
|
| |
|
