| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
| |
Some init systems actually expect daemons to return 0 on success.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
Assuming the tcp_wrappers library can actually support IPv6 addresses,
here's a crack at IPv6 support in nfs-utils' TCP wrapper shim.
Some reorganization is done to limit the number of times that @sap
is converted to a presentation address string.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Eliminate these compiler warnings:
tcpwrapper.c: In function logit
tcpwrapper.c:225: warning: unused parameter procnum
tcpwrapper.c:225: warning: unused parameter prognum
Actually, @procnum is not used anywhere in our tcpwrapper.c, so
let's just get rid of it.
Since there is only one logit() call site in tcpwrapper.c, the macro
wrapper just adds needless clutter. Let's get rid of that too.
Finally, both mountd and statd now use xlog(), which adds an
appropriate program name prefix to every message. Replace the
open-coded syslog(2) call with an xlog() call in order to
consistently identify the RPC service reporting the intrusion.
Since logit() no longer references "deny_severity" and no nfs-utils
caller sets either allow_severity or deny_severity, we remove them.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If TI-RPC is available, use it to create statd's svc listener. If
not, use the old function, rpc_init(), to create statd's listener.
IPv6 can be supported if TI-RPC is available. In this case,
/etc/netconfig is searched to determine which transports to advertise.
Add the new listener creation API in libnfs.a since other components
of nfs-utils (such as rpc.mountd) will eventually want to share it.
A little re-arrangement of when the statd listener is created is done
to make unregistration of the statd service more reliable. As it is
now, the statd service is never unregistered when it exits. After it
is gone, other programs usually hang when trying to access statd or
see if it's running, since the registration is still there but statd
itself does not respond.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
|
|
|
|
|
|
|
|
|
|
| |
Replace open-coded accesses to on-disk NSM information in rpc.statd
with calls to the new API.
Behavior should be much the same as it was before.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
To facilitate code sharing between statd and sm-notify (and with other
components of nfs-utils), replace sm-notify's nsm_log() with xlog().
Since opt_quiet is used in only a handful of insignificant cases, it
is removed.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
| |
flag has been set. This cause warnings to be generated when
return values from reads/writes (and other calls) are not
checked. The patch address those warnings.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
TI-RPC's version of the svc_getcaller() macro points to a sockaddr_in6,
not a sockaddr_in, though for AF_INET callers, an AF_INET address
resides there. To squelch compiler warnings when the TI-RPC version of
the svc_req structure is used, add inline helpers with appropriate
type casting.
Note that tcp_wrappers support only AF_INET addresses for now.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The Linux kernel's lockd requires that rpc.statd perform notification
callbacks from a privileged source port. To guarantee rpc.statd gets a
privileged source port but runs unprivileged, it calls
statd_get_socket() then drops root privileges before starting it's svc
request processing loop.
Statd's svc request loop is the only caller of the process_foo()
functions in utils/statd/rmtcall.c, but one of them,
process_notify_list() attempts to invoke statd_get_socket() again.
In today's code, this is unneeded because statd_get_socket() is always
invoked before my_svc_run(). However, if it ever succeeded, it would
get an unprivileged source port anyway, causing the kernel to reject
all subsequent requests from statd.
Thus the process_notify_list() function should not ever call
statd_get_socket() because root privileges have been dropped by this
point, and statd_get_socket() wouldn't get a privileged source port,
causing the kernel to reject all subsequent SM_NOTIFY requests.
So all of the process_foo functions in utils/statd/rmtcall.c should use
the global sockfd instead of a local copy, as it already has a
privileged source port.
I've seen some unexplained behavior where statd starts making calls to
the kernel via an unprivileged port. This could be one way that might
occur.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Both SM_STAT and SM_MON can return the state of an NSM, but it is
unclear which NSM they return the state of, so the value cannot be
used, and lockd doesn't use it.
Document this confusion, and give the current state to the kernel
via a sysctl if that sysctl is available (since about 2.6.19).
This should make is possible for the NFS server to detect a small
class of bad SM_NOTIFY packets and not flush locks in that case.
Signed-off-by: Neil Brown <neilb@suse.de>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The for loop that restarts on SIGUSR or simu_reboot currently includes
several once-only things, that are probably best taken out of the loop.
We also take the unregister/register out of the loop as if statd does
drop privileges, then the second register won't use a privileged port
properly.
On the whole, cleaner code.
Signed-off-by: Neil Brown <neilb@suse.de>
|
|
|
|
|
|
|
|
|
|
|
|
| |
If statd dies and is restarted, it forgets what peers the kernel
is interested in monitoring, and so will not forward NOTIFY
requests properly.
With this patch the required information is recorded in the files
in /var/lib/nfs/sm/* so that a kill/restart does what you might
hope.
Signed-off-by: Neil Brown <neilb@suse.de>
|
|
|
|
|
|
|
| |
We need to call statd_get_socket before dropping privileges so that we
have a privileged port. We use to do that when initialising
notification as the same socket was used for reboot notication as for
callbacks to the kernel. Now it is a different socket..
|
|
|
|
|
|
| |
The option for set-source-address is '-v', not '-N'.
And only warn about -N if -N was actually used.
|
|
|
|
|
| |
Registering sockets with portmap might require root privs,
so don't drop privs until that has been done.
|
|
|
|
|
| |
With -L (for Listen-only) or --no-notify, statd will not run
sm-notify.
|
|
|
|
|
| |
statd now execs sm-notify to notify peers and only listens to
monitor requests and remote notifications itself.
|
|
|
|
| |
unused labels, constness, signedness.
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
H.J. Lu <hjl@lucon.org>
* etc/redhat/nfslock.init (STATDARG): New. Pass it to rpc.statd.
* utils/statd/statd.c (longopts): Add "name".
(usage): Add "-n/--name".
(main): Set MY_NAME with "-n/--name".
* utils/statd/state.c (change_state): Set MY_NAME only if it
is NULL.
* utils/statd/statd.man: Updated for "-n/--name".
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* nfs-utils.spec: Regenerated.
(Release): Set to 3.
2001-03-21 Ion Badulescu <ionut@cs.columbia.edu>
* utils/statd/statd.c (main): make sure file descriptors 0-2
are open to /dev/null.
2001-03-21 H.J. Lu <hjl@lucon.org>
* support/nfs/rpcmisc.c: Restore the change made on 2001-03-10.
* support/nfs/rpcmisc.c: Likewise.
* utils/rquotad/rquota_svc.c: Likewise.
* utils/rquotad/rquotad.man: Likewise.
* utils/statd/Makefile: Likewise.
* utils/statd/rmtcall.c: Likewise.
* utils/statd/simulate.c: Likewise.
* utils/statd/statd.c: Likewise.
* utils/statd/statd.man: Likewise.
|
|
|
|
|
|
|
|
|
|
|
|
| |
* support/include/rpcmisc.h: Undo the change made on 2001-03-10.
* support/nfs/rpcmisc.c: Likewise.
* utils/rquotad/rquota_svc.c: Likewise.
* utils/rquotad/rquotad.man: Likewise.
* utils/statd/Makefile: Likewise.
* utils/statd/rmtcall.c: Likewise.
* utils/statd/simulate.c: Likewise.
* utils/statd/statd.c: Likewise.
* utils/statd/statd.man: Likewise.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* utils/rquotad/rquotad.man: Updated for -p.
* utils/statd/statd.man: Likewise.
2001-03-10 Ion Badulescu <ionut@cs.columbia.edu>
* support/nfs/rpcmisc.[ch]: export makesock()
* utils/statd/statd.c: added longopts, added support for
specifying the port to bind to on the command line.
* utils/statd/statd.c: ditto, also specify port used for
outgoing connections.
* utils/statd/Makefile (LIBS): link with our own libnfs
|
|
|
|
|
|
|
|
| |
* support/include/xio.h (xgetc): Declare to return int.
* support/nfs/xio.c (xgetc): Return int.
(xgettok, xskip, xskipcomment): Use int for value of xgetc.
* utils/statd/statd.c (main): Use int for value of getopt.
* debian/changelog: Version 0.2.1-5.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* utils/rquotad/rquotad.man, utils/statd/statd.man,
utils/mountd/mountd.man: updated
* utils/mountd/Makefile (LIBS): added -lmisc $(LIBWRAP) $(LIBNSL)
* utils/rquotad/Makefile: fix comment
* support/misc/tcpwrapper.c (logit): added comment about waiting
for the children after fork()
* utils/mountd/mountd.c (main): ignore SIGCHLD to prevent leaving
zombies behind (from logit()'s fork)
* utils/rquotad/rquota_svc.c (main): ditto
* utils/statd/statd.c (main): ditto
* utils/rquotad/rquota_svc.c (rquotaprog_1): pass RQUOTAPROG
to check_default instead of 0, for prognum
* utils/statd/statd.c (sm_prog_1_wrapper): pass SM_PROG
to check_default instead of 0, for prognum
* utils/mountd/mount_dispatch.c: Include "tcpwrapper.h" if
HAVE_TCP_WRAPPER is defined.
(mount_dispatch): Call check_default () if HAVE_TCP_WRAPPER is
defined. Reject an RPC call if check_default () fails.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* support/include/tcpwrapper.h: New for the tcp wrapper
support.
* support/misc/Makefile: Likewise.
* support/misc/from_local.c: Likewise.
* support/misc/tcpwrapper.c: Likewise.
* aclocal.m4 (AC_TCP_WRAPPER): New.
* configure.in: Use it. Substitute LIBWRAP.
* configure: Rebuilt.
* config.mk.in (LIBNSL): New.
(LIBWRAP): Likewise.
* support/Makefile (SUBDIRS): Add misc.
* support/lib/Makefile (LIBS): Add libmisc.a.
* utils/rquotad/Makefile (LIBS): Add
-lmisc $(LIBWRAP) $(LIBNSL)
* utils/statd/Makefile (LIBS): Likewise.
* utils/rquotad/rquota_svc.c: Include "tcpwrapper.h" if
HAVE_TCP_WRAPPER is defined.
(rquotaprog_1): Call check_default () if HAVE_TCP_WRAPPER is
defined. Reject an RPC call if check_default () fails.
* utils/statd/statd.c: Include "tcpwrapper.h" if
HAVE_TCP_WRAPPER is defined.
(sm_prog_1_wrapper): New. A wrapper for sm_prog_1. Call
check_default () before calling sm_prog_1 (). Define it as
sm_prog_1_wrapper if HAVE_TCP_WRAPPER is defined.
|
|
|
|
|
| |
* utils/statd/statd.c (main): Use sysconf (_SC_OPEN_MAX)
instead of OPEN_MAX.
|
|
|