| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
| |
When sending an SM_NOTIFY to multi-homed host, try all the addresses
in rotation. After 4 failures on one address, try the next.
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When lockd asks to monitor a host, we find the FQDN from the DNS
and remember that, both internally and in the /var/lib/nfs/sm/*
file.
When we receive an SM_NOTIFY request, we compare both the
mon_name and the source IP address against that DNS name to find
a match.
If a DNS name is not available, we fall back to the name provided by
lockd, which at least is known to map to an IP address via
gethostbyname.
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
|
|
| |
From the point of view of the client (lockd), the 'priv' blob is probably
the most important key, so make sure to not throw away requests with
new 'priv' information.
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
| |
The if contains a while with essentially the same condition.
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The for loop that restarts on SIGUSR or simu_reboot currently includes
several once-only things, that are probably best taken out of the loop.
We also take the unregister/register out of the loop as if statd does
drop privileges, then the second register won't use a privileged port
properly.
On the whole, cleaner code.
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
| |
Make sure that sm-notify really runs only once per reboot.
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
If statd dies and is restarted, it forgets what peers the kernel
is interested in monitoring, and so will not forward NOTIFY
requests properly.
With this patch the required information is recorded in the files
in /var/lib/nfs/sm/* so that a kill/restart does what you might
hope.
Signed-off-by: Neil Brown <neilb@suse.de>
|
| |
|
|
|
|
|
| |
We need to call statd_get_socket before dropping privileges so that we
have a privileged port. We use to do that when initialising
notification as the same socket was used for reboot notication as for
callbacks to the kernel. Now it is a different socket..
|
| | |
|
| |
|
|
|
|
| |
The option for set-source-address is '-v', not '-N'.
And only warn about -N if -N was actually used.
|
| |
|
|
|
|
| |
try_to_resolve is used to resolve a hostname when sending a notification.
But we now only send notifications to localhost, so name resolution is not
needed.
|
| | |
|
| |
|
|
|
|
|
| |
Ultimately it makes sense to remove remove rpcgen from the nfs-utils
release as it is already in the glibc release. With this patch
you can use the system rpcgen to make sure it works.
It is not default yet, but it might be in a future release.
|
| |
|
|
|
| |
Registering sockets with portmap might require root privs,
so don't drop privs until that has been done.
|
| |
|
|
|
| |
With -L (for Listen-only) or --no-notify, statd will not run
sm-notify.
|
| |
|
|
|
| |
statd now execs sm-notify to notify peers and only listens to
monitor requests and remote notifications itself.
|
| |
|
|
|
| |
Add sm-notify to the compile/install scripts,
(and fix a compile warning).
|
| |
|
|
|
| |
If /var/lib/nfs/sm is owned by non-root, setuid to that uid
after opening sockets but before receiving answers.
|
| |
|
|
|
|
|
|
|
| |
As "mount.nfs" can start statd, and as statd can start sm-notify,
the risk of sm-notify being run multiple times increases.
As this is not normally appropriate, sm-notify now creates a
file in /var/run which will stop future instances from being
run (though ofcourse this behaviour can be controlled by a
new command line option).
|
| | |
|
| |
|
|
|
| |
This functionality is alreday present in getaddrinfo so it isn't
needed explicitly.
|
| |
|
|
| |
for compat with statd.
|
| |
|
|
| |
Not included in build yet.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
i.e. you now need --disable-secure-statd if you want any client
other than lockd to talk to statd.
Also relax the RESTRICTED_STATD checks so that a recent kernel
with /proc/sys/fs/nfs/nsm_use_hostnames set can still talk to
statd.
Finally, restrict access to simulate_crash so that only privileged
processes on localhost can call it. Having it accessible by the
whole world is probably not much more than a minor inconvenience,
but it really should be kept closed.
|
| |
|
|
|
| |
As the man page doesn't need it, and different distros put it in
different places.
|
| | |
|
| |\ |
|
| | |
| |
| |
| |
| | |
Greg Banks suggested some variations, particularly improved
use of xmalloc/xstrdup functions. Thanks.
|
| | |
| |
| |
| | |
Thanks to Michael Halcrow for finding them.
|
| | | |
|
| | |
| |
| |
| |
| | |
of int in those cases which generate compile warnings,
e.g. the last argument of recvfrom().
|
| |/
|
|
| |
unused labels, constness, signedness.
|
| |
|
|
|
|
| |
support/include/config.h.in from source control
These are auto autogenerated by
aclocal -I aclocal ; autoheader ; automake ; autoconf
|
| | |
|
| |
|
|
|
| |
Check for sufficient version of librpcsecgss and libgssapi
in configure.in
|
| |
|
|
|
| |
Update aclocal/tcp-wrappers.m4 to define HAVE_LIBWRAP and
HAVE_TCP_WRAPPERS as appropriate.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
