| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
| |
If the gssapi library is modern enough, store the ccache in a process
scoped keyring by default. This will avoid clobbering root's default
ccache, and keep the creds from littering the filesystem.
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
Prior to merge libnfsidmap leaked many private symbols that were
not defined in its API, creating an accidental ABI.
This patch renames and unhides symbols in order to match that ABI
until a cleaned up API can be established and released.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
Modify libnfsidmap to use the now shared conffile code,
adjust the build structure to generate everything correctly,
and modify the other utils to use the merged version of libnfsidmap
instead of testing for an external dependancy.
Signed-off-by: Justin Mitchell <jumitche@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
To allow better reuse of the code we split conffile and xlog
into their own separate convenience library, then merge it
back so as to not create extra dependancies for everything
Signed-off-by: Justin Mitchell <jumitche@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
| |
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=625531
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
| |
From: "J. Bruce Fields" <bfields@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
From: "J. Bruce Fields" <bfields@redhat.com>
We've seen some confusion from people not understanding why newer
clients may not support NFSv2. It might help a little to note in the
man page that version support depends on how the kernel was built.
While we're there:
- update some references to NFS protocol versions.
- update 4.0 RFC, and add references to 4.1 and 4.2 RFCs.
- rename "BUGS" to "NOTES"; the section mostly isn't about bugs.
(Might be time to remove some of the linux-2.4 notes too.)
- remove some outdated references to optional NFSv4+ features.
(Or should we try to keep this information up to date?)
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
When using mount.nfs if an nfsvers= option is set in a config file,
and a vers= option is given on the commandline, then they are not
always correctly combined and this can result in both being present
in the resulting mount call.
Signed-off-by: Justin Mitchell <jumitche@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
Commit 2f8a6020 introduce a regression causing rpc.nfsd
to fail when IPv6 is not supported. rpc.nfsd should not
fail when there is at least one bounded socket.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
mount() can return EACCES for servers which permit 4.0
but are configured not to allow 4.1 This is currently
only handled by the default case, so these mounts fail
without retrying a lower minor.
Add handling for EACCES to be retried with a lower
minor version.
Signed-off-by: Frank Sorenson <sorenson@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
daemon_init() calls closeall() to close any "unneeded" file descriptors.
This causes the following issue with idmapd on systems that are
configured to have SSSD handle local users and groups:
1. During startup, rpc.idmapd calls getpwnam("nobody") and
getgrnam("nobody")
2. sss_nss_mc_get{pw,gr}nam from libnss_sss open the cache files for
users and groups and store the fd's in a struct sss_cli_mc_ctx. The
passwd cache is fd 3 and the group cache is fd 4.
3. idmapd calls daemon_init() which sets fd's 0, 1, and 2 to /dev/null
and fd 3 to the write end of the pipe that the child uses to report
it's startup status. It then closes all fd's >= 4.
4. idmapd then calls event_init() which leads to epoll_create1() which
returns 4 as the epoll fd.
6. An NFSv4 mount request comes in from a client, triggering an nfsdcb
callback.
7. idmapd calls getgrgid_r() which leads to a call to
sss_nss_check_header() which determines that the cache needs to be
reinitialized. sss_nss_mc_destroy_ctx() is called, which closes the
ctx->fd which now corresponds to the epoll file rather than the group
cache file.
8. event_dispatch() calls epoll_wait() with epfd=4, and -EBADF is
returned. idmapd logs the following error and exits with a nonzero
status:
rpc.idmapd[650]: main: event_dispatch returns errno 9 (Bad file descriptor)
Moving the deamon_init() call so that it happens before get{pw,gr}nam()
fixes this.
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
nfs-utils and libnfsidmap have similar configuration parsing routines.
They were the same up until nfs-utils commit 7b33590f (config: Remove
the conf_path global), where conf_init() was changed to take a path as
an argument. With the current idmap_LDADD ordering in Makefile.am, the
conf_init() from libnfsidmap is called, resulting in the following error
along with the failure to parse idmapd.conf:
rpc.idmapd[391]: rpc.idmapd: conf_reinit: open ("(null)", O_RDONLY) failed
Placing libnfs.a first in idmap_LDADD ensures that idmapd uses the config
parsing routines from nfs-utils instead of libnfsidmap.
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
1/ minorversion=0 is not recognized, as errors from
strtol() are not correctly detected.
2/ when there is an error in the minorversion= value,
no message is presented.
3/ Current code recognizes "minorversion" and sets V_SPECIFIC,
but then because *cptr == '\0', the v_mode is reset to V_GENERAL.
This results in minorversion negotiation, which is not wanted.
This patch addresses all of these.
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Current "-t nfs4" causes other mount options to be ignored
and an NFSv4 version to be negotiated.
This is even true when "-o vers=4.1" is given.
To address this, we need to move the handled of "-t nfs4"
into nfs_nfs_version, which means passing in the filesystem type.
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
All kernels which support NFSv4.2 understand "vers=4.2".
Some kernels which support NFSv4.1 only understand "vers=4,minorversion=1".
All later kernels also support this.
Some kernels which support NFSv4.0 only understand "vers=4".
All later kernels also support this.
So use the string that is most appropriate for each version.
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
With glibc older than 2.24, it is always possible to include
both linux/in6.h and netinet/in.h.
So if the glibc is older, just hard-code the two values we need
from linux/in6.h
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
nfsdcltrack.c:581:4: warning: this statement may fall through [-Wimplicit-fallthrough=]
Acked-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
| |
nfs4mount.c:445:8: warning: this statement may fall through [-Wimplicit-fallthrough=]
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
| |
nfsmount.c:684:8: warning: this statement may fall through [-Wimplicit-fallthrough=]
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
network.c:1234:6: warning: this statement may fall through [-Wimplicit-fallthrough=]
network.c:1382:6: warning: this statement may fall through [-Wimplicit-fallthrough=]
network.c:1477:6: warning: this statement may fall through [-Wimplicit-fallthrough=]
network.c:1508:6: warning: this statement may fall through [-Wimplicit-fallthrough=]
network.c:1574:6: warning: this statement may fall through [-Wimplicit-fallthrough=]
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
device-discovery.c:171:13: warning: In the GNU C Library, "major" is defined
by <sys/sysmacros.h>. For historical compatibility, it is
currently defined by <sys/types.h> as well, but we plan to
remove this soon. To use "major", include <sys/sysmacros.h>
directly. If you did not intend to use a system-defined macro
"major", you should undefine it after including <sys/types.h>.
} else if (dm_is_dm_major(major(dev)))
^~~~~~~~~~~~~~~~~~~~~~~~~~~
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
device-inq.c:216:7: warning: this statement may fall through [-Wimplicit-fallthrough=]
device-inq.c:223:7: warning: this statement may fall through [-Wimplicit-fallthrough=]
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
nfsd.c:187:8: warning: this statement may fall through [-Wimplicit-fallthrough=]
nfsd.c:213:8: warning: this statement may fall through [-Wimplicit-fallthrough=]nfsd.c:263:4: warning: this statement may fall through [-Wimplicit-fallthrough=]
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
cache.c:623:13: warning: In the GNU C Library, "major" is defined
by <sys/sysmacros.h>. For historical compatibility, it is
currently defined by <sys/types.h> as well, but we plan to
remove this soon. To use "major", include <sys/sysmacros.h>
directly. If you did not intend to use a system-defined macro
"major", you should undefine it after including <sys/types.h>.
if (parsed->major != major(stb.st_dev) ||
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
cache.c:624:13: warning: In the GNU C Library, "minor" is defined
by <sys/sysmacros.h>. For historical compatibility, it is
currently defined by <sys/types.h> as well, but we plan to
remove this soon. To use "minor", include <sys/sysmacros.h>
directly. If you did not intend to use a system-defined macro
"minor", you should undefine it after including <sys/types.h>.
parsed->minor != minor(stb.st_dev))
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
When v4 is specified on the command line the
default minor version needs to be used.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
When the nfs4 filesystem specified, the default major
and minor versions should be used.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
/usr/bin/umount will always pass a canonical name
to umount.nfs, so it is safe to disable canonicalization.
When umounting an NFS filesystem, it is generally safest to
not "stat" the mountpoint at all as that can block
indefinitely. umount() will not block, but lstat() etc can.
By disabling canonicalization in libmount, we discourage it
from ever calling 'stat' family operations, and thus reduce
the chance of a hang.
Note that to be fully effective, this requires changes to
util-linux which have not yet been accepted.
When both that change and this are in effect, automounters
can use "umount -c $PATH" to safely unmount a filesystem
without blocking.
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
| |
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1451568
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If NFSv4, in general, is requested (possibly by -t nfs4 or -o v4 or -o
vers=4 etc) then we need to negotiate the best minor version, but must
not fallback to v3 or v2. Internally, this state is reflected in v_mode
== V_GENERAL. This means that a major version was given, but the minor
version still needs to be negotiated.
This is handled by nfs_autonegotiate(). It currently does the right
thing for EPROTONOSUPPORT and EINVAL, but not for other errors.
In particular, ENOENT can cause problems as NFSv4 might export
a different namespace than NFSv3 (e.g. by using fsid=0 in the Linux
NFS server). Currently a mount request for NFSv4 and a particular path
can result if an NFSv3 mount if the path is available with v3 but
not v4.
So move the special handling of V_GENERAL into the common fall_back:
code, and add extra checking in the ENCONNREFUSED case, which does
not use fall_back:.
Tested-by: Steve Dickson <steved@redhat.com>
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Commit 65ac59cd introduced code that tries v3 mounts
when the the v4 mount fails with ECONNREFUSED. This
code allows failing back to v3 to work correctly.
When the v3 mount fails the original errno value has
been over rewritten. In these case the errno value
needs to be restored to ECONNREFUSED.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
Working towards an nfs.conf library and API for system config tools,
first step, replace the conf_path global with a parameter to conf_init
Signed-off-by: Justin Mitchell <jumitche@rehat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
On a new install, we're unable to select from the parameters table, as
it doesn't exist yet. The code is set up to log that fact at L_ERROR
now, but it's an expected situation. Change it to log that at D_GENERAL
instead.
Reported-and-Tested-by: ChunYu Wang <chunwang@redhat.com>
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
Allow the rpc_pipefs mountpoint to be overriden via the pipefs-directory
variable in the [general] section of /etc/nfs.conf.
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
All the daemons should use the same rpc_pipefs, so pipefs-directory
should be specified in the [general] section.
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Changed idmapd to read its value for the pipefs-directory from
/etc/nfs.conf rather than /etc/idmapd.conf. All other configurations
related to id mapping still reside in /etc/idmapd.conf for now.
Added a warning to indicate that idmapd's -c option is deprecated.
Corrected a misspelling of 'configuration' in nfs.conf.
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Most major NFS clients have supported TCP for at least a decade now,
and v4-only shops are becoming more prevalent. It seems reasonable that
serving over UDP should be something that is "opt-in".
I've always hesitated to do this in the past, but now that we have
nfs.conf, it seems like the time may be right to disable UDP in default
configurations. In particular, it would be good to try this in the more
bleeding edge distros (Fedora, Ubuntu, SuSE, etc...) and see how
problematic it is.
Change the default in rpc.nfsd to just open TCP ports by default. Add
new -u and -t options that allow users to explicitly override what's
in the config file, and update the usage message and manpage.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The new semantic is that '-N4' turns off all NFSv4 minor versions, while
'-V4' turns them all on. In order to turn off just minor version x (x >= 0),
use -N4.x, and to turn it back on. '-V4.x'.
Note that on older kernels, attempting to use -N4.0 and -V4.0 is
equivalent to specifying -N4 or -V4.
Signed-off-by: Trond Myklebust <trond.myklebust@primarydata.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
sm-notify's early ending of the grace period when it has no hosts to
notify can cause problems in some high availability configurations,
which may be running one sm-notify per floating IP address in the
cluster. This commit makes that behavior configurable via the
nfs.conf (I don't think having a corresponding command line option
would be particularly useful, hence none was added).
Acked-by: J. Bruce Fields <bfields@fieldses.org>
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Here is a patch that deletes the mention of auth.domain and changes the
wording around 'flush' files. I'm not attached to the revised wording;
it's just the best I could manage in something that felt that it was
within the same style and space as the current wording.
Acked-by: NeilBrown <neilb@suse.com>
Signed-off-by: Chris Siebenmann <cks.nfs01@cs.toronto.edu>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
strsep() modifies the input string, so error messages
may output only part of the upcall string.
Make a copy of the upcall string, and use that in any
error messages.
Signed-off-by: Frank Sorenson <sorenson@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
gssd uses the non-thread-safe strtok() function, which
can lead to incorrect program behavior.
Replace strtok() with the thread-safe strsep().
Signed-off-by: Frank Sorenson <sorenson@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It is generally wise to call setgroups() (and setgid()) before calling
setuid() to ensure no unexpected permission leaks happen.
SUSE's build system checks all binaries for conformance with this
and generates a warning for mountd.
As we are setting the uid to 0, there is no risk that the group list
will provide extra permissions, so there is no real risk here.
But it is nice to silence warnings, and including a setgroups()
call is probably a good practice to encourage.
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
| |
Reviewed-by: NeilBrown <neilb@suse.com>
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
Move the logic in nsm_setup_pathnames() and nsm_make_pathname() to
similar generic functions in libmisc.a so that the exportfs and
rpc.mountd programs can make use of them later.
Reviewed-by: NeilBrown <neilb@suse.com>
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
From: "Jianhong.Yin" <yin-jianhong@163.com>
recent changes of utils/mount cause a regression mount fail:
https://bugzilla.redhat.com/show_bug.cgi?id=1415024
can not reproduce it on x86_64(gcc on x86_64 might do struct
initialize by default, I'm not sure). but it can be reproduced
always on platform ppc64le aarch64.
Signed-off-by: Jianhong Yin <yin-jianhong@163.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
On recent kernels only exports with NFSEXP_SECURITY_LABEL set will
export security labels.
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
"nfsstat -m" always exits with "1" (unless there is an error opening
/proc/mounts). It should exist "0".
Also, a few usage errors cause an exit of "255" when it should probably
be "1".
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
test_export pass a export flags only marks NFSEXP_FSID,
nfsd may want other flags for export checking.
This patch make sure exportfs pass all other flags to nfsd.
Signed-off-by: Kinglong Mee <kinglongmee@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
