| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
One of our customer's application only needs file names, not file
attributes. With directories having 10K+ inodes (assuming buffer cache
has directory blocks cached having file names, but inode cache is
limited and hence need eviction of older cached inodes), older inodes
are evicted periodically. So if they keep on doing readdir(2) from NSF
client on multiple directories, some directory's files are periodically
removed from inode cache and hence new readdir(2) on same directory
requires disk access to bring back inodes again to inode cache.
As READDIRPLUS request fetches attributes also, doing getattr on each
file on server, it causes unnecessary disk accesses. If READDIRPLUS on
NFS client is returned with -ENOTSUPP, NFS client uses READDIR request
which just gets the names of the files in a directory, not attributes,
hence avoiding disk accesses on server.
There's already a corresponding client-side mount option, but an export
option reduces the need for configuration across multiple clients.
This flag affects NFSv3 only. If it turns out it's needed for NFSv4 as
well then we may have to figure out how to extend the behavior to NFSv4,
but it's not currently obvious how to do that.
Signed-off-by: Rajesh Ghanekar <rajesh_ghanekar@symantec.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
If you don't have systemd, then this script dumps:
/usr/sbin/start-statd: line 8: systemctl: command not found
This isn't terribly useful since we ultimately fall back to running
the daemon ourselves, so probe for systemd's existence before we try
to use it.
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This enable kerberized NFS mounts to succeed even if the
principal is not <HOSTNAME>$.
It works by reading another principal name from the [appdefaults]
section of krb5.conf:
[appdefaults]
nfs = {
ad_principal_name = 129.125.39.115$
}
Signed-off-by: Jurjen Bokma <j.bokma@rug.nl>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
Dump some information about used devices to syslog so that an admin
can troubleshoot failing blocklayout mounts.
Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We do want to use the dm-multipath device if it exists, which the
code is generally prepared for, except that this check excludes them
early. In addition this will also add the passive path to the device
list, which is harmless if an active one exists as that or the multipath
device will be preferred, and at least allows us to work if it doesn't.
Also fix up the check if an path needs to be updated to remove the silly
partition check - pNFS block offset are relative to the device so partion
should never match it instead of the full device. On the other hand the
simplistic check easily creates false positives, e.g. dm-10 is
considered a partition of dm-1.
Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When using rpc.gssd to secure NFSv3 FS using krb5, the following errors
can happen as a result of network congestion.
"rpc.gssd WARNING: can't create tcp rpc_clnt to server ... : RPC: Remote
system error - Connection timed out"
we had a successful reproducer of the problem which we tested using this
patch by starting rpc.gssd with "-T 60" as the option which solved the
problem. reproducer steps were to throttle the network using tc command
and then in a never ending loop mount the share, then write some data in
the file on the share and unmount it. keep a delay of 5 sec between the
iteration of each loop.
CC: Christian Horn <chorn@redhat.com>
Signed-off-by: Rinku Kothiya <rkothiya@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
When there is no kernel modules loaded the rpc_pipefs
directory is empty, which cause rpc.gssd to silently
exit.
This patch adds a check to see if the topdirs_list
is empty. If so error out without dropping a core.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Case insensitive filesystems support textually distinct names for the
same directory. i.e. you can access it with a name other than the
canonical name.
For example if you
mkdir /mnt/export
then add /mnt/EXPORT to /etc/exports, and on a client
mount server:/mnt/EXPORT /import
then the mount will work, but if the kernel on the server needs to
refresh the export information, it will ask about "/mnt/export", which
is not listed in /etc/exports and so will fail.
To fix this we need mountd to perform case-insensitive name
comparisons, but only when the filesystem would, and in exactly the
same way that the filesystem would.
So, when comparing paths for equality first try some simple heuristics
which will not be fooled by case and then ask the kernel if they are
the same.
By preference we use name_to_handle_at() as it reports the mntid which
can distinguish between bind mounts. If that is not available, use
lstat() and compare rdev and ino.
Acked-by: J. Bruce Fields <bfields@fieldses.org>
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
In commit 51fda07a "gssd: scrape the acceptor name out of the context"
the allocated buffer size is not large enough to hold the actual data
that is written to the buffer. This fixes the allocated buffer size.
Reviewed-by: Jeff Layton <jlayton@poochiereds.net>
Signed-off-by: Veli-Matti Lintu <veli-matti.lintu@opinsys.fi>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds a callback for incoming sm_notify to better handle
stale lock issue in client crash recovery in HA-NFS environment
1. "sm-notify" - callout name
2. monitored client name as in the SM_NOTIFY request
3. IP of the sender of the SM_NOITFY request.
4. state value in the SM_NOTIFY request
This new interface can be used by different HA-NFS product
in its specific configuration and environment to
recover from the client crash and stale lock scenarios.
Signed-off-by: Rong Zeng <rongzeng@us.ibm.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When mounting spec of a regular file, mount.nfs print error message as,
mount.nfs: mount point /mnt is not a directory
mount.nfs: mount point /mnt/testfile is not a directory
This patch lets mount.nfs print more useful message,
mount.nfs: mount spec 127.0.0.1:/root/testfile or point /mnt is not a
directory
mount.nfs: mount point /mnt/testfile is not a directory
Signed-off-by: Kinglong Mee <kinglongmee@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
The kernel "knows" this lives in /sbin, so just like
mount.nfs and osd_login, it must unconditionally be installed
there.
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
nfsd.c:347:15: warning: comparison between signed and unsigned integer
expressions [-Wsign-compare]
nfsd.c:385:13: warning: comparison between signed and unsigned integer
expressions [-Wsign-compare]
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
...and pass it to the kernel in the downcall. Legacy kernels will just
ignore the extra data, but with a proposed kernel patch the kernel will
grab this info and use it to verify requests on the v4.0 callback
channel.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
Contrary to the comment here, the lifetime_rec is not necessarily set
to zero on failure. That's only guaranteed to be the case if the context
has expired.
Cc: Andy Adamson <androsadamson@gmail.com>
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
We'll need a gss_buffer_t to pass to the downcall marshalling code.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
In a later patch, we'll need gssd to call into this code as well as
svcgssd. Move it into a common file that both can link in.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
...since its return code is ignored anyway.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
...and get rid of some pointless NULL ptr checks.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The 1.3.0 release adds a call to systemctl fails for it's in /usr/bin.
[root@localhost nfs-utils]# start-statd
/usr/sbin/start-statd: line 9: systemctl: command not found
Statd service already running!
Reported-by: Allan Duncan <amd1234@fastmail.com.au>
Signed-off-by: Kinglong Mee <kinglongmee@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
With some recent kernel changes to the key ring
for a key to be removed they need to be invalidated
instead of revoked.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
Otherwise 'mount -o remount' fails on mounts that have root squashing
enabled and world execute perms disabled.
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Wrap IPv6 presentation addresses in square brackets. This echoes
the same syntax used when specifying IPv6 server addresses with the
mount.nfs command.
BugLink: https://bugzilla.redhat.com/show_bug.cgi?id=817557
Tested-by: Steve Dickson <steved@redaht.com>
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
Separate parsing the "client:/path" argument from the actual
processing.
BugLink: https://bugzilla.redhat.com/show_bug.cgi?id=817557
Tested-by: Steve Dickson <steved@redaht.com>
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
| |
Signed-off-by: Jim Rees <rees@umich.edu>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Protocol negotiation in mount.nfs does not correctly negotiate with a
server which only supports NFSv3 and UDP.
When mount.nfs attempts an NFSv4 mount and fails with ECONNREFUSED
it does not fall back to NFSv3, as this is not recognised as a
"does not support NFSv4" error.
However ECONNREFUSED is a clear indication that the server doesn't
support TCP, and ipso facto does not support NFSv4.
So ECONNREFUSED should trigger a fallback from v4 to v2/3.
However ECONNREFUSED may simply indicate that NFSv4 isn't supported
*yet*. i.e. the server is still booting and isn't responding to NFS
requests yet. So if we subsequently find that NFSv3 is supported, we
need to check with the server to confirm that NFSv4 really isn't
supported.
If server reports that v4 is not supported after reporting that v3
is, we can safely use v4. If it reports that v4 is supported, we need
to retry v4.
Signed-off-by: Steve Dickson <steved@redhat.com>
Reported-by: Carsten Ziepke <kieltux@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The standard for loading shared libraries is to identify them by their
"soname" (Which "objdump -x $BINARY | grep SONAME" will report).
However mountd currently loads using the "linker name" which should only
be used when building new code.
Future releases of fedfs-utils will define the soname in the include
file, so if that is defined, use it. If not, use the soname of the
first version: "libnfsjunct.so.0".
This is a slight behavioural change. However all distros known to
package fedfs-utils will install "libnfsjunct.so.0" whenever they
install the old name of "libnfsjunct.so", and "make install" will
install both. So it should not be a noticeable change.
Also only test the JP_API_VERSION if it is defined. As the version is
embedded in the soname, a secondary test is not needed.
Cc: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
This permit to have 1 nfsd listening on more than 1
interface for multihomed systems, without having to
listen on all interfaces and filtering later.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
Errors were logged with xlog_err function relying on errno, but these
functions don't set it.
Fix the problem by introducing xlog_errno which set errno
Signed-off-by: Mateusz Guzik <mguzik@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Even though lockd is a totally separate process to statd, they
depended on each other: statd much be running for lockd to be useful.
So an easy way to set the port numbers used by lockd is to get statd
to set them.
This patch add --nlm-port and --nlm-tcp-port to that end.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
These two values are conceptually very similar, so it probably makes
sense to set them to the same value at the same time.
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
New arguments --gracetime (-G) and --leasetime (-L)
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
As nfsd establishes UDP and TCP ports, it should establish RDMA too.
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
When trying to use the special MS Windows hostanme we need to stop
at the first '.' if we got a FQDN from gethostname()
Tee HOST$@REALM form in fact uses the AD samAccountName attribute to
represent 'HOST', and that attribute is always the host's shortname.
Characters like '.' are actually illegal for a shortname in AD.
Signed-off-by: Simo Sorce <simo@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This implementation allows specifying NFS4 minor version numbers up
to the number of bits available in int data type (typically 32 on
Linux)
This is based on an idea mentioned by
J. Bruce Fields <bfields@fieldses.org> mentioned on the linux-nfs mailing list.
I changed the data type back from an array to two bit fields, one for
storing whether the minor version was specified on the command line
and the second one for storing whether it was set or unset. This
change was done to prevent blowing up the allocated stack space in an
unnecessary fashion.
Acked-by: J. Bruce Fields <bfields@fieldses.org>
Signed-off-by: Robert Schiele <rschiele@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Some krb5 routines will attempt to access files in the user's home
directory. This is problematic for gssd when the user's homedir is
on a kerberized NFS mount as it will end up deadlocked.
Fix this by setting $HOME unconditionally to "/".
Fixes this Fedora bug:
https://bugzilla.redhat.com/show_bug.cgi?id=1052902
Reported-by: Enrico Scholz <rh-bugzilla@ensc.de>
Reported-by: nmorey <nmorey@kalray.eu>
Tested-by: Michael Young <m.a.young@durham.ac.uk>
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
| |
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
The name variable is always set to NULL now in all callers, so just
sto passing it around needlessly.
The uid_t variable is not used at all, so chuck it out too.
Signed-off-by: Simo Sorce <simo@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since now rpc.gssd is switching uid before attempting to acquire
credentials, we do not need to pass in the special uid-as-a-string name
to gssapi, because the process is already running under the user's
credentials.
By removing this code we can fix a class of false negatives where the
user name does not match the actual ccache credentials and the ccache
type used is not one of the only 2 supported explicitly by rpc.gssd by
the fallback trolling done later.
Signed-off-by: Simo Sorce <simo@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* use get_uuid_blkdev() only first time for the path (it means
that uuid_by_path() is called with type==0)
* don't use libblkid for btrfs, network or pseudo filesystems
Note that the patch defines the fs type ID rather than include
<linux/magic.h> as this file seems incomplete and libc specific).
Signed-off-by: Karel Zak <kzak@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
