| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A couple of years ago, Bruce committed a patch to make knfsd send
unsigned uid's and gid's to idmapd, rather than signed values. Part
of that earlier discussion is here:
http://linux-nfs.org/pipermail/nfsv4/2007-December/007321.html
While this fixed the immediate problem, it doesn't appear that anything
was ever done to make idmapd continue working when it gets a bogus
upcall.
idmapd uses libevent for its main event handling loop. When idmapd gets
an upcall from knfsd it will service the request and then rearm the
event by calling event_add on the event structure again.
When it hits an error though, it returns in most cases w/o rearming the
event. That prevents idmapd from servicing any further requests from
knfsd.
I've made another change too. If an error is encountered while reading
the channel file, this patch has it close and reopen the file prior to
rearming the event.
I've not been able to test this patch directly, but I have tested a
backport of it to earlier idmapd code and verified that it did prevent
idmapd from hanging when it got a badly formatted upcall from knfsd.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Support "vers=4" in nfs_nfs_version()
Skip UMNT call for "-t nfs -o vers=4" mounts
For "-t nfs -o vers=4" mounts, we want to skip v2/v3
version/transport negotiation, but be sure to append
the "clientaddr" option.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
Tested-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
| |
(mountd and statd in particular). That could be a problem in the future
if someone were to boot a kernel that supports IPv6 serving with an
older nfs-utils. For now, hardcode the IPv6 switch into the off position
until the other daemons are functional.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We have a problem with rpc.gssd which blindly caches machine credentials.
E.g., if someone deletes /tmp/krb5cc_machine_REALM, rpc.gss does not create
new one until the old one expires. Also, it has problems with clock skew, if
time goes back and gssd thinks that machine credentials are not expired yet.
The following patch tries to use cache but in case of failure, it tries it
again without cache. Any comments?
Signed-off-by: Lukas Hejtmanek <xhejtman@ics.muni.cz>
Acked-by: Kevin Coffman <kwc@citi.umich.edu>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In the absence of an explicit sec= option on an export, rpc.mountd
is returning a zero-length flavor list to clients in the MOUNT results.
The linux client doesn't seem to mind, but the Solaris client
(reasonably enough) is giving up; the symptom is a "security mode
does not match" error on mount.
We could modify the export-parsing code to ensure the secinfo array
is nonzero. But I think it's slightly simpler to handle this default
case in the implementation of the MOUNT call. This is more-or-less the
same thing the kernel does when mountd passes it an export without any
security flavors specified.
Thanks to Tom Haynes for bug report and diagnosis.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
| |
Also had mount_config_init() call xlog_open() so
the program name is set on xlog() calls.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
| |
the mount code has to make sure the the mount options
given to the kernel are in the correct case.
Fixed a couple of warnings on #ifndefs
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
| |
the nfs(5) man page
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
| |
mount options to be set in a configuration file
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
| |
and parse them into comma separated mount options.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
| |
the shared libnfs.a library, making them available to\
other daemons and programs.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
| |
server operations' stats.
Signed-off-by: Benny Halevy <bhalevy@panasas.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
| |
Clean up: eliminate trailing blanks in utils/mount/nfs.man.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
| |
See kernel commit 7973c1f1.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
2d77e3a27b7b211f303f.. "Fix bug when both crossmnt and fsid are set"
Subexports automatically created by "crossmnt" get the NFSEXP_FSID flag
cleared. That flag should also be cleared in the
security-flavor-specific flag fields. Otherwise the kernel detects the
inconsistent flags and rejects the export.
The symptoms are clients hanging the first time they export a filesystem
mounted under a filesystem that was exported with something like:
/exports *(crossmnt,fsid=0,sec=krb5)
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
| |
--debug and --syslog options, and a note about how it behaves when
TI-RPC support is built in.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add support for handing off IPv6 sockets to the kernel for nfsd. One of
the main goals here is to not change the behavior of options and not to
add any new ones, so this patch attempts to do that.
We also don't want to break anything in the event that someone has an
rpc.nfsd program built with IPv6 capability, but the knfsd doesn't
support IPv6. Ditto for the cases where IPv6 is either not compiled in
or is compiled in and blacklisted.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
| |
IPv6 sockets for knfsd can't be allowed to accept IPv4 packets. Set the
correct option to prevent that from occurring on IPv6 sockets.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Convert nfssvc_setfds to use getaddrinfo. Change the args that it takes
and fix up nfssvc function to pass in the proper args. The things that
nfssvc has to do to call the new nfssvc_setfds is a little cumbersome
for now, but that will eventually be cleaned up in a later patch.
nfs-utils: break up the nfssvc interface
Currently, the only public interface to the routines in nfssvc.c is
nfssvc(). This means that we do an awful lot of work after closing
stderr that could be done while it's still available.
Add prototypes to the header so that more functions in nfssvc.c can be
called individually, and change the nfsd program to call those routines
individually.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
| |
nfssvc_setfds checks to see if knfsd is already running. Move this
check to a helper function. Eventually the nfsd code will call this
directly.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
Several of the routines in nfssvc.c declare a buffer for strings. Use a
shared static buffer instead to keep it off of the stack. Also, the
buffer allocated in some places is *really* large. BUFSIZ is generally
8k. These routines don't need nearly that much.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
They are a little hard to follow currently. Clean them up and add new
macros that can set these bits in addition to the ones that unset them.
Also add a new macro that reports when any valid protocol bit is set.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
...and add --debug and --syslog options.
With the switch to xlog(), it becomes trivial to add debug messages, so
add an option to turn them on when requested.
Also, rpc.nfsd isn't a proper daemon per-se, so it makes more sense to
log errors to stderr where possible. Usually init scripts take care of
redirecting stderr output to syslog anyway.
For those that don't, add a --syslog option that forces all output to go
to syslog instead. Note that even with this option, errors encountered
during option processing will still go to stderr.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
| |
Minor formatting nits.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
rpc.nfsd is the only user of nfssvc.c, so we might as well move it
out of libnfs.a.
Also, don't link in libexport.a and libmisc.a, they aren't needed.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changed both nfs_advise_umount() and nfs_gp_ping() to
set the errno by calling CLNT_GETERR() after a CLNT_CALL()
error. Also added code to rpc_strerror() that will log
the errno value, when set, via strerror().
These changes added essential information to the error message
making it much easier to detect errorsuch as "Connection refused"
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
Make sure address lengths are initialized before
call calling nfs_extract_server_addresses() from
nfs_rewrite_pmap_mount_options(). Otherwise the
length check in nfs_string_to_sockaddr() can fail
since its will be using garbage from the stack.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Address compiler warnings:
error.c: In function nfs_strerror:
error.c:341: warning: comparison between signed and unsigned
error.c:342: warning: comparison between signed and unsigned
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Address compiler warnings:
fstab.c:288: warning: unused parameter sig
parse_dev.c:186: warning: unused parameter dev
parse_dev.c:187: warning: unused parameter hostname
parse_dev.c:187: warning: unused parameter pathname
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
Address compiler warning:
stropts.c: In function ¿nfs_append_generic_address_option¿:
stropts.c:138: warning: comparison between signed and unsigned
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Address compiler warning:
nfsumount.c: In function nfsumount:
nfsumount.c:347: warning: comparison between signed and unsigned
The result type of pointer arithmetic and the return type of strlen(3)
are both size_t.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
Address compiler warning:
network.c: In function nfs_string_to_sockaddr:
network.c:272: warning: unused parameter addrlen
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
| |
Address compiler warning:
network.c:1124: warning: unused parameter salen
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
| |
Fix a couple of nfs_error() call sites in utils/mount/network.c.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
Address compiler warning:
mount.c: At top level:
mount.c:420: warning: unused parameter nomtab
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Address compiler warning:
mount.c: In function discover_nfs_mount_data_version¿:
mount.c:162: warning: comparison between signed and unsigned
mount.c:164: warning: comparison between signed and unsigned
mount.c:166: warning: comparison between signed and unsigned
mount.c:168: warning: comparison between signed and unsigned
mount.c:170: warning: comparison between signed and unsigned
mount.c:178: warning: comparison between signed and unsigned
linux_version_code() and MAKE_VERSION() both return an unsigned int.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
Introduce address family-agnostic functions that get and set IP port
numbers in socket addresses. We can already replace a few similar
functions in the mount command, and a few more will come up with
statd and sm-notify.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
| |
The umount.nfs command will negotiate the mount options again, so all
that is needed in /etc/mnttab is the original set of options used for
the mount, plus the additional mandatory options like addr=''.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
Fix up comments and function names to reflect the new version/protocol
negotiation scheme. We can now remove a bunch of mount processing
that is specific to v2/v3, removing about 100 lines of logic from
stropts.c.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
| |
Clean up: Move nfs_is_permanent_error() closer to the functions that
call it, and update a documenting comment to reflect recent
restructuring in this area.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Text-based mounts try a mount operation first with default settings,
then negotiate via rpcbind queries and retry the mount, if the default
settings don't work. This method introduces long delays in certain
common scenarios, and makes it difficult to tell when it is
appropriate to fail immediately or negotiate and retry.
To address these behavioral regressions, make text-based mounts
operate the same way that legacy mounts work. Perform rpcbind queries
with short timeouts first, then use the results to determine
transport, version, and port number settings for the mount.
This allows the mount.nfs command to detect server settings, or
whether negotiation is even possible, quickly. It also makes it
simple to determine when to fail vs. when to retry.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Up until now, nfs_options2pmap() has been passed mount options that
have already gone through the kernel's parser successfully. So, it
never had to check for invalid mount option values.
However, we are about to pass it options that come right from the
user. So nfs_options2pmap() will now need to report an error and
fail if it encounters a bogus value for any of the options it cares
about.
=====
Note that nfs_options2pmap() will allow a bogus value for an option
if the same option is specified farther to the right with a useable
value.
For example, if a user specifies "proto=foo,...,tcp" then
nfs_options2pmap() uses "tcp" and ignores "proto=foo".
However, if the options are specified in the other order:
"tcp,...,proto=foo" then nfs_options2pmap() will fail. This is a simple
and unambiguous extension of the "rightmost wins" rule.
Since mount.nfs strips out these options out and replaces them with
the rpcbind-negotiated options before invoking mount(2), the kernel
should never receive bogus values for these options from mount.nfs in
such cases.
This is probably slightly more flexible behavior than the legacy
mount implementation, but should be harmless. All mount options
unrelated to pmap are ignored by nfs_options2pmap().
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
nfs_options2pmap() fills in default values if the passed-in mount
options don't specify values. This short-circuits the version, port,
and transport negotiation logic in nfs_probe_bothports().
Instead, nfs_options2pmap() should plant zeros in these pmap fields
to force nfs_probe_bothports() and nfs_advise_mount() to discover, via
rpcbind queries, what the server supports.
This fixes some scenarios where umount.nfs fails to connect to servers
that don't have all rpcbind ports open, in addition to fixing other
corner cases during mount.nfs version/protocol negotiation.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Suppose a port= option is specified on the mount command line, but not
enough other mount options are specified to avoid an rpcbind query to
discover the NFS service.
If the NFS service isn't registered on [100003, 3, "tcp", port] (even
if the server is listening on the specified port), the legacy mount.nfs
command fails immediately with:
mount.nfs: mount to NFS server 'server' failed: RPC Error: Success
What's more, this mount request should succeeded if an NFS service is
registered on the specified port for another version and/or protocol.
So instead, let's retry the rpcbind query with the other versions and
transport protocols to be absolutely sure that port won't work with
either version or transport. Then, if all fails, report:
mount.nfs: mount to NFS server 'server' failed:
RPC Error: Program not registered
This change also affects text-based mounts that require negotiation
by the mount.nfs command.
Note that if the mount options specify all four pmap parameters for
NFS, the rpcbind query for the NFS service is skipped entirely. The
mount command then hangs and times out later if NFS service is not
listening on the requested tuple. This is unchanged from previous
behavior.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
| |
So we can see how rpcbind queries are failing during mount processing,
add some debugging messages (enabled with "mount.nfs -v") around the
nfs_getport() calls.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
| |
Some RPC errors set fields in rpc_createerr.cf_error in addition
to cf_stat. Be sure to clear _all_ error fields in rpc_createerr
each time through the rpcbind API.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
idmapd and svcgssd have a mydaemon() routine that uses closeall() to
close file descriptors. Unfortunately, they aren't using it correctly
and it ends up closing the pipe that the child process uses to talk to
its parent.
Fix this by not using closeall() in this routine and instead, just close
the file descriptors that we know need to be closed. If /dev/null can't
be opened for some reason, then just have the child exit with a non-zero
error.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
| |
libnfsidmapd libraries when verbosity level is set
by the '-v' flag it on either daemon.
Signed-off-by: Steve Dickson <steved@redhat.com>
|