| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
| |
In preparation to support IPv6 in the showmount command, extract the
logic that parses/acquires the target hostname and converts it into an RPC
client handle to contact the remote mountd service, and move it into its
own function.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
Clean up: remove showmount.c's local getport() implementation, now that
the showmount command uses the shared one.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
Have the showmount command invoke the shared nfs_getport() function
instead of its own local version. This gives the showmount command
immediate support for querying via rpcbindv3/v4 in addition to
portmapper, and sets the stage for AF_INET6 support in showmount.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
there are no hosts to notify. This also decreases
start up time by a few seconds.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
Document the interaction between the mountproto= and the proto= mount
options in a new subsection of nfs(5).
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
| |
(BZ: https://bugzilla.linux-nfs.org/show_bug.cgi?id=159)
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
| |
(BZ: https://bugzilla.linux-nfs.org/show_bug.cgi?id=161)
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
mount request from unknown host 10.11.14.99 for /export
The hosts are listed in DNS with proper reverse records, so the reason
why the host is "unknown" isn't clear. This patch just changes the
wording of this error to hopefully make it more clear why the mount
request was rejected. This also makes this error message use a format
more similar to the other error messages in auth_authenticate().
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
TI-RPC introduced the concept of "netid" which is a string that is
mapped to a set of transport capabilities via a netconfig database.
RPC services register a netid and bindaddr with their local rpcbind
daemon to advertise their ability to support particular transports.
Mike Eisler noted that the use of the term "netid" in nfs(5) is not
appropriate, since Linux does not treat the value of the proto= or
mountproto= options as a netid proper, but rather to select a
particular transport capability provided locally on the client.
The Linux NFS client currently uses a simple internal mapping between
these names and its own transport capabilities rather than using the
names as part of an rpcbind query, thus these strings are really not
netids. They are more akin to what TI-RPC calls "protocol names".
Remove the term "netid" from nfs(5) for now.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Cc: Mike Eisler <mike.eisler@netapp.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Mike Eisler noted that the use of the term "netid" in the descriptions
of the "proto=" option is not appropriate, since Linux does not allow
"udp6" or "tcp6".
Replaced the term "netid" with "transport" in nfs(5).
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Tom Talpey <Thomas.Talpey@netapp.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The Linux kernel's lockd requires that rpc.statd perform notification
callbacks from a privileged source port. To guarantee rpc.statd gets a
privileged source port but runs unprivileged, it calls
statd_get_socket() then drops root privileges before starting it's svc
request processing loop.
Statd's svc request loop is the only caller of the process_foo()
functions in utils/statd/rmtcall.c, but one of them,
process_notify_list() attempts to invoke statd_get_socket() again.
In today's code, this is unneeded because statd_get_socket() is always
invoked before my_svc_run(). However, if it ever succeeded, it would
get an unprivileged source port anyway, causing the kernel to reject
all subsequent requests from statd.
Thus the process_notify_list() function should not ever call
statd_get_socket() because root privileges have been dropped by this
point, and statd_get_socket() wouldn't get a privileged source port,
causing the kernel to reject all subsequent SM_NOTIFY requests.
So all of the process_foo functions in utils/statd/rmtcall.c should use
the global sockfd instead of a local copy, as it already has a
privileged source port.
I've seen some unexplained behavior where statd starts making calls to
the kernel via an unprivileged port. This could be one way that might
occur.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Clean up: The named function in many of the debugging messages in
utils/statd/rmtcall.c is out of date. To prevent this from happening
in the future, replace these with __func__.
Also, note() and dprintf() do not require a terminating '\n' in their
format string. So make all invocations consistent.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Static code checkers flag this kind of thing because it's easy to
confuse with "if (!(foo == rtnl))". In one of these cases, the
combination of evaluation and assignment isn't even necessary.
While we are in the neighborhood, remove an extra argument to note() that is
not called for in the passed-in format string.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
Clean up: call clnt_destroy() in the showmount command as needed to
destroy the RPC client properly (and close the associated socket) before
the program exits.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Clean up.
The sm-notify command is built from a single source file.
Some of its internal functions are appropriately defined as static.
However, some are declared static, but defined as global. Some are
declared and defined as global. None of them are used outside of
utils/statd/sm-notify.c.
Make all the internal functions in utils/statd/sm-notify.cstatic.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
Clean up: replace "typedef struct sockaddr_storage nsm_address" with
standard socket address types. This makes sm-notify.c consistent with other
parts of nfs-utils, and with typical network application coding conventions.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Clean up a few issues with logging in sm-notify.c.
Sometimes in sm-notify, when a system call fails the problem is reported
to stderr but not logged, and then usually sm-notify exits. In cases like
this, there are probably more hosts to notify, but sm-notify dies silently.
Make sure these errors are logged, and that the log messages explain the
nature of the problem.
Also, if sm-notify exits prematurely, make sure this is always reported at
the LOG_ERR level, not at the LOG_WARNING level.
Remove a couple of unnecessary '\n' in the arguments of nsm_log() calls --
nsm_log() already appends an '\n' to the message.
Finally, use exit() consistently in main().
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Make sure the results of getaddrinfo(3) are properly freed in notify().
Note this is a one-time addrinfo allocation that would be automatically
freed when sm-notify exits anyway, so this is more of a nit than a real
bug fix.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
Clean up: Include config.h as other source files do; instead of using
"config.h" use the HAVE_CONFIG_H macro and include <config.h>.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Clean up connect_nb() in the showmount command.
Sometimes it returns -1 on error, and sometimes a negative errno. On error,
it should always return one of these or the other, not both.
Similar functions in other parts of nfs-utils return -1 on error, and set
errno; so let's do that here too.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Clean up: Remove RESTRICTED_STATD to help make IPv6 changes simpler.
We keep the code behind RESTRICTED_STATD, and toss anything that is
compiled out when it is set.
RESTRICTED_STATD was added almost 10 years ago in response to CERT
CERT CA-99.05, which addresses exposures in rpc.statd that might allow
an attacker to take advantage of buffer overflows in rpc.statd while it
is running in privileged mode.
These days, I can't think of a reason why anyone would want to run
rpc.statd without setting RESTRICTED_STATD. In addition, I don't
think rpc.statd is ever tested without it.
Removing RESTRICTED_STATD will get rid of some address storage and
comparison issues that will make IPv6 support simpler. Plus it will
make our test matrix smaller!
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Acked-by: Neil Brown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refactor common logic to check if SM_FOO request is from loopback
address.
We'll have to do something about this for IPv6. On IPv6-capable
systems, there will be only one AF_INET6 listener. The loopback caller
will get either an IPv6 loopback address, or a mapped IPv4 loopback --
either way this will be an AF_INET6 address.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Acked-by: Neil Brown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
Use a connected port when talking to portmap via UDP.
This allows us to get ICMP errors reported back so we can avoid
timeouts. Also catch the error (RPC_CANTRECV) properly in getport.
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
The example idmapd.conf file is kept in libnfsidmap now, which is what's
responsible for parsing it anyway.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
Instead of using a static list of supported flavors, we should be taking
the list from the export.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
I find it more readable to have the normal (non-error) case unindented,
and to keep conditionals relatively simple, as is the usual kernel
style. Fix some inconsistent indentation while we're there.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Contrary to the comment above its definition, the field m_path always
has the same value as e_path: the *only* modifications of m_path are all
of the form:
strncpy(exp->m_export.m_path, exp->m_export.e_path,
sizeof (exp->m_export.m_path) - 1);
exp->m_export.m_path[sizeof (exp->m_export.m_path) - 1] = '\0';
So m_path is always just a copy of e_path. In places where we need to
store a path to a submount of a CROSSMNT-exported filesystem, as in
cache.c, we just use a local variable.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
| |
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
| |
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
| |
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Fix a couple of bugs which show up if you try to explicitly set a
16-byte UUID when exporting a file system. First, exportfs cuts the
first two bytes off the UUID and writes something invalid to etab.
Second, mountd writes the _ascii_ form of the UUID to the kernel,
instead of converting it to hex.
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
Make sure are zero len group list is sent down to the
kernel when the gids do not exist on the server.
Tested-by: Alex Samad <alex@samad.com.au>
Signed-off-by: Neil Brown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Old versions of glibc (< 2.4) have a getaddrinfo(3) implementation, but
do not include public definitions of the AI_V4MAPPED, AI_ALL, and
AI_ADDRCONFIG flags because it was believed that these flags were not
standardized. However, these flags have standard definitions both in
POSIX 1003 and in RFCs, and were thus included in later releases of
glibc.
To allow the mount.nfs command to build on systems with these older
versions of glibc, add conditional definitions for these flags in
utils/mount/network.c.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
The connect_nb() routne returns zero for success and a negative
value for failure which was not being interpreted correctly
by the getport() routine. This patch fixes that problem.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
Looks like mountproto= was never documented in nfs(5). Add a paragraph
that describes it in the "nfs mount options" section.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
If an NFS server has no network connectivity when it reboots,
it will block in sm-notify waiting for DNS lookup for a potentially
large number of hosts. This is not helpful and just annoys the
sysadmin.
So do the DNS lookup in the backgrounded phase of sm-notify,
before sending off the NOTIFY requests.
Acked-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
MS-Windows-Server2003R2SP2), then nfs mounts have to be mounted
with -o mountproto=tcp to succeed.
In this case a umount will still try UDP and will fail to contact the
server. It will still succeed with the local unmount (after a
timeout) but exits with a non-zero exit status. This causes
/bin/mount to retry so we get a strange error about the filesystem
not being mounted.
So:
get umount to use tcp if "mountproto=tcp" appears in mtab
ignore any failure message from the server that would overwrite
a success message from the local umount syscall.
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
MS-Windows-Server2003R2SP2 does), mount doesn't cope. There is retry
logic in case the initial choice of version/etc doesn't work, but it
doesn't cope with mountd needing tcp.
So:
Fix probe_port so that a TIMEDOUT error doesn't simply abort
but probes with other protocols (e.g. tcp).
Fix rewrite_mount_options to extract the mountproto option before
doing a probe, then set mountproto (and mount prot) based
on the result.
Signed-off-by: Neil Brown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
utils/mount/network.h.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
| |
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
the naming convention of the others.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
command.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
server's hostname from the export path in the mounted on device name,
like this:
mount server:/export /mounted/on/dir
The server's hostname is "server" and the export path is "/export".
You can also substitute a specific IPv4 network address for the server
hostname, like this:
mount 192.168.0.55:/export /mounted/on/dir
Raw IPv6 addresses present a problem, however, because they look something
like this:
fe80::200:5aff:fe00:30b
Note the use of colons.
To get around the presence of colons, copy the Solaris convention used for
raw NFS server IPv6 addresses, which is to wrap the raw IPv6 address with
square brackets. This is also suggested in RFC 4038.
Introduce a new device name parser that can support traditional device
names and square brackets. Place the parser in a separate source file
so both the mount and umount paths can derive the server's hostname and
export pathname the same way.
Bonus points: add a check for NFS URLs and display an appropriate error
message in that case. This is cleaner than failing with "unknown host:
nfs".
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
addresses.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
IPv4 or IPv6 addresses to the kernel via the "clientaddr=" option.
If the mount.nfs4 command can't determine an appropriate callback address,
it used to fail the mount request. This new function simply sends an ANY
address instead, so the mount request succeeds, but delegation is disabled.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
or IPv6 addresses to the kernel via the "addr=" option.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
addresses, then construct mount options to pass these addresses to the
kernel. The tail of each of these helpers does exactly the same thing,
so introduce a helper that handles the common code.
Magically, the new helper supports IPv6 as well as IPv4.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
command could use this eventually as well.
If this new function fails to discover an appropriate callback address, it
fills in an ANY address to indicate to the server that it should not call the
client back (ie delegations are disabled in this case).
The user can specify a callback address via the clientaddr= mount option in
this case to enable delegation.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
string and back.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
networking. This is a separate patch so subsequent
patches can be reordered without collision.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
