From 45f817e83b5845824d2cdac298150fa292eb440f45ce99c880da6f21218c4b98 Mon Sep 17 00:00:00 2001 From: Neil Brown Date: Thu, 25 Oct 2018 05:36:26 +0000 Subject: [PATCH 01/10] - New version: nfs-utils-2.3.3 The nfsidmap library source has been merged into nfs-utils, so this source package now makes nfsidmap and nfsidmap-devel packages. New program "nfsconf" improves access to nfs config files. OBS-URL: https://build.opensuse.org/package/show/Base:System/nfs-utils?expand=0&rev=194 --- ...e-ignore-empty-environment-variables.patch | 38 ------- 0002-mount-call-setgroups-before-setuid.patch | 43 -------- ...rator-handle-noauto-mounts-correctly.patch | 71 ------------- nfs-client.nfs.conf | 4 - nfs-server.nfsserver.conf | 4 - nfs-utils-1.0.7-bind-syntax.patch | 6 +- nfs-utils-2.1.1.tar.xz | 3 - nfs-utils-2.3.3.tar.xz | 3 + nfs-utils.changes | 9 ++ nfs-utils.spec | 99 ++++++++++--------- nfs.service | 23 ----- nfsserver.service | 26 ----- nsm-headers.patch | 12 --- sysmacros.patch | 12 --- 14 files changed, 70 insertions(+), 283 deletions(-) delete mode 100644 0001-conffile-ignore-empty-environment-variables.patch delete mode 100644 0002-mount-call-setgroups-before-setuid.patch delete mode 100644 0003-nfs-server-generator-handle-noauto-mounts-correctly.patch delete mode 100644 nfs-client.nfs.conf delete mode 100644 nfs-server.nfsserver.conf delete mode 100644 nfs-utils-2.1.1.tar.xz create mode 100644 nfs-utils-2.3.3.tar.xz delete mode 100644 nfs.service delete mode 100644 nfsserver.service delete mode 100644 nsm-headers.patch delete mode 100644 sysmacros.patch diff --git a/0001-conffile-ignore-empty-environment-variables.patch b/0001-conffile-ignore-empty-environment-variables.patch deleted file mode 100644 index 4d9d2c5..0000000 --- a/0001-conffile-ignore-empty-environment-variables.patch +++ /dev/null @@ -1,38 +0,0 @@ -From 5ec9d9034650ae4372dc1bd44d33a1e8768e3409 Mon Sep 17 00:00:00 2001 -From: NeilBrown -Date: Wed, 8 Feb 2017 08:18:34 +1100 -Subject: [PATCH] conffile: ignore empty environment variables. - -conf_set() already refuses to set an empty value, so if - foo= -appear in the config file, it will be ignored. -This patch extends the policy to environment variables, so empty -environment variables are treats as though they didn't exist. - -This means that a separate environment file (e.g. /etc/sysconfig/nfs) -will be treated the same way whether it is: - - included in the [environment] section of /etc/nfs.conf - - sourced by the shell before running code - - sourced by the systemd EnvironmentFile directive. - -Signed-off-by: NeilBrown ---- - support/nfs/conffile.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/support/nfs/conffile.c b/support/nfs/conffile.c -index e717c1e39bab..203efd2aa602 100644 ---- a/support/nfs/conffile.c -+++ b/support/nfs/conffile.c -@@ -533,7 +533,7 @@ retry: - * or from environment - */ - char *env = getenv(cb->value+1); -- if (env) -+ if (env && *env) - return env; - section = "environment"; - tag = cb->value + 1; --- -2.11.0 - diff --git a/0002-mount-call-setgroups-before-setuid.patch b/0002-mount-call-setgroups-before-setuid.patch deleted file mode 100644 index 2b87140..0000000 --- a/0002-mount-call-setgroups-before-setuid.patch +++ /dev/null @@ -1,43 +0,0 @@ -From 5b7da9d70261583e67e114b36cb19973de15606d Mon Sep 17 00:00:00 2001 -From: NeilBrown -Date: Wed, 8 Feb 2017 08:22:36 +1100 -Subject: [PATCH] mount: call setgroups() before setuid() - -It is generally wise to call setgroups() (and setgid()) before calling -setuid() to ensure no unexpected permission leaks happen. -SUSE's build system check all binaries for conformance with this -and generates a warning for mountd. - -As we set setting the uid to 0, there is no risk that the group list -will provide extra permissions, so there is no real risk here. -But it is nice to silence warnings, and including a setgroups() -call is probably a good practice to encourage. - -Signed-off-by: NeilBrown ---- - utils/mount/network.c | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/utils/mount/network.c b/utils/mount/network.c -index d1c8fec75174..281e9354a7fa 100644 ---- a/utils/mount/network.c -+++ b/utils/mount/network.c -@@ -33,6 +33,7 @@ - #include - #include - #include -+#include - - #include - #include -@@ -804,6 +805,7 @@ int start_statd(void) - pid_t pid = fork(); - switch (pid) { - case 0: /* child */ -+ setgroups(0, NULL); - setgid(0); - setuid(0); - execle(START_STATD, START_STATD, NULL, envp); --- -2.11.0 - diff --git a/0003-nfs-server-generator-handle-noauto-mounts-correctly.patch b/0003-nfs-server-generator-handle-noauto-mounts-correctly.patch deleted file mode 100644 index 5f2b77f..0000000 --- a/0003-nfs-server-generator-handle-noauto-mounts-correctly.patch +++ /dev/null @@ -1,71 +0,0 @@ -From 93b39628e0a2053d9b37cab7a60d78f782cb88ea Mon Sep 17 00:00:00 2001 -From: NeilBrown -Date: Wed, 8 Feb 2017 12:56:38 +1100 -Subject: [PATCH] nfs-server-generator: handle 'noauto' mounts correctly. - -When this code was written the systemd documentation stated -that "RequiresMountsFor" ignored mountpoints marked as "noauto". -Unfortunately this is incorrect. Consquently a filesystem marked -as noauto that is also NFS exported will currently be mounted when -the NFS server is started. This is not what people expect. - -So add a check for the noauto flag. If any ancestor of a given -export point has the noauto flag, no RequiresMountsFor will be -generated for that point. - -Also skip RequiresMountsFor for exports marked 'mountpoint', as their -absence is, theoretically, already handled by mountd. - -URL: https://github.com/systemd/systemd/issues/5249 -Signed-off-by: NeilBrown ---- - systemd/nfs-server-generator.c | 26 ++++++++++++++++++++++++++ - 1 file changed, 26 insertions(+) - -diff --git a/systemd/nfs-server-generator.c b/systemd/nfs-server-generator.c -index cc99969e9922..4aa65094ca07 100644 ---- a/systemd/nfs-server-generator.c -+++ b/systemd/nfs-server-generator.c -@@ -84,6 +84,28 @@ static void systemd_escape(FILE *f, char *path) - } - } - -+static int has_noauto_flag(char *path) -+{ -+ FILE *fstab; -+ struct mntent *mnt; -+ -+ fstab = setmntent("/etc/fstab", "r"); -+ if (!fstab) -+ return 0; -+ -+ while ((mnt = getmntent(fstab)) != NULL) { -+ int l = strlen(mnt->mnt_dir); -+ if (strncmp(mnt->mnt_dir, path, l) != 0) -+ continue; -+ if (path[l] && path[l] != '/') -+ continue; -+ if (hasmntopt(mnt, "noauto")) -+ break; -+ } -+ fclose(fstab); -+ return mnt != NULL; -+} -+ - int main(int argc, char *argv[]) - { - char *path; -@@ -124,6 +146,10 @@ int main(int argc, char *argv[]) - for (exp = exportlist[i].p_head; exp; exp = exp->m_next) { - if (!is_unique(&list, exp->m_export.e_path)) - continue; -+ if (exp->m_export.e_mountpoint) -+ continue; -+ if (has_noauto_flag(exp->m_export.e_path)) -+ continue; - if (strchr(exp->m_export.e_path, ' ')) - fprintf(f, "RequiresMountsFor=\"%s\"\n", - exp->m_export.e_path); --- -2.11.0 - diff --git a/nfs-client.nfs.conf b/nfs-client.nfs.conf deleted file mode 100644 index 21758b6..0000000 --- a/nfs-client.nfs.conf +++ /dev/null @@ -1,4 +0,0 @@ - -# When nfs is stopped or restarted, nfs-client must too. -[Unit] -PartOf=nfs.service diff --git a/nfs-server.nfsserver.conf b/nfs-server.nfsserver.conf deleted file mode 100644 index 575e110..0000000 --- a/nfs-server.nfsserver.conf +++ /dev/null @@ -1,4 +0,0 @@ - -# When nfsserver is stopped or restarted, nfs-server must too. -[Unit] -PartOf=nfsserver.service diff --git a/nfs-utils-1.0.7-bind-syntax.patch b/nfs-utils-1.0.7-bind-syntax.patch index 00c8344..30b05b6 100644 --- a/nfs-utils-1.0.7-bind-syntax.patch +++ b/nfs-utils-1.0.7-bind-syntax.patch @@ -6,9 +6,9 @@ support/nfs/exports.c | 2 ++ 1 file changed, 2 insertions(+) ---- nfs-utils-1.3.1.orig/support/nfs/exports.c -+++ nfs-utils-1.3.1/support/nfs/exports.c -@@ -649,6 +649,8 @@ bad_option: +--- a/support/nfs/exports.c ++++ b/support/nfs/exports.c +@@ -657,6 +657,8 @@ bad_option: } else if (strncmp(opt, "replicas=", 9) == 0) { ep->e_fslocmethod = FSLOC_REPLICA; ep->e_fslocdata = strdup(opt+9); diff --git a/nfs-utils-2.1.1.tar.xz b/nfs-utils-2.1.1.tar.xz deleted file mode 100644 index 910ad88..0000000 --- a/nfs-utils-2.1.1.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:0faeb54c70b84e6bd3b9b6901544b1f6add8d246f35c1683e402daf4e0c719ef -size 606028 diff --git a/nfs-utils-2.3.3.tar.xz b/nfs-utils-2.3.3.tar.xz new file mode 100644 index 0000000..54cde8f --- /dev/null +++ b/nfs-utils-2.3.3.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:f68b34793831b05f1fd5760d6bdec92772c7684177586a99a61e7b444f336322 +size 662280 diff --git a/nfs-utils.changes b/nfs-utils.changes index 7e327ed..834e53f 100644 --- a/nfs-utils.changes +++ b/nfs-utils.changes @@ -1,3 +1,12 @@ +------------------------------------------------------------------- +Thu Oct 25 05:32:30 UTC 2018 - Neil Brown + +- New version: nfs-utils-2.3.3 + The nfsidmap library source has been merged into + nfs-utils, so this source package now makes + nfsidmap and nfsidmap-devel packages. + New program "nfsconf" improves access to nfs config files. + ------------------------------------------------------------------- Mon Aug 6 07:29:37 UTC 2018 - schwab@suse.de diff --git a/nfs-utils.spec b/nfs-utils.spec index d636157..08e5d56 100644 --- a/nfs-utils.spec +++ b/nfs-utils.spec @@ -12,7 +12,7 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # @@ -22,7 +22,7 @@ %endif Name: nfs-utils -Version: 2.1.1 +Version: 2.3.3 Release: 0 Summary: Support Utilities for Kernel nfsd License: GPL-2.0-or-later @@ -38,10 +38,6 @@ Source7: fw-client Source8: fw-server Source11: idmapd.conf Source13: nfs-utils.rpmlintrc -Source15: nfsserver.service -Source16: nfs.service -Source17: nfs-server.nfsserver.conf -Source18: nfs-client.nfs.conf Source20: nfs-mountd.options.conf Source21: nfs-server.options.conf Source22: rpc-gssd.options.conf @@ -51,24 +47,19 @@ Source25: rpc-svcgssd.options.conf Source26: nfs.conf Source27: nfs-kernel-server.tmpfiles.conf Patch0: nfs-utils-1.0.7-bind-syntax.patch -Patch1: 0001-conffile-ignore-empty-environment-variables.patch -Patch2: 0002-mount-call-setgroups-before-setuid.patch -Patch3: 0003-nfs-server-generator-handle-noauto-mounts-correctly.patch -Patch4: nsm-headers.patch -Patch5: sysmacros.patch BuildRequires: e2fsprogs-devel BuildRequires: fedfs-utils-devel BuildRequires: gcc-c++ BuildRequires: libtool BuildRequires: pkgconfig +BuildRequires: rpcgen BuildRequires: systemd-rpm-macros BuildRequires: tcpd-devel BuildRequires: pkgconfig(devmapper) BuildRequires: pkgconfig(kdb) BuildRequires: pkgconfig(krb5) BuildRequires: pkgconfig(libevent) -BuildRequires: pkgconfig(libnfsidmap) >= 0.24 BuildRequires: pkgconfig(libtirpc) BuildRequires: pkgconfig(mount) BuildRequires: pkgconfig(sqlite3) @@ -86,6 +77,7 @@ Summary: Support Utilities for NFS Group: Productivity/Networking/NFS Requires: keyutils Requires: netcfg +Requires: nfsidmap Requires: rpcbind Requires(post): %fillup_prereq Requires(pre): permissions @@ -116,6 +108,29 @@ tune the number of server threads via the sysconfig variable USE_KERNEL_NFSD_NUMBER. For quota over NFS support, install the quota package. +%package -n nfsidmap +Summary: NFSv4 ID Mapping Library +Group: Productivity/Networking/NFS +Version: 1.0 +Release: 0 + +%package -n nfsidmap-devel +Summary: NFSv4 ID Mapping Library development libraries +Group: Development/Libraries/C and C++ +Version: 1.0 +Release: 0 +Requires: nfsidmap = %{version} + +%description -n nfsidmap +In NFSv4, identities of users are conveyed by names rather than user ID +and group ID. Both the NFS server and client code in the kernel need to +translate these to numeric IDs. + +%description -n nfsidmap-devel +In NFSv4, identities of users are conveyed by names rather than user ID +and group ID. Both the NFS server and client code in the kernel need to +translate these to numeric IDs. + %package -n nfs-doc Summary: Support Utilities for NFS Group: Productivity/Networking/NFS @@ -129,11 +144,6 @@ This package contains additional NFS documentation. %prep %setup -q -a 1 %patch0 -p1 -%patch1 -p1 -%patch2 -p1 -%patch3 -p1 -%patch4 -p1 -%patch5 -p1 cp %{SOURCE6} . @@ -150,6 +160,7 @@ export LDFLAGS="-pie" --enable-nfsdcltrack \ --enable-mount \ --enable-libmount-mount \ + --disable-static \ --enable-mountconfig make %{?_smp_mflags} cd nfs @@ -163,10 +174,7 @@ done %install make %{?_smp_mflags} DESTDIR=%{buildroot} install -install -D -m 644 %{SOURCE15} %{buildroot}%{_unitdir}/nfsserver.service -install -D -m 644 %{SOURCE16} %{buildroot}%{_unitdir}/nfs.service -install -D -m 644 %{SOURCE17} %{buildroot}%{_unitdir}/nfs-server.service.d/nfsserver.conf -install -D -m 644 %{SOURCE18} %{buildroot}%{_unitdir}/nfs-client.target.d/nfs.conf +find %{buildroot} -type f -name '*.la' -delete -print install -D -m 644 %{SOURCE20} %{buildroot}%{_unitdir}/nfs-mountd.service.d/options.conf install -D -m 644 %{SOURCE21} %{buildroot}%{_unitdir}/nfs-server.service.d/options.conf install -D -m 644 %{SOURCE22} %{buildroot}%{_unitdir}/rpc-gssd.service.d/options.conf @@ -175,9 +183,7 @@ install -D -m 644 %{SOURCE24} %{buildroot}%{_unitdir}/rpc-statd-notify.service.d install -D -m 644 %{SOURCE25} %{buildroot}%{_unitdir}/rpc-svcgssd.service.d/options.conf install -D -m 644 %{SOURCE26} %{buildroot}%{_sysconfdir}/nfs.conf install -D -m 644 %{SOURCE27} %{buildroot}%{_prefix}/lib/tmpfiles.d/nfs-kernel-server.conf -ln -sf %{_sbindir}/service %{buildroot}%{_sbindir}/rcnfsserver ln -sf %{_sbindir}/service %{buildroot}%{_sbindir}/rcnfs-server -ln -sf %{_sbindir}/service %{buildroot}%{_sbindir}/rcnfs ln -sf %{_sbindir}/service %{buildroot}%{_sbindir}/rcnfs-client # sysconfig-data mkdir -p %{buildroot}%{_fillupdir} @@ -202,7 +208,7 @@ chmod 644 %{buildroot}%{_sbindir}/{mountstats,nfsiostat} /usr/bin/getent passwd statd >/dev/null || \ /usr/sbin/useradd -r -c 'NFS statd daemon' \ -s /sbin/nologin -d %{_localstatedir}/lib/nfs -g nogroup statd -%service_add_pre nfs.service auth-rpcgss-module.service nfs-idmapd.service nfs-blkmap.service rpc-statd-notify.service rpc-gssd.service rpc-statd.service rpc-svcgssd.service +%service_add_pre auth-rpcgss-module.service nfs-idmapd.service nfs-blkmap.service rpc-statd-notify.service rpc-gssd.service rpc-statd.service rpc-svcgssd.service %post -n nfs-client chown statd:nogroup %{_localstatedir}/lib/nfs > /dev/null 2>&1 || : @@ -221,22 +227,24 @@ fi %{fillup_only -n nfs nfs} # %set_permissions /sbin/mount.nfs -%service_add_post nfs.service auth-rpcgss-module.service nfs-idmapd.service nfs-blkmap.service rpc-statd-notify.service rpc-gssd.service rpc-statd.service rpc-svcgssd.service +/sbin/ldconfig +%service_add_post auth-rpcgss-module.service nfs-idmapd.service nfs-blkmap.service rpc-statd-notify.service rpc-gssd.service rpc-statd.service rpc-svcgssd.service %preun -n nfs-client -%service_del_preun nfs.service auth-rpcgss-module.service nfs-idmapd.service nfs-blkmap.service rpc-statd-notify.service rpc-gssd.service rpc-statd.service rpc-svcgssd.service +%service_del_preun auth-rpcgss-module.service nfs-idmapd.service nfs-blkmap.service rpc-statd-notify.service rpc-gssd.service rpc-statd.service rpc-svcgssd.service %postun -n nfs-client -%service_del_postun nfs.service auth-rpcgss-module.service nfs-idmapd.service nfs-blkmap.service rpc-statd-notify.service rpc-gssd.service rpc-statd.service rpc-svcgssd.service +/sbin/ldconfig +%service_del_postun auth-rpcgss-module.service nfs-idmapd.service nfs-blkmap.service rpc-statd-notify.service rpc-gssd.service rpc-statd.service rpc-svcgssd.service %verifyscript -n nfs-client %verify_permissions -e /sbin/mount.nfs %pre -n nfs-kernel-server -%service_add_pre nfsserver.service nfs-svcgssd.service nfs-mountd.service nfs-server.service +%service_add_pre nfs-svcgssd.service nfs-mountd.service nfs-server.service %preun -n nfs-kernel-server -%service_del_preun nfsserver.service nfs-svcgssd.service nfs-mountd.service nfs-server.service +%service_del_preun nfs-svcgssd.service nfs-mountd.service nfs-server.service %post -n nfs-kernel-server ### migrate from /var/lock/subsys @@ -248,12 +256,12 @@ if [ -f %{_localstatedir}/lock/subsys/nfsserver-rpc.idmapd ]; then mv %{_localstatedir}/lock/subsys/nfsserver-rpc.idmapd /run/nfs fi ### -%service_add_post nfsserver.service nfs-mountd.service nfs-server.service +%service_add_post nfs-mountd.service nfs-server.service %tmpfiles_create nfs-kernel-server.conf %set_permissions /var/lib/nfs/rmtab %postun -n nfs-kernel-server -%service_del_postun nfsserver.service nfs-mountd.service nfs-server.service +%service_del_postun nfs-mountd.service nfs-server.service %verifyscript -n nfs-kernel-server %verify_permissions -e /var/lib/nfs/rmtab @@ -272,7 +280,6 @@ fi %attr(0755,root,root) %{_sbindir}/nfsiostat %{_sbindir}/nfsidmap %{_sbindir}/nfsstat -%{_sbindir}/rcnfs %{_sbindir}/rcnfs-client %{_sbindir}/rpc.gssd %{_sbindir}/rpc.idmapd @@ -283,6 +290,7 @@ fi %{_sbindir}/start-statd %{_sbindir}/blkmapd %{_sbindir}/rpc.svcgssd +%{_sbindir}/nfsconf %{_unitdir}/auth-rpcgss-module.service %{_unitdir}/nfs-blkmap.service %{_unitdir}/nfs-client.target @@ -290,29 +298,26 @@ fi %{_unitdir}/nfs-utils.service %{_unitdir}/rpc-gssd.service %{_unitdir}/rpc-gssd.service.d -%{_unitdir}/rpc-gssd.service.d/options.conf +%{_unitdir}/rpc_pipefs.target %{_unitdir}/rpc-statd-notify.service %{_unitdir}/rpc-statd-notify.service.d -%{_unitdir}/rpc-statd-notify.service.d/options.conf %{_unitdir}/rpc-statd.service %{_unitdir}/rpc-statd.service.d -%{_unitdir}/rpc-statd.service.d/options.conf %{_unitdir}/rpc-svcgssd.service %{_unitdir}/rpc-svcgssd.service.d -%{_unitdir}/rpc-svcgssd.service.d/options.conf %{_unitdir}/var-lib-nfs-rpc_pipefs.mount -%{_unitdir}/nfs.service -%dir %{_unitdir}/nfs-client.target.d -%{_unitdir}/nfs-client.target.d/nfs.conf %dir /usr/lib/systemd/system-generators /usr/lib/systemd/system-generators/nfs-server-generator +/usr/lib/systemd/system-generators/rpc-pipefs-generator %{_mandir}/man5/nfsmount.conf.5%{ext_man} %{_mandir}/man5/nfs.conf.5%{ext_man} %{_mandir}/man5/nfs.5%{ext_man} +%{_mandir}/man5/idmapd.conf.5%{ext_man} %{_mandir}/man7/nfs.systemd.7%{ext_man} %{_mandir}/man8/mount.nfs.8%{ext_man} %{_mandir}/man8/nfsidmap.8%{ext_man} %{_mandir}/man8/nfsstat.8%{ext_man} +%{_mandir}/man8/nfsconf.8%{ext_man} %{_mandir}/man8/rpc.sm-notify.8%{ext_man} %{_mandir}/man8/showmount.8%{ext_man} %{_mandir}/man8/sm-notify.8%{ext_man} @@ -342,16 +347,11 @@ fi %defattr(-,root,root) %{_unitdir}/nfs-mountd.service %{_unitdir}/nfs-mountd.service.d -%{_unitdir}/nfs-mountd.service.d/options.conf %{_unitdir}/nfs-server.service %{_unitdir}/nfs-server.service.d -%{_unitdir}/nfs-server.service.d/options.conf %{_unitdir}/proc-fs-nfsd.mount -%{_unitdir}/nfsserver.service -%{_unitdir}/nfs-server.service.d/nfsserver.conf %{_prefix}/lib/tmpfiles.d/nfs-kernel-server.conf %{_sbindir}/exportfs -%{_sbindir}/rcnfsserver %{_sbindir}/rcnfs-server %{_sbindir}/rpc.mountd %{_sbindir}/rpc.nfsd @@ -368,6 +368,17 @@ fi %config(noreplace) %{_localstatedir}/lib/nfs/rmtab %config %attr(0644,root,root) %{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/nfs-kernel-server +%files -n nfsidmap +%doc support/nfsidmap/README +%{_libdir}/libnfsidmap/ +%{_libdir}/libnfsidmap.so.1* +%{_mandir}/man3/* + +%files -n nfsidmap-devel +%{_libdir}/libnfsidmap.so +%{_includedir}/*.h +%{_libdir}/pkgconfig/libnfsidmap.pc + %files -n nfs-doc %defattr(-,root,root) %doc nfs/*.html nfs/*.ps README.NFSv4 diff --git a/nfs.service b/nfs.service deleted file mode 100644 index ad879f7..0000000 --- a/nfs.service +++ /dev/null @@ -1,23 +0,0 @@ -[Unit] -Description=Alias for NFS client -# The systemd alias mechanism (using symlinks) isn't rich enough. -# If you "systemctl enable" an alias, it doesn't enable the -# target. -# This service file creates a sufficiently rich alias for nfs-client -# (which is the canonical upstream name) -# "start", "stop", "restart", "reload" on this will do the same to nfs-client. -# "enable" on this will only enable this service, but when it starts, that -# starts nfs-client, so it is effectively enabled. -# nfs-server.d/nfsserver.conf is part of this service. - -Requires= nfs-client.target -PropagatesReloadTo=nfs-client.target - -[Service] -Type=oneshot -RemainAfterExit=yes -ExecStart=/bin/true - -[Install] -WantedBy=multi-user.target - diff --git a/nfsserver.service b/nfsserver.service deleted file mode 100644 index 028cfdc..0000000 --- a/nfsserver.service +++ /dev/null @@ -1,26 +0,0 @@ -[Unit] -Description=Alias for NFS server -# The systemd alias mechanism (using symlinks) isn't rich enough. -# If you "systemctl enable" an alias, it doesn't enable the -# target. -# This service file creates a sufficiently rich alias for nfs-server -# (which is the canonical upstream name) -# "start", "stop", "restart", "reload" on this will do the same to nfs-server. -# "enable" on this will only enable this service, but when it starts, that -# starts nfs-server, so it is effectively enabled. -# nfs-server.d/nfsserver.conf is part of this service. - -Requires= nfs-server.service - -[Service] -Type=oneshot -ExecStart=/bin/true -RemainAfterExit=yes -# Can't just PropagatesReloadTo to nfs-server.service -# as reload fails if we don't have our own ExecReload -# So copy that from nfs-server.service -ExecReload=/usr/sbin/exportfs -r - -[Install] -WantedBy=multi-user.target - diff --git a/nsm-headers.patch b/nsm-headers.patch deleted file mode 100644 index 2e703f0..0000000 --- a/nsm-headers.patch +++ /dev/null @@ -1,12 +0,0 @@ -Index: nfs-utils-2.1.1/support/nsm/rpc.c -=================================================================== ---- nfs-utils-2.1.1.orig/support/nsm/rpc.c -+++ nfs-utils-2.1.1/support/nsm/rpc.c -@@ -41,6 +41,7 @@ - #include - #include - #include -+#include - #include - #include - diff --git a/sysmacros.patch b/sysmacros.patch deleted file mode 100644 index 5365a4a..0000000 --- a/sysmacros.patch +++ /dev/null @@ -1,12 +0,0 @@ -Index: nfs-utils-2.1.1/utils/blkmapd/device-discovery.c -=================================================================== ---- nfs-utils-2.1.1.orig/utils/blkmapd/device-discovery.c -+++ nfs-utils-2.1.1/utils/blkmapd/device-discovery.c -@@ -27,6 +27,7 @@ - */ - - #include -+#include - #include - #include - #include From 5294cf55fe78b19800118eb30ec3508799aa0cf448f4a89ebbc58cf9efe9ac18 Mon Sep 17 00:00:00 2001 From: Neil Brown Date: Thu, 25 Oct 2018 22:56:02 +0000 Subject: [PATCH 02/10] Add missing config option - with-pluginpath OBS-URL: https://build.opensuse.org/package/show/Base:System/nfs-utils?expand=0&rev=195 --- nfs-utils.spec | 1 + 1 file changed, 1 insertion(+) diff --git a/nfs-utils.spec b/nfs-utils.spec index 08e5d56..97ba5fe 100644 --- a/nfs-utils.spec +++ b/nfs-utils.spec @@ -161,6 +161,7 @@ export LDFLAGS="-pie" --enable-mount \ --enable-libmount-mount \ --disable-static \ + --with-pluginpath=%{_libdir}/libnfsidmap \ --enable-mountconfig make %{?_smp_mflags} cd nfs From 3a9d86ffbecc15b60201a834c921ab0249319a8dd0fd700e4450b1da48ead078 Mon Sep 17 00:00:00 2001 From: Neil Brown Date: Fri, 26 Oct 2018 03:00:29 +0000 Subject: [PATCH 03/10] Delete patches that have been included upstream: 0001-conffile-ignore-empty-environment-variables.patch 0002-mount-call-setgroups-before-setuid.patch 0003-nfs-server-generator-handle-noauto-mounts-correctly.patch nsm-headers.patch OBS-URL: https://build.opensuse.org/package/show/Base:System/nfs-utils?expand=0&rev=196 --- nfs-utils.changes | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/nfs-utils.changes b/nfs-utils.changes index 834e53f..ed16e7a 100644 --- a/nfs-utils.changes +++ b/nfs-utils.changes @@ -6,6 +6,11 @@ Thu Oct 25 05:32:30 UTC 2018 - Neil Brown nfs-utils, so this source package now makes nfsidmap and nfsidmap-devel packages. New program "nfsconf" improves access to nfs config files. + Delete patches that have been included upstream: + 0001-conffile-ignore-empty-environment-variables.patch + 0002-mount-call-setgroups-before-setuid.patch + 0003-nfs-server-generator-handle-noauto-mounts-correctly.patch + nsm-headers.patch ------------------------------------------------------------------- Mon Aug 6 07:29:37 UTC 2018 - schwab@suse.de From 5aba4a2d5596816fc9cddcd3c300c7d73af7d4fbed3c6623d9c3015e0f391a6b Mon Sep 17 00:00:00 2001 From: Neil Brown Date: Mon, 3 Dec 2018 02:51:05 +0000 Subject: [PATCH 04/10] - 0001-nfs.conf-allow-empty-assignments.patch Fix regression due to unnecessary "error" messages from nfs.conf - 0002-Let-systemd-know-when-rpc.statd-is-needed.patch 0003-systemd-run-statd-notify-even-when-nfs-client-isn-t-.patch Fixes for systemd integration (bsc#1116221) OBS-URL: https://build.opensuse.org/package/show/Base:System/nfs-utils?expand=0&rev=197 --- 0001-nfs.conf-allow-empty-assignments.patch | 55 +++++++++++++++++++ ...ystemd-know-when-rpc.statd-is-needed.patch | 54 ++++++++++++++++++ ...d-notify-even-when-nfs-client-isn-t-.patch | 38 +++++++++++++ nfs-utils-1.0.7-bind-syntax.patch | 2 +- nfs-utils.changes | 11 ++++ nfs-utils.spec | 6 ++ 6 files changed, 165 insertions(+), 1 deletion(-) create mode 100644 0001-nfs.conf-allow-empty-assignments.patch create mode 100644 0002-Let-systemd-know-when-rpc.statd-is-needed.patch create mode 100644 0003-systemd-run-statd-notify-even-when-nfs-client-isn-t-.patch diff --git a/0001-nfs.conf-allow-empty-assignments.patch b/0001-nfs.conf-allow-empty-assignments.patch new file mode 100644 index 0000000..eb3f2df --- /dev/null +++ b/0001-nfs.conf-allow-empty-assignments.patch @@ -0,0 +1,55 @@ +From b8ebadacd1ccf943e3c699027bdc64bdcf5e9f37 Mon Sep 17 00:00:00 2001 +From: NeilBrown +Date: Mon, 3 Dec 2018 11:54:16 +1100 +Subject: [PATCH] nfs.conf: allow empty assignments. + +A recent commit caused an error message (but didn't actually +trigger an error) for a config file line like: + + foo = + +There is no good reason to treat this as an error, and we (SUSE) have +established practice of expecting these to be accepted. +Specifically "/etc/nfs.conf" includes "/etc/sysconfig/nfs" which +contains lots of empty definitions. + +So remove the error message. + +Fixes: 1c2c18806800 ("nfs.conf: Removed buffer overruns") +Signed-off-by: NeilBrown +--- + support/nfs/conffile.c | 5 ----- + tests/nfsconf/01-errors.exp | 1 - + 2 files changed, 6 deletions(-) + +diff --git a/support/nfs/conffile.c b/support/nfs/conffile.c +index 0e39aca6b468..77c5790c893c 100644 +--- a/support/nfs/conffile.c ++++ b/support/nfs/conffile.c +@@ -405,11 +405,6 @@ conf_parse_line(int trans, char *line, const char *filename, int lineno, char ** + "missing tag in assignment", filename, lineno); + return; + } +- if (*val == '\0') { +- xlog_warn("config error at %s:%d: " +- "missing value in assignment", filename, lineno); +- return; +- } + + if (strcasecmp(line, "include")==0) { + /* load and parse subordinate config files */ +diff --git a/tests/nfsconf/01-errors.exp b/tests/nfsconf/01-errors.exp +index 2bf1b8c7f65b..0b985b46267e 100644 +--- a/tests/nfsconf/01-errors.exp ++++ b/tests/nfsconf/01-errors.exp +@@ -4,7 +4,6 @@ nfsconf: config error at 01-errors.conf:10: non-matched ']', ignoring until next + nfsconf: config error at 01-errors.conf:11: ignoring line not in a section + nfsconf: config error at 01-errors.conf:14: line not empty and not an assignment + nfsconf: config error at 01-errors.conf:15: missing tag in assignment +-nfsconf: config error at 01-errors.conf:16: missing value in assignment + nfsconf: config error at 01-errors.conf:18: unmatched quotes + [four] + four = foo = bar +-- +2.14.0.rc0.dirty + diff --git a/0002-Let-systemd-know-when-rpc.statd-is-needed.patch b/0002-Let-systemd-know-when-rpc.statd-is-needed.patch new file mode 100644 index 0000000..9ee869e --- /dev/null +++ b/0002-Let-systemd-know-when-rpc.statd-is-needed.patch @@ -0,0 +1,54 @@ +From b468dda439a02c4d1b7f85a0be6c0a227d16c2de Mon Sep 17 00:00:00 2001 +From: NeilBrown +Date: Fri, 30 Nov 2018 16:38:45 +1100 +Subject: [PATCH] Let systemd know when rpc.statd is needed. + +A recent change to set IgnoreOnIsolate for rpc-statd +isn't quite sufficient (though it doesn't hurt). +While rpc-statd does remain when + systemctl isolate multi-user +is run, its dependencies don't remain, so rpcbind might +get killed, which makes rpc.statd rather useless. + +The reason this is all an issue is that systemd doesn't know that +rpc-statd is needed - mount.nfs explicitly starts it rather than +having a dependency start it. +This can be rectified by explicitly telling systemd about the +dependency using "systemctl add-wants". This can be done in the +start-statd script, at the same time that rpc-statd is started. + +As --runtime dependency is used so that it doesn't persist across +reboots. A new dependency will be created on next boot if an NFSv3 +filesystem is mounted. + +With this in place, both rpc.statd and rpcbind remain. +Actually, rpcbind.service is stopped, but rpcbind.socket remains, +and when anything tries to contact rpcbind, rpcbind.service +is automatically started and it re-reads its saved state. + +Signed-off-by: NeilBrown +--- + utils/statd/start-statd | 7 ++++++- + 1 file changed, 6 insertions(+), 1 deletion(-) + +diff --git a/utils/statd/start-statd b/utils/statd/start-statd +index 82715b40c1af..54ced822016a 100755 +--- a/utils/statd/start-statd ++++ b/utils/statd/start-statd +@@ -20,7 +20,12 @@ fi + # First try systemd if it's installed. + if [ -d /run/systemd/system ]; then + # Quit only if the call worked. +- systemctl start rpc-statd.service && exit ++ if systemctl start rpc-statd.service; then ++ # Ensure systemd knows not to stop rpc.statd or its dependencies ++ # on 'systemctl isolate ..' ++ systemctl add-wants --runtime remote-fs.target rpc-statd.service ++ exit 0 ++ fi + fi + + cd / +-- +2.14.0.rc0.dirty + diff --git a/0003-systemd-run-statd-notify-even-when-nfs-client-isn-t-.patch b/0003-systemd-run-statd-notify-even-when-nfs-client-isn-t-.patch new file mode 100644 index 0000000..e2413b7 --- /dev/null +++ b/0003-systemd-run-statd-notify-even-when-nfs-client-isn-t-.patch @@ -0,0 +1,38 @@ +From 415dea8db90785c3063bbd74fff34cb6a4830f06 Mon Sep 17 00:00:00 2001 +From: NeilBrown +Date: Fri, 30 Nov 2018 16:44:29 +1100 +Subject: [PATCH] systemd: run statd-notify even when nfs-client isn't enabled. + +When NFS filesytems are mounted, nfs-client.target really should +be enabled. However it is possible to mount NFS filesystems +without this (providing gss isn't used) and it mostly works. + +One aspect that doesn't work is that sm-notify isn't run, so the server +isn't told to drop any locks from the previous client instance. +This can result in confusing failures: if a client crashes while +holding a lock, it won't be able to get the same lock after a reboot. + +While this isn't a complete solution (nfs-client really should be +enabled), adding a dependency from rpc-statd to rpc-statd-notify is +easy, has no down sides, and could help avoid confusion. + +Signed-off-by: NeilBrown +--- + systemd/rpc-statd.service | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/systemd/rpc-statd.service b/systemd/rpc-statd.service +index 1f4e6a8b92ab..3e92cf71add0 100644 +--- a/systemd/rpc-statd.service ++++ b/systemd/rpc-statd.service +@@ -4,6 +4,7 @@ DefaultDependencies=no + Conflicts=umount.target + Requires=nss-lookup.target rpcbind.socket + Wants=network-online.target ++Wants=rpc-statd-notify.service + After=network-online.target nss-lookup.target rpcbind.socket + + PartOf=nfs-utils.service +-- +2.14.0.rc0.dirty + diff --git a/nfs-utils-1.0.7-bind-syntax.patch b/nfs-utils-1.0.7-bind-syntax.patch index 30b05b6..2eed230 100644 --- a/nfs-utils-1.0.7-bind-syntax.patch +++ b/nfs-utils-1.0.7-bind-syntax.patch @@ -8,7 +8,7 @@ --- a/support/nfs/exports.c +++ b/support/nfs/exports.c -@@ -657,6 +657,8 @@ bad_option: +@@ -658,6 +658,8 @@ bad_option: } else if (strncmp(opt, "replicas=", 9) == 0) { ep->e_fslocmethod = FSLOC_REPLICA; ep->e_fslocdata = strdup(opt+9); diff --git a/nfs-utils.changes b/nfs-utils.changes index ed16e7a..4f2e512 100644 --- a/nfs-utils.changes +++ b/nfs-utils.changes @@ -1,3 +1,14 @@ +------------------------------------------------------------------- +Mon Dec 3 02:49:13 UTC 2018 - Neil Brown + +- 0001-nfs.conf-allow-empty-assignments.patch + Fix regression due to unnecessary "error" messages from nfs.conf + +- 0002-Let-systemd-know-when-rpc.statd-is-needed.patch + 0003-systemd-run-statd-notify-even-when-nfs-client-isn-t-.patch + Fixes for systemd integration + (bsc#1116221) + ------------------------------------------------------------------- Thu Oct 25 05:32:30 UTC 2018 - Neil Brown diff --git a/nfs-utils.spec b/nfs-utils.spec index 97ba5fe..5fac96d 100644 --- a/nfs-utils.spec +++ b/nfs-utils.spec @@ -47,6 +47,9 @@ Source25: rpc-svcgssd.options.conf Source26: nfs.conf Source27: nfs-kernel-server.tmpfiles.conf Patch0: nfs-utils-1.0.7-bind-syntax.patch +Patch1: 0001-nfs.conf-allow-empty-assignments.patch +Patch2: 0002-Let-systemd-know-when-rpc.statd-is-needed.patch +Patch3: 0003-systemd-run-statd-notify-even-when-nfs-client-isn-t-.patch BuildRequires: e2fsprogs-devel BuildRequires: fedfs-utils-devel @@ -144,6 +147,9 @@ This package contains additional NFS documentation. %prep %setup -q -a 1 %patch0 -p1 +%patch1 -p1 +%patch2 -p1 +%patch3 -p1 cp %{SOURCE6} . From 22747e3040b26d2b5937dae8abd2b84925fc8149b1cd48d840e220f18934949e Mon Sep 17 00:00:00 2001 From: Neil Brown Date: Tue, 4 Dec 2018 00:04:15 +0000 Subject: [PATCH 05/10] - 0004-nfsidmap-honour-with-pluginpath-for-instalation.patch Allow plugins to be installed properly - nfs-utils.spec Package shared library correctly OBS-URL: https://build.opensuse.org/package/show/Base:System/nfs-utils?expand=0&rev=198 --- ...nour-with-pluginpath-for-instalation.patch | 39 +++++++++++++++++++ nfs-utils.changes | 8 ++++ nfs-utils.spec | 21 +++++----- 3 files changed, 59 insertions(+), 9 deletions(-) create mode 100644 0004-nfsidmap-honour-with-pluginpath-for-instalation.patch diff --git a/0004-nfsidmap-honour-with-pluginpath-for-instalation.patch b/0004-nfsidmap-honour-with-pluginpath-for-instalation.patch new file mode 100644 index 0000000..5ab82b1 --- /dev/null +++ b/0004-nfsidmap-honour-with-pluginpath-for-instalation.patch @@ -0,0 +1,39 @@ +From b535ba0513fd53bb3ae63d13b55b4784e056e225 Mon Sep 17 00:00:00 2001 +From: NeilBrown +Date: Tue, 4 Dec 2018 11:00:10 +1100 +Subject: [PATCH] nfsidmap: honour --with-pluginpath for instalation. + +The path set with --with-pluginpath is not currently +used when installing plugins. It should be. + +Signed-off-by: NeilBrown +--- + configure.ac | 1 + + support/nfsidmap/Makefile.am | 2 +- + 2 files changed, 2 insertions(+), 1 deletion(-) + +diff --git a/configure.ac b/configure.ac +index 4163f6a518f5..4bf5aea4442f 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -450,6 +450,7 @@ if test -n "$path_plugins" ; then + [Define this to change the plugins path]) + fi + AM_CONDITIONAL(PATH_PLUGINS, test -n "$path_plugins") ++AC_SUBST(PATH_PLUGINS, "$path_plugins") + + AC_SUBST(AM_CPPFLAGS, "$AM_CPPFLAGS") + AC_DEFINE([HAVE_NFS4_SET_DEBUG], 1, +diff --git a/support/nfsidmap/Makefile.am b/support/nfsidmap/Makefile.am +index 8b5dfe4e784a..cdbeb4c1a9ac 100644 +--- a/support/nfsidmap/Makefile.am ++++ b/support/nfsidmap/Makefile.am +@@ -1,4 +1,4 @@ +-pkgplugindir=$(libdir)/libnfsidmap ++pkgplugindir=$(PATH_PLUGINS) + + if ENABLE_LDAP + UMICH_LDAP_LIB = umich_ldap.la +-- +2.14.0.rc0.dirty + diff --git a/nfs-utils.changes b/nfs-utils.changes index 4f2e512..ac58aa4 100644 --- a/nfs-utils.changes +++ b/nfs-utils.changes @@ -1,3 +1,11 @@ +------------------------------------------------------------------- +Tue Dec 4 00:03:00 UTC 2018 - Neil Brown + +- 0004-nfsidmap-honour-with-pluginpath-for-instalation.patch + Allow plugins to be installed properly +- nfs-utils.spec + Package shared library correctly + ------------------------------------------------------------------- Mon Dec 3 02:49:13 UTC 2018 - Neil Brown diff --git a/nfs-utils.spec b/nfs-utils.spec index 5fac96d..6440684 100644 --- a/nfs-utils.spec +++ b/nfs-utils.spec @@ -50,6 +50,7 @@ Patch0: nfs-utils-1.0.7-bind-syntax.patch Patch1: 0001-nfs.conf-allow-empty-assignments.patch Patch2: 0002-Let-systemd-know-when-rpc.statd-is-needed.patch Patch3: 0003-systemd-run-statd-notify-even-when-nfs-client-isn-t-.patch +Patch4: 0004-nfsidmap-honour-with-pluginpath-for-instalation.patch BuildRequires: e2fsprogs-devel BuildRequires: fedfs-utils-devel @@ -79,8 +80,8 @@ quota over NFS support, install the quota package. Summary: Support Utilities for NFS Group: Productivity/Networking/NFS Requires: keyutils +Requires: libnfsidmap1 Requires: netcfg -Requires: nfsidmap Requires: rpcbind Requires(post): %fillup_prereq Requires(pre): permissions @@ -111,20 +112,21 @@ tune the number of server threads via the sysconfig variable USE_KERNEL_NFSD_NUMBER. For quota over NFS support, install the quota package. -%package -n nfsidmap +%package -n libnfsidmap1 Summary: NFSv4 ID Mapping Library Group: Productivity/Networking/NFS Version: 1.0 Release: 0 +Obsoletes: nfsidmap %package -n nfsidmap-devel Summary: NFSv4 ID Mapping Library development libraries Group: Development/Libraries/C and C++ Version: 1.0 Release: 0 -Requires: nfsidmap = %{version} +Requires: libnfsidmap1 = %{version} -%description -n nfsidmap +%description -n libnfsidmap1 In NFSv4, identities of users are conveyed by names rather than user ID and group ID. Both the NFS server and client code in the kernel need to translate these to numeric IDs. @@ -150,6 +152,7 @@ This package contains additional NFS documentation. %patch1 -p1 %patch2 -p1 %patch3 -p1 +%patch4 -p1 cp %{SOURCE6} . @@ -167,7 +170,7 @@ export LDFLAGS="-pie" --enable-mount \ --enable-libmount-mount \ --disable-static \ - --with-pluginpath=%{_libdir}/libnfsidmap \ + --with-pluginpath=%{_libdir}/libnfsidmap-1.0.0 \ --enable-mountconfig make %{?_smp_mflags} cd nfs @@ -375,16 +378,16 @@ fi %config(noreplace) %{_localstatedir}/lib/nfs/rmtab %config %attr(0644,root,root) %{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/nfs-kernel-server -%files -n nfsidmap -%doc support/nfsidmap/README -%{_libdir}/libnfsidmap/ +%files -n libnfsidmap1 +%{_libdir}/libnfsidmap-1.0.0/ %{_libdir}/libnfsidmap.so.1* -%{_mandir}/man3/* %files -n nfsidmap-devel %{_libdir}/libnfsidmap.so %{_includedir}/*.h %{_libdir}/pkgconfig/libnfsidmap.pc +%{_mandir}/man3/* +%doc support/nfsidmap/README %files -n nfs-doc %defattr(-,root,root) From 6c7a56a0e5a843c7651fd3fe5455bb61d5c05878f8f942e15bb0c52ce9019361 Mon Sep 17 00:00:00 2001 From: Neil Brown Date: Tue, 29 Jan 2019 22:54:03 +0000 Subject: [PATCH 06/10] - Restored nfs.service nad nfserver.service wrappers as "install images" need these still. sysmacros.patch OBS-URL: https://build.opensuse.org/package/show/Base:System/nfs-utils?expand=0&rev=199 --- nfs-client.nfs.conf | 4 ++++ nfs-server.nfsserver.conf | 4 ++++ nfs-utils.changes | 7 +++++++ nfs-utils.spec | 35 ++++++++++++++++++++++++++--------- nfs.service | 23 +++++++++++++++++++++++ nfsserver.service | 26 ++++++++++++++++++++++++++ 6 files changed, 90 insertions(+), 9 deletions(-) create mode 100644 nfs-client.nfs.conf create mode 100644 nfs-server.nfsserver.conf create mode 100644 nfs.service create mode 100644 nfsserver.service diff --git a/nfs-client.nfs.conf b/nfs-client.nfs.conf new file mode 100644 index 0000000..21758b6 --- /dev/null +++ b/nfs-client.nfs.conf @@ -0,0 +1,4 @@ + +# When nfs is stopped or restarted, nfs-client must too. +[Unit] +PartOf=nfs.service diff --git a/nfs-server.nfsserver.conf b/nfs-server.nfsserver.conf new file mode 100644 index 0000000..575e110 --- /dev/null +++ b/nfs-server.nfsserver.conf @@ -0,0 +1,4 @@ + +# When nfsserver is stopped or restarted, nfs-server must too. +[Unit] +PartOf=nfsserver.service diff --git a/nfs-utils.changes b/nfs-utils.changes index ac58aa4..20669e5 100644 --- a/nfs-utils.changes +++ b/nfs-utils.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Tue Jan 29 22:50:04 UTC 2019 - Neil Brown + +- Restored nfs.service nad nfserver.service wrappers + as "install images" need these still. + ------------------------------------------------------------------- Tue Dec 4 00:03:00 UTC 2018 - Neil Brown @@ -30,6 +36,7 @@ Thu Oct 25 05:32:30 UTC 2018 - Neil Brown 0002-mount-call-setgroups-before-setuid.patch 0003-nfs-server-generator-handle-noauto-mounts-correctly.patch nsm-headers.patch + sysmacros.patch ------------------------------------------------------------------- Mon Aug 6 07:29:37 UTC 2018 - schwab@suse.de diff --git a/nfs-utils.spec b/nfs-utils.spec index 6440684..1402159 100644 --- a/nfs-utils.spec +++ b/nfs-utils.spec @@ -1,7 +1,7 @@ # # spec file for package nfs-utils # -# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -38,6 +38,10 @@ Source7: fw-client Source8: fw-server Source11: idmapd.conf Source13: nfs-utils.rpmlintrc +Source15: nfsserver.service +Source16: nfs.service +Source17: nfs-server.nfsserver.conf +Source18: nfs-client.nfs.conf Source20: nfs-mountd.options.conf Source21: nfs-server.options.conf Source22: rpc-gssd.options.conf @@ -184,6 +188,10 @@ done %install make %{?_smp_mflags} DESTDIR=%{buildroot} install +install -D -m 644 %{SOURCE15} %{buildroot}%{_unitdir}/nfsserver.service +install -D -m 644 %{SOURCE16} %{buildroot}%{_unitdir}/nfs.service +install -D -m 644 %{SOURCE17} %{buildroot}%{_unitdir}/nfs-server.service.d/nfsserver.conf +install -D -m 644 %{SOURCE18} %{buildroot}%{_unitdir}/nfs-client.target.d/nfs.conf find %{buildroot} -type f -name '*.la' -delete -print install -D -m 644 %{SOURCE20} %{buildroot}%{_unitdir}/nfs-mountd.service.d/options.conf install -D -m 644 %{SOURCE21} %{buildroot}%{_unitdir}/nfs-server.service.d/options.conf @@ -193,7 +201,9 @@ install -D -m 644 %{SOURCE24} %{buildroot}%{_unitdir}/rpc-statd-notify.service.d install -D -m 644 %{SOURCE25} %{buildroot}%{_unitdir}/rpc-svcgssd.service.d/options.conf install -D -m 644 %{SOURCE26} %{buildroot}%{_sysconfdir}/nfs.conf install -D -m 644 %{SOURCE27} %{buildroot}%{_prefix}/lib/tmpfiles.d/nfs-kernel-server.conf +ln -sf %{_sbindir}/service %{buildroot}%{_sbindir}/rcnfsserver ln -sf %{_sbindir}/service %{buildroot}%{_sbindir}/rcnfs-server +ln -sf %{_sbindir}/service %{buildroot}%{_sbindir}/rcnfs ln -sf %{_sbindir}/service %{buildroot}%{_sbindir}/rcnfs-client # sysconfig-data mkdir -p %{buildroot}%{_fillupdir} @@ -218,7 +228,7 @@ chmod 644 %{buildroot}%{_sbindir}/{mountstats,nfsiostat} /usr/bin/getent passwd statd >/dev/null || \ /usr/sbin/useradd -r -c 'NFS statd daemon' \ -s /sbin/nologin -d %{_localstatedir}/lib/nfs -g nogroup statd -%service_add_pre auth-rpcgss-module.service nfs-idmapd.service nfs-blkmap.service rpc-statd-notify.service rpc-gssd.service rpc-statd.service rpc-svcgssd.service +%service_add_pre nfs.service auth-rpcgss-module.service nfs-idmapd.service nfs-blkmap.service rpc-statd-notify.service rpc-gssd.service rpc-statd.service rpc-svcgssd.service %post -n nfs-client chown statd:nogroup %{_localstatedir}/lib/nfs > /dev/null 2>&1 || : @@ -238,23 +248,23 @@ fi # %set_permissions /sbin/mount.nfs /sbin/ldconfig -%service_add_post auth-rpcgss-module.service nfs-idmapd.service nfs-blkmap.service rpc-statd-notify.service rpc-gssd.service rpc-statd.service rpc-svcgssd.service +%service_add_post nfs.service auth-rpcgss-module.service nfs-idmapd.service nfs-blkmap.service rpc-statd-notify.service rpc-gssd.service rpc-statd.service rpc-svcgssd.service %preun -n nfs-client -%service_del_preun auth-rpcgss-module.service nfs-idmapd.service nfs-blkmap.service rpc-statd-notify.service rpc-gssd.service rpc-statd.service rpc-svcgssd.service +%service_del_preun nfs.service auth-rpcgss-module.service nfs-idmapd.service nfs-blkmap.service rpc-statd-notify.service rpc-gssd.service rpc-statd.service rpc-svcgssd.service %postun -n nfs-client /sbin/ldconfig -%service_del_postun auth-rpcgss-module.service nfs-idmapd.service nfs-blkmap.service rpc-statd-notify.service rpc-gssd.service rpc-statd.service rpc-svcgssd.service +%service_del_postun nfs.service auth-rpcgss-module.service nfs-idmapd.service nfs-blkmap.service rpc-statd-notify.service rpc-gssd.service rpc-statd.service rpc-svcgssd.service %verifyscript -n nfs-client %verify_permissions -e /sbin/mount.nfs %pre -n nfs-kernel-server -%service_add_pre nfs-svcgssd.service nfs-mountd.service nfs-server.service +%service_add_pre nfsserver.service nfs-svcgssd.service nfs-mountd.service nfs-server.service %preun -n nfs-kernel-server -%service_del_preun nfs-svcgssd.service nfs-mountd.service nfs-server.service +%service_del_preun nfsserver.service nfs-svcgssd.service nfs-mountd.service nfs-server.service %post -n nfs-kernel-server ### migrate from /var/lock/subsys @@ -266,12 +276,12 @@ if [ -f %{_localstatedir}/lock/subsys/nfsserver-rpc.idmapd ]; then mv %{_localstatedir}/lock/subsys/nfsserver-rpc.idmapd /run/nfs fi ### -%service_add_post nfs-mountd.service nfs-server.service +%service_add_post nfsserver.service nfs-mountd.service nfs-server.service %tmpfiles_create nfs-kernel-server.conf %set_permissions /var/lib/nfs/rmtab %postun -n nfs-kernel-server -%service_del_postun nfs-mountd.service nfs-server.service +%service_del_postun nfsserver.service nfs-mountd.service nfs-server.service %verifyscript -n nfs-kernel-server %verify_permissions -e /var/lib/nfs/rmtab @@ -290,6 +300,7 @@ fi %attr(0755,root,root) %{_sbindir}/nfsiostat %{_sbindir}/nfsidmap %{_sbindir}/nfsstat +%{_sbindir}/rcnfs %{_sbindir}/rcnfs-client %{_sbindir}/rpc.gssd %{_sbindir}/rpc.idmapd @@ -316,6 +327,9 @@ fi %{_unitdir}/rpc-svcgssd.service %{_unitdir}/rpc-svcgssd.service.d %{_unitdir}/var-lib-nfs-rpc_pipefs.mount +%{_unitdir}/nfs.service +%dir %{_unitdir}/nfs-client.target.d +%{_unitdir}/nfs-client.target.d/nfs.conf %dir /usr/lib/systemd/system-generators /usr/lib/systemd/system-generators/nfs-server-generator /usr/lib/systemd/system-generators/rpc-pipefs-generator @@ -360,8 +374,11 @@ fi %{_unitdir}/nfs-server.service %{_unitdir}/nfs-server.service.d %{_unitdir}/proc-fs-nfsd.mount +%{_unitdir}/nfsserver.service +%{_unitdir}/nfs-server.service.d/nfsserver.conf %{_prefix}/lib/tmpfiles.d/nfs-kernel-server.conf %{_sbindir}/exportfs +%{_sbindir}/rcnfsserver %{_sbindir}/rcnfs-server %{_sbindir}/rpc.mountd %{_sbindir}/rpc.nfsd diff --git a/nfs.service b/nfs.service new file mode 100644 index 0000000..ad879f7 --- /dev/null +++ b/nfs.service @@ -0,0 +1,23 @@ +[Unit] +Description=Alias for NFS client +# The systemd alias mechanism (using symlinks) isn't rich enough. +# If you "systemctl enable" an alias, it doesn't enable the +# target. +# This service file creates a sufficiently rich alias for nfs-client +# (which is the canonical upstream name) +# "start", "stop", "restart", "reload" on this will do the same to nfs-client. +# "enable" on this will only enable this service, but when it starts, that +# starts nfs-client, so it is effectively enabled. +# nfs-server.d/nfsserver.conf is part of this service. + +Requires= nfs-client.target +PropagatesReloadTo=nfs-client.target + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=/bin/true + +[Install] +WantedBy=multi-user.target + diff --git a/nfsserver.service b/nfsserver.service new file mode 100644 index 0000000..028cfdc --- /dev/null +++ b/nfsserver.service @@ -0,0 +1,26 @@ +[Unit] +Description=Alias for NFS server +# The systemd alias mechanism (using symlinks) isn't rich enough. +# If you "systemctl enable" an alias, it doesn't enable the +# target. +# This service file creates a sufficiently rich alias for nfs-server +# (which is the canonical upstream name) +# "start", "stop", "restart", "reload" on this will do the same to nfs-server. +# "enable" on this will only enable this service, but when it starts, that +# starts nfs-server, so it is effectively enabled. +# nfs-server.d/nfsserver.conf is part of this service. + +Requires= nfs-server.service + +[Service] +Type=oneshot +ExecStart=/bin/true +RemainAfterExit=yes +# Can't just PropagatesReloadTo to nfs-server.service +# as reload fails if we don't have our own ExecReload +# So copy that from nfs-server.service +ExecReload=/usr/sbin/exportfs -r + +[Install] +WantedBy=multi-user.target + From cd4692a51076860d7086a52bfa9a7006ca55ff2c516d7241a633a57cf929d234 Mon Sep 17 00:00:00 2001 From: Neil Brown Date: Tue, 29 Jan 2019 23:09:18 +0000 Subject: [PATCH 07/10] - Remove service aliases - these files are deleted. nfs.service nfsserver.service nfs-server.nfsserver.conf nfs-client.nfs.conf Now the upstream standard service names "nfs-client" and "nfs-server" must be used. OBS-URL: https://build.opensuse.org/package/show/Base:System/nfs-utils?expand=0&rev=200 --- nfs-client.nfs.conf | 4 ---- nfs-server.nfsserver.conf | 4 ---- nfs-utils.changes | 10 ++++++++-- nfs-utils.spec | 33 ++++++++------------------------- nfs.service | 23 ----------------------- nfsserver.service | 26 -------------------------- 6 files changed, 16 insertions(+), 84 deletions(-) delete mode 100644 nfs-client.nfs.conf delete mode 100644 nfs-server.nfsserver.conf delete mode 100644 nfs.service delete mode 100644 nfsserver.service diff --git a/nfs-client.nfs.conf b/nfs-client.nfs.conf deleted file mode 100644 index 21758b6..0000000 --- a/nfs-client.nfs.conf +++ /dev/null @@ -1,4 +0,0 @@ - -# When nfs is stopped or restarted, nfs-client must too. -[Unit] -PartOf=nfs.service diff --git a/nfs-server.nfsserver.conf b/nfs-server.nfsserver.conf deleted file mode 100644 index 575e110..0000000 --- a/nfs-server.nfsserver.conf +++ /dev/null @@ -1,4 +0,0 @@ - -# When nfsserver is stopped or restarted, nfs-server must too. -[Unit] -PartOf=nfsserver.service diff --git a/nfs-utils.changes b/nfs-utils.changes index 20669e5..0616c3f 100644 --- a/nfs-utils.changes +++ b/nfs-utils.changes @@ -1,8 +1,14 @@ ------------------------------------------------------------------- Tue Jan 29 22:50:04 UTC 2019 - Neil Brown -- Restored nfs.service nad nfserver.service wrappers - as "install images" need these still. +- Remove service aliases - these files are deleted. + nfs.service + nfsserver.service + nfs-server.nfsserver.conf + nfs-client.nfs.conf + + Now the upstream standard service names "nfs-client" and "nfs-server" + must be used. ------------------------------------------------------------------- Tue Dec 4 00:03:00 UTC 2018 - Neil Brown diff --git a/nfs-utils.spec b/nfs-utils.spec index 1402159..ea2691f 100644 --- a/nfs-utils.spec +++ b/nfs-utils.spec @@ -38,10 +38,6 @@ Source7: fw-client Source8: fw-server Source11: idmapd.conf Source13: nfs-utils.rpmlintrc -Source15: nfsserver.service -Source16: nfs.service -Source17: nfs-server.nfsserver.conf -Source18: nfs-client.nfs.conf Source20: nfs-mountd.options.conf Source21: nfs-server.options.conf Source22: rpc-gssd.options.conf @@ -188,10 +184,6 @@ done %install make %{?_smp_mflags} DESTDIR=%{buildroot} install -install -D -m 644 %{SOURCE15} %{buildroot}%{_unitdir}/nfsserver.service -install -D -m 644 %{SOURCE16} %{buildroot}%{_unitdir}/nfs.service -install -D -m 644 %{SOURCE17} %{buildroot}%{_unitdir}/nfs-server.service.d/nfsserver.conf -install -D -m 644 %{SOURCE18} %{buildroot}%{_unitdir}/nfs-client.target.d/nfs.conf find %{buildroot} -type f -name '*.la' -delete -print install -D -m 644 %{SOURCE20} %{buildroot}%{_unitdir}/nfs-mountd.service.d/options.conf install -D -m 644 %{SOURCE21} %{buildroot}%{_unitdir}/nfs-server.service.d/options.conf @@ -201,9 +193,7 @@ install -D -m 644 %{SOURCE24} %{buildroot}%{_unitdir}/rpc-statd-notify.service.d install -D -m 644 %{SOURCE25} %{buildroot}%{_unitdir}/rpc-svcgssd.service.d/options.conf install -D -m 644 %{SOURCE26} %{buildroot}%{_sysconfdir}/nfs.conf install -D -m 644 %{SOURCE27} %{buildroot}%{_prefix}/lib/tmpfiles.d/nfs-kernel-server.conf -ln -sf %{_sbindir}/service %{buildroot}%{_sbindir}/rcnfsserver ln -sf %{_sbindir}/service %{buildroot}%{_sbindir}/rcnfs-server -ln -sf %{_sbindir}/service %{buildroot}%{_sbindir}/rcnfs ln -sf %{_sbindir}/service %{buildroot}%{_sbindir}/rcnfs-client # sysconfig-data mkdir -p %{buildroot}%{_fillupdir} @@ -228,7 +218,7 @@ chmod 644 %{buildroot}%{_sbindir}/{mountstats,nfsiostat} /usr/bin/getent passwd statd >/dev/null || \ /usr/sbin/useradd -r -c 'NFS statd daemon' \ -s /sbin/nologin -d %{_localstatedir}/lib/nfs -g nogroup statd -%service_add_pre nfs.service auth-rpcgss-module.service nfs-idmapd.service nfs-blkmap.service rpc-statd-notify.service rpc-gssd.service rpc-statd.service rpc-svcgssd.service +%service_add_pre auth-rpcgss-module.service nfs-idmapd.service nfs-blkmap.service rpc-statd-notify.service rpc-gssd.service rpc-statd.service rpc-svcgssd.service %post -n nfs-client chown statd:nogroup %{_localstatedir}/lib/nfs > /dev/null 2>&1 || : @@ -248,23 +238,23 @@ fi # %set_permissions /sbin/mount.nfs /sbin/ldconfig -%service_add_post nfs.service auth-rpcgss-module.service nfs-idmapd.service nfs-blkmap.service rpc-statd-notify.service rpc-gssd.service rpc-statd.service rpc-svcgssd.service +%service_add_post auth-rpcgss-module.service nfs-idmapd.service nfs-blkmap.service rpc-statd-notify.service rpc-gssd.service rpc-statd.service rpc-svcgssd.service %preun -n nfs-client -%service_del_preun nfs.service auth-rpcgss-module.service nfs-idmapd.service nfs-blkmap.service rpc-statd-notify.service rpc-gssd.service rpc-statd.service rpc-svcgssd.service +%service_del_preun auth-rpcgss-module.service nfs-idmapd.service nfs-blkmap.service rpc-statd-notify.service rpc-gssd.service rpc-statd.service rpc-svcgssd.service %postun -n nfs-client /sbin/ldconfig -%service_del_postun nfs.service auth-rpcgss-module.service nfs-idmapd.service nfs-blkmap.service rpc-statd-notify.service rpc-gssd.service rpc-statd.service rpc-svcgssd.service +%service_del_postun auth-rpcgss-module.service nfs-idmapd.service nfs-blkmap.service rpc-statd-notify.service rpc-gssd.service rpc-statd.service rpc-svcgssd.service %verifyscript -n nfs-client %verify_permissions -e /sbin/mount.nfs %pre -n nfs-kernel-server -%service_add_pre nfsserver.service nfs-svcgssd.service nfs-mountd.service nfs-server.service +%service_add_pre nfs-svcgssd.service nfs-mountd.service nfs-server.service %preun -n nfs-kernel-server -%service_del_preun nfsserver.service nfs-svcgssd.service nfs-mountd.service nfs-server.service +%service_del_preun nfs-svcgssd.service nfs-mountd.service nfs-server.service %post -n nfs-kernel-server ### migrate from /var/lock/subsys @@ -276,12 +266,12 @@ if [ -f %{_localstatedir}/lock/subsys/nfsserver-rpc.idmapd ]; then mv %{_localstatedir}/lock/subsys/nfsserver-rpc.idmapd /run/nfs fi ### -%service_add_post nfsserver.service nfs-mountd.service nfs-server.service +%service_add_post nfs-mountd.service nfs-server.service %tmpfiles_create nfs-kernel-server.conf %set_permissions /var/lib/nfs/rmtab %postun -n nfs-kernel-server -%service_del_postun nfsserver.service nfs-mountd.service nfs-server.service +%service_del_postun nfs-mountd.service nfs-server.service %verifyscript -n nfs-kernel-server %verify_permissions -e /var/lib/nfs/rmtab @@ -300,7 +290,6 @@ fi %attr(0755,root,root) %{_sbindir}/nfsiostat %{_sbindir}/nfsidmap %{_sbindir}/nfsstat -%{_sbindir}/rcnfs %{_sbindir}/rcnfs-client %{_sbindir}/rpc.gssd %{_sbindir}/rpc.idmapd @@ -327,9 +316,6 @@ fi %{_unitdir}/rpc-svcgssd.service %{_unitdir}/rpc-svcgssd.service.d %{_unitdir}/var-lib-nfs-rpc_pipefs.mount -%{_unitdir}/nfs.service -%dir %{_unitdir}/nfs-client.target.d -%{_unitdir}/nfs-client.target.d/nfs.conf %dir /usr/lib/systemd/system-generators /usr/lib/systemd/system-generators/nfs-server-generator /usr/lib/systemd/system-generators/rpc-pipefs-generator @@ -374,11 +360,8 @@ fi %{_unitdir}/nfs-server.service %{_unitdir}/nfs-server.service.d %{_unitdir}/proc-fs-nfsd.mount -%{_unitdir}/nfsserver.service -%{_unitdir}/nfs-server.service.d/nfsserver.conf %{_prefix}/lib/tmpfiles.d/nfs-kernel-server.conf %{_sbindir}/exportfs -%{_sbindir}/rcnfsserver %{_sbindir}/rcnfs-server %{_sbindir}/rpc.mountd %{_sbindir}/rpc.nfsd diff --git a/nfs.service b/nfs.service deleted file mode 100644 index ad879f7..0000000 --- a/nfs.service +++ /dev/null @@ -1,23 +0,0 @@ -[Unit] -Description=Alias for NFS client -# The systemd alias mechanism (using symlinks) isn't rich enough. -# If you "systemctl enable" an alias, it doesn't enable the -# target. -# This service file creates a sufficiently rich alias for nfs-client -# (which is the canonical upstream name) -# "start", "stop", "restart", "reload" on this will do the same to nfs-client. -# "enable" on this will only enable this service, but when it starts, that -# starts nfs-client, so it is effectively enabled. -# nfs-server.d/nfsserver.conf is part of this service. - -Requires= nfs-client.target -PropagatesReloadTo=nfs-client.target - -[Service] -Type=oneshot -RemainAfterExit=yes -ExecStart=/bin/true - -[Install] -WantedBy=multi-user.target - diff --git a/nfsserver.service b/nfsserver.service deleted file mode 100644 index 028cfdc..0000000 --- a/nfsserver.service +++ /dev/null @@ -1,26 +0,0 @@ -[Unit] -Description=Alias for NFS server -# The systemd alias mechanism (using symlinks) isn't rich enough. -# If you "systemctl enable" an alias, it doesn't enable the -# target. -# This service file creates a sufficiently rich alias for nfs-server -# (which is the canonical upstream name) -# "start", "stop", "restart", "reload" on this will do the same to nfs-server. -# "enable" on this will only enable this service, but when it starts, that -# starts nfs-server, so it is effectively enabled. -# nfs-server.d/nfsserver.conf is part of this service. - -Requires= nfs-server.service - -[Service] -Type=oneshot -ExecStart=/bin/true -RemainAfterExit=yes -# Can't just PropagatesReloadTo to nfs-server.service -# as reload fails if we don't have our own ExecReload -# So copy that from nfs-server.service -ExecReload=/usr/sbin/exportfs -r - -[Install] -WantedBy=multi-user.target - From 572639f17465131426ed8e47b116edc00287a6f798b039b284884aaf0ce929d7 Mon Sep 17 00:00:00 2001 From: Neil Brown Date: Wed, 30 Jan 2019 00:10:42 +0000 Subject: [PATCH 08/10] - remove libnfsidmap1 dependency for nfs-client. It isn't needed. OBS-URL: https://build.opensuse.org/package/show/Base:System/nfs-utils?expand=0&rev=201 --- nfs-utils.changes | 6 ++++++ nfs-utils.spec | 1 - 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/nfs-utils.changes b/nfs-utils.changes index 0616c3f..7287328 100644 --- a/nfs-utils.changes +++ b/nfs-utils.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Wed Jan 30 00:10:03 UTC 2019 - Neil Brown + +- remove libnfsidmap1 dependency for nfs-client. + It isn't needed. + ------------------------------------------------------------------- Tue Jan 29 22:50:04 UTC 2019 - Neil Brown diff --git a/nfs-utils.spec b/nfs-utils.spec index ea2691f..abeb1ec 100644 --- a/nfs-utils.spec +++ b/nfs-utils.spec @@ -80,7 +80,6 @@ quota over NFS support, install the quota package. Summary: Support Utilities for NFS Group: Productivity/Networking/NFS Requires: keyutils -Requires: libnfsidmap1 Requires: netcfg Requires: rpcbind Requires(post): %fillup_prereq From 3f63e668bab364172af5114570ca621c4be261d2710f4340a97182cc0e643d3d Mon Sep 17 00:00:00 2001 From: Neil Brown Date: Tue, 30 Jul 2019 00:14:20 +0000 Subject: [PATCH 09/10] Accepting request 718249 from home:mgerstner:branches:Base:System - removal of SuSEfirewall2 service, since SuSEfirewall2 has been replaced by firewalld, see [1]. [1]: https://lists.opensuse.org/opensuse-factory/2019-01/msg00490.html OBS-URL: https://build.opensuse.org/request/show/718249 OBS-URL: https://build.opensuse.org/package/show/Base:System/nfs-utils?expand=0&rev=202 --- fw-client | 26 -------------------------- fw-server | 26 -------------------------- nfs-utils.changes | 8 ++++++++ nfs-utils.spec | 8 +------- 4 files changed, 9 insertions(+), 59 deletions(-) delete mode 100644 fw-client delete mode 100644 fw-server diff --git a/fw-client b/fw-client deleted file mode 100644 index c700bc9..0000000 --- a/fw-client +++ /dev/null @@ -1,26 +0,0 @@ -## Description: Firewall Configuration for NFS client. -# -# Only the variables TCP, UDP, RPC, IP and BROADCAST are allowed. -# More may be supported in the future. -# -# For a more detailed description of the individual variables see -# the comments for FW_SERVICES_*_EXT in /etc/sysconfig/SuSEfirewall2 -# - -## Name: NFS Client -## Description: Opens ports for NFS client to allow connection to an NFS server. - -# space separated list of allowed TCP ports -TCP="" - -# space separated list of allowed UDP ports -UDP="" - -# space separated list of allowed RPC services -RPC="portmap status nlockmgr" - -# space separated list of allowed IP protocols -IP="" - -# space separated list of allowed UDP broadcast ports -BROADCAST="" diff --git a/fw-server b/fw-server deleted file mode 100644 index 5ffe976..0000000 --- a/fw-server +++ /dev/null @@ -1,26 +0,0 @@ -## Description: Firewall Configuration for NFS kernel server. -# -# Only the variables TCP, UDP, RPC, IP and BROADCAST are allowed. -# More may be supported in the future. -# -# For a more detailed description of the individual variables see -# the comments for FW_SERVICES_*_EXT in /etc/sysconfig/SuSEfirewall2 -# - -## Name: NFS Server Service -## Description: Opens ports for NFS to allow other hosts to connect. - -# space separated list of allowed TCP ports -TCP="" - -# space separated list of allowed UDP ports -UDP="" - -# space separated list of allowed RPC services -RPC="portmap status nlockmgr mountd nfs nfs_acl" - -# space separated list of allowed IP protocols -IP="" - -# space separated list of allowed UDP broadcast ports -BROADCAST="" diff --git a/nfs-utils.changes b/nfs-utils.changes index 7287328..532275b 100644 --- a/nfs-utils.changes +++ b/nfs-utils.changes @@ -1,3 +1,11 @@ +------------------------------------------------------------------- +Wed Jul 24 13:07:41 UTC 2019 - matthias.gerstner@suse.com + +- removal of SuSEfirewall2 service, since SuSEfirewall2 has been replaced by + firewalld, see [1]. + + [1]: https://lists.opensuse.org/opensuse-factory/2019-01/msg00490.html + ------------------------------------------------------------------- Wed Jan 30 00:10:03 UTC 2019 - Neil Brown diff --git a/nfs-utils.spec b/nfs-utils.spec index abeb1ec..e12c570 100644 --- a/nfs-utils.spec +++ b/nfs-utils.spec @@ -12,7 +12,7 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# Please submit bugfixes or comments via http://bugs.opensuse.org/ # @@ -34,8 +34,6 @@ Source0: http://kernel.org/pub/linux/utils/nfs-utils/%{version}/nfs-utils Source1: nfs.doc.tar.bz2 Source4: sysconfig.nfs Source6: README.NFSv4 -Source7: fw-client -Source8: fw-server Source11: idmapd.conf Source13: nfs-utils.rpmlintrc Source20: nfs-mountd.options.conf @@ -206,8 +204,6 @@ mkdir -p -m 755 %{buildroot}%{_localstatedir}/lib/nfs/sm mkdir -p -m 755 %{buildroot}%{_localstatedir}/lib/nfs/sm.bak touch %{buildroot}%{_localstatedir}/lib/nfs/state mkdir -p %{buildroot}%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services -install -m 0644 %{SOURCE7} %{buildroot}%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/nfs-client -install -m 0644 %{SOURCE8} %{buildroot}%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/nfs-kernel-server install -m 644 utils/mount/nfsmount.conf %{buildroot}%{_sysconfdir}/nfsmount.conf # # hack to avoid automatic python dependency @@ -350,7 +346,6 @@ fi %attr(0700,statd,nogroup) %dir %{_localstatedir}/lib/nfs/sm %attr(0700,statd,nogroup) %dir %{_localstatedir}/lib/nfs/sm.bak %attr(0700,statd,nogroup) %ghost %{_localstatedir}/lib/nfs/state -%config %attr(0644,root,root) %{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/nfs-client %files -n nfs-kernel-server %defattr(-,root,root) @@ -375,7 +370,6 @@ fi %{_mandir}/man8/nfsdcltrack.8%{ext_man} %config(noreplace) %{_localstatedir}/lib/nfs/etab %config(noreplace) %{_localstatedir}/lib/nfs/rmtab -%config %attr(0644,root,root) %{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/nfs-kernel-server %files -n libnfsidmap1 %{_libdir}/libnfsidmap-1.0.0/ From 0cf2370c0cc65d087351180ee7f10fd95fa08e96e1535f0003ebe928173df909 Mon Sep 17 00:00:00 2001 From: Neil Brown Date: Mon, 2 Sep 2019 05:26:32 +0000 Subject: [PATCH 10/10] - 0005-nfs.conf-fail-to-disable-major-NFS-version-4-using-v.patch Fix a bug that cause NFSv4 service to always be enabled, if the server was enabled at all. OBS-URL: https://build.opensuse.org/package/show/Base:System/nfs-utils?expand=0&rev=203 --- ...-disable-major-NFS-version-4-using-v.patch | 60 +++++++++++++++++++ nfs-utils.changes | 7 +++ nfs-utils.spec | 4 +- 3 files changed, 70 insertions(+), 1 deletion(-) create mode 100644 0005-nfs.conf-fail-to-disable-major-NFS-version-4-using-v.patch diff --git a/0005-nfs.conf-fail-to-disable-major-NFS-version-4-using-v.patch b/0005-nfs.conf-fail-to-disable-major-NFS-version-4-using-v.patch new file mode 100644 index 0000000..9664b50 --- /dev/null +++ b/0005-nfs.conf-fail-to-disable-major-NFS-version-4-using-v.patch @@ -0,0 +1,60 @@ +From d68be5d6ae5086d6b4ad84507d0d14011df40aa2 Mon Sep 17 00:00:00 2001 +From: Justin Mitchell +Date: Wed, 26 Sep 2018 10:37:17 -0400 +Subject: [PATCH] nfs.conf: fail to disable major NFS version 4 using "vers4=n" + in /etc/nfs.conf + +Setting "vers4=n/off" (disabling the major NFS version 4) in nfs.conf +doesn't work now. + +Refer to rpc.nfsd(8), "vers3/vers4" in the [nfsd] section of the +/etc/nfs.conf file is to enable or disable a major NFS version 3 or 4 +(which are normally enabled by default). + +Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1625032 + +Signed-off-by: Steve Dickson +--- + utils/nfsd/nfsd.c | 15 ++++++++++++--- + 1 file changed, 12 insertions(+), 3 deletions(-) + +diff --git a/utils/nfsd/nfsd.c b/utils/nfsd/nfsd.c +index 6b57e2b0790e..b256bd9f6b40 100644 +--- a/utils/nfsd/nfsd.c ++++ b/utils/nfsd/nfsd.c +@@ -83,6 +83,9 @@ main(int argc, char **argv) + + conf_init_file(NFS_CONFFILE); + xlog_from_conffile("nfsd"); ++ ++ nfssvc_get_minormask(&minormask); ++ + count = conf_get_num("nfsd", "threads", count); + grace = conf_get_num("nfsd", "grace-time", grace); + lease = conf_get_num("nfsd", "lease-time", lease); +@@ -101,13 +104,19 @@ main(int argc, char **argv) + for (i = 2; i <= 4; i++) { + char tag[20]; + sprintf(tag, "vers%d", i); +- if (conf_get_bool("nfsd", tag, NFSCTL_VERISSET(versbits, i))) ++ if (conf_get_bool("nfsd", tag, NFSCTL_VERISSET(versbits, i))) { + NFSCTL_VERSET(versbits, i); +- else ++ if (i == 4) ++ minorvers = minorversset = minormask; ++ } else { + NFSCTL_VERUNSET(versbits, i); ++ if (i == 4) { ++ minorvers = 0; ++ minorversset = minormask; ++ } ++ } + } + +- nfssvc_get_minormask(&minormask); + /* We assume the kernel will default all minor versions to 'on', + * and allow the config file to disable some. + */ +-- +2.14.0.rc0.dirty + diff --git a/nfs-utils.changes b/nfs-utils.changes index 532275b..2556587 100644 --- a/nfs-utils.changes +++ b/nfs-utils.changes @@ -1,3 +1,10 @@ +------------------------------------------------------------------- +Mon Sep 2 05:25:07 UTC 2019 - Neil Brown + +- 0005-nfs.conf-fail-to-disable-major-NFS-version-4-using-v.patch + Fix a bug that cause NFSv4 service to always be enabled, if + the server was enabled at all. + ------------------------------------------------------------------- Wed Jul 24 13:07:41 UTC 2019 - matthias.gerstner@suse.com diff --git a/nfs-utils.spec b/nfs-utils.spec index e12c570..1c54c96 100644 --- a/nfs-utils.spec +++ b/nfs-utils.spec @@ -12,7 +12,7 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # @@ -49,6 +49,7 @@ Patch1: 0001-nfs.conf-allow-empty-assignments.patch Patch2: 0002-Let-systemd-know-when-rpc.statd-is-needed.patch Patch3: 0003-systemd-run-statd-notify-even-when-nfs-client-isn-t-.patch Patch4: 0004-nfsidmap-honour-with-pluginpath-for-instalation.patch +Patch5: 0005-nfs.conf-fail-to-disable-major-NFS-version-4-using-v.patch BuildRequires: e2fsprogs-devel BuildRequires: fedfs-utils-devel @@ -150,6 +151,7 @@ This package contains additional NFS documentation. %patch2 -p1 %patch3 -p1 %patch4 -p1 +%patch5 -p1 cp %{SOURCE6} .