diff --git a/fork-start-statd.patch b/fork-start-statd.patch new file mode 100644 index 0000000..c88a2a2 --- /dev/null +++ b/fork-start-statd.patch @@ -0,0 +1,34 @@ +Index: nfs-utils-1.1.3/utils/mount/network.c +=================================================================== +--- nfs-utils-1.1.3.orig/utils/mount/network.c ++++ nfs-utils-1.1.3/utils/mount/network.c +@@ -694,7 +694,18 @@ int start_statd(void) + #ifdef START_STATD + if (stat(START_STATD, &stb) == 0) { + if (S_ISREG(stb.st_mode) && (stb.st_mode & S_IXUSR)) { +- system(START_STATD); ++ pid_t pid = fork(); ++ switch (pid) { ++ case 0: /* child */ ++ execl(START_STATD, START_STATD, NULL); ++ exit(1); ++ case -1: /* error */ ++ perror("Fork failed"); ++ break; ++ default: /* parent */ ++ waitpid(pid, NULL,0); ++ break; ++ } + if (probe_statd()) + return 1; + } +Index: nfs-utils-1.1.3/utils/statd/start-statd +=================================================================== +--- nfs-utils-1.1.3.orig/utils/statd/start-statd ++++ nfs-utils-1.1.3/utils/statd/start-statd +@@ -1,4 +1,4 @@ +-#!/bin/sh ++#!/bin/sh -p + # nfsmount calls this script when mounting a filesystem with locking + # enabled, but when statd does not seem to be running (based on + # /var/run/rpc.statd.pid). diff --git a/idmapd.conf b/idmapd.conf deleted file mode 100644 index bfcb177..0000000 --- a/idmapd.conf +++ /dev/null @@ -1,10 +0,0 @@ -[General] - -Verbosity = 0 -Pipefs-Directory = /var/lib/nfs/rpc_pipefs -Domain = localdomain - -[Mapping] - -Nobody-User = nobody -Nobody-Group = nobody diff --git a/nfs-utils-1.0.7-bind-syntax.patch b/nfs-utils-1.0.7-bind-syntax.patch index 1e8fd04..0fbc93b 100644 --- a/nfs-utils-1.0.7-bind-syntax.patch +++ b/nfs-utils-1.0.7-bind-syntax.patch @@ -2,13 +2,11 @@ support/include/misc.h | 3 support/include/nfslib.h | 1 ================================================================================ ---- - support/nfs/exports.c | 2 ++ - 1 file changed, 2 insertions(+) - ---- nfs-utils-1.2.1.orig/support/nfs/exports.c -+++ nfs-utils-1.2.1/support/nfs/exports.c -@@ -621,6 +621,8 @@ bad_option: +Index: nfs-utils-1.1.2/support/nfs/exports.c +=================================================================== +--- nfs-utils-1.1.2.orig/support/nfs/exports.c ++++ nfs-utils-1.1.2/support/nfs/exports.c +@@ -627,6 +627,8 @@ bad_option: } else if (strncmp(opt, "replicas=", 9) == 0) { ep->e_fslocmethod = FSLOC_REPLICA; ep->e_fslocdata = strdup(opt+9); diff --git a/nfs-utils-1.1.2-connect-UDP.patch b/nfs-utils-1.1.2-connect-UDP.patch new file mode 100644 index 0000000..25917c4 --- /dev/null +++ b/nfs-utils-1.1.2-connect-UDP.patch @@ -0,0 +1,41 @@ +From 59f85cc9ab483bea0da743a876bf70f483dd36eb Mon Sep 17 00:00:00 2001 +From: Neil Brown +Date: Mon, 21 Jul 2008 11:12:59 +1000 +References: bnc#404170 +Subject: [PATCH] Use connected socket when probing portmap with UDP. + +This allows us to get errors back promptly, and sometimes avoid +timeout. +--- + utils/mount/network.c | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +--- nfs-utils-1.1.3.orig/utils/mount/network.c ++++ nfs-utils-1.1.3/utils/mount/network.c +@@ -447,7 +447,7 @@ static unsigned short getport(struct soc + bind_saddr = *saddr; + bind_saddr.sin_port = htons(PMAPPORT); + +- socket = get_socket(&bind_saddr, proto, PMAP_TIMEOUT, FALSE, FALSE); ++ socket = get_socket(&bind_saddr, proto, PMAP_TIMEOUT, FALSE, TRUE); + if (socket == RPC_ANYSOCK) { + if (proto == IPPROTO_TCP && + rpc_createerr.cf_error.re_errno == ETIMEDOUT) +@@ -539,6 +539,7 @@ static int probe_port(clnt_addr_t *serve + } + if (rpc_createerr.cf_stat != RPC_PROGNOTREGISTERED && + rpc_createerr.cf_stat != RPC_TIMEDOUT && ++ rpc_createerr.cf_stat != RPC_CANTRECV && + rpc_createerr.cf_stat != RPC_PROGVERSMISMATCH) + goto out_bad; + +@@ -547,7 +548,8 @@ static int probe_port(clnt_addr_t *serve + continue; + p_prot = protos; + } +- if (rpc_createerr.cf_stat == RPC_TIMEDOUT) ++ if (rpc_createerr.cf_stat == RPC_TIMEDOUT || ++ rpc_createerr.cf_stat == RPC_CANTRECV) + goto out_bad; + + if (vers || !*++p_vers) diff --git a/nfs-utils-1.1.2-try-before-mount.patch b/nfs-utils-1.1.2-try-before-mount.patch new file mode 100644 index 0000000..6ccc419 --- /dev/null +++ b/nfs-utils-1.1.2-try-before-mount.patch @@ -0,0 +1,228 @@ +From 852424a9a02dbe1a7c3b75a014bc71cad2ab6d5e Mon Sep 17 00:00:00 2001 +From: Neil Brown +Date: Mon, 21 Jul 2008 12:45:50 +1000 +References: bnc#404170 +Subject: [PATCH] Check nfs options (vers/protocol) before trying mount. + +As the kernels nfs-mount client does not have heuristics to pick the +best protocol/version, also check with portmap to find what is +available before requesting a mount. + +However don't try to 'ping' the services. For NFS, this ping would +need to come from a reserved port, and these are a scarce resource. + +If the mount found, retry the probe doing any ping that might be +needed in the hope of finding the problem. + +Note: this patch also removes the (recently added) setting of +mountport= in the mount arguments. This is because: + 1/ the kernel can find it easily itself + 2/ it could confuse unmount which may be run much later + when mountd is running on a different port. + + +Signed-off-by: Neil Brown +--- + utils/mount/network.c | 35 +++++++++++++++++++++-------------- + utils/mount/network.h | 2 +- + utils/mount/nfsmount.c | 2 +- + utils/mount/stropts.c | 18 +++++++----------- + 4 files changed, 30 insertions(+), 27 deletions(-) + +--- nfs-utils-1.1.3.orig/utils/mount/network.c ++++ nfs-utils-1.1.3/utils/mount/network.c +@@ -500,9 +500,11 @@ static unsigned short getport(struct soc + * Use the portmapper to discover whether or not the service we want is + * available. The lists 'versions' and 'protos' define ordered sequences + * of service versions and udp/tcp protocols to probe for. ++ * If 'ping' is set, set an RPC NULL request to make sure the service ++ * is there. Else just assume that it is. + */ + static int probe_port(clnt_addr_t *server, const unsigned long *versions, +- const unsigned int *protos) ++ const unsigned int *protos, int ping) + { + struct sockaddr_in *saddr = &server->saddr; + struct pmap *pmap = &server->pmap; +@@ -530,7 +532,8 @@ static int probe_port(clnt_addr_t *serve + _("UDP") : _("TCP"), + p_port); + } +- if (clnt_ping(saddr, prog, *p_vers, *p_prot, NULL)) ++ if (!ping || ++ clnt_ping(saddr, prog, *p_vers, *p_prot, NULL)) + goto out_ok; + } + } +@@ -565,7 +568,7 @@ out_ok: + return 1; + } + +-static int probe_nfsport(clnt_addr_t *nfs_server) ++static int probe_nfsport(clnt_addr_t *nfs_server, int ping) + { + struct pmap *pmap = &nfs_server->pmap; + +@@ -573,12 +576,14 @@ static int probe_nfsport(clnt_addr_t *nf + return 1; + + if (nfs_mount_data_version >= 4) +- return probe_port(nfs_server, probe_nfs3_first, probe_tcp_first); ++ return probe_port(nfs_server, probe_nfs3_first, probe_tcp_first, ++ ping); + else +- return probe_port(nfs_server, probe_nfs2_only, probe_udp_only); ++ return probe_port(nfs_server, probe_nfs2_only, probe_udp_only, ++ ping); + } + +-static int probe_mntport(clnt_addr_t *mnt_server) ++static int probe_mntport(clnt_addr_t *mnt_server, int ping) + { + struct pmap *pmap = &mnt_server->pmap; + +@@ -586,9 +591,11 @@ static int probe_mntport(clnt_addr_t *mn + return 1; + + if (nfs_mount_data_version >= 4) +- return probe_port(mnt_server, probe_mnt3_first, probe_udp_first); ++ return probe_port(mnt_server, probe_mnt3_first, probe_udp_first, ++ ping); + else +- return probe_port(mnt_server, probe_mnt1_first, probe_udp_only); ++ return probe_port(mnt_server, probe_mnt1_first, probe_udp_only, ++ ping); + } + + /** +@@ -601,7 +608,7 @@ static int probe_mntport(clnt_addr_t *mn + * + * A side effect of calling this function is that rpccreateerr is set. + */ +-int probe_bothports(clnt_addr_t *mnt_server, clnt_addr_t *nfs_server) ++int probe_bothports(clnt_addr_t *mnt_server, clnt_addr_t *nfs_server, int ping) + { + struct pmap *nfs_pmap = &nfs_server->pmap; + struct pmap *mnt_pmap = &mnt_server->pmap; +@@ -623,9 +630,9 @@ int probe_bothports(clnt_addr_t *mnt_ser + + for (; *probe_vers; probe_vers++) { + nfs_pmap->pm_vers = mntvers_to_nfs(*probe_vers); +- if ((res = probe_nfsport(nfs_server) != 0)) { ++ if ((res = probe_nfsport(nfs_server, ping) != 0)) { + mnt_pmap->pm_vers = *probe_vers; +- if ((res = probe_mntport(mnt_server)) != 0) ++ if ((res = probe_mntport(mnt_server, ping)) != 0) + return 1; + memcpy(mnt_pmap, &save_mnt, sizeof(*mnt_pmap)); + } +@@ -643,9 +650,9 @@ out_bad: + return 0; + + version_fixed: +- if (!probe_nfsport(nfs_server)) ++ if (!probe_nfsport(nfs_server, ping)) + goto out_bad; +- return probe_mntport(mnt_server); ++ return probe_mntport(mnt_server, ping); + } + + static int probe_statd(void) +@@ -712,7 +719,7 @@ int nfs_call_umount(clnt_addr_t *mnt_ser + enum clnt_stat res = 0; + int msock; + +- if (!probe_mntport(mnt_server)) ++ if (!probe_mntport(mnt_server, 0)) + return 0; + clnt = mnt_openclnt(mnt_server, &msock); + if (!clnt) +--- nfs-utils-1.1.3.orig/utils/mount/network.h ++++ nfs-utils-1.1.3/utils/mount/network.h +@@ -39,7 +39,7 @@ typedef struct { + static const struct timeval TIMEOUT = { 20, 0 }; + static const struct timeval RETRY_TIMEOUT = { 3, 0 }; + +-int probe_bothports(clnt_addr_t *, clnt_addr_t *); ++int probe_bothports(clnt_addr_t *, clnt_addr_t *, int); + int nfs_gethostbyname(const char *, struct sockaddr_in *); + int nfs_name_to_address(const char *, const sa_family_t, + struct sockaddr *, socklen_t *); +--- nfs-utils-1.1.3.orig/utils/mount/nfsmount.c ++++ nfs-utils-1.1.3/utils/mount/nfsmount.c +@@ -129,7 +129,7 @@ nfs_call_mount(clnt_addr_t *mnt_server, + enum clnt_stat stat; + int msock; + +- if (!probe_bothports(mnt_server, nfs_server)) ++ if (!probe_bothports(mnt_server, nfs_server, 1)) + goto out_bad; + + clnt = mnt_openclnt(mnt_server, &msock); +--- nfs-utils-1.1.3.orig/utils/mount/stropts.c ++++ nfs-utils-1.1.3/utils/mount/stropts.c +@@ -314,7 +314,7 @@ static int nfs_is_permanent_error(int er + * Returns a new group of mount options if successful; otherwise + * NULL is returned if some failure occurred. + */ +-static struct mount_options *nfs_rewrite_mount_options(char *str) ++static struct mount_options *nfs_rewrite_mount_options(char *str, int ping) + { + struct mount_options *options; + char *option, new_option[64]; +@@ -405,7 +405,7 @@ static struct mount_options *nfs_rewrite + po_remove_all(options, "tcp"); + po_remove_all(options, "udp"); + +- if (!probe_bothports(&mnt_server, &nfs_server)) { ++ if (!probe_bothports(&mnt_server, &nfs_server, ping)) { + errno = ESPIPE; + goto err; + } +@@ -441,11 +441,6 @@ static struct mount_options *nfs_rewrite + if (po_append(options, new_option) == PO_FAILED) + goto err; + +- snprintf(new_option, sizeof(new_option) - 1, +- "mountport=%lu", mnt_server.pmap.pm_port); +- if (po_append(options, new_option) == PO_FAILED) +- goto err; +- + errno = 0; + return options; + +@@ -486,13 +481,13 @@ static int nfs_sys_mount(const struct nf + * 'extra_opts' are updated to reflect the mount options that worked. + * If the retry fails, 'options' and 'extra_opts' are left unchanged. + */ +-static int nfs_retry_nfs23mount(struct nfsmount_info *mi) ++static int nfs_try_nfs23mount_probe(struct nfsmount_info *mi, int ping) + { + struct mount_options *retry_options; + char *retry_str = NULL; + char **extra_opts = mi->extra_opts; + +- retry_options = nfs_rewrite_mount_options(*extra_opts); ++ retry_options = nfs_rewrite_mount_options(*extra_opts, ping); + if (!retry_options) + return 0; + +@@ -547,7 +542,7 @@ static int nfs_try_nfs23mount(struct nfs + if (mi->fake) + return 1; + +- if (nfs_sys_mount(mi, "nfs", *extra_opts)) ++ if (nfs_try_nfs23mount_probe(mi, 0)) + return 1; + + /* +@@ -557,7 +552,8 @@ static int nfs_try_nfs23mount(struct nfs + if (errno != EOPNOTSUPP && errno != EPROTONOSUPPORT) + return 0; + +- return nfs_retry_nfs23mount(mi); ++ /* Probe harder */ ++ return nfs_try_nfs23mount_probe(mi, 1); + } + + /* diff --git a/nfs-utils-1.1.3.tar.bz2 b/nfs-utils-1.1.3.tar.bz2 new file mode 100644 index 0000000..8eb24d9 --- /dev/null +++ b/nfs-utils-1.1.3.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:f82c497c449cdbecd1ce116863b8fff0e2983aa53eca89043fec4006f6e869f7 +size 573942 diff --git a/nfs-utils-1.2.1.tar.bz2 b/nfs-utils-1.2.1.tar.bz2 deleted file mode 100644 index 55784f8..0000000 --- a/nfs-utils-1.2.1.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:f4fc8fd71f562564de051d681997be3dd7753fb93f8a3a0eb7c5835f0f04fa6d -size 685942 diff --git a/nfs-utils.changes b/nfs-utils.changes index 84d9a4d..8ed8309 100644 --- a/nfs-utils.changes +++ b/nfs-utils.changes @@ -1,29 +1,3 @@ -------------------------------------------------------------------- -Thu Nov 5 03:16:22 UTC 2009 - nfbrown@novell.com - -- New upsteam release - 1.2.1 - Includes new config file: /etc/nfsmount.conf and - man page. -- nfs.init - * implement try-restart in a more gentle fashion - so that active mounts are not lost. Also allow - for the fact that binary has changed when finding - and killing running daemons. (bnc#5439110) -- start-statd - * try-restart the firewall after starting statd - as the firewall might need to update to reflect - a new port number. -- Start nfs services if any nfs related sysctl - is set in /etc/sysctl.conf - -------------------------------------------------------------------- -Fri Oct 30 05:43:32 CET 2009 - nfbrown@suse.de - -- Kill processes on NFS mounts when unmounting - for shutdown. This allows any 'sync' to happen - before we turn off the network. - (bnc#503640) - ------------------------------------------------------------------- Tue Oct 6 14:14:24 CEST 2009 - werner@suse.de diff --git a/nfs-utils.spec b/nfs-utils.spec index 16b53fa..3d8e853 100644 --- a/nfs-utils.spec +++ b/nfs-utils.spec @@ -1,5 +1,5 @@ # -# spec file for package nfs-utils (Version 1.2.1) +# spec file for package nfs-utils (Version 1.1.3) # # Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany. # @@ -26,8 +26,8 @@ BuildRequires: libevent %endif Url: http://nfs.sourceforge.net Summary: Support Utilities for Kernel nfsd -Version: 1.2.1 -Release: 0 +Version: 1.1.3 +Release: 20 Group: Productivity/Networking/NFS License: GPL v2 or later BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -45,10 +45,14 @@ Source7: fw-client Source8: fw-server Source9: mkinitrd-setup.sh Source10: mkinitrd-boot.sh -Source11: idmapd.conf -Source12: start-statd Patch0: nfs-utils-1.0.7-bind-syntax.patch -Patch1: warn-nfs-udp.patch +Patch1: nfs-utils-1.1.2-try-before-mount.patch +Patch2: nfs-utils-1.1.2-connect-UDP.patch +Patch3: sm-notify-no-sync.patch +Patch4: rpc.gssd-catch-signal.patch +Patch5: fork-start-statd.patch +Patch6: warn-nfs-udp.patch +Patch7: svcgssd-mem-leak %description This package contains the NFS utilities. You can tune the number of @@ -127,6 +131,12 @@ Authors: %setup -q -n nfs-utils-%{version} -a 1 %patch0 -p1 %patch1 -p1 +%patch2 -p1 +%patch3 -p1 +%patch4 -p1 +%patch5 -p1 +%patch6 -p1 +%patch7 -p1 cp %{S:6} . %build @@ -138,7 +148,6 @@ CFLAGS="$RPM_OPT_FLAGS -fPIE -fno-strict-aliasing" LDFLAGS="-pie" ./configure \ --enable-nfsv4 \ --enable-gss \ --enable-mount \ - --enable-mountconfig \ --with-krb5=/usr/lib/mit make cd nfs @@ -151,7 +160,7 @@ sed -i \ done %install -make install-strip DESTDIR=$RPM_BUILD_ROOT +make install DESTDIR=$RPM_BUILD_ROOT rm -f linux-nfs/Makefile* # rc-script install -d $RPM_BUILD_ROOT/etc/init.d @@ -163,7 +172,7 @@ ln -sf ../../etc/init.d/nfs $RPM_BUILD_ROOT/usr/sbin/rcnfs mkdir -p $RPM_BUILD_ROOT/var/adm/fillup-templates install -m 644 %{SOURCE4} $RPM_BUILD_ROOT/var/adm/fillup-templates # idmapd setup -install -m 644 %{S:11} $RPM_BUILD_ROOT/etc/idmapd.conf +install -m 644 utils/idmapd/idmapd.conf $RPM_BUILD_ROOT/etc/idmapd.conf mkdir -p -m 755 $RPM_BUILD_ROOT/var/lib/nfs/rpc_pipefs mkdir -p -m 755 $RPM_BUILD_ROOT/var/lib/nfs/v4recovery mkdir -p -m 755 $RPM_BUILD_ROOT/usr/share/omc/svcinfo.d @@ -178,8 +187,7 @@ install -m 0644 %{SOURCE8} ${RPM_BUILD_ROOT}/etc/sysconfig/SuSEfirewall2.d/servi install -d $RPM_BUILD_ROOT/lib/mkinitrd/scripts install -m 755 %{S:9} $RPM_BUILD_ROOT/lib/mkinitrd/scripts/setup-nfs.sh install -m 755 %{S:10} $RPM_BUILD_ROOT/lib/mkinitrd/scripts/boot-nfs.sh -install -m 755 %{S:12} $RPM_BUILD_ROOT/usr/sbin/start-statd -install -m 644 utils/mount/nfsmount.conf $RPM_BUILD_ROOT/etc/nfsmount.conf + %clean rm -rf $RPM_BUILD_ROOT @@ -212,7 +220,6 @@ rm -rf $RPM_BUILD_ROOT %defattr(-,root,root) %config /etc/init.d/nfs %config /etc/idmapd.conf -%config /etc/nfsmount.conf %dir /lib/mkinitrd %dir /lib/mkinitrd/scripts /lib/mkinitrd/scripts/setup-nfs.sh @@ -233,7 +240,6 @@ rm -rf $RPM_BUILD_ROOT /usr/sbin/sm-notify /usr/sbin/start-statd %{_mandir}/man5/idmapd.conf.5.gz -%{_mandir}/man5/nfsmount.conf.5.gz %{_mandir}/man5/nfs.5.gz %{_mandir}/man8/mount.nfs.8.gz %{_mandir}/man8/nfsstat.8.gz diff --git a/nfs.init b/nfs.init index 0a281e5..99f99be 100644 --- a/nfs.init +++ b/nfs.init @@ -39,9 +39,6 @@ usr="" opt="" mnt="" nfs=$NFS_START_SERVICES -if [ "x$nfs" != "xyes" ] -then nfs=no -fi while read what where type options rest ; do case "$what" in @@ -92,9 +89,6 @@ fi if test "$NFS4_SUPPORT" = yes ; then NEED_IDMAPD=yes fi -if grep -E '^(sunrpc|fs.nfs)' /etc/sysctl.conf > /dev/null 2>&1 ; then - nfs=yes -fi check_portmap() { # check if either portmap or rpcbind is running @@ -150,7 +144,7 @@ do_start_gssd() { do_start_idmapd() { mount_rpc_pipefs - # as idmapd needs to be run by server and client + # as idmapd needs to be run be server and client # check if there is already a idmapd running if checkproc $IDMAPD_BIN && test -f $IDMAPD_SERVER_STATE; then killproc -HUP $IDMAPD_BIN @@ -170,7 +164,7 @@ case "$1-$nfs" in echo -n "Not starting NFS client services - no NFS found in /etc/fstab:" rc_status -u ;; - start-yes|force-start-*) + start-yes|reload-yes|force-start-*) echo -n "Starting NFS client services:" if ! check_portmap ; then echo "portmap/rpcbind is not running" @@ -245,18 +239,7 @@ case "$1-$nfs" in echo -n " root filesystem is on NFS" rc_status -s else - # kill process to maximise chance that umount succeeds - mnt=`awk '$3 ~ /^nfs4*$/ {print $2}' /proc/mounts` - runlevel=`runlevel | awk '{print $2}'` - if test "$runlevel" -eq 0 -o "$runlevel" -eq 6; then - if test -n "$mnt" ; then - /sbin/mkill -TERM $mnt - fi - fi - # if filesystems are not busy, wait for unmount to complete.. - umount -at nfs,nfs4 - # if they are still busy, do a lazy unmount anyway. umount -alt nfs,nfs4 # stop gssd @@ -288,14 +271,7 @@ case "$1-$nfs" in rc_status -v fi ;; - reload*|force-reload*) - # only IDMAP has any sense in which 'reload' makes sense. - if checkproc $IDMAPD_BIN; then - killproc -HUP $IDMAPD_BIN - fi - rc_status - ;; - restart*) + restart*|force-reload*) ## Stop the service and regardless of whether it was ## running or not, start it again. $0 stop @@ -325,28 +301,13 @@ case "$1-$nfs" in rc_status -v ;; try-restart*|condrestart*) - # This restart is not only conditional on the services already - # running, but is also gentler in that NFS filesystems are - # not unmounted or remounted. - # It is possible that the programs have been reinstalled so - # we pass a basename rather than a full path to checkproc and killproc - echo -n "Restarting NFS services:" - if checkproc ${GSSD_BIN##*/}; then - echo -n " gssd" - killproc ${GSSD_BIN##*/} - startproc $GSSD_BIN + $0 status + if test $? -eq 0; then + $0 restart + else + rc_reset fi - if checkproc ${IDMAPD_BIN##*/}; then - echo -n " idmapd" - killproc ${IDMAPD_BIN##*/} - startproc $IDMAPD_BIN - fi - if checkproc ${STATD_BIN##*/}; then - echo -n " statd" - killproc ${STATD_BIN##*/} - /usr/sbin/start-statd - fi - rc_status -v + rc_status ;; *) echo "Usage: $0 {start|stop|status|reload|force-reload|restart|try-restart}" diff --git a/rpc.gssd-catch-signal.patch b/rpc.gssd-catch-signal.patch new file mode 100644 index 0000000..a692b74 --- /dev/null +++ b/rpc.gssd-catch-signal.patch @@ -0,0 +1,39 @@ +Make sure signal used by 'dnotify' is not blocked. + +Some desktop environments block all realtime signals +and they remain blocked for all child processes. +So if you run rpc.gssd from a terminal window, the +signal it used for dnotify is blocked and never +deliverred. So it doesn't work. + +So we unblock that signal. + +bnc#406832 + +Signed-off-by: NeilBrown + + +Index: nfs-utils-1.1.3/utils/gssd/gssd_main_loop.c +=================================================================== +--- nfs-utils-1.1.3.orig/utils/gssd/gssd_main_loop.c ++++ nfs-utils-1.1.3/utils/gssd/gssd_main_loop.c +@@ -99,6 +99,7 @@ gssd_run() + int ret; + struct sigaction dn_act; + int fd; ++ sigset_t set; + + /* Taken from linux/Documentation/dnotify.txt: */ + dn_act.sa_sigaction = dir_notify_handler; +@@ -106,6 +107,11 @@ gssd_run() + dn_act.sa_flags = SA_SIGINFO; + sigaction(DNOTIFY_SIGNAL, &dn_act, NULL); + ++ /* just in case the signal is blocked... */ ++ sigemptyset(&set); ++ sigaddset(&set, DNOTIFY_SIGNAL); ++ sigprocmask(SIG_UNBLOCK, &set, NULL); ++ + if ((fd = open(pipefs_nfsdir, O_RDONLY)) == -1) { + printerr(0, "ERROR: failed to open %s: %s\n", + pipefs_nfsdir, strerror(errno)); diff --git a/sm-notify-no-sync.patch b/sm-notify-no-sync.patch new file mode 100644 index 0000000..b0fd335 --- /dev/null +++ b/sm-notify-no-sync.patch @@ -0,0 +1,53 @@ +From c8d18e26d2a53d9036a32c2dafebccaf4ce1634d Mon Sep 17 00:00:00 2001 +From: Phil Endecott +Date: Tue, 14 Oct 2008 14:36:58 -0400 +Subject: [PATCH] sm-notify should exit as soon as its determined + there are no hosts to notify. This also decreases + start up time by a few seconds. + +Signed-off-by: Steve Dickson +--- + utils/statd/sm-notify.c | 13 ++++++++++--- + 1 files changed, 10 insertions(+), 3 deletions(-) + +Index: nfs-utils-1.1.3/utils/statd/sm-notify.c +=================================================================== +--- nfs-utils-1.1.3.orig/utils/statd/sm-notify.c ++++ nfs-utils-1.1.3/utils/statd/sm-notify.c +@@ -152,9 +152,13 @@ usage: fprintf(stderr, + return 1; + } + ++ log_syslog = 1; ++ openlog("sm-notify", LOG_PID, LOG_DAEMON); ++ + if (strcmp(_SM_BASE_PATH, BASEDIR) == 0) { + if (record_pid() == 0 && force == 0 && opt_update_state == 1) + /* already run, don't try again */ ++ nsm_log(LOG_NOTICE, "Already notifying clients; Exiting!"); + exit(0); + } + +@@ -169,6 +173,12 @@ usage: fprintf(stderr, + backup_hosts(_SM_DIR_PATH, _SM_BAK_PATH); + get_hosts(_SM_BAK_PATH); + ++ /* If there are not hosts to notify, just exit */ ++ if (!hosts) { ++ nsm_log(LOG_DEBUG, "No hosts to notify; exiting"); ++ return 0; ++ } ++ + /* Get and update the NSM state. This will call sync() */ + nsm_state = nsm_get_state(opt_update_state); + set_kernel_nsm_state(nsm_state); +@@ -177,9 +187,6 @@ usage: fprintf(stderr, + if (!opt_quiet) + printf("Backgrounding to notify hosts...\n"); + +- openlog("sm-notify", LOG_PID, LOG_DAEMON); +- log_syslog = 1; +- + if (daemon(0, 0) < 0) { + nsm_log(LOG_WARNING, "unable to background: %s", + strerror(errno)); diff --git a/start-statd b/start-statd deleted file mode 100644 index 156513c..0000000 --- a/start-statd +++ /dev/null @@ -1,12 +0,0 @@ -#!/bin/sh -p -# nfsmount calls this script when mounting a filesystem with locking -# enabled, but when statd does not seem to be running (based on -# /var/run/rpc.statd.pid). -# It should run run statd with whatever flags are apropriate for this -# site. -PATH=/sbin:/usr/sbin:/bin:/usr/bin -rpc.statd --no-notify -# in case firewall needs to punch a hole for the -# statd port... -/etc/init.d/SuSEfirewall2_setup try-restart > /dev/null 2>&1 - diff --git a/svcgssd-mem-leak b/svcgssd-mem-leak new file mode 100644 index 0000000..b625ef4 --- /dev/null +++ b/svcgssd-mem-leak @@ -0,0 +1,49 @@ +Set a more reasonable timeout for gss auth cache. + +svcgssd gives info to the kernel to gss authentication +and encryption. +This information currently has no expiry time and is never +flushed so it will collected forever and eventually +cause a significant waste of memory. + +So set the expiry times smaller. +For session initialisation, the context info should only be needed once. +So set a timeout of one minutes. + +For ongoing context information it could be needed for some time, +so set a timeot of one hour. + +See bnc#442490 + +From: NeilBrown +Signed-off-by: NeilBrown + +--- + utils/svcgssd/svcgssd_proc.c | 7 +++++-- + 1 file changed, 5 insertions(+), 2 deletions(-) + +Index: nfs-utils-1.1.3/utils/gssd/svcgssd_proc.c +=================================================================== +--- nfs-utils-1.1.3.orig/utils/gssd/svcgssd_proc.c ++++ nfs-utils-1.1.3/utils/gssd/svcgssd_proc.c +@@ -86,7 +86,9 @@ do_svc_downcall(gss_buffer_desc *out_han + } + qword_printhex(f, out_handle->value, out_handle->length); + /* XXX are types OK for the rest of this? */ +- qword_printint(f, 0x7fffffff); /*XXX need a better timeout */ ++ ++ /* 'context' could be needed for a while. */ ++ qword_printint(f, time(0) + 60*60); + qword_printint(f, cred->cr_uid); + qword_printint(f, cred->cr_gid); + qword_printint(f, cred->cr_ngroups); +@@ -130,7 +132,8 @@ send_response(FILE *f, gss_buffer_desc * + + qword_addhex(&bp, &blen, in_handle->value, in_handle->length); + qword_addhex(&bp, &blen, in_token->value, in_token->length); +- qword_addint(&bp, &blen, 0x7fffffff); /*XXX need a better timeout */ ++ /* INIT context info will only be needed for a short while */ ++ qword_addint(&bp, &blen, time(0) + 60); + qword_adduint(&bp, &blen, maj_stat); + qword_adduint(&bp, &blen, min_stat); + qword_addhex(&bp, &blen, out_handle->value, out_handle->length); diff --git a/warn-nfs-udp.patch b/warn-nfs-udp.patch index 76b134d..8b1bf78 100644 --- a/warn-nfs-udp.patch +++ b/warn-nfs-udp.patch @@ -1,12 +1,8 @@ ---- - utils/mount/nfs.man | 83 +++++++++++++++++++++++++++++++++++++++++++++++++ - utils/mount/nfsmount.c | 3 + - utils/mount/stropts.c | 13 +++++++ - 3 files changed, 99 insertions(+) - ---- nfs-utils-1.2.1.orig/utils/mount/nfs.man -+++ nfs-utils-1.2.1/utils/mount/nfs.man -@@ -497,6 +497,8 @@ Specifying +Index: nfs-utils-1.1.3/utils/mount/nfs.man +=================================================================== +--- nfs-utils-1.1.3.orig/utils/mount/nfs.man ++++ nfs-utils-1.1.3/utils/mount/nfs.man +@@ -438,6 +438,8 @@ Specifying .B proto=udp forces all traffic types to use UDP. .IP @@ -15,7 +11,7 @@ If the .B proto mount option is not specified, the -@@ -511,6 +513,8 @@ The +@@ -452,6 +454,8 @@ The option is an alternative to specifying .BR proto=udp. It is included for compatibility with other operating systems. @@ -24,19 +20,28 @@ .TP 1.5i .B tcp The -@@ -896,6 +900,8 @@ in a single frame) is advised. This r - the loss of a single MTU-sized network frame results in the loss of +@@ -799,7 +803,7 @@ dropped requests, but this can result in + and server load. + .P + However, UDP can be quite effective in specialized settings where +-the network’s MTU is large relative to NFS’s data transfer size (such ++the network's MTU is large relative to NFS's data transfer size (such + as network environments that enable jumbo Ethernet frames). In such + environments, trimming the + .B rsize +@@ -811,6 +815,8 @@ in a single frame) is advised. This r + the loss of a single MTU-sized network frame results in the loss of an entire large read or write request. .P +Please see also the WARNINGS section below. +.P - TCP is the default transport protocol used for all modern NFS + TCP is the default transport protocol used for all modern NFS implementations. It performs well in almost every conceivable - network environment and provides excellent guarantees against data -@@ -1444,6 +1450,83 @@ of Access Control Lists that are semanti - NFS version 4 ACLs are not fully compatible with POSIX ACLs; as such, + network environment and provides excellent guarantees against data +@@ -1179,6 +1185,83 @@ of Access Control Lists that are semanti + NFS version 4 ACLs are not fully compatible with POSIX ACLs; as such, some translation between the two is required - in an environment that mixes POSIX ACLs and NFS version 4. + in an environment that mixes POSIX ACLs and NFS version 4. +.SH WARNINGS +Using NFS over UDP on high-speed links such as Gigabit +.BR "can cause silent data corruption" . @@ -117,8 +122,10 @@ .SH FILES .TP 1.5i .I /etc/fstab ---- nfs-utils-1.2.1.orig/utils/mount/nfsmount.c -+++ nfs-utils-1.2.1/utils/mount/nfsmount.c +Index: nfs-utils-1.1.3/utils/mount/nfsmount.c +=================================================================== +--- nfs-utils-1.1.3.orig/utils/mount/nfsmount.c ++++ nfs-utils-1.1.3/utils/mount/nfsmount.c @@ -263,6 +263,9 @@ parse_options(char *old_opts, struct nfs if (!strcmp(opteq+1, "udp")) { nfs_pmap->pm_prot = IPPROTO_UDP; @@ -129,16 +136,47 @@ #if NFS_MOUNT_VERSION >= 2 data->flags &= ~NFS_MOUNT_TCP; } else if (!strcmp(opteq+1, "tcp") && ---- nfs-utils-1.2.1.orig/utils/mount/stropts.c -+++ nfs-utils-1.2.1/utils/mount/stropts.c -@@ -530,11 +530,24 @@ static int nfs_sys_mount(struct nfsmount +Index: nfs-utils-1.1.3/utils/mount/stropts.c +=================================================================== +--- nfs-utils-1.1.3.orig/utils/mount/stropts.c ++++ nfs-utils-1.1.3/utils/mount/stropts.c +@@ -389,14 +389,28 @@ static struct mount_options *nfs_rewrite + po_remove_all(options, "proto"); + } + if (strcmp(option, "udp") == 0) { ++ static int once = 0; + nfs_server.pmap.pm_prot = IPPROTO_UDP; + po_remove_all(options, "proto"); ++ if (!once) ++ fprintf(stderr, ++ "Using NFS over UDP can cause data corruption.\n" ++ "Please refer to the WARNINGS section of the nfs(5) manual page.\n"); ++ once = 1; ++ + } + } + p = po_rightmost(options, "tcp", "udp"); + switch (p) { + case PO_KEY2_RIGHTMOST: + nfs_server.pmap.pm_prot = IPPROTO_UDP; ++ {static int once = 0; ++ if (!once) ++ fprintf(stderr, ++ "Using NFS over UDP can cause data corruption.\n" ++ "Please refer to the WARNINGS section of the nfs(5) manual page.\n"); ++ once = 1; ++ } + break; + case PO_KEY1_RIGHTMOST: + nfs_server.pmap.pm_prot = IPPROTO_TCP; +@@ -565,11 +579,24 @@ static int nfs_try_nfs23mount(struct nfs + static int nfs_try_nfs4mount(struct nfsmount_info *mi) { - char *options = NULL; - int result; + char **extra_opts = mi->extra_opts; + char *proto; + static int once = 0; - if (po_join(opts, &options) == PO_FAILED) { + if (po_join(mi->options, extra_opts) == PO_FAILED) { errno = EIO; return 0; } @@ -155,4 +193,4 @@ + if (verbose) - printf(_("%s: trying text-based options '%s'\n"), + printf(_("%s: text-based options: '%s'\n"),