From 2bd1d69addffbe90adbb4bccae6810ea8d7e2b3db33486a971398dcf29703e65 Mon Sep 17 00:00:00 2001 From: Neil Brown Date: Fri, 8 Dec 2023 03:33:59 +0000 Subject: [PATCH] - Update to version 2.6.4 - https://kernel.org/pub/linux/utils/nfs-utils/2.6.4/2.6.4-Changelog - includes fixes for bsc#1210997 - Removed patchs from this release - 0001-export-fix-handling-of-error-from-match_fsid.patch - Added some upstream patches - 0001-exportfs-remove-warning-if-neither-subtree_check-or-.patch - 0002-conffile-don-t-report-error-from-conf_init_file.patch - 0003-conffile-allow-usr-etc-to-provide-any-config-files-e.patch - 0004-fsidd-call-anonymous-sockets-by-their-name-only-don-.patch These fix minor bugs and allow config files to be in /usr/etc. So also move config files to /usr/etc and create directories foo.conf.d for each config file, so other config file can easily be addded. (boo#1216740) OBS-URL: https://build.opensuse.org/package/show/Base:System/nfs-utils?expand=0&rev=281 --- ...ix-handling-of-error-from-match_fsid.patch | 34 ---- ...warning-if-neither-subtree_check-or-.patch | 167 ++++++++++++++++ ...n-t-report-error-from-conf_init_file.patch | 179 +++++++++++++++++ ...sr-etc-to-provide-any-config-files-e.patch | 188 ++++++++++++++++++ ...mous-sockets-by-their-name-only-don-.patch | 115 +++++++++++ nfs-utils-2.6.3.tar.xz | 3 - nfs-utils-2.6.4.tar.xz | 3 + nfs-utils.changes | 19 ++ nfs-utils.spec | 32 ++- nfs.conf | 64 +----- 10 files changed, 698 insertions(+), 106 deletions(-) delete mode 100644 0001-export-fix-handling-of-error-from-match_fsid.patch create mode 100644 0001-exportfs-remove-warning-if-neither-subtree_check-or-.patch create mode 100644 0002-conffile-don-t-report-error-from-conf_init_file.patch create mode 100644 0003-conffile-allow-usr-etc-to-provide-any-config-files-e.patch create mode 100644 0004-fsidd-call-anonymous-sockets-by-their-name-only-don-.patch delete mode 100644 nfs-utils-2.6.3.tar.xz create mode 100644 nfs-utils-2.6.4.tar.xz diff --git a/0001-export-fix-handling-of-error-from-match_fsid.patch b/0001-export-fix-handling-of-error-from-match_fsid.patch deleted file mode 100644 index f89bbd1..0000000 --- a/0001-export-fix-handling-of-error-from-match_fsid.patch +++ /dev/null @@ -1,34 +0,0 @@ -From 0f46b6728d0f45393eb0e33a90fcfa2147271275 Mon Sep 17 00:00:00 2001 -From: NeilBrown -Date: Wed, 11 Oct 2023 12:32:25 +1100 -Subject: [PATCH] export: fix handling of error from match_fsid() - -If match_fsid() returns -1 we shouldn't assume that the path definitely -doesn't match the fsid, though it might not. -This is a similar situation to where an export is expected to be a mount -point, but is found not to be one. So it can be handled the same way, -by setting 'dev_missing'. -This will only have an effect is no other path matched the fsid, which -is what we want. - -The current code results in nothing being exported and any export point, -or any mount point beneath a crossmnt export point fail a 'stat' -request, which is too harsh. - -Signed-off-by: NeilBrown ---- - support/export/cache.c | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - ---- a/support/export/cache.c -+++ b/support/export/cache.c -@@ -858,7 +858,8 @@ static void nfsd_fh(int f) - case 0: - continue; - case -1: -- goto out; -+ dev_missing ++; -+ continue; - } - if (is_ipaddr_client(dom) - && !ipaddr_client_matches(exp, ai)) diff --git a/0001-exportfs-remove-warning-if-neither-subtree_check-or-.patch b/0001-exportfs-remove-warning-if-neither-subtree_check-or-.patch new file mode 100644 index 0000000..69245cd --- /dev/null +++ b/0001-exportfs-remove-warning-if-neither-subtree_check-or-.patch @@ -0,0 +1,167 @@ +From 40d6d58ee6e58f50d5f1aaf8c1253b2338bd7d06 Mon Sep 17 00:00:00 2001 +From: NeilBrown +Date: Mon, 27 Nov 2023 10:12:19 -0500 +Subject: [PATCH] exportfs: remove warning if neither subtree_check or + no_subtree_check is given + +This warning was only ever intended as a transitional aid. +It doesn't serve any purpose any longer. Let's remove it. + +Also clean up some white-space issues. + +Signed-off-by: NeilBrown +Signed-off-by: Steve Dickson +--- + support/export/export.c | 2 +- + support/export/xtab.c | 2 +- + support/include/nfslib.h | 2 +- + support/nfs/exports.c | 43 +++++++++++++++++----------------------- + 4 files changed, 21 insertions(+), 28 deletions(-) + +diff --git a/support/export/export.c b/support/export/export.c +index 3e48c42def19..100912cb29c3 100644 +--- a/support/export/export.c ++++ b/support/export/export.c +@@ -119,7 +119,7 @@ export_read(char *fname, int ignore_hosts) + int reexport_found = 0; + + setexportent(fname, "r"); +- while ((eep = getexportent(0,1)) != NULL) { ++ while ((eep = getexportent(0)) != NULL) { + exp = export_lookup(eep->e_hostname, eep->e_path, ignore_hosts); + if (!exp) { + if (export_create(eep, 0)) +diff --git a/support/export/xtab.c b/support/export/xtab.c +index e210ca99d574..282f15bc79cd 100644 +--- a/support/export/xtab.c ++++ b/support/export/xtab.c +@@ -47,7 +47,7 @@ xtab_read(char *xtab, char *lockfn, int is_export) + setexportent(xtab, "r"); + if (is_export == 1) + v4root_needed = 1; +- while ((xp = getexportent(is_export==0, 0)) != NULL) { ++ while ((xp = getexportent(is_export==0)) != NULL) { + if (!(exp = export_lookup(xp->e_hostname, xp->e_path, is_export != 1)) && + !(exp = export_create(xp, is_export!=1))) { + if(xp->e_hostname) { +diff --git a/support/include/nfslib.h b/support/include/nfslib.h +index bdbde78d9ebd..eff2a486307f 100644 +--- a/support/include/nfslib.h ++++ b/support/include/nfslib.h +@@ -111,7 +111,7 @@ struct rmtabent { + * configuration file parsing + */ + void setexportent(char *fname, char *type); +-struct exportent * getexportent(int,int); ++struct exportent * getexportent(int); + void secinfo_show(FILE *fp, struct exportent *ep); + void xprtsecinfo_show(FILE *fp, struct exportent *ep); + void putexportent(struct exportent *xep); +diff --git a/support/nfs/exports.c b/support/nfs/exports.c +index 15dc574cc21a..a6816e60d62e 100644 +--- a/support/nfs/exports.c ++++ b/support/nfs/exports.c +@@ -59,7 +59,7 @@ static int *squids = NULL, nsquids = 0, + + static int getexport(char *exp, int len); + static int getpath(char *path, int len); +-static int parseopts(char *cp, struct exportent *ep, int warn, int *had_subtree_opt_ptr); ++static int parseopts(char *cp, struct exportent *ep, int *had_subtree_opt_ptr); + static int parsesquash(char *list, int **idp, int *lenp, char **ep); + static int parsenum(char **cpp); + static void freesquash(void); +@@ -109,7 +109,7 @@ static void init_exportent (struct exportent *ee, int fromkernel) + } + + struct exportent * +-getexportent(int fromkernel, int fromexports) ++getexportent(int fromkernel) + { + static struct exportent ee, def_ee; + char exp[512], *hostname; +@@ -147,7 +147,7 @@ getexportent(int fromkernel, int fromexports) + * we're not reading from the kernel. + */ + if (exp[0] == '-' && !fromkernel) { +- if (parseopts(exp + 1, &def_ee, 0, &has_default_subtree_opts) < 0) ++ if (parseopts(exp + 1, &def_ee, &has_default_subtree_opts) < 0) + return NULL; + + has_default_opts = 1; +@@ -185,20 +185,20 @@ getexportent(int fromkernel, int fromexports) + } + ee.e_hostname = xstrdup(hostname); + +- if (parseopts(opt, &ee, fromexports && !has_default_subtree_opts, NULL) < 0) { +- if(ee.e_hostname) +- { +- xfree(ee.e_hostname); +- ee.e_hostname=NULL; +- } +- if(ee.e_uuid) +- { +- xfree(ee.e_uuid); +- ee.e_uuid=NULL; +- } ++ if (parseopts(opt, &ee, NULL) < 0) { ++ if(ee.e_hostname) ++ { ++ xfree(ee.e_hostname); ++ ee.e_hostname=NULL; ++ } ++ if(ee.e_uuid) ++ { ++ xfree(ee.e_uuid); ++ ee.e_uuid=NULL; ++ } + + return NULL; +- } ++ } + /* resolve symlinks */ + if (realpath(ee.e_path, rpath) != NULL) { + rpath[sizeof (rpath) - 1] = '\0'; +@@ -433,7 +433,7 @@ mkexportent(char *hname, char *path, char *options) + } + strncpy(ee.e_path, path, sizeof (ee.e_path)); + ee.e_path[sizeof (ee.e_path) - 1] = '\0'; +- if (parseopts(options, &ee, 0, NULL) < 0) ++ if (parseopts(options, &ee, NULL) < 0) + return NULL; + return ⅇ + } +@@ -441,7 +441,7 @@ mkexportent(char *hname, char *path, char *options) + int + updateexportent(struct exportent *eep, char *options) + { +- if (parseopts(options, eep, 0, NULL) < 0) ++ if (parseopts(options, eep, NULL) < 0) + return 0; + return 1; + } +@@ -632,7 +632,7 @@ void fix_pseudoflavor_flags(struct exportent *ep) + * Parse option string pointed to by cp and set mount options accordingly. + */ + static int +-parseopts(char *cp, struct exportent *ep, int warn, int *had_subtree_opt_ptr) ++parseopts(char *cp, struct exportent *ep, int *had_subtree_opt_ptr) + { + int had_subtree_opt = 0; + char *flname = efname?efname:"command line"; +@@ -852,13 +852,6 @@ bad_option: + ep->e_nsqgids = nsqgids; + + out: +- if (warn && !had_subtree_opt) +- xlog(L_WARNING, "%s [%d]: Neither 'subtree_check' or 'no_subtree_check' specified for export \"%s:%s\".\n" +- " Assuming default behaviour ('no_subtree_check').\n" +- " NOTE: this default has changed since nfs-utils version 1.0.x\n", +- +- flname, flline, +- ep->e_hostname, ep->e_path); + if (had_subtree_opt_ptr) + *had_subtree_opt_ptr = had_subtree_opt; + +-- +2.43.0 + diff --git a/0002-conffile-don-t-report-error-from-conf_init_file.patch b/0002-conffile-don-t-report-error-from-conf_init_file.patch new file mode 100644 index 0000000..6a49062 --- /dev/null +++ b/0002-conffile-don-t-report-error-from-conf_init_file.patch @@ -0,0 +1,179 @@ +From ed4dc834e1722b9217fae27da1adf29ab21d6a93 Mon Sep 17 00:00:00 2001 +From: NeilBrown +Date: Mon, 27 Nov 2023 10:30:43 -0500 +Subject: [PATCH] conffile: don't report error from conf_init_file() + +conf_init_file() currently reports an error if the main config file +doesn't exist - even if there are conf files in the conf.d directory. + +This is only used by nfsconfcli.c. However this is not needed. If +there is a real error, and error message is already logged. +If it is simply that the file doesn't exist, that isn't really an error. + +So remove the error messages and change conf_init_file() to not return +any status. + +Also fix up assorted nearby white-space issues. + +Signed-off-by: NeilBrown +Signed-off-by: Steve Dickson +--- + support/include/conffile.h | 2 +- + support/nfs/conffile.c | 32 ++++++++++++++------------------ + tools/nfsconf/nfsconfcli.c | 15 ++------------- + 3 files changed, 17 insertions(+), 32 deletions(-) + +diff --git a/support/include/conffile.h b/support/include/conffile.h +index c4a3ca62860e..c04cd1ec5c0c 100644 +--- a/support/include/conffile.h ++++ b/support/include/conffile.h +@@ -62,7 +62,7 @@ extern char *conf_get_str(const char *, const char *); + extern char *conf_get_str_with_def(const char *, const char *, char *); + extern char *conf_get_section(const char *, const char *, const char *); + extern char *conf_get_entry(const char *, const char *, const char *); +-extern int conf_init_file(const char *); ++extern void conf_init_file(const char *); + extern void conf_cleanup(void); + extern int conf_match_num(const char *, const char *, int); + extern int conf_remove(int, const char *, const char *); +diff --git a/support/nfs/conffile.c b/support/nfs/conffile.c +index fd4a17ad4293..6b813dd95147 100644 +--- a/support/nfs/conffile.c ++++ b/support/nfs/conffile.c +@@ -658,7 +658,7 @@ conf_load_file(const char *conf_file) + return 0; + } + +-static void ++static void + conf_init_dir(const char *conf_file) + { + struct dirent **namelist = NULL; +@@ -669,14 +669,14 @@ conf_init_dir(const char *conf_file) + dname = malloc(strlen(conf_file) + 3); + if (dname == NULL) { + xlog(L_WARNING, "conf_init_dir: malloc: %s", strerror(errno)); +- return; ++ return; + } + sprintf(dname, "%s.d", conf_file); + + n = scandir(dname, &namelist, NULL, versionsort); + if (n < 0) { + if (errno != ENOENT) { +- xlog(L_WARNING, "conf_init_dir: scandir %s: %s", ++ xlog(L_WARNING, "conf_init_dir: scandir %s: %s", + dname, strerror(errno)); + } + free(dname); +@@ -691,7 +691,7 @@ conf_init_dir(const char *conf_file) + for (i = 0; i < n; i++ ) { + struct dirent *d = namelist[i]; + +- switch (d->d_type) { ++ switch (d->d_type) { + case DT_UNKNOWN: + case DT_REG: + case DT_LNK: +@@ -701,13 +701,13 @@ conf_init_dir(const char *conf_file) + } + if (*d->d_name == '.') + continue; +- ++ + fname_len = strlen(d->d_name); + path_len = (fname_len + dname_len); + if (!fname_len || path_len > PATH_MAX) { + xlog(L_WARNING, "conf_init_dir: Too long file name: %s in %s", + d->d_name, dname); +- continue; ++ continue; + } + + /* +@@ -715,7 +715,7 @@ conf_init_dir(const char *conf_file) + * that end with CONF_FILE_EXT + */ + if (fname_len <= CONF_FILE_EXT_LEN) { +- xlog(D_GENERAL, "conf_init_dir: %s: name too short", ++ xlog(D_GENERAL, "conf_init_dir: %s: name too short", + d->d_name); + continue; + } +@@ -746,31 +746,29 @@ conf_init_dir(const char *conf_file) + free(namelist[i]); + free(namelist); + free(dname); +- ++ + return; + } + +-int ++void + conf_init_file(const char *conf_file) + { + unsigned int i; +- int ret; + + for (i = 0; i < sizeof conf_bindings / sizeof conf_bindings[0]; i++) + LIST_INIT (&conf_bindings[i]); + + TAILQ_INIT (&conf_trans_queue); + +- if (conf_file == NULL) +- conf_file=NFS_CONFFILE; ++ if (conf_file == NULL) ++ conf_file = NFS_CONFFILE; + + /* +- * First parse the give config file +- * then parse the config.conf.d directory ++ * First parse the give config file ++ * then parse the config.conf.d directory + * (if it exists) +- * + */ +- ret = conf_load_file(conf_file); ++ conf_load_file(conf_file); + + /* + * When the same variable is set in both files +@@ -779,8 +777,6 @@ conf_init_file(const char *conf_file) + * have the final say. + */ + conf_init_dir(conf_file); +- +- return ret; + } + + /* +diff --git a/tools/nfsconf/nfsconfcli.c b/tools/nfsconf/nfsconfcli.c +index b2ef96d1c600..bd9d52701aa6 100644 +--- a/tools/nfsconf/nfsconfcli.c ++++ b/tools/nfsconf/nfsconfcli.c +@@ -135,19 +135,8 @@ int main(int argc, char **argv) + return 1; + } + +- if (mode != MODE_SET && mode != MODE_UNSET) { +- if (conf_init_file(confpath)) { +- /* config file was missing or had an error, warn about it */ +- if (verbose || mode != MODE_ISSET) { +- fprintf(stderr, "Error loading config file %s\n", +- confpath); +- } +- +- /* this isnt fatal for --isset */ +- if (mode != MODE_ISSET) +- return 1; +- } +- } ++ if (mode != MODE_SET && mode != MODE_UNSET) ++ conf_init_file(confpath); + + /* --dump mode, output the current configuration */ + if (mode == MODE_DUMP) { +-- +2.43.0 + diff --git a/0003-conffile-allow-usr-etc-to-provide-any-config-files-e.patch b/0003-conffile-allow-usr-etc-to-provide-any-config-files-e.patch new file mode 100644 index 0000000..59a6fc5 --- /dev/null +++ b/0003-conffile-allow-usr-etc-to-provide-any-config-files-e.patch @@ -0,0 +1,188 @@ +From 6a714409b17ad2cca99d497129fc944a808eb446 Mon Sep 17 00:00:00 2001 +From: NeilBrown +Date: Mon, 27 Nov 2023 10:35:56 -0500 +Subject: [PATCH] conffile: allow /usr/etc to provide any config files expected + in /etc + +If any config file is configured to be in /etc, also read from /usr/etc. +This followed a growing trend of moving as much as possible out of / +and into /usr. + +See https://en.opensuse.org/openSUSE:Packaging_UsrEtc + +Signed-off-by: NeilBrown +Signed-off-by: Steve Dickson +--- + support/nfs/conffile.c | 26 +++++++++++++++----------- + support/nfsidmap/idmapd.conf.5 | 15 ++++++++++++++- + systemd/nfs.conf.man | 23 ++++++++++++++--------- + systemd/nfs.systemd.man | 10 +++++++++- + utils/mount/nfsmount.conf.man | 19 ++++++++++--------- + 5 files changed, 62 insertions(+), 31 deletions(-) + +--- a/support/nfs/conffile.c ++++ b/support/nfs/conffile.c +@@ -763,19 +763,23 @@ conf_init_file(const char *conf_file) + if (conf_file == NULL) + conf_file = NFS_CONFFILE; + +- /* +- * First parse the give config file +- * then parse the config.conf.d directory +- * (if it exists) ++ /* If the config file is in /etc (normal) then check ++ * /usr/etc first. Also check config.conf.d for files ++ * names *.conf. ++ * ++ * Content or later files always over-rides earlier ++ * files. + */ +- conf_load_file(conf_file); ++ if (strncmp(conf_file, "/etc/", 5) == 0) { ++ char *usrconf = NULL; + +- /* +- * When the same variable is set in both files +- * the conf.d file will override the config file. +- * This allows automated admin systems to +- * have the final say. +- */ ++ if (asprintf(&usrconf, "/usr%s", conf_file) > 0 && usrconf) { ++ conf_load_file(usrconf); ++ conf_init_dir(usrconf); ++ free(usrconf); ++ } ++ } ++ conf_load_file(conf_file); + conf_init_dir(conf_file); + } + +--- a/support/nfsidmap/idmapd.conf.5 ++++ b/support/nfsidmap/idmapd.conf.5 +@@ -37,7 +37,7 @@ Configuration file for libnfsidmap. Use + .SH DESCRIPTION + The + .B idmapd.conf +-configuration file consists of several sections, initiated by strings of the ++configuration files consists of several sections, initiated by strings of the + form [General] and [Mapping]. Each section may contain lines of the form + .nf + variable = value +@@ -398,6 +398,19 @@ LDAP_base = dc=org,dc=domain + .\" Additional sections + .\" ------------------------------------------------------------------- + .\" ++.SH FILES ++.I /usr/etc/idmapd.conf ++.br ++.I /usr/etc/idmapd.conf.d/*.conf ++.br ++.I /etc/idmapd.conf ++.br ++.I /etc/idmapd.conf.d/*.conf ++.br ++.IP ++Files are read in the order listed. Later settings override earlier ++settings. ++ + .SH SEE ALSO + .BR idmapd (8) + .BR svcgssd (8) +--- a/systemd/nfs.conf.man ++++ b/systemd/nfs.conf.man +@@ -2,10 +2,13 @@ + .SH NAME + nfs.conf \- general configuration for NFS daemons and tools + .SH SYNOPSIS ++.I /usr/etc/nfs.conf ++.I /usr/etc/nfs.conf.d/ + .I /etc/nfs.conf ++.I /etc/nfs.conf.d/ + .SH DESCRIPTION + .PP +-This file contains site-specific configuration for various NFS daemons ++These files contain site-specific configuration for various NFS daemons + and other processes. Most configuration can also be passed to + processes via command line arguments, but it can be more convenient to + have a central file. In particular, this encourages consistent +@@ -314,15 +317,17 @@ See + for deatils. + + .SH FILES +-.TP 10n ++.I /usr/etc/nfs.conf ++.br ++.I /usr/etc/nfs.conf.d/*.conf ++.br + .I /etc/nfs.conf +-Default NFS client configuration file +-.TP 10n +-.I /etc/nfs.conf.d +-When this directory exists and files ending +-with ".conf" exist, those files will be +-used to set configuration variables. These +-files will override variables set in /etc/nfs.conf ++.br ++.I /etc/nfs.conf.d/*.conf ++.br ++.IP ++Various configuration files read in order. Later settings override ++earlier settings. + .SH SEE ALSO + .BR nfsdcltrack (8), + .BR rpc.nfsd (8), +--- a/systemd/nfs.systemd.man ++++ b/systemd/nfs.systemd.man +@@ -27,7 +27,9 @@ any command line arguments to daemons so + behavior. In many case such configuration can be performed by making + changes to + .I /etc/nfs.conf +-or other configuration files. When that is not convenient, a ++or other configuration files (see ++.BR nfs.conf (5)). ++When that is not convenient, a + distribution might provide systemd "drop-in" files which replace the + .B ExecStart= + setting to start the program with different arguments. For example a +@@ -171,6 +173,12 @@ running, it can be masked with + /etc/nfsmount.conf + .br + /etc/idmapd.conf ++.P ++Also similar files in ++.B /usr/etc ++and in related ++.I conf.d ++drop-in directories. + .SH SEE ALSO + .BR systemd.unit (5), + .BR nfs.conf (5), +--- a/utils/mount/nfsmount.conf.man ++++ b/utils/mount/nfsmount.conf.man +@@ -115,16 +115,17 @@ All mounts to the '/export/home' export + the background (i.e. done asynchronously). + .RE + .SH FILES +-.TP 10n ++.I /usr/etc/nfsmount.conf ++.br ++.I /usr/etc/nfsmount.conf.d/*.conf ++.br + .I /etc/nfsmount.conf +-Default NFS mount configuration file +-.TP 10n +-.I /etc/nfsmount.conf.d +-When this directory exists and files ending +-with ".conf" exist, those files will be +-used to set configuration variables. These +-files will override variables set +-in /etc/nfsmount.conf ++.br ++.I /etc/nfsmount.conf.d/*.conf ++.br ++.IP ++Default NFS mount configuration files, variables set in the later file ++over-ride those in the earlier file. + .PD + .SH SEE ALSO + .BR nfs (5), diff --git a/0004-fsidd-call-anonymous-sockets-by-their-name-only-don-.patch b/0004-fsidd-call-anonymous-sockets-by-their-name-only-don-.patch new file mode 100644 index 0000000..84fbed5 --- /dev/null +++ b/0004-fsidd-call-anonymous-sockets-by-their-name-only-don-.patch @@ -0,0 +1,115 @@ +From 46f91dc8f0d9aa31e18327cf3ad61c27551c4cfc Mon Sep 17 00:00:00 2001 +From: Ahelenia Ziemiaska +Date: Mon, 27 Nov 2023 10:41:04 -0500 +Subject: [PATCH] fsidd: call anonymous sockets by their name only, don't fill + with NULs to 108 bytes + +Since e00ab3c0616fe6d83ab0710d9e7d989c299088f7, ss -l looks like this: + u_seq LISTEN 0 5 @/run/fsid.sock@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ 26989379 * 0 +with fsidd pushing all the addresses to 108 bytes wide, which is deeply +egregious if you don't filter it out and recolumnate. + +This is because, naturally (unix(7)), "Null bytes in the name have +no special significance": abstract addresses are binary blobs, but +paths automatically terminate at the first NUL byte, since paths +can't contain those. + +So just specify the correct address length when we're using the abstract domain: +unix(7) recommends "offsetof(struct sockaddr_un, sun_path) + strlen(sun_path) + 1" +for paths, but we don't want to include the terminating NUL, so it's just +"offsetof(struct sockaddr_un, sun_path) + strlen(sun_path)". +This brings the width back to order: +-- >8 -- +$ ss -la | grep @ +u_str ESTAB 0 0 @45208536ec96909a/bus/systemd-timesyn/bus-api-timesync 18500238 * 18501249 +u_str ESTAB 0 0 @fecc9657d2315eb7/bus/systemd-network/bus-api-network 18495452 * 18494406 +u_seq LISTEN 0 5 @/run/fsid.sock 27168796 * 0 +u_str ESTAB 0 0 @ac308f35f50797a2/bus/systemd-logind/system 19406 * 15153 +u_str ESTAB 0 0 @b6606e0dfacbae75/bus/systemd/bus-api-system 18494353 * 18495334 +u_str ESTAB 0 0 @5880653d215718a7/bus/systemd/bus-system 26930876 * 26930003 +-- >8 -- + +Fixes: e00ab3c0616fe6d83ab0710d9e7d989c299088f7 ("fsidd: provide + better default socket name.") +Reviewed-by: NeilBrown +Signed-off-by: Ahelenia Ziemia?ska +Signed-off-by: Steve Dickson +--- + support/reexport/fsidd.c | 9 ++++++--- + support/reexport/reexport.c | 8 ++++++-- + 2 files changed, 12 insertions(+), 5 deletions(-) + +diff --git a/support/reexport/fsidd.c b/support/reexport/fsidd.c +index 3e62b3fc1370..8a70b78f6362 100644 +--- a/support/reexport/fsidd.c ++++ b/support/reexport/fsidd.c +@@ -147,6 +147,7 @@ int main(void) + { + struct event *srv_ev; + struct sockaddr_un addr; ++ socklen_t addr_len; + char *sock_file; + int srv; + +@@ -161,10 +162,12 @@ int main(void) + memset(&addr, 0, sizeof(struct sockaddr_un)); + addr.sun_family = AF_UNIX; + strncpy(addr.sun_path, sock_file, sizeof(addr.sun_path) - 1); +- if (addr.sun_path[0] == '@') ++ addr_len = sizeof(struct sockaddr_un); ++ if (addr.sun_path[0] == '@') { + /* "abstract" socket namespace */ ++ addr_len = offsetof(struct sockaddr_un, sun_path) + strlen(addr.sun_path); + addr.sun_path[0] = 0; +- else ++ } else + unlink(sock_file); + + srv = socket(AF_UNIX, SOCK_SEQPACKET | SOCK_NONBLOCK, 0); +@@ -173,7 +176,7 @@ int main(void) + return 1; + } + +- if (bind(srv, (const struct sockaddr *)&addr, sizeof(struct sockaddr_un)) == -1) { ++ if (bind(srv, (const struct sockaddr *)&addr, addr_len) == -1) { + xlog(L_WARNING, "Unable to bind %s: %m\n", sock_file); + return 1; + } +diff --git a/support/reexport/reexport.c b/support/reexport/reexport.c +index 78516586b98e..0fb49a46723c 100644 +--- a/support/reexport/reexport.c ++++ b/support/reexport/reexport.c +@@ -21,6 +21,7 @@ static int fsidd_srv = -1; + static bool connect_fsid_service(void) + { + struct sockaddr_un addr; ++ socklen_t addr_len; + char *sock_file; + int ret; + int s; +@@ -33,9 +34,12 @@ static bool connect_fsid_service(void) + memset(&addr, 0, sizeof(struct sockaddr_un)); + addr.sun_family = AF_UNIX; + strncpy(addr.sun_path, sock_file, sizeof(addr.sun_path) - 1); +- if (addr.sun_path[0] == '@') ++ addr_len = sizeof(struct sockaddr_un); ++ if (addr.sun_path[0] == '@') { + /* "abstract" socket namespace */ ++ addr_len = offsetof(struct sockaddr_un, sun_path) + strlen(addr.sun_path); + addr.sun_path[0] = 0; ++ } + + s = socket(AF_UNIX, SOCK_SEQPACKET, 0); + if (s == -1) { +@@ -43,7 +47,7 @@ static bool connect_fsid_service(void) + return false; + } + +- ret = connect(s, (const struct sockaddr *)&addr, sizeof(struct sockaddr_un)); ++ ret = connect(s, (const struct sockaddr *)&addr, addr_len); + if (ret == -1) { + xlog(L_WARNING, "Unable to connect %s: %m, is fsidd running?\n", sock_file); + return false; +-- +2.43.0 + diff --git a/nfs-utils-2.6.3.tar.xz b/nfs-utils-2.6.3.tar.xz deleted file mode 100644 index 3aa444c..0000000 --- a/nfs-utils-2.6.3.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:38d89e853a71d3c560ff026af3d969d75e24f782ff68324e76261fe0344459e1 -size 726284 diff --git a/nfs-utils-2.6.4.tar.xz b/nfs-utils-2.6.4.tar.xz new file mode 100644 index 0000000..4fb2c0b --- /dev/null +++ b/nfs-utils-2.6.4.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:01b3b0fb9c7d0bbabf5114c736542030748c788ec2fd9734744201e9b0a1119d +size 728280 diff --git a/nfs-utils.changes b/nfs-utils.changes index 4044cbe..a35ebba 100644 --- a/nfs-utils.changes +++ b/nfs-utils.changes @@ -1,3 +1,22 @@ +------------------------------------------------------------------- +Tue Dec 5 01:19:38 UTC 2023 - Neil Brown + +- Update to version 2.6.4 + - https://kernel.org/pub/linux/utils/nfs-utils/2.6.4/2.6.4-Changelog + - includes fixes for bsc#1210997 +- Removed patchs from this release + - 0001-export-fix-handling-of-error-from-match_fsid.patch +- Added some upstream patches + - 0001-exportfs-remove-warning-if-neither-subtree_check-or-.patch + - 0002-conffile-don-t-report-error-from-conf_init_file.patch + - 0003-conffile-allow-usr-etc-to-provide-any-config-files-e.patch + - 0004-fsidd-call-anonymous-sockets-by-their-name-only-don-.patch + These fix minor bugs and allow config files to be in /usr/etc. + So also move config files to /usr/etc and create directories + foo.conf.d for each config file, so other config file can easily + be addded. + (boo#1216740) + ------------------------------------------------------------------- Wed Nov 15 00:03:44 UTC 2023 - Neil Brown diff --git a/nfs-utils.spec b/nfs-utils.spec index 303e591..0f7a63c 100644 --- a/nfs-utils.spec +++ b/nfs-utils.spec @@ -22,7 +22,7 @@ %endif Name: nfs-utils -Version: 2.6.3 +Version: 2.6.4 Release: 0 Summary: Support Utilities for Kernel nfsd License: GPL-2.0-or-later @@ -42,7 +42,10 @@ Source25: rpc-svcgssd.options.conf Source26: nfs.conf Source27: nfs-kernel-server.tmpfiles.conf Patch0: nfs-utils-1.0.7-bind-syntax.patch -Patch1: 0001-export-fix-handling-of-error-from-match_fsid.patch +Patch1: 0001-exportfs-remove-warning-if-neither-subtree_check-or-.patch +Patch2: 0002-conffile-don-t-report-error-from-conf_init_file.patch +Patch3: 0003-conffile-allow-usr-etc-to-provide-any-config-files-e.patch +Patch4: 0004-fsidd-call-anonymous-sockets-by-their-name-only-don-.patch BuildRequires: e2fsprogs-devel BuildRequires: gcc-c++ BuildRequires: libtool @@ -77,7 +80,7 @@ Requires: rpcbind Requires(post): %fillup_prereq Requires(pre): permissions Obsoletes: nfs-utils < 1.1.0 -%sysusers_requires +#%sysusers_requires %description -n nfs-client This package contains common NFS utilities which are needed for client @@ -158,7 +161,9 @@ install -D -m 644 %{SOURCE22} %{buildroot}%{_unitdir}/rpc-gssd.service.d/10-opti install -D -m 644 %{SOURCE23} %{buildroot}%{_unitdir}/rpc-statd.service.d/10-options.conf install -D -m 644 %{SOURCE24} %{buildroot}%{_unitdir}/rpc-statd-notify.service.d/10-options.conf install -D -m 644 %{SOURCE25} %{buildroot}%{_unitdir}/rpc-svcgssd.service.d/10-options.conf -install -D -m 644 %{SOURCE26} %{buildroot}%{_sysconfdir}/nfs.conf +install -D -m 644 %{SOURCE26} %{buildroot}%{_prefix}%{_sysconfdir}/nfs.conf +mkdir -p -m 755 %{buildroot}%{_prefix}%{_sysconfdir}/nfs.conf.d +mkdir -p -m 755 %{buildroot}%{_sysconfdir}/nfs.conf.d install -D -m 644 %{SOURCE27} %{buildroot}%{_prefix}/lib/tmpfiles.d/nfs-kernel-server.conf ln -sf %{_sbindir}/service %{buildroot}%{_sbindir}/rcnfs-server ln -sf %{_sbindir}/service %{buildroot}%{_sbindir}/rcnfs-client @@ -166,7 +171,9 @@ ln -sf %{_sbindir}/service %{buildroot}%{_sbindir}/rcnfs-client mkdir -p %{buildroot}%{_fillupdir} install -m 644 %{SOURCE4} %{buildroot}%{_fillupdir} # idmapd setup -install -D -m 644 %{SOURCE11} %{buildroot}%{_sysconfdir}/idmapd.conf +install -D -m 644 %{SOURCE11} %{buildroot}%{_prefix}%{_sysconfdir}/idmapd.conf +mkdir -p -m 755 %{buildroot}%{_prefix}%{_sysconfdir}/idmapd.conf.d +mkdir -p -m 755 %{buildroot}%{_sysconfdir}/idmapd.conf.d mkdir -p -m 755 %{buildroot}%{_localstatedir}/lib/nfs/rpc_pipefs mkdir -p -m 755 %{buildroot}%{_localstatedir}/lib/nfs/v4recovery # sm-notify state @@ -174,7 +181,8 @@ mkdir -p -m 755 %{buildroot}%{_localstatedir}/lib/nfs/sm mkdir -p -m 755 %{buildroot}%{_localstatedir}/lib/nfs/sm.bak touch %{buildroot}%{_localstatedir}/lib/nfs/state mkdir -p %{buildroot}%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services -install -m 644 utils/mount/nfsmount.conf %{buildroot}%{_sysconfdir}/nfsmount.conf +mkdir -p -m 755 %{buildroot}%{_prefix}%{_sysconfdir}/nfsmount.conf.d +mkdir -p -m 755 %{buildroot}%{_sysconfdir}/nfsmount.conf.d # # hack to avoid automatic python dependency chmod 644 `grep -l -r '^#!/usr/bin/python' %{buildroot}%{_sbindir}` @@ -254,9 +262,15 @@ fi %files -n nfs-client %license COPYING -%config %{_sysconfdir}/idmapd.conf -%config %{_sysconfdir}/nfsmount.conf -%config %{_sysconfdir}/nfs.conf +%{_prefix}%{_sysconfdir}/idmapd.conf +%dir %{_prefix}%{_sysconfdir}/idmapd.conf.d +%dir %{_sysconfdir}/idmapd.conf.d +%dir %{_prefix}%{_sysconfdir}/nfsmount.conf.d +%dir %{_sysconfdir}/nfsmount.conf.d +%doc utils/mount/nfsmount.conf +%{_prefix}%{_sysconfdir}/nfs.conf +%dir %{_prefix}%{_sysconfdir}/nfs.conf.d +%dir %{_sysconfdir}/nfs.conf.d %verify(not mode) %attr(0755,root,root) %{_sbindir}/mount.nfs %{_sbindir}/mount.nfs4 %{_sbindir}/umount.nfs diff --git a/nfs.conf b/nfs.conf index 01d51c8..3e4f265 100644 --- a/nfs.conf +++ b/nfs.conf @@ -3,8 +3,9 @@ # NFS daemons and tools # DO NOT MAKE CHANGES TO THIS FILE as they will # be lost on the next software update. Make changes -# to /etc/sysconfig/nfs or /etc/nfs.conf.local instead. -# /etc/nfs.conf.local can include multiple sections, just +# to /etc/sysconfig/nfs, /usr/src/nfs.conf./*.conf or +# /etc/nfs.conf.d/*.conf instead. +# The .conf file can include multiple sections, just # like this file. [environment] @@ -12,77 +13,20 @@ include = /etc/sysconfig/nfs include = -/etc/nfs.conf.local [general] pipefs-directory=$RPC_PIPEFS_DIR -# -#[exportfs] -# debug=0 -# -#[gssd] -# verbosity=0 -# rpc-verbosity=0 -# use-memcache=0 -# use-machine-creds=1 -# use-gss-proxy=0 +[gssd] avoid-dns=$NFS_GSSD_AVOID_DNS -# limit-to-legacy-enctypes=0 -# context-timeout=0 -# rpc-timeout=5 -# keytab-file=/etc/krb5.keytab -# cred-cache-directory= -# preferred-realm= -# [lockd] port=$LOCKD_TCPPORT udp-port=$LOCKD_UDPPORT -# [mountd] -# debug=0 -# manage-gids=n -# descriptors=0 port= $MOUNTD_PORT -# threads=1 -# reverse-lookup=n -# state-directory-path=/var/lib/nfs -# ha-callout= -# -#[nfsdcltrack] -# debug=0 -# storagedir=/var/lib/nfs/nfsdcltrack -# [nfsd] -# debug=0 threads= $USE_KERNEL_NFSD_NUMBER -# host= -# port=0 grace-time=$NFSV4GRACETIME lease-time=$NFSV4LEASETIME -# udp=n -# tcp=y -# vers2=n vers3=$NFS3_SERVER_SUPPORT vers4=$NFS4_SUPPORT -# vers4.0=y -# vers4.1=y -# vers4.2=y -# rdma=n -# rdma-port=20049 scope=$NFSD_SCOPE -# [statd] -# debug=0 port=$STATD_PORT -# outgoing-port=0 name=$STATD_HOSTNAME -# state-directory-path=/var/lib/nfs/statd -# ha-callout= -# no-notify=0 -# -#[sm-notify] -# debug=0 -# force=0 -# retry-time=900 -# outgoing-port= -# outgoing-addr= -# lift-grace=y -# -#[svcgssd] -# principal=