pool/nfs-utils
SHA256
2
0
Fork 2
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

- update upstream version from 1.3.4 to 2.1.1

Browse Source 
The significant update is that configuration can
  now be read from a central /etc/nfs.conf file, and
  it can include other files such as /etc/sysconfig/nfs
  This means that the old nfs-config.service systemd
  unit is no longer needed.
- /etc/nfs.conf file created to import all sysconfig
  settings except *_OPTIONS directly into running code.
- dropins created to pass *_OPTIONS sysconfig setting to
  the various daemons.
- various specfile improvements, such as using "-D" in
  "install" commands, and adding "verify_permissions".
- "xtab" has not been needed for years and has now been remove.
- sysconfig.nfs updated, particular the ServiceRestart
  declarations have been tuned for systemd units.
- 0003-nfs-server-generator-handle-noauto-mounts-correctly.patch
  Fix the nfs-server-generator so that mounts marked "noauto"
  are not automatically mounted when NFS exported.
  (bsc#1019211)
- 0001-conffile-ignore-empty-environment-variables.patch
  0002-mount-call-setgroups-before-setuid.patch
  Other minor fixes found during testing.
- REMOVED 0001-Make-location-of-nfs-utils_env.sh-configurable.patch
  now included upstream

OBS-URL: https://build.opensuse.org/package/show/Base:System/nfs-utils?expand=0&rev=177
This commit is contained in:
Neil Brown 2017-02-08 02:43:23 +00:00 committed by Git OBS Bridge
parent 00060a4988
commit 5073990325
18 changed files with 356 additions and 228 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

67
0001-Make-location-of-nfs-utils_env.sh-configurable.patch
View File

@ -1,67 +0,0 @@
From dc071e55135019d4503930f204674219a9f8676b Mon Sep 17 00:00:00 2001
From: NeilBrown <neilb@suse.com>
Date: Sun, 21 Aug 2016 14:53:57 +1000
Subject: [PATCH] Make location of nfs-utils_env.sh configurable.
A recent patch moved this file to /usr/libexec/...
That directory isn't universal, and doesn't exist on openSUSE or
Debian for example.
So change it to use the $libexecdir directory determined by configure
Signed-off-by: NeilBrown <neilb@suse.com>
---
configure.ac | 6 ++++++
systemd/nfs-config.service | 13 -------------
systemd/nfs-config.service.in | 13 +++++++++++++
3 files changed, 19 insertions(+), 13 deletions(-)
--- a/configure.ac
+++ b/configure.ac
@@ -511,8 +511,14 @@ AC_SUBST([AM_CFLAGS], ["$my_am_cflags"])
# Make sure that $ACLOCAL_FLAGS are used during a rebuild
AC_SUBST([ACLOCAL_AMFLAGS], ["-I $ac_macro_dir \$(ACLOCAL_FLAGS)"])
+# make libexecdir available for substituion in config files
+# 2 "evals" needed late to expand variable names.
+AC_SUBST([_libexecdir])
+AC_CONFIG_COMMANDS_PRE([eval eval _libexecdir=$libexecdir])
+
AC_CONFIG_FILES([
Makefile
+ systemd/nfs-config.service
linux-nfs/Makefile
support/Makefile
support/export/Makefile
--- a/systemd/nfs-config.service
+++ /dev/null
@@ -1,13 +0,0 @@
-[Unit]
-Description=Preprocess NFS configuration
-After=local-fs.target
-DefaultDependencies=no
-
-[Service]
-Type=oneshot
-# This service needs to run any time any nfs service
-# is started, so changes to local config files get
-# incorporated. Having "RemainAfterExit=no" (the default)
-# ensures this happens.
-RemainAfterExit=no
-ExecStart=/usr/libexec/nfs-utils/nfs-utils_env.sh
--- /dev/null
+++ b/systemd/nfs-config.service.in
@@ -0,0 +1,13 @@
+[Unit]
+Description=Preprocess NFS configuration
+After=local-fs.target
+DefaultDependencies=no
+
+[Service]
+Type=oneshot
+# This service needs to run any time any nfs service
+# is started, so changes to local config files get
+# incorporated. Having "RemainAfterExit=no" (the default)
+# ensures this happens.
+RemainAfterExit=no
+ExecStart=@_libexecdir@/nfs-utils/nfs-utils_env.sh

38
0001-conffile-ignore-empty-environment-variables.patch Normal file
View File

@ -0,0 +1,38 @@
From 5ec9d9034650ae4372dc1bd44d33a1e8768e3409 Mon Sep 17 00:00:00 2001
From: NeilBrown <neilb@suse.com>
Date: Wed, 8 Feb 2017 08:18:34 +1100
Subject: [PATCH] conffile: ignore empty environment variables.
conf_set() already refuses to set an empty value, so if
foo=
appear in the config file, it will be ignored.
This patch extends the policy to environment variables, so empty
environment variables are treats as though they didn't exist.
This means that a separate environment file (e.g. /etc/sysconfig/nfs)
will be treated the same way whether it is:
- included in the [environment] section of /etc/nfs.conf
- sourced by the shell before running code
- sourced by the systemd EnvironmentFile directive.
Signed-off-by: NeilBrown <neilb@suse.com>
---
support/nfs/conffile.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/support/nfs/conffile.c b/support/nfs/conffile.c
index e717c1e39bab..203efd2aa602 100644
--- a/support/nfs/conffile.c
+++ b/support/nfs/conffile.c
@@ -533,7 +533,7 @@ retry:
* or from environment
*/
char *env = getenv(cb->value+1);
- if (env)
+ if (env && *env)
return env;
section = "environment";
tag = cb->value + 1;
--
2.11.0

43
0002-mount-call-setgroups-before-setuid.patch Normal file
View File

@ -0,0 +1,43 @@
From 5b7da9d70261583e67e114b36cb19973de15606d Mon Sep 17 00:00:00 2001
From: NeilBrown <neilb@suse.com>
Date: Wed, 8 Feb 2017 08:22:36 +1100
Subject: [PATCH] mount: call setgroups() before setuid()
It is generally wise to call setgroups() (and setgid()) before calling
setuid() to ensure no unexpected permission leaks happen.
SUSE's build system check all binaries for conformance with this
and generates a warning for mountd.
As we set setting the uid to 0, there is no risk that the group list
will provide extra permissions, so there is no real risk here.
But it is nice to silence warnings, and including a setgroups()
call is probably a good practice to encourage.
Signed-off-by: NeilBrown <neilb@suse.com>
---
utils/mount/network.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/utils/mount/network.c b/utils/mount/network.c
index d1c8fec75174..281e9354a7fa 100644
--- a/utils/mount/network.c
+++ b/utils/mount/network.c
@@ -33,6 +33,7 @@
#include <errno.h>
#include <netdb.h>
#include <time.h>
+#include <grp.h>
#include <sys/types.h>
#include <sys/socket.h>
@@ -804,6 +805,7 @@ int start_statd(void)
pid_t pid = fork();
switch (pid) {
case 0: /* child */
+ setgroups(0, NULL);
setgid(0);
setuid(0);
execle(START_STATD, START_STATD, NULL, envp);
--
2.11.0

71
0003-nfs-server-generator-handle-noauto-mounts-correctly.patch Normal file
View File

@ -0,0 +1,71 @@
From 93b39628e0a2053d9b37cab7a60d78f782cb88ea Mon Sep 17 00:00:00 2001
From: NeilBrown <neilb@suse.com>
Date: Wed, 8 Feb 2017 12:56:38 +1100
Subject: [PATCH] nfs-server-generator: handle 'noauto' mounts correctly.
When this code was written the systemd documentation stated
that "RequiresMountsFor" ignored mountpoints marked as "noauto".
Unfortunately this is incorrect. Consquently a filesystem marked
as noauto that is also NFS exported will currently be mounted when
the NFS server is started. This is not what people expect.
So add a check for the noauto flag. If any ancestor of a given
export point has the noauto flag, no RequiresMountsFor will be
generated for that point.
Also skip RequiresMountsFor for exports marked 'mountpoint', as their
absence is, theoretically, already handled by mountd.
URL: https://github.com/systemd/systemd/issues/5249
Signed-off-by: NeilBrown <neilb@suse.com>
---
systemd/nfs-server-generator.c | 26 ++++++++++++++++++++++++++
1 file changed, 26 insertions(+)
diff --git a/systemd/nfs-server-generator.c b/systemd/nfs-server-generator.c
index cc99969e9922..4aa65094ca07 100644
--- a/systemd/nfs-server-generator.c
+++ b/systemd/nfs-server-generator.c
@@ -84,6 +84,28 @@ static void systemd_escape(FILE *f, char *path)
}
}
+static int has_noauto_flag(char *path)
+{
+ FILE *fstab;
+ struct mntent *mnt;
+
+ fstab = setmntent("/etc/fstab", "r");
+ if (!fstab)
+ return 0;
+
+ while ((mnt = getmntent(fstab)) != NULL) {
+ int l = strlen(mnt->mnt_dir);
+ if (strncmp(mnt->mnt_dir, path, l) != 0)
+ continue;
+ if (path[l] && path[l] != '/')
+ continue;
+ if (hasmntopt(mnt, "noauto"))
+ break;
+ }
+ fclose(fstab);
+ return mnt != NULL;
+}
+
int main(int argc, char *argv[])
{
char *path;
@@ -124,6 +146,10 @@ int main(int argc, char *argv[])
for (exp = exportlist[i].p_head; exp; exp = exp->m_next) {
if (!is_unique(&list, exp->m_export.e_path))
continue;
+ if (exp->m_export.e_mountpoint)
+ continue;
+ if (has_noauto_flag(exp->m_export.e_path))
+ continue;
if (strchr(exp->m_export.e_path, ' '))
fprintf(f, "RequiresMountsFor=\"%s\"\n",
exp->m_export.e_path);
--
2.11.0

4
nfs-config.restart.conf
View File

@ -1,4 +0,0 @@
[Unit]
# Ensure config file is re-processed when nfs or nfsserver
# is restarted
PartOf = nfs-server.service nfs-client.target

4
nfs-mountd.options.conf Normal file
View File

@ -0,0 +1,4 @@
[Service]
EnvironmentFile=-/etc/sysconfig/nfs
ExecStart=
ExecStart=-/usr/sbin/rpc.mountd $MOUNTD_OPTIONS

4
nfs-server.options.conf Normal file
View File

@ -0,0 +1,4 @@
[Service]
EnvironmentFile=-/etc/sysconfig/nfs
ExecStart=
ExecStart=-/usr/sbin/rpc.nfsd $NFSD_OPTIONS

3
nfs-utils-1.3.4.tar.xz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:b42a5bc0a8d80d04650030ceb9a11f08f4acfbcb1ee297f657fb94e339c45975
size 602240

3
nfs-utils-2.1.1.tar.xz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:0faeb54c70b84e6bd3b9b6901544b1f6add8d246f35c1683e402daf4e0c719ef
size 606028

28
nfs-utils.changes
View File

@ -1,3 +1,31 @@
-------------------------------------------------------------------
Wed Feb 8 02:32:37 UTC 2017 - nfbrown@suse.com
- update upstream version from 1.3.4 to 2.1.1
The significant update is that configuration can
now be read from a central /etc/nfs.conf file, and
it can include other files such as /etc/sysconfig/nfs
This means that the old nfs-config.service systemd
unit is no longer needed.
- /etc/nfs.conf file created to import all sysconfig
settings except *_OPTIONS directly into running code.
- dropins created to pass *_OPTIONS sysconfig setting to
the various daemons.
- various specfile improvements, such as using "-D" in
"install" commands, and adding "verify_permissions".
- "xtab" has not been needed for years and has now been remove.
- sysconfig.nfs updated, particular the ServiceRestart
declarations have been tuned for systemd units.
- 0003-nfs-server-generator-handle-noauto-mounts-correctly.patch
Fix the nfs-server-generator so that mounts marked "noauto"
are not automatically mounted when NFS exported.
(bsc#1019211)
- 0001-conffile-ignore-empty-environment-variables.patch
0002-mount-call-setgroups-before-setuid.patch
Other minor fixes found during testing.
- REMOVED 0001-Make-location-of-nfs-utils_env.sh-configurable.patch
now included upstream
-------------------------------------------------------------------
Thu Jan 19 10:17:03 UTC 2017 - jengelh@inai.de

84
nfs-utils.spec
View File

@ -17,7 +17,7 @@
Name: nfs-utils
Version: 1.3.4
Version: 2.1.1
Release: 0
Summary: Support Utilities for Kernel nfsd
License: GPL-2.0+
@ -32,15 +32,23 @@ Source6: README.NFSv4
Source7: fw-client
Source8: fw-server
Source11: idmapd.conf
Source12: nfs-config.restart.conf
Source13: nfs-utils.rpmlintrc
Source14: nfs-utils_env.sh
Source15: nfsserver.service
Source16: nfs.service
Source17: nfs-server.nfsserver.conf
Source18: nfs-client.nfs.conf
Source20: nfs-mountd.options.conf
Source21: nfs-server.options.conf
Source22: rpc-gssd.options.conf
Source23: rpc-statd.options.conf
Source24: rpc-statd-notify.options.conf
Source25: rpc-svcgssd.options.conf
Source26: nfs.conf
Patch0: nfs-utils-1.0.7-bind-syntax.patch
Patch1: 0001-Make-location-of-nfs-utils_env.sh-configurable.patch
Patch1: 0001-conffile-ignore-empty-environment-variables.patch
Patch2: 0002-mount-call-setgroups-before-setuid.patch
Patch3: 0003-nfs-server-generator-handle-noauto-mounts-correctly.patch
BuildRequires: e2fsprogs-devel
BuildRequires: fedfs-utils-devel
BuildRequires: gcc-c++
@ -89,6 +97,7 @@ Requires: rpcbind
Conflicts: nfs-server
Provides: nfs-utils = %{version}
Obsoletes: nfs-utils < 1.1.0
PreReq: permissions
%description -n nfs-kernel-server
This package contains support for the kernel based NFS server. You can
@ -109,6 +118,8 @@ This package contains additional NFS documentation.
%setup -q -a 1
%patch0 -p1
%patch1 -p1
%patch2 -p1
%patch3 -p1
cp %{SOURCE6} .
@ -138,17 +149,17 @@ done
%install
make %{?_smp_mflags} DESTDIR=%{buildroot} install
install -d %{buildroot}/%{_unitdir}
install -m 644 %{SOURCE15} %{buildroot}%{_unitdir}/nfsserver.service
install -m 644 %{SOURCE16} %{buildroot}%{_unitdir}/nfs.service
install -d %{buildroot}%{_unitdir}/nfs-server.service.d
install -m 644 %{SOURCE17} %{buildroot}%{_unitdir}/nfs-server.service.d/nfsserver.conf
install -d %{buildroot}%{_unitdir}/nfs-client.target.d
install -m 644 %{SOURCE18} %{buildroot}%{_unitdir}/nfs-client.target.d/nfs.conf
install -d %{buildroot}%{_libexecdir}/nfs-utils
install -m 755 %{SOURCE14} %{buildroot}%{_libexecdir}/nfs-utils/nfs-utils_env.sh
install -d %{buildroot}%{_unitdir}/nfs-config.service.d
install -m 644 %{SOURCE12} %{buildroot}%{_unitdir}/nfs-config.service.d/restart.conf
install -D -m 644 %{SOURCE15} %{buildroot}%{_unitdir}/nfsserver.service
install -D -m 644 %{SOURCE16} %{buildroot}%{_unitdir}/nfs.service
install -D -m 644 %{SOURCE17} %{buildroot}%{_unitdir}/nfs-server.service.d/nfsserver.conf
install -D -m 644 %{SOURCE18} %{buildroot}%{_unitdir}/nfs-client.target.d/nfs.conf
install -D -m 644 %{SOURCE20} %{buildroot}%{_unitdir}/nfs-mountd.service.d/options.conf
install -D -m 644 %{SOURCE21} %{buildroot}%{_unitdir}/nfs-server.service.d/options.conf
install -D -m 644 %{SOURCE22} %{buildroot}%{_unitdir}/rpc-gssd.service.d/options.conf
install -D -m 644 %{SOURCE23} %{buildroot}%{_unitdir}/rpc-statd.service.d/options.conf
install -D -m 644 %{SOURCE24} %{buildroot}%{_unitdir}/rpc-statd-notify.service.d/options.conf
install -D -m 644 %{SOURCE25} %{buildroot}%{_unitdir}/rpc-svcgssd.service.d/options.conf
install -D -m 644 %{SOURCE26} %{buildroot}%{_sysconfdir}/nfs.conf
ln -sf %{_sbindir}/service %{buildroot}%{_sbindir}/rcnfsserver
ln -sf %{_sbindir}/service %{buildroot}%{_sbindir}/rcnfs-server
ln -sf %{_sbindir}/service %{buildroot}%{_sbindir}/rcnfs
@ -157,8 +168,7 @@ ln -sf %{_sbindir}/service %{buildroot}%{_sbindir}/rcnfs-client
mkdir -p %{buildroot}%{_localstatedir}/adm/fillup-templates
install -m 644 %{SOURCE4} %{buildroot}%{_localstatedir}/adm/fillup-templates
# idmapd setup
install -d %{buildroot}/etc
install -m 644 %{SOURCE11} %{buildroot}%{_sysconfdir}/idmapd.conf
install -D -m 644 %{SOURCE11} %{buildroot}%{_sysconfdir}/idmapd.conf
mkdir -p -m 755 %{buildroot}%{_localstatedir}/lib/nfs/rpc_pipefs
mkdir -p -m 755 %{buildroot}%{_localstatedir}/lib/nfs/v4recovery
# sm-notify state
@ -177,7 +187,7 @@ chmod 644 %{buildroot}%{_sbindir}/{mountstats,nfsiostat}
/usr/bin/getent passwd statd >/dev/null || \
/usr/sbin/useradd -r -c 'NFS statd daemon' \
-s /sbin/nologin -d %{_localstatedir}/lib/nfs -g nogroup statd
%service_add_pre nfs.service auth-rpcgss-module.service nfs-idmapd.service nfs-blkmap.service rpc-statd-notify.service rpc-gssd.service rpc-statd.service nfs-config.service
%service_add_pre nfs.service auth-rpcgss-module.service nfs-idmapd.service nfs-blkmap.service rpc-statd-notify.service rpc-gssd.service rpc-statd.service rpc-svcgssd.service
%post -n nfs-client
chown statd:nogroup %{_localstatedir}/lib/nfs > /dev/null 2>&1 || :
@ -196,13 +206,13 @@ fi
%{fillup_only -n nfs nfs}
#
%set_permissions /sbin/mount.nfs
%service_add_post nfs.service auth-rpcgss-module.service nfs-idmapd.service nfs-blkmap.service rpc-statd-notify.service rpc-gssd.service rpc-statd.service nfs-config.service
%service_add_post nfs.service auth-rpcgss-module.service nfs-idmapd.service nfs-blkmap.service rpc-statd-notify.service rpc-gssd.service rpc-statd.service rpc-svcgssd.service
%preun -n nfs-client
%service_del_preun nfs.service auth-rpcgss-module.service nfs-idmapd.service nfs-blkmap.service rpc-statd-notify.service rpc-gssd.service rpc-statd.service nfs-config.service
%service_del_preun nfs.service auth-rpcgss-module.service nfs-idmapd.service nfs-blkmap.service rpc-statd-notify.service rpc-gssd.service rpc-statd.service rpc-svcgssd.service
%postun -n nfs-client
%service_del_postun nfs.service auth-rpcgss-module.service nfs-idmapd.service nfs-blkmap.service rpc-statd-notify.service rpc-gssd.service rpc-statd.service nfs-config.service
%service_del_postun nfs.service auth-rpcgss-module.service nfs-idmapd.service nfs-blkmap.service rpc-statd-notify.service rpc-gssd.service rpc-statd.service rpc-svcgssd.service
%verifyscript -n nfs-client
%verify_permissions -e /sbin/mount.nfs
@ -223,15 +233,20 @@ if [ -f %{_localstatedir}/lock/subsys/nfsserver-rpc.idmapd ]; then
mv %{_localstatedir}/lock/subsys/nfsserver-rpc.idmapd /run/nfs
fi
###
%service_add_post nfsserver.service rpc-svcgssd.service nfs-mountd.service nfs-server.service
%service_add_post nfsserver.service nfs-mountd.service nfs-server.service
%set_permissions /var/lib/nfs/rmtab
%postun -n nfs-kernel-server
%service_del_postun nfsserver.service rpc-svcgssd.service nfs-mountd.service nfs-server.service
%service_del_postun nfsserver.service nfs-mountd.service nfs-server.service
%verifyscript -n nfs-kernel-server
%verify_permissions -e /var/lib/nfs/rmtab
%files -n nfs-client
%defattr(-,root,root)
%config %{_sysconfdir}/idmapd.conf
%config %{_sysconfdir}/nfsmount.conf
%config %{_sysconfdir}/nfs.conf
%verify(not mode) %attr(0755,root,root) /sbin/mount.nfs
/sbin/mount.nfs4
/sbin/umount.nfs
@ -255,23 +270,30 @@ fi
%{_unitdir}/auth-rpcgss-module.service
%{_unitdir}/nfs-blkmap.service
%{_unitdir}/nfs-client.target
%{_unitdir}/nfs-config.service
%{_unitdir}/nfs-idmapd.service
%{_unitdir}/nfs-utils.service
%{_unitdir}/rpc-gssd.service
%{_unitdir}/rpc-gssd.service.d
%{_unitdir}/rpc-gssd.service.d/options.conf
%{_unitdir}/rpc-statd-notify.service
%{_unitdir}/rpc-statd-notify.service.d
%{_unitdir}/rpc-statd-notify.service.d/options.conf
%{_unitdir}/rpc-statd.service
%{_unitdir}/rpc-statd.service.d
%{_unitdir}/rpc-statd.service.d/options.conf
%{_unitdir}/rpc-svcgssd.service
%{_unitdir}/rpc-svcgssd.service.d
%{_unitdir}/rpc-svcgssd.service.d/options.conf
%{_unitdir}/var-lib-nfs-rpc_pipefs.mount
%{_unitdir}/nfs.service
%dir %{_unitdir}/nfs-client.target.d
%{_unitdir}/nfs-client.target.d/nfs.conf
%dir %{_unitdir}/nfs-config.service.d
%{_unitdir}/nfs-config.service.d/restart.conf
%dir %{_libexecdir}/nfs-utils
%{_libexecdir}/nfs-utils/nfs-utils_env.sh
%dir /usr/lib/systemd/system-generators
/usr/lib/systemd/system-generators/nfs-server-generator
%{_mandir}/man5/nfsmount.conf.5%{ext_man}
%{_mandir}/man5/nfs.conf.5%{ext_man}
%{_mandir}/man5/nfs.5%{ext_man}
%{_mandir}/man7/nfs.systemd.7%{ext_man}
%{_mandir}/man8/mount.nfs.8%{ext_man}
%{_mandir}/man8/nfsidmap.8%{ext_man}
%{_mandir}/man8/nfsstat.8%{ext_man}
@ -303,10 +325,13 @@ fi
%files -n nfs-kernel-server
%defattr(-,root,root)
%{_unitdir}/nfs-mountd.service
%{_unitdir}/nfs-mountd.service.d
%{_unitdir}/nfs-mountd.service.d/options.conf
%{_unitdir}/nfs-server.service
%{_unitdir}/nfs-server.service.d
%{_unitdir}/nfs-server.service.d/options.conf
%{_unitdir}/proc-fs-nfsd.mount
%{_unitdir}/nfsserver.service
%dir %{_unitdir}/nfs-server.service.d
%{_unitdir}/nfs-server.service.d/nfsserver.conf
%{_sbindir}/exportfs
%{_sbindir}/rcnfsserver
@ -322,7 +347,6 @@ fi
%{_mandir}/man8/rpc.mountd.8%{ext_man}
%{_mandir}/man8/rpc.nfsd.8%{ext_man}
%{_mandir}/man8/nfsdcltrack.8%{ext_man}
%config(noreplace) %{_localstatedir}/lib/nfs/xtab
%config(noreplace) %{_localstatedir}/lib/nfs/etab
%config(noreplace) %{_localstatedir}/lib/nfs/rmtab
%config %attr(0644,root,root) %{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/nfs-kernel-server

80
nfs-utils_env.sh
View File

@ -1,80 +0,0 @@
#!/bin/sh
# extract configuration from /etc/sysconfig/nfs-utils and write
# environment to /run/sysconfig/nfs-utils to be used by systemd unit
# files.
# This script expects configuration as used by openSUSE-13.1 and later
#
nfs_config=/etc/sysconfig/nfs
if test -r $nfs_config; then
. $nfs_config
fi
pipefs=
if [ -n "$RPC_PIPEFS_DIR" -a "$RPC_PIPEFS_DIR" != "/var/lib/nfs/rpc_pipefs" ]; then
pipefs="-p $RPC_PIPEFS_DIR"
fi
mountdport=
if [ -n "$MOUNTD_PORT" ]; then
mountdport="-p $MOUNTD_PORT"
fi
case $NFS_GSSD_AVOID_DNS in
[Nn]*) ignore_dns=-D ;;
[Yy]*) ignore_dns= ;;
* ) ignore_dns=-D
esac
version_params=
if [ "$NFS3_SERVER_SUPPORT" == "no" ]; then
version_params="--no-nfs-version 2 --no-nfs-version 3"
fi
if [ "$NFS4_SUPPORT" != "yes" ]; then
version_params="--no-nfs-version 4"
else
if [ "$NFS4_SERVER_MINOR_VERSION" != "0" ]; then
version_params="$version_params --nfs-version 4 --nfs-version 4.$NFS4_SERVER_MINOR_VERSION"
fi
fi
if [ "$USE_KERNEL_NFSD_NUMBER" -gt 0 ]; then
threads=$USE_KERNEL_NFSD_NUMBER
else
threads=3
fi
time_params=
if [ -n "$NFSV4LEASETIME" ]; then
time_params="--grace-time=$NFSV4LEASETIME --lease-time=$NFSV4LEASETIME"
fi
if [ -n "$STATD_PORT" ]; then
STATD_OPTIONS="$STATD_OPTIONS -p $STATD_PORT"
fi
if [ -n "$STATD_HOSTNAME" ]; then
STATD_OPTIONS="$STATD_OPTIONS -n $STATD_HOSTNAME"
fi
if [ -n "$LOCKD_TCPPORT" ]; then
STATD_OPTIONS="$STATD_OPTIONS --nlm-port $LOCKD_TCPPORT"
fi
if [ -n "$LOCKD_UDPPORT" ]; then
STATD_OPTIONS="$STATD_OPTIONS --nlm-udp-port $LOCKD_UDPPORT"
fi
case $NFS_GSSD_AVOID_DNS in
[Nn]*) ignore_dns=-D ;;
[Yy]*) ignore_dns= ;;
* ) ignore_dns=-D
esac
mkdir -p /run/sysconfig
{
echo "RPCIDMAPDARGS=$pipefs"
echo "RPCMOUNTDARGS=$mountdport $MOUNTD_OPTIONS $version_params"
echo "RPCNFSDARGS=$NFSD_OPTIONS $version_params $time_params $threads"
echo "GSSDARGS=$ignore_dns $GSSD_OPTIONS $pipefs"
echo "SMNOTIFYARGS=$SM_NOTIFY_OPTIONS"
echo "STATDARGS=$STATD_OPTIONS"
echo "SVCGSSDARGS=$SVCGSSD_OPTIONS"
} > /run/sysconfig/nfs-utils

80
nfs.conf Normal file
View File

@ -0,0 +1,80 @@
#
# This is a general configuration for the
# NFS daemons and tools
# DO NOT MAKE CHANGES TO THIS FILE as they will
# be lost on the next software update. Make changes
# to /etc/sysconfig/nfs or /etc/nfs.conf.local instead.
# /etc/nfs.conf.local can include multiple sections, just
# like this file.
[environment]
include = /etc/sysconfig/nfs
include = /etc/nfs.conf.local
[general]
pipefs-directory=$RPC_PIPEFS_DIR
#
#[exportfs]
# debug=0
#
#[gssd]
# use-memcache=0
# use-machine-creds=1
avoid-dns=$NFS_GSSD_AVOID_DNS
# limit-to-legacy-enctypes=0
# context-timeout=0
# rpc-timeout=5
# keytab-file=/etc/krb5.keytab
# cred-cache-directory=
# preferred-realm=
#
[lockd]
port=$LOCKD_TCPPORT
udp-port=$LOCKD_UDPPORT
#
[mountd]
# debug=0
# manage_gids=n
# descriptors=0
port= $MOUNTD_PORT
# threads=1
# reverse-lookup=n
# state-directory-path=/var/lib/nfs
# ha-callout=
#
#[nfsdcltrack]
# debug=0
# storagedir=/var/lib/nfs/nfsdcltrack
#
[nfsd]
# debug=0
threads= $USE_KERNEL_NFSD_NUMBER
# host=
# port=0
# grace-time=90
lease-time=$NFS4LEASETIME
# udp=y
# tcp=y
# vers2=n
vers3=$NFS3_SERVER_SUPPORT
vers4=$NFS4_SUPPORT
# vers4.0=y
# vers4.1=y
# vers4.2=y
# rdma=n
#
[statd]
# debug=0
port=$STATD_PORT
# outgoing-port=0
name=$STATD_HOSTNAME
# state-directory-path=/var/lib/nfs/statd
# ha-callout=
#
#[sm-notify]
# debug=0
# retry-time=900
# outgoing-port=
# outgoing-addr=
#
#[svcgssd]
# principal=

4
rpc-gssd.options.conf Normal file
View File

@ -0,0 +1,4 @@
[Service]
EnvironmentFile=-/etc/sysconfig/nfs
ExecStart=
ExecStart=-/usr/sbin/rpc.gssd $GSSD_OPTIONS

4
rpc-statd-notify.options.conf Normal file
View File

@ -0,0 +1,4 @@
[Service]
ExecStart=
EnvironmentFile=-/etc/sysconfig/nfs
ExecStart=-/usr/sbin/sm-notify $SM_NOTIFY_OPTIONS

4
rpc-statd.options.conf Normal file
View File

@ -0,0 +1,4 @@
[Service]
EnvironmentFile=-/etc/sysconfig/nfs
ExecStart=
ExecStart=-/usr/sbin/rpc.statd $STATD_OPTIONS

4
rpc-svcgssd.options.conf Normal file
View File

@ -0,0 +1,4 @@
[Service]
EnvironmentFile=-/etc/sysconfig/nfs
ExecStart=
ExecStart=-/usr/sbin/rpc.svcgssd $SVCGSSD_OPTIONS

59
sysconfig.nfs
View File

@ -2,7 +2,7 @@
## Description: number of threads for kernel nfs server
## Type: integer
## Default: 4
## ServiceRestart: nfsserver
## ServiceRestart: nfs-server
#
# the kernel nfs-server supports multiple server threads
#
@ -12,7 +12,7 @@ USE_KERNEL_NFSD_NUMBER="4"
## Description: use fixed port number for mountd
## Type: integer
## Default: ""
## ServiceRestart: nfsserver
## ServiceRestart: nfs-mountd
#
# Only set this if you want to start mountd on a fixed
# port instead of the port assigned by rpc. Only for use
@ -20,21 +20,11 @@ USE_KERNEL_NFSD_NUMBER="4"
#
MOUNTD_PORT=""
## Path: Network/File systems/NFS server
## Description: GSS security for NFS
## Type: yesno
## Default: yes
## ServiceRestart: nfs,nfsserver
#
# Enable RPCSEC_GSS security for NFS (yes/no)
#
NFS_SECURITY_GSS="no"
## Path: Network/File systems/NFS server
## Description: NFSv3 server support
## Type: yesno
## Default: yes
## ServiceRestart: nfsserver
## ServiceRestart: nfs-server
#
# Enable NFSv3 server support (yes/no)
# This causes the NFS server to respond to
@ -47,22 +37,12 @@ NFS3_SERVER_SUPPORT="yes"
## Description: NFSv4 protocol support
## Type: yesno
## Default: yes
## ServiceRestart: nfs,nfsserver
## ServiceRestart: nfs-server
#
# Enable NFSv4 support (server and/or client) (yes/no)
#
NFS4_SUPPORT="yes"
## Path: Network/File systems/NFS server
## Description: NFSv4 server minor version
## Type: integer
## Default: 0
## ServiceRestart: nfsserver
#
# Select NFSv4 minor version for server to support (0, 1).
# If '1' is selected, NFSv4.0 will also be supported.
NFS4_SERVER_MINOR_VERSION="0"
## Path: Network/File systems/NFS server
## Description: Network Status Monitor options
## Type: string
@ -74,26 +54,11 @@ NFS4_SERVER_MINOR_VERSION="0"
#
SM_NOTIFY_OPTIONS=""
## Path: Network/File systems/NFS server
## Description: Always start NFS services
## Type: yesno
## Default: yes
## ServiceRestart nfs
#
# Always start NFS services (gssd, idmapd), not only if
# there are nfs mounts in /etc/fstab. This is likely to be
# needed if you use an automounter for NFS.
# Note that the nfs service is no longer enabled by default
# and the command "chkconfig nfs on" is needed to fully enable
# NFS.
#
NFS_START_SERVICES="yes"
## Path: Network/File systems/NFS server
## Description: Port rpc.statd should listen on
## Type: integer
## Default: ""
## ServiceRestart: nfsserver
## ServiceRestart: rpc-statd
#
# Statd will normally choose a random port to listen on and
# SuSE-Firewall is able to detect which port and allow for it.
@ -105,7 +70,7 @@ STATD_PORT=""
## Description: Hostname used by rpc.statd
## Type: string
## Default: ""
## ServiceRestart: nfsserver
## ServiceRestart: rpc-statd
#
# statd will normally use the system hostname in status
# monitoring conversations with other hosts. If a different
@ -118,7 +83,7 @@ STATD_HOSTNAME=""
## Description: TCP Port that lockd should listen on
## Type: integer
## Default: ""
## ServiceRestart: nfsserver
## ServiceRestart: nfs-server
#
# Lockd will normally choose a random port to listen on and
# SuSE-Firewall is able to detect which port and allow for it.
@ -132,7 +97,7 @@ LOCKD_TCPPORT=""
## Description: UDP Port that lockd should listen on
## Type: integer
## Default: ""
## ServiceRestart: nfsserver
## ServiceRestart: nfs-server
#
# Lockd will normally choose a random port to listen on and
# SuSE-Firewall is able to detect which port and allow for it.
@ -146,6 +111,7 @@ LOCKD_UDPPORT=""
## Description: Command line parameters for rpc.statd
## Type: string
## Default: ""
## ServiceRestart: rpc-statd
#
# Custom parameters for rpc.statd daemon. Typically this will
# be used to set the port number (-p).
@ -171,6 +137,7 @@ NFSV4LEASETIME=""
## Description: Alternate mount point for rpc_pipefs filesystem
## Type: string
## Default: ""
## ServiceRestart: nfs-utils
#
# In a high-availabilty configuration it is possible that /var/lib/nfs
# is redirected so some shared storage and so it is not convenient to
@ -182,6 +149,7 @@ RPC_PIPEFS_DIR=""
## Description: Options for svcgssd
## Type: string
## Default: ""
## ServiceRestart: rpc-svcgssd
#
# Normally svcgssd does not require any option. However in a
# high-availabilty configuration it can be useful to pass "-n"
@ -194,6 +162,7 @@ SVCGSSD_OPTIONS=""
## Description: Extra options for nfsd
## Type: string
## Default: ""
## ServiceRestart nfs-server
#
# This setting allows extra options to be specified for NFSD, such as
# -H <shared_hostname> in a high-availability configuration.
@ -203,6 +172,7 @@ NFSD_OPTIONS=""
## Description: Extra options for gssd
## Type: string
## Default: ""
## ServiceRestart: rpc-gssd
#
# Normally gssd does not require any options. In some circumstances,
# -n, -l or other options might be useful. See "man 8 rpc.gssd" for
@ -213,6 +183,7 @@ GSSD_OPTIONS=""
## Description: Extra options for mountd
## Type: string
## Default: ""
## ServiceRestart nfs-mountd
#
# Normally mountd does not require any options. In some circumstances,
# -n, -t, -g or other options might be useful. See "man 8 rpc.mountd" for
@ -225,7 +196,7 @@ MOUNTD_OPTIONS=""
## Description: Avoid DNS lookups for kerberos principal
## Type: yesno
## Default: no
## ServiceRestart: gssd
## ServiceRestart: rpc-gssd
#
# Avoid DNS lookups when determining kerberos identity
# of NFS server (yes/no)