diff --git a/fork-start-statd.patch b/fork-start-statd.patch deleted file mode 100644 index c88a2a2..0000000 --- a/fork-start-statd.patch +++ /dev/null @@ -1,34 +0,0 @@ -Index: nfs-utils-1.1.3/utils/mount/network.c -=================================================================== ---- nfs-utils-1.1.3.orig/utils/mount/network.c -+++ nfs-utils-1.1.3/utils/mount/network.c -@@ -694,7 +694,18 @@ int start_statd(void) - #ifdef START_STATD - if (stat(START_STATD, &stb) == 0) { - if (S_ISREG(stb.st_mode) && (stb.st_mode & S_IXUSR)) { -- system(START_STATD); -+ pid_t pid = fork(); -+ switch (pid) { -+ case 0: /* child */ -+ execl(START_STATD, START_STATD, NULL); -+ exit(1); -+ case -1: /* error */ -+ perror("Fork failed"); -+ break; -+ default: /* parent */ -+ waitpid(pid, NULL,0); -+ break; -+ } - if (probe_statd()) - return 1; - } -Index: nfs-utils-1.1.3/utils/statd/start-statd -=================================================================== ---- nfs-utils-1.1.3.orig/utils/statd/start-statd -+++ nfs-utils-1.1.3/utils/statd/start-statd -@@ -1,4 +1,4 @@ --#!/bin/sh -+#!/bin/sh -p - # nfsmount calls this script when mounting a filesystem with locking - # enabled, but when statd does not seem to be running (based on - # /var/run/rpc.statd.pid). diff --git a/idmapd.conf b/idmapd.conf new file mode 100644 index 0000000..bfcb177 --- /dev/null +++ b/idmapd.conf @@ -0,0 +1,10 @@ +[General] + +Verbosity = 0 +Pipefs-Directory = /var/lib/nfs/rpc_pipefs +Domain = localdomain + +[Mapping] + +Nobody-User = nobody +Nobody-Group = nobody diff --git a/nfs-utils-1.0.7-bind-syntax.patch b/nfs-utils-1.0.7-bind-syntax.patch index 0fbc93b..1e8fd04 100644 --- a/nfs-utils-1.0.7-bind-syntax.patch +++ b/nfs-utils-1.0.7-bind-syntax.patch @@ -2,11 +2,13 @@ support/include/misc.h | 3 support/include/nfslib.h | 1 ================================================================================ -Index: nfs-utils-1.1.2/support/nfs/exports.c -=================================================================== ---- nfs-utils-1.1.2.orig/support/nfs/exports.c -+++ nfs-utils-1.1.2/support/nfs/exports.c -@@ -627,6 +627,8 @@ bad_option: +--- + support/nfs/exports.c | 2 ++ + 1 file changed, 2 insertions(+) + +--- nfs-utils-1.2.1.orig/support/nfs/exports.c ++++ nfs-utils-1.2.1/support/nfs/exports.c +@@ -621,6 +621,8 @@ bad_option: } else if (strncmp(opt, "replicas=", 9) == 0) { ep->e_fslocmethod = FSLOC_REPLICA; ep->e_fslocdata = strdup(opt+9); diff --git a/nfs-utils-1.1.2-connect-UDP.patch b/nfs-utils-1.1.2-connect-UDP.patch deleted file mode 100644 index 25917c4..0000000 --- a/nfs-utils-1.1.2-connect-UDP.patch +++ /dev/null @@ -1,41 +0,0 @@ -From 59f85cc9ab483bea0da743a876bf70f483dd36eb Mon Sep 17 00:00:00 2001 -From: Neil Brown -Date: Mon, 21 Jul 2008 11:12:59 +1000 -References: bnc#404170 -Subject: [PATCH] Use connected socket when probing portmap with UDP. - -This allows us to get errors back promptly, and sometimes avoid -timeout. ---- - utils/mount/network.c | 6 ++++-- - 1 file changed, 4 insertions(+), 2 deletions(-) - ---- nfs-utils-1.1.3.orig/utils/mount/network.c -+++ nfs-utils-1.1.3/utils/mount/network.c -@@ -447,7 +447,7 @@ static unsigned short getport(struct soc - bind_saddr = *saddr; - bind_saddr.sin_port = htons(PMAPPORT); - -- socket = get_socket(&bind_saddr, proto, PMAP_TIMEOUT, FALSE, FALSE); -+ socket = get_socket(&bind_saddr, proto, PMAP_TIMEOUT, FALSE, TRUE); - if (socket == RPC_ANYSOCK) { - if (proto == IPPROTO_TCP && - rpc_createerr.cf_error.re_errno == ETIMEDOUT) -@@ -539,6 +539,7 @@ static int probe_port(clnt_addr_t *serve - } - if (rpc_createerr.cf_stat != RPC_PROGNOTREGISTERED && - rpc_createerr.cf_stat != RPC_TIMEDOUT && -+ rpc_createerr.cf_stat != RPC_CANTRECV && - rpc_createerr.cf_stat != RPC_PROGVERSMISMATCH) - goto out_bad; - -@@ -547,7 +548,8 @@ static int probe_port(clnt_addr_t *serve - continue; - p_prot = protos; - } -- if (rpc_createerr.cf_stat == RPC_TIMEDOUT) -+ if (rpc_createerr.cf_stat == RPC_TIMEDOUT || -+ rpc_createerr.cf_stat == RPC_CANTRECV) - goto out_bad; - - if (vers || !*++p_vers) diff --git a/nfs-utils-1.1.2-try-before-mount.patch b/nfs-utils-1.1.2-try-before-mount.patch deleted file mode 100644 index 6ccc419..0000000 --- a/nfs-utils-1.1.2-try-before-mount.patch +++ /dev/null @@ -1,228 +0,0 @@ -From 852424a9a02dbe1a7c3b75a014bc71cad2ab6d5e Mon Sep 17 00:00:00 2001 -From: Neil Brown -Date: Mon, 21 Jul 2008 12:45:50 +1000 -References: bnc#404170 -Subject: [PATCH] Check nfs options (vers/protocol) before trying mount. - -As the kernels nfs-mount client does not have heuristics to pick the -best protocol/version, also check with portmap to find what is -available before requesting a mount. - -However don't try to 'ping' the services. For NFS, this ping would -need to come from a reserved port, and these are a scarce resource. - -If the mount found, retry the probe doing any ping that might be -needed in the hope of finding the problem. - -Note: this patch also removes the (recently added) setting of -mountport= in the mount arguments. This is because: - 1/ the kernel can find it easily itself - 2/ it could confuse unmount which may be run much later - when mountd is running on a different port. - - -Signed-off-by: Neil Brown ---- - utils/mount/network.c | 35 +++++++++++++++++++++-------------- - utils/mount/network.h | 2 +- - utils/mount/nfsmount.c | 2 +- - utils/mount/stropts.c | 18 +++++++----------- - 4 files changed, 30 insertions(+), 27 deletions(-) - ---- nfs-utils-1.1.3.orig/utils/mount/network.c -+++ nfs-utils-1.1.3/utils/mount/network.c -@@ -500,9 +500,11 @@ static unsigned short getport(struct soc - * Use the portmapper to discover whether or not the service we want is - * available. The lists 'versions' and 'protos' define ordered sequences - * of service versions and udp/tcp protocols to probe for. -+ * If 'ping' is set, set an RPC NULL request to make sure the service -+ * is there. Else just assume that it is. - */ - static int probe_port(clnt_addr_t *server, const unsigned long *versions, -- const unsigned int *protos) -+ const unsigned int *protos, int ping) - { - struct sockaddr_in *saddr = &server->saddr; - struct pmap *pmap = &server->pmap; -@@ -530,7 +532,8 @@ static int probe_port(clnt_addr_t *serve - _("UDP") : _("TCP"), - p_port); - } -- if (clnt_ping(saddr, prog, *p_vers, *p_prot, NULL)) -+ if (!ping || -+ clnt_ping(saddr, prog, *p_vers, *p_prot, NULL)) - goto out_ok; - } - } -@@ -565,7 +568,7 @@ out_ok: - return 1; - } - --static int probe_nfsport(clnt_addr_t *nfs_server) -+static int probe_nfsport(clnt_addr_t *nfs_server, int ping) - { - struct pmap *pmap = &nfs_server->pmap; - -@@ -573,12 +576,14 @@ static int probe_nfsport(clnt_addr_t *nf - return 1; - - if (nfs_mount_data_version >= 4) -- return probe_port(nfs_server, probe_nfs3_first, probe_tcp_first); -+ return probe_port(nfs_server, probe_nfs3_first, probe_tcp_first, -+ ping); - else -- return probe_port(nfs_server, probe_nfs2_only, probe_udp_only); -+ return probe_port(nfs_server, probe_nfs2_only, probe_udp_only, -+ ping); - } - --static int probe_mntport(clnt_addr_t *mnt_server) -+static int probe_mntport(clnt_addr_t *mnt_server, int ping) - { - struct pmap *pmap = &mnt_server->pmap; - -@@ -586,9 +591,11 @@ static int probe_mntport(clnt_addr_t *mn - return 1; - - if (nfs_mount_data_version >= 4) -- return probe_port(mnt_server, probe_mnt3_first, probe_udp_first); -+ return probe_port(mnt_server, probe_mnt3_first, probe_udp_first, -+ ping); - else -- return probe_port(mnt_server, probe_mnt1_first, probe_udp_only); -+ return probe_port(mnt_server, probe_mnt1_first, probe_udp_only, -+ ping); - } - - /** -@@ -601,7 +608,7 @@ static int probe_mntport(clnt_addr_t *mn - * - * A side effect of calling this function is that rpccreateerr is set. - */ --int probe_bothports(clnt_addr_t *mnt_server, clnt_addr_t *nfs_server) -+int probe_bothports(clnt_addr_t *mnt_server, clnt_addr_t *nfs_server, int ping) - { - struct pmap *nfs_pmap = &nfs_server->pmap; - struct pmap *mnt_pmap = &mnt_server->pmap; -@@ -623,9 +630,9 @@ int probe_bothports(clnt_addr_t *mnt_ser - - for (; *probe_vers; probe_vers++) { - nfs_pmap->pm_vers = mntvers_to_nfs(*probe_vers); -- if ((res = probe_nfsport(nfs_server) != 0)) { -+ if ((res = probe_nfsport(nfs_server, ping) != 0)) { - mnt_pmap->pm_vers = *probe_vers; -- if ((res = probe_mntport(mnt_server)) != 0) -+ if ((res = probe_mntport(mnt_server, ping)) != 0) - return 1; - memcpy(mnt_pmap, &save_mnt, sizeof(*mnt_pmap)); - } -@@ -643,9 +650,9 @@ out_bad: - return 0; - - version_fixed: -- if (!probe_nfsport(nfs_server)) -+ if (!probe_nfsport(nfs_server, ping)) - goto out_bad; -- return probe_mntport(mnt_server); -+ return probe_mntport(mnt_server, ping); - } - - static int probe_statd(void) -@@ -712,7 +719,7 @@ int nfs_call_umount(clnt_addr_t *mnt_ser - enum clnt_stat res = 0; - int msock; - -- if (!probe_mntport(mnt_server)) -+ if (!probe_mntport(mnt_server, 0)) - return 0; - clnt = mnt_openclnt(mnt_server, &msock); - if (!clnt) ---- nfs-utils-1.1.3.orig/utils/mount/network.h -+++ nfs-utils-1.1.3/utils/mount/network.h -@@ -39,7 +39,7 @@ typedef struct { - static const struct timeval TIMEOUT = { 20, 0 }; - static const struct timeval RETRY_TIMEOUT = { 3, 0 }; - --int probe_bothports(clnt_addr_t *, clnt_addr_t *); -+int probe_bothports(clnt_addr_t *, clnt_addr_t *, int); - int nfs_gethostbyname(const char *, struct sockaddr_in *); - int nfs_name_to_address(const char *, const sa_family_t, - struct sockaddr *, socklen_t *); ---- nfs-utils-1.1.3.orig/utils/mount/nfsmount.c -+++ nfs-utils-1.1.3/utils/mount/nfsmount.c -@@ -129,7 +129,7 @@ nfs_call_mount(clnt_addr_t *mnt_server, - enum clnt_stat stat; - int msock; - -- if (!probe_bothports(mnt_server, nfs_server)) -+ if (!probe_bothports(mnt_server, nfs_server, 1)) - goto out_bad; - - clnt = mnt_openclnt(mnt_server, &msock); ---- nfs-utils-1.1.3.orig/utils/mount/stropts.c -+++ nfs-utils-1.1.3/utils/mount/stropts.c -@@ -314,7 +314,7 @@ static int nfs_is_permanent_error(int er - * Returns a new group of mount options if successful; otherwise - * NULL is returned if some failure occurred. - */ --static struct mount_options *nfs_rewrite_mount_options(char *str) -+static struct mount_options *nfs_rewrite_mount_options(char *str, int ping) - { - struct mount_options *options; - char *option, new_option[64]; -@@ -405,7 +405,7 @@ static struct mount_options *nfs_rewrite - po_remove_all(options, "tcp"); - po_remove_all(options, "udp"); - -- if (!probe_bothports(&mnt_server, &nfs_server)) { -+ if (!probe_bothports(&mnt_server, &nfs_server, ping)) { - errno = ESPIPE; - goto err; - } -@@ -441,11 +441,6 @@ static struct mount_options *nfs_rewrite - if (po_append(options, new_option) == PO_FAILED) - goto err; - -- snprintf(new_option, sizeof(new_option) - 1, -- "mountport=%lu", mnt_server.pmap.pm_port); -- if (po_append(options, new_option) == PO_FAILED) -- goto err; -- - errno = 0; - return options; - -@@ -486,13 +481,13 @@ static int nfs_sys_mount(const struct nf - * 'extra_opts' are updated to reflect the mount options that worked. - * If the retry fails, 'options' and 'extra_opts' are left unchanged. - */ --static int nfs_retry_nfs23mount(struct nfsmount_info *mi) -+static int nfs_try_nfs23mount_probe(struct nfsmount_info *mi, int ping) - { - struct mount_options *retry_options; - char *retry_str = NULL; - char **extra_opts = mi->extra_opts; - -- retry_options = nfs_rewrite_mount_options(*extra_opts); -+ retry_options = nfs_rewrite_mount_options(*extra_opts, ping); - if (!retry_options) - return 0; - -@@ -547,7 +542,7 @@ static int nfs_try_nfs23mount(struct nfs - if (mi->fake) - return 1; - -- if (nfs_sys_mount(mi, "nfs", *extra_opts)) -+ if (nfs_try_nfs23mount_probe(mi, 0)) - return 1; - - /* -@@ -557,7 +552,8 @@ static int nfs_try_nfs23mount(struct nfs - if (errno != EOPNOTSUPP && errno != EPROTONOSUPPORT) - return 0; - -- return nfs_retry_nfs23mount(mi); -+ /* Probe harder */ -+ return nfs_try_nfs23mount_probe(mi, 1); - } - - /* diff --git a/nfs-utils-1.1.3.tar.bz2 b/nfs-utils-1.1.3.tar.bz2 deleted file mode 100644 index 8eb24d9..0000000 --- a/nfs-utils-1.1.3.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:f82c497c449cdbecd1ce116863b8fff0e2983aa53eca89043fec4006f6e869f7 -size 573942 diff --git a/nfs-utils-1.2.1.tar.bz2 b/nfs-utils-1.2.1.tar.bz2 new file mode 100644 index 0000000..55784f8 --- /dev/null +++ b/nfs-utils-1.2.1.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:f4fc8fd71f562564de051d681997be3dd7753fb93f8a3a0eb7c5835f0f04fa6d +size 685942 diff --git a/nfs-utils-eperm-fallback.patch b/nfs-utils-eperm-fallback.patch new file mode 100644 index 0000000..cc2cb5f --- /dev/null +++ b/nfs-utils-eperm-fallback.patch @@ -0,0 +1,28 @@ +Fall back from v4 to v3 on EPERM. + +When the mount version isn't specified, mount.nfs tries v4 and +falls back to v3 if it gets ENOENT. +Linux kernels prior to 2.6.25 will return EPERM if there is no +v4 export, so fall back in that case too. + +This fixes bnc#557138 where a 2.6.31 or later kernel client gets +an error when mounting from a 2.6.24 or earlier server. + +Signed-off-by: NeilBrown + +diff --git a/utils/mount/stropts.c b/utils/mount/stropts.c +index b595649..68eb82b 100644 +--- a/utils/mount/stropts.c ++++ b/utils/mount/stropts.c +@@ -657,8 +657,10 @@ static int nfs_try_mount(struct nfsmount_info *mi) + * To deal with legacy Linux servers that don't + * automatically export a pseudo root, retry + * ENOENT errors using version 3 ++ * And for Linux servers prior to 2.6.25, retry ++ * EPERM + */ +- if (errno != ENOENT) ++ if (errno != ENOENT && errno != EPERM) + break; + } + } diff --git a/nfs-utils.changes b/nfs-utils.changes index 8ed8309..40c2be4 100644 --- a/nfs-utils.changes +++ b/nfs-utils.changes @@ -1,3 +1,29 @@ +------------------------------------------------------------------- +Thu Nov 5 03:16:22 UTC 2009 - nfbrown@novell.com + +- New upsteam release - 1.2.1 + Includes new config file: /etc/nfsmount.conf and + man page. +- nfs.init + * implement try-restart in a more gentle fashion + so that active mounts are not lost. Also allow + for the fact that binary has changed when finding + and killing running daemons. (bnc#543911) +- start-statd + * try-restart the firewall after starting statd + as the firewall might need to update to reflect + a new port number. +- Start nfs services if any nfs related sysctl + is set in /etc/sysctl.conf + +------------------------------------------------------------------- +Fri Oct 30 05:43:32 CET 2009 - nfbrown@suse.de + +- Kill processes on NFS mounts when unmounting + for shutdown. This allows any 'sync' to happen + before we turn off the network. + (bnc#503640) + ------------------------------------------------------------------- Tue Oct 6 14:14:24 CEST 2009 - werner@suse.de diff --git a/nfs-utils.spec b/nfs-utils.spec index 3d8e853..f29b685 100644 --- a/nfs-utils.spec +++ b/nfs-utils.spec @@ -1,5 +1,5 @@ # -# spec file for package nfs-utils (Version 1.1.3) +# spec file for package nfs-utils (Version 1.2.1) # # Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany. # @@ -26,8 +26,8 @@ BuildRequires: libevent %endif Url: http://nfs.sourceforge.net Summary: Support Utilities for Kernel nfsd -Version: 1.1.3 -Release: 20 +Version: 1.2.1 +Release: 1 Group: Productivity/Networking/NFS License: GPL v2 or later BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -45,14 +45,11 @@ Source7: fw-client Source8: fw-server Source9: mkinitrd-setup.sh Source10: mkinitrd-boot.sh +Source11: idmapd.conf +Source12: start-statd Patch0: nfs-utils-1.0.7-bind-syntax.patch -Patch1: nfs-utils-1.1.2-try-before-mount.patch -Patch2: nfs-utils-1.1.2-connect-UDP.patch -Patch3: sm-notify-no-sync.patch -Patch4: rpc.gssd-catch-signal.patch -Patch5: fork-start-statd.patch -Patch6: warn-nfs-udp.patch -Patch7: svcgssd-mem-leak +Patch1: warn-nfs-udp.patch +Patch2: nfs-utils-eperm-fallback.patch %description This package contains the NFS utilities. You can tune the number of @@ -132,11 +129,6 @@ Authors: %patch0 -p1 %patch1 -p1 %patch2 -p1 -%patch3 -p1 -%patch4 -p1 -%patch5 -p1 -%patch6 -p1 -%patch7 -p1 cp %{S:6} . %build @@ -148,6 +140,7 @@ CFLAGS="$RPM_OPT_FLAGS -fPIE -fno-strict-aliasing" LDFLAGS="-pie" ./configure \ --enable-nfsv4 \ --enable-gss \ --enable-mount \ + --enable-mountconfig \ --with-krb5=/usr/lib/mit make cd nfs @@ -160,7 +153,7 @@ sed -i \ done %install -make install DESTDIR=$RPM_BUILD_ROOT +make install-strip DESTDIR=$RPM_BUILD_ROOT rm -f linux-nfs/Makefile* # rc-script install -d $RPM_BUILD_ROOT/etc/init.d @@ -172,7 +165,7 @@ ln -sf ../../etc/init.d/nfs $RPM_BUILD_ROOT/usr/sbin/rcnfs mkdir -p $RPM_BUILD_ROOT/var/adm/fillup-templates install -m 644 %{SOURCE4} $RPM_BUILD_ROOT/var/adm/fillup-templates # idmapd setup -install -m 644 utils/idmapd/idmapd.conf $RPM_BUILD_ROOT/etc/idmapd.conf +install -m 644 %{S:11} $RPM_BUILD_ROOT/etc/idmapd.conf mkdir -p -m 755 $RPM_BUILD_ROOT/var/lib/nfs/rpc_pipefs mkdir -p -m 755 $RPM_BUILD_ROOT/var/lib/nfs/v4recovery mkdir -p -m 755 $RPM_BUILD_ROOT/usr/share/omc/svcinfo.d @@ -187,6 +180,8 @@ install -m 0644 %{SOURCE8} ${RPM_BUILD_ROOT}/etc/sysconfig/SuSEfirewall2.d/servi install -d $RPM_BUILD_ROOT/lib/mkinitrd/scripts install -m 755 %{S:9} $RPM_BUILD_ROOT/lib/mkinitrd/scripts/setup-nfs.sh install -m 755 %{S:10} $RPM_BUILD_ROOT/lib/mkinitrd/scripts/boot-nfs.sh +install -m 755 %{S:12} $RPM_BUILD_ROOT/usr/sbin/start-statd +install -m 644 utils/mount/nfsmount.conf $RPM_BUILD_ROOT/etc/nfsmount.conf %clean rm -rf $RPM_BUILD_ROOT @@ -220,6 +215,7 @@ rm -rf $RPM_BUILD_ROOT %defattr(-,root,root) %config /etc/init.d/nfs %config /etc/idmapd.conf +%config /etc/nfsmount.conf %dir /lib/mkinitrd %dir /lib/mkinitrd/scripts /lib/mkinitrd/scripts/setup-nfs.sh @@ -240,6 +236,7 @@ rm -rf $RPM_BUILD_ROOT /usr/sbin/sm-notify /usr/sbin/start-statd %{_mandir}/man5/idmapd.conf.5.gz +%{_mandir}/man5/nfsmount.conf.5.gz %{_mandir}/man5/nfs.5.gz %{_mandir}/man8/mount.nfs.8.gz %{_mandir}/man8/nfsstat.8.gz diff --git a/nfs.init b/nfs.init index 99f99be..0a281e5 100644 --- a/nfs.init +++ b/nfs.init @@ -39,6 +39,9 @@ usr="" opt="" mnt="" nfs=$NFS_START_SERVICES +if [ "x$nfs" != "xyes" ] +then nfs=no +fi while read what where type options rest ; do case "$what" in @@ -89,6 +92,9 @@ fi if test "$NFS4_SUPPORT" = yes ; then NEED_IDMAPD=yes fi +if grep -E '^(sunrpc|fs.nfs)' /etc/sysctl.conf > /dev/null 2>&1 ; then + nfs=yes +fi check_portmap() { # check if either portmap or rpcbind is running @@ -144,7 +150,7 @@ do_start_gssd() { do_start_idmapd() { mount_rpc_pipefs - # as idmapd needs to be run be server and client + # as idmapd needs to be run by server and client # check if there is already a idmapd running if checkproc $IDMAPD_BIN && test -f $IDMAPD_SERVER_STATE; then killproc -HUP $IDMAPD_BIN @@ -164,7 +170,7 @@ case "$1-$nfs" in echo -n "Not starting NFS client services - no NFS found in /etc/fstab:" rc_status -u ;; - start-yes|reload-yes|force-start-*) + start-yes|force-start-*) echo -n "Starting NFS client services:" if ! check_portmap ; then echo "portmap/rpcbind is not running" @@ -239,7 +245,18 @@ case "$1-$nfs" in echo -n " root filesystem is on NFS" rc_status -s else + # kill process to maximise chance that umount succeeds + mnt=`awk '$3 ~ /^nfs4*$/ {print $2}' /proc/mounts` + runlevel=`runlevel | awk '{print $2}'` + if test "$runlevel" -eq 0 -o "$runlevel" -eq 6; then + if test -n "$mnt" ; then + /sbin/mkill -TERM $mnt + fi + fi + # if filesystems are not busy, wait for unmount to complete.. + umount -at nfs,nfs4 + # if they are still busy, do a lazy unmount anyway. umount -alt nfs,nfs4 # stop gssd @@ -271,7 +288,14 @@ case "$1-$nfs" in rc_status -v fi ;; - restart*|force-reload*) + reload*|force-reload*) + # only IDMAP has any sense in which 'reload' makes sense. + if checkproc $IDMAPD_BIN; then + killproc -HUP $IDMAPD_BIN + fi + rc_status + ;; + restart*) ## Stop the service and regardless of whether it was ## running or not, start it again. $0 stop @@ -301,13 +325,28 @@ case "$1-$nfs" in rc_status -v ;; try-restart*|condrestart*) - $0 status - if test $? -eq 0; then - $0 restart - else - rc_reset + # This restart is not only conditional on the services already + # running, but is also gentler in that NFS filesystems are + # not unmounted or remounted. + # It is possible that the programs have been reinstalled so + # we pass a basename rather than a full path to checkproc and killproc + echo -n "Restarting NFS services:" + if checkproc ${GSSD_BIN##*/}; then + echo -n " gssd" + killproc ${GSSD_BIN##*/} + startproc $GSSD_BIN fi - rc_status + if checkproc ${IDMAPD_BIN##*/}; then + echo -n " idmapd" + killproc ${IDMAPD_BIN##*/} + startproc $IDMAPD_BIN + fi + if checkproc ${STATD_BIN##*/}; then + echo -n " statd" + killproc ${STATD_BIN##*/} + /usr/sbin/start-statd + fi + rc_status -v ;; *) echo "Usage: $0 {start|stop|status|reload|force-reload|restart|try-restart}" diff --git a/rpc.gssd-catch-signal.patch b/rpc.gssd-catch-signal.patch deleted file mode 100644 index a692b74..0000000 --- a/rpc.gssd-catch-signal.patch +++ /dev/null @@ -1,39 +0,0 @@ -Make sure signal used by 'dnotify' is not blocked. - -Some desktop environments block all realtime signals -and they remain blocked for all child processes. -So if you run rpc.gssd from a terminal window, the -signal it used for dnotify is blocked and never -deliverred. So it doesn't work. - -So we unblock that signal. - -bnc#406832 - -Signed-off-by: NeilBrown - - -Index: nfs-utils-1.1.3/utils/gssd/gssd_main_loop.c -=================================================================== ---- nfs-utils-1.1.3.orig/utils/gssd/gssd_main_loop.c -+++ nfs-utils-1.1.3/utils/gssd/gssd_main_loop.c -@@ -99,6 +99,7 @@ gssd_run() - int ret; - struct sigaction dn_act; - int fd; -+ sigset_t set; - - /* Taken from linux/Documentation/dnotify.txt: */ - dn_act.sa_sigaction = dir_notify_handler; -@@ -106,6 +107,11 @@ gssd_run() - dn_act.sa_flags = SA_SIGINFO; - sigaction(DNOTIFY_SIGNAL, &dn_act, NULL); - -+ /* just in case the signal is blocked... */ -+ sigemptyset(&set); -+ sigaddset(&set, DNOTIFY_SIGNAL); -+ sigprocmask(SIG_UNBLOCK, &set, NULL); -+ - if ((fd = open(pipefs_nfsdir, O_RDONLY)) == -1) { - printerr(0, "ERROR: failed to open %s: %s\n", - pipefs_nfsdir, strerror(errno)); diff --git a/sm-notify-no-sync.patch b/sm-notify-no-sync.patch deleted file mode 100644 index b0fd335..0000000 --- a/sm-notify-no-sync.patch +++ /dev/null @@ -1,53 +0,0 @@ -From c8d18e26d2a53d9036a32c2dafebccaf4ce1634d Mon Sep 17 00:00:00 2001 -From: Phil Endecott -Date: Tue, 14 Oct 2008 14:36:58 -0400 -Subject: [PATCH] sm-notify should exit as soon as its determined - there are no hosts to notify. This also decreases - start up time by a few seconds. - -Signed-off-by: Steve Dickson ---- - utils/statd/sm-notify.c | 13 ++++++++++--- - 1 files changed, 10 insertions(+), 3 deletions(-) - -Index: nfs-utils-1.1.3/utils/statd/sm-notify.c -=================================================================== ---- nfs-utils-1.1.3.orig/utils/statd/sm-notify.c -+++ nfs-utils-1.1.3/utils/statd/sm-notify.c -@@ -152,9 +152,13 @@ usage: fprintf(stderr, - return 1; - } - -+ log_syslog = 1; -+ openlog("sm-notify", LOG_PID, LOG_DAEMON); -+ - if (strcmp(_SM_BASE_PATH, BASEDIR) == 0) { - if (record_pid() == 0 && force == 0 && opt_update_state == 1) - /* already run, don't try again */ -+ nsm_log(LOG_NOTICE, "Already notifying clients; Exiting!"); - exit(0); - } - -@@ -169,6 +173,12 @@ usage: fprintf(stderr, - backup_hosts(_SM_DIR_PATH, _SM_BAK_PATH); - get_hosts(_SM_BAK_PATH); - -+ /* If there are not hosts to notify, just exit */ -+ if (!hosts) { -+ nsm_log(LOG_DEBUG, "No hosts to notify; exiting"); -+ return 0; -+ } -+ - /* Get and update the NSM state. This will call sync() */ - nsm_state = nsm_get_state(opt_update_state); - set_kernel_nsm_state(nsm_state); -@@ -177,9 +187,6 @@ usage: fprintf(stderr, - if (!opt_quiet) - printf("Backgrounding to notify hosts...\n"); - -- openlog("sm-notify", LOG_PID, LOG_DAEMON); -- log_syslog = 1; -- - if (daemon(0, 0) < 0) { - nsm_log(LOG_WARNING, "unable to background: %s", - strerror(errno)); diff --git a/start-statd b/start-statd new file mode 100644 index 0000000..156513c --- /dev/null +++ b/start-statd @@ -0,0 +1,12 @@ +#!/bin/sh -p +# nfsmount calls this script when mounting a filesystem with locking +# enabled, but when statd does not seem to be running (based on +# /var/run/rpc.statd.pid). +# It should run run statd with whatever flags are apropriate for this +# site. +PATH=/sbin:/usr/sbin:/bin:/usr/bin +rpc.statd --no-notify +# in case firewall needs to punch a hole for the +# statd port... +/etc/init.d/SuSEfirewall2_setup try-restart > /dev/null 2>&1 + diff --git a/svcgssd-mem-leak b/svcgssd-mem-leak deleted file mode 100644 index b625ef4..0000000 --- a/svcgssd-mem-leak +++ /dev/null @@ -1,49 +0,0 @@ -Set a more reasonable timeout for gss auth cache. - -svcgssd gives info to the kernel to gss authentication -and encryption. -This information currently has no expiry time and is never -flushed so it will collected forever and eventually -cause a significant waste of memory. - -So set the expiry times smaller. -For session initialisation, the context info should only be needed once. -So set a timeout of one minutes. - -For ongoing context information it could be needed for some time, -so set a timeot of one hour. - -See bnc#442490 - -From: NeilBrown -Signed-off-by: NeilBrown - ---- - utils/svcgssd/svcgssd_proc.c | 7 +++++-- - 1 file changed, 5 insertions(+), 2 deletions(-) - -Index: nfs-utils-1.1.3/utils/gssd/svcgssd_proc.c -=================================================================== ---- nfs-utils-1.1.3.orig/utils/gssd/svcgssd_proc.c -+++ nfs-utils-1.1.3/utils/gssd/svcgssd_proc.c -@@ -86,7 +86,9 @@ do_svc_downcall(gss_buffer_desc *out_han - } - qword_printhex(f, out_handle->value, out_handle->length); - /* XXX are types OK for the rest of this? */ -- qword_printint(f, 0x7fffffff); /*XXX need a better timeout */ -+ -+ /* 'context' could be needed for a while. */ -+ qword_printint(f, time(0) + 60*60); - qword_printint(f, cred->cr_uid); - qword_printint(f, cred->cr_gid); - qword_printint(f, cred->cr_ngroups); -@@ -130,7 +132,8 @@ send_response(FILE *f, gss_buffer_desc * - - qword_addhex(&bp, &blen, in_handle->value, in_handle->length); - qword_addhex(&bp, &blen, in_token->value, in_token->length); -- qword_addint(&bp, &blen, 0x7fffffff); /*XXX need a better timeout */ -+ /* INIT context info will only be needed for a short while */ -+ qword_addint(&bp, &blen, time(0) + 60); - qword_adduint(&bp, &blen, maj_stat); - qword_adduint(&bp, &blen, min_stat); - qword_addhex(&bp, &blen, out_handle->value, out_handle->length); diff --git a/warn-nfs-udp.patch b/warn-nfs-udp.patch index 8b1bf78..76b134d 100644 --- a/warn-nfs-udp.patch +++ b/warn-nfs-udp.patch @@ -1,8 +1,12 @@ -Index: nfs-utils-1.1.3/utils/mount/nfs.man -=================================================================== ---- nfs-utils-1.1.3.orig/utils/mount/nfs.man -+++ nfs-utils-1.1.3/utils/mount/nfs.man -@@ -438,6 +438,8 @@ Specifying +--- + utils/mount/nfs.man | 83 +++++++++++++++++++++++++++++++++++++++++++++++++ + utils/mount/nfsmount.c | 3 + + utils/mount/stropts.c | 13 +++++++ + 3 files changed, 99 insertions(+) + +--- nfs-utils-1.2.1.orig/utils/mount/nfs.man ++++ nfs-utils-1.2.1/utils/mount/nfs.man +@@ -497,6 +497,8 @@ Specifying .B proto=udp forces all traffic types to use UDP. .IP @@ -11,7 +15,7 @@ Index: nfs-utils-1.1.3/utils/mount/nfs.man If the .B proto mount option is not specified, the -@@ -452,6 +454,8 @@ The +@@ -511,6 +513,8 @@ The option is an alternative to specifying .BR proto=udp. It is included for compatibility with other operating systems. @@ -20,28 +24,19 @@ Index: nfs-utils-1.1.3/utils/mount/nfs.man .TP 1.5i .B tcp The -@@ -799,7 +803,7 @@ dropped requests, but this can result in - and server load. - .P - However, UDP can be quite effective in specialized settings where --the network’s MTU is large relative to NFS’s data transfer size (such -+the network's MTU is large relative to NFS's data transfer size (such - as network environments that enable jumbo Ethernet frames). In such - environments, trimming the - .B rsize -@@ -811,6 +815,8 @@ in a single frame) is advised. This r - the loss of a single MTU-sized network frame results in the loss of +@@ -896,6 +900,8 @@ in a single frame) is advised. This r + the loss of a single MTU-sized network frame results in the loss of an entire large read or write request. .P +Please see also the WARNINGS section below. +.P - TCP is the default transport protocol used for all modern NFS + TCP is the default transport protocol used for all modern NFS implementations. It performs well in almost every conceivable - network environment and provides excellent guarantees against data -@@ -1179,6 +1185,83 @@ of Access Control Lists that are semanti - NFS version 4 ACLs are not fully compatible with POSIX ACLs; as such, + network environment and provides excellent guarantees against data +@@ -1444,6 +1450,83 @@ of Access Control Lists that are semanti + NFS version 4 ACLs are not fully compatible with POSIX ACLs; as such, some translation between the two is required - in an environment that mixes POSIX ACLs and NFS version 4. + in an environment that mixes POSIX ACLs and NFS version 4. +.SH WARNINGS +Using NFS over UDP on high-speed links such as Gigabit +.BR "can cause silent data corruption" . @@ -122,10 +117,8 @@ Index: nfs-utils-1.1.3/utils/mount/nfs.man .SH FILES .TP 1.5i .I /etc/fstab -Index: nfs-utils-1.1.3/utils/mount/nfsmount.c -=================================================================== ---- nfs-utils-1.1.3.orig/utils/mount/nfsmount.c -+++ nfs-utils-1.1.3/utils/mount/nfsmount.c +--- nfs-utils-1.2.1.orig/utils/mount/nfsmount.c ++++ nfs-utils-1.2.1/utils/mount/nfsmount.c @@ -263,6 +263,9 @@ parse_options(char *old_opts, struct nfs if (!strcmp(opteq+1, "udp")) { nfs_pmap->pm_prot = IPPROTO_UDP; @@ -136,47 +129,16 @@ Index: nfs-utils-1.1.3/utils/mount/nfsmount.c #if NFS_MOUNT_VERSION >= 2 data->flags &= ~NFS_MOUNT_TCP; } else if (!strcmp(opteq+1, "tcp") && -Index: nfs-utils-1.1.3/utils/mount/stropts.c -=================================================================== ---- nfs-utils-1.1.3.orig/utils/mount/stropts.c -+++ nfs-utils-1.1.3/utils/mount/stropts.c -@@ -389,14 +389,28 @@ static struct mount_options *nfs_rewrite - po_remove_all(options, "proto"); - } - if (strcmp(option, "udp") == 0) { -+ static int once = 0; - nfs_server.pmap.pm_prot = IPPROTO_UDP; - po_remove_all(options, "proto"); -+ if (!once) -+ fprintf(stderr, -+ "Using NFS over UDP can cause data corruption.\n" -+ "Please refer to the WARNINGS section of the nfs(5) manual page.\n"); -+ once = 1; -+ - } - } - p = po_rightmost(options, "tcp", "udp"); - switch (p) { - case PO_KEY2_RIGHTMOST: - nfs_server.pmap.pm_prot = IPPROTO_UDP; -+ {static int once = 0; -+ if (!once) -+ fprintf(stderr, -+ "Using NFS over UDP can cause data corruption.\n" -+ "Please refer to the WARNINGS section of the nfs(5) manual page.\n"); -+ once = 1; -+ } - break; - case PO_KEY1_RIGHTMOST: - nfs_server.pmap.pm_prot = IPPROTO_TCP; -@@ -565,11 +579,24 @@ static int nfs_try_nfs23mount(struct nfs - static int nfs_try_nfs4mount(struct nfsmount_info *mi) +--- nfs-utils-1.2.1.orig/utils/mount/stropts.c ++++ nfs-utils-1.2.1/utils/mount/stropts.c +@@ -530,11 +530,24 @@ static int nfs_sys_mount(struct nfsmount { - char **extra_opts = mi->extra_opts; + char *options = NULL; + int result; + char *proto; + static int once = 0; - if (po_join(mi->options, extra_opts) == PO_FAILED) { + if (po_join(opts, &options) == PO_FAILED) { errno = EIO; return 0; } @@ -193,4 +155,4 @@ Index: nfs-utils-1.1.3/utils/mount/stropts.c + if (verbose) - printf(_("%s: text-based options: '%s'\n"), + printf(_("%s: trying text-based options '%s'\n"),