- 0001-close-the-syslog-fd-in-daemon_init.patch

Without this, tracing doesn't work - 0001-mount.nfs-trust-the-exit-status-of-start_statd.patch (bsc#945937) - 0001-mount-run-START_STATD-fully-as-root.patch (bsc#969152) OBS-URL: https://build.opensuse.org/package/show/Base:System/nfs-utils?expand=0&rev=161
2016-04-22 00:14:37 +00:00 · 2016-04-22 00:14:37 +00:00 · d863115dc1
commit d863115dc1
parent 35d5e5d3ec
5 changed files with 174 additions and 0 deletions
--- a/0001-close-the-syslog-fd-in-daemon_init.patch
+++ b/0001-close-the-syslog-fd-in-daemon_init.patch
@ -0,0 +1,41 @@
+From 273b46473594b8aa4e55f682577d1dd94d44ad50 Mon Sep 17 00:00:00 2001
+From: Scott Mayhew <smayhew@redhat.com>
+Date: Mon, 2 Nov 2015 08:07:11 -0500
+Subject: [PATCH] close the syslog fd in daemon_init()
+
+Commit 7addf9d (cleanup daemonization code) added the following line to
+mydaemon_init():
+
+        dup2(pipefds[1], 3);
+
+If we've already called vsyslog() before the fork(), then chances are fd
+3 was being used for the syslog socket.  In that case the next vsyslog()
+call will cause the data to appear on the read end of the pipe, causing
+the parent to exit with a nonzero status.  If systemd is running, it
+will see the parent's nonzero exit status and will terminate the child
+as well.
+
+So just call closelog() to close the fd.  The next call to vsyslog()
+will open a new one if need be.
+
+Signed-off-by: Scott Mayhew <smayhew@redhat.com>
+Signed-off-by: Steve Dickson <steved@redhat.com>
+---
+ support/nfs/mydaemon.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/support/nfs/mydaemon.c b/support/nfs/mydaemon.c
+index 3391eff39008..701cfd914179 100644
+--- a/support/nfs/mydaemon.c
+++ b/support/nfs/mydaemon.c
+@@ -122,6 +122,7 @@ daemon_init(bool fg)
+ 	dup2(tempfd, 0);
+ 	dup2(tempfd, 1);
+ 	dup2(tempfd, 2);
+	closelog();
+ 	dup2(pipefds[1], 3);
+ 	pipefds[1] = 3;
+ 	closeall(4);
+-- 
+2.8.1
+
--- a/0001-mount-run-START_STATD-fully-as-root.patch
+++ b/0001-mount-run-START_STATD-fully-as-root.patch
@ -0,0 +1,52 @@
+From 8714f14c1966612d073d922d86a394c424eda724 Mon Sep 17 00:00:00 2001
+From: NeilBrown <neilb@suse.com>
+Date: Fri, 22 Apr 2016 09:13:31 +1000
+Subject: [PATCH] mount: run START_STATD fully as root
+
+If a "user" mount is the first NFSv3 mount, mount.nfs will be running
+setuid to root (with non-root as the real-uid) when it executes START_STATD.
+
+start-statd is a shell script and many shells refuse to run setuid,
+dropping privileges immediately.  This results in start-statd running
+as an unprivileged user and so statd fails to start.
+
+To fix this, call "setuid(0)" to set real uid to zero.  Also call "setgid(0)"
+for consistency.
+
+The behaviour of a shell can often be affected by the environment,
+such as the "shell functions" that bash includes from the environment.
+To avoid the user being able to pass such environment to the shell,
+explicitly pass an empty environment.  The start-statd script explicitly
+sets the PATH which is all it really needs.
+
+Signed-off-by: NeilBrown <neilb@suse.com>
+---
+ utils/mount/network.c | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/utils/mount/network.c b/utils/mount/network.c
+index 7240ca7bcdc4..0d12613e86a4 100644
+--- a/utils/mount/network.c
+++ b/utils/mount/network.c
+@@ -795,6 +795,7 @@ int start_statd(void)
+ 		if (S_ISREG(stb.st_mode) && (stb.st_mode & S_IXUSR)) {
+ 			int cnt = STATD_TIMEOUT * 10;
+ 			int status = 0;
+			char * const envp[1] = { NULL };
+ 			const struct timespec ts = {
+ 				.tv_sec = 0,
+ 				.tv_nsec = 100000000,
+@@ -802,7 +803,9 @@ int start_statd(void)
+ 			pid_t pid = fork();
+ 			switch (pid) {
+ 			case 0: /* child */
+-				execl(START_STATD, START_STATD, NULL);
+				setgid(0);
+				setuid(0);
+				execle(START_STATD, START_STATD, NULL, envp);
+ 				exit(1);
+ 			case -1: /* error */
+ 				nfs_error(_("%s: fork failed: %s"),
+-- 
+2.8.1
+
--- a/0001-mount.nfs-trust-the-exit-status-of-start_statd.patch
+++ b/0001-mount.nfs-trust-the-exit-status-of-start_statd.patch
@ -0,0 +1,63 @@
+From 37cd45cb913403b9f3b0c2aaa705e06cd70cc1d7 Mon Sep 17 00:00:00 2001
+From: NeilBrown <neilb@suse.com>
+Date: Sat, 16 Jan 2016 12:06:32 -0500
+Subject: [PATCH] mount.nfs: trust the exit status of "start_statd".
+
+If DNS service is particularly slow, nfs_probe_statd() can fail even
+though rpc.statd is actually running.  This happens because rpc.statd
+is single threaded and could be waiting longer for DNS than
+nfs_probe_statd() will wait for it.
+
+This causes problems when mount.nfs uses nfs_probe_statd() to see if
+statd is running, as is needed for NFSv3.
+
+Currently in these circumstances there are two possible outcomes.
+1/ if systemd is in use, it will be told to start rpc-statd, which
+   is already running so no change.
+   mount.nfs will try pinging rpc.statd a few more times and could
+   eventually give up and fail the mount.
+   While slow DNS may well result in slow service, it shouldn't cause
+   a mount attempt to fail.
+
+2/ if systemd is not in use, a new rpc.statd will be started.  This
+   can (and has) lead to a large number of rpc.statd processes running
+   on the one machine.
+
+This patch addresses the first scenario.  If START_STATD is run and
+exits with a success status, mount.nfs assumes statd is running and
+allows the mount to succeed.  A separate patch will address the other
+scenario.
+
+Signed-off-by: NeilBrown <neilb@suse.com>
+Signed-off-by: Steve Dickson <steved@redhat.com>
+---
+ utils/mount/network.c | 6 +++++-
+ 1 file changed, 5 insertions(+), 1 deletion(-)
+
+diff --git a/utils/mount/network.c b/utils/mount/network.c
+index 8a9bf1476d51..7240ca7bcdc4 100644
+--- a/utils/mount/network.c
+++ b/utils/mount/network.c
+@@ -794,6 +794,7 @@ int start_statd(void)
+ 	if (stat(START_STATD, &stb) == 0) {
+ 		if (S_ISREG(stb.st_mode) && (stb.st_mode & S_IXUSR)) {
+ 			int cnt = STATD_TIMEOUT * 10;
+			int status = 0;
+ 			const struct timespec ts = {
+ 				.tv_sec = 0,
+ 				.tv_nsec = 100000000,
+@@ -808,7 +809,10 @@ int start_statd(void)
+ 						progname, strerror(errno));
+ 				break;
+ 			default: /* parent */
+-				waitpid(pid, NULL,0);
+				if (waitpid(pid, &status,0) == pid &&
+				    status == 0)
+					/* assume it worked */
+					return 1;
+ 				break;
+ 			}
+ 			while (1) {
+-- 
+2.8.1
+
--- a/nfs-utils.changes
+++ b/nfs-utils.changes
@ -1,3 +1,13 @@
+-------------------------------------------------------------------
+Thu Apr 21 23:40:59 UTC 2016 - neilb@suse.com
+
+- 0001-close-the-syslog-fd-in-daemon_init.patch
+  Without this, tracing doesn't work
+- 0001-mount.nfs-trust-the-exit-status-of-start_statd.patch
+  (bsc#945937)
+- 0001-mount-run-START_STATD-fully-as-root.patch
+  (bsc#969152)
+
 -------------------------------------------------------------------
 Mon Apr  4 13:56:38 CEST 2016 - kukuk@suse.de

--- a/nfs-utils.spec
+++ b/nfs-utils.spec
@ -63,6 +63,10 @@ Patch1:         nfs-utils-no-svcgss.service
 Patch2:         nfs-utils-uninit-mem.patch
 Patch3:         0001-Fix-protocol-minor-version-fall-back.patch
 Patch4:         0001-mount.nfs-hide-EBUSY-errors.patch
+Patch5:         0001-close-the-syslog-fd-in-daemon_init.patch
+Patch6:         0001-mount.nfs-trust-the-exit-status-of-start_statd.patch
+Patch7:         0001-mount-run-START_STATD-fully-as-root.patch
+
 Suggests:       python-base

 %description
@ -117,6 +121,10 @@ This package contains additional NFS documentation.
 %patch2 -p1
 %patch3 -p1
 %patch4 -p1
+%patch5 -p1
+%patch6 -p1
+%patch7 -p1
+
 cp %{S:6} .

 %build