d50c5c1730
- Update to version 2.5.4-rc4 to get all recent fixes: e4ce810a Move declaration of etab and rmtab into libraries 7a4e2d1d Remove 'force' arg from cache_flush() c5528f40 Fix NFSv4 export of tmpfs filesystems ed83085f gssd: use mutex to protect decrement of refcount 972dba0f nfs-utils: Enable the retrieval of raw config settings without expansion 964f4861 nfs-utils: Factor out common structure cleanup calls 8219bdb0 Replace all /var/run with /run 81727afe Fix `statx()` emulation breaking exports a41afe9e mountd/exports: Fix typo in the man page 2f669b6f NFS server should enable RDMA by default d77ece22 mountd/exportd: only log confirmed clients, and poll for updates ac266e2e exportfs: fix unexporting of '/' 7abd15e3 nfsdclnts: Ignore SIGPIPE signal edeb3815 mountd: add logging of NFSv4 clients attaching and detaching. f8e2c8d4 mountd: make default ttl settable by option cc150093 mountd: add --cache-use-ipaddr option to force use_ipaddr c7a954ae mountd: add logging for authentication results for accesses. 1a8156f8 mountd/exports: update man page fec7347e mountd: Don't proactively add export info when fh info is requested. a72c151f mountd: reject unknown client IP when !use_ipaddr. 05bacfed gssd: Add options to rpc.gssd to allow for the use of $HOME/.k5identity files 7e559dbd exportd: server-side gid management - 0001-Replace-all-var-run-with-run.patch is now part of nfs-utils-2-5-4-rc3.patch OBS-URL: https://build.opensuse.org/request/show/895195 OBS-URL: https://build.opensuse.org/package/show/Base:System/nfs-utils?expand=0&rev=240
451 lines
13 KiB
Diff
451 lines
13 KiB
Diff
Commits:
|
|
e4ce810a Move declaration of etab and rmtab into libraries
|
|
7a4e2d1d Remove 'force' arg from cache_flush()
|
|
c5528f40 Fix NFSv4 export of tmpfs filesystems
|
|
ed83085f gssd: use mutex to protect decrement of refcount
|
|
|
|
diff --git a/support/export/auth.c b/support/export/auth.c
|
|
index cea37630..03ce4b8a 100644
|
|
--- a/support/export/auth.c
|
|
+++ b/support/export/auth.c
|
|
@@ -41,8 +41,6 @@ static nfs_client my_client;
|
|
|
|
extern int use_ipaddr;
|
|
|
|
-extern struct state_paths etab;
|
|
-
|
|
/*
|
|
void
|
|
auth_init(void)
|
|
@@ -80,7 +78,7 @@ check_useipaddr(void)
|
|
use_ipaddr = 0;
|
|
|
|
if (use_ipaddr != old_use_ipaddr)
|
|
- cache_flush(1);
|
|
+ cache_flush();
|
|
}
|
|
|
|
unsigned int
|
|
diff --git a/support/export/cache.c b/support/export/cache.c
|
|
index 3e4f53c0..a5823e92 100644
|
|
--- a/support/export/cache.c
|
|
+++ b/support/export/cache.c
|
|
@@ -981,7 +981,8 @@ static int dump_to_cache(int f, char *buf, int blen, char *domain,
|
|
write_secinfo(&bp, &blen, exp, flag_mask);
|
|
if (exp->e_uuid == NULL || different_fs) {
|
|
char u[16];
|
|
- if (uuid_by_path(path, 0, 16, u)) {
|
|
+ if ((exp->e_flags & flag_mask & NFSEXP_FSID) == 0 &&
|
|
+ uuid_by_path(path, 0, 16, u)) {
|
|
qword_add(&bp, &blen, "uuid");
|
|
qword_addhex(&bp, &blen, u, 16);
|
|
}
|
|
diff --git a/support/export/export.c b/support/export/export.c
|
|
index c753f68e..03390dfc 100644
|
|
--- a/support/export/export.c
|
|
+++ b/support/export/export.c
|
|
@@ -10,9 +10,11 @@
|
|
#include <config.h>
|
|
#endif
|
|
|
|
+#include <unistd.h>
|
|
#include <string.h>
|
|
#include <sys/types.h>
|
|
#include <sys/param.h>
|
|
+#include <fcntl.h>
|
|
#include <netinet/in.h>
|
|
#include <limits.h>
|
|
#include <stdlib.h>
|
|
@@ -420,3 +422,30 @@ export_hash(char *str)
|
|
|
|
return num % HASH_TABLE_SIZE;
|
|
}
|
|
+
|
|
+int export_test(struct exportent *eep, int with_fsid)
|
|
+{
|
|
+ char *path = eep->e_path;
|
|
+ int flags = eep->e_flags | (with_fsid ? NFSEXP_FSID : 0);
|
|
+ /* beside max path, buf size should take protocol str into account */
|
|
+ char buf[NFS_MAXPATHLEN+1+64] = { 0 };
|
|
+ char *bp = buf;
|
|
+ int len = sizeof(buf);
|
|
+ int fd, n;
|
|
+
|
|
+ n = snprintf(buf, len, "-test-client- ");
|
|
+ bp += n;
|
|
+ len -= n;
|
|
+ qword_add(&bp, &len, path);
|
|
+ if (len < 1)
|
|
+ return 0;
|
|
+ snprintf(bp, len, " 3 %d 65534 65534 0\n", flags);
|
|
+ fd = open("/proc/net/rpc/nfsd.export/channel", O_WRONLY);
|
|
+ if (fd < 0)
|
|
+ return 0;
|
|
+ n = nfsd_path_write(fd, buf, strlen(buf));
|
|
+ close(fd);
|
|
+ if (n < 0)
|
|
+ return 0;
|
|
+ return 1;
|
|
+}
|
|
diff --git a/support/export/v4root.c b/support/export/v4root.c
|
|
index 3654bd7c..c12a7d85 100644
|
|
--- a/support/export/v4root.c
|
|
+++ b/support/export/v4root.c
|
|
@@ -20,6 +20,7 @@
|
|
|
|
#include <unistd.h>
|
|
#include <errno.h>
|
|
+#include <uuid/uuid.h>
|
|
|
|
#include "xlog.h"
|
|
#include "exportfs.h"
|
|
@@ -89,11 +90,31 @@ v4root_create(char *path, nfs_export *export)
|
|
strncpy(eep.e_path, path, sizeof(eep.e_path)-1);
|
|
if (strcmp(path, "/") != 0)
|
|
eep.e_flags &= ~NFSEXP_FSID;
|
|
+
|
|
+ if (strcmp(path, "/") != 0 &&
|
|
+ !export_test(&eep, 0)) {
|
|
+ /* Need a uuid - base it on path using a fixed seed that
|
|
+ * was generated randomly.
|
|
+ */
|
|
+ const char seed_s[] = "39c6b5c1-3f24-4f4e-977c-7fe6546b8a25";
|
|
+ uuid_t seed, uuid;
|
|
+ char uuid_s[UUID_STR_LEN];
|
|
+ unsigned int i, j;
|
|
+
|
|
+ uuid_parse(seed_s, seed);
|
|
+ uuid_generate_sha1(uuid, seed, path, strlen(path));
|
|
+ uuid_unparse_upper(uuid, uuid_s);
|
|
+ /* strip hyhens */
|
|
+ for (i = j = 0; uuid_s[i]; i++)
|
|
+ if (uuid_s[i] != '-')
|
|
+ uuid_s[j++] = uuid_s[i];
|
|
+ eep.e_uuid = uuid_s;
|
|
+ }
|
|
set_pseudofs_security(&eep);
|
|
exp = export_create(&eep, 0);
|
|
if (exp == NULL)
|
|
return NULL;
|
|
- xlog(D_CALL, "v4root_create: path '%s' flags 0x%x",
|
|
+ xlog(D_CALL, "v4root_create: path '%s' flags 0x%x",
|
|
exp->m_export.e_path, exp->m_export.e_flags);
|
|
return &exp->m_export;
|
|
}
|
|
diff --git a/support/export/xtab.c b/support/export/xtab.c
|
|
index 00b25eaa..c888a80a 100644
|
|
--- a/support/export/xtab.c
|
|
+++ b/support/export/xtab.c
|
|
@@ -27,7 +27,7 @@
|
|
#include "misc.h"
|
|
|
|
static char state_base_dirname[PATH_MAX] = NFS_STATEDIR;
|
|
-extern struct state_paths etab;
|
|
+struct state_paths etab;
|
|
|
|
int v4root_needed;
|
|
static void cond_rename(char *newfile, char *oldfile);
|
|
diff --git a/support/include/exportfs.h b/support/include/exportfs.h
|
|
index 81d13721..9edf0d04 100644
|
|
--- a/support/include/exportfs.h
|
|
+++ b/support/include/exportfs.h
|
|
@@ -145,6 +145,7 @@ nfs_export * export_create(struct exportent *, int canonical);
|
|
void exportent_release(struct exportent *);
|
|
void export_freeall(void);
|
|
|
|
+extern struct state_paths etab;
|
|
int xtab_export_read(void);
|
|
int xtab_export_write(void);
|
|
|
|
@@ -173,5 +174,6 @@ struct export_features {
|
|
struct export_features *get_export_features(void);
|
|
void fix_pseudoflavor_flags(struct exportent *ep);
|
|
char *exportent_realpath(struct exportent *eep);
|
|
+int export_test(struct exportent *eep, int with_fsid);
|
|
|
|
#endif /* EXPORTFS_H */
|
|
diff --git a/support/include/nfslib.h b/support/include/nfslib.h
|
|
index 84d8270b..6faba71b 100644
|
|
--- a/support/include/nfslib.h
|
|
+++ b/support/include/nfslib.h
|
|
@@ -106,6 +106,7 @@ void dupexportent(struct exportent *dst,
|
|
struct exportent *src);
|
|
int updateexportent(struct exportent *eep, char *options);
|
|
|
|
+extern struct state_paths rmtab;
|
|
int setrmtabent(char *type);
|
|
struct rmtabent * getrmtabent(int log, long *pos);
|
|
void putrmtabent(struct rmtabent *xep, long *pos);
|
|
@@ -132,7 +133,7 @@ int wildmat(char *text, char *pattern);
|
|
|
|
int qword_get(char **bpp, char *dest, int bufsize);
|
|
int qword_get_int(char **bpp, int *anint);
|
|
-void cache_flush(int force);
|
|
+void cache_flush(void);
|
|
void qword_add(char **bpp, int *lp, char *str);
|
|
void qword_addhex(char **bpp, int *lp, char *buf, int blen);
|
|
void qword_addint(char **bpp, int *lp, int n);
|
|
diff --git a/support/nfs/cacheio.c b/support/nfs/cacheio.c
|
|
index 70ead94d..73f4be4a 100644
|
|
--- a/support/nfs/cacheio.c
|
|
+++ b/support/nfs/cacheio.c
|
|
@@ -32,8 +32,6 @@
|
|
#include <time.h>
|
|
#include <errno.h>
|
|
|
|
-extern struct state_paths etab;
|
|
-
|
|
void qword_add(char **bpp, int *lp, char *str)
|
|
{
|
|
char *bp = *bpp;
|
|
@@ -213,7 +211,7 @@ int qword_get_uint(char **bpp, unsigned int *anint)
|
|
*/
|
|
|
|
void
|
|
-cache_flush(int force)
|
|
+cache_flush(void)
|
|
{
|
|
struct stat stb;
|
|
int c;
|
|
@@ -234,12 +232,13 @@ cache_flush(int force)
|
|
NULL
|
|
};
|
|
now = time(0);
|
|
- if (force ||
|
|
- stat(etab.statefn, &stb) != 0 ||
|
|
- stb.st_mtime > now)
|
|
- stb.st_mtime = time(0);
|
|
-
|
|
- sprintf(stime, "%" PRId64 "\n", (int64_t)stb.st_mtime);
|
|
+
|
|
+ /* Since v4.16-rc2-3-g3b68e6ee3cbd the timestamp written is ignored.
|
|
+ * It is safest always to flush caches if there is any doubt.
|
|
+ * For earlier kernels, writing the next second from now is
|
|
+ * the best we can do.
|
|
+ */
|
|
+ sprintf(stime, "%" PRId64 "\n", (int64_t)now+1);
|
|
for (c=0; cachelist[c]; c++) {
|
|
int fd;
|
|
sprintf(path, "/proc/net/rpc/%s/flush", cachelist[c]);
|
|
diff --git a/support/nfs/rmtab.c b/support/nfs/rmtab.c
|
|
index 9f03167d..154b26fa 100644
|
|
--- a/support/nfs/rmtab.c
|
|
+++ b/support/nfs/rmtab.c
|
|
@@ -33,7 +33,7 @@
|
|
|
|
static FILE *rmfp = NULL;
|
|
|
|
-extern struct state_paths rmtab;
|
|
+struct state_paths rmtab;
|
|
|
|
int
|
|
setrmtabent(char *type)
|
|
diff --git a/utils/exportd/Makefile.am b/utils/exportd/Makefile.am
|
|
index eb521f15..c95bdee7 100644
|
|
--- a/utils/exportd/Makefile.am
|
|
+++ b/utils/exportd/Makefile.am
|
|
@@ -16,7 +16,7 @@ exportd_SOURCES = exportd.c
|
|
exportd_LDADD = ../../support/export/libexport.a \
|
|
../../support/nfs/libnfs.la \
|
|
../../support/misc/libmisc.a \
|
|
- $(OPTLIBS) $(LIBBLKID) $(LIBPTHREAD)
|
|
+ $(OPTLIBS) $(LIBBLKID) $(LIBPTHREAD) -luuid
|
|
|
|
exportd_CPPFLAGS = $(AM_CPPFLAGS) $(CPPFLAGS) \
|
|
-I$(top_srcdir)/support/export
|
|
diff --git a/utils/exportd/exportd.c b/utils/exportd/exportd.c
|
|
index f36f51d2..2dd12cb6 100644
|
|
--- a/utils/exportd/exportd.c
|
|
+++ b/utils/exportd/exportd.c
|
|
@@ -25,8 +25,6 @@
|
|
|
|
extern void my_svc_run(void);
|
|
|
|
-struct state_paths etab;
|
|
-
|
|
/* Number of mountd threads to start. Default is 1 and
|
|
* that's probably enough unless you need hundreds of
|
|
* clients to be able to mount at once. */
|
|
diff --git a/utils/exportfs/exportfs.c b/utils/exportfs/exportfs.c
|
|
index 25d757d8..6ba615d1 100644
|
|
--- a/utils/exportfs/exportfs.c
|
|
+++ b/utils/exportfs/exportfs.c
|
|
@@ -52,13 +52,6 @@ static void release_lockfile(void);
|
|
static const char *lockfile = EXP_LOCKFILE;
|
|
static int _lockfd = -1;
|
|
|
|
-struct state_paths etab;
|
|
-
|
|
-static ssize_t exportfs_write(int fd, const char *buf, size_t len)
|
|
-{
|
|
- return nfsd_path_write(fd, buf, len);
|
|
-}
|
|
-
|
|
/*
|
|
* If we aren't careful, changes made by exportfs can be lost
|
|
* when multiple exports process run at once:
|
|
@@ -193,7 +186,7 @@ main(int argc, char **argv)
|
|
|
|
if (optind == argc && ! f_all) {
|
|
if (force_flush) {
|
|
- cache_flush(1);
|
|
+ cache_flush();
|
|
free_state_path_names(&etab);
|
|
return 0;
|
|
} else {
|
|
@@ -240,7 +233,7 @@ main(int argc, char **argv)
|
|
unexportfs(argv[i], f_verbose);
|
|
}
|
|
xtab_export_write();
|
|
- cache_flush(force_flush);
|
|
+ cache_flush();
|
|
free_state_path_names(&etab);
|
|
export_freeall();
|
|
|
|
@@ -510,33 +503,6 @@ static int can_test(void)
|
|
return 1;
|
|
}
|
|
|
|
-static int test_export(nfs_export *exp, int with_fsid)
|
|
-{
|
|
- char *path = exp->m_export.e_path;
|
|
- int flags = exp->m_export.e_flags | (with_fsid ? NFSEXP_FSID : 0);
|
|
- /* beside max path, buf size should take protocol str into account */
|
|
- char buf[NFS_MAXPATHLEN+1+64] = { 0 };
|
|
- char *bp = buf;
|
|
- int len = sizeof(buf);
|
|
- int fd, n;
|
|
-
|
|
- n = snprintf(buf, len, "-test-client- ");
|
|
- bp += n;
|
|
- len -= n;
|
|
- qword_add(&bp, &len, path);
|
|
- if (len < 1)
|
|
- return 0;
|
|
- snprintf(bp, len, " 3 %d 65534 65534 0\n", flags);
|
|
- fd = open("/proc/net/rpc/nfsd.export/channel", O_WRONLY);
|
|
- if (fd < 0)
|
|
- return 0;
|
|
- n = exportfs_write(fd, buf, strlen(buf));
|
|
- close(fd);
|
|
- if (n < 0)
|
|
- return 0;
|
|
- return 1;
|
|
-}
|
|
-
|
|
static void
|
|
validate_export(nfs_export *exp)
|
|
{
|
|
@@ -568,12 +534,12 @@ validate_export(nfs_export *exp)
|
|
|
|
if ((exp->m_export.e_flags & NFSEXP_FSID) || exp->m_export.e_uuid ||
|
|
fs_has_fsid) {
|
|
- if ( !test_export(exp, 1)) {
|
|
+ if ( !export_test(&exp->m_export, 1)) {
|
|
xlog(L_ERROR, "%s does not support NFS export", path);
|
|
return;
|
|
}
|
|
- } else if ( !test_export(exp, 0)) {
|
|
- if (test_export(exp, 1))
|
|
+ } else if ( !export_test(&exp->m_export, 0)) {
|
|
+ if (export_test(&exp->m_export, 1))
|
|
xlog(L_ERROR, "%s requires fsid= for NFS export", path);
|
|
else
|
|
xlog(L_ERROR, "%s does not support NFS export", path);
|
|
diff --git a/utils/gssd/krb5_util.c b/utils/gssd/krb5_util.c
|
|
index 28b60ba3..51e0c6a2 100644
|
|
--- a/utils/gssd/krb5_util.c
|
|
+++ b/utils/gssd/krb5_util.c
|
|
@@ -169,18 +169,28 @@ static int gssd_get_single_krb5_cred(krb5_context context,
|
|
static int query_krb5_ccache(const char* cred_cache, char **ret_princname,
|
|
char **ret_realm);
|
|
|
|
-static void release_ple(krb5_context context, struct gssd_k5_kt_princ *ple)
|
|
+static void release_ple_locked(krb5_context context,
|
|
+ struct gssd_k5_kt_princ *ple)
|
|
{
|
|
if (--ple->refcount)
|
|
return;
|
|
|
|
- printerr(3, "freeing cached principal (ccname=%s, realm=%s)\n", ple->ccname, ple->realm);
|
|
+ printerr(3, "freeing cached principal (ccname=%s, realm=%s)\n",
|
|
+ ple->ccname, ple->realm);
|
|
krb5_free_principal(context, ple->princ);
|
|
free(ple->ccname);
|
|
free(ple->realm);
|
|
free(ple);
|
|
}
|
|
|
|
+static void release_ple(krb5_context context, struct gssd_k5_kt_princ *ple)
|
|
+{
|
|
+ pthread_mutex_lock(&ple_lock);
|
|
+ release_ple_locked(context, ple);
|
|
+ pthread_mutex_unlock(&ple_lock);
|
|
+}
|
|
+
|
|
+
|
|
/*
|
|
* Called from the scandir function to weed out potential krb5
|
|
* credentials cache files
|
|
@@ -1420,7 +1430,7 @@ gssd_destroy_krb5_principals(int destroy_machine_creds)
|
|
}
|
|
}
|
|
|
|
- release_ple(context, ple);
|
|
+ release_ple_locked(context, ple);
|
|
}
|
|
pthread_mutex_unlock(&ple_lock);
|
|
krb5_free_context(context);
|
|
diff --git a/utils/gssd/svcgssd.c b/utils/gssd/svcgssd.c
|
|
index 3ab2100b..881207b3 100644
|
|
--- a/utils/gssd/svcgssd.c
|
|
+++ b/utils/gssd/svcgssd.c
|
|
@@ -67,7 +67,6 @@
|
|
#include "misc.h"
|
|
#include "svcgssd_krb5.h"
|
|
|
|
-struct state_paths etab; /* from cacheio.c */
|
|
static bool signal_received = false;
|
|
static struct event_base *evbase = NULL;
|
|
static int nullrpc_fd = -1;
|
|
diff --git a/utils/mountd/Makefile.am b/utils/mountd/Makefile.am
|
|
index 859f28ec..13b25c90 100644
|
|
--- a/utils/mountd/Makefile.am
|
|
+++ b/utils/mountd/Makefile.am
|
|
@@ -18,7 +18,7 @@ mountd_LDADD = ../../support/export/libexport.a \
|
|
../../support/nfs/libnfs.la \
|
|
../../support/misc/libmisc.a \
|
|
$(OPTLIBS) \
|
|
- $(LIBBSD) $(LIBWRAP) $(LIBNSL) $(LIBBLKID) $(LIBTIRPC) \
|
|
+ $(LIBBSD) $(LIBWRAP) $(LIBNSL) $(LIBBLKID) -luuid $(LIBTIRPC) \
|
|
$(LIBPTHREAD)
|
|
mountd_CPPFLAGS = $(AM_CPPFLAGS) $(CPPFLAGS) \
|
|
-I$(top_builddir)/support/include \
|
|
diff --git a/utils/mountd/mountd.c b/utils/mountd/mountd.c
|
|
index 39e85fd5..bcf749fa 100644
|
|
--- a/utils/mountd/mountd.c
|
|
+++ b/utils/mountd/mountd.c
|
|
@@ -43,9 +43,6 @@ int reverse_resolve = 0;
|
|
int manage_gids;
|
|
int use_ipaddr = -1;
|
|
|
|
-struct state_paths etab;
|
|
-struct state_paths rmtab;
|
|
-
|
|
/* PRC: a high-availability callout program can be specified with -H
|
|
* When this is done, the program will receive callouts whenever clients
|
|
* send mount or unmount requests -- the callout is not needed for 2.6 kernel */
|
|
diff --git a/utils/mountd/rmtab.c b/utils/mountd/rmtab.c
|
|
index c8962439..2da97615 100644
|
|
--- a/utils/mountd/rmtab.c
|
|
+++ b/utils/mountd/rmtab.c
|
|
@@ -28,8 +28,6 @@
|
|
|
|
extern int reverse_resolve;
|
|
|
|
-extern struct state_paths rmtab;
|
|
-
|
|
/* If new path is a link do not destroy it but place the
|
|
* file where the link points.
|
|
*/
|