diff --git a/mkinitrd-boot.sh b/mkinitrd-boot.sh index 5f9543b..4a18cde 100644 --- a/mkinitrd-boot.sh +++ b/mkinitrd-boot.sh @@ -2,7 +2,7 @@ #%stage: block #%modules: nfs #%programs: /sbin/mount.nfs -#%if: "$rootfstype" = "nfs" -a "$interface" +#%if: "$rootfstype" = "nfs" -o "$need_nfs" # ##### Network FileSystem ## diff --git a/nfs-utils.changes b/nfs-utils.changes index 2243fc8..c49b1e5 100644 --- a/nfs-utils.changes +++ b/nfs-utils.changes @@ -1,3 +1,26 @@ +------------------------------------------------------------------- +Sun May 9 23:07:24 UTC 2010 - nfbrown@novell.com + +- nfsserver.init / sysconfig.nfs: allow NFSv3 service + to be disabled so only NFSv4 can be used. bnc#598671 +- nfs-v2-disable.patch: mountd support for above +- nfs.init: unmount bind mounts with '-l' to ensure they + really unmount. bnc#598681 + +------------------------------------------------------------------- +Mon Apr 19 23:43:45 UTC 2010 - nfbrown@novell.com + +- mkinitrd-boot.sh: allow other mkinitrd-setup + scripts to request the inclusion of nfs support + by setting need_nfs to 1. (bnc#572207) + +------------------------------------------------------------------- +Mon Apr 19 04:54:50 UTC 2010 - nfbrown@novell.com + +- sysconfig.nfs, nfsserver.init, start-start: handle + STATD_OPTIONS so that sysadmin can easily set options + like port number. (bnc#595379) + ------------------------------------------------------------------- Fri Mar 26 15:39:05 CET 2010 - mmarek@suse.cz diff --git a/nfs-utils.spec b/nfs-utils.spec index 3a44948..79d42e4 100644 --- a/nfs-utils.spec +++ b/nfs-utils.spec @@ -27,7 +27,7 @@ BuildRequires: libevent Url: http://nfs.sourceforge.net Summary: Support Utilities for Kernel nfsd Version: 1.2.1 -Release: 4 +Release: 5 Group: Productivity/Networking/NFS License: GPLv2+ BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -50,6 +50,7 @@ Source12: start-statd Patch0: nfs-utils-1.0.7-bind-syntax.patch Patch1: warn-nfs-udp.patch Patch2: nfs-utils-eperm-fallback.patch +Patch3: nfs-v2-disable.patch %description This package contains the NFS utilities. You can tune the number of @@ -129,6 +130,7 @@ Authors: %patch0 -p1 %patch1 -p1 %patch2 -p1 +%patch3 -p1 cp %{S:6} . %build diff --git a/nfs-v2-disable.patch b/nfs-v2-disable.patch new file mode 100644 index 0000000..24d2bc7 --- /dev/null +++ b/nfs-v2-disable.patch @@ -0,0 +1,66 @@ +Subject: Allow mountd to not listen for RPC calls when v2/v3 disabled +References: 598671 + +Mountd listens on 2 different versions for NFSv2 (MOUNTv1 and MOUNTv2) +and one for NFSv3 (MOUNTv3) + +When --no-nfs-version requests an NFS version to be disabled, the +code actually disabled the MOUNT version. This works is several cases, +but requires --no-nfs-version 1 to completely disable NFSv2, which +is wrong. + +So if we do disable 1, 2, and 3. mountd complain and won't run, it +is not possible to run just v4 - i.e. not listening for MOUNT requests +at all (as v4 doesn't need them). + +So change the handling of "--no-nfs-version 2" it disable MOUNTv1 as well as +MOUNTv2, and allow mountd to continue running as long as one of +NFSv2 NFSv3 NFSv4 is enabled. + +Signed-off-by: NeilBrown + +diff --git a/utils/mountd/mountd.c b/utils/mountd/mountd.c +index a0a1f2d..5373d81 100644 +--- a/utils/mountd/mountd.c ++++ b/utils/mountd/mountd.c +@@ -80,10 +80,10 @@ static int nfs_version = -1; + static void + unregister_services (void) + { +- if (nfs_version & 0x1) ++ if (nfs_version & (0x1 << 1)) { + pmap_unset (MOUNTPROG, MOUNTVERS); +- if (nfs_version & (0x1 << 1)) + pmap_unset (MOUNTPROG, MOUNTVERS_POSIX); ++ } + if (nfs_version & (0x1 << 2)) + pmap_unset (MOUNTPROG, MOUNTVERS_NFSV3); + } +@@ -712,8 +712,10 @@ main(int argc, char **argv) + usage(argv [0], 1); + } + +- /* No more arguments allowed. */ +- if (optind != argc || !(nfs_version & 0x7)) ++ /* No more arguments allowed. ++ * Require at least one valid version (2, 3, or 4) ++ */ ++ if (optind != argc || !(nfs_version & 0xE)) + usage(argv [0], 1); + + if (chdir(state_dir)) { +@@ -761,12 +763,12 @@ main(int argc, char **argv) + if (new_cache) + cache_open(); + +- if (nfs_version & 0x1) ++ if (nfs_version & (0x1 << 1)) { + rpc_init("mountd", MOUNTPROG, MOUNTVERS, + mount_dispatch, port); +- if (nfs_version & (0x1 << 1)) + rpc_init("mountd", MOUNTPROG, MOUNTVERS_POSIX, + mount_dispatch, port); ++ } + if (nfs_version & (0x1 << 2)) + rpc_init("mountd", MOUNTPROG, MOUNTVERS_NFSV3, + mount_dispatch, port); diff --git a/nfsserver.init b/nfsserver.init index 0d7778a..5c2f9f5 100644 --- a/nfsserver.init +++ b/nfsserver.init @@ -95,11 +95,11 @@ nfs4_bind_mounts() { sed 's/^\([^[:space:]]*\).*bind=\([^,)]*\).*/\1 \2/;t;d' | sort | while read export dir; do - test -d $export || mkdir -p $export + test -d "$export" || mkdir -p "$export" # Fortunately, mount ignores unknown # options, so we have an easy way to # tag our "magic" bind mounts - mount -o bind,nfsexp $dir $export + mount -o bind,nfsexp "$dir" "$export" done } @@ -109,7 +109,7 @@ nfs4_unbind_mounts() { grep '\' | sort -r -k2 | while read src mountpoint crap; do - umount $mountpoint + umount -l "$mountpoint" done } @@ -171,11 +171,17 @@ case "$1" in mount -t nfsd nfsd /proc/fs/nfsd rc_status fi - if [ "$NFS4_SUPPORT" = "yes" ]; then - VERSION_LIST="+2 +3 +4" - VERSION_PARAMS="" + VERSION_PARAMS= + if [ "$NFS3_SERVER_SUPPORT" != "no" ]; then + VERSION_LIST="+2 +3 " else - VERSION_LIST="+2 +3 -4" + VERSION_LIST="-2 -3" + VERSION_PARAMS="--no-nfs-version 2 --no-nfs-version 3" + fi + if [ "$NFS4_SUPPORT" = "yes" ]; then + VERSION_LIST="$VERSION_LIST +4" + else + VERSION_LIST="$VERSION_LIST -4" VERSION_PARAMS="--no-nfs-version 4" fi if [ " `cat /proc/fs/nfsd/threads`" = " 0" ]; then @@ -211,11 +217,13 @@ case "$1" in rc_exit } # rpc.statd - echo -n " statd" - startproc /usr/sbin/rpc.statd --no-notify || { + if [ "$NFS3_SERVER_SUPPORT" != "no" ]; then + echo -n " statd" + startproc /usr/sbin/rpc.statd --no-notify $STATD_OPTIONS || { rc_status -v rc_exit - } + } + fi # rpc.nfsd echo -n " nfsd" $NFSD_BIN $PARAMS $VERSION_PARAMS || { diff --git a/start-statd b/start-statd index 156513c..9026b09 100644 --- a/start-statd +++ b/start-statd @@ -5,7 +5,8 @@ # It should run run statd with whatever flags are apropriate for this # site. PATH=/sbin:/usr/sbin:/bin:/usr/bin -rpc.statd --no-notify +. /etc/sysconfig/nfs +rpc.statd --no-notify $STATD_OPTIONS # in case firewall needs to punch a hole for the # statd port... /etc/init.d/SuSEfirewall2_setup try-restart > /dev/null 2>&1 diff --git a/sysconfig.nfs b/sysconfig.nfs index 53a5895..e357570 100644 --- a/sysconfig.nfs +++ b/sysconfig.nfs @@ -30,6 +30,19 @@ MOUNTD_PORT="" # NFS_SECURITY_GSS="no" +## Path: Network/File systems/NFS server +## Description: NFSv3 server support +## Type: yesno +## Default: yes +## ServiceRestart: nfsserver +# +# Enable NFSv3 server support (yes/no) +# This causes the NFS server to respond to +# NFSv2 and NFSv3 requests. Only disable this +# if you want to ensure only NFSv4 is used. +# +NFS3_SERVER_SUPPORT="yes" + ## Path: Network/File systems/NFS server ## Description: NFSv4 protocol support ## Type: yesno @@ -60,3 +73,13 @@ SM_NOTIFY_OPTIONS="" # NFS_START_SERVICES="no" +## Path: Network/File systems/NFS server +## Description: Command line parameters for rpc.statd +## Type: string +## Default: "" +# +# Custom parameters for rpc.statd daemon. Typically this will +# be used to set the port number (-p). +# +STATD_OPTIONS="" +