rpm/nfs-utils
SHA256
1
0
Fork 0
forked from pool/nfs-utils
Code Pull Requests Activity
nfs-utils/0004-fsidd-call-anonymous-sockets-by-their-name-only-don-.patch
Dirk Mueller 99d3e0d9fa - add 0001-gssd-revert-commit-a5f3b7ccb01c.patch, 
0002-gssd-revert-commit-513630d720bd.patch,
  0003-gssd-switch-to-using-rpc_gss_seccreate.patch,
  0004-gssd-handle-KRB5_AP_ERR_BAD_INTEGRITY-for-machine-cr.patch,
  0005-gssd-handle-KRB5_AP_ERR_BAD_INTEGRITY-for-user-crede.patch,
  0006-configure-check-for-rpc_gss_seccreate.patch: fixes for
  libtirpc 1.3.5
- drop reenable-nfsv2.patch (poo#106679)
  Fix crash when rpc-gssd run with -v.
- Replace references to /var/adm/fillup-templates with new
  options.
- do not strip the binaries
- mkinitrd-boot.sh: allow other mkinitrd-setup
- nfs-utils-eperm-fallback.patch:  mount.nfs
  Includes new config file: /etc/nfsmount.conf and
- Kill processes on NFS mounts when unmounting
  bnc#442490
  * fix typo in handling of "init.d/nfs status"
- nfs.init:
  * unmount rpc_pipefs
- fix sysconfig filename for changed fillup call
   services (gssd and idmpad have been rolled in to nfs/nfsserver).
- remove svcinfo.d dir as it is provided now by filesystem
- update to version 1.1.2
- uses libgssglue instead of libgssapi
- add rpcbind support [fate#300607]
- added gssapi to buildrequires
  (#116355)
  showmount has been removed there (#309782)
- added README.NFSv4 (#182775)

OBS-URL: https://build.opensuse.org/package/show/Base:System/nfs-utils?expand=0&rev=285
2024-08-20 20:22:12 +00:00

116 lines
4.7 KiB
Diff
Raw Permalink Blame History

From 46f91dc8f0d9aa31e18327cf3ad61c27551c4cfc Mon Sep 17 00:00:00 2001
From: Ahelenia Ziemiaska <nabijaczleweli@nabijaczleweli.xyz>
Date: Mon, 27 Nov 2023 10:41:04 -0500
Subject: [PATCH] fsidd: call anonymous sockets by their name only, don't fill
with NULs to 108 bytes
Since e00ab3c0616fe6d83ab0710d9e7d989c299088f7, ss -l looks like this:
u_seq LISTEN 0 5 @/run/fsid.sock@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ 26989379 * 0
with fsidd pushing all the addresses to 108 bytes wide, which is deeply
egregious if you don't filter it out and recolumnate.
This is because, naturally (unix(7)), "Null bytes in the name have
no special significance": abstract addresses are binary blobs, but
paths automatically terminate at the first NUL byte, since paths
can't contain those.
So just specify the correct address length when we're using the abstract domain:
unix(7) recommends "offsetof(struct sockaddr_un, sun_path) + strlen(sun_path) + 1"
for paths, but we don't want to include the terminating NUL, so it's just
"offsetof(struct sockaddr_un, sun_path) + strlen(sun_path)".
This brings the width back to order:
-- >8 --
$ ss -la | grep @
u_str ESTAB 0 0 @45208536ec96909a/bus/systemd-timesyn/bus-api-timesync 18500238 * 18501249
u_str ESTAB 0 0 @fecc9657d2315eb7/bus/systemd-network/bus-api-network 18495452 * 18494406
u_seq LISTEN 0 5 @/run/fsid.sock 27168796 * 0
u_str ESTAB 0 0 @ac308f35f50797a2/bus/systemd-logind/system 19406 * 15153
u_str ESTAB 0 0 @b6606e0dfacbae75/bus/systemd/bus-api-system 18494353 * 18495334
u_str ESTAB 0 0 @5880653d215718a7/bus/systemd/bus-system 26930876 * 26930003
-- >8 --
Fixes: e00ab3c0616fe6d83ab0710d9e7d989c299088f7 ("fsidd: provide
better default socket name.")
Reviewed-by: NeilBrown <neilb@suse.de>
Signed-off-by: Ahelenia Ziemia?ska <nabijaczleweli@nabijaczleweli.xyz>
Signed-off-by: Steve Dickson <steved@redhat.com>
---
support/reexport/fsidd.c | 9 ++++++---
support/reexport/reexport.c | 8 ++++++--
2 files changed, 12 insertions(+), 5 deletions(-)
diff --git a/support/reexport/fsidd.c b/support/reexport/fsidd.c
index 3e62b3fc1370..8a70b78f6362 100644
--- a/support/reexport/fsidd.c
+++ b/support/reexport/fsidd.c
@@ -147,6 +147,7 @@ int main(void)
{
struct event *srv_ev;
struct sockaddr_un addr;
+ socklen_t addr_len;
char *sock_file;
int srv;
@@ -161,10 +162,12 @@ int main(void)
memset(&addr, 0, sizeof(struct sockaddr_un));
addr.sun_family = AF_UNIX;
strncpy(addr.sun_path, sock_file, sizeof(addr.sun_path) - 1);
- if (addr.sun_path[0] == '@')
+ addr_len = sizeof(struct sockaddr_un);
+ if (addr.sun_path[0] == '@') {
/* "abstract" socket namespace */
+ addr_len = offsetof(struct sockaddr_un, sun_path) + strlen(addr.sun_path);
addr.sun_path[0] = 0;
- else
+ } else
unlink(sock_file);
srv = socket(AF_UNIX, SOCK_SEQPACKET | SOCK_NONBLOCK, 0);
@@ -173,7 +176,7 @@ int main(void)
return 1;
}
- if (bind(srv, (const struct sockaddr *)&addr, sizeof(struct sockaddr_un)) == -1) {
+ if (bind(srv, (const struct sockaddr *)&addr, addr_len) == -1) {
xlog(L_WARNING, "Unable to bind %s: %m\n", sock_file);
return 1;
}
diff --git a/support/reexport/reexport.c b/support/reexport/reexport.c
index 78516586b98e..0fb49a46723c 100644
--- a/support/reexport/reexport.c
+++ b/support/reexport/reexport.c
@@ -21,6 +21,7 @@ static int fsidd_srv = -1;
static bool connect_fsid_service(void)
{
struct sockaddr_un addr;
+ socklen_t addr_len;
char *sock_file;
int ret;
int s;
@@ -33,9 +34,12 @@ static bool connect_fsid_service(void)
memset(&addr, 0, sizeof(struct sockaddr_un));
addr.sun_family = AF_UNIX;
strncpy(addr.sun_path, sock_file, sizeof(addr.sun_path) - 1);
- if (addr.sun_path[0] == '@')
+ addr_len = sizeof(struct sockaddr_un);
+ if (addr.sun_path[0] == '@') {
/* "abstract" socket namespace */
+ addr_len = offsetof(struct sockaddr_un, sun_path) + strlen(addr.sun_path);
addr.sun_path[0] = 0;
+ }
s = socket(AF_UNIX, SOCK_SEQPACKET, 0);
if (s == -1) {
@@ -43,7 +47,7 @@ static bool connect_fsid_service(void)
return false;
}
- ret = connect(s, (const struct sockaddr *)&addr, sizeof(struct sockaddr_un));
+ ret = connect(s, (const struct sockaddr *)&addr, addr_len);
if (ret == -1) {
xlog(L_WARNING, "Unable to connect %s: %m, is fsidd running?\n", sock_file);
return false;
--
2.43.0
View Git Blame Copy Permalink