commit 0311ecf6d200879cb15eb358f23207f41f4863b2 Author: Steve Dickson Date: Thu Nov 8 17:00:12 2012 -0500 configure.ac: When v4 is disable v4.1 should also be disabled. Signed-off-by: Steve Dickson commit 1bcb43c9ac0f21e32175d982a1d8b0d817ca0578 Author: Steve Dickson Date: Thu Nov 8 16:49:40 2012 -0500 configure.ac: Disabling v4 should not break the gssd build Signed-off-by: Steve Dickson commit c6b52ead95ab0904bdd796921ebf726853477221 Author: Jeff Layton Date: Thu Nov 8 16:42:15 2012 -0500 nfsdcltrack: Ensure the build is diabled when NFS v4 is disabled When '--disable-nfsv4' is in the configure options, then the building of nfsdcltrack need to be disabled as well. Signed-off-by: Jeff Layton Signed-off-by: Steve Dickson commit f76e1878569ed70b7924834fc3d36bf8e761dc78 Author: Jeff Layton Date: Thu Nov 8 15:12:00 2012 -0500 nfsdcltrack: update the README about server startup order Now that nfsdcld is gone, remove the section about starting it up. Signed-off-by: Jeff Layton Signed-off-by: Steve Dickson commit 2cf11ec6ed261ef56bbd0d73ff404fe69f1fefb0 Author: Jeff Layton Date: Thu Nov 8 15:09:41 2012 -0500 nfsdcltrack: remove the nfsdcld daemon Since we want to move to using the usermodehelper upcall unconditionally, just remove nfsdcld. The kernel code to handle this will be formally deprecated in 3.10 as well. Signed-off-by: Jeff Layton Signed-off-by: Steve Dickson commit 46cbbfb009a20f05f6aa107f386bb4e50655b797 Author: Jeff Layton Date: Thu Nov 8 15:07:29 2012 -0500 nfsdcltrack: add a manpage for nfsdcltrack Signed-off-by: Jeff Layton Signed-off-by: Steve Dickson commit 79ff473c2a07078bde8900e66a6db1a17039a956 Author: Jeff Layton Date: Thu Nov 8 15:02:20 2012 -0500 nfsdcltrack: add a legacy transition mechanism If the kernel passes the legacy recdir path in the environment, then we can use that to transition from the old legacy tracker to the new one. On a "check" operation, if there is no record of the client in the database, check to see if there is a matching recoverydir. If there isn't then just refuse the reclaim. If there is, then insert a new record for this client into the db, and remove the legacy recoverydir. If either of those operations fail, then refuse the reclaim. On a "gracedone" operation, clean out the entire legacy recoverydir after purging any unreclaimed records from the db. There's not much we can do if this fails, so just log a warning if it does. Note that this is a one-way conversion. If the user later boots back into an older kernel, it will have no knowledge of the new database. In principle, we could create a tool that would walk the clients table, md5 hash the clientids and create directories in the v4recovery dir. Doing that automatically would be pretty difficult however. Signed-off-by: Jeff Layton Signed-off-by: Steve Dickson commit 09cc3c831c8b1f27439fe09c951139bb6ec8e6c6 Author: Jeff Layton Date: Thu Nov 8 15:00:04 2012 -0500 nfsdcltrack: add a new "one-shot" program for manipulating the client tracking db Usermode helper upcalls are all the rage these days for infrequent upcalls, since they make it rather idiot-proof. No running daemon is required, so there's really no setup beyond ensuring that the callout exists and is runnable. This program adds a callout program to nfs-utils for that purpose. The storage engine on the backend is identical to the one used by nfsdcld. This just adds a new frontend for it. For now, building with --enable-nfsdcltrack gives you both nfsdcld and nfsdcltrack programs. A later patch will remove nfsdcld altogether. Signed-off-by: Jeff Layton Signed-off-by: Steve Dickson commit e583a12a5fc38dfbebaeffca6f082e2cf637c7c6 Author: Jeff Layton Date: Thu Nov 8 14:56:51 2012 -0500 nfsdcltrack: break out a function to open the database handle When we add a new usermodehelper upcall program to do the database access, the existing "init" function will be overkill every time we start up the program. Break out the database handle establishment routine into a separate function that we can call from each upcall command in the one-shot program. Signed-off-by: Jeff Layton Signed-off-by: Steve Dickson commit 1a0020edd06dde37f3ad7168f141645f07a050c7 Author: Jeff Layton Date: Thu Nov 8 14:39:28 2012 -0500 nfsdcltrack: remove pointless sqlite_topdir variable This is holdover from an earlier version of the code and doesn't really provide any benefit. Also, mark the topdir and dirname arguments const since they should never be changed. Signed-off-by: Jeff Layton Signed-off-by: Steve Dickson commit 37ebcfc42478bbbf5784504072b682037352a90e Author: Jeff Layton Date: Thu Nov 8 14:36:56 2012 -0500 nfsdcltrack: rename the nfsdcld directory and options to nfsdcltrack We'll soon be adding a new nfsdcltrack program, at which point it won't make much sense to call this directory and the config option "nfsdcld". Rename it to be a bit more generic. While we're at it, change the default for --enable-cltrack to "yes". When we introduce the one-shot program, we're going to want to build it by default anyway. Signed-off-by: Jeff Layton Signed-off-by: Steve Dickson commit b20a49b5e7ca0d42f752d36a9dc0f2197243d6f0 Author: Jeff Layton Date: Thu Nov 8 14:02:21 2012 -0500 nfsdcltrack: fix segfault in sqlite debug logging One too few arguments... Signed-off-by: Jeff Layton Signed-off-by: Steve Dickson commit fbcdfb5150d8263196bad0f074f74d9d5c69113f Author: Chuck Lever Date: Tue Oct 30 15:11:32 2012 -0400 rpc.gssd: Squelch compiler error gssd_proc.c: In function handle_krb5_upcall: gssd_proc.c:1117:2: warning: ISO C forbids return with expression, in function returning void [-pedantic] Signed-off-by: Chuck Lever Signed-off-by: Steve Dickson commit 36e24581dfb9c9d74558578376de20ba76f43c8c Author: Chuck Lever Date: Tue Oct 30 15:09:19 2012 -0400 rpc.gssd: Squelch compiler warning gssd_proc.c: At top level: gssd_proc.c:782:5: warning: no previous prototype for create_auth_rpc_client [-Wmissing-prototypes] Signed-off-by: Chuck Lever Signed-off-by: Steve Dickson commit 93b62b6e62e3680cad1d400b1992f919f9914178 Author: Chuck Lever Date: Tue Oct 30 15:07:54 2012 -0400 rpc.gssd: Squelch compiler warning gss_util.c: At top level: gss_util.c:98:36: warning: ISO C does not allow extra ; outside of a function [-pedantic] Signed-off-by: Chuck Lever Signed-off-by: Steve Dickson commit bed4966982a3212278e7516a904c619444b7c2e0 Author: Chuck Lever Date: Tue Oct 30 15:01:39 2012 -0400 mountd: Avoid unnecessary type conversions Fixed a number of -Wconversion warnings Signed-off-by: Steve Dickson commit 23164d134e0dab8eb5c3b471ae3f087f1cd9968a Author: Chuck Lever Date: Tue Oct 30 14:55:29 2012 -0400 mountd: Avoid unnecessary type conversions Removed a Wsign-conversion warning Signed-off-by: Chuck Lever Signed-off-by: Steve Dickson commit d8b5dc74c5aa258a937b3b3d74366f997ffd6d7f Author: Chuck Lever Date: Tue Oct 30 14:44:57 2012 -0400 mountd: Avoid unnecessary type conversions Clean up compiler warnings: cache.c: In function get_uuid: cache.c:249:2: warning: conversion to size_t from int may change the sign of the result [-Wsign-conversion] And the like. signed-off-by: Chuck Lever Signed-off-by: Steve Dickson commit 15b940351e88da5cb3d68d71887196f89a13e0de Author: Chuck Lever Date: Tue Oct 30 14:06:22 2012 -0400 mountd: Make local functions static Removed a couple Wmissing-prototypes warnings in the mountd code. Once the parse_fsid() function was made static, the compiler detected execution paths through it that did not initialize some fields in *parsed. [ I'm pretty sure these problems are currently harmless, since each path is taken depending on the value of the .fsidtype field. Each path accesses only the fields in *parsed that it cares about. ] This is because parsed_fsid isn't a union type. parse_fsid() leaves uninitialized fields that are not used by a particular fsidtype. To prevent an accidental dereference of stack garbage (.fhuuid being an example of a pointer that is left uninitialized sometimes), have parse_fsid() defensively pre-initialize *parsed to zero. Signed-off-by: Chuck Lever Signed-off-by: Steve Dickson commit a543ffd62ceade54ad0663765ae2909b6be361f9 Author: Chuck Lever Date: Tue Oct 30 14:05:11 2012 -0400 mountd: Eliminate unnecessary type conversions Removed a copule Wsign-conversion in the mountd code. Signed-off-by: Steve Dickson commit 7df8ca883bfd668eb559ea1b8da7c7b6e41d5b1a Author: Chuck Lever Date: Tue Oct 30 14:02:24 2012 -0400 mountd: Avoid unnecessary type conversions Removed a number of Wconversion warnings in the mountd code. Took the opportunity to eliminate some code duplication. Signed-off-by: Chuck Lever Signed-off-by: Steve Dickson commit 6d9909afd0cf82332a0095aa201e515d1a159c97 Author: Chuck Lever Date: Tue Oct 30 14:01:34 2012 -0400 nfs-utils: Eliminate dereferencing type punned pointers Removed a number of Wstrict-aliasing warnings Note also that site-local IPv6 addresses are deprecated, and thus are no longer encountered. Signed-off-by: Chuck Lever Signed-off-by: Steve Dickson commit dbc0b5e878b44383cafbefdeb333177ca4a0c295 Author: Chuck Lever Date: Fri Oct 19 10:43:50 2012 -0400 mountd: Simplify "no junction support" case We've added logic in the "not an export" case in nfsd_export(), so it's no longer a simple function call. Clean up this code by splitting it into a new function, and make plain what happens when junction support is compiled out. Signed-off-by: Chuck Lever Signed-off-by: Steve Dickson commit 9fae1474f1f79c2c7f222a40dff6d3d4681a9115 Author: Chuck Lever Date: Fri Oct 19 10:41:54 2012 -0400 mountd: Dynamically allocate exportent that represents junctions We're now duplicating a real exportent with arbitrary export options to create a junction exportent. After a dupexportent() call, several of the structure's fields can point to dynamically allocated memory. We have to be careful about not orphaning that memory. What's more, returning a pointer to a static structure is as 90's as a bad mullet. It's more straightforward to allocate the exportent dynamically and release it when we are through with it. Signed-off-by: Chuck Lever Signed-off-by: Steve Dickson commit 62ee38804c60c5875ce3c78674419ee137deb8db Author: Chuck Lever Date: Fri Oct 19 10:38:51 2012 -0400 mountd: Add exportent_release() Split out the logic that releases dynamically allocated data in an exportent. The junction resolution code will invoke this to clean up the junction exportent once it has been dumped to the kernel. Signed-off-by: Chuck Lever Signed-off-by: Steve Dickson commit 8b15252e1ff23ae93219ca456c6c72ff6bfab1a0 Author: Chuck Lever Date: Fri Oct 19 10:37:26 2012 -0400 mountd: Junctions inherit parent export's options Attempting to access junctions on a Linux NFS server from an NFS client connected via an ephemeral source port fails with a "client insecure" error on the server. This happens even when the "insecure" export option is specified on the junction's parent export. As a test, via a mountd code change, I added "insecure" to the fixed export options that mountd sets up for each junction, and the error disappeared. It's simple enough for old-school referrals configured directly in /etc/exports ("refer=") to have the needed options specified there. Cache entries for junctions, however, are created on the fly by mountd, and don't ever appear in /etc/exports. So there's nowhere obvious that export options for junctions can be specified. Bruce suggested that in order to specify unique export options for junctions, they should inherit the export options of their parent export. The junction's parent's exportent is duplicated in order to create an exportent for the junction itself. Signed-off-by: Chuck Lever Signed-off-by: Steve Dickson commit 88f0f36abfa9abd6d4a9994fef19ee95c89c5c2f Author: Chuck Lever Date: Fri Oct 19 10:29:28 2012 -0400 mountd: Add lookup_export_parent() In a moment I will be adding some logic that needs to know an junction's parent export. Here's a function that can discover an export's parent. It takes the target export's pathname, chops off the rightmost component, and tries a lookup_export(). If that succeeds, we have our answer. If not, it chops off the next rightmost component and tries again, until the root is reached. At the same time, infrastructure is added to pass the parent export down into the functions that convert locations into a new junction export entry. For now the parent export remains unused. Signed-off-by: Chuck Lever Signed-off-by: Steve Dickson commit fb62e4dcce82cd46e9129d8325fff3e0640941e9 Author: Chuck Lever Date: Fri Oct 19 10:27:26 2012 -0400 mountd: Set e_fslocdata field directly To create an export entry for a junction, an options string is constructed from the set of locations in the junction. This options string is then passed to mkexportent() where it is parsed and converted into an exportent. There is only one export option that is used to create a junction's exportent: "refer=". When that option is parsed, it's value is simply copied to a fresh string and planted in the new export's e_fslocdata field. Let's avoid the option parsing and extra string copy. Construct a string for the new e_fslocdata field and plant it in the exportent directly. Signed-off-by: Chuck Lever Signed-off-by: Steve Dickson commit a8dcaa282122b5db8f4ffb7e5d99b2c4b62cbb78 Author: Chuck Lever Date: Fri Oct 19 10:25:14 2012 -0400 mountd: Use static buffer when constructing junction export options Clean up: Simplify locations_to_export() by constructing a junction's export options in a static buffer. We can do this because all of this code is called serially, in one thread, and the result is thrown away immediately after the caller is finished. The returned exportent itself is static. Signed-off-by: Chuck Lever Signed-off-by: Steve Dickson commit d69795533b0c8906e42aa2eb1cf4628cda42a766 Author: Chuck Lever Date: Fri Oct 19 10:24:07 2012 -0400 mountd: Warn when a broken junction is encountered A broken junction is a problem that administrators will want to know about and correct. Signed-off-by: Chuck Lever Signed-off-by: Steve Dickson commit 8213acaf93f748d7d0efe085aded3ab9b6871e9b Author: Andy Adamson Date: Thu Oct 18 13:21:09 2012 -0400 GSSD: Pass GSS_context lifetime to the kernel. From: Andy Adamson The kernel gss_cl_ctx stores the context lifetime in gc_expiry, set by gssd in do_downcall() called by process_krb5_upcall(). The lifetime value is currently not related at all to the Kerberos TGS lifetime. It is either set to the value of gssd -t , or to a kernel default of 3600 seconds. Most of the time the gssd -t command line is not set, and a timeout value of zero was sent to the kernel triggering the use of the 3600 second kernel default timeout. In order for the kernel to properly know when to renew a context, or to stop buffering writes for a context about to expire, the gc_expiry value needs to reflect the credential lifetime used to create the context. Note that gss_inquire_cred returns the number of seconds for which the context remains valid in the lifetime_rec parameter. Send the actual TGS remaining lifetime to the kernel. It can still be overwritten by the gssd -t command line option, or set to the kernel default if the gss_inquire_cred call fails (which sets the lifetime_rec to zero). Signed-off-by: Andy Adamson Signed-off-by: Steve Dickson commit 985f89a8a87f2626583b240f7abad86d97a77596 Author: Mantas Mikulenas Date: Mon Oct 15 16:08:34 2012 -0400 utils: Return status 0 on clean exits Some init systems actually expect daemons to return 0 on success. Signed-off-by: Steve Dickson commit 329c63dd7e4e76fc66e8a6058d95c59974ad7db1 Author: Wolfram Gloger Date: Mon Oct 15 15:31:23 2012 -0400 mount.nfs4: Backgrounding mount broken with NFS versions <4 When the NFS version isn't specified in the mount options, mount.nfs attempts V4 first and appends 'vers=4' to the extra_options string in the mount options. If the server isn't immediately reachable, this attempt fails. However, if the background option is specified and the server comes up later on, the extra_options are used again for all further attempts and thus they fail if the server only supports vers<4. Fix this by only amending extra_options on a successful vers=4 mount. This is now Debian bug #690181 and has apparently been around for ages. Reviewed-by: Chuck Lever Signed-off-by: Wolfram Gloger Signed-off-by: Steve Dickson commit fa7c7b6e590367a2b1dc2ba2d9f5f4500ff29ae3 Author: Neil Brown Date: Mon Oct 15 12:50:35 2012 -0400 mount.nfs mapage: clear up confusion between 'proto' and 'transport' The mount option "proto=" actually set the "transport" which in netconfig usage is the pairing of a protocol (e.g. UDP, TCP) with a protocol family (e.g. INET, INET6). This can cause confusion if people naively except "proto=udp" to work equally well on IPv6. So add some text to both nfs(5) and nfsmount.conf(5) to hopefully clarify this. Acked-by: Chuck Lever Signed-off-by: NeilBrown Signed-off-by: Steve Dickson commit a16f4a13677d13b0aae9327a3b9e8414470b7927 Author: Ivan Romanov Date: Mon Oct 15 12:41:36 2012 -0400 Exportfs crashes with long path Acked-by: Bruce Fields Signed-off-by: Steve Dickson commit b010d126bbb8265e5717e596711d754baec11e6c Author: Steve Dickson Date: Thu Aug 23 13:41:56 2012 -0400 Added fsc and nofsc to the mount manpage. Signed-off-by: Steve Dickson commit 2e9210833f45821c66a849604ed8a9508b24a06f Author: Peng Tao Date: Thu Aug 23 13:03:34 2012 -0400 blkmapd: proper signal handling Signed-off-by: Peng Tao Signed-off-by: Steve Dickson commit 42a065968d0f690b5ffd5a7db6afe224206f7b0f Author: Peng Tao Date: Thu Aug 23 12:50:33 2012 -0400 blkmapd: allow blocklayoutdriver module to load/unload User may load/unload blocklayoutdriver module dynanmically. So we handle it by watching the pipe file creation/deletion. Signed-off-by: Peng Tao Signed-off-by: Steve Dickson commit b7a3eb501f8eef61b7767445b2e09b4dca813c82 Author: Nalin Dahyabhai Date: Wed Aug 22 14:43:05 2012 -0400 gssd: Use /run/user/${UID} instead of /run/user/${USER} Newer versions of systemd create a /run/user/${UID} directory instead of the /run/user/${USER} directory, so switch to scanning for that. To make the per-user directory bit a little less magical, change the default to incorporate a "%U", which gets dynamically expanded to the user's UID when needed. Signed-off-by: Steve Dickson commit 1c787f1471d733f8a90b46924945c59de7478bac Author: Nalin Dahyabhai Date: Wed Aug 22 14:35:17 2012 -0400 gssd: scan for DIR: ccaches, too In addition to matching "FILE:krb5cc_*" in the specified directory or directories, also match "DIR:krb5cc*", if we find subdirectories with names that match the search pattern. Signed-off-by: Nalin Dahyabhai Signed-off-by: Steve Dickson commit 41f32cd96eca95a2730603ebc539440c48a1dda5 Author: Chuck Lever Date: Mon Aug 6 09:08:53 2012 -0400 rpc.gssd: don't call poll(2) twice a second Use ppoll() instead. [ cel Wed Aug 1 11:44:46 EDT 2012 - autoconfiscated Bruce's version ] Related clean-up: Since we're pulling the poll/ppoll call out into a separate function, note that the second argument of poll(2) and ppoll(2) is not an int, it's an unsigned long. The nfds_t typedef is a recent invention, so use the raw type for compatibility with older glibc headers. Acked-by: J. Bruce Fields" Signed-off-by: Chuck Lever Signed-off-by: Steve Dickson commit e4e5dadd7685415059173e438a5710a9e51ffbff Author: J. Bruce Fields Date: Mon Aug 6 08:57:19 2012 -0400 rpc.gssd: handle error to open toplevel directory From: "J. Bruce Fields" Reverse the sense of the test here, and also add debugging and cleanup in the error case. (Though the lack of cleanup isn't currently a problem in practice since we'll eventually exit in this case.) Signed-off-by: J. Bruce Fields Signed-off-by: Steve Dickson commit d9f51f267e459c975833ac853ce41809ca492ab0 Author: J. Bruce Fields Date: Mon Aug 6 08:55:45 2012 -0400 rpc.gssd: don't call printerr from signal handler From: "J. Bruce Fields" printerr() isn't actually safe to call from a signal handler. It might be possible to make it so, but I think this is the only case in nfs-utils where we try to, and I'm not convince it's worth it. This fixes a bug that would eventually cause mounts to hang when gssd is run with -vv. Signed-off-by: J. Bruce Fields Signed-off-by: Steve Dickson commit 6019ff50055ee189557b55aad781bb12beb95e19 Author: J. Bruce Fields Date: Mon Aug 6 08:54:11 2012 -0400 rpc.gssd: simplify signal handling From: "J. Bruce Fields" We're not actually using the extra sa_sigaction parameters. Signed-off-by: J. Bruce Fields Signed-off-by: Steve Dickson commit b0b342201140530c5b9e00408f12d22258df7c4e Author: NeilBrown Date: Mon Aug 6 08:41:13 2012 -0400 umount: use correct return value for is_vers4. is_vers4 in mount_libmount.c is based on nfs_umount_is_vers4 in nfsumount.c, except the return values are reversed. The result of this is: - a MOUNT_UMNT call is not sent when an NFSv3 or NFSv2 filesystem is unmounted - a MOUNT_UMNT call *is* sent when and 'nfs4' filesystem is unmounted (but not when an 'nfs -o vers=4 filesystem is unmounted, as that is checked elsewhere). Signed-off-by: NeilBrown Signed-off-by: Steve Dickson commit 808fd6bc68e00a686f8eed7e31f682a9128bdf9b Author: Karel Zak Date: Wed Aug 1 11:14:21 2012 -0400 umount.nfs: ignore non-nfs filesystems # umount.nfs /boot; echo $? umount.nfs: /boot: device is busy 32 expected and fixed behavior: # umount.nfs /boot; echo $? # umount.nfs: /boot: is not an NFS filesystem 1 Note that the function mnt_context_set_fstype_pattern() has never been used for mtab/fstab evaluation. It's usable only for "umount -a" and for "mount -t" operations. Reported-by: NeilBrown Signed-off-by: Karel Zak Signed-off-by: Steve Dickson commit 4dac21d1e8ff31c3b01f7f29e7cf877e89f09eaa Author: Chuck Lever Date: Thu Jul 19 09:40:30 2012 -0400 rpc.gssd: close upcall pipe on POLLHUP When a POLLHUP event is received on a pipe file descriptor, that means the other side has closed its end of the pipe. If the receiver does not close its end of the pipe, the pipe is left in an open-but-unlinked state. For a "gssd" upcall pipe, the kernel may close its end, removing the directory entry for it, and then later create a fresh pipe named "gssd" in the same directory. In this case, rpc.gssd continues to listen on the open-but-unlinked previous "gssd" pipe. Thus upcalls on the new "gssd" pipe are left unanswered. In addition, poll(2) continues to return POLLHUP on the old pipe. Since there is no logic to close the pipe in rpc.gssd, poll(2) always returns immediately, and rpc.gssd goes into a tight loop. Typically, the kernel closes upcall pipes and destroys their parent directory at the same time. When an RPC client's directory vanishes, rpc.gssd sees the change via dnotify and eventually invokes destroy_client() which closes the user-space end of the pipes. However, if the kernel wants to switch authentication flavors (say from AUTH_KRB5 to AUTH_UNIX) on an RPC client without destroying it, the upcall pipes go away, but the RPC client's directory remains. rpc.gssd invokes update_client_list(), but that logic never closes upcall pipes if the client directory is still in place. After a POLLHUP on a pipe, close it when rpc.gssd reconstructs its list of upcall clients. Signed-off-by: Chuck Lever Signed-off-by: Steve Dickson commit 76908c3f14a12e865054ea5d6e4cad201c28839a Author: NeilBrown Date: Mon Jul 16 08:43:28 2012 -0400 mount.nfs: restore correct error status when umount fails If nfs-utils is built without --enable-libmount-mount, then an unmount that failed due to the filesystem being busy will exit with '16' - EX_FILEIO. Autofs apparently relies on this. When built with --enable-libmount-mount, the same case will exit with '32' - EX_FAIL. Normally this is reserved for internal errors. This patch restores the use of EX_FILEIO for errors from umount. Reviewed-by: Karel Zak Signed-off-by: NeilBrown Signed-off-by: Steve Dickson commit fd27c638898010438d404cd17120729ef1d680e2 Author: Steve Dickson Date: Thu Jul 5 08:58:47 2012 -0400 nfsidmap: Default domain not being set. nfsidmap is not calling the nfs4_init_name_mapping() function which initializes the default domain from either the DNS domain or the Domain variable in /etc/idmap.conf Signed-off-by: Steve Dickson commit 8c3d608410c2c8f405fc74d47aa3bcab1933f974 Author: Namjae Jeon Date: Thu Jul 5 15:33:18 2012 -0400 exportfs: Update exportfs flush option list in usage message. Update exportfs flush option list in usage message. And sorted these cases in alphabetical order. Signed-off-by: Steve Dickson commit 78ee5f378f295e7bff24a7be41b9361f406d4f8b Author: Jeff Layton Date: Tue Jun 19 10:57:55 2012 -0400 mount.nfs: try the next address after mount fails with ETIMEDOUT If a NFS mount attempt fails with an ETIMEDOUT error, the mount.nfs code doesn't currently attempt the next address in the list. For a NFSv4 mount the initial mount() call almost always ends up going over NFS_DEF_FG_TIMEOUT_MINUTES and the mount is never retried. For a v3 mount, it ends up continually retrying against the same IPv6 address, and never tries the IPv4 address. Eventually it gives up once it hits the NFS_DEF_FG_TIMEOUT_MINUTES timeout. It's possible that a server is just unreachable via IPv6 (due to a routing misconfiguration for instance), or is dropping IPv6 frames on the floor. In that situation, it might still be reachable via IPv4 and trying the next address could have allowed the mount to succeed. Fix this by treating ETIMEDOUT in a similar fashion to ECONNREFUSED. Have the client try the next address in the list before giving up and returning an error. Our QA folks noticed this after a routing problem in one of our test labs. I was able to reproduce it by having the server drop incoming IPv6 frames from the client's address. With this patch, the mount eventually succeeds over IPv4 instead of returning an error. Cc: Chuck Lever Signed-off-by: Jeff Layton Signed-off-by: Steve Dickson commit d18b89cd7352783580f3d3dde26f8617e36459b9 Author: Harald Hoyer Date: Tue Jun 19 10:53:29 2012 -0400 nfsdcld: Before clearing the capability bounding set, check if we have the cap From: Harald Hoyer PR_CAPBSET_DROP can return EINVAL, if an older kernel does support some capabilities, which are defined by CAP_LAST_CAP, which results in a failure of the service. For example kernel 3.4 errors on CAP_EPOLLWAKEUP, which was newly introduced in 3.5. So, for future capabilities, we clear until we get an EINVAL for PR_CAPBSET_READ. Reviewed-by: Jeff Layton Signed-off-by: Steve Dickson commit 55b1769e63cdffa07b597fa6132c9902cec25265 Author: Chuck Lever Date: Tue Jun 19 10:34:20 2012 -0400 rpcdebug: Add new "state" flag for the nfs module Kernel 3.5 adds a debugging flag for showing NFS client debugging messages having to do with NFSv4 state operations. Signed-off-by: Chuck Lever Signed-off-by: Steve Dickson commit eae2fa997223ce0edb4218faf2ff67165535d21d Author: J. Bruce Fields Date: Tue May 29 14:40:38 2012 -0400 mountd: Honor the no_root_squash flag on pseudo roots From: "J. Bruce Fields" If root squashing is turned off on a export that has multiple directories, the parent directories of the pseudo exports that's built, also needs to have root squashing turned off. Tested-by: Steve Dickson Signed-off-by: Steve Dickson commit b66c96de551b650680a65a732a1338c3ec25b436 Author: Adam Sampson Date: Tue May 29 14:37:22 2012 -0400 nsm_client: nsm_client needs to link with libtirpc nsm_client needs to link against libtirpc. Signed-off-by: Steve Dickson commit 0781cf2a60dbb0d8997c4abef103d80f819cd16f Author: Steve Dickson Date: Tue May 29 14:31:57 2012 -0400 Updated the version number. Signed-off-by: Steve Dickson commit 43537ecbc1ab3ae7cefe5d47e7e03b14bf428197 Author: Steve Dickson Date: Tue May 29 14:27:24 2012 -0400 nfsidmap: Allow verbosity level to be set in the config file To make it easier to enable ID mapping debugging, nfsidmap should read /etc/idmap.conf to see if the verbosity level is set, similar to what rpc.idmapd does Signed-off-by: Steve Dickson commit 1ca82a963ace17397bd7ec09f5e0707badd7c254 Author: Jeff Layton Date: Tue May 29 14:23:18 2012 -0400 statd: drop all capabilities from the bounding set as well statd drops all capabilities except for CAP_NET_BIND when it starts. It's possible though that if it ever had a compromise that an attacker would be able to invoke a setuid process (or something with file capabilities) in order to reinstate some caps. This could happen as a result of the daemon becoming compromised, or possibly as a result of the ha-callout program becoming compromised. In order to prevent that, have statd also prune the capability bounding set to nothing prior to dropping capabilities. That ensures that the process won't be able to reacquire capabilities via any means -- including exec'ing a setuid program. We do however need to be cognizant of the fact that PR_CAPBSET_DROP was only added in 2.6.25, so check to make sure that #define exists via autoconf before we rely on it. In order to do that, we must add ax_check_define.m4 from the GNU autoconf macro archive. Furthermore, do a runtime check to see if /proc/sys/kernel/cap-bound exists before attempting to clear the bounding set. If it does, then don't bother trying since it won't work. In that event though, do throw a warning however since the presence of that file indicates that there is a disconnect between the build and runtime environments. Acked-by: Chuck Lever Signed-off-by: Jeff Layton Signed-off-by: Steve Dickson commit ddb095f82becc94c8e3a2429cc755dee5d1808c9 Author: Diego Elio Pettenò Date: Tue May 29 14:15:32 2012 -0400 build: avoid AM_CONDITIONAL in conditional execution. Automake does not support conditional AM_CONDITIONAL calls; what that means is that you always have to execute AM_CONDITIONAL one way or the other. Both the libsqlite3.m4 file and the nfsdcld conditionals are executed only when NFSv4 is enabled, which breaks building with --disable-nfsv4. Remove the SQLite3 conditional altogether as it's never used, and move the nfsdcld conditional outside of the conditional code. Acked-by: Jeff Layton Signed-off-by: Diego Elio Pettenò Signed-off-by: Steve Dickson commit 7e9c0f760397d7e8fa78bdeefffc14eb8269925b Author: Jeff Layton Date: Tue May 29 13:53:09 2012 -0400 autoconf: make the test for prctl have an effect We currently test to ensure that prctl() is available, but the results of that test are a no-op either way. statd calls prctl() unconditionally, so make configure bail out if prctl() isn't available since the build will fail in that event anyway. Cc: Chuck Lever Signed-off-by: Jeff Layton Signed-off-by: Steve Dickson commit 646be42c84305d02dea06113cc9e6c9a7ab94f8a Author: Steve Dickson Date: Thu May 17 08:16:29 2012 -0400 Makefile.am: Corrected a misspelling of overridden Signed-off-by: Steve Dickson commit d4d392087f8ee049ed8f476e5ae780cbc0d0012a Author: NeilBrown Date: Thu May 17 08:14:57 2012 -0400 osd_login - ensure /sbin is created before installation. If we use a more standard approach to describing the osd_login script, the automake infrastructure will create /sbin before attempting installation. This is important for: make DESTDIR=/empty-dir install Signed-off-by: NeilBrown Signed-off-by: Steve Dickson commit a69f6aeb19841f5a95c3eb4f4e5fe5ca0db247f4 Author: Jim Rees Date: Tue May 15 10:10:01 2012 -0400 blkmapd: remove pretty_sig() This really only works against EMC servers. There is at least one server that returns unprintable signatures, which fill the log with garbage (the spec does not mandate printable signatures). It could be made more generic, for example by checking each byte for isprint(). But the signatures are really only of interest to developers, not admins, so it seems better to just remove it. Signed-off-by: Jim Rees Signed-off-by: Steve Dickson