rpms/nfs-utils/F-12 nfs-utils-1.2.0-v4root-rel9.patch, NONE, 1.1 nfs-utils-1.2.1-mount-eperm.patch, NONE, 1.1 nfs-utils.spec, 1.251, 1.252 nfs-utils-1.2.0-proots-rel5.patch, 1.2, NONE nfs-utils-1.2.0-v4root-bz538609.patch, 1.1, NONE nfs-utils-1.2.0-v4root-rel6.patch, 1.1, NONE nfs-utils-1.2.0-v4root-rel8.patch, 1.1, NONE
Steve Dickson
steved at fedoraproject.org
Mon Dec 7 22:56:49 UTC 2009
Author: steved
Update of /cvs/pkgs/rpms/nfs-utils/F-12
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv18476
Modified Files:
nfs-utils.spec
Added Files:
nfs-utils-1.2.0-v4root-rel9.patch
nfs-utils-1.2.1-mount-eperm.patch
Removed Files:
nfs-utils-1.2.0-proots-rel5.patch
nfs-utils-1.2.0-v4root-bz538609.patch
nfs-utils-1.2.0-v4root-rel6.patch
nfs-utils-1.2.0-v4root-rel8.patch
Log Message:
- Updated to the latest pseudo root release (rel8).
- mount.nfs: Retry v4 mounts with v3 on ENOENT error
nfs-utils-1.2.0-v4root-rel9.patch:
support/export/xtab.c | 6 +
support/include/nfs/export.h | 3
support/include/pseudoflavors.h | 1
support/include/v4root.h | 15 ++
support/nfs/exports.c | 24 +++-
utils/mountd/Makefile.am | 2
utils/mountd/auth.c | 3
utils/mountd/mountd.c | 4
utils/mountd/v4root.c | 228 ++++++++++++++++++++++++++++++++++++++++
9 files changed, 280 insertions(+), 6 deletions(-)
--- NEW FILE nfs-utils-1.2.0-v4root-rel9.patch ---
diff --git a/support/export/xtab.c b/support/export/xtab.c
index 3b1dcce..2a43193 100644
--- a/support/export/xtab.c
+++ b/support/export/xtab.c
@@ -19,7 +19,9 @@
#include "exportfs.h"
#include "xio.h"
#include "xlog.h"
+#include "v4root.h"
+int v4root_needed;
static void cond_rename(char *newfile, char *oldfile);
static int
@@ -36,6 +38,8 @@ xtab_read(char *xtab, char *lockfn, int is_export)
if ((lockid = xflock(lockfn, "r")) < 0)
return 0;
setexportent(xtab, "r");
+ if (is_export == 1)
+ v4root_needed = 1;
while ((xp = getexportent(is_export==0, 0)) != NULL) {
if (!(exp = export_lookup(xp->e_hostname, xp->e_path, is_export != 1)) &&
!(exp = export_create(xp, is_export!=1))) {
@@ -48,6 +52,8 @@ xtab_read(char *xtab, char *lockfn, int is_export)
case 1:
exp->m_xtabent = 1;
exp->m_mayexport = 1;
+ if ((xp->e_flags & NFSEXP_FSID) && xp->e_fsid == 0)
+ v4root_needed = 0;
break;
case 2:
exp->m_exported = -1;/* may be exported */
diff --git a/support/include/nfs/export.h b/support/include/nfs/export.h
index f7a99ba..76953ac 100644
--- a/support/include/nfs/export.h
+++ b/support/include/nfs/export.h
@@ -24,6 +24,7 @@
#define NFSEXP_FSID 0x2000
#define NFSEXP_CROSSMOUNT 0x4000
#define NFSEXP_NOACL 0x8000 /* reserved for possible ACL related use */
-#define NFSEXP_ALLFLAGS 0xFFFF
+#define NFSEXP_V4ROOT 0x10000
+#define NFSEXP_ALLFLAGS 0x1FFFF
#endif /* _NSF_EXPORT_H */
diff --git a/support/include/pseudoflavors.h b/support/include/pseudoflavors.h
index c21087b..c7ba8a2 100644
--- a/support/include/pseudoflavors.h
+++ b/support/include/pseudoflavors.h
@@ -15,3 +15,4 @@ struct flav_info {
extern struct flav_info flav_map[];
extern const int flav_map_size;
+extern unsigned int flavors_setall(struct exportent *ep);
diff --git a/support/include/v4root.h b/support/include/v4root.h
new file mode 100644
index 0000000..706c15c
--- /dev/null
+++ b/support/include/v4root.h
@@ -0,0 +1,15 @@
+/*
+ * Copyright (C) 2009 Red Hat <nfs at redhat.com>
+ * support/include/v4root.h
+ *
+ * Support routines for dynamic pseudo roots.
+ *
+ */
+
+#ifndef V4ROOT_H
+#define V4ROOT_H
+
+extern int v4root_needed;
+extern void v4root_set(void);
+
+#endif /* V4ROOT_H */
diff --git a/support/nfs/exports.c b/support/nfs/exports.c
index 1aaebf4..fe9ed3a 100644
--- a/support/nfs/exports.c
+++ b/support/nfs/exports.c
@@ -39,16 +39,18 @@ struct flav_info flav_map[] = {
{ "krb5", RPC_AUTH_GSS_KRB5 },
{ "krb5i", RPC_AUTH_GSS_KRB5I },
{ "krb5p", RPC_AUTH_GSS_KRB5P },
+ { "unix", AUTH_UNIX },
+ { "sys", AUTH_SYS },
+ { "null", AUTH_NULL },
+ { "none", AUTH_NONE },
+#ifdef NOLONGERSUPPORTED
{ "lipkey", RPC_AUTH_GSS_LKEY },
{ "lipkey-i", RPC_AUTH_GSS_LKEYI },
{ "lipkey-p", RPC_AUTH_GSS_LKEYP },
{ "spkm3", RPC_AUTH_GSS_SPKM },
{ "spkm3i", RPC_AUTH_GSS_SPKMI },
{ "spkm3p", RPC_AUTH_GSS_SPKMP },
- { "unix", AUTH_UNIX },
- { "sys", AUTH_SYS },
- { "null", AUTH_NULL },
- { "none", AUTH_NONE },
+#endif
};
const int flav_map_size = sizeof(flav_map)/sizeof(flav_map[0]);
@@ -436,6 +438,20 @@ static unsigned int parse_flavors(char *str, struct exportent *ep)
}
return out;
}
+unsigned int flavors_setall(struct exportent *ep)
+{
+ struct flav_info *flav;
+ unsigned int out=0;
+ int bit;
+
+ for (flav = flav_map; flav < flav_map + flav_map_size; flav++) {
+ bit = secinfo_addflavor(flav, ep);
+ if (bit < 0)
+ return 0;
+ out |= 1<<bit;
+ }
+ return out;
+}
/* Sets the bits in @mask for the appropriate security flavor flags. */
static void setflags(int mask, unsigned int active, struct exportent *ep)
diff --git a/utils/mountd/Makefile.am b/utils/mountd/Makefile.am
index 1e76cf8..eba81fc 100644
--- a/utils/mountd/Makefile.am
+++ b/utils/mountd/Makefile.am
@@ -8,7 +8,7 @@ KPREFIX = @kprefix@
sbin_PROGRAMS = mountd
mountd_SOURCES = mountd.c mount_dispatch.c auth.c rmtab.c cache.c \
- svc_run.c fsloc.c mountd.h
+ svc_run.c fsloc.c v4root.c mountd.h
mountd_LDADD = ../../support/export/libexport.a \
../../support/nfs/libnfs.a \
../../support/misc/libmisc.a \
diff --git a/utils/mountd/auth.c b/utils/mountd/auth.c
index 5a7ff8c..2ed80bc 100644
--- a/utils/mountd/auth.c
+++ b/utils/mountd/auth.c
@@ -20,6 +20,7 @@
#include "exportfs.h"
#include "mountd.h"
#include "xmalloc.h"
+#include "v4root.h"
enum auth_error
{
@@ -102,6 +103,8 @@ auth_reload()
memset(&my_client, 0, sizeof(my_client));
xtab_export_read();
check_useipaddr();
+ v4root_set();
+
++counter;
return counter;
diff --git a/utils/mountd/mountd.c b/utils/mountd/mountd.c
index 888fd8c..179ef17 100644
--- a/utils/mountd/mountd.c
+++ b/utils/mountd/mountd.c
@@ -540,6 +540,10 @@ get_exportlist(void)
for (i = 0; i < MCL_MAXTYPES; i++) {
for (exp = exportlist[i].p_head; exp; exp = exp->m_next) {
+ /* Don't show pseudo exports */
+ if (exp->m_export.e_flags & NFSEXP_V4ROOT)
+ continue;
+
for (e = elist; e != NULL; e = e->ex_next) {
if (!strcmp(exp->m_export.e_path, e->ex_dir))
break;
diff --git a/utils/mountd/v4root.c b/utils/mountd/v4root.c
new file mode 100644
index 0000000..817dfb4
--- /dev/null
+++ b/utils/mountd/v4root.c
@@ -0,0 +1,228 @@
+/*
+ * Copyright (C) 2009 Red Hat <nfs at redhat.com>
+ *
+ * support/export/v4root.c
+ *
+ * Routines used to support NFSv4 pseudo roots
+ *
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <sys/queue.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <ctype.h>
+
+#include <unistd.h>
+#include <errno.h>
+
+#include "xlog.h"
+#include "exportfs.h"
+#include "nfslib.h"
+#include "misc.h"
+#include "pseudoflavors.h"
+#include "v4root.h"
+
+#ifndef _PATH_PSEUDO_ROOT
+#define _PATH_PSEUDO_ROOT "/"
+#endif
+
+#ifndef _PSEUDO_ROOT_FSID
+#define _PSEUDO_ROOT_FSID 0
+#endif
+
+void v4root_set(void);
+void v4root_unset(void);
+static int v4root_support(void);
+
+static struct exportent *v4root_create(char *, nfs_export *);
+
+int v4root_needed;
+static nfs_export pseudo_root = {
+ .m_next = NULL,
+ .m_client = NULL,
+ .m_export = {
+ .e_hostname = "*",
+ .e_path = _PATH_PSEUDO_ROOT,
+ .e_flags = NFSEXP_READONLY | NFSEXP_ROOTSQUASH
+ | NFSEXP_NOSUBTREECHECK | NFSEXP_FSID
+ | NFSEXP_CROSSMOUNT | NFSEXP_V4ROOT,
+ .e_anonuid = 65534,
+ .e_anongid = 65534,
+ .e_squids = NULL,
+ .e_nsquids = 0,
+ .e_sqgids = NULL,
+ .e_nsqgids = 0,
+ .e_fsid = 0,
+ .e_mountpoint = NULL,
+ .e_secinfo[0].flav = NULL,
+ },
+ .m_exported = 0,
+ .m_xtabent = 1,
+ .m_mayexport = 1,
+ .m_changed = 0,
+ .m_warned = 0,
+};
+
+/*
+ * Create a pseudo export
+ */
+static struct exportent *
+v4root_create(char *path, nfs_export *export)
+{
+ nfs_export *exp;
+ struct exportent eep;
+ struct exportent *curexp = &export->m_export;
+
+ dupexportent(&eep, curexp);
+ eep.e_hostname = strdup(curexp->e_hostname);
+ strncpy(eep.e_path, path, sizeof(eep.e_path));
+ exp = export_create(&eep, 0);
+ if (exp == NULL)
+ return NULL;
+
+ exp->m_export.e_flags |= NFSEXP_V4ROOT;
+ if (strcmp(path, _PATH_PSEUDO_ROOT) != 0)
+ exp->m_export.e_flags &= ~NFSEXP_FSID;
+
+ xlog(D_CALL, "v4root_create: path '%s'", exp->m_export.e_path);
+
+ return &exp->m_export;
+}
+
+/*
+ * Make sure the kernel has pseudo root support.
+ */
+static int
+v4root_support()
+{
+ static int kernel_support = -1;
+ char *ptr, version[64];
+ int major, minor;
+ FILE *fp;
+
+ if (kernel_support != -1)
+ return kernel_support;
+
+ kernel_support = 0;
+ fp = fopen("/proc/fs/nfsd/exports", "r");
+ if (fp == NULL)
+ goto out;
+
+ ptr = fgets(version, 64, fp);
+ fclose(fp);
+ if (ptr == NULL)
+ goto out;
+
+ while(*ptr && isdigit(*ptr) == 0)
+ ptr++;
+ if (*ptr == '\0')
+ goto out;
+
+ major = minor = 0;
+ sscanf(ptr, " %d.%d",&major, &minor);
+ if (major >= 1 && minor >= 2)
+ kernel_support = 1;
+out:
+ if (!kernel_support) {
+ xlog(L_WARNING, "Kernel does not have pseudo root support.");
+ xlog(L_WARNING, "NFS v4 mounts will be disabled unless fsid=0");
+ xlog(L_WARNING, "is specfied in /etc/exports file.");
+ }
+
+ return kernel_support;
+}
+
+/*
+ * Create pseudo exports by running through the real export
+ * looking at the components of the path that make up the export.
+ * Those path components, if not exported, will become pseudo
+ * exports allowing them to be found when the kernel does an upcall
+ * looking for components of the v4 mount.
+ */
+void
+v4root_set()
+{
+ nfs_export *exp, *nxt;
+ struct exportent *proot;
+ int i, insecure = 0, secflavors = 0;
+ char *path, *ptr;
+ char *hostname;
+
+ if (!v4root_needed)
+ return;
+
+ if (!v4root_support())
+ return;
+
+ proot = v4root_create(_PATH_PSEUDO_ROOT, &pseudo_root);
+ if (proot == NULL) {
+ xlog(L_WARNING, "v4root_set: Unable to create "
+ "pseudo export for '%s'", _PATH_PSEUDO_ROOT);
+ return;
+ }
+
+ for (i = 0; i < MCL_MAXTYPES; i++) {
+ for (exp = exportlist[i].p_head; exp; exp = nxt) {
+ nxt = exp->m_next;
+ hostname = exp->m_export.e_hostname;
+
+ path = strdup(exp->m_export.e_path);
+ ptr = path + 1;
+ while ((ptr = strchr(ptr, '/')) != NULL) {
+ *ptr = '\0';
+ if (export_lookup(hostname, path, 0) == NULL)
+ if (v4root_create(path, exp) == NULL) {
+ xlog(L_WARNING, "v4root_set: Unable to create "
+ "pseudo export for '%s'", path);
+ break;
+ }
+ *ptr = '/';
+ ptr++;
+ }
+ /* Make note of insecure exports */
+ if (!insecure)
+ insecure = (exp->m_export.e_flags & NFSEXP_INSECURE_PORT);
+
+ /* Make note of security flavors being set */
+ if (!secflavors)
+ secflavors = (exp->m_export.e_secinfo[0].flav != NULL);
+
+ free(path);
+ }
+ }
+
+ if (insecure && secflavors) {
+ xlog(L_WARNING, "WARNING: The 'sec=' and 'insecure' export options "
+ "are incompatible, causing the security flavors set by "
+ "'sec=' to be ignored on V4 exports");
+ }
+
+ /*
+ * If there are any insecure exports, the pseudo root
+ * also has to be insecure
+ */
+ if (insecure) {
+ proot->e_flags |= NFSEXP_INSECURE_PORT;
+ }
+
+ /*
+ * Make sure the pseudo root is accessible from all
+ * security flavors unless the insecure port is set,
+ * which cause the kernel to silently fail v4 mounts
+ * with security flavors set.
+ */
+ if (secflavors && !insecure) {
+ if (!flavors_setall(proot)) {
+ xlog(L_WARNING, "v4root_set: Unable to set security "
+ "flavors on pseudo root");
+ }
+ }
+}
+
+
nfs-utils-1.2.1-mount-eperm.patch:
stropts.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
--- NEW FILE nfs-utils-1.2.1-mount-eperm.patch ---
commit 26a14b65991b79d317638f78dc6b4e5ac1ef712e
Author: Neil Brown <neilb at suse.de>
Date: Mon Dec 7 17:23:48 2009 -0500
mount.nfs: Retry v4 mounts with v3 on ENOENT errors
Retry v4 mounts with a v3 mount when the version
is not explicitly specified and the mount fails
with ENOENT. The will help deal with Linux servers
that do not automatically export a pseudo root
Signed-off-by: Steve Dickson <steved at redhat.com>
diff --git a/utils/mount/stropts.c b/utils/mount/stropts.c
index a0b9e7f..4007150 100644
--- a/utils/mount/stropts.c
+++ b/utils/mount/stropts.c
@@ -668,9 +668,10 @@ static int nfs_try_mount(struct nfsmount_info *mi)
/*
* To deal with legacy Linux servers that don't
* automatically export a pseudo root, retry
- * ENOENT errors using version 3
+ * ENOENT errors using version 3. And for
+ * Linux servers prior to 2.6.25, retry EPERM
*/
- if (errno != ENOENT)
+ if (errno != ENOENT && errno != EPERM)
break;
}
}
Index: nfs-utils.spec
===================================================================
RCS file: /cvs/pkgs/rpms/nfs-utils/F-12/nfs-utils.spec,v
retrieving revision 1.251
retrieving revision 1.252
diff -u -p -r1.251 -r1.252
--- nfs-utils.spec 20 Nov 2009 14:02:51 -0000 1.251
+++ nfs-utils.spec 7 Dec 2009 22:56:49 -0000 1.252
@@ -2,7 +2,7 @@ Summary: NFS utilities and supporting cl
Name: nfs-utils
URL: http://sourceforge.net/projects/nfs
Version: 1.2.1
-Release: 2%{?dist}
+Release: 3%{?dist}
Epoch: 1
# group all 32bit related archs
@@ -25,8 +25,8 @@ Patch02: nfs-utils-1.1.0-exp-subtree-war
Patch200: nfs-utils-1.2.0-mount-default.patch
Patch201: nfs-utils-1.2.1-nfsd-bootfail.patch
-Patch300: nfs-utils-1.2.0-v4root-rel8.patch
-Patch301: nfs-utils-1.2.0-v4root-bz538609.patch
+Patch300: nfs-utils-1.2.0-v4root-rel9.patch
+Patch301: nfs-utils-1.2.1-mount-eperm.patch
Group: System Environment/Daemons
Provides: exportfs = %{epoch}:%{version}-%{release}
@@ -82,7 +82,6 @@ This package also contains the mount.nfs
%patch201 -p1
%patch300 -p1
-%patch301 -p1
# Remove .orig files
find . -name "*.orig" | xargs rm -f
@@ -254,6 +253,10 @@ fi
%attr(4755,root,root) /sbin/umount.nfs4
%changelog
+* Mon Dec 7 2009 Steve Dickson <steved at redhat.com> 1.2.1-3
+- Updated to the latest pseudo root release (rel8).
+- mount.nfs: Retry v4 mounts with v3 on ENOENT error
+
* Fri Nov 20 2009 Steve Dickson <steved at redhat.com> 1.2.1-2
- Fixed a bug in v4root code that was causing ESTALE mounts
(bz 538609)
--- nfs-utils-1.2.0-proots-rel5.patch DELETED ---
--- nfs-utils-1.2.0-v4root-bz538609.patch DELETED ---
--- nfs-utils-1.2.0-v4root-rel6.patch DELETED ---
--- nfs-utils-1.2.0-v4root-rel8.patch DELETED ---
More information about the fedora-extras-commits
mailing list