| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If /etc/krb5.keytab does not exist, then krb5 cannot work, so
advertising it as an option for v4root is pointless.
Since linux commit 676e4ebd5f2c ("NFSD: SECINFO doesn't handle
unsupported pseudoflavors correctly") this can result in an unhelpful
warning if the krb5 code is not built, or built as a module which is not
installed.
[ 161.668635] NFS: SECINFO: security flavor 390003 is not supported
[ 161.668655] NFS: SECINFO: security flavor 390004 is not supported
[ 161.668670] NFS: SECINFO: security flavor 390005 is not supported
So avoid advertising krb5 security options when krb5.keytab cannot be
found.
Note that testing for /etc/krb5.keytab is what we already do in a couple
of systemd unit file to determine if krb5 is enabled.
Link: https://lore.kernel.org/linux-nfs/20170104190327.v3wbpcbqtfa5jy7d@codemonkey.org.uk/
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
When a re-exporting NFS server reboots, none of the subvolumes are present.
This is because the NFS client code will mount only upon first access.
So, when we see an NFS handle with an yet unknown fsidnum, lookup in
the reexport database for it.
If one is found, stat the path to trigger the mount.
That way stale NFS handles are avoided after a reboot.
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
| |
Detect the case when a NFS share is re-exported and assign an
fsidnum to it.
The fsidnum is read (or created) from the reexport database.
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When re-exporting a NFS volume it is mandatory to specify
either a UUID or numerical fsid= option because nfsd is unable
to derive an identifier on its own.
For NFS cross mounts this becomes a problem because nfsd also
needs an identifier for every crossed mount.
A common workaround is stating every single subvolume in the
exports list too.
But this defeats the purpose of the crossmnt option and is tedious.
This is where the reexport= tries to help.
It offers various strategies to automatically derive a identifier
for NFS volumes and sub volumes.
Currently two strategies are implemented:
1. auto-fsidnum
In this mode mountd/exportd will create a new numerical fsid
for a NFS volume and subvolume. The numbers are stored in a database,
via fsidd, such that the server will always use the same fsid.
The entry in the exports file allowed to skip the fsid= option but
stating a UUID is allowed, if needed.
This mode has the obvious downside that load balancing is by default not
possible since multiple re-exporting NFS servers would generate
different ids.
It is possible if all load balancers use the same database.
This can be achieved by using nfs-utils' fsidd and placing it's sqlit
database on a network share which supports file locks or by implementing
your own fsidd which is able to provide consistent fsids across multiple
re-exporting nfs servers.
2. predefined-fsidnum
This mode works just like auto-fsidnum but does not generate ids
for you. It helps in the load balancing case. A system administrator
has to manually maintain the database and install it on all re-exporting
NFS servers. If you have a massive amount of subvolumes this mode
will help because you don't have to bloat the exports list.
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
| |
Add some helper functions which will be used by the reexport
mechanism to create and find fsidnums for re-exported NFS shares.
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
The overall goal is to enable administrators to require the use of
transport layer security when clients access particular exports.
This patch adds support to exportfs to parse, display, and push
into the kernel a new xprtsec= export option.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently the following setup causes failure:
1. /etc/exports:
/ *(rw,crossmnt,no_subtree_check,fsid=root)
2. /etc/nfs.conf:
[exports]
rootdir=/nfs_srv
3. Mounts:
/root/fs1.ext4 on /nfs_srv type ext4 (rw,relatime)
/root/fs2.ext4 on /nfs_srv/fs2 type ext4 (rw,relatime)
4. On the client:
$ ls /nfs_client/fs2
ls: cannot open directory '/nfs_client/fs2': Stale file handle
The problem is that next_mnt() misses the corner case that
every mount is a sub-mount of "/".
So it fails to see that /nfs_srv/fs2 is a mountpoint when the
client asks for fs2 it and as consequence the crossmnt mechanism
fails.
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
| |
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2151966
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
autoconf AC_SYS_LARGEFILE is used by configure to add needed defines
when needed for enabling 64bit off_t, therefore replacing statfs64 with
statfs should be functionally same. Additionally this helps compiling
with latest musl where 64bit LFS functions like statfs64 and friends are
now moved under _LARGEFILE64_SOURCE feature test macro, this works on
glibc systems because _GNU_SOURCE macros also enables
_LARGEFILE64_SOURCE indirectly. This is not case with musl and this
latest issue is exposed.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
Clang is now erroring out on functions with out parameter types
Fixes errors like
error: a function declaration without a prototype is deprecated in all versions of C [-Werror,-Wstrict-prototypes]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
simplify the check, stat() return 0 on success -1 on failure
Fixes clang reported errors e.g.
| v4clients.c:29:6: error: logical not is only applied to the left hand side of this comparison [-Werror,-Wlogical-not-parentheses]
| if (!stat("/proc/fs/nfsd/clients", &sb) == 0 ||
| ^ ~~
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Kernel major version does not always provide 100% certainty about
presence or absence of a feature, for example:
- some distros backport feature from mainstream kernel to older kernels
- if NFS server is run inside a system container the reported kernel
version inside the container may be faked
So let's determine the feature presence by checking
'/proc/fs/nfsd/clients/' directory presence instead of checking the
kernel version.
Signed-off-by: Konstantin Khorenko <khorenko@virtuozzo.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
| |
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1979816
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There are two global "struct stat_paths" structures: etab and rmtab.
They are currently needed by some library code so any program which is
linked with that library code needs to declare the structures even if it
doesn't use the functionality. This is clumsy and error-prone.
Instead: have the library declare the structure and put the definition
in a header file. Now programs only need to know about these structures
if they use the functionality.
'rmtab' is now declared in libnfs.a (rmtab.c). 'etab' is declared in
export.a (xtab.c).
Reviewed-by: Petr Vorel <pvorel@suse.cz>
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since v4.17 the timestamp written to 'flush' is ignored,
so there isn't much point choosing too precisely.
For kernels since v4.3-rc3-13-g778620364ef5 it is safe
to write 1 second beyond the current time.
For earlier kernels, nothing is really safe (even the current
behaviour), but writing one second beyond the current time isn't too bad
in the unlikely case the people use a new nfs-utils on a 5 year old
kernel.
This remove a dependency for libnfs.a on 'etab' being declare,
so svcgssd no longer needs to declare it.
Reviewed-by: Petr Vorel <pvorel@suse.cz>
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Some filesystems cannot be exported without an fsid or uuid.
tmpfs is the main example.
When mountd (or exportd) creates nfsv4 pseudo-root exports for the path
leading down to an export point it exports each directory without any
fsid or uuid. If one of these directories is on tmpfs, that will fail.
The net result is that exporting a subdirectory of a tmpfs filesystem
will not work over NFSv4 as the parents within the filesystem cannot be
exported. It will either fail, or fall-back to NFSv3 (depending on the
version of the mount.nfs program).
To fix this we need to provide an fsid or uuid for these pseudo-root
exports. This patch does that by creating an RFC-4122 V5 compatible
UUID based on an arbitrary seed and the path to the export.
To check if an export needs a uuid, text_export() is moved from exportfs
to libexport.a, modified slightly and renamed to export_test().
Reported-by: Petr Vorel <pvorel@suse.cz>
Reviewed-by: Petr Vorel <pvorel@suse.cz>
Tested-by: Petr Vorel <pvorel@suse.cz>
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It is possible (and common with the Linux NFS client) for the nfs server
to receive multiple SET_CLIENT_ID or EXCHANGE_ID requests when starting
a connection. This results in some clients appearing in
/proc/fs/nfsd/clients
which never get confirmed. mountd currently logs these, but they aren't
really helpful.
If the kernel supports the reporting of the confirmation status of
clients, we can suppress the message until a client is confirmed.
With this patch we:
- record if the client is confirmed, assuming it is if the status is
not reported
- don't log unconfirmed clients
- request MODIFY notification from unconfirmed clients.
- recheck an info file when it is modified.
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
NFSv4 does not have a MOUNT request like NFSv3 does (via the MOUNT
protocol). So these cannot be logged.
NFSv4 does have SETCLIENTID and EXCHANGE_ID. These are indirectly
visible though changes in /proc/fs/nfsd/clients.
When a new client attaches, a directory appears. When the client
detaches, through a timeout (v4.0) or DESTROY_SESSION (v4.1+)
the directory disappears.
This patch adds tracking of these changes using inotify, with log
messages when a client attaches or detaches.
Unfortuantely clients are created in two steps, the second being a
confirmation. This results in a temporary client appearing and
disappearing. It is not possible (in Linux 5.10) to detect the
unconfirmed client, so extra attach/detach messages are generated.
This patch also moves some cache* function declarations into a header
file, and makes a few related changes to #includes.
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
The DEFAULT_TTL affects the rate at which authentication messages are
logged. So it is useful to make it settable.
Add "-ttl" and "-T", and add clear statement in the documentation of
both the benefits and the possible negative effects of choosing a larger
value
Signed-off-by: NeilBrown <neil@brown.name>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
When logging authentication requests, it can be easier to read the logs
if clients are always identified by IP address, not intermediate names
like netgroups or subnets.
To allow this, add --cache-use-ipaddr or -i which tell mountd to always
enable use_ipaddr.
Signed-off-by: NeilBrown <neil@brown.name>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When NFSv3 is used to mount a filesystem, success/failure messages are
logged by mountd and can be used for auditing. When NFSv4 is used,
there is no distinct "MOUNT" request, and nothing is logged.
We can instead log authentication requests from the kernel. These will
happen regularly - typically every 15 minutes of ongoing access - so
they may be too noisy, or might be more useful. As they might not be
wanted, make them selectable with the "AUTH" facility in xlog().
Add a "-l" to enable these logs. Alternately "debug = auth" will have
the same effect.
The same changes are made to both rpc.mountd and nfsv4.exportd.
Signed-off-by: NeilBrown <neil@brown.name>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When an "nfsd.fh" request is received from the kernel, we map the
file-handle prefix to a path name and report that (as required) and then
also add "nfsd.export" information with export flags applicable to that
path.
This is not necessary and was added as a perceived optimisation.
When updating data already in the kernel, it is unlikely to help as the
kernel can be expected to ask for both details at much the same time.
With NFSv3, new information is normally added by a MOUNT rpc request, so
this is irrelevant.
With NFSv4, the kernel requests the "nfsd.export" information when
walking down from ROOT, *before* requesting the nfsd.fh information, so
this "optimisation" causes unnecessary work.
A future patch will add logging of authentication requests, and this
double-handling would result in extra unnecessary log messages.
As this "optimisation" appears to have no practical value and some
(small) cost, let's remove it.
Signed-off-by: NeilBrown <neil@brown.name>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When use_ipaddr is not in effect, an auth_unix_ip lookup
request from the kernel for an unknown client will be
rejected. When it IS in effect, these requests are
always granted with the IP address being mapped to a
string form of the address, preceded by a '$'.
This is inconsistent behaviour and could present a small
information leak. It means that, for example, a SETCLIENT
NFSv4 request may or may not succeed depending on an
internal setting in rpc.mountd.
This is easily rectified by always checking if the
client is known.
Signed-off-by: NeilBrown <neil@brown.name>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
| |
Moved the junction support from mountd to libexport.a
so both exportd and mountd can use the code.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
Move the cache management code into libexport.a
so both mountd and exportd can use it.
Introduce cache_proccess_loop() which will
be used by exportd, instead of my_svc_run().
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
While most source files already use the standard header <fcntl.h>
instead of <sys/fcntl.h>, some do not, causing warnings on musl libc
systems.
Fix the remaining ones to use <fcntl.h>. As we already use the header
unconditionally in a lot of places, this change should not cause any
problems for other platforms.
Signed-off-by: Patrick Steinhardt <ps@pks.im>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
| |
Ensure that we canonicalise the export path when generating the
real path.
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
| |
Add a helper that can prepend the nfsd root directory path in order
to allow mountd to perform its comparisons with mtab etc.
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
After commit 8f459a072f93 ("Remove abuse of ai_canonname") the
ai_canonname field in addrinfo structs returned from
host_reliable_addrinfo() is always NULL. This results in mountd
segfaults when there are netgroups or hostname wildcards in
/etc/exports.
Add an extra DNS query in check_wildcard() and check_netgroup() to
obtain the client's canonical hostname instead of dereferencing
the NULL pointer.
Reported-by: Mark Wagner <mark@lanfear.net>
Fixes: 8f459a072f93 ("Remove abuse of ai_canonname")
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
| |
strdup of exportent uuid and hostname in getexportent() ends up leaking
memory. Free the memory before getexportent() is called again from xtab_read()
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1713360
Signed-off-by: Nikhil Kshirsagar <nkshirsa@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Afer the update to musl 1.1.21 freeaddrinfo is broken in some places in
the nfs-utils code because glibc seems to ignore when freeaddrinfo is
called with a NULL pointer which seems to be not defined in the spec.
See: https://www.openwall.com/lists/musl/2019/02/03/4
The free in support/export/hostname.c is removed too
See: https://www.openwall.com/lists/musl/2019/02/17/2
Define and use wrapper function nfs_freeaddrinfo to handle
freeaddrinfo versions that don't tolerate NULL pointers
Reviewed-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Peter Wagner <tripolar@gmx.at>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Peter Wagner <tripolar@gmx.at> reports a portability issue with
freeing ai_canonname (and subsequently replacing that pointer via
strdup(3)). The relevant standards text is:
> If nodename is not null, and if requested by the AI_CANONNAME
> flag, the ai_canonname field of the first returned addrinfo
> structure shall point to a null-terminated string containing the
> canonical name corresponding to the input nodename; if the
> canonical name is not available, then ai_canonname shall refer to
> the nodename argument or a string with the same contents.
There is no indication that this string may be freed using free(3).
Eg, the library could have allocated it as part of the addrinfo
struct itself, or it could point to static memory. The Linux man
page is equally silent on this issue.
There is only one caller to host_reliable_addrinfo() that actually
uses the string in ai->ai_canonname, and then only for debugging
messages. Change those to display the IP address instead.
Signed-off-by: Peter Wagner <tripolar@gmx.at>
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
client.c:486:3: warning: ‘strncpy’ destination unchanged after
copying no bytes [-Wstringop-truncation]
file.c:99:2: warning: ‘strncpy’ specified bound 4096
equals destination size [-Wstringop-truncation]
v4root.c:95:2: warning: ‘strncpy’ specified bound 1025
equals destination size [-Wstringop-truncation]
sm-notify.c:572:3: warning: ‘strncpy’ specified bound 1025
equals destination size [-Wstringop-truncation]
nfs4mount.c:221:3: warning: ‘strncpy’ specified bound 1024
equals destination size [-Wstringop-truncation]
nfsmount.c:831:2: warning: ‘strncpy’ specified bound 256
equals destination size [-Wstringop-truncation]
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The xdr c-files, generated from .x by rpcgen, in both
libnsm.a and libexport.a libraries cause the
following warnings:
mount_xdr.c:43:20: warning: unused variable 'buf' [-Wunused-variable]
sm_inter_xdr.c:37:20: warning: unused variable 'buf' [-Wunused-variable]
sm_inter_xdr.c:51:6: warning: unused variable 'i' [-Wunused-variable]
These warnings are caused by rpcgen trying in inline
the xdr routines. It turns out no inlining was happening,
except for one routine. So turning off inlining eliminated
these warnings.
This patch also eliminates a Werror missing-prototypes in sm_inter.h
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
| |
Reviewed-by: NeilBrown <neilb@suse.com>
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This systemcall was deprecated early in the 2.6 series
as it was replaced by an in-kernel cache which was refilled
using an upcall. All communication to kernel is now through
the nfsd filesystem.
The nfsctl systemcall itself was removed in 3.1.
It is unlikely to have been used for over a decade.
To remove all uses for the nfsctl systemcall, and call code that only
runs when "new_cache" is false. We now assume "new_cache" is always
true.
This allows the removal of several files as well as assorted functions.
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
/var/lib/nfs/xtab is only used to find out what has been exported to
the kernel. This is more reliably done by reading
/proc/fs/nfs{,d}/export and nfs-utils uses that file if is available.
So xtab is only need if you have an incredibly ancient kernel which
doesn't have /proc/fs/nfs/export (and so which only supports NFSv2) or
if /proc is not mounted.
Neither of these are credible contexts to run a modern nfs-utils,
so stop creating or reading the xtab file.
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
nfs-server-generator is run very early when a lot of services are not
yet started, so it mustn't depend on them. Currently it can try to
use hostname lookup and syslog. Using hostname lookup can cause
errors and when these are logged via syslog, it can cause the
generator to block indefinitely
Hostname-lookup is not needed, as we don't use the host issue,
and sending message to stderr is sufficient for the generator.
Disabling syslog is easy - call a function that sets a static variable.
Disabling hostname lookup requires adding an "ignore_hosts" flags to
export_read and export_d_read().
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
| |
This places it in the same place as the similar export_read(),
and allows it to be called from other programs.
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
If we fall back to using the numeric host then we shouldn't call
xlog with D_GENERAL. That can cause 'exportfs -u' to exit with a 1
if, for example, you have exports using ip addresses that can't be
resolved to hostnames. Use D_PARSE instead.
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
| |
An if statement has been missing a brace since host_ntop() was added in
commit 94ce1eb94babb4c587b2826452fb053cba745098 ("libexport.a: Add
helpers to manage DNS lookups").
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
| |
URL: https://bugzilla.redhat.com/show_bug.cgi?id=1287468
Signed-off-by: Rinku Kothiya <rkothiya@redhat.com>
Signed-off-by: Mohit Agrawal <moagrawa@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Commit 9a92ef6f to add netgroup lookup of resolvable
IP addresses inadvertently broke the netgroup
check for short hostnames.
This patch fixes that breakage by changing the IP address
lookup to use a separate variable.
Signed-off-by: Frank Sorenson <sorenson@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
| |
Commit d89e3fc7 removed the EAI_NONAME check altogether instead of just
moving the NULL check. This causes exportfs -u to incorrectly exit
with 1 whenever there's more than one MCL_FQDN export in the exportlist.
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If a netgroup entry specifies an IP address, and that
IP address can be resolved to a name, mountd will
currently only test whether the canonical name and
any aliases are in the netgroup, and does not test
whether the IP address is in the netgroup (IP
addresses which do not resolve to a name are
already checked against the netgroup).
This patch adds the check to see whether the IP
addresses are in the netgroup.
Signed-off-by: Frank Sorenson <sorenson@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Throw 'No file systems exported!' iff no volume is exported rather
then if some exports file is empty. Typically this can happen if
the default /etc/exports file is empty and admin installed
configuration into /etc/exports.d directory.
This is follow-up for e725def62c73b4 commit.
Signed-off-by: Pavel Raiskup <praiskup@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
Commit 076dd80 introduced a regression that causes
exportfs to fail when there is an empty /etc/exports
file. A empty /etc/exports file is valid and should
not cause exportfs to fail.
Signed-off-by: Steve Dickson <steved@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
| |
The patch to nfs/exportfs to allow nfsd to start when
there are some, but not all, unresolvable entries in
/etc/exports.
Signed-off-by: Henrique Martins <linux@martins.cc>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
| |
This fixes the problem reported in:
https://bugzilla.redhat.com/show_bug.cgi?id=1083018
Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
| |
Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
Signed-off-by: Steve Dickson <steved@redhat.com>
|