| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
| |
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When re-exporting a NFS volume it is mandatory to specify
either a UUID or numerical fsid= option because nfsd is unable
to derive an identifier on its own.
For NFS cross mounts this becomes a problem because nfsd also
needs an identifier for every crossed mount.
A common workaround is stating every single subvolume in the
exports list too.
But this defeats the purpose of the crossmnt option and is tedious.
This is where the reexport= tries to help.
It offers various strategies to automatically derive a identifier
for NFS volumes and sub volumes.
Currently two strategies are implemented:
1. auto-fsidnum
In this mode mountd/exportd will create a new numerical fsid
for a NFS volume and subvolume. The numbers are stored in a database,
via fsidd, such that the server will always use the same fsid.
The entry in the exports file allowed to skip the fsid= option but
stating a UUID is allowed, if needed.
This mode has the obvious downside that load balancing is by default not
possible since multiple re-exporting NFS servers would generate
different ids.
It is possible if all load balancers use the same database.
This can be achieved by using nfs-utils' fsidd and placing it's sqlit
database on a network share which supports file locks or by implementing
your own fsidd which is able to provide consistent fsids across multiple
re-exporting nfs servers.
2. predefined-fsidnum
This mode works just like auto-fsidnum but does not generate ids
for you. It helps in the load balancing case. A system administrator
has to manually maintain the database and install it on all re-exporting
NFS servers. If you have a massive amount of subvolumes this mode
will help because you don't have to bloat the exports list.
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
More information about RPC-with-TLS and some brief set-up guidance
are to be provided in a separate man page in Section 7.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
| |
Cc: Rick Macklem <rick.macklem@gmail.com>
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
The overall goal is to enable administrators to require the use of
transport layer security when clients access particular exports.
This patch adds support to exportfs to parse, display, and push
into the kernel a new xprtsec= export option.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
The missing "-" means that "-S" isn't mentioned at all.
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If you try to mount from a server that is inaccessible you might get an
error like:
mount.nfs: No route to host
This is OK when running "mount" interactively, but hardly useful when
found in system logs.
This patch changes mount_error() to always included at least one of
mount_point and spec in any error message.
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
| |
Signed-off-by: Yongcheng Yang <yongcheng.yang@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
autoconf AC_SYS_LARGEFILE is used by configure to add needed defines
when needed for enabling 64bit off_t, therefore replacing statfs64 with
statfs should be functionally same. Additionally this helps compiling
with latest musl where 64bit LFS functions like statfs64 and friends are
now moved under _LARGEFILE64_SOURCE feature test macro, this works on
glibc systems because _GNU_SOURCE macros also enables
_LARGEFILE64_SOURCE indirectly. This is not case with musl and this
latest issue is exposed.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
NFSv4.1 and later require the server to report a "scope". Servers with
the same scope are expected to understand each other's state ids etc,
though may not accept them - this ensure there can be no
misunderstanding. This is helpful for migration.
Servers with different scope are known to be different and if a server
appears to change scope on a restart, lock recovery must not be
attempted.
It is important for fail-over configurations to have the same scope for
all server instances. Linux NFSD sets scope to host name. It is common
for fail-over configurations to use different host names on different
server nodes. So the default is not good for these configurations and
must be over-ridden.
As discussed in
https://github.com/ClusterLabs/resource-agents/issues/1644
some HA management tools attempt to address this with calls to "unshare"
and "hostname" before running "rpc.nfsd". This is unnecessarily
cumbersome.
This patch adds a "-S" command-line option and nfsd.scope config value
so that the scope can be set easily for nfsd.
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When started nfs-blkmap.service, the PID file can't be opened, The
cause is that the child process does not create the PID file before
the systemd reads the PID file.
Adding "ExecStartPost=/bin/sleep 0.1" to
/usr/lib/systemd/system/nfs-blkmap.service will probably solve this
problem, However, there is no guarantee that the above solutions are
effective under high cpu pressure.So replace the daemon function with
the fork function, and put the behavior of creating the PID file in
the parent process to solve the above problems.
Signed-off-by: zhanchengbin <zhanchengbin1@huawei.com>
Signed-off-by: Zhiqiang Liu <liuzhiqiang26@huawei.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
Update the man page to explicitly say setting
nfsv4=n turns off all v4 versions
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
In function nfs_parse_square_bracket, hostname could be NULL,
dereferencing it in free(*hostname) may cause an unexpected segfault.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2136807
Signed-off-by: Zhi Li <yieli@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
The serial->data is not malloced separately (just part of
the serial), so it can't be freed. The bl_serial has its
own free function. Use it.
Signed-off-by: Lixiaokeng <lixiaokeng@huawei.com>
Signed-off-by: Zhiqiang Liu <liuzhiqiang26@huawei.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
regex.c:545:43: error: a function declaration without a prototype is deprecated in all versions of C [-Werror,-Wstrict-prototypes]
struct trans_func *libnfsidmap_plugin_init()
^
void
See: 167f2336b06e1bcbf26f45f2ddc4a535fed4d393
Signed-off-by: Sam James <sam@gentoo.org>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The systemctl stop nfs-blkmap.service will sends the SIGTERM signal
to the nfs-blkmap.service first.If the process fails to be stopped,
it sends the SIGKILL signal again to kill the process.
However, exit(1) is executed in the SIGTERM processing function of
nfs-blkmap.service. As a result, systemd receives an error message
indicating that nfs-blkmap.service failed.
"Active: failed" is displayed when the systemctl status
nfs-blkmap.service command is executed.
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: zhanchengbin <zhanchengbin1@huawei.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
Clang is now erroring out on functions with out parameter types
Fixes errors like
error: a function declaration without a prototype is deprecated in all versions of C [-Werror,-Wstrict-prototypes]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
There seem to be some undocumented options implemented.
Why not mention them in the man page?
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
It's a little irritating to only see the template "<...>@<...>" if you
set a specific principal name. So let's show it (if set).
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
This patch fixes a bug when trying to set "principal" in /etc/nfs.conf.
Memory gets freed by conf_cleanup() before being used - moving cleanup
code resolves that.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
The nfsidmap manual page is supposed to be in section 8, but calls the
.TH macro with a section argument of 5. This results in an incorrect
header and causes debhelper (in Debian) to install it in the section 5
directory. Fix that.
Signed-off-by: Ben Hutchings <benh@debian.org>
Signed-off-by: Salvatore Bonaccorso <carnil@debian.org>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
nfs-idmapd.service would report following error when stopped:
Starting NFSv4 ID-name mapping service...
rpc.idmapd[1198]: Setting log level to 0
Started NFSv4 ID-name mapping service.
rpc.idmapd[1198]: exiting on signal 15
Stopping NFSv4 ID-name mapping service...
nfs-idmapd.service: Main process exited, code=exited, status=1/FAILURE
nfs-idmapd.service: Failed with result 'exit-code'.
Stopped NFSv4 ID-name mapping service.
commit 93e8f092(idmapd: Add graceful exit and resource cleanup)
redirected SIGTERM, so when executing "systemctl stop nfs-idmapd", the
main() of idmapd would running to tail to return, while it returned 1
which considered as error by systemd.
So here just return 0 in main().
Signed-off-by: Wenchao Hao <haowenchao@huawei.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Commit 14258541 add a check that had a '||'
instead of a '&&' which is the typo.
The intention of commit 14258541 was to show
EBUSY errors but this error is not shown when
the mount point does exists (commit afda50fc).
In the end, EBUSY are now interrupted correctly
in this corner case.
Signed-off-by: Steve Dickson <steved@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
When mount is triggered for an already mounted
share (using auto negotiation), it displays
"mount.nfs: Protocol not supported" or
"mount.nfs: access denied by server while mounting"
instead of EBUSY. This easily causes confusion if
the mount was not tried verbose :
Signed-off-by: Rohan Sable <rsable@redhat.com>
Signed-off-by: Yongcheng Yang <yoyang@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In idmapd.conf.5, there is a line of what should be literal text
beginning with ".", which makes it an (invalid) command. It can be
escaped, but then there will be a space before it. Instead, Move it
to the previous line and use the .BR macro so there's no space.
In idmapd.man, the .I (italic) macro is used. However, this manual
page uses the mdoc macro package that does not include it. Use the
.Em (emphasis) macro instead.
In nfsmount.conf.man, the first line should be a comment but it is
actually an invalid command. Fix it to be a comment.
Signed-off-by: Ben Hutchings <benh@debian.org>
Signed-off-by: Salvatore Bonaccorso <carnil@debian.org>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Patch for 497ffdf8 ('manpage: remove the no longer supported value
"vers2"') [1] didn't contain printf in exportfs.c (looks like debugging
info) and errno handling in stropts.c (maybe work on other patch) which
were applied. Thus removing it.
[1] https://lore.kernel.org/linux-nfs/20220117031356.13361-1-yoyang@redhat.com/raw
Signed-off-by: Petr Vorel <pvorel@suse.cz>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
| |
Signed-off-by: Yongcheng Yang <yongcheng.yang@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
Commit f054365d removed the unnecessary bind() call
but did not remove the error lable.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
This patch removes the ability to do NFS v2
mounts. They will now fail with EOPNOTSUPP.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When clnt_ping() calls get_socket(), get_socket() will create a socket,
call bind() to choose an unused local port, and then connect to the
given address.
The "bind()" call is unnecessary and problematic.
It is unnecessary as the "connect()" call will bind the socket as
required.
It is problematic as it requires a completely unused port number, rather
than just a port number which isn't currently in use for connecting to
the given remote address.
If all local ports (net.ipv4.ip_local_port_range) are in use, the bind()
will fail. However the connect() call will only fail if all those port
are in use for connecting to the same address.
So remove the unnecessary bind() call.
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
mount.nfs* umount.nfs* and nfsdcltrack are currently always installed in
/sbin.
Many distros are moving to a "merged /usr" where /sbin and others are
symlinks into /usr/sbin or similar. In these cases it is inelegant to
install in /sbin (i.e. install through a symlink).
So we add "--disable-sbin-override" as a configure option. This causes
the same sbindir to be used for *mount.nfs* and nfsdcltrack as for other
system binaries.
Note that autotools notices if we simply define "sbindir=/sbin"
inside an "if CONFIG_foo" clause, gives a warning, and defeats our
intent.
So instead, we use the @CONFIG_SBIN_OVERRIDE_TRUE@ prefix to find
the new declaration when we don't want it.
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
When client discovers trunkable servers, instead of dropping newly
created trunkable connections, add this connection to the existing
RPC client.
Signed-off-by: Olga Kornievskaia <kolga@netapp.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
A recent cleanup of debug messages added func and tid format specifiers
to a debug message (when full hostname was different), but the func name
and tid were NOT added as arguments.
Consequently there weren't enough args, random bytes of the stack were
interpreted as a pointer, and rpc.gssd crashed (when -v was specified).
Fixes: b538862a5135 ("gssd: Cleaned up debug messages")
Reviewed-by: Petr Vorel <pvorel@suse.cz>
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
| |
leak of mountlist struct and content on error
Signed-off-by: Alice Mitchell <ajmitchell@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
query_krb5_ccache: if the ret_realm strdup fails then ret_princname leaks
gssd_get_krb5_machine_cred_list: l was being leaked if the realloc failed
it was also leaked if the strdup of ccname failed
Signed-off-by: Alice Mitchell <ajmitchell@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
ccachedir_copy isnt used properly and is leaking, ccachedir gets modified
by a strtok, altering the original argv or conf parameter which is an
undesirable side-effect
Signed-off-by: Alice Mitchell <ajmitchell@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
With recent commits (4f2a5b64,5a53426c) that fixed
compile errors on x86_64 machines, caused similar
errors on i686 machines.
The variable type that was being used was a time_t,
which changes size between architects, which
caused the compile error.
Changing the variable to uint64_t fixed the issue.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
| |
Make the state directory configurable.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
nfsdcltrack.c: In function 'cltrack_gracedone':
nfsdcltrack.c:528:47: error: format '%ld' expects argument of type 'long int', but argument 4 has type 'time_t' {aka 'long long int'} [-Werror=format=]
Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
| |
sqlite.c: In function 'sqlite_remove_unreclaimed':
sqlite.c:547:71: error: format '%ld' expects argument of type 'long int', but argument 4 has type 'time_t' {aka 'long long int'} [-Werror=format=]
Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The new mount API broke how the sloppy option is parsed.
So the option processing needs to be moved up in
the mount.nfs command.
The option needs to be the first option in the string
that is passed into the kernel with the -s mount(8)
and/or the -o sloppy is used.
Commit 92b664ef fixed the process of the -s flag
and this version fixes the -o sloppy processing
as well works when libmount-mount is and is not
enabled plus cleans up the mount options passed
to the kernel.
Reviewed-and-tested-by: Dave Wysochanski <dwysocha@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
Added tids to a number of statements
Broke the lifetime_rec secs into a readable format
Printed tids out correctly
Trim down the output of both '-v' and '-vv'
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Previously, the 'sloppy' option was appended to other options
so that when kernel parses the options sequentially, the
'sloppy' option will not work if there's a invalid option in
front of it.
use 'po_insert' instead 'po_append'
Signed-off-by: Jianhong Yin <yin-jianhong@163.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
| |
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
| |
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a global list of active upcalls and a watchdog thread that walks the
list, looking for threads running longer than timeout seconds. By
default, an error message will by logged to the syslog.
The upcall timeout can be specified by passing the -U option or by
setting the upcall-timeout parameter in nfs.conf.
Passing the -C option or setting cancel-timed-out-upcalls=1 in nfs.conf
causes the watchdog thread to also cancel timed-out upcall threads and
report an error of -ETIMEDOUT to the kernel.
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
If we fail to create a thread to handle an upcall, we still need to do a
downcall to tell the kernel about the failure, otherwise the process
that is trying to establish gss credentials will hang.
This patch shifts the thread creation down a level in the call chain so
now the main thread does a little more work up front (reading & parsing
the data from the pipefs file) so it has the info it needs to be able
to do the error downcall.
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
