| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
|
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
| |
Signed-off-by: Olaf Kirch <okir@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
| |
Signed-off-by: Olaf Kirch <okir@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
While this is not strictly necessary (you can use "rpcinfo <hostname>"
instead), some older scripts may rely on rpcinfo to work with
just about any hostname. Let's be gentle with them. It doesn't
cost us much.
Signed-off-by: Olaf Kirch <okir@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently, rpcinfo supports two ways to test whether a given
service is alive.
For IPv4 hosts, you can use -u and -t. But for IPv6, you need
to use "rpcinfo -a" and specify the host through a universal
address, which is fairly inconvenient.
This patch modifies ip_ping to allow using -u and -t for IPv6
addresses and hosts as well.
Signed-off-by: Olaf Kirch <okir@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The code doing the actual RPC NULL calls and the handling of
VERSMISMATCH was a bit convoluted. We would destroy and re-create
the client handle, and sometimes the associated file descriptor
would be closed and sometimes not.
Clean this up by introducing a new function ip_ping_one, which
does the actual NULL call to the indicated program version without
destroying the client handle, ever.
Signed-off-by: Olaf Kirch <okir@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
| |
In init_transport, move creation of COTS sockets
closer to where they are used
Signed-off-by: Olaf Kirch <okir@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
This seems to be an old remnant from the very early days of IPv6
when the kernel would include the ifindex in the link-local
addresses returned by getifaddrs(). This is no longer the case on
Linux, so the code is a no-op.
A no-op that makes gcc throw warnings about illegal type-punning.
Signed-off-by: Olaf Kirch <okir@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
| |
Don't print an error message on warmstart if the
startup files don't exist (take two)
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
| |
Always notify systemd that rpcbind is ready and running.
Signed-off-by: Thorsten Kukuk <kukuk@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
Systemd will, by default, pass a socket that provides both IPv4 and
IPv6 services. RPC netconfig requires that sockets be either IPv4
or IPv6. Adjust the rpcbind.socket unit file and add a warning
to rpcbind should the user encounter an issue.
Signed-off-by: Jeff Mahoney <jeffm@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
| |
Don't print an error message on warmstart if the
startup files don't exist.
Signed-off-by: Thorsten Kukuk <kukuk@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
There's code in rpcbind that tries to configure nss lookups so that it
avoids NIS when resolving user names or service names. Unfortunately,
this code is turned into a no-op unless HAVE_NSS_H is defined. Which
it is not unless the configure script actually checks for it.
Signed-off-by: Olaf Kirch <okir@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
| |
Those debug messages were not useful at all.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Making rpcbind sockect activated will greatly simplify
its integration in systemd systems. In essence, other services
may now assume that rpcbind is always available, even during very
early boot. This means that we no longer need to worry about any
ordering dependencies.
Original-patch-by: Lennart Poettering <lennart@poettering.net>
Cc: systemd-devel@lists.freedesktop.org
Acked-by: Cristian RodrÃguez<crrodriguez@opensuse.org>
Signed-off-by: Tom Gundersen <teg@jklm.no>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
From: Sami Wagiaalla <swagiaal@redhat.com>
I was having trouble setting up NFS on Atomic Host. It turns out
there is an issue when rpcbind is trying to find the uid of the
rpc user. OSTree based operating systems store user information
for system users such as the rpc user in /usr/lib/passwd and
leaves /etc/passwd for humans users. This is enabled by the use
of the nss module nss-altfiles which allows one to specify
additional files to be added the the passwd database. rpcbind
however overrides the rule added to /etc/nsswitch.conf and removes
"altfiles" from the list of modules by doing the following:
__nss_configure_lookup("passwd", "files");
This was added in commit 77f7556878d1fe03dc ("[...]use
__nss_configure_lookup() to restrict the [rpc user] lookup") to
remove "nis" form the list of modules and prevent rpcbind from
having a circular dependency on itself. In an OSTree based
operating system however this prevents rpcbind from finding the rpc
user and the service cannot start.
This patch adds an option --with-nss-modules which allows one
to specify the nss modules which should be searched for user
information. The default setting is "files" which preserves the
current behavior, but this enables one to add other modules to
the search path.
Signed-off-by: Sami Wagiaalla <swagiaal@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
| |
src/rpcbind.c:243:3: warning: implicit declaration of function 'setgroups'
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
| |
When systemd bring rpcbind down, via an expect signal,
exit gracefully with a zero status and don't log a
meaningless message.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
src/util.c: In function ?in6_fillscopeid?:
src/util.c:106:3: warning: dereferencing type-punned pointer will break
strict-aliasing rules [-Wstrict-aliasing]
ifindex = ntohs(*(u_int16_t *)&sin6->sin6_addr.s6_addr[2]);
^
src/util.c:109:4: warning: dereferencing type-punned pointer will break
strict-aliasing rules [-Wstrict-aliasing]
*(u_int16_t *)&sin6->sin6_addr.s6_addr[2] = 0;
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
| |
Commit 8d7a0708 cause a regression where the rpcuser id was not
being set, which in turn cause rpcbind to immediately exit.
This patch removes the extra ',' that was in the AC_ARG_WITH
statement in the configure.ac file.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
| |
Newer autotools wants this to end in .ac.
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
The nss.h header is glibc-specific, so use the existing HAVE_NSS_H define
to avoid including/using it when it is not available.
URL: http://bugs.gentoo.org/458024
Reported-by: Mark Reiche <porphyr@gmx.de>
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
| |
If xp_auth is NULL, the transport routines will not send
the reply. This patch fixes that problem.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
| |
Commit 8d7a0708 introduce a regression that cause rpcbind
to run as root instead of the user define by RPCBIND_USER
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
| |
Drop out of the 'root' group to ensure the process does
not have any access to writable or readable files
to that group.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch relaxes the is_loopback() check to its original meaning;
i.e. verify that the caller is local. We no longer check whether
the source port is privileged, for a number of reasons.
1) The existing check did not allow *any* non-root program to register
a services via UDP or TCP transport. It did however allow
*any* registration when using the AF_LOCAL transport.
2) Unregistration of services is only possible if the caller has
the same "user name", i.e.
"superuser"
for root (when connecting through AF_LOCAL sockets,
or when using pmap_set with a privileged port)
numeric uid
for non-root users when connecting through AF_LOCAL
sockets
"unknown"
for all other users
This seems safe enough to allow the removal of the privileged port
check in is_localhost.
Signed-off-by: Olaf Kirch <okir@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
Registers from the kernel do not come in on AF_LOCAL
sockets so the exact owners of the service can not be determined.
But given the fact the loopback address is used and a privilege
port used, it can be assumed the owner of the service should
be the superuser.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
Previously, check_access() would take a void pointer argument, which
could be either a struct pmap, or a struct rpcb. The only bit of
information which is really needed is the RPC program number,
so we pass that instead.
Signed-off-by: Olaf Kirch <okir@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Don't use libtool as we're not building any shared library.
Make sure that arguments are properly indented and documented in
./configure --help, avoid abusing conditional expansions.
Check for pthread using AC_SEARCH_LIBS so that it can be easily
extended.
Drop header checks (likely coming from autoscan) given that the code
never tests for HAVE_*_H.
Delete the config.h.in template that is part of the autogenerated files,
and INSTALL that is auto-added by automake (it's not customized).
Define RPCBIND_STATEDIR and RPCUSER directly in Makefile.am as it's done
for the other defines. Drop the config.h support since it's not really
useful at this point. Avoid defining VERSION twice.
Signed-off-by: Diego Elio Pettenò <flameeyes@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
By using non-recursive make we cut down the time needed to build
rpcbind,
without losing any feature at all.
Beside making it non-recursive, also clean the makefile up a bit.
Signed-off-by: Diego Elio Pettenò <flameeyes@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
| |
This allows to properly cross-compile rpcbind, as /usr/include/tirpc is
no longer a valid path in that case.
Signed-off-by: Diego Elio Pettenò <flameeyes@gmail.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
| |
Signed-off-by: Lennart Poettering <lennart@poettering.net>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
I previously sent this patch to the libtirpc-devel list but got no
response. Resending with wider distribution...
If we don't set SO_REUSEADDR, then if there are any sockets on this port
in TIME_WAIT state when rpcbind is restarted then that will prevent the
bind() call from succeeding.
Details of the problem are here:
https://bugzilla.redhat.com/show_bug.cgi?id=597356
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
| |
page says.
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
| |
the explicit permission of Sun Microsystems
Signed-off-by: Tom "spot" Callaway <tcallawa@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
fails on a PPC64 because CLNT_CONTROL expects the version number
to be a 32 bit quantity. u_long probably works fine on
little endian machines, but won't work on big endian
machines.
Signed-off-by: Frank Filz <ffilzlnx@us.ibm.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
to u_int32_t from u_long
This fixes a problem where "rpcinfo -T transport host prognum"
fails on a PPC64 because CLNT_CONTROL expects the version
number to be a 32 bit quantity. u_long probably works fine
on little endian machines, but won't work on big endian machines.
Signed-off-by: Frank Filz <ffilzlnx@us.ibm.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
| |
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
Change order of AC_PROG_LIBTOOL macro invocation in configure.in to
eliminate autotool warning:
Remember to add `AC_PROG_LIBTOOL' to `configure.in'.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Eliminate make warnings when building rpcbind and rpcinfo:
make[3]: Circular security.o <- security.o dependency dropped.
make[3]: Circular util.o <- security.o dependency dropped.
make[3]: Circular util.o <- util.o dependency dropped.
make[3]: Circular util.o <- check_bound.o dependency dropped.
make[3]: Circular pmap_svc.o <- security.o dependency dropped.
make[3]: Circular pmap_svc.o <- util.o dependency dropped.
make[3]: Circular pmap_svc.o <- check_bound.o dependency dropped.
make[3]: Circular pmap_svc.o <- pmap_svc.o dependency dropped.
and so on.
Apparently src/Makefile.am needs either a list of source files or a
list of object files, but not both.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
|