Merge lp:~ubuntu-branches/ubuntu/quantal/nfs-utils/quantal-201208150648 into lp:ubuntu/quantal/nfs-utils
- Quantal (12.10)
- quantal-201208150648
- Merge into quantal
Status: | Rejected |
---|---|
Rejected by: | James Westby |
Proposed branch: | lp:~ubuntu-branches/ubuntu/quantal/nfs-utils/quantal-201208150648 |
Merge into: | lp:ubuntu/quantal/nfs-utils |
Diff against target: |
4116 lines (+22/-3858) 23 files modified
.pc/01-sm-notify-in-sbin.patch/utils/statd/statd.c (+0/-493) .pc/02-524255-manpages.patch/utils/exportfs/nfsd.man (+0/-206) .pc/02-524255-manpages.patch/utils/nfsd/nfsd.man (+0/-105) .pc/03-handle-mtab-symlink.patch/utils/mount/fstab.c (+0/-649) .pc/03-handle-mtab-symlink.patch/utils/mount/fstab.h (+0/-31) .pc/03-handle-mtab-symlink.patch/utils/mount/mount.c (+0/-550) .pc/11-532048-reduce-verbosity.patch/utils/gssd/gss_util.c (+0/-341) .pc/11-532048-reduce-verbosity.patch/utils/gssd/gssd_proc.c (+0/-1241) .pc/16-mount.nfs.man-update-distinction-between-fstype.patch/utils/mount/mount.nfs.man (+0/-86) .pc/17-multiarch-kerberos-paths.patch/aclocal/kerberos5.m4 (+0/-115) .pc/applied-patches (+0/-8) aclocal/kerberos5.m4 (+0/-2) utils/exportfs/nfsd.man (+0/-1) utils/gssd/gss_util.c (+1/-1) utils/gssd/gssd_proc.c (+3/-3) utils/mount/fstab.c (+1/-1) utils/mount/fstab.h (+0/-1) utils/mount/mount.c (+0/-7) utils/mount/mount.nfs.man (+4/-8) utils/nfsd/nfsd.man (+0/-1) utils/osd_login/Makefile.am (+8/-5) utils/osd_login/osd_login (+4/-2) utils/statd/statd.c (+1/-1) |
To merge this branch: | bzr merge lp:~ubuntu-branches/ubuntu/quantal/nfs-utils/quantal-201208150648 |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Ubuntu branches | Pending | ||
Review via email: mp+119678@code.launchpad.net |
Commit message
Description of the change
The package importer has detected a possible inconsistency between the package history in the archive and the history in bzr. As the archive is authoritative the importer has made lp:ubuntu/quantal/nfs-utils reflect what is in the archive and the old bzr branch has been pushed to lp:~ubuntu-branches/ubuntu/quantal/nfs-utils/quantal-201208150648. This merge proposal was created so that an Ubuntu developer can review the situations and perform a merge/upload if necessary. There are three typical cases where this can happen.
1. Where someone pushes a change to bzr and someone else uploads the package without that change. This is the reason that this check is done by the importer. If this appears to be the case then a merge/upload should be done if the changes that were in bzr are still desirable.
2. The importer incorrectly detected the above situation when someone made a change in bzr and then uploaded it.
3. The importer incorrectly detected the above situation when someone just uploaded a package and didn't touch bzr.
If this case doesn't appear to be the first situation then set the status of the merge proposal to "Rejected" and help avoid the problem in future by filing a bug at https:/
(this is an automatically generated message)
Unmerged revisions
- 59. By Luke Yelavich
-
merge branch lp:~logan/ubuntu/quantal/nfs-utils/debian-merge
Preview Diff
1 | === removed directory '.pc/01-sm-notify-in-sbin.patch' |
2 | === removed directory '.pc/01-sm-notify-in-sbin.patch/utils' |
3 | === removed directory '.pc/01-sm-notify-in-sbin.patch/utils/statd' |
4 | === removed file '.pc/01-sm-notify-in-sbin.patch/utils/statd/statd.c' |
5 | --- .pc/01-sm-notify-in-sbin.patch/utils/statd/statd.c 2010-04-06 16:11:22 +0000 |
6 | +++ .pc/01-sm-notify-in-sbin.patch/utils/statd/statd.c 1970-01-01 00:00:00 +0000 |
7 | @@ -1,493 +0,0 @@ |
8 | -/* |
9 | - * Copyright (C) 1995, 1997-1999 Jeffrey A. Uphoff |
10 | - * Modified by Olaf Kirch, Oct. 1996. |
11 | - * Modified by H.J. Lu, 1998. |
12 | - * Modified by L. Hohberger of Mission Critical Linux, 2000. |
13 | - * |
14 | - * NSM for Linux. |
15 | - */ |
16 | - |
17 | -#ifdef HAVE_CONFIG_H |
18 | -#include <config.h> |
19 | -#endif |
20 | - |
21 | -#include <sys/stat.h> |
22 | -#include <limits.h> |
23 | -#include <signal.h> |
24 | -#include <unistd.h> |
25 | -#include <fcntl.h> |
26 | -#include <errno.h> |
27 | -#include <string.h> |
28 | -#include <getopt.h> |
29 | -#include <rpc/rpc.h> |
30 | -#include <rpc/pmap_clnt.h> |
31 | -#include <rpcmisc.h> |
32 | -#include <sys/resource.h> |
33 | -#include <sys/wait.h> |
34 | -#include <grp.h> |
35 | - |
36 | -#include "statd.h" |
37 | -#include "nfslib.h" |
38 | -#include "nsm.h" |
39 | - |
40 | -/* Socket operations */ |
41 | -#include <sys/types.h> |
42 | -#include <sys/socket.h> |
43 | - |
44 | -int run_mode = 0; /* foreground logging mode */ |
45 | - |
46 | -/* LH - I had these local to main, but it seemed silly to have |
47 | - * two copies of each - one in main(), one static in log.c... |
48 | - * It also eliminates the 256-char static in log.c */ |
49 | -static char *name_p = NULL; |
50 | - |
51 | -/* PRC: a high-availability callout program can be specified with -H |
52 | - * When this is done, the program will receive callouts whenever clients |
53 | - * are added or deleted to the notify list */ |
54 | -char *ha_callout_prog = NULL; |
55 | - |
56 | -static struct option longopts[] = |
57 | -{ |
58 | - { "foreground", 0, 0, 'F' }, |
59 | - { "no-syslog", 0, 0, 'd' }, |
60 | - { "help", 0, 0, 'h' }, |
61 | - { "version", 0, 0, 'v' }, |
62 | - { "outgoing-port", 1, 0, 'o' }, |
63 | - { "port", 1, 0, 'p' }, |
64 | - { "name", 1, 0, 'n' }, |
65 | - { "state-directory-path", 1, 0, 'P' }, |
66 | - { "notify-mode", 0, 0, 'N' }, |
67 | - { "ha-callout", 1, 0, 'H' }, |
68 | - { "no-notify", 0, 0, 'L' }, |
69 | - { NULL, 0, 0, 0 } |
70 | -}; |
71 | - |
72 | -extern void sm_prog_1 (struct svc_req *, register SVCXPRT *); |
73 | - |
74 | -#ifdef SIMULATIONS |
75 | -extern void simulator (int, char **); |
76 | -#endif |
77 | - |
78 | - |
79 | -#ifdef HAVE_TCP_WRAPPER |
80 | -#include "tcpwrapper.h" |
81 | - |
82 | -static void |
83 | -sm_prog_1_wrapper (struct svc_req *rqstp, register SVCXPRT *transp) |
84 | -{ |
85 | - /* remote host authorization check */ |
86 | - if (!check_default("statd", nfs_getrpccaller(transp), SM_PROG)) { |
87 | - svcerr_auth (transp, AUTH_FAILED); |
88 | - return; |
89 | - } |
90 | - |
91 | - sm_prog_1 (rqstp, transp); |
92 | -} |
93 | - |
94 | -#define sm_prog_1 sm_prog_1_wrapper |
95 | -#endif |
96 | - |
97 | -static void |
98 | -statd_unregister(void) { |
99 | - nfs_svc_unregister(SM_PROG, SM_VERS); |
100 | -} |
101 | - |
102 | -/* |
103 | - * Signal handler. |
104 | - */ |
105 | -static void |
106 | -killer (int sig) |
107 | -{ |
108 | - statd_unregister (); |
109 | - xlog_err ("Caught signal %d, un-registering and exiting", sig); |
110 | -} |
111 | - |
112 | -static void |
113 | -sigusr (int sig) |
114 | -{ |
115 | - extern void my_svc_exit (void); |
116 | - xlog(D_GENERAL, "Caught signal %d, re-notifying (state %d)", sig, |
117 | - MY_STATE); |
118 | - my_svc_exit(); |
119 | -} |
120 | - |
121 | -/* |
122 | - * Startup information. |
123 | - */ |
124 | -static void log_modes(void) |
125 | -{ |
126 | - char buf[128]; /* watch stack size... */ |
127 | - |
128 | - /* No flags = no message */ |
129 | - if (!run_mode) return; |
130 | - |
131 | - memset(buf,0,128); |
132 | - sprintf(buf,"Flags: "); |
133 | - if (run_mode & MODE_NODAEMON) |
134 | - strcat(buf,"No-Daemon "); |
135 | - if (run_mode & MODE_LOG_STDERR) |
136 | - strcat(buf,"Log-STDERR "); |
137 | -#ifdef HAVE_LIBTIRPC |
138 | - strcat(buf, "TI-RPC "); |
139 | -#endif |
140 | - |
141 | - xlog_warn(buf); |
142 | -} |
143 | - |
144 | -/* |
145 | - * Since we do more than standard statd stuff, we might need to |
146 | - * help the occasional admin. |
147 | - */ |
148 | -static void |
149 | -usage(void) |
150 | -{ |
151 | - fprintf(stderr,"usage: %s [options]\n", name_p); |
152 | - fprintf(stderr," -h, -?, --help Print this help screen.\n"); |
153 | - fprintf(stderr," -F, --foreground Foreground (no-daemon mode)\n"); |
154 | - fprintf(stderr," -d, --no-syslog Verbose logging to stderr. Foreground mode only.\n"); |
155 | - fprintf(stderr," -p, --port Port to listen on\n"); |
156 | - fprintf(stderr," -o, --outgoing-port Port for outgoing connections\n"); |
157 | - fprintf(stderr," -V, -v, --version Display version information and exit.\n"); |
158 | - fprintf(stderr," -n, --name Specify a local hostname.\n"); |
159 | - fprintf(stderr," -P State directory path.\n"); |
160 | - fprintf(stderr," -N Run in notify only mode.\n"); |
161 | - fprintf(stderr," -L, --no-notify Do not perform any notification.\n"); |
162 | - fprintf(stderr," -H Specify a high-availability callout program.\n"); |
163 | -} |
164 | - |
165 | -static const char *pidfile = "/var/run/rpc.statd.pid"; |
166 | - |
167 | -int pidfd = -1; |
168 | -static void create_pidfile(void) |
169 | -{ |
170 | - FILE *fp; |
171 | - |
172 | - unlink(pidfile); |
173 | - fp = fopen(pidfile, "w"); |
174 | - if (!fp) |
175 | - xlog_err("Opening %s failed: %m\n", pidfile); |
176 | - fprintf(fp, "%d\n", getpid()); |
177 | - pidfd = dup(fileno(fp)); |
178 | - if (fclose(fp) < 0) { |
179 | - xlog_warn("Flushing pid file failed: errno %d (%m)\n", |
180 | - errno); |
181 | - } |
182 | -} |
183 | - |
184 | -static void truncate_pidfile(void) |
185 | -{ |
186 | - if (pidfd >= 0) { |
187 | - if (ftruncate(pidfd, 0) < 0) { |
188 | - xlog_warn("truncating pid file failed: errno %d (%m)\n", |
189 | - errno); |
190 | - } |
191 | - } |
192 | -} |
193 | - |
194 | -static void run_sm_notify(int outport) |
195 | -{ |
196 | - char op[20]; |
197 | - char *av[6]; |
198 | - int ac = 0; |
199 | - |
200 | - av[ac++] = "/usr/sbin/sm-notify"; |
201 | - if (run_mode & MODE_NODAEMON) |
202 | - av[ac++] = "-d"; |
203 | - if (outport) { |
204 | - sprintf(op, "-p%d", outport); |
205 | - av[ac++] = op; |
206 | - } |
207 | - if (run_mode & STATIC_HOSTNAME) { |
208 | - av[ac++] = "-v"; |
209 | - av[ac++] = MY_NAME; |
210 | - } |
211 | - av[ac] = NULL; |
212 | - execv(av[0], av); |
213 | - fprintf(stderr, "%s: failed to run %s\n", name_p, av[0]); |
214 | - exit(2); |
215 | - |
216 | -} |
217 | -/* |
218 | - * Entry routine/main loop. |
219 | - */ |
220 | -int main (int argc, char **argv) |
221 | -{ |
222 | - extern char *optarg; |
223 | - int pid; |
224 | - int arg; |
225 | - int port = 0, out_port = 0; |
226 | - struct rlimit rlim; |
227 | - |
228 | - int pipefds[2] = { -1, -1}; |
229 | - char status; |
230 | - |
231 | - /* Default: daemon mode, no other options */ |
232 | - run_mode = 0; |
233 | - xlog_stderr(0); |
234 | - xlog_syslog(1); |
235 | - |
236 | - /* Set the basename */ |
237 | - if ((name_p = strrchr(argv[0],'/')) != NULL) { |
238 | - name_p ++; |
239 | - } else { |
240 | - name_p = argv[0]; |
241 | - } |
242 | - |
243 | - /* Set hostname */ |
244 | - MY_NAME = NULL; |
245 | - |
246 | - /* Process command line switches */ |
247 | - while ((arg = getopt_long(argc, argv, "h?vVFNH:dn:p:o:P:L", longopts, NULL)) != EOF) { |
248 | - switch (arg) { |
249 | - case 'V': /* Version */ |
250 | - case 'v': |
251 | - printf("%s version " VERSION "\n",name_p); |
252 | - exit(0); |
253 | - case 'F': /* Foreground/nodaemon mode */ |
254 | - run_mode |= MODE_NODAEMON; |
255 | - break; |
256 | - case 'N': |
257 | - run_mode |= MODE_NOTIFY_ONLY; |
258 | - break; |
259 | - case 'L': /* Listen only */ |
260 | - run_mode |= MODE_NO_NOTIFY; |
261 | - break; |
262 | - case 'd': /* No daemon only - log to stderr */ |
263 | - run_mode |= MODE_LOG_STDERR; |
264 | - break; |
265 | - case 'o': |
266 | - out_port = atoi(optarg); |
267 | - if (out_port < 1 || out_port > 65535) { |
268 | - fprintf(stderr, "%s: bad port number: %s\n", |
269 | - argv[0], optarg); |
270 | - usage(); |
271 | - exit(1); |
272 | - } |
273 | - break; |
274 | - case 'p': |
275 | - port = atoi(optarg); |
276 | - if (port < 1 || port > 65535) { |
277 | - fprintf(stderr, "%s: bad port number: %s\n", |
278 | - argv[0], optarg); |
279 | - usage(); |
280 | - exit(1); |
281 | - } |
282 | - break; |
283 | - case 'n': /* Specify local hostname */ |
284 | - run_mode |= STATIC_HOSTNAME; |
285 | - MY_NAME = xstrdup(optarg); |
286 | - break; |
287 | - case 'P': |
288 | - if (!nsm_setup_pathnames(argv[0], optarg)) |
289 | - exit(1); |
290 | - break; |
291 | - case 'H': /* PRC: specify the ha-callout program */ |
292 | - if ((ha_callout_prog = xstrdup(optarg)) == NULL) { |
293 | - fprintf(stderr, "%s: xstrdup(%s) failed!\n", |
294 | - argv[0], optarg); |
295 | - exit(1); |
296 | - } |
297 | - break; |
298 | - case '?': /* heeeeeelllllllpppp? heh */ |
299 | - case 'h': |
300 | - usage(); |
301 | - exit (0); |
302 | - default: /* oh dear ... heh */ |
303 | - usage(); |
304 | - exit(-1); |
305 | - } |
306 | - } |
307 | - |
308 | - if (port == out_port && port != 0) { |
309 | - fprintf(stderr, "Listening and outgoing ports cannot be the same!\n"); |
310 | - exit(-1); |
311 | - } |
312 | - |
313 | - if (run_mode & MODE_NOTIFY_ONLY) { |
314 | - fprintf(stderr, "%s: -N deprecated, consider using /usr/sbin/sm-notify directly\n", |
315 | - name_p); |
316 | - run_sm_notify(out_port); |
317 | - } |
318 | - |
319 | - if (!(run_mode & MODE_NODAEMON)) { |
320 | - run_mode &= ~MODE_LOG_STDERR; /* Never log to console in |
321 | - daemon mode. */ |
322 | - } |
323 | - |
324 | - if (getrlimit (RLIMIT_NOFILE, &rlim) != 0) |
325 | - fprintf(stderr, "%s: getrlimit (RLIMIT_NOFILE) failed: %s\n", |
326 | - argv [0], strerror(errno)); |
327 | - else { |
328 | - /* glibc sunrpc code dies if getdtablesize > FD_SETSIZE */ |
329 | - if (rlim.rlim_cur > FD_SETSIZE) { |
330 | - rlim.rlim_cur = FD_SETSIZE; |
331 | - |
332 | - if (setrlimit (RLIMIT_NOFILE, &rlim) != 0) { |
333 | - fprintf(stderr, "%s: setrlimit (RLIMIT_NOFILE) failed: %s\n", |
334 | - argv [0], strerror(errno)); |
335 | - } |
336 | - } |
337 | - } |
338 | - |
339 | -#ifdef SIMULATIONS |
340 | - if (argc > 1) |
341 | - /* LH - I _really_ need to update simulator... */ |
342 | - simulator (--argc, ++argv); /* simulator() does exit() */ |
343 | -#endif |
344 | - |
345 | - if (!(run_mode & MODE_NODAEMON)) { |
346 | - int tempfd; |
347 | - |
348 | - if (pipe(pipefds)<0) { |
349 | - perror("statd: unable to create pipe"); |
350 | - exit(1); |
351 | - } |
352 | - if ((pid = fork ()) < 0) { |
353 | - perror ("statd: Could not fork"); |
354 | - exit (1); |
355 | - } else if (pid != 0) { |
356 | - /* Parent. |
357 | - * Wait for status from child. |
358 | - */ |
359 | - close(pipefds[1]); |
360 | - if (read(pipefds[0], &status, 1) != 1) |
361 | - exit(1); |
362 | - exit (0); |
363 | - } |
364 | - /* Child. */ |
365 | - close(pipefds[0]); |
366 | - setsid (); |
367 | - |
368 | - while (pipefds[1] <= 2) { |
369 | - pipefds[1] = dup(pipefds[1]); |
370 | - if (pipefds[1]<0) { |
371 | - perror("statd: dup"); |
372 | - exit(1); |
373 | - } |
374 | - } |
375 | - tempfd = open("/dev/null", O_RDWR); |
376 | - dup2(tempfd, 0); |
377 | - dup2(tempfd, 1); |
378 | - dup2(tempfd, 2); |
379 | - dup2(pipefds[1], 3); |
380 | - pipefds[1] = 3; |
381 | - closeall(4); |
382 | - } |
383 | - |
384 | - /* Child. */ |
385 | - |
386 | - if (run_mode & MODE_LOG_STDERR) { |
387 | - xlog_syslog(0); |
388 | - xlog_stderr(1); |
389 | - xlog_config(D_ALL, 1); |
390 | - } |
391 | - xlog_open(name_p); |
392 | - xlog(L_NOTICE, "Version " VERSION " starting"); |
393 | - |
394 | - log_modes(); |
395 | - |
396 | - signal (SIGHUP, killer); |
397 | - signal (SIGINT, killer); |
398 | - signal (SIGTERM, killer); |
399 | - /* PRC: trap SIGUSR1 to re-read notify list from disk */ |
400 | - signal(SIGUSR1, sigusr); |
401 | - /* WARNING: the following works on Linux and SysV, but not BSD! */ |
402 | - signal(SIGCHLD, SIG_IGN); |
403 | - /* |
404 | - * Ignore SIGPIPE to avoid statd dying when peers close their |
405 | - * TCP connection while we're trying to reply to them. |
406 | - */ |
407 | - signal(SIGPIPE, SIG_IGN); |
408 | - |
409 | - create_pidfile(); |
410 | - atexit(truncate_pidfile); |
411 | - |
412 | - if (! (run_mode & MODE_NO_NOTIFY)) |
413 | - switch (pid = fork()) { |
414 | - case 0: |
415 | - run_sm_notify(out_port); |
416 | - break; |
417 | - case -1: |
418 | - break; |
419 | - default: |
420 | - waitpid(pid, NULL, 0); |
421 | - } |
422 | - |
423 | - /* Make sure we have a privilege port for calling into the kernel */ |
424 | - if (statd_get_socket() < 0) |
425 | - exit(1); |
426 | - |
427 | - /* If sm-notify didn't take all the state files, load |
428 | - * state information into our notify-list so we can |
429 | - * pass on any SM_NOTIFY that arrives |
430 | - */ |
431 | - load_state(); |
432 | - |
433 | - MY_STATE = nsm_get_state(0); |
434 | - if (MY_STATE == 0) |
435 | - exit(1); |
436 | - xlog(D_GENERAL, "Local NSM state number: %d", MY_STATE); |
437 | - nsm_update_kernel_state(MY_STATE); |
438 | - |
439 | - /* |
440 | - * ORDER |
441 | - * Clear old listeners while still root, to override any |
442 | - * permission checking done by rpcbind. |
443 | - */ |
444 | - statd_unregister(); |
445 | - |
446 | - /* |
447 | - * ORDER |
448 | - */ |
449 | - if (!nsm_drop_privileges(pidfd)) |
450 | - exit(1); |
451 | - |
452 | - /* |
453 | - * ORDER |
454 | - * Create RPC listeners after dropping privileges. This permits |
455 | - * statd to unregister its own listeners when it exits. |
456 | - */ |
457 | - if (nfs_svc_create("statd", SM_PROG, SM_VERS, sm_prog_1, port) == 0) { |
458 | - xlog(L_ERROR, "failed to create RPC listeners, exiting"); |
459 | - exit(1); |
460 | - } |
461 | - atexit(statd_unregister); |
462 | - |
463 | - /* If we got this far, we have successfully started, so notify parent */ |
464 | - if (pipefds[1] > 0) { |
465 | - status = 0; |
466 | - if (write(pipefds[1], &status, 1) != 1) { |
467 | - xlog_warn("writing to parent pipe failed: errno %d (%s)\n", |
468 | - errno, strerror(errno)); |
469 | - } |
470 | - close(pipefds[1]); |
471 | - pipefds[1] = -1; |
472 | - } |
473 | - |
474 | - for (;;) { |
475 | - /* |
476 | - * Handle incoming requests: SM_NOTIFY socket requests, as |
477 | - * well as callbacks from lockd. |
478 | - */ |
479 | - my_svc_run(); /* I rolled my own, Olaf made it better... */ |
480 | - |
481 | - /* Only get here when simulating a crash so we should probably |
482 | - * start sm-notify running again. As we have already dropped |
483 | - * privileges, this might not work, but I don't think |
484 | - * responding to SM_SIMU_CRASH is an important use cases to |
485 | - * get perfect. |
486 | - */ |
487 | - if (! (run_mode & MODE_NO_NOTIFY)) |
488 | - switch (pid = fork()) { |
489 | - case 0: |
490 | - run_sm_notify(out_port); |
491 | - break; |
492 | - case -1: |
493 | - break; |
494 | - default: |
495 | - waitpid(pid, NULL, 0); |
496 | - } |
497 | - |
498 | - } |
499 | - return 0; |
500 | -} |
501 | |
502 | === removed directory '.pc/02-524255-manpages.patch' |
503 | === removed directory '.pc/02-524255-manpages.patch/utils' |
504 | === removed directory '.pc/02-524255-manpages.patch/utils/exportfs' |
505 | === removed file '.pc/02-524255-manpages.patch/utils/exportfs/nfsd.man' |
506 | --- .pc/02-524255-manpages.patch/utils/exportfs/nfsd.man 2012-05-25 20:41:58 +0000 |
507 | +++ .pc/02-524255-manpages.patch/utils/exportfs/nfsd.man 1970-01-01 00:00:00 +0000 |
508 | @@ -1,206 +0,0 @@ |
509 | -.\" |
510 | -.\" nfsd(7) - The nfsd filesystem |
511 | -.\" |
512 | -.\" Copyright (C) 2003 Neil Brown <neilb@cse.unsw.edu.au> |
513 | -.\" Licensed for public use under the terms of the FSF |
514 | -.\" General Public License (GPL) version 2. |
515 | -.TH nfsd 7 "3 July 2003" |
516 | -.SH NAME |
517 | -nfsd \- special filesystem for controlling Linux NFS server |
518 | -.SH SYNPOSIS |
519 | -.B "mount -t nfsd nfsd /proc/fs/nfsd" |
520 | -.SH DESCRIPTION |
521 | -The |
522 | -.B nfsd |
523 | -filesystem is a special filesystem which provides access to the Linux |
524 | -NFS server. The filesystem consists of a single directory which |
525 | -contains a number of files. These files are actually gateways into |
526 | -the NFS server. Writing to them can affect the server. Reading from |
527 | -them can provide information about the server. |
528 | -.P |
529 | -This file system is only available in Linux 2.6 and later series |
530 | -kernels (and in the later parts of the 2.5 development series leading |
531 | -up to 2.6). This man page does not apply to 2.4 and earlier. |
532 | -.P |
533 | -As well as this filesystem, there are a collection of files in the |
534 | -.B procfs |
535 | -filesystem (normally mounted at |
536 | -.BR /proc ) |
537 | -which are used to control the NFS server. |
538 | -This manual page describes all of these files. |
539 | -.P |
540 | -The |
541 | -.I exportfs |
542 | -and |
543 | -.I mountd |
544 | -programs (part of the nfs-utils package) expect to find this |
545 | -filesystem mounted at |
546 | -.B /proc/fs/nfsd |
547 | -or |
548 | -.BR /proc/fs/nfs . |
549 | -If it is not mounted, they will fall-back on 2.4 style functionality. |
550 | -This involves accessing the NFS server via a systemcall. This |
551 | -systemcall is scheduled to be removed after the 2.6 kernel series. |
552 | -.SH DETAILS |
553 | -The three files in the |
554 | -.B nfsd |
555 | -filesystem are: |
556 | -.TP |
557 | -.B exports |
558 | -This file contains a list of filesystems that are currently exported |
559 | -and clients that each filesystem is exported to, together with a list |
560 | -of export options for that client/filesystem pair. This is similar |
561 | -to the |
562 | -.B /proc/fs/nfs/exports |
563 | -file in 2.4. |
564 | -One difference is that a client doesn't necessarily correspond to just |
565 | -one host. It can respond to a large collection of hosts that are |
566 | -being treated identically. |
567 | - |
568 | -Each line of the file contains a path name, a client name, and a |
569 | -number of options in parentheses. Any space, tab, newline or |
570 | -back-slash character in the path name or client name will be replaced |
571 | -by a backslash followed by the octal ASCII code for that character. |
572 | - |
573 | -.TP |
574 | -.B threads |
575 | -This file represents the number of |
576 | -.B nfsd |
577 | -thread currently running. Reading it will show the number of |
578 | -threads. Writing an ASCII decimal number will cause the number of |
579 | -threads to be changed (increased or decreased as necessary) to achieve |
580 | -that number. |
581 | - |
582 | -.TP |
583 | -.B filehandle |
584 | -This is a somewhat unusual file in that what is read from it depends |
585 | -on what was just written to it. It provides a transactional interface |
586 | -where a program can open the file, write a request, and read a |
587 | -response. If two separate programs open, write, and read at the same |
588 | -time, their requests will not be mixed up. |
589 | - |
590 | -The request written to |
591 | -.B filehandle |
592 | -should be a client name, a path name, and a number of bytes. This |
593 | -should be followed by a newline, with white-space separating the |
594 | -fields, and octal quoting of special characters. |
595 | - |
596 | -On writing this, the program will be able to read back a filehandle |
597 | -for that path as exported to the given client. The filehandle's length |
598 | -will be at most the number of bytes given. |
599 | - |
600 | -The filehandle will be represented in hex with a leading '\ex'. |
601 | -.PP |
602 | -The directory |
603 | -.B /proc/net/rpc |
604 | -in the |
605 | -.B procfs |
606 | -filesystem contains a number of files and directories. |
607 | -The files contain statistics that can be display using the |
608 | -.I nfsstat |
609 | -program. |
610 | -The directories contain information about various caches that the NFS |
611 | -server maintains to keep track of access permissions that different |
612 | -clients have for different filesystems. |
613 | -The caches are: |
614 | - |
615 | -.TP |
616 | -.B auth.domain |
617 | -This cache maps the name of a client (or domain) to an internal data |
618 | -structure. The only access that is possible is to flush the cache. |
619 | - |
620 | -.TP |
621 | -.B auth.unix.ip |
622 | -This cache contains a mapping from IP address to the name of the |
623 | -authentication domain that the ipaddress should be treated as part of. |
624 | - |
625 | -.TP |
626 | -.B nfsd.export |
627 | -This cache contains a mapping from directory and domain to export |
628 | -options. |
629 | - |
630 | -.TP |
631 | -.B nfsd.fh |
632 | -This cache contains a mapping from domain and a filesystem identifier |
633 | -to a directory. The filesystem identifier is stored in the |
634 | -filehandles and consists of a number indicating the type of identifier |
635 | -and a number of hex bytes indicating the content of the identifier. |
636 | - |
637 | -.PP |
638 | -Each directory representing a cache can hold from 1 to 3 files. They |
639 | -are: |
640 | -.TP |
641 | -.B flush |
642 | -When a number of seconds since epoch (1 Jan 1970) is written to this |
643 | -file, all entries in the cache that were last updated before that file |
644 | -become invalidated and will be flushed out. Writing 1 will flush |
645 | -everything. This is the only file that will always be present. |
646 | - |
647 | -.TP |
648 | -.B content |
649 | -This file, if present, contains a textual representation of ever entry |
650 | -in the cache, one per line. If an entry is still in the cache |
651 | -(because it is actively being used) but has expired or is otherwise |
652 | -invalid, it will be presented as a comment (with a leading hash |
653 | -character). |
654 | - |
655 | -.TP |
656 | -.B channel |
657 | -This file, if present, acts a channel for request from the kernel-based |
658 | -nfs server to be passed to a user-space program for handling. |
659 | - |
660 | -When the kernel needs some information which isn't in the cache, it |
661 | -makes a line appear in the |
662 | -.B channel |
663 | -file giving the key for the information. A user-space program should |
664 | -read this, find the answer, and write a line containing the key, an |
665 | -expiry time, and the content. |
666 | -For example the kernel might make |
667 | -.ti +5 |
668 | -nfsd 127.0.0.1 |
669 | -.br |
670 | -appear in the |
671 | -.B auth.unix.ip/content |
672 | -file. The user-space program might then write |
673 | -.ti +5 |
674 | -nfsd 127.0.0.1 1057206953 localhost |
675 | -.br |
676 | -to indicate that 127.0.0.1 should map to localhost, at least for now. |
677 | - |
678 | -If the program uses select(2) or poll(2) to discover if it can read |
679 | -from the |
680 | -.B channel |
681 | -then it will never see and end-of-file but when all requests have been |
682 | -answered, it will block until another request appears. |
683 | - |
684 | -.PP |
685 | -In the |
686 | -.B /proc |
687 | -filesystem there are 4 files that can be used to enabled extra tracing |
688 | -of nfsd and related code. They are: |
689 | -.in +5 |
690 | -.B /proc/sys/sunrpc/nfs_debug |
691 | -.br |
692 | -.B /proc/sys/sunrpc/nfsd_debug |
693 | -.br |
694 | -.B /proc/sys/sunrpc/nlm_debug |
695 | -.br |
696 | -.B /proc/sys/sunrpc/rpc_debug |
697 | -.br |
698 | -.in -5 |
699 | -They control tracing for the NFS client, the NFS server, the Network |
700 | -Lock Manager (lockd) and the underlying RPC layer respectively. |
701 | -Decimal numbers can be read from or written to these files. Each |
702 | -number represents a bit-pattern where bits that are set cause certain |
703 | -classes of tracing to be enabled. Consult the kernel header files to |
704 | -find out what number correspond to what tracing. |
705 | - |
706 | -.SH SEE ALSO |
707 | -.BR rpc.nfsd (8), |
708 | -.BR exports (5), |
709 | -.BR nfsstat (8), |
710 | -.BR mountd (8) |
711 | -.BR exportfs (8). |
712 | - |
713 | -.SH AUTHOR |
714 | -NeilBrown |
715 | |
716 | === removed directory '.pc/02-524255-manpages.patch/utils/nfsd' |
717 | === removed file '.pc/02-524255-manpages.patch/utils/nfsd/nfsd.man' |
718 | --- .pc/02-524255-manpages.patch/utils/nfsd/nfsd.man 2012-05-25 20:41:58 +0000 |
719 | +++ .pc/02-524255-manpages.patch/utils/nfsd/nfsd.man 1970-01-01 00:00:00 +0000 |
720 | @@ -1,105 +0,0 @@ |
721 | -.\" |
722 | -.\" nfsd(8) |
723 | -.\" |
724 | -.\" Copyright (C) 1999 Olaf Kirch <okir@monad.swb.de> |
725 | -.TH rpc.nfsd 8 "7 Aug 2006" |
726 | -.SH NAME |
727 | -rpc.nfsd \- NFS server process |
728 | -.SH SYNOPSIS |
729 | -.BI "/usr/sbin/rpc.nfsd [" options "]" " "nproc |
730 | -.SH DESCRIPTION |
731 | -The |
732 | -.B rpc.nfsd |
733 | -program implements the user level part of the NFS service. The |
734 | -main functionality is handled by the |
735 | -.B nfsd |
736 | -kernel module. The user space program merely specifies what sort of sockets |
737 | -the kernel service should listen on, what NFS versions it should support, and |
738 | -how many kernel threads it should use. |
739 | -.P |
740 | -The |
741 | -.B rpc.mountd |
742 | -server provides an ancillary service needed to satisfy mount requests |
743 | -by NFS clients. |
744 | -.SH OPTIONS |
745 | -.TP |
746 | -.B \-d " or " \-\-debug |
747 | -enable logging of debugging messages |
748 | -.TP |
749 | -.B \-H " or " \-\-host hostname |
750 | -specify a particular hostname (or address) that NFS requests will |
751 | -be accepted on. By default, |
752 | -.B rpc.nfsd |
753 | -will accept NFS requests on all known network addresses. |
754 | -Note that |
755 | -.B lockd |
756 | -(which performs file locking services for NFS) may still accept |
757 | -request on all known network addresses. This may change in future |
758 | -releases of the Linux Kernel. |
759 | -.TP |
760 | -.B \-p " or " \-\-port port |
761 | -specify a different port to listen on for NFS requests. By default, |
762 | -.B rpc.nfsd |
763 | -will listen on port 2049. |
764 | -.TP |
765 | -.B \-N " or " \-\-no-nfs-version vers |
766 | -This option can be used to request that |
767 | -.B rpc.nfsd |
768 | -does not offer certain versions of NFS. The current version of |
769 | -.B rpc.nfsd |
770 | -can support both NFS version 2,3 and the newer version 4. |
771 | -.TP |
772 | -.B \-s " or " \-\-syslog |
773 | -By default, |
774 | -.B rpc.nfsd |
775 | -logs error messages (and debug messages, if enabled) to stderr. This option makes |
776 | -.B rpc.nfsd |
777 | -log these messages to syslog instead. Note that errors encountered during |
778 | -option processing will still be logged to stderr regardless of this option. |
779 | -.TP |
780 | -.B \-T " or " \-\-no-tcp |
781 | -Disable |
782 | -.B rpc.nfsd |
783 | -from accepting TCP connections from clients. |
784 | -.TP |
785 | -.B \-U " or " \-\-no-udp |
786 | -Disable |
787 | -.B rpc.nfsd |
788 | -from accepting UDP connections from clients. |
789 | -.TP |
790 | -.I nproc |
791 | -specify the number of NFS server threads. By default, just one |
792 | -thread is started. However, for optimum performance several threads |
793 | -should be used. The actual figure depends on the number of and the work |
794 | -load created by the NFS clients, but a useful starting point is |
795 | -8 threads. Effects of modifying that number can be checked using |
796 | -the |
797 | -.BR nfsstat (8) |
798 | -program. |
799 | -.P |
800 | -Note that if the NFS server is already running, then the options for |
801 | -specifying host, port, and protocol will be ignored. The number of |
802 | -processes given will be the only option considered, and the number of |
803 | -active |
804 | -.B nfsd |
805 | -processes will be increased or decreased to match this number. |
806 | -In particular |
807 | -.B rpc.nfsd 0 |
808 | -will stop all threads and thus close any open connections. |
809 | - |
810 | -.SH NOTES |
811 | -If the program is built with TI-RPC support, it will enable any protocol and |
812 | -address family combinations that are marked visible in the |
813 | -.B netconfig |
814 | -database. |
815 | - |
816 | -.SH SEE ALSO |
817 | -.BR rpc.mountd (8), |
818 | -.BR exports (5), |
819 | -.BR exportfs (8), |
820 | -.BR rpc.rquotad (8), |
821 | -.BR nfsstat (8), |
822 | -.BR netconfig(5). |
823 | -.SH AUTHOR |
824 | -Olaf Kirch, Bill Hawes, H. J. Lu, G. Allan Morris III, |
825 | -and a host of others. |
826 | |
827 | === removed directory '.pc/03-handle-mtab-symlink.patch' |
828 | === removed directory '.pc/03-handle-mtab-symlink.patch/utils' |
829 | === removed directory '.pc/03-handle-mtab-symlink.patch/utils/mount' |
830 | === removed file '.pc/03-handle-mtab-symlink.patch/utils/mount/fstab.c' |
831 | --- .pc/03-handle-mtab-symlink.patch/utils/mount/fstab.c 2011-10-02 18:29:53 +0000 |
832 | +++ .pc/03-handle-mtab-symlink.patch/utils/mount/fstab.c 1970-01-01 00:00:00 +0000 |
833 | @@ -1,649 +0,0 @@ |
834 | -/* 1999-02-22 Arkadiusz Miskiewicz <misiek@pld.ORG.PL> |
835 | - * - added Native Language Support |
836 | - * Sun Mar 21 1999 - Arnaldo Carvalho de Melo <acme@conectiva.com.br> |
837 | - * - fixed strerr(errno) in gettext calls |
838 | - * |
839 | - * 2006-06-08 Amit Gud <agud@redhat.com> |
840 | - * - Moved code to nfs-utils/support/nfs from util-linux/mount. |
841 | - */ |
842 | - |
843 | -#include <errno.h> |
844 | -#include <stdio.h> |
845 | -#include <fcntl.h> |
846 | -#include <unistd.h> |
847 | -#include <string.h> |
848 | -#include <sys/stat.h> |
849 | -#include <mntent.h> |
850 | - |
851 | -#include "fstab.h" |
852 | -#include "xcommon.h" |
853 | -#include "nfs_mntent.h" |
854 | -#include "nfs_paths.h" |
855 | -#include "nls.h" |
856 | - |
857 | -#define LOCK_TIMEOUT 10 |
858 | -#define streq(s, t) (strcmp ((s), (t)) == 0) |
859 | -#define PROC_MOUNTS "/proc/mounts" |
860 | - |
861 | -extern char *progname; |
862 | -extern int verbose; |
863 | - |
864 | -/* Information about mtab. ------------------------------------*/ |
865 | -static int have_mtab_info = 0; |
866 | -static int var_mtab_does_not_exist = 0; |
867 | -static int var_mtab_is_a_symlink = 0; |
868 | - |
869 | -static void |
870 | -get_mtab_info(void) { |
871 | - struct stat mtab_stat; |
872 | - |
873 | - if (!have_mtab_info) { |
874 | - if (lstat(MOUNTED, &mtab_stat)) |
875 | - var_mtab_does_not_exist = 1; |
876 | - else if (S_ISLNK(mtab_stat.st_mode)) |
877 | - var_mtab_is_a_symlink = 1; |
878 | - have_mtab_info = 1; |
879 | - } |
880 | -} |
881 | - |
882 | -void |
883 | -reset_mtab_info(void) { |
884 | - have_mtab_info = 0; |
885 | -} |
886 | - |
887 | -int |
888 | -mtab_does_not_exist(void) { |
889 | - get_mtab_info(); |
890 | - return var_mtab_does_not_exist; |
891 | -} |
892 | - |
893 | -static int |
894 | -mtab_is_a_symlink(void) { |
895 | - get_mtab_info(); |
896 | - return var_mtab_is_a_symlink; |
897 | -} |
898 | - |
899 | -int |
900 | -mtab_is_writable() { |
901 | - int fd; |
902 | - |
903 | - /* Should we write to /etc/mtab upon an update? |
904 | - Probably not if it is a symlink to /proc/mounts, since that |
905 | - would create a file /proc/mounts in case the proc filesystem |
906 | - is not mounted. */ |
907 | - if (mtab_is_a_symlink()) |
908 | - return 0; |
909 | - |
910 | - fd = open(MOUNTED, O_RDWR | O_CREAT, 0644); |
911 | - if (fd >= 0) { |
912 | - close(fd); |
913 | - return 1; |
914 | - } else |
915 | - return 0; |
916 | -} |
917 | - |
918 | -/* Contents of mtab and fstab ---------------------------------*/ |
919 | - |
920 | -struct mntentchn mounttable; |
921 | -static int got_mtab = 0; |
922 | -struct mntentchn procmounts; |
923 | -static int got_procmounts = 0; |
924 | -struct mntentchn fstab; |
925 | -static int got_fstab = 0; |
926 | - |
927 | -static void read_mounttable(void); |
928 | -static void read_procmounts(void); |
929 | -static void read_fstab(void); |
930 | - |
931 | -static struct mntentchn * |
932 | -mtab_head(void) |
933 | -{ |
934 | - if (!got_mtab) |
935 | - read_mounttable(); |
936 | - return &mounttable; |
937 | -} |
938 | - |
939 | -static struct mntentchn * |
940 | -procmounts_head(void) |
941 | -{ |
942 | - if (!got_procmounts) |
943 | - read_procmounts(); |
944 | - return &procmounts; |
945 | -} |
946 | - |
947 | -static struct mntentchn * |
948 | -fstab_head(void) |
949 | -{ |
950 | - if (!got_fstab) |
951 | - read_fstab(); |
952 | - return &fstab; |
953 | -} |
954 | - |
955 | -#if 0 |
956 | -static void |
957 | -my_free(const void *s) { |
958 | - if (s) |
959 | - free((void *) s); |
960 | -} |
961 | - |
962 | -static void |
963 | -discard_mntentchn(struct mntentchn *mc0) { |
964 | - struct mntentchn *mc, *mc1; |
965 | - |
966 | - for (mc = mc0->nxt; mc && mc != mc0; mc = mc1) { |
967 | - mc1 = mc->nxt; |
968 | - my_free(mc->m.mnt_fsname); |
969 | - my_free(mc->m.mnt_dir); |
970 | - my_free(mc->m.mnt_type); |
971 | - my_free(mc->m.mnt_opts); |
972 | - free(mc); |
973 | - } |
974 | -} |
975 | -#endif |
976 | - |
977 | -static void |
978 | -read_mntentchn(mntFILE *mfp, const char *fnam, struct mntentchn *mc0) { |
979 | - struct mntentchn *mc = mc0; |
980 | - struct mntent *mnt; |
981 | - |
982 | - while ((mnt = nfs_getmntent(mfp)) != NULL) { |
983 | - if (!streq(mnt->mnt_type, MNTTYPE_IGNORE)) { |
984 | - mc->nxt = (struct mntentchn *) xmalloc(sizeof(*mc)); |
985 | - mc->nxt->prev = mc; |
986 | - mc = mc->nxt; |
987 | - mc->m = *mnt; |
988 | - mc->nxt = mc0; |
989 | - } |
990 | - } |
991 | - mc0->prev = mc; |
992 | - if (ferror(mfp->mntent_fp)) { |
993 | - int errsv = errno; |
994 | - nfs_error(_("warning: error reading %s: %s"), |
995 | - fnam, strerror (errsv)); |
996 | - mc0->nxt = mc0->prev = NULL; |
997 | - } |
998 | - nfs_endmntent(mfp); |
999 | -} |
1000 | - |
1001 | -/* |
1002 | - * Read /etc/mtab. If that fails, try /proc/mounts. |
1003 | - * This produces a linked list. The list head mounttable is a dummy. |
1004 | - * Return 0 on success. |
1005 | - */ |
1006 | -static void |
1007 | -read_mounttable() { |
1008 | - mntFILE *mfp; |
1009 | - const char *fnam; |
1010 | - struct mntentchn *mc = &mounttable; |
1011 | - |
1012 | - got_mtab = 1; |
1013 | - mc->nxt = mc->prev = NULL; |
1014 | - |
1015 | - fnam = MOUNTED; |
1016 | - mfp = nfs_setmntent (fnam, "r"); |
1017 | - if (mfp == NULL || mfp->mntent_fp == NULL) { |
1018 | - int errsv = errno; |
1019 | - fnam = PROC_MOUNTS; |
1020 | - mfp = nfs_setmntent (fnam, "r"); |
1021 | - if (mfp == NULL || mfp->mntent_fp == NULL) { |
1022 | - nfs_error(_("warning: can't open %s: %s"), |
1023 | - MOUNTED, strerror (errsv)); |
1024 | - return; |
1025 | - } |
1026 | - if (verbose) |
1027 | - printf(_("%s: could not open %s; using %s instead\n"), |
1028 | - progname, MOUNTED, PROC_MOUNTS); |
1029 | - } |
1030 | - read_mntentchn(mfp, fnam, mc); |
1031 | -} |
1032 | - |
1033 | -/* |
1034 | - * Read /proc/mounts. |
1035 | - * This produces a linked list. The list head procmounts is a dummy. |
1036 | - * Return 0 on success. |
1037 | - */ |
1038 | -static void |
1039 | -read_procmounts() { |
1040 | - mntFILE *mfp; |
1041 | - const char *fnam; |
1042 | - struct mntentchn *mc = &procmounts; |
1043 | - |
1044 | - got_procmounts = 1; |
1045 | - mc->nxt = mc->prev = NULL; |
1046 | - |
1047 | - fnam = PROC_MOUNTS; |
1048 | - mfp = nfs_setmntent(fnam, "r"); |
1049 | - if (mfp == NULL || mfp->mntent_fp == NULL) { |
1050 | - nfs_error(_("warning: can't open %s: %s"), |
1051 | - PROC_MOUNTS, strerror (errno)); |
1052 | - return; |
1053 | - } |
1054 | - read_mntentchn(mfp, fnam, mc); |
1055 | -} |
1056 | - |
1057 | -static void |
1058 | -read_fstab() |
1059 | -{ |
1060 | - mntFILE *mfp = NULL; |
1061 | - const char *fnam; |
1062 | - struct mntentchn *mc = &fstab; |
1063 | - |
1064 | - got_fstab = 1; |
1065 | - mc->nxt = mc->prev = NULL; |
1066 | - |
1067 | - fnam = _PATH_FSTAB; |
1068 | - mfp = nfs_setmntent (fnam, "r"); |
1069 | - if (mfp == NULL || mfp->mntent_fp == NULL) { |
1070 | - int errsv = errno; |
1071 | - nfs_error(_("warning: can't open %s: %s"), |
1072 | - _PATH_FSTAB, strerror (errsv)); |
1073 | - return; |
1074 | - } |
1075 | - read_mntentchn(mfp, fnam, mc); |
1076 | -} |
1077 | - |
1078 | -/* |
1079 | - * Given the directory name NAME, and the place MCPREV we found it last time, |
1080 | - * try to find more occurrences. |
1081 | - */ |
1082 | -struct mntentchn * |
1083 | -getmntdirbackward (const char *name, struct mntentchn *mcprev) { |
1084 | - struct mntentchn *mc, *mc0; |
1085 | - |
1086 | - mc0 = mtab_head(); |
1087 | - if (!mcprev) |
1088 | - mcprev = mc0; |
1089 | - for (mc = mcprev->prev; mc && mc != mc0; mc = mc->prev) |
1090 | - if (streq(mc->m.mnt_dir, name)) |
1091 | - return mc; |
1092 | - return NULL; |
1093 | -} |
1094 | - |
1095 | -/* |
1096 | - * Given the directory name NAME, and the place MCPREV we found it last time, |
1097 | - * try to find more occurrences. |
1098 | - */ |
1099 | -struct mntentchn * |
1100 | -getprocmntdirbackward (const char *name, struct mntentchn *mcprev) { |
1101 | - struct mntentchn *mc, *mc0; |
1102 | - |
1103 | - mc0 = procmounts_head(); |
1104 | - if (!mcprev) |
1105 | - mcprev = mc0; |
1106 | - for (mc = mcprev->prev; mc && mc != mc0; mc = mc->prev) |
1107 | - if (streq(mc->m.mnt_dir, name)) |
1108 | - return mc; |
1109 | - return NULL; |
1110 | -} |
1111 | - |
1112 | -/* |
1113 | - * Given the device name NAME, and the place MCPREV we found it last time, |
1114 | - * try to find more occurrences. |
1115 | - */ |
1116 | -struct mntentchn * |
1117 | -getmntdevbackward (const char *name, struct mntentchn *mcprev) { |
1118 | - struct mntentchn *mc, *mc0; |
1119 | - |
1120 | - mc0 = mtab_head(); |
1121 | - if (!mcprev) |
1122 | - mcprev = mc0; |
1123 | - for (mc = mcprev->prev; mc && mc != mc0; mc = mc->prev) |
1124 | - if (streq(mc->m.mnt_fsname, name)) |
1125 | - return mc; |
1126 | - return NULL; |
1127 | -} |
1128 | - |
1129 | -/* Find the dir FILE in fstab. */ |
1130 | -struct mntentchn * |
1131 | -getfsfile (const char *file) |
1132 | -{ |
1133 | - struct mntentchn *mc, *mc0; |
1134 | - |
1135 | - mc0 = fstab_head(); |
1136 | - for (mc = mc0->nxt; mc && mc != mc0; mc = mc->nxt) |
1137 | - if (streq(mc->m.mnt_dir, file)) |
1138 | - return mc; |
1139 | - return NULL; |
1140 | -} |
1141 | - |
1142 | -/* Find the device SPEC in fstab. */ |
1143 | -struct mntentchn * |
1144 | -getfsspec (const char *spec) |
1145 | -{ |
1146 | - struct mntentchn *mc, *mc0; |
1147 | - |
1148 | - mc0 = fstab_head(); |
1149 | - for (mc = mc0->nxt; mc && mc != mc0; mc = mc->nxt) |
1150 | - if (streq(mc->m.mnt_fsname, spec)) |
1151 | - return mc; |
1152 | - return NULL; |
1153 | -} |
1154 | - |
1155 | -/* Updating mtab ----------------------------------------------*/ |
1156 | - |
1157 | -/* Flag for already existing lock file. */ |
1158 | -static int we_created_lockfile = 0; |
1159 | -static int lockfile_fd = -1; |
1160 | - |
1161 | -/* Flag to indicate that signals have been set up. */ |
1162 | -static int signals_have_been_setup = 0; |
1163 | - |
1164 | -/* Ensure that the lock is released if we are interrupted. */ |
1165 | -extern char *strsignal(int sig); /* not always in <string.h> */ |
1166 | - |
1167 | -static void |
1168 | -handler (int sig) { |
1169 | - die(EX_USER, "%s", strsignal(sig)); |
1170 | -} |
1171 | - |
1172 | -static void |
1173 | -setlkw_timeout (__attribute__((unused)) int sig) { |
1174 | - /* nothing, fcntl will fail anyway */ |
1175 | -} |
1176 | - |
1177 | -/* Remove lock file. */ |
1178 | -void |
1179 | -unlock_mtab (void) { |
1180 | - if (we_created_lockfile) { |
1181 | - close(lockfile_fd); |
1182 | - lockfile_fd = -1; |
1183 | - unlink (MOUNTED_LOCK); |
1184 | - we_created_lockfile = 0; |
1185 | - } |
1186 | -} |
1187 | - |
1188 | -/* Create the lock file. |
1189 | - The lock file will be removed if we catch a signal or when we exit. */ |
1190 | -/* The old code here used flock on a lock file /etc/mtab~ and deleted |
1191 | - this lock file afterwards. However, as rgooch remarks, that has a |
1192 | - race: a second mount may be waiting on the lock and proceed as |
1193 | - soon as the lock file is deleted by the first mount, and immediately |
1194 | - afterwards a third mount comes, creates a new /etc/mtab~, applies |
1195 | - flock to that, and also proceeds, so that the second and third mount |
1196 | - now both are scribbling in /etc/mtab. |
1197 | - The new code uses a link() instead of a creat(), where we proceed |
1198 | - only if it was us that created the lock, and hence we always have |
1199 | - to delete the lock afterwards. Now the use of flock() is in principle |
1200 | - superfluous, but avoids an arbitrary sleep(). */ |
1201 | - |
1202 | -/* Where does the link point to? Obvious choices are mtab and mtab~~. |
1203 | - HJLu points out that the latter leads to races. Right now we use |
1204 | - mtab~.<pid> instead. Use 20 as upper bound for the length of %d. */ |
1205 | -#define MOUNTLOCK_LINKTARGET MOUNTED_LOCK "%d" |
1206 | -#define MOUNTLOCK_LINKTARGET_LTH (sizeof(MOUNTED_LOCK)+20) |
1207 | - |
1208 | -void |
1209 | -lock_mtab (void) { |
1210 | - int tries = 100000, i; |
1211 | - char linktargetfile[MOUNTLOCK_LINKTARGET_LTH]; |
1212 | - |
1213 | - at_die = unlock_mtab; |
1214 | - |
1215 | - if (!signals_have_been_setup) { |
1216 | - int sig = 0; |
1217 | - struct sigaction sa; |
1218 | - |
1219 | - sa.sa_flags = 0; |
1220 | - sigfillset (&sa.sa_mask); |
1221 | - |
1222 | - while (sigismember (&sa.sa_mask, ++sig) != -1) { |
1223 | - switch(sig) { |
1224 | - case SIGCHLD: |
1225 | - case SIGKILL: |
1226 | - case SIGCONT: |
1227 | - case SIGSTOP: |
1228 | - /* The cannot be caught, or should not, |
1229 | - * so don't even try. |
1230 | - */ |
1231 | - continue; |
1232 | - case SIGALRM: |
1233 | - sa.sa_handler = setlkw_timeout; |
1234 | - break; |
1235 | - case SIGHUP: |
1236 | - case SIGINT: |
1237 | - case SIGQUIT: |
1238 | - case SIGWINCH: |
1239 | - case SIGTSTP: |
1240 | - case SIGTTIN: |
1241 | - case SIGTTOU: |
1242 | - case SIGPIPE: |
1243 | - case SIGXFSZ: |
1244 | - case SIGXCPU: |
1245 | - /* non-priv user can cause these to be |
1246 | - * generated, so ignore them. |
1247 | - */ |
1248 | - sa.sa_handler = SIG_IGN; |
1249 | - break; |
1250 | - default: |
1251 | - /* The rest should not be possible, so just |
1252 | - * print a message and unlock mtab. |
1253 | - */ |
1254 | - sa.sa_handler = handler; |
1255 | - } |
1256 | - sigaction (sig, &sa, (struct sigaction *) 0); |
1257 | - } |
1258 | - signals_have_been_setup = 1; |
1259 | - } |
1260 | - |
1261 | - sprintf(linktargetfile, MOUNTLOCK_LINKTARGET, getpid ()); |
1262 | - |
1263 | - i = open (linktargetfile, O_WRONLY|O_CREAT, 0); |
1264 | - if (i < 0) { |
1265 | - int errsv = errno; |
1266 | - /* linktargetfile does not exist (as a file) |
1267 | - and we cannot create it. Read-only filesystem? |
1268 | - Too many files open in the system? |
1269 | - Filesystem full? */ |
1270 | - die (EX_FILEIO, _("can't create lock file %s: %s " |
1271 | - "(use -n flag to override)"), |
1272 | - linktargetfile, strerror (errsv)); |
1273 | - } |
1274 | - close(i); |
1275 | - |
1276 | - /* Repeat until it was us who made the link */ |
1277 | - while (!we_created_lockfile) { |
1278 | - struct flock flock; |
1279 | - int j; |
1280 | - |
1281 | - j = link(linktargetfile, MOUNTED_LOCK); |
1282 | - |
1283 | - { |
1284 | - int errsv = errno; |
1285 | - |
1286 | - if (j == 0) |
1287 | - we_created_lockfile = 1; |
1288 | - |
1289 | - if (j < 0 && errsv != EEXIST) { |
1290 | - (void) unlink(linktargetfile); |
1291 | - die (EX_FILEIO, _("can't link lock file %s: %s " |
1292 | - "(use -n flag to override)"), |
1293 | - MOUNTED_LOCK, strerror (errsv)); |
1294 | - } |
1295 | - } |
1296 | - |
1297 | - lockfile_fd = open (MOUNTED_LOCK, O_WRONLY); |
1298 | - |
1299 | - if (lockfile_fd < 0) { |
1300 | - int errsv = errno; |
1301 | - /* Strange... Maybe the file was just deleted? */ |
1302 | - if (errno == ENOENT && tries-- > 0) { |
1303 | - if (tries % 200 == 0) |
1304 | - usleep(30); |
1305 | - continue; |
1306 | - } |
1307 | - (void) unlink(linktargetfile); |
1308 | - die (EX_FILEIO, _("can't open lock file %s: %s " |
1309 | - "(use -n flag to override)"), |
1310 | - MOUNTED_LOCK, strerror (errsv)); |
1311 | - } |
1312 | - |
1313 | - flock.l_type = F_WRLCK; |
1314 | - flock.l_whence = SEEK_SET; |
1315 | - flock.l_start = 0; |
1316 | - flock.l_len = 0; |
1317 | - |
1318 | - if (j == 0) { |
1319 | - /* We made the link. Now claim the lock. */ |
1320 | - if (fcntl (lockfile_fd, F_SETLK, &flock) == -1) { |
1321 | - if (verbose) { |
1322 | - int errsv = errno; |
1323 | - nfs_error(_("%s: Can't lock lock file " |
1324 | - "%s: %s"), progname, |
1325 | - MOUNTED_LOCK, |
1326 | - strerror (errsv)); |
1327 | - } |
1328 | - /* proceed anyway */ |
1329 | - } |
1330 | - (void) unlink(linktargetfile); |
1331 | - } else { |
1332 | - static int retries = 0; |
1333 | - |
1334 | - /* Someone else made the link. Wait. */ |
1335 | - alarm(LOCK_TIMEOUT); |
1336 | - if (fcntl (lockfile_fd, F_SETLKW, &flock) == -1) { |
1337 | - int errsv = errno; |
1338 | - (void) unlink(linktargetfile); |
1339 | - die (EX_FILEIO, _("can't lock lock file %s: %s"), |
1340 | - MOUNTED_LOCK, (errno == EINTR) ? |
1341 | - _("timed out") : strerror (errsv)); |
1342 | - } |
1343 | - alarm(0); |
1344 | - /* Limit the number of iterations - maybe there |
1345 | - still is some old /etc/mtab~ */ |
1346 | - ++retries; |
1347 | - if (retries % 200 == 0) |
1348 | - usleep(30); |
1349 | - if (retries > 100000) { |
1350 | - (void) unlink(linktargetfile); |
1351 | - close(lockfile_fd); |
1352 | - die (EX_FILEIO, _("Cannot create link %s\n" |
1353 | - "Perhaps there is a stale lock file?\n"), |
1354 | - MOUNTED_LOCK); |
1355 | - } |
1356 | - close(lockfile_fd); |
1357 | - } |
1358 | - } |
1359 | -} |
1360 | - |
1361 | -/* |
1362 | - * Update the mtab. |
1363 | - * Used by umount with null INSTEAD: remove the last DIR entry. |
1364 | - * Used by mount upon a remount: update option part, |
1365 | - * and complain if a wrong device or type was given. |
1366 | - * [Note that often a remount will be a rw remount of / |
1367 | - * where there was no entry before, and we'll have to believe |
1368 | - * the values given in INSTEAD.] |
1369 | - */ |
1370 | - |
1371 | -void |
1372 | -update_mtab (const char *dir, struct mntent *instead) |
1373 | -{ |
1374 | - mntFILE *mfp, *mftmp; |
1375 | - const char *fnam = MOUNTED; |
1376 | - struct mntentchn mtabhead; /* dummy */ |
1377 | - struct mntentchn *mc, *mc0, *absent = NULL; |
1378 | - |
1379 | - if (mtab_does_not_exist() || !mtab_is_writable()) |
1380 | - return; |
1381 | - |
1382 | - lock_mtab(); |
1383 | - |
1384 | - /* having locked mtab, read it again */ |
1385 | - mc0 = mc = &mtabhead; |
1386 | - mc->nxt = mc->prev = NULL; |
1387 | - |
1388 | - mfp = nfs_setmntent(fnam, "r"); |
1389 | - if (mfp == NULL || mfp->mntent_fp == NULL) { |
1390 | - int errsv = errno; |
1391 | - nfs_error (_("cannot open %s (%s) - mtab not updated"), |
1392 | - fnam, strerror (errsv)); |
1393 | - goto leave; |
1394 | - } |
1395 | - |
1396 | - read_mntentchn(mfp, fnam, mc); |
1397 | - |
1398 | - /* find last occurrence of dir */ |
1399 | - for (mc = mc0->prev; mc && mc != mc0; mc = mc->prev) |
1400 | - if (streq(mc->m.mnt_dir, dir)) |
1401 | - break; |
1402 | - if (mc && mc != mc0) { |
1403 | - if (instead == NULL) { |
1404 | - /* An umount - remove entry */ |
1405 | - if (mc && mc != mc0) { |
1406 | - mc->prev->nxt = mc->nxt; |
1407 | - mc->nxt->prev = mc->prev; |
1408 | - free(mc); |
1409 | - } |
1410 | - } else { |
1411 | - /* A remount */ |
1412 | - mc->m.mnt_opts = instead->mnt_opts; |
1413 | - } |
1414 | - } else if (instead) { |
1415 | - /* not found, add a new entry */ |
1416 | - absent = xmalloc(sizeof(*absent)); |
1417 | - absent->m = *instead; |
1418 | - absent->nxt = mc0; |
1419 | - absent->prev = mc0->prev; |
1420 | - mc0->prev = absent; |
1421 | - if (mc0->nxt == NULL) |
1422 | - mc0->nxt = absent; |
1423 | - } |
1424 | - |
1425 | - /* write chain to mtemp */ |
1426 | - mftmp = nfs_setmntent (MOUNTED_TEMP, "w"); |
1427 | - if (mftmp == NULL || mftmp->mntent_fp == NULL) { |
1428 | - int errsv = errno; |
1429 | - nfs_error (_("cannot open %s (%s) - mtab not updated"), |
1430 | - MOUNTED_TEMP, strerror (errsv)); |
1431 | - goto leave; |
1432 | - } |
1433 | - |
1434 | - for (mc = mc0->nxt; mc && mc != mc0; mc = mc->nxt) { |
1435 | - if (nfs_addmntent(mftmp, &(mc->m)) == 1) { |
1436 | - int errsv = errno; |
1437 | - die (EX_FILEIO, _("error writing %s: %s"), |
1438 | - MOUNTED_TEMP, strerror (errsv)); |
1439 | - } |
1440 | - } |
1441 | - |
1442 | -#if 0 |
1443 | - /* the chain might have strings copied from 'instead', |
1444 | - * so we cannot safely free it. |
1445 | - * And there is no need anyway because we are going to exit |
1446 | - * shortly. So just don't call discard_mntentchn.... |
1447 | - */ |
1448 | - discard_mntentchn(mc0); |
1449 | -#endif |
1450 | - if (fchmod (fileno (mftmp->mntent_fp), |
1451 | - S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH) < 0) { |
1452 | - int errsv = errno; |
1453 | - nfs_error(_("%s: error changing mode of %s: %s"), |
1454 | - progname, MOUNTED_TEMP, strerror (errsv)); |
1455 | - } |
1456 | - nfs_endmntent (mftmp); |
1457 | - |
1458 | - { /* |
1459 | - * If mount is setuid and some non-root user mounts sth, |
1460 | - * then mtab.tmp might get the group of this user. Copy uid/gid |
1461 | - * from the present mtab before renaming. |
1462 | - */ |
1463 | - struct stat sbuf; |
1464 | - if (stat (MOUNTED, &sbuf) == 0) { |
1465 | - if (chown (MOUNTED_TEMP, sbuf.st_uid, sbuf.st_gid) < 0) { |
1466 | - nfs_error(_("%s: error changing owner of %s: %s"), |
1467 | - progname, MOUNTED_TEMP, strerror (errno)); |
1468 | - } |
1469 | - } |
1470 | - } |
1471 | - |
1472 | - /* rename mtemp to mtab */ |
1473 | - if (rename (MOUNTED_TEMP, MOUNTED) < 0) { |
1474 | - int errsv = errno; |
1475 | - nfs_error(_("%s: can't rename %s to %s: %s\n"), |
1476 | - progname, MOUNTED_TEMP, MOUNTED, |
1477 | - strerror(errsv)); |
1478 | - } |
1479 | - |
1480 | - leave: |
1481 | - unlock_mtab(); |
1482 | -} |
1483 | |
1484 | === removed file '.pc/03-handle-mtab-symlink.patch/utils/mount/fstab.h' |
1485 | --- .pc/03-handle-mtab-symlink.patch/utils/mount/fstab.h 2011-10-02 18:29:53 +0000 |
1486 | +++ .pc/03-handle-mtab-symlink.patch/utils/mount/fstab.h 1970-01-01 00:00:00 +0000 |
1487 | @@ -1,31 +0,0 @@ |
1488 | -#ifndef _NFS_UTILS_MOUNT_FSTAB_H |
1489 | -#define _NFS_UTILS_MOUNT_FSTAB_H |
1490 | - |
1491 | -#include "nfs_mntent.h" |
1492 | - |
1493 | -#ifndef _PATH_FSTAB |
1494 | -#define _PATH_FSTAB "/etc/fstab" |
1495 | -#endif |
1496 | - |
1497 | -int mtab_is_writable(void); |
1498 | -int mtab_does_not_exist(void); |
1499 | -void reset_mtab_info(void); |
1500 | - |
1501 | -struct mntentchn { |
1502 | - struct mntentchn *nxt, *prev; |
1503 | - struct mntent m; |
1504 | -}; |
1505 | - |
1506 | -struct mntentchn *getmntoptfile (const char *file); |
1507 | -struct mntentchn *getmntdirbackward (const char *dir, struct mntentchn *mc); |
1508 | -struct mntentchn *getprocmntdirbackward (const char *name, struct mntentchn *mc); |
1509 | -struct mntentchn *getmntdevbackward (const char *dev, struct mntentchn *mc); |
1510 | - |
1511 | -struct mntentchn *getfsfile (const char *file); |
1512 | -struct mntentchn *getfsspec (const char *spec); |
1513 | - |
1514 | -void lock_mtab (void); |
1515 | -void unlock_mtab (void); |
1516 | -void update_mtab (const char *special, struct mntent *with); |
1517 | - |
1518 | -#endif /* _NFS_UTILS_MOUNT_FSTAB_H */ |
1519 | |
1520 | === removed file '.pc/03-handle-mtab-symlink.patch/utils/mount/mount.c' |
1521 | --- .pc/03-handle-mtab-symlink.patch/utils/mount/mount.c 2011-07-09 16:28:32 +0000 |
1522 | +++ .pc/03-handle-mtab-symlink.patch/utils/mount/mount.c 1970-01-01 00:00:00 +0000 |
1523 | @@ -1,550 +0,0 @@ |
1524 | -/* |
1525 | - * mount.c -- Linux NFS mount |
1526 | - * |
1527 | - * Copyright (C) 2006 Amit Gud <agud@redhat.com> |
1528 | - * |
1529 | - * - Basic code and wrapper around mount and umount code of NFS. |
1530 | - * Based on util-linux/mount/mount.c. |
1531 | - * |
1532 | - * This program is free software; you can redistribute it and/or modify |
1533 | - * it under the terms of the GNU General Public License as published by |
1534 | - * the Free Software Foundation; either version 2, or (at your option) |
1535 | - * any later version. |
1536 | - * |
1537 | - * This program is distributed in the hope that it will be useful, |
1538 | - * but WITHOUT ANY WARRANTY; without even the implied warranty of |
1539 | - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
1540 | - * GNU General Public License for more details. |
1541 | - * |
1542 | - */ |
1543 | - |
1544 | -#ifdef HAVE_CONFIG_H |
1545 | -#include <config.h> |
1546 | -#endif |
1547 | - |
1548 | -#include <unistd.h> |
1549 | -#include <sys/types.h> |
1550 | -#include <sys/stat.h> |
1551 | -#include <stdio.h> |
1552 | -#include <string.h> |
1553 | -#include <errno.h> |
1554 | -#include <fcntl.h> |
1555 | -#include <sys/mount.h> |
1556 | -#include <getopt.h> |
1557 | -#include <mntent.h> |
1558 | -#include <pwd.h> |
1559 | - |
1560 | -#include "fstab.h" |
1561 | -#include "xcommon.h" |
1562 | -#include "nls.h" |
1563 | -#include "mount_constants.h" |
1564 | -#include "mount_config.h" |
1565 | -#include "nfs_paths.h" |
1566 | -#include "nfs_mntent.h" |
1567 | - |
1568 | -#include "nfs_mount.h" |
1569 | -#include "nfs4_mount.h" |
1570 | -#include "mount.h" |
1571 | -#include "error.h" |
1572 | -#include "stropts.h" |
1573 | -#include "utils.h" |
1574 | - |
1575 | -char *progname; |
1576 | -int nfs_mount_data_version; |
1577 | -int nomtab; |
1578 | -int verbose; |
1579 | -int sloppy; |
1580 | -int string; |
1581 | - |
1582 | -#define FOREGROUND (0) |
1583 | -#define BACKGROUND (1) |
1584 | - |
1585 | -static struct option longopts[] = { |
1586 | - { "fake", 0, 0, 'f' }, |
1587 | - { "help", 0, 0, 'h' }, |
1588 | - { "no-mtab", 0, 0, 'n' }, |
1589 | - { "read-only", 0, 0, 'r' }, |
1590 | - { "ro", 0, 0, 'r' }, |
1591 | - { "verbose", 0, 0, 'v' }, |
1592 | - { "version", 0, 0, 'V' }, |
1593 | - { "read-write", 0, 0, 'w' }, |
1594 | - { "rw", 0, 0, 'w' }, |
1595 | - { "options", 1, 0, 'o' }, |
1596 | - { NULL, 0, 0, 0 } |
1597 | -}; |
1598 | - |
1599 | -/* |
1600 | - * Map from -o and fstab option strings to the flag argument to mount(2). |
1601 | - */ |
1602 | -struct opt_map { |
1603 | - const char *opt; /* option name */ |
1604 | - int skip; /* skip in mtab option string */ |
1605 | - int inv; /* true if flag value should be inverted */ |
1606 | - int mask; /* flag mask value */ |
1607 | -}; |
1608 | - |
1609 | -static const struct opt_map opt_map[] = { |
1610 | - { "defaults", 0, 0, 0 }, /* default options */ |
1611 | - { "ro", 1, 0, MS_RDONLY }, /* read-only */ |
1612 | - { "rw", 1, 1, MS_RDONLY }, /* read-write */ |
1613 | - { "exec", 0, 1, MS_NOEXEC }, /* permit execution of binaries */ |
1614 | - { "noexec", 0, 0, MS_NOEXEC }, /* don't execute binaries */ |
1615 | - { "suid", 0, 1, MS_NOSUID }, /* honor suid executables */ |
1616 | - { "nosuid", 0, 0, MS_NOSUID }, /* don't honor suid executables */ |
1617 | - { "dev", 0, 1, MS_NODEV }, /* interpret device files */ |
1618 | - { "nodev", 0, 0, MS_NODEV }, /* don't interpret devices */ |
1619 | - { "sync", 0, 0, MS_SYNCHRONOUS}, /* synchronous I/O */ |
1620 | - { "async", 0, 1, MS_SYNCHRONOUS}, /* asynchronous I/O */ |
1621 | - { "dirsync", 0, 0, MS_DIRSYNC}, /* synchronous directory modifications */ |
1622 | - { "remount", 0, 0, MS_REMOUNT}, /* Alter flags of mounted FS */ |
1623 | - { "bind", 0, 0, MS_BIND }, /* Remount part of tree elsewhere */ |
1624 | - { "rbind", 0, 0, MS_BIND|MS_REC }, /* Idem, plus mounted subtrees */ |
1625 | - { "auto", 0, 0, MS_DUMMY }, /* Can be mounted using -a */ |
1626 | - { "noauto", 0, 0, MS_DUMMY }, /* Can only be mounted explicitly */ |
1627 | - { "users", 1, 0, MS_USERS }, /* Allow ordinary user to mount */ |
1628 | - { "nousers", 0, 1, MS_DUMMY }, /* Forbid ordinary user to mount */ |
1629 | - { "user", 1, 0, MS_USER }, /* Allow ordinary user to mount */ |
1630 | - { "nouser", 0, 1, MS_DUMMY }, /* Forbid ordinary user to mount */ |
1631 | - { "owner", 0, 0, MS_DUMMY }, /* Let the owner of the device mount */ |
1632 | - { "noowner", 0, 0, MS_DUMMY }, /* Device owner has no special privs */ |
1633 | - { "group", 0, 0, MS_DUMMY }, /* Let the group of the device mount */ |
1634 | - { "nogroup", 0, 0, MS_DUMMY }, /* Device group has no special privs */ |
1635 | - { "_netdev", 0, 0, MS_DUMMY}, /* Device requires network */ |
1636 | - { "comment", 0, 0, MS_DUMMY}, /* fstab comment only (kudzu,_netdev)*/ |
1637 | - |
1638 | - /* add new options here */ |
1639 | -#ifdef MS_NOSUB |
1640 | - { "sub", 0, 1, MS_NOSUB }, /* allow submounts */ |
1641 | - { "nosub", 0, 0, MS_NOSUB }, /* don't allow submounts */ |
1642 | -#endif |
1643 | -#ifdef MS_SILENT |
1644 | - { "quiet", 0, 0, MS_SILENT }, /* be quiet */ |
1645 | - { "loud", 0, 1, MS_SILENT }, /* print out messages. */ |
1646 | -#endif |
1647 | -#ifdef MS_MANDLOCK |
1648 | - { "mand", 0, 0, MS_MANDLOCK }, /* Allow mandatory locks on this FS */ |
1649 | - { "nomand", 0, 1, MS_MANDLOCK }, /* Forbid mandatory locks on this FS */ |
1650 | -#endif |
1651 | - { "loop", 1, 0, MS_DUMMY }, /* use a loop device */ |
1652 | -#ifdef MS_NOATIME |
1653 | - { "atime", 0, 1, MS_NOATIME }, /* Update access time */ |
1654 | - { "noatime", 0, 0, MS_NOATIME }, /* Do not update access time */ |
1655 | -#endif |
1656 | -#ifdef MS_NODIRATIME |
1657 | - { "diratime", 0, 1, MS_NODIRATIME }, /* Update dir access times */ |
1658 | - { "nodiratime", 0, 0, MS_NODIRATIME },/* Do not update dir access times */ |
1659 | -#endif |
1660 | -#ifdef MS_RELATIME |
1661 | - { "relatime", 0, 0, MS_RELATIME }, /* Update access times relative to |
1662 | - mtime/ctime */ |
1663 | - { "norelatime", 0, 1, MS_RELATIME }, /* Update access time without regard |
1664 | - to mtime/ctime */ |
1665 | -#endif |
1666 | - { "noquota", 0, 0, MS_DUMMY }, /* Don't enforce quota */ |
1667 | - { "quota", 0, 0, MS_DUMMY }, /* Enforce user quota */ |
1668 | - { "usrquota", 0, 0, MS_DUMMY }, /* Enforce user quota */ |
1669 | - { "grpquota", 0, 0, MS_DUMMY }, /* Enforce group quota */ |
1670 | - { NULL, 0, 0, 0 } |
1671 | -}; |
1672 | - |
1673 | -static void parse_opts(const char *options, int *flags, char **extra_opts); |
1674 | - |
1675 | -/* |
1676 | - * Build a canonical mount option string for /etc/mtab. |
1677 | - */ |
1678 | -static char *fix_opts_string(int flags, const char *extra_opts) |
1679 | -{ |
1680 | - const struct opt_map *om; |
1681 | - char *new_opts; |
1682 | - |
1683 | - new_opts = xstrdup((flags & MS_RDONLY) ? "ro" : "rw"); |
1684 | - if (flags & MS_USER) { |
1685 | - /* record who mounted this so they can unmount */ |
1686 | - struct passwd *pw = getpwuid(getuid()); |
1687 | - if(pw) |
1688 | - new_opts = xstrconcat3(new_opts, ",user=", pw->pw_name); |
1689 | - } |
1690 | - if (flags & MS_USERS) |
1691 | - new_opts = xstrconcat3(new_opts, ",users", ""); |
1692 | - |
1693 | - for (om = opt_map; om->opt != NULL; om++) { |
1694 | - if (om->skip) |
1695 | - continue; |
1696 | - if (om->inv || !om->mask || (flags & om->mask) != om->mask) |
1697 | - continue; |
1698 | - new_opts = xstrconcat3(new_opts, ",", om->opt); |
1699 | - flags &= ~om->mask; |
1700 | - } |
1701 | - if (extra_opts && *extra_opts) { |
1702 | - new_opts = xstrconcat3(new_opts, ",", extra_opts); |
1703 | - } |
1704 | - return new_opts; |
1705 | -} |
1706 | - |
1707 | -static void |
1708 | -init_mntent(struct mntent *mnt, char *fsname, char *dir, char *type, |
1709 | - int flags, char *opts) |
1710 | -{ |
1711 | - mnt->mnt_fsname = fsname; |
1712 | - mnt->mnt_dir = dir; |
1713 | - mnt->mnt_type = type; |
1714 | - mnt->mnt_opts = fix_opts_string(flags & ~MS_NOMTAB, opts); |
1715 | - |
1716 | - /* these are always zero for NFS */ |
1717 | - mnt->mnt_freq = 0; |
1718 | - mnt->mnt_passno = 0; |
1719 | -} |
1720 | - |
1721 | -/* Create mtab with a root entry. */ |
1722 | -static void |
1723 | -create_mtab (void) { |
1724 | - struct mntentchn *fstab; |
1725 | - struct mntent mnt; |
1726 | - int flags; |
1727 | - mntFILE *mfp; |
1728 | - |
1729 | - lock_mtab(); |
1730 | - |
1731 | - mfp = nfs_setmntent (MOUNTED, "a+"); |
1732 | - if (mfp == NULL || mfp->mntent_fp == NULL) { |
1733 | - int errsv = errno; |
1734 | - die (EX_FILEIO, _("mount: can't open %s for writing: %s"), |
1735 | - MOUNTED, strerror (errsv)); |
1736 | - } |
1737 | - |
1738 | - /* Find the root entry by looking it up in fstab */ |
1739 | - if ((fstab = getfsfile ("/")) || (fstab = getfsfile ("root"))) { |
1740 | - char *extra_opts; |
1741 | - parse_opts (fstab->m.mnt_opts, &flags, &extra_opts); |
1742 | - init_mntent(&mnt, xstrdup(fstab->m.mnt_fsname), "/", |
1743 | - fstab->m.mnt_type, flags, extra_opts); |
1744 | - free(extra_opts); |
1745 | - |
1746 | - if (nfs_addmntent (mfp, &mnt) == 1) { |
1747 | - int errsv = errno; |
1748 | - die (EX_FILEIO, _("mount: error writing %s: %s"), |
1749 | - _PATH_MOUNTED, strerror (errsv)); |
1750 | - } |
1751 | - } |
1752 | - if (fchmod (fileno (mfp->mntent_fp), 0644) < 0) |
1753 | - if (errno != EROFS) { |
1754 | - int errsv = errno; |
1755 | - die (EX_FILEIO, |
1756 | - _("mount: error changing mode of %s: %s"), |
1757 | - _PATH_MOUNTED, strerror (errsv)); |
1758 | - } |
1759 | - nfs_endmntent (mfp); |
1760 | - |
1761 | - unlock_mtab(); |
1762 | - |
1763 | - reset_mtab_info(); |
1764 | -} |
1765 | - |
1766 | -static int add_mtab(char *spec, char *mount_point, char *fstype, |
1767 | - int flags, char *opts) |
1768 | -{ |
1769 | - struct mntent ment; |
1770 | - int result = EX_SUCCESS; |
1771 | - |
1772 | - init_mntent(&ment, spec, mount_point, fstype, flags, opts); |
1773 | - |
1774 | - if (!nomtab && mtab_does_not_exist()) { |
1775 | - if (verbose > 1) |
1776 | - printf(_("mount: no %s found - creating it..\n"), |
1777 | - MOUNTED); |
1778 | - create_mtab (); |
1779 | - } |
1780 | - |
1781 | - if (!nomtab && mtab_is_writable()) { |
1782 | - if (flags & MS_REMOUNT) |
1783 | - update_mtab(ment.mnt_dir, &ment); |
1784 | - else { |
1785 | - mntFILE *mtab; |
1786 | - |
1787 | - lock_mtab(); |
1788 | - mtab = nfs_setmntent(MOUNTED, "a+"); |
1789 | - if (mtab == NULL || mtab->mntent_fp == NULL) { |
1790 | - nfs_error(_("Can't open mtab: %s"), |
1791 | - strerror(errno)); |
1792 | - result = EX_FILEIO; |
1793 | - } else { |
1794 | - if (nfs_addmntent(mtab, &ment) == 1) { |
1795 | - nfs_error(_("Can't write mount entry to mtab: %s"), |
1796 | - strerror(errno)); |
1797 | - result = EX_FILEIO; |
1798 | - } |
1799 | - } |
1800 | - nfs_endmntent(mtab); |
1801 | - unlock_mtab(); |
1802 | - } |
1803 | - } |
1804 | - |
1805 | - free(ment.mnt_opts); |
1806 | - |
1807 | - return result; |
1808 | -} |
1809 | - |
1810 | -static void parse_opt(const char *opt, int *mask, char *extra_opts, size_t len) |
1811 | -{ |
1812 | - const struct opt_map *om; |
1813 | - |
1814 | - for (om = opt_map; om->opt != NULL; om++) { |
1815 | - if (!strcmp (opt, om->opt)) { |
1816 | - if (om->inv) |
1817 | - *mask &= ~om->mask; |
1818 | - else |
1819 | - *mask |= om->mask; |
1820 | - return; |
1821 | - } |
1822 | - } |
1823 | - |
1824 | - len -= strlen(extra_opts); |
1825 | - |
1826 | - if (*extra_opts && --len > 0) |
1827 | - strcat(extra_opts, ","); |
1828 | - |
1829 | - if ((len -= strlen(opt)) > 0) |
1830 | - strcat(extra_opts, opt); |
1831 | -} |
1832 | - |
1833 | -/* |
1834 | - * Convert the provided mount command-line options into the 4th & |
1835 | - * 5th arguments to mount(2). Output parameter "@flags" gets the |
1836 | - * standard options (indicated by MS_ bits), and output parameter |
1837 | - * "@extra_opts" gets all the filesystem-specific options. |
1838 | - */ |
1839 | -static void parse_opts(const char *options, int *flags, char **extra_opts) |
1840 | -{ |
1841 | - if (options != NULL) { |
1842 | - char *opts = xstrdup(options); |
1843 | - char *opt, *p; |
1844 | - size_t len = strlen(opts) + 1; /* include room for a null */ |
1845 | - int open_quote = 0; |
1846 | - |
1847 | - *extra_opts = xmalloc(len); |
1848 | - **extra_opts = '\0'; |
1849 | - |
1850 | - for (p = opts, opt = NULL; p && *p; p++) { |
1851 | - if (!opt) |
1852 | - opt = p; /* begin of the option item */ |
1853 | - if (*p == '"') |
1854 | - open_quote ^= 1; /* reverse the status */ |
1855 | - if (open_quote) |
1856 | - continue; /* still in a quoted block */ |
1857 | - if (*p == ',') |
1858 | - *p = '\0'; /* terminate the option item */ |
1859 | - |
1860 | - /* end of option item or last item */ |
1861 | - if (*p == '\0' || *(p + 1) == '\0') { |
1862 | - parse_opt(opt, flags, *extra_opts, len); |
1863 | - opt = NULL; |
1864 | - } |
1865 | - } |
1866 | - free(opts); |
1867 | - } |
1868 | -} |
1869 | - |
1870 | -static int try_mount(char *spec, char *mount_point, int flags, |
1871 | - char *fs_type, char **extra_opts, char *mount_opts, |
1872 | - int fake, int bg) |
1873 | -{ |
1874 | - int ret; |
1875 | - |
1876 | - if (string) |
1877 | - ret = nfsmount_string(spec, mount_point, fs_type, flags, |
1878 | - extra_opts, fake, bg); |
1879 | - else { |
1880 | - if (strcmp(fs_type, "nfs4") == 0) |
1881 | - ret = nfs4mount(spec, mount_point, flags, |
1882 | - extra_opts, fake, bg); |
1883 | - else |
1884 | - ret = nfsmount(spec, mount_point, flags, |
1885 | - extra_opts, fake, bg); |
1886 | - } |
1887 | - |
1888 | - if (ret) |
1889 | - return ret; |
1890 | - |
1891 | - if (!fake) |
1892 | - print_one(spec, mount_point, fs_type, mount_opts); |
1893 | - |
1894 | - return add_mtab(spec, mount_point, fs_type, flags, *extra_opts); |
1895 | -} |
1896 | - |
1897 | -int main(int argc, char *argv[]) |
1898 | -{ |
1899 | - int c, flags = 0, mnt_err = 1, fake = 0; |
1900 | - char *spec = NULL, *mount_point = NULL, *fs_type = "nfs"; |
1901 | - char *extra_opts = NULL, *mount_opts = NULL; |
1902 | - uid_t uid = getuid(); |
1903 | - |
1904 | - progname = basename(argv[0]); |
1905 | - |
1906 | - nfs_mount_data_version = discover_nfs_mount_data_version(&string); |
1907 | - |
1908 | - if(!strncmp(progname, "umount", strlen("umount"))) |
1909 | - exit(nfsumount(argc, argv)); |
1910 | - |
1911 | - if ((argc < 3)) { |
1912 | - mount_usage(); |
1913 | - exit(EX_USAGE); |
1914 | - } |
1915 | - |
1916 | - mount_config_init(progname); |
1917 | - |
1918 | - while ((c = getopt_long(argc, argv, "rvVwfno:hs", |
1919 | - longopts, NULL)) != -1) { |
1920 | - switch (c) { |
1921 | - case 'r': |
1922 | - flags |= MS_RDONLY; |
1923 | - break; |
1924 | - case 'v': |
1925 | - ++verbose; |
1926 | - break; |
1927 | - case 'V': |
1928 | - printf("%s: ("PACKAGE_STRING")\n", progname); |
1929 | - exit(EX_SUCCESS); |
1930 | - case 'w': |
1931 | - flags &= ~MS_RDONLY; |
1932 | - break; |
1933 | - case 'f': |
1934 | - ++fake; |
1935 | - break; |
1936 | - case 'n': |
1937 | - ++nomtab; |
1938 | - break; |
1939 | - case 'o': /* specify mount options */ |
1940 | - if (mount_opts) |
1941 | - mount_opts = xstrconcat3(mount_opts, ",", optarg); |
1942 | - else |
1943 | - mount_opts = xstrdup(optarg); |
1944 | - break; |
1945 | - case 's': |
1946 | - ++sloppy; |
1947 | - break; |
1948 | - case 'h': |
1949 | - default: |
1950 | - mount_usage(); |
1951 | - goto out_usage; |
1952 | - } |
1953 | - } |
1954 | - |
1955 | - /* |
1956 | - * Extra non-option words at the end are bogus... |
1957 | - */ |
1958 | - if (optind != argc - 2) { |
1959 | - mount_usage(); |
1960 | - goto out_usage; |
1961 | - } else { |
1962 | - while (optind < argc) { |
1963 | - if (!spec) |
1964 | - spec = argv[optind]; |
1965 | - else |
1966 | - mount_point = argv[optind]; |
1967 | - optind++; |
1968 | - } |
1969 | - } |
1970 | - |
1971 | - if (strcmp(progname, "mount.nfs4") == 0) |
1972 | - fs_type = "nfs4"; |
1973 | - |
1974 | - /* |
1975 | - * If a non-root user is attempting to mount, make sure the |
1976 | - * user's requested options match the options specified in |
1977 | - * /etc/fstab; otherwise, don't allow the mount. |
1978 | - */ |
1979 | - if (uid != 0) { |
1980 | - struct mntentchn *mc; |
1981 | - |
1982 | - if ((mc = getfsfile(mount_point)) == NULL || |
1983 | - strcmp(mc->m.mnt_fsname, spec) != 0 || |
1984 | - strcmp(mc->m.mnt_type, fs_type) != 0) { |
1985 | - nfs_error(_("%s: permission denied: no match for %s " |
1986 | - "found in /etc/fstab"), progname, mount_point); |
1987 | - goto out_usage; |
1988 | - } |
1989 | - |
1990 | - /* |
1991 | - * 'mount' munges the options from fstab before passing them |
1992 | - * to us, so it is non-trivial to test that we have the correct |
1993 | - * set of options and we don't want to trust what the user |
1994 | - * gave us, so just take whatever is in /etc/fstab. |
1995 | - */ |
1996 | - mount_opts = strdup(mc->m.mnt_opts); |
1997 | - } |
1998 | - |
1999 | - mount_point = canonicalize(mount_point); |
2000 | - if (!mount_point) { |
2001 | - nfs_error(_("%s: no mount point provided"), progname); |
2002 | - goto out_usage; |
2003 | - } |
2004 | - if (mount_point[0] != '/') { |
2005 | - nfs_error(_("%s: unrecognized mount point %s"), |
2006 | - progname, mount_point); |
2007 | - mnt_err = EX_USAGE; |
2008 | - goto out; |
2009 | - } |
2010 | - /* |
2011 | - * Concatenate mount options from the configuration file |
2012 | - */ |
2013 | - mount_opts = mount_config_opts(spec, mount_point, mount_opts); |
2014 | - |
2015 | - parse_opts(mount_opts, &flags, &extra_opts); |
2016 | - |
2017 | - if (uid != 0) { |
2018 | - if (!(flags & (MS_USERS|MS_USER))) { |
2019 | - nfs_error(_("%s: permission denied"), progname); |
2020 | - mnt_err = EX_USAGE; |
2021 | - goto out; |
2022 | - } |
2023 | - |
2024 | - if (geteuid() != 0) { |
2025 | - nfs_error(_("%s: not installed setuid - " |
2026 | - "\"user\" NFS mounts not supported."), progname); |
2027 | - exit(EX_FAIL); |
2028 | - } |
2029 | - } |
2030 | - |
2031 | - if (chk_mountpoint(mount_point)) { |
2032 | - mnt_err = EX_USAGE; |
2033 | - goto out; |
2034 | - } |
2035 | - |
2036 | - mnt_err = try_mount(spec, mount_point, flags, fs_type, &extra_opts, |
2037 | - mount_opts, fake, FOREGROUND); |
2038 | - if (mnt_err == EX_BG) { |
2039 | - printf(_("%s: backgrounding \"%s\"\n"), |
2040 | - progname, spec); |
2041 | - printf(_("%s: mount options: \"%s\"\n"), |
2042 | - progname, extra_opts); |
2043 | - |
2044 | - fflush(stdout); |
2045 | - |
2046 | - /* |
2047 | - * Parent exits immediately with success. |
2048 | - */ |
2049 | - if (daemon(0, 0)) { |
2050 | - nfs_error(_("%s: failed to start " |
2051 | - "background process: %s\n"), |
2052 | - progname, strerror(errno)); |
2053 | - exit(EX_FAIL); |
2054 | - } |
2055 | - |
2056 | - mnt_err = try_mount(spec, mount_point, flags, fs_type, |
2057 | - &extra_opts, mount_opts, fake, |
2058 | - BACKGROUND); |
2059 | - if (verbose && mnt_err) |
2060 | - printf(_("%s: giving up \"%s\"\n"), |
2061 | - progname, spec); |
2062 | - } |
2063 | - |
2064 | -out: |
2065 | - free(mount_opts); |
2066 | - free(extra_opts); |
2067 | - free(mount_point); |
2068 | - exit(mnt_err); |
2069 | - |
2070 | -out_usage: |
2071 | - free(mount_opts); |
2072 | - exit(EX_USAGE); |
2073 | -} |
2074 | |
2075 | === removed directory '.pc/11-532048-reduce-verbosity.patch' |
2076 | === removed directory '.pc/11-532048-reduce-verbosity.patch/utils' |
2077 | === removed directory '.pc/11-532048-reduce-verbosity.patch/utils/gssd' |
2078 | === removed file '.pc/11-532048-reduce-verbosity.patch/utils/gssd/gss_util.c' |
2079 | --- .pc/11-532048-reduce-verbosity.patch/utils/gssd/gss_util.c 2011-07-09 16:28:32 +0000 |
2080 | +++ .pc/11-532048-reduce-verbosity.patch/utils/gssd/gss_util.c 1970-01-01 00:00:00 +0000 |
2081 | @@ -1,341 +0,0 @@ |
2082 | -/* |
2083 | - * Adapted in part from MIT Kerberos 5-1.2.1 slave/kprop.c and from |
2084 | - * http://docs.sun.com/?p=/doc/816-1331/6m7oo9sms&a=view |
2085 | - * |
2086 | - * Copyright (c) 2002 The Regents of the University of Michigan. |
2087 | - * All rights reserved. |
2088 | - * |
2089 | - * Andy Adamson <andros@umich.edu> |
2090 | - * J. Bruce Fields <bfields@umich.edu> |
2091 | - * Marius Aamodt Eriksen <marius@umich.edu> |
2092 | - */ |
2093 | - |
2094 | -/* |
2095 | - * slave/kprop.c |
2096 | - * |
2097 | - * Copyright 1990,1991 by the Massachusetts Institute of Technology. |
2098 | - * All Rights Reserved. |
2099 | - * |
2100 | - * Export of this software from the United States of America may |
2101 | - * require a specific license from the United States Government. |
2102 | - * It is the responsibility of any person or organization contemplating |
2103 | - * export to obtain such a license before exporting. |
2104 | - * |
2105 | - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and |
2106 | - * distribute this software and its documentation for any purpose and |
2107 | - * without fee is hereby granted, provided that the above copyright |
2108 | - * notice appear in all copies and that both that copyright notice and |
2109 | - * this permission notice appear in supporting documentation, and that |
2110 | - * the name of M.I.T. not be used in advertising or publicity pertaining |
2111 | - * to distribution of the software without specific, written prior |
2112 | - * permission. Furthermore if you modify this software you must label |
2113 | - * your software as modified software and not distribute it in such a |
2114 | - * fashion that it might be confused with the original M.I.T. software. |
2115 | - * M.I.T. makes no representations about the suitability of |
2116 | - * this software for any purpose. It is provided "as is" without express |
2117 | - * or implied warranty. |
2118 | - */ |
2119 | - |
2120 | -/* |
2121 | - * Copyright 1994 by OpenVision Technologies, Inc. |
2122 | - * |
2123 | - * Permission to use, copy, modify, distribute, and sell this software |
2124 | - * and its documentation for any purpose is hereby granted without fee, |
2125 | - * provided that the above copyright notice appears in all copies and |
2126 | - * that both that copyright notice and this permission notice appear in |
2127 | - * supporting documentation, and that the name of OpenVision not be used |
2128 | - * in advertising or publicity pertaining to distribution of the software |
2129 | - * without specific, written prior permission. OpenVision makes no |
2130 | - * representations about the suitability of this software for any |
2131 | - * purpose. It is provided "as is" without express or implied warranty. |
2132 | - * |
2133 | - * OPENVISION DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, |
2134 | - * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO |
2135 | - * EVENT SHALL OPENVISION BE LIABLE FOR ANY SPECIAL, INDIRECT OR |
2136 | - * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF |
2137 | - * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR |
2138 | - * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR |
2139 | - * PERFORMANCE OF THIS SOFTWARE. |
2140 | - */ |
2141 | - |
2142 | -#ifdef HAVE_CONFIG_H |
2143 | -#include <config.h> |
2144 | -#endif /* HAVE_CONFIG_H */ |
2145 | - |
2146 | -#include <errno.h> |
2147 | -#include <stdio.h> |
2148 | -#include <ctype.h> |
2149 | -#include <sys/file.h> |
2150 | -#include <signal.h> |
2151 | -#include <string.h> |
2152 | -#include <sys/types.h> |
2153 | -#include <sys/time.h> |
2154 | -#include <sys/stat.h> |
2155 | -#include <sys/socket.h> |
2156 | -#include <netinet/in.h> |
2157 | -#include <sys/param.h> |
2158 | -#include <netdb.h> |
2159 | -#include <fcntl.h> |
2160 | -#include <gssapi/gssapi.h> |
2161 | -#if defined(HAVE_KRB5) && !defined(GSS_C_NT_HOSTBASED_SERVICE) |
2162 | -#include <gssapi/gssapi_generic.h> |
2163 | -#define GSS_C_NT_HOSTBASED_SERVICE gss_nt_service_name |
2164 | -#endif |
2165 | -#include "gss_util.h" |
2166 | -#include "err_util.h" |
2167 | -#include "gssd.h" |
2168 | -#ifdef HAVE_UNISTD_H |
2169 | -#include <unistd.h> |
2170 | -#endif |
2171 | -#include <stdlib.h> |
2172 | -#ifdef HAVE_COM_ERR_H |
2173 | -#include <com_err.h> |
2174 | -#endif |
2175 | - |
2176 | -/* Global gssd_credentials handle */ |
2177 | -gss_cred_id_t gssd_creds; |
2178 | - |
2179 | -gss_OID g_mechOid = GSS_C_NULL_OID;; |
2180 | - |
2181 | -#if 0 |
2182 | -static void |
2183 | -display_status_1(char *m, u_int32_t code, int type, const gss_OID mech) |
2184 | -{ |
2185 | - u_int32_t maj_stat, min_stat; |
2186 | - gss_buffer_desc msg = GSS_C_EMPTY_BUFFER; |
2187 | - u_int32_t msg_ctx = 0; |
2188 | - char *typestr; |
2189 | - |
2190 | - switch (type) { |
2191 | - case GSS_C_GSS_CODE: |
2192 | - typestr = "GSS"; |
2193 | - break; |
2194 | - case GSS_C_MECH_CODE: |
2195 | - typestr = "mechanism"; |
2196 | - break; |
2197 | - default: |
2198 | - return; |
2199 | - /* NOTREACHED */ |
2200 | - } |
2201 | - |
2202 | - for (;;) { |
2203 | - maj_stat = gss_display_status(&min_stat, code, |
2204 | - type, mech, &msg_ctx, &msg); |
2205 | - if (maj_stat != GSS_S_COMPLETE) { |
2206 | - printerr(0, "ERROR: in call to " |
2207 | - "gss_display_status called from %s\n", m); |
2208 | - break; |
2209 | - } else { |
2210 | - printerr(0, "ERROR: GSS-API: (%s) error in %s(): %s\n", |
2211 | - typestr, m, (char *)msg.value); |
2212 | - } |
2213 | - |
2214 | - if (msg.length != 0) |
2215 | - (void) gss_release_buffer(&min_stat, &msg); |
2216 | - |
2217 | - if (msg_ctx == 0) |
2218 | - break; |
2219 | - } |
2220 | -} |
2221 | -#endif |
2222 | -static char * |
2223 | -gss_display_error(OM_uint32 status) |
2224 | -{ |
2225 | - char *error = NULL; |
2226 | - |
2227 | - switch(status) { |
2228 | - case GSS_S_COMPLETE: |
2229 | - error = "GSS_S_COMPLETE"; |
2230 | - break; |
2231 | - case GSS_S_CALL_INACCESSIBLE_READ: |
2232 | - error = "GSS_S_CALL_INACCESSIBLE_READ"; |
2233 | - break; |
2234 | - case GSS_S_CALL_INACCESSIBLE_WRITE: |
2235 | - error = "GSS_S_CALL_INACCESSIBLE_WRITE"; |
2236 | - break; |
2237 | - case GSS_S_CALL_BAD_STRUCTURE: |
2238 | - error = "GSS_S_CALL_BAD_STRUCTURE"; |
2239 | - break; |
2240 | - case GSS_S_BAD_MECH: |
2241 | - error = "GSS_S_BAD_MECH"; |
2242 | - break; |
2243 | - case GSS_S_BAD_NAME: |
2244 | - error = "GSS_S_BAD_NAME"; |
2245 | - break; |
2246 | - case GSS_S_BAD_NAMETYPE: |
2247 | - error = "GSS_S_BAD_NAMETYPE"; |
2248 | - break; |
2249 | - case GSS_S_BAD_BINDINGS: |
2250 | - error = "GSS_S_BAD_BINDINGS"; |
2251 | - break; |
2252 | - case GSS_S_BAD_STATUS: |
2253 | - error = "GSS_S_BAD_STATUS"; |
2254 | - break; |
2255 | - case GSS_S_BAD_SIG: |
2256 | - error = "GSS_S_BAD_SIG"; |
2257 | - break; |
2258 | - case GSS_S_NO_CRED: |
2259 | - error = "GSS_S_NO_CRED"; |
2260 | - break; |
2261 | - case GSS_S_NO_CONTEXT: |
2262 | - error = "GSS_S_NO_CONTEXT"; |
2263 | - break; |
2264 | - case GSS_S_DEFECTIVE_TOKEN: |
2265 | - error = "GSS_S_DEFECTIVE_TOKEN"; |
2266 | - break; |
2267 | - case GSS_S_DEFECTIVE_CREDENTIAL: |
2268 | - error = "GSS_S_DEFECTIVE_CREDENTIAL"; |
2269 | - break; |
2270 | - case GSS_S_CREDENTIALS_EXPIRED: |
2271 | - error = "GSS_S_CREDENTIALS_EXPIRED"; |
2272 | - break; |
2273 | - case GSS_S_CONTEXT_EXPIRED: |
2274 | - error = "GSS_S_CONTEXT_EXPIRED"; |
2275 | - break; |
2276 | - case GSS_S_FAILURE: |
2277 | - error = "GSS_S_FAILURE"; |
2278 | - break; |
2279 | - case GSS_S_BAD_QOP: |
2280 | - error = "GSS_S_BAD_QOP"; |
2281 | - break; |
2282 | - case GSS_S_UNAUTHORIZED: |
2283 | - error = "GSS_S_UNAUTHORIZED"; |
2284 | - break; |
2285 | - case GSS_S_UNAVAILABLE: |
2286 | - error = "GSS_S_UNAVAILABLE"; |
2287 | - break; |
2288 | - case GSS_S_DUPLICATE_ELEMENT: |
2289 | - error = "GSS_S_DUPLICATE_ELEMENT"; |
2290 | - break; |
2291 | - case GSS_S_NAME_NOT_MN: |
2292 | - error = "GSS_S_NAME_NOT_MN"; |
2293 | - break; |
2294 | - default: |
2295 | - error = "Not defined"; |
2296 | - } |
2297 | - return error; |
2298 | -} |
2299 | - |
2300 | -static void |
2301 | -display_status_2(char *m, u_int32_t major, u_int32_t minor, const gss_OID mech) |
2302 | -{ |
2303 | - u_int32_t maj_stat1, min_stat1; |
2304 | - u_int32_t maj_stat2, min_stat2; |
2305 | - gss_buffer_desc maj_gss_buf = GSS_C_EMPTY_BUFFER; |
2306 | - gss_buffer_desc min_gss_buf = GSS_C_EMPTY_BUFFER; |
2307 | - char maj_buf[30], min_buf[30]; |
2308 | - char *maj, *min; |
2309 | - u_int32_t msg_ctx = 0; |
2310 | - int msg_verbosity = 0; |
2311 | - |
2312 | - /* Get major status message */ |
2313 | - maj_stat1 = gss_display_status(&min_stat1, major, |
2314 | - GSS_C_GSS_CODE, mech, &msg_ctx, &maj_gss_buf); |
2315 | - |
2316 | - if (maj_stat1 != GSS_S_COMPLETE) { |
2317 | - snprintf(maj_buf, sizeof(maj_buf), "(0x%08x)", major); |
2318 | - maj = &maj_buf[0]; |
2319 | - } else { |
2320 | - maj = maj_gss_buf.value; |
2321 | - } |
2322 | - |
2323 | - /* Get minor status message */ |
2324 | - maj_stat2 = gss_display_status(&min_stat2, minor, |
2325 | - GSS_C_MECH_CODE, mech, &msg_ctx, &min_gss_buf); |
2326 | - |
2327 | - if (maj_stat2 != GSS_S_COMPLETE) { |
2328 | - snprintf(min_buf, sizeof(min_buf), "(0x%08x)", minor); |
2329 | - min = &min_buf[0]; |
2330 | - } else { |
2331 | - min = min_gss_buf.value; |
2332 | - } |
2333 | - |
2334 | - if (major == GSS_S_CREDENTIALS_EXPIRED) |
2335 | - msg_verbosity = 1; |
2336 | - |
2337 | - printerr(msg_verbosity, "ERROR: GSS-API: error in %s(): %s (%s) - %s\n", |
2338 | - m, gss_display_error(major), maj, min); |
2339 | - |
2340 | - if (maj_gss_buf.length != 0) |
2341 | - (void) gss_release_buffer(&min_stat1, &maj_gss_buf); |
2342 | - if (min_gss_buf.length != 0) |
2343 | - (void) gss_release_buffer(&min_stat2, &min_gss_buf); |
2344 | -} |
2345 | - |
2346 | -void |
2347 | -pgsserr(char *msg, u_int32_t maj_stat, u_int32_t min_stat, const gss_OID mech) |
2348 | -{ |
2349 | - display_status_2(msg, maj_stat, min_stat, mech); |
2350 | -} |
2351 | - |
2352 | -int |
2353 | -gssd_acquire_cred(char *server_name, const gss_OID oid) |
2354 | -{ |
2355 | - gss_buffer_desc name; |
2356 | - gss_name_t target_name; |
2357 | - u_int32_t maj_stat, min_stat; |
2358 | - u_int32_t ignore_maj_stat, ignore_min_stat; |
2359 | - gss_buffer_desc pbuf; |
2360 | - |
2361 | - /* If server_name is NULL, get cred for GSS_C_NO_NAME */ |
2362 | - if (server_name == NULL) { |
2363 | - target_name = GSS_C_NO_NAME; |
2364 | - } else { |
2365 | - name.value = (void *)server_name; |
2366 | - name.length = strlen(server_name); |
2367 | - |
2368 | - maj_stat = gss_import_name(&min_stat, &name, |
2369 | - oid, |
2370 | - &target_name); |
2371 | - |
2372 | - if (maj_stat != GSS_S_COMPLETE) { |
2373 | - pgsserr("gss_import_name", maj_stat, min_stat, g_mechOid); |
2374 | - return (FALSE); |
2375 | - } |
2376 | - } |
2377 | - |
2378 | - maj_stat = gss_acquire_cred(&min_stat, target_name, GSS_C_INDEFINITE, |
2379 | - GSS_C_NO_OID_SET, GSS_C_ACCEPT, |
2380 | - &gssd_creds, NULL, NULL); |
2381 | - |
2382 | - if (maj_stat != GSS_S_COMPLETE) { |
2383 | - pgsserr("gss_acquire_cred", maj_stat, min_stat, g_mechOid); |
2384 | - ignore_maj_stat = gss_display_name(&ignore_min_stat, |
2385 | - target_name, &pbuf, NULL); |
2386 | - if (ignore_maj_stat == GSS_S_COMPLETE) { |
2387 | - printerr(1, "Unable to obtain credentials for '%.*s'\n", |
2388 | - pbuf.length, pbuf.value); |
2389 | - ignore_maj_stat = gss_release_buffer(&ignore_min_stat, |
2390 | - &pbuf); |
2391 | - } |
2392 | - } |
2393 | - |
2394 | - ignore_maj_stat = gss_release_name(&ignore_min_stat, &target_name); |
2395 | - |
2396 | - return (maj_stat == GSS_S_COMPLETE); |
2397 | -} |
2398 | - |
2399 | -int gssd_check_mechs(void) |
2400 | -{ |
2401 | - u_int32_t maj_stat, min_stat; |
2402 | - gss_OID_set supported_mechs = GSS_C_NO_OID_SET; |
2403 | - int retval = -1; |
2404 | - |
2405 | - maj_stat = gss_indicate_mechs(&min_stat, &supported_mechs); |
2406 | - if (maj_stat != GSS_S_COMPLETE) { |
2407 | - printerr(0, "Unable to obtain list of supported mechanisms. " |
2408 | - "Check that gss library is properly configured.\n"); |
2409 | - goto out; |
2410 | - } |
2411 | - if (supported_mechs == GSS_C_NO_OID_SET || |
2412 | - supported_mechs->count == 0) { |
2413 | - printerr(0, "Unable to obtain list of supported mechanisms. " |
2414 | - "Check that gss library is properly configured.\n"); |
2415 | - goto out; |
2416 | - } |
2417 | - maj_stat = gss_release_oid_set(&min_stat, &supported_mechs); |
2418 | - retval = 0; |
2419 | -out: |
2420 | - return retval; |
2421 | -} |
2422 | - |
2423 | |
2424 | === removed file '.pc/11-532048-reduce-verbosity.patch/utils/gssd/gssd_proc.c' |
2425 | --- .pc/11-532048-reduce-verbosity.patch/utils/gssd/gssd_proc.c 2012-05-25 20:41:58 +0000 |
2426 | +++ .pc/11-532048-reduce-verbosity.patch/utils/gssd/gssd_proc.c 1970-01-01 00:00:00 +0000 |
2427 | @@ -1,1241 +0,0 @@ |
2428 | -/* |
2429 | - gssd_proc.c |
2430 | - |
2431 | - Copyright (c) 2000-2004 The Regents of the University of Michigan. |
2432 | - All rights reserved. |
2433 | - |
2434 | - Copyright (c) 2000 Dug Song <dugsong@UMICH.EDU>. |
2435 | - Copyright (c) 2001 Andy Adamson <andros@UMICH.EDU>. |
2436 | - Copyright (c) 2002 Marius Aamodt Eriksen <marius@UMICH.EDU>. |
2437 | - Copyright (c) 2002 Bruce Fields <bfields@UMICH.EDU> |
2438 | - Copyright (c) 2004 Kevin Coffman <kwc@umich.edu> |
2439 | - All rights reserved, all wrongs reversed. |
2440 | - |
2441 | - Redistribution and use in source and binary forms, with or without |
2442 | - modification, are permitted provided that the following conditions |
2443 | - are met: |
2444 | - |
2445 | - 1. Redistributions of source code must retain the above copyright |
2446 | - notice, this list of conditions and the following disclaimer. |
2447 | - 2. Redistributions in binary form must reproduce the above copyright |
2448 | - notice, this list of conditions and the following disclaimer in the |
2449 | - documentation and/or other materials provided with the distribution. |
2450 | - 3. Neither the name of the University nor the names of its |
2451 | - contributors may be used to endorse or promote products derived |
2452 | - from this software without specific prior written permission. |
2453 | - |
2454 | - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED |
2455 | - WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF |
2456 | - MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE |
2457 | - DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE |
2458 | - FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR |
2459 | - CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF |
2460 | - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR |
2461 | - BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF |
2462 | - LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING |
2463 | - NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS |
2464 | - SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
2465 | - |
2466 | -*/ |
2467 | - |
2468 | -#ifdef HAVE_CONFIG_H |
2469 | -#include <config.h> |
2470 | -#endif /* HAVE_CONFIG_H */ |
2471 | - |
2472 | -#ifndef _GNU_SOURCE |
2473 | -#define _GNU_SOURCE |
2474 | -#endif |
2475 | - |
2476 | -#include <sys/param.h> |
2477 | -#include <rpc/rpc.h> |
2478 | -#include <sys/stat.h> |
2479 | -#include <sys/socket.h> |
2480 | -#include <arpa/inet.h> |
2481 | -#include <sys/fsuid.h> |
2482 | - |
2483 | -#include <stdio.h> |
2484 | -#include <stdlib.h> |
2485 | -#include <pwd.h> |
2486 | -#include <grp.h> |
2487 | -#include <string.h> |
2488 | -#include <dirent.h> |
2489 | -#include <poll.h> |
2490 | -#include <fcntl.h> |
2491 | -#include <signal.h> |
2492 | -#include <unistd.h> |
2493 | -#include <errno.h> |
2494 | -#include <gssapi/gssapi.h> |
2495 | -#include <netdb.h> |
2496 | - |
2497 | -#include "gssd.h" |
2498 | -#include "err_util.h" |
2499 | -#include "gss_util.h" |
2500 | -#include "krb5_util.h" |
2501 | -#include "context.h" |
2502 | -#include "nfsrpc.h" |
2503 | -#include "nfslib.h" |
2504 | - |
2505 | -/* |
2506 | - * pollarray: |
2507 | - * array of struct pollfd suitable to pass to poll. initialized to |
2508 | - * zero - a zero struct is ignored by poll() because the events mask is 0. |
2509 | - * |
2510 | - * clnt_list: |
2511 | - * linked list of struct clnt_info which associates a clntXXX directory |
2512 | - * with an index into pollarray[], and other basic data about that client. |
2513 | - * |
2514 | - * Directory structure: created by the kernel |
2515 | - * {rpc_pipefs}/{dir}/clntXX : one per rpc_clnt struct in the kernel |
2516 | - * {rpc_pipefs}/{dir}/clntXX/krb5 : read uid for which kernel wants |
2517 | - * a context, write the resulting context |
2518 | - * {rpc_pipefs}/{dir}/clntXX/info : stores info such as server name |
2519 | - * {rpc_pipefs}/{dir}/clntXX/gssd : pipe for all gss mechanisms using |
2520 | - * a text-based string of parameters |
2521 | - * |
2522 | - * Algorithm: |
2523 | - * Poll all {rpc_pipefs}/{dir}/clntXX/YYYY files. When data is ready, |
2524 | - * read and process; performs rpcsec_gss context initialization protocol to |
2525 | - * get a cred for that user. Writes result to corresponding krb5 file |
2526 | - * in a form the kernel code will understand. |
2527 | - * In addition, we make sure we are notified whenever anything is |
2528 | - * created or destroyed in {rpc_pipefs} or in any of the clntXX directories, |
2529 | - * and rescan the whole {rpc_pipefs} when this happens. |
2530 | - */ |
2531 | - |
2532 | -struct pollfd * pollarray; |
2533 | - |
2534 | -int pollsize; /* the size of pollaray (in pollfd's) */ |
2535 | - |
2536 | -/* |
2537 | - * convert a presentation address string to a sockaddr_storage struct. Returns |
2538 | - * true on success or false on failure. |
2539 | - * |
2540 | - * Note that we do not populate the sin6_scope_id field here for IPv6 addrs. |
2541 | - * gssd nececessarily relies on hostname resolution and DNS AAAA records |
2542 | - * do not generally contain scope-id's. This means that GSSAPI auth really |
2543 | - * can't work with IPv6 link-local addresses. |
2544 | - * |
2545 | - * We *could* consider changing this if we did something like adopt the |
2546 | - * Microsoft "standard" of using the ipv6-literal.net domainname, but it's |
2547 | - * not really feasible at present. |
2548 | - */ |
2549 | -static int |
2550 | -addrstr_to_sockaddr(struct sockaddr *sa, const char *node, const char *port) |
2551 | -{ |
2552 | - int rc; |
2553 | - struct addrinfo *res; |
2554 | - struct addrinfo hints = { .ai_flags = AI_NUMERICHOST | AI_NUMERICSERV }; |
2555 | - |
2556 | -#ifndef IPV6_SUPPORTED |
2557 | - hints.ai_family = AF_INET; |
2558 | -#endif /* IPV6_SUPPORTED */ |
2559 | - |
2560 | - rc = getaddrinfo(node, port, &hints, &res); |
2561 | - if (rc) { |
2562 | - printerr(0, "ERROR: unable to convert %s|%s to sockaddr: %s\n", |
2563 | - node, port, rc == EAI_SYSTEM ? strerror(errno) : |
2564 | - gai_strerror(rc)); |
2565 | - return 0; |
2566 | - } |
2567 | - |
2568 | -#ifdef IPV6_SUPPORTED |
2569 | - /* |
2570 | - * getnameinfo ignores the scopeid. If the address turns out to have |
2571 | - * a non-zero scopeid, we can't use it -- the resolved host might be |
2572 | - * completely different from the one intended. |
2573 | - */ |
2574 | - if (res->ai_addr->sa_family == AF_INET6) { |
2575 | - struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)res->ai_addr; |
2576 | - if (sin6->sin6_scope_id) { |
2577 | - printerr(0, "ERROR: address %s has non-zero " |
2578 | - "sin6_scope_id!\n", node); |
2579 | - freeaddrinfo(res); |
2580 | - return 0; |
2581 | - } |
2582 | - } |
2583 | -#endif /* IPV6_SUPPORTED */ |
2584 | - |
2585 | - memcpy(sa, res->ai_addr, res->ai_addrlen); |
2586 | - freeaddrinfo(res); |
2587 | - return 1; |
2588 | -} |
2589 | - |
2590 | -/* |
2591 | - * convert a sockaddr to a hostname |
2592 | - */ |
2593 | -static char * |
2594 | -sockaddr_to_hostname(const struct sockaddr *sa, const char *addr) |
2595 | -{ |
2596 | - socklen_t addrlen; |
2597 | - int err; |
2598 | - char *hostname; |
2599 | - char hbuf[NI_MAXHOST]; |
2600 | - |
2601 | - switch (sa->sa_family) { |
2602 | - case AF_INET: |
2603 | - addrlen = sizeof(struct sockaddr_in); |
2604 | - break; |
2605 | -#ifdef IPV6_SUPPORTED |
2606 | - case AF_INET6: |
2607 | - addrlen = sizeof(struct sockaddr_in6); |
2608 | - break; |
2609 | -#endif /* IPV6_SUPPORTED */ |
2610 | - default: |
2611 | - printerr(0, "ERROR: unrecognized addr family %d\n", |
2612 | - sa->sa_family); |
2613 | - return NULL; |
2614 | - } |
2615 | - |
2616 | - err = getnameinfo(sa, addrlen, hbuf, sizeof(hbuf), NULL, 0, |
2617 | - NI_NAMEREQD); |
2618 | - if (err) { |
2619 | - printerr(0, "ERROR: unable to resolve %s to hostname: %s\n", |
2620 | - addr, err == EAI_SYSTEM ? strerror(err) : |
2621 | - gai_strerror(err)); |
2622 | - return NULL; |
2623 | - } |
2624 | - |
2625 | - hostname = strdup(hbuf); |
2626 | - |
2627 | - return hostname; |
2628 | -} |
2629 | - |
2630 | -/* XXX buffer problems: */ |
2631 | -static int |
2632 | -read_service_info(char *info_file_name, char **servicename, char **servername, |
2633 | - int *prog, int *vers, char **protocol, |
2634 | - struct sockaddr *addr) { |
2635 | -#define INFOBUFLEN 256 |
2636 | - char buf[INFOBUFLEN + 1]; |
2637 | - static char dummy[128]; |
2638 | - int nbytes; |
2639 | - static char service[128]; |
2640 | - static char address[128]; |
2641 | - char program[16]; |
2642 | - char version[16]; |
2643 | - char protoname[16]; |
2644 | - char port[128]; |
2645 | - char *p; |
2646 | - int fd = -1; |
2647 | - int numfields; |
2648 | - |
2649 | - *servicename = *servername = *protocol = NULL; |
2650 | - |
2651 | - if ((fd = open(info_file_name, O_RDONLY)) == -1) { |
2652 | - printerr(0, "ERROR: can't open %s: %s\n", info_file_name, |
2653 | - strerror(errno)); |
2654 | - goto fail; |
2655 | - } |
2656 | - if ((nbytes = read(fd, buf, INFOBUFLEN)) == -1) |
2657 | - goto fail; |
2658 | - close(fd); |
2659 | - buf[nbytes] = '\0'; |
2660 | - |
2661 | - numfields = sscanf(buf,"RPC server: %127s\n" |
2662 | - "service: %127s %15s version %15s\n" |
2663 | - "address: %127s\n" |
2664 | - "protocol: %15s\n", |
2665 | - dummy, |
2666 | - service, program, version, |
2667 | - address, |
2668 | - protoname); |
2669 | - |
2670 | - if (numfields == 5) { |
2671 | - strcpy(protoname, "tcp"); |
2672 | - } else if (numfields != 6) { |
2673 | - goto fail; |
2674 | - } |
2675 | - |
2676 | - port[0] = '\0'; |
2677 | - if ((p = strstr(buf, "port")) != NULL) |
2678 | - sscanf(p, "port: %127s\n", port); |
2679 | - |
2680 | - /* check service, program, and version */ |
2681 | - if (memcmp(service, "nfs", 3) != 0) |
2682 | - return -1; |
2683 | - *prog = atoi(program + 1); /* skip open paren */ |
2684 | - *vers = atoi(version); |
2685 | - |
2686 | - if (strlen(service) == 3 ) { |
2687 | - if ((*prog != 100003) || ((*vers != 2) && (*vers != 3) && |
2688 | - (*vers != 4))) |
2689 | - goto fail; |
2690 | - } else if (memcmp(service, "nfs4_cb", 7) == 0) { |
2691 | - if (*vers != 1) |
2692 | - goto fail; |
2693 | - } |
2694 | - |
2695 | - if (!addrstr_to_sockaddr(addr, address, port)) |
2696 | - goto fail; |
2697 | - |
2698 | - *servername = sockaddr_to_hostname(addr, address); |
2699 | - if (*servername == NULL) |
2700 | - goto fail; |
2701 | - |
2702 | - nbytes = snprintf(buf, INFOBUFLEN, "%s@%s", service, *servername); |
2703 | - if (nbytes > INFOBUFLEN) |
2704 | - goto fail; |
2705 | - |
2706 | - if (!(*servicename = calloc(strlen(buf) + 1, 1))) |
2707 | - goto fail; |
2708 | - memcpy(*servicename, buf, strlen(buf)); |
2709 | - |
2710 | - if (!(*protocol = strdup(protoname))) |
2711 | - goto fail; |
2712 | - return 0; |
2713 | -fail: |
2714 | - printerr(0, "ERROR: failed to read service info\n"); |
2715 | - if (fd != -1) close(fd); |
2716 | - free(*servername); |
2717 | - free(*servicename); |
2718 | - free(*protocol); |
2719 | - *servicename = *servername = *protocol = NULL; |
2720 | - return -1; |
2721 | -} |
2722 | - |
2723 | -static void |
2724 | -destroy_client(struct clnt_info *clp) |
2725 | -{ |
2726 | - if (clp->krb5_poll_index != -1) |
2727 | - memset(&pollarray[clp->krb5_poll_index], 0, |
2728 | - sizeof(struct pollfd)); |
2729 | - if (clp->gssd_poll_index != -1) |
2730 | - memset(&pollarray[clp->gssd_poll_index], 0, |
2731 | - sizeof(struct pollfd)); |
2732 | - if (clp->dir_fd != -1) close(clp->dir_fd); |
2733 | - if (clp->krb5_fd != -1) close(clp->krb5_fd); |
2734 | - if (clp->gssd_fd != -1) close(clp->gssd_fd); |
2735 | - free(clp->dirname); |
2736 | - free(clp->servicename); |
2737 | - free(clp->servername); |
2738 | - free(clp->protocol); |
2739 | - free(clp); |
2740 | -} |
2741 | - |
2742 | -static struct clnt_info * |
2743 | -insert_new_clnt(void) |
2744 | -{ |
2745 | - struct clnt_info *clp = NULL; |
2746 | - |
2747 | - if (!(clp = (struct clnt_info *)calloc(1,sizeof(struct clnt_info)))) { |
2748 | - printerr(0, "ERROR: can't malloc clnt_info: %s\n", |
2749 | - strerror(errno)); |
2750 | - goto out; |
2751 | - } |
2752 | - clp->krb5_poll_index = -1; |
2753 | - clp->gssd_poll_index = -1; |
2754 | - clp->krb5_fd = -1; |
2755 | - clp->gssd_fd = -1; |
2756 | - clp->dir_fd = -1; |
2757 | - |
2758 | - TAILQ_INSERT_HEAD(&clnt_list, clp, list); |
2759 | -out: |
2760 | - return clp; |
2761 | -} |
2762 | - |
2763 | -static int |
2764 | -process_clnt_dir_files(struct clnt_info * clp) |
2765 | -{ |
2766 | - char name[PATH_MAX]; |
2767 | - char gname[PATH_MAX]; |
2768 | - char info_file_name[PATH_MAX]; |
2769 | - |
2770 | - if (clp->gssd_fd == -1) { |
2771 | - snprintf(gname, sizeof(gname), "%s/gssd", clp->dirname); |
2772 | - clp->gssd_fd = open(gname, O_RDWR); |
2773 | - } |
2774 | - if (clp->gssd_fd == -1) { |
2775 | - if (clp->krb5_fd == -1) { |
2776 | - snprintf(name, sizeof(name), "%s/krb5", clp->dirname); |
2777 | - clp->krb5_fd = open(name, O_RDWR); |
2778 | - } |
2779 | - |
2780 | - /* If we opened a gss-specific pipe, let's try opening |
2781 | - * the new upcall pipe again. If we succeed, close |
2782 | - * gss-specific pipe(s). |
2783 | - */ |
2784 | - if (clp->krb5_fd != -1) { |
2785 | - clp->gssd_fd = open(gname, O_RDWR); |
2786 | - if (clp->gssd_fd != -1) { |
2787 | - if (clp->krb5_fd != -1) |
2788 | - close(clp->krb5_fd); |
2789 | - clp->krb5_fd = -1; |
2790 | - } |
2791 | - } |
2792 | - } |
2793 | - |
2794 | - if ((clp->krb5_fd == -1) && (clp->gssd_fd == -1)) |
2795 | - return -1; |
2796 | - snprintf(info_file_name, sizeof(info_file_name), "%s/info", |
2797 | - clp->dirname); |
2798 | - if ((clp->servicename == NULL) && |
2799 | - read_service_info(info_file_name, &clp->servicename, |
2800 | - &clp->servername, &clp->prog, &clp->vers, |
2801 | - &clp->protocol, (struct sockaddr *) &clp->addr)) |
2802 | - return -1; |
2803 | - return 0; |
2804 | -} |
2805 | - |
2806 | -static int |
2807 | -get_poll_index(int *ind) |
2808 | -{ |
2809 | - int i; |
2810 | - |
2811 | - *ind = -1; |
2812 | - for (i=0; i<FD_ALLOC_BLOCK; i++) { |
2813 | - if (pollarray[i].events == 0) { |
2814 | - *ind = i; |
2815 | - break; |
2816 | - } |
2817 | - } |
2818 | - if (*ind == -1) { |
2819 | - printerr(0, "ERROR: No pollarray slots open\n"); |
2820 | - return -1; |
2821 | - } |
2822 | - return 0; |
2823 | -} |
2824 | - |
2825 | - |
2826 | -static int |
2827 | -insert_clnt_poll(struct clnt_info *clp) |
2828 | -{ |
2829 | - if ((clp->gssd_fd != -1) && (clp->gssd_poll_index == -1)) { |
2830 | - if (get_poll_index(&clp->gssd_poll_index)) { |
2831 | - printerr(0, "ERROR: Too many gssd clients\n"); |
2832 | - return -1; |
2833 | - } |
2834 | - pollarray[clp->gssd_poll_index].fd = clp->gssd_fd; |
2835 | - pollarray[clp->gssd_poll_index].events |= POLLIN; |
2836 | - } |
2837 | - |
2838 | - if ((clp->krb5_fd != -1) && (clp->krb5_poll_index == -1)) { |
2839 | - if (get_poll_index(&clp->krb5_poll_index)) { |
2840 | - printerr(0, "ERROR: Too many krb5 clients\n"); |
2841 | - return -1; |
2842 | - } |
2843 | - pollarray[clp->krb5_poll_index].fd = clp->krb5_fd; |
2844 | - pollarray[clp->krb5_poll_index].events |= POLLIN; |
2845 | - } |
2846 | - |
2847 | - return 0; |
2848 | -} |
2849 | - |
2850 | -static void |
2851 | -process_clnt_dir(char *dir, char *pdir) |
2852 | -{ |
2853 | - struct clnt_info * clp; |
2854 | - |
2855 | - if (!(clp = insert_new_clnt())) |
2856 | - goto fail_destroy_client; |
2857 | - |
2858 | - /* An extra for the '/', and an extra for the null */ |
2859 | - if (!(clp->dirname = calloc(strlen(dir) + strlen(pdir) + 2, 1))) { |
2860 | - goto fail_destroy_client; |
2861 | - } |
2862 | - sprintf(clp->dirname, "%s/%s", pdir, dir); |
2863 | - if ((clp->dir_fd = open(clp->dirname, O_RDONLY)) == -1) { |
2864 | - printerr(0, "ERROR: can't open %s: %s\n", |
2865 | - clp->dirname, strerror(errno)); |
2866 | - goto fail_destroy_client; |
2867 | - } |
2868 | - fcntl(clp->dir_fd, F_SETSIG, DNOTIFY_SIGNAL); |
2869 | - fcntl(clp->dir_fd, F_NOTIFY, DN_CREATE | DN_DELETE | DN_MULTISHOT); |
2870 | - |
2871 | - if (process_clnt_dir_files(clp)) |
2872 | - goto fail_keep_client; |
2873 | - |
2874 | - if (insert_clnt_poll(clp)) |
2875 | - goto fail_destroy_client; |
2876 | - |
2877 | - return; |
2878 | - |
2879 | -fail_destroy_client: |
2880 | - if (clp) { |
2881 | - TAILQ_REMOVE(&clnt_list, clp, list); |
2882 | - destroy_client(clp); |
2883 | - } |
2884 | -fail_keep_client: |
2885 | - /* We couldn't find some subdirectories, but we keep the client |
2886 | - * around in case we get a notification on the directory when the |
2887 | - * subdirectories are created. */ |
2888 | - return; |
2889 | -} |
2890 | - |
2891 | -void |
2892 | -init_client_list(void) |
2893 | -{ |
2894 | - TAILQ_INIT(&clnt_list); |
2895 | - /* Eventually plan to grow/shrink poll array: */ |
2896 | - pollsize = FD_ALLOC_BLOCK; |
2897 | - pollarray = calloc(pollsize, sizeof(struct pollfd)); |
2898 | -} |
2899 | - |
2900 | -/* |
2901 | - * This is run after a DNOTIFY signal, and should clear up any |
2902 | - * directories that are no longer around, and re-scan any existing |
2903 | - * directories, since the DNOTIFY could have been in there. |
2904 | - */ |
2905 | -static void |
2906 | -update_old_clients(struct dirent **namelist, int size, char *pdir) |
2907 | -{ |
2908 | - struct clnt_info *clp; |
2909 | - void *saveprev; |
2910 | - int i, stillhere; |
2911 | - char fname[PATH_MAX]; |
2912 | - |
2913 | - for (clp = clnt_list.tqh_first; clp != NULL; clp = clp->list.tqe_next) { |
2914 | - /* only compare entries in the global list that are from the |
2915 | - * same pipefs parent directory as "pdir" |
2916 | - */ |
2917 | - if (strncmp(clp->dirname, pdir, strlen(pdir)) != 0) continue; |
2918 | - |
2919 | - stillhere = 0; |
2920 | - for (i=0; i < size; i++) { |
2921 | - snprintf(fname, sizeof(fname), "%s/%s", |
2922 | - pdir, namelist[i]->d_name); |
2923 | - if (strcmp(clp->dirname, fname) == 0) { |
2924 | - stillhere = 1; |
2925 | - break; |
2926 | - } |
2927 | - } |
2928 | - if (!stillhere) { |
2929 | - printerr(2, "destroying client %s\n", clp->dirname); |
2930 | - saveprev = clp->list.tqe_prev; |
2931 | - TAILQ_REMOVE(&clnt_list, clp, list); |
2932 | - destroy_client(clp); |
2933 | - clp = saveprev; |
2934 | - } |
2935 | - } |
2936 | - for (clp = clnt_list.tqh_first; clp != NULL; clp = clp->list.tqe_next) { |
2937 | - if (!process_clnt_dir_files(clp)) |
2938 | - insert_clnt_poll(clp); |
2939 | - } |
2940 | -} |
2941 | - |
2942 | -/* Search for a client by directory name, return 1 if found, 0 otherwise */ |
2943 | -static int |
2944 | -find_client(char *dirname, char *pdir) |
2945 | -{ |
2946 | - struct clnt_info *clp; |
2947 | - char fname[PATH_MAX]; |
2948 | - |
2949 | - for (clp = clnt_list.tqh_first; clp != NULL; clp = clp->list.tqe_next) { |
2950 | - snprintf(fname, sizeof(fname), "%s/%s", pdir, dirname); |
2951 | - if (strcmp(clp->dirname, fname) == 0) |
2952 | - return 1; |
2953 | - } |
2954 | - return 0; |
2955 | -} |
2956 | - |
2957 | -static int |
2958 | -process_pipedir(char *pipe_name) |
2959 | -{ |
2960 | - struct dirent **namelist; |
2961 | - int i, j; |
2962 | - |
2963 | - if (chdir(pipe_name) < 0) { |
2964 | - printerr(0, "ERROR: can't chdir to %s: %s\n", |
2965 | - pipe_name, strerror(errno)); |
2966 | - return -1; |
2967 | - } |
2968 | - |
2969 | - j = scandir(pipe_name, &namelist, NULL, alphasort); |
2970 | - if (j < 0) { |
2971 | - printerr(0, "ERROR: can't scandir %s: %s\n", |
2972 | - pipe_name, strerror(errno)); |
2973 | - return -1; |
2974 | - } |
2975 | - |
2976 | - update_old_clients(namelist, j, pipe_name); |
2977 | - for (i=0; i < j; i++) { |
2978 | - if (i < FD_ALLOC_BLOCK |
2979 | - && !strncmp(namelist[i]->d_name, "clnt", 4) |
2980 | - && !find_client(namelist[i]->d_name, pipe_name)) |
2981 | - process_clnt_dir(namelist[i]->d_name, pipe_name); |
2982 | - free(namelist[i]); |
2983 | - } |
2984 | - |
2985 | - free(namelist); |
2986 | - |
2987 | - return 0; |
2988 | -} |
2989 | - |
2990 | -/* Used to read (and re-read) list of clients, set up poll array. */ |
2991 | -int |
2992 | -update_client_list(void) |
2993 | -{ |
2994 | - int retval = -1; |
2995 | - struct topdirs_info *tdi; |
2996 | - |
2997 | - TAILQ_FOREACH(tdi, &topdirs_list, list) { |
2998 | - retval = process_pipedir(tdi->dirname); |
2999 | - if (retval) |
3000 | - printerr(1, "WARNING: error processing %s\n", |
3001 | - tdi->dirname); |
3002 | - |
3003 | - } |
3004 | - return retval; |
3005 | -} |
3006 | - |
3007 | -/* Encryption types supported by the kernel rpcsec_gss code */ |
3008 | -int num_krb5_enctypes = 0; |
3009 | -krb5_enctype *krb5_enctypes = NULL; |
3010 | - |
3011 | -/* |
3012 | - * Parse the supported encryption type information |
3013 | - */ |
3014 | -static int |
3015 | -parse_enctypes(char *enctypes) |
3016 | -{ |
3017 | - int n = 0; |
3018 | - char *curr, *comma; |
3019 | - int i; |
3020 | - static char *cached_types; |
3021 | - |
3022 | - if (cached_types && strcmp(cached_types, enctypes) == 0) |
3023 | - return 0; |
3024 | - free(cached_types); |
3025 | - |
3026 | - if (krb5_enctypes != NULL) { |
3027 | - free(krb5_enctypes); |
3028 | - krb5_enctypes = NULL; |
3029 | - num_krb5_enctypes = 0; |
3030 | - } |
3031 | - |
3032 | - /* count the number of commas */ |
3033 | - for (curr = enctypes; curr && *curr != '\0'; curr = ++comma) { |
3034 | - comma = strchr(curr, ','); |
3035 | - if (comma != NULL) |
3036 | - n++; |
3037 | - else |
3038 | - break; |
3039 | - } |
3040 | - /* If no more commas and we're not at the end, there's one more value */ |
3041 | - if (*curr != '\0') |
3042 | - n++; |
3043 | - |
3044 | - /* Empty string, return an error */ |
3045 | - if (n == 0) |
3046 | - return ENOENT; |
3047 | - |
3048 | - /* Allocate space for enctypes array */ |
3049 | - if ((krb5_enctypes = (int *) calloc(n, sizeof(int))) == NULL) { |
3050 | - return ENOMEM; |
3051 | - } |
3052 | - |
3053 | - /* Now parse each value into the array */ |
3054 | - for (curr = enctypes, i = 0; curr && *curr != '\0'; curr = ++comma) { |
3055 | - krb5_enctypes[i++] = atoi(curr); |
3056 | - comma = strchr(curr, ','); |
3057 | - if (comma == NULL) |
3058 | - break; |
3059 | - } |
3060 | - |
3061 | - num_krb5_enctypes = n; |
3062 | - if ((cached_types = malloc(strlen(enctypes)+1))) |
3063 | - strcpy(cached_types, enctypes); |
3064 | - |
3065 | - return 0; |
3066 | -} |
3067 | - |
3068 | -static int |
3069 | -do_downcall(int k5_fd, uid_t uid, struct authgss_private_data *pd, |
3070 | - gss_buffer_desc *context_token) |
3071 | -{ |
3072 | - char *buf = NULL, *p = NULL, *end = NULL; |
3073 | - unsigned int timeout = context_timeout; |
3074 | - unsigned int buf_size = 0; |
3075 | - |
3076 | - printerr(1, "doing downcall\n"); |
3077 | - buf_size = sizeof(uid) + sizeof(timeout) + sizeof(pd->pd_seq_win) + |
3078 | - sizeof(pd->pd_ctx_hndl.length) + pd->pd_ctx_hndl.length + |
3079 | - sizeof(context_token->length) + context_token->length; |
3080 | - p = buf = malloc(buf_size); |
3081 | - end = buf + buf_size; |
3082 | - |
3083 | - if (WRITE_BYTES(&p, end, uid)) goto out_err; |
3084 | - if (WRITE_BYTES(&p, end, timeout)) goto out_err; |
3085 | - if (WRITE_BYTES(&p, end, pd->pd_seq_win)) goto out_err; |
3086 | - if (write_buffer(&p, end, &pd->pd_ctx_hndl)) goto out_err; |
3087 | - if (write_buffer(&p, end, context_token)) goto out_err; |
3088 | - |
3089 | - if (write(k5_fd, buf, p - buf) < p - buf) goto out_err; |
3090 | - if (buf) free(buf); |
3091 | - return 0; |
3092 | -out_err: |
3093 | - if (buf) free(buf); |
3094 | - printerr(1, "Failed to write downcall!\n"); |
3095 | - return -1; |
3096 | -} |
3097 | - |
3098 | -static int |
3099 | -do_error_downcall(int k5_fd, uid_t uid, int err) |
3100 | -{ |
3101 | - char buf[1024]; |
3102 | - char *p = buf, *end = buf + 1024; |
3103 | - unsigned int timeout = 0; |
3104 | - int zero = 0; |
3105 | - |
3106 | - printerr(1, "doing error downcall\n"); |
3107 | - |
3108 | - if (WRITE_BYTES(&p, end, uid)) goto out_err; |
3109 | - if (WRITE_BYTES(&p, end, timeout)) goto out_err; |
3110 | - /* use seq_win = 0 to indicate an error: */ |
3111 | - if (WRITE_BYTES(&p, end, zero)) goto out_err; |
3112 | - if (WRITE_BYTES(&p, end, err)) goto out_err; |
3113 | - |
3114 | - if (write(k5_fd, buf, p - buf) < p - buf) goto out_err; |
3115 | - return 0; |
3116 | -out_err: |
3117 | - printerr(1, "Failed to write error downcall!\n"); |
3118 | - return -1; |
3119 | -} |
3120 | - |
3121 | -/* |
3122 | - * If the port isn't already set, do an rpcbind query to the remote server |
3123 | - * using the program and version and get the port. |
3124 | - * |
3125 | - * Newer kernels send the value of the port= mount option in the "info" |
3126 | - * file for the upcall or '0' for NFSv2/3. For NFSv4 it sends the value |
3127 | - * of the port= option or '2049'. The port field in a new sockaddr should |
3128 | - * reflect the value that was sent by the kernel. |
3129 | - */ |
3130 | -static int |
3131 | -populate_port(struct sockaddr *sa, const socklen_t salen, |
3132 | - const rpcprog_t program, const rpcvers_t version, |
3133 | - const unsigned short protocol) |
3134 | -{ |
3135 | - struct sockaddr_in *s4 = (struct sockaddr_in *) sa; |
3136 | -#ifdef IPV6_SUPPORTED |
3137 | - struct sockaddr_in6 *s6 = (struct sockaddr_in6 *) sa; |
3138 | -#endif /* IPV6_SUPPORTED */ |
3139 | - unsigned short port; |
3140 | - |
3141 | - /* |
3142 | - * Newer kernels send the port in the upcall. If we already have |
3143 | - * the port, there's no need to look it up. |
3144 | - */ |
3145 | - switch (sa->sa_family) { |
3146 | - case AF_INET: |
3147 | - if (s4->sin_port != 0) { |
3148 | - printerr(2, "DEBUG: port already set to %d\n", |
3149 | - ntohs(s4->sin_port)); |
3150 | - return 1; |
3151 | - } |
3152 | - break; |
3153 | -#ifdef IPV6_SUPPORTED |
3154 | - case AF_INET6: |
3155 | - if (s6->sin6_port != 0) { |
3156 | - printerr(2, "DEBUG: port already set to %d\n", |
3157 | - ntohs(s6->sin6_port)); |
3158 | - return 1; |
3159 | - } |
3160 | - break; |
3161 | -#endif /* IPV6_SUPPORTED */ |
3162 | - default: |
3163 | - printerr(0, "ERROR: unsupported address family %d\n", |
3164 | - sa->sa_family); |
3165 | - return 0; |
3166 | - } |
3167 | - |
3168 | - /* |
3169 | - * Newer kernels that send the port in the upcall set the value to |
3170 | - * 2049 for NFSv4 mounts when one isn't specified. The check below is |
3171 | - * only for kernels that don't send the port in the upcall. For those |
3172 | - * we either have to do an rpcbind query or set it to the standard |
3173 | - * port. Doing a query could be problematic (firewalls, etc), so take |
3174 | - * the latter approach. |
3175 | - */ |
3176 | - if (program == 100003 && version == 4) { |
3177 | - port = 2049; |
3178 | - goto set_port; |
3179 | - } |
3180 | - |
3181 | - port = nfs_getport(sa, salen, program, version, protocol); |
3182 | - if (!port) { |
3183 | - printerr(0, "ERROR: unable to obtain port for prog %ld " |
3184 | - "vers %ld\n", program, version); |
3185 | - return 0; |
3186 | - } |
3187 | - |
3188 | -set_port: |
3189 | - printerr(2, "DEBUG: setting port to %hu for prog %lu vers %lu\n", port, |
3190 | - program, version); |
3191 | - |
3192 | - switch (sa->sa_family) { |
3193 | - case AF_INET: |
3194 | - s4->sin_port = htons(port); |
3195 | - break; |
3196 | -#ifdef IPV6_SUPPORTED |
3197 | - case AF_INET6: |
3198 | - s6->sin6_port = htons(port); |
3199 | - break; |
3200 | -#endif /* IPV6_SUPPORTED */ |
3201 | - } |
3202 | - |
3203 | - return 1; |
3204 | -} |
3205 | - |
3206 | -/* |
3207 | - * Create an RPC connection and establish an authenticated |
3208 | - * gss context with a server. |
3209 | - */ |
3210 | -int create_auth_rpc_client(struct clnt_info *clp, |
3211 | - CLIENT **clnt_return, |
3212 | - AUTH **auth_return, |
3213 | - uid_t uid, |
3214 | - int authtype) |
3215 | -{ |
3216 | - CLIENT *rpc_clnt = NULL; |
3217 | - struct rpc_gss_sec sec; |
3218 | - AUTH *auth = NULL; |
3219 | - uid_t save_uid = -1; |
3220 | - int retval = -1; |
3221 | - OM_uint32 min_stat; |
3222 | - char rpc_errmsg[1024]; |
3223 | - int protocol; |
3224 | - struct timeval timeout = {5, 0}; |
3225 | - struct sockaddr *addr = (struct sockaddr *) &clp->addr; |
3226 | - socklen_t salen; |
3227 | - |
3228 | - /* Create the context as the user (not as root) */ |
3229 | - save_uid = geteuid(); |
3230 | - if (setfsuid(uid) != 0) { |
3231 | - printerr(0, "WARNING: Failed to setfsuid for " |
3232 | - "user with uid %d\n", uid); |
3233 | - goto out_fail; |
3234 | - } |
3235 | - printerr(2, "creating context using fsuid %d (save_uid %d)\n", |
3236 | - uid, save_uid); |
3237 | - |
3238 | - sec.qop = GSS_C_QOP_DEFAULT; |
3239 | - sec.svc = RPCSEC_GSS_SVC_NONE; |
3240 | - sec.cred = GSS_C_NO_CREDENTIAL; |
3241 | - sec.req_flags = 0; |
3242 | - if (authtype == AUTHTYPE_KRB5) { |
3243 | - sec.mech = (gss_OID)&krb5oid; |
3244 | - sec.req_flags = GSS_C_MUTUAL_FLAG; |
3245 | - } |
3246 | - else { |
3247 | - printerr(0, "ERROR: Invalid authentication type (%d) " |
3248 | - "in create_auth_rpc_client\n", authtype); |
3249 | - goto out_fail; |
3250 | - } |
3251 | - |
3252 | - |
3253 | - if (authtype == AUTHTYPE_KRB5) { |
3254 | -#ifdef HAVE_SET_ALLOWABLE_ENCTYPES |
3255 | - /* |
3256 | - * Do this before creating rpc connection since we won't need |
3257 | - * rpc connection if it fails! |
3258 | - */ |
3259 | - if (limit_krb5_enctypes(&sec)) { |
3260 | - printerr(1, "WARNING: Failed while limiting krb5 " |
3261 | - "encryption types for user with uid %d\n", |
3262 | - uid); |
3263 | - goto out_fail; |
3264 | - } |
3265 | -#endif |
3266 | - } |
3267 | - |
3268 | - /* create an rpc connection to the nfs server */ |
3269 | - |
3270 | - printerr(2, "creating %s client for server %s\n", clp->protocol, |
3271 | - clp->servername); |
3272 | - |
3273 | - if ((strcmp(clp->protocol, "tcp")) == 0) { |
3274 | - protocol = IPPROTO_TCP; |
3275 | - } else if ((strcmp(clp->protocol, "udp")) == 0) { |
3276 | - protocol = IPPROTO_UDP; |
3277 | - } else { |
3278 | - printerr(0, "WARNING: unrecognized protocol, '%s', requested " |
3279 | - "for connection to server %s for user with uid %d\n", |
3280 | - clp->protocol, clp->servername, uid); |
3281 | - goto out_fail; |
3282 | - } |
3283 | - |
3284 | - switch (addr->sa_family) { |
3285 | - case AF_INET: |
3286 | - salen = sizeof(struct sockaddr_in); |
3287 | - break; |
3288 | -#ifdef IPV6_SUPPORTED |
3289 | - case AF_INET6: |
3290 | - salen = sizeof(struct sockaddr_in6); |
3291 | - break; |
3292 | -#endif /* IPV6_SUPPORTED */ |
3293 | - default: |
3294 | - printerr(1, "ERROR: Unknown address family %d\n", |
3295 | - addr->sa_family); |
3296 | - goto out_fail; |
3297 | - } |
3298 | - |
3299 | - if (!populate_port(addr, salen, clp->prog, clp->vers, protocol)) |
3300 | - goto out_fail; |
3301 | - |
3302 | - rpc_clnt = nfs_get_rpcclient(addr, salen, protocol, clp->prog, |
3303 | - clp->vers, &timeout); |
3304 | - if (!rpc_clnt) { |
3305 | - snprintf(rpc_errmsg, sizeof(rpc_errmsg), |
3306 | - "WARNING: can't create %s rpc_clnt to server %s for " |
3307 | - "user with uid %d", |
3308 | - protocol == IPPROTO_TCP ? "tcp" : "udp", |
3309 | - clp->servername, uid); |
3310 | - printerr(0, "%s\n", |
3311 | - clnt_spcreateerror(rpc_errmsg)); |
3312 | - goto out_fail; |
3313 | - } |
3314 | - |
3315 | - printerr(2, "creating context with server %s\n", clp->servicename); |
3316 | - auth = authgss_create_default(rpc_clnt, clp->servicename, &sec); |
3317 | - if (!auth) { |
3318 | - /* Our caller should print appropriate message */ |
3319 | - printerr(2, "WARNING: Failed to create krb5 context for " |
3320 | - "user with uid %d for server %s\n", |
3321 | - uid, clp->servername); |
3322 | - goto out_fail; |
3323 | - } |
3324 | - |
3325 | - /* Success !!! */ |
3326 | - rpc_clnt->cl_auth = auth; |
3327 | - *clnt_return = rpc_clnt; |
3328 | - *auth_return = auth; |
3329 | - retval = 0; |
3330 | - |
3331 | - out: |
3332 | - if (sec.cred != GSS_C_NO_CREDENTIAL) |
3333 | - gss_release_cred(&min_stat, &sec.cred); |
3334 | - /* Restore euid to original value */ |
3335 | - if (((int)save_uid != -1) && (setfsuid(save_uid) != (int)uid)) { |
3336 | - printerr(0, "WARNING: Failed to restore fsuid" |
3337 | - " to uid %d from %d\n", save_uid, uid); |
3338 | - } |
3339 | - return retval; |
3340 | - |
3341 | - out_fail: |
3342 | - /* Only destroy here if failure. Otherwise, caller is responsible */ |
3343 | - if (rpc_clnt) clnt_destroy(rpc_clnt); |
3344 | - |
3345 | - goto out; |
3346 | -} |
3347 | - |
3348 | -static char * |
3349 | -user_cachedir(char *dirname, uid_t uid) |
3350 | -{ |
3351 | - struct passwd *pw; |
3352 | - char *ptr; |
3353 | - |
3354 | - if ((pw = getpwuid(uid)) == NULL) { |
3355 | - printerr(0, "user_cachedir: Failed to find '%d' uid" |
3356 | - " for cache directory\n"); |
3357 | - return NULL; |
3358 | - } |
3359 | - ptr = malloc(strlen(dirname)+strlen(pw->pw_name)+2); |
3360 | - if (ptr) |
3361 | - sprintf(ptr, "%s/%s", dirname, pw->pw_name); |
3362 | - |
3363 | - return ptr; |
3364 | -} |
3365 | -/* |
3366 | - * this code uses the userland rpcsec gss library to create a krb5 |
3367 | - * context on behalf of the kernel |
3368 | - */ |
3369 | -static void |
3370 | -process_krb5_upcall(struct clnt_info *clp, uid_t uid, int fd, char *tgtname, |
3371 | - char *service) |
3372 | -{ |
3373 | - CLIENT *rpc_clnt = NULL; |
3374 | - AUTH *auth = NULL; |
3375 | - struct authgss_private_data pd; |
3376 | - gss_buffer_desc token; |
3377 | - char **credlist = NULL; |
3378 | - char **ccname; |
3379 | - char **dirname, *dir, *userdir; |
3380 | - int create_resp = -1; |
3381 | - int err, downcall_err = -EACCES; |
3382 | - |
3383 | - printerr(1, "handling krb5 upcall (%s)\n", clp->dirname); |
3384 | - |
3385 | - if (tgtname) { |
3386 | - if (clp->servicename) { |
3387 | - free(clp->servicename); |
3388 | - clp->servicename = strdup(tgtname); |
3389 | - } |
3390 | - } |
3391 | - token.length = 0; |
3392 | - token.value = NULL; |
3393 | - memset(&pd, 0, sizeof(struct authgss_private_data)); |
3394 | - |
3395 | - /* |
3396 | - * If "service" is specified, then the kernel is indicating that |
3397 | - * we must use machine credentials for this request. (Regardless |
3398 | - * of the uid value or the setting of root_uses_machine_creds.) |
3399 | - * If the service value is "*", then any service name can be used. |
3400 | - * Otherwise, it specifies the service name that should be used. |
3401 | - * (For now, the values of service will only be "*" or "nfs".) |
3402 | - * |
3403 | - * Restricting gssd to use "nfs" service name is needed for when |
3404 | - * the NFS server is doing a callback to the NFS client. In this |
3405 | - * case, the NFS server has to authenticate itself as "nfs" -- |
3406 | - * even if there are other service keys such as "host" or "root" |
3407 | - * in the keytab. |
3408 | - * |
3409 | - * Another case when the kernel may specify the service attribute |
3410 | - * is when gssd is being asked to create the context for a |
3411 | - * SETCLIENT_ID operation. In this case, machine credentials |
3412 | - * must be used for the authentication. However, the service name |
3413 | - * used for this case is not important. |
3414 | - * |
3415 | - */ |
3416 | - printerr(2, "%s: service is '%s'\n", __func__, |
3417 | - service ? service : "<null>"); |
3418 | - if (uid != 0 || (uid == 0 && root_uses_machine_creds == 0 && |
3419 | - service == NULL)) { |
3420 | - /* Tell krb5 gss which credentials cache to use */ |
3421 | - for (dirname = ccachesearch; *dirname != NULL; dirname++) { |
3422 | - /* See if the user name is needed */ |
3423 | - if (strncmp(*dirname, GSSD_USER_CRED_DIR, |
3424 | - strlen(GSSD_USER_CRED_DIR)) == 0) { |
3425 | - userdir = user_cachedir(*dirname, uid); |
3426 | - if (userdir == NULL) |
3427 | - continue; |
3428 | - dir = userdir; |
3429 | - } else |
3430 | - dir = *dirname; |
3431 | - |
3432 | - err = gssd_setup_krb5_user_gss_ccache(uid, clp->servername, dir); |
3433 | - |
3434 | - if (userdir) { |
3435 | - free(userdir); |
3436 | - userdir = NULL; |
3437 | - } |
3438 | - if (err == -EKEYEXPIRED) |
3439 | - downcall_err = -EKEYEXPIRED; |
3440 | - else if (!err) |
3441 | - create_resp = create_auth_rpc_client(clp, &rpc_clnt, &auth, uid, |
3442 | - AUTHTYPE_KRB5); |
3443 | - if (create_resp == 0) |
3444 | - break; |
3445 | - } |
3446 | - } |
3447 | - if (create_resp != 0) { |
3448 | - if (uid == 0 && (root_uses_machine_creds == 1 || |
3449 | - service != NULL)) { |
3450 | - int nocache = 0; |
3451 | - int success = 0; |
3452 | - do { |
3453 | - gssd_refresh_krb5_machine_credential(clp->servername, |
3454 | - NULL, service); |
3455 | - /* |
3456 | - * Get a list of credential cache names and try each |
3457 | - * of them until one works or we've tried them all |
3458 | - */ |
3459 | - if (gssd_get_krb5_machine_cred_list(&credlist)) { |
3460 | - printerr(0, "ERROR: No credentials found " |
3461 | - "for connection to server %s\n", |
3462 | - clp->servername); |
3463 | - goto out_return_error; |
3464 | - } |
3465 | - for (ccname = credlist; ccname && *ccname; ccname++) { |
3466 | - gssd_setup_krb5_machine_gss_ccache(*ccname); |
3467 | - if ((create_auth_rpc_client(clp, &rpc_clnt, |
3468 | - &auth, uid, |
3469 | - AUTHTYPE_KRB5)) == 0) { |
3470 | - /* Success! */ |
3471 | - success++; |
3472 | - break; |
3473 | - } |
3474 | - printerr(2, "WARNING: Failed to create machine krb5 context " |
3475 | - "with credentials cache %s for server %s\n", |
3476 | - *ccname, clp->servername); |
3477 | - } |
3478 | - gssd_free_krb5_machine_cred_list(credlist); |
3479 | - if (!success) { |
3480 | - if(nocache == 0) { |
3481 | - nocache++; |
3482 | - printerr(2, "WARNING: Machine cache is prematurely expired or corrupted " |
3483 | - "trying to recreate cache for server %s\n", clp->servername); |
3484 | - } else { |
3485 | - printerr(1, "WARNING: Failed to create machine krb5 context " |
3486 | - "with any credentials cache for server %s\n", |
3487 | - clp->servername); |
3488 | - goto out_return_error; |
3489 | - } |
3490 | - } |
3491 | - } while(!success); |
3492 | - } else { |
3493 | - printerr(1, "WARNING: Failed to create krb5 context " |
3494 | - "for user with uid %d for server %s\n", |
3495 | - uid, clp->servername); |
3496 | - goto out_return_error; |
3497 | - } |
3498 | - } |
3499 | - |
3500 | - if (!authgss_get_private_data(auth, &pd)) { |
3501 | - printerr(1, "WARNING: Failed to obtain authentication " |
3502 | - "data for user with uid %d for server %s\n", |
3503 | - uid, clp->servername); |
3504 | - goto out_return_error; |
3505 | - } |
3506 | - |
3507 | - if (serialize_context_for_kernel(pd.pd_ctx, &token, &krb5oid, NULL)) { |
3508 | - printerr(0, "WARNING: Failed to serialize krb5 context for " |
3509 | - "user with uid %d for server %s\n", |
3510 | - uid, clp->servername); |
3511 | - goto out_return_error; |
3512 | - } |
3513 | - |
3514 | - do_downcall(fd, uid, &pd, &token); |
3515 | - |
3516 | -out: |
3517 | - if (token.value) |
3518 | - free(token.value); |
3519 | -#ifndef HAVE_LIBTIRPC |
3520 | - if (pd.pd_ctx_hndl.length != 0) |
3521 | - authgss_free_private_data(&pd); |
3522 | -#endif |
3523 | - if (auth) |
3524 | - AUTH_DESTROY(auth); |
3525 | - if (rpc_clnt) |
3526 | - clnt_destroy(rpc_clnt); |
3527 | - return; |
3528 | - |
3529 | -out_return_error: |
3530 | - do_error_downcall(fd, uid, downcall_err); |
3531 | - goto out; |
3532 | -} |
3533 | - |
3534 | -void |
3535 | -handle_krb5_upcall(struct clnt_info *clp) |
3536 | -{ |
3537 | - uid_t uid; |
3538 | - |
3539 | - if (read(clp->krb5_fd, &uid, sizeof(uid)) < (ssize_t)sizeof(uid)) { |
3540 | - printerr(0, "WARNING: failed reading uid from krb5 " |
3541 | - "upcall pipe: %s\n", strerror(errno)); |
3542 | - return; |
3543 | - } |
3544 | - |
3545 | - return process_krb5_upcall(clp, uid, clp->krb5_fd, NULL, NULL); |
3546 | -} |
3547 | - |
3548 | -void |
3549 | -handle_gssd_upcall(struct clnt_info *clp) |
3550 | -{ |
3551 | - uid_t uid; |
3552 | - char *lbuf = NULL; |
3553 | - int lbuflen = 0; |
3554 | - char *p; |
3555 | - char *mech = NULL; |
3556 | - char *target = NULL; |
3557 | - char *service = NULL; |
3558 | - char *enctypes = NULL; |
3559 | - |
3560 | - printerr(1, "handling gssd upcall (%s)\n", clp->dirname); |
3561 | - |
3562 | - if (readline(clp->gssd_fd, &lbuf, &lbuflen) != 1) { |
3563 | - printerr(0, "WARNING: handle_gssd_upcall: " |
3564 | - "failed reading request\n"); |
3565 | - return; |
3566 | - } |
3567 | - printerr(2, "%s: '%s'\n", __func__, lbuf); |
3568 | - |
3569 | - /* find the mechanism name */ |
3570 | - if ((p = strstr(lbuf, "mech=")) != NULL) { |
3571 | - mech = malloc(lbuflen); |
3572 | - if (!mech) |
3573 | - goto out; |
3574 | - if (sscanf(p, "mech=%s", mech) != 1) { |
3575 | - printerr(0, "WARNING: handle_gssd_upcall: " |
3576 | - "failed to parse gss mechanism name " |
3577 | - "in upcall string '%s'\n", lbuf); |
3578 | - goto out; |
3579 | - } |
3580 | - } else { |
3581 | - printerr(0, "WARNING: handle_gssd_upcall: " |
3582 | - "failed to find gss mechanism name " |
3583 | - "in upcall string '%s'\n", lbuf); |
3584 | - goto out; |
3585 | - } |
3586 | - |
3587 | - /* read uid */ |
3588 | - if ((p = strstr(lbuf, "uid=")) != NULL) { |
3589 | - if (sscanf(p, "uid=%d", &uid) != 1) { |
3590 | - printerr(0, "WARNING: handle_gssd_upcall: " |
3591 | - "failed to parse uid " |
3592 | - "in upcall string '%s'\n", lbuf); |
3593 | - goto out; |
3594 | - } |
3595 | - } else { |
3596 | - printerr(0, "WARNING: handle_gssd_upcall: " |
3597 | - "failed to find uid " |
3598 | - "in upcall string '%s'\n", lbuf); |
3599 | - goto out; |
3600 | - } |
3601 | - |
3602 | - /* read supported encryption types if supplied */ |
3603 | - if ((p = strstr(lbuf, "enctypes=")) != NULL) { |
3604 | - enctypes = malloc(lbuflen); |
3605 | - if (!enctypes) |
3606 | - goto out; |
3607 | - if (sscanf(p, "enctypes=%s", enctypes) != 1) { |
3608 | - printerr(0, "WARNING: handle_gssd_upcall: " |
3609 | - "failed to parse encryption types " |
3610 | - "in upcall string '%s'\n", lbuf); |
3611 | - goto out; |
3612 | - } |
3613 | - if (parse_enctypes(enctypes) != 0) { |
3614 | - printerr(0, "WARNING: handle_gssd_upcall: " |
3615 | - "parsing encryption types failed: errno %d\n", errno); |
3616 | - } |
3617 | - } |
3618 | - |
3619 | - /* read target name */ |
3620 | - if ((p = strstr(lbuf, "target=")) != NULL) { |
3621 | - target = malloc(lbuflen); |
3622 | - if (!target) |
3623 | - goto out; |
3624 | - if (sscanf(p, "target=%s", target) != 1) { |
3625 | - printerr(0, "WARNING: handle_gssd_upcall: " |
3626 | - "failed to parse target name " |
3627 | - "in upcall string '%s'\n", lbuf); |
3628 | - goto out; |
3629 | - } |
3630 | - } |
3631 | - |
3632 | - /* |
3633 | - * read the service name |
3634 | - * |
3635 | - * The presence of attribute "service=" indicates that machine |
3636 | - * credentials should be used for this request. If the value |
3637 | - * is "*", then any machine credentials available can be used. |
3638 | - * If the value is anything else, then machine credentials for |
3639 | - * the specified service name (always "nfs" for now) should be |
3640 | - * used. |
3641 | - */ |
3642 | - if ((p = strstr(lbuf, "service=")) != NULL) { |
3643 | - service = malloc(lbuflen); |
3644 | - if (!service) |
3645 | - goto out; |
3646 | - if (sscanf(p, "service=%s", service) != 1) { |
3647 | - printerr(0, "WARNING: handle_gssd_upcall: " |
3648 | - "failed to parse service type " |
3649 | - "in upcall string '%s'\n", lbuf); |
3650 | - goto out; |
3651 | - } |
3652 | - } |
3653 | - |
3654 | - if (strcmp(mech, "krb5") == 0) |
3655 | - process_krb5_upcall(clp, uid, clp->gssd_fd, target, service); |
3656 | - else |
3657 | - printerr(0, "WARNING: handle_gssd_upcall: " |
3658 | - "received unknown gss mech '%s'\n", mech); |
3659 | - |
3660 | -out: |
3661 | - free(lbuf); |
3662 | - free(mech); |
3663 | - free(enctypes); |
3664 | - free(target); |
3665 | - free(service); |
3666 | - return; |
3667 | -} |
3668 | - |
3669 | |
3670 | === removed directory '.pc/16-mount.nfs.man-update-distinction-between-fstype.patch' |
3671 | === removed directory '.pc/16-mount.nfs.man-update-distinction-between-fstype.patch/utils' |
3672 | === removed directory '.pc/16-mount.nfs.man-update-distinction-between-fstype.patch/utils/mount' |
3673 | === removed file '.pc/16-mount.nfs.man-update-distinction-between-fstype.patch/utils/mount/mount.nfs.man' |
3674 | --- .pc/16-mount.nfs.man-update-distinction-between-fstype.patch/utils/mount/mount.nfs.man 2011-03-27 18:54:45 +0000 |
3675 | +++ .pc/16-mount.nfs.man-update-distinction-between-fstype.patch/utils/mount/mount.nfs.man 1970-01-01 00:00:00 +0000 |
3676 | @@ -1,86 +0,0 @@ |
3677 | -.\"@(#)mount.nfs.8" |
3678 | -.TH MOUNT.NFS 8 "5 Jun 2006" |
3679 | -.SH NAME |
3680 | -mount.nfs, mount.nfs4 \- mount a Network File System |
3681 | -.SH SYNOPSIS |
3682 | -.BI "mount.nfs" " remotetarget dir" " [\-rvVwfnsh ] [\-o " options "] |
3683 | -.SH DESCRIPTION |
3684 | -.BR mount.nfs |
3685 | -is a part of |
3686 | -.BR nfs (5) |
3687 | -utilities package, which provides NFS client functionality. |
3688 | - |
3689 | -.BR mount.nfs |
3690 | -is meant to be used by the |
3691 | -.BR mount (8) |
3692 | -command for mounting NFS shares. This subcommand, however, can also be used as a standalone command with limited functionality. |
3693 | - |
3694 | -.BR mount.nfs4 |
3695 | -is used for mounting NFSv4 file system, while |
3696 | -.BR mount.nfs |
3697 | -is used to mount NFS file systems versions 3 or 2. |
3698 | -.I remotetarget |
3699 | -is a server share usually in the form of |
3700 | -.BR servername:/path/to/share. |
3701 | -.I dir |
3702 | -is the directory on which the file system is to be mounted. |
3703 | - |
3704 | -.SH OPTIONS |
3705 | -.TP |
3706 | -.BI "\-r" |
3707 | -Mount file system readonly. |
3708 | -.TP |
3709 | -.BI "\-v" |
3710 | -Be verbose. |
3711 | -.TP |
3712 | -.BI "\-V" |
3713 | -Print version. |
3714 | -.TP |
3715 | -.BI "\-w" |
3716 | -Mount file system read-write. |
3717 | -.TP |
3718 | -.BI "\-f" |
3719 | -Fake mount. Don't actually call the mount system call. |
3720 | -.TP |
3721 | -.BI "\-n" |
3722 | -Do not update |
3723 | -.I /etc/mtab. |
3724 | -By default, an entry is created in |
3725 | -.I /etc/mtab |
3726 | -for every mounted file system. Use this option to skip making an entry. |
3727 | -.TP |
3728 | -.BI "\-s" |
3729 | -Tolerate sloppy mount options rather than fail. |
3730 | -.TP |
3731 | -.BI "\-h" |
3732 | -Print help message. |
3733 | -.TP |
3734 | -.BI "nfsoptions" |
3735 | -Refer to |
3736 | -.BR nfs (5) |
3737 | -or |
3738 | -.BR mount (8) |
3739 | -manual pages. |
3740 | - |
3741 | -.SH NOTE |
3742 | -For further information please refer |
3743 | -.BR nfs (5) |
3744 | -and |
3745 | -.BR mount (8) |
3746 | -manual pages. |
3747 | - |
3748 | -.SH FILES |
3749 | -.TP 18n |
3750 | -.I /etc/fstab |
3751 | -file system table |
3752 | -.TP |
3753 | -.I /etc/mtab |
3754 | -table of mounted file systems |
3755 | - |
3756 | -.PD |
3757 | -.SH "SEE ALSO" |
3758 | -.BR nfs (5), |
3759 | -.BR mount (8), |
3760 | - |
3761 | -.SH "AUTHOR" |
3762 | -Amit Gud <agud@redhat.com> |
3763 | |
3764 | === removed directory '.pc/17-multiarch-kerberos-paths.patch' |
3765 | === removed directory '.pc/17-multiarch-kerberos-paths.patch/aclocal' |
3766 | === removed file '.pc/17-multiarch-kerberos-paths.patch/aclocal/kerberos5.m4' |
3767 | --- .pc/17-multiarch-kerberos-paths.patch/aclocal/kerberos5.m4 2012-05-25 20:41:58 +0000 |
3768 | +++ .pc/17-multiarch-kerberos-paths.patch/aclocal/kerberos5.m4 1970-01-01 00:00:00 +0000 |
3769 | @@ -1,115 +0,0 @@ |
3770 | -dnl Checks for Kerberos |
3771 | -dnl NOTE: while we intend to do generic gss-api, currently we |
3772 | -dnl have a requirement to get an initial Kerberos machine |
3773 | -dnl credential. Thus, the requirement for Kerberos. |
3774 | -dnl The Kerberos gssapi library will be dynamically loaded? |
3775 | -AC_DEFUN([AC_KERBEROS_V5],[ |
3776 | - AC_MSG_CHECKING(for Kerberos v5) |
3777 | - AC_ARG_WITH(krb5, |
3778 | - [AC_HELP_STRING([--with-krb5=DIR], [use Kerberos v5 installation in DIR])], |
3779 | - [ case "$withval" in |
3780 | - yes|no) |
3781 | - krb5_with="" |
3782 | - ;; |
3783 | - *) |
3784 | - krb5_with="$withval" |
3785 | - ;; |
3786 | - esac ] |
3787 | - ) |
3788 | - |
3789 | - for dir in $krb5_with /usr /usr/kerberos /usr/local /usr/local/krb5 \ |
3790 | - /usr/krb5 /usr/heimdal /usr/local/heimdal /usr/athena ; do |
3791 | - dnl This ugly hack brought on by the split installation of |
3792 | - dnl MIT Kerberos on Fedora Core 1 |
3793 | - K5CONFIG="" |
3794 | - if test -f $dir/bin/krb5-config; then |
3795 | - K5CONFIG=$dir/bin/krb5-config |
3796 | - elif test -f "/usr/kerberos/bin/krb5-config"; then |
3797 | - K5CONFIG="/usr/kerberos/bin/krb5-config" |
3798 | - elif test -f "/usr/lib/mit/bin/krb5-config"; then |
3799 | - K5CONFIG="/usr/lib/mit/bin/krb5-config" |
3800 | - fi |
3801 | - if test "$K5CONFIG" != ""; then |
3802 | - KRBCFLAGS=`$K5CONFIG --cflags` |
3803 | - KRBLIBS=`$K5CONFIG --libs` |
3804 | - K5VERS=`$K5CONFIG --version | head -n 1 | awk '{split($(4),v,"."); if (v@<:@"3"@:>@ == "") v@<:@"3"@:>@ = "0"; print v@<:@"1"@:>@v@<:@"2"@:>@v@<:@"3"@:>@ }'` |
3805 | - AC_DEFINE_UNQUOTED(KRB5_VERSION, $K5VERS, [Define this as the Kerberos version number]) |
3806 | - if test -f $dir/include/gssapi/gssapi_krb5.h -a \ |
3807 | - \( -f $dir/lib/libgssapi_krb5.a -o \ |
3808 | - -f $dir/lib64/libgssapi_krb5.a -o \ |
3809 | - -f $dir/lib64/libgssapi_krb5.so -o \ |
3810 | - -f $dir/lib/libgssapi_krb5.so \) ; then |
3811 | - AC_DEFINE(HAVE_KRB5, 1, [Define this if you have MIT Kerberos libraries]) |
3812 | - KRBDIR="$dir" |
3813 | - dnl If we are using MIT K5 1.3.1 and before, we *MUST* use the |
3814 | - dnl private function (gss_krb5_ccache_name) to get correct |
3815 | - dnl behavior of changing the ccache used by gssapi. |
3816 | - dnl Starting in 1.3.2, we *DO NOT* want to use |
3817 | - dnl gss_krb5_ccache_name, instead we want to set KRB5CCNAME |
3818 | - dnl to get gssapi to use a different ccache |
3819 | - if test $K5VERS -le 131; then |
3820 | - AC_DEFINE(USE_GSS_KRB5_CCACHE_NAME, 1, [Define this if the private function, gss_krb5_cache_name, must be used to tell the Kerberos library which credentials cache to use. Otherwise, this is done by setting the KRB5CCNAME environment variable]) |
3821 | - fi |
3822 | - gssapi_lib=gssapi_krb5 |
3823 | - break |
3824 | - dnl The following ugly hack brought on by the split installation |
3825 | - dnl of Heimdal Kerberos on SuSe |
3826 | - elif test \( -f $dir/include/heim_err.h -o\ |
3827 | - -f $dir/include/heimdal/heim_err.h \) -a \ |
3828 | - -f $dir/lib/libroken.a; then |
3829 | - AC_DEFINE(HAVE_HEIMDAL, 1, [Define this if you have Heimdal Kerberos libraries]) |
3830 | - KRBDIR="$dir" |
3831 | - gssapi_lib=gssapi |
3832 | - break |
3833 | - fi |
3834 | - fi |
3835 | - done |
3836 | - dnl We didn't find a usable Kerberos environment |
3837 | - if test "x$KRBDIR" = "x"; then |
3838 | - if test "x$krb5_with" = "x"; then |
3839 | - AC_MSG_ERROR(Kerberos v5 with GSS support not found: consider --disable-gss or --with-krb5=) |
3840 | - else |
3841 | - AC_MSG_ERROR(Kerberos v5 with GSS support not found at $krb5_with) |
3842 | - fi |
3843 | - fi |
3844 | - AC_MSG_RESULT($KRBDIR) |
3845 | - |
3846 | - dnl Check if -rpath=$(KRBDIR)/lib is needed |
3847 | - echo "The current KRBDIR is $KRBDIR" |
3848 | - if test "$KRBDIR/lib" = "/lib" -o "$KRBDIR/lib" = "/usr/lib" \ |
3849 | - -o "$KRBDIR/lib" = "//lib" -o "$KRBDIR/lib" = "/usr//lib" ; then |
3850 | - KRBLDFLAGS=""; |
3851 | - elif /sbin/ldconfig -p | grep > /dev/null "=> $KRBDIR/lib/"; then |
3852 | - KRBLDFLAGS=""; |
3853 | - else |
3854 | - KRBLDFLAGS="-Wl,-rpath=$KRBDIR/lib" |
3855 | - fi |
3856 | - |
3857 | - dnl Now check for functions within gssapi library |
3858 | - AC_CHECK_LIB($gssapi_lib, gss_krb5_export_lucid_sec_context, |
3859 | - AC_DEFINE(HAVE_LUCID_CONTEXT_SUPPORT, 1, [Define this if the Kerberos GSS library supports gss_krb5_export_lucid_sec_context]), ,$KRBLIBS) |
3860 | - AC_CHECK_LIB($gssapi_lib, gss_krb5_set_allowable_enctypes, |
3861 | - AC_DEFINE(HAVE_SET_ALLOWABLE_ENCTYPES, 1, [Define this if the Kerberos GSS library supports gss_krb5_set_allowable_enctypes]), ,$KRBLIBS) |
3862 | - AC_CHECK_LIB($gssapi_lib, gss_krb5_ccache_name, |
3863 | - AC_DEFINE(HAVE_GSS_KRB5_CCACHE_NAME, 1, [Define this if the Kerberos GSS library supports gss_krb5_ccache_name]), ,$KRBLIBS) |
3864 | - |
3865 | - dnl Check for newer error message facility |
3866 | - AC_CHECK_LIB($gssapi_lib, krb5_get_error_message, |
3867 | - AC_DEFINE(HAVE_KRB5_GET_ERROR_MESSAGE, 1, [Define this if the function krb5_get_error_message is available]), ,$KRBLIBS) |
3868 | - |
3869 | - dnl Check for function to specify addressless tickets |
3870 | - AC_CHECK_LIB($gssapi_lib, krb5_get_init_creds_opt_set_addressless, |
3871 | - AC_DEFINE(HAVE_KRB5_GET_INIT_CREDS_OPT_SET_ADDRESSLESS, 1, [Define this if the function krb5_get_init_creds_opt_set_addressless is available]), ,$KRBLIBS) |
3872 | - |
3873 | - dnl If they specified a directory and it didn't work, give them a warning |
3874 | - if test "x$krb5_with" != "x" -a "$krb5_with" != "$KRBDIR"; then |
3875 | - AC_MSG_WARN(Using $KRBDIR instead of requested value of $krb5_with for Kerberos!) |
3876 | - fi |
3877 | - |
3878 | - AC_SUBST([KRBDIR]) |
3879 | - AC_SUBST([KRBLIBS]) |
3880 | - AC_SUBST([KRBCFLAGS]) |
3881 | - AC_SUBST([KRBLDFLAGS]) |
3882 | - AC_SUBST([K5VERS]) |
3883 | - |
3884 | -]) |
3885 | |
3886 | === removed file '.pc/applied-patches' |
3887 | --- .pc/applied-patches 2012-06-22 15:04:56 +0000 |
3888 | +++ .pc/applied-patches 1970-01-01 00:00:00 +0000 |
3889 | @@ -1,8 +0,0 @@ |
3890 | -01-sm-notify-in-sbin.patch |
3891 | -02-524255-manpages.patch |
3892 | -03-handle-mtab-symlink.patch |
3893 | -11-532048-reduce-verbosity.patch |
3894 | -16-mount.nfs.man-update-distinction-between-fstype.patch |
3895 | -17-multiarch-kerberos-paths.patch |
3896 | -18-osd_login-sbindir.patch |
3897 | -19-iscsiadm-path.patch |
3898 | |
3899 | === modified file 'aclocal/kerberos5.m4' |
3900 | --- aclocal/kerberos5.m4 2012-06-22 15:04:56 +0000 |
3901 | +++ aclocal/kerberos5.m4 2012-08-15 06:56:20 +0000 |
3902 | @@ -29,7 +29,6 @@ |
3903 | elif test -f "/usr/lib/mit/bin/krb5-config"; then |
3904 | K5CONFIG="/usr/lib/mit/bin/krb5-config" |
3905 | fi |
3906 | - MULTIARCH=`dpkg-architecture -qDEB_HOST_MULTIARCH 2>/dev/null || true` |
3907 | if test "$K5CONFIG" != ""; then |
3908 | KRBCFLAGS=`$K5CONFIG --cflags` |
3909 | KRBLIBS=`$K5CONFIG --libs` |
3910 | @@ -39,7 +38,6 @@ |
3911 | \( -f $dir/lib/libgssapi_krb5.a -o \ |
3912 | -f $dir/lib64/libgssapi_krb5.a -o \ |
3913 | -f $dir/lib64/libgssapi_krb5.so -o \ |
3914 | - -f $dir/lib/$MULTIARCH/libgssapi_krb5.so -o \ |
3915 | -f $dir/lib/libgssapi_krb5.so \) ; then |
3916 | AC_DEFINE(HAVE_KRB5, 1, [Define this if you have MIT Kerberos libraries]) |
3917 | KRBDIR="$dir" |
3918 | |
3919 | === modified file 'utils/exportfs/nfsd.man' |
3920 | --- utils/exportfs/nfsd.man 2012-05-25 20:41:58 +0000 |
3921 | +++ utils/exportfs/nfsd.man 2012-08-15 06:56:20 +0000 |
3922 | @@ -196,7 +196,6 @@ |
3923 | find out what number correspond to what tracing. |
3924 | |
3925 | .SH SEE ALSO |
3926 | -.BR nfsd (8), |
3927 | .BR rpc.nfsd (8), |
3928 | .BR exports (5), |
3929 | .BR nfsstat (8), |
3930 | |
3931 | === modified file 'utils/gssd/gss_util.c' |
3932 | --- utils/gssd/gss_util.c 2011-07-09 16:28:32 +0000 |
3933 | +++ utils/gssd/gss_util.c 2012-08-15 06:56:20 +0000 |
3934 | @@ -126,7 +126,7 @@ |
3935 | "gss_display_status called from %s\n", m); |
3936 | break; |
3937 | } else { |
3938 | - printerr(2, "ERROR: GSS-API: (%s) error in %s(): %s\n", |
3939 | + printerr(0, "ERROR: GSS-API: (%s) error in %s(): %s\n", |
3940 | typestr, m, (char *)msg.value); |
3941 | } |
3942 | |
3943 | |
3944 | === modified file 'utils/gssd/gssd_proc.c' |
3945 | --- utils/gssd/gssd_proc.c 2012-05-25 20:41:58 +0000 |
3946 | +++ utils/gssd/gssd_proc.c 2012-08-15 06:56:20 +0000 |
3947 | @@ -676,7 +676,7 @@ |
3948 | unsigned int timeout = 0; |
3949 | int zero = 0; |
3950 | |
3951 | - printerr(2, "doing error downcall\n"); |
3952 | + printerr(1, "doing error downcall\n"); |
3953 | |
3954 | if (WRITE_BYTES(&p, end, uid)) goto out_err; |
3955 | if (WRITE_BYTES(&p, end, timeout)) goto out_err; |
3956 | @@ -953,7 +953,7 @@ |
3957 | int create_resp = -1; |
3958 | int err, downcall_err = -EACCES; |
3959 | |
3960 | - printerr(2, "handling krb5 upcall (%s)\n", clp->dirname); |
3961 | + printerr(1, "handling krb5 upcall (%s)\n", clp->dirname); |
3962 | |
3963 | if (tgtname) { |
3964 | if (clp->servicename) { |
3965 | @@ -1071,7 +1071,7 @@ |
3966 | } |
3967 | |
3968 | if (!authgss_get_private_data(auth, &pd)) { |
3969 | - printerr(2, "WARNING: Failed to obtain authentication " |
3970 | + printerr(1, "WARNING: Failed to obtain authentication " |
3971 | "data for user with uid %d for server %s\n", |
3972 | uid, clp->servername); |
3973 | goto out_return_error; |
3974 | |
3975 | === modified file 'utils/mount/fstab.c' |
3976 | --- utils/mount/fstab.c 2011-10-02 18:29:53 +0000 |
3977 | +++ utils/mount/fstab.c 2012-08-15 06:56:20 +0000 |
3978 | @@ -57,7 +57,7 @@ |
3979 | return var_mtab_does_not_exist; |
3980 | } |
3981 | |
3982 | -int |
3983 | +static int |
3984 | mtab_is_a_symlink(void) { |
3985 | get_mtab_info(); |
3986 | return var_mtab_is_a_symlink; |
3987 | |
3988 | === modified file 'utils/mount/fstab.h' |
3989 | --- utils/mount/fstab.h 2011-10-02 18:29:53 +0000 |
3990 | +++ utils/mount/fstab.h 2012-08-15 06:56:20 +0000 |
3991 | @@ -7,7 +7,6 @@ |
3992 | #define _PATH_FSTAB "/etc/fstab" |
3993 | #endif |
3994 | |
3995 | -int mtab_is_a_symlink(void); |
3996 | int mtab_is_writable(void); |
3997 | int mtab_does_not_exist(void); |
3998 | void reset_mtab_info(void); |
3999 | |
4000 | === modified file 'utils/mount/mount.c' |
4001 | --- utils/mount/mount.c 2011-07-09 16:28:32 +0000 |
4002 | +++ utils/mount/mount.c 2012-08-15 06:56:20 +0000 |
4003 | @@ -203,13 +203,6 @@ |
4004 | int flags; |
4005 | mntFILE *mfp; |
4006 | |
4007 | - /* Avoid writing if the mtab is a symlink to /proc/mounts, since |
4008 | - that would create a file /proc/mounts in case the proc filesystem |
4009 | - is not mounted, and the fchmod below would also fail. */ |
4010 | - if (mtab_is_a_symlink()) { |
4011 | - return EX_SUCCESS; |
4012 | - } |
4013 | - |
4014 | lock_mtab(); |
4015 | |
4016 | mfp = nfs_setmntent (MOUNTED, "a+"); |
4017 | |
4018 | === modified file 'utils/mount/mount.nfs.man' |
4019 | --- utils/mount/mount.nfs.man 2011-03-16 23:10:15 +0000 |
4020 | +++ utils/mount/mount.nfs.man 2012-08-15 06:56:20 +0000 |
4021 | @@ -15,20 +15,16 @@ |
4022 | .BR mount (8) |
4023 | command for mounting NFS shares. This subcommand, however, can also be used as a standalone command with limited functionality. |
4024 | |
4025 | +.BR mount.nfs4 |
4026 | +is used for mounting NFSv4 file system, while |
4027 | +.BR mount.nfs |
4028 | +is used to mount NFS file systems versions 3 or 2. |
4029 | .I remotetarget |
4030 | is a server share usually in the form of |
4031 | .BR servername:/path/to/share. |
4032 | .I dir |
4033 | is the directory on which the file system is to be mounted. |
4034 | |
4035 | -Under Linux 2.6.32 and later kernel versions, |
4036 | -.BR mount.nfs |
4037 | -can mount all NFS file system versions. Under earlier Linux kernel versions, |
4038 | -.BR mount.nfs4 |
4039 | -must be used for mounting NFSv4 file systems while |
4040 | -.BR mount.nfs |
4041 | -must be used for NFSv3 and v2. |
4042 | - |
4043 | .SH OPTIONS |
4044 | .TP |
4045 | .BI "\-r" |
4046 | |
4047 | === modified file 'utils/nfsd/nfsd.man' |
4048 | --- utils/nfsd/nfsd.man 2012-05-25 20:41:58 +0000 |
4049 | +++ utils/nfsd/nfsd.man 2012-08-15 06:56:20 +0000 |
4050 | @@ -94,7 +94,6 @@ |
4051 | database. |
4052 | |
4053 | .SH SEE ALSO |
4054 | -.BR nfsd (7), |
4055 | .BR rpc.mountd (8), |
4056 | .BR exports (5), |
4057 | .BR exportfs (8), |
4058 | |
4059 | === modified file 'utils/osd_login/Makefile.am' |
4060 | --- utils/osd_login/Makefile.am 2012-05-25 20:41:58 +0000 |
4061 | +++ utils/osd_login/Makefile.am 2012-08-15 06:56:20 +0000 |
4062 | @@ -1,9 +1,12 @@ |
4063 | ## Process this file with automake to produce Makefile.in |
4064 | |
4065 | -# These binaries go in /sbin (not /usr/sbin), and that cannot be |
4066 | -# overridden at config time. |
4067 | -sbindir = /sbin |
4068 | - |
4069 | -sbin_SCRIPTS = osd_login |
4070 | +OSD_LOGIN_FILES= osd_login |
4071 | + |
4072 | +EXTRA_DIST= $(OSD_LOGIN_FILES) |
4073 | + |
4074 | +all-local: $(OSD_LOGIN_FILES) |
4075 | + |
4076 | +install-data-hook: |
4077 | + $(INSTALL) --mode 755 osd_login $(DESTDIR)/sbin/osd_login |
4078 | |
4079 | MAINTAINERCLEANFILES = Makefile.in |
4080 | |
4081 | === modified file 'utils/osd_login/osd_login' |
4082 | --- utils/osd_login/osd_login 2012-05-25 20:41:58 +0000 |
4083 | +++ utils/osd_login/osd_login 2012-08-15 06:56:20 +0000 |
4084 | @@ -25,6 +25,8 @@ |
4085 | |
4086 | PATH="/sbin:/usr/sbin:/bin:/usr/bin" |
4087 | |
4088 | +iscsiadm=/sbin/iscsiadm |
4089 | + |
4090 | PARENT_PID=$BASHPID |
4091 | WATCHDOG_TIMEOUT=15 |
4092 | |
4093 | @@ -88,8 +90,8 @@ |
4094 | login_iscsi_osd() |
4095 | { |
4096 | echo "login into: $1" |
4097 | - if ! iscsiadm -m discovery -o nonpersistent -t sendtargets -p $1 --login; then |
4098 | - echo "iscsiadm -m discovery -t sendtargets -p $1 --login returned error $? !" |
4099 | + if ! $iscsiadm -m discovery -o nonpersistent -t sendtargets -p $1 --login; then |
4100 | + echo "$iscsiadm -m discovery -t sendtargets -p $1 --login returned error $? !" |
4101 | sleep 1; |
4102 | fi |
4103 | } |
4104 | |
4105 | === modified file 'utils/statd/statd.c' |
4106 | --- utils/statd/statd.c 2010-04-06 16:11:22 +0000 |
4107 | +++ utils/statd/statd.c 2012-08-15 06:56:20 +0000 |
4108 | @@ -190,7 +190,7 @@ |
4109 | char *av[6]; |
4110 | int ac = 0; |
4111 | |
4112 | - av[ac++] = "/sbin/sm-notify"; |
4113 | + av[ac++] = "/usr/sbin/sm-notify"; |
4114 | if (run_mode & MODE_NODAEMON) |
4115 | av[ac++] = "-d"; |
4116 | if (outport) { |