rpms/autofs
5
0
Fork 0
Code Issues Pull Requests Releases Activity

- add fixes for bug 2170287.

Browse Source
This commit is contained in:
Ian Kent 2023-03-27 16:39:42 +08:00
parent bc803ef35f
commit ddadd6b1bc
3 changed files with 172 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

101
autofs-5.1.8-dont-immediately-call-function-when-waiting.patch Normal file
View File

@ -0,0 +1,101 @@
autofs-5.1.8 - dont immediately call function when waiting
From: Ian Kent <raven@themaw.net>
When autofs needs to wait for a sss connection the connection function
is immediately called a second time without first waiting. Adjust the
calling so that there's a wait before the next call.
Signed-off-by: Ian Kent <raven@themaw.net>
---
CHANGELOG | 1 +
modules/lookup_sss.c | 24 ++++++++++++------------
2 files changed, 13 insertions(+), 12 deletions(-)
--- autofs-5.1.7.orig/CHANGELOG
+++ autofs-5.1.7/CHANGELOG
@@ -114,6 +114,7 @@
- fix incorrect path for is_mounted() in try_remount().
- fail on empty replicated host name.
- improve handling of ENOENT in sss setautomntent().
+- don't immediately call function when waiting.
25/01/2021 autofs-5.1.7
- make bind mounts propagation slave by default.
--- autofs-5.1.7.orig/modules/lookup_sss.c
+++ autofs-5.1.7/modules/lookup_sss.c
@@ -338,10 +338,13 @@ static int setautomntent_wait(unsigned i
"can't connect to sssd, retry for %d seconds",
retries);
- while (++retry <= retries) {
+ while (++retry < retries) {
struct timespec t = { SSS_WAIT_INTERVAL, 0 };
struct timespec r;
+ while (nanosleep(&t, &r) == -1 && errno == EINTR)
+ memcpy(&t, &r, sizeof(struct timespec));
+
ret = ctxt->setautomntent(ctxt->mapname, sss_ctxt);
if (proto_version(ctxt) == 0) {
if (ret != ENOENT)
@@ -355,9 +358,6 @@ static int setautomntent_wait(unsigned i
free(*sss_ctxt);
*sss_ctxt = NULL;
}
-
- while (nanosleep(&t, &r) == -1 && errno == EINTR)
- memcpy(&t, &r, sizeof(struct timespec));
}
if (!ret)
@@ -475,10 +475,13 @@ static int getautomntent_wait(unsigned i
"can't contact sssd to to get map entry, retry for %d seconds",
retries);
- while (++retry <= retries) {
+ while (++retry < retries) {
struct timespec t = { SSS_WAIT_INTERVAL, 0 };
struct timespec r;
+ while (nanosleep(&t, &r) == -1 && errno == EINTR)
+ memcpy(&t, &r, sizeof(struct timespec));
+
ret = ctxt->getautomntent_r(key, value, sss_ctxt);
if (proto_version(ctxt) == 0) {
if (ret != ENOENT)
@@ -487,9 +490,6 @@ static int getautomntent_wait(unsigned i
if (ret != EHOSTDOWN)
break;
}
-
- while (nanosleep(&t, &r) == -1 && errno == EINTR)
- memcpy(&t, &r, sizeof(struct timespec));
}
if (!ret)
@@ -600,10 +600,13 @@ static int getautomntbyname_wait(unsigne
"can't contact sssd to to lookup key value, retry for %d seconds",
retries);
- while (++retry <= retries) {
+ while (++retry < retries) {
struct timespec t = { SSS_WAIT_INTERVAL, 0 };
struct timespec r;
+ while (nanosleep(&t, &r) == -1 && errno == EINTR)
+ memcpy(&t, &r, sizeof(struct timespec));
+
ret = ctxt->getautomntbyname_r(key, value, sss_ctxt);
if (proto_version(ctxt) == 0) {
if (ret != ENOENT)
@@ -612,9 +615,6 @@ static int getautomntbyname_wait(unsigne
if (ret != EHOSTDOWN)
break;
}
-
- while (nanosleep(&t, &r) == -1 && errno == EINTR)
- memcpy(&t, &r, sizeof(struct timespec));
}
if (!ret)

59
autofs-5.1.8-improve-handling-of-ENOENT-in-sss-setautomntent.patch Normal file
View File

@ -0,0 +1,59 @@
autofs-5.1.8 - improve handling of ENOENT in sss setautomntent()
From: Ian Kent <raven@themaw.net>
In the sss lookup module function setautomntent() a return of ENOENT
isn't handled quite right.
If ENOENT (rather than EHOSTDOWN) is returned from sss setautomntent()
we should assume the LDAP info. has been read by sss and the entry in
fact doesn't exist.
Signed-off-by: Ian Kent <raven@themaw.net>
---
CHANGELOG | 1 +
modules/lookup_sss.c | 16 +++++++++++++++-
2 files changed, 16 insertions(+), 1 deletion(-)
--- autofs-5.1.7.orig/CHANGELOG
+++ autofs-5.1.7/CHANGELOG
@@ -113,6 +113,7 @@
- fix minus only option handling in concat_options().
- fix incorrect path for is_mounted() in try_remount().
- fail on empty replicated host name.
+- improve handling of ENOENT in sss setautomntent().
25/01/2021 autofs-5.1.7
- make bind mounts propagation slave by default.
--- autofs-5.1.7.orig/modules/lookup_sss.c
+++ autofs-5.1.7/modules/lookup_sss.c
@@ -394,7 +394,17 @@ static int setautomntent(unsigned int lo
if (ret != ENOENT)
goto error;
} else {
- if (ret != ENOENT && ret != EHOSTDOWN)
+ /* If we get an ENOENT here assume it's accurrate
+ * and return the error.
+ */
+ if (ret == ENOENT) {
+ error(logopt, MODPREFIX
+ "setautomountent: entry for map %s not found",
+ ctxt->mapname);
+ err = NSS_STATUS_NOTFOUND;
+ goto free;
+ }
+ if (ret != EHOSTDOWN)
goto error;
}
@@ -410,6 +420,10 @@ static int setautomntent(unsigned int lo
if (ret == EINVAL)
goto free;
if (ret == ENOENT) {
+ /* Map info. not found after host became available */
+ error(logopt, MODPREFIX
+ "setautomountent: entry for map %s not found",
+ ctxt->mapname);
err = NSS_STATUS_NOTFOUND;
goto free;
}

13
autofs.spec
View File

@ -12,7 +12,7 @@
Summary: A tool for automatically mounting and unmounting filesystems Summary: A tool for automatically mounting and unmounting filesystems
Name: autofs Name: autofs
Version: 5.1.7 Version: 5.1.7
Release: 37%{?dist} Release: 38%{?dist}
Epoch: 1 Epoch: 1
License: GPLv2+ License: GPLv2+
Source: https://www.kernel.org/pub/linux/daemons/autofs/v5/autofs-%{version}-2.tar.gz Source: https://www.kernel.org/pub/linux/daemons/autofs/v5/autofs-%{version}-2.tar.gz
@ -139,6 +139,8 @@ Patch111: autofs-5.1.8-fix-memory-leak-in-update_hosts_mounts.patch
Patch112: autofs-5.1.8-fix-minus-only-option-handling-in-concat_options.patch Patch112: autofs-5.1.8-fix-minus-only-option-handling-in-concat_options.patch
Patch113: autofs-5.1.8-fix-incorrect-path-for-is_mounted-in-try_remount.patch Patch113: autofs-5.1.8-fix-incorrect-path-for-is_mounted-in-try_remount.patch
Patch114: autofs-5.1.8-fail-on-empty-replicated-host-name.patch Patch114: autofs-5.1.8-fail-on-empty-replicated-host-name.patch
Patch115: autofs-5.1.8-improve-handling-of-ENOENT-in-sss-setautomntent.patch
Patch116: autofs-5.1.8-dont-immediately-call-function-when-waiting.patch
%if %{with_systemd} %if %{with_systemd}
BuildRequires: systemd-units BuildRequires: systemd-units
@ -322,6 +324,8 @@ echo %{version}-%{release} > .version
%patch112 -p1 %patch112 -p1
%patch113 -p1 %patch113 -p1
%patch114 -p1 %patch114 -p1
%patch115 -p1
%patch116 -p1
%build %build
LDFLAGS=-Wl,-z,now LDFLAGS=-Wl,-z,now
@ -430,6 +434,13 @@ fi
%dir /etc/auto.master.d %dir /etc/auto.master.d
%changelog %changelog
* Mon Mar 27 2023 Ian Kent <ikent@redhat.com> - 1:5.1.7-38
- bz2170287 - Autofs reports can't connect to sssd, retry for 10
seconds when real problem is empty LDAP object
- improve handling of ENOENT in sss setautomntent().
- dont immediately call function when waiting.
- Resolves: rhbz#2170287
* Mon Mar 27 2023 Ian Kent <ikent@redhat.com> - 1:5.1.7-37 * Mon Mar 27 2023 Ian Kent <ikent@redhat.com> - 1:5.1.7-37
- bz2170285 - Users can trigger a simple autofs DoS with wildcard - bz2170285 - Users can trigger a simple autofs DoS with wildcard
automounter maps automounter maps