From 4c886b79236305ba3f8afab74621aa8f792233ec Mon Sep 17 00:00:00 2001 From: Steve Dickson Date: Mon, 3 Mar 2008 16:22:08 +0000 Subject: [PATCH] - Stopped mountd from incorrectly logging an error (commit 9dd9b68c4c44f0d9102eb85ee2fa36a8b7f638e3) - Stop gssd from ignoring the machine credential caches (commit 46d439b17f22216ce8f9257a982c6ade5d1c5931) - Fixed typo in the nfsstat command line arugments. (commit acf95d32a44fd8357c24e8a04ec53fc6900bfc58) - Added test to stop buffer overflow in idmapd (commit bcd0fcaf0966c546da5043be700587f73174ae25) --- nfs-utils-1.1.1-gssd-mcred.patch | 23 ++++++++++ nfs-utils-1.1.1-idmapd-validasc.patch | 28 ++++++++++++ nfs-utils-1.1.1-mountd-exportlist.patch | 58 +++++++++++++++++++++++++ nfs-utils-1.1.1-nfsstat-cmdline.patch | 21 +++++++++ nfs-utils.spec | 20 ++++++++- nfslock.init | 7 +-- 6 files changed, 153 insertions(+), 4 deletions(-) create mode 100644 nfs-utils-1.1.1-gssd-mcred.patch create mode 100644 nfs-utils-1.1.1-idmapd-validasc.patch create mode 100644 nfs-utils-1.1.1-mountd-exportlist.patch create mode 100644 nfs-utils-1.1.1-nfsstat-cmdline.patch diff --git a/nfs-utils-1.1.1-gssd-mcred.patch b/nfs-utils-1.1.1-gssd-mcred.patch new file mode 100644 index 0000000..7472f7c --- /dev/null +++ b/nfs-utils-1.1.1-gssd-mcred.patch @@ -0,0 +1,23 @@ +commit 46d439b17f22216ce8f9257a982c6ade5d1c5931 +Author: Vince Busam +Date: Tue Feb 26 13:04:52 2008 -0500 + + Stop gssd from ignoring the machine credential cache + defined by the -d flag + + Signed-off-by: Steve Dickson + Signed-off-by: Kevin Coffman + +diff --git a/utils/gssd/krb5_util.c b/utils/gssd/krb5_util.c +index bf8690e..3cf27ca 100644 +--- a/utils/gssd/krb5_util.c ++++ b/utils/gssd/krb5_util.c +@@ -404,7 +404,7 @@ gssd_get_single_krb5_cred(krb5_context context, + cache_type = "FILE"; + snprintf(cc_name, sizeof(cc_name), "%s:%s/%s%s_%s", + cache_type, +- GSSD_DEFAULT_CRED_DIR, GSSD_DEFAULT_CRED_PREFIX, ++ ccachedir, GSSD_DEFAULT_CRED_PREFIX, + GSSD_DEFAULT_MACHINE_CRED_SUFFIX, ple->realm); + ple->endtime = my_creds.times.endtime; + if (ple->ccname != NULL) diff --git a/nfs-utils-1.1.1-idmapd-validasc.patch b/nfs-utils-1.1.1-idmapd-validasc.patch new file mode 100644 index 0000000..a0dae51 --- /dev/null +++ b/nfs-utils-1.1.1-idmapd-validasc.patch @@ -0,0 +1,28 @@ +commit bcd0fcaf0966c546da5043be700587f73174ae25 +Author: NeilBrown +Date: Tue Feb 26 13:57:39 2008 -0500 + + If validateascii is passed a string containing only non-zero 7bit + values, then the loop with exit with i == len, and the following + test will access beyond the end of the array. + + So add an extra test to fix this. + + Found by Marcus Meissner . + + Signed-off-by: NeilBrown + Signed-off-by: Steve Dickson + +diff --git a/utils/idmapd/idmapd.c b/utils/idmapd/idmapd.c +index 355c6e1..6b5971c 100644 +--- a/utils/idmapd/idmapd.c ++++ b/utils/idmapd/idmapd.c +@@ -848,7 +848,7 @@ validateascii(char *string, u_int32_t len) + return (-1); + } + +- if (string[i] != '\0') ++ if ((i >= len) || string[i] != '\0') + return (-1); + + return (i + 1); diff --git a/nfs-utils-1.1.1-mountd-exportlist.patch b/nfs-utils-1.1.1-mountd-exportlist.patch new file mode 100644 index 0000000..8496bbc --- /dev/null +++ b/nfs-utils-1.1.1-mountd-exportlist.patch @@ -0,0 +1,58 @@ +commit 9dd9b68c4c44f0d9102eb85ee2fa36a8b7f638e3 +Author: Harshula Jayasuriya +Date: Tue Feb 12 16:13:25 2008 -0500 + + In mountd, if get_exportlist() (utils/mountd/mountd.c) returns NULL it + should not be considered a failure. It just means that there are no + exports on the system. + + The practical problem with the current code is that a showmount -e + results in a syslog message from mountd that looks like: + + rpc.mountd: export request from 10.250.100.2 failed. + + Reviewed-by: Greg Banks + Signed-off-by: Harshula Jayasuriya + Signed-off-by: Steve Dickson + +diff --git a/utils/mountd/mountd.c b/utils/mountd/mountd.c +index 4a50588..63d5ce1 100644 +--- a/utils/mountd/mountd.c ++++ b/utils/mountd/mountd.c +@@ -203,9 +203,8 @@ mount_dump_1_svc(struct svc_req *rqstp, void *argp, mountlist *res) + struct sockaddr_in *addr = + (struct sockaddr_in *) svc_getcaller(rqstp->rq_xprt); + +- if ((*res = mountlist_list()) == NULL) +- xlog(L_WARNING, "dump request from %s failed.", +- inet_ntoa(addr->sin_addr)); ++ xlog(D_CALL, "dump request from %s.", inet_ntoa(addr->sin_addr)); ++ *res = mountlist_list(); + + return 1; + } +@@ -254,9 +253,8 @@ mount_export_1_svc(struct svc_req *rqstp, void *argp, exports *resp) + struct sockaddr_in *addr = + (struct sockaddr_in *) svc_getcaller(rqstp->rq_xprt); + +- if ((*resp = get_exportlist()) == NULL) +- xlog(L_WARNING, "export request from %s failed.", +- inet_ntoa(addr->sin_addr)); ++ xlog(D_CALL, "export request from %s.", inet_ntoa(addr->sin_addr)); ++ *resp = get_exportlist(); + + return 1; + } +@@ -267,9 +265,9 @@ mount_exportall_1_svc(struct svc_req *rqstp, void *argp, exports *resp) + struct sockaddr_in *addr = + (struct sockaddr_in *) svc_getcaller(rqstp->rq_xprt); + +- if ((*resp = get_exportlist()) == NULL) +- xlog(L_WARNING, "exportall request from %s failed.", +- inet_ntoa(addr->sin_addr)); ++ xlog(D_CALL, "exportall request from %s.", inet_ntoa(addr->sin_addr)); ++ *resp = get_exportlist(); ++ + return 1; + } + diff --git a/nfs-utils-1.1.1-nfsstat-cmdline.patch b/nfs-utils-1.1.1-nfsstat-cmdline.patch new file mode 100644 index 0000000..bf2742d --- /dev/null +++ b/nfs-utils-1.1.1-nfsstat-cmdline.patch @@ -0,0 +1,21 @@ +commit acf95d32a44fd8357c24e8a04ec53fc6900bfc58 +Author: Peng Haitao +Date: Tue Feb 26 13:52:18 2008 -0500 + + Fixed typo in the nfsstat command line arugments. + + Signed-off-by: Steve Dickson + +diff --git a/utils/nfsstat/nfsstat.c b/utils/nfsstat/nfsstat.c +index 828119b..ed8cfc8 100644 +--- a/utils/nfsstat/nfsstat.c ++++ b/utils/nfsstat/nfsstat.c +@@ -237,7 +237,7 @@ static struct option longopts[] = + { "all", 0, 0, 'v' }, + { "auto", 0, 0, '\3' }, + { "client", 0, 0, 'c' }, +- { "mounts", 0, 0, 'm' }, ++ { "mounted", 0, 0, 'm' }, + { "nfs", 0, 0, 'n' }, + { "rpc", 0, 0, 'r' }, + { "server", 0, 0, 's' }, diff --git a/nfs-utils.spec b/nfs-utils.spec index 92352ab..3c80f86 100644 --- a/nfs-utils.spec +++ b/nfs-utils.spec @@ -2,7 +2,7 @@ Summary: NFS utilities and supporting clients and daemons for the kernel NFS ser Name: nfs-utils URL: http://sourceforge.net/projects/nfs Version: 1.1.1 -Release: 4%{?dist} +Release: 5%{?dist} Epoch: 1 # group all 32bit related archs @@ -45,6 +45,10 @@ Patch104: nfs-utils-1.1.1-xlog-valist.patch Patch105: nfs-utils-1.1.1-mountd-crossmnt.patch Patch106: nfs-utils-1.1.1-mount-relatime.patch Patch107: nfs-utils-1.1.1-mountd-crossmnt-cleanup.patch +Patch108: nfs-utils-1.1.1-mountd-exportlist.patch +Patch109: nfs-utils-1.1.1-gssd-mcred.patch +Patch110: nfs-utils-1.1.1-nfsstat-cmdline.patch +Patch111: nfs-utils-1.1.1-idmapd-validasc.patch Group: System Environment/Daemons Provides: exportfs = %{epoch}:%{version}-%{release} @@ -114,6 +118,10 @@ This package also contains the mount.nfs and umount.nfs program. %patch105 -p1 %patch106 -p1 %patch107 -p1 +%patch108 -p1 +%patch109 -p1 +%patch110 -p1 +%patch111 -p1 # Remove .orig files find . -name "*.orig" | xargs rm -f @@ -277,6 +285,16 @@ fi %attr(4755,root,root) /sbin/umount.nfs4 %changelog +* Mon Mar 3 2008 Steve Dickson 1.1.1-5 +- Stopped mountd from incorrectly logging an error + (commit 9dd9b68c4c44f0d9102eb85ee2fa36a8b7f638e3) +- Stop gssd from ignoring the machine credential caches + (commit 46d439b17f22216ce8f9257a982c6ade5d1c5931) +- Fixed typo in the nfsstat command line arugments. + (commit acf95d32a44fd8357c24e8a04ec53fc6900bfc58) +- Added test to stop buffer overflow in idmapd + (commit bcd0fcaf0966c546da5043be700587f73174ae25) + * Sat Feb 9 2008 Steve Dickson 1.1.1-4 - Cleaned up some typos that were found in the various places in the mountd code diff --git a/nfslock.init b/nfslock.init index 4e0d12c..8f7a27f 100755 --- a/nfslock.init +++ b/nfslock.init @@ -53,11 +53,12 @@ fi start() { if [ ! -f /var/lock/subsys/nfslock ]; then + + # Make sure locks are recovered + rm -f /var/run/sm-notify.pid + # Start daemons. if [ "$USERLAND_LOCKD" ]; then - # Make sure locks are recovered - rm -f /var/run/sm-notify.pid - echo -n $"Starting NFS locking: " daemon rpc.lockd echo