- Added 10 (101 thru 110) upstream patches that fixed things mostly in the

mount and gssd code.
This commit is contained in:
Steve Dickson 2008-05-08 11:17:09 +00:00
parent 6b300bd574
commit 85ed8ab7ef
11 changed files with 651 additions and 1 deletions

View File

@ -0,0 +1,21 @@
commit 7ef076fb98233783843d6019b2edbb48e2d18914
Author: Oren Held <oren@held.org.il>
Date: Thu May 8 05:23:10 2008 -0400
Fixed smail typo in exportfs man page
Signed-off-by: Steve Dickson <steved@redhat.com>
diff --git a/utils/exportfs/exportfs.man b/utils/exportfs/exportfs.man
index a8fdb05..c7b230a 100644
--- a/utils/exportfs/exportfs.man
+++ b/utils/exportfs/exportfs.man
@@ -198,7 +198,7 @@ and pushes the resulting export entries into the kernel:
To export the
.B /usr/tmp
directory to host
-.BR djando ,
+.BR django ,
allowing asynchronous writes, one would do this:
.P
.nf

View File

@ -0,0 +1,235 @@
commit 25cd5f9101b8969f9e1f9d7d486f11c215d0eeb4
Author: Vince Busam <vbusam@google.com>
Date: Wed May 7 15:24:53 2008 -0400
Kerberos credentials may be stored in multiple places. Make it
possible to search several directories for valid credentials when
making NFS requests.
Original patch from Vince Busam <vbusam@google.com>
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>.
Signed-off-by: Steve Dickson <steved@redhat.com>
diff --git a/utils/gssd/gssd.c b/utils/gssd/gssd.c
index bbcad20..e8612a5 100644
--- a/utils/gssd/gssd.c
+++ b/utils/gssd/gssd.c
@@ -57,6 +57,7 @@ char pipefs_dir[PATH_MAX] = GSSD_PIPEFS_DIR;
char pipefs_nfsdir[PATH_MAX] = GSSD_PIPEFS_DIR;
char keytabfile[PATH_MAX] = GSSD_DEFAULT_KEYTAB_FILE;
char ccachedir[PATH_MAX] = GSSD_DEFAULT_CRED_DIR;
+char *ccachesearch[GSSD_MAX_CCACHE_SEARCH + 1];
int use_memcache = 0;
int root_uses_machine_creds = 1;
@@ -93,9 +94,11 @@ main(int argc, char *argv[])
int verbosity = 0;
int rpc_verbosity = 0;
int opt;
+ int i;
extern char *optarg;
char *progname;
+ memset(ccachesearch, 0, sizeof(ccachesearch));
while ((opt = getopt(argc, argv, "fvrmnMp:k:d:")) != -1) {
switch (opt) {
case 'f':
@@ -136,6 +139,13 @@ main(int argc, char *argv[])
break;
}
}
+
+ i = 0;
+ ccachesearch[i++] = strtok(ccachedir, ":");
+ do {
+ ccachesearch[i++] = strtok(NULL, ":");
+ } while (ccachesearch[i-1] != NULL && i < GSSD_MAX_CCACHE_SEARCH);
+
snprintf(pipefs_nfsdir, sizeof(pipefs_nfsdir), "%s/%s",
pipefs_dir, GSSD_SERVICE_NAME);
if (pipefs_nfsdir[sizeof(pipefs_nfsdir)-1] != '\0')
diff --git a/utils/gssd/gssd.h b/utils/gssd/gssd.h
index 6f14c34..0f9f428 100644
--- a/utils/gssd/gssd.h
+++ b/utils/gssd/gssd.h
@@ -50,6 +50,7 @@
#define GSSD_DEFAULT_KEYTAB_FILE "/etc/krb5.keytab"
#define GSSD_SERVICE_NAME "nfs"
#define GSSD_SERVICE_NAME_LEN 3
+#define GSSD_MAX_CCACHE_SEARCH 16
/*
* The gss mechanisms that we can handle
@@ -61,7 +62,7 @@ enum {AUTHTYPE_KRB5, AUTHTYPE_SPKM3, AUTHTYPE_LIPKEY};
extern char pipefs_dir[PATH_MAX];
extern char pipefs_nfsdir[PATH_MAX];
extern char keytabfile[PATH_MAX];
-extern char ccachedir[PATH_MAX];
+extern char *ccachesearch[];
extern int use_memcache;
extern int root_uses_machine_creds;
diff --git a/utils/gssd/gssd.man b/utils/gssd/gssd.man
index 2fa749e..8fa4f4a 100644
--- a/utils/gssd/gssd.man
+++ b/utils/gssd/gssd.man
@@ -74,7 +74,11 @@ where to look for the rpc_pipefs filesystem. The default value is
.B -d directory
Tells
.B rpc.gssd
-where to look for kerberos credential files. The default value is "/tmp".
+where to look for Kerberos credential files. The default value is "/tmp".
+This can also be a colon separated list of directories to be searched
+for Kerberos credential files. Note that if machine credentials are being
+stored in files, then the first directory on this list is where the
+machine credentials are stored.
.TP
.B -v
Increases the verbosity of the output (can be specified multiple times).
diff --git a/utils/gssd/gssd_proc.c b/utils/gssd/gssd_proc.c
index bac7295..be6f440 100644
--- a/utils/gssd/gssd_proc.c
+++ b/utils/gssd/gssd_proc.c
@@ -685,6 +685,7 @@ handle_krb5_upcall(struct clnt_info *clp)
gss_buffer_desc token;
char **credlist = NULL;
char **ccname;
+ char **dirname;
int create_resp = -1;
printerr(1, "handling krb5 upcall\n");
@@ -701,10 +702,14 @@ handle_krb5_upcall(struct clnt_info *clp)
if (uid != 0 || (uid == 0 && root_uses_machine_creds == 0)) {
/* Tell krb5 gss which credentials cache to use */
- gssd_setup_krb5_user_gss_ccache(uid, clp->servername);
+ for (dirname = ccachesearch; *dirname != NULL; dirname++) {
+ gssd_setup_krb5_user_gss_ccache(uid, clp->servername, *dirname);
- create_resp = create_auth_rpc_client(clp, &rpc_clnt, &auth, uid,
- AUTHTYPE_KRB5);
+ create_resp = create_auth_rpc_client(clp, &rpc_clnt, &auth, uid,
+ AUTHTYPE_KRB5);
+ if (create_resp == 0)
+ break;
+ }
}
if (create_resp != 0) {
if (uid == 0 && root_uses_machine_creds == 1) {
diff --git a/utils/gssd/krb5_util.c b/utils/gssd/krb5_util.c
index 0589cd8..512c1cf 100644
--- a/utils/gssd/krb5_util.c
+++ b/utils/gssd/krb5_util.c
@@ -131,7 +131,8 @@ struct gssd_k5_kt_princ *gssd_k5_kt_princ_list = NULL;
/*==========================*/
static int select_krb5_ccache(const struct dirent *d);
-static int gssd_find_existing_krb5_ccache(uid_t uid, struct dirent **d);
+static int gssd_find_existing_krb5_ccache(uid_t uid, char *dirname,
+ struct dirent **d);
static int gssd_get_single_krb5_cred(krb5_context context,
krb5_keytab kt, struct gssd_k5_kt_princ *ple);
@@ -159,7 +160,7 @@ select_krb5_ccache(const struct dirent *d)
}
/*
- * Look in the ccachedir for files that look like they
+ * Look in directory "dirname" for files that look like they
* are Kerberos Credential Cache files for a given UID. Return
* non-zero and the dirent pointer for the entry most likely to be
* what we want. Otherwise, return zero and no dirent pointer.
@@ -170,7 +171,7 @@ select_krb5_ccache(const struct dirent *d)
* 1 => found an existing entry
*/
static int
-gssd_find_existing_krb5_ccache(uid_t uid, struct dirent **d)
+gssd_find_existing_krb5_ccache(uid_t uid, char *dirname, struct dirent **d)
{
struct dirent **namelist;
int n;
@@ -181,9 +182,10 @@ gssd_find_existing_krb5_ccache(uid_t uid, struct dirent **d)
memset(&best_match_stat, 0, sizeof(best_match_stat));
*d = NULL;
- n = scandir(ccachedir, &namelist, select_krb5_ccache, 0);
+ n = scandir(dirname, &namelist, select_krb5_ccache, 0);
if (n < 0) {
- perror("scandir looking for krb5 credentials caches");
+ printerr(1, "Error doing scandir on directory '%s': %s\n",
+ dirname, strerror(errno));
}
else if (n > 0) {
char statname[1024];
@@ -191,7 +193,7 @@ gssd_find_existing_krb5_ccache(uid_t uid, struct dirent **d)
printerr(3, "CC file '%s' being considered\n",
namelist[i]->d_name);
snprintf(statname, sizeof(statname),
- "%s/%s", ccachedir, namelist[i]->d_name);
+ "%s/%s", dirname, namelist[i]->d_name);
if (lstat(statname, &tmp_stat)) {
printerr(0, "Error doing stat on file '%s'\n",
statname);
@@ -291,8 +293,9 @@ limit_krb5_enctypes(struct rpc_gss_sec *sec, uid_t uid)
&credh, NULL, NULL);
if (maj_stat != GSS_S_COMPLETE) {
- pgsserr("gss_acquire_cred",
- maj_stat, min_stat, &krb5oid);
+ if (get_verbosity() > 0)
+ pgsserr("gss_acquire_cred",
+ maj_stat, min_stat, &krb5oid);
return -1;
}
@@ -406,7 +409,7 @@ gssd_get_single_krb5_cred(krb5_context context,
cache_type = "FILE";
snprintf(cc_name, sizeof(cc_name), "%s:%s/%s%s_%s",
cache_type,
- ccachedir, GSSD_DEFAULT_CRED_PREFIX,
+ ccachesearch[0], GSSD_DEFAULT_CRED_PREFIX,
GSSD_DEFAULT_MACHINE_CRED_SUFFIX, ple->realm);
ple->endtime = my_creds.times.endtime;
if (ple->ccname != NULL)
@@ -894,7 +897,7 @@ out:
* void
*/
void
-gssd_setup_krb5_user_gss_ccache(uid_t uid, char *servername)
+gssd_setup_krb5_user_gss_ccache(uid_t uid, char *servername, char *dirname)
{
char buf[MAX_NETOBJ_SZ];
struct dirent *d;
@@ -902,14 +905,13 @@ gssd_setup_krb5_user_gss_ccache(uid_t uid, char *servername)
printerr(2, "getting credentials for client with uid %u for "
"server %s\n", uid, servername);
memset(buf, 0, sizeof(buf));
- if (gssd_find_existing_krb5_ccache(uid, &d)) {
- snprintf(buf, sizeof(buf), "FILE:%s/%s",
- ccachedir, d->d_name);
+ if (gssd_find_existing_krb5_ccache(uid, dirname, &d)) {
+ snprintf(buf, sizeof(buf), "FILE:%s/%s", dirname, d->d_name);
free(d);
}
else
snprintf(buf, sizeof(buf), "FILE:%s/%s%u",
- ccachedir, GSSD_DEFAULT_CRED_PREFIX, uid);
+ dirname, GSSD_DEFAULT_CRED_PREFIX, uid);
printerr(2, "using %s as credentials cache for client with "
"uid %u for server %s\n", buf, uid, servername);
gssd_set_krb5_ccache_name(buf);
diff --git a/utils/gssd/krb5_util.h b/utils/gssd/krb5_util.h
index 78ad45c..431fdaf 100644
--- a/utils/gssd/krb5_util.h
+++ b/utils/gssd/krb5_util.h
@@ -17,7 +17,8 @@ struct gssd_k5_kt_princ {
};
-void gssd_setup_krb5_user_gss_ccache(uid_t uid, char *servername);
+void gssd_setup_krb5_user_gss_ccache(uid_t uid, char *servername,
+ char *dirname);
int gssd_get_krb5_machine_cred_list(char ***list);
void gssd_free_krb5_machine_cred_list(char **list);
void gssd_setup_krb5_machine_gss_ccache(char *servername);

View File

@ -0,0 +1,25 @@
commit 313ab396c04afe160ee6764e28b5e61ce19c46d9
Author: Kevin Coffman <kwc@citi.umich.edu>
Date: Wed May 7 14:32:45 2008 -0400
Add the other two DES encryption types to the default list of
Kerberos encryption types that may be negotiated.
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
Signed-off-by: Steve Dickson <steved@redhat.com>
diff --git a/utils/gssd/krb5_util.c b/utils/gssd/krb5_util.c
index 3cf27ca..0589cd8 100644
--- a/utils/gssd/krb5_util.c
+++ b/utils/gssd/krb5_util.c
@@ -277,7 +277,9 @@ limit_krb5_enctypes(struct rpc_gss_sec *sec, uid_t uid)
u_int maj_stat, min_stat;
gss_cred_id_t credh;
gss_OID_set_desc desired_mechs;
- krb5_enctype enctypes[] = { ENCTYPE_DES_CBC_CRC };
+ krb5_enctype enctypes[] = { ENCTYPE_DES_CBC_CRC,
+ ENCTYPE_DES_CBC_MD5,
+ ENCTYPE_DES_CBC_MD4 };
int num_enctypes = sizeof(enctypes) / sizeof(enctypes[0]);
/* We only care about getting a krb5 cred */

View File

@ -0,0 +1,84 @@
commit a04f8b5a3ea94b7a9d96d339b6ccde5f2e67a2d1
Author: Olga Kornievskaia <aglo@citi.umich.edu>
Date: Wed May 7 10:54:51 2008 -0400
Check the info file nfs/rpc_pipefs/nfs/clnt?/info to
see if a port number was supplied. If so, use it rather
than the default port number.
Signed-off-by: Olga Kornievskaia <aglo@citi.umich.edu>
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
Signed-off-by: Steve Dickson <steved@redhat.com>
diff --git a/utils/gssd/gssd.h b/utils/gssd/gssd.h
index e17edde..6f14c34 100644
--- a/utils/gssd/gssd.h
+++ b/utils/gssd/gssd.h
@@ -80,6 +80,7 @@ struct clnt_info {
int krb5_poll_index;
int spkm3_fd;
int spkm3_poll_index;
+ int port;
};
void init_client_list(void);
diff --git a/utils/gssd/gssd_proc.c b/utils/gssd/gssd_proc.c
index 6860cc8..bac7295 100644
--- a/utils/gssd/gssd_proc.c
+++ b/utils/gssd/gssd_proc.c
@@ -102,7 +102,7 @@ int pollsize; /* the size of pollaray (in pollfd's) */
/* XXX buffer problems: */
static int
read_service_info(char *info_file_name, char **servicename, char **servername,
- int *prog, int *vers, char **protocol) {
+ int *prog, int *vers, char **protocol, int *port) {
#define INFOBUFLEN 256
char buf[INFOBUFLEN];
static char dummy[128];
@@ -112,6 +112,8 @@ read_service_info(char *info_file_name, char **servicename, char **servername,
char program[16];
char version[16];
char protoname[16];
+ char cb_port[128];
+ char *p;
in_addr_t inaddr;
int fd = -1;
struct hostent *ent = NULL;
@@ -143,6 +145,10 @@ read_service_info(char *info_file_name, char **servicename, char **servername,
goto fail;
}
+ cb_port[0] = '\0';
+ if ((p = strstr(buf, "port")) != NULL)
+ sscanf(p, "port: %127s\n", cb_port);
+
/* check service, program, and version */
if(memcmp(service, "nfs", 3)) return -1;
*prog = atoi(program + 1); /* skip open paren */
@@ -163,6 +169,8 @@ read_service_info(char *info_file_name, char **servicename, char **servername,
if (!(*servicename = calloc(strlen(buf) + 1, 1)))
goto fail;
memcpy(*servicename, buf, strlen(buf));
+ if (cb_port[0] != '\0')
+ *port = atoi(cb_port);
if (!(*protocol = strdup(protoname)))
goto fail;
@@ -238,7 +246,7 @@ process_clnt_dir_files(struct clnt_info * clp)
if ((clp->servicename == NULL) &&
read_service_info(info_file_name, &clp->servicename,
&clp->servername, &clp->prog, &clp->vers,
- &clp->protocol))
+ &clp->protocol, &clp->port))
return -1;
return 0;
}
@@ -587,6 +595,8 @@ int create_auth_rpc_client(struct clnt_info *clp,
clp->servername, uid);
goto out_fail;
}
+ if (clp->port)
+ ((struct sockaddr_in *)a->ai_addr)->sin_port = htons(clp->port);
if (a->ai_protocol == IPPROTO_TCP) {
if ((rpc_clnt = clnttcp_create(
(struct sockaddr_in *) a->ai_addr,

View File

@ -0,0 +1,35 @@
commit 73f9b4402ec6625618967f947c99e6e417322d36
Author: Kevin Coffman <kwc@citi.umich.edu>
Date: Wed May 7 14:38:47 2008 -0400
Add a new function to retrieve the current verbosity level
so that some messages that would otherwise always print may
be silenced.
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
Signed-off-by: Steve Dickson <steved@redhat.com>
diff --git a/utils/gssd/err_util.c b/utils/gssd/err_util.c
index 5644db6..2583e06 100644
--- a/utils/gssd/err_util.c
+++ b/utils/gssd/err_util.c
@@ -60,3 +60,8 @@ void printerr(int priority, char *format, ...)
xlog_backend(L_ERROR, format, args);
va_end(args);
}
+
+int get_verbosity(void)
+{
+ return verbosity;
+}
diff --git a/utils/gssd/err_util.h b/utils/gssd/err_util.h
index 5e5af48..c4df32d 100644
--- a/utils/gssd/err_util.h
+++ b/utils/gssd/err_util.h
@@ -33,5 +33,6 @@
void initerr(char *progname, int verbosity, int fg);
void printerr(int priority, char *format, ...);
+int get_verbosity(void);
#endif /* _ERR_UTIL_H_ */

View File

@ -0,0 +1,42 @@
commit 281ca299724f24e7b19c1eca04bba03410e2a306
Author: Jeff Layton <jlaton@redhat.com>
Date: Wed May 7 10:35:30 2008 -0400
The bg option is essentially ignored with nfs4 currently. nfs4mount()
will never exit with EX_BG, so the mount will never be backgrounded.
Fix it so that when bg is specified that we error out with EX_BG as
soon as possible after the first failed mount attempt.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
diff --git a/utils/mount/nfs4mount.c b/utils/mount/nfs4mount.c
index af70551..2b0fe2e 100644
--- a/utils/mount/nfs4mount.c
+++ b/utils/mount/nfs4mount.c
@@ -188,10 +188,9 @@ int nfs4mount(const char *spec, const char *node, int flags,
int bg, soft, intr;
int nocto, noac, unshared;
int retry;
- int retval;
+ int retval = EX_FAIL;
time_t timeout, t;
- retval = EX_FAIL;
if (strlen(spec) >= sizeof(hostdir)) {
nfs_error(_("%s: excessively long host:dir argument\n"),
progname);
@@ -443,6 +442,13 @@ int nfs4mount(const char *spec, const char *node, int flags,
rpc_mount_errors(hostname, 0, bg);
goto fail;
}
+
+ if (bg && !running_bg) {
+ if (retry > 0)
+ retval = EX_BG;
+ goto fail;
+ }
+
t = time(NULL);
if (t >= timeout) {
rpc_mount_errors(hostname, 0, bg);

View File

@ -0,0 +1,30 @@
commit 0930b25ee3a1eb28b957cdc70c9a1958812d895f
Author: NeilBrown <neilb@suse.de>
Date: Thu May 8 05:18:25 2008 -0400
If mount.nfs is not installed setuid, an attempt to perform a "user"
or "users" mount will fail with a fairly obscure error message,
typically about getting "permission denied" from the server.
This patch gives a more helpful message in that case.
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Steve Dickson <steved@redhat.com>
diff --git a/utils/mount/mount.c b/utils/mount/mount.c
index 5076468..d7271a1 100644
--- a/utils/mount/mount.c
+++ b/utils/mount/mount.c
@@ -539,6 +539,12 @@ int main(int argc, char *argv[])
mnt_err = EX_USAGE;
goto out;
}
+
+ if (geteuid() != 0) {
+ nfs_error(_("%s: not installed setuid - "
+ "\"user\" NFS mounts not supported."), progname);
+ exit(EX_FAIL);
+ }
}
if (chk_mountpoint(mount_point)) {

View File

@ -0,0 +1,51 @@
commit 5fb4042ce4eb4fd5e50e3fb0f78bbd20b4d46e78
Author: Jeff Layton <jlaton@redhat.com>
Date: Wed May 7 10:37:40 2008 -0400
The prev_bg_host stuff made sense when NFS didn't have its own mount
handler. Now though, each mount.nfs invocation is really a one-shot
affair, and this check no longer works. It also leaked memory. Remove
it.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
diff --git a/utils/mount/nfsmount.c b/utils/mount/nfsmount.c
index a9dd917..6a04518 100644
--- a/utils/mount/nfsmount.c
+++ b/utils/mount/nfsmount.c
@@ -494,7 +494,6 @@ int
nfsmount(const char *spec, const char *node, int flags,
char **extra_opts, int fake, int running_bg)
{
- static char *prev_bg_host;
char hostdir[1024];
char *hostname, *dirname, *old_opts, *mounthost = NULL;
char new_opts[1024], cbuf[1024];
@@ -628,18 +627,6 @@ nfsmount(const char *spec, const char *node, int flags,
if (flags & MS_REMOUNT)
goto out_ok;
- /*
- * If the previous mount operation on the same host was
- * backgrounded, and the "bg" for this mount is also set,
- * give up immediately, to avoid the initial timeout.
- */
- if (bg && !running_bg &&
- prev_bg_host && strcmp(hostname, prev_bg_host) == 0) {
- if (retry > 0)
- retval = EX_BG;
- return retval;
- }
-
/* create mount deamon client */
/*
@@ -708,7 +695,6 @@ nfsmount(const char *spec, const char *node, int flags,
continue;
}
if (!running_bg) {
- prev_bg_host = xstrdup(hostname);
if (retry > 0)
retval = EX_BG;
goto fail;

View File

@ -0,0 +1,73 @@
commit 5f7cc524008a7dc548a71f4c7b0d39759371a37a
Author: Jeff Layton <jlaton@redhat.com>
Date: Wed May 7 10:27:53 2008 -0400
Currently nfs4mount() sets the retry value to 10000 on both fg and bg
mounts. It should be 2 for fg and 10000 for bg. nfsmount() sets it
properly, but there is a potential corner case. If someone explicitly
sets retry=10000 on a fg mount, then it will be reset to 2.
Fix this by having retry default to -1 for both flavors, and then reset if
needed after the mount options have been parsed.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
diff --git a/utils/mount/nfs4mount.c b/utils/mount/nfs4mount.c
index 311e5a0..af70551 100644
--- a/utils/mount/nfs4mount.c
+++ b/utils/mount/nfs4mount.c
@@ -238,7 +238,7 @@ int nfs4mount(const char *spec, const char *node, int flags,
nocto = 0;
noac = 0;
unshared = 0;
- retry = 10000; /* 10000 minutes ~ 1 week */
+ retry = -1;
/*
* NFSv4 specifies that the default port should be 2049
@@ -332,6 +332,14 @@ int nfs4mount(const char *spec, const char *node, int flags,
}
}
+ /* if retry is still -1, then it wasn't set via an option */
+ if (retry == -1) {
+ if (bg)
+ retry = 10000; /* 10000 mins == ~1 week */
+ else
+ retry = 2; /* 2 min default on fg mounts */
+ }
+
data.flags = (soft ? NFS4_MOUNT_SOFT : 0)
| (intr ? NFS4_MOUNT_INTR : 0)
| (nocto ? NFS4_MOUNT_NOCTO : 0)
diff --git a/utils/mount/nfsmount.c b/utils/mount/nfsmount.c
index 6c0c365..a9dd917 100644
--- a/utils/mount/nfsmount.c
+++ b/utils/mount/nfsmount.c
@@ -571,7 +571,7 @@ nfsmount(const char *spec, const char *node, int flags,
#endif
bg = 0;
- retry = 10000; /* 10000 minutes ~ 1 week */
+ retry = -1;
memset(mnt_pmap, 0, sizeof(*mnt_pmap));
mnt_pmap->pm_prog = MOUNTPROG;
@@ -585,9 +585,13 @@ nfsmount(const char *spec, const char *node, int flags,
goto fail;
if (!nfsmnt_check_compat(nfs_pmap, mnt_pmap))
goto fail;
-
- if (retry == 10000 && !bg)
- retry = 2; /* reset for fg mounts */
+
+ if (retry == -1) {
+ if (bg)
+ retry = 10000; /* 10000 mins == ~1 week*/
+ else
+ retry = 2; /* 2 min default on fg mounts */
+ }
#ifdef NFS_MOUNT_DEBUG
printf(_("rsize = %d, wsize = %d, timeo = %d, retrans = %d\n"),

View File

@ -0,0 +1,28 @@
commit ad1fc3feae447685a8ec8c7db0ad913fe3c4de5c
Author: Sten Spans <sten@blinkenlights.nl>
Date: Mon May 5 14:04:58 2008 -0400
Fixed arguments to the hosts_ctl() call in the good_client() routine
used in the tcpwrapper support.
Signe-off-by: Steve Dickson <steved@redhat.com>
diff --git a/support/misc/tcpwrapper.c b/support/misc/tcpwrapper.c
index 0cc9335..e4f453b 100644
--- a/support/misc/tcpwrapper.c
+++ b/support/misc/tcpwrapper.c
@@ -125,12 +125,12 @@ struct sockaddr_in *addr;
return 0;
/* Check the official name first. */
- if (hosts_ctl(daemon, "", hp->h_name, ""))
+ if (hosts_ctl(daemon, hp->h_name, "", ""))
return 1;
/* Check aliases. */
for (sp = hp->h_aliases; *sp ; sp++) {
- if (hosts_ctl(daemon, "", *sp, ""))
+ if (hosts_ctl(daemon, *sp, "", ""))
return 1;
}

View File

@ -2,7 +2,7 @@ Summary: NFS utilities and supporting clients and daemons for the kernel NFS ser
Name: nfs-utils
URL: http://sourceforge.net/projects/nfs
Version: 1.1.2
Release: 4%{?dist}
Release: 5%{?dist}
Epoch: 1
# group all 32bit related archs
@ -32,6 +32,17 @@ Patch06: nfs-utils-1.1.0-exportfs-man-update.patch
Patch07: nfs-utils-1.1.2-multi-auth-flavours.patch
Patch08: nfs-utils-1.1.2-mount-eacces.patch
Patch101: nfs-utils-1.1.2-tcpwrapper-fix.patch
Patch102: nfs-utils-1.1.2-mount-retry.patch
Patch103: nfs-utils-1.1.2-mount-bg-fix.patch
Patch104: nfs-utils-1.1.2-mount-remove-bg-host.patch
Patch105: nfs-utils-1.1.2-gssd-getport.patch
Patch106: nfs-utils-1.1.2-gssd-des-types.patch
Patch107: nfs-utils-1.1.2-gssd-getverbose.patch
Patch108: nfs-utils-1.1.2-gssd-creds.patch
Patch109: nfs-utils-1.1.2-mount-chk-setuid.patch
Patch110: nfs-utils-1.1.2-exportfs-man-typo.patch
%if %{enablefscache}
Patch90: nfs-utils-1.1.0-mount-fsc.patch
%endif
@ -91,6 +102,17 @@ This package also contains the mount.nfs and umount.nfs program.
%patch07 -p1
%patch08 -p1
%patch101 -p1
%patch102 -p1
%patch103 -p1
%patch104 -p1
%patch105 -p1
%patch106 -p1
%patch107 -p1
%patch108 -p1
%patch109 -p1
%patch110 -p1
%if %{enablefscache}
%patch90 -p1
%endif
@ -257,6 +279,10 @@ fi
%attr(4755,root,root) /sbin/umount.nfs4
%changelog
* Thu May 8 2008 Steve Dickson <steved@redhat.com> 1.1.2-5
- Added 10 (101 thru 110) upstream patches that fixed
things mostly in the mount and gssd code.
* Wed May 7 2008 Steve Dickson <steved@redhat.com> 1.1.2-4
- Added ppc arch to the all_32bit_archs list (bz 442847)