From 9e917f864ca7dbd5b82170123804797229864bc7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20=C5=A0abata?= Date: Thu, 15 Oct 2020 21:04:16 +0200 Subject: [PATCH] RHEL 9.0.0 Alpha bootstrap The content of this branch was automatically imported from Fedora ELN with the following as its source: https://src.fedoraproject.org/rpms/nfs-utils#ae3700f20b5680274b29ff27c2f54879b44ab34b --- .gitignore | 4 + 24-nfs-server.conf | 7 + id_resolver.conf | 9 + lockd.conf | 23 + nfs-convert.service | 22 + nfs-utils-1.2.1-exp-subtree-warn-off.patch | 12 + nfs-utils-1.2.1-statdpath-man.patch | 58 + nfs-utils-1.2.3-sm-notify-res_init.patch | 21 + nfs-utils-1.2.5-idmap-errmsg.patch | 12 + nfs-utils-1.3.2-gssd-noclear-retval.patch | 27 + nfs-utils-1.3.2-systemd-tmpfiles.patch | 42 + nfs-utils-2.1.1-nfs-config.patch | 203 ++ nfs-utils-2.1.1-rpc-include.patch | 20 + nfs-utils-2.2.1-nfsidmap-abi.patch | 412 +++ nfs-utils-2.3.1-mount-auto-v3.patch | 32 + nfs-utils-2.3.1-mount-setdefault-minor.patch | 44 + ...utils-2.3.1-systemd-gssproxy-restart.patch | 11 + nfs-utils-2.3.2-gssd-revert.patch | 43 + nfs-utils-2.3.3-man-tcpwrappers.patch | 89 + nfs-utils-2.3.3-nfsconf-usegssproxy.patch | 21 + nfs-utils-2.3.3-nfsref-linking.patch | 29 + nfs-utils-2.3.3-printf-4k.patch | 47 + nfs-utils-2.3.4-PRIx64-integers.patch | 118 + nfs-utils-2.3.4-mount-fallback.patch | 49 + nfs-utils-2.3.4-mountd-memleak.patch | 77 + nfs-utils-2.3.4-mountd-segfault.patch | 83 + nfs-utils-2.4.2-systemd-svcgssd.patch | 14 + nfs-utils-2.5.1-nfsiostat-KeyError.patch | 37 + nfs-utils-2.5.1-rpcidmap-dontfreeconfig.patch | 29 + nfs-utils-2.5.2-rc4.patch | 3020 +++++++++++++++++ nfs-utils.spec | 2117 ++++++++++++ nfs.sysconfig | 38 + nfsconvert.py | 310 ++ nfsconvert.sh | 38 + sources | 1 + 35 files changed, 7119 insertions(+) create mode 100644 24-nfs-server.conf create mode 100644 id_resolver.conf create mode 100644 lockd.conf create mode 100644 nfs-convert.service create mode 100644 nfs-utils-1.2.1-exp-subtree-warn-off.patch create mode 100644 nfs-utils-1.2.1-statdpath-man.patch create mode 100644 nfs-utils-1.2.3-sm-notify-res_init.patch create mode 100644 nfs-utils-1.2.5-idmap-errmsg.patch create mode 100644 nfs-utils-1.3.2-gssd-noclear-retval.patch create mode 100644 nfs-utils-1.3.2-systemd-tmpfiles.patch create mode 100644 nfs-utils-2.1.1-nfs-config.patch create mode 100644 nfs-utils-2.1.1-rpc-include.patch create mode 100644 nfs-utils-2.2.1-nfsidmap-abi.patch create mode 100644 nfs-utils-2.3.1-mount-auto-v3.patch create mode 100644 nfs-utils-2.3.1-mount-setdefault-minor.patch create mode 100644 nfs-utils-2.3.1-systemd-gssproxy-restart.patch create mode 100644 nfs-utils-2.3.2-gssd-revert.patch create mode 100644 nfs-utils-2.3.3-man-tcpwrappers.patch create mode 100644 nfs-utils-2.3.3-nfsconf-usegssproxy.patch create mode 100644 nfs-utils-2.3.3-nfsref-linking.patch create mode 100644 nfs-utils-2.3.3-printf-4k.patch create mode 100644 nfs-utils-2.3.4-PRIx64-integers.patch create mode 100644 nfs-utils-2.3.4-mount-fallback.patch create mode 100644 nfs-utils-2.3.4-mountd-memleak.patch create mode 100644 nfs-utils-2.3.4-mountd-segfault.patch create mode 100644 nfs-utils-2.4.2-systemd-svcgssd.patch create mode 100644 nfs-utils-2.5.1-nfsiostat-KeyError.patch create mode 100644 nfs-utils-2.5.1-rpcidmap-dontfreeconfig.patch create mode 100644 nfs-utils-2.5.2-rc4.patch create mode 100644 nfs-utils.spec create mode 100644 nfs.sysconfig create mode 100644 nfsconvert.py create mode 100644 nfsconvert.sh create mode 100644 sources diff --git a/.gitignore b/.gitignore index e69de29..a3d9269 100644 --- a/.gitignore +++ b/.gitignore @@ -0,0 +1,4 @@ +x86_64 +Makefile +/nfs-utils-2.5.1.tar.xz +nfs-utils-2.5.1/ diff --git a/24-nfs-server.conf b/24-nfs-server.conf new file mode 100644 index 0000000..5011e92 --- /dev/null +++ b/24-nfs-server.conf @@ -0,0 +1,7 @@ +[service/nfs-server] + mechs = krb5 + socket = /run/gssproxy.sock + cred_store = keytab:/etc/krb5.keytab + trusted = yes + kernel_nfsd = yes + euid = 0 diff --git a/id_resolver.conf b/id_resolver.conf new file mode 100644 index 0000000..67ccb18 --- /dev/null +++ b/id_resolver.conf @@ -0,0 +1,9 @@ +# +# nfsidmap(5) - The NFS idmapper upcall program +# Summary: Used by NFSv4 to map user/group ids into +# user/group names and names into in ids +# Options: +# -v Increases the verbosity of the output to syslog +# -t timeout Set the expiration timer, in seconds, on the key +# +create id_resolver * * /usr/sbin/nfsidmap %k %d diff --git a/lockd.conf b/lockd.conf new file mode 100644 index 0000000..f672d12 --- /dev/null +++ b/lockd.conf @@ -0,0 +1,23 @@ +# +# Set the NFS lock manager grace period. n is measured in seconds. +#options lockd nlm_grace_period=90 +# +# Set the TCP port that the NFS lock manager should use. +# port must be a valid TCP port value (1-65535). +#options lockd nlm_tcpport +# +# Set the UDP port that the NFS lock manager should use. +# port must be a valid UDP port value (1-65535). +#options lockd nlm_udpport +# +# Set the maximum number of outstanding connections +#options lockd nlm_max_connections=1024 +# +# Set the default time value for the NFS lock manager +# in seconds. Default is 10 secs (min 3 max 20) +#options lockd nlm_timeout=10 +# +# Choose whether to record the caller_name or IP address +# this peer in the local rpc.statd's database. +#options lockd nsm_use_hostnames=0 + diff --git a/nfs-convert.service b/nfs-convert.service new file mode 100644 index 0000000..3185ff1 --- /dev/null +++ b/nfs-convert.service @@ -0,0 +1,22 @@ +[Unit] +Description=Preprocess NFS configuration convertion +DefaultDependencies=no + +Before=nfs-server.service nfs-mountd.service nfs-idmapd.service +Before=nfs-blkmap.service rpc-statd.service rpc-gssd.service +Before=rpc-statd-notify.service + +After=initrd-root-fs.target + +[Service] +Type=oneshot +ExecStart=/usr/libexec/nfs-utils/nfsconvert.sh + +[Install] +RequiredBy=nfs-server.service +RequiredBy=nfs-mountd.service +RequiredBy=nfs-idmapd.service +RequiredBy=nfs-blkmap.service +RequiredBy=rpc-statd.service +RequiredBy=rpc-gssd.service +RequiredBy=rpc-statd-notify.service diff --git a/nfs-utils-1.2.1-exp-subtree-warn-off.patch b/nfs-utils-1.2.1-exp-subtree-warn-off.patch new file mode 100644 index 0000000..7708750 --- /dev/null +++ b/nfs-utils-1.2.1-exp-subtree-warn-off.patch @@ -0,0 +1,12 @@ +diff -up nfs-utils-2.1.1/support/nfs/exports.c.orig nfs-utils-2.1.1/support/nfs/exports.c +--- nfs-utils-2.1.1/support/nfs/exports.c.orig 2017-01-12 10:21:39.000000000 -0500 ++++ nfs-utils-2.1.1/support/nfs/exports.c 2017-04-26 12:46:24.186480312 -0400 +@@ -507,7 +507,7 @@ void fix_pseudoflavor_flags(struct expor + static int + parseopts(char *cp, struct exportent *ep, int warn, int *had_subtree_opt_ptr) + { +- int had_subtree_opt = 0; ++ int had_subtree_opt = 1; + char *flname = efname?efname:"command line"; + int flline = efp?efp->x_line:0; + unsigned int active = 0; diff --git a/nfs-utils-1.2.1-statdpath-man.patch b/nfs-utils-1.2.1-statdpath-man.patch new file mode 100644 index 0000000..986a4b8 --- /dev/null +++ b/nfs-utils-1.2.1-statdpath-man.patch @@ -0,0 +1,58 @@ +diff -up nfs-utils-2.1.1/utils/statd/sm-notify.man.orig nfs-utils-2.1.1/utils/statd/sm-notify.man +--- nfs-utils-2.1.1/utils/statd/sm-notify.man.orig 2017-04-26 12:45:14.205742654 -0400 ++++ nfs-utils-2.1.1/utils/statd/sm-notify.man 2017-04-26 12:45:44.042630801 -0400 +@@ -184,7 +184,7 @@ where NSM state information resides. + If this option is not specified, + .B sm-notify + uses +-.I /var/lib/nfs ++.I /var/lib/nfs/statd + by default. + .IP + After starting, +@@ -330,13 +330,13 @@ Currently, the + command supports sending notification only via datagram transport protocols. + .SH FILES + .TP 2.5i +-.I /var/lib/nfs/sm ++.I /var/lib/nfs/statd/sm + directory containing monitor list + .TP 2.5i +-.I /var/lib/nfs/sm.bak ++.I /var/lib/nfs/statd/sm.bak + directory containing notify list + .TP 2.5i +-.I /var/lib/nfs/state ++.I /var/lib/nfs/statd/state + NSM state number for this host + .TP 2.5i + .I /proc/sys/fs/nfs/nsm_local_state +diff -up nfs-utils-2.1.1/utils/statd/statd.man.orig nfs-utils-2.1.1/utils/statd/statd.man +--- nfs-utils-2.1.1/utils/statd/statd.man.orig 2017-01-12 10:21:39.000000000 -0500 ++++ nfs-utils-2.1.1/utils/statd/statd.man 2017-04-26 12:45:44.043630798 -0400 +@@ -253,7 +253,7 @@ where NSM state information resides. + If this option is not specified, + .B rpc.statd + uses +-.I /var/lib/nfs ++.I /var/lib/nfs/statd + by default. + .IP + After starting, +@@ -425,13 +425,13 @@ If set to a positive integer, has the sa + .IR \-\-no\-notify . + .SH FILES + .TP 2.5i +-.I /var/lib/nfs/sm ++.I /var/lib/nfs/statd/sm + directory containing monitor list + .TP 2.5i +-.I /var/lib/nfs/sm.bak ++.I /var/lib/nfs/statd/sm.bak + directory containing notify list + .TP 2.5i +-.I /var/lib/nfs/state ++.I /var/lib/nfs/statd/state + NSM state number for this host + .TP 2.5i + .I /var/run/run.statd.pid diff --git a/nfs-utils-1.2.3-sm-notify-res_init.patch b/nfs-utils-1.2.3-sm-notify-res_init.patch new file mode 100644 index 0000000..835e2f8 --- /dev/null +++ b/nfs-utils-1.2.3-sm-notify-res_init.patch @@ -0,0 +1,21 @@ +diff -up nfs-utils-2.1.1/utils/statd/sm-notify.c.orig nfs-utils-2.1.1/utils/statd/sm-notify.c +--- nfs-utils-2.1.1/utils/statd/sm-notify.c.orig 2017-04-26 12:46:56.511359133 -0400 ++++ nfs-utils-2.1.1/utils/statd/sm-notify.c 2017-04-26 12:47:18.155277994 -0400 +@@ -28,6 +28,9 @@ + #include + #include + #include ++#include ++#include ++#include + + #include "conffile.h" + #include "sockaddr.h" +@@ -91,6 +94,7 @@ smn_lookup(const char *name) + }; + int error; + ++ res_init(); + error = getaddrinfo(name, NULL, &hint, &ai); + if (error != 0) { + xlog(D_GENERAL, "getaddrinfo(3): %s", gai_strerror(error)); diff --git a/nfs-utils-1.2.5-idmap-errmsg.patch b/nfs-utils-1.2.5-idmap-errmsg.patch new file mode 100644 index 0000000..47143df --- /dev/null +++ b/nfs-utils-1.2.5-idmap-errmsg.patch @@ -0,0 +1,12 @@ +diff -up nfs-utils-2.4.2/utils/nfsidmap/nfsidmap.c.orig nfs-utils-2.4.2/utils/nfsidmap/nfsidmap.c +--- nfs-utils-2.4.2/utils/nfsidmap/nfsidmap.c.orig 2019-11-11 14:15:50.000000000 -0500 ++++ nfs-utils-2.4.2/utils/nfsidmap/nfsidmap.c 2019-11-11 14:29:47.355661037 -0500 +@@ -434,7 +434,7 @@ int main(int argc, char **argv) + + xlog_stderr(verbose); + if ((argc - optind) != 2) { +- xlog_warn("Bad arg count. Check /etc/request-key.conf"); ++ xlog_warn("Bad arg count. Check /etc/request-key.d/request-key.conf"); + xlog_warn(USAGE, progname); + return EXIT_FAILURE; + } diff --git a/nfs-utils-1.3.2-gssd-noclear-retval.patch b/nfs-utils-1.3.2-gssd-noclear-retval.patch new file mode 100644 index 0000000..c19d730 --- /dev/null +++ b/nfs-utils-1.3.2-gssd-noclear-retval.patch @@ -0,0 +1,27 @@ +commit a705076172b274463563416adffe55f129740267 +Author: Steve Dickson +Date: Thu Jul 30 17:06:39 2015 -0400 + + rpc.gssd: Only clear the retval if it has not been set + + In gssd_search_krb5_keytab() an error code can be + cleared by blindly setting retval to zero. + + Reported-by: Jianhong Yin + Signed-off-by: Steve Dickson + +diff --git a/utils/gssd/krb5_util.c b/utils/gssd/krb5_util.c +index f1ebc0d..ecf17a2 100644 +--- a/utils/gssd/krb5_util.c ++++ b/utils/gssd/krb5_util.c +@@ -772,7 +772,9 @@ gssd_search_krb5_keytab(krb5_context context, krb5_keytab kt, + "keytab '%s'\n", k5err, kt_name); + } + +- retval = 0; ++ /* Only clear the retval if has not been set */ ++ if (retval < 0) ++ retval = 0; + out: + free(k5err); + return retval; diff --git a/nfs-utils-1.3.2-systemd-tmpfiles.patch b/nfs-utils-1.3.2-systemd-tmpfiles.patch new file mode 100644 index 0000000..5a17bea --- /dev/null +++ b/nfs-utils-1.3.2-systemd-tmpfiles.patch @@ -0,0 +1,42 @@ +From 68852818f732b31d3deb7cc76ef16f4e61c41aec Mon Sep 17 00:00:00 2001 +From: Colin Walters +Date: Sat, 9 May 2015 11:29:20 -0400 +Subject: [PATCH] systemd: Set var-lib-nfs-rpc_pipefs.mount After= tmpfiles + +OSTree is a mechanism for atomic updates of operating systems, with +designs for how system state is managed; in particular, `/var` should +start out empty, and components are responsible for creating content +there at runtime. + +rpm-ostree consumes RPMs and commits them to an OSTree repository. +It has some support for automatically synthesizing systemd `tmpfiles.d` +snippets from RPM content in `/var` using systemd-tmpfiles. + +However, in this case nfs-utils wants a mount point directory, and +it's running before systemd-tmpfiles. It should be perfectly fine to +do this mount after tmpfiles has run. + +A better fix for this would be to move transient directories to +`/run`; However, that would be an invasive change, which can happen +after this fix. + +Signed-off-by: Colin Walters +--- + systemd/var-lib-nfs-rpc_pipefs.mount | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/systemd/var-lib-nfs-rpc_pipefs.mount b/systemd/var-lib-nfs-rpc_pipefs.mount +index 33c5db6..26d1c76 100644 +--- a/systemd/var-lib-nfs-rpc_pipefs.mount ++++ b/systemd/var-lib-nfs-rpc_pipefs.mount +@@ -1,6 +1,7 @@ + [Unit] + Description=RPC Pipe File System + DefaultDependencies=no ++After=systemd-tmpfiles-setup.service + Conflicts=umount.target + + [Mount] +-- +1.8.3.1 + diff --git a/nfs-utils-2.1.1-nfs-config.patch b/nfs-utils-2.1.1-nfs-config.patch new file mode 100644 index 0000000..2eb0fb1 --- /dev/null +++ b/nfs-utils-2.1.1-nfs-config.patch @@ -0,0 +1,203 @@ +diff -up nfs-utils-2.2.1/configure.ac.orig nfs-utils-2.2.1/configure.ac +--- nfs-utils-2.2.1/configure.ac.orig 2017-10-25 15:32:19.000000000 -0400 ++++ nfs-utils-2.2.1/configure.ac 2017-10-25 15:52:43.287511759 -0400 +@@ -552,6 +552,11 @@ AC_SUBST([AM_CFLAGS], ["$my_am_cflags"]) + # Make sure that $ACLOCAL_FLAGS are used during a rebuild + AC_SUBST([ACLOCAL_AMFLAGS], ["-I $ac_macro_dir \$(ACLOCAL_FLAGS)"]) + ++# make libexecdir available for substituion in config files ++# 2 "evals" needed late to expand variable names. ++AC_SUBST([_libexecdir]) ++AC_CONFIG_COMMANDS_PRE([eval eval _libexecdir=$libexecdir]) ++ + # make _sysconfdir available for substituion in config files + # 2 "evals" needed late to expand variable names. + AC_SUBST([_sysconfdir]) +@@ -559,6 +564,7 @@ AC_CONFIG_COMMANDS_PRE([eval eval _sysco + + AC_CONFIG_FILES([ + Makefile ++ systemd/nfs-config.service + systemd/rpc-gssd.service + linux-nfs/Makefile + support/Makefile +diff -up nfs-utils-2.2.1/systemd/Makefile.am.orig nfs-utils-2.2.1/systemd/Makefile.am +--- nfs-utils-2.2.1/systemd/Makefile.am.orig 2017-10-25 15:32:19.000000000 -0400 ++++ nfs-utils-2.2.1/systemd/Makefile.am 2017-10-25 15:52:43.287511759 -0400 +@@ -6,6 +6,7 @@ unit_files = \ + nfs-client.target \ + rpc_pipefs.target \ + \ ++ nfs-config.service \ + nfs-mountd.service \ + nfs-server.service \ + nfs-utils.service \ +diff -up nfs-utils-2.2.1/systemd/nfs-blkmap.service.orig nfs-utils-2.2.1/systemd/nfs-blkmap.service +--- nfs-utils-2.2.1/systemd/nfs-blkmap.service.orig 2017-10-25 15:32:19.000000000 -0400 ++++ nfs-utils-2.2.1/systemd/nfs-blkmap.service 2017-10-25 15:52:43.288511762 -0400 +@@ -10,7 +10,8 @@ PartOf=nfs-utils.service + [Service] + Type=forking + PIDFile=/var/run/blkmapd.pid +-ExecStart=/usr/sbin/blkmapd ++EnvironmentFile=-/run/sysconfig/nfs-utils ++ExecStart=/usr/sbin/blkmapd $BLKMAPDARGS + + [Install] + WantedBy=nfs-client.target +diff -up nfs-utils-2.2.1/systemd/nfs-config.service.in.orig nfs-utils-2.2.1/systemd/nfs-config.service.in +--- nfs-utils-2.2.1/systemd/nfs-config.service.in.orig 2017-10-25 15:52:43.288511762 -0400 ++++ nfs-utils-2.2.1/systemd/nfs-config.service.in 2017-10-25 15:52:43.288511762 -0400 +@@ -0,0 +1,13 @@ ++[Unit] ++Description=Preprocess NFS configuration ++After=local-fs.target ++DefaultDependencies=no ++ ++[Service] ++Type=oneshot ++# This service needs to run any time any nfs service ++# is started, so changes to local config files get ++# incorporated. Having "RemainAfterExit=no" (the default) ++# ensures this happens. ++RemainAfterExit=no ++ExecStart=@_libexecdir@/nfs-utils/nfs-utils_env.sh +diff -up nfs-utils-2.2.1/systemd/nfs-idmapd.service.orig nfs-utils-2.2.1/systemd/nfs-idmapd.service +--- nfs-utils-2.2.1/systemd/nfs-idmapd.service.orig 2017-10-25 15:32:19.000000000 -0400 ++++ nfs-utils-2.2.1/systemd/nfs-idmapd.service 2017-10-25 15:52:43.288511762 -0400 +@@ -6,6 +6,10 @@ After=rpc_pipefs.target local-fs.target + + BindsTo=nfs-server.service + ++Wants=nfs-config.service ++After=nfs-config.service ++ + [Service] ++EnvironmentFile=-/run/sysconfig/nfs-utils + Type=forking +-ExecStart=/usr/sbin/rpc.idmapd ++ExecStart=/usr/sbin/rpc.idmapd $RPCIDMAPDARGS +diff -up nfs-utils-2.2.1/systemd/nfs-mountd.service.orig nfs-utils-2.2.1/systemd/nfs-mountd.service +--- nfs-utils-2.2.1/systemd/nfs-mountd.service.orig 2017-10-25 15:32:19.000000000 -0400 ++++ nfs-utils-2.2.1/systemd/nfs-mountd.service 2017-10-25 15:52:43.289511766 -0400 +@@ -8,6 +8,10 @@ After=network-online.target local-fs.tar + After=rpcbind.socket + BindsTo=nfs-server.service + ++Wants=nfs-config.service ++After=nfs-config.service ++ + [Service] ++EnvironmentFile=-/run/sysconfig/nfs-utils + Type=forking +-ExecStart=/usr/sbin/rpc.mountd ++ExecStart=/usr/sbin/rpc.mountd $RPCMOUNTDARGS +diff -up nfs-utils-2.2.1/systemd/nfs-server.service.orig nfs-utils-2.2.1/systemd/nfs-server.service +--- nfs-utils-2.2.1/systemd/nfs-server.service.orig 2017-10-25 15:32:19.000000000 -0400 ++++ nfs-utils-2.2.1/systemd/nfs-server.service 2017-10-25 15:52:43.289511766 -0400 +@@ -16,11 +16,16 @@ Before= rpc-statd-notify.service + Wants=auth-rpcgss-module.service + After=rpc-gssd.service gssproxy.service rpc-svcgssd.service + ++Wants=nfs-config.service ++After=nfs-config.service ++ + [Service] ++EnvironmentFile=-/run/sysconfig/nfs-utils ++ + Type=oneshot + RemainAfterExit=yes + ExecStartPre=/usr/sbin/exportfs -r +-ExecStart=/usr/sbin/rpc.nfsd ++ExecStart=/usr/sbin/rpc.nfsd $RPCNFSDARGS + ExecStop=/usr/sbin/rpc.nfsd 0 + ExecStopPost=/usr/sbin/exportfs -au + ExecStopPost=/usr/sbin/exportfs -f +diff -up nfs-utils-2.2.1/systemd/README.orig nfs-utils-2.2.1/systemd/README +--- nfs-utils-2.2.1/systemd/README.orig 2017-10-25 15:32:19.000000000 -0400 ++++ nfs-utils-2.2.1/systemd/README 2017-10-25 15:52:43.289511766 -0400 +@@ -19,8 +19,8 @@ by a suitable 'preset' setting: + can work (if no type is given, ".service" is assumed). + + nfs-client.target +- If enabled, daemons needed for an nfs client are enabled. +- This does *not* include rpc.statd. The rpc-statd.service unit ++ If enabled, daemons needs for an nfs client are enabled. ++ This does *not* include rpc.statd. the rpc-statd.service unit + is started by /usr/sbin/start-statd which mount.nfs will run + if statd is needed. + +@@ -52,19 +52,11 @@ It cannot stop rpc.statd or rpc.gssd as + client and systemd cannot specify is two-pronged reverse dependency. + (i.e. stop this unit if none of these units are running) + +-Distro specific configuration can be included in /etc/nfs.conf, or +-by providing drop-in files which replace the ExecStart line for a given +-service, and possibly add an EnvironmentFile line. +- +-For example, if systemd/system/nfs-mountd.service.d/local.conf +-contained +- [Service] +- EnvironmentFile=/etc/sysconfig/nfs +- ExecStart= +- ExecStart=/usr/sbin/rpc.mountd $RPCMOUNTDOPTS +- +-then the setting of RPCMOUNTDOPTS in /etc/sysconfig/nfs would be +-passed to rpc.mountd. ++Distro specific commandline configuration can be provided by ++installing a script /usr/libexec/nfs-utils/nfs-utils_env.sh ++This should write /run/sysconfig/nfs-utils based on configuration ++information such as in /etc/sysconfig/nfs or /etc/defaults/nfs. ++It is run once by nfs-config.service. + + rpc.gssd and rpc.svcgssd are assumed to be needed if /etc/krb5.keytab + is present. +diff -up nfs-utils-2.2.1/systemd/rpc-gssd.service.in.orig nfs-utils-2.2.1/systemd/rpc-gssd.service.in +--- nfs-utils-2.2.1/systemd/rpc-gssd.service.in.orig 2017-10-25 15:32:19.000000000 -0400 ++++ nfs-utils-2.2.1/systemd/rpc-gssd.service.in 2017-10-25 15:52:43.290511769 -0400 +@@ -9,6 +9,11 @@ ConditionPathExists=@_sysconfdir@/krb5.k + + PartOf=nfs-utils.service + ++Wants=nfs-config.service ++After=nfs-config.service ++ + [Service] ++EnvironmentFile=-/run/sysconfig/nfs-utils ++ + Type=forking +-ExecStart=/usr/sbin/rpc.gssd ++ExecStart=/usr/sbin/rpc.gssd $RPCGSSDARGS +diff -up nfs-utils-2.2.1/systemd/rpc-statd-notify.service.orig nfs-utils-2.2.1/systemd/rpc-statd-notify.service +--- nfs-utils-2.2.1/systemd/rpc-statd-notify.service.orig 2017-10-25 15:52:43.290511769 -0400 ++++ nfs-utils-2.2.1/systemd/rpc-statd-notify.service 2017-10-25 15:56:28.102284921 -0400 +@@ -10,7 +10,11 @@ After=nfs-server.service + + PartOf=nfs-utils.service + ++Wants=nfs-config.service ++After=nfs-config.service ++ + [Service] + Type=forking +-ExecStart=-/usr/sbin/sm-notify ++EnvironmentFile=-/run/sysconfig/nfs-utils ++ExecStart=-/usr/sbin/sm-notify $SMNOTIFYARGS + RemainAfterExit=yes +diff -up nfs-utils-2.2.1/systemd/rpc-statd.service.orig nfs-utils-2.2.1/systemd/rpc-statd.service +--- nfs-utils-2.2.1/systemd/rpc-statd.service.orig 2017-10-25 15:32:19.000000000 -0400 ++++ nfs-utils-2.2.1/systemd/rpc-statd.service 2017-10-25 15:52:43.291511772 -0400 +@@ -8,8 +8,12 @@ After=network-online.target nss-lookup.t + + PartOf=nfs-utils.service + ++Wants=nfs-config.service ++After=nfs-config.service ++ + [Service] + Environment=RPC_STATD_NO_NOTIFY=1 ++EnvironmentFile=-/run/sysconfig/nfs-utils + Type=forking + PIDFile=/var/run/rpc.statd.pid +-ExecStart=/usr/sbin/rpc.statd ++ExecStart=/usr/sbin/rpc.statd $STATDARGS diff --git a/nfs-utils-2.1.1-rpc-include.patch b/nfs-utils-2.1.1-rpc-include.patch new file mode 100644 index 0000000..5cf44f1 --- /dev/null +++ b/nfs-utils-2.1.1-rpc-include.patch @@ -0,0 +1,20 @@ +commit ba03a02c2fd912f370e1f55de921a403bf5f9247 +Author: Steve Dickson +Date: Thu Jun 22 12:56:41 2017 -0400 + + rpc.c: added include file so UINT16_MAX is defined. + + Signed-off-by: Steve Dickson + +diff --git a/support/nsm/rpc.c b/support/nsm/rpc.c +index 4e5f40e..0a8e56f 100644 +--- a/support/nsm/rpc.c ++++ b/support/nsm/rpc.c +@@ -38,6 +38,7 @@ + #include + #include + ++#include + #include + #include + #include diff --git a/nfs-utils-2.2.1-nfsidmap-abi.patch b/nfs-utils-2.2.1-nfsidmap-abi.patch new file mode 100644 index 0000000..bdcfe52 --- /dev/null +++ b/nfs-utils-2.2.1-nfsidmap-abi.patch @@ -0,0 +1,412 @@ +commit 8d9bf479441d9d7a44a86b69026a7e9d431d3ade +Author: Justin Mitchell +Date: Tue Nov 7 09:28:25 2017 -0500 + + nfs-utils: Restore ABI compat with pre-merge libnfsidmap + + Prior to merge libnfsidmap leaked many private symbols that were + not defined in its API, creating an accidental ABI. + This patch renames and unhides symbols in order to match that ABI + until a cleaned up API can be established and released. + + Signed-off-by: Steve Dickson + +diff --git a/support/include/conffile.h b/support/include/conffile.h +index d4cb6b4..ad20067 100644 +--- a/support/include/conffile.h ++++ b/support/include/conffile.h +@@ -60,7 +60,7 @@ extern _Bool conf_get_bool(const char *, const char *, _Bool); + extern char *conf_get_str(const char *, const char *); + extern char *conf_get_str_with_def(const char *, const char *, char *); + extern char *conf_get_section(const char *, const char *, const char *); +-extern void conf_init(const char *); ++extern void conf_init_file(const char *); + extern void conf_cleanup(void); + extern int conf_match_num(const char *, const char *, int); + extern int conf_remove(int, const char *, const char *); +diff --git a/support/nfs/Makefile.am b/support/nfs/Makefile.am +index c037c46..e573b69 100644 +--- a/support/nfs/Makefile.am ++++ b/support/nfs/Makefile.am +@@ -7,10 +7,10 @@ libnfs_la_SOURCES = exports.c rmtab.c xio.c rpcmisc.c rpcdispatch.c \ + xcommon.c wildmat.c mydaemon.c \ + rpc_socket.c getport.c \ + svc_socket.c cacheio.c closeall.c nfs_mntent.c \ +- svc_create.c atomicio.c strlcpy.c strlcat.c ++ svc_create.c atomicio.c strlcat.c + libnfs_la_LIBADD = libnfsconf.la + +-libnfsconf_la_SOURCES = conffile.c xlog.c ++libnfsconf_la_SOURCES = conffile.c xlog.c strlcpy.c + + MAINTAINERCLEANFILES = Makefile.in + +diff --git a/support/nfs/conffile.c b/support/nfs/conffile.c +index 9c5ed8e..dce8148 100644 +--- a/support/nfs/conffile.c ++++ b/support/nfs/conffile.c +@@ -53,11 +53,9 @@ + #include "conffile.h" + #include "xlog.h" + +-#pragma GCC visibility push(hidden) +- + static void conf_load_defaults(void); +-static char * conf_load(const char *path); +-static int conf_set(int , const char *, const char *, const char *, ++static char * conf_readfile(const char *path); ++int conf_set(int , const char *, const char *, const char *, + const char *, int , int ); + static void conf_parse(int trans, char *buf, + char **section, char **subsection); +@@ -79,12 +77,10 @@ TAILQ_HEAD (conf_trans_head, conf_trans) conf_trans_queue; + /* + * Radix-64 Encoding. + */ +-#if 0 +-static const uint8_t bin2asc[] ++const uint8_t bin2asc[] + = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; +-#endif + +-static const uint8_t asc2bin[] = ++const uint8_t asc2bin[] = + { + 255, 255, 255, 255, 255, 255, 255, 255, + 255, 255, 255, 255, 255, 255, 255, 255, +@@ -370,7 +366,7 @@ conf_parse_line(int trans, char *line, int lineno, char **section, char **subsec + + if (strcasecmp(line, "include")==0) { + /* load and parse subordinate config files */ +- char * subconf = conf_load(val); ++ char * subconf = conf_readfile(val); + if (subconf == NULL) { + xlog_warn("config file error: line %d: " + "error loading included config", lineno); +@@ -435,7 +431,7 @@ conf_load_defaults(void) + } + + static char * +-conf_load(const char *path) ++conf_readfile(const char *path) + { + struct stat sb; + if ((stat (path, &sb) == 0) || (errno != ENOENT)) { +@@ -444,19 +440,19 @@ conf_load(const char *path) + int fd = open (path, O_RDONLY, 0); + + if (fd == -1) { +- xlog_warn("conf_reinit: open (\"%s\", O_RDONLY) failed", path); ++ xlog_warn("conf_readfile: open (\"%s\", O_RDONLY) failed", path); + return NULL; + } + + new_conf_addr = malloc(sz+1); + if (!new_conf_addr) { +- xlog_warn("conf_reinit: malloc (%lu) failed", (unsigned long)sz); ++ xlog_warn("conf_readfile: malloc (%lu) failed", (unsigned long)sz); + goto fail; + } + + /* XXX I assume short reads won't happen here. */ + if (read (fd, new_conf_addr, sz) != (int)sz) { +- xlog_warn("conf_reinit: read (%d, %p, %lu) failed", ++ xlog_warn("conf_readfile: read (%d, %p, %lu) failed", + fd, new_conf_addr, (unsigned long)sz); + goto fail; + } +@@ -493,15 +489,19 @@ static void conf_free_bindings(void) + } + } + ++#pragma GCC visibility push(hidden) ++/* these are the real fuinctions, hidden from being exported ++ * by libnfsidmap ABI compatability */ ++ + /* Open the config file and map it into our address space, then parse it. */ + static void +-conf_reinit(const char *conf_file) ++conf_load_file(const char *conf_file) + { + int trans; + char * conf_data; + + trans = conf_begin(); +- conf_data = conf_load(conf_file); ++ conf_data = conf_readfile(conf_file); + + if (conf_data == NULL) + return; +@@ -526,7 +526,7 @@ conf_reinit(const char *conf_file) + } + + void +-conf_init (const char *conf_file) ++conf_init_file(const char *conf_file) + { + unsigned int i; + +@@ -536,7 +536,7 @@ conf_init (const char *conf_file) + TAILQ_INIT (&conf_trans_queue); + + if (conf_file == NULL) conf_file=NFS_CONFFILE; +- conf_reinit(conf_file); ++ conf_load_file(conf_file); + } + + /* +@@ -560,6 +560,8 @@ conf_cleanup(void) + TAILQ_INIT(&conf_trans_queue); + } + ++#pragma GCC visibility pop ++ + /* + * Return the numeric value denoted by TAG in section SECTION or DEF + * if that tag does not exist. +@@ -575,6 +577,7 @@ conf_get_num(const char *section, const char *tag, int def) + return def; + } + ++#pragma GCC visibility push(hidden) + /* + * Return the Boolean value denoted by TAG in section SECTION, or DEF + * if that tags does not exist. +@@ -606,6 +609,7 @@ conf_get_bool(const char *section, const char *tag, _Bool def) + return false; + return def; + } ++#pragma GCC visibility pop + + /* Validate X according to the range denoted by TAG in section SECTION. */ + int +@@ -651,6 +655,7 @@ conf_get_str_with_def(const char *section, const char *tag, char *def) + return result; + } + ++#pragma GCC visibility push(hidden) + /* + * Find a section that may or may not have an argument + */ +@@ -682,6 +687,7 @@ retry: + } + return 0; + } ++#pragma GCC visibility pop + + /* + * Build a list of string values out of the comma separated value denoted by +@@ -876,7 +882,7 @@ conf_trans_node(int transaction, enum conf_op op) + } + + /* Queue a set operation. */ +-static int ++int + conf_set(int transaction, const char *section, const char *arg, + const char *tag, const char *value, int override, int is_default) + { +diff --git a/support/nfsidmap/libnfsidmap.c b/support/nfsidmap/libnfsidmap.c +index 931387a..40011ee 100644 +--- a/support/nfsidmap/libnfsidmap.c ++++ b/support/nfsidmap/libnfsidmap.c +@@ -89,6 +89,10 @@ gid_t nobody_gid = (gid_t)-1; + #define NFS4DNSTXTREC "_nfsv4idmapdomain" + #endif + ++/* DEPRECATED these are for ABI compatibility only */ ++char * conf_path = PATH_IDMAPDCONF; ++void conf_reinit(void); ++void conf_init(void); + + /* Default logging fuction */ + static void default_logger(const char *fmt, ...) +@@ -342,7 +346,6 @@ int nfs4_init_name_mapping(char *conffile) + char *nobody_user, *nobody_group; + char *nostrip; + char *reformatgroup; +- char *conf_path; + + /* XXX: need to be able to reload configurations... */ + if (nfs4_plugins) /* already succesfully initialized */ +@@ -351,7 +354,7 @@ int nfs4_init_name_mapping(char *conffile) + conf_path = conffile; + else + conf_path = PATH_IDMAPDCONF; +- conf_init(conf_path); ++ conf_init_file(conf_path); + default_domain = conf_get_str("General", "Domain"); + if (default_domain == NULL) { + dflt = 1; +@@ -710,3 +713,13 @@ void nfs4_set_debug(int dbg_level, void (*logger)(const char *, ...)) + idmap_verbosity = dbg_level; + } + ++void conf_reinit(void) ++{ ++ conf_init_file(conf_path); ++} ++ ++void conf_init(void) ++{ ++ conf_init_file(conf_path); ++} ++ +diff --git a/systemd/rpc-pipefs-generator.c b/systemd/rpc-pipefs-generator.c +index 59eee87..6e1d69c 100644 +--- a/systemd/rpc-pipefs-generator.c ++++ b/systemd/rpc-pipefs-generator.c +@@ -121,7 +121,7 @@ int main(int argc, char *argv[]) + exit(1); + } + +- conf_init(NFS_CONFFILE); ++ conf_init_file(NFS_CONFFILE); + s = conf_get_str("general", "pipefs-directory"); + if (!s) + exit(0); +diff --git a/utils/blkmapd/device-discovery.c b/utils/blkmapd/device-discovery.c +index 29bafb2..cae8c8d 100644 +--- a/utils/blkmapd/device-discovery.c ++++ b/utils/blkmapd/device-discovery.c +@@ -456,7 +456,7 @@ int main(int argc, char **argv) + char *xrpcpipe_dir = NULL; + + strncpy(rpcpipe_dir, RPCPIPE_DIR, sizeof(rpcpipe_dir)); +- conf_init(NFS_CONFFILE); ++ conf_init_file(NFS_CONFFILE); + CONF_SAVE(xrpcpipe_dir, conf_get_str("general", "pipefs-directory")); + if (xrpcpipe_dir != NULL) + strlcpy(rpcpipe_dir, xrpcpipe_dir, sizeof(rpcpipe_dir)); +diff --git a/utils/exportfs/exportfs.c b/utils/exportfs/exportfs.c +index beed1b3..448f195 100644 +--- a/utils/exportfs/exportfs.c ++++ b/utils/exportfs/exportfs.c +@@ -107,7 +107,7 @@ main(int argc, char **argv) + xlog_stderr(1); + xlog_syslog(0); + +- conf_init(NFS_CONFFILE); ++ conf_init_file(NFS_CONFFILE); + xlog_from_conffile("exportfs"); + + /* NOTE: following uses "mountd" section of nfs.conf !!!! */ +diff --git a/utils/gssd/gssd.c b/utils/gssd/gssd.c +index 053a223..2c14e5f 100644 +--- a/utils/gssd/gssd.c ++++ b/utils/gssd/gssd.c +@@ -842,7 +842,7 @@ read_gss_conf(void) + { + char *s; + +- conf_init(NFS_CONFFILE); ++ conf_init_file(NFS_CONFFILE); + use_memcache = conf_get_bool("gssd", "use-memcache", use_memcache); + root_uses_machine_creds = conf_get_bool("gssd", "use-machine-creds", + root_uses_machine_creds); +diff --git a/utils/idmapd/idmapd.c b/utils/idmapd/idmapd.c +index 4cbe148..2b9ecea 100644 +--- a/utils/idmapd/idmapd.c ++++ b/utils/idmapd/idmapd.c +@@ -252,7 +252,7 @@ main(int argc, char **argv) + warn("Skipping configuration file \"%s\"", conf_path); + conf_path = NULL; + } else { +- conf_init(conf_path); ++ conf_init_file(conf_path); + verbose = conf_get_num("General", "Verbosity", 0); + cache_entry_expiration = conf_get_num("General", + "Cache-Expiration", DEFAULT_IDMAP_CACHE_EXPIRY); +@@ -264,13 +264,13 @@ main(int argc, char **argv) + } + } else { + conf_path = NFS_CONFFILE; +- conf_init(conf_path); ++ conf_init_file(conf_path); + CONF_SAVE(xpipefsdir, conf_get_str("General", "Pipefs-Directory")); + if (xpipefsdir != NULL) + strlcpy(pipefsdir, xpipefsdir, sizeof(pipefsdir)); + + conf_path = _PATH_IDMAPDCONF; +- conf_init(conf_path); ++ conf_init_file(conf_path); + verbose = conf_get_num("General", "Verbosity", 0); + cache_entry_expiration = conf_get_num("General", + "cache-expiration", DEFAULT_IDMAP_CACHE_EXPIRY); +diff --git a/utils/mount/mount_config.h b/utils/mount/mount_config.h +index e4f8511..7cc72fc 100644 +--- a/utils/mount/mount_config.h ++++ b/utils/mount/mount_config.h +@@ -32,7 +32,7 @@ static inline void mount_config_init(char *program) + /* + * Read the the default mount options + */ +- conf_init(MOUNTOPTS_CONFFILE); ++ conf_init_file(MOUNTOPTS_CONFFILE); + } + + static inline char *mount_config_opts(char *spec, +diff --git a/utils/mountd/mountd.c b/utils/mountd/mountd.c +index 829f803..4c68702 100644 +--- a/utils/mountd/mountd.c ++++ b/utils/mountd/mountd.c +@@ -679,7 +679,7 @@ main(int argc, char **argv) + else + progname = argv[0]; + +- conf_init(NFS_CONFFILE); ++ conf_init_file(NFS_CONFFILE); + xlog_from_conffile("mountd"); + manage_gids = conf_get_bool("mountd", "manage-gids", manage_gids); + descriptors = conf_get_num("mountd", "descriptors", descriptors); +diff --git a/utils/nfsd/nfsd.c b/utils/nfsd/nfsd.c +index f973203..f41a2de 100644 +--- a/utils/nfsd/nfsd.c ++++ b/utils/nfsd/nfsd.c +@@ -80,7 +80,7 @@ main(int argc, char **argv) + xlog_syslog(0); + xlog_stderr(1); + +- conf_init(NFS_CONFFILE); ++ conf_init_file(NFS_CONFFILE); + xlog_from_conffile("nfsd"); + count = conf_get_num("nfsd", "threads", count); + grace = conf_get_num("nfsd", "grace-time", grace); +diff --git a/utils/nfsdcltrack/nfsdcltrack.c b/utils/nfsdcltrack/nfsdcltrack.c +index 7830cf4..76b06d2 100644 +--- a/utils/nfsdcltrack/nfsdcltrack.c ++++ b/utils/nfsdcltrack/nfsdcltrack.c +@@ -564,7 +564,7 @@ main(int argc, char **argv) + xlog_syslog(1); + xlog_stderr(0); + +- conf_init(NFS_CONFFILE); ++ conf_init_file(NFS_CONFFILE); + xlog_from_conffile("nfsdcltrack"); + val = conf_get_str("nfsdcltrack", "storagedir"); + if (val) +diff --git a/utils/statd/sm-notify.c b/utils/statd/sm-notify.c +index d961dc0..6d19ec1 100644 +--- a/utils/statd/sm-notify.c ++++ b/utils/statd/sm-notify.c +@@ -494,7 +494,7 @@ main(int argc, char **argv) + else + progname = argv[0]; + +- conf_init(NFS_CONFFILE); ++ conf_init_file(NFS_CONFFILE); + xlog_from_conffile("sm-notify"); + opt_max_retry = conf_get_num("sm-notify", "retry-time", opt_max_retry / 60) * 60; + opt_srcport = conf_get_str("sm-notify", "outgoing-port"); +diff --git a/utils/statd/statd.c b/utils/statd/statd.c +index 1443715..197d853 100644 +--- a/utils/statd/statd.c ++++ b/utils/statd/statd.c +@@ -273,7 +273,7 @@ int main (int argc, char **argv) + /* Set hostname */ + MY_NAME = NULL; + +- conf_init(NFS_CONFFILE); ++ conf_init_file(NFS_CONFFILE); + xlog_from_conffile("statd"); + out_port = conf_get_num("statd", "outgoing-port", out_port); + port = conf_get_num("statd", "port", port); diff --git a/nfs-utils-2.3.1-mount-auto-v3.patch b/nfs-utils-2.3.1-mount-auto-v3.patch new file mode 100644 index 0000000..cddb48f --- /dev/null +++ b/nfs-utils-2.3.1-mount-auto-v3.patch @@ -0,0 +1,32 @@ +commit 5f32083c759b468f5b0cb9302e4fe2848d37cc5b +Author: Steve Dickson +Date: Tue Apr 10 10:25:40 2018 -0400 + + mount.nfs: Fix auto protocol negotiation + + Commit 71b807e1 introduce a regression that + caused v3 not to be tried when v4 was not + supported by the server during auto negation. + + A check of the type in nfs_nfs_version() was + reverted back to only check for the "nfs4" + string not the "nfs" string which fixed the + problem. + + Signed-off-by: Steve Dickson + +diff --git a/utils/mount/network.c b/utils/mount/network.c +index 9a2c878..e490399 100644 +--- a/utils/mount/network.c ++++ b/utils/mount/network.c +@@ -1279,8 +1279,8 @@ nfs_nfs_version(char *type, struct mount_options *options, struct nfs_version *v + } + } + +- if (!found && strncmp(type, "nfs", 3) == 0) +- version_val = "4"; ++ if (!found && strcmp(type, "nfs4") == 0) ++ version_val = type + 3; + else if (!found) + return 1; + else if (i <= 2 ) { diff --git a/nfs-utils-2.3.1-mount-setdefault-minor.patch b/nfs-utils-2.3.1-mount-setdefault-minor.patch new file mode 100644 index 0000000..2cfe61b --- /dev/null +++ b/nfs-utils-2.3.1-mount-setdefault-minor.patch @@ -0,0 +1,44 @@ +commit 1a372a7b656ddf2be21ddad70b6c64c9d1d9d161 +Author: Steve Dickson +Date: Tue Apr 17 14:26:44 2018 -0400 + + nfsd: Set default minor versions + + Due to the way the kernel stores the supported + minor versions, when a minor is turned off, + via the -N flag, it can only turned back on + via -V flag. + + The default minor values should also enable + these minor versions. + + Acked-by: J. Bruce Fields + Signed-off-by: Steve Dickson + +diff --git a/support/include/nfs/nfs.h b/support/include/nfs/nfs.h +index 7933ff5..b7d9e06 100644 +--- a/support/include/nfs/nfs.h ++++ b/support/include/nfs/nfs.h +@@ -40,6 +40,7 @@ struct nfs_fh_len { + #define NFSCTL_TCPISSET(_cltbits) ((_cltbits) & NFSCTL_TCPBIT) + + #define NFSCTL_VERDEFAULT (0xc) /* versions 3 and 4 */ ++#define NFSCTL_MINDEFAULT (0x7) /* minor versions 4.1 and 4.2 */ + #define NFSCTL_VERSET(_cltbits, _v) ((_cltbits) |= (1 << ((_v) - 1))) + #define NFSCTL_MINORSET(_cltbits, _v) ((_cltbits) |= (1 << (_v))) + #define NFSCTL_UDPSET(_cltbits) ((_cltbits) |= NFSCTL_UDPBIT) +diff --git a/utils/nfsd/nfsd.c b/utils/nfsd/nfsd.c +index f41a2de..2303a5d 100644 +--- a/utils/nfsd/nfsd.c ++++ b/utils/nfsd/nfsd.c +@@ -65,8 +65,8 @@ main(int argc, char **argv) + int hcounter = 0; + struct conf_list *hosts; + int socket_up = 0; +- unsigned int minorvers = 0; +- unsigned int minorversset = 0; ++ unsigned int minorvers = NFSCTL_MINDEFAULT; ++ unsigned int minorversset = NFSCTL_MINDEFAULT; + unsigned int minormask = 0; + unsigned int versbits = NFSCTL_VERDEFAULT; + unsigned int protobits = NFSCTL_PROTODEFAULT; diff --git a/nfs-utils-2.3.1-systemd-gssproxy-restart.patch b/nfs-utils-2.3.1-systemd-gssproxy-restart.patch new file mode 100644 index 0000000..60762e8 --- /dev/null +++ b/nfs-utils-2.3.1-systemd-gssproxy-restart.patch @@ -0,0 +1,11 @@ +diff -up nfs-utils-2.3.1/systemd/nfs-server.service.orig nfs-utils-2.3.1/systemd/nfs-server.service +--- nfs-utils-2.3.1/systemd/nfs-server.service.orig 2018-01-19 10:25:38.153513857 -0500 ++++ nfs-utils-2.3.1/systemd/nfs-server.service 2018-01-19 10:30:52.977245126 -0500 +@@ -26,6 +26,7 @@ Type=oneshot + RemainAfterExit=yes + ExecStartPre=/usr/sbin/exportfs -r + ExecStart=/usr/sbin/rpc.nfsd ++ExecStart=-/bin/sh -c 'if systemctl -q is-active gssproxy; then systemctl reload gssproxy ; fi' + ExecStop=/usr/sbin/rpc.nfsd 0 + ExecStopPost=/usr/sbin/exportfs -au + ExecStopPost=/usr/sbin/exportfs -f diff --git a/nfs-utils-2.3.2-gssd-revert.patch b/nfs-utils-2.3.2-gssd-revert.patch new file mode 100644 index 0000000..aad43c1 --- /dev/null +++ b/nfs-utils-2.3.2-gssd-revert.patch @@ -0,0 +1,43 @@ +commit 5743891761f99bdfe6bf89956dab3a0e4c8a0fd0 +Author: Steve Dickson +Date: Wed Jun 27 12:42:05 2018 -0400 + + Revert "gssd.c: Remomved a couple of warning errors" + + This reverts commit 98118f5e382cdeb1acf25370768d5dfdc254ba5d. + Added back the 'm' character which cause memory to be + allocated for the string convertions. + + Signed-off-by: Steve Dickson + +diff --git a/utils/gssd/gssd.c b/utils/gssd/gssd.c +index 7b21ee2..2c14e5f 100644 +--- a/utils/gssd/gssd.c ++++ b/utils/gssd/gssd.c +@@ -279,16 +279,16 @@ gssd_read_service_info(int dirfd, struct clnt_info *clp) + * (commit bf19aacecbeebccb2c3d150a8bd9416b7dba81fe) + */ + numfields = fscanf(info, +- "RPC server: %s\n" +- "service: %s (%d) version %d\n" +- "address: %s\n" +- "protocol: %s\n" +- "port: %s\n", +- (char *)&server, +- (char *)&service, &program, &version, +- (char *)&address, +- (char *)&protoname, +- (char *)&port); ++ "RPC server: %ms\n" ++ "service: %ms (%d) version %d\n" ++ "address: %ms\n" ++ "protocol: %ms\n" ++ "port: %ms\n", ++ &server, ++ &service, &program, &version, ++ &address, ++ &protoname, ++ &port); + + + switch (numfields) { diff --git a/nfs-utils-2.3.3-man-tcpwrappers.patch b/nfs-utils-2.3.3-man-tcpwrappers.patch new file mode 100644 index 0000000..65fee3a --- /dev/null +++ b/nfs-utils-2.3.3-man-tcpwrappers.patch @@ -0,0 +1,89 @@ +diff -up nfs-utils-2.3.3/utils/mountd/mountd.man.orig nfs-utils-2.3.3/utils/mountd/mountd.man +--- nfs-utils-2.3.3/utils/mountd/mountd.man.orig 2018-09-06 14:09:08.000000000 -0400 ++++ nfs-utils-2.3.3/utils/mountd/mountd.man 2018-10-26 09:53:10.005127368 -0400 +@@ -232,36 +232,7 @@ section include + which each have same same meaning as given by + .BR rpc.nfsd (8). + +-.SH TCP_WRAPPERS SUPPORT +-You can protect your +-.B rpc.mountd +-listeners using the +-.B tcp_wrapper +-library or +-.BR iptables (8). +-.PP +-Note that the +-.B tcp_wrapper +-library supports only IPv4 networking. +-.PP +-Add the hostnames of NFS peers that are allowed to access +-.B rpc.mountd +-to +-.IR /etc/hosts.allow . +-Use the daemon name +-.B mountd +-even if the +-.B rpc.mountd +-binary has a different name. +-.PP +-Hostnames used in either access file will be ignored when +-they can not be resolved into IP addresses. +-For further information see the +-.BR tcpd (8) +-and +-.BR hosts_access (5) +-man pages. +-.SS IPv6 and TI-RPC support ++.SH IPv6 and TI-RPC support + TI-RPC is a pre-requisite for supporting NFS on IPv6. + If TI-RPC support is built into + .BR rpc.mountd , +@@ -288,7 +259,6 @@ table of clients accessing server's expo + .BR nfs (5), + .BR nfs.conf (5), + .BR tcpd (8), +-.BR hosts_access (5), + .BR iptables (8), + .BR netconfig (5) + .sp +diff -up nfs-utils-2.3.3/utils/statd/statd.man.orig nfs-utils-2.3.3/utils/statd/statd.man +--- nfs-utils-2.3.3/utils/statd/statd.man.orig 2018-10-26 09:52:27.609358805 -0400 ++++ nfs-utils-2.3.3/utils/statd/statd.man 2018-10-26 09:53:37.345978117 -0400 +@@ -319,28 +319,6 @@ chooses, simply use + .BR chown (1) + to set the owner of + the state directory. +-.PP +-You can also protect your +-.B rpc.statd +-listeners using the +-.B tcp_wrapper +-library or +-.BR iptables (8). +-To use the +-.B tcp_wrapper +-library, add the hostnames of peers that should be allowed access to +-.IR /etc/hosts.allow . +-Use the daemon name +-.B statd +-even if the +-.B rpc.statd +-binary has a different filename. +-.P +-For further information see the +-.BR tcpd (8) +-and +-.BR hosts_access (5) +-man pages. + .SH ADDITIONAL NOTES + Lock recovery after a reboot is critical to maintaining data integrity + and preventing unnecessary application hangs. +@@ -445,7 +423,6 @@ network transport capability database + .BR rpc.nfsd (8), + .BR rpcbind (8), + .BR tcpd (8), +-.BR hosts_access (5), + .BR iptables (8), + .BR netconfig (5) + .sp diff --git a/nfs-utils-2.3.3-nfsconf-usegssproxy.patch b/nfs-utils-2.3.3-nfsconf-usegssproxy.patch new file mode 100644 index 0000000..d87ae7d --- /dev/null +++ b/nfs-utils-2.3.3-nfsconf-usegssproxy.patch @@ -0,0 +1,21 @@ +diff -up nfs-utils-2.3.4/nfs.conf.orig nfs-utils-2.3.4/nfs.conf +--- nfs-utils-2.3.4/nfs.conf.orig 2019-05-10 14:49:49.000000000 -0400 ++++ nfs-utils-2.3.4/nfs.conf 2019-05-10 14:58:20.198714920 -0400 +@@ -13,7 +13,7 @@ + # rpc-verbosity=0 + # use-memcache=0 + # use-machine-creds=1 +-# use-gss-proxy=0 ++use-gss-proxy=1 + # avoid-dns=1 + # limit-to-legacy-enctypes=0 + # context-timeout=0 +@@ -77,6 +77,5 @@ + # outgoing-port= + # outgoing-addr= + # lift-grace=y +-# +-[svcgssd] +-# principal= ++ ++#tag1234 - Used for install purposes only diff --git a/nfs-utils-2.3.3-nfsref-linking.patch b/nfs-utils-2.3.3-nfsref-linking.patch new file mode 100644 index 0000000..ad8c6ba --- /dev/null +++ b/nfs-utils-2.3.3-nfsref-linking.patch @@ -0,0 +1,29 @@ +commit 47aa0c9683e048eb325dc9779a5aff41250c2c68 +Author: Steve Dickson +Date: Tue Dec 11 12:51:37 2018 -0500 + + nfsref: switch the way libraries are linked. + + Link the static libs before the dynamic libs allowing + the routines in the static libs to be defined + by the dynamic libs + + Signed-off-by: Steve Dickson + +diff --git a/utils/nfsref/Makefile.am b/utils/nfsref/Makefile.am +index 44edc83..2409dd0 100644 +--- a/utils/nfsref/Makefile.am ++++ b/utils/nfsref/Makefile.am +@@ -27,9 +27,9 @@ noinst_HEADERS = nfsref.h + + sbin_PROGRAMS = nfsref + nfsref_SOURCES = add.c lookup.c nfsref.c remove.c +-LDADD = $(LIBXML2) $(LIBCAP) \ +- ../../support/nfs/libnfs.la \ +- ../../support/junction/libjunction.la ++LDADD = ../../support/nfs/libnfs.la \ ++ ../../support/junction/libjunction.la \ ++ $(LIBXML2) $(LIBCAP) + + man8_MANS = nfsref.man + diff --git a/nfs-utils-2.3.3-printf-4k.patch b/nfs-utils-2.3.3-printf-4k.patch new file mode 100644 index 0000000..f5db6f3 --- /dev/null +++ b/nfs-utils-2.3.3-printf-4k.patch @@ -0,0 +1,47 @@ +From 94de9a2112cddfdacdb7d63b5c24be99e3db4124 +From: Steve Dickson +Date: Tue, 29 Jan 2019 15:31:06 -0500 +Subject: [PATCH] nfs-utils: Removed new error=format-overflow=2 errors + +With the latest C99-compliant gcc printf, sprintf, etc +now only support up to 4k in buffer sizes. There were +only a couple places that had to change to not +violated this new restriction + +Signed-off-by: Steve Dickson +--- + utils/blkmapd/device-discovery.c | 2 +- + utils/mount/error.c | 4 ++-- + 2 files changed, 3 insertions(+), 3 deletions(-) + +diff --git a/utils/blkmapd/device-discovery.c b/utils/blkmapd/device-discovery.c +index 3a202e0..2ce60f8 100644 +--- a/utils/blkmapd/device-discovery.c ++++ b/utils/blkmapd/device-discovery.c +@@ -239,7 +239,7 @@ int bl_discover_devices(void) + { + FILE *f; + int n; +- char buf[PATH_MAX], devname[PATH_MAX], fulldevname[PATH_MAX+NAME_MAX]; ++ char buf[PATH_MAX], devname[NAME_MAX], fulldevname[PATH_MAX]; + + /* release previous list */ + bl_release_disk(); +diff --git a/utils/mount/error.c b/utils/mount/error.c +index dfe5c7d..562f312 100644 +--- a/utils/mount/error.c ++++ b/utils/mount/error.c +@@ -50,8 +50,8 @@ + + extern char *progname; + +-static char errbuf[BUFSIZ]; +-static char *erreob = &errbuf[BUFSIZ]; ++static char errbuf[PATH_MAX]; ++static char *erreob = &errbuf[PATH_MAX]; + + /* Convert RPC errors into strings */ + static int rpc_strerror(int spos) +-- +2.20.1 + diff --git a/nfs-utils-2.3.4-PRIx64-integers.patch b/nfs-utils-2.3.4-PRIx64-integers.patch new file mode 100644 index 0000000..ad9c8db --- /dev/null +++ b/nfs-utils-2.3.4-PRIx64-integers.patch @@ -0,0 +1,118 @@ +commit a8133e1fd174267536cd459e19cfe0a1cbbe037c +Author: Steve Dickson +Date: Wed May 22 13:55:37 2019 -0400 + + sqlite.c: Use PRIx64 macro to print 64-bit integers + + On 32 bit machines, using "%016lx" format throws out + an format error due to the -Werror=format=2 + compiler option. On 64 bit machines using that + format is correct. + + So use the PRIx64 macro to have the correct + format defined on the different machines. + + Signed-off-by: Steve Dickson + +diff --git a/utils/nfsdcld/sqlite.c b/utils/nfsdcld/sqlite.c +index faa62f9..cd658ef 100644 +--- a/utils/nfsdcld/sqlite.c ++++ b/utils/nfsdcld/sqlite.c +@@ -59,6 +59,7 @@ + #include + #include + #include ++#include + + #include "xlog.h" + #include "sqlite.h" +@@ -535,7 +536,7 @@ sqlite_copy_cltrack_records(int *num_rec) + xlog(L_ERROR, "Unable to begin transaction: %s", err); + goto rollback; + } +- ret = snprintf(buf, sizeof(buf), "DELETE FROM \"rec-%016lx\";", ++ ret = snprintf(buf, sizeof(buf), "DELETE FROM \"rec-%" PRIx64 "\";", + current_epoch); + if (ret < 0) { + xlog(L_ERROR, "sprintf failed!"); +@@ -550,7 +551,7 @@ sqlite_copy_cltrack_records(int *num_rec) + xlog(L_ERROR, "Unable to clear records from current epoch: %s", err); + goto rollback; + } +- ret = snprintf(buf, sizeof(buf), "INSERT INTO \"rec-%016lx\" " ++ ret = snprintf(buf, sizeof(buf), "INSERT INTO \"rec-%" PRIx64 "\" " + "SELECT id FROM attached.clients;", + current_epoch); + if (ret < 0) { +@@ -703,7 +704,7 @@ sqlite_insert_client(const unsigned char *clname, const size_t namelen) + int ret; + sqlite3_stmt *stmt = NULL; + +- ret = snprintf(buf, sizeof(buf), "INSERT OR REPLACE INTO \"rec-%016lx\" " ++ ret = snprintf(buf, sizeof(buf), "INSERT OR REPLACE INTO \"rec-%" PRIx64 "\" " + "VALUES (?);", current_epoch); + if (ret < 0) { + xlog(L_ERROR, "sprintf failed!"); +@@ -748,7 +749,7 @@ sqlite_remove_client(const unsigned char *clname, const size_t namelen) + int ret; + sqlite3_stmt *stmt = NULL; + +- ret = snprintf(buf, sizeof(buf), "DELETE FROM \"rec-%016lx\" " ++ ret = snprintf(buf, sizeof(buf), "DELETE FROM \"rec-%" PRIx64 "\" " + "WHERE id==?;", current_epoch); + if (ret < 0) { + xlog(L_ERROR, "sprintf failed!"); +@@ -798,7 +799,7 @@ sqlite_check_client(const unsigned char *clname, const size_t namelen) + int ret; + sqlite3_stmt *stmt = NULL; + +- ret = snprintf(buf, sizeof(buf), "SELECT count(*) FROM \"rec-%016lx\" " ++ ret = snprintf(buf, sizeof(buf), "SELECT count(*) FROM \"rec-%" PRIx64 "\" " + "WHERE id==?;", recovery_epoch); + if (ret < 0) { + xlog(L_ERROR, "sprintf failed!"); +@@ -873,7 +874,7 @@ sqlite_grace_start(void) + tcur++; + + ret = snprintf(buf, sizeof(buf), "UPDATE grace " +- "SET current = %ld, recovery = %ld;", ++ "SET current = %" PRId64 ", recovery = %" PRId64 ";", + (int64_t)tcur, (int64_t)trec); + if (ret < 0) { + xlog(L_ERROR, "sprintf failed!"); +@@ -891,7 +892,7 @@ sqlite_grace_start(void) + goto rollback; + } + +- ret = snprintf(buf, sizeof(buf), "CREATE TABLE \"rec-%016lx\" " ++ ret = snprintf(buf, sizeof(buf), "CREATE TABLE \"rec-%" PRIx64 "\" " + "(id BLOB PRIMARY KEY);", + tcur); + if (ret < 0) { +@@ -915,7 +916,7 @@ sqlite_grace_start(void) + * values in the grace table, just clear out the records for + * the current reboot epoch. + */ +- ret = snprintf(buf, sizeof(buf), "DELETE FROM \"rec-%016lx\";", ++ ret = snprintf(buf, sizeof(buf), "DELETE FROM \"rec-%" PRIx64 "\";", + tcur); + if (ret < 0) { + xlog(L_ERROR, "sprintf failed!"); +@@ -976,7 +977,7 @@ sqlite_grace_done(void) + goto rollback; + } + +- ret = snprintf(buf, sizeof(buf), "DROP TABLE \"rec-%016lx\";", ++ ret = snprintf(buf, sizeof(buf), "DROP TABLE \"rec-%" PRIx64 "\";", + recovery_epoch); + if (ret < 0) { + xlog(L_ERROR, "sprintf failed!"); +@@ -1027,7 +1028,7 @@ sqlite_iterate_recovery(int (*cb)(struct cld_client *clnt), struct cld_client *c + return -EINVAL; + } + +- ret = snprintf(buf, sizeof(buf), "SELECT * FROM \"rec-%016lx\";", ++ ret = snprintf(buf, sizeof(buf), "SELECT * FROM \"rec-%" PRIx64 "\";", + recovery_epoch); + if (ret < 0) { + xlog(L_ERROR, "sprintf failed!"); diff --git a/nfs-utils-2.3.4-mount-fallback.patch b/nfs-utils-2.3.4-mount-fallback.patch new file mode 100644 index 0000000..6c6e561 --- /dev/null +++ b/nfs-utils-2.3.4-mount-fallback.patch @@ -0,0 +1,49 @@ +commit a709f25c1da4a2fb44a1f3fd060298fbbd88aa3c +Author: Steve Dickson +Date: Tue May 14 15:52:50 2019 -0400 + + mount: Report correct error in the fall_back cases. + + In mount auto negotiation, a v3 mount is tried + when the v4 fails with error that could mean + v4 is not supported. + + When the v3 mount fails, the original v4 failure + should be used to set the errno, not the v3 failure. + + Fixes:https://bugzilla.redhat.com/show_bug.cgi?id=1709961 + Signed-off-by: Steve Dickson + +diff --git a/utils/mount/stropts.c b/utils/mount/stropts.c +index 1bb7a73..901f995 100644 +--- a/utils/mount/stropts.c ++++ b/utils/mount/stropts.c +@@ -889,7 +889,7 @@ out: + */ + static int nfs_autonegotiate(struct nfsmount_info *mi) + { +- int result; ++ int result, olderrno; + + result = nfs_try_mount_v4(mi); + check_result: +@@ -949,7 +949,18 @@ fall_back: + if (mi->version.v_mode == V_GENERAL) + /* v2,3 fallback not allowed */ + return result; +- return nfs_try_mount_v3v2(mi, FALSE); ++ ++ /* ++ * Save the original errno in case the v3 ++ * mount fails from one of the fall_back cases. ++ * Report the first failure not the v3 mount failure ++ */ ++ olderrno = errno; ++ if ((result = nfs_try_mount_v3v2(mi, FALSE))) ++ return result; ++ ++ errno = olderrno; ++ return result; + } + + /* diff --git a/nfs-utils-2.3.4-mountd-memleak.patch b/nfs-utils-2.3.4-mountd-memleak.patch new file mode 100644 index 0000000..d52d063 --- /dev/null +++ b/nfs-utils-2.3.4-mountd-memleak.patch @@ -0,0 +1,77 @@ +commit 50ef80739d9e1e0df6616289ef2ff626a94666ee +Author: Steve Dickson +Date: Thu May 23 09:24:49 2019 -0400 + + rpc.mountd: Fix e_hostname and e_uuid leaks + + strdup of exportent uuid and hostname in getexportent() ends up leaking + memory. Free the memory before getexportent() is called again from xtab_read() + + Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1713360 + Signed-off-by: Nikhil Kshirsagar + Signed-off-by: Steve Dickson + +diff --git a/support/export/xtab.c b/support/export/xtab.c +index d42eeef..1e1d679 100644 +--- a/support/export/xtab.c ++++ b/support/export/xtab.c +@@ -50,6 +50,14 @@ xtab_read(char *xtab, char *lockfn, int is_export) + while ((xp = getexportent(is_export==0, 0)) != NULL) { + if (!(exp = export_lookup(xp->e_hostname, xp->e_path, is_export != 1)) && + !(exp = export_create(xp, is_export!=1))) { ++ if(xp->e_hostname) { ++ free(xp->e_hostname); ++ xp->e_hostname=NULL; ++ } ++ if(xp->e_uuid) { ++ free(xp->e_uuid); ++ xp->e_uuid=NULL; ++ } + continue; + } + switch (is_export) { +@@ -62,7 +70,16 @@ xtab_read(char *xtab, char *lockfn, int is_export) + if ((xp->e_flags & NFSEXP_FSID) && xp->e_fsid == 0) + v4root_needed = 0; + break; +- } ++ } ++ if(xp->e_hostname) { ++ free(xp->e_hostname); ++ xp->e_hostname=NULL; ++ } ++ if(xp->e_uuid) { ++ free(xp->e_uuid); ++ xp->e_uuid=NULL; ++ } ++ + } + endexportent(); + xfunlock(lockid); +diff --git a/support/nfs/exports.c b/support/nfs/exports.c +index 5f4cb95..a7582ca 100644 +--- a/support/nfs/exports.c ++++ b/support/nfs/exports.c +@@ -179,9 +179,20 @@ getexportent(int fromkernel, int fromexports) + } + ee.e_hostname = xstrdup(hostname); + +- if (parseopts(opt, &ee, fromexports && !has_default_subtree_opts, NULL) < 0) +- return NULL; ++ if (parseopts(opt, &ee, fromexports && !has_default_subtree_opts, NULL) < 0) { ++ if(ee.e_hostname) ++ { ++ xfree(ee.e_hostname); ++ ee.e_hostname=NULL; ++ } ++ if(ee.e_uuid) ++ { ++ xfree(ee.e_uuid); ++ ee.e_uuid=NULL; ++ } + ++ return NULL; ++ } + /* resolve symlinks */ + if (realpath(ee.e_path, rpath) != NULL) { + rpath[sizeof (rpath) - 1] = '\0'; diff --git a/nfs-utils-2.3.4-mountd-segfault.patch b/nfs-utils-2.3.4-mountd-segfault.patch new file mode 100644 index 0000000..cbc6bd9 --- /dev/null +++ b/nfs-utils-2.3.4-mountd-segfault.patch @@ -0,0 +1,83 @@ +commit ca668e35d16ca296dee1bd000de8eb8d20433a21 +Author: Chuck Lever +Date: Tue May 28 10:02:49 2019 -0400 + + rpc.mountd: Fix mountd segfault + + After commit 8f459a072f93 ("Remove abuse of ai_canonname") the + ai_canonname field in addrinfo structs returned from + host_reliable_addrinfo() is always NULL. This results in mountd + segfaults when there are netgroups or hostname wildcards in + /etc/exports. + + Add an extra DNS query in check_wildcard() and check_netgroup() to + obtain the client's canonical hostname instead of dereferencing + the NULL pointer. + + Reported-by: Mark Wagner + Fixes: 8f459a072f93 ("Remove abuse of ai_canonname") + Signed-off-by: Chuck Lever + Signed-off-by: Steve Dickson + +diff --git a/support/export/client.c b/support/export/client.c +index a1fba01..ea4f89d 100644 +--- a/support/export/client.c ++++ b/support/export/client.c +@@ -608,24 +608,36 @@ check_subnetwork(const nfs_client *clp, const struct addrinfo *ai) + static int + check_wildcard(const nfs_client *clp, const struct addrinfo *ai) + { +- char *cname = clp->m_hostname; +- char *hname = ai->ai_canonname; ++ char *hname, *cname = clp->m_hostname; + struct hostent *hp; + char **ap; ++ int match; + +- if (wildmat(hname, cname)) +- return 1; ++ match = 0; ++ ++ hname = host_canonname(ai->ai_addr); ++ if (hname == NULL) ++ goto out; ++ ++ if (wildmat(hname, cname)) { ++ match = 1; ++ goto out; ++ } + + /* See if hname aliases listed in /etc/hosts or nis[+] + * match the requested wildcard */ + hp = gethostbyname(hname); + if (hp != NULL) { + for (ap = hp->h_aliases; *ap; ap++) +- if (wildmat(*ap, cname)) +- return 1; ++ if (wildmat(*ap, cname)) { ++ match = 1; ++ goto out; ++ } + } + +- return 0; ++out: ++ free(hname); ++ return match; + } + + /* +@@ -645,11 +657,9 @@ check_netgroup(const nfs_client *clp, const struct addrinfo *ai) + + match = 0; + +- hname = strdup(ai->ai_canonname); +- if (hname == NULL) { +- xlog(D_GENERAL, "%s: no memory for strdup", __func__); ++ hname = host_canonname(ai->ai_addr); ++ if (hname == NULL) + goto out; +- } + + /* First, try to match the hostname without + * splitting off the domain */ diff --git a/nfs-utils-2.4.2-systemd-svcgssd.patch b/nfs-utils-2.4.2-systemd-svcgssd.patch new file mode 100644 index 0000000..cdda817 --- /dev/null +++ b/nfs-utils-2.4.2-systemd-svcgssd.patch @@ -0,0 +1,14 @@ +diff -up nfs-utils-2.4.2/systemd/auth-rpcgss-module.service.orig nfs-utils-2.4.2/systemd/auth-rpcgss-module.service +--- nfs-utils-2.4.2/systemd/auth-rpcgss-module.service.orig 2019-11-13 12:09:41.000000000 -0500 ++++ nfs-utils-2.4.2/systemd/auth-rpcgss-module.service 2019-12-18 11:32:04.656735515 -0500 +@@ -7,8 +7,8 @@ + [Unit] + Description=Kernel Module supporting RPCSEC_GSS + DefaultDependencies=no +-Before=gssproxy.service rpc-svcgssd.service rpc-gssd.service +-Wants=gssproxy.service rpc-svcgssd.service rpc-gssd.service ++Before=gssproxy.service rpc-gssd.service ++Wants=gssproxy.service rpc-gssd.service + ConditionPathExists=/etc/krb5.keytab + + [Service] diff --git a/nfs-utils-2.5.1-nfsiostat-KeyError.patch b/nfs-utils-2.5.1-nfsiostat-KeyError.patch new file mode 100644 index 0000000..a81d127 --- /dev/null +++ b/nfs-utils-2.5.1-nfsiostat-KeyError.patch @@ -0,0 +1,37 @@ +diff -up nfs-utils-2.5.1/tools/mountstats/mountstats.py.orig nfs-utils-2.5.1/tools/mountstats/mountstats.py +--- nfs-utils-2.5.1/tools/mountstats/mountstats.py.orig 2020-09-08 10:59:58.289384682 -0400 ++++ nfs-utils-2.5.1/tools/mountstats/mountstats.py 2020-09-08 14:02:05.560514346 -0400 +@@ -951,10 +951,11 @@ def print_iostat_summary(old, new, devic + if not old or device not in old: + stats.display_iostats(time) + else: +- old_stats = DeviceData() +- old_stats.parse_stats(old[device]) +- diff_stats = stats.compare_iostats(old_stats) +- diff_stats.display_iostats(time) ++ if ("fstype autofs" not in str(old[device])) and ("fstype autofs" not in str(new[device])): ++ old_stats = DeviceData() ++ old_stats.parse_stats(old[device]) ++ diff_stats = stats.compare_iostats(old_stats) ++ diff_stats.display_iostats(time) + + def iostat_command(args): + """iostat-like command for NFS mount points +diff -up nfs-utils-2.5.1/tools/nfs-iostat/nfs-iostat.py.orig nfs-utils-2.5.1/tools/nfs-iostat/nfs-iostat.py +--- nfs-utils-2.5.1/tools/nfs-iostat/nfs-iostat.py.orig 2020-09-08 10:59:58.286384653 -0400 ++++ nfs-utils-2.5.1/tools/nfs-iostat/nfs-iostat.py 2020-09-08 14:02:05.560514346 -0400 +@@ -470,10 +470,13 @@ def parse_stats_file(filename): + def print_iostat_summary(old, new, devices, time, options): + stats = {} + diff_stats = {} ++ devicelist = [] + if old: + # Trim device list to only include intersection of old and new data, + # this addresses umounts due to autofs mountpoints +- devicelist = [x for x in old if x in devices] ++ for device in devices: ++ if "fstype autofs" not in str(old[device]): ++ devicelist.append(device) + else: + devicelist = devices + diff --git a/nfs-utils-2.5.1-rpcidmap-dontfreeconfig.patch b/nfs-utils-2.5.1-rpcidmap-dontfreeconfig.patch new file mode 100644 index 0000000..de7241d --- /dev/null +++ b/nfs-utils-2.5.1-rpcidmap-dontfreeconfig.patch @@ -0,0 +1,29 @@ +commit 086e6fdce887dd68e51b7bac4a2f21cea9a4fe01 +Author: Steve Dickson +Date: Fri Sep 4 14:15:53 2020 -0400 + + rpc.idmapd: Do not free config variables + + Commit 93e8f092e added a conf_cleanup() call to clean + up memory after the config file was parsed. It turns + out that memory still needed and it is not very much + so the call is removed. + + Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1873965 + + Signed-off-by: Steve Dickson + +diff --git a/utils/idmapd/idmapd.c b/utils/idmapd/idmapd.c +index f3d2314..51c71fb 100644 +--- a/utils/idmapd/idmapd.c ++++ b/utils/idmapd/idmapd.c +@@ -306,9 +306,6 @@ main(int argc, char **argv) + serverstart = 0; + } + +- /* Config memory is no longer needed */ +- conf_cleanup(); +- + while ((opt = getopt(argc, argv, GETOPTSTR)) != -1) + switch (opt) { + case 'v': diff --git a/nfs-utils-2.5.2-rc4.patch b/nfs-utils-2.5.2-rc4.patch new file mode 100644 index 0000000..7ac28ba --- /dev/null +++ b/nfs-utils-2.5.2-rc4.patch @@ -0,0 +1,3020 @@ +diff --git a/aclocal/libevent.m4 b/aclocal/libevent.m4 +index b5ac00f..e0b820b 100644 +--- a/aclocal/libevent.m4 ++++ b/aclocal/libevent.m4 +@@ -1,12 +1,12 @@ + dnl Checks for libevent + AC_DEFUN([AC_LIBEVENT], [ + +- dnl Check for libevent, but do not add -levent to LIBS +- AC_CHECK_LIB([event], [event_dispatch], [LIBEVENT=-levent], ++ dnl Check for libevent, but do not add -levent_core to LIBS ++ AC_CHECK_LIB([event_core], [event_base_dispatch], [LIBEVENT=-levent_core], + [AC_MSG_ERROR([libevent not found.])]) + AC_SUBST(LIBEVENT) + +- AC_CHECK_HEADERS([event.h], , ++ AC_CHECK_HEADERS([event2/event.h], , + [AC_MSG_ERROR([libevent headers not found.])]) + + ])dnl +diff --git a/configure.ac b/configure.ac +index 942f3c0..dbb795f 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -638,13 +638,12 @@ my_am_cflags="\ + -Werror=parentheses \ + -Werror=aggregate-return \ + -Werror=unused-result \ +- -Wno-cast-function-type \ + -fno-strict-aliasing \ + " + + AC_DEFUN([CHECK_CCSUPPORT], [ + my_save_cflags="$CFLAGS" +- CFLAGS=$1 ++ CFLAGS="-Werror $1" + AC_MSG_CHECKING([whether CC supports $1]) + AC_COMPILE_IFELSE([AC_LANG_PROGRAM([])], + [AC_MSG_RESULT([yes])] +@@ -658,9 +657,10 @@ CHECK_CCSUPPORT([-Werror=format-overflow=2], [flg1]) + CHECK_CCSUPPORT([-Werror=int-conversion], [flg2]) + CHECK_CCSUPPORT([-Werror=incompatible-pointer-types], [flg3]) + CHECK_CCSUPPORT([-Werror=misleading-indentation], [flg4]) ++CHECK_CCSUPPORT([-Wno-cast-function-type], [flg5]) + AX_GCC_FUNC_ATTRIBUTE([format]) + +-AC_SUBST([AM_CFLAGS], ["$my_am_cflags $flg1 $flg2 $flg3 $flg4"]) ++AC_SUBST([AM_CFLAGS], ["$my_am_cflags $flg1 $flg2 $flg3 $flg4 $flg5"]) + + # Make sure that $ACLOCAL_FLAGS are used during a rebuild + AC_SUBST([ACLOCAL_AMFLAGS], ["-I $ac_macro_dir \$(ACLOCAL_FLAGS)"]) +diff --git a/support/include/xcommon.h b/support/include/xcommon.h +index 30b0403..efde83c 100644 +--- a/support/include/xcommon.h ++++ b/support/include/xcommon.h +@@ -7,7 +7,7 @@ + */ + + #ifndef _XMALLOC_H +-#define _MALLOC_H ++#define _XMALLOC_H + + #ifdef HAVE_CONFIG_H + #include +diff --git a/support/nfs/exports.c b/support/nfs/exports.c +index 97eb318..037febd 100644 +--- a/support/nfs/exports.c ++++ b/support/nfs/exports.c +@@ -838,6 +838,7 @@ struct export_features *get_export_features(void) + close(fd); + if (c == -1) + goto err; ++ buf[c] = 0; + c = sscanf(buf, "%x %x", &ef.flags, &ef.secinfo_flags); + if (c != 2) + goto err; +diff --git a/support/nfs/xlog.c b/support/nfs/xlog.c +index 687d862..86acd6a 100644 +--- a/support/nfs/xlog.c ++++ b/support/nfs/xlog.c +@@ -156,13 +156,29 @@ xlog_enabled(int fac) + void + xlog_backend(int kind, const char *fmt, va_list args) + { +- va_list args2; +- + if (!(kind & (L_ALL)) && !(logging && (kind & logmask))) + return; + +- if (log_stderr) ++ if (log_stderr) { ++ va_list args2; ++#ifdef VERBOSE_PRINTF ++ time_t now; ++ struct tm *tm; ++ ++ time(&now); ++ tm = localtime(&now); ++ fprintf(stderr, "%s[%d] %04d-%02d-%02d %02d:%02d:%02d ", ++ log_name, log_pid, ++ tm->tm_year+1900, tm->tm_mon + 1, tm->tm_mday, ++ tm->tm_hour, tm->tm_min, tm->tm_sec); ++#else ++ fprintf(stderr, "%s: ", log_name); ++#endif + va_copy(args2, args); ++ vfprintf(stderr, fmt, args2); ++ fprintf(stderr, "\n"); ++ va_end(args2); ++ } + + if (log_syslog) { + switch (kind) { +@@ -185,25 +201,6 @@ xlog_backend(int kind, const char *fmt, va_list args) + } + } + +- if (log_stderr) { +-#ifdef VERBOSE_PRINTF +- time_t now; +- struct tm *tm; +- +- time(&now); +- tm = localtime(&now); +- fprintf(stderr, "%s[%d] %04d-%02d-%02d %02d:%02d:%02d ", +- log_name, log_pid, +- tm->tm_year+1900, tm->tm_mon + 1, tm->tm_mday, +- tm->tm_hour, tm->tm_min, tm->tm_sec); +-#else +- fprintf(stderr, "%s: ", log_name); +-#endif +- vfprintf(stderr, fmt, args2); +- fprintf(stderr, "\n"); +- va_end(args2); +- } +- + if (kind == L_FATAL) + exit(1); + } +diff --git a/support/nfsidmap/libnfsidmap.c b/support/nfsidmap/libnfsidmap.c +index bce448c..0a912e5 100644 +--- a/support/nfsidmap/libnfsidmap.c ++++ b/support/nfsidmap/libnfsidmap.c +@@ -237,24 +237,40 @@ static int load_translation_plugin(char *method, struct mapping_plugin *plgn) + { + void *dl = NULL; + struct trans_func *trans = NULL; +- libnfsidmap_plugin_init_t init_func; ++ libnfsidmap_plugin_init_t init_func = NULL; + char plgname[128]; + int ret = 0; + +- snprintf(plgname, sizeof(plgname), "%s/%s.so", PATH_PLUGINS, method); ++ /* Look for library using search path first to allow overriding */ ++ snprintf(plgname, sizeof(plgname), "%s.so", method); + + dl = dlopen(plgname, RTLD_NOW | RTLD_LOCAL); +- if (dl == NULL) { +- IDMAP_LOG(1, ("libnfsidmap: Unable to load plugin: %s", +- dlerror())); +- return -1; ++ if (dl != NULL) { ++ /* Is it really one of our libraries */ ++ init_func = (libnfsidmap_plugin_init_t) dlsym(dl, PLUGIN_INIT_FUNC); ++ if (init_func == NULL) { ++ dlclose(dl); ++ dl = NULL; ++ } + } +- init_func = (libnfsidmap_plugin_init_t) dlsym(dl, PLUGIN_INIT_FUNC); +- if (init_func == NULL) { +- IDMAP_LOG(1, ("libnfsidmap: Unable to get init function: %s", +- dlerror())); +- dlclose(dl); +- return -1; ++ ++ if (dl == NULL) { ++ /* Fallback to hard-coded path */ ++ snprintf(plgname, sizeof(plgname), "%s/%s.so", PATH_PLUGINS, method); ++ ++ dl = dlopen(plgname, RTLD_NOW | RTLD_LOCAL); ++ if (dl == NULL) { ++ IDMAP_LOG(1, ("libnfsidmap: Unable to load plugin: %s: %s", ++ plgname, dlerror())); ++ return -1; ++ } ++ init_func = (libnfsidmap_plugin_init_t) dlsym(dl, PLUGIN_INIT_FUNC); ++ if (init_func == NULL) { ++ IDMAP_LOG(1, ("libnfsidmap: Unable to get init function: %s: %s", ++ plgname, dlerror())); ++ dlclose(dl); ++ return -1; ++ } + } + trans = init_func(); + if (trans == NULL) { +@@ -496,6 +512,19 @@ out: + return ret ? -ENOENT: 0; + } + ++void nfs4_term_name_mapping(void) ++{ ++ if (nfs4_plugins) ++ unload_plugins(nfs4_plugins); ++ if (gss_plugins) ++ unload_plugins(gss_plugins); ++ ++ nfs4_plugins = gss_plugins = NULL; ++ ++ free_local_realms(); ++ conf_cleanup(); ++} ++ + int + nfs4_get_default_domain(char *UNUSED(server), char *domain, size_t len) + { +diff --git a/support/nfsidmap/nfsidmap.h b/support/nfsidmap/nfsidmap.h +index 1063065..5a79568 100644 +--- a/support/nfsidmap/nfsidmap.h ++++ b/support/nfsidmap/nfsidmap.h +@@ -50,6 +50,7 @@ typedef struct _extra_mapping_params { + typedef void (*nfs4_idmap_log_function_t)(const char *, ...); + + int nfs4_init_name_mapping(char *conffile); ++void nfs4_term_name_mapping(void); + int nfs4_get_default_domain(char *server, char *domain, size_t len); + int nfs4_uid_to_name(uid_t uid, char *domain, char *name, size_t len); + int nfs4_gid_to_name(gid_t gid, char *domain, char *name, size_t len); +diff --git a/support/nfsidmap/nfsidmap_common.c b/support/nfsidmap/nfsidmap_common.c +index f89b82e..4d2cb14 100644 +--- a/support/nfsidmap/nfsidmap_common.c ++++ b/support/nfsidmap/nfsidmap_common.c +@@ -34,12 +34,21 @@ static char * toupper_str(char *s) + return s; + } + ++static struct conf_list *local_realms = NULL; ++ ++void free_local_realms(void) ++{ ++ if (local_realms) { ++ conf_free_list(local_realms); ++ local_realms = NULL; ++ } ++} ++ + /* Get list of "local equivalent" realms. Meaning the list of realms + * where john@REALM.A is considered the same user as john@REALM.B + * If not specified, default to upper-case of local domain name */ + struct conf_list *get_local_realms(void) + { +- static struct conf_list *local_realms = NULL; + if (local_realms) return local_realms; + + local_realms = conf_get_list("General", "Local-Realms"); +diff --git a/support/nfsidmap/nfsidmap_private.h b/support/nfsidmap/nfsidmap_private.h +index f1af55f..a5cb6dd 100644 +--- a/support/nfsidmap/nfsidmap_private.h ++++ b/support/nfsidmap/nfsidmap_private.h +@@ -37,6 +37,7 @@ + #include "conffile.h" + + struct conf_list *get_local_realms(void); ++void free_local_realms(void); + int get_nostrip(void); + int get_reformat_group(void); + +diff --git a/support/nfsidmap/nss.c b/support/nfsidmap/nss.c +index 9d46499..669760b 100644 +--- a/support/nfsidmap/nss.c ++++ b/support/nfsidmap/nss.c +@@ -467,6 +467,17 @@ static int nss_plugin_init(void) + return 0; + } + ++/* ++ * Called by dlclose(). See dlopen(3) man page ++ */ ++__attribute__((destructor)) ++static int nss_plugin_term(void) ++{ ++ free_local_realms(); ++ conf_cleanup(); ++ return 0; ++} ++ + + struct trans_func nss_trans = { + .name = "nsswitch", +diff --git a/systemd/nfs-server.service b/systemd/nfs-server.service +index 24118d6..06c1adb 100644 +--- a/systemd/nfs-server.service ++++ b/systemd/nfs-server.service +@@ -1,18 +1,18 @@ + [Unit] + Description=NFS server and services + DefaultDependencies=no +-Requires= network.target proc-fs-nfsd.mount +-Requires= nfs-mountd.service ++Requires=network.target proc-fs-nfsd.mount ++Requires=nfs-mountd.service + Wants=rpcbind.socket network-online.target + Wants=rpc-statd.service nfs-idmapd.service + Wants=rpc-statd-notify.service + Wants=nfsdcld.service + +-After= network-online.target local-fs.target +-After= proc-fs-nfsd.mount rpcbind.socket nfs-mountd.service +-After= nfs-idmapd.service rpc-statd.service +-After= nfsdcld.service +-Before= rpc-statd-notify.service ++After=network-online.target local-fs.target ++After=proc-fs-nfsd.mount rpcbind.socket nfs-mountd.service ++After=nfs-idmapd.service rpc-statd.service ++After=nfsdcld.service ++Before=rpc-statd-notify.service + + # GSS services dependencies and ordering + Wants=auth-rpcgss-module.service +diff --git a/tools/mountstats/mountstats.py b/tools/mountstats/mountstats.py +index 014f38a..00adc96 100755 +--- a/tools/mountstats/mountstats.py ++++ b/tools/mountstats/mountstats.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/python ++#!/usr/bin/python3 + # -*- python-mode -*- + """Parse /proc/self/mountstats and display it in human readable form + """ +@@ -560,7 +560,10 @@ class DeviceData: + # the reference to them. so we build new lists here + # for the result object. + for op in result.__rpc_data['ops']: +- result.__rpc_data[op] = list(map(difference, self.__rpc_data[op], old_stats.__rpc_data[op])) ++ try: ++ result.__rpc_data[op] = list(map(difference, self.__rpc_data[op], old_stats.__rpc_data[op])) ++ except KeyError: ++ continue + + # update the remaining keys + if protocol == 'udp': +diff --git a/tools/nfs-iostat/nfs-iostat.py b/tools/nfs-iostat/nfs-iostat.py +index b7e98a2..4f5e8a6 100755 +--- a/tools/nfs-iostat/nfs-iostat.py ++++ b/tools/nfs-iostat/nfs-iostat.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/python ++#!/usr/bin/python3 + # -*- python-mode -*- + """Emulate iostat for NFS mount points using /proc/self/mountstats + """ +@@ -213,8 +213,11 @@ class DeviceData: + # the reference to them. so we build new lists here + # for the result object. + for op in result.__rpc_data['ops']: +- result.__rpc_data[op] = list(map( +- difference, self.__rpc_data[op], old_stats.__rpc_data[op])) ++ try: ++ result.__rpc_data[op] = list(map( ++ difference, self.__rpc_data[op], old_stats.__rpc_data[op])) ++ except KeyError: ++ continue + + # update the remaining keys we care about + result.__rpc_data['rpcsends'] -= old_stats.__rpc_data['rpcsends'] +@@ -380,6 +383,8 @@ class DeviceData: + sends = float(self.__rpc_data['rpcsends']) + if sample_time == 0: + sample_time = float(self.__nfs_data['age']) ++ if sample_time == 0: ++ sample_time = 1; + return (sends / sample_time) + + def display_iostats(self, sample_time, which): +diff --git a/utils/exportfs/exportfs.c b/utils/exportfs/exportfs.c +index a04a789..cde5e51 100644 +--- a/utils/exportfs/exportfs.c ++++ b/utils/exportfs/exportfs.c +@@ -85,8 +85,11 @@ grab_lockfile() + static void + release_lockfile() + { +- if (_lockfd != -1) ++ if (_lockfd != -1) { + lockf(_lockfd, F_ULOCK, 0); ++ close(_lockfd); ++ _lockfd = -1; ++ } + } + + int +@@ -184,6 +187,7 @@ main(int argc, char **argv) + xtab_export_read(); + dump(f_verbose, f_export_format); + free_state_path_names(&etab); ++ export_freeall(); + return 0; + } + } +@@ -225,6 +229,7 @@ main(int argc, char **argv) + xtab_export_write(); + cache_flush(force_flush); + free_state_path_names(&etab); ++ export_freeall(); + + return export_errno; + } +diff --git a/utils/gssd/Makefile.am b/utils/gssd/Makefile.am +index 321046b..21d3bb8 100644 +--- a/utils/gssd/Makefile.am ++++ b/utils/gssd/Makefile.am +@@ -67,7 +67,6 @@ gssd_CFLAGS = \ + svcgssd_SOURCES = \ + $(COMMON_SRCS) \ + svcgssd.c \ +- svcgssd_main_loop.c \ + svcgssd_mech2file.c \ + svcgssd_proc.c \ + svcgssd_krb5.c \ +@@ -78,6 +77,7 @@ svcgssd_SOURCES = \ + svcgssd_LDADD = \ + ../../support/nfs/libnfs.la \ + ../../support/nfsidmap/libnfsidmap.la \ ++ $(LIBEVENT) \ + $(RPCSECGSS_LIBS) \ + $(KRBLIBS) $(GSSAPI_LIBS) $(LIBTIRPC) + +diff --git a/utils/gssd/gss_names.c b/utils/gssd/gss_names.c +index 2a7f3a1..982b96f 100644 +--- a/utils/gssd/gss_names.c ++++ b/utils/gssd/gss_names.c +@@ -110,10 +110,12 @@ get_hostbased_client_name(gss_name_t client_name, gss_OID mech, + /* For Kerberos, transform the NT_KRB5_PRINCIPAL name to + * an NT_HOSTBASED_SERVICE name */ + if (g_OID_equal(&krb5oid, mech)) { +- if (get_krb5_hostbased_name(&name, &cname) == 0) +- *hostbased_name = cname; ++ if (get_krb5_hostbased_name(&name, &cname) != 0) ++ goto out_rel_buf; ++ *hostbased_name = cname; + } else { + printerr(1, "WARNING: unknown/unsupport mech OID\n"); ++ goto out_rel_buf; + } + + res = 0; +diff --git a/utils/gssd/gss_util.c b/utils/gssd/gss_util.c +index 2e6d40f..a4b2777 100644 +--- a/utils/gssd/gss_util.c ++++ b/utils/gssd/gss_util.c +@@ -339,3 +339,9 @@ out: + return retval; + } + ++void ++gssd_cleanup(void) ++{ ++ u_int32_t min_stat; ++ gss_release_cred(&min_stat, &gssd_creds); ++} +diff --git a/utils/gssd/gss_util.h b/utils/gssd/gss_util.h +index aa9f778..4da64e3 100644 +--- a/utils/gssd/gss_util.h ++++ b/utils/gssd/gss_util.h +@@ -41,6 +41,7 @@ int gssd_acquire_cred(char *server_name, const gss_OID oid); + void pgsserr(char *msg, u_int32_t maj_stat, u_int32_t min_stat, + const gss_OID mech); + int gssd_check_mechs(void); ++void gssd_cleanup(void); + + #ifndef HAVE_LIBGSSGLUE + #include +diff --git a/utils/gssd/gssd.c b/utils/gssd/gssd.c +index 588da0f..85bc4b0 100644 +--- a/utils/gssd/gssd.c ++++ b/utils/gssd/gssd.c +@@ -64,7 +64,7 @@ + #include + #include + #include +-#include ++#include + + #include "gssd.h" + #include "err_util.h" +@@ -77,7 +77,7 @@ static char *pipefs_path = GSSD_PIPEFS_DIR; + static DIR *pipefs_dir; + static int pipefs_fd; + static int inotify_fd; +-struct event inotify_ev; ++struct event *inotify_ev; + + char *keytabfile = GSSD_DEFAULT_KEYTAB_FILE; + char **ccachesearch; +@@ -90,9 +90,9 @@ char *ccachedir = NULL; + /* Avoid DNS reverse lookups on server names */ + static bool avoid_dns = true; + static bool use_gssproxy = false; +-int thread_started = false; +-pthread_mutex_t pmutex = PTHREAD_MUTEX_INITIALIZER; +-pthread_cond_t pcond = PTHREAD_COND_INITIALIZER; ++pthread_mutex_t clp_lock = PTHREAD_MUTEX_INITIALIZER; ++static bool signal_received = false; ++static struct event_base *evbase = NULL; + + TAILQ_HEAD(topdir_list_head, topdir) topdir_list; + +@@ -359,20 +359,28 @@ out: + free(port); + } + ++/* Actually frees clp and fields that might be used from other ++ * threads if was last reference. ++ */ + static void +-gssd_destroy_client(struct clnt_info *clp) ++gssd_free_client(struct clnt_info *clp) + { +- if (clp->krb5_fd >= 0) { ++ int refcnt; ++ ++ pthread_mutex_lock(&clp_lock); ++ refcnt = --clp->refcount; ++ pthread_mutex_unlock(&clp_lock); ++ if (refcnt > 0) ++ return; ++ ++ printerr(3, "freeing client %s\n", clp->relpath); ++ ++ if (clp->krb5_fd >= 0) + close(clp->krb5_fd); +- event_del(&clp->krb5_ev); +- } + +- if (clp->gssd_fd >= 0) { ++ if (clp->gssd_fd >= 0) + close(clp->gssd_fd); +- event_del(&clp->gssd_ev); +- } + +- inotify_rm_watch(inotify_fd, clp->wd); + free(clp->relpath); + free(clp->servicename); + free(clp->servername); +@@ -380,6 +388,30 @@ gssd_destroy_client(struct clnt_info *clp) + free(clp); + } + ++/* Called when removing from clnt_list to tear down event handling. ++ * Will then free clp if was last reference. ++ */ ++static void ++gssd_destroy_client(struct clnt_info *clp) ++{ ++ printerr(3, "destroying client %s\n", clp->relpath); ++ ++ if (clp->krb5_ev) { ++ event_del(clp->krb5_ev); ++ event_free(clp->krb5_ev); ++ clp->krb5_ev = NULL; ++ } ++ ++ if (clp->gssd_ev) { ++ event_del(clp->gssd_ev); ++ event_free(clp->gssd_ev); ++ clp->gssd_ev = NULL; ++ } ++ ++ inotify_rm_watch(inotify_fd, clp->wd); ++ gssd_free_client(clp); ++} ++ + static void gssd_scan(void); + + static int +@@ -416,11 +448,21 @@ static struct clnt_upcall_info *alloc_upcall_info(struct clnt_info *clp) + info = malloc(sizeof(struct clnt_upcall_info)); + if (info == NULL) + return NULL; ++ ++ pthread_mutex_lock(&clp_lock); ++ clp->refcount++; ++ pthread_mutex_unlock(&clp_lock); + info->clp = clp; + + return info; + } + ++void free_upcall_info(struct clnt_upcall_info *info) ++{ ++ gssd_free_client(info->clp); ++ free(info); ++} ++ + /* For each upcall read the upcall info into the buffer, then create a + * thread in a detached state so that resources are released back into + * the system without the need for a join. +@@ -438,13 +480,13 @@ gssd_clnt_gssd_cb(int UNUSED(fd), short UNUSED(which), void *data) + info->lbuflen = read(clp->gssd_fd, info->lbuf, sizeof(info->lbuf)); + if (info->lbuflen <= 0 || info->lbuf[info->lbuflen-1] != '\n') { + printerr(0, "WARNING: %s: failed reading request\n", __func__); +- free(info); ++ free_upcall_info(info); + return; + } + info->lbuf[info->lbuflen-1] = 0; + + if (start_upcall_thread(handle_gssd_upcall, info)) +- free(info); ++ free_upcall_info(info); + } + + static void +@@ -461,12 +503,12 @@ gssd_clnt_krb5_cb(int UNUSED(fd), short UNUSED(which), void *data) + sizeof(info->uid)) < (ssize_t)sizeof(info->uid)) { + printerr(0, "WARNING: %s: failed reading uid from krb5 " + "upcall pipe: %s\n", __func__, strerror(errno)); +- free(info); ++ free_upcall_info(info); + return; + } + + if (start_upcall_thread(handle_krb5_upcall, info)) +- free(info); ++ free_upcall_info(info); + } + + static struct clnt_info * +@@ -478,6 +520,8 @@ gssd_get_clnt(struct topdir *tdi, const char *name) + if (!strcmp(clp->name, name)) + return clp; + ++ printerr(3, "creating client %s/%s\n", tdi->name, name); ++ + clp = calloc(1, sizeof(struct clnt_info)); + if (!clp) { + printerr(0, "ERROR: can't malloc clnt_info: %s\n", +@@ -501,6 +545,7 @@ gssd_get_clnt(struct topdir *tdi, const char *name) + clp->name = clp->relpath + strlen(tdi->name) + 1; + clp->krb5_fd = -1; + clp->gssd_fd = -1; ++ clp->refcount = 1; + + TAILQ_INSERT_HEAD(&tdi->clnt_list, clp, list); + return clp; +@@ -515,11 +560,8 @@ static int + gssd_scan_clnt(struct clnt_info *clp) + { + int clntfd; +- bool gssd_was_closed; +- bool krb5_was_closed; + +- gssd_was_closed = clp->gssd_fd < 0 ? true : false; +- krb5_was_closed = clp->krb5_fd < 0 ? true : false; ++ printerr(3, "scanning client %s\n", clp->relpath); + + clntfd = openat(pipefs_fd, clp->relpath, O_RDONLY); + if (clntfd < 0) { +@@ -535,16 +577,30 @@ gssd_scan_clnt(struct clnt_info *clp) + if (clp->gssd_fd == -1 && clp->krb5_fd == -1) + clp->krb5_fd = openat(clntfd, "krb5", O_RDWR | O_NONBLOCK); + +- if (gssd_was_closed && clp->gssd_fd >= 0) { +- event_set(&clp->gssd_ev, clp->gssd_fd, EV_READ | EV_PERSIST, +- gssd_clnt_gssd_cb, clp); +- event_add(&clp->gssd_ev, NULL); ++ if (!clp->gssd_ev && clp->gssd_fd >= 0) { ++ clp->gssd_ev = event_new(evbase, clp->gssd_fd, EV_READ | EV_PERSIST, ++ gssd_clnt_gssd_cb, clp); ++ if (!clp->gssd_ev) { ++ printerr(0, "ERROR: %s: can't create gssd event for %s: %s\n", ++ __FUNCTION__, clp->relpath, strerror(errno)); ++ close(clp->gssd_fd); ++ clp->gssd_fd = -1; ++ } else { ++ event_add(clp->gssd_ev, NULL); ++ } + } + +- if (krb5_was_closed && clp->krb5_fd >= 0) { +- event_set(&clp->krb5_ev, clp->krb5_fd, EV_READ | EV_PERSIST, +- gssd_clnt_krb5_cb, clp); +- event_add(&clp->krb5_ev, NULL); ++ if (!clp->krb5_ev && clp->krb5_fd >= 0) { ++ clp->krb5_ev = event_new(evbase, clp->krb5_fd, EV_READ | EV_PERSIST, ++ gssd_clnt_krb5_cb, clp); ++ if (!clp->krb5_ev) { ++ printerr(0, "ERROR: %s: can't create krb5 event for %s: %s\n", ++ __FUNCTION__, clp->relpath, strerror(errno)); ++ close(clp->krb5_fd); ++ clp->krb5_fd = -1; ++ } else { ++ event_add(clp->krb5_ev, NULL); ++ } + } + + if (clp->krb5_fd == -1 && clp->gssd_fd == -1) +@@ -651,7 +707,7 @@ gssd_scan_topdir(const char *name) + if (clp->scanned) + continue; + +- printerr(3, "destroying client %s\n", clp->relpath); ++ printerr(3, "orphaned client %s\n", clp->relpath); + saveprev = clp->list.tqe_prev; + TAILQ_REMOVE(&tdi->clnt_list, clp, list); + gssd_destroy_client(clp); +@@ -748,12 +804,16 @@ gssd_inotify_clnt(struct topdir *tdi, struct clnt_info *clp, const struct inotif + } else if (ev->mask & IN_DELETE) { + if (!strcmp(ev->name, "gssd") && clp->gssd_fd >= 0) { + close(clp->gssd_fd); +- event_del(&clp->gssd_ev); ++ event_del(clp->gssd_ev); ++ event_free(clp->gssd_ev); ++ clp->gssd_ev = NULL; + clp->gssd_fd = -1; + + } else if (!strcmp(ev->name, "krb5") && clp->krb5_fd >= 0) { + close(clp->krb5_fd); +- event_del(&clp->krb5_ev); ++ event_del(clp->krb5_ev); ++ event_free(clp->krb5_ev); ++ clp->krb5_ev = NULL; + clp->krb5_fd = -1; + } + +@@ -826,10 +886,15 @@ found: + static void + sig_die(int signal) + { +- if (root_uses_machine_creds) +- gssd_destroy_krb5_machine_creds(); ++ if (signal_received) { ++ gssd_destroy_krb5_principals(root_uses_machine_creds); ++ printerr(1, "forced exiting on signal %d\n", signal); ++ exit(0); ++ } ++ ++ signal_received = true; + printerr(1, "exiting on signal %d\n", signal); +- exit(0); ++ event_base_loopexit(evbase, NULL); + } + + static void +@@ -886,9 +951,10 @@ main(int argc, char *argv[]) + int rpc_verbosity = 0; + int opt; + int i; ++ int rc; + extern char *optarg; + char *progname; +- struct event sighup_ev; ++ struct event *sighup_ev; + + read_gss_conf(); + +@@ -1027,7 +1093,11 @@ main(int argc, char *argv[]) + if (gssd_check_mechs() != 0) + errx(1, "Problem with gssapi library"); + +- event_init(); ++ evbase = event_base_new(); ++ if (!evbase) { ++ printerr(0, "ERROR: failed to create event base: %s\n", strerror(errno)); ++ exit(EXIT_FAILURE); ++ } + + pipefs_dir = opendir(pipefs_path); + if (!pipefs_dir) { +@@ -1049,18 +1119,51 @@ main(int argc, char *argv[]) + + signal(SIGINT, sig_die); + signal(SIGTERM, sig_die); +- signal_set(&sighup_ev, SIGHUP, gssd_scan_cb, NULL); +- signal_add(&sighup_ev, NULL); +- event_set(&inotify_ev, inotify_fd, EV_READ | EV_PERSIST, gssd_inotify_cb, NULL); +- event_add(&inotify_ev, NULL); ++ sighup_ev = evsignal_new(evbase, SIGHUP, gssd_scan_cb, NULL); ++ if (!sighup_ev) { ++ printerr(0, "ERROR: failed to create SIGHUP event: %s\n", strerror(errno)); ++ exit(EXIT_FAILURE); ++ } ++ evsignal_add(sighup_ev, NULL); ++ inotify_ev = event_new(evbase, inotify_fd, EV_READ | EV_PERSIST, ++ gssd_inotify_cb, NULL); ++ if (!inotify_ev) { ++ printerr(0, "ERROR: failed to create inotify event: %s\n", strerror(errno)); ++ exit(EXIT_FAILURE); ++ } ++ event_add(inotify_ev, NULL); + + TAILQ_INIT(&topdir_list); + gssd_scan(); + daemon_ready(); + +- event_dispatch(); ++ rc = event_base_dispatch(evbase); + +- printerr(0, "ERROR: event_dispatch() returned!\n"); +- return EXIT_FAILURE; +-} ++ printerr(0, "event_dispatch() returned %i!\n", rc); ++ ++ gssd_destroy_krb5_principals(root_uses_machine_creds); ++ ++ while (!TAILQ_EMPTY(&topdir_list)) { ++ struct topdir *tdi = TAILQ_FIRST(&topdir_list); ++ TAILQ_REMOVE(&topdir_list, tdi, list); ++ while (!TAILQ_EMPTY(&tdi->clnt_list)) { ++ struct clnt_info *clp = TAILQ_FIRST(&tdi->clnt_list); ++ TAILQ_REMOVE(&tdi->clnt_list, clp, list); ++ gssd_destroy_client(clp); ++ } ++ free(tdi); ++ } ++ ++ event_free(inotify_ev); ++ event_free(sighup_ev); ++ event_base_free(evbase); + ++ close(inotify_fd); ++ close(pipefs_fd); ++ closedir(pipefs_dir); ++ ++ free(preferred_realm); ++ free(ccachesearch); ++ ++ return rc < 0 ? EXIT_FAILURE : EXIT_SUCCESS; ++} +diff --git a/utils/gssd/gssd.h b/utils/gssd/gssd.h +index f4f5975..1e8c58d 100644 +--- a/utils/gssd/gssd.h ++++ b/utils/gssd/gssd.h +@@ -62,13 +62,10 @@ extern int root_uses_machine_creds; + extern unsigned int context_timeout; + extern unsigned int rpc_timeout; + extern char *preferred_realm; +-extern pthread_mutex_t ple_lock; +-extern pthread_cond_t pcond; +-extern pthread_mutex_t pmutex; +-extern int thread_started; + + struct clnt_info { + TAILQ_ENTRY(clnt_info) list; ++ int refcount; + int wd; + bool scanned; + char *name; +@@ -79,9 +76,9 @@ struct clnt_info { + int vers; + char *protocol; + int krb5_fd; +- struct event krb5_ev; ++ struct event *krb5_ev; + int gssd_fd; +- struct event gssd_ev; ++ struct event *gssd_ev; + struct sockaddr_storage addr; + }; + +@@ -94,6 +91,7 @@ struct clnt_upcall_info { + + void handle_krb5_upcall(struct clnt_upcall_info *clp); + void handle_gssd_upcall(struct clnt_upcall_info *clp); ++void free_upcall_info(struct clnt_upcall_info *info); + + + #endif /* _RPC_GSSD_H_ */ +diff --git a/utils/gssd/gssd_proc.c b/utils/gssd/gssd_proc.c +index 8fe6605..e830f49 100644 +--- a/utils/gssd/gssd_proc.c ++++ b/utils/gssd/gssd_proc.c +@@ -149,9 +149,10 @@ do_downcall(int k5_fd, uid_t uid, struct authgss_private_data *pd, + char *buf = NULL, *p = NULL, *end = NULL; + unsigned int timeout = context_timeout; + unsigned int buf_size = 0; ++ pthread_t tid = pthread_self(); + +- printerr(2, "doing downcall: lifetime_rec=%u acceptor=%.*s\n", +- lifetime_rec, acceptor->length, acceptor->value); ++ printerr(2, "do_downcall(0x%x): lifetime_rec=%u acceptor=%.*s\n", ++ tid, lifetime_rec, acceptor->length, acceptor->value); + buf_size = sizeof(uid) + sizeof(timeout) + sizeof(pd->pd_seq_win) + + sizeof(pd->pd_ctx_hndl.length) + pd->pd_ctx_hndl.length + + sizeof(context_token->length) + context_token->length + +@@ -177,7 +178,7 @@ do_downcall(int k5_fd, uid_t uid, struct authgss_private_data *pd, + return; + out_err: + free(buf); +- printerr(1, "Failed to write downcall!\n"); ++ printerr(1, "do_downcall(0x%x): Failed to write downcall!\n", tid); + return; + } + +@@ -231,7 +232,7 @@ populate_port(struct sockaddr *sa, const socklen_t salen, + switch (sa->sa_family) { + case AF_INET: + if (s4->sin_port != 0) { +- printerr(2, "DEBUG: port already set to %d\n", ++ printerr(4, "DEBUG: port already set to %d\n", + ntohs(s4->sin_port)); + return 1; + } +@@ -239,7 +240,7 @@ populate_port(struct sockaddr *sa, const socklen_t salen, + #ifdef IPV6_SUPPORTED + case AF_INET6: + if (s6->sin6_port != 0) { +- printerr(2, "DEBUG: port already set to %d\n", ++ printerr(4, "DEBUG: port already set to %d\n", + ntohs(s6->sin6_port)); + return 1; + } +@@ -548,7 +549,7 @@ krb5_use_machine_creds(struct clnt_info *clp, uid_t uid, + uid, tgtname); + + do { +- gssd_refresh_krb5_machine_credential(clp->servername, NULL, ++ gssd_refresh_krb5_machine_credential(clp->servername, + service, srchost); + /* + * Get a list of credential cache names and try each +@@ -730,7 +731,7 @@ handle_krb5_upcall(struct clnt_upcall_info *info) + printerr(2, "\n%s: uid %d (%s)\n", __func__, info->uid, clp->relpath); + + process_krb5_upcall(clp, info->uid, clp->krb5_fd, NULL, NULL, NULL); +- free(info); ++ free_upcall_info(info); + } + + void +@@ -747,8 +748,10 @@ handle_gssd_upcall(struct clnt_upcall_info *info) + char *enctypes = NULL; + char *upcall_str; + char *pbuf = info->lbuf; ++ pthread_t tid = pthread_self(); + +- printerr(2, "\n%s: '%s' (%s)\n", __func__, info->lbuf, clp->relpath); ++ printerr(2, "\n%s(0x%x): '%s' (%s)\n", __func__, tid, ++ info->lbuf, clp->relpath); + + upcall_str = strdup(info->lbuf); + if (upcall_str == NULL) { +@@ -830,6 +833,6 @@ handle_gssd_upcall(struct clnt_upcall_info *info) + out: + free(upcall_str); + out_nomem: +- free(info); ++ free_upcall_info(info); + return; + } +diff --git a/utils/gssd/krb5_util.c b/utils/gssd/krb5_util.c +index 8c73748..9bd74b0 100644 +--- a/utils/gssd/krb5_util.c ++++ b/utils/gssd/krb5_util.c +@@ -130,9 +130,28 @@ + #include "gss_util.h" + #include "krb5_util.h" + ++/* ++ * List of principals from our keytab that we ++ * will try to use to obtain credentials ++ * (known as a principal list entry (ple)) ++ */ ++struct gssd_k5_kt_princ { ++ struct gssd_k5_kt_princ *next; ++ // Only protect against deletion, not modification ++ int refcount; ++ // Only set during creation in new_ple() ++ krb5_principal princ; ++ char *realm; ++ // Modified during usage by gssd_get_single_krb5_cred() ++ char *ccname; ++ krb5_timestamp endtime; ++}; ++ ++ + /* Global list of principals/cache file names for machine credentials */ +-struct gssd_k5_kt_princ *gssd_k5_kt_princ_list = NULL; +-pthread_mutex_t ple_lock = PTHREAD_MUTEX_INITIALIZER; ++static struct gssd_k5_kt_princ *gssd_k5_kt_princ_list = NULL; ++/* This mutex protects list modification & ple->ccname */ ++static pthread_mutex_t ple_lock = PTHREAD_MUTEX_INITIALIZER; + + #ifdef HAVE_SET_ALLOWABLE_ENCTYPES + int limit_to_legacy_enctypes = 0; +@@ -146,10 +165,22 @@ static int select_krb5_ccache(const struct dirent *d); + static int gssd_find_existing_krb5_ccache(uid_t uid, char *dirname, + const char **cctype, struct dirent **d); + static int gssd_get_single_krb5_cred(krb5_context context, +- krb5_keytab kt, struct gssd_k5_kt_princ *ple, int nocache); ++ krb5_keytab kt, struct gssd_k5_kt_princ *ple); + static int query_krb5_ccache(const char* cred_cache, char **ret_princname, + char **ret_realm); + ++static void release_ple(krb5_context context, struct gssd_k5_kt_princ *ple) ++{ ++ if (--ple->refcount) ++ return; ++ ++ printerr(3, "freeing cached principal (ccname=%s, realm=%s)\n", ple->ccname, ple->realm); ++ krb5_free_principal(context, ple->princ); ++ free(ple->ccname); ++ free(ple->realm); ++ free(ple); ++} ++ + /* + * Called from the scandir function to weed out potential krb5 + * credentials cache files +@@ -192,7 +223,8 @@ gssd_find_existing_krb5_ccache(uid_t uid, char *dirname, + int found = 0; + struct dirent *best_match_dir = NULL; + struct stat best_match_stat, tmp_stat; +- char buf[PATH_MAX+4+2+256]; ++ /* dirname + cctype + d_name + NULL */ ++ char buf[PATH_MAX+5+256+1]; + char *princname = NULL; + char *realm = NULL; + int score, best_match_score = 0, err = -EACCES; +@@ -349,8 +381,7 @@ gssd_check_if_cc_exists(struct gssd_k5_kt_princ *ple) + static int + gssd_get_single_krb5_cred(krb5_context context, + krb5_keytab kt, +- struct gssd_k5_kt_princ *ple, +- int nocache) ++ struct gssd_k5_kt_princ *ple) + { + #ifdef HAVE_KRB5_GET_INIT_CREDS_OPT_SET_ADDRESSLESS + krb5_get_init_creds_opt *init_opts = NULL; +@@ -367,22 +398,26 @@ gssd_get_single_krb5_cred(krb5_context context, + char *cache_type; + char *pname = NULL; + char *k5err = NULL; ++ int nocache = 0; + + memset(&my_creds, 0, sizeof(my_creds)); + +- if (!nocache && !use_memcache) ++ if (!use_memcache) + nocache = gssd_check_if_cc_exists(ple); + /* + * Workaround for clock skew among NFS server, NFS client and KDC + * 300 because clock skew must be within 300sec for kerberos + */ + now += 300; ++ pthread_mutex_lock(&ple_lock); + if (ple->ccname && ple->endtime > now && !nocache) { + printerr(3, "INFO: Credentials in CC '%s' are good until %d\n", + ple->ccname, ple->endtime); + code = 0; ++ pthread_mutex_unlock(&ple_lock); + goto out; + } ++ pthread_mutex_unlock(&ple_lock); + + if ((code = krb5_kt_get_name(context, kt, kt_name, BUFSIZ))) { + printerr(0, "ERROR: Unable to get keytab name in " +@@ -435,6 +470,7 @@ gssd_get_single_krb5_cred(krb5_context context, + * Initialize cache file which we're going to be using + */ + ++ pthread_mutex_lock(&ple_lock); + if (use_memcache) + cache_type = "MEMORY"; + else +@@ -444,15 +480,18 @@ gssd_get_single_krb5_cred(krb5_context context, + ccachesearch[0], GSSD_DEFAULT_CRED_PREFIX, + GSSD_DEFAULT_MACHINE_CRED_SUFFIX, ple->realm); + ple->endtime = my_creds.times.endtime; +- if (ple->ccname != NULL) ++ if (ple->ccname == NULL || strcmp(ple->ccname, cc_name) != 0) { + free(ple->ccname); +- ple->ccname = strdup(cc_name); +- if (ple->ccname == NULL) { +- printerr(0, "ERROR: no storage to duplicate credentials " +- "cache name '%s'\n", cc_name); +- code = ENOMEM; +- goto out; ++ ple->ccname = strdup(cc_name); ++ if (ple->ccname == NULL) { ++ printerr(0, "ERROR: no storage to duplicate credentials " ++ "cache name '%s'\n", cc_name); ++ code = ENOMEM; ++ pthread_mutex_unlock(&ple_lock); ++ goto out; ++ } + } ++ pthread_mutex_unlock(&ple_lock); + if ((code = krb5_cc_resolve(context, cc_name, &ccache))) { + k5err = gssd_k5_err_msg(context, code); + printerr(0, "ERROR: %s while opening credential cache '%s'\n", +@@ -484,12 +523,13 @@ gssd_get_single_krb5_cred(krb5_context context, + if (ccache) + krb5_cc_close(context, ccache); + krb5_free_cred_contents(context, &my_creds); +- krb5_free_string(context, k5err); ++ free(k5err); + return (code); + } + + /* + * Given a principal, find a matching ple structure ++ * Called with mutex held + */ + static struct gssd_k5_kt_princ * + find_ple_by_princ(krb5_context context, krb5_principal princ) +@@ -506,6 +546,7 @@ find_ple_by_princ(krb5_context context, krb5_principal princ) + + /* + * Create, initialize, and add a new ple structure to the global list ++ * Called with mutex held + */ + static struct gssd_k5_kt_princ * + new_ple(krb5_context context, krb5_principal princ) +@@ -557,6 +598,7 @@ new_ple(krb5_context context, krb5_principal princ) + p->next = ple; + } + ++ ple->refcount = 1; + return ple; + outerr: + if (ple) { +@@ -575,13 +617,14 @@ get_ple_by_princ(krb5_context context, krb5_principal princ) + { + struct gssd_k5_kt_princ *ple; + +- /* Need to serialize list if we ever become multi-threaded! */ +- + pthread_mutex_lock(&ple_lock); + ple = find_ple_by_princ(context, princ); + if (ple == NULL) { + ple = new_ple(context, princ); + } ++ if (ple != NULL) { ++ ple->refcount++; ++ } + pthread_mutex_unlock(&ple_lock); + + return ple; +@@ -715,6 +758,7 @@ gssd_search_krb5_keytab(krb5_context context, krb5_keytab kt, + goto out; + } + ++ printerr(4, "Scanning keytab for %s/*@%s\n", service, realm); + while ((code = krb5_kt_next_entry(context, kt, kte, &cursor)) == 0) { + if ((code = krb5_unparse_name(context, kte->principal, + &pname))) { +@@ -723,7 +767,7 @@ gssd_search_krb5_keytab(krb5_context context, krb5_keytab kt, + "we failed to unparse principal name: %s\n", + k5err); + k5_free_kt_entry(context, kte); +- krb5_free_string(context, k5err); ++ free(k5err); + k5err = NULL; + continue; + } +@@ -746,6 +790,8 @@ gssd_search_krb5_keytab(krb5_context context, krb5_keytab kt, + retval = ENOMEM; + k5_free_kt_entry(context, kte); + } else { ++ release_ple(context, ple); ++ ple = NULL; + retval = 0; + *found = 1; + } +@@ -770,7 +816,7 @@ gssd_search_krb5_keytab(krb5_context context, krb5_keytab kt, + if (retval < 0) + retval = 0; + out: +- krb5_free_string(context, k5err); ++ free(k5err); + return retval; + } + +@@ -811,41 +857,42 @@ find_keytab_entry(krb5_context context, krb5_keytab kt, + /* Get full local hostname */ + if (srchost) { + strcpy(myhostname, srchost); +- } else if (gethostname(myhostname, sizeof(myhostname)) == -1) { +- retval = errno; +- k5err = gssd_k5_err_msg(context, retval); +- printerr(1, "%s while getting local hostname\n", k5err); +- goto out; ++ strcpy(myhostad, myhostname); ++ } else { ++ /* Borrow myhostad for gethostname(), we need it later anyways */ ++ if (gethostname(myhostad, sizeof(myhostad)-1) == -1) { ++ retval = errno; ++ k5err = gssd_k5_err_msg(context, retval); ++ printerr(1, "%s while getting local hostname\n", k5err); ++ goto out; ++ } ++ retval = get_full_hostname(myhostad, myhostname, sizeof(myhostname)); ++ if (retval) { ++ /* Don't use myhostname */ ++ myhostname[0] = 0; ++ } + } + + /* Compute the active directory machine name HOST$ */ +- krb5_appdefault_string(context, "nfs", NULL, "ad_principal_name", ++ krb5_appdefault_string(context, "nfs", NULL, "ad_principal_name", + notsetstr, &adhostoverride); +- if (strcmp(adhostoverride, notsetstr) != 0) { +- printerr (1, +- "AD host string overridden with \"%s\" from appdefaults\n", +- adhostoverride); +- /* No overflow: Windows cannot handle strings longer than 19 chars */ +- strcpy(myhostad, adhostoverride); ++ if (adhostoverride && strcmp(adhostoverride, notsetstr) != 0) { ++ printerr(1, ++ "AD host string overridden with \"%s\" from appdefaults\n", ++ adhostoverride); ++ /* No overflow: Windows cannot handle strings longer than 19 chars */ ++ strcpy(myhostad, adhostoverride); + } else { +- strcpy(myhostad, myhostname); +- for (i = 0; myhostad[i] != 0; ++i) { +- if (myhostad[i] == '.') break; +- } +- myhostad[i] = '$'; +- myhostad[i+1] = 0; ++ /* In this case, it's been pre-filled above */ ++ for (i = 0; myhostad[i] != 0; ++i) { ++ if (myhostad[i] == '.') break; ++ } ++ myhostad[i] = '$'; ++ myhostad[i+1] = 0; + } + if (adhostoverride) + krb5_free_string(context, adhostoverride); + +- if (!srchost) { +- retval = get_full_hostname(myhostname, myhostname, sizeof(myhostname)); +- if (retval) { +- /* Don't use myhostname */ +- myhostname[0] = 0; +- } +- } +- + code = krb5_get_default_realm(context, &default_realm); + if (code) { + retval = code; +@@ -927,7 +974,7 @@ find_keytab_entry(krb5_context context, krb5_keytab kt, + k5err = gssd_k5_err_msg(context, code); + printerr(1, "%s while building principal for '%s'\n", + k5err, spn); +- krb5_free_string(context, k5err); ++ free(k5err); + k5err = NULL; + continue; + } +@@ -937,7 +984,7 @@ find_keytab_entry(krb5_context context, krb5_keytab kt, + k5err = gssd_k5_err_msg(context, code); + printerr(3, "%s while getting keytab entry for '%s'\n", + k5err, spn); +- krb5_free_string(context, k5err); ++ free(k5err); + k5err = NULL; + /* + * We tried the active directory machine account +@@ -986,7 +1033,7 @@ out: + k5_free_default_realm(context, default_realm); + if (realmnames) + krb5_free_host_realm(context, realmnames); +- krb5_free_string(context, k5err); ++ free(k5err); + return retval; + } + +@@ -1078,6 +1125,93 @@ err_cache: + return (*ret_princname && *ret_realm); + } + ++/* ++ * Obtain (or refresh if necessary) Kerberos machine credentials ++ * If a ple is passed in, it's reference will be released ++ */ ++static int ++gssd_refresh_krb5_machine_credential_internal(char *hostname, ++ struct gssd_k5_kt_princ *ple, ++ char *service, char *srchost) ++{ ++ krb5_error_code code = 0; ++ krb5_context context; ++ krb5_keytab kt = NULL;; ++ int retval = 0; ++ char *k5err = NULL; ++ const char *svcnames[] = { "$", "root", "nfs", "host", NULL }; ++ ++ printerr(2, "%s: hostname=%s ple=%p service=%s srchost=%s\n", ++ __func__, hostname, ple, service, srchost); ++ ++ /* ++ * If a specific service name was specified, use it. ++ * Otherwise, use the default list. ++ */ ++ if (service != NULL && strcmp(service, "*") != 0) { ++ svcnames[0] = service; ++ svcnames[1] = NULL; ++ } ++ if (hostname == NULL && ple == NULL) ++ return EINVAL; ++ ++ code = krb5_init_context(&context); ++ if (code) { ++ k5err = gssd_k5_err_msg(NULL, code); ++ printerr(0, "ERROR: %s: %s while initializing krb5 context\n", ++ __func__, k5err); ++ retval = code; ++ goto out; ++ } ++ ++ if ((code = krb5_kt_resolve(context, keytabfile, &kt))) { ++ k5err = gssd_k5_err_msg(context, code); ++ printerr(0, "ERROR: %s: %s while resolving keytab '%s'\n", ++ __func__, k5err, keytabfile); ++ goto out_free_context; ++ } ++ ++ if (ple == NULL) { ++ krb5_keytab_entry kte; ++ ++ code = find_keytab_entry(context, kt, srchost, hostname, ++ &kte, svcnames); ++ if (code) { ++ printerr(0, "ERROR: %s: no usable keytab entry found " ++ "in keytab %s for connection with host %s\n", ++ __FUNCTION__, keytabfile, hostname); ++ retval = code; ++ goto out_free_kt; ++ } ++ ++ ple = get_ple_by_princ(context, kte.principal); ++ k5_free_kt_entry(context, &kte); ++ if (ple == NULL) { ++ char *pname; ++ if ((krb5_unparse_name(context, kte.principal, &pname))) { ++ pname = NULL; ++ } ++ printerr(0, "ERROR: %s: Could not locate or create " ++ "ple struct for principal %s for connection " ++ "with host %s\n", ++ __FUNCTION__, pname ? pname : "", ++ hostname); ++ if (pname) k5_free_unparsed_name(context, pname); ++ goto out_free_kt; ++ } ++ } ++ retval = gssd_get_single_krb5_cred(context, kt, ple); ++out_free_kt: ++ krb5_kt_close(context, kt); ++out_free_context: ++ if (ple) ++ release_ple(context, ple); ++ krb5_free_context(context); ++out: ++ free(k5err); ++ return retval; ++} ++ + /*==========================*/ + /*=== External routines ===*/ + /*==========================*/ +@@ -1092,7 +1226,8 @@ err_cache: + int + gssd_setup_krb5_user_gss_ccache(uid_t uid, char *servername, char *dirpattern) + { +- char buf[PATH_MAX+2+256], dirname[PATH_MAX]; ++ /* dirname + cctype + d_name + NULL */ ++ char buf[PATH_MAX+5+256+1], dirname[PATH_MAX]; + const char *cctype; + struct dirent *d; + int err, i, j; +@@ -1171,37 +1306,56 @@ gssd_get_krb5_machine_cred_list(char ***list) + goto out; + } + +- /* Need to serialize list if we ever become multi-threaded! */ +- ++ pthread_mutex_lock(&ple_lock); + for (ple = gssd_k5_kt_princ_list; ple; ple = ple->next) { +- if (ple->ccname) { +- /* Make sure cred is up-to-date before returning it */ +- retval = gssd_refresh_krb5_machine_credential(NULL, ple, +- NULL, NULL); +- if (retval) +- continue; +- if (i + 1 > listsize) { +- listsize += listinc; +- l = (char **) +- realloc(l, listsize * sizeof(char *)); +- if (l == NULL) { +- retval = ENOMEM; +- goto out; +- } +- } +- if ((l[i++] = strdup(ple->ccname)) == NULL) { ++ if (!ple->ccname) ++ continue; ++ ++ /* Take advantage of the fact we only remove the ple ++ * from the list during shutdown. If it's modified ++ * concurrently at worst we'll just miss a new entry ++ * before the current ple ++ * ++ * gssd_refresh_krb5_machine_credential_internal() will ++ * release the ple refcount ++ */ ++ ple->refcount++; ++ pthread_mutex_unlock(&ple_lock); ++ /* Make sure cred is up-to-date before returning it */ ++ retval = gssd_refresh_krb5_machine_credential_internal(NULL, ple, ++ NULL, NULL); ++ pthread_mutex_lock(&ple_lock); ++ if (gssd_k5_kt_princ_list == NULL) { ++ /* Looks like we did shutdown... abort */ ++ l[i] = NULL; ++ gssd_free_krb5_machine_cred_list(l); ++ retval = ENOMEM; ++ goto out_lock; ++ } ++ if (retval) ++ continue; ++ if (i + 1 > listsize) { ++ listsize += listinc; ++ l = (char **) ++ realloc(l, listsize * sizeof(char *)); ++ if (l == NULL) { + retval = ENOMEM; +- goto out; ++ goto out_lock; + } + } ++ if ((l[i++] = strdup(ple->ccname)) == NULL) { ++ retval = ENOMEM; ++ goto out_lock; ++ } + } + if (i > 0) { + l[i] = NULL; + *list = l; + retval = 0; +- goto out; + } else + free((void *)l); ++out_lock: ++ pthread_mutex_unlock(&ple_lock); + out: + return retval; + } +@@ -1226,7 +1380,7 @@ gssd_free_krb5_machine_cred_list(char **list) + * Called upon exit. Destroys machine credentials. + */ + void +-gssd_destroy_krb5_machine_creds(void) ++gssd_destroy_krb5_principals(int destroy_machine_creds) + { + krb5_context context; + krb5_error_code code = 0; +@@ -1238,33 +1392,38 @@ gssd_destroy_krb5_machine_creds(void) + if (code) { + k5err = gssd_k5_err_msg(NULL, code); + printerr(0, "ERROR: %s while initializing krb5\n", k5err); +- goto out; ++ free(k5err); ++ return; + } + +- for (ple = gssd_k5_kt_princ_list; ple; ple = ple->next) { +- if (!ple->ccname) +- continue; +- if ((code = krb5_cc_resolve(context, ple->ccname, &ccache))) { +- k5err = gssd_k5_err_msg(context, code); +- printerr(0, "WARNING: %s while resolving credential " +- "cache '%s' for destruction\n", k5err, +- ple->ccname); +- krb5_free_string(context, k5err); +- k5err = NULL; +- continue; +- } ++ pthread_mutex_lock(&ple_lock); ++ while (gssd_k5_kt_princ_list) { ++ ple = gssd_k5_kt_princ_list; ++ gssd_k5_kt_princ_list = ple->next; + +- if ((code = krb5_cc_destroy(context, ccache))) { +- k5err = gssd_k5_err_msg(context, code); +- printerr(0, "WARNING: %s while destroying credential " +- "cache '%s'\n", k5err, ple->ccname); +- krb5_free_string(context, k5err); +- k5err = NULL; ++ if (destroy_machine_creds && ple->ccname) { ++ if ((code = krb5_cc_resolve(context, ple->ccname, &ccache))) { ++ k5err = gssd_k5_err_msg(context, code); ++ printerr(0, "WARNING: %s while resolving credential " ++ "cache '%s' for destruction\n", k5err, ++ ple->ccname); ++ free(k5err); ++ k5err = NULL; ++ } ++ ++ if (!code && (code = krb5_cc_destroy(context, ccache))) { ++ k5err = gssd_k5_err_msg(context, code); ++ printerr(0, "WARNING: %s while destroying credential " ++ "cache '%s'\n", k5err, ple->ccname); ++ free(k5err); ++ k5err = NULL; ++ } + } ++ ++ release_ple(context, ple); + } ++ pthread_mutex_unlock(&ple_lock); + krb5_free_context(context); +- out: +- krb5_free_string(context, k5err); + } + + /* +@@ -1272,83 +1431,10 @@ gssd_destroy_krb5_machine_creds(void) + */ + int + gssd_refresh_krb5_machine_credential(char *hostname, +- struct gssd_k5_kt_princ *ple, + char *service, char *srchost) + { +- krb5_error_code code = 0; +- krb5_context context; +- krb5_keytab kt = NULL;; +- int retval = 0; +- char *k5err = NULL; +- const char *svcnames[] = { "$", "root", "nfs", "host", NULL }; +- +- printerr(2, "%s: hostname=%s ple=%p service=%s srchost=%s\n", +- __func__, hostname, ple, service, srchost); +- +- /* +- * If a specific service name was specified, use it. +- * Otherwise, use the default list. +- */ +- if (service != NULL && strcmp(service, "*") != 0) { +- svcnames[0] = service; +- svcnames[1] = NULL; +- } +- if (hostname == NULL && ple == NULL) +- return EINVAL; +- +- code = krb5_init_context(&context); +- if (code) { +- k5err = gssd_k5_err_msg(NULL, code); +- printerr(0, "ERROR: %s: %s while initializing krb5 context\n", +- __func__, k5err); +- retval = code; +- goto out; +- } +- +- if ((code = krb5_kt_resolve(context, keytabfile, &kt))) { +- k5err = gssd_k5_err_msg(context, code); +- printerr(0, "ERROR: %s: %s while resolving keytab '%s'\n", +- __func__, k5err, keytabfile); +- goto out_free_context; +- } +- +- if (ple == NULL) { +- krb5_keytab_entry kte; +- +- code = find_keytab_entry(context, kt, srchost, hostname, +- &kte, svcnames); +- if (code) { +- printerr(0, "ERROR: %s: no usable keytab entry found " +- "in keytab %s for connection with host %s\n", +- __FUNCTION__, keytabfile, hostname); +- retval = code; +- goto out_free_kt; +- } +- +- ple = get_ple_by_princ(context, kte.principal); +- k5_free_kt_entry(context, &kte); +- if (ple == NULL) { +- char *pname; +- if ((krb5_unparse_name(context, kte.principal, &pname))) { +- pname = NULL; +- } +- printerr(0, "ERROR: %s: Could not locate or create " +- "ple struct for principal %s for connection " +- "with host %s\n", +- __FUNCTION__, pname ? pname : "", +- hostname); +- if (pname) k5_free_unparsed_name(context, pname); +- goto out_free_kt; +- } +- } +- retval = gssd_get_single_krb5_cred(context, kt, ple, 0); +-out_free_kt: +- krb5_kt_close(context, kt); +-out_free_context: +- krb5_free_context(context); +-out: +- krb5_free_string(context, k5err); +- return retval; ++ return gssd_refresh_krb5_machine_credential_internal(hostname, NULL, ++ service, srchost); + } + + /* +diff --git a/utils/gssd/krb5_util.h b/utils/gssd/krb5_util.h +index b000b44..2415205 100644 +--- a/utils/gssd/krb5_util.h ++++ b/utils/gssd/krb5_util.h +@@ -9,27 +9,13 @@ + #include "gss_oids.h" + #endif + +-/* +- * List of principals from our keytab that we +- * will try to use to obtain credentials +- * (known as a principal list entry (ple)) +- */ +-struct gssd_k5_kt_princ { +- struct gssd_k5_kt_princ *next; +- krb5_principal princ; +- char *ccname; +- char *realm; +- krb5_timestamp endtime; +-}; +- + + int gssd_setup_krb5_user_gss_ccache(uid_t uid, char *servername, + char *dirname); + int gssd_get_krb5_machine_cred_list(char ***list); + void gssd_free_krb5_machine_cred_list(char **list); +-void gssd_destroy_krb5_machine_creds(void); ++void gssd_destroy_krb5_principals(int destroy_machine_creds); + int gssd_refresh_krb5_machine_credential(char *hostname, +- struct gssd_k5_kt_princ *ple, + char *service, char *srchost); + char *gssd_k5_err_msg(krb5_context context, krb5_error_code code); + void gssd_k5_get_default_realm(char **def_realm); +diff --git a/utils/gssd/svcgssd.c b/utils/gssd/svcgssd.c +index ec49b61..3ab2100 100644 +--- a/utils/gssd/svcgssd.c ++++ b/utils/gssd/svcgssd.c +@@ -57,20 +57,36 @@ + #include + #include + #include ++#include ++ + #include "nfslib.h" + #include "svcgssd.h" + #include "gss_util.h" + #include "err_util.h" + #include "conffile.h" ++#include "misc.h" ++#include "svcgssd_krb5.h" ++ ++struct state_paths etab; /* from cacheio.c */ ++static bool signal_received = false; ++static struct event_base *evbase = NULL; ++static int nullrpc_fd = -1; ++static struct event *nullrpc_event = NULL; ++static struct event *wait_event = NULL; + +-struct state_paths etab; ++#define NULLRPC_FILE "/proc/net/rpc/auth.rpcsec.init/channel" + + static void + sig_die(int signal) + { +- /* destroy krb5 machine creds */ ++ if (signal_received) { ++ /* destroy krb5 machine creds */ ++ printerr(1, "forced exiting on signal %d\n", signal); ++ exit(0); ++ } ++ signal_received = true; + printerr(1, "exiting on signal %d\n", signal); +- exit(0); ++ event_base_loopexit(evbase, NULL); + } + + static void +@@ -89,6 +105,84 @@ usage(char *progname) + exit(1); + } + ++static void ++svcgssd_nullrpc_cb(int fd, short UNUSED(which), void *UNUSED(data)) ++{ ++ char lbuf[RPC_CHAN_BUF_SIZE]; ++ int lbuflen = 0; ++ ++ printerr(1, "reading null request\n"); ++ ++ lbuflen = read(fd, lbuf, sizeof(lbuf)); ++ if (lbuflen <= 0 || lbuf[lbuflen-1] != '\n') { ++ printerr(0, "WARNING: handle_nullreq: failed reading request\n"); ++ return; ++ } ++ lbuf[lbuflen-1] = 0; ++ ++ handle_nullreq(lbuf); ++} ++ ++static void ++svcgssd_nullrpc_close(void) ++{ ++ if (nullrpc_event) { ++ printerr(2, "closing nullrpc channel %s\n", NULLRPC_FILE); ++ event_free(nullrpc_event); ++ nullrpc_event = NULL; ++ } ++ if (nullrpc_fd != -1) { ++ close(nullrpc_fd); ++ nullrpc_fd = -1; ++ } ++} ++ ++static void ++svcgssd_nullrpc_open(void) ++{ ++ nullrpc_fd = open(NULLRPC_FILE, O_RDWR); ++ if (nullrpc_fd < 0) { ++ printerr(0, "failed to open %s: %s\n", ++ NULLRPC_FILE, strerror(errno)); ++ return; ++ } ++ nullrpc_event = event_new(evbase, nullrpc_fd, EV_READ | EV_PERSIST, ++ svcgssd_nullrpc_cb, NULL); ++ if (!nullrpc_event) { ++ printerr(0, "failed to create event for %s: %s\n", ++ NULLRPC_FILE, strerror(errno)); ++ close(nullrpc_fd); ++ nullrpc_fd = -1; ++ return; ++ } ++ event_add(nullrpc_event, NULL); ++ printerr(2, "opened nullrpc channel %s\n", NULLRPC_FILE); ++} ++ ++static void ++svcgssd_wait_cb(int UNUSED(fd), short UNUSED(which), void *UNUSED(data)) ++{ ++ static int times = 0; ++ int rc; ++ ++ rc = access(NULLRPC_FILE, R_OK | W_OK); ++ if (rc != 0) { ++ struct timeval t = {times < 10 ? 1 : 10, 0}; ++ times++; ++ if (times % 30 == 0) ++ printerr(2, "still waiting for nullrpc channel: %s\n", ++ NULLRPC_FILE); ++ evtimer_add(wait_event, &t); ++ return; ++ } ++ ++ svcgssd_nullrpc_open(); ++ event_free(wait_event); ++ wait_event = NULL; ++} ++ ++ ++ + int + main(int argc, char *argv[]) + { +@@ -102,6 +196,7 @@ main(int argc, char *argv[]) + char *progname; + char *principal = NULL; + char *s; ++ int rc; + + conf_init_file(NFS_CONFFILE); + +@@ -117,6 +212,9 @@ main(int argc, char *argv[]) + rpc_verbosity = conf_get_num("svcgssd", "RPC-Verbosity", rpc_verbosity); + idmap_verbosity = conf_get_num("svcgssd", "IDMAP-Verbosity", idmap_verbosity); + ++ /* We don't need the config anymore */ ++ conf_cleanup(); ++ + while ((opt = getopt(argc, argv, "fivrnp:")) != -1) { + switch (opt) { + case 'f': +@@ -182,6 +280,12 @@ main(int argc, char *argv[]) + + daemon_init(fg); + ++ evbase = event_base_new(); ++ if (!evbase) { ++ printerr(0, "ERROR: failed to create event base: %s\n", strerror(errno)); ++ exit(EXIT_FAILURE); ++ } ++ + signal(SIGINT, sig_die); + signal(SIGTERM, sig_die); + signal(SIGHUP, sig_hup); +@@ -209,10 +313,37 @@ main(int argc, char *argv[]) + } + } + ++ svcgssd_nullrpc_open(); ++ if (!nullrpc_event) { ++ struct timeval t = {1, 0}; ++ ++ printerr(2, "waiting for nullrpc channel to appear\n"); ++ wait_event = evtimer_new(evbase, svcgssd_wait_cb, NULL); ++ if (!wait_event) { ++ printerr(0, "ERROR: failed to create wait event: %s\n", ++ strerror(errno)); ++ exit(EXIT_FAILURE); ++ } ++ evtimer_add(wait_event, &t); ++ } ++ + daemon_ready(); + + nfs4_init_name_mapping(NULL); /* XXX: should only do this once */ +- gssd_run(); +- printerr(0, "gssd_run returned!\n"); +- abort(); ++ ++ rc = event_base_dispatch(evbase); ++ if (rc < 0) ++ printerr(0, "event_base_dispatch() returned %i!\n", rc); ++ ++ svcgssd_nullrpc_close(); ++ if (wait_event) ++ event_free(wait_event); ++ ++ event_base_free(evbase); ++ ++ nfs4_term_name_mapping(); ++ svcgssd_free_enctypes(); ++ gssd_cleanup(); ++ ++ return EXIT_SUCCESS; + } +diff --git a/utils/gssd/svcgssd.h b/utils/gssd/svcgssd.h +index 02b5c7a..e229b98 100644 +--- a/utils/gssd/svcgssd.h ++++ b/utils/gssd/svcgssd.h +@@ -35,8 +35,7 @@ + #include + #include + +-void handle_nullreq(int f); +-void gssd_run(void); ++void handle_nullreq(char *cp); + + #define GSSD_SERVICE_NAME "nfs" + +diff --git a/utils/gssd/svcgssd_krb5.c b/utils/gssd/svcgssd_krb5.c +index 1d44d34..305d475 100644 +--- a/utils/gssd/svcgssd_krb5.c ++++ b/utils/gssd/svcgssd_krb5.c +@@ -74,13 +74,7 @@ parse_enctypes(char *enctypes) + return 0; + + /* Free any existing cached_enctypes */ +- free(cached_enctypes); +- +- if (parsed_enctypes != NULL) { +- free(parsed_enctypes); +- parsed_enctypes = NULL; +- parsed_num_enctypes = 0; +- } ++ svcgssd_free_enctypes(); + + /* count the number of commas */ + for (curr = enctypes; curr && *curr != '\0'; curr = ++comma) { +@@ -162,6 +156,19 @@ out_clean_parsed: + /*=== External routines ===*/ + /*==========================*/ + ++void ++svcgssd_free_enctypes(void) ++{ ++ free(cached_enctypes); ++ cached_enctypes = NULL; ++ ++ if (parsed_enctypes != NULL) { ++ free(parsed_enctypes); ++ parsed_enctypes = NULL; ++ parsed_num_enctypes = 0; ++ } ++} ++ + /* + * Get encryption types supported by the kernel, and then + * call gss_krb5_set_allowable_enctypes() to limit the +diff --git a/utils/gssd/svcgssd_krb5.h b/utils/gssd/svcgssd_krb5.h +index 07d5eb9..78a90e9 100644 +--- a/utils/gssd/svcgssd_krb5.h ++++ b/utils/gssd/svcgssd_krb5.h +@@ -32,5 +32,6 @@ + #define SVCGSSD_KRB5_H + + int svcgssd_limit_krb5_enctypes(void); ++void svcgssd_free_enctypes(void); + + #endif /* SVCGSSD_KRB5_H */ +diff --git a/utils/gssd/svcgssd_main_loop.c b/utils/gssd/svcgssd_main_loop.c +deleted file mode 100644 +index 920520d..0000000 +--- a/utils/gssd/svcgssd_main_loop.c ++++ /dev/null +@@ -1,94 +0,0 @@ +-/* +- Copyright (c) 2004 The Regents of the University of Michigan. +- All rights reserved. +- +- Redistribution and use in source and binary forms, with or without +- modification, are permitted provided that the following conditions +- are met: +- +- 1. Redistributions of source code must retain the above copyright +- notice, this list of conditions and the following disclaimer. +- 2. Redistributions in binary form must reproduce the above copyright +- notice, this list of conditions and the following disclaimer in the +- documentation and/or other materials provided with the distribution. +- 3. Neither the name of the University nor the names of its +- contributors may be used to endorse or promote products derived +- from this software without specific prior written permission. +- +- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED +- WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +- MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +- DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE +- FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +- CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR +- BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF +- LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING +- NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS +- SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +-*/ +- +-#ifdef HAVE_CONFIG_H +-#include +-#endif /* HAVE_CONFIG_H */ +- +-#include +-#include +-#include +-#include +-#include +-#include +- +-#include +-#include +-#include +-#include +-#include +-#include +-#include +- +-#include "svcgssd.h" +-#include "err_util.h" +- +-void +-gssd_run() +-{ +- int ret; +- int f; +- struct pollfd pollfd; +- +-#define NULLRPC_FILE "/proc/net/rpc/auth.rpcsec.init/channel" +- +- f = open(NULLRPC_FILE, O_RDWR); +- if (f < 0) { +- printerr(0, "failed to open %s: %s\n", +- NULLRPC_FILE, strerror(errno)); +- exit(1); +- } +- pollfd.fd = f; +- pollfd.events = POLLIN; +- while (1) { +- int save_err; +- +- pollfd.revents = 0; +- printerr(1, "entering poll\n"); +- ret = poll(&pollfd, 1, -1); +- save_err = errno; +- printerr(1, "leaving poll\n"); +- if (ret < 0) { +- if (save_err != EINTR) +- printerr(0, "error return from poll: %s\n", +- strerror(save_err)); +- } else if (ret == 0) { +- /* timeout; shouldn't happen. */ +- } else { +- if (ret != 1) { +- printerr(0, "bug: unexpected poll return %d\n", +- ret); +- exit(1); +- } +- if (pollfd.revents & POLLIN) +- handle_nullreq(f); +- } +- } +-} +diff --git a/utils/gssd/svcgssd_proc.c b/utils/gssd/svcgssd_proc.c +index 72ec254..b403143 100644 +--- a/utils/gssd/svcgssd_proc.c ++++ b/utils/gssd/svcgssd_proc.c +@@ -318,7 +318,7 @@ print_hexl(const char *description, unsigned char *cp, int length) + #endif + + void +-handle_nullreq(int f) { ++handle_nullreq(char *cp) { + /* XXX initialize to a random integer to reduce chances of unnecessary + * invalidation of existing ctx's on restarting svcgssd. */ + static u_int32_t handle_seq = 0; +@@ -340,24 +340,11 @@ handle_nullreq(int f) { + u_int32_t maj_stat = GSS_S_FAILURE, min_stat = 0; + u_int32_t ignore_min_stat; + struct svc_cred cred; +- char lbuf[RPC_CHAN_BUF_SIZE]; +- int lbuflen = 0; +- char *cp; + int32_t ctx_endtime; + char *hostbased_name = NULL; + + printerr(1, "handling null request\n"); + +- lbuflen = read(f, lbuf, sizeof(lbuf)); +- if (lbuflen <= 0 || lbuf[lbuflen-1] != '\n') { +- printerr(0, "WARNING: handle_nullreq: " +- "failed reading request\n"); +- return; +- } +- lbuf[lbuflen-1] = 0; +- +- cp = lbuf; +- + in_handle.length = (size_t) qword_get(&cp, in_handle.value, + sizeof(in_handle_buf)); + #ifdef DEBUG +diff --git a/utils/idmapd/idmapd.c b/utils/idmapd/idmapd.c +index 893159f..f3d2314 100644 +--- a/utils/idmapd/idmapd.c ++++ b/utils/idmapd/idmapd.c +@@ -49,7 +49,7 @@ + + #include + #include +-#include ++#include + #include + #include + #include +@@ -115,7 +115,7 @@ struct idmap_client { + int ic_fd; + int ic_dirfd; + int ic_scanned; +- struct event ic_event; ++ struct event *ic_event; + TAILQ_ENTRY(idmap_client) ic_next; + }; + static struct idmap_client nfsd_ic[2] = { +@@ -155,6 +155,7 @@ static void idtonameres(struct idmap_msg *); + static void nametoidres(struct idmap_msg *); + + static int nfsdopen(void); ++static void nfsdclose(void); + static int nfsdopenone(struct idmap_client *); + static void nfsdreopen_one(struct idmap_client *); + static void nfsdreopen(void); +@@ -166,6 +167,22 @@ static char pipefsdir[PATH_MAX]; + static char *nobodyuser, *nobodygroup; + static uid_t nobodyuid; + static gid_t nobodygid; ++static struct event_base *evbase = NULL; ++static bool signal_received = false; ++static int inotify_fd = -1; ++ ++static void ++sig_die(int signal) ++{ ++ if (signal_received) { ++ xlog_warn("forced exiting on signal %d\n", signal); ++ exit(0); ++ } ++ ++ signal_received = true; ++ xlog_warn("exiting on signal %d\n", signal); ++ event_base_loopexit(evbase, NULL); ++} + + static int + flush_nfsd_cache(char *path, time_t now) +@@ -209,14 +226,14 @@ main(int argc, char **argv) + { + int wd = -1, opt, fg = 0, nfsdret = -1; + struct idmap_clientq icq; +- struct event rootdirev, clntdirev, svrdirev, inotifyev; +- struct event initialize; ++ struct event *rootdirev = NULL, *clntdirev = NULL, ++ *svrdirev = NULL, *inotifyev = NULL; ++ struct event *initialize = NULL; + struct passwd *pw; + struct group *gr; + struct stat sb; + char *xpipefsdir = NULL; + int serverstart = 1, clientstart = 1; +- int inotify_fd; + int ret; + char *progname; + char *conf_path = NULL; +@@ -289,6 +306,9 @@ main(int argc, char **argv) + serverstart = 0; + } + ++ /* Config memory is no longer needed */ ++ conf_cleanup(); ++ + while ((opt = getopt(argc, argv, GETOPTSTR)) != -1) + switch (opt) { + case 'v': +@@ -341,9 +361,11 @@ main(int argc, char **argv) + if (nfs4_init_name_mapping(conf_path)) + errx(1, "Unable to create name to user id mappings."); + +- event_init(); ++ evbase = event_base_new(); ++ if (evbase == NULL) ++ errx(1, "Failed to create event base."); + +- if (verbose > 0) ++ if (verbose > 1) + xlog_warn("Expiration time is %d seconds.", + cache_entry_expiration); + if (serverstart) { +@@ -388,30 +410,44 @@ main(int argc, char **argv) + if (inotify_fd == -1) { + xlog_err("Unable to initialise inotify_init1: %s\n", strerror(errno)); + } else { +- wd = inotify_add_watch(inotify_fd, pipefsdir, IN_CREATE | IN_DELETE | IN_MODIFY); ++ wd = inotify_add_watch(inotify_fd, pipefsdir, IN_CREATE | IN_DELETE); + if (wd < 0) + xlog_err("Unable to inotify_add_watch(%s): %s\n", pipefsdir, strerror(errno)); + } + + TAILQ_INIT(&icq); + ++ signal(SIGINT, sig_die); ++ signal(SIGTERM, sig_die); ++ + /* These events are persistent */ +- signal_set(&rootdirev, SIGUSR1, dirscancb, &icq); +- signal_add(&rootdirev, NULL); +- signal_set(&clntdirev, SIGUSR2, clntscancb, &icq); +- signal_add(&clntdirev, NULL); +- signal_set(&svrdirev, SIGHUP, svrreopen, NULL); +- signal_add(&svrdirev, NULL); ++ rootdirev = evsignal_new(evbase, SIGUSR1, dirscancb, &icq); ++ if (rootdirev == NULL) ++ errx(1, "Failed to create SIGUSR1 event."); ++ evsignal_add(rootdirev, NULL); ++ clntdirev = evsignal_new(evbase, SIGUSR2, clntscancb, &icq); ++ if (clntdirev == NULL) ++ errx(1, "Failed to create SIGUSR2 event."); ++ evsignal_add(clntdirev, NULL); ++ svrdirev = evsignal_new(evbase, SIGHUP, svrreopen, NULL); ++ if (svrdirev == NULL) ++ errx(1, "Failed to create SIGHUP event."); ++ evsignal_add(svrdirev, NULL); + if ( wd >= 0) { +- event_set(&inotifyev, inotify_fd, EV_READ, dirscancb, &icq); +- event_add(&inotifyev, NULL); ++ inotifyev = event_new(evbase, inotify_fd, ++ EV_READ | EV_PERSIST, dirscancb, &icq); ++ if (inotifyev == NULL) ++ errx(1, "Failed to create inotify read event."); ++ event_add(inotifyev, NULL); + } + + /* Fetch current state */ + /* (Delay till start of event_dispatch to avoid possibly losing + * a SIGUSR1 between here and the call to event_dispatch().) */ +- evtimer_set(&initialize, dirscancb, &icq); +- evtimer_add(&initialize, &now); ++ initialize = evtimer_new(evbase, dirscancb, &icq); ++ if (initialize == NULL) ++ errx(1, "Failed to create initialize event."); ++ evtimer_add(initialize, &now); + } + + if (nfsdret != 0 && wd < 0) +@@ -419,15 +455,60 @@ main(int argc, char **argv) + + daemon_ready(); + +- if (event_dispatch() < 0) ++ if (event_base_dispatch(evbase) < 0) + xlog_err("main: event_dispatch returns errno %d (%s)", + errno, strerror(errno)); +- /* NOTREACHED */ ++ ++ nfs4_term_name_mapping(); ++ nfsdclose(); ++ ++ if (inotifyev) ++ event_free(inotifyev); ++ if (inotify_fd != -1) ++ close(inotify_fd); ++ ++ if (initialize) ++ event_free(initialize); ++ if (rootdirev) ++ event_free(rootdirev); ++ if (clntdirev) ++ event_free(clntdirev); ++ if (svrdirev) ++ event_free(svrdirev); ++ event_base_free(evbase); ++ + return 1; + } + + static void +-dirscancb(int UNUSED(fd), short UNUSED(which), void *data) ++flush_inotify(int fd) ++{ ++ while (true) { ++ char buf[4096] __attribute__ ((aligned(__alignof__(struct inotify_event)))); ++ const struct inotify_event *ev; ++ ssize_t len; ++ char *ptr; ++ ++ len = read(fd, buf, sizeof(buf)); ++ if (len == -1 && errno == EINTR) ++ continue; ++ ++ if (len <= 0) ++ break; ++ ++ for (ptr = buf; ptr < buf + len; ++ ptr += sizeof(struct inotify_event) + ev->len) { ++ ++ ev = (const struct inotify_event *)ptr; ++ if (verbose > 2) ++ xlog_warn("pipefs inotify: wd=%i, mask=0x%08x, len=%i, name=%s", ++ ev->wd, ev->mask, ev->len, ev->len ? ev->name : ""); ++ } ++ } ++} ++ ++static void ++dirscancb(int fd, short UNUSED(which), void *data) + { + int nent, i; + struct dirent **ents; +@@ -435,6 +516,13 @@ dirscancb(int UNUSED(fd), short UNUSED(which), void *data) + char path[PATH_MAX+256]; /* + sizeof(d_name) */ + struct idmap_clientq *icq = data; + ++ if (fd != -1) ++ flush_inotify(fd); ++ ++ TAILQ_FOREACH(ic, icq, ic_next) { ++ ic->ic_scanned = 0; ++ } ++ + nent = scandir(pipefsdir, &ents, NULL, alphasort); + if (nent == -1) { + xlog_warn("dirscancb: scandir(%s): %s", pipefsdir, strerror(errno)); +@@ -468,15 +556,15 @@ dirscancb(int UNUSED(fd), short UNUSED(which), void *data) + strlcat(path, "/idmap", sizeof(path)); + strlcpy(ic->ic_path, path, sizeof(ic->ic_path)); + +- if (verbose > 0) +- xlog_warn("New client: %s", ic->ic_clid); +- + if (nfsopen(ic) == -1) { + close(ic->ic_dirfd); + free(ic); + goto out; + } + ++ if (verbose > 2) ++ xlog_warn("New client: %s", ic->ic_clid); ++ + ic->ic_id = "Client"; + + TAILQ_INSERT_TAIL(icq, ic, ic_next); +@@ -490,17 +578,19 @@ dirscancb(int UNUSED(fd), short UNUSED(which), void *data) + while(ic != NULL) { + nextic=TAILQ_NEXT(ic, ic_next); + if (!ic->ic_scanned) { +- event_del(&ic->ic_event); +- close(ic->ic_fd); +- close(ic->ic_dirfd); ++ if (ic->ic_event) ++ event_free(ic->ic_event); ++ if (ic->ic_fd != -1) ++ close(ic->ic_fd); ++ if (ic->ic_dirfd != -1) ++ close(ic->ic_dirfd); + TAILQ_REMOVE(icq, ic, ic_next); +- if (verbose > 0) { ++ if (verbose > 2) { + xlog_warn("Stale client: %s", ic->ic_clid); + xlog_warn("\t-> closed %s", ic->ic_path); + } + free(ic); +- } else +- ic->ic_scanned = 0; ++ } + ic = nextic; + } + +@@ -546,7 +636,7 @@ nfsdcb(int UNUSED(fd), short which, void *data) + unsigned long tmp; + + if (which != EV_READ) +- goto out; ++ return; + + len = read(ic->ic_fd, buf, sizeof(buf)); + if (len == 0) +@@ -569,13 +659,13 @@ nfsdcb(int UNUSED(fd), short which, void *data) + /* Authentication name -- ignored for now*/ + if (getfield(&bp, authbuf, sizeof(authbuf)) == -1) { + xlog_warn("nfsdcb: bad authentication name in upcall\n"); +- goto out; ++ return; + } + if (getfield(&bp, typebuf, sizeof(typebuf)) == -1) { + xlog_warn("nfsdcb: bad type in upcall\n"); +- goto out; ++ return; + } +- if (verbose > 0) ++ if (verbose > 2) + xlog_warn("nfsdcb: authbuf=%s authtype=%s", + authbuf, typebuf); + +@@ -587,26 +677,26 @@ nfsdcb(int UNUSED(fd), short which, void *data) + im.im_conv = IDMAP_CONV_NAMETOID; + if (getfield(&bp, im.im_name, sizeof(im.im_name)) == -1) { + xlog_warn("nfsdcb: bad name in upcall\n"); +- goto out; ++ return; + } + break; + case IC_IDNAME: + im.im_conv = IDMAP_CONV_IDTONAME; + if (getfield(&bp, buf1, sizeof(buf1)) == -1) { + xlog_warn("nfsdcb: bad id in upcall\n"); +- goto out; ++ return; + } + tmp = strtoul(buf1, (char **)NULL, 10); + im.im_id = (u_int32_t)tmp; + if ((tmp == ULONG_MAX && errno == ERANGE) + || (unsigned long)im.im_id != tmp) { + xlog_warn("nfsdcb: id '%s' too big!\n", buf1); +- goto out; ++ return; + } + break; + default: + xlog_warn("nfsdcb: Unknown which type %d", ic->ic_which); +- goto out; ++ return; + } + + imconv(ic, &im); +@@ -667,7 +757,7 @@ nfsdcb(int UNUSED(fd), short which, void *data) + break; + default: + xlog_warn("nfsdcb: Unknown which type %d", ic->ic_which); +- goto out; ++ return; + } + + bsiz = sizeof(buf) - bsiz; +@@ -675,9 +765,6 @@ nfsdcb(int UNUSED(fd), short which, void *data) + if (atomicio((void*)write, ic->ic_fd, buf, bsiz) != bsiz) + xlog_warn("nfsdcb: write(%s) failed: errno %d (%s)", + ic->ic_path, errno, strerror(errno)); +- +-out: +- event_add(&ic->ic_event, NULL); + } + + static void +@@ -721,14 +808,12 @@ nfscb(int UNUSED(fd), short which, void *data) + struct idmap_msg im; + + if (which != EV_READ) +- goto out; ++ return; + + if (atomicio(read, ic->ic_fd, &im, sizeof(im)) != sizeof(im)) { + if (verbose > 0) + xlog_warn("nfscb: read(%s): %s", ic->ic_path, strerror(errno)); +- if (errno == EPIPE) +- return; +- goto out; ++ return; + } + + imconv(ic, &im); +@@ -742,8 +827,19 @@ nfscb(int UNUSED(fd), short which, void *data) + + if (atomicio((void*)write, ic->ic_fd, &im, sizeof(im)) != sizeof(im)) + xlog_warn("nfscb: write(%s): %s", ic->ic_path, strerror(errno)); +-out: +- event_add(&ic->ic_event, NULL); ++} ++ ++static void ++nfsdclose_one(struct idmap_client *ic) ++{ ++ if (ic->ic_event) { ++ event_free(ic->ic_event); ++ ic->ic_event = NULL; ++ } ++ if (ic->ic_fd != -1) { ++ close(ic->ic_fd); ++ ic->ic_fd = -1; ++ } + } + + static void +@@ -751,18 +847,22 @@ nfsdreopen_one(struct idmap_client *ic) + { + int fd; + +- if (verbose > 0) ++ if (verbose > 2) + xlog_warn("ReOpening %s", ic->ic_path); + + if ((fd = open(ic->ic_path, O_RDWR, 0)) != -1) { +- if ((event_initialized(&ic->ic_event))) +- event_del(&ic->ic_event); +- if (ic->ic_fd != -1) +- close(ic->ic_fd); ++ nfsdclose_one(ic); + +- ic->ic_event.ev_fd = ic->ic_fd = fd; +- event_set(&ic->ic_event, ic->ic_fd, EV_READ, nfsdcb, ic); +- event_add(&ic->ic_event, NULL); ++ ic->ic_fd = fd; ++ ic->ic_event = event_new(evbase, ic->ic_fd, EV_READ | EV_PERSIST, nfsdcb, ic); ++ if (ic->ic_event == NULL) { ++ xlog_warn("nfsdreopen: Failed to create event for '%s'", ++ ic->ic_path); ++ close(ic->ic_fd); ++ ic->ic_fd = -1; ++ return; ++ } ++ event_add(ic->ic_event, NULL); + } else { + xlog_warn("nfsdreopen: Opening '%s' failed: errno %d (%s)", + ic->ic_path, errno, strerror(errno)); +@@ -784,6 +884,13 @@ nfsdopen(void) + nfsdopenone(&nfsd_ic[IC_IDNAME]) == 0) ? 0 : -1); + } + ++static void ++nfsdclose(void) ++{ ++ nfsdclose_one(&nfsd_ic[IC_NAMEID]); ++ nfsdclose_one(&nfsd_ic[IC_IDNAME]); ++} ++ + static int + nfsdopenone(struct idmap_client *ic) + { +@@ -795,10 +902,18 @@ nfsdopenone(struct idmap_client *ic) + return (-1); + } + +- event_set(&ic->ic_event, ic->ic_fd, EV_READ, nfsdcb, ic); +- event_add(&ic->ic_event, NULL); ++ ic->ic_event = event_new(evbase, ic->ic_fd, EV_READ | EV_PERSIST, nfsdcb, ic); ++ if (ic->ic_event == NULL) { ++ if (verbose > 0) ++ xlog_warn("nfsdopenone: Create event for %s failed", ++ ic->ic_path); ++ close(ic->ic_fd); ++ ic->ic_fd = -1; ++ return (-1); ++ } ++ event_add(ic->ic_event, NULL); + +- if (verbose > 0) ++ if (verbose > 2) + xlog_warn("Opened %s", ic->ic_path); + + return (0); +@@ -808,25 +923,35 @@ static int + nfsopen(struct idmap_client *ic) + { + if ((ic->ic_fd = open(ic->ic_path, O_RDWR, 0)) == -1) { +- switch (errno) { +- case ENOENT: +- fcntl(ic->ic_dirfd, F_SETSIG, SIGUSR2); +- fcntl(ic->ic_dirfd, F_NOTIFY, +- DN_CREATE | DN_DELETE | DN_MULTISHOT); +- break; +- default: +- xlog_warn("nfsopen: open(%s): %s", ic->ic_path, strerror(errno)); +- return (-1); ++ if (errno == ENOENT) { ++ char *slash; ++ ++ slash = strrchr(ic->ic_path, '/'); ++ if (!slash) ++ return -1; ++ *slash = 0; ++ inotify_add_watch(inotify_fd, ic->ic_path, IN_CREATE | IN_ONLYDIR | IN_ONESHOT); ++ *slash = '/'; ++ if (verbose > 2) ++ xlog_warn("Path %s not available. waiting...", ic->ic_path); ++ return -1; + } +- } else { +- event_set(&ic->ic_event, ic->ic_fd, EV_READ, nfscb, ic); +- event_add(&ic->ic_event, NULL); +- fcntl(ic->ic_dirfd, F_NOTIFY, 0); +- fcntl(ic->ic_dirfd, F_SETSIG, 0); +- if (verbose > 0) +- xlog_warn("Opened %s", ic->ic_path); ++ ++ xlog_warn("nfsopen: open(%s): %s", ic->ic_path, strerror(errno)); ++ return (-1); + } + ++ ic->ic_event = event_new(evbase, ic->ic_fd, EV_READ | EV_PERSIST, nfscb, ic); ++ if (ic->ic_event == NULL) { ++ xlog_warn("nfsopen: Create event for %s failed", ic->ic_path); ++ close(ic->ic_fd); ++ ic->ic_fd = -1; ++ return -1; ++ } ++ event_add(ic->ic_event, NULL); ++ if (verbose > 2) ++ xlog_warn("Opened %s", ic->ic_path); ++ + return (0); + } + +diff --git a/utils/mount/network.c b/utils/mount/network.c +index 6ac913d..d9c0b51 100644 +--- a/utils/mount/network.c ++++ b/utils/mount/network.c +@@ -1268,14 +1268,14 @@ nfs_nfs_program(struct mount_options *options, unsigned long *program) + int + nfs_nfs_version(char *type, struct mount_options *options, struct nfs_version *version) + { +- char *version_key, *version_val, *cptr; ++ char *version_key, *version_val = NULL, *cptr; + int i, found = 0; + + version->v_mode = V_DEFAULT; + + for (i = 0; nfs_version_opttbl[i]; i++) { + if (po_contains_prefix(options, nfs_version_opttbl[i], +- &version_key) == PO_FOUND) { ++ &version_key) == PO_FOUND) { + found++; + break; + } +diff --git a/utils/mount/stropts.c b/utils/mount/stropts.c +index 901f995..91a976b 100644 +--- a/utils/mount/stropts.c ++++ b/utils/mount/stropts.c +@@ -1094,9 +1094,7 @@ static int nfsmount_fg(struct nfsmount_info *mi) + if (nfs_try_mount(mi)) + return EX_SUCCESS; + +-#pragma GCC diagnostic ignored "-Wdiscarded-qualifiers" + if (errno == EBUSY && is_mountpoint(mi->node)) { +-#pragma GCC diagnostic warning "-Wdiscarded-qualifiers" + /* + * EBUSY can happen when mounting a filesystem that + * is already mounted or when the context= are +diff --git a/utils/mountd/cache.c b/utils/mountd/cache.c +index 6cba288..ea74067 100644 +--- a/utils/mountd/cache.c ++++ b/utils/mountd/cache.c +@@ -57,7 +57,7 @@ enum nfsd_fsid { + }; + + #undef is_mountpoint +-static int is_mountpoint(char *path) ++static int is_mountpoint(const char *path) + { + return check_is_mountpoint(path, nfsd_path_lstat); + } +diff --git a/utils/nfsdcld/cld-internal.h b/utils/nfsdcld/cld-internal.h +index cc283da..3576515 100644 +--- a/utils/nfsdcld/cld-internal.h ++++ b/utils/nfsdcld/cld-internal.h +@@ -26,7 +26,7 @@ + + struct cld_client { + int cl_fd; +- struct event cl_event; ++ struct event *cl_event; + union { + struct cld_msg cl_msg; + #if UPCALL_VERSION >= 2 +diff --git a/utils/nfsdcld/legacy.c b/utils/nfsdcld/legacy.c +index 3c6bea6..b89374c 100644 +--- a/utils/nfsdcld/legacy.c ++++ b/utils/nfsdcld/legacy.c +@@ -48,35 +48,28 @@ legacy_load_clients_from_recdir(int *num_records) + int fd; + DIR *v4recovery; + struct dirent *entry; +- char recdirname[PATH_MAX]; ++ char recdirname[PATH_MAX+1]; + char buf[NFS4_OPAQUE_LIMIT]; +- struct stat st; + char *nl; ++ ssize_t n; + + fd = open(NFSD_RECDIR_FILE, O_RDONLY); + if (fd < 0) { + xlog(D_GENERAL, "Unable to open %s: %m", NFSD_RECDIR_FILE); + return; + } +- if (read(fd, recdirname, PATH_MAX) < 0) { ++ n = read(fd, recdirname, PATH_MAX); ++ close(fd); ++ if (n < 0) { + xlog(D_GENERAL, "Unable to read from %s: %m", NFSD_RECDIR_FILE); + return; + } +- close(fd); + /* the output from the proc file isn't null-terminated */ ++ recdirname[PATH_MAX] = '\0'; + nl = strchr(recdirname, '\n'); + if (!nl) + return; + *nl = '\0'; +- if (stat(recdirname, &st) < 0) { +- xlog(D_GENERAL, "Unable to stat %s: %d", recdirname, errno); +- return; +- } +- if (!S_ISDIR(st.st_mode)) { +- xlog(D_GENERAL, "%s is not a directory: mode=0%o", recdirname +- , st.st_mode); +- return; +- } + v4recovery = opendir(recdirname); + if (!v4recovery) + return; +@@ -123,35 +116,28 @@ legacy_clear_recdir(void) + int fd; + DIR *v4recovery; + struct dirent *entry; +- char recdirname[PATH_MAX]; ++ char recdirname[PATH_MAX+1]; + char dirname[PATH_MAX]; +- struct stat st; + char *nl; ++ ssize_t n; + + fd = open(NFSD_RECDIR_FILE, O_RDONLY); + if (fd < 0) { + xlog(D_GENERAL, "Unable to open %s: %m", NFSD_RECDIR_FILE); + return; + } +- if (read(fd, recdirname, PATH_MAX) < 0) { ++ n = read(fd, recdirname, PATH_MAX); ++ close(fd); ++ if (n < 0) { + xlog(D_GENERAL, "Unable to read from %s: %m", NFSD_RECDIR_FILE); + return; + } +- close(fd); + /* the output from the proc file isn't null-terminated */ ++ recdirname[PATH_MAX] = '\0'; + nl = strchr(recdirname, '\n'); + if (!nl) + return; + *nl = '\0'; +- if (stat(recdirname, &st) < 0) { +- xlog(D_GENERAL, "Unable to stat %s: %d", recdirname, errno); +- return; +- } +- if (!S_ISDIR(st.st_mode)) { +- xlog(D_GENERAL, "%s is not a directory: mode=0%o", recdirname +- , st.st_mode); +- return; +- } + v4recovery = opendir(recdirname); + if (!v4recovery) + return; +diff --git a/utils/nfsdcld/nfsdcld.c b/utils/nfsdcld/nfsdcld.c +index be65562..636c398 100644 +--- a/utils/nfsdcld/nfsdcld.c ++++ b/utils/nfsdcld/nfsdcld.c +@@ -24,9 +24,10 @@ + #endif /* HAVE_CONFIG_H */ + + #include +-#include ++#include + #include + #include ++#include + #include + #include + #include +@@ -66,8 +67,10 @@ + static char pipefs_dir[PATH_MAX] = DEFAULT_PIPEFS_DIR; + static char pipepath[PATH_MAX]; + static int inotify_fd = -1; +-static struct event pipedir_event; ++static struct event *pipedir_event; ++static struct event_base *evbase; + static bool old_kernel = false; ++static bool signal_received = false; + + uint64_t current_epoch; + uint64_t recovery_epoch; +@@ -88,6 +91,19 @@ static struct option longopts[] = + /* forward declarations */ + static void cldcb(int UNUSED(fd), short which, void *data); + ++static void ++sig_die(int signal) ++{ ++ if (signal_received) { ++ xlog(D_GENERAL, "forced exiting on signal %d\n", signal); ++ exit(0); ++ } ++ ++ signal_received = true; ++ xlog(D_GENERAL, "exiting on signal %d\n", signal); ++ event_base_loopexit(evbase, NULL); ++} ++ + static void + usage(char *progname) + { +@@ -141,6 +157,7 @@ static int + cld_pipe_open(struct cld_client *clnt) + { + int fd; ++ struct event *ev; + + xlog(D_GENERAL, "%s: opening upcall pipe %s", __func__, pipepath); + fd = open(pipepath, O_RDWR, 0); +@@ -149,13 +166,22 @@ cld_pipe_open(struct cld_client *clnt) + return -errno; + } + +- if (event_initialized(&clnt->cl_event)) +- event_del(&clnt->cl_event); ++ ev = event_new(evbase, fd, EV_READ, cldcb, clnt); ++ if (ev == NULL) { ++ xlog(D_GENERAL, "%s: failed to create event for %s", __func__, pipepath); ++ close(fd); ++ return -ENOMEM; ++ } ++ ++ if (clnt->cl_event && event_initialized(clnt->cl_event)) { ++ event_del(clnt->cl_event); ++ event_free(clnt->cl_event); ++ } + if (clnt->cl_fd >= 0) + close(clnt->cl_fd); + + clnt->cl_fd = fd; +- event_set(&clnt->cl_event, clnt->cl_fd, EV_READ, cldcb, clnt); ++ clnt->cl_event = ev; + /* event_add is done by the caller */ + return 0; + } +@@ -208,7 +234,7 @@ cld_inotify_cb(int UNUSED(fd), short which, void *data) + switch (ret) { + case 0: + /* readd the event for the cl_event pipe */ +- event_add(&clnt->cl_event, NULL); ++ event_add(clnt->cl_event, NULL); + break; + case -ENOENT: + /* pipe must have disappeared, wait for it to come back */ +@@ -221,7 +247,7 @@ cld_inotify_cb(int UNUSED(fd), short which, void *data) + } + + out: +- event_add(&pipedir_event, NULL); ++ event_add(pipedir_event, NULL); + free(dirc); + } + +@@ -252,11 +278,12 @@ cld_inotify_setup(void) + xlog_err("%s: inotify_add_watch failed: %m", __func__); + ret = -errno; + goto out_err; +- } ++ } else ++ ret = 0; + + out_free: + free(dirc); +- return 0; ++ return ret; + out_err: + close(inotify_fd); + goto out_free; +@@ -286,7 +313,7 @@ cld_pipe_init(struct cld_client *clnt) + switch (ret) { + case 0: + /* add the event and we're good to go */ +- event_add(&clnt->cl_event, NULL); ++ event_add(clnt->cl_event, NULL); + break; + case -ENOENT: + /* ignore this error -- cld_inotify_cb will handle it */ +@@ -299,8 +326,12 @@ cld_pipe_init(struct cld_client *clnt) + } + + /* set event for inotify read */ +- event_set(&pipedir_event, inotify_fd, EV_READ, cld_inotify_cb, clnt); +- event_add(&pipedir_event, NULL); ++ pipedir_event = event_new(evbase, inotify_fd, EV_READ, cld_inotify_cb, clnt); ++ if (pipedir_event == NULL) { ++ close(inotify_fd); ++ return -ENOMEM; ++ } ++ event_add(pipedir_event, NULL); + out: + return ret; + } +@@ -331,6 +362,7 @@ cld_check_grace_period(void) + if (read(fd, &c, 1) < 0) { + xlog(L_WARNING, "Unable to read from %s: %m", + NFSD_END_GRACE_FILE); ++ close(fd); + return 1; + } + close(fd); +@@ -737,7 +769,7 @@ cldcb(int UNUSED(fd), short which, void *data) + cld_not_implemented(clnt); + } + out: +- event_add(&clnt->cl_event, NULL); ++ event_add(clnt->cl_event, NULL); + } + + int +@@ -762,7 +794,11 @@ main(int argc, char **argv) + return 1; + } + +- event_init(); ++ evbase = event_base_new(); ++ if (evbase == NULL) { ++ fprintf(stderr, "%s: unable to allocate event base.\n", argv[0]); ++ return 1; ++ } + xlog_syslog(0); + xlog_stderr(1); + +@@ -795,6 +831,7 @@ main(int argc, char **argv) + break; + default: + usage(progname); ++ free(progname); + return 0; + } + } +@@ -859,14 +896,27 @@ main(int argc, char **argv) + if (rc) + goto out; + ++ signal(SIGINT, sig_die); ++ signal(SIGTERM, sig_die); ++ + xlog(D_GENERAL, "%s: Starting event dispatch handler.", __func__); +- rc = event_dispatch(); ++ rc = event_base_dispatch(evbase); + if (rc < 0) + xlog(L_ERROR, "%s: event_dispatch failed: %m", __func__); + +- close(clnt.cl_fd); +- close(inotify_fd); + out: ++ if (clnt.cl_event) ++ event_free(clnt.cl_event); ++ if (clnt.cl_fd != -1) ++ close(clnt.cl_fd); ++ if (pipedir_event) ++ event_free(pipedir_event); ++ if (inotify_fd != -1) ++ close(inotify_fd); ++ ++ event_base_free(evbase); ++ sqlite_shutdown(); ++ + free(progname); + return rc; + } +diff --git a/utils/nfsdcld/sqlite.c b/utils/nfsdcld/sqlite.c +index 6666c86..03016fb 100644 +--- a/utils/nfsdcld/sqlite.c ++++ b/utils/nfsdcld/sqlite.c +@@ -48,7 +48,6 @@ + + #include + #include +-#include + #include + #include + #include +@@ -380,7 +379,7 @@ sqlite_maindb_init_v4(void) + &err); + if (ret != SQLITE_OK) { + xlog(L_ERROR, "Unable to begin transaction: %s", err); +- return ret; ++ goto out; + } + + /* +@@ -831,7 +830,6 @@ sqlite_prepare_dbh(const char *topdir) + switch (ret) { + case CLD_SQLITE_LATEST_SCHEMA_VERSION: + /* DB is already set up. Do nothing */ +- ret = 0; + break; + case 3: + /* Old DB -- update to new schema */ +@@ -868,6 +866,8 @@ sqlite_prepare_dbh(const char *topdir) + } + + ret = sqlite_startup_query_grace(); ++ if (ret) ++ goto out_close; + + ret = sqlite_query_first_time(&first_time); + if (ret) +@@ -1330,20 +1330,26 @@ sqlite_iterate_recovery(int (*cb)(struct cld_client *clnt), struct cld_client *c + } + + while ((ret = sqlite3_step(stmt)) == SQLITE_ROW) { ++ const void *id; ++ int id_len; ++ ++ id = sqlite3_column_blob(stmt, 0); ++ id_len = sqlite3_column_bytes(stmt, 0); ++ if (id_len > NFS4_OPAQUE_LIMIT) ++ id_len = NFS4_OPAQUE_LIMIT; ++ + memset(&cmsg->cm_u, 0, sizeof(cmsg->cm_u)); + #if UPCALL_VERSION >= 2 +- memcpy(&cmsg->cm_u.cm_clntinfo.cc_name.cn_id, +- sqlite3_column_blob(stmt, 0), NFS4_OPAQUE_LIMIT); +- cmsg->cm_u.cm_clntinfo.cc_name.cn_len = sqlite3_column_bytes(stmt, 0); ++ memcpy(&cmsg->cm_u.cm_clntinfo.cc_name.cn_id, id, id_len); ++ cmsg->cm_u.cm_clntinfo.cc_name.cn_len = id_len; + if (sqlite3_column_bytes(stmt, 1) > 0) { + memcpy(&cmsg->cm_u.cm_clntinfo.cc_princhash.cp_data, + sqlite3_column_blob(stmt, 1), SHA256_DIGEST_SIZE); + cmsg->cm_u.cm_clntinfo.cc_princhash.cp_len = sqlite3_column_bytes(stmt, 1); + } + #else +- memcpy(&cmsg->cm_u.cm_name.cn_id, sqlite3_column_blob(stmt, 0), +- NFS4_OPAQUE_LIMIT); +- cmsg->cm_u.cm_name.cn_len = sqlite3_column_bytes(stmt, 0); ++ memcpy(&cmsg->cm_u.cm_name.cn_id, id, id_len); ++ cmsg->cm_u.cm_name.cn_len = id_len; + #endif + cb(clnt); + } +@@ -1404,3 +1410,18 @@ sqlite_first_time_done(void) + sqlite3_free(err); + return ret; + } ++ ++/* ++ * Closes all sqlite3 resources and shuts down the library. ++ * ++ */ ++void ++sqlite_shutdown(void) ++{ ++ if (dbh != NULL) { ++ sqlite3_close(dbh); ++ dbh = NULL; ++ } ++ ++ sqlite3_shutdown(); ++} +diff --git a/utils/nfsdcld/sqlite.h b/utils/nfsdcld/sqlite.h +index 0a26ad6..044236c 100644 +--- a/utils/nfsdcld/sqlite.h ++++ b/utils/nfsdcld/sqlite.h +@@ -34,4 +34,5 @@ int sqlite_iterate_recovery(int (*cb)(struct cld_client *clnt), struct cld_clien + int sqlite_delete_cltrack_records(void); + int sqlite_first_time_done(void); + ++void sqlite_shutdown(void); + #endif /* _SQLITE_H */ +diff --git a/utils/nfsdcltrack/sqlite.c b/utils/nfsdcltrack/sqlite.c +index 2801201..f79aebb 100644 +--- a/utils/nfsdcltrack/sqlite.c ++++ b/utils/nfsdcltrack/sqlite.c +@@ -40,7 +40,7 @@ + + #include + #include +-#include ++#include + #include + #include + #include diff --git a/nfs-utils.spec b/nfs-utils.spec new file mode 100644 index 0000000..622a731 --- /dev/null +++ b/nfs-utils.spec @@ -0,0 +1,2117 @@ +Summary: NFS utilities and supporting clients and daemons for the kernel NFS server +Name: nfs-utils +URL: http://linux-nfs.org/ +Version: 2.5.1 +Release: 5.rc4%{?dist} +Epoch: 1 + +# group all 32bit related archs +%global all_32bit_archs i386 i486 i586 i686 athlon ppc sparcv9 + +Source0: https://www.kernel.org/pub/linux/utils/nfs-utils/%{version}/%{name}-%{version}.tar.xz +Source1: id_resolver.conf +Source2: lockd.conf +Source3: 24-nfs-server.conf +Source4: nfsconvert.py +Source5: nfsconvert.sh +Source6: nfs-convert.service + +Patch001: nfs-utils-2.5.2-rc4.patch +Patch002: nfs-utils-2.5.1-rpcidmap-dontfreeconfig.patch +Patch003: nfs-utils-2.5.1-nfsiostat-KeyError.patch + +Patch100: nfs-utils-1.2.1-statdpath-man.patch +Patch101: nfs-utils-1.2.1-exp-subtree-warn-off.patch +Patch102: nfs-utils-1.2.5-idmap-errmsg.patch +Patch103: nfs-utils-2.3.1-systemd-gssproxy-restart.patch +Patch104: nfs-utils-2.3.3-man-tcpwrappers.patch +Patch105: nfs-utils-2.3.3-nfsconf-usegssproxy.patch +Patch106: nfs-utils-2.4.2-systemd-svcgssd.patch + +Provides: exportfs = %{epoch}:%{version}-%{release} +Provides: nfsstat = %{epoch}:%{version}-%{release} +Provides: showmount = %{epoch}:%{version}-%{release} +Provides: rpcdebug = %{epoch}:%{version}-%{release} +Provides: rpc.idmapd = %{epoch}:%{version}-%{release} +Provides: rpc.mountd = %{epoch}:%{version}-%{release} +Provides: rpc.nfsd = %{epoch}:%{version}-%{release} +Provides: rpc.statd = %{epoch}:%{version}-%{release} +Provides: rpc.gssd = %{epoch}:%{version}-%{release} +Provides: mount.nfs = %{epoch}:%{version}-%{release} +Provides: mount.nfs4 = %{epoch}:%{version}-%{release} +Provides: umount.nfs = %{epoch}:%{version}-%{release} +Provides: umount.nfs4 = %{epoch}:%{version}-%{release} +Provides: sm-notify = %{epoch}:%{version}-%{release} +Provides: start-statd = %{epoch}:%{version}-%{release} + +License: MIT and GPLv2 and GPLv2+ and BSD +BuildRequires: libevent-devel libcap-devel libuuid-devel +BuildRequires: libtirpc-devel libblkid-devel +BuildRequires: krb5-libs >= 1.4 autoconf >= 2.57 openldap-devel >= 2.2 +BuildRequires: automake, libtool, gcc, device-mapper-devel +BuildRequires: krb5-devel, libmount-devel, libxml2-devel +BuildRequires: sqlite-devel +BuildRequires: python3-devel +BuildRequires: systemd +BuildRequires: rpcgen +Requires(pre): shadow-utils >= 4.0.3-25 +Requires(pre): util-linux +Requires(pre): coreutils +Requires(preun): coreutils +Requires: libnfsidmap libevent +Requires: libtirpc >= 0.2.3-1 libblkid libcap libmount +Requires: gssproxy => 0.7.0-3 +Requires: rpcbind, sed, gawk, grep +Requires: kmod, keyutils, quota +%{?systemd_requires} + +%package -n nfs-utils-coreos +Summary: Minimal NFS utilities for supporting clients +Provides: nfsstat = %{epoch}:%{version}-%{release} +Provides: rpc.statd = %{epoch}:%{version}-%{release} +Provides: rpc.gssd = %{epoch}:%{version}-%{release} +Provides: mount.nfs = %{epoch}:%{version}-%{release} +Provides: mount.nfs4 = %{epoch}:%{version}-%{release} +Provides: umount.nfs = %{epoch}:%{version}-%{release} +Provides: umount.nfs4 = %{epoch}:%{version}-%{release} +Provides: start-statd = %{epoch}:%{version}-%{release} +Provides: nfsidmap = %{epoch}:%{version}-%{release} +Provides: showmount = %{epoch}:%{version}-%{release} +Requires: rpcbind +%{?systemd_requires} + +%description -n nfs-utils-coreos +Minimal NFS utilities for supporting clients + +%package -n libnfsidmap +Summary: NFSv4 User and Group ID Mapping Library +Provides: libnfsidmap%{?_isa} = %{epoch}:%{version}-%{release} +License: BSD +BuildRequires: pkgconfig, openldap-devel +BuildRequires: automake, libtool +Requires: openldap + +%description -n libnfsidmap +Library that handles mapping between names and ids for NFSv4. + +%package -n libnfsidmap-devel +Summary: Development files for the libnfsidmap library +Requires: libnfsidmap%{?_isa} = %{epoch}:%{version}-%{release} +Requires: pkgconfig + +%description -n libnfsidmap-devel +This package includes header files and libraries necessary for +developing programs which use the libnfsidmap library. + + +%description +The nfs-utils package provides a daemon for the kernel NFS server and +related tools, which provides a much higher level of performance than the +traditional Linux NFS server used by most users. + +This package also contains the showmount program. Showmount queries the +mount daemon on a remote host for information about the NFS (Network File +System) server on the remote host. For example, showmount can display the +clients which are mounted on that host. + +This package also contains the mount.nfs and umount.nfs program. + +%prep +%autosetup -p1 + +# Remove .orig files +find . -name "*.orig" | xargs rm -f + +# Change shebangs +find -name \*.py -exec sed -r -i '1s|^#!\s*/usr/bin.*python.*|#!%{__python3}|' {} \; + +%build +sh -x autogen.sh +%global _statdpath /var/lib/nfs/statd +%configure \ + CFLAGS="%{build_cflags} -D_FILE_OFFSET_BITS=64" \ + LDFLAGS="%{build_ldflags}" \ + --enable-mountconfig \ + --enable-ipv6 \ + --with-statdpath=%{_statdpath} \ + --enable-libmount-mount \ + --with-systemd \ + --without-tcp-wrappers \ + --with-pluginpath=%{_libdir}/libnfsidmap \ + --enable-junction + +%make_build all + +%install +%global _pkgdir %{_prefix}/lib/systemd + +rm -rf $RPM_BUILD_ROOT/* + +mkdir -p $RPM_BUILD_ROOT/sbin +mkdir -p $RPM_BUILD_ROOT%{_sbindir} +mkdir -p $RPM_BUILD_ROOT%{_libexecdir}/nfs-utils/ +mkdir -p $RPM_BUILD_ROOT%{_pkgdir}/system +mkdir -p $RPM_BUILD_ROOT%{_pkgdir}/system-generators +mkdir -p ${RPM_BUILD_ROOT}%{_mandir}/man8 +mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/request-key.d +mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/modprobe.d/ +mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/gssproxy + +%make_install + +install -s -m 755 tools/rpcdebug/rpcdebug $RPM_BUILD_ROOT%{_sbindir} +install -m 644 utils/mount/nfsmount.conf $RPM_BUILD_ROOT%{_sysconfdir} +install -m 644 nfs.conf $RPM_BUILD_ROOT%{_sysconfdir} +install -m 644 support/nfsidmap/idmapd.conf $RPM_BUILD_ROOT%{_sysconfdir} +install -m 644 %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/request-key.d + +mkdir -p $RPM_BUILD_ROOT/run/sysconfig +install -m 644 %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/modprobe.d/lockd.conf +install -m 644 %{SOURCE3} $RPM_BUILD_ROOT%{_sysconfdir}/gssproxy +install -m 755 %{SOURCE4} $RPM_BUILD_ROOT%{_sbindir}/nfsconvert +install -m 755 %{SOURCE5} $RPM_BUILD_ROOT/%{_libexecdir}/nfs-utils/nfsconvert.sh +install -m 644 %{SOURCE6} $RPM_BUILD_ROOT%{_pkgdir}/system + +rm -rf $RPM_BUILD_ROOT%{_libdir}/*.{a,la} +rm -rf $RPM_BUILD_ROOT%{_libdir}/libnfsidmap/*.{a,la} + +mkdir -p $RPM_BUILD_ROOT%{_sharedstatedir}/nfs/rpc_pipefs + +touch $RPM_BUILD_ROOT%{_sharedstatedir}/nfs/rmtab +mv $RPM_BUILD_ROOT%{_sbindir}/rpc.statd $RPM_BUILD_ROOT/sbin + +mkdir -p $RPM_BUILD_ROOT%{_sharedstatedir}/nfs/statd/sm +mkdir -p $RPM_BUILD_ROOT%{_sharedstatedir}/nfs/statd/sm.bak +mkdir -p $RPM_BUILD_ROOT%{_sharedstatedir}/nfs/v4recovery +mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/exports.d + + +%pre +# move files so the running service will have this applied as well +for x in gssd idmapd ; do + if [ -f /var/lock/subsys/rpc.$x ]; then + mv /var/lock/subsys/rpc.$x /var/lock/subsys/rpc$x + fi +done + +%global rpcuser_uid 29 +# Create rpcuser gid as long as it does not already exist +cat /etc/group | cut -d':' -f 1 | grep --quiet rpcuser 2>/dev/null +if [ "$?" -eq 1 ]; then + /usr/sbin/groupadd -g %{rpcuser_uid} rpcuser >/dev/null 2>&1 || : +fi + +# Create rpcuser uid as long as it does not already exist. +cat /etc/passwd | cut -d':' -f 1 | grep --quiet rpcuser 2>/dev/null +if [ "$?" -eq 1 ]; then + /usr/sbin/useradd -l -c "RPC Service User" -r -g %{rpcuser_uid} \ + -s /sbin/nologin -u %{rpcuser_uid} -d /var/lib/nfs rpcuser >/dev/null 2>&1 || : +else + /usr/sbin/usermod -u %{rpcuser_uid} -g %{rpcuser_uid} rpcuser >/dev/null 2>&1 || : +fi + +# Using the 16-bit value of -2 for the nfsnobody uid and gid +%global nfsnobody_uid 65534 + +# Nowadays 'nobody/65534' user/group are included in setup rpm. But on +# systems installed previously, nobody/99 might be present, with user +# 65534 missing. Let's create nfsnobody/65534 in that case. + +# Create nfsnobody gid as long as it does not already exist +cat /etc/group | cut -d':' -f 3 | grep --quiet %{nfsnobody_uid} 2>/dev/null +if [ "$?" -eq 1 ]; then + /usr/sbin/groupadd -g %{nfsnobody_uid} nfsnobody >/dev/null 2>&1 || : +fi + +# Create nfsnobody uid as long as it does not already exist. +cat /etc/passwd | cut -d':' -f 3 | grep --quiet %{nfsnobody_uid} 2>/dev/null +if [ $? -eq 1 ]; then + /usr/sbin/useradd -l -c "Anonymous NFS User" -r -g %{nfsnobody_uid} \ + -s /sbin/nologin -u %{nfsnobody_uid} -d /var/lib/nfs nfsnobody >/dev/null 2>&1 || : +fi + +%post +if [ $1 -eq 1 ] ; then + # Initial installation + /bin/systemctl enable nfs-client.target >/dev/null 2>&1 || : + /bin/systemctl start nfs-client.target >/dev/null 2>&1 || : +fi + +# Enable nfs-convert so if an old configuration +# exists a conversion will occur +/bin/systemctl enable nfs-convert >/dev/null 2>&1 || : + +%systemd_post nfs-server + +%preun +if [ $1 -eq 0 ]; then + %systemd_preun nfs-client.target + %systemd_preun nfs-server.service + + rm -rf /var/lib/nfs/statd + rm -rf /var/lib/nfs/v4recovery +fi + +%postun +%systemd_postun_with_restart nfs-client.target +%systemd_postun_with_restart nfs-server + +/bin/systemctl --system daemon-reload >/dev/null 2>&1 || : + +%triggerin -- nfs-utils > 1:2.1.1-3 +/bin/systemctl try-restart gssproxy || : + +%files +%config(noreplace) /etc/nfsmount.conf +%dir %{_sysconfdir}/exports.d +%dir %{_sharedstatedir}/nfs/v4recovery +%dir %attr(555, root, root) %{_sharedstatedir}/nfs/rpc_pipefs +%dir %{_sharedstatedir}/nfs +%dir %{_libexecdir}/nfs-utils +%dir %attr(700,rpcuser,rpcuser) %{_sharedstatedir}/nfs/statd +%dir %attr(700,rpcuser,rpcuser) %{_sharedstatedir}/nfs/statd/sm +%dir %attr(700,rpcuser,rpcuser) %{_sharedstatedir}/nfs/statd/sm.bak +%ghost %attr(644,rpcuser,rpcuser) %{_statdpath}/state +%config(noreplace) %{_sharedstatedir}/nfs/etab +%config(noreplace) %{_sharedstatedir}/nfs/rmtab +%config(noreplace) %{_sysconfdir}/request-key.d/id_resolver.conf +%config(noreplace) %{_sysconfdir}/modprobe.d/lockd.conf +%config(noreplace) %{_sysconfdir}/nfs.conf +%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/gssproxy/24-nfs-server.conf +%doc linux-nfs/ChangeLog linux-nfs/KNOWNBUGS linux-nfs/NEW linux-nfs/README +%doc linux-nfs/THANKS linux-nfs/TODO +/sbin/rpc.statd +/sbin/nfsdcltrack +%{_sbindir}/exportfs +%{_sbindir}/nfsstat +%{_sbindir}/rpcdebug +%{_sbindir}/rpc.mountd +%{_sbindir}/rpc.nfsd +%{_sbindir}/showmount +%{_sbindir}/rpc.idmapd +%{_sbindir}/rpc.gssd +%{_sbindir}/sm-notify +%{_sbindir}/start-statd +%{_sbindir}/mountstats +%{_sbindir}/nfsiostat +%{_sbindir}/nfsidmap +%{_sbindir}/blkmapd +%{_sbindir}/nfsconf +%{_sbindir}/nfsref +%{_sbindir}/nfsconvert +%{_sbindir}/nfsdcld +%{_sbindir}/nfsdclddb +%{_sbindir}/nfsdclnts +%{_mandir}/*/* +%{_pkgdir}/*/* + +%attr(4755,root,root) /sbin/mount.nfs +%attr(755,root,root) %{_libexecdir}/nfs-utils/nfsconvert.sh + +/sbin/mount.nfs4 +/sbin/umount.nfs +/sbin/umount.nfs4 + +%files -n libnfsidmap +%doc support/nfsidmap/AUTHORS support/nfsidmap/README support/nfsidmap/COPYING +%config(noreplace) %{_sysconfdir}/idmapd.conf +%{_libdir}/libnfsidmap.so.* +%{_libdir}/libnfsidmap/*.so +%{_mandir}/man3/nfs4_uid_to_name.* + +%files -n libnfsidmap-devel +%{_libdir}/pkgconfig/libnfsidmap.pc +%{_includedir}/nfsidmap.h +%{_includedir}/nfsidmap_plugin.h +%{_libdir}/libnfsidmap.so + +%files -n nfs-utils-coreos +%dir %attr(555, root, root) %{_sharedstatedir}/nfs/rpc_pipefs +%dir %attr(700,rpcuser,rpcuser) %{_sharedstatedir}/nfs/statd +%dir %attr(700,rpcuser,rpcuser) %{_sharedstatedir}/nfs/statd/sm +%dir %attr(700,rpcuser,rpcuser) %{_sharedstatedir}/nfs/statd/sm.bak +%ghost %attr(644,rpcuser,rpcuser) %{_statdpath}/state +%config(noreplace) %{_sysconfdir}/nfsmount.conf +%config(noreplace) %{_sysconfdir}/nfs.conf +%config(noreplace) %{_sysconfdir}/request-key.d/id_resolver.conf +%{_sbindir}/nfsidmap +%{_sbindir}/nfsstat +%{_sbindir}/rpc.gssd +%{_sbindir}/start-statd +%{_sbindir}/showmount +%attr(4755,root,root) /sbin/mount.nfs +/sbin/mount.nfs4 +/sbin/rpc.statd +/sbin/umount.nfs +/sbin/umount.nfs4 +%{_mandir}/*/nfs.5.gz +%{_mandir}/*/nfs.conf.5.gz +%{_mandir}/*/nfsmount.conf.5.gz +%{_mandir}/*/nfs.systemd.7.gz +%{_mandir}/*/gssd.8.gz +%{_mandir}/*/mount.nfs.8.gz +%{_mandir}/*/nfsconf.8.gz +%{_mandir}/*/nfsidmap.8.gz +%{_mandir}/*/nfsstat.8.gz +%{_mandir}/*/rpc.gssd.8.gz +%{_mandir}/*/rpc.statd.8.gz +%{_mandir}/*/showmount.8.gz +%{_mandir}/*/statd.8.gz +%{_mandir}/*/umount.nfs.8.gz +%{_pkgdir}/*/rpc-pipefs-generator +%{_pkgdir}/*/auth-rpcgss-module.service +%{_pkgdir}/*/nfs-client.target +%{_pkgdir}/*/rpc-gssd.service +%{_pkgdir}/*/rpc-statd.service +%{_pkgdir}/*/rpc_pipefs.target +%{_pkgdir}/*/var-lib-nfs-rpc_pipefs.mount + +%changelog +* Tue Sep 15 2020 Steve Dickson 2.5.2-5.rc4 +- Rebuild for the soname change on libevent + +* Tue Sep 08 2020 Steve Dickson 2.5.2-4.rc4 +- rpc.idmapd: Do not free config variables (bz 1873965) +- nfsiostat: Drop autofs entries before calling compare_iostats() + +* Mon Aug 31 2020 Steve Dickson 2.5.2-3.rc4 +- Fixed rpc.gssd: munmap_chunk(): invalid pointer + +* Mon Aug 31 2020 Steve Dickson 2.5.2-2.rc4 +- Updated to the latest RC release: nfs-utils-2-5-2-rc4 + +* Fri Aug 07 2020 Steve Dickson 2.5.2-2.rc3 +- rpc.idmapd: Turn down the verbosity in flush_inotify() (bz 1867172) +- Don't modify /etc/group on upgrades (bz 1856890) + +* Tue Aug 04 2020 Steve Dickson 2.5.1-1.rc3 +- Updated to the latest RC release: nfs-utils-2-5-2-rc3 (bz 1856958) + +* Tue Jul 28 2020 Fedora Release Engineering - 1:2.5.1-1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Mon Jul 13 2020 Steve Dickson 2.5.1-0 +- Updated to latest upstream release: nfs-utils-2-5-1 + +* Tue Apr 07 2020 Steve Dickson 2.4.3-1.rc2 +- Updated to the latest RC release: nfs-utils-2-4-4-rc2 (bz 1807999) + +* Tue Mar 03 2020 Steve Dickson 2.4.3-1.rc1 +- Updated to the latest RC release: nfs-utils-2-4-4-rc1 (bz 1807999) + +* Mon Feb 10 2020 Steve Dickson 2.4.3-0 +- Updated to latest upstream release: nfs-utils-2-4-3 (bz 1787831) +- Fix error in preuninstall scriptlet (bz 1785816) +- Fix update conflicts (bz 1724305) + +* Wed Jan 29 2020 Fedora Release Engineering - 1:2.4.2-3.rc3.1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild + +* Thu Dec 19 2019 Steve Dickson 2.4.2-3.rc3 +- Updated to the latest upstream RC release: nfs-utils-2-4-3-rc3 (bz 1782349) +- Remove rpc-svcgssd from auth-rpcgss-module (bz 1662737) +- libnfsidmap: Turn off default verbosity (bz 1774787) + +* Fri Nov 22 2019 Steve Dickson 2.4.2-2.rc2 +- mount: Fix return 0 from void function + +* Fri Nov 22 2019 Steve Dickson 2.4.2-1.rc2 +- Updated to the latest upstream RC release: nfs-utils-2-4-3-rc2 (bz 1772987) + +* Wed Nov 13 2019 Steve Dickson 2.4.2-0 +- Updated to the latest upstream release: 2.4.2 (bz 1772987) + +* Tue Nov 05 2019 Christian Glombek 2.4.1-1.rc1 +- Added missing Requires and statd dirs to nfs-utils-coreos package (bz 1768897) + +* Thu Aug 29 2019 Steve Dickson 2.4.1-1.rc1 +- Updated to the latest upstream RC release: nfs-utils-2-4-2-rc1 + +* Thu Jul 25 2019 Fedora Release Engineering - 1:2.4.1-1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild + +* Mon Jun 24 2019 Steve Dickson 2.4.1-0 +- Updated to the latest upstream release: 2.4.1 (bz 1719016) + +* Tue May 28 2019 Steve Dickson 2.3.4-2 +- rpc.mountd: Fix mountd segfault (bz 1713937) + +* Thu May 23 2019 Steve Dickson 2.3.4-1 +- mount: Report correct error in the fall_back cases (bz 1709961) +- sqlite.c: Use PRIx64 macro to print 64-bit integers +- rpc.mountd: Fix e_hostname and e_uuid leaks (bz 1713360) + +* Fri May 10 2019 Steve Dickson 2.3.4-0 +- Updated to the latest upstream release: 2.3.4 (bz 1708690) + +* Wed Feb 20 2019 Steve Dickson 2.3.3-7.rc2 +- Added nfs-utils-coreos package (bz 1667889) + +* Tue Feb 12 2019 Steve Dickson 2.3.3-6.rc2 +- Always have the nfs-convert service enabled (bz 1668836) + +* Mon Feb 11 2019 Steve Dickson 2.3.3-5.rc2 +- Do not install /etc/sysconfig/nfs (bz 1668836) +- Change nfsconvert.sh not to set the immutable bit (bz 1668836) +- Change nfsconvert.py not to create the new dummy /etc/sysconfig/nfs (bz 1668836) + +* Fri Feb 01 2019 Fedora Release Engineering - 1:2.3.3-4.rc2.1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild + +* Wed Jan 30 2019 Steve Dickson 2.3.3-4.rc2 +- Make sysconfig/nfs mutable when the package is removed +- Removed new error=format-overflow=2 errors + +* Tue Dec 11 2018 Steve Dickson 2.3.3-3.rc2 +- Updated to latest RC release: nfs-utils-2-3-4-rc2 +- Addeding libxml2-devel dependency +- Make sure /etc/sysconfig/nfs is immutable +- Added Requires: e2fsprogs (bz 1647727) +- nfsref: switch the way libraries are linked + +* Fri Nov 9 2018 Steve Dickson 2.3.3-3.rc1 +- Fix typo in the spec file. + +* Mon Nov 5 2018 Steve Dickson 2.3.3-2.rc1 +- Deprecated /etc/sysconfig/nfs (bz 1644049) +- Remove nfs server legacy systemd unit files + +* Sat Oct 27 2018 Steve Dickson 2.3.3-1.rc1 +- Changed /var/lib/nfs/rpc_pipefs to have 555 permissions +- Removed tcp wrappers support from man pages +- Reload not restart gssproxy in nfs-server.service + +* Sat Oct 27 2018 Steve Dickson 2.3.3-0.rc1 +- Updated to latest uupstream RC release: nfs-utils-2-3-4-rc1 + +* Thu Sep 6 2018 Steve Dickson 2.3.3-0 +- Updated to latest upstream release: nfs-utils-2-3-3 + +* Wed Jul 18 2018 Steve Dickson 2.3.2-1.rc3 +- Update to latest RC release: nfs-utils-2-3-3-rc3 (bz 1595927) + +* Fri Jul 13 2018 Fedora Release Engineering - 1:2.3.2-1.rc2.2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild + +* Mon Jul 02 2018 Miro Hrončok - 1:2.3.2-1.rc2.1 +- Rebuilt for Python 3.7 + +* Wed Jun 27 2018 Steve Dickson 2.3.2-1-rc2 +- Revert: gssd.c: Remomved a couple of warning errors + +* Mon Jun 25 2018 Steve Dickson 2.3.2-0-rc2 +- Update to latest RC release: nfs-utils-2-3-3-rc2 + +* Tue Jun 19 2018 Miro Hronok - 1:2.3.2-0.rc1.1 +- Rebuilt for Python 3.7 + +* Thu Jun 7 2018 Steve Dickson 2.3.2-0-rc1 +- Update to latest RC release: nfs-utils-2-3-3-rc1 + +* Thu May 24 2018 Steve Dickson 2.3.2-0 +- Updated to latest upstream release: 2.3.2 (bz 1582341) + +* Tue May 15 2018 Zbigniew Jedrzejewski-Szmek 2.3.1-9.rc1 +- Only try to create nfsnobody if the uid/gid are not found (bz 1488897) +- Turn off the building of rpcgen + +* Thu May 3 2018 Steve Dickson 2.3.1-8.rc1 +- nfsd: Set default minor versions (bz 1570066) + +* Wed Apr 11 2018 Steve Dickson 2.3.1-7.rc1 +- mount.nfs: Fix auto protocol negotiation (bz 1565310) + +* Mon Apr 9 2018 Steve Dickson 2.3.1-6.rc1 +- Stop failing when systemctl try-restart gssproxy fails (bz 1552976) +- Use Fedora build flags (bz 1548679) + +* Fri Mar 2 2018 Steve Dickson 2.3.1-5.rc1 +- Updated to latest upstream RC release: nfs-utils-2-3-2-rc1 + +* Wed Feb 14 2018 Kevin Fenzi - 1:2.3.1-5 +- Rebuild for new libevent + +* Fri Feb 09 2018 Igor Gnatenko - 1:2.3.1-4 +- Escape macros in %%changelog + +* Thu Feb 08 2018 Fedora Release Engineering - 1:2.3.1-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Fri Jan 19 2018 Steve Dickson 2.3.1-2 +- Restart gssproxy (if running) when the NFS server is started (bz 1527653) + +* Tue Jan 9 2018 Steve Dickson 2.3.1-1 +- Added rpcgen dependency (bz 1531540) + +* Wed Dec 20 2017 Steve Dickson 2.3.1-0 +- Updated to latest upstream release: 2.3.1 +- Removed unnecessary chown rpcuser in %%post + +* Tue Dec 19 2017 Steve Dickson 2.2.1-3.rc2 +- Fix typo in nfs-utils_env.sh (bz 1516004) + +* Mon Dec 18 2017 Steve Dickson 2.2.1-2.rc2 +- Removed tcp_wrappers dependency (bz 1518769) + +* Fri Dec 15 2017 Steve Dickson 2.2.1-1.rc2 +- Updated to latest upstream RC release: nfs-utils-2-2-2-rc2 + +* Tue Nov 07 2017 Igor Gnatenko - 1:2.2.1-1.rc1.1 +- Remove old crufty coreutils requires + +* Mon Nov 6 2017 Steve Dickson 2.2.1-1.rc1 +- Restore ABI compat with pre-merge libnfsidmap (bz 1509063) +- Add a build-time dependency on python3-devel + +* Thu Nov 2 2017 Steve Dickson 2.2.1-0.rc1 +- Updated to latest upstream RC release: nfs-utils-2-2-2-rc1 + +* Mon Oct 30 2017 Steve Dickson 2.2.1-0 +- Updated to latest upstream release: nfs-utils-2-2-1 + +* Mon Oct 16 2017 Steve Dickson 2.1.1-8.rc6 +- Own the /usr/libexec/nfs-utils dir (bz 1484300) + +* Thu Oct 5 2017 Steve Dickson 2.1.1-7.rc6 +- Updated to the latest RC releease: nfs-utils-2-1-2-rc6 + +* Tue Sep 19 2017 Orion Poplawski 2.1.1-7.rc5 +- Fix URL + +* Thu Jul 27 2017 Steve Dickson 2.1.1-6.rc5 +- Updated to the latest RC releease: nfs-utils-2-1-2-rc5 + +* Wed Jul 26 2017 Fedora Release Engineering - 1:2.1.1-6.rc4.1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Wed Jul 19 2017 Steve Dickson 2.1.1-6.rc4 +- Removed build dependency on fedfs-utils-devel (bz 1427493) + +* Wed Jun 21 2017 Steve Dickson 2.1.1-5.rc4 +- Updated to the latest RC releease: nfs-utils-2-1-2-rc4 (bz 1462218) +- rpc.c: added include file so UINT16_MAX is defined + +* Thu Jun 1 2017 Steve Dickson 2.1.1-5.rc3 +- Updated to the latest RC releease: nfs-utils-2-1-2-rc3 (bz 1457921) + +* Wed Apr 26 2017 Steve Dickson 2.1.1-5.rc2 +- Conditionally restart gssproxy now that config file is installed (bz 1440885) +- systemd: Afters are also needed for the Wants=network-online.target (bz 1419351) +- nfsdcltrack: silence some expected errors (bz 1445863) +- Cleaned up fuzzy patches + +* Mon Apr 10 2017 Steve Dickson 2.1.1-4.rc2 +- Updated to the latest RC release: nfs-utils-2-1-2-rc2 (bz 1419351) +- Fixed typo in nfs.sysconfig (bz 1422249) + +* Tue Mar 28 2017 Steve Dickson 2.1.1-3.rc1 +- Added gssproxy server config file (bz 1431272) + +* Wed Feb 15 2017 Steve Dickson 2.1.1-2.rc1 +- Updated to the latest RC release: nfs-utils-2-1-2-rc1 + +* Fri Feb 10 2017 Fedora Release Engineering - 1:2.1.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Thu Jan 19 2017 Steve Dickson 2.1.1-1 +- Added back the nfs-config service for backwards compatibility + +* Thu Jan 19 2017 Steve Dickson 2.1.1-0 +- Updated to latest upstream release: nfs-utils-2-1-1 (bz 1413232) + +* Mon Dec 19 2016 Miro Hronok - 1:1.3.4-1.rc3.1 +- Rebuild for Python 3.6 + +* Wed Nov 23 2016 Steve Dickson 1.3.4-1.rc3 +- Updated to the latest RC release: nfs-utils-1-3-5-rc3 + +* Thu Aug 25 2016 Steve Dickson 1.3.4-1.rc2 +- Updated to the latest RC release: nfs-utils-1-3-5-rc2 (bz 1369714) + +* Mon Aug 22 2016 Steve Dickson 1.3.4-1.rc1 +- Stop removing users and groups (bz 1364836) + +* Sat Aug 20 2016 Steve Dickson 1.3.4-0.rc1 +- Updated to the latest RC release: nfs-utils-1-3-5-rc1 +- Updated the Requires(pre) (bz 1319196) + +* Sat Aug 6 2016 Steve Dickson 1.3.4-0 +- Updated to latest upstream version 1.3.4 + +* Thu Jul 21 2016 Steve Dickson 1.3.3-9.rc6 +- Removed the rpc-svcgssd.service systemd file (bz 1334741) + +* Tue Jul 19 2016 Steve Dickson 1.3.3-8.rc6 +- Updated to the latest RC release: nfs-utils-1-3-4-rc6 + +* Mon May 2 2016 Steve Dickson 1.3.3-8.rc5 +- Updated to the latest RC release: nfs-utils-1-3-4-rc5 + +* Wed Mar 16 2016 Steve Dickson 1.3.3-7.rc4 +- Updated to the latest RC release: nfs-utils-1-3-4-rc4 (bz 1316701) +- Changed BuildRequires: glibc-headers ==> BuildRequires: gcc (bz 1230477) + +* Thu Feb 04 2016 Fedora Release Engineering - 1:1.3.3-6.rc3.1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Sat Jan 16 2016 Steve Dickson 1.3.3-6.rc3 +- Updated to the latest RC release: nfs-utils-1-3-4-rc3 + +* Wed Dec 16 2015 Steve Dickson 1.3.3-6.rc2 +- mountd: fix netgroup lookup for short hostnames (bz 1284079) + +* Fri Dec 11 2015 Steve Dickson 1.3.3-5.rc2 +- Updated to the latest RC release: nfs-utils-1-3-4-rc2 + +* Tue Nov 17 2015 Steve Dickson 1.3.3-4.rc1 +- ghost-ed rpc.statd state file (bz 1158466) + +* Mon Nov 16 2015 Steve Dickson 1.3.3-3.rc1 +- Improving rpc.gssd's debugging (bz 1282600) + +* Mon Nov 16 2015 Steve Dickson 1.3.3-2.rc1 +- Decouple the starting of nfs-service and rpcbind (bz 1279526) + +* Tue Nov 10 2015 Fedora Release Engineering - 1:1.3.3-1.rc1.1 +- Rebuilt for https://fedoraproject.org/wiki/Changes/python3.5 + +* Wed Nov 4 2015 Steve Dickson 1.3.3-1.rc1 +- Updated to the latest RC release: nfs-utils-1-3-4-rc1 + +* Tue Nov 3 2015 Steve Dickson 1.3.3-1 +- Removed legacy triggers to remove rpm build errors + +* Mon Nov 2 2015 Steve Dickson 1.3.3-0 +- Updated to latest upstream version 1.3.3 + +* Fri Jul 31 2015 Steve Dickson 1.3.2-12 +- Fixed return value being overrun in gssd (bz 1249046) + +* Mon Jul 13 2015 Miro Hronok - 1:1.3.2-11 +- Replace Python scripts shebangs with %%{__python3} and require python3-devel to have that + +* Fri Jun 26 2015 Steve Dickson 1.3.2-10 +- Update to latest RC release: nfs-utils-1-3-3-rc5 (bz 1233005) + +* Wed Jun 17 2015 Fedora Release Engineering - 1:1.3.2-9 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + +* Wed Jun 10 2015 Steve Dickson 1.3.2-8 +- Make systemd args backwards compatible (bz 1210751) +- Stop scribbling on stderr (bz 1211008) + +* Tue May 12 2015 Colin Walters - 1:1.3.2-7 +- Add patch to fix initial start on OSTree managed systems (bz 1219871) + +* Thu May 7 2015 Steve Dickson 1.3.2-4 +- Update to latest RC release: nfs-utils-1-3-3-rc4 + +* Mon Apr 6 2015 Steve Dickson 1.3.2-3 +- Update to latest RC release: nfs-utils-1-3-3-rc3 + +* Thu Apr 2 2015 Steve Dickson 1.3.2-2.1 +- Removed RPCRQUOTADOPTS from /etc/sysconfig/nfs (bz 1208516) + +* Thu Mar 19 2015 Steve Dickson 1.3.2-2.0 +- Update to latest RC release: nfs-utils-1-3-3-rc2 (bz 1088665) + +* Thu Feb 26 2015 Steve Dickson 1.3.2-1.0 +- Update to latest RC release: nfs-utils-1-3-3-rc1 + +* Mon Feb 9 2015 Steve Dickson 1.3.2-0.2 +- Change statd-notify.service to not wait for network to come up (bz 1183293) +- Added the rpcuser group before adding the rpcuser uid (bz 1165322) + +* Sun Feb 1 2015 Steve Dickson 1.3.2-0.1 +- statd: Fix test for foreground mode (bz 1188040) + +* Sat Jan 31 2015 Steve Dickson 1.3.2-0.0 +- Updated to latest upstream release: 1-3-2 + +* Mon Jan 19 2015 Steve Dickson 1.3.1-6.0 +- Set the GSS_USE_PROXY variable in nfs-utils_env.sh (bz 1183787) + +* Thu Jan 15 2015 Steve Dickson 1.3.1-5.0 +- Updated to latest upstream RC release: nfs-utils-1-3-2-rc5 (bz 1181708) + +* Wed Jan 14 2015 Steve Dickson 1.3.1-4.2 +- Added SMNOTIFYARGS to /etc/sysconf/nfs (bz 1182227) + +* Fri Jan 2 2015 Steve Dickson 1.3.1-4.1 +- Change if statments to string comparisons in nfs-utils_env.sh (bz 1170354) + +* Sat Dec 13 2014 Steve Dickson 1.3.1-4.0 +- Updated to latest upstream RC release: nfs-utils-1-3-2-rc4 (bz 1164477) +- Handle the rpcuser like other created users (bz 1165322) +- Restored lockd port and v4 grace/lease interface (bz 1115225) +- Make sure nfs-client target is enabled (bz 1173564) + +* Wed Dec 3 2014 Steve Dickson 1.3.1-2.4 +- Fixed typos in nfs-utils sysconfig files (bz 1170354) + +* Thu Nov 13 2014 Steve Dickson 1.3.1-2.3 +- Fixed a mount DOS (bz 1163886) + +* Thu Nov 6 2014 Richard W.M. Jones 1.3.1-2.2 +- Rebuild against new libnfsimap (bz 1160883) + +* Thu Nov 6 2014 Steve Dickson 1.3.1-2.1 +- Rebuild against new libnfsimap (bz 1160883) + +* Tue Nov 4 2014 Steve Dickson 1.3.1-2.0 +- Updated to latest upstream RC release: nfs-utils-1-3-2-rc2 (bz 1115179) + +* Tue Nov 4 2014 Steve Dickson 1.3.1-1.2 +- Rebuild with new glibc (bz 1158846) + +* Fri Oct 24 2014 Steve Dickson 1.3.1-1.1 +- Added fix to umount in the nfs-utils-1.3.2-rc1.patch + +* Wed Oct 22 2014 Steve Dickson 1.3.1-1.0 +- Updated to latest upstream RC release: nfs-utils-1-3-2-rc1 (bz 1142842) + +* Thu Sep 25 2014 Steve Dickson 1.3.1-0.0 +- Update to the latest upstream release: nfs-utils-1-3-1 +- Enable gssproxy to manage the GSSAPI creds on the server. + +* Fri Sep 12 2014 Steve Dickson 1.3.0-7.0 +- Updated to latest upstream RC release: nfs-utils-1-3-1-rc4 (bz 1108615) + +* Sun Aug 17 2014 Fedora Release Engineering - 1:1.3.0-6.0 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild + +* Sun Jul 27 2014 Steve Dickson 1.3.0-5.0 +- Updated to latest upstream RC release: nfs-utils-1-3-1-rc3 +- Use _statdpath to define where statd's state lives + +* Tue Jul 01 2014 Jeff Layton - 1:1.3.0-4.0 +- clean up lockd configuration + +* Sat Jun 07 2014 Fedora Release Engineering - 1:1.3.0-3.0 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Sun Jun 1 2014 Steve Dickson 1.3.0-2.0 +- Updated to latest upstream RC release: nfs-utils-1-3-1-rc2 + +* Sat May 24 2014 Steve Dickson 1.3.0-1.3 +- Use systemd_post macro to enable services (bz 1087950) + +* Thu May 1 2014 Steve Dickson 1.3.0-1.2 +- mountd: fix segfault in add_name with newer gcc compilers + +* Thu May 1 2014 Steve Dickson 1.3.0-1.1 +- start-statd: rpc.statd's systemd unit changed names + +* Wed Apr 30 2014 Steve Dickson 1.3.0-1.0 +- Updated to latest upstream RC release: nfs-utils-1-3-1-rc1 + +* Fri Apr 25 2014 Steve Dickson 1.3.0-0.2 +- Fix PATH problem in start-statd (bz 1088226) + +* Mon Apr 14 2014 Steve Dickson 1.3.0-0.1 +- Incorporated new upstream systemd units + +* Tue Mar 25 2014 Steve Dickson 1.3.0-0.0 +- Updated to latest major release: nfs-utils-1-3-0 + +* Wed Jan 22 2014 Steve Dickson 1.2.9-3.0 +- Updated to latest upstream RC release: nfs-utils-1-2-10-rc3 + - gssd: Improve first attempt at acquiring GSS credentials (bz 1055077) +- gssd: set $HOME to prevent recursion (bz 1052902) + +* Fri Jan 10 2014 Steve Dickson 1.2.9-2.1 +- Fixed typo in nfs-service file. (bz 1047972) + +* Wed Jan 8 2014 Steve Dickson 1.2.9-2.0 +- Updated to latest upstream RC release: nfs-utils-1-2-10-rc2 +- Added Also=nfs.target to nfs-service file. (bz 1047972) + +* Wed Nov 20 2013 Steve Dickson 1.2.9-1.0 +- Updated to latest upstream RC release: nfs-utils-1-2-10-rc1 + +* Tue Nov 5 2013 Steve Dickson 1.2.9-0.0 +- Updated to latest upstream Release: nfs-utils-1-2-9 + +* Tue Sep 24 2013 Steve Dickson 1.2.8-6.0 +- Updated to latest upstream RC release: nfs-utils-1-2-9-rc6 + +* Wed Sep 18 2013 Steve Dickson 1.2.8-5.0 +- Updated to latest upstream RC release: nfs-utils-1-2-9-rc5 + +* Thu Aug 22 2013 Steve Dickson 1.2.8-4.1 +- nfs-utils: fix a number of specfile problems + +* Mon Aug 19 2013 Steve Dickson 1.2.8-4.0 +- Updated to latest upstream RC release: nfs-utils-1-2-9-rc4 + +* Sat Aug 03 2013 Fedora Release Engineering - 1:1.2.8-4.0 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild + +* Tue Jul 23 2013 Steve Dickson 1.2.8-3.0 +- Updated to latest upstream RC release: nfs-utils-1-2-9-rc3 + +* Tue Jul 23 2013 Steve Dickson 1.2.8-2.1 +- Make sure nfs.target is enabled (bz 970595) +- Fix nfs server reloads (bz 951247) + +* Fri May 31 2013 Steve Dickson 1.2.8-2.0 +- Update to latest upstream RC release: nfs-utils.1.2.9-rc1 +- Added GSS_USE_PROXY variable to nfs.sysconfig (bz 967112) + +* Tue May 7 2013 Steve Dickson 1.2.8-1.1 + systemd: nfs-server.service needs to be split up (bz 769879) + +* Tue May 7 2013 Steve Dickson 1.2.8-1 +- Updated to the latest upstream RC release: nfs-utils.1.2.9-rc1 + +* Tue Apr 23 2013 Steve Dickson 1.2.8-0 +- Updated to latest upstream release: 1.2.8 +- Removed the libgssglue dependency + +* Mon Apr 1 2013 Steve Dickson 1.2.7-6 +- Added v4.1 support rpc.nfsd (bz 947073) + +* Mon Mar 25 2013 Steve Dickson 1.2.7-5 +- Updated to latest upstream RC release: nfs-utils.1.2.8-rc4 +- Added nfs-lock.service to After line in nfs-server.service (bz 914792) + +* Thu Feb 14 2013 Fedora Release Engineering - 1:1.2.7-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild + +* Wed Jan 16 2013 Steve Dickson 1.2.7-3 +- Updated to latest upstream RC release: nfs-utils.1.2.8-rc3 +- Took ownership of /usr/lib/nfs-utils (bz 894535) + +* Mon Dec 17 2012 Steve Dickson 1.2.7-2 +- Update to latest upstream RC release: nfs-utils.1.2.8-rc2 + +* Wed Nov 28 2012 Steve Dickson 1.2.7-1 +- Update to latest upstream RC release: nfs-utils.1.2.8-rc1 + +* Fri Nov 9 2012 Steve Dickson 1.2.7-0 +- Updated to latest upstream release: nfs-utils.1.2.7 + +* Thu Nov 8 2012 Steve Dickson 1.2.6-14 +- Allow the service to start when RPCNFSDCOUNT is comment out. (bz 870143) +- Removed some old cruft from the spec file (bz 226198) + +* Mon Oct 15 2012 Steve Dickson 1.2.6-13 +- Added a Requires for the quota package (bz 866225) + +* Thu Aug 23 2012 Steve Dickson 1.2.6-12 +- Added FedFS support by added a BuildRequires for fedfs-utils-devel +- Introduce new systemd-rpm macros (bz 850227) +- Updated to latest upstream RC release: nfs-utils.1.2.7-rc5 (bz 833024) + +* Mon Aug 6 2012 Steve Dickson 1.2.6-11 +- Updated to latest upstream RC release: nfs-utils.1.2.7-rc4 + +* Thu Aug 2 2012 Steve Dickson 1.2.6-10 +- Removed modprobe.d/nfs.conf + +* Thu Jul 19 2012 Steve Dickson 1.2.6-9 +- Updated to latest upstream RC release: nfs-utils.1.2.7-rc3 + +* Thu Jul 5 2012 Steve Dickson 1.2.6-8 +- nfsidmap: default domain no being set (bz 829362) + +* Fri Jun 22 2012 Steve Dickson 1.2.6-7 +- Reworked how the legacy names are enabled in systemd +- Fixed typo in nfs-mountd.service + +* Tue Jun 12 2012 Steve Dickson 1.2.6-6 +- Updated to latest upstream RC release: nfs-utils.1.2.7-rc2 (bz 833555) + +* Tue Jun 12 2012 Steve Dickson 1.2.6-5 +- Reworked how the services are restarted. + +* Tue Jun 12 2012 Steve Dickson 1.2.6-4 +- Enable legacy service names. + +* Tue May 29 2012 Steve Dickson 1.2.6-3 +- Updated to latest upstream RC release: nfs-utils.1.2.7-rc1 + +* Tue May 29 2012 Steve Dickson 1.2.6-2 +* Fixed typo in the checking of nfsnobody (bz 816149) + +* Fri May 25 2012 Steve Dickson 1.2.6-1 +- Correctly search for the existence of nfsnobody (bz 816149) +- Correctly change the default group id for nfsnobody (bz 816149) + +* Tue May 15 2012 Steve Dickson 1.2.6-0 +- Update to the latest upstream release: nfs-utils-1.2.6 (bz 821673) +- Split out NFS server daemons into individual service files (bz 769879) +- Removed Wants= from nfs-lock.service (bz 817895) +- Only enable services if they are enabled on upgrades (bz 807020) + +* Thu May 3 2012 Steve Dickson 1.2.5-16 +- Update to the latest RC release: nfs-utils-1.2.6-rc7 + +* Thu Apr 26 2012 Josh Boyer 1.2.5-15 +- Add modprobe config file to alias 'nfs4' to 'nfs' (bz 806333) + +* Thu Mar 22 2012 Steve Dickson 1.2.5-14 +- gssd: Look for user creds in user defined directory (bz 786993) +- gssd: Don't link with libgssapi_krb5 (bz 784908) + +* Fri Mar 16 2012 Steve Dickson 1.2.5-13 +- Make sure statd is start before NFS mounts (bz 786050) +- rpc.idmap: Hide global symbols from libidmap plugins (bz 797332) +- nfsd: Bump up the default to 8 nprocs (bz 757452) + +* Wed Feb 08 2012 Harald Hoyer 1.2.5-12 +- require kmod instead of modutils (bz 788571) + +* Mon Jan 16 2012 Steve Dickson 1.2.5-11 +- Update to upstream RC release: nfs-utils-1.2.6-rc6 +- Reworked how the nfsd service requires the rpcbind service (bz 768550) + +* Mon Jan 9 2012 Steve Dickson 1.2.5-10 +- Added back the SUID bits on mount commands (bz 772396) +- Added a decency on keyutils (bz 769724) + +* Thu Jan 5 2012 Steve Dickson 1.2.5-9 +- Update to upstream RC release: nfs-utils-1.2.6-rc5 + +* Thu Dec 15 2011 Steve Dickson 1.2.5-8 +- Removed the nfs-idmap service. rpc.idmap is now part of + the nfs-server service + +* Tue Dec 13 2011 Steve Dickson 1.2.5-7 +- Enabled new idmaping by installing the id_resolver.conf file. +- Update to upstream RC release: nfs-utils-1.2.6-rc4 + +* Fri Nov 18 2011 Steve Dickson 1.2.5-6 +- Remove RQUOTAD_PORT and RQUOTAD from /etc/sysconfig/nfs (bz 754496) +- Ensured nfs-idmap service is started after the named is up (bz 748275) + +* Mon Nov 14 2011 Steve Dickson 1.2.5-5 +- Ensured nfs-idmap service is started after the network up (bz 748275) +- Update to upstream RC release: nfs-utils-1.2.6-rc3 (bz 746497) + +* Thu Oct 20 2011 Steve Dickson 1.2.5-4 +- Added pNFS debugging to rpcdebug. + +* Tue Oct 18 2011 Steve Dickson 1.2.5-3 +- Update to upstream RC release: nfs-utils-1.2.6-rc2 + +* Tue Oct 4 2011 Steve Dickson 1.2.5-2 +- Removed SUID bits on mount commands (bz 528498) +- Fixed a few typos in a couple man pages (bz 668124, 673818, 664330) +- Fixed a I/0 problem in rpc.idmapd (bz 684308) + +* Mon Oct 3 2011 Steve Dickson 1.2.5-1 +- Update to upstream RC release: nfs-utils-1.2.6-rc1 +- Added named.service to After list in nfs-server.service (bz 742746) + +* Tue Sep 27 2011 Steve Dickson 1.2.5-0 +- Update to upstream release: nfs-utils-1.2.5 (bz 717931) + +* Wed Sep 21 2011 Steve Dickson 1.2.4-11 +- Update to upstream RC release: nfs-utils-1.2.5-rc3 + +* Wed Sep 14 2011 Steve Dickson 1.2.4-10 +- Created /etc/exports.d to stop a warning (bz 697006) + +* Tue Aug 30 2011 Steve Dickson 1.2.4-9 +- Both the nfs.lock and nfs.idmap services should always + enabled on both installs and upgrades (bz 699040) +- Fixed the paths to the server scriptlets (bz 733531) + +* Mon Aug 29 2011 Steve Dickson 1.2.4-8 +- Update to upstream RC release: nfs-utils-1.2.5-rc2 + +* Wed Aug 24 2011 Steve Dickson 1.2.4-7 +- Added StandardError=syslog+console to all the service files + so startup errors will be logged. +- Changed exportfs to only log errors on existing /etc/export.d + directory, which eliminates a needless syslog entry. +- Automount /proc/fs/nfsd for rpc.nfsd + +* Wed Aug 10 2011 Steve Dickson 1.2.4-6 +- Fixed some bugs in the triggerun script as well in + the nfs-server scripts (bz 699040). + +* Wed Aug 3 2011 Steve Dickson 1.2.4-5 +- Cleaned up the .preconfig and .postconfig files per + code review request. + +* Wed Aug 3 2011 Steve Dickson 1.2.4-4 +- Converted init scrips to systemd services. (bz 699040) +- Made nfsnobody's uid/gid to always be a 16-bit value of -2 +- mount: fix for libmount from util-linux >= 2.20 + +* Thu Jul 21 2011 Steve Dickson 1.2.4-3 +- Updated to latest upstream release: nfs-utils-1-2-5-rc1 + +* Thu Jul 7 2011 Ville Skyttä - 1:1.2.4-2 +- Don't ship Makefiles or INSTALL in docs (#633934). + +* Mon Jul 4 2011 J. Bruce Fields 1.2.4-1 +- Rely on crypto module autoloading in init scripts +- initscripts: just try to mount rpc_pipefs always + +* Wed Jun 29 2011 Steve Dickson 1.2.4-0 +- Updated to latest upstream release: nfs-utils-1-2-4 + +* Wed Apr 20 2011 Steve Dickson 1.2.3-13 +- Updated to latest upstream release: nfs-utils-1-2-4-rc8 + +* Wed Apr 6 2011 Steve Dickson 1.2.3-12 +- Updated to latest upstream release: nfs-utils-1-2-4-rc7 +- Enabled the libmount code. + +* Mon Mar 7 2011 Steve Dickson 1.2.3-11 +- Updated to latest upstream release: nfs-utils-1-2-4-rc6 + +* Wed Feb 09 2011 Christopher Aillon - 1.2.3-10 +- Rebuild against newer libevent + +* Tue Feb 08 2011 Fedora Release Engineering - 1:1.2.3-9 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild + +* Wed Jan 26 2011 Steve Dickson 1.2.3-8 +- Fixed segfault in rpc.mountd (bz 669065) + +* Fri Jan 14 2011 Steve Dickson 1.2.3-7 +- Updated to latest upstream release: nfs-utils-1-2-4-rc5 +- Add initscripts changes needed for rpcbind to be running when nfs is started +- Initscripts changes needed to support NFS over RDMA +- Allow the setting of the NFSv4 grace period (bz 665387) + +* Mon Dec 13 2010 Steve Dickson 1.2.3-6 +- Updated to latest upstream release: nfs-utils-1-2-4-rc4 + +* Wed Dec 8 2010 Steve Dickson 1.2.3-5 +- Replace the nfs-utils-lib dependency with a libnfsidmap + dependency + +* Wed Dec 1 2010 Steve Dickson 1.2.3-4 +- The nfs service is not stopped on reboot or halt (bz 652786) +- Removed obsolete configuration values (bz 653765) + +* Mon Nov 29 2010 Steve Dickson 1.2.3-3 +- Updated to latest upstream release: nfs-utils-1-2-4-rc3 + +* Fri Oct 15 2010 Steve Dickson 1.2.3-2 +- Initscripts do not conform to LSB specification (bz 621562) +- sm-notify needs to call res_init() before each try (bz 625531) +- exports(5) man page duplicated paragraphs (bz 590921) + +* Thu Oct 14 2010 Steve Dickson 1.2.3-1 +- Updated to latest upstream release: nfs-utils-1-2-4-rc1 + +* Mon Oct 4 2010 Steve Dickson 1.2.3-0.1 +- Fixed a regession with -p arguemnt to rpc.mountd + +* Thu Sep 30 2010 Steve Dickson 1.2.3-0 +- Updated to latest upstream release: nfs-utils-1-2-3 + +* Thu Sep 16 2010 Steve Dickson 1.2.2-8 +- Update to upstream RC release: nfs-utils-1-2-3-rc6 + +* Thu Sep 9 2010 Steve Dickson 1.2.2-7 +- Update to upstream RC release: nfs-utils-1-2-3-rc5 + +* Tue Jun 22 2010 Steve Dickson 1.2.2-6 +- Update to upstream RC release: nfs-utils-1-2-3-rc4 + +* Thu May 6 2010 Steve Dickson 1.2.2-4 +- Update to upstream RC release: nfs-utils-1-2-3-rc3 + +* Fri Apr 16 2010 Steve Dickson 1.2.2-3 +- Update to upstream RC release: nfs-utils-1-2-3-rc2 + +* Mon Mar 22 2010 Steve Dickson 1.2.2-2 +- Update to upstream RC release: nfs-utils-1-2-3-rc1 + +* Thu Feb 18 2010 Steve Dickson 1.2.2-1 +- Updated to latest upstream version: 1.2.2 + +* Thu Jan 28 2010 Steve Dickson 1.2.1-17 +- Backed out the "Don't fail mounts when /etc/netconfig is + nonexistent" patch + +* Wed Jan 27 2010 Steve Dickson 1.2.1-16 +- mount.nfs: Don't fail mounts when /etc/netconfig is nonexistent + +* Mon Jan 25 2010 Steve Dickson 1.2.1-15 +- statd: Teach nfs_compare_sockaddr() to handle NULL + arguments + +* Fri Jan 22 2010 Steve Dickson 1.2.1-14 +- Update to upstream RC release: nfs-utils-1-2-2-rc9 + +* Thu Jan 21 2010 Steve Dickson 1.2.1-13 +- mount.nfs: Configuration file parser ignoring options +- mount.nfs: Set the default family for lookups based on + defaultproto= setting +- Enabled ipv6 + +* Sun Jan 17 2010 Steve Dickson 1.2.1-12 +- Updated to latest upstream RC release: nfs-utils-1-2-2-rc7 + which includes Ipv6 support for tcpwrapper (disabled by default). + +* Sat Jan 16 2010 Steve Dickson 1.2.1-11 +- Updated to latest upstream RC release: nfs-utils-1-2-2-rc7 + which includes Ipv6 support for statd (disabled by default). + +* Thu Jan 14 2010 Steve Dickson 1.2.1-10 +- Updated to the latest pseudo root release (rel10) which + containts the upstream pseudo root release + +* Tue Jan 12 2010 Steve Dickson 1.2.1-9 +- Updated to latest upstream RC release: nfs-utils-1-2-2-rc5 + +* Mon Jan 4 2010 Steve Dickson 1.2.1-8 +- mount.nfs: don't use IPv6 unless IPV6_SUPPORTED is set + +* Mon Dec 14 2009 Steve Dickson 1.2.1-7 +- Updated to latest upstream RC release: nfs-utils-1-2-2-rc3 + +* Thu Dec 10 2009 Steve Dickson 1.2.1-6 +- Update the pseudo root to handle security flavors better. + +* Mon Dec 7 2009 Steve Dickson 1.2.1-5 +- mount.nfs: Retry v4 mounts with v3 on ENOENT errors + +* Mon Dec 7 2009 Steve Dickson 1.2.1-4 +- Updated to the latest pseudo root release (rel9) (bz 538609). + +* Thu Nov 12 2009 Steve Dickson 1.2.1-3 +- Stop rpc.nfsd from failing to startup when the network + is down (bz 532270) + +* Wed Nov 11 2009 Steve Dickson 1.2.1-2 +- Updated to the latest pseudo root release (rel8). + +* Wed Nov 4 2009 Steve Dickson 1.2.1-1 +- Updated to latest upstream release: 1.2.0 + +* Tue Nov 3 2009 Steve Dickson 1.2.0-18 +- Reworked and remove some of the Default-Start/Stop stanzas + in the init scripts (bz 531425) + +* Mon Nov 2 2009 Steve Dickson 1.2.0-17 +- Updated to the latest pseudo root release (rel7). +- Added upstream 1.2.1-rc7 patch which fixes: + - Stop ignoring the -o v4 option (bz 529407) + - Allow network protocol roll backs when proto is set + in the config file (bz 529864) +- v4 mounts will roll back to v3 mounts when the mount + fails with ENOENT. + +* Mon Oct 5 2009 Steve Dickson 1.2.0-16 +- Fixed a whole where '-o v4' was not overriding the + version in the conf file. + +* Wed Sep 30 2009 Steve Dickson 1.2.0-15 +- Change the nfsmount.conf file to define v3 as the default + protocol version. +- Make sure versions set on the command line override version + set in nfsmount.conf +- Make version rollbacks still work when versions are set in + nfsmount.conf + +* Tue Sep 29 2009 Steve Dickson 1.2.0-13 +- Added upstream 1.2.1-rc5 patch + - mount.nfs: Support negotiation between v4, v3, and v2 + - mount.nfs: Keep server's address in nfsmount_info + - mount.nfs: Sandbox each mount attempt + - mount.nfs: Support negotiation between v4, v3, and v2 + +* Wed Sep 23 2009 Steve Dickson 1.2.0-12 +- Updated to the latest pseudo root release (rel6). + +* Tue Sep 15 2009 Steve Dickson 1.2.0-11 +- Added upstream 1.2.1-rc5 patch + - Added --sort --list functionality to nfs-iostat.py + - Fixed event handler in idmapd + - Added -o v4 support + - Disabled IPv6 support in nfsd + - Don't give client an empty flavor list + - Fixed gssed so it does not blindly caches machine credentials + +* Mon Aug 17 2009 Steve Dickson 1.2.0-10 +- Added upstream 1.2.1-rc4 patch + - Fix bug when both crossmnt + - nfs(5): Add description of lookupcache mount option + - nfs(5): Remove trailing blanks + - Added nfs41 support to nfssat + - Added support for mount to us a configuration file. + +* Fri Aug 14 2009 Steve Dickson 1.2.0-9 +- Added upstream 1.2.1-rc3 patch + - Add IPv6 support to nfsd + - Allow nfssvc_setfds to properly deal with AF_INET6 + - Convert nfssvc_setfds to use getaddrinfo + - Move check for active knfsd to helper function + - Declare a static common buffer for nfssvc.c routine + - Convert rpc.nfsd to use xlog() and add --debug and --syslog options + +* Tue Jul 28 2009 Steve Dickson 1.2.0-8 +- Fixed 4.1 versioning problem (bz 512377) + +* Wed Jul 15 2009 Steve Dickson 1.2.0-7 +- Added upstream 1.2.1-rc2 patch + - A large number of mount command changes. + +* Mon Jul 13 2009 Steve Dickson 1.2.0-6 +- Added NFSD v4 dynamic pseudo root patch which allows + NFS v3 exports to be mounted by v4 clients. + +* Mon Jun 29 2009 Steve Dickson 1.2.0-5 +- Stopped rpc.idmapd from spinning (bz 508221) + +* Mon Jun 22 2009 Steve Dickson 1.2.0-4 +- Added upstream 1.2.1-rc1 patch + - Fix to check in closeall() + - Make --enable-tirpc the default + - Set all verbose types in gssd daemons + - Retry exports if getfh() fails + +* Wed Jun 10 2009 Steve Dickson 1.2.0-3 +- Updated init scripts to add dependencies + on other system facilities (bz 475133) + +* Wed Jun 10 2009 Steve Dickson 1.2.0-2 +- nfsnobody gid is wrong (bz 485379) + +* Tue Jun 2 2009 Steve Dickson 1.2.0-1 +- Updated to latest upstream release: 1.2.0 + +* Tue May 19 2009 Tom "spot" Callaway 1.1.6-4 +- Replace the Sun RPC license with the BSD license, with the explicit permission of Sun Microsystems + +* Mon May 18 2009 Steve Dickson 1.1.6-3 +- Added upstream 1.1.7-rc1 patch + - utils/nfsd: add support for minorvers4 + - sm-notify: Don't orphan addrinfo structs + - sm-notify: Failed DNS lookups should be retried + - mount: remove legacy version of nfs_name_to_address() + - compiling error in rpcgen + - nfs-utils: Fix IPv6 support in support/nfs/rpc_socket.c + - umount.nfs: Harden umount.nfs error reportin + +* Mon Apr 27 2009 Steve Dickson 1.1.6-2 +- nfslock.init: options not correctly parsed (bz 459591) + +* Mon Apr 20 2009 Steve Dickson 1.1.6-1 +- Updated to latest upstream release: 1.1.6 + +* Mon Mar 23 2009 Steve Dickson 1.1.5-4 +- Added upstream rc3 patch + - gssd: initialize fakeseed in prepare_krb5_rfc1964_buffer + - gssd: NULL-terminate buffer after read in read_service_info (try #2) + - gssd: free buffer allocated by gssd_k5_err_msg + - gssd: fix potential double-frees in gssd + - Removed a number of warn_unused_result warnings + +* Mon Mar 16 2009 Steve Dickson 1.1.5-3 +- Added upstream rc2 patch + +* Fri Mar 6 2009 Steve Dickson 1.1.5-2 +- Fixed lockd not using settings in sysconfig/nfs (bz 461043) +- Fixed some lost externs in the tcpwrapper code + +* Thu Mar 5 2009 Steve Dickson 1.1.5-1 +- Updated to latest upstream version: 1.1.5 + +* Wed Mar 4 2009 Steve Dickson 1.1.4-21 +- configure: fix AC_CACHE_VAL warnings + +* Wed Feb 25 2009 Fedora Release Engineering - 1:1.1.4-20 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild + +* Wed Feb 18 2009 Steve Dickson 1.1.4-19 +- Exportfs and rpc.mountd optimalization (bz 76643) + +* Tue Feb 17 2009 Steve Dickson 1.1.4-18 +- umount.nfs command: Add an AF_INET6-capable version of nfs_call_unmount() +- umount.nfs command: Support AF_INET6 server addresses +- umount command: remove do_nfs_umount23 function + +* Tue Feb 17 2009 Steve Dickson 1.1.4-17 +- Integrated the upstream fix for bz 483375 +- mount: segmentation faults on UDP mounts (bz 485448) + +* Sat Jan 31 2009 Steve Dickson 1.1.4-16 +- Fixed typo in -mount-textbased.patch (bz 483375) + +* Sat Jan 31 2009 Steve Dickson 1.1.4-15 +- Reworked tcp wrapper code to correctly use API (bz 480223) +- General clean up of tcp wrapper code. + +* Tue Jan 27 2009 Steve Dickson 1.1.4-14 +- text-based mount command: make po_rightmost() work for N options +- text-based mount command: Function to stuff "struct pmap" from mount options +- text-based mount options: Use new pmap stuffer when rewriting mount options +- text-based mount command: fix mount option rewriting logic +- text-based mount command: support AF_INET6 in rewrite_mount_options() + +* Tue Jan 20 2009 Steve Dickson 1.1.4-13 +- mountd: Don't do tcp wrapper check when there are no rules (bz 448898) + +* Wed Jan 7 2009 Steve Dickson 1.1.4-12 +- configure: Remove inet_ntop(3) check from configure.ac +- configure: Add new build option "--enable-tirpc" +- showmount command: Quiesce warning when TI-RPC is disabled + +* Sat Jan 3 2009 Steve Dickson 1.1.4-11 +- Added warnings to tcp wrapper code when mounts are + denied due to misconfigured DNS configurations. +- gssd: By default, don't spam syslog when users' credentials expire +- mount: revert recent fix for build problems on old systems +- mount: use gethostbyname(3) when building on old systems +- mount: getport: don't use getaddrinfo(3) on old systems +- mount: Random clean up +- configure: use "--disable-uuid" instead of "--without-uuid" + +* Fri Dec 19 2008 Steve Dickson 1.1.4-10 +- Re-enabled and fixed/enhanced tcp wrappers. + +* Wed Dec 17 2008 Steve Dickson 1.1.4-9 +- text-based mount command: add function to parse numeric mount options +- text-based mount command: use po_get_numeric() for handling retry +- sm-notify command: fix a use-after-free bug +- statd: not unlinking host files + +* Thu Dec 11 2008 Steve Dickson 1.1.4-8 +- mount command: AF_INET6 support for probe_bothports() +- mount command: support AF_INET6 in probe_nfsport() and probe_mntport() +- mount command: full support for AF_INET6 addresses in probe_port() +- gssd/svcgssd: add support to retrieve actual context expiration +- svcgssd: use the actual context expiration for cache + +* Sat Dec 6 2008 Steve Dickson 1.1.4-7 +- sm-notify: always exiting without any notification. + +* Tue Dec 2 2008 Steve Dickson 1.1.4-6 +- mount command: remove local getport() implementation +- mount command: Replace clnt_ping() and getport() calls in probe_port() +- mount command: Use nfs_error() instead of perror() +- mount command: Use nfs_pmap_getport() in probe_statd() + +* Mon Dec 1 2008 Steve Dickson 1.1.4-5 +- Make sure /proc/fs/nfsd exists when the nfs init script + does the exports (bz 473396) +- Fixed typo in nfs init script that caused rpc.rquotad daemons + to be started but not stoppped (bz 473929) + +* Wed Nov 26 2008 Steve Dickson 1.1.4-4 +- gssd: unblock DNOTIFY_SIGNAL in case it was blocked +- Ensure statd gets started if required when non-root + user mounts an NFS filesystem + +* Tue Nov 25 2008 Steve Dickson 1.1.4-3 +- Give showmount support for querying via rpcbindv3/v4 + +* Tue Nov 18 2008 Steve Dickson 1.1.4-2 +- Add AF_INET6-capable API to acquire an RPC CLIENT +- Introduce rpcbind client utility functions + +* Sat Oct 18 2008 Steve Dickson 1.1.4-1 +- Updated to latest upstream version: 1.1.4 + +* Tue Oct 14 2008 Steve Dickson 1.1.3-6 +- sm-notify exists when there are no hosts to notify + +* Thu Sep 18 2008 Steve Dickson 1.1.3-5 +- Reworked init scripts so service will be able to + stop when some of the checks fail. (bz 462508) +- Pre-load nfsd when args to rpc.nfsd are given (bz 441983) + +* Thu Aug 28 2008 Steve Dickson 1.1.3-4 +- Added in a number of up upstream patches (101 thru 110). + +* Mon Aug 11 2008 Tom "spot" Callaway 1.1.3-3 +- fix license tag + +* Thu Jul 31 2008 Steve Dickson 1.1.3-2 +- Mount command did not compile against older glibc versions. + +* Mon Jul 28 2008 Steve Dickson 1.1.3-1 +- Updated to latest upstream version: 1.1.3 + +* Wed Jul 2 2008 Steve Dickson 1.1.2-12 +- Changed the default directories for sm-notify (bz 435480) +- Added 'condstop' to init scripts so service are not + started when nfs-utils is removed. + +* Mon Jun 30 2008 Dennis Gilmore 1.1.2-11 +- add sparc arch handling + +* Mon Jun 30 2008 Steve Dickson 1.1.2-10 +- Rebuild for the updated libevent lib. + +* Fri Jun 27 2008 Steve Dickson 1.1.2-9 +- Removed the nfslock service start/stop from %%post section + (bz 453046) + +* Wed Jun 25 2008 Steve Dickson 1.1.2-8 +- FQDNs in the rmtab causes exportfs to seg fault (bz 444275) + +* Mon Jun 23 2008 Steve Dickson 1.1.2-7 +- Added -D_FILE_OFFSET_BITS=64 to CFLAGS +- make nfsstat read and print stats as unsigned integers +- Added (but not installed) the mountstats and nfs-iostat + python scripts. + +* Fri Jun 6 2008 Steve Dickson 1.1.2-6 +- Added 5 (111 thru 115) upstream patches that fixed + things mostly in the text mounting code. + +* Thu May 8 2008 Steve Dickson 1.1.2-5 +- Added 10 (101 thru 110) upstream patches that fixed + things mostly in the mount and gssd code. + +* Wed May 7 2008 Steve Dickson 1.1.2-4 +- Added ppc arch to the all_32bit_archs list (bz 442847) + +* Wed Apr 23 2008 Steve Dickson 1.1.2-3 +- Documented how to turn off/on protocol support for + rpc.nfsd in /etc/sysconfig/nfs (bz443625) +- Corrected the nfslock initscript 'status' return code (bz 441605) +- Removed obsolete code from the nfslock initscript (bz 441604) + +* Mon Apr 14 2008 Steve Dickson 1.1.2-2 +- Make EACCES a non fatal error (bz 439807) + +* Tue Mar 25 2008 Steve Dickson 1.1.2-1 +- Upgrade to nfs-utils-1.1.2 + +* Mon Mar 3 2008 Steve Dickson 1.1.1-5 +- Stopped mountd from incorrectly logging an error + (commit 9dd9b68c4c44f0d9102eb85ee2fa36a8b7f638e3) +- Stop gssd from ignoring the machine credential caches + (commit 46d439b17f22216ce8f9257a982c6ade5d1c5931) +- Fixed typo in the nfsstat command line arugments. + (commit acf95d32a44fd8357c24e8a04ec53fc6900bfc58) +- Added test to stop buffer overflow in idmapd + (commit bcd0fcaf0966c546da5043be700587f73174ae25) + +* Sat Feb 9 2008 Steve Dickson 1.1.1-4 +- Cleaned up some typos that were found in the various + places in the mountd code + +* Thu Jan 24 2008 Steve Dickson 1.1.1-3 +- Added in relatime mount option so mount.nfs stays + compatible with the mount command in util-linux-ng (bz 274301) + +* Tue Jan 22 2008 Steve Dickson 1.1.1-2 +- Added -S/--since to the nfsstat(1) manpage +- The wording in the exportfs man page can be a bit confusing, implying + that "exportfs -u :/foo" will unexport /foo from all hosts, which it won't +- Removed nfsprog option since the kernel no longer supports it. +- Removed mountprog option since the kernel no longer supports it. +- Stop segfaults on amd64 during warnings messages. +- Fix bug when both crossmnt and fsid are set. + +* Sat Jan 5 2008 Steve Dickson 1.1.1-1 +- Updated to latest upstream release, nfs-utils-1.1.1 +- Added the removal of sm-notify.pid to nfslock init script. +- Changed spec file to use condrestart instead of condstop + when calling init scripts. +- Fixed typo in rpc.mountd man page +- Turn on 'nohide' automatically for all refer exports (bz 313561) + +* Tue Dec 04 2007 Release Engineering - 1.1.0-7 + - Rebuild for openldap bump + +* Wed Oct 17 2007 Steve Dickson 1.1.0-6 +- Switch the libgssapi dependency to libgssglue + +* Fri Sep 14 2007 Steve Dickson 1.1.0-5 +- Changed the default paths in sm-notify to + /var/lib/nfs/statd (bz 258461) +- Updated exportfs manpage (bz 262861) + +* Wed Aug 15 2007 Steve Dickson 1.1.0-4 +- Make sure the open() system calling in exportfs uses + mode bits when creating the etab file (bz 252440). + +* Mon Aug 13 2007 Steve Dickson 1.1.0-3 +- Added nosharecache mount option which re-enables + rw/ro mounts to the same server (bz 243913). + +* Thu Aug 2 2007 Steve Dickson 1.1.0-2 +- Make sure the gss and idmap daemons remove thier lock + files when they are stopped. + +* Sat Jul 28 2007 Steve Dickson 1.1.0-1 +- Upgraded to the latest upstream version (nfs-utils-1.1.0) + +* Thu May 24 2007 Steve Dickson 1.0.10-7 +- Fixed typo in mount.nfs4 that causes a segfault during + error processing (bz 241190) + +* Tue May 22 2007 Steve Dickson 1.0.10-6 +- Make sure the condrestarts exit with a zero value (bz 240225) +- Stopped /etc/sysconfig/nfs from being overwritten on updates (bz 234543) +- Added -o nordirplus mount option to disable READDIRPLUS (bz 240357) +- Disabled the FSCache patch, for now... + +* Thu May 10 2007 Steve Dickson 1.0.12-5 +- Fix mount.nfs4 to display correct error message (bz 227212) +- Updated mountd and showmount reverse lookup flags (bz 220772) +- Eliminate timeout on nfsd shutdowns (bz 222001) +- Eliminate memory leak in mountd (bz 239536) +- Make sure statd uses correct uid/gid by chowning + the /var/lib/nfs/statd with the rpcuser id. (bz 235216) +- Correct some sanity checking in rpc.nfsd. (bz 220887) +- Added missing unlock_mtab() call in moutnd +- Have mountd hold open etab file to force inode number to change (bz 236823) +- Create a /etc/sysconfig/nfs with all the possible init script + variables (bz 234543) +- Changed nfs initscript to exit with correct value (bz 221874) + +* Tue Apr 3 2007 Steve Dickson 1.0.12-4 +- Replace portmap dependency with an rpcbind dependency (bz 228894) + +* Mon Mar 12 2007 Steve Dickson 1.0.12-3 +- Incorporated Merge Review comments (bz 226198) + +* Fri Mar 9 2007 Steve Dickson 1.0.12-2 +- Added condstop to all the initscripts (bz 196934) +- Made no_subtree_check a default export option (bz 212218) + +* Tue Mar 6 2007 Steve Dickson 1.0.12-1 +- Upgraded to 1.0.12 +- Fixed typo in Summary. + +* Thu Mar 1 2007 Karel Zak 1.0.11-2 +- Fixed mount.nfs -f (fake) option (bz 227988) + +* Thu Feb 22 2007 Steve Dickson 1.0.11-1 +- Upgraded to 1.0.11 + +* Wed Feb 21 2007 Steve Dickson 1.0.10-7 +- Added FS_Location support + +* Mon Dec 18 2006 Karel Zak 1.0.10-6 +- add support for mount options that contain commas (bz 219645) + +* Wed Dec 13 2006 Steve Dickson 1.0.10-5 +- Stopped v4 umounts from ping rpc.mountd (bz 215553) + +* Tue Nov 28 2006 Steve Dickson 1.0.10-4 +- Doing a connect on UDP sockets causes the linux network + stack to reject UDP patches from multi-home server with + nic on the same subnet. (bz 212471) + +* Wed Nov 15 2006 Steve Dickson 1.0.10-3 +- Removed some old mounting versioning code that was + stopping tcp mount from working (bz 212471) + +* Tue Oct 31 2006 Steve Dickson 1.0.10-2 +- Fixed -o remount (bz 210346) +- fix memory leak in rpc.idmapd (bz 212547) +- fix use after free bug in dirscancb (bz 212547) +- Made no_subtree_check a default export option (bz 212218) + +* Wed Oct 25 2006 Steve Dickson 1.0.10-1 +- Upgraded to 1.0.10 + +* Mon Oct 16 2006 Steve Dickson 1.0.9-10 +- Fixed typo in nfs man page (bz 210864). + +* Fri Oct 13 2006 Steve Dickson 1.0.9-9 +- Unable to mount NFS V3 share where sec=none is specified (bz 210644) + +* Tue Sep 26 2006 Steve Dickson 1.0.9-8 +- mount.nfs was not returning a non-zero exit value + on failed mounts (bz 206705) + +* Wed Sep 20 2006 Karel Zak 1.0.9-7 +- Added support for the mount -s (sloppy) option (#205038) +- Added nfs.5 man page from util-linux +- Added info about [u]mount.nfs to the package description + +* Mon Sep 11 2006 1.0.9-6 +- Removed the compiling of getiversion and getkversion since + UTS_RELEASE is no longer defined and these binary are + not installed. + +* Fri Aug 18 2006 1.0.9-5 +- Changed gssd daemons to cache things in memory + instead of /tmp which makes selinux much happier. + (bz 203078) + +* Wed Aug 16 2006 1.0.9-4 +- Allow variable for HA callout program in /etc/init.d/nfslock + (bz 202790) + +* Wed Aug 02 2006 1.0.9-3 +- add epoch (#196359) + +* Fri Jul 28 2006 1.0.9-2 +- Enabled the creating of mount.nfs and umount.nfs binaries +- Added mount option fixes suggested by upstream. +- Fix lazy umounts (bz 169299) +- Added -o fsc mount option. + +* Mon Jul 24 2006 1.0.9-1 +- Updated to 1.0.9 release + +* Wed Jul 12 2006 Jesse Keating - 1:1.0.8-5.1 +- rebuild + +* Sun Jul 2 2006 1:1.0.8-5 +- Introduce epoch to fix upgrade path + +* Sat Jul 1 2006 1.0.8-3 +- Fixed typos in /etc/rc.d/init.d/nfs file (bz 184486) + +* Fri Jun 30 2006 1.0.8-3 +- Split the controlling of nfs version, ports, and protocol + into two different patches +- Fixed and added debugging statements to rpc.mountd. +- Fixed -p arg to work with priviledged ports (bz 156655) +- Changed nfslock initscript to set LOCKD_TCPPORT and + LOCKD_UDPPORT (bz 162133) +- Added MOUNTD_NFS_V1 variable to version 1 of the + mount protocol can be turned off. (bz 175729) +- Fixed gssd to handel mixed case characters in + the domainname. (bz 186069) + +* Wed Jun 21 2006 1.0.8-2 +- Updated to nfs-utils-1.0.8 + +* Thu Jun 8 2006 1.0.8.rc4-1 +- Upgraded to the upstream 1.0.8.rc4 version + +* Fri Feb 10 2006 Jesse Keating - 1.0.8.rc2-4.FC5.2 +- bump again for double-long bug on ppc(64) + +* Tue Feb 07 2006 Jesse Keating - 1.0.8.rc2-4.FC5.1 +- rebuilt for new gcc4.1 snapshot and glibc changes + +* Fri Jan 20 2006 Steve Dickson 1.0.8.rc2-4.FC5 +- Added new libnfsidmap call, nfs4_set_debug(), to rpc.idmapd + which turns on debugging in the libarary. + +* Mon Jan 16 2006 Steve Dickson 1.0.8.rc2-3.FC5 +- Added innetgr patch that changes configure scripts to + check for the innetgr function. (bz 177899) + +* Wed Jan 11 2006 Peter Jones 1.0.8.rc2-2.FC5 +- Fix lockfile naming in the initscripts so they're stopped correctly. + +* Mon Jan 9 2006 Steve Dickson 1.0.8.rc2-1.FC5 +- Updated to 1.0.8-rc2 release +- Broke out libgssapi into its own rpm +- Move librpcsecgss and libnfsidmap in the new nfs-utils-lib rpm +- Removed libevent code; Required to be installed. + +* Fri Dec 09 2005 Jesse Keating +- rebuilt + +* Sun Oct 23 2005 Steve Dickson 1.0.7-19 +- Updated to latest code in SourceForge CVS +- Updated to latest CITI patches (1.0.7-4) +- Fix bug in nfsdreopen by compiling in server defaults + +* Thu Sep 22 2005 Steve Dickson 1.0.7-18 +- Updated libnfsidmap to 0.11 +- Updated libgssapi to 0.5 +- Made sure the gss daemons and new libs are + all using the same include files. +- Removed code from the tree that is no longer used. +- Add ctlbits patch that introduced the -N -T and -U + command line flags to rpc.nfsd. + +* Sun Sep 18 2005 Steve Dickson 1.0.7-17 +- Updated to latest nfs-utils code in upstream CVS tree +- Updated libevent from 1.0b to 1.1a +- Added libgssapi-0.4 and librpcsecgss-0.6 libs from CITI + +* Thu Sep 8 2005 Steve Dickson 1.0.7-16 +- Reworked the nfslock init script so if lockd is running + it will be killed which is what the HA community needs. (bz 162446) +- Stopped rpcidmapd.init from doing extra echoing when + condstart-ed. + +* Wed Aug 24 2005 Peter Jones - 1.0.7-15 +- don't strip during "make install", so debuginfo packages are generated right + +* Thu Aug 18 2005 Florian La Roche +- no need to still keep a requirement for kernel-2.2 or newer + +* Tue Aug 16 2005 Steve Dickson 1.0.7-13 +- Changed mountd to use stat64() (bz 165062) + +* Tue Aug 2 2005 Steve Dickson 1.0.7-12 +- Changed useradd to use new -l flag (bz149407) +- 64bit fix in gssd code (bz 163139) +- updated broken dependencies +- updated rquotad to compile with latest + quota version. + +* Thu May 26 2005 Steve Dickson 1.0.7-8 +- Fixed subscripting problem in idmapd (bz 158188) + +* Thu May 19 2005 Steve Dickson 1.0.7-7 +- Fixed buffer overflow in rpc.svcgssd (bz 114288) + +* Wed Apr 13 2005 Steve Dickson 1.0.7-6 +- Fixed misformated output from nfslock script (bz 154648) + +* Tue Mar 29 2005 Steve Dickson 1.0.7-4 +- Fixed a compile error on x86_64 machines in the gss code. +- Updated the statd-notify-hostname.patch to eliminate + a segmentation fault in rpc.statd when an network + interface was down. (bz 151828) + +* Sat Mar 19 2005 Steve Dickson 1.0.7-3 +- Changed xlog to use LOG_INFO instead of LOG_DEBUG + so debug messages will appear w/out any config + changes to syslog.conf. +- Reworked how /etc/exports is setup (bz 151389) + +* Wed Mar 2 2005 Steve Dickson 1.0.7-2 +- Tied the rpcsecgss debugging in with gssd and + svcgssd debugging + +* Mon Feb 14 2005 Steve Dickson +- Added support to rpcgssd.init and rpcsvcgssd.init scripts + to insmod security modules. +- Changed the nfs.init script to bring rpc.svcgssd up and down, + since rpc.svcgssd is only needed with the NFS server is running. + +* Tue Dec 14 2004 Steve Dickson +- Fix problem in idmapd that was causing "xdr error 10008" + errors (bz 142813) +- make sure the correct hostname is used in the SM_NOTIFY + message that is sent from a rebooted server which has + multiple network interfaces. (bz 139101) + +- Changed nfslock to send lockd a -KILL signal + when coming down. (bz 125257) + +* Thu Nov 11 2004 Steve Dickson +- Replaced a memcopy with explicit assignments + in getquotainfo() of rquotad to fix potential overflow + that can occur on 64bit machines. (bz 138068) + +* Mon Nov 8 2004 Steve Dickson +- Updated to latest sourceforge code +- Updated to latest CITIT nfs4 patches + +* Sun Oct 17 2004 Steve Dickson +- Changed nfs.init to bring down rquotad correctly + (bz# 136041) + +* Thu Oct 14 2004 Steve Dickson +- Added "$RQUOTAD_PORT" variable to nfs.init which + allows the rpc.rquotad to use a predefined port + (bz# 124676) + +* Fri Oct 1 2004 +- Make sure the uid/gid of nfsnobody is the + correct value for all archs (bz# 123900) +- Fixed some security issues found by SGI (bz# 133556) + +* Mon Aug 30 2004 Steve Dickson +- Major clean up. +- Removed all unused/old patches +- Rename and condensed a number of patches +- Updated to CITI's nfs-utils-1.0.6-13 patches + +* Tue Aug 10 2004 Bill Nottingham +- move if..fi condrestart stanza to %%postun (#127914, #128601) + +* Wed Jun 16 2004 +- nfslock stop is now done on package removals +- Eliminate 3 syslog messages that are logged for + successful events. + +* Tue Jun 15 2004 Elliot Lee +- rebuilt + +* Mon Jun 14 2004 +- Fixed syntax error in nfs initscripts when + NETWORKING is not defined +- Removed sync warning on readonly exports. +- Changed run levels in rpc initscripts. +- Replaced modinfo with lsmod when checking + for loaded modules. + +* Tue Jun 1 2004 +- Changed the rpcgssd init script to ensure the + rpcsec_gss_krb5 module is loaded + +* Tue May 18 2004 +- Removed the auto option from MOUNTD_NFS_V2 and + MOUNTD_NFS_V3 variables. Since v2 and v3 are on + by default, there only needs to be away of + turning them off. + +* Mon May 10 2004 +- Rebuilt + +* Thu Apr 15 2004 +- Changed the permission on idmapd.conf to 644 +- Added mydaemon code to svcgssd +- Updated the add_gssd.patch from upstream + +* Wed Apr 14 2004 +- Created a pipe between the parent and child so + the parent process can report the correct exit + status to the init scripts +- Added SIGHUP processing to rpc.idmapd and the + rpcidmapd init script. + +* Mon Mar 22 2004 +- Make sure check_new_cache() is looking in the right place + +* Wed Mar 17 2004 +- Changed the v4 initscripts to use $prog for the + arugment to daemon + +* Tue Mar 16 2004 +- Made the nfs4 daemons initscripts work better when + sunrpc is not a module +- added more checks to see if modules are being used. + +* Mon Mar 15 2004 +- Add patch that sets up gssapi_mech.conf correctly + +* Fri Mar 12 2004 +- Added the shutting down of the rpc v4 daemons. +- Updated the Red Hat only patch with some init script changes. + +* Thu Mar 11 2004 Bill Nottingham +- rpc_pipefs mounting and aliases are now in modutils; require that + +* Thu Mar 11 2004 +- Updated the gssd patch. + +* Sun Mar 7 2004 +- Added the addition and deletion of rpc_pipefs to /etc/fstab +- Added the addition and deletion of module aliases to /etc/modules.conf + +* Mon Mar 1 2004 +- Removed gssd tarball and old nfsv4 patch. +- Added new nfsv4 patches that include both the + gssd and idmapd daemons +- Added redhat-only v4 patch that reduces the + static librpc.a to only contain gss rpc related + routines (I would rather have gssd use the glibc + rpc routines) +-Changed the gssd svcgssd init scripts to only + start up if SECURE_NFS is set to 'yes' in + /etc/sysconfig/nfs + +* Fri Feb 13 2004 Elliot Lee +- rebuilt + +* Thu Feb 12 2004 Thomas Woerner +- make rpc.lockd, rpc.statd, rpc.mountd and rpc.nfsd pie + +* Wed Jan 28 2004 Steve Dickson +- Added the NFSv4 bits + +* Mon Dec 29 2003 Steve Dickson +- Added the -z flag to nfsstat + +* Wed Dec 24 2003 Steve Dickson +- Fixed lockd port setting in nfs.int script + +* Wed Oct 22 2003 Steve Dickson +- Upgrated to 1.0.6 +- Commented out the acl path for fedora + +* Wed Aug 27 2003 Steve Dickson +- Added the setting of lockd ports via sysclt interface +- Removed queue setting code since its no longer needed + +* Thu Aug 7 2003 Steve Dickson +- Added back the acl patch Taroon b2 + +* Wed Jul 23 2003 Steve Dickson +- Commented out the acl patch (for now) + +* Mon Jul 21 2003 Steve Dickson +- Upgrated to 1.0.5 + +* Wed Jun 18 2003 Steve Dickson +- Added security update +- Fixed the drop-privs.patch which means the chroot +patch could be removed. + +* Mon Jun 9 2003 Steve Dickson +- Defined the differ kinds of debugging avaliable for mountd in +the mountd man page. + +* Wed Jun 04 2003 Elliot Lee +- rebuilt + +* Tue Jun 3 2003 Steve Dickson +- Upgraded to 1.0.3 +- Fixed numerous bugs in init scrips +- Added nfsstat overflow patch + +* Thu Jan 23 2003 Tim Powers 1.0.1-2.9 +- rebuild + +* Fri Dec 13 2002 Daniel J Walsh +- change init script to not start rpc.lock if already running + +* Wed Dec 11 2002 Daniel J Walsh +- Moved access code to be after dropping privs + +* Mon Nov 18 2002 Stephen C. Tweedie +- Build with %%configure +- Add nhfsgraph, nhfsnums and nhfsrun to the files list + +* Mon Nov 11 2002 Stephen C. Tweedie +- Don't drop privs until we've bound the notification socket + +* Thu Nov 7 2002 Stephen C. Tweedie +- Ignore SIGPIPE in rpc.mountd + +* Thu Aug 1 2002 Bob Matthews +- Add Sean O'Connell's nfs control tweaks +- to nfs init script. + +* Mon Jul 22 2002 Bob Matthews +- Move to nfs-utils-1.0.1 + +* Mon Feb 18 2002 Bob Matthews +- "service nfs restart" should start services even if currently +- not running (#59469) +- bump version to 0.3.3-4 + +* Wed Oct 3 2001 Bob Matthews +- Move to nfs-utils-0.3.3 +- Make nfsnobody a system account (#54221) + +* Tue Aug 21 2001 Bob Matthews +- if UID 65534 is unassigned, add user nfsnobody (#22685) + +* Mon Aug 20 2001 Bob Matthews +- fix typo in nfs init script which prevented MOUNTD_PORT from working (#52113) + +* Tue Aug 7 2001 Bob Matthews +- nfs init script shouldn't fail if /etc/exports doesn't exist (#46432) + +* Fri Jul 13 2001 Bob Matthews +- Make %%pre useradd consistent with other Red Hat packages. + +* Tue Jul 03 2001 Michael K. Johnson +- Added sh-utils dependency for uname -r in nfs init script + +* Tue Jun 12 2001 Bob Matthews +- make non RH kernel release strings scan correctly in +- nfslock init script (#44186) + +* Mon Jun 11 2001 Bob Matthews +- don't install any rquota pages in _mandir: (#39707, #44119) +- don't try to manipulate rpc.rquotad in init scripts +- unless said program actually exists: (#43340) + +* Tue Apr 10 2001 Preston Brown +- don't translate initscripts for 6.x + +* Tue Apr 10 2001 Michael K. Johnson +- do not start lockd on kernel 2.2.18 or higher (done automatically) + +* Fri Mar 30 2001 Preston Brown +- don't use rquotad from here now; quota package contains a version that + works with 2.4 (#33738) + +* Mon Mar 12 2001 Bob Matthews +- Statd logs at LOG_DAEMON rather than LOG_LOCAL5 +- s/nfs/\$0/ where appropriate in init scripts + +* Tue Mar 6 2001 Jeff Johnson +- Move to nfs-utils-0.3.1 + +* Wed Feb 14 2001 Bob Matthews +- #include patch + +* Mon Feb 12 2001 Bob Matthews +- Really enable netgroups + +* Mon Feb 5 2001 Bernhard Rosenkraenzer +- i18nize initscripts + +* Fri Jan 19 2001 Bob Matthews +- Increased {s,r}blen in rpcmisc.c:makesock to accommodate eepro100 + +* Tue Jan 16 2001 Bob Matthews +- Hackish fix in build section to enable netgroups + +* Wed Jan 3 2001 Bob Matthews +- Fix incorrect file specifications in statd manpage. +- Require gawk 'cause it's used in nfslock init script. + +* Wed Dec 13 2000 Bob Matthews +- Require sed because it's used in nfs init script + +* Tue Dec 12 2000 Bob Matthews +- Don't do a chroot(2) after dropping privs, in statd. + +* Mon Dec 11 2000 Bob Matthews +- NFSv3 if kernel >= 2.2.18, detected in init script + +* Thu Nov 23 2000 Florian La Roche +- update to 0.2.1 + +* Tue Nov 14 2000 Bill Nottingham +- don't start lockd on 2.4 kernels; it's unnecessary + +* Tue Sep 5 2000 Florian La Roche +- more portable fix for mandir + +* Sun Sep 3 2000 Florian La Roche +- update to 0.2-release + +* Fri Sep 1 2000 Florian La Roche +- fix reload script + +* Thu Aug 31 2000 Florian La Roche +- update to 0.2 from CVS +- adjust statd-drop-privs patch +- disable tcp_wrapper support + +* Wed Aug 2 2000 Bill Nottingham +- fix stop priority of nfslock + +* Tue Aug 1 2000 Bill Nottingham +- um, actually *include and apply* the statd-drop-privs patch + +* Mon Jul 24 2000 Bill Nottingham +- fix init script ordering (#14502) + +* Sat Jul 22 2000 Bill Nottingham +- run statd chrooted and as non-root +- add prereqs + +* Tue Jul 18 2000 Trond Eivind Glomsrød +- use "License", not "Copyright" +- use %%{_tmppath} and %%{_mandir} + +* Mon Jul 17 2000 Matt Wilson +- built for next release + +* Mon Jul 17 2000 Matt Wilson +- 0.1.9.1 +- remove patch0, has been integrated upstream + +* Wed Feb 9 2000 Bill Nottingham +- the wonderful thing about triggers, is triggers are wonderful things... + +* Thu Feb 03 2000 Cristian Gafton +- switch to nfs-utils as the base tree +- fix the statfs patch for the new code base +- single package that obsoletes everything we had before (if I am to keep + some traces of my sanity with me...) + +* Mon Jan 17 2000 Preston Brown +- use statfs syscall instead of stat to determinal optimal blksize diff --git a/nfs.sysconfig b/nfs.sysconfig new file mode 100644 index 0000000..04b9867 --- /dev/null +++ b/nfs.sysconfig @@ -0,0 +1,38 @@ + +# +# +# To set lockd kernel module parameters please see +# /etc/modprobe.d/lockd.conf +# +# +# Optional arguments passed to rpc.nfsd. See rpc.nfsd(8) +RPCNFSDARGS="" +# Number of nfs server processes to be started. +# The default is 8. +# RPCNFSDCOUNT=16 +# +# Set V4 grace period in seconds +#NFSD_V4_GRACE=90 +# +# Set V4 lease period in seconds +#NFSD_V4_LEASE=90 +# +# Optional arguments passed to rpc.mountd. See rpc.mountd(8) +RPCMOUNTDOPTS="" +# +# Optional arguments passed to rpc.statd. See rpc.statd(8) +STATDARGS="" +# Optional arguments passed to sm-notify. See sm-notify(8) +SMNOTIFYARGS="" +# +# +# Optional arguments passed to rpc.idmapd. See rpc.idmapd(8) +RPCIDMAPDARGS="" +# +# Optional arguments passed to rpc.gssd. See rpc.gssd(8) +RPCGSSDARGS="" +# Enable usage of gssproxy. See gssproxy-mech(8). +GSS_USE_PROXY="yes" +# +# Optional arguments passed to blkmapd. See blkmapd(8) +BLKMAPDARGS="" diff --git a/nfsconvert.py b/nfsconvert.py new file mode 100644 index 0000000..dd240ee --- /dev/null +++ b/nfsconvert.py @@ -0,0 +1,310 @@ +#!/usr/bin/env python3 +""" +Read in the deprecated /etc/sysconfig/nfs file and +set the corresponding values in nfs.conf +""" + +from __future__ import print_function +import os +import sys +import getopt +import subprocess +import configparser + +CONF_NFS = '/etc/nfs.conf' +CONF_IDMAP = '/etc/idmapd.conf' +SYSCONF_NFS = '/etc/sysconfig/nfs' +SYSCONF_BACKUP = ".rpmsave" +CONF_TOOL = '/usr/sbin/nfsconf' + +# options for nfsd found in RPCNFSDARGS +OPTS_NFSD = 'dH:p:rR:N:V:stTuUG:L:' +LONG_NFSD = ['debug', 'host=', 'port=', 'rdma=', 'nfs-version=', 'no-nfs-version=', + 'tcp', 'no-tcp', 'udp', 'no-udp', 'grace-time=', 'lease-time='] +CONV_NFSD = {'-d': (CONF_NFS, 'nfsd', 'debug', 'all'), + '-H': (CONF_NFS, 'nfsd', 'host', ','), + '-p': (CONF_NFS, 'nfsd', 'port', '$1'), + '-r': (CONF_NFS, 'nfsd', 'rdma', 'nfsrdma'), + '-R': (CONF_NFS, 'nfsd', 'rdma', '$1'), + '-N': (CONF_NFS, 'nfsd', 'vers$1', 'n'), + '-V': (CONF_NFS, 'nfsd', 'vers$1', 'y'), + '-t': (CONF_NFS, 'nfsd', 'tcp', '1'), + '-T': (CONF_NFS, 'nfsd', 'tcp', '0'), + '-u': (CONF_NFS, 'nfsd', 'udp', '1'), + '-U': (CONF_NFS, 'nfsd', 'udp', '0'), + '-G': (CONF_NFS, 'nfsd', 'grace-time', '$1'), + '-L': (CONF_NFS, 'nfsd', 'lease-time', '$1'), + '$1': (CONF_NFS, 'nfsd', 'threads', '$1'), + '--debug': (CONF_NFS, 'nfsd', 'debug', 'all'), + '--host': (CONF_NFS, 'nfsd', 'host', ','), + '--port': (CONF_NFS, 'nfsd', 'port', '$1'), + '--rdma': (CONF_NFS, 'nfsd', 'rdma', '$1'), + '--no-nfs-version': (CONF_NFS, 'nfsd', 'vers$1', 'n'), + '--nfs-version': (CONF_NFS, 'nfsd', 'vers$1', 'y'), + '--tcp': (CONF_NFS, 'nfsd', 'tcp', '1'), + '--no-tcp': (CONF_NFS, 'nfsd', 'tcp', '0'), + '--udp': (CONF_NFS, 'nfsd', 'udp', '1'), + '--no-udp': (CONF_NFS, 'nfsd', 'udp', '0'), + '--grace-time': (CONF_NFS, 'nfsd', 'grace-time', '$1'), + '--lease-time': (CONF_NFS, 'nfsd', 'lease-time', '$1'), + } + +# options for mountd found in RPCMOUNTDOPTS +OPTS_MOUNTD = 'go:d:H:p:N:nrs:t:V:' +LONG_MOUNTD = ['descriptors=', 'debug=', 'nfs-version=', 'no-nfs-version=', + 'port=', 'no-tcp', 'ha-callout=', 'state-directory-path=', + 'num-threads=', 'reverse-lookup', 'manage-gids', 'no-udp'] + +CONV_MOUNTD = {'-g': (CONF_NFS, 'mountd', 'manage-gids', '1'), + '-o': (CONF_NFS, 'mountd', 'descriptors', '$1'), + '-d': (CONF_NFS, 'mountd', 'debug', '$1'), + '-H': (CONF_NFS, 'mountd', 'ha-callout', '$1'), + '-p': (CONF_NFS, 'mountd', 'port', '$1'), + '-N': (CONF_NFS, 'nfsd', 'vers$1', 'n'), + '-V': (CONF_NFS, 'nfsd', 'vers$1', 'y'), + '-n': (CONF_NFS, 'nfsd', 'tcp', '0'), + '-s': (CONF_NFS, 'mountd', 'stat-directory-path', '$1'), + '-t': (CONF_NFS, 'mountd', 'threads', '$1'), + '-r': (CONF_NFS, 'mountd', 'reverse-lookup', '1'), + '-u': (CONF_NFS, 'nfsd', 'udp', '0'), + '--manage-gids': (CONF_NFS, 'mountd', 'manage-gids', '1'), + '--descriptors': (CONF_NFS, 'mountd', 'descriptors', '$1'), + '--debug': (CONF_NFS, 'mountd', 'debug', '$1'), + '--ha-callout': (CONF_NFS, 'mountd', 'ha-callout', '$1'), + '--port': (CONF_NFS, 'mountd', 'port', '$1'), + '--nfs-version': (CONF_NFS, 'nfsd', 'vers$1', 'y'), + '--no-nfs-version': (CONF_NFS, 'nfsd', 'vers$1', 'n'), + '--no-tcp': (CONF_NFS, 'nfsd', 'tcp', '0'), + '--state-directory-path': (CONF_NFS, 'mountd', 'state-directory-path', '$1'), + '--num-threads': (CONF_NFS, 'mountd', 'threads', '$1'), + '--reverse-lookup': (CONF_NFS, 'mountd', 'reverse-lookup', '1'), + '--no-udp': (CONF_NFS, 'nfsd', 'udp', '0'), + } + +# options for statd found in STATDARG +OPTS_STATD = 'o:p:T:U:n:P:H:' +LONG_STATD = ['outgoing-port=', 'port=', 'name=', 'state-directory-path=', + 'ha-callout=', 'nlm-port=', 'nlm-udp-port='] +CONV_STATD = {'-o': (CONF_NFS, 'statd', 'outgoing-port', '$1'), + '-p': (CONF_NFS, 'statd', 'port', '$1'), + '-T': (CONF_NFS, 'lockd', 'port', '$1'), + '-U': (CONF_NFS, 'lockd', 'udp-port', '$1'), + '-n': (CONF_NFS, 'statd', 'name', '$1'), + '-P': (CONF_NFS, 'statd', 'state-directory-path', '$1'), + '-H': (CONF_NFS, 'statd', 'ha-callout', '$1'), + '--outgoing-port': (CONF_NFS, 'statd', 'outgoing-port', '$1'), + '--port': (CONF_NFS, 'statd', 'port', '$1'), + '--name': (CONF_NFS, 'statd', 'name', '$1'), + '--state-directory-path': (CONF_NFS, 'statd', 'state-directory-path', '$1'), + '--ha-callout': (CONF_NFS, 'statd', 'ha-callout', '$1'), + '--nlm-port': (CONF_NFS, 'lockd', 'port', '$1'), + '--nlm-udp-port': (CONF_NFS, 'lockd', 'udp-port', '$1'), + } + +# options for sm-notify found in SMNOTIFYARGS +OPTS_SMNOTIFY = 'dm:np:v:P:' +CONV_SMNOTIFY = {'-d': (CONF_NFS, 'sm-notify', 'debug', 'all'), + '-m': (CONF_NFS, 'sm-notify', 'retry-time', '$1'), + '-n': (CONF_NFS, 'sm-notify', 'update-state', '1'), + '-p': (CONF_NFS, 'sm-notify', 'outgoing-port', '$1'), + '-v': (CONF_NFS, 'sm-notify', 'outgoing-addr', '$1'), + '-P': (CONF_NFS, 'statd', 'state-directory-path', '$1'), + } + +# options for idmapd found in RPCIDMAPDARGS +OPTS_IDMAPD = 'vp:CS' +CONV_IDMAPD = {'-v': (CONF_IDMAP, 'general', 'verbosity', '+'), + '-p': (CONF_NFS, 'general', 'pipefs-directory', '$1'), + '-C': (CONF_IDMAP, 'general', 'client-only', '1'), + '-S': (CONF_IDMAP, 'general', 'server-only', '1'), + } + +# options for gssd found in RPCGSSDARGS +OPTS_GSSD = 'Mnvrp:k:d:t:T:R:lD' +CONV_GSSD = {'-M': (CONF_NFS, 'gssd', 'use-memcache', '1'), + '-n': (CONF_NFS, 'gssd', 'root_uses_machine_creds', '0'), + '-v': (CONF_NFS, 'gssd', 'verbosity', '+'), + '-r': (CONF_NFS, 'gssd', 'rpc-verbosity', '+'), + '-p': (CONF_NFS, 'general', 'pipefs-directory', '$1'), + '-k': (CONF_NFS, 'gssd', 'keytab-file', '$1'), + '-d': (CONF_NFS, 'gssd', 'cred-cache-directory', '$1'), + '-t': (CONF_NFS, 'gssd', 'context-timeout', '$1'), + '-T': (CONF_NFS, 'gssd', 'rpc-timeout', '$1'), + '-R': (CONF_NFS, 'gssd', 'preferred-realm', '$1'), + '-l': (CONF_NFS, 'gssd', 'limit-to-legacy-enctypes', '0'), + '-D': (CONF_NFS, 'gssd', 'avoid-dns', '0'), + } + +# options for blkmapd found in BLKMAPDARGS +OPTS_BLKMAPD = '' +CONV_BLKMAPD = {} + +# meta list of all the getopt lists +GETOPT_MAPS = [('RPCNFSDARGS', OPTS_NFSD, LONG_NFSD, CONV_NFSD), + ('RPCMOUNTDOPTS', OPTS_MOUNTD, LONG_MOUNTD, CONV_MOUNTD), + ('STATDARG', OPTS_STATD, LONG_STATD, CONV_STATD), + ('STATDARGS', OPTS_STATD, LONG_STATD, CONV_STATD), + ('SMNOTIFYARGS', OPTS_SMNOTIFY, [], CONV_SMNOTIFY), + ('RPCIDMAPDARGS', OPTS_IDMAPD, [], CONV_IDMAPD), + ('RPCGSSDARGS', OPTS_GSSD, [], CONV_GSSD), + ('BLKMAPDARGS', OPTS_BLKMAPD, [], CONV_BLKMAPD), + ] + +# map for all of the single option values +VALUE_MAPS = {'LOCKD_TCPPORT': (CONF_NFS, 'lockd', 'port', '$1'), + 'LOCKD_UDPPORT': (CONF_NFS, 'lockd', 'udp-port', '$1'), + 'RPCNFSDCOUNT': (CONF_NFS, 'nfsd', 'threads', '$1'), + 'NFSD_V4_GRACE': (CONF_NFS, 'nfsd', 'grace-time', '$1'), + 'NFSD_V4_LEASE': (CONF_NFS, 'nfsd', 'lease-time', '$1'), + 'MOUNTD_PORT': (CONF_NFS, 'mountd', 'port', '$1'), + 'STATD_PORT': (CONF_NFS, 'statd', 'port', '$1'), + 'STATD_OUTGOING_PORT': (CONF_NFS, 'statd', 'outgoing-port', '$1'), + 'STATD_HA_CALLOUT': (CONF_NFS, 'statd', 'ha-callout', '$1'), + 'GSS_USE_PROXY': (CONF_NFS, 'gssd', 'use-gss-proxy', '$1') + } + +def eprint(*args, **kwargs): + """ Print error to stderr """ + print(*args, file=sys.stderr, **kwargs) + +def makesub(param, value): + """ Variable substitution """ + return param.replace('$1', value) + +def set_value(value, entry): + """ Set a configuration value by running nfsconf tool""" + cfile, section, tag, param = entry + + tag = makesub(tag, value) + param = makesub(param, value) + if param == '+': + param = value + if param == ',': + param = value + args = [CONF_TOOL, "--file", cfile, "--set", section, tag, param] + + try: + subprocess.check_output(args, stderr=subprocess.STDOUT) + except subprocess.CalledProcessError as e: + print("Error running nfs-conf tool:\n %s" % (e.output.decode())) + print("Args: %s\n" % args) + raise Exception + +def convert_getopt(optname, options, optstring, longopts, conversions): + """ Parse option string into seperate config items + + Take a getopt string and a table of conversions + parse it all and spit out the converted config + + Keyword arguments: + options -- the argv string to convert + optstring -- getopt format option list + conversions -- table of translations + """ + optcount = 0 + try: + args = options.strip('\"').split() + optlist, optargs = getopt.gnu_getopt(args, optstring, longopts=longopts) + except getopt.GetoptError as err: + eprint(err) + raise Exception + + setlist = {} + for (k, v) in optlist: + if k in conversions: + # it's already been set once + param = conversions[k][3] + tag = k + makesub(conversions[k][2], v) + if tag in setlist: + value = setlist[tag][0] + # is it a cummulative entry + if param == '+': + value = str(int(value) + 1) + if param == ',': + value += "," + v + else: + if param == '+': + value = "1" + elif param == ',': + value = v + else: + value = v + setlist[tag] = (value, conversions[k]) + else: + if v: + eprint("Ignoring unrecognised option %s=%s in %s" % (k, v, optname)) + else: + eprint("Ignoring unrecognised option %s in %s" % (k, optname)) + + + for v, c in setlist.values(): + try: + set_value(v, c) + optcount += 1 + except Exception: + raise + + i = 1 + for o in optargs: + opname = '$' + str(i) + if opname in conversions: + try: + set_value(o, conversions[opname]) + optcount += 1 + except Exception: + raise + else: + eprint("Unrecognised trailing arguments") + raise Exception + i += 1 + + return optcount + +def map_values(): + """ Main function """ + mapcount = 0 + + # Lets load the old config + with open(SYSCONF_NFS) as cfile: + file_content = '[sysconf]\n' + cfile.read() + sysconfig = configparser.RawConfigParser() + sysconfig.read_string(file_content) + + # Map all the getopt option lists + for (name, opts, lopts, conv) in GETOPT_MAPS: + if name in sysconfig['sysconf']: + try: + mapcount += convert_getopt(name, sysconfig['sysconf'][name], opts, + lopts, conv) + except Exception: + eprint("Error whilst converting %s to nfsconf options." % (name)) + raise + + # Map the single value options + for name, opts in VALUE_MAPS.items(): + if name in sysconfig['sysconf']: + try: + value = sysconfig['sysconf'][name] + set_value(value.strip('\"'), opts) + mapcount += 1 + except Exception: + raise + + # All went well, move aside the old file + # but dont bother if there were no changes and + # an old config file already exists + backupfile = SYSCONF_NFS + SYSCONF_BACKUP + if mapcount > 0 or not os.path.exists(backupfile): + try: + os.replace(SYSCONF_NFS, backupfile) + except OSError as err: + eprint("Error moving old config %s: %s" % (SYSCONF_NFS, err)) + raise + +# Main routine +try: + map_values() +except Exception as e: + eprint(e) + eprint("Conversion failed. Please correct the error and try again.") + exit(1) diff --git a/nfsconvert.sh b/nfsconvert.sh new file mode 100644 index 0000000..ce28562 --- /dev/null +++ b/nfsconvert.sh @@ -0,0 +1,38 @@ +#!/bin/bash + +# +# Convert /etc/sysconfig/nfs values in /etc/nfs.conf valuse +# + +# +# No file no conversion +# +if [ ! -f /etc/sysconfig/nfs ]; then + exit 0 +fi + +# +# See if the conversion happen already +# +grep "nfs.conf" /etc/sysconfig/nfs > /dev/null +if [ $? -eq 0 ]; then + exit 0 +fi + +if [ -f /etc/nfs.conf.rpmnew ]; then + # See if it is the we want to use + grep tag1234 /etc/nfs.conf.rpmnew > /dev/null + if [ $? -eq 0 ]; then + cp /etc/nfs.conf /etc/nfs.conf.rpmsave + cat /etc/nfs.conf.rpmnew | sed '/tag123/d' > /etc/nfs.conf + rm /etc/nfs.conf.rpmnew + fi +else + cp /etc/nfs.conf /etc/nfs.conf.rpmsave +fi + +# +# Do the conversion +# +/usr/sbin/nfsconvert + diff --git a/sources b/sources new file mode 100644 index 0000000..d546afb --- /dev/null +++ b/sources @@ -0,0 +1 @@ +SHA512 (nfs-utils-2.5.1.tar.xz) = 474055f75a2e11e3b4e3f265a4d057157819c8071a98f31f8023109204230f9b4d9ea7568dd6cf207f3f3b164d4d4250f982d32719089dc91ecc2689de52efc1