From d9bf18f2883ec864668ea0897f633e6cde51991e Mon Sep 17 00:00:00 2001 From: Steve Dickson Date: Tue, 29 May 2012 15:10:34 -0400 Subject: [PATCH] Updated to latest upstream RC release: nfs-utils.1.2.7-rc1 Signed-off-by: Steve Dickson --- nfs-utils.1.2.7-rc1.patch | 478 ++++++++++++++++++++++++++++++++++++++ nfs-utils.spec | 9 +- 2 files changed, 484 insertions(+), 3 deletions(-) create mode 100644 nfs-utils.1.2.7-rc1.patch diff --git a/nfs-utils.1.2.7-rc1.patch b/nfs-utils.1.2.7-rc1.patch new file mode 100644 index 0000000..f0167d8 --- /dev/null +++ b/nfs-utils.1.2.7-rc1.patch @@ -0,0 +1,478 @@ +commit eae2fa997223ce0edb4218faf2ff67165535d21d +Author: J. Bruce Fields +Date: Tue May 29 14:40:38 2012 -0400 + + mountd: Honor the no_root_squash flag on pseudo roots + + From: "J. Bruce Fields" + + If root squashing is turned off on a export that + has multiple directories, the parent directories + of the pseudo exports that's built, also needs to + have root squashing turned off. + + Tested-by: Steve Dickson + Signed-off-by: Steve Dickson + +diff --git a/utils/mountd/v4root.c b/utils/mountd/v4root.c +index 708eb61..726b50d 100644 +--- a/utils/mountd/v4root.c ++++ b/utils/mountd/v4root.c +@@ -62,6 +62,8 @@ void set_pseudofs_security(struct exportent *pseudo, struct exportent *source) + + if (source->e_flags & NFSEXP_INSECURE_PORT) + pseudo->e_flags |= NFSEXP_INSECURE_PORT; ++ if ((source->e_flags & NFSEXP_ROOTSQUASH) == 0) ++ pseudo->e_flags &= ~NFSEXP_ROOTSQUASH; + for (se = source->e_secinfo; se->flav; se++) { + struct sec_entry *new; + +@@ -92,7 +94,8 @@ v4root_create(char *path, nfs_export *export) + exp = export_create(&eep, 0); + if (exp == NULL) + return NULL; +- xlog(D_CALL, "v4root_create: path '%s'", exp->m_export.e_path); ++ xlog(D_CALL, "v4root_create: path '%s' flags 0x%x", ++ exp->m_export.e_path, exp->m_export.e_flags); + return &exp->m_export; + } + + +commit b66c96de551b650680a65a732a1338c3ec25b436 +Author: Adam Sampson +Date: Tue May 29 14:37:22 2012 -0400 + + nsm_client: nsm_client needs to link with libtirpc + + nsm_client needs to link against libtirpc. + + Signed-off-by: Steve Dickson + +diff --git a/tests/nsm_client/Makefile.am b/tests/nsm_client/Makefile.am +index 4bf0a45..4c15346 100644 +--- a/tests/nsm_client/Makefile.am ++++ b/tests/nsm_client/Makefile.am +@@ -13,7 +13,7 @@ nsm_client_SOURCES = $(GENFILES) nsm_client.c + + BUILT_SOURCES = $(GENFILES) + nsm_client_LDADD = ../../support/nfs/libnfs.a \ +- ../../support/nsm/libnsm.a $(LIBCAP) ++ ../../support/nsm/libnsm.a $(LIBCAP) $(LIBTIRPC) + + if CONFIG_RPCGEN + RPCGEN = $(top_builddir)/tools/rpcgen/rpcgen + +commit 0781cf2a60dbb0d8997c4abef103d80f819cd16f +Author: Steve Dickson +Date: Tue May 29 14:31:57 2012 -0400 + + Updated the version number. + + Signed-off-by: Steve Dickson + +diff --git a/README b/README +index 348f5d4..e55b2dd 100644 +--- a/README ++++ b/README +@@ -1,4 +1,4 @@ +-This is version 1.1.0 of nfs-utils, the Linux NFS utility package. ++This is version 1.2.6 of nfs-utils, the Linux NFS utility package. + + + 0. PROJECT RESOURCES + +commit 43537ecbc1ab3ae7cefe5d47e7e03b14bf428197 +Author: Steve Dickson +Date: Tue May 29 14:27:24 2012 -0400 + + nfsidmap: Allow verbosity level to be set in the config file + + To make it easier to enable ID mapping debugging, nfsidmap + should read /etc/idmap.conf to see if the verbosity level + is set, similar to what rpc.idmapd does + + Signed-off-by: Steve Dickson + +diff --git a/utils/nfsidmap/nfsidmap.c b/utils/nfsidmap/nfsidmap.c +index cf11551..b767395 100644 +--- a/utils/nfsidmap/nfsidmap.c ++++ b/utils/nfsidmap/nfsidmap.c +@@ -12,6 +12,7 @@ + + #include + #include "xlog.h" ++#include "conffile.h" + + int verbose = 0; + char *usage="Usage: %s [-v] [-c || [-u|-g|-r key] || [-t timeout] key desc]"; +@@ -26,12 +27,27 @@ char *usage="Usage: %s [-v] [-c || [-u|-g|-r key] || [-t timeout] key desc]"; + #define DEFAULT_KEYRING "id_resolver" + #endif + ++#ifndef PATH_IDMAPDCONF ++#define PATH_IDMAPDCONF "/etc/idmapd.conf" ++#endif ++ + static int keyring_clear(char *keyring); + + #define UIDKEYS 0x1 + #define GIDKEYS 0x2 + + /* ++ * Check to the config file for the verbosity level ++ */ ++int ++get_config_verbose(char *path) ++{ ++ conf_path = path; ++ conf_init(); ++ return conf_get_num("General", "Verbosity", 0); ++} ++ ++/* + * Find either a user or group id based on the name@domain string + */ + int id_lookup(char *name_at_domain, key_serial_t key, int type) +@@ -266,7 +282,9 @@ int main(int argc, char **argv) + break; + } + } +- ++ if (!verbose) { ++ verbose = get_config_verbose(PATH_IDMAPDCONF); ++ } + if (keystr) { + rc = key_revoke(keystr, keymask); + return rc; + +commit 1ca82a963ace17397bd7ec09f5e0707badd7c254 +Author: Jeff Layton +Date: Tue May 29 14:23:18 2012 -0400 + + statd: drop all capabilities from the bounding set as well + + statd drops all capabilities except for CAP_NET_BIND when it starts. + It's possible though that if it ever had a compromise that an attacker would + be able to invoke a setuid process (or something with file capabilities) in + order to reinstate some caps. + + This could happen as a result of the daemon becoming compromised, or + possibly as a result of the ha-callout program becoming compromised. + + In order to prevent that, have statd also prune the capability bounding + set to nothing prior to dropping capabilities. That ensures that the + process won't be able to reacquire capabilities via any means -- + including exec'ing a setuid program. + + We do however need to be cognizant of the fact that PR_CAPBSET_DROP was + only added in 2.6.25, so check to make sure that #define exists via + autoconf before we rely on it. In order to do that, we must add + ax_check_define.m4 from the GNU autoconf macro archive. + + Furthermore, do a runtime check to see if /proc/sys/kernel/cap-bound + exists before attempting to clear the bounding set. If it does, then + don't bother trying since it won't work. In that event though, do + throw a warning however since the presence of that file indicates that + there is a disconnect between the build and runtime environments. + + Acked-by: Chuck Lever + Signed-off-by: Jeff Layton + Signed-off-by: Steve Dickson + +diff --git a/support/nsm/file.c b/support/nsm/file.c +index 5dd52c1..5476446 100644 +--- a/support/nsm/file.c ++++ b/support/nsm/file.c +@@ -338,10 +338,10 @@ nsm_is_default_parentdir(void) + * + * Returns true if successful, or false if some error occurred. + */ ++#ifdef HAVE_SYS_CAPABILITY_H + static _Bool + nsm_clear_capabilities(void) + { +-#ifdef HAVE_SYS_CAPABILITY_H + cap_t caps; + + caps = cap_from_text("cap_net_bind_service=ep"); +@@ -357,10 +357,60 @@ nsm_clear_capabilities(void) + } + + (void)cap_free(caps); +-#endif + return true; + } + ++#define CAP_BOUND_PROCFILE "/proc/sys/kernel/cap-bound" ++static _Bool ++prune_bounding_set(void) ++{ ++#ifdef PR_CAPBSET_DROP ++ int ret; ++ unsigned long i; ++ struct stat st; ++ ++ /* ++ * Prior to kernel 2.6.25, the capabilities bounding set was a global ++ * value. Check to see if /proc/sys/kernel/cap-bound exists and don't ++ * bother to clear the bounding set if it does. ++ */ ++ ret = stat(CAP_BOUND_PROCFILE, &st); ++ if (!ret) { ++ xlog(L_WARNING, "%s exists. Not attempting to clear " ++ "capabilities bounding set.", ++ CAP_BOUND_PROCFILE); ++ return true; ++ } else if (errno != ENOENT) { ++ /* Warn, but attempt to clear the bounding set anyway. */ ++ xlog(L_WARNING, "Unable to stat %s: %m", CAP_BOUND_PROCFILE); ++ } ++ ++ /* prune the bounding set to nothing */ ++ for (i = 0; i <= CAP_LAST_CAP; ++i) { ++ ret = prctl(PR_CAPBSET_DROP, i, 0, 0, 0); ++ if (ret) { ++ xlog(L_ERROR, "Unable to prune capability %lu from " ++ "bounding set: %m", i); ++ return false; ++ } ++ } ++#endif /* PR_CAPBSET_DROP */ ++ return true; ++} ++#else /* !HAVE_SYS_CAPABILITY_H */ ++static _Bool ++nsm_clear_capabilities(void) ++{ ++ return true; ++} ++ ++static _Bool ++prune_bounding_set(void) ++{ ++ return true; ++} ++#endif /* HAVE_SYS_CAPABILITY_H */ ++ + /** + * nsm_drop_privileges - drop root privileges + * @pidfd: file descriptor of a pid file +@@ -393,6 +443,9 @@ nsm_drop_privileges(const int pidfd) + return false; + } + ++ if (!prune_bounding_set()) ++ return false; ++ + if (st.st_uid == 0) { + xlog_warn("Running as root. " + "chown %s to choose different user", nsm_base_dirname); + +commit ddb095f82becc94c8e3a2429cc755dee5d1808c9 +Author: Diego Elio Pettenò +Date: Tue May 29 14:15:32 2012 -0400 + + build: avoid AM_CONDITIONAL in conditional execution. + + Automake does not support conditional AM_CONDITIONAL calls; what that + means is that you always have to execute AM_CONDITIONAL one way or the + other. Both the libsqlite3.m4 file and the nfsdcld conditionals are + executed only when NFSv4 is enabled, which breaks building with + --disable-nfsv4. + + Remove the SQLite3 conditional altogether as it's never used, and move + the nfsdcld conditional outside of the conditional code. + + Acked-by: Jeff Layton + Signed-off-by: Diego Elio Pettenò + Signed-off-by: Steve Dickson + +diff --git a/aclocal/libsqlite3.m4 b/aclocal/libsqlite3.m4 +index 73d1e46..8c38993 100644 +--- a/aclocal/libsqlite3.m4 ++++ b/aclocal/libsqlite3.m4 +@@ -29,5 +29,4 @@ AC_DEFUN([AC_SQLITE3_VERS], [ + LIBS="$saved_LIBS"]) + + AC_MSG_RESULT($libsqlite3_cv_is_recent) +- AM_CONDITIONAL(CONFIG_SQLITE3, [test "$libsqlite3_cv_is_recent" = "yes"]) + ])dnl +diff --git a/configure.ac b/configure.ac +index 9ba53e2..b408f1b 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -278,8 +278,6 @@ if test "$enable_nfsv4" = yes; then + fi + fi + +- AM_CONDITIONAL(CONFIG_NFSDCLD, [test "$enable_nfsdcld" = "yes" ]) +- + dnl librpcsecgss already has a dependency on libgssapi, + dnl but we need to make sure we get the right version + if test "$enable_gss" = yes; then +@@ -293,6 +291,7 @@ if test "$enable_nfsv41" = yes; then + fi + + dnl enable nfsidmap when its support by libnfsidmap ++AM_CONDITIONAL(CONFIG_NFSDCLD, [test "$enable_nfsdcld" = "yes" ]) + AM_CONDITIONAL(CONFIG_NFSIDMAP, [test "$ac_cv_header_keyutils_h$ac_cv_lib_nfsidmap_nfs4_owner_to_uid" = "yesyes"]) + + + +commit 7e9c0f760397d7e8fa78bdeefffc14eb8269925b +Author: Jeff Layton +Date: Tue May 29 13:53:09 2012 -0400 + + autoconf: make the test for prctl have an effect + + We currently test to ensure that prctl() is available, but the results + of that test are a no-op either way. statd calls prctl() + unconditionally, so make configure bail out if prctl() isn't available + since the build will fail in that event anyway. + + Cc: Chuck Lever + Signed-off-by: Jeff Layton + Signed-off-by: Steve Dickson + +diff --git a/aclocal/libcap.m4 b/aclocal/libcap.m4 +index 68a624c..f8a0ed1 100644 +--- a/aclocal/libcap.m4 ++++ b/aclocal/libcap.m4 +@@ -3,7 +3,7 @@ dnl + AC_DEFUN([AC_LIBCAP], [ + + dnl look for prctl +- AC_CHECK_FUNC([prctl], , ) ++ AC_CHECK_FUNC([prctl], , AC_MSG_ERROR([prctl syscall is not available])) + + AC_ARG_ENABLE([caps], + [AS_HELP_STRING([--disable-caps], [Disable capabilities support])]) + +commit 646be42c84305d02dea06113cc9e6c9a7ab94f8a +Author: Steve Dickson +Date: Thu May 17 08:16:29 2012 -0400 + + Makefile.am: Corrected a misspelling of overridden + + Signed-off-by: Steve Dickson + +diff --git a/utils/mount/Makefile.am b/utils/mount/Makefile.am +index 7627854..5810936 100644 +--- a/utils/mount/Makefile.am ++++ b/utils/mount/Makefile.am +@@ -1,7 +1,7 @@ + ## Process this file with automake to produce Makefile.in + + # These binaries go in /sbin (not /usr/sbin), and that cannot be +-# overriden at config time. ++# overridden at config time. + sbindir = /sbin + + man8_MANS = mount.nfs.man umount.nfs.man + +commit d4d392087f8ee049ed8f476e5ae780cbc0d0012a +Author: NeilBrown +Date: Thu May 17 08:14:57 2012 -0400 + + osd_login - ensure /sbin is created before installation. + + If we use a more standard approach to describing the osd_login + script, the automake infrastructure will create /sbin before + attempting installation. + This is important for: make DESTDIR=/empty-dir install + + Signed-off-by: NeilBrown + Signed-off-by: Steve Dickson + +diff --git a/utils/osd_login/Makefile.am b/utils/osd_login/Makefile.am +index adc493a..20c2d8c 100644 +--- a/utils/osd_login/Makefile.am ++++ b/utils/osd_login/Makefile.am +@@ -1,12 +1,9 @@ + ## Process this file with automake to produce Makefile.in + +-OSD_LOGIN_FILES= osd_login ++# These binaries go in /sbin (not /usr/sbin), and that cannot be ++# overridden at config time. ++sbindir = /sbin + +-EXTRA_DIST= $(OSD_LOGIN_FILES) +- +-all-local: $(OSD_LOGIN_FILES) +- +-install-data-hook: +- $(INSTALL) --mode 755 osd_login $(DESTDIR)/sbin/osd_login ++sbin_SCRIPTS = osd_login + + MAINTAINERCLEANFILES = Makefile.in + +commit a69f6aeb19841f5a95c3eb4f4e5fe5ca0db247f4 +Author: Jim Rees +Date: Tue May 15 10:10:01 2012 -0400 + + blkmapd: remove pretty_sig() + + This really only works against EMC servers. There is at least one server + that returns unprintable signatures, which fill the log with garbage (the + spec does not mandate printable signatures). It could be made more generic, + for example by checking each byte for isprint(). But the signatures are + really only of interest to developers, not admins, so it seems better to + just remove it. + + Signed-off-by: Jim Rees + Signed-off-by: Steve Dickson + +diff --git a/utils/blkmapd/device-process.c b/utils/blkmapd/device-process.c +index 652a7a8..5fe3dff 100644 +--- a/utils/blkmapd/device-process.c ++++ b/utils/blkmapd/device-process.c +@@ -49,28 +49,6 @@ + + #include "device-discovery.h" + +-static char *pretty_sig(char *sig, uint32_t siglen) +-{ +- static char rs[100]; +- uint64_t sigval; +- unsigned int i; +- +- if (siglen <= sizeof(sigval)) { +- sigval = 0; +- for (i = 0; i < siglen; i++) +- sigval |= ((unsigned char *)sig)[i] << (i * 8); +- sprintf(rs, "0x%0llx", (unsigned long long) sigval); +- } else { +- if (siglen > sizeof rs - 4) { +- siglen = sizeof rs - 4; +- sprintf(&rs[siglen], "..."); +- } else +- rs[siglen] = '\0'; +- memcpy(rs, sig, siglen); +- } +- return rs; +-} +- + uint32_t *blk_overflow(uint32_t * p, uint32_t * end, size_t nbytes) + { + uint32_t *q = p + ((nbytes + 3) >> 2); +@@ -109,9 +87,6 @@ static int decode_blk_signature(uint32_t **pp, uint32_t * end, + * for mapping, then thrown away. + */ + comp->bs_string = (char *)p; +- BL_LOG_INFO("%s: si_comps[%d]: bs_length %d, bs_string %s\n", +- __func__, i, siglen, +- pretty_sig(comp->bs_string, siglen)); + p += ((siglen + 3) >> 2); + } + *pp = p; +@@ -152,10 +127,6 @@ read_cmp_blk_sig(struct bl_disk *disk, int fd, struct bl_sig_comp *comp) + } + + ret = memcmp(sig, comp->bs_string, siglen); +- if (!ret) +- BL_LOG_INFO("%s: %s sig %s at %lld\n", __func__, dev_name, +- pretty_sig(sig, siglen), +- (long long)comp->bs_offset); + + out: + if (sig) diff --git a/nfs-utils.spec b/nfs-utils.spec index 3a5a760..574c996 100644 --- a/nfs-utils.spec +++ b/nfs-utils.spec @@ -2,7 +2,7 @@ Summary: NFS utilities and supporting clients and daemons for the kernel NFS ser Name: nfs-utils URL: http://sourceforge.net/projects/nfs Version: 1.2.6 -Release: 2%{?dist} +Release: 3%{?dist} Epoch: 1 # group all 32bit related archs @@ -34,7 +34,7 @@ Source52: nfs-server.postconfig Source60: nfs4-modalias.conf -Patch001: 0001-blkmapd-remove-pretty_sig.patch +Patch001: nfs-utils.1.2.7-rc1.patch Patch100: nfs-utils-1.2.1-statdpath-man.patch Patch101: nfs-utils-1.2.1-exp-subtree-warn-off.patch @@ -293,7 +293,10 @@ fi %attr(4755,root,root) /sbin/umount.nfs4 %changelog -* Tue May 29 2012 Steve Dickson 1.2.6-1 +* Tue May 29 2012 Steve Dickson 1.2.6-3 +- Updated to latest upstream RC release: nfs-utils.1.2.7-rc1 + +* Tue May 29 2012 Steve Dickson 1.2.6-2 * Fixed typo in the checking of nfsnobody (bz 816149) * Fri May 25 2012 Steve Dickson 1.2.6-1