From fd3594d93b2fe062e20c4601ec7ab3b81662105d Mon Sep 17 00:00:00 2001 From: Steve Dickson Date: Mon, 31 Aug 2020 11:25:10 -0400 Subject: [PATCH] Updated to the latest RC release: nfs-utils-2-5-2-rc4 Signed-off-by: Steve Dickson --- nfs-utils-2.5.1-rpcidmap-nodebug-msg.patch | 29 -- ...5.2-rc3.patch => nfs-utils-2.5.2-rc4.patch | 110 ++++-- nfs-utils.2.4.4-rc1.patch | 146 -------- nfs-utils.2.4.4-rc2.patch | 336 ------------------ nfs-utils.spec | 8 +- 5 files changed, 83 insertions(+), 546 deletions(-) delete mode 100644 nfs-utils-2.5.1-rpcidmap-nodebug-msg.patch rename nfs-utils-2.5.2-rc3.patch => nfs-utils-2.5.2-rc4.patch (96%) delete mode 100644 nfs-utils.2.4.4-rc1.patch delete mode 100644 nfs-utils.2.4.4-rc2.patch diff --git a/nfs-utils-2.5.1-rpcidmap-nodebug-msg.patch b/nfs-utils-2.5.1-rpcidmap-nodebug-msg.patch deleted file mode 100644 index 967ca0c..0000000 --- a/nfs-utils-2.5.1-rpcidmap-nodebug-msg.patch +++ /dev/null @@ -1,29 +0,0 @@ -commit 841abefc91ee870fe7cc8a4e36905b1655410c54 -Author: Steve Dickson -Date: Wed Aug 5 14:59:23 2020 -0400 - - rpc.idmapd: Turn down the verbosity in flush_inotify() - - Commit 27a8e146 introduce a debugging message - that was not cover by a check if verbose - is set, which cause a large number of message - to be logged on every kerberos mount - - Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1867172 - - Signed-off-by: Steve Dickson - -diff --git a/utils/idmapd/idmapd.c b/utils/idmapd/idmapd.c -index 8631414..7d1096d 100644 ---- a/utils/idmapd/idmapd.c -+++ b/utils/idmapd/idmapd.c -@@ -500,7 +500,8 @@ flush_inotify(int fd) - ptr += sizeof(struct inotify_event) + ev->len) { - - ev = (const struct inotify_event *)ptr; -- xlog_warn("pipefs inotify: wd=%i, mask=0x%08x, len=%i, name=%s", -+ if (verbose > 1) -+ xlog_warn("pipefs inotify: wd=%i, mask=0x%08x, len=%i, name=%s", - ev->wd, ev->mask, ev->len, ev->len ? ev->name : ""); - } - } diff --git a/nfs-utils-2.5.2-rc3.patch b/nfs-utils-2.5.2-rc4.patch similarity index 96% rename from nfs-utils-2.5.2-rc3.patch rename to nfs-utils-2.5.2-rc4.patch index 1ae2690..50237d9 100644 --- a/nfs-utils-2.5.2-rc3.patch +++ b/nfs-utils-2.5.2-rc4.patch @@ -318,9 +318,15 @@ index 24118d6..06c1adb 100644 # GSS services dependencies and ordering Wants=auth-rpcgss-module.service diff --git a/tools/mountstats/mountstats.py b/tools/mountstats/mountstats.py -index 014f38a..1054f69 100755 +index 014f38a..00adc96 100755 --- a/tools/mountstats/mountstats.py +++ b/tools/mountstats/mountstats.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/python ++#!/usr/bin/python3 + # -*- python-mode -*- + """Parse /proc/self/mountstats and display it in human readable form + """ @@ -560,7 +560,10 @@ class DeviceData: # the reference to them. so we build new lists here # for the result object. @@ -334,9 +340,15 @@ index 014f38a..1054f69 100755 # update the remaining keys if protocol == 'udp': diff --git a/tools/nfs-iostat/nfs-iostat.py b/tools/nfs-iostat/nfs-iostat.py -index b7e98a2..5556f69 100755 +index b7e98a2..4f5e8a6 100755 --- a/tools/nfs-iostat/nfs-iostat.py +++ b/tools/nfs-iostat/nfs-iostat.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/python ++#!/usr/bin/python3 + # -*- python-mode -*- + """Emulate iostat for NFS mount points using /proc/self/mountstats + """ @@ -213,8 +213,11 @@ class DeviceData: # the reference to them. so we build new lists here # for the result object. @@ -351,6 +363,15 @@ index b7e98a2..5556f69 100755 # update the remaining keys we care about result.__rpc_data['rpcsends'] -= old_stats.__rpc_data['rpcsends'] +@@ -380,6 +383,8 @@ class DeviceData: + sends = float(self.__rpc_data['rpcsends']) + if sample_time == 0: + sample_time = float(self.__nfs_data['age']) ++ if sample_time == 0: ++ sample_time = 1; + return (sends / sample_time) + + def display_iostats(self, sample_time, which): diff --git a/utils/exportfs/exportfs.c b/utils/exportfs/exportfs.c index a04a789..cde5e51 100644 --- a/utils/exportfs/exportfs.c @@ -846,7 +867,7 @@ index f4f5975..1e8c58d 100644 #endif /* _RPC_GSSD_H_ */ diff --git a/utils/gssd/gssd_proc.c b/utils/gssd/gssd_proc.c -index 8fe6605..e830f49 100644 +index 8fe6605..2a8b618 100644 --- a/utils/gssd/gssd_proc.c +++ b/utils/gssd/gssd_proc.c @@ -149,9 +149,10 @@ do_downcall(int k5_fd, uid_t uid, struct authgss_private_data *pd, @@ -898,7 +919,15 @@ index 8fe6605..e830f49 100644 service, srchost); /* * Get a list of credential cache names and try each -@@ -730,7 +731,7 @@ handle_krb5_upcall(struct clnt_upcall_info *info) +@@ -686,6 +687,7 @@ process_krb5_upcall(struct clnt_info *clp, uid_t uid, int fd, char *srchost, + } else { + get_hostbased_client_buffer(gacceptor, mech, &acceptor); + gss_release_name(&min_stat, &gacceptor); ++ gss_release_oid(&min_stat, &mech); + } + + /* +@@ -730,7 +732,7 @@ handle_krb5_upcall(struct clnt_upcall_info *info) printerr(2, "\n%s: uid %d (%s)\n", __func__, info->uid, clp->relpath); process_krb5_upcall(clp, info->uid, clp->krb5_fd, NULL, NULL, NULL); @@ -907,7 +936,7 @@ index 8fe6605..e830f49 100644 } void -@@ -747,8 +748,10 @@ handle_gssd_upcall(struct clnt_upcall_info *info) +@@ -747,8 +749,10 @@ handle_gssd_upcall(struct clnt_upcall_info *info) char *enctypes = NULL; char *upcall_str; char *pbuf = info->lbuf; @@ -919,7 +948,7 @@ index 8fe6605..e830f49 100644 upcall_str = strdup(info->lbuf); if (upcall_str == NULL) { -@@ -830,6 +833,6 @@ handle_gssd_upcall(struct clnt_upcall_info *info) +@@ -830,6 +834,6 @@ handle_gssd_upcall(struct clnt_upcall_info *info) out: free(upcall_str); out_nomem: @@ -2020,7 +2049,7 @@ index 72ec254..b403143 100644 sizeof(in_handle_buf)); #ifdef DEBUG diff --git a/utils/idmapd/idmapd.c b/utils/idmapd/idmapd.c -index 893159f..cb1478a 100644 +index 893159f..f3d2314 100644 --- a/utils/idmapd/idmapd.c +++ b/utils/idmapd/idmapd.c @@ -49,7 +49,7 @@ @@ -2094,13 +2123,13 @@ index 893159f..cb1478a 100644 serverstart = 0; } -+ /* Not needed anymore */ ++ /* Config memory is no longer needed */ + conf_cleanup(); + while ((opt = getopt(argc, argv, GETOPTSTR)) != -1) switch (opt) { case 'v': -@@ -341,7 +361,9 @@ main(int argc, char **argv) +@@ -341,9 +361,11 @@ main(int argc, char **argv) if (nfs4_init_name_mapping(conf_path)) errx(1, "Unable to create name to user id mappings."); @@ -2109,8 +2138,11 @@ index 893159f..cb1478a 100644 + if (evbase == NULL) + errx(1, "Failed to create event base."); - if (verbose > 0) +- if (verbose > 0) ++ if (verbose > 1) xlog_warn("Expiration time is %d seconds.", + cache_entry_expiration); + if (serverstart) { @@ -388,30 +410,44 @@ main(int argc, char **argv) if (inotify_fd == -1) { xlog_err("Unable to initialise inotify_init1: %s\n", strerror(errno)); @@ -2167,7 +2199,7 @@ index 893159f..cb1478a 100644 } if (nfsdret != 0 && wd < 0) -@@ -419,15 +455,59 @@ main(int argc, char **argv) +@@ -419,15 +455,60 @@ main(int argc, char **argv) daemon_ready(); @@ -2219,7 +2251,8 @@ index 893159f..cb1478a 100644 + ptr += sizeof(struct inotify_event) + ev->len) { + + ev = (const struct inotify_event *)ptr; -+ xlog_warn("pipefs inotify: wd=%i, mask=0x%08x, len=%i, name=%s", ++ if (verbose > 2) ++ xlog_warn("pipefs inotify: wd=%i, mask=0x%08x, len=%i, name=%s", + ev->wd, ev->mask, ev->len, ev->len ? ev->name : ""); + } + } @@ -2230,7 +2263,7 @@ index 893159f..cb1478a 100644 { int nent, i; struct dirent **ents; -@@ -435,6 +515,13 @@ dirscancb(int UNUSED(fd), short UNUSED(which), void *data) +@@ -435,6 +516,13 @@ dirscancb(int UNUSED(fd), short UNUSED(which), void *data) char path[PATH_MAX+256]; /* + sizeof(d_name) */ struct idmap_clientq *icq = data; @@ -2244,7 +2277,7 @@ index 893159f..cb1478a 100644 nent = scandir(pipefsdir, &ents, NULL, alphasort); if (nent == -1) { xlog_warn("dirscancb: scandir(%s): %s", pipefsdir, strerror(errno)); -@@ -468,15 +555,15 @@ dirscancb(int UNUSED(fd), short UNUSED(which), void *data) +@@ -468,15 +556,15 @@ dirscancb(int UNUSED(fd), short UNUSED(which), void *data) strlcat(path, "/idmap", sizeof(path)); strlcpy(ic->ic_path, path, sizeof(ic->ic_path)); @@ -2257,13 +2290,13 @@ index 893159f..cb1478a 100644 goto out; } -+ if (verbose > 0) ++ if (verbose > 2) + xlog_warn("New client: %s", ic->ic_clid); + ic->ic_id = "Client"; TAILQ_INSERT_TAIL(icq, ic, ic_next); -@@ -490,17 +577,19 @@ dirscancb(int UNUSED(fd), short UNUSED(which), void *data) +@@ -490,17 +578,19 @@ dirscancb(int UNUSED(fd), short UNUSED(which), void *data) while(ic != NULL) { nextic=TAILQ_NEXT(ic, ic_next); if (!ic->ic_scanned) { @@ -2277,7 +2310,8 @@ index 893159f..cb1478a 100644 + if (ic->ic_dirfd != -1) + close(ic->ic_dirfd); TAILQ_REMOVE(icq, ic, ic_next); - if (verbose > 0) { +- if (verbose > 0) { ++ if (verbose > 2) { xlog_warn("Stale client: %s", ic->ic_clid); xlog_warn("\t-> closed %s", ic->ic_path); } @@ -2288,7 +2322,7 @@ index 893159f..cb1478a 100644 ic = nextic; } -@@ -546,7 +635,7 @@ nfsdcb(int UNUSED(fd), short which, void *data) +@@ -546,7 +636,7 @@ nfsdcb(int UNUSED(fd), short which, void *data) unsigned long tmp; if (which != EV_READ) @@ -2297,7 +2331,7 @@ index 893159f..cb1478a 100644 len = read(ic->ic_fd, buf, sizeof(buf)); if (len == 0) -@@ -569,11 +658,11 @@ nfsdcb(int UNUSED(fd), short which, void *data) +@@ -569,13 +659,13 @@ nfsdcb(int UNUSED(fd), short which, void *data) /* Authentication name -- ignored for now*/ if (getfield(&bp, authbuf, sizeof(authbuf)) == -1) { xlog_warn("nfsdcb: bad authentication name in upcall\n"); @@ -2309,9 +2343,12 @@ index 893159f..cb1478a 100644 - goto out; + return; } - if (verbose > 0) +- if (verbose > 0) ++ if (verbose > 2) xlog_warn("nfsdcb: authbuf=%s authtype=%s", -@@ -587,26 +676,26 @@ nfsdcb(int UNUSED(fd), short which, void *data) + authbuf, typebuf); + +@@ -587,26 +677,26 @@ nfsdcb(int UNUSED(fd), short which, void *data) im.im_conv = IDMAP_CONV_NAMETOID; if (getfield(&bp, im.im_name, sizeof(im.im_name)) == -1) { xlog_warn("nfsdcb: bad name in upcall\n"); @@ -2342,7 +2379,7 @@ index 893159f..cb1478a 100644 } imconv(ic, &im); -@@ -667,7 +756,7 @@ nfsdcb(int UNUSED(fd), short which, void *data) +@@ -667,7 +757,7 @@ nfsdcb(int UNUSED(fd), short which, void *data) break; default: xlog_warn("nfsdcb: Unknown which type %d", ic->ic_which); @@ -2351,7 +2388,7 @@ index 893159f..cb1478a 100644 } bsiz = sizeof(buf) - bsiz; -@@ -675,9 +764,6 @@ nfsdcb(int UNUSED(fd), short which, void *data) +@@ -675,9 +765,6 @@ nfsdcb(int UNUSED(fd), short which, void *data) if (atomicio((void*)write, ic->ic_fd, buf, bsiz) != bsiz) xlog_warn("nfsdcb: write(%s) failed: errno %d (%s)", ic->ic_path, errno, strerror(errno)); @@ -2361,7 +2398,7 @@ index 893159f..cb1478a 100644 } static void -@@ -721,14 +807,12 @@ nfscb(int UNUSED(fd), short which, void *data) +@@ -721,14 +808,12 @@ nfscb(int UNUSED(fd), short which, void *data) struct idmap_msg im; if (which != EV_READ) @@ -2378,7 +2415,7 @@ index 893159f..cb1478a 100644 } imconv(ic, &im); -@@ -742,8 +826,19 @@ nfscb(int UNUSED(fd), short which, void *data) +@@ -742,8 +827,19 @@ nfscb(int UNUSED(fd), short which, void *data) if (atomicio((void*)write, ic->ic_fd, &im, sizeof(im)) != sizeof(im)) xlog_warn("nfscb: write(%s): %s", ic->ic_path, strerror(errno)); @@ -2400,7 +2437,12 @@ index 893159f..cb1478a 100644 } static void -@@ -755,14 +850,18 @@ nfsdreopen_one(struct idmap_client *ic) +@@ -751,18 +847,22 @@ nfsdreopen_one(struct idmap_client *ic) + { + int fd; + +- if (verbose > 0) ++ if (verbose > 2) xlog_warn("ReOpening %s", ic->ic_path); if ((fd = open(ic->ic_path, O_RDWR, 0)) != -1) { @@ -2426,7 +2468,7 @@ index 893159f..cb1478a 100644 } else { xlog_warn("nfsdreopen: Opening '%s' failed: errno %d (%s)", ic->ic_path, errno, strerror(errno)); -@@ -784,6 +883,13 @@ nfsdopen(void) +@@ -784,6 +884,13 @@ nfsdopen(void) nfsdopenone(&nfsd_ic[IC_IDNAME]) == 0) ? 0 : -1); } @@ -2440,7 +2482,7 @@ index 893159f..cb1478a 100644 static int nfsdopenone(struct idmap_client *ic) { -@@ -795,8 +901,16 @@ nfsdopenone(struct idmap_client *ic) +@@ -795,10 +902,18 @@ nfsdopenone(struct idmap_client *ic) return (-1); } @@ -2457,9 +2499,12 @@ index 893159f..cb1478a 100644 + } + event_add(ic->ic_event, NULL); - if (verbose > 0) +- if (verbose > 0) ++ if (verbose > 2) xlog_warn("Opened %s", ic->ic_path); -@@ -808,25 +922,34 @@ static int + + return (0); +@@ -808,25 +923,35 @@ static int nfsopen(struct idmap_client *ic) { if ((ic->ic_fd = open(ic->ic_path, O_RDWR, 0)) == -1) { @@ -2481,7 +2526,8 @@ index 893159f..cb1478a 100644 + *slash = 0; + inotify_add_watch(inotify_fd, ic->ic_path, IN_CREATE | IN_ONLYDIR | IN_ONESHOT); + *slash = '/'; -+ xlog_warn("Path %s not available. waiting...", ic->ic_path); ++ if (verbose > 2) ++ xlog_warn("Path %s not available. waiting...", ic->ic_path); + return -1; } - } else { @@ -2504,7 +2550,7 @@ index 893159f..cb1478a 100644 + return -1; + } + event_add(ic->ic_event, NULL); -+ if (verbose > 0) ++ if (verbose > 2) + xlog_warn("Opened %s", ic->ic_path); + return (0); diff --git a/nfs-utils.2.4.4-rc1.patch b/nfs-utils.2.4.4-rc1.patch deleted file mode 100644 index c6293f5..0000000 --- a/nfs-utils.2.4.4-rc1.patch +++ /dev/null @@ -1,146 +0,0 @@ -diff --git a/utils/gssd/krb5_util.c b/utils/gssd/krb5_util.c -index a1c43d2..8c73748 100644 ---- a/utils/gssd/krb5_util.c -+++ b/utils/gssd/krb5_util.c -@@ -484,7 +484,7 @@ gssd_get_single_krb5_cred(krb5_context context, - if (ccache) - krb5_cc_close(context, ccache); - krb5_free_cred_contents(context, &my_creds); -- free(k5err); -+ krb5_free_string(context, k5err); - return (code); - } - -@@ -723,7 +723,7 @@ gssd_search_krb5_keytab(krb5_context context, krb5_keytab kt, - "we failed to unparse principal name: %s\n", - k5err); - k5_free_kt_entry(context, kte); -- free(k5err); -+ krb5_free_string(context, k5err); - k5err = NULL; - continue; - } -@@ -770,7 +770,7 @@ gssd_search_krb5_keytab(krb5_context context, krb5_keytab kt, - if (retval < 0) - retval = 0; - out: -- free(k5err); -+ krb5_free_string(context, k5err); - return retval; - } - -@@ -799,7 +799,7 @@ find_keytab_entry(krb5_context context, krb5_keytab kt, - int tried_all = 0, tried_default = 0, tried_upper = 0; - krb5_principal princ; - const char *notsetstr = "not set"; -- char *adhostoverride; -+ char *adhostoverride = NULL; - - - /* Get full target hostname */ -@@ -827,7 +827,6 @@ find_keytab_entry(krb5_context context, krb5_keytab kt, - adhostoverride); - /* No overflow: Windows cannot handle strings longer than 19 chars */ - strcpy(myhostad, adhostoverride); -- free(adhostoverride); - } else { - strcpy(myhostad, myhostname); - for (i = 0; myhostad[i] != 0; ++i) { -@@ -836,6 +835,8 @@ find_keytab_entry(krb5_context context, krb5_keytab kt, - myhostad[i] = '$'; - myhostad[i+1] = 0; - } -+ if (adhostoverride) -+ krb5_free_string(context, adhostoverride); - - if (!srchost) { - retval = get_full_hostname(myhostname, myhostname, sizeof(myhostname)); -@@ -926,7 +927,7 @@ find_keytab_entry(krb5_context context, krb5_keytab kt, - k5err = gssd_k5_err_msg(context, code); - printerr(1, "%s while building principal for '%s'\n", - k5err, spn); -- free(k5err); -+ krb5_free_string(context, k5err); - k5err = NULL; - continue; - } -@@ -936,7 +937,7 @@ find_keytab_entry(krb5_context context, krb5_keytab kt, - k5err = gssd_k5_err_msg(context, code); - printerr(3, "%s while getting keytab entry for '%s'\n", - k5err, spn); -- free(k5err); -+ krb5_free_string(context, k5err); - k5err = NULL; - /* - * We tried the active directory machine account -@@ -985,7 +986,7 @@ out: - k5_free_default_realm(context, default_realm); - if (realmnames) - krb5_free_host_realm(context, realmnames); -- free(k5err); -+ krb5_free_string(context, k5err); - return retval; - } - -@@ -1248,7 +1249,7 @@ gssd_destroy_krb5_machine_creds(void) - printerr(0, "WARNING: %s while resolving credential " - "cache '%s' for destruction\n", k5err, - ple->ccname); -- free(k5err); -+ krb5_free_string(context, k5err); - k5err = NULL; - continue; - } -@@ -1257,13 +1258,13 @@ gssd_destroy_krb5_machine_creds(void) - k5err = gssd_k5_err_msg(context, code); - printerr(0, "WARNING: %s while destroying credential " - "cache '%s'\n", k5err, ple->ccname); -- free(k5err); -+ krb5_free_string(context, k5err); - k5err = NULL; - } - } - krb5_free_context(context); - out: -- free(k5err); -+ krb5_free_string(context, k5err); - } - - /* -@@ -1346,7 +1347,7 @@ out_free_kt: - out_free_context: - krb5_free_context(context); - out: -- free(k5err); -+ krb5_free_string(context, k5err); - return retval; - } - -diff --git a/utils/mount/mount.c b/utils/mount/mount.c -index 2be3dc2..b98f9e0 100644 ---- a/utils/mount/mount.c -+++ b/utils/mount/mount.c -@@ -393,11 +393,6 @@ int main(int argc, char *argv[]) - if(!strncmp(progname, "umount", strlen("umount"))) - exit(nfsumount(argc, argv)); - -- if ((argc < 3)) { -- mount_usage(); -- exit(EX_USAGE); -- } -- - mount_config_init(progname); - - while ((c = getopt_long(argc, argv, "rvVwfno:hs", -@@ -437,6 +432,11 @@ int main(int argc, char *argv[]) - } - } - -+ if ((argc < 3)) { -+ mount_usage(); -+ exit(EX_USAGE); -+ } -+ - /* - * Extra non-option words at the end are bogus... - */ diff --git a/nfs-utils.2.4.4-rc2.patch b/nfs-utils.2.4.4-rc2.patch deleted file mode 100644 index 281077b..0000000 --- a/nfs-utils.2.4.4-rc2.patch +++ /dev/null @@ -1,336 +0,0 @@ -diff --git a/support/nfs/conffile.c b/support/nfs/conffile.c -index d55bfe1..3d13610 100644 ---- a/support/nfs/conffile.c -+++ b/support/nfs/conffile.c -@@ -429,9 +429,9 @@ conf_parse_line(int trans, char *line, const char *filename, int lineno, char ** - - subconf = conf_readfile(relpath); - if (subconf == NULL) { -- xlog_warn("config error at %s:%d: " -- "error loading included config", -- filename, lineno); -+ if (!optional) -+ xlog_warn("config error at %s:%d: error loading included config", -+ filename, lineno); - if (relpath) - free(relpath); - return; -diff --git a/utils/exportfs/exports.man b/utils/exportfs/exports.man -index e3a16f6..1d17184 100644 ---- a/utils/exportfs/exports.man -+++ b/utils/exportfs/exports.man -@@ -494,6 +494,33 @@ export entry for - .B /home/joe - in the example section below, which maps all requests to uid 150 (which - is supposedly that of user joe). -+ -+.SS Subdirectory Exports -+ -+Normally you should only export only the root of a filesystem. The NFS -+server will also allow you to export a subdirectory of a filesystem, -+however, this has drawbacks: -+ -+First, it may be possible for a malicious user to access files on the -+filesystem outside of the exported subdirectory, by guessing filehandles -+for those other files. The only way to prevent this is by using the -+.IR no_subtree_check -+option, which can cause other problems. -+ -+Second, export options may not be enforced in the way that you would -+expect. For example, the -+.IR security_label -+option will not work on subdirectory exports, and if nested subdirectory -+exports change the -+.IR security_label -+or -+.IR sec= -+options, NFSv4 clients will normally see only the options on the parent -+export. Also, where security options differ, a malicious client may use -+filehandle-guessing attacks to access the files from one subdirectory -+using the options from another. -+ -+ - .SS Extra Export Tables - After reading - .I /etc/exports -diff --git a/utils/exportfs/nfsd.man b/utils/exportfs/nfsd.man -index 9efa29f..514153f 100644 ---- a/utils/exportfs/nfsd.man -+++ b/utils/exportfs/nfsd.man -@@ -13,14 +13,8 @@ nfsd \- special filesystem for controlling Linux NFS server - The - .B nfsd - filesystem is a special filesystem which provides access to the Linux --NFS server. The filesystem consists of a single directory which --contains a number of files. These files are actually gateways into --the NFS server. Writing to them can affect the server. Reading from --them can provide information about the server. --.P --This file system is only available in Linux 2.6 and later series --kernels (and in the later parts of the 2.5 development series leading --up to 2.6). This man page does not apply to 2.4 and earlier. -+NFS server. Writing to files in this filesystem can affect the server. -+Reading from them can provide information about the server. - .P - As well as this filesystem, there are a collection of files in the - .B procfs -@@ -38,13 +32,10 @@ filesystem mounted at - .B /proc/fs/nfsd - or - .BR /proc/fs/nfs . --If it is not mounted, they will fall-back on 2.4 style functionality. --This involves accessing the NFS server via a systemcall. This --systemcall is scheduled to be removed after the 2.6 kernel series. - .SH DETAILS --The three files in the -+Files in the - .B nfsd --filesystem are: -+filesystem include: - .TP - .B exports - This file contains a list of filesystems that are currently exported -@@ -90,6 +81,16 @@ for that path as exported to the given client. The filehandle's length - will be at most the number of bytes given. - - The filehandle will be represented in hex with a leading '\ex'. -+ -+.TP -+.B clients/ -+This directory contains a subdirectory for each NFSv4 client. Each file -+under that subdirectory gives some details about the client in YAML -+format. In addition, writing "expire\\n" to the -+.B ctl -+file will force the server to immediately revoke all state held by that -+client. -+ - .PP - The directory - .B /proc/net/rpc -@@ -191,6 +192,16 @@ number represents a bit-pattern where bits that are set cause certain - classes of tracing to be enabled. Consult the kernel header files to - find out what number correspond to what tracing. - -+.SH NOTES -+This file system is only available in Linux 2.6 and later series -+kernels (and in the later parts of the 2.5 development series leading -+up to 2.6). This man page does not apply to 2.4 and earlier. -+.P -+Previously the nfsctl systemcall was used for communication between nfsd -+and user utilities. That systemcall was removed in kernel version 3.1. -+Older nfs-utils versions were able to fall back to nfsctl if necessary; -+that was removed from nfs-utils 1.3.5. -+ - .SH SEE ALSO - .BR nfsd (8), - .BR rpc.nfsd (8), -diff --git a/utils/gssd/gssd.c b/utils/gssd/gssd.c -index c38dedb..588da0f 100644 ---- a/utils/gssd/gssd.c -+++ b/utils/gssd/gssd.c -@@ -493,8 +493,8 @@ gssd_get_clnt(struct topdir *tdi, const char *name) - clp->wd = inotify_add_watch(inotify_fd, clp->relpath, IN_CREATE | IN_DELETE); - if (clp->wd < 0) { - if (errno != ENOENT) -- printerr(0, "ERROR: inotify_add_watch failed for %s: %s\n", -- clp->relpath, strerror(errno)); -+ printerr(0, "ERROR: %s: inotify_add_watch failed for %s: %s\n", -+ __FUNCTION__, clp->relpath, strerror(errno)); - goto out; - } - -@@ -523,8 +523,9 @@ gssd_scan_clnt(struct clnt_info *clp) - - clntfd = openat(pipefs_fd, clp->relpath, O_RDONLY); - if (clntfd < 0) { -- printerr(0, "ERROR: can't openat %s: %s\n", -- clp->relpath, strerror(errno)); -+ if (errno != ENOENT) -+ printerr(0, "ERROR: %s: can't openat %s: %s\n", -+ __FUNCTION__, clp->relpath, strerror(errno)); - return -1; - } - -@@ -588,8 +589,8 @@ gssd_get_topdir(const char *name) - - tdi->wd = inotify_add_watch(inotify_fd, name, IN_CREATE); - if (tdi->wd < 0) { -- printerr(0, "ERROR: inotify_add_watch failed for top dir %s: %s\n", -- tdi->name, strerror(errno)); -+ printerr(0, "ERROR: %s: inotify_add_watch failed for top dir %s: %s\n", -+ __FUNCTION__, tdi->name, strerror(errno)); - free(tdi); - return NULL; - } -@@ -616,8 +617,9 @@ gssd_scan_topdir(const char *name) - - dfd = openat(pipefs_fd, tdi->name, O_RDONLY); - if (dfd < 0) { -- printerr(0, "ERROR: can't openat %s: %s\n", -- tdi->name, strerror(errno)); -+ if (errno != ENOENT) -+ printerr(0, "ERROR: %s: can't openat %s: %s\n", -+ __FUNCTION__, tdi->name, strerror(errno)); - return; - } - -diff --git a/utils/gssd/krb5_util.c b/utils/gssd/krb5_util.c -index a1c43d2..8c73748 100644 ---- a/utils/gssd/krb5_util.c -+++ b/utils/gssd/krb5_util.c -@@ -484,7 +484,7 @@ gssd_get_single_krb5_cred(krb5_context context, - if (ccache) - krb5_cc_close(context, ccache); - krb5_free_cred_contents(context, &my_creds); -- free(k5err); -+ krb5_free_string(context, k5err); - return (code); - } - -@@ -723,7 +723,7 @@ gssd_search_krb5_keytab(krb5_context context, krb5_keytab kt, - "we failed to unparse principal name: %s\n", - k5err); - k5_free_kt_entry(context, kte); -- free(k5err); -+ krb5_free_string(context, k5err); - k5err = NULL; - continue; - } -@@ -770,7 +770,7 @@ gssd_search_krb5_keytab(krb5_context context, krb5_keytab kt, - if (retval < 0) - retval = 0; - out: -- free(k5err); -+ krb5_free_string(context, k5err); - return retval; - } - -@@ -799,7 +799,7 @@ find_keytab_entry(krb5_context context, krb5_keytab kt, - int tried_all = 0, tried_default = 0, tried_upper = 0; - krb5_principal princ; - const char *notsetstr = "not set"; -- char *adhostoverride; -+ char *adhostoverride = NULL; - - - /* Get full target hostname */ -@@ -827,7 +827,6 @@ find_keytab_entry(krb5_context context, krb5_keytab kt, - adhostoverride); - /* No overflow: Windows cannot handle strings longer than 19 chars */ - strcpy(myhostad, adhostoverride); -- free(adhostoverride); - } else { - strcpy(myhostad, myhostname); - for (i = 0; myhostad[i] != 0; ++i) { -@@ -836,6 +835,8 @@ find_keytab_entry(krb5_context context, krb5_keytab kt, - myhostad[i] = '$'; - myhostad[i+1] = 0; - } -+ if (adhostoverride) -+ krb5_free_string(context, adhostoverride); - - if (!srchost) { - retval = get_full_hostname(myhostname, myhostname, sizeof(myhostname)); -@@ -926,7 +927,7 @@ find_keytab_entry(krb5_context context, krb5_keytab kt, - k5err = gssd_k5_err_msg(context, code); - printerr(1, "%s while building principal for '%s'\n", - k5err, spn); -- free(k5err); -+ krb5_free_string(context, k5err); - k5err = NULL; - continue; - } -@@ -936,7 +937,7 @@ find_keytab_entry(krb5_context context, krb5_keytab kt, - k5err = gssd_k5_err_msg(context, code); - printerr(3, "%s while getting keytab entry for '%s'\n", - k5err, spn); -- free(k5err); -+ krb5_free_string(context, k5err); - k5err = NULL; - /* - * We tried the active directory machine account -@@ -985,7 +986,7 @@ out: - k5_free_default_realm(context, default_realm); - if (realmnames) - krb5_free_host_realm(context, realmnames); -- free(k5err); -+ krb5_free_string(context, k5err); - return retval; - } - -@@ -1248,7 +1249,7 @@ gssd_destroy_krb5_machine_creds(void) - printerr(0, "WARNING: %s while resolving credential " - "cache '%s' for destruction\n", k5err, - ple->ccname); -- free(k5err); -+ krb5_free_string(context, k5err); - k5err = NULL; - continue; - } -@@ -1257,13 +1258,13 @@ gssd_destroy_krb5_machine_creds(void) - k5err = gssd_k5_err_msg(context, code); - printerr(0, "WARNING: %s while destroying credential " - "cache '%s'\n", k5err, ple->ccname); -- free(k5err); -+ krb5_free_string(context, k5err); - k5err = NULL; - } - } - krb5_free_context(context); - out: -- free(k5err); -+ krb5_free_string(context, k5err); - } - - /* -@@ -1346,7 +1347,7 @@ out_free_kt: - out_free_context: - krb5_free_context(context); - out: -- free(k5err); -+ krb5_free_string(context, k5err); - return retval; - } - -diff --git a/utils/mount/error.c b/utils/mount/error.c -index 986f066..73295bf 100644 ---- a/utils/mount/error.c -+++ b/utils/mount/error.c -@@ -210,8 +210,7 @@ void mount_error(const char *spec, const char *mount_point, int error) - nfs_error(_("%s: an incorrect mount option was specified"), progname); - break; - case EOPNOTSUPP: -- nfs_error(_("%s: requested NFS version or transport" -- " protocol is not supported"), -+ nfs_error(_("%s: requested NFS version or transport protocol is not supported"), - progname); - break; - case ENOTDIR: -diff --git a/utils/mount/mount.c b/utils/mount/mount.c -index 2be3dc2..b98f9e0 100644 ---- a/utils/mount/mount.c -+++ b/utils/mount/mount.c -@@ -393,11 +393,6 @@ int main(int argc, char *argv[]) - if(!strncmp(progname, "umount", strlen("umount"))) - exit(nfsumount(argc, argv)); - -- if ((argc < 3)) { -- mount_usage(); -- exit(EX_USAGE); -- } -- - mount_config_init(progname); - - while ((c = getopt_long(argc, argv, "rvVwfno:hs", -@@ -437,6 +432,11 @@ int main(int argc, char *argv[]) - } - } - -+ if ((argc < 3)) { -+ mount_usage(); -+ exit(EX_USAGE); -+ } -+ - /* - * Extra non-option words at the end are bogus... - */ diff --git a/nfs-utils.spec b/nfs-utils.spec index 7454d0a..5d7875b 100644 --- a/nfs-utils.spec +++ b/nfs-utils.spec @@ -2,7 +2,7 @@ Summary: NFS utilities and supporting clients and daemons for the kernel NFS ser Name: nfs-utils URL: http://linux-nfs.org/ Version: 2.5.1 -Release: 2.rc3%{?dist} +Release: 2.rc4%{?dist} Epoch: 1 # group all 32bit related archs @@ -16,8 +16,7 @@ Source4: nfsconvert.py Source5: nfsconvert.sh Source6: nfs-convert.service -Patch001: nfs-utils-2.5.2-rc3.patch -Patch002: nfs-utils-2.5.1-rpcidmap-nodebug-msg.patch +Patch001: nfs-utils-2.5.2-rc4.patch Patch100: nfs-utils-1.2.1-statdpath-man.patch Patch101: nfs-utils-1.2.1-exp-subtree-warn-off.patch @@ -366,6 +365,9 @@ fi %{_pkgdir}/*/var-lib-nfs-rpc_pipefs.mount %changelog +* Mon Aug 31 2020 Steve Dickson 2.5.2-2.rc4 +- Updated to the latest RC release: nfs-utils-2-5-2-rc4 + * Fri Aug 07 2020 Steve Dickson 2.5.2-2.rc3 - rpc.idmapd: Turn down the verbosity in flush_inotify() (bz 1867172) - Don't modify /etc/group on upgrades (bz 1856890)