718f39a8c6
Signed-off-by: Steve Dickson <steved@redhat.com>
451 lines
12 KiB
Diff
451 lines
12 KiB
Diff
diff --git a/support/export/export.c b/support/export/export.c
|
|
index e1bebce..0b8a858 100644
|
|
--- a/support/export/export.c
|
|
+++ b/support/export/export.c
|
|
@@ -15,6 +15,8 @@
|
|
#include <sys/param.h>
|
|
#include <netinet/in.h>
|
|
#include <stdlib.h>
|
|
+#include <dirent.h>
|
|
+#include <errno.h>
|
|
#include "xmalloc.h"
|
|
#include "nfslib.h"
|
|
#include "exportfs.h"
|
|
@@ -96,6 +98,69 @@ export_read(char *fname)
|
|
}
|
|
|
|
/**
|
|
+ * export_d_read - read entries from /etc/exports.
|
|
+ * @fname: name of directory to read from
|
|
+ *
|
|
+ * Returns number of read entries.
|
|
+ * Based on mnt_table_parse_dir() in
|
|
+ * util-linux-ng/shlibs/mount/src/tab_parse.c
|
|
+ */
|
|
+int
|
|
+export_d_read(const char *dname)
|
|
+{
|
|
+ int n = 0, i;
|
|
+ struct dirent **namelist = NULL;
|
|
+ int volumes = 0;
|
|
+
|
|
+
|
|
+ n = scandir(dname, &namelist, NULL, versionsort);
|
|
+ if (n < 0) {
|
|
+ if (errno == ENOENT)
|
|
+ /* Silently return */
|
|
+ return volumes;
|
|
+ xlog(L_NOTICE, "scandir %s: %s", dname, strerror(errno));
|
|
+ } else if (n == 0)
|
|
+ return volumes;
|
|
+
|
|
+ for (i = 0; i < n; i++) {
|
|
+ struct dirent *d = namelist[i];
|
|
+ size_t namesz;
|
|
+ char fname[PATH_MAX + 1];
|
|
+ int fname_len;
|
|
+
|
|
+
|
|
+ if (d->d_type != DT_UNKNOWN
|
|
+ && d->d_type != DT_REG
|
|
+ && d->d_type != DT_LNK)
|
|
+ continue;
|
|
+ if (*d->d_name == '.')
|
|
+ continue;
|
|
+
|
|
+#define _EXT_EXPORT_SIZ (sizeof(_EXT_EXPORT) - 1)
|
|
+ namesz = strlen(d->d_name);
|
|
+ if (!namesz
|
|
+ || namesz < _EXT_EXPORT_SIZ + 1
|
|
+ || strcmp(d->d_name + (namesz - _EXT_EXPORT_SIZ),
|
|
+ _EXT_EXPORT))
|
|
+ continue;
|
|
+
|
|
+ fname_len = snprintf(fname, PATH_MAX +1, "%s/%s", dname, d->d_name);
|
|
+ if (fname_len > PATH_MAX) {
|
|
+ xlog(L_WARNING, "Too long file name: %s in %s", d->d_name, dname);
|
|
+ continue;
|
|
+ }
|
|
+
|
|
+ volumes += export_read(fname);
|
|
+ }
|
|
+
|
|
+ for (i = 0; i < n; i++)
|
|
+ free(namelist[i]);
|
|
+ free(namelist);
|
|
+
|
|
+ return volumes;
|
|
+}
|
|
+
|
|
+/**
|
|
* export_create - create an in-core nfs_export record from an export entry
|
|
* @xep: export entry to lookup
|
|
* @canonical: if set, e_hostname is known to be canonical DNS name
|
|
diff --git a/support/include/exportfs.h b/support/include/exportfs.h
|
|
index 4cac203..f033329 100644
|
|
--- a/support/include/exportfs.h
|
|
+++ b/support/include/exportfs.h
|
|
@@ -135,6 +135,7 @@ int client_member(const char *client,
|
|
const char *name);
|
|
|
|
int export_read(char *fname);
|
|
+int export_d_read(const char *dname);
|
|
void export_reset(nfs_export *);
|
|
nfs_export * export_lookup(char *hname, char *path, int caconical);
|
|
nfs_export * export_find(const struct addrinfo *ai,
|
|
diff --git a/systemd/Makefile.am b/systemd/Makefile.am
|
|
index 03f96e9..49c9b8d 100644
|
|
--- a/systemd/Makefile.am
|
|
+++ b/systemd/Makefile.am
|
|
@@ -39,8 +39,16 @@ endif
|
|
EXTRA_DIST = $(unit_files)
|
|
|
|
unit_dir = /usr/lib/systemd/system
|
|
+generator_dir = /usr/lib/systemd/system-generators
|
|
+
|
|
+EXTRA_PROGRAMS = nfs-server-generator
|
|
+genexecdir = $(generator_dir)
|
|
+nfs_server_generator_LDADD = ../support/export/libexport.a \
|
|
+ ../support/nfs/libnfs.a \
|
|
+ ../support/misc/libmisc.a
|
|
|
|
if INSTALL_SYSTEMD
|
|
+genexec_PROGRAMS = nfs-server-generator
|
|
install-data-hook: $(unit_files)
|
|
mkdir -p $(DESTDIR)/$(unitdir)
|
|
cp $(unit_files) $(DESTDIR)/$(unitdir)
|
|
diff --git a/systemd/nfs-server-generator.c b/systemd/nfs-server-generator.c
|
|
new file mode 100644
|
|
index 0000000..af8bb52
|
|
--- /dev/null
|
|
+++ b/systemd/nfs-server-generator.c
|
|
@@ -0,0 +1,144 @@
|
|
+/*
|
|
+ * nfs-server-generator:
|
|
+ * systemd generator to create ordering dependencies between
|
|
+ * nfs-server and various filesystem mounts
|
|
+ *
|
|
+ * 1/ nfs-server should start Before any 'nfs' mountpoints are
|
|
+ * mounted, in case they are loop-back mounts. This ordering is particularly
|
|
+ * important for the shutdown side, so the nfs-server is stopped
|
|
+ * after the filesystems are unmounted.
|
|
+ * 2/ nfs-server should start After all exported filesystems are mounted
|
|
+ * so there is no risk of exporting the underlying directory.
|
|
+ * This is particularly important for _net mounts which
|
|
+ * are not caught by "local-fs.target".
|
|
+ */
|
|
+
|
|
+#ifdef HAVE_CONFIG_H
|
|
+#include <config.h>
|
|
+#endif
|
|
+
|
|
+#include <sys/stat.h>
|
|
+#include <sys/types.h>
|
|
+#include <unistd.h>
|
|
+#include <stdlib.h>
|
|
+#include <string.h>
|
|
+#include <ctype.h>
|
|
+#include <stdio.h>
|
|
+#include <mntent.h>
|
|
+
|
|
+#include "misc.h"
|
|
+#include "nfslib.h"
|
|
+#include "exportfs.h"
|
|
+
|
|
+/* A simple "set of strings" to remove duplicates
|
|
+ * found in /etc/exports
|
|
+ */
|
|
+struct list {
|
|
+ struct list *next;
|
|
+ char *name;
|
|
+};
|
|
+static int is_unique(struct list **lp, char *path)
|
|
+{
|
|
+ struct list *l = *lp;
|
|
+
|
|
+ while (l) {
|
|
+ if (strcmp(l->name, path) == 0)
|
|
+ return 0;
|
|
+ l = l->next;
|
|
+ }
|
|
+ l = malloc(sizeof(*l));
|
|
+ l->name = path;
|
|
+ l->next = *lp;
|
|
+ *lp = l;
|
|
+ return 1;
|
|
+}
|
|
+
|
|
+/* We need to convert a path name to a systemd unit
|
|
+ * name. This requires some translation ('/' -> '-')
|
|
+ * and some escaping.
|
|
+ */
|
|
+static void systemd_escape(FILE *f, char *path)
|
|
+{
|
|
+ while (*path == '/')
|
|
+ path++;
|
|
+ if (!*path) {
|
|
+ /* "/" becomes "-", otherwise leading "/" is ignored */
|
|
+ fputs("-", f);
|
|
+ return;
|
|
+ }
|
|
+ while (*path) {
|
|
+ char c = *path++;
|
|
+
|
|
+ if (c == '/') {
|
|
+ /* multiple non-trailing slashes become '-' */
|
|
+ while (*path == '/')
|
|
+ path++;
|
|
+ if (*path)
|
|
+ fputs("-", f);
|
|
+ } else if (isalnum(c) || c == ':' || c == '.')
|
|
+ fputc(c, f);
|
|
+ else
|
|
+ fprintf(f, "\\x%02x", c & 0xff);
|
|
+ }
|
|
+}
|
|
+
|
|
+int main(int argc, char *argv[])
|
|
+{
|
|
+ char *path;
|
|
+ char dirbase[] = "/nfs-server.service.d";
|
|
+ char filebase[] = "/order-with-mounts.conf";
|
|
+ nfs_export *exp;
|
|
+ int i;
|
|
+ struct list *list = NULL;
|
|
+ FILE *f, *fstab;
|
|
+ struct mntent *mnt;
|
|
+
|
|
+ if (argc != 4 || argv[1][0] != '/') {
|
|
+ fprintf(stderr, "nfs-server-generator: create systemd dependencies for nfs-server\n");
|
|
+ fprintf(stderr, "Usage: normal-dir early-dir late-dir\n");
|
|
+ exit(1);
|
|
+ }
|
|
+
|
|
+ path = malloc(strlen(argv[1]) + sizeof(dirbase) + sizeof(filebase));
|
|
+ if (!path)
|
|
+ exit(2);
|
|
+ if (export_read(_PATH_EXPORTS) +
|
|
+ export_d_read(_PATH_EXPORTS_D) == 0)
|
|
+ /* Nothing is exported, so nothing to do */
|
|
+ exit(0);
|
|
+
|
|
+ strcat(strcpy(path, argv[1]), dirbase);
|
|
+ mkdir(path, 0755);
|
|
+ strcat(path, filebase);
|
|
+ f = fopen(path, "w");
|
|
+ if (!f)
|
|
+ return 1;
|
|
+ fprintf(f, "# Automatically generated by nfs-server-generator\n\n[Unit]\n");
|
|
+
|
|
+ for (i = 0; i < MCL_MAXTYPES; i++) {
|
|
+ for (exp = exportlist[i].p_head; exp; exp = exp->m_next) {
|
|
+ if (!is_unique(&list, exp->m_export.e_path))
|
|
+ continue;
|
|
+ if (strchr(exp->m_export.e_path, ' '))
|
|
+ fprintf(f, "RequiresMountsFor=\"%s\"\n",
|
|
+ exp->m_export.e_path);
|
|
+ else
|
|
+ fprintf(f, "RequiresMountsFor=%s\n",
|
|
+ exp->m_export.e_path);
|
|
+ }
|
|
+ }
|
|
+
|
|
+ fstab = setmntent("/etc/fstab", "r");
|
|
+ while ((mnt = getmntent(fstab)) != NULL) {
|
|
+ if (strcmp(mnt->mnt_type, "nfs") != 0 &&
|
|
+ strcmp(mnt->mnt_type, "nfs4") != 0)
|
|
+ continue;
|
|
+ fprintf(f, "Before= ");
|
|
+ systemd_escape(f, mnt->mnt_dir);
|
|
+ fprintf(f, ".mount\n");
|
|
+ }
|
|
+
|
|
+ fclose(f);
|
|
+
|
|
+ exit(0);
|
|
+}
|
|
diff --git a/systemd/nfs-server.service b/systemd/nfs-server.service
|
|
index 2ccdc63..196c818 100644
|
|
--- a/systemd/nfs-server.service
|
|
+++ b/systemd/nfs-server.service
|
|
@@ -16,9 +16,6 @@ Before= rpc-statd-notify.service
|
|
Wants=auth-rpcgss-module.service
|
|
After=rpc-gssd.service gssproxy.service rpc-svcgssd.service
|
|
|
|
-# start/stop server before/after client
|
|
-Before=remote-fs-pre.target
|
|
-
|
|
Wants=nfs-config.service
|
|
After=nfs-config.service
|
|
|
|
diff --git a/utils/exportfs/exportfs.c b/utils/exportfs/exportfs.c
|
|
index a00b5ea..4ac2c15 100644
|
|
--- a/utils/exportfs/exportfs.c
|
|
+++ b/utils/exportfs/exportfs.c
|
|
@@ -26,7 +26,6 @@
|
|
#include <fcntl.h>
|
|
#include <netdb.h>
|
|
#include <errno.h>
|
|
-#include <dirent.h>
|
|
#include <limits.h>
|
|
#include <time.h>
|
|
|
|
@@ -47,7 +46,6 @@ static void error(nfs_export *exp, int err);
|
|
static void usage(const char *progname, int n);
|
|
static void validate_export(nfs_export *exp);
|
|
static int matchhostname(const char *hostname1, const char *hostname2);
|
|
-static int export_d_read(const char *dname);
|
|
static void grab_lockfile(void);
|
|
static void release_lockfile(void);
|
|
|
|
@@ -700,63 +698,6 @@ out:
|
|
return result;
|
|
}
|
|
|
|
-/* Based on mnt_table_parse_dir() in
|
|
- util-linux-ng/shlibs/mount/src/tab_parse.c */
|
|
-static int
|
|
-export_d_read(const char *dname)
|
|
-{
|
|
- int n = 0, i;
|
|
- struct dirent **namelist = NULL;
|
|
- int volumes = 0;
|
|
-
|
|
-
|
|
- n = scandir(dname, &namelist, NULL, versionsort);
|
|
- if (n < 0) {
|
|
- if (errno == ENOENT)
|
|
- /* Silently return */
|
|
- return volumes;
|
|
- xlog(L_NOTICE, "scandir %s: %s", dname, strerror(errno));
|
|
- } else if (n == 0)
|
|
- return volumes;
|
|
-
|
|
- for (i = 0; i < n; i++) {
|
|
- struct dirent *d = namelist[i];
|
|
- size_t namesz;
|
|
- char fname[PATH_MAX + 1];
|
|
- int fname_len;
|
|
-
|
|
-
|
|
- if (d->d_type != DT_UNKNOWN
|
|
- && d->d_type != DT_REG
|
|
- && d->d_type != DT_LNK)
|
|
- continue;
|
|
- if (*d->d_name == '.')
|
|
- continue;
|
|
-
|
|
-#define _EXT_EXPORT_SIZ (sizeof(_EXT_EXPORT) - 1)
|
|
- namesz = strlen(d->d_name);
|
|
- if (!namesz
|
|
- || namesz < _EXT_EXPORT_SIZ + 1
|
|
- || strcmp(d->d_name + (namesz - _EXT_EXPORT_SIZ),
|
|
- _EXT_EXPORT))
|
|
- continue;
|
|
-
|
|
- fname_len = snprintf(fname, PATH_MAX +1, "%s/%s", dname, d->d_name);
|
|
- if (fname_len > PATH_MAX) {
|
|
- xlog(L_WARNING, "Too long file name: %s in %s", d->d_name, dname);
|
|
- continue;
|
|
- }
|
|
-
|
|
- volumes += export_read(fname);
|
|
- }
|
|
-
|
|
- for (i = 0; i < n; i++)
|
|
- free(namelist[i]);
|
|
- free(namelist);
|
|
-
|
|
- return volumes;
|
|
-}
|
|
-
|
|
static char
|
|
dumpopt(char c, char *fmt, ...)
|
|
{
|
|
diff --git a/utils/idmapd/idmapd.man b/utils/idmapd/idmapd.man
|
|
index b9200c7..d4ab894 100644
|
|
--- a/utils/idmapd/idmapd.man
|
|
+++ b/utils/idmapd/idmapd.man
|
|
@@ -23,6 +23,29 @@ is the NFSv4 ID <-> name mapping daemon. It provides functionality to
|
|
the NFSv4 kernel client and server, to which it communicates via
|
|
upcalls, by translating user and group IDs to names, and vice versa.
|
|
.Pp
|
|
+The system derives the
|
|
+.I user
|
|
+part of the string by performing a password or group lookup.
|
|
+The lookup mechanism is configured in
|
|
+.Pa /etc/idmapd.conf
|
|
+.Pp
|
|
+By default, the
|
|
+.I domain
|
|
+part of the string is the system's DNS domain name.
|
|
+It can also be specified in
|
|
+.Pa /etc/idmapd.conf
|
|
+if the system is multi-homed,
|
|
+or if the system's DNS domain name does
|
|
+not match the name of the system's Kerberos realm.
|
|
+.Pp
|
|
+When the domain is not specified in /etc/idmapd.conf
|
|
+the local DNS server will be queried for the
|
|
+.Sy _nfsv4idmapdomain
|
|
+text record. If the record exists
|
|
+that will be used as the domain. When the record
|
|
+does not exist, the domain part of the DNS domain
|
|
+will used.
|
|
+.Pp
|
|
Note that on more recent kernels only the NFSv4 server uses
|
|
.Nm .
|
|
The NFSv4 client instead uses
|
|
diff --git a/utils/mount/stropts.c b/utils/mount/stropts.c
|
|
index 9de6794..d5dfb5e 100644
|
|
--- a/utils/mount/stropts.c
|
|
+++ b/utils/mount/stropts.c
|
|
@@ -948,6 +948,7 @@ static int nfs_is_permanent_error(int error)
|
|
case ETIMEDOUT:
|
|
case ECONNREFUSED:
|
|
case EHOSTUNREACH:
|
|
+ case EOPNOTSUPP: /* aka RPC_PROGNOTREGISTERED */
|
|
case EAGAIN:
|
|
return 0; /* temporary */
|
|
default:
|
|
@@ -1019,8 +1020,7 @@ static int nfsmount_parent(struct nfsmount_info *mi)
|
|
if (nfs_try_mount(mi))
|
|
return EX_SUCCESS;
|
|
|
|
- /* retry background mounts when the server is not up */
|
|
- if (nfs_is_permanent_error(errno) && errno != EOPNOTSUPP) {
|
|
+ if (nfs_is_permanent_error(errno)) {
|
|
mount_error(mi->spec, mi->node, errno);
|
|
return EX_FAIL;
|
|
}
|
|
@@ -1055,8 +1055,7 @@ static int nfsmount_child(struct nfsmount_info *mi)
|
|
if (nfs_try_mount(mi))
|
|
return EX_SUCCESS;
|
|
|
|
- /* retry background mounts when the server is not up */
|
|
- if (nfs_is_permanent_error(errno) && errno != EOPNOTSUPP)
|
|
+ if (nfs_is_permanent_error(errno))
|
|
break;
|
|
|
|
if (time(NULL) > timeout)
|
|
diff --git a/utils/nfsidmap/nfsidmap.man b/utils/nfsidmap/nfsidmap.man
|
|
index 2f17cf2..2af16f3 100644
|
|
--- a/utils/nfsidmap/nfsidmap.man
|
|
+++ b/utils/nfsidmap/nfsidmap.man
|
|
@@ -39,6 +39,15 @@ if the system is multi-homed,
|
|
or if the system's DNS domain name does
|
|
not match the name of the system's Kerberos realm.
|
|
.PP
|
|
+When the domain is not specified in
|
|
+.I /etc/idmapd.conf
|
|
+the local DNS server will be queried for the
|
|
+.I _nfsv4idmapdomain
|
|
+text record. If the record exists
|
|
+that will be used as the domain. When the record
|
|
+does not exist, the domain part of the DNS domain
|
|
+will used.
|
|
+.PP
|
|
The
|
|
.I /usr/sbin/nfsidmap
|
|
program performs translations on behalf of the kernel.
|