rpms/rpcbind
5
0
Fork 1
Code Issues Pull Requests Releases Activity

Create the statedir under /run/rpcbind by systemd-tmpfiles.

Browse Source 
Signed-off-by: Steve Dickson <steved@redhat.com>
This commit is contained in:
Steve Dickson 2016-11-28 11:36:02 -05:00
parent bbf9314062
commit 55ba833a77
3 changed files with 210 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

138
rpcbind-0.2.3-create-statdir.patch Normal file
View File

@ -0,0 +1,138 @@
commit 1805cdb116bd076dc5746beeb6dc79067a79d094
Author: NeilBrown <neilb@suse.com>
Date: Wed Nov 16 10:53:07 2016 -0500
Move default state-dir to a subdirectory of /var/run
rpcbind can save state in a file to allow restart without forgetting
about running services.
The default location is currently "/tmp" which is
not ideal for system files. It is particularly unpleasant
to put simple files there rather than creating a directory
to contain them.
On a modern Linux system it is preferable to use /run, and there it is
even more consistent with practice to use a subdirectory.
This directory needs to be create one each boot, and while there are
tools (e.g. systemd-tmpfiles) which can do that it is cleaner to keep
rpcbind self-contained and have it create the directory.
So change the default location to /var/run/rpcbind, and create that
directory. If a different user-id is used, we need to create
and chown the directory before dropping privileges. We do this
with care so avoid chowning the wrong thing by mistake.
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
diff --git a/configure.ac b/configure.ac
index f84921e..acc6914 100644
--- a/configure.ac
+++ b/configure.ac
@@ -22,8 +22,8 @@ AC_ARG_ENABLE([warmstarts],
AM_CONDITIONAL(WARMSTART, test x$enable_warmstarts = xyes)
AC_ARG_WITH([statedir],
- AS_HELP_STRING([--with-statedir=ARG], [use ARG as state dir @<:@default=/tmp@:>@])
- ,, [with_statedir=/tmp])
+ AS_HELP_STRING([--with-statedir=ARG], [use ARG as state dir @<:@default=/var/run/rpcbind@:>@])
+ ,, [with_statedir=/var/run/rpcbind])
AC_SUBST([statedir], [$with_statedir])
AC_ARG_WITH([rpcuser],
diff --git a/src/rpcbind.c b/src/rpcbind.c
index 87ccdc2..8db8dfc 100644
--- a/src/rpcbind.c
+++ b/src/rpcbind.c
@@ -263,6 +263,11 @@ main(int argc, char *argv[])
syslog(LOG_ERR, "cannot get uid of '%s': %m", id);
exit(1);
}
+#ifdef WARMSTART
+ if (warmstart) {
+ mkdir_warmstart(p->pw_uid);
+ }
+#endif
if (setgid(p->pw_gid) == -1) {
syslog(LOG_ERR, "setgid to '%s' (%d) failed: %m", id, p->pw_gid);
exit(1);
diff --git a/src/rpcbind.h b/src/rpcbind.h
index 74f9591..5b1a9bb 100644
--- a/src/rpcbind.h
+++ b/src/rpcbind.h
@@ -129,6 +129,7 @@ int is_localroot(struct netbuf *);
extern void pmap_service(struct svc_req *, SVCXPRT *);
#endif
+void mkdir_warmstart(int uid);
void write_warmstart(void);
void read_warmstart(void);
diff --git a/src/warmstart.c b/src/warmstart.c
index 122a058..aafcb61 100644
--- a/src/warmstart.c
+++ b/src/warmstart.c
@@ -45,19 +45,23 @@
#include <syslog.h>
#include <unistd.h>
#include <errno.h>
+#include <fcntl.h>
#include "rpcbind.h"
-#ifndef RPCBIND_STATEDIR
-#define RPCBIND_STATEDIR "/tmp"
-#endif
-
/* These files keep the pmap_list and rpcb_list in XDR format */
#define RPCBFILE RPCBIND_STATEDIR "/rpcbind.xdr"
#ifdef PORTMAP
#define PMAPFILE RPCBIND_STATEDIR "/portmap.xdr"
#endif
+#ifndef O_DIRECTORY
+#define O_DIRECTORY 0
+#endif
+#ifndef O_NOFOLLOW
+#define O_NOFOLLOW 0
+#endif
+
static bool_t write_struct(char *, xdrproc_t, void *);
static bool_t read_struct(char *, xdrproc_t, void *);
@@ -139,8 +143,33 @@ error:
}
void
+mkdir_warmstart(int uid)
+{
+ /* Already exists? */
+ if (access(RPCBIND_STATEDIR, X_OK) == 0)
+ return;
+
+ if (mkdir(RPCBIND_STATEDIR, 0770) == 0) {
+ int fd = open(RPCBIND_STATEDIR, O_RDONLY | O_DIRECTORY | O_NOFOLLOW);
+ if (fd >= 0) {
+ if (fchown(fd, uid, -1) < 0) {
+ syslog(LOG_ERR,
+ "mkdir_warmstart: open failed '%s', errno %d (%s)",
+ RPCBIND_STATEDIR, errno, strerror(errno));
+ }
+ close(fd);
+ } else
+ syslog(LOG_ERR, "mkdir_warmstart: open failed '%s', errno %d (%s)",
+ RPCBIND_STATEDIR, errno, strerror(errno));
+ } else
+ syslog(LOG_ERR, "mkdir_warmstart: mkdir failed '%s', errno %d (%s)",
+ RPCBIND_STATEDIR, errno, strerror(errno));
+}
+
+void
write_warmstart()
{
+ (void) mkdir(RPCBIND_STATEDIR, 0770);
(void) write_struct(RPCBFILE, (xdrproc_t)xdr_rpcblist_ptr, &list_rbl);
#ifdef PORTMAP
(void) write_struct(PMAPFILE, (xdrproc_t)xdr_pmaplist_ptr, &list_pml);

57
rpcbind-0.2.3-systemd-tmpfiles.patch Normal file
View File

@ -0,0 +1,57 @@
commit b47e0f12cfa005bb120e018257410663efbd7254
Author: Steve Dickson <steved@redhat.com>
Date: Tue Nov 15 13:32:40 2016 -0500
Use systemd-tmpfiles to create the warmstart directory
When systemd is available have it create the /run/rpcbind
warmstart directory. Note, the new rpcbind.conf file
expects 'rpc' user and group since that those will be
the id/gid that will own the directory.
Signed-off-by: Steve Dickson <steved@redhat.com>
diff --git a/Makefile.am b/Makefile.am
index 43c2710..d7ca426 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -54,6 +54,9 @@ rpcbind_LDADD += $(SYSTEMD_LIBS)
systemdsystemunit_DATA = \
systemd/rpcbind.service \
systemd/rpcbind.socket
+
+systemdtmpfiles_DATA = \
+ systemd/rpcbind.conf
endif
rpcinfo_SOURCES = src/rpcinfo.c
diff --git a/configure.ac b/configure.ac
index acc6914..81adafc 100644
--- a/configure.ac
+++ b/configure.ac
@@ -52,6 +52,17 @@ AC_ARG_WITH([systemdsystemunitdir],
fi
AM_CONDITIONAL(SYSTEMD, [test -n "$with_systemdsystemunitdir" -a "x$with_systemdsystemunitdir" != xno ])
+AC_ARG_WITH([systemdtmpfilesdir],
+ AS_HELP_STRING([--with-systemdtmpfilesdir=DIR], [Directory for systemd tmp files]),
+ [], [with_systemdtmpfilesdir=$($PKG_CONFIG --variable=tmpfilesdir systemd)])
+ if test "x$with_systemdtmpfilesdir" != xno; then
+ AC_SUBST([systemdtmpfilesdir], [$with_systemdtmpfilesdir])
+ PKG_CHECK_MODULES([SYSTEMD], [libsystemd], [],
+ [PKG_CHECK_MODULES([SYSTEMD], [libsystemd-daemon], [],
+ AC_MSG_ERROR([libsystemd support requested but found]))])
+ fi
+AM_CONDITIONAL(SYSTEMD, [test -n "$with_systemdtmpfilesdir" -a "x$with_systemdtmpfilesdir" != xno ])
+
AS_IF([test x$enable_libwrap = xyes], [
AC_CHECK_LIB([wrap], [hosts_access], ,
AC_MSG_ERROR([libwrap support requested but unable to find libwrap]))
diff --git a/systemd/rpcbind.conf b/systemd/rpcbind.conf
new file mode 100644
index 0000000..2f8af45
--- /dev/null
+++ b/systemd/rpcbind.conf
@@ -0,0 +1,2 @@
+#Type Path Mode UID GID Age Argument
+D /run/rpcbind 0700 rpc rpc - -

20
rpcbind.spec
View File

@ -1,6 +1,6 @@
Name: rpcbind Name: rpcbind
Version: 0.2.3 Version: 0.2.3
Release: 12.rc2%{?dist} Release: 13.rc2%{?dist}
Summary: Universal Addresses to RPC Program Number Mapper Summary: Universal Addresses to RPC Program Number Mapper
Group: System Environment/Daemons Group: System Environment/Daemons
License: BSD License: BSD
@ -8,7 +8,7 @@ URL: http://nfsv4.bullopensource.org
BuildRoot: %{_tmppath}/%{name}-%{version}-root-%(%{__id_u} -n) BuildRoot: %{_tmppath}/%{name}-%{version}-root-%(%{__id_u} -n)
Source0: http://downloads.sourceforge.net/rpcbind/%{name}-%{version}.tar.bz2 Source0: http://downloads.sourceforge.net/rpcbind/%{name}-%{version}.tar.bz2
Source1: rpcbind.sysconfig Source1: %{name}.sysconfig
Requires: glibc-common setup Requires: glibc-common setup
Conflicts: man-pages < 2.43-12 Conflicts: man-pages < 2.43-12
@ -20,8 +20,10 @@ Requires(preun): systemd
Requires(postun): systemd coreutils Requires(postun): systemd coreutils
Patch001: rpcbind-0.2.4-rc2.patch Patch001: rpcbind-0.2.4-rc2.patch
Patch002: rpcbind-0.2.3-create-statdir.patch
Patch100: rpcbind-0.2.3-systemd-envfile.patch Patch100: rpcbind-0.2.3-systemd-envfile.patch
Patch101: rpcbind-0.2.3-systemd-tmpfiles.patch
Provides: portmap = %{version}-%{release} Provides: portmap = %{version}-%{release}
Obsoletes: portmap <= 4.0-65.3 Obsoletes: portmap <= 4.0-65.3
@ -35,8 +37,10 @@ RPC calls on a server on that machine.
%setup -q %setup -q
%patch001 -p1 %patch001 -p1
%patch002 -p1
%patch100 -p1 %patch100 -p1
%patch101 -p1
%build %build
%ifarch s390 s390x %ifarch s390 s390x
PIE="-fPIE" PIE="-fPIE"
@ -46,7 +50,7 @@ PIE="-fpie"
export PIE export PIE
RPCBUSR=rpc RPCBUSR=rpc
RPCBDIR=/tmp RPCBDIR=/run/rpcbind
CFLAGS="`echo $RPM_OPT_FLAGS $ARCH_OPT_FLAGS $PIE`" CFLAGS="`echo $RPM_OPT_FLAGS $ARCH_OPT_FLAGS $PIE`"
autoreconf -fisv autoreconf -fisv
@ -64,6 +68,7 @@ make all
rm -rf %{buildroot} rm -rf %{buildroot}
mkdir -p %{buildroot}{/sbin,/usr/sbin,/etc/sysconfig} mkdir -p %{buildroot}{/sbin,/usr/sbin,/etc/sysconfig}
mkdir -p %{buildroot}%{_unitdir} mkdir -p %{buildroot}%{_unitdir}
mkdir -p %{buildroot}%{_tmpfilesdir}
mkdir -p %{buildroot}%{_mandir}/man8 mkdir -p %{buildroot}%{_mandir}/man8
make DESTDIR=$RPM_BUILD_ROOT install make DESTDIR=$RPM_BUILD_ROOT install
@ -71,6 +76,7 @@ mv -f ${RPM_BUILD_ROOT}%{_bindir}/rpcbind ${RPM_BUILD_ROOT}/sbin
mv -f ${RPM_BUILD_ROOT}%{_bindir}/rpcinfo ${RPM_BUILD_ROOT}%{_sbindir} mv -f ${RPM_BUILD_ROOT}%{_bindir}/rpcinfo ${RPM_BUILD_ROOT}%{_sbindir}
install -m644 %{SOURCE1} %{buildroot}/etc/sysconfig/rpcbind install -m644 %{SOURCE1} %{buildroot}/etc/sysconfig/rpcbind
%clean %clean
rm -rf %{buildroot} rm -rf %{buildroot}
@ -117,10 +123,14 @@ fi
/sbin/rpcbind /sbin/rpcbind
%{_sbindir}/rpcinfo %{_sbindir}/rpcinfo
%{_mandir}/man8/* %{_mandir}/man8/*
%{_unitdir}/rpcbind.service %{_unitdir}/%{name}.service
%{_unitdir}/rpcbind.socket %{_unitdir}/%{name}.socket
%{_tmpfilesdir}/%{name}.conf
%changelog %changelog
* Sat Nov 19 2016 Steve Dickson <steved@redhat.com> - 0.2.3-13.rc2
- Create the statedir under /run/rpcbind by systemd-tmpfiles.
* Sat Nov 12 2016 Steve Dickson <steved@redhat.com> - 0.2.3-12.rc2 * Sat Nov 12 2016 Steve Dickson <steved@redhat.com> - 0.2.3-12.rc2
- Stop enable rpcbind.socket with every update (bz 1393721) - Stop enable rpcbind.socket with every update (bz 1393721)