From 4f302eebe8f683f7852c686b4eb0cea18ddf657a Mon Sep 17 00:00:00 2001 From: Steve Dickson Date: Nov 04 2015 21:34:10 +0000 Subject: Updated to the latest RC release: nfs-utils-1-3-4-rc1 Signed-off-by: Steve Dickson --- diff --git a/nfs-utils-1.3.4-rc1.patch b/nfs-utils-1.3.4-rc1.patch new file mode 100644 index 0000000..536eb64 --- /dev/null +++ b/nfs-utils-1.3.4-rc1.patch @@ -0,0 +1,420 @@ +diff --git a/aclocal/libtirpc.m4 b/aclocal/libtirpc.m4 +index b7de636..27368ff 100644 +--- a/aclocal/libtirpc.m4 ++++ b/aclocal/libtirpc.m4 +@@ -20,6 +20,12 @@ AC_DEFUN([AC_LIBTIRPC], [ + [Define to 1 if your rpcsec library provides authgss_free_private_data])],, + [${LIBS}])]) + ++ AS_IF([test -n "${LIBTIRPC}"], ++ [AC_CHECK_LIB([tirpc], [libtirpc_set_debug], ++ [AC_DEFINE([HAVE_LIBTIRPC_SET_DEBUG], [1], ++ [Define to 1 if your tirpc library provides libtirpc_set_debug])],, ++ [${LIBS}])]) ++ + AC_SUBST([AM_CPPFLAGS]) + AC_SUBST(LIBTIRPC) + +diff --git a/support/export/client.c b/support/export/client.c +index 95156f0..af9e6bb 100644 +--- a/support/export/client.c ++++ b/support/export/client.c +@@ -686,6 +686,21 @@ check_netgroup(const nfs_client *clp, const struct addrinfo *ai) + } + } + ++ /* check whether the IP itself is in the netgroup */ ++ for (tmp = (struct addrinfo *)ai ; tmp != NULL ; tmp = tmp->ai_next) { ++ free(hname); ++ hname = calloc(INET6_ADDRSTRLEN, 1); ++ ++ if (inet_ntop(tmp->ai_family, &(((struct sockaddr_in *)tmp->ai_addr)->sin_addr), hname, INET6_ADDRSTRLEN) != hname) { ++ xlog(D_GENERAL, " %s: unable to inet_ntop addrinfo %p: %m", __func__, tmp, errno); ++ goto out; ++ } ++ if (innetgr(netgroup, hname, NULL, NULL)) { ++ match = 1; ++ goto out; ++ } ++ } ++ + /* Okay, strip off the domain (if we have one) */ + dot = strchr(hname, '.'); + if (dot == NULL) +diff --git a/support/export/hostname.c b/support/export/hostname.c +index 169baa5..7a44d42 100644 +--- a/support/export/hostname.c ++++ b/support/export/hostname.c +@@ -134,6 +134,8 @@ host_pton(const char *paddr) + break; + } + return ai; ++ case EAI_NONAME: ++ break; + case EAI_SYSTEM: + xlog(D_GENERAL, "%s: failed to convert %s: (%d) %m", + __func__, paddr, errno); +diff --git a/support/include/nfslib.h b/support/include/nfslib.h +index c9a13cb..ddd71ac 100644 +--- a/support/include/nfslib.h ++++ b/support/include/nfslib.h +@@ -176,6 +176,9 @@ size_t strlcpy(char *, const char *, size_t); + ssize_t atomicio(ssize_t (*f) (int, void*, size_t), + int, void *, size_t); + ++#ifdef HAVE_LIBTIRPC_SET_DEBUG ++void libtirpc_set_debug(char *name, int level, int use_stderr); ++#endif + + #define UNUSED(x) UNUSED_ ## x __attribute__((unused)) + +diff --git a/support/nfs/mydaemon.c b/support/nfs/mydaemon.c +index 3391eff..343e80b 100644 +--- a/support/nfs/mydaemon.c ++++ b/support/nfs/mydaemon.c +@@ -49,6 +49,7 @@ + #include + #include + #include ++#include + #include + + #include "nfslib.h" +@@ -122,6 +123,7 @@ daemon_init(bool fg) + dup2(tempfd, 0); + dup2(tempfd, 1); + dup2(tempfd, 2); ++ closelog(); + dup2(pipefds[1], 3); + pipefds[1] = 3; + closeall(4); +diff --git a/systemd/Makefile.am b/systemd/Makefile.am +index 0331926..03f96e9 100644 +--- a/systemd/Makefile.am ++++ b/systemd/Makefile.am +@@ -28,9 +28,13 @@ endif + if CONFIG_GSS + unit_files += \ + auth-rpcgss-module.service \ +- rpc-gssd.service \ ++ rpc-gssd.service ++ ++if CONFIG_SVCGSS ++unit_files += \ + rpc-svcgssd.service + endif ++endif + + EXTRA_DIST = $(unit_files) + +diff --git a/utils/exportfs/exportfs.c b/utils/exportfs/exportfs.c +index 8758231..c7a79a6 100644 +--- a/utils/exportfs/exportfs.c ++++ b/utils/exportfs/exportfs.c +@@ -499,9 +499,10 @@ unexportfs(char *arg, int verbose) + + static int can_test(void) + { +- char buf[1024]; ++ char buf[1024] = { 0 }; + int fd; + int n; ++ size_t bufsiz = sizeof(buf); + + fd = open("/proc/net/rpc/auth.unix.ip/channel", O_WRONLY); + if (fd < 0) +@@ -514,9 +515,9 @@ static int can_test(void) + * commit 2f74f972 (sunrpc: prepare NFS for 2038). + */ + if (time(NULL) > INT_TO_LONG_THRESHOLD_SECS) +- sprintf(buf, "nfsd 0.0.0.0 %ld -test-client-\n", LONG_MAX); ++ snprintf(buf, bufsiz-1, "nfsd 0.0.0.0 %ld -test-client-\n", LONG_MAX); + else +- sprintf(buf, "nfsd 0.0.0.0 %d -test-client-\n", INT_MAX); ++ snprintf(buf, bufsiz-1, "nfsd 0.0.0.0 %d -test-client-\n", INT_MAX); + + n = write(fd, buf, strlen(buf)); + close(fd); +@@ -532,7 +533,8 @@ static int can_test(void) + + static int test_export(char *path, int with_fsid) + { +- char buf[1024]; ++ /* beside max path, buf size should take protocol str into account */ ++ char buf[NFS_MAXPATHLEN+1+64] = { 0 }; + char *bp = buf; + int len = sizeof(buf); + int fd, n; +@@ -758,7 +760,8 @@ dumpopt(char c, char *fmt, ...) + static void + dump(int verbose, int export_format) + { +- char buf[1024]; ++ /* buf[] size should >= sizeof(struct exportent->e_path) */ ++ char buf[NFS_MAXPATHLEN+1] = { 0 }; + char *bp; + int len; + nfs_export *exp; +diff --git a/utils/gssd/gssd.c b/utils/gssd/gssd.c +index e480349..078e558 100644 +--- a/utils/gssd/gssd.c ++++ b/utils/gssd/gssd.c +@@ -869,6 +869,13 @@ main(int argc, char *argv[]) + if (verbosity && rpc_verbosity == 0) + rpc_verbosity = verbosity; + authgss_set_debug_level(rpc_verbosity); ++#elif HAVE_LIBTIRPC_SET_DEBUG ++ /* ++ * Only set the libtirpc debug level if explicitly requested via -r... ++ * gssd is chatty enough as it is. ++ */ ++ if (rpc_verbosity > 0) ++ libtirpc_set_debug(progname, rpc_verbosity, fg); + #else + if (rpc_verbosity > 0) + printerr(0, "Warning: rpcsec_gss library does not " +diff --git a/utils/gssd/gssd_proc.c b/utils/gssd/gssd_proc.c +index 11168b2..cee8991 100644 +--- a/utils/gssd/gssd_proc.c ++++ b/utils/gssd/gssd_proc.c +@@ -348,16 +348,9 @@ create_auth_rpc_client(struct clnt_info *clp, + printerr(2, "creating %s client for server %s\n", clp->protocol, + clp->servername); + +- if ((strcmp(clp->protocol, "tcp")) == 0) { +- protocol = IPPROTO_TCP; +- } else if ((strcmp(clp->protocol, "udp")) == 0) { ++ protocol = IPPROTO_TCP; ++ if ((strcmp(clp->protocol, "udp")) == 0) + protocol = IPPROTO_UDP; +- } else { +- printerr(0, "WARNING: unrecognized protocol, '%s', requested " +- "for connection to server %s for user with uid %d\n", +- clp->protocol, clp->servername, uid); +- goto out_fail; +- } + + switch (addr->sa_family) { + case AF_INET: +diff --git a/utils/gssd/krb5_util.c b/utils/gssd/krb5_util.c +index ecf17a2..f48de2c 100644 +--- a/utils/gssd/krb5_util.c ++++ b/utils/gssd/krb5_util.c +@@ -801,7 +801,7 @@ find_keytab_entry(krb5_context context, krb5_keytab kt, const char *tgtname, + char *default_realm = NULL; + char *realm; + char *k5err = NULL; +- int tried_all = 0, tried_default = 0; ++ int tried_all = 0, tried_default = 0, tried_upper = 0; + krb5_principal princ; + const char *notsetstr = "not set"; + char *adhostoverride; +@@ -835,7 +835,6 @@ find_keytab_entry(krb5_context context, krb5_keytab kt, const char *tgtname, + strcpy(myhostad, myhostname); + for (i = 0; myhostad[i] != 0; ++i) { + if (myhostad[i] == '.') break; +- myhostad[i] = toupper(myhostad[i]); + } + myhostad[i] = '$'; + myhostad[i+1] = 0; +@@ -936,6 +935,19 @@ find_keytab_entry(krb5_context context, krb5_keytab kt, const char *tgtname, + k5err = gssd_k5_err_msg(context, code); + printerr(3, "%s while getting keytab entry for '%s'\n", + k5err, spn); ++ /* ++ * We tried the active directory machine account ++ * with the hostname part as-is and failed... ++ * convert it to uppercase and try again before ++ * moving on to the svcname ++ */ ++ if (strcmp(svcnames[j],"$") == 0 && !tried_upper) { ++ for (i = 0; myhostad[i] != '$'; ++i) { ++ myhostad[i] = toupper(myhostad[i]); ++ } ++ j--; ++ tried_upper = 1; ++ } + } else { + printerr(3, "Success getting keytab entry for '%s'\n",spn); + retval = 0; +diff --git a/utils/gssd/svcgssd.c b/utils/gssd/svcgssd.c +index f1b4347..0fe7c6d 100644 +--- a/utils/gssd/svcgssd.c ++++ b/utils/gssd/svcgssd.c +@@ -135,6 +135,13 @@ main(int argc, char *argv[]) + if (verbosity && rpc_verbosity == 0) + rpc_verbosity = verbosity; + authgss_set_debug_level(rpc_verbosity); ++#elif HAVE_LIBTIRPC_SET_DEBUG ++ /* ++ * Only set the libtirpc debug level if explicitly requested via -r... ++ * svcgssd is chatty enough as it is. ++ */ ++ if (rpc_verbosity > 0) ++ libtirpc_set_debug(progname, rpc_verbosity, fg); + #else + if (rpc_verbosity > 0) + printerr(0, "Warning: rpcsec_gss library does not " +diff --git a/utils/mountd/auth.c b/utils/mountd/auth.c +index 330cab5..894a7a5 100644 +--- a/utils/mountd/auth.c ++++ b/utils/mountd/auth.c +@@ -85,7 +85,7 @@ auth_reload() + { + struct stat stb; + static ino_t last_inode; +- static int last_fd; ++ static int last_fd = -1; + static unsigned int counter; + int fd; + +@@ -93,11 +93,22 @@ auth_reload() + xlog(L_FATAL, "couldn't open %s", _PATH_ETAB); + } else if (fstat(fd, &stb) < 0) { + xlog(L_FATAL, "couldn't stat %s", _PATH_ETAB); +- } else if (stb.st_ino == last_inode) { ++ close(fd); ++ } else if (last_fd != -1 && stb.st_ino == last_inode) { ++ /* We opened the etab file before, and its inode ++ * number hasn't changed since then. ++ */ + close(fd); + return counter; + } else { +- close(last_fd); ++ /* Need to process entries from the etab file. Close ++ * the file descriptor from the previous open (last_fd), ++ * and keep the current file descriptor open to prevent ++ * the file system reusing the current inode number ++ * (last_inode). ++ */ ++ if (last_fd != -1) ++ close(last_fd); + last_fd = fd; + last_inode = stb.st_ino; + } +diff --git a/utils/nfsd/nfssvc.c b/utils/nfsd/nfssvc.c +index a2b11d8..e8efd06 100644 +--- a/utils/nfsd/nfssvc.c ++++ b/utils/nfsd/nfssvc.c +@@ -168,22 +168,22 @@ nfssvc_setfds(const struct addrinfo *hints, const char *node, const char *port) + continue; + } + +- xlog(D_GENERAL, "Creating %s %s socket.", family, proto); +- + /* open socket and prepare to hand it off to kernel */ + sockfd = socket(addr->ai_family, addr->ai_socktype, + addr->ai_protocol); + if (sockfd < 0) { +- if (errno == EAFNOSUPPORT) +- xlog(L_NOTICE, "address family %s not " +- "supported by protocol %s", +- family, proto); +- else ++ if (errno != EAFNOSUPPORT) { + xlog(L_ERROR, "unable to create %s %s socket: " + "errno %d (%m)", family, proto, errno); +- rc = errno; +- goto error; ++ rc = errno; ++ goto error; ++ } ++ addr = addr->ai_next; ++ continue; + } ++ ++ xlog(D_GENERAL, "Created %s %s socket.", family, proto); ++ + #ifdef IPV6_SUPPORTED + if (addr->ai_family == AF_INET6 && + setsockopt(sockfd, IPPROTO_IPV6, IPV6_V6ONLY, &on, sizeof(on))) { +diff --git a/utils/statd/rmtcall.c b/utils/statd/rmtcall.c +index 45c84f9..c4f6364 100644 +--- a/utils/statd/rmtcall.c ++++ b/utils/statd/rmtcall.c +@@ -113,7 +113,6 @@ statd_get_socket(void) + if (sockfd < 0) + return -1; + +- FD_SET(sockfd, &SVC_FDSET); + return sockfd; + } + +diff --git a/utils/statd/statd.c b/utils/statd/statd.c +index 2b7a167..e5b4c98 100644 +--- a/utils/statd/statd.c ++++ b/utils/statd/statd.c +@@ -247,6 +247,7 @@ int main (int argc, char **argv) + int port = 0, out_port = 0; + int nlm_udp = 0, nlm_tcp = 0; + struct rlimit rlim; ++ int notify_sockfd; + + /* Default: daemon mode, no other options */ + run_mode = 0; +@@ -437,7 +438,7 @@ int main (int argc, char **argv) + } + + /* Make sure we have a privilege port for calling into the kernel */ +- if (statd_get_socket() < 0) ++ if ((notify_sockfd = statd_get_socket()) < 0) + exit(1); + + /* If sm-notify didn't take all the state files, load +@@ -484,7 +485,7 @@ int main (int argc, char **argv) + * Handle incoming requests: SM_NOTIFY socket requests, as + * well as callbacks from lockd. + */ +- my_svc_run(); /* I rolled my own, Olaf made it better... */ ++ my_svc_run(notify_sockfd); /* I rolled my own, Olaf made it better... */ + + /* Only get here when simulating a crash so we should probably + * start sm-notify running again. As we have already dropped +diff --git a/utils/statd/statd.h b/utils/statd/statd.h +index a1d8035..231ac7e 100644 +--- a/utils/statd/statd.h ++++ b/utils/statd/statd.h +@@ -28,7 +28,7 @@ extern _Bool statd_present_address(const struct sockaddr *sap, char *buf, + __attribute__((__malloc__)) + extern char * statd_canonical_name(const char *hostname); + +-extern void my_svc_run(void); ++extern void my_svc_run(int); + extern void notify_hosts(void); + extern void shuffle_dirs(void); + extern int statd_get_socket(void); +diff --git a/utils/statd/svc_run.c b/utils/statd/svc_run.c +index d98ecee..28c1ad6 100644 +--- a/utils/statd/svc_run.c ++++ b/utils/statd/svc_run.c +@@ -78,7 +78,7 @@ my_svc_exit(void) + * The heart of the server. A crib from libc for the most part... + */ + void +-my_svc_run(void) ++my_svc_run(int sockfd) + { + FD_SET_TYPE readfds; + int selret; +@@ -96,6 +96,8 @@ my_svc_run(void) + } + + readfds = SVC_FDSET; ++ /* Set notify sockfd for waiting for reply */ ++ FD_SET(sockfd, &readfds); + if (notify) { + struct timeval tv; + +@@ -125,8 +127,10 @@ my_svc_run(void) + + default: + selret -= process_reply(&readfds); +- if (selret) ++ if (selret) { ++ FD_CLR(sockfd, &readfds); + svc_getreqset(&readfds); ++ } + } + } + } diff --git a/nfs-utils.spec b/nfs-utils.spec index 1c2bcc7..488b837 100644 --- a/nfs-utils.spec +++ b/nfs-utils.spec @@ -2,7 +2,7 @@ Summary: NFS utilities and supporting clients and daemons for the kernel NFS ser Name: nfs-utils URL: http://sourceforge.net/projects/nfs Version: 1.3.3 -Release: 1%{?dist} +Release: 1.rc1%{?dist} Epoch: 1 # group all 32bit related archs @@ -15,6 +15,8 @@ Source2: nfs.sysconfig Source3: nfs-utils_env.sh Source4: lockd.conf +Patch001: nfs-utils-1.3.4-rc1.patch + Patch100: nfs-utils-1.2.1-statdpath-man.patch Patch101: nfs-utils-1.2.1-exp-subtree-warn-off.patch Patch102: nfs-utils-1.2.3-sm-notify-res_init.patch @@ -72,6 +74,8 @@ This package also contains the mount.nfs and umount.nfs program. %prep %setup -q +%patch001 -p1 + %patch100 -p1 %patch101 -p1 %patch102 -p1 @@ -287,7 +291,10 @@ fi /sbin/umount.nfs4 %changelog -* Wed Nov 4 2015 Steve Dickson 1.3.3-1 +* Wed Nov 4 2015 Steve Dickson 1.3.3-1.rc1 +- Updated to the latest RC release: nfs-utils-1-3-4-rc1 + +* Wed Nov 3 2015 Steve Dickson 1.3.3-1 - Removed legacy triggers to remove rpm build errors * Mon Nov 2 2015 Steve Dickson 1.3.3-0