commit f92fd6ca815025c435dabf45da28472ac0aa04a4 Author: Petr Vorel Date: Fri Nov 10 10:59:29 2023 -0500 support/backend_sqlite.c: Add getrandom() fallback Allow to compile reexport on systems with older libc. (getrandom() wrapper is supported on glibc 2.25+ and musl 1.1.20+, uclibc-ng does not yet support it). getrandom() syscall is supported Linux 3.17+ (old enough to bother with a check). Signed-off-by: Petr Vorel Signed-off-by: Steve Dickson commit bdc79f02c17fc9ec7461d48007105caac789cef4 Author: Petr Vorel Date: Fri Nov 10 10:39:05 2023 -0500 support/reexport.c: Remove unused headers Some of them are needed but included elsewhere, e.g. included in nfslib.h or included in xcommon.h, but at least is removed due further code simplification. Fixes: 878674b3 ("Add reexport helper library") Reviewed-by: Richard Weinberger Signed-off-by: Petr Vorel Signed-off-by: Steve Dickson commit 1a4edb2aa6b9b88fcdcb8d82b262467d06527623 Author: Petr Vorel Date: Fri Nov 10 10:35:33 2023 -0500 reexport/fsidd.c: Remove unused headers Some of them are needed but included elsewhere, e.g. included in xcommon.h, but at least is removed due further code simplification. Fixes: 6fd2732d ("export: Add fsidd") Signed-off-by: Petr Vorel Signed-off-by: Steve Dickson commit 534faa78456ee9d3da1bd3c3cf6915e9d7e5ee49 Author: NeilBrown Date: Wed Oct 25 13:30:19 2023 -0400 cache: periodically retry requests that couldn't be answered. Requests from the kernel to map the fsid from a filehandle to a path name sometimes cannot be answered because the filesystems isn't available now but might be available later. This happens if an export is marked "mountpoint" but the mountpoint isn't currently mounted. In this case it might get mounted in the future. It also happens in an NFS filesystem is being re-exported and the server is unresponsive. In that case (if it was mounted "softerr") we get ETIMEDOUT from a stat() attempt and so cannot give either a positive or negative response. These cases are currently handled poorly. No answer is returned to the kernel so it will continue waiting for an answer - and never get one even if the NFS server comes back or the mountpoint is mounted. We cannot report a soft error to the kernel so much retry ourselves. With this patch we record the request when the lookup fails with dev_missing or similar and retry every 2 minutes. Signed-off-by: NeilBrown Signed-off-by: Steve Dickson commit 19d60d8b80083b332b514062426190e73a636816 Author: NeilBrown Date: Wed Oct 25 13:21:04 2023 -0400 Share process_loop code between mountd and exportd. There is substantial commonality between cache_process_loop() used by exportd and my_svc_run() used by mountd. Remove the looping from cache_process_loop() renaming it to cache_process() and call it in a loop from exportd. my_svc_run() now calls cache_process() for all the common functionality and adds code specific to being an RPC server. Signed-off-by: NeilBrown Signed-off-by: Steve Dickson commit 4661589bf745291d340b1c1fac6c54140f1308f5 Author: NeilBrown Date: Wed Oct 25 12:44:35 2023 -0400 Move fork_workers() and wait_for_workers() in cache.c Both mountd and exported have fork_workers() and wait_for_workers() which are nearly identical. Move this code into cache.c (adding a cache_ prefix to the function names) and leave the minor differences in the two callers. Also remove duplicate declarations from mountd.h. Signed-off-by: NeilBrown Signed-off-by: Steve Dickson commit e115a6edfaa07203c6d6d40eba9e4f097efe0cf2 Author: NeilBrown Date: Wed Oct 25 12:40:24 2023 -0400 export: move cache_open() before workers are forked. If each worker has a separate open on a cache channel, then each worker will potentially receive every upcall request resulting in duplicated work. A worker will only not see a request that another worker sees if that other worker answers the request before this worker gets a chance to read it. To avoid duplicate effort between threads and so get maximum benefit from multiple threads, open the cache channels before forking. Note that the kernel provides locking so that only one thread can be reading to writing to any channel at any given moment. Fixes: 5fc3bac9e0c3 ("mountd: Ensure we don't share cache file descriptors among processes.") Signed-off-by: NeilBrown Signed-off-by: Steve Dickson commit 888b0b25c079a02beb3829b78bdad67630cd2185 Author: NeilBrown Date: Wed Oct 25 12:37:14 2023 -0400 export: add EACCES to the list of known path_lookup_error() errors. If a 'stat' results in EACCES (for root), then it is likely a permanent problem. One possible cause is a 'fuser' filesystem which only gives any access to the user which mounted it. So it is reasonable for EACCES to be a "path lookup error" Signed-off-by: NeilBrown Signed-off-by: Steve Dickson commit 92a0f7d3cc7fc1206e0a763ab737f797b8946ca7 Author: NeilBrown Date: Wed Oct 25 12:34:45 2023 -0400 export: fix handling of error from match_fsid() If match_fsid() returns -1 we shouldn't assume that the path definitely doesn't match the fsid, though it might not. This is a similar situation to where an export is expected to be a mount point, but is found not to be one. So it can be handled the same way, by setting 'dev_missing'. This will only have an effect if no other path matched the fsid, which is what we want. The current code results in nothing being exported if any export point, or any mount point beneath a crossmnt export point, fails a 'stat' request, which is too harsh. Signed-off-by: NeilBrown Signed-off-by: Steve Dickson commit 14ee48785f97dbb90dd199698d838da66c319605 Author: Olga Kornievskaia Date: Mon Oct 16 11:52:30 2023 -0400 gssd: handle KRB5_AP_ERR_BAD_INTEGRITY for user credentials Unlike the machine credential case, we can't throw away the ticket cache and use the keytab to renew the credentials. Instead, we need to remove the service ticket for the server that returned KRB5_AP_ERR_BAD_INTEGRITY and try again. Signed-off-by: Olga Kornievskaia Signed-off-by: Steve Dickson commit 4b272471937d6662e608dcf2b70dbc4b6dee76a0 Author: Olga Kornievskaia Date: Mon Oct 16 11:49:12 2023 -0400 gssd: handle KRB5_AP_ERR_BAD_INTEGRITY for machine credentials During context establishment, when the client received KRB5_AP_ERR_BAD_INTEGRITY error, it might be due to the server updating its key material. To handle such error, get a new service ticket and re-try the AP_REQ. Signed-off-by: Olga Kornievskaia Signed-off-by: Steve Dickson commit 75b04a9bff709a49f55326b439851822dd630be6 Author: Olga Kornievskaia Date: Mon Oct 16 11:45:54 2023 -0400 gssd: fix handling DNS lookup failure When the kernel does its first ever lookup for a given server ip it sends down info for server, protocol, etc. On the gssd side as it scans the pipefs structure and sees a new entry it reads that info and creates a clp_info structure. At that time it also does a DNS lookup of the provided ip to name using getnameinfo(), this is saved in clp->servername for all other upcalls that is down under that directory. If this 1st getnameinfo() results in a failed resolution for whatever reason (a temporary DNS resolution problem), this cause of all other future upcalls to fail. As a fix, this patch proposed to (1) save the server info that's passed only in the initial pipefs new entry creation in the clp_info structure, then (2) for the upcalls, if clp->servername is NULL, then do the DNS lookup again and set all the needed clp_info fields upon successful resolution. Signed-off-by: Olga Kornievskaia Signed-off-by: Steve Dickson commit f066f87bb35712e44631481a47f26ced86019afc Author: Olga Kornievskaia Date: Mon Oct 16 11:40:20 2023 -0400 gssd: enable forcing cred renewal using the keytab Add a new function parameter "force_renewal" that callers could set to force service ticket renewal even if one exists already. This is needed in preparation for handling KRB5_AP_ERR_BAD_INTEGRITY when service's keytab changes while the client holds valid service ticket in the cache. Signed-off-by: Olga Kornievskaia Signed-off-by: Steve Dickson commit fb635d63fa7d78d5a80c9b638d177c5a78b64124 Author: James Youngman Date: Mon Sep 25 08:53:32 2023 -0400 Remove extraneous words left behind by commit 522837f. Signed-off-by: Steve Dickson commit 7916134e5d9b1641effd3b6d964c806a09cfdcee Author: Steve Dickson Date: Thu Aug 10 11:57:39 2023 -0400 Fixed a regression in the junction code commit cdbef4e9 created a regression in the in the junction code by adding a O_PATH flag to the open() in junction_open_path() Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2213669 Signed-off-by: Steve Dickson commit ebc8dce684fdc536647072c0866c33db797e2438 Author: Steve Dickson Date: Sun Jul 30 08:21:30 2023 -0400 nfs(5): updated the new "xprtsec=" mount option section Signed-off-by: Steve Dickson commit 7b7c01f4cf546baa730fa61a6bb2343da6a068cd Author: Chuck Lever Date: Mon Jul 17 17:37:00 2023 -0400 nfs(5): Document the new "xprtsec=" mount option More information about RPC-with-TLS and some brief set-up guidance are to be provided in a separate man page in Section 7. Signed-off-by: Chuck Lever Signed-off-by: Steve Dickson commit 46d2ab015e25b9bef9c5842d0b3f8c6ea02f2b39 Author: Ben Hutchings Date: Sat Jul 15 13:23:16 2023 -0400 start-statd: Fix shellcheck warnings shellcheck currently complains: In utils/statd/start-statd line 14: [ 1`cat /run/rpc.statd.pid` -gt 1 ] && ^----------------------^ SC2046 (warning): Quote this to prevent word splitting. ^----------------------^ SC2006 (style): Use $(...) notation instead of legacy backticks `...`. Did you mean: [ 1$(cat /run/rpc.statd.pid) -gt 1 ] && In utils/statd/start-statd line 15: kill -0 `cat /run/rpc.statd.pid` > /dev/null 2>&1 ^----------------------^ SC2046 (warning): Quote this to prevent word splitting. ^----------------------^ SC2006 (style): Use $(...) notation instead of legacy backticks `...`. Did you mean: kill -0 $(cat /run/rpc.statd.pid) > /dev/null 2>&1 Use quotes and $() as recommended. Signed-off-by: Ben Hutchings Signed-off-by: Salvatore Bonaccorso Signed-off-by: Steve Dickson commit 90a23f7c6343bcb1b69c93ceccc14cc06e14d958 Author: Aram Akhavan Date: Sat Jul 15 13:21:04 2023 -0400 libnfsidmap: try to get the domain directly from hostname if the DNS lookup fails and always show the log message if the domain can't be determined In nfs4_init_name_mapping(), if no domain is specified in the config file, the hostname will be looked up in DNS, and the domain extracted from that. If DNS resolution isn't up at this time (i.e. on idmapd startup), the hardcoded domain in IDMAPD_DEFAULT_DOMAIN is used. This will break id mapping for anyone who doesn't happen to use "localdomain". Previously, the log message indicating this has happened requires -v to be passed, so the "failure" was silent by default. Signed-off-by: Aram Akhavan Signed-off-by: Steve Dickson commit 4f5e66718c01f89b28bf9e7a8c645d9e18682485 Author: Aram Akhavan Date: Sat Jul 15 13:16:58 2023 -0400 nfs-idmapd.service: add network-online.target to Wants= and After= nfs-idmapd.service does not have any dependency on the network so there's no starting point to wait for DNS resolution. nfs-server.service already has this network dependency and ordering. Signed-off-by: Aram Akhavan Signed-off-by: Steve Dickson commit 03f0bb2148236594916f112eea064bb06615740c Author: Steve Dickson Date: Mon Jun 12 16:21:40 2023 -0400 reexport.h: Removed an warning by including nfslib.h reexport.h:13:44: warning: 'struct exportent' declared inside parameter list will not be visible outside of this definition or declaration Signed-off-by: Steve Dickson commit 8125c6f4ad156a9bad0dc2cc42e0243380fc478d Author: Bernd Kuhls Date: Mon Jun 12 16:12:38 2023 -0400 support/reexport: guard dlfcn.h include with HAVE_DLFCN_H Signed-off-by: Bernd Kuhls Signed-off-by: Giulio Benetti Signed-off-by: Steve Dickson commit 858c9771401142cec882affd269ac6653d32536a Author: Scott Mayhew Date: Mon Jun 12 16:00:29 2023 -0400 nfs(5): Document the trunkdiscovery/notrunkdiscovery mount option. Also, move the documentation for max_connect to the section for NFSv4-specific options. Signed-off-by: Scott Mayhew Signed-off-by: Steve Dickson commit e5c304f887e19448f0b011a8008cb1db2b11e54b Author: Scott Mayhew Date: Mon Jun 12 15:58:54 2023 -0400 nfs(5): Document the write=lazy|eager|wait mount option. Signed-off-by: Scott Mayhew Signed-off-by: Steve Dickson commit 3d87802703b096877310725e600060a064304cde Author: Scott Mayhew Date: Mon Jun 12 15:57:21 2023 -0400 nfs(5): Document the softerr mount option Signed-off-by: Scott Mayhew Signed-off-by: Steve Dickson commit bc4a5deef9f820c55fdac3c0070364c17cd91cca Author: Wiktor Jaskulski Date: Thu May 11 15:28:23 2023 -0400 configure.ac: libevent and libsqlite3 checked when nfsv4 is disabled Signed-off-by: Steve Dickson commit da51b4fb3946e51947524a59957f2963219dfd82 Author: Lukas Herbolt Date: Thu May 11 14:59:44 2023 -0400 nfs.conf.man: Fix typo cache-use-upaddr to cache-use-ipaddr and add manage-gids to exportd section. Signed-off-by: Steve Dickson commit e2ca35398d2e1edcceb043d5e9551ee5685f28b4 Author: Steve Dickson Date: Thu May 11 14:55:05 2023 -0400 Added check for uuid/uuid.h Signed-off-by: Steve Dickson commit e00ab3c0616fe6d83ab0710d9e7d989c299088f7 Author: NeilBrown Date: Thu May 11 14:26:47 2023 -0400 fsidd: provide better default socket name. Having the default socket name be in the current directory is a poor choice for a daemon that is expected to run as root. It is also likely better to use an "abstract" socket name. abstract names do not exist in the filesystem namespace and are local to a network namespace. Using an abstract name ensures that the nfsd, mountd, and fsidd are all in the same network namespace. This patch: - uses a single #define for the default socket name, rather than 2; - allows the socket name to start with '@' which is interpreted to be a request to use the abstract name space (systemd uses the same convention). - changes the default to "@/run/fsid.sock". I don't know of a formal standard for choosing names in the abstract name space, the defacto standard (seen in "ss -xa|grep @") is to use a name similar to what might be used in the filesystem. Acked-by: Richard Weinberger Signed-off-by: NeilBrown Signed-off-by: Steve Dickson commit 4f1520f18068519a4cc488b1cea823a4f5ad2de6 Author: NeilBrown Date: Thu May 11 14:22:24 2023 -0400 fsidd: don't use assert() on expr with side-effect. assert() is not guaranteed to evaluate its arg. When compiled with -DNDEBUG, the evaluation is skipped. We don't currently compile with -DNDEBUG, but relying on that is poor form, particularly as this is described as "sample code" in the git log. So introduce assert_safe() and use that when there are side-effects. Acked-by: Richard Weinberger Signed-off-by: NeilBrown Signed-off-by: Steve Dickson