Commit Graph

204 Commits

Author SHA1 Message Date
araujo
b9642c7349 Use MIN macro from sys/param.h.
MFC after:	2 weeks.
2016-05-02 01:49:42 +00:00
pfg
26c891f034 Cleanup unnecessary semicolons from utilities we all love. 2016-04-15 22:31:22 +00:00
jpaetzel
57f950f661 Allow /etc/exports to contain usernames/groups with spaces in them.
If you are getting your users/groups from a directory service such
as LDAP or AD it's possible for those usernames or groupnames to
contain spaces.

Submitted by:	Sean E. Fagan
Reviewed by:	rmacklem
MFC after:	1 week
Sponsored by:	iXsystems
2016-01-07 05:34:39 +00:00
uqs
11e0dd6c90 Fix type mismatches for malloc(3) and Co.
This is rather pedantic, as for most architectures it holds that
sizeof(type *) == sizeof(type **)

Found by:	clang static analyzer
Reviewed by:	ed
Differential Revision: https://reviews.freebsd.org/D4722
2015-12-29 11:24:41 +00:00
trasz
b8c5808ce8 Staticize some stuff in mountd(8); no functional changes.
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
2015-07-04 08:40:48 +00:00
sjg
008d7c831f Add META_MODE support.
Off by default, build behaves normally.
WITH_META_MODE we get auto objdir creation, the ability to
start build from anywhere in the tree.

Still need to add real targets under targets/ to build packages.

Differential Revision:       D2796
Reviewed by: brooks imp
2015-06-13 19:20:56 +00:00
sjg
75a137820d dirdeps.mk now sets DEP_RELDIR 2015-06-08 23:35:17 +00:00
sjg
65145fa4c8 Merge sync of head 2015-05-27 01:19:58 +00:00
rmacklem
8df65c37f2 Add a warning message to mountd for exported file
systems that are automounted, since that configuration
isn't supported. This still allows the export, since
two emails I received felt that this should not be
disabled. It sends the message to syslog(LOG_ERR..), so that
it goes to the same places as the other messages related
to /etc/exports problems, even though it is a warning and not an error.

Reviewed by:	trasz
MFC after:	2 weeks
2015-05-16 12:05:26 +00:00
trasz
3bcd59aa88 Remove oldnfs leftovers from mountd(8).
Reviewed by:	rmacklem@
Sponsored by:	The FreeBSD Foundation
2015-04-29 12:33:00 +00:00
sjg
ec15646849 No need to delete export from filesystems which are not exported. 2015-04-18 19:52:39 +00:00
kib
7a1bb0de5f Mountd iterating over the mount points may race with the parallel
unmount, which causes error from nmount(2) call when performing
MNT_DELEXPORT over the directory which ceased to be a mount point.

The race is legitimate and innocent, but results in the chatty mountd.
Silence it by providing an distinguished error code for the situation,
and ignoring the error in mountd loop.

Based on the patch by:	Andreas Longwitz <longwitz@incore.de>
Prodded and tested by:	bdrewery
Sponsored by:	The FreeBSD Foundation
MFC after:	2 weeks
2015-02-10 18:00:32 +00:00
rstone
cb3a27ad28 When mountd is creating sockets, it iterates over all addresses specified
in the "hosts" array and eventually looks up the network address with
getaddrinfo(). At one point it checks for a numeric address and if it
sees one, it sets a hint parameter to force getaddrinfo to interpret the
host as a numeric address. However that hint is not cleared for subsequent
iterations of the loop and if any hosts seen after this point are host names,
getaddrinfo will fail on the name.  The result of this bug is that you cannot
pass a host name to the -h flag.

Unfortunately, the first iteration will either process ::1 or 127.0.0.1,
so the flag is set on the first iteration and all host names will fail
to be processed.

The same bug applies to rpc.lockd and rpc.statd, so fix them too.

Differential Revision:	https://reviews.freebsd.org/D1507
Reported by:	Dylan Martin
MFC after:	1 week
Sponsored by:	Sandvine Inc.
2015-01-19 00:33:32 +00:00
bapt
a191ba5195 Convert usr.sbin to LIBADD
Reduce overlinking
2014-11-25 16:57:27 +00:00
sjg
b137080f19 Merge from head@274682 2014-11-19 01:07:58 +00:00
bdrewery
805bdee05f Avoid showing stale errors when nmount(2) fails.
Sometimes nmount(2) will fail without setting errmsg. The previous (ignored)
error would then be shown as the reason for the failed call if the next
nmount(2) also fails without [ENOENT,ENOTSUP].

An example is when there is a tmpfs mounted with -o size. vfs_filteropt() adds
'size' as an error in errmsg due to 'size' not being in tmpfs_updateopts. Then
tmpfs_mount returns [ENOTSUP] from nmount(2), which is then ignored. The next
call may race with an unmount causing an invalid [EINVAL] that then does log an
error, with the tmpfs errmsg.

The race itself is a separate issue to fix as it is expected to have an
[ENOENT] returned instead.

In this example the mount being shown is actually nullfs, not tmpfs that the
error is from.

  mountd[740]: can't delete exports for /poudriere/data/.m/exp-head-commit-test-devel/04/.npkg: Invalid argument mount option <size> is unknown

It should only show:

  mountd[740]: can't delete exports for /poudriere/data/.m/exp-head-commit-test-devel/04/.npkg: Invalid argument

MFC after:	2 weeks
2014-08-19 21:04:31 +00:00
rmacklem
5763b41c84 Try to clarify how file systems are exported for NFSv4.
Suggested by:	rcarter@pinyon.org
MFC after:	1 week
2014-08-14 22:52:05 +00:00
sjg
5860f0d106 Updated dependencies 2014-05-16 14:09:51 +00:00
sjg
1a7e48acf1 Updated dependencies 2014-05-10 05:16:28 +00:00
sjg
97d8b94956 sync from head 2013-04-12 20:48:55 +00:00
sjg
6d37b86f2b Updated dependencies 2013-03-11 17:21:52 +00:00
pluknet
7700ebe3ff Check if the -sec option is given without an argument.
PR:		bin/170413
Submitted by:	Andrey Simonenko <simon@comsys.ntu-kpi.kiev.ua>
MFC after:	1 week
2013-02-20 12:40:26 +00:00
sjg
0ee5295509 Updated dependencies 2013-02-16 01:23:54 +00:00
obrien
3028e3f8ab Sync with HEAD. 2013-02-08 16:10:16 +00:00
rmacklem
c9aa765acd Attempt to clarify that for ZFS, all file systems under
the NFSv4 root must be exported. This is because ZFS
checks exports itself.
This is a content change.

MFC after:	2 weeks
2012-12-25 22:34:43 +00:00
kevlo
804c67a486 Fix socket calls on error post-r243965.
Submitted by:	Garrett Cooper
2012-12-21 15:54:13 +00:00
sjg
778e93c51a Sync from head 2012-11-04 02:52:03 +00:00
rmacklem
3fc142df50 Add a description for the '-S' option to the mountd man page.
This is a content change.

Reviewed by:	kib
MFC after:	2 weeks
2012-10-15 00:24:23 +00:00
rmacklem
3b6779863a Add a new '-S' option to mountd, which tells it to suspend
execution of the nfsd threads while it is reloading the exports.
This avoids clients from getting intermittent access errors
when the exports are being reloaded non-atomically.
It is not an ideal solution, since requests will back up while
the nfsd threads are suspended. Also, when this option is used,
if mountd crashes while reloading exports, mountd will have to
be restarted to get the nfsd threads to resume execution.
This has been tested by Vincent Hoffman (vince at unsane.co.uk)
and John Hickey (jh at deterlab.net).
The nfse patch offers a more comprehensive solution for this issue.

PR:		kern/9619, kern/131342
Reviewed by:	kib
MFC after:	2 weeks
2012-10-15 00:17:16 +00:00
joel
e9b754bcb5 Minor mdoc fixes. 2012-10-07 19:53:04 +00:00
rmacklem
b434c519bd Attila Bogar reported a bug in mountd when multiple export
entries with different security flavors are in the exports(5)
file. For that case, mountd replies with the security flavors
of the last entry and not the correct one for the client host.
This patch fixes that by storing separate copies of the flavors
for each host/net case, plus a default one for the case where
no hosts/nets are specified on an entry in the exports(5) file.
Unlike the patch in the PR, it replies with the security flavors
for the entry instead of merging the security flavors for all
the entries and replying with that.

Tested by:	attila.bogar at linguamatics.com
PR:		kern/164933
MFC after:	2 weeks
2012-09-24 23:57:16 +00:00
delphij
79315336c5 Show error messages if nmount() failed.
MFC after:	1 month
2012-08-27 19:08:47 +00:00
marcel
9dd41e3647 Sync FreeBSD's bmake branch with Juniper's internal bmake branch.
Requested by: Simon Gerraty <sjg@juniper.net>
2012-08-22 19:25:57 +00:00
eadler
1ef5fe44d3 Remove trailing whitespace per mdoc lint warning
Disussed with:	gavin
No objection from:	doc
Approved by:	joel
MFC after:	3 days
2012-03-29 05:02:12 +00:00
eadler
c33328dca5 Fix warning when compiling with gcc46:
error: variable 'dirp' set but not used
	error: variable 'dirplen' set but not used

Approved by:	dim, cperciva (mentor, blanket for pre-mentorship already-approved commits)
MFC after:	3 days
2012-01-20 01:38:12 +00:00
uqs
415a3a9b96 Spelling fixes for usr.sbin/ 2011-12-30 10:58:14 +00:00
delphij
ab777938ae Use calloc() instead of an explicit memset.
MFC after:	2 weeks
2011-07-14 07:35:28 +00:00
rmacklem
95c07f14f8 Try and fix the exports.5 man page so that it clarifies how
NFSv4 exports are handled. Improved by informal review comments from
mckusick, kudak at mit.edu and bde.
This is a content change.

MFC after:	2 weeks
2011-07-12 14:04:36 +00:00
rmacklem
c0db2e6ab9 Fix the nfs related daemons so that they don't intermittently
fail with "bind: address already in use". This problem was reported
to the freebsd-stable@ mailing list on Feb. 19 under the subject
heading "statd/lockd startup failure" by george+freebsd at m5p dot com.
The problem is that the first combination of {udp,tcp X ipv4,ipv6}
would select a port# dynamically, but one of the other three combinations
would have that port# already in use. The patch is somewhat involved
because it was requested by dougb@ that the four combinations use the
same port# wherever possible. The patch splits the create_service()
function into two functions. The first goes as far as bind(2) in a
loop for up to GETPORT_MAXTRY - 1 times, attempting to use the same port#
for all four cases. If these attempts fail, the last attempt allows
the 4 cases to use different port #s. After this function has succeeded,
the second function, called complete_service(), does the rest of what
create_service() did.
The three daemons mountd, rpc.lockd and rpc.statd all have a
create_service() function that is patched in a similar way. However,
create_service() has non-trivial differences for the three daemons
that made it impractical to share the same functions between them.

Reviewed by:	jhb
MFC after:	2 weeks
2011-06-02 19:33:33 +00:00
rmacklem
57afc00cc3 Patch the mountd and nfsd man pages to reflect the recent changes
done by r220980 to deprecate the -e option and add the -o option.
This is a content change for both man pages.
2011-04-24 01:11:28 +00:00
rmacklem
9ed5d7279c This patch changes the default NFS server to the new one, which was
referred to as the experimental server. It also adds a new command
line option "-o" to both mountd and nfsd that forces them to use the
old/regular NFS server. The "-e" option for these commands is now
a no-op, since the new server is the default. I will be committing rc
script and man changes soon. Discussed on freebsd-fs@.
2011-04-24 00:06:56 +00:00
ru
9bdd2cd5a9 Fixed conversion of prefix length to a netmask. 2011-03-01 11:47:16 +00:00
charnier
c30b6f1bc3 Add __unused. Ansi prototypes. 2010-12-20 09:28:28 +00:00
maxim
33e025b3ec o Fix typo: sepcify -> specify.
PR:		docs/148499
Submitted by:	Warren Block
MFC after:	1 week
2010-07-12 04:21:50 +00:00
rmacklem
7ae7bc4035 If the "-alldirs" export option was used for the V4: line, mountd
would crash in check_options() since dp == NULL for the V4: line.
This patch moves the check for options allowed on the V4: line to
ahead of where dp is used to avoid this crash.

Reported by:	mamalos AT eng.auth.gr
MFC after:	1 week
2010-05-06 00:24:08 +00:00
trasz
3f333f5ca2 Description of steps required to setup NFSv4 server is in nfsv4(4);
add reference to exports(5), since that's the obvious starting point
for searching for this.
2009-12-03 19:16:40 +00:00
dfr
ec9ddec04c Don't use sys/nfs/rpcv2.h - it is part of the old kernel RPC implementation
and will be removed.
2009-06-24 18:42:21 +00:00
rmacklem
4a22bb75d2 When mountd.c parses the nfsv4 root line(s) in /etc/exports, it
allocates data structures that are never linked into the tree or free'd.
As such, mountd would leak memory every time it parsed an nfsv4 root line.
This patch frees up those structures to plug the leak.

Approved by:	kib (mentor)
2009-06-23 21:48:04 +00:00
brooks
f53c1c309d Rework the credential code to support larger values of NGROUPS and
NGROUPS_MAX, eliminate ABI dependencies on them, and raise the to 1024
and 1023 respectively.  (Previously they were equal, but under a close
reading of POSIX, NGROUPS_MAX was defined to be too large by 1 since it
is the number of supplemental groups, not total number of groups.)

The bulk of the change consists of converting the struct ucred member
cr_groups from a static array to a pointer.  Do the equivalent in
kinfo_proc.

Introduce new interfaces crcopysafe() and crsetgroups() for duplicating
a process credential before modifying it and for setting group lists
respectively.  Both interfaces take care for the details of allocating
groups array. crsetgroups() takes care of truncating the group list
to the current maximum (NGROUPS) if necessary.  In the future,
crsetgroups() may be responsible for insuring invariants such as sorting
the supplemental groups to allow groupmember() to be implemented as a
binary search.

Because we can not change struct xucred without breaking application
ABIs, we leave it alone and introduce a new XU_NGROUPS value which is
always 16 and is to be used or NGRPS as appropriate for things such as
NFS which need to use no more than 16 groups.  When feasible, truncate
the group list rather than generating an error.

Minor changes:
  - Reduce the number of hand rolled versions of groupmember().
  - Do not assign to both cr_gid and cr_groups[0].
  - Modify ipfw to cache ucreds instead of part of their contents since
    they are immutable once referenced by more than one entity.

Submitted by:	Isilon Systems (initial implementation)
X-MFC after:	never
PR:		bin/113398 kern/133867
2009-06-19 17:10:35 +00:00
kan
ee4de3e44a Re-do r192913 in less intrusive way. Only do IP_RECVDSTADDR/IP_SENDSRCADDR
dace for UPDv4 sockets bound to INADDR_ANY. Move the code to set
IP_RECVDSTADDR/IP_SENDSRCADDR into svc_dg.c, so that both TLI and non-TLI
users will be using it.

Back out my previous commit to mountd. Turns out the problem was affecting
more than one binary so it needs to me addressed in generic rpc code in
libc in order to fix them all.

Reported by:	lstewart
Tested by:	lstewart
2009-06-18 17:10:43 +00:00