Commit Graph

160 Commits

Author SHA1 Message Date
rmacklem
7ae7bc4035 If the "-alldirs" export option was used for the V4: line, mountd
would crash in check_options() since dp == NULL for the V4: line.
This patch moves the check for options allowed on the V4: line to
ahead of where dp is used to avoid this crash.

Reported by:	mamalos AT eng.auth.gr
MFC after:	1 week
2010-05-06 00:24:08 +00:00
trasz
3f333f5ca2 Description of steps required to setup NFSv4 server is in nfsv4(4);
add reference to exports(5), since that's the obvious starting point
for searching for this.
2009-12-03 19:16:40 +00:00
dfr
ec9ddec04c Don't use sys/nfs/rpcv2.h - it is part of the old kernel RPC implementation
and will be removed.
2009-06-24 18:42:21 +00:00
rmacklem
4a22bb75d2 When mountd.c parses the nfsv4 root line(s) in /etc/exports, it
allocates data structures that are never linked into the tree or free'd.
As such, mountd would leak memory every time it parsed an nfsv4 root line.
This patch frees up those structures to plug the leak.

Approved by:	kib (mentor)
2009-06-23 21:48:04 +00:00
brooks
f53c1c309d Rework the credential code to support larger values of NGROUPS and
NGROUPS_MAX, eliminate ABI dependencies on them, and raise the to 1024
and 1023 respectively.  (Previously they were equal, but under a close
reading of POSIX, NGROUPS_MAX was defined to be too large by 1 since it
is the number of supplemental groups, not total number of groups.)

The bulk of the change consists of converting the struct ucred member
cr_groups from a static array to a pointer.  Do the equivalent in
kinfo_proc.

Introduce new interfaces crcopysafe() and crsetgroups() for duplicating
a process credential before modifying it and for setting group lists
respectively.  Both interfaces take care for the details of allocating
groups array. crsetgroups() takes care of truncating the group list
to the current maximum (NGROUPS) if necessary.  In the future,
crsetgroups() may be responsible for insuring invariants such as sorting
the supplemental groups to allow groupmember() to be implemented as a
binary search.

Because we can not change struct xucred without breaking application
ABIs, we leave it alone and introduce a new XU_NGROUPS value which is
always 16 and is to be used or NGRPS as appropriate for things such as
NFS which need to use no more than 16 groups.  When feasible, truncate
the group list rather than generating an error.

Minor changes:
  - Reduce the number of hand rolled versions of groupmember().
  - Do not assign to both cr_gid and cr_groups[0].
  - Modify ipfw to cache ucreds instead of part of their contents since
    they are immutable once referenced by more than one entity.

Submitted by:	Isilon Systems (initial implementation)
X-MFC after:	never
PR:		bin/113398 kern/133867
2009-06-19 17:10:35 +00:00
kan
ee4de3e44a Re-do r192913 in less intrusive way. Only do IP_RECVDSTADDR/IP_SENDSRCADDR
dace for UPDv4 sockets bound to INADDR_ANY. Move the code to set
IP_RECVDSTADDR/IP_SENDSRCADDR into svc_dg.c, so that both TLI and non-TLI
users will be using it.

Back out my previous commit to mountd. Turns out the problem was affecting
more than one binary so it needs to me addressed in generic rpc code in
libc in order to fix them all.

Reported by:	lstewart
Tested by:	lstewart
2009-06-18 17:10:43 +00:00
kan
d928fef9ce The change r192913 has added dependency on IP_RECVDSTADDR being
set for RPC UDP sockets. Mountd uses internal libc fuctions
directly and bypasses generic socket initialization completely,
so we need to set IP_RECVDSTADDR here to match the libc behavior.
2009-06-08 03:15:27 +00:00
rmacklem
8bb7f959a6 Change the "-4" argument for nfsd and mountd to "-e" to avoid
confusion, since it does not refer to IPv4 nor NFSv4, but to
running the experimental server instead of the regular one.

Approved by:	kib (mentor)
2009-05-28 20:28:13 +00:00
rmacklem
8ca86cdf06 Modify mountd to handle the experimental nfs server as well as the
regular one. It now takes a "-4" command line argument to force it
to use the experimental server. Otherwise it will use the regular
server unless the experimental server is the only one linked into
the kernel. A third kind of line has been added to /etc/exports,
which is specific to NFSv4 and defines where the NFSv4 tree root is
and can be used to limit access to NFSv4 state handling operations
that do not use any file handle.

Approved by:	kib (mentor)
2009-05-27 22:02:54 +00:00
dfr
2fb03513fc Implement support for RPCSEC_GSS authentication to both the NFS client
and server. This replaces the RPC implementation of the NFS client and
server with the newer RPC implementation originally developed
(actually ported from the userland sunrpc code) to support the NFS
Lock Manager.  I have tested this code extensively and I believe it is
stable and that performance is at least equal to the legacy RPC
implementation.

The NFS code currently contains support for both the new RPC
implementation and the older legacy implementation inherited from the
original NFS codebase. The default is to use the new implementation -
add the NFS_LEGACYRPC option to fall back to the old code. When I
merge this support back to RELENG_7, I will probably change this so
that users have to 'opt in' to get the new code.

To use RPCSEC_GSS on either client or server, you must build a kernel
which includes the KGSSAPI option and the crypto device. On the
userland side, you must build at least a new libc, mountd, mount_nfs
and gssd. You must install new versions of /etc/rc.d/gssd and
/etc/rc.d/nfsd and add 'gssd_enable=YES' to /etc/rc.conf.

As long as gssd is running, you should be able to mount an NFS
filesystem from a server that requires RPCSEC_GSS authentication. The
mount itself can happen without any kerberos credentials but all
access to the filesystem will be denied unless the accessing user has
a valid ticket file in the standard place (/tmp/krb5cc_<uid>). There
is currently no support for situations where the ticket file is in a
different place, such as when the user logged in via SSH and has
delegated credentials from that login. This restriction is also
present in Solaris and Linux. In theory, we could improve this in
future, possibly using Brooks Davis' implementation of variant
symlinks.

Supporting RPCSEC_GSS on a server is nearly as simple. You must create
service creds for the server in the form 'nfs/<fqdn>@<REALM>' and
install them in /etc/krb5.keytab. The standard heimdal utility ktutil
makes this fairly easy. After the service creds have been created, you
can add a '-sec=krb5' option to /etc/exports and restart both mountd
and nfsd.

The only other difference an administrator should notice is that nfsd
doesn't fork to create service threads any more. In normal operation,
there will be two nfsd processes, one in userland waiting for TCP
connections and one in the kernel handling requests. The latter
process will create as many kthreads as required - these should be
visible via 'top -H'. The code has some support for varying the number
of service threads according to load but initially at least, nfsd uses
a fixed number of threads according to the value supplied to its '-n'
option.

Sponsored by:	Isilon Systems
MFC after:	1 month
2008-11-03 10:38:00 +00:00
danger
cfe07c5d69 - more mark-up fixes
Submitted by:	ru
2008-07-01 19:54:02 +00:00
danger
10977336ce - add some missing words
- we don't have ne(4), replace it with re(4)
- fix markup
- bump date

Submitted by:	ru
MFC after:	3 days
2008-06-30 08:29:02 +00:00
danger
2bc96effdd - markup fixes
- advise to use rc script to SIGHUP mountd
- add information about possiblity of using /prefix network notation [1]

PR:		docs/124373
Reviewed by:	jhb
Obtained from:	NetBSD [1]
MFC after:	3 days
2008-06-27 16:32:04 +00:00
rodrigc
7b00b88e8b Remove hacks which filter out MNT_ROOTFS.
They are no longer needed now that we filter out MNT_ROOTFS
inside the nmount() call in revision 1.267 of vfs_mount.c.

Reviewed by:	rink
2008-03-05 07:55:07 +00:00
simon
f96314870d Use the correct variable to check for a malloc failing. This fixes a
case where mountd would fail to start with "out of memory" logged to
syslog.
2007-10-27 12:24:47 +00:00
matteo
d3d824bbff Add the -h <bindip> option to mountd, similar to the one in nfsd(8)
-h bindip
Specify specific IP addresses to bind to for TCP and UDP requests.
This option may be specified multiple times.  If no -h option is
specified, mountd will bind to INADDR_ANY.  Note that when specifying
IP addresses with -h, mountd will automatically add 127.0.0.1 and if
IPv6 is enabled, ::1 to the list.

PR:		bin/114097
Reviewed by:	pjd (an eariler version of the patch)
MFC after:	1 week
2007-10-20 11:25:34 +00:00
pjd
1a9b4ef000 Fatal error is only when cannot open any of the given exports files. 2007-04-13 10:25:49 +00:00
pjd
3910945fa0 Grr, committed manual page without the last change - make the comment a bit
prettier.
2007-02-03 00:15:46 +00:00
pjd
8d0230d761 Add support for multiple exports files. This will be useful for example for
ZFS, where we have automatically generated /etc/zfs/exports file, which
should not be edited directly.

Discussed with:	rwatson
2007-02-03 00:12:18 +00:00
rodrigc
6204a21149 If nmount() fails to export a directory, in the syslog() error message,
add the errmsg string returned by nmount().
2007-01-26 13:26:43 +00:00
rodrigc
7a2a030c15 Ignore SIGPIPE, instead of terminating process.
PR:		81230
Submitted by:	Dmitrij Tejblum <tejblum yandex-team ru>
MFC after:	1 month
2006-11-18 22:43:20 +00:00
rink
e1c2e84f50 My previous commit made it impossible to export / over NFS; this small
change fixes this.

Reported by:	Lin Jui-Nan Eric < ericlin dot jnlin at gmail dot com >
Submitted by:	Erik Trulsson < ertr1013 at student dot uu dot se > (commit is inspired by a patch from Erik)
Pointyhat to:	me
Reviewed by:	stable@
Approved by:	imp (mentor)
MFC after:	3 days
2006-10-19 19:46:49 +00:00
rink
048d5cc4aa Prevent mountd(8) from resetting mount options when exporting a filesystem.
Approved by:		imp (mentor)
Sponsored by:		Quality Service Provider BV
MFC after:		3 days
2006-10-09 17:38:18 +00:00
rodrigc
42f2307385 In get_exportlist(), properly loop over mounted filesystems.
PR:	bin/99873
Submitted by:	Danny Braniss <danny at cs dot huji dot ac dot il>
2006-07-08 13:49:24 +00:00
rodrigc
88f89f303f For network filesystems (NFS, samba, etc.), do not pass "export" nmount()
parameter to try to delete an NFS export.  It won't work, and will log
a spurious warning to syslog.

Tested by:	Arno J. Klaassen <arno at heho dot snv dot jussieu dot fr>
MFC after:	3 days
2006-06-06 21:56:49 +00:00
rodrigc
f5f4b77a10 Do not log "can't delete export" messages if nmount() returns ENOTSUP.
This eliminates spurious log entries for trying to delete exports
for filesystems like devfs and procfs.
2006-05-28 18:59:28 +00:00
rodrigc
155325e141 Convert to nmount() and remove hardcoded checks for ufs, msdosfs, ntfs,
and cd9660.

PR:	bin/97642
2006-05-24 11:49:39 +00:00
rodrigc
04be51fc90 Convert mountd to nmount(). Remove some hardcoded dependencies
on ufs, cd9660, msdosfs, and ntfs, but not all dependencies.
2006-05-23 17:10:17 +00:00
keramida
9474672d95 Note that when -d flag is used, mountd(8) will not detach from the
controlling terminal.

PR:		docs/96660
Submitted by:	Jeff Ito <ijk@speakeasy.net>
MFC after:	1 week
2006-05-02 21:00:43 +00:00
jkoshy
e67c2fab9c Use ".Pa" for path names.
MFC after:	3 days
2006-01-29 08:44:05 +00:00
pjd
c71407b589 Pidfiles should be created with permission preventing users from opening
them for reading. When user can open file for reading, he can also
flock(2) it, which can lead to confusions.

Pointed out by:	green
2005-09-16 11:24:28 +00:00
pjd
a834e2610e Use pidfile(3) in mountd(8). There is no need to use /var/run/mountd.lock
anymore.
2005-08-24 19:17:06 +00:00
ume
e33ba03345 NI_WITHSCOPEID cleanup. Neither RFC 2553 nor RFC 3493 defines
NI_WITHSCOPEID, and our getaddrinfo(3) does nothing special
for it, now.
2005-05-13 16:31:11 +00:00
stefanf
ce3085bbfb Remove unused variables. 2005-04-09 14:59:10 +00:00
ru
c05985f13f Sort sections. 2005-01-18 20:02:45 +00:00
phk
fe016ce224 Also do not send junk mount arguments when removing exports. 2004-12-11 12:51:20 +00:00
stefanf
d00a4eaaea Pass an array of gid_t rather than an array of int to getgroups().
PR:	56646
2004-10-02 11:40:48 +00:00
imp
9fbed704d5 Per letter dated July 22, 1999 remove 3rd clause of Berkeley derived software
(with permission of addtional copyright holders where appropriate)
2004-08-07 04:28:56 +00:00
ru
3d43f7de86 Markup nits. 2004-06-04 19:23:12 +00:00
ceri
d0f528517f Correct typo in the last revision. 2004-03-27 14:23:25 +00:00
ceri
35087eb94c Note that only one webnfs share is allowed per NFS server.
PR:		docs/45371
Submitted by:	Mattias Pantzare <pantzer@ludd.luth.se>,
		Matthew D. Fuller <fullermd@over-yonder.net>
MFC after:	2 days
2004-03-22 21:05:57 +00:00
markm
0b0ae8e16e Make NULL a (void*)0 whereever possible, and fix the warnings(-Werror)
that this provokes. "Wherever possible" means "In the kernel OR NOT
C++" (implying C).

There are places where (void *) pointers are not valid, such as for
function pointers, but in the special case of (void *)0, agreement
settles on it being OK.

Most of the fixes were NULL where an integer zero was needed; many
of the fixes were NULL where ascii <nul> ('\0') was needed, and a
few were just "other".

Tested on: i386 sparc64
2004-03-05 08:10:19 +00:00
bms
9edf770955 Add a new option to mountd(8), -p <port>. This allows the user to specify
a known port for use in firewall rulesets; otherwise the port is chosen
at run-time by bindresvport().

MFC after:	1 week
2004-03-04 04:42:52 +00:00
obrien
f97ef1fb86 Be consistent in the EXAMPLES formatting. 2004-01-01 00:59:58 +00:00
peter
446d2f7e9f Rename the 'log' variable rather than -fno-builtin-log 2003-10-30 22:57:43 +00:00
peter
18ddddadd0 Use -fno-builtin-log. Fix svc_sendreply() missing required casts.
It is now WARNS=2 clean again.
2003-10-26 05:58:21 +00:00
rwatson
003334ca8f When reporting errors binding IPv6 TCP sockets, don't call them UDP
sockets in the printf.

Fix two minor co-located whitespace glitches.

Product of:	France
2003-07-17 10:11:26 +00:00
obrien
a920d12f89 style.Makefile(5) 2003-04-04 17:49:21 +00:00
mbr
f4b7d59385 Implement nonblocking tpc-connections. rpcgen -m does still
produce backcompatible code.

Reviewed by:	rwatson
Obtained from:	NetBSD
MFC after:	1 day
2003-01-16 07:27:30 +00:00
schweikh
fec6546e12 english(4) police. 2002-12-27 12:15:40 +00:00