commit 33f2f6df1cd14243ba2f5df7b597aa048bc276a3 Author: Steve Dickson Date: Tue Mar 25 11:12:07 2014 -0400 Release 1.3.0 Signed-off-by: Steve Dickson commit 2ae0763a618d30037ebb2520f6292f80d838a440 Author: Steve Dickson Date: Tue Mar 25 10:56:58 2014 -0400 nfsidmap: Keys need to be invalidated instead of revoked With some recent kernel changes to the key ring for a key to be removed they need to be invalidated instead of revoked. Signed-off-by: Steve Dickson commit 82ab4b4e80199d606e5c40f373aaf384d3dfc081 Author: NeilBrown Date: Mon Mar 24 07:47:08 2014 -0400 systemd: add PIDFile directives where appropriate. Only two of our daemons write out pid files. Signed-off-by: NeilBrown Signed-off-by: Steve Dickson commit ddeb343508886da1dcec810052f6fd69bada7164 Author: NeilBrown Date: Mon Mar 24 07:46:02 2014 -0400 systemd: nfs-client needs rpc-svcgssd too. For NFSv4.0 callbacks, the server needs the client code and the client needs the server code. Signed-off-by: NeilBrown Signed-off-by: Steve Dickson commit 92c788cdd805126bad2691449a6890509319deb6 Author: NeilBrown Date: Mon Mar 24 07:44:53 2014 -0400 systemd: remove @localstatedir@ marking. This isn't used so currently is inconvenient. Once we decide how to handle this sort of thing we can apply the change uniformly. Signed-off-by: NeilBrown Signed-off-by: Steve Dickson commit 83a492141fe80f38011bef0d6c7af9867408cb33 Author: NeilBrown Date: Mon Mar 24 07:43:01 2014 -0400 systemd units: create nfs-config.service as single location to process config. Instead of processing the config information into command lines every time it might be needed, do it once in a separate service that other services can Want. Signed-off-by: NeilBrown Signed-off-by: Steve Dickson commit a5051faf46711369fbf74175fb515f2aea2ec615 Author: NeilBrown Date: Sat Mar 22 10:17:10 2014 -0400 systemd units: remove reference to nfs-server.target from nfs-server.service. This line was somehow missed in a recent patch. nfs-server.target doesn't exists, so nothing can be part of it. Signed-off-by: NeilBrown Signed-off-by: Steve Dickson commit d86fc0c24e6a20a33c61b2b056901324194a0179 Author: NeilBrown Date: Thu Feb 13 14:09:36 2014 -0500 systemd: convert secure services to start without explicit configuration. This patch removes nfs-secure.target. Instead, rpc.gssd and rpc.svcgssd start started if they appear to be needed. For rpc.gssd, this means if the file /etc/krb5.keytab exists. As the only security mechanism supported is krb5, that file must exist for rpc.gssd to be useful. Conversely, if it does exist, it seems very likely that krb5 is configured on the system an may be used for NFS. For rpc.svcgssd, it also means checking if gss-proxy might be performing the equivalent task instead. So we check if it is running, and if the kernel is able to talk to it. Signed-off-by: NeilBrown Signed-off-by: Steve Dickson commit 5615e8924e9ebdf6808bb7a5f690a9d7c3af6dcd Author: NeilBrown Date: Thu Feb 13 13:58:28 2014 -0500 systemd units: merge nfs-server.service and nfs-server.target With systemd, a 'service' should run a single server while a 'target' can be used to group services. As nfs service is really a group of services a 'target' makes more sense. However that means that we need commands like systemctl start nfs-server.target rather than the more simple systemctl start nfs-server As the target/service separate doesn't bring any gain except a minor aesthetic, and does bring a practical inconvenience, this patch merges nfs-server.target into nfs-server.service. Reported-by: Steve Dickson Signed-off-by: NeilBrown Signed-off-by: Steve Dickson commit d5bd709307a05e14b7a2441b7576b68db85237c1 Author: NeilBrown Date: Thu Feb 13 13:52:42 2014 -0500 systemd: tidy up DefaultDependencies DefaultDependencies should be "yes" (the default) for things needed only be the NFS server, as that is a service that doesn't need to start early. DefaultDependencies should be "no" for things needed to mount an NFS filesystem, and filesystems are mounted before basic.target. To ensure these services are shut down in a timely fashion, they must Conflict with systemd.umount so they are shutdown when everything is unmounted. Signed-off-by: NeilBrown Signed-off-by: Steve Dickson commit c0512981b7e10487378e5c6fec5d7d72dd4f7e1a Author: NeilBrown Date: Thu Feb 13 13:48:24 2014 -0500 systemd: add nfs-utils.service which can be used to restart everything. With this patch, systemctl restart nfs-utils will restart any nfs-utils daemons that are currently running, whether there were started via nfs-server.service, nfs-client.target, or directly by systemctl. Signed-off-by: NeilBrown Signed-off-by: Steve Dickson commit 013ffe58343d922505e561af57bdb1f93078361a Author: NeilBrown Date: Fri Jan 31 11:05:56 2014 -0500 start-statd: converted to use systemd Signed-off-by: Steve Dickson commit 94ec315e6f550b2400a4498a0b11a186d843704f Author: NeilBrown Date: Fri Jan 31 11:04:31 2014 -0500 Added systemd/var-lib-nfs-rpc_pipefs.mount Signed-off-by: Steve Dickson commit 7271e4920d4c469e9ccdef8911f7f4d65cef1488 Author: NeilBrown Date: Fri Jan 31 11:04:04 2014 -0500 Added systemd/rpc-svcgssd.service Signed-off-by: Steve Dickson commit b89dab5a820c3d42dbb62b9c2dbd53d4f3aa1d71 Author: NeilBrown Date: Fri Jan 31 11:03:27 2014 -0500 Added systemd/rpc-statd.service Signed-off-by: Steve Dickson commit 4008ff681ac90307a4ca25c42cf4689cb2c490bb Author: NeilBrown Date: Fri Jan 31 11:02:57 2014 -0500 Added systemd/rpc-statd-notify.service Signed-off-by: Steve Dickson commit 057d4a4feef81e4241d0d0129a8c43e1f19dede6 Author: NeilBrown Date: Fri Jan 31 10:58:03 2014 -0500 Added systemd/rpc-gssd.service Signed-off-by: Steve Dickson commit d1f0f845882437435e924a45daab120e82e31a94 Author: NeilBrown Date: Fri Jan 31 10:57:20 2014 -0500 Added systemd/proc-fs-nfsd.mount Signed-off-by: Steve Dickson commit 0c9e2299257a5744cb03ef8a6dce5e475a28a651 Author: NeilBrown Date: Fri Jan 31 10:56:57 2014 -0500 Added systemd/nfs-server.target Signed-off-by: Steve Dickson commit 929aaa7eeab1ac3c0f08a46ea243570e7762e4d4 Author: NeilBrown Date: Fri Jan 31 10:55:51 2014 -0500 Added systemd/nfs-server.service Signed-off-by: Steve Dickson commit ad95793e807d14e762d462590fc60a504f74f0c6 Author: NeilBrown Date: Fri Jan 31 10:55:13 2014 -0500 Added systemd/nfs-secure.target Signed-off-by: Steve Dickson commit 9c85f3ee4ebbfef7fb10a964f26934e671517f00 Author: NeilBrown Date: Fri Jan 31 10:54:24 2014 -0500 Added systemd/nfs-mountd.service Signed-off-by: Steve Dickson commit 63e8cda7f679e26648481c607c73cda507cc1b0a Author: NeilBrown Date: Fri Jan 31 10:53:54 2014 -0500 Added systemd/nfs-idmapd.service Signed-off-by: Steve Dickson commit c35b414b425107a81735bddad2cf5053d1cb36d1 Author: NeilBrown Date: Fri Jan 31 10:52:53 2014 -0500 Added systemd/nfs-client.target Signed-off-by: Steve Dickson commit 754545261520a3f6d046fa94c474d1c9649613f0 Author: NeilBrown Date: Fri Jan 31 10:52:25 2014 -0500 Added systemd/nfs-blkmap.target Signed-off-by: Steve Dickson commit ff8081e893711bb9f23f9ef0fefbd3b2d3b106bd Author: NeilBrown Date: Fri Jan 31 10:50:52 2014 -0500 Added systemd/nfs-blkmap.service Signed-off-by: Steve Dickson commit 785ef0339cd68addd7de7c01336453e4281f4d8c Author: NeilBrown Date: Fri Jan 31 10:50:25 2014 -0500 Added systemd/README Signed-off-by: Steve Dickson commit ea01b444d5108db81e61f6d468c936c62b18d0f1 Author: Scott Mayhew Date: Sat Mar 22 10:12:49 2014 -0400 mount: chk_mountpoint should only check for execute perms for unpriveleged users Otherwise 'mount -o remount' fails on mounts that have root squashing enabled and world execute perms disabled. Signed-off-by: Scott Mayhew Signed-off-by: Steve Dickson commit 4663c6481c294838260840d234fec7dfd3186451 Author: Chuck Lever Date: Mon Mar 17 10:36:01 2014 -0400 exportfs: Support raw IPv6 addresses with "client:/path" Wrap IPv6 presentation addresses in square brackets. This echoes the same syntax used when specifying IPv6 server addresses with the mount.nfs command. BugLink: https://bugzilla.redhat.com/show_bug.cgi?id=817557 Tested-by: Steve Dickson Signed-off-by: Chuck Lever Signed-off-by: Steve Dickson commit ebd488515f534ba8eaf2d91d0451d329e78023f0 Author: Chuck Lever Date: Mon Mar 17 10:35:19 2014 -0400 exportfs: Refactor exportfs() and unexportfs() Separate parsing the "client:/path" argument from the actual processing. BugLink: https://bugzilla.redhat.com/show_bug.cgi?id=817557 Tested-by: Steve Dickson Signed-off-by: Chuck Lever Signed-off-by: Steve Dickson commit 6a28ddbfd09f5b766346f268efaf1a0670a5e21e Author: Jim Rees Date: Thu Mar 13 11:11:45 2014 -0400 nfs(5): intr/nointr are ignored now Signed-off-by: Jim Rees Signed-off-by: Steve Dickson commit 65ac59cdef494f4a439feace258e35f226ae210b Author: NeilBrown Date: Tue Mar 11 11:11:10 2014 -0400 [PATCH - v3] mount.nfs: Fix fallback from tcp to udp Protocol negotiation in mount.nfs does not correctly negotiate with a server which only supports NFSv3 and UDP. When mount.nfs attempts an NFSv4 mount and fails with ECONNREFUSED it does not fall back to NFSv3, as this is not recognised as a "does not support NFSv4" error. However ECONNREFUSED is a clear indication that the server doesn't support TCP, and ipso facto does not support NFSv4. So ECONNREFUSED should trigger a fallback from v4 to v2/3. However ECONNREFUSED may simply indicate that NFSv4 isn't supported *yet*. i.e. the server is still booting and isn't responding to NFS requests yet. So if we subsequently find that NFSv3 is supported, we need to check with the server to confirm that NFSv4 really isn't supported. If server reports that v4 is not supported after reporting that v3 is, we can safely use v4. If it reports that v4 is supported, we need to retry v4. Signed-off-by: Steve Dickson Reported-by: Carsten Ziepke commit e7afd5f3a2a945b3162f0a300c7ed37a861a9dbd Author: NeilBrown Date: Tue Mar 11 14:16:50 2014 -0400 mountd: use SONAME fir libnfsjunct when loading with dlopen The standard for loading shared libraries is to identify them by their "soname" (Which "objdump -x $BINARY | grep SONAME" will report). However mountd currently loads using the "linker name" which should only be used when building new code. Future releases of fedfs-utils will define the soname in the include file, so if that is defined, use it. If not, use the soname of the first version: "libnfsjunct.so.0". This is a slight behavioural change. However all distros known to package fedfs-utils will install "libnfsjunct.so.0" whenever they install the old name of "libnfsjunct.so", and "make install" will install both. So it should not be a noticeable change. Also only test the JP_API_VERSION if it is defined. As the version is embedded in the soname, a secondary test is not needed. Cc: Chuck Lever Signed-off-by: NeilBrown Signed-off-by: Steve Dickson commit e6a7a7cc1a932a301c6ce7a1a619884b1f8f5271 Author: Michael Scherer Date: Tue Mar 11 14:02:20 2014 -0400 nfsd: permit to use multiple time the -H option This permit to have 1 nfsd listening on more than 1 interface for multihomed systems, without having to listen on all interfaces and filtering later. Signed-off-by: Steve Dickson commit d2c892750f585ba87f97c145551eb10ffc8f9bda Author: Aaro Koskinen Date: Tue Mar 11 12:29:11 2014 -0400 tools: use install -m instead of --mode Use install -m instead of--mode for better compatibility. E.g. busybox's install doesn't support the long option. Signed-off-by: Aaro Koskinen Signed-off-by: Steve Dickson commit e72d258d0d70fe036a5814c1a13975302cab3f17 Author: Mateusz Guzik Date: Tue Mar 11 12:27:52 2014 -0400 nfsidmap: fix error reporting for nfs4_* family of functions Errors were logged with xlog_err function relying on errno, but these functions don't set it. Fix the problem by introducing xlog_errno which set errno Signed-off-by: Mateusz Guzik Signed-off-by: Steve Dickson commit 2204097a0a960c88658e28a688eca58c9c5722e4 Author: NeilBrown Date: Sat Mar 8 11:35:34 2014 -0500 statd: add options to set port number of lockd Even though lockd is a totally separate process to statd, they depended on each other: statd much be running for lockd to be useful. So an easy way to set the port numbers used by lockd is to get statd to set them. This patch add --nlm-port and --nlm-tcp-port to that end. Signed-off-by: Steve Dickson commit 0f62f94ac6304c5c030ae9eecf5a933c1c2b543a Author: NeilBrown Date: Sat Mar 8 11:20:19 2014 -0500 nfsd: set nlm grace time to make NFSv4 grace time These two values are conceptually very similar, so it probably makes sense to set them to the same value at the same time. Signed-off-by: NeilBrown Signed-off-by: Steve Dickson commit 85f688bf3951d6ece278045acb344f747d388830 Author: NeilBrown Date: Tue Mar 11 11:49:13 2014 -0400 nfsd: allow nfsv4leasetime and nfsv4gracetime to be set New arguments --gracetime (-G) and --leasetime (-L) Signed-off-by: NeilBrown Signed-off-by: Steve Dickson commit e54de2940d020e6ac53a5840b6e427bac986ca62 Author: NeilBrown Date: Sat Mar 8 10:40:07 2014 -0500 nfsd: add -r and --rdma options to request rdma service As nfsd establishes UDP and TCP ports, it should establish RDMA too. Signed-off-by: NeilBrown Signed-off-by: Steve Dickson commit 5be4b2d7786d3eaee9e11c3bc4cdbfa451006947 Author: Simo Sorce Date: Mon Mar 10 16:24:34 2014 -0400 gssd: Drop full domain when constructing the Ad hostname. When trying to use the special MS Windows hostanme we need to stop at the first '.' if we got a FQDN from gethostname() Tee HOST$@REALM form in fact uses the AD samAccountName attribute to represent 'HOST', and that attribute is always the host's shortname. Characters like '.' are actually illegal for a shortname in AD. Signed-off-by: Simo Sorce Signed-off-by: Steve Dickson commit 327e24b8678c350b70f83f8b58790309a7c94c7b Author: Steve Dickson Date: Thu Feb 13 12:44:06 2014 -0500 nfsd: support NFS4_MAXMINOR up to the number an unsigned int can keep This implementation allows specifying NFS4 minor version numbers up to the number of bits available in int data type (typically 32 on Linux) This is based on an idea mentioned by J. Bruce Fields mentioned on the linux-nfs mailing list. I changed the data type back from an array to two bit fields, one for storing whether the minor version was specified on the command line and the second one for storing whether it was set or unset. This change was done to prevent blowing up the allocated stack space in an unnecessary fashion. Acked-by: J. Bruce Fields Signed-off-by: Robert Schiele Signed-off-by: Steve Dickson commit 2f682f25c642fcfe7c511d04bc9d67e732282348 Author: Jeff Layton Date: Wed Jan 22 11:17:19 2014 -0500 gssd: set $HOME to prevent recursion when home dirs are on kerberized NFS mount Some krb5 routines will attempt to access files in the user's home directory. This is problematic for gssd when the user's homedir is on a kerberized NFS mount as it will end up deadlocked. Fix this by setting $HOME unconditionally to "/". Fixes this Fedora bug: https://bugzilla.redhat.com/show_bug.cgi?id=1052902 Reported-by: Enrico Scholz Reported-by: nmorey Tested-by: Michael Young Signed-off-by: Jeff Layton Signed-off-by: Steve Dickson commit d7ad8bc650b26ceef70b719839b77f1a668ff95e Author: Steve Dickson Date: Mon Jan 20 12:45:52 2014 -0500 mount.nfs: Removed supported flag from usage string Signed-off-by: Steve Dickson commit df0f8ab7de8d4664ca3d97d71ff2ef80fae24cb4 Author: Steve Dickson Date: Sat Jan 18 12:09:43 2014 -0500 rpc.idmapd: Remove no longer supported flags from man page. Signed-off-by: Steve Dickson commit 3466906c1048326cac437163e7de8222475ff438 Author: Steve Dickson Date: Sat Jan 18 11:45:19 2014 -0500 rpc.statd: Allow usage messages to be displayed when statd is running. Signed-off-by: Steve Dickson commit d4a6663183931c73987c713e25318ea5443e976e Author: Chuck Lever Date: Sat Jan 18 10:47:10 2014 -0500 nfs(5): Clarify DATA AND METADATA COHERENCE section Signed-off-by: Chuck Lever Signed-off-by: Steve Dickson commit e1afedba1da25f71224d96c327558b66f8d8d29e Author: Simo Sorce Date: Sat Jan 18 10:43:15 2014 -0500 gssd: Remove unused arguments The name variable is always set to NULL now in all callers, so just sto passing it around needlessly. The uid_t variable is not used at all, so chuck it out too. Signed-off-by: Simo Sorce Signed-off-by: Steve Dickson commit 319340bafe996b4878b2a2df97f58d7ec1797e47 Author: Simo Sorce Date: Sat Jan 18 10:38:51 2014 -0500 gssd: Improve first attempt at acquiring GSS credentials Since now rpc.gssd is switching uid before attempting to acquire credentials, we do not need to pass in the special uid-as-a-string name to gssapi, because the process is already running under the user's credentials. By removing this code we can fix a class of false negatives where the user name does not match the actual ccache credentials and the ccache type used is not one of the only 2 supported explicitly by rpc.gssd by the fallback trolling done later. Signed-off-by: Simo Sorce Signed-off-by: Steve Dickson commit 67014b27eae72ab3bb633232a7d8ed8802349e77 Author: Steve Dickson Date: Fri Jan 17 11:17:16 2014 -0500 exportfs: Exit with correct value when an error occurs Signed-off-by: Steve Dickson commit f4f372ae316a650b4e54c26758af964b5a6d9cbf Author: Steve Dickson Date: Fri Jan 17 10:57:29 2014 -0500 exportfs: Don't buffer overflow on exports that are too big. Signed-off-by: Steve Dickson commit 35640883cf34a32f893e9fecefbb193782e9bc75 Author: Karel Zak Date: Tue Jan 7 15:56:06 2014 -0500 mountd: optimize libblkid usage * use get_uuid_blkdev() only first time for the path (it means that uuid_by_path() is called with type==0) * don't use libblkid for btrfs, network or pseudo filesystems Note that the patch defines the fs type ID rather than include as this file seems incomplete and libc specific). Signed-off-by: Karel Zak Signed-off-by: Steve Dickson commit 9d404c0bc391c6d0294204cd9c7eba032d517013 Author: Tony Asleson Date: Tue Jan 7 15:43:43 2014 -0500 exportfs.c: Escape path for '-s' option When outputing the paths and the user has specified the option -s, escape the path. Signed-off-by: Tony Asleson Signed-off-by: Steve Dickson commit b62a5103ca8dd2c6e128379ab035352ce15886a1 Author: Tony Asleson Date: Tue Jan 7 15:41:54 2014 -0500 exportfs.c: Remove trailing whitespace Signed-off-by: Tony Asleson Signed-off-by: Steve Dickson commit da915d0fff353c25524616e86647826877bb7c86 Author: Tony Asleson Date: Tue Jan 7 15:40:21 2014 -0500 exportfs.c: escape path for function test_export Verbatim patch proposal from J. Bruce Fields except calling snprintf instead of sprintf. Tested and appears to work with path names that have a space. Signed-off-by: Tony Asleson Signed-off-by: Steve Dickson commit 93648ecc10bae7ed542056abb55f4b8f10ddbbb9 Author: J. Bruce Fields Date: Tue Jan 7 15:37:58 2014 -0500 nfsd: fix minorversion-choosing interface From: "J. Bruce Fields" By unconditionally adding ?4.2 to the version string written to the kernel we make nfs-utils incompatible with pre-4.2-supporting kernels. Ditto for 4.1. This problem was introduced by 12a590f8d556c00a9502eeebaa763d906222d521 "rpc.nfsd: Allow v4.2 server support with the -V option", which also change nfsd to unconditionally pass ?4.2. Instead, just don't mention 4.1 or 4.2 unless the commandline has specifically requested that one or the other be turned on or off. Tested-by: Joakim Tjernlund Reported-by: Joakim Tjernlund Signed-off-by: J. Bruce Fields Signed-off-by: Steve Dickson commit 660c8537085b3e66bff7da2953da9a98429c9635 Author: Steve Dickson Date: Tue Jan 7 14:15:34 2014 -0500 mount.nfs: Don't silently ignore invalid protocol versions. Signed-off-by: Steve Dickson commit ad7814093205b669650a60e16fbe4e4b25b50f12 Author: Harshula Jayasuriya Date: Wed Nov 20 14:35:00 2013 -0500 exportfs: modify can_test() to use LONG_MAX when appropriate This patch is the nfs-utils patch corresponding to the kernel patch commit 2f74f972 "sunrpc: prepare NFS for 2038". The kernel sunrpc code needs to handle seconds since epoch greater than 2147483647. This means functions that parse time as an int need to handle it as time_t." When appropriate exportfs should use LONG_MAX in can_test() instead of INT_MAX. Signed-off-by: Harshula Jayasuriya Signed-off-by: Steve Dickson commit f41c591f8f4d492ee84994bb86810fb90bef8d4b Author: Chuck Lever Date: Wed Nov 20 14:10:06 2013 -0500 nfs(5): Treatment of *atime mount options I was reminded recently that NFS treats file atime time stamps differently than other filesystems. It also ignores the generic *atime mount options because it cannot support the atime semantics of local filesystems. We should document that somewhere. nfs(5) seems like a logical place for it. Signed-off-by: Chuck Lever Signed-off-by: Steve Dickson commit 250dbae681c3bd589f2fe52871b0c3611f72b87f Author: Jeff Layton Date: Wed Nov 20 13:55:50 2013 -0500 gssd: don't let parent exit until child has a chance to scan directory once With some proposed kernel changes, it won't even attempt to upcall sometimes if it doesn't appear that gssd is running. This means that we have a theoretical race between gssd starting up at boot time and the init process attempting to mount kerberized filesystems. Fix this by switching gssd to use mydaemon() and having the child only release the parent after it has processed the directory once. Signed-off-by: Jeff Layton Signed-off-by: Steve Dickson commit 6a46d870c61433c8dea0270d9c10702b7b4b3d99 Author: Jeff Layton Date: Wed Nov 20 15:00:41 2013 -0500 nfs-utils: consolidate mydaemon() and release_parent() implementations We currently have 2 cut-and-paste versions of this code. One for idmapd and one for svcgssd.[1] The two are basically equivalent but there are some small differences, mostly related to how errors in that function are logged. svcgssd uses printerr() with a priority of 1, which only prints errors if -v was specified. That doesn't seem to be quite right. Daemonizing errors are necessarily fatal and should be logged as such. The one for idmapd uses err(), which always prints to stderr even though we have the xlog facility set up. Since both have xlog configured at this point, log the errors using xlog_err() instead. The only other significant difference I see is that the idmapd version will open "/" if it's unable to open "/dev/null". I believe that however was a holdover from an earlier version of that function that did not error out when we were unable to open a file descriptor. Since the function does that now, I don't believe we need that fallback anymore. [1]: technically, we have a third in statd too, but it's different enough that I don't want to touch it here. Signed-off-by: Jeff Layton Signed-off-by: Steve Dickson commit 95af6be7a7039282243118447d6d1895671504da Author: Jeff Layton Date: Wed Nov 20 12:59:39 2013 -0500 gssd: don't let spurious signals interrupt the wait after forking Because gssd uses dnotify under the hood, it's easily possible that the parent process can catch a signal while processing an upcall. If that happens, then we'll currently exit the wait for the child task to exit, and it'll end up as a zombie. Fix this by ensuring that we only wait for the child to actually exit. Signed-off-by: Jeff Layton Signed-off-by: Steve Dickson commit f47f22007c27a03c8ed4c53fe568eefa3c3de94e Author: Chuck Lever Date: Wed Nov 20 12:57:03 2013 -0500 nfs(5): Document the "migration" mount option Support for NFSv4 migration was merged in 3.13. Signed-off-by: Chuck Lever Signed-off-by: Steve Dickson commit aae9c0eaf94e93c62873d2a9e01f5652c323b919 Author: Weston Andros Adamson Date: Wed Nov 20 12:52:07 2013 -0500 mount.nfs: Recognize v4.x mount options The kernel understands text options of the form "v4.x" (ie "v4.1"), but mount.nfs does not and this leads to weird errors when the requested mount fails: a line in dmesg about version 3 not supporting minorversions and mount.nfs returning EINVAL no matter what the real error was. This happens because mount.nfs thinks no version was specified so it starts probing other versions which conflicts with the v4.X option once it gets parsed by the kernel. $ sudo mount -v -o v4.1 zero:/invalid_export /mnt mount.nfs: timeout set for Wed Nov 13 10:09:48 2013 mount.nfs: trying text-based options 'v4.1,vers=4,addr=192.168.100.10,clientaddr=192.168.100.11' mount.nfs: mount(2): No such file or directory mount.nfs: trying text-based options 'v4.1,addr=192.168.100.10' mount.nfs: prog 100003, trying vers=3, prot=6 mount.nfs: trying 192.168.100.10 prog 100003 vers 3 prot TCP port 2049 mount.nfs: prog 100005, trying vers=3, prot=17 mount.nfs: trying 192.168.100.10 prog 100005 vers 3 prot UDP port 20048 mount.nfs: mount(2): Invalid argument mount.nfs: an incorrect mount option was specified And you get this in dmesg: NFS: mount option vers=3 does not support minorversion=1 but if you use another form of the same options, this doesn't happen: $ sudo mount -v -o vers=4,minorversion=1 zero:/invalid_export /mnt mount.nfs: timeout set for Wed Nov 13 10:10:28 2013 mount.nfs: trying text-based options 'vers=4,minorversion=1,addr=192.168.100.10,clientaddr=192.168.100.11' mount.nfs: mount(2): No such file or directory mount.nfs: mounting zero:/invalid_export failed, reason given by server: No such file or directory Acked-by: Chuck Lever Signed-off-by: Weston Andros Adamson Signed-off-by: Steve Dickson commit d3eac1e59e068cf033f850ab8be016beccf9726d Author: Weston Andros Adamson Date: Wed Nov 20 12:46:20 2013 -0500 gssd: Fix file descriptor leak of old pipe dirs gssd doesn't properly clean up internal state for old pipes and never closes the (since deleted) clnt_info directory. This leads to eventual fd exhaustion. To reproduce, run a lot of mount / umounts in a loop and watch the output of 'ls /proc/$PID/fdinfo | wc -l' (where PID is the pid of gssd) steadily grow until gssd eventually crashes with "Too many open files". This regression was introduced by 841e83c1, which was trying to fix a similar bug in the skip matching logic of update_old_clients. The problem with that patch is that pdir will never match dirname, because dirname is "/clntXXX". Signed-off-by: Weston Andros Adamson Signed-off-by: Steve Dickson commit f4b43e2ff3db1b12a60c9b5087ac2bcf6ba4bee5 Author: NeilBrown Date: Wed Nov 20 12:43:29 2013 -0500 gssd: always reply to rpc-pipe requests from kernel. Sometimes gssd will open a new rpc-pipe but never read requests from it or reply to them. This causes the kernel to wait forever for a reply. In particular, if a filesystem is mounted by IP, and the IP has no hostname recorded in /etc/hosts or DNS, then gssd will not listen to requests and the mount will hang indefinitely. The comment in process_clnt_dir() for the "fail_keep_client:" branch suggests that it is for the case where we couldn't open some subdirectories. However it is currently also taken if reverse DNS lookup fails (as well as some other lookup failures). Those failures should not be treated the same as failure-to-open directories. So this patch causes a failure from read_service_info() to *not* be reported by process_clnt_dir_files. This ensures that insert_clnt_poll() will be called and requests will be handled. In handle_gssd_upcall, the current error path (taken when the mech is not "krb5") does not reply to the upcall. This is wrong. A reply is always appropriate. The only replies which aren't treated as transient errors are EACCES and EKEYEXPIRED, so we return the former. If read_service_info() fails then ->servicename will be NULL which will cause process_krb5_upcall() (quite reasonably) to become confused. So in that case we don't even try to process the up-call but just reply with EACCES. As clp->servicename==NULL is no longer treated as fatal, it is not appropraite to use it to test if read_service_info() has been already called on a client. Instread test clp->prog. Finally, the error path of read_service_info() will close 'fd' if it isn't -1, so when we close it, we should set fd to -1. Acked-by: Jeff Layton Signed-off-by: NeilBrown Signed-off-by: Steve Dickson