Author: Rohan Sable Date: Thu Jun 18 13:07:42 2020 -0400 mountstats: Adding 'Day, Hour:Min:Sec' to "mountstats --nfs" for ease of understanding. This patch adds printing of 'Days, Hours:Mins:Sec' like below to --nfs in mountstats : NFS mount age : 12 days, 23:59:59 Signed-off-by: Rohan Sable Signed-off-by: Steve Dickson commit 017088d2c2e214c37e37784a6be9deda16462c1d Author: Robert Milkowski Date: Wed Jun 10 14:28:05 2020 -0400 man: Correct rpc.gssd(8) description of rpc-timeout and context-timeout The rpc-timeout is equivalent to -T and context-timeout to -t options, not vice versa. Signed-off-by: Robert Milkowski Signed-off-by: Steve Dickson commit 90a21a4a619428f81c58fef702ddb26f5a3df631 Author: Kenneth D'souza Date: Wed Jun 10 14:20:18 2020 -0400 nfsdclnts: Change shebang to /usr/bin/python3 Change shebang to /usr/bin/python3 which is widely accepted. Signed-off-by: Kenneth D'souza Signed-off-by: Steve Dickson commit a20806461d46ad352c4fbd38728f3956a923b804 Author: Scott Mayhew Date: Thu Jun 4 11:00:01 2020 -0400 mountstats: add missing operations Signed-off-by: Scott Mayhew Signed-off-by: Steve Dickson commit c0b07b801d7680c137391b6ea6b667d3d81e3f54 Author: Kenneth D'souza Date: Tue May 26 11:05:19 2020 -0400 nfsdclnts: Add --verbose and --file option. Add new option --file to process specific states file, provided the info file resides in the same directory as states file. If the info file is not valid or present the fields would be marked as "N/A". --verbose option will be helpful for debugging purpose. Signed-off-by: Kenneth D'souza Signed-off-by: Achilles Gaikwad Signed-off-by: Steve Dickson commit 7c3adff022ca10125dd75f68100c34595cfb4a7e Author: Kenneth D'souza Date: Tue May 26 11:03:29 2020 -0400 nfsdclnts: Handle exceptions gracefully for "info" and "states" file. This patch makes sure that "info" and "states" file are sane. If "info" file is not sane this patch would populate the fields as "N/A". This helps us to go ahead and process next "states" file. Signed-off-by: Kenneth D'souza Signed-off-by: Steve Dickson commit 2ebde7aadbcb05e6bc5b6537bfa405e3196cccd2 Author: Chuck Lever Date: Tue May 26 11:02:16 2020 -0400 man: Update nfs(5) and rpc.gssd(8) discussion of keytab needs Because of the wildcard feature in rpc.gssd, it's possible for a customer to deploy the same keytab on many of her NFSv4 clients to reduce the overhead of keytab distribution. However, the practice of sharing the same service principal amongst NFSv4 clients brings with it some hazards. Add documentation of those exposures in our man pages. The rpc.gssd(8) changes: - Remove some needless redundancy - Clarify the definition of "machine credentials" - Update the use of to explicitly not recommend sharing service principals The nfs(5) changes add two things: - A brief discussion of the primary security exposure of sharing service principals - A mention of the nfs4.nfs_unique_id module parameter Signed-off-by: Chuck Lever Signed-off-by: Steve Dickson commit 244dbb5208e2a07568313dd0685be58bc014e453 Author: Achilles Gaikwad Date: Mon May 18 10:07:32 2020 -0400 nfsdclnts: add man page for tool nfsdclnts This patch adds man page for the tool nfsdclnts. Signed-off-by: Achilles Gaikwad Signed-off-by: Kenneth D'souza Signed-off-by: Steve Dickson commit f7e6d6b678e2313c50552ea079b85258690d49c9 Author: Achilles Gaikwad Date: Mon May 18 10:02:39 2020 -0400 nfs-utils: add new tool nfsdclnts to parse output from proc files This tool parses the output from the following files /proc/fs/nfsd/clients/*/{states,info} Signed-off-by: Achilles Gaikwad Signed-off-by: Kenneth D'souza Signed-off-by: Steve Dickson commit 77d053e4881664e7dbbc3bbb9a242af005598e95 Author: Steve Dickson Date: Wed May 13 12:22:41 2020 -0400 nfsdclddb: Redname clddb-tool to nfsdclddb To try to maintain some type of name convention rename clddb-tool to nfsdclddb Signed-off-by: Steve Dickson commit 76c21e3f70a8e0209cfcd22c34835f9a59fa3dc3 Author: Trond Myklebust Date: Fri May 8 10:05:37 2020 -0400 mountd: Check the stat() return values in match_fsid() Propagate errors from the stat() calls in match_fsid() so that the caller can be more careful about how they are handled. Signed-off-by: Trond Myklebust Signed-off-by: Steve Dickson commit a46593c88a267a106808ee6752f78ce9ac613afc Author: Trond Myklebust Date: Fri May 8 10:02:11 2020 -0400 mountd: Ignore transient and non-fatal filesystem errors in nfsd_fh() In nfsd_fh(), if the error returned by the downcall is transient, then we should ignore it. Only reject the export if the filesystem path is truly not exportable. This fixes a case where we can see spurious NFSERR_STALE errors being returned by knfsd. Signed-off-by: Trond Myklebust Signed-off-by: Steve Dickson commit 4e9f95c336c4f1da0cf83a493d796543a8e7f4ea Author: Trond Myklebust Date: Fri May 8 09:59:26 2020 -0400 mountd: Ensure dump_to_cache() sets errno appropriately cache_write() will set errno if it returns -1, so that callers can handle errors appropriately, however dump_to_cache() needs to do so too. Signed-off-by: Trond Myklebust Signed-off-by: Steve Dickson commit 281244d2aacade273e4ac1f64ed8aff77a228b77 Author: Trond Myklebust Date: Fri May 8 09:56:05 2020 -0400 Fix autoconf probe for 'struct nfs_filehandle' It was failing because fcntl.h is not one of the standard includes. Signed-off-by: Trond Myklebust Signed-off-by: Steve Dickson commit 7cac7cd896dca8ad60cdc9672e727dd62dc58c7c Author: Trond Myklebust Date: Fri May 8 09:53:30 2020 -0400 mountd: Fix up path checking helper same_path() Convert 'same_path()' so that it works when 'rootdir' is set in the [exports] section of nfs.conf. Signed-off-by: Trond Myklebust Signed-off-by: Steve Dickson commit a536436d238814b4ec80f444fc9b234e264188e6 Author: Trond Myklebust Date: Fri May 8 09:49:07 2020 -0400 nfsd: Support running nfsd_name_to_handle_at() in the root jail When running nfsd_name_to_handle_at(), we usually want to see the same namespace as knfsd, so add helpers. Signed-off-by: Trond Myklebust Signed-off-by: Steve Dickson commit 1b50e24c9db3c718395b03b8d069814c5d5ecbe9 Author: Trond Myklebust Date: Fri May 8 09:47:18 2020 -0400 mountd: Add a helper nfsd_path_statfs64() for uuid_by_path() Ensure uuid_by_path() works correctly when 'rootdir' is set in the [exports] section of nfs.conf. Signed-off-by: Trond Myklebust Signed-off-by: Steve Dickson commit 0b235facc0355c138e68edcb4131d69d741cf7be Author: Srikrishan Malik Date: Mon May 4 13:43:50 2020 -0400 nfsidmap:umich_ldap: Add tunable to control action for ldap referrals. LDAP library follows referrals received in ldap response by default. This commit adds a param ldap_follow_referrals for umich_schema to control the behaviour. The default value of this tunable is 'true' i.e set to follow referrals. This is similar to nslcd::referrals param. Signed-off-by: Srikrishan Malik Signed-off-by: Steve Dickson commit c5dd634d579253d038e2db05513533dc306e95f3 Author: Lance Shelton Date: Mon May 4 13:41:22 2020 -0400 mountd: Preserve special characters in refer and replica path options Allow referral paths to contain special character by adding an escaping mechanism. Signed-off-by: Lance Shelton Signed-off-by: Trond Myklebust Signed-off-by: Steve Dickson commit 06b819e6ee12689628c59a7467810db4b01d5354 Author: Trond Myklebust Date: Thu Apr 23 09:44:52 2020 -0400 Fix a buffer overflow in qword_add() Don't allow writing beyond the end of the buffer. Signed-off-by: Trond Myklebust Signed-off-by: Steve Dickson commit 7b74b8d0b02ebfdef0901c9b20e9aec16ec2f6b2 Author: Scott Mayhew Date: Mon Apr 13 14:25:35 2020 -0400 nfsdcld: fix possible buffer overrun in sqlite_iterate_recovery() Prior to release, cp_data was originally intended to hold the gss principal string. When it was changed to hold a hash of the principal instead, the size of the field was changed but the 'n' arg of the memcpy() in sqlite_iterate_recovery() was not. Signed-off-by: Scott Mayhew Signed-off-by: Steve Dickson commit 1699fc34fe74ceda67e45453890a654c59f2b9e3 Author: Srikrishan Malik Date: Mon Apr 13 14:22:08 2020 -0400 nfsidmap:umich_ldap: Add support for SASL binds. umich_ldap can now do a sasl interactive bind to LDAP server based on the values of new tunables added. The tunables are similar to the ones in nslcd for SASL binds. Signed-off-by: Srikrishan Malik commit 266dd839e6399108cabe4b2d63c10dac5d8066dd Author: Rosen Penev Date: Mon Apr 13 14:18:06 2020 -0400 nfsidmap: define NS_MAXMSG if undefined uClibc-ng does not define it. Signed-off-by: Rosen Penev Signed-off-by: Steve Dickson commit cb75ec49c0a92f55b2241eb1cd95a3fdf63f0dac Author: Rosen Penev Date: Mon Apr 13 14:14:45 2020 -0400 nfs-utils: print time in 64-bit musl 1.2.0 defines time_t as 64-bit, even under 32-bit OSes. Fixes -Wformat errors. Signed-off-by: Rosen Penev Signed-off-by: Steve Dickson commit f0d7bebaa75e132c4c984013eef474498ea7b665 Author: Rosen Penev Date: Mon Apr 13 14:09:43 2020 -0400 nfs-utils: tools: use nls.h libintl.h is not available everywhere. This fixes compilation. Signed-off-by: Rosen Penev Signed-off-by: Steve Dickson commit 940caffdfb9953a2ccfecec81664e4a179753461 Author: Stefan Walter Date: Fri Apr 10 13:24:03 2020 -0400 Add regex plugin for nfsidmap The patch below adds a new nfsidmap plugin that uses regex to extract ids from NFSv4 names. Names are created from ids by pre- and appending static strings. It works with both idmapd on servers and nfsidmap on clients. This plugin is especially useful in environments with Active Directory where distributed NFS servers use a mix of short (uname) and long (domain\uname) names. Combining it with the nsswitch plugin covers both variants. Currently this plugin has its own git project on github but I think it could be helpful if it would be incorporated in the main nfs-utils plugin set. Signed-off-by: Steve Dickson commit 6ae82b44505af92c33678e8ae6a9c9fc1df7e0f3 Author: Steve Dickson Date: Wed Apr 8 10:03:29 2020 -0400 gssd: separate out debug messages with a newline Signed-off-by: Steve Dickson commit 61be6a88d09b59c4491a02a03aecc2eaaedae03a Author: NeilBrown Date: Fri Mar 27 15:10:44 2020 -0400 onffile: Don't give warning for optional config files. A recent commit added the possibility of optional config files for which warning messages would be suppressed. Unfortunately only one of the possible warning messages - the least likely one - was suppressed. This patch suppresses the other. Fixes: c6fdcbe0a5cf ("conffile: allow optional include files") Signed-off-by: NeilBrown Signed-off-by: Steve Dickson commit ef4b4eda5fbb959b9f25c146b36d66e07d7c3f0a Author: Petr Vorel Date: Fri Mar 27 15:04:49 2020 -0400 error.c: Put string for EOPNOTSUPP on single line To help people find it when search for common NFS error: mount.nfs: requested NFS version or transport protocol is not supported Signed-off-by: Petr Vorel Signed-off-by: Steve Dickson commit f2408bf118b669d086915ba3550b3b177c9df212 Author: J. Bruce Fields Date: Fri Mar 27 15:01:47 2020 -0400 nfsd(7): minimal /proc/fs/nfsd/clients/ documentation We should really say more, but this is at least a starting point. Signed-off-by: J. Bruce Fields Signed-off-by: Steve Dickson commit 57a4d7a6304ae4fe340e876a30c41e5e3fa48bd5 Author: J. Bruce Fields Date: Fri Mar 27 13:13:22 2020 -0400 nfsd(7): minimal updates The nfsd(7) man page has some useful documentation of the files under /proc/fs/nfsd/ and proc/net/rpc, but it's many years out of date. As a start, banish any discussion of the long-deprecated nfsctl systemcall to a NOTES section at the end, and admit that there are more than 3 files under /proc/fs/nfsd/. Signed-off-by: J. Bruce Fields Signed-off-by: Steve Dickson commit 7d5dcd2358df55353eed94a0e84b77bb3597634e Author: J. Bruce Fields Date: Fri Mar 27 13:11:28 2020 -0400 exports man page: warn about subdirectory exports Subdirectory exports have a number of problems which have been poorly documented. Signed-off-by: J. Bruce Fields Signed-off-by: Steve Dickson commit 4269e5ee8f4764db419bf0368e5a370251dea145 Author: Steve Dickson Date: Sun Mar 8 15:20:04 2020 -0400 gssd: ignore pipe files that do not exist As part commit e0eb6ebb which cleaned up the dnotify to inotify conversion (commit 55197c98) ignore pipe files that don't exist Signed-off-by: Steve Dickson commit 54176d0fd54659d8d0225bb5ef777f5a08337e9b Author: Steve Dickson Date: Wed Feb 26 13:56:03 2020 -0500 gssd: Use krb5_free_string() instead of free() Commit ae9e9760 plugged up some memory leaks by freeing memory via free(2). The proper way to free memory that has been allocated by krb5 functions is with krb5_free_string() Signed-off-by: Steve Dickson commit f9a7d4a9cc4e359f4f706bb85d01ba4324eac8b6 Author: Jianhong Yin Date: Thu Feb 27 10:39:22 2020 -0500 mount.c: fix args parse error argc number checking should be after getopt_long(), otherwise we'll get follow result: ''' ~]# mount.nfs -V usage: mount.nfs remotetarget dir [-rvVwfnsh] [-o nfsoptions] options: -r Mount file system readonly -v Verbose -V Print version -w Mount file system read-write -f Fake mount, do not actually mount -n Do not update /etc/mtab -s Tolerate sloppy mount options rather than fail -h Print this help nfsoptions Refer to mount.nfs(8) or nfs(5) ''' after fix: ''' ~]# mount.nfs -V mount.nfs: (linux nfs-utils 2.4.3) ''' Signed-off-by: Jianhong Yin Signed-off-by: Steve Dickson commit 10589ca13ade4967ed46be2b8a69aa9cc9d017ac Author: Steve Dickson Date: Wed Feb 12 13:56:53 2020 -0500 gssd: Closed a memory leak in find_keytab_entry() When 'adhostoverride' is "not set", which is most of the time, adhostoverride is not freed. Signed-off-by: Steve Dickson