commit b538862a5135f414d5455152c3ae8f5c2771a269 Author: Steve Dickson Date: Sat May 29 13:36:20 2021 -0400 gssd: Cleaned up debug messages Added tids to a number of statements Broke the lifetime_rec secs into a readable format Printed tids out correctly Trim down the output of both '-v' and '-vv' Signed-off-by: Steve Dickson commit 92b664ef4f25f1bd920bea4db435345629543353 Author: Jianhong Yin Date: Thu Jun 10 13:27:29 2021 -0400 mount.nfs: insert 'sloppy' at beginning of the options Previously, the 'sloppy' option was appended to other options so that when kernel parses the options sequentially, the 'sloppy' option will not work if there's a invalid option in front of it. use 'po_insert' instead 'po_append' Signed-off-by: Jianhong Yin Signed-off-by: Steve Dickson commit fbd4aab3c4c8bd7b310dcd37e4a22ebe77c2b439 Author: Chuck Lever Date: Thu Jun 10 12:14:25 2021 -0400 nfs(5): Correct the spelling of "kernel_source" Signed-off-by: Chuck Lever Signed-off-by: Steve Dickson commit 6a2b51f698959d643ec15dc0d438ad8f9af97dbb Author: Chuck Lever Date: Thu Jun 10 12:12:44 2021 -0400 nfs(5): Fix missing mentions of "rdma6" netid Signed-off-by: Chuck Lever Signed-off-by: Steve Dickson commit a3d6e20753de4c5b97f66329f995d1adb1ac7149 Author: Steve Dickson Date: Sat May 29 14:25:51 2021 -0400 gssd: add timeout for upcall threads Add a global list of active upcalls and a watchdog thread that walks the list, looking for threads running longer than timeout seconds. By default, an error message will by logged to the syslog. The upcall timeout can be specified by passing the -U option or by setting the upcall-timeout parameter in nfs.conf. Passing the -C option or setting cancel-timed-out-upcalls=1 in nfs.conf causes the watchdog thread to also cancel timed-out upcall threads and report an error of -ETIMEDOUT to the kernel. Signed-off-by: Scott Mayhew Signed-off-by: Steve Dickson commit 30a72d9c056c8f96640a6b9cda4f458311d4424e Author: Scott Mayhew Date: Sat May 29 13:43:52 2021 -0400 gssd: deal with failed thread creation If we fail to create a thread to handle an upcall, we still need to do a downcall to tell the kernel about the failure, otherwise the process that is trying to establish gss credentials will hang. This patch shifts the thread creation down a level in the call chain so now the main thread does a little more work up front (reading & parsing the data from the pipefs file) so it has the info it needs to be able to do the error downcall. Signed-off-by: Scott Mayhew Signed-off-by: Steve Dickson commit be7365239abf8556773b063730621967b9971708 Author: Roland Hieber Date: Tue May 25 14:02:28 2021 -0400 configure: check for rpc/rpc.h presence Recent versions of glibc (since 2.26?) no longer supply rpc/rpc.h, and in previous versions, RPC was optional. Detect such cases and prompt the user to build with libtirpc instead. Signed-off-by: Roland Hieber Signed-off-by: Steve Dickson commit 0b5864da6b74c6e7fa2672f6088fde4d8f16b21b Author: Roland Hieber Date: Tue May 25 13:59:06 2021 -0400 README: update git repository URL The old URL is no longer available. Update to the new URL that is mentioned on https://linux-nfs.org. Signed-off-by: Roland Hieber Signed-off-by: Steve Dickson commit e4ce810a9a2374e34a76ba78d1565382d47af3c8 Author: NeilBrown Date: Sat May 22 11:12:11 2021 -0400 Move declaration of etab and rmtab into libraries There are two global "struct stat_paths" structures: etab and rmtab. They are currently needed by some library code so any program which is linked with that library code needs to declare the structures even if it doesn't use the functionality. This is clumsy and error-prone. Instead: have the library declare the structure and put the definition in a header file. Now programs only need to know about these structures if they use the functionality. 'rmtab' is now declared in libnfs.a (rmtab.c). 'etab' is declared in export.a (xtab.c). Reviewed-by: Petr Vorel Signed-off-by: NeilBrown Signed-off-by: Steve Dickson commit 7a4e2d1de904a65496db051dbc9d4c7e510a5fd8 Author: NeilBrown Date: Sat May 22 11:06:13 2021 -0400 Remove 'force' arg from cache_flush() Since v4.17 the timestamp written to 'flush' is ignored, so there isn't much point choosing too precisely. For kernels since v4.3-rc3-13-g778620364ef5 it is safe to write 1 second beyond the current time. For earlier kernels, nothing is really safe (even the current behaviour), but writing one second beyond the current time isn't too bad in the unlikely case the people use a new nfs-utils on a 5 year old kernel. This remove a dependency for libnfs.a on 'etab' being declare, so svcgssd no longer needs to declare it. Reviewed-by: Petr Vorel Signed-off-by: NeilBrown Signed-off-by: Steve Dickson commit c5528f40f9db5061e06dcf1f9b7fce5185b376c6 Author: NeilBrown Date: Sat May 22 11:03:31 2021 -0400 Fix NFSv4 export of tmpfs filesystems Some filesystems cannot be exported without an fsid or uuid. tmpfs is the main example. When mountd (or exportd) creates nfsv4 pseudo-root exports for the path leading down to an export point it exports each directory without any fsid or uuid. If one of these directories is on tmpfs, that will fail. The net result is that exporting a subdirectory of a tmpfs filesystem will not work over NFSv4 as the parents within the filesystem cannot be exported. It will either fail, or fall-back to NFSv3 (depending on the version of the mount.nfs program). To fix this we need to provide an fsid or uuid for these pseudo-root exports. This patch does that by creating an RFC-4122 V5 compatible UUID based on an arbitrary seed and the path to the export. To check if an export needs a uuid, text_export() is moved from exportfs to libexport.a, modified slightly and renamed to export_test(). Reported-by: Petr Vorel Reviewed-by: Petr Vorel Tested-by: Petr Vorel Signed-off-by: NeilBrown Signed-off-by: Steve Dickson commit ed83085ff310fdc95badb06a26289efb70f99ccd Author: NeilBrown Date: Sat May 22 10:54:14 2021 -0400 gssd: use mutex to protect decrement of refcount The decrement of the "ple" refcount is not protected so it can race with increments or decrements from other threads. An increment could be lost and then the ple would be freed early, leading to memory corruption. So use the mutex to protect decrements (increments are already protected). As gssd_destroy_krb5_principals() calls release_ple() while holding the mutex, we need a "release_pte_locked()" which doesn't take the mutex. Signed-off-by: NeilBrown Signed-off-by: Steve Dickson commit 972dba0fb62bf6a8a115b86107bd9cf31fcc95ae Author: Alice Mitchell Date: Mon Apr 12 14:55:53 2021 -0400 nfs-utils: Enable the retrieval of raw config settings without expansion Config entries sometimes contain variable expansions, this adds options to retrieve the config entry rather than its current expanded value. Signed-off-by: Alice Mitchell Signed-off-by: Steve Dickson commit 964f4861605785c68c1ccdbf978f95739505771a Author: Alice Mitchell Date: Mon Apr 12 14:23:17 2021 -0400 nfs-utils: Factor out common structure cleanup calls Signed-off-by: Alice Mitchell Signed-off-by: Steve Dickson commit 8219bdb00cc749e17e8ed782eb264bd93f7b9a35 Author: NeilBrown Date: Thu May 6 08:22:46 2021 -0400 Replace all /var/run with /run FHS 3.0 deprecated /var/run in favour of /run. FHS 3.0 was released over 5 years ago. I think it is time for nfs-utils to catch up. Note that some places, particularly systemd unit files, already use just "/run". Signed-off-by: NeilBrown Signed-off-by: Steve Dickson commit 81727afec1fa19cd5cead63ea12c03e9d141e5bc Author: Patrick Steinhardt Date: Thu May 6 08:18:41 2021 -0400 Fix `statx()` emulation breaking exports Ever since commit 76c21e3f (mountd: Check the stat() return values in match_fsid(), 2020-05-08), it wasn't possible to export filesystems on my musl based system anymore. The root cause of this is the innocuous-looking change to decide based on `errno` whether `is_mountpoint()` raised a real error or whether it simply didn't match. The issue is that `is_mountpoint()` transitively calls into our `xlstat()` wrapper, which either executes `statx()` if the system supports it or otherwise falls back to `fstatat()`. But if `statx()` is not supported, then we'll always first set `errno = ENOSYS` before calling `fstatat()`. So effectively, all systems which do not have `statx()` and whose `fstatat()` doesn't reset `errno` will cause us to end up with errno set to `ENOSYS`. Fix the issue by resetting `errno` before calling `fstatat()` in both `xlstat()` and `xstat()`. Fixes: 76c21e3f (mountd: Check the stat() return values in match_fsid(), 2020-05-08) Signed-off-by: Patrick Steinhardt Signed-off-by: Steve Dickson commit a41afe9ed766cc0e51d938e99c74cd86465d3c6d Author: Yongcheng Yang Date: Thu May 6 08:15:12 2021 -0400 mountd/exports: Fix typo in the man page Signed-off-by: Yongcheng Yang Signed-off-by: Steve Dickson commit 2f669b6f02a959ef813019afdb4c7de72ec21f7e Author: Chuck Lever Date: Wed Apr 7 10:03:12 2021 -0400 NFS server should enable RDMA by default Product is shipped with NFS/RDMA disabled by default. An extra step is needed when setting up an NFS server to support NFS/RDMA clients. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1931565 Signed-off-by: Steve Dickson commit d77ece22b3317b103cb6e87f69351710a007fd03 Author: NeilBrown Date: Tue Apr 6 16:07:42 2021 -0400 mountd/exportd: only log confirmed clients, and poll for updates It is possible (and common with the Linux NFS client) for the nfs server to receive multiple SET_CLIENT_ID or EXCHANGE_ID requests when starting a connection. This results in some clients appearing in /proc/fs/nfsd/clients which never get confirmed. mountd currently logs these, but they aren't really helpful. If the kernel supports the reporting of the confirmation status of clients, we can suppress the message until a client is confirmed. With this patch we: - record if the client is confirmed, assuming it is if the status is not reported - don't log unconfirmed clients - request MODIFY notification from unconfirmed clients. - recheck an info file when it is modified. Signed-off-by: NeilBrown Signed-off-by: Steve Dickson commit ac266e2edc4f40eef810d52c72657b645e4010db Author: Ondrej Mosnacek Date: Tue Apr 6 15:57:37 2021 -0400 exportfs: fix unexporting of '/' The code that has been added to strip trailing slashes from path in unexportfs_parsed() forgot to account for the case of the root directory, which is simply '/'. In that case it accesses path[-1] and reduces the path to an empty string, which then fails to match any export. Fix it by stopping the stripping when the path is just a single character - it doesn't matter if it's a '/' or not, we want to keep it either way in that case. Reproducer: exportfs localhost:/ exportfs -u localhost:/ Without this patch, the unexport step fails with "exportfs: Could not find 'localhost:/' to unexport." Fixes: a9a7728d8743 ("exportfs: Deal with path's trailing "/" in unexportfs_parsed()") Link: https://bugzilla.redhat.com/show_bug.cgi?id=1941171 Signed-off-by: Ondrej Mosnacek Signed-off-by: Steve Dickson commit 7abd15e36349d11c4fa79b39f0798601bfdca697 Author: Kenneth D'souza Date: Mon Mar 15 10:33:29 2021 -0400 nfsdclnts: Ignore SIGPIPE signal Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1868828 Signed-off-by: Kenneth D'souza Signed-off-by: Steve Dickson commit edeb381593d65a4519c71568c969d3e2937ad911 Author: NeilBrown Date: Mon Mar 15 13:58:27 2021 -0400 mountd: add logging of NFSv4 clients attaching and detaching. NFSv4 does not have a MOUNT request like NFSv3 does (via the MOUNT protocol). So these cannot be logged. NFSv4 does have SETCLIENTID and EXCHANGE_ID. These are indirectly visible though changes in /proc/fs/nfsd/clients. When a new client attaches, a directory appears. When the client detaches, through a timeout (v4.0) or DESTROY_SESSION (v4.1+) the directory disappears. This patch adds tracking of these changes using inotify, with log messages when a client attaches or detaches. Unfortuantely clients are created in two steps, the second being a confirmation. This results in a temporary client appearing and disappearing. It is not possible (in Linux 5.10) to detect the unconfirmed client, so extra attach/detach messages are generated. This patch also moves some cache* function declarations into a header file, and makes a few related changes to #includes. Signed-off-by: NeilBrown Signed-off-by: Steve Dickson commit f8e2c8d461883fab6f335a8ee8132f1885ff1c9d Author: NeilBrown Date: Mon Mar 15 09:57:03 2021 -0400 mountd: make default ttl settable by option The DEFAULT_TTL affects the rate at which authentication messages are logged. So it is useful to make it settable. Add "-ttl" and "-T", and add clear statement in the documentation of both the benefits and the possible negative effects of choosing a larger value Signed-off-by: NeilBrown Signed-off-by: Steve Dickson commit cc15009355c8a7761266943569edc59e0efdc232 Author: NeilBrown Date: Mon Mar 15 09:54:02 2021 -0400 mountd: add --cache-use-ipaddr option to force use_ipaddr When logging authentication requests, it can be easier to read the logs if clients are always identified by IP address, not intermediate names like netgroups or subnets. To allow this, add --cache-use-ipaddr or -i which tell mountd to always enable use_ipaddr. Signed-off-by: NeilBrown Signed-off-by: Steve Dickson commit c7a954ae5a548d8fabec079c8fb426cca0c6f830 Author: NeilBrown Date: Mon Mar 15 09:49:09 2021 -0400 mountd: add logging for authentication results for accesses. When NFSv3 is used to mount a filesystem, success/failure messages are logged by mountd and can be used for auditing. When NFSv4 is used, there is no distinct "MOUNT" request, and nothing is logged. We can instead log authentication requests from the kernel. These will happen regularly - typically every 15 minutes of ongoing access - so they may be too noisy, or might be more useful. As they might not be wanted, make them selectable with the "AUTH" facility in xlog(). Add a "-l" to enable these logs. Alternately "debug = auth" will have the same effect. The same changes are made to both rpc.mountd and nfsv4.exportd. Signed-off-by: NeilBrown Signed-off-by: Steve Dickson commit 1a8156f8f2ee1c7b61de3357421da68297b47ec4 Author: NeilBrown Date: Mon Mar 15 09:41:42 2021 -0400 mountd/exports: update man page The text in the manpages about the export table is a bit outdated, and doesn't mention the in-kernel cache which is an import part of that table. As a future patch will enable logging of updates to that cache, it is important to have the caching behaviour documented. So update that section of both man pages, and make a few other minor improvements. Signed-off-by: NeilBrown Signed-off-by: Steve Dickson commit fec7347e930a9e989045eaf684694f793c802246 Author: NeilBrown Date: Mon Mar 15 09:39:59 2021 -0400 mountd: Don't proactively add export info when fh info is requested. When an "nfsd.fh" request is received from the kernel, we map the file-handle prefix to a path name and report that (as required) and then also add "nfsd.export" information with export flags applicable to that path. This is not necessary and was added as a perceived optimisation. When updating data already in the kernel, it is unlikely to help as the kernel can be expected to ask for both details at much the same time. With NFSv3, new information is normally added by a MOUNT rpc request, so this is irrelevant. With NFSv4, the kernel requests the "nfsd.export" information when walking down from ROOT, *before* requesting the nfsd.fh information, so this "optimisation" causes unnecessary work. A future patch will add logging of authentication requests, and this double-handling would result in extra unnecessary log messages. As this "optimisation" appears to have no practical value and some (small) cost, let's remove it. Signed-off-by: NeilBrown Signed-off-by: Steve Dickson commit a72c151f38bd5de2261c54ca8cbe2c4d3d5d7a0f Author: NeilBrown Date: Mon Mar 15 09:36:33 2021 -0400 mountd: reject unknown client IP when !use_ipaddr. When use_ipaddr is not in effect, an auth_unix_ip lookup request from the kernel for an unknown client will be rejected. When it IS in effect, these requests are always granted with the IP address being mapped to a string form of the address, preceded by a '$'. This is inconsistent behaviour and could present a small information leak. It means that, for example, a SETCLIENT NFSv4 request may or may not succeed depending on an internal setting in rpc.mountd. This is easily rectified by always checking if the client is known. Signed-off-by: NeilBrown Signed-off-by: Steve Dickson commit 05bacfed6df3f336c50326c7c6f4c3677c7f7d70 Author: Jacob Shivers Date: Mon Mar 15 09:22:57 2021 -0400 gssd: Add options to rpc.gssd to allow for the use of $HOME/.k5identity files Since commit 2f682f25c642fcfe7c511d04bc9d67e732282348 $HOME has been set to '/' to avoid a deadlock when accessing Kerberized NFS shares. While this works for most use cases, users who depend on the use of $HOME/.k5identity files are negatively impacted by this commit. This patch allows for users to use their $HOME/.k5identity to access subsequent Kerberized resources based on the credentials in said file. The default set by commit 2f682f25c still remains the same, but a user can pass '-H' to change rpc.gssd behavior to not set $HOME to '/'. Setting 'set-home=0' in /etc/nfs.conf has the same effect as passing '-H' directly to rpc.gssd. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1868087 Signed-off-by: Jacob Shivers Signed-off-by: Steve Dickson commit 7e559dbddc483a7c2bc7ea8133d8e4ba368d5f61 Author: Daniel Kobras Date: Thu Mar 4 16:17:35 2021 -0500 exportd: server-side gid management Ported manage-gids option from mountd Signed-off-by: Daniel Kobras Signed-off-by: Steve Dickson