| 363673 |
29-Jul-2020 |
brooks |
MFC r363435:
Avoid reading one byte before the path buffer.
This happens when there's only one component (e.g. "/foo"). This
(mostly-harmless) bug has been present since June 1990 when it was
commited to mountd.c SCCS version 5.9.
Note: the bug is on the second changed line, the first line is changed
for visual consistency.
Reviewed by: cem, emaste, mckusick, rmacklem
Reported by: CHERI
Obtained from: CheriBSD
Sponsored by: DARPA
Differential Revision: https://reviews.freebsd.org/D25759 |
| 363626 |
27-Jul-2020 |
brooks |
MFC r363439:
Correct a type-mismatch between xdr_long and the variable "bad".
Way back in r28911 (August 1997, CVS rev 1.22) we imported a NetBSD
information leak fix via OpenBSD. Unfortunatly we failed to track the
followup commit that fixed the type of the error code. Apply the change
from int to long now.
Reviewed by: emaste
Reported by: CHERI
Obtained from: CheriBSD
Sponsored by: DARPA
Differential Revision: https://reviews.freebsd.org/D25779 |
| 362717 |
28-Jun-2020 |
rmacklem |
MFC: r361854
Fix mountd so that it will not lose SIGHUPs that indicate "reload exports".
Without this patch, if a SIGHUP is handled while the process is executing
get_exportlist(), that SIGHUP is essentially ignored because the got_sighup
variable is reset to 0 after get_exportlist().
This results in the exports file(s) not being reloaded until another SIGHUP
signal is sent to mountd.
This patch fixes this by resetting got_sighup to zero before the
get_exportlist() call while SIGHUP is blocked.
It also defines a delay time of 250msec before doing another exports reload
if there are RPC request(s) to process. This prevents repeated exports reloads
from delaying handling of RPC requests significantly.
PR: 246597 |
| 362712 |
28-Jun-2020 |
rmacklem |
MFC: r361780, r361956
Fix mountd to handle getgrouplist() not returning groups[0] == groups[1].
Prior to r174547, getgrouplist(3) always returned a groups list with
element 0 and 1 set to the basegid argument, so long as ngroups was > 1.
Post-r174547 this is not the case. r328304 disabled the deduplication that
removed the duplicate, but the duplicate still does not occur unless the
group for a user in the password database is also entered in the group
database.
This patch fixes mountd so that it handles the case where a user specified
with the -maproot or -mapall exports option has a getgrouplist(3) groups
list where groups[0] != groups[1]. |
| 349772 |
05-Jul-2019 |
rmacklem |
MFC: r348590, r348591
Modify mountd so that it incrementally updates the kernel exports upon a reload.
Without this patch, mountd would delete/load all exports from the exports
file(s) when it receives a SIGHUP. This works fine for small exports file(s),
but can take several seconds to do when there are large numbers (10000+) of
exported file systems. Most of this time is spent doing the system calls
that delete/export each of these file systems. When the "-S" option
has been specified (the default these days), the nfsd threads are suspended
for several seconds while the reload is done.
This patch changes mountd so that it only does system calls for file systems
where the exports have been changed/added/deleted as compared to the exports
done for the previous load/reload of the exports file(s).
Basically, when SIGHUP is posted to mountd, it saves the exportlist structures
from the previous load and creates a new set of structures from the current
exports file(s). Then it compares the current with the previous and only does
system calls for cases that have been changed/added/deleted.
The nfsd threads do not need to be suspended until the comparison step is
being done. This results in a suspension period of milliseconds for a server
with 10000+ exported file systems.
There is some code using a LOGDEBUG() macro that allow runtime debugging
output via syslog(LOG_DEBUG,...) that can be enabled by creating a file
called /var/log/mountd.debug. This code is expected to be replaced with
code that uses dtrace by cy@ in the near future, once issues w.r.t. dtrace
in stable/12 have been resolved.
The patch should not change the usage of the exports file(s), but improves
the performance of reloading large exports file(s) where there are only a
small number of changes done to the file(s).
PR: 237860 |
| 349756 |
05-Jul-2019 |
rmacklem |
MFC: r348452
Replace a single linked list with a hash table of lists.
mountd.c uses a single linked list of "struct exportlist" structures,
where there is one of these for each exported file system on the NFS server.
This list gets long if there are a large number of file systems exported and
the list must be searched for each line in the exports file(s) when
SIGHUP causes the exports file(s) to be reloaded.
A simple benchmark that traverses SLIST() elements and compares two 32bit
fields in the structure for equal (which is what the search is)
appears to take a couple of nsec. So, for a server with 72000 exported file
systems, this can take about 5sec during reload of the exports file(s).
By replacing the single linked list with a hash table with a target of
10 elements per list, the time should be reduced to less than 1msec.
Peter Errikson (who has a server with 72000+ exported file systems) ran
a test program using 5 hashes to see how they worked.
fnv_32_buf(fsid,..., 0)
fnv_32_buf(fsid,..., FNV1_32_INIT)
hash32_buf(fsid,..., 0)
hash32_buf(fsid,..., HASHINIT)
- plus simply using the low order bits of fsid.val[0].
The first three behaved about equally well, with the first one being
slightly better than the others.
It has an average variation of about 4.5% about the target list length
and that is what this patch uses.
Peter Errikson also tested this hash table version and found that the
performance wasn't measurably improved by a larger hash table, so a
load factor of 10 appears adequate.
PR: 237860 |
| 349457 |
27-Jun-2019 |
mav |
MFC r349376: Fix strsep_quote() on strings without quotes.
For strings without quotes and escapes dstptr and srcptr are equal, so
zeroing *dstptr before checking *srcptr is not a good idea. In practice
it means that in -maproot=65534:65533 everything after the colon is lost.
The problem was there since r293305, but before r346976 it was covered by
improper strsep_quote() usage.
PR: 238725 |
| 349128 |
17-Jun-2019 |
rmacklem |
MFC: r347583
Replace global list for grouplist with list(s) for each exportlist element.
In mountd.c, the grouplist structures are linked into a single global
linked list headed by "grphead". The only use of this linked list is
to free all list elements when the exportlist elements are also all being
free'd at the time the exports are being reloaded.
This patch replaces this one global linked list head with a list head in
each exportlist structure, where the grouplist elements for that exported
file system are linked.
The only change is that now the grouplist elements are free'd with the
associated exportlist element as they are free'd instead of all grouplist
elements being free'd after the exportlist elements are free'd. This
change should have no effect in practice.
This is being done, since a future patch that will add a "-I" option for
incrementally updating the exports in the kernel needs to know which
grouplist elements are associated with each exported file system and
having them linked into a list headed by the exportlist element does that.
PR: 237860 |
| 349126 |
17-Jun-2019 |
rmacklem |
MFC: r347498
Factor code into two new functions in preparation for a future commit.
Factor code into two functions.
read_exportfile() a functon which reads the exports file(s) and calls
get_exportlist_one() to process each of them.
delete_export() a function which deletes the exports in the kernel for a file
system.
The contents of these functions is just the same code as was used to do the
operations, moved into separate functions. As such, there is no semantic change.
This is being done in preparation for a future commit that will add an
option to do incremental changes of kernel exports upon receiving SIGHUP.
PR: 237860 |
| 349124 |
17-Jun-2019 |
rmacklem |
MFC: r347476
Factor out some exportlist list operations into separate functions.
This patch moves the code that removes and frees all exportlist elements
out into a separate function called free_exports().
It does the same for the insertion of a new exportlist entry into a list.
It also adds a second argument to ex_search() for the list to use.
None of these changes have any semantic effect. They are being done to
prepare the code for future patches that convert the single linked list
for the exportlist to a hash table of lists and a patch that will do
incremental changes of exports in the kernel.
And it fixes the argument for SLIST_HEAD_INITIALIZER() to a pointer,
which doesn't really matter, since SLIST_HEAD_INITIALIZER() doesn't use
the argument.
PR: 237860 |
| 347341 |
08-May-2019 |
mav |
MFC r346976: Respect quotes and escapes when splitting exports fields.
Without this r293305 was still unable to handle names with spaces. |
| 346769 |
26-Apr-2019 |
mav |
MFC r341641 (by sef): Reduce number of DNS queries in mountd. |
| 341171 |
29-Nov-2018 |
sef |
MFC r340442
mountd has no way to configure the listen queue depth; rather than add a new
option, we pass -1 down to listen, which causes it to use the
kern.ipc.soacceptqueue sysctl.
Approved by: mav
Sponsored by: iXsystems Inc |
| 333197 |
03-May-2018 |
avg |
MFC r332559: mountd: fix a crash when getgrouplist reports too many groups
Sponsored by: Panzura |
| 331722 |
29-Mar-2018 |
eadler |
Revert r330897:
This was intended to be a non-functional change. It wasn't. The commit
message was thus wrong. In addition it broke arm, and merged crypto
related code.
Revert with prejudice.
This revert skips files touched in r316370 since that commit was since
MFCed. This revert also skips files that require $FreeBSD$ property
changes.
Thank you to those who helped me get out of this mess including but not
limited to gonzo, kevans, rgrimes.
Requested by: gjb (re) |
| 330897 |
14-Mar-2018 |
eadler |
Partial merge of the SPDX changes
These changes are incomplete but are making it difficult
to determine what other changes can/should be merged.
No objections from: pfg |
| 330092 |
28-Feb-2018 |
rpokala |
MFC r329682:
mountd: Return proper errno values in a few error paths
When attempting to mount a non-directory which exists, return ENOTDIR
instead of ENOENT. If stat() or statfs() failed, don't pass part of the
invalid (struct statfs) to ex_search(). In that same case, preserve the
value of "bad" rather than overwriting with EACCES. |
| 329392 |
16-Feb-2018 |
brd |
MFC r329009
mountd(8): Produce vaguely meaningful error messages
Approved by: cem, will |
| 324955 |
24-Oct-2017 |
manu |
MFC r324257-r324258
r324257:
mountd: Convert exportlist to SLIST
Use SLIST from sys/queue.h instead of homebrew linked list for the exportlist.
Reviewed by: bapt, rmacklem
Sponsored by: Gandi.net
Differential Revision: https://reviews.freebsd.org/D12502
r324258:
mountd: Convert mountlist to SLIST
Use SLIST from sys/queue.h instead of homebrew linked list for mountlist.
Reviewed by: bapt, rmacklem
Sponsored by: Gandi.net
Differential Revision: https://reviews.freebsd.org/D12504 |
| 324234 |
03-Oct-2017 |
manu |
MFC r324007, r324012, r324014
r324007:
mountd: Replace malloc+strcpy to strdup
Reviewed by: bapt
Sponsored by: Gandi.net
Differential Revision: https://reviews.freebsd.org/D12503
r324012:
mountd: Remove unneeded cast
Reported by: kib
X MFC With: r324007
r324014:
mountd: Avoid memory leak by freeing dp_dirp
Introduced in r324007, the data alloced by strdup was never free'ed.
While here, remove cast to caddr_t when freeing dp.
Reported by: bde
X MFC With: r324007 |
| 319119 |
29-May-2017 |
ngie |
MFC r314659,r314676:
r314659:
usr.sbin: normalize paths using SRCTOP-relative paths or :H when possible
This simplifies make logic/output
r314676:
Fix build after r314656
Some of the changes I introduced to use .ALLSRC were correct in spirit,
but incorrect in reality -- in particular, ../Makefile.inc hadn't been
pulled in via bsd.init.mk (via bsd.lib.mk, bsd.prog.mk), so the value
of .ALLSRC (evaluated immediately) was empty. .include bsd.init.mk
explicitly so we can be certain that the values used as dependencies in
the targets are defined when the target recipe has been evaluated.
Reminder: thou shalt separate out separate functional changes before
committing them.
(YUGE) Pointyhat to: ngie
In collaboration with: bdrewery |
| 308450 |
08-Nov-2016 |
rmacklem |
MFC: r307891
Fix the man page to reflect the change done by r307890 to mountd.c
so that the "-n" option uses the sysctl for the new NFS server.
This is a content change. |
| 308449 |
08-Nov-2016 |
rmacklem |
MFC: r307890
mountd(8) was erroneously setting the sysctl for the old NFS server
when the new/default NFS server was running, for the "-n" option.
This patch fixes the problem for head and stable/11. For stable/10 the
patch will need to be modified when MFC'd, since the stable/10 mountd.c
handles both old and new NFS servers.
Since the new NFS server uses vfs.nfsd.nfs_privport == 0 by default,
there wouldn't have been many users affected by the code not setting
it to 0 when the "-n" option was specified. |
| 302408 |
08-Jul-2016 |
gjb |
Copy head@r302406 to stable/11 as part of the 11.0-RELEASE cycle.
Prune svn:mergeinfo from the new branch, as nothing has been merged
here.
Additional commits post-branch will follow.
Approved by: re (implicit)
Sponsored by: The FreeBSD Foundation |
| 298912 |
02-May-2016 |
araujo |
Use MIN macro from sys/param.h.
MFC after: 2 weeks.
|
| 298089 |
15-Apr-2016 |
pfg |
Cleanup unnecessary semicolons from utilities we all love.
|
| 293305 |
07-Jan-2016 |
jpaetzel |
Allow /etc/exports to contain usernames/groups with spaces in them.
If you are getting your users/groups from a directory service such
as LDAP or AD it's possible for those usernames or groupnames to
contain spaces.
Submitted by: Sean E. Fagan
Reviewed by: rmacklem
MFC after: 1 week
Sponsored by: iXsystems
|
| 292864 |
29-Dec-2015 |
uqs |
Fix type mismatches for malloc(3) and Co.
This is rather pedantic, as for most architectures it holds that
sizeof(type *) == sizeof(type **)
Found by: clang static analyzer
Reviewed by: ed
Differential Revision: https://reviews.freebsd.org/D4722
|
| 285128 |
04-Jul-2015 |
trasz |
Staticize some stuff in mountd(8); no functional changes.
MFC after: 1 month
Sponsored by: The FreeBSD Foundation
|
| 284345 |
13-Jun-2015 |
sjg |
Add META_MODE support.
Off by default, build behaves normally.
WITH_META_MODE we get auto objdir creation, the ability to
start build from anywhere in the tree.
Still need to add real targets under targets/ to build packages.
Differential Revision: D2796
Reviewed by: brooks imp
|
| 283008 |
16-May-2015 |
rmacklem |
Add a warning message to mountd for exported file
systems that are automounted, since that configuration
isn't supported. This still allows the export, since
two emails I received felt that this should not be
disabled. It sends the message to syslog(LOG_ERR..), so that
it goes to the same places as the other messages related
to /etc/exports problems, even though it is a warning and not an error.
Reviewed by: trasz
MFC after: 2 weeks
|
| 282214 |
29-Apr-2015 |
trasz |
Remove oldnfs leftovers from mountd(8).
Reviewed by: rmacklem@
Sponsored by: The FreeBSD Foundation
|
| 281699 |
18-Apr-2015 |
sjg |
No need to delete export from filesystems which are not exported.
|
| 278523 |
10-Feb-2015 |
kib |
Mountd iterating over the mount points may race with the parallel
unmount, which causes error from nmount(2) call when performing
MNT_DELEXPORT over the directory which ceased to be a mount point.
The race is legitimate and innocent, but results in the chatty mountd.
Silence it by providing an distinguished error code for the situation,
and ignoring the error in mountd loop.
Based on the patch by: Andreas Longwitz <longwitz@incore.de>
Prodded and tested by: bdrewery
Sponsored by: The FreeBSD Foundation
MFC after: 2 weeks
|
| 277352 |
19-Jan-2015 |
rstone |
When mountd is creating sockets, it iterates over all addresses specified
in the "hosts" array and eventually looks up the network address with
getaddrinfo(). At one point it checks for a numeric address and if it
sees one, it sets a hint parameter to force getaddrinfo to interpret the
host as a numeric address. However that hint is not cleared for subsequent
iterations of the loop and if any hosts seen after this point are host names,
getaddrinfo will fail on the name. The result of this bug is that you cannot
pass a host name to the -h flag.
Unfortunately, the first iteration will either process ::1 or 127.0.0.1,
so the flag is set on the first iteration and all host names will fail
to be processed.
The same bug applies to rpc.lockd and rpc.statd, so fix them too.
Differential Revision: https://reviews.freebsd.org/D1507
Reported by: Dylan Martin
MFC after: 1 week
Sponsored by: Sandvine Inc.
|
| 275054 |
25-Nov-2014 |
bapt |
Convert usr.sbin to LIBADD
Reduce overlinking
|
| 270183 |
19-Aug-2014 |
bdrewery |
Avoid showing stale errors when nmount(2) fails.
Sometimes nmount(2) will fail without setting errmsg. The previous (ignored)
error would then be shown as the reason for the failed call if the next
nmount(2) also fails without [ENOENT,ENOTSUP].
An example is when there is a tmpfs mounted with -o size. vfs_filteropt() adds
'size' as an error in errmsg due to 'size' not being in tmpfs_updateopts. Then
tmpfs_mount returns [ENOTSUP] from nmount(2), which is then ignored. The next
call may race with an unmount causing an invalid [EINVAL] that then does log an
error, with the tmpfs errmsg.
The race itself is a separate issue to fix as it is expected to have an
[ENOENT] returned instead.
In this example the mount being shown is actually nullfs, not tmpfs that the
error is from.
mountd[740]: can't delete exports for /poudriere/data/.m/exp-head-commit-test-devel/04/.npkg: Invalid argument mount option <size> is unknown
It should only show:
mountd[740]: can't delete exports for /poudriere/data/.m/exp-head-commit-test-devel/04/.npkg: Invalid argument
MFC after: 2 weeks
|
| 270005 |
14-Aug-2014 |
rmacklem |
Try to clarify how file systems are exported for NFSv4.
Suggested by: rcarter@pinyon.org
MFC after: 1 week
|
| 247034 |
20-Feb-2013 |
pluknet |
Check if the -sec option is given without an argument.
PR: bin/170413
Submitted by: Andrey Simonenko <simon@comsys.ntu-kpi.kiev.ua>
MFC after: 1 week
|
| 244689 |
25-Dec-2012 |
rmacklem |
Attempt to clarify that for ZFS, all file systems under
the NFSv4 root must be exported. This is because ZFS
checks exports itself.
This is a content change.
MFC after: 2 weeks
|
| 244538 |
21-Dec-2012 |
kevlo |
Fix socket calls on error post-r243965.
Submitted by: Garrett Cooper
|
| 241569 |
15-Oct-2012 |
rmacklem |
Add a description for the '-S' option to the mountd man page.
This is a content change.
Reviewed by: kib
MFC after: 2 weeks
|
| 241568 |
15-Oct-2012 |
rmacklem |
Add a new '-S' option to mountd, which tells it to suspend
execution of the nfsd threads while it is reloading the exports.
This avoids clients from getting intermittent access errors
when the exports are being reloaded non-atomically.
It is not an ideal solution, since requests will back up while
the nfsd threads are suspended. Also, when this option is used,
if mountd crashes while reloading exports, mountd will have to
be restarted to get the nfsd threads to resume execution.
This has been tested by Vincent Hoffman (vince at unsane.co.uk)
and John Hickey (jh at deterlab.net).
The nfse patch offers a more comprehensive solution for this issue.
PR: kern/9619, kern/131342
Reviewed by: kib
MFC after: 2 weeks
|
| 241330 |
07-Oct-2012 |
joel |
Minor mdoc fixes.
|
| 240902 |
25-Sep-2012 |
rmacklem |
Attila Bogar reported a bug in mountd when multiple export
entries with different security flavors are in the exports(5)
file. For that case, mountd replies with the security flavors
of the last entry and not the correct one for the client host.
This patch fixes that by storing separate copies of the flavors
for each host/net case, plus a default one for the case where
no hosts/nets are specified on an entry in the exports(5) file.
Unlike the patch in the PR, it replies with the security flavors
for the entry instead of merging the security flavors for all
the entries and replying with that.
Tested by: attila.bogar at linguamatics.com
PR: kern/164933
MFC after: 2 weeks
|
| 239744 |
27-Aug-2012 |
delphij |
Show error messages if nmount() failed.
MFC after: 1 month
|
| 233648 |
29-Mar-2012 |
eadler |
Remove trailing whitespace per mdoc lint warning
Disussed with: gavin
No objection from: doc
Approved by: joel
MFC after: 3 days
|
| 230352 |
20-Jan-2012 |
eadler |
Fix warning when compiling with gcc46:
error: variable 'dirp' set but not used
error: variable 'dirplen' set but not used
Approved by: dim, cperciva (mentor, blanket for pre-mentorship already-approved commits)
MFC after: 3 days
|
| 228990 |
30-Dec-2011 |
uqs |
Spelling fixes for usr.sbin/
|
| 224003 |
14-Jul-2011 |
delphij |
Use calloc() instead of an explicit memset.
MFC after: 2 weeks
|
| 223954 |
12-Jul-2011 |
rmacklem |
Try and fix the exports.5 man page so that it clarifies how
NFSv4 exports are handled. Improved by informal review comments from
mckusick, kudak at mit.edu and bde.
This is a content change.
MFC after: 2 weeks
|
| 222623 |
02-Jun-2011 |
rmacklem |
Fix the nfs related daemons so that they don't intermittently
fail with "bind: address already in use". This problem was reported
to the freebsd-stable@ mailing list on Feb. 19 under the subject
heading "statd/lockd startup failure" by george+freebsd at m5p dot com.
The problem is that the first combination of {udp,tcp X ipv4,ipv6}
would select a port# dynamically, but one of the other three combinations
would have that port# already in use. The patch is somewhat involved
because it was requested by dougb@ that the four combinations use the
same port# wherever possible. The patch splits the create_service()
function into two functions. The first goes as far as bind(2) in a
loop for up to GETPORT_MAXTRY - 1 times, attempting to use the same port#
for all four cases. If these attempts fail, the last attempt allows
the 4 cases to use different port #s. After this function has succeeded,
the second function, called complete_service(), does the rest of what
create_service() did.
The three daemons mountd, rpc.lockd and rpc.statd all have a
create_service() function that is patched in a similar way. However,
create_service() has non-trivial differences for the three daemons
that made it impractical to share the same functions between them.
Reviewed by: jhb
MFC after: 2 weeks
|
| 220981 |
24-Apr-2011 |
rmacklem |
Patch the mountd and nfsd man pages to reflect the recent changes
done by r220980 to deprecate the -e option and add the -o option.
This is a content change for both man pages.
|
| 220980 |
24-Apr-2011 |
rmacklem |
This patch changes the default NFS server to the new one, which was
referred to as the experimental server. It also adds a new command
line option "-o" to both mountd and nfsd that forces them to use the
old/regular NFS server. The "-e" option for these commands is now
a no-op, since the new server is the default. I will be committing rc
script and man changes soon. Discussed on freebsd-fs@.
|
| 219125 |
01-Mar-2011 |
ru |
Fixed conversion of prefix length to a netmask.
|
| 216587 |
20-Dec-2010 |
charnier |
Add __unused. Ansi prototypes.
|
| 209926 |
12-Jul-2010 |
maxim |
o Fix typo: sepcify -> specify.
PR: docs/148499
Submitted by: Warren Block
MFC after: 1 week
|
| 207689 |
06-May-2010 |
rmacklem |
If the "-alldirs" export option was used for the V4: line, mountd
would crash in check_options() since dp == NULL for the V4: line.
This patch moves the check for options allowed on the V4: line to
ahead of where dp is used to avoid this crash.
Reported by: mamalos AT eng.auth.gr
MFC after: 1 week
|
| 200076 |
03-Dec-2009 |
trasz |
Description of steps required to setup NFSv4 server is in nfsv4(4);
add reference to exports(5), since that's the obvious starting point
for searching for this.
|
| 194880 |
24-Jun-2009 |
dfr |
Don't use sys/nfs/rpcv2.h - it is part of the old kernel RPC implementation
and will be removed.
|
| 194773 |
23-Jun-2009 |
rmacklem |
When mountd.c parses the nfsv4 root line(s) in /etc/exports, it
allocates data structures that are never linked into the tree or free'd.
As such, mountd would leak memory every time it parsed an nfsv4 root line.
This patch frees up those structures to plug the leak.
Approved by: kib (mentor)
|
| 194498 |
19-Jun-2009 |
brooks |
Rework the credential code to support larger values of NGROUPS and
NGROUPS_MAX, eliminate ABI dependencies on them, and raise the to 1024
and 1023 respectively. (Previously they were equal, but under a close
reading of POSIX, NGROUPS_MAX was defined to be too large by 1 since it
is the number of supplemental groups, not total number of groups.)
The bulk of the change consists of converting the struct ucred member
cr_groups from a static array to a pointer. Do the equivalent in
kinfo_proc.
Introduce new interfaces crcopysafe() and crsetgroups() for duplicating
a process credential before modifying it and for setting group lists
respectively. Both interfaces take care for the details of allocating
groups array. crsetgroups() takes care of truncating the group list
to the current maximum (NGROUPS) if necessary. In the future,
crsetgroups() may be responsible for insuring invariants such as sorting
the supplemental groups to allow groupmember() to be implemented as a
binary search.
Because we can not change struct xucred without breaking application
ABIs, we leave it alone and introduce a new XU_NGROUPS value which is
always 16 and is to be used or NGRPS as appropriate for things such as
NFS which need to use no more than 16 groups. When feasible, truncate
the group list rather than generating an error.
Minor changes:
- Reduce the number of hand rolled versions of groupmember().
- Do not assign to both cr_gid and cr_groups[0].
- Modify ipfw to cache ucreds instead of part of their contents since
they are immutable once referenced by more than one entity.
Submitted by: Isilon Systems (initial implementation)
X-MFC after: never
PR: bin/113398 kern/133867
|
| 194448 |
18-Jun-2009 |
kan |
Re-do r192913 in less intrusive way. Only do IP_RECVDSTADDR/IP_SENDSRCADDR
dace for UPDv4 sockets bound to INADDR_ANY. Move the code to set
IP_RECVDSTADDR/IP_SENDSRCADDR into svc_dg.c, so that both TLI and non-TLI
users will be using it.
Back out my previous commit to mountd. Turns out the problem was affecting
more than one binary so it needs to me addressed in generic rpc code in
libc in order to fix them all.
Reported by: lstewart
Tested by: lstewart
|
| 193674 |
08-Jun-2009 |
kan |
The change r192913 has added dependency on IP_RECVDSTADDR being
set for RPC UDP sockets. Mountd uses internal libc fuctions
directly and bypasses generic socket initialization completely,
so we need to set IP_RECVDSTADDR here to match the libc behavior.
|
| 192993 |
28-May-2009 |
rmacklem |
Change the "-4" argument for nfsd and mountd to "-e" to avoid
confusion, since it does not refer to IPv4 nor NFSv4, but to
running the experimental server instead of the regular one.
Approved by: kib (mentor)
|
| 192934 |
27-May-2009 |
rmacklem |
Modify mountd to handle the experimental nfs server as well as the
regular one. It now takes a "-4" command line argument to force it
to use the experimental server. Otherwise it will use the regular
server unless the experimental server is the only one linked into
the kernel. A third kind of line has been added to /etc/exports,
which is specific to NFSv4 and defines where the NFSv4 tree root is
and can be used to limit access to NFSv4 state handling operations
that do not use any file handle.
Approved by: kib (mentor)
|
| 184588 |
03-Nov-2008 |
dfr |
Implement support for RPCSEC_GSS authentication to both the NFS client
and server. This replaces the RPC implementation of the NFS client and
server with the newer RPC implementation originally developed
(actually ported from the userland sunrpc code) to support the NFS
Lock Manager. I have tested this code extensively and I believe it is
stable and that performance is at least equal to the legacy RPC
implementation.
The NFS code currently contains support for both the new RPC
implementation and the older legacy implementation inherited from the
original NFS codebase. The default is to use the new implementation -
add the NFS_LEGACYRPC option to fall back to the old code. When I
merge this support back to RELENG_7, I will probably change this so
that users have to 'opt in' to get the new code.
To use RPCSEC_GSS on either client or server, you must build a kernel
which includes the KGSSAPI option and the crypto device. On the
userland side, you must build at least a new libc, mountd, mount_nfs
and gssd. You must install new versions of /etc/rc.d/gssd and
/etc/rc.d/nfsd and add 'gssd_enable=YES' to /etc/rc.conf.
As long as gssd is running, you should be able to mount an NFS
filesystem from a server that requires RPCSEC_GSS authentication. The
mount itself can happen without any kerberos credentials but all
access to the filesystem will be denied unless the accessing user has
a valid ticket file in the standard place (/tmp/krb5cc_<uid>). There
is currently no support for situations where the ticket file is in a
different place, such as when the user logged in via SSH and has
delegated credentials from that login. This restriction is also
present in Solaris and Linux. In theory, we could improve this in
future, possibly using Brooks Davis' implementation of variant
symlinks.
Supporting RPCSEC_GSS on a server is nearly as simple. You must create
service creds for the server in the form 'nfs/<fqdn>@<REALM>' and
install them in /etc/krb5.keytab. The standard heimdal utility ktutil
makes this fairly easy. After the service creds have been created, you
can add a '-sec=krb5' option to /etc/exports and restart both mountd
and nfsd.
The only other difference an administrator should notice is that nfsd
doesn't fork to create service threads any more. In normal operation,
there will be two nfsd processes, one in userland waiting for TCP
connections and one in the kernel handling requests. The latter
process will create as many kthreads as required - these should be
visible via 'top -H'. The code has some support for varying the number
of service threads according to load but initially at least, nfsd uses
a fixed number of threads according to the value supplied to its '-n'
option.
Sponsored by: Isilon Systems
MFC after: 1 month
|
| 180154 |
01-Jul-2008 |
danger |
- more mark-up fixes
Submitted by: ru
|
| 180112 |
30-Jun-2008 |
danger |
- add some missing words
- we don't have ne(4), replace it with re(4)
- fix markup
- bump date
Submitted by: ru
MFC after: 3 days
|
| 180071 |
27-Jun-2008 |
danger |
- markup fixes
- advise to use rc script to SIGHUP mountd
- add information about possiblity of using /prefix network notation [1]
PR: docs/124373
Reviewed by: jhb
Obtained from: NetBSD [1]
MFC after: 3 days
|
| 176819 |
05-Mar-2008 |
rodrigc |
Remove hacks which filter out MNT_ROOTFS.
They are no longer needed now that we filter out MNT_ROOTFS
inside the nmount() call in revision 1.267 of vfs_mount.c.
Reviewed by: rink
|
| 173056 |
27-Oct-2007 |
simon |
Use the correct variable to check for a malloc failing. This fixes a
case where mountd would fail to start with "out of memory" logged to
syslog.
|
| 172827 |
20-Oct-2007 |
matteo |
Add the -h <bindip> option to mountd, similar to the one in nfsd(8)
-h bindip
Specify specific IP addresses to bind to for TCP and UDP requests.
This option may be specified multiple times. If no -h option is
specified, mountd will bind to INADDR_ANY. Note that when specifying
IP addresses with -h, mountd will automatically add 127.0.0.1 and if
IPv6 is enabled, ::1 to the list.
PR: bin/114097
Reviewed by: pjd (an eariler version of the patch)
MFC after: 1 week
|
| 168684 |
13-Apr-2007 |
pjd |
Fatal error is only when cannot open any of the given exports files.
|
| 166441 |
03-Feb-2007 |
pjd |
Grr, committed manual page without the last change - make the comment a bit
prettier.
|
| 166440 |
03-Feb-2007 |
pjd |
Add support for multiple exports files. This will be useful for example for
ZFS, where we have automatically generated /etc/zfs/exports file, which
should not be edited directly.
Discussed with: rwatson
|
| 166258 |
26-Jan-2007 |
rodrigc |
If nmount() fails to export a directory, in the syslog() error message,
add the errmsg string returned by nmount().
|
| 164394 |
18-Nov-2006 |
rodrigc |
Ignore SIGPIPE, instead of terminating process.
PR: 81230
Submitted by: Dmitrij Tejblum <tejblum yandex-team ru>
MFC after: 1 month
|
| 163512 |
19-Oct-2006 |
rink |
My previous commit made it impossible to export / over NFS; this small
change fixes this.
Reported by: Lin Jui-Nan Eric < ericlin dot jnlin at gmail dot com >
Submitted by: Erik Trulsson < ertr1013 at student dot uu dot se > (commit is inspired by a patch from Erik)
Pointyhat to: me
Reviewed by: stable@
Approved by: imp (mentor)
MFC after: 3 days
|
| 163164 |
09-Oct-2006 |
rink |
Prevent mountd(8) from resetting mount options when exporting a filesystem.
Approved by: imp (mentor)
Sponsored by: Quality Service Provider BV
MFC after: 3 days
|
| 160175 |
08-Jul-2006 |
rodrigc |
In get_exportlist(), properly loop over mounted filesystems.
PR: bin/99873
Submitted by: Danny Braniss <danny at cs dot huji dot ac dot il>
|
| 159360 |
06-Jun-2006 |
rodrigc |
For network filesystems (NFS, samba, etc.), do not pass "export" nmount()
parameter to try to delete an NFS export. It won't work, and will log
a spurious warning to syslog.
Tested by: Arno J. Klaassen <arno at heho dot snv dot jussieu dot fr>
MFC after: 3 days
|
| 159017 |
28-May-2006 |
rodrigc |
Do not log "can't delete export" messages if nmount() returns ENOTSUP.
This eliminates spurious log entries for trying to delete exports
for filesystems like devfs and procfs.
|
| 158877 |
24-May-2006 |
rodrigc |
Convert to nmount() and remove hardcoded checks for ufs, msdosfs, ntfs,
and cd9660.
PR: bin/97642
|
| 158857 |
23-May-2006 |
rodrigc |
Convert mountd to nmount(). Remove some hardcoded dependencies
on ufs, cd9660, msdosfs, and ntfs, but not all dependencies.
|
| 158256 |
02-May-2006 |
keramida |
Note that when -d flag is used, mountd(8) will not detach from the
controlling terminal.
PR: docs/96660
Submitted by: Jeff Ito <ijk@speakeasy.net>
MFC after: 1 week
|
| 154990 |
29-Jan-2006 |
jkoshy |
Use ".Pa" for path names.
MFC after: 3 days
|
| 150214 |
16-Sep-2005 |
pjd |
Pidfiles should be created with permission preventing users from opening
them for reading. When user can open file for reading, he can also
flock(2) it, which can lead to confusions.
Pointed out by: green
|
| 149433 |
24-Aug-2005 |
pjd |
Use pidfile(3) in mountd(8). There is no need to use /var/run/mountd.lock
anymore.
|
| 146187 |
13-May-2005 |
ume |
NI_WITHSCOPEID cleanup. Neither RFC 2553 nor RFC 3493 defines
NI_WITHSCOPEID, and our getaddrinfo(3) does nothing special
for it, now.
|
| 144841 |
09-Apr-2005 |
stefanf |
Remove unused variables.
|
| 140442 |
18-Jan-2005 |
ru |
Sort sections.
|
| 138680 |
11-Dec-2004 |
phk |
Also do not send junk mount arguments when removing exports.
|
| 136051 |
02-Oct-2004 |
stefanf |
Pass an array of gid_t rather than an array of int to getgroups().
PR: 56646
|
| 133249 |
07-Aug-2004 |
imp |
Per letter dated July 22, 1999 remove 3rd clause of Berkeley derived software
(with permission of addtional copyright holders where appropriate)
|
| 130087 |
04-Jun-2004 |
ru |
Markup nits.
|
| 127480 |
27-Mar-2004 |
ceri |
Correct typo in the last revision.
|
| 127317 |
22-Mar-2004 |
ceri |
Note that only one webnfs share is allowed per NFS server.
PR: docs/45371
Submitted by: Mattias Pantzare <pantzer@ludd.luth.se>,
Matthew D. Fuller <fullermd@over-yonder.net>
MFC after: 2 days
|
| 126643 |
05-Mar-2004 |
markm |
Make NULL a (void*)0 whereever possible, and fix the warnings(-Werror)
that this provokes. "Wherever possible" means "In the kernel OR NOT
C++" (implying C).
There are places where (void *) pointers are not valid, such as for
function pointers, but in the special case of (void *)0, agreement
settles on it being OK.
Most of the fixes were NULL where an integer zero was needed; many
of the fixes were NULL where ascii <nul> ('\0') was needed, and a
few were just "other".
Tested on: i386 sparc64
|
| 126572 |
04-Mar-2004 |
bms |
Add a new option to mountd(8), -p <port>. This allows the user to specify
a known port for use in firewall rulesets; otherwise the port is chosen
at run-time by bindresvport().
MFC after: 1 week
|
| 124034 |
01-Jan-2004 |
obrien |
Be consistent in the EXAMPLES formatting.
|
| 121767 |
30-Oct-2003 |
peter |
Rename the 'log' variable rather than -fno-builtin-log
|
| 121556 |
26-Oct-2003 |
peter |
Use -fno-builtin-log. Fix svc_sendreply() missing required casts.
It is now WARNS=2 clean again.
|
| 117684 |
17-Jul-2003 |
rwatson |
When reporting errors binding IPv6 TCP sockets, don't call them UDP
sockets in the printf.
Fix two minor co-located whitespace glitches.
Product of: France
|
| 113091 |
04-Apr-2003 |
obrien |
style.Makefile(5)
|
| 109363 |
16-Jan-2003 |
mbr |
Implement nonblocking tpc-connections. rpcgen -m does still
produce backcompatible code.
Reviewed by: rwatson
Obtained from: NetBSD
MFC after: 1 day
|
| 108317 |
27-Dec-2002 |
schweikh |
english(4) police.
|
| 107788 |
12-Dec-2002 |
ru |
Uniformly refer to a file system as "file system".
Approved by: re
|
| 105267 |
16-Oct-2002 |
charnier |
s/rpc.mountd/mountd/
Add FBSDID
Reorder #if/#endif around sccsid to conform style(9)
|
| 103949 |
25-Sep-2002 |
mike |
Use the standardized CHAR_BIT constant instead of NBBY in userland.
|
| 103716 |
20-Sep-2002 |
markm |
Kerberised NFS has never (as far as I can tell) worked outside
BSD 4.4. Nuke mention of Kerberos from the documentation here.
MFC after: 1 week
|
| 101686 |
11-Aug-2002 |
mux |
Update manpage to match the code, vfsload() isn't used
here since some time, kldload() is used instead.
|
| 100505 |
22-Jul-2002 |
ume |
use IPV6_V6ONLY instead of non standard IPV6_BINDV6ONLY.
MFC after: 1 week
|
| 100336 |
18-Jul-2002 |
joerg |
Try to give a more descriptive error message for the pilot error of
attempting to export the non-root of a filesystem with -alldirs. This
pilot error seems to be very common, and the "could not remount" error
message doesn't give much hints about the real reason. See the old PR
below for an example.
While i was at it, make it possible to entirely omit the often
annoying error message in that case by specifying the "quiet" exports
flag. This allows to specify something like
/cdrom -alldirs,ro,quiet <where to export to>
which will silently fail if nothing is mounted under /cdrom, but do
the rigth thing as soon as you mount something.
While doing this, i've put the embedded example in the exports(5) man
page into a subsection of its own as it ought to be.
Thanks for Paul Southworth for reminding me about this problem.
PR: bin/4448
MFC after: 1 month
|
| 100117 |
15-Jul-2002 |
alfred |
If an RPC fails, try a shorter reply in case the fault lies with the
size of the response.
PR: misc/26320
MFC After: 2 weeks
|
| 99501 |
06-Jul-2002 |
charnier |
The .Nm utility
|
| 98826 |
25-Jun-2002 |
alfred |
Remove old pre-TIRPC code for getting transport handles. The code that
follows spams over the contents of them making the removed code useless.
|
| 96707 |
16-May-2002 |
trhodes |
more file system > filesystem
|
| 96622 |
14-May-2002 |
iedowse |
Use fgetln to remove the static limit on the length of lines in
/etc/exports. Oversized lines were unlikely due to the large 10k
limit, but any found would cause mountd to exit with an error. Also
fix one or two compiler warnings.
|
| 92882 |
21-Mar-2002 |
imp |
o __P removed
o main prototype removed
|
| 92806 |
20-Mar-2002 |
obrien |
Remove 'register' keyword.
It does not help modern compilers, and some may take some hit from it.
(I also found several functions that listed *every* of its 10 local vars with
"register" -- just how many free registers do people think machines have?)
|
| 92035 |
11-Mar-2002 |
dd |
Chase sysctl name.
Submitted by: Christopher Sharp <christopher_sharp@web.de>
|
| 91354 |
27-Feb-2002 |
dd |
Introduce a version field to `struct xucred' in place of one of the
spares (the size of the field was changed from u_short to u_int to
reflect what it really ends up being). Accordingly, change users of
xucred to set and check this field as appropriate. In the kernel,
this is being done inside the new cru2x() routine which takes a
`struct ucred' and fills out a `struct xucred' according to the
former. This also has the pleasant sideaffect of removing some
duplicate code.
Reviewed by: rwatson
|
| 87325 |
04-Dec-2001 |
obrien |
Default to WARNS=2.
Binary builds that cannot handle this must explicitly set WARNS=0.
Reviewed by: mike
|
| 83687 |
20-Sep-2001 |
peter |
Deal with module name changes and autoloading.
|
| 83653 |
18-Sep-2001 |
peter |
Userland part of nfs client/server split and cleanup.
|
| 81911 |
19-Aug-2001 |
kris |
Silence non-constant format string warnings by marking functions
as __printflike()/__printf0like(), adding const, or adding missing "%s"
format strings, as appropriate.
MFC after: 2 weeks
|
| 81462 |
10-Aug-2001 |
ru |
mdoc(7) police: join split punctuation to macro calls.
|
| 79754 |
15-Jul-2001 |
dd |
Remove whitespace at EOL.
|
| 79213 |
04-Jul-2001 |
ru |
mdoc(7) police: cosmetics.
|
| 79118 |
02-Jul-2001 |
dd |
Document continuation line support.
PR: 8479
Submitted by: Adrian Filipi-Martin <adrian@ubergeeks.com>
|
| 79117 |
02-Jul-2001 |
dd |
Correct handling of continuation lines. Instead of treating the
backslash as nothing, treat it like a space so that adjacent lines
aren't glued together.
PR: 8479
Submitted by: Adrian Filipi-Martin <adrian@ubergeeks.com>
|
| 77878 |
07-Jun-2001 |
sobomax |
Correct cross-reference:
portmap.8 --> rpcbind.8
Submitted by: .Xr testing script
|
| 77577 |
01-Jun-2001 |
ru |
- VFS_SET(msdos) -> VFS_SET(msdosfs)
- msdos.ko -> msdosfs.ko
- mount_msdos(8) -> mount_msdosfs(8)
- "msdos" -> "msdosfs" compatibility glue in mount(8)
|
| 77575 |
01-Jun-2001 |
ru |
Remove vestiges of MFS.
|
| 77435 |
29-May-2001 |
phk |
Remove MFS
|
| 77405 |
29-May-2001 |
iedowse |
Since the netexport struct was centralised to 'struct mount',
attempting to remove nonexistant exports with MNT_DELEXPORT returns
an error; before this change it always succeeded. This caused
mountd(8) to log "can't delete exports for /whatever" warnings.
Change the error code from EINVAL to a more specific ENOENT, and
make mountd ignore this error when deleting the export list. I
could have just restored the previous behaviour of returning success,
but I think an error return is a useful diagnostic.
Reviewed by: phk
|
| 77223 |
26-May-2001 |
ru |
- sys/n[tw]fs moved to sys/fs/n[tw]fs
- /usr/include/n[tw]fs moved to /usr/include/fs/n[tw]fs
|
| 77162 |
25-May-2001 |
ru |
- sys/msdosfs moved to sys/fs/msdosfs
- msdos.ko renamed to msdosfs.ko
- /usr/include/msdosfs moved to /usr/include/fs/msdosfs
|
| 75861 |
23-Apr-2001 |
iedowse |
Reinstate one more old bugfix that got lost in the tirpc commit:
always look up -network and -mask addresses numerically before
trying getnetbyname(). Without this, we may end up attempting DNS
queries on silly names such as "127.0.0.0.my-domain.com". See the
commit log from revisions 1.21 and 1.20 for further details.
|
| 75841 |
22-Apr-2001 |
iedowse |
When exporting a directory that is not a mountpoint, mountd repeatedly
removes the last path component until the mount() succeeds. However,
the code never checks if it has passed the mountpoint, so in some
cases where the mount() never succeeds, it can end up applying the
flags from a mounted filesystem to the underlying one.
Add a sanity check to the code which removes the last path component:
test that the fsid associated with the new path is the same as that
of the old one.
PR: bin/7872
|
| 75801 |
21-Apr-2001 |
iedowse |
The introduction of IPv6 support from NetBSD's mountd invalidated
a number of assumptions related to the parsing of options in
/etc/exports, and missed a few necessary new error checks.
The main problems related to netmasks: an IPv6 network address
missing a netmask would result in the filesystem being exported to
the whole IPv6 world, non-continuous netmasks would be made continuous
without any warnings, and nothing prevented you specifying an IPv4
mask with an IPv6 address.
This change addresses these issues. As a side-effect we now store
netmasks in sockaddr structs (this matches the kernel interface,
and is closer to the way it used to be). Add a flag OP_HAVEMASK to
keep track of whether or not we have successfully got a mask from
any source. Replace some mask-related helper functions with versions
that use the sockaddr-based masks.
Also tidy up get_net() and fix the code that interprets IPv4 partial
networks such as "127.1" as network rather than host addresses.
Properly zero out some structures that were ending up partially
containing junk from the stack, fix a few formatting issues, and
add a comment noting some assumptions about export arguments.
|
| 75754 |
21-Apr-2001 |
iedowse |
Fix a long-standing bug relating to the handling of SIGHUP: mountd
would call malloc, stdio and other library functions from the signal
handler which is not safe due to reentrancy problems.
Instead, add a simple handler that just sets a flag, and call the
more complex function from main() when necessary. Unfortunately to
be able to check this flag, we must expand the svc_run() call, but
the RPC library makes that relatively easy to do.
|
| 75641 |
18-Apr-2001 |
iedowse |
A few more mountd cleanups:
- Remove some horrible code that faked a "struct addrinfo" to be
later passed to freeaddrinfo(). Instead, add a new group type
"GT_DEFAULT" used to denote that the filesystem is exported to the
world, and treat this case separately.
- Don't clear the AI_CANONNAME flag in a struct addrinfo returned
by getaddrinfo. There's still a bit more struct addrinfo abuse
left in here.
- Simplify do_mount() slightly by using an addrinfo pointer to keep
track of the current address.
|
| 75635 |
17-Apr-2001 |
iedowse |
Various bugfixes and cleanups, mainly from Martin Blapp:
- Revert del_mlist() to its pre-tirpc prototype. Unlike NetBSD's version,
ours lets the caller generate any syslog() messages, so that it
can include the service name in the message.
- Initialise a few local variables to clarify the logic and avoid some
compiler warnings.
- Remove a few unused functions and local variables, and fix some
whitespace issues.
- Reinstate the logic for avoiding duplicate host entries that got
removed accidentally in revision 1.41 (added in r1.5). This bit
was submitted in a slightly different form by Thomas Quinot.
Submitted by: Martin Blapp <mb@imp.ch>,
Thomas Quinot <quinot@inf.enst.fr>
PR: bin/26148
|
| 74844 |
27-Mar-2001 |
alfred |
give the "netgrent" functions a home in netdb.h
|
| 74815 |
26-Mar-2001 |
ru |
- Backout botched attempt to introduce MANSECT feature.
- MAN[1-9] -> MAN.
|
| 74792 |
25-Mar-2001 |
alfred |
Replace pmap_unset() with rpcb_unset() which fixes the unregistering.
Submitted by: Martin Blapp <mb@imp.ch>
|
| 74791 |
25-Mar-2001 |
alfred |
Deal with lack of IPv6 support gracefully.
Submitted by: Martin Blapp <mb@imp.ch>
|
| 74462 |
19-Mar-2001 |
alfred |
Bring in a hybrid of SunSoft's transport-independent RPC (TI-RPC) and
associated changes that had to happen to make this possible as well as
bugs fixed along the way.
Bring in required TLI library routines to support this.
Since we don't support TLI we've essentially copied what NetBSD
has done, adding a thin layer to emulate direct the TLI calls
into BSD socket calls.
This is mostly from Sun's tirpc release that was made in 1994,
however some fixes were backported from the 1999 release (supposedly
only made available after this porting effort was underway).
The submitter has agreed to continue on and bring us up to the
1999 release.
Several key features are introduced with this update:
Client calls are thread safe. (1999 code has server side thread
safe)
Updated, a more modern interface.
Many userland updates were done to bring the code up to par with
the recent RPC API.
There is an update to the pthreads library, a function
pthread_main_np() was added to emulate a function of Sun's threads
library.
While we're at it, bring in NetBSD's lockd, it's been far too
long of a wait.
New rpcbind(8) replaces portmap(8) (supporting communication over
an authenticated Unix-domain socket, and by default only allowing
set and unset requests over that channel). It's much more secure
than the old portmapper.
Umount(8), mountd(8), mount_nfs(8), nfsd(8) have also been upgraded
to support TI-RPC and to support IPV6.
Umount(8) is also fixed to unmount pathnames longer than 80 chars,
which are currently truncated by the Kernel statfs structure.
Submitted by: Martin Blapp <mb@imp.ch>
Manpage review: ru
Secure RPC implemented by: wpaul
|
| 72650 |
18-Feb-2001 |
green |
Switch to using a struct xucred instead of a struct xucred when not
actually in the kernel. This structure is a different size than
what is currently in -CURRENT, but should hopefully be the last time
any application breakage is caused there. As soon as any major
inconveniences are removed, the definition of the in-kernel struct
ucred should be conditionalized upon defined(_KERNEL).
This also changes struct export_args to remove dependency on the
constantly-changing struct ucred, as well as limiting the bounds
of the size fields to the correct size. This means: a) mountd and
friends won't break all the time, b) mountd and friends won't crash
the kernel all the time if they don't know what they're doing wrt
actual struct export_args layout.
Reviewed by: bde
|
| 71895 |
01-Feb-2001 |
ru |
mdoc(7) police: split punctuation characters + misc fixes.
|
| 71099 |
16-Jan-2001 |
ru |
Prepare for mdoc(7)NG.
|
| 70152 |
18-Dec-2000 |
ru |
Prepare for mdoc(7)NG.
|
| 68960 |
20-Nov-2000 |
ru |
mdoc(7) police: use the new features of the Nm macro.
|
| 64542 |
11-Aug-2000 |
sheldonh |
Explain why adding ``options NFSKERB'' breaks the kernel build.
PR: 10642
Reported by: Stefan Eggers <seggers@semyam.dinoco.de>
Submitted by: johan
|
| 62459 |
03-Jul-2000 |
sheldonh |
Explicitly state that mountd can be made to re-read the exports file,
even though this may seem obvious to some folks.
Requested by: obrien
|
| 60016 |
05-May-2000 |
mpp |
Correct an xref.
PR: doc/13218
Submitted by: phantom
|
| 57695 |
02-Mar-2000 |
sheldonh |
Remove more single-space hard sentence breaks.
|
| 57669 |
01-Mar-2000 |
sheldonh |
Remove single-space hard sentence breaks. These degrade the quality
of the typeset output, tend to make diffs harder to read and provide
bad examples for new-comers to mdoc.
|
| 56407 |
23-Jan-2000 |
mpp |
Fix various man pages to stop abusing the .Bx macro to generate
the strings "FreeBSD" and "NetBSD". Use the .Fx or .Nx macro
instead.
|
| 54093 |
03-Dec-1999 |
semenu |
Added ntfs filesystem to be exported.
|
| 53117 |
12-Nov-1999 |
billf |
(1) Remove ISO support, it's dead in the kernel anyway.
(2) Check for ENOENT when checking for /var/db/mountdtab
(3) Remove a signal handler that called broken functions.
(4) Remove the broken functions.
Submitted by: Martin Blapp <mb@imp.ch>
Reviewed by: bde (1), billf ([234])
|
| 51968 |
06-Oct-1999 |
alfred |
Put the umount request through the same translation as the mount
request.
Fix some uninitialized warnings and a style bug while we are here.
Problem still exists where a failed umount can be misreported as
success.
Submitted by: Martin Blapp <mb@imp.ch>
|
| 50476 |
28-Aug-1999 |
peter |
$Id$ -> $FreeBSD$
|
| 48790 |
12-Jul-1999 |
nik |
Add $Id$ to these manpages.
Approved by: bde
|
| 47594 |
29-May-1999 |
kris |
Xref mountd in text.
Submitted by: Philippe Charnier
|
| 45927 |
21-Apr-1999 |
alex |
Typo fix in diagnostic: -alldir --> -alldirs
PR: 11049
Submitted by: Gerhard Gonter <gonter@whisky.wu-wien.ac.at>
|
| 45478 |
08-Apr-1999 |
ghelmer |
Change LKM/modload to KLD/kldload.
Submitted by: Nathan Ahlstrom <nrahlstr@winternet.com>
|
| 42144 |
29-Dec-1998 |
dfr |
Here is a patch to make mountd work.
It just replace u_long with u_int32_t and shouldn't affect on i386.
Without this patch,
- unaligned accesses occur
- permission denied randomly
Submitted by: Hidetoshi Shimokawa <simokawa@sat.t.u-tokyo.ac.jp>
|
| 40390 |
15-Oct-1998 |
mckay |
Spelling.
|
| 38023 |
02-Aug-1998 |
bde |
Fixed printf format errors.
|
| 37663 |
15-Jul-1998 |
charnier |
Correct improper use of .Sm. Document -d flag. Correct use of .Nm. Remove
unused #includes. Add usage(). Use warnx(). Correct spelling. Abort when
malloc() fails.
|
| 37157 |
25-Jun-1998 |
wpaul |
A long time ago I hacked mountd so that it would deal intelligently
with export lines where the same hostname was specified more than once
(this happens a lot with netgroups sometimes). Recently I discovered
that it needs to be hacked to deal with multiple instances of the
same IP address too.
I've been using this modification locally for several months with no
hassles.
|
| 37004 |
15-Jun-1998 |
joerg |
Oops, the previous commit missed one line of code.
|
| 37003 |
15-Jun-1998 |
joerg |
Watch out for null hostnames in netgroup entries, to avoid dumping core.
This happens if someone tries to export to a netgroup like:
mygroup (,,mynisdomain)
|
| 36730 |
07-Jun-1998 |
thepish |
PR: docs/3636
Submitted by: Gary Palmer gpalmer@FreeBSD.ORG
Add mention of the 1024-character line length limit on the netgroup database.
|
| 32656 |
20-Jan-1998 |
bde |
Converted to Lite2 mount interface - use vfc_typenum from the
already looked up vfsconf struct for nfs instead of MOUNT_NFS.
Removed related FreeBSD ifdefs.
|
| 32645 |
20-Jan-1998 |
bde |
Removed definition of _NEW_VFSCONF. The new vfsconf interface is now
the default.
|
| 31705 |
13-Dec-1997 |
guido |
Oops..The default behaviour should be *not* to log all succeeded
requests. If you want this extra loggin, add the -l option.
|
| 31665 |
10-Dec-1997 |
guido |
Fix some style bugs.
Submitted by: bruce
|
| 31656 |
09-Dec-1997 |
guido |
Log all failed mount attempts.
Also add a flag (-l) so mountd will also log all succeeded requests
to mountd.
|
| 29317 |
12-Sep-1997 |
jlemon |
If a host in an export line in /etc/exports (or within a netgroup on
an export line) is unresolvable, make a note of it via syslog and skip
that individual host instead of skipping the entire line.
PR: 1981, 815
Perused by: joerg
|
| 28911 |
29-Aug-1997 |
guido |
Plug info agthering attack as pointed out on Bugtraq recently.
Obtained from: OpenBSD
|
| 27447 |
16-Jul-1997 |
dfr |
Merge WebNFS support from NetBSD.
Obtained from: NetBSD
|
| 25318 |
30-Apr-1997 |
pst |
Back out msmith's recent commit which breaks using symbolic names for netmasks.
Instead, reverse the order of the testing, so if a symbolic name starts with
a digit, we'll see if we can make a network address out of it first. If
that fails, then we'll call getnet...
|
| 25106 |
23-Apr-1997 |
msmith |
Don't call getnetbyname() on a netmask. On a system with a slow net
connection, a large set of network exports could take many minutes to
time out, giving the appearance of a total hang during boot.
|
| 25087 |
22-Apr-1997 |
dfr |
Add a -2 flag to mountd to allow an admin to disable NFSv3 services.
This is handy for testing and possibly to work around busted v3 clients.
|
| 24760 |
09-Apr-1997 |
guido |
Oops...now really commit the doc change.
|
| 24759 |
09-Apr-1997 |
guido |
Make a sysconfig variable controlling if teh kernel should accept
nfs requests from non-privileged ports.
Change mountd such that it does never set this variable, but only clears
it when run with -n. Also document this in the man page.
|
| 24489 |
01-Apr-1997 |
bde |
Don't fail when the vfs.nfs.nfs_privport sysctl doesn't exist
(presumably because the kernel is old). Moved the declaration of a
variable realated to this sysctl outside of an unrelated ifdef.
Not fixed:
- this sysctl is badly named (nfs occurs twice).
- it's silly to have for FreeBSD in FreeBSD code, especially when
only half of the FreeBSD-dependent code is ifdefed.
|
| 24359 |
29-Mar-1997 |
imp |
compare return value from getopt against -1 rather than EOF, per the final
posix standard on the topic.
|
| 24330 |
27-Mar-1997 |
guido |
Add code that will reject nfs requests in teh kernel from nonprivileged
ports. This option will be automatically set/cleraed when mount is run
without/with the -n option.
Reviewed by: Doug Rabson
|
| 23782 |
12-Mar-1997 |
mpp |
Add cvs Id.
|
| 23681 |
11-Mar-1997 |
peter |
Merge from Lite2 (use new getvfsbyname() and mount(2) interface, cleanup)
|
| 22990 |
22-Feb-1997 |
peter |
Revert $FreeBSD$ to $Id$
|
| 21673 |
14-Jan-1997 |
jkh |
Make the long-awaited change from $Id$ to $FreeBSD$
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.
Boy, I'm glad we're not using sup anymore. This update would have been
insane otherwise.
|
| 17887 |
29-Aug-1996 |
wpaul |
Add one line fix to stop my old 'don't barf if you see the same
hostname/IP twice on same line in /etc/exports' fix from dumping core
due to bogus /etc/exports entries.
Submitted by: Toshihiro Kanda <candy@fct.kgc.co.jp>
|
| 17797 |
23-Aug-1996 |
mpp |
Use the .Bx macro where appropriate.
|
| 15082 |
07-Apr-1996 |
mpp |
Correct some man page cross references and file location references.
|
| 13720 |
29-Jan-1996 |
mpp |
Fix a bunch of spelling errors.
|
| 12348 |
17-Nov-1995 |
joerg |
Avoid bogus free() of a junk pointer.
Detected by: phkmalloc
Submitted by: grog@lemis.de (Greg Lehey)
|
| 9978 |
07-Aug-1995 |
wpaul |
Just when you thought it was safe...
- getnetgrent.c: address some NIS compatibility problems. We really need
to use the netgroup.byuser and netgroup.byhost maps to speed up innetgr()
when using NIS. Also, change the NIS interaction in the following way:
If /etc/netgroup does not exist or is empty (or contains only the
NIS '+' token), we now use NIS exclusively. This lets us use the
'reverse netgroup' maps and is more or less the behavior of other
platforms.
If /etc/netgroup exists and contains local netgroup data (but no '+').
we use only lthe local stuff and ignore NIS.
If /etc/netgroup exists and contains both local data and the '+',
we use the local data nd the netgroup map as a single combined
database (which, unfortunately, can be slow when the netgroup
database is large). This is what we have been doing up until now.
Head off a potential NULL pointer dereference in the old innetgr()
matching code.
Also fix the way the NIS netgroup map is incorporated into things:
adding the '+' is supposed to make it seem as though the netgroup
database is 'inserted' wherever the '+' is placed. We didn't quite
do it that way before.
(The NetBSD people apparently use a real, honest-to-gosh, netgroup.db
database that works just like the password database. This is
actually a neat idea since netgroups is the sort of thing that
can really benefit from having multi-key search capability,
particularly since reverse lookups require more than a trivial
amount of processing. Should we do something like this too?)
- netgroup.5: document all this stuff.
- rcmd.c: some sleuthing with some test programs linked with my own
version of innetgr() has revealed that SunOS always passes the NIS
domain name to innetgr() in the 'domain' argument. We might as well
do the same (if YP is defined).
- ether_addr.c: also fix the NIS interaction so that placing the
'+' token in the /etc/ethers file makes it seem like the NIS
ethers data is 'inserted' at that point. (Chances are nobody will
notice the effect of this change, which is just te way I like it. :)
|
| 9336 |
27-Jun-1995 |
dfr |
Changes to support version 3 of the NFS protocol.
The version 2 support has been tested (client+server) against FreeBSD-2.0,
IRIX 5.3 and FreeBSD-current (using a loopback mount). The version 2 support
is stable AFAIK.
The version 3 support has been tested with a loopback mount and minimally
against an IRIX 5.3 server. It needs more testing and may have problems.
I have patched amd to support the new variable length filehandles although
it will still only use version 2 of the protocol.
Before booting a kernel with these changes, nfs clients will need to at least
build and install /usr/sbin/mount_nfs. Servers will need to build and
install /usr/sbin/mountd.
NFS diskless support is untested.
Obtained from: Rick Macklem <rick@snowhite.cis.uoguelph.ca>
|
| 9202 |
11-Jun-1995 |
rgrimes |
Merge RELENG_2_0_5 into HEAD
|
| 8871 |
30-May-1995 |
rgrimes |
Remove trailing whitespace.
|
| 8688 |
21-May-1995 |
phk |
Add a undocumented '-d' flag to set debugging.
|
| 7401 |
26-Mar-1995 |
wpaul |
Fixed stupid bug in mountd: it would seem that the kernel doesn't allow
you to push the same host into its NFS export lists twice, but mountd
tries to do it anyway. This means that putting:
/some_file_system -ro host1 host1
in your /etc/exports file causes an error. This is bogus: mountd should be
smart enough to ignore the second instance of host1. This can be a problem
in some configurations that use netgroups. For example, each host in my
netgroups database is has two entries:
startide (startide,-,) (startide.ctr.columbia.edu,-,)
When mountd sees this, it tries to put startide.ctr.columbia.edu into the
export list *twice*. Just listing 'startide' /etc/exports list will also
screw up because mountd will try to resolve the netgroup 'startide' instead
of the hostname 'startide.'
My solution is watch for duplicate entries in get_host() and mark them
as grouptype GT_IGNORE, which do_mount() will now cheefully throw away.
This is a bit of a kludge, but it was the least obtrusive fix I could
come up with.
Also silenced a compiler warning: arguments passwd to xdr_long() should
be u_long, not int. :)
|
| 6636 |
22-Feb-1995 |
ats |
Document the mountdtab file in the man page.
|
| 4895 |
02-Dec-1994 |
wollman |
Change obnoxious ``Not root dir'' error message into one which actually
tells you what's wrong.
|
| 2999 |
22-Sep-1994 |
wollman |
Automatically load NFS and a bevy of other filesystems.
|
| 2898 |
19-Sep-1994 |
dfr |
Added support for MSDOS file systems.
|
| 1923 |
08-Aug-1994 |
wollman |
Delete obsolete references to librpc.a.
|
| 1855 |
05-Aug-1994 |
wollman |
Convert to our man installation style. Also fixed long-standing bug
in `fastboot'/`fasthalt' in which the interpreter would hang around
after `reboot' or `halt' is run, causing an irritating ``Killed'' message.
|
| 1559 |
26-May-1994 |
rgrimes |
This commit was generated by cvs2svn to compensate for changes in r1558,
which included commits to RCS files with non-trunk default branches.
|
| 1558 |
26-May-1994 |
rgrimes |
BSD 4.4 Lite sbin Sources
Note: XNSrouted and routed NOT imported here, they shall be imported with
usr.sbin.
|