nfs-utils-2.3.3

[Bruce Dubbs]

New point version.

[Bruce Dubbs]

tcp-wrappers.m4: Only look for TCP wrappers lib when requested

TCP wrappers is a pretty old and obsolete technology. The support has be terminated in current distro release, so only require the library to exist when asked for via the --with-tcp-wrappers

statd: fix use-after-free in monitor list if insertion fails

If nsm_insert_monitored_host() fails while saving the record to stable storage, we can't just assume the entry was new. Existing records must be removed from the list before being freed.

nfsd: track when the user explicitly requested version 4.0

Since both 'rpc.nfsd -V4' and 'rpc.nfsd -V4.0' alter bit 0 in 'minorversset' and 'minorvers', it's not possible to know whether the user explicitly requested version 4.0 or not. Add another variable 'force4dot0' to track when the user explicitly requested version 4.0 so that we can write '4.0' to /proc/fs/nfsd/versions on kernel versions 4.11 and higher. On earlier kernels, we'll still write '4' as in the past.

nfsd: allow verson 4.0 to be enabled/disabled via nfs.conf

The nfs.conf file has a 'vers4.0' parameter, but nfsd doesn't currently check it.

rpc.gssd: fix typo checking "NR_setresuid32" instead of "NR_setresgid32

rpc.gssd: truncates 32-bit UIDs/GIDs to 16 bits architectures.

utils/gssd_proc.c uses SYS_setresuid and SYS_setresgid in change_identity when it should use SYS_setresuid32 and SYS_setresgid32 instead. This causes it to truncate UIDs/GIDs > 65536.

Fixes: ​https://bugs.launchpad.net/ubuntu/+source/nfs-utils/+bug/1779962 Fixes: ​https://bugzilla.redhat.com/show_bug.cgi?id=1595927

Fixed typo in nfsmount.conf

Revert "gssd.c: Remomved a couple of warning errors"

Added back the 'm' character which cause memory to be allocated for the string convertions.

nfsstat: fix typo causing --mounts unrecognized option

nfs-utils: Fix minor memory leaks before return.

nfs-utils: Spelling fixes Fix some typos in the nfs.conf related code

nfs-utils: Add config setting to nfsconf cli tool

Use the new conf_write() function to add setting and unsetting of config file values to the cli tool

nfs-utils: Add config file writing function

Adds a function to nfsconf handling to write a single config entry, creating the file and section headers as required.

nfs-utils: swap xlog_err for less fatal version

Use of xlog_err is immediately fatal, switch to using xlog(L_ERROR, ...) instead so that the error handling and cleanup mechanisms can operate properly

nfs-utils: Fix comparison check for subsection headers

When comparing two config section headers it incorrectly handled matching section names where only one had a subsection value

nfs-utils: Ignore empty lines in config

The test for empty lines didn't ignore whitespace properly

nfsdcltrack: getopt_long() fails on a non x86_64 archs

getopt_long() returns an int, not char, which matters on non-x86_64 archs since a char is signed on x86_64 arch but unsigned on other archs.

nfs-utils: Fix a minor memory leak in generate_mount_unit and generate_target

Free allocated memory for path before return.

exports: document change to "insecure" export option

We're changing the kernel to allow gss requests from high ports even when "secure" is set.

If the change gets backported to distro kernels, the kernel version may be an imperfect predictor of the behavior, but I think it's the best we can do.

nfs(5): update clientaddr value options

Document the use of IPv4/IPv6_ANY address as values to the clientaddr as a way to tell the server that the client does not want delegations.

Add check of clientaddr argument

If the NFS client administrator supplies the clientaddr mount option, it should be either a special value of either IPv4/IPv6 any address or one of the machine's network addresses. Otherwise, warn the administrator about the use of an arbitrary value for the clientaddr value.

Remove a number of stringop-overflow warnings

umich_ldap.c:1128:3: warning: 'strncat' specified bound 128

equals destination size [-Wstringop-overflow=]

umich_ldap.c:1130:3: warning: 'strncat' specified bound 128

equals destination size [-Wstringop-overflow=]

idmapd.c:313:2: warning: 'strncat' specified bound 4096

equals destination size [-Wstringop-overflow=]

Remove a number of stringop-truncation warnings

client.c:486:3: warning: strncpy destination unchanged after

copying no bytes [-Wstringop-truncation]

file.c:99:2: warning: strncpy specified bound 4096

equals destination size [-Wstringop-truncation]

v4root.c:95:2: warning: strncpy specified bound 1025

equals destination size [-Wstringop-truncation]

sm-notify.c:572:3: warning: strncpy specified bound 1025

equals destination size [-Wstringop-truncation]

nfs4mount.c:221:3: warning: strncpy specified bound 1024

equals destination size [-Wstringop-truncation]

nfsmount.c:831:2: warning: strncpy specified bound 256

equals destination size [-Wstringop-truncation]

gssd.c: Remomved a couple of warning errors

gssd.c:291:7: error: ISO C does not support the 'm' scanf flag [-Werror=format=]

gssd.c:291:7: error: format '%s' expects argument of type 'char *', but argument 4 has type 'char ' [-Werror=format=]

Removed format expects argument of type errors

idmapd.c: In function 'getfield':
idmapd.c:936:4: error: format '%o' expects argument of type 'unsigned
int *', but argument 3 has type 'int *' [-Werror=format=]
    if ((n = sscanf(bp, "\\%03o", &val)) != 1)

nfsidmap.c: In function 'key_invalidate': nfsidmap.c:322:3: error: format '%x' expects argument of type 'unsigned int *', but argument 3 has type 'key_serial_t *' [-Werror=format=]

sscanf(buf, "%x", &key);

Removed ISO C does not support the '%m' gnu_printf format errors

nfsstat.c: In function 'mounts': nfsstat.c:1016:3: error: ISO C does not support the '%m' gnu_printf format [-Werror=format=]

fprintf(stderr, "Warning: %s: %m\n", name);

nfsstat.c: In function 'get_stats': nfsstat.c:1093:6: error: ISO C does not support the '%m' gnu_printf format [-Werror=format=]

label, file);

statd.c: In function 'set_nlm_port': statd.c:235:5: error: ISO C does not support the '%m' gnu_printf format [-Werror=format=]

name_p, type);

statd.c:238:3: error: ISO C does not support the '%m' gnu_printf format [-Werror=format=]

fprintf(stderr, "%s: failed to open %s: %m\n", name_p, pathbuf);

xtab.c: Removed overflow in implicit constant conversion errors

xtab.c: In function 'xtab_read': xtab.c:60:4: error: overflow in implicit constant conversion [-Werror=overflow]

exp->m_xtabent = 1;

xtab.c:61:4: error: overflow in implicit constant conversion [-Werror=overflow]

exp->m_mayexport = 1;

Fixed format overflow warnings in mountd and nfsd

rpcgen: Only compile the command when configured.

Only compile and use the internal rpcgen when required via the --with-rpcgen flag

It is strongly suggested to use the rpcgen from the new created rpcsvc-proto package be used.

gssd: Add "srchost=" upcall parameter

The callback client used by NFSv4.0 servers to send CB calls has to use a source principal that is the same as the target principal that the client used to establish the forward channel.

In multi-homed server set-ups, the domain part of the principal's hostname may not be the same as server's DNS domain. So gssd can no longer assume that. The kernel can scrape that domain off the forward channel's principal and pass that up to gssd.

This patch adds a new parameter, "srchost", to the kernel upcall. When the kernel presents this new parameter in an upcall, gssd will use it, along with the "service" parameter, to construct the service principal for the keytab lookup.

[Bruce Dubbs]

Fixed at revision 20479.