Opened 2 years ago

Closed 2 years ago

Last modified 22 months ago

#15184 closed enhancement (fixed)


Reported by: Bruce Dubbs Owned by: Douglas R. Reno
Priority: normal Milestone: 11.0
Component: BOOK Version: git
Severity: normal Keywords:


New point version.

Change History (4)

comment:1 by Douglas R. Reno, 2 years ago

Owner: changed from blfs-book to Douglas R. Reno
Status: newassigned

comment:2 by Douglas R. Reno, 2 years ago

exportd: server-side gid management
    Ported manage-gids option from mountd
gssd: Add options to rpc.gssd to allow for the use of $HOME/.k5identity files
    Since commit 2f682f25c642fcfe7c511d04bc9d67e732282348 $HOME
    has been set to '/' to avoid a deadlock when accessing
    Kerberized NFS shares. While this works for most use cases,
    users who depend on the use of $HOME/.k5identity files are
    negatively impacted by this commit. This patch allows for
    users to use their $HOME/.k5identity to access subsequent
    Kerberized resources based on the credentials in said file.
    The default set by commit 2f682f25c still remains the same,
    but a user can pass '-H' to change rpc.gssd behavior to not
    set $HOME to '/'. Setting 'set-home=0' in /etc/nfs.conf
    has the same effect as passing '-H' directly to rpc.gssd.
mountd: reject unknown client IP when !use_ipaddr.
    When use_ipaddr is not in effect, an auth_unix_ip lookup
    request from the kernel for an unknown client will be
    rejected.  When it IS in effect, these requests are
    always granted with the IP address being mapped to a
    string form of the address, preceded by a '$'.
    This is inconsistent behaviour and could present a small
    information leak. It means that, for example, a SETCLIENT
    NFSv4 request may or may not succeed depending on an
    internal setting in rpc.mountd.
    This is easily rectified by always checking if the
    client is known.
mountd: Don't proactively add export info when fh info is requested.
    When an "nfsd.fh" request is received from the kernel, we map the
    file-handle prefix to a path name and report that (as required) and then
    also add "nfsd.export" information with export flags applicable to that
    This is not necessary and was added as a perceived optimisation.
    When updating data already in the kernel, it is unlikely to help as the
    kernel can be expected to ask for both details at much the same time.
    With NFSv3, new information is normally added by a MOUNT rpc request, so
    this is irrelevant.
    With NFSv4, the kernel requests the "nfsd.export" information when
    walking down from ROOT, *before* requesting the nfsd.fh information, so
    this "optimisation" causes unnecessary work.
    A future patch will add logging of authentication requests, and this
    double-handling would result in extra unnecessary log messages.
    As this "optimisation" appears to have no practical value and some
    (small) cost, let's remove it.
mountd/exports: update man page
    The text in the manpages about the export table is a bit outdated, and
    doesn't mention the in-kernel cache which is an import part of
    that table.
    As a future patch will enable logging of updates to that cache, it is
    important to have the caching behaviour documented.  So update that
    section of both man pages, and make a few other minor improvements.
mountd: add logging for authentication results for accesses.
    When NFSv3 is used to mount a filesystem, success/failure messages are
    logged by mountd and can be used for auditing. When NFSv4 is used,
    there is no distinct "MOUNT" request, and nothing is logged.
    We can instead log authentication requests from the kernel.  These will
    happen regularly - typically every 15 minutes of ongoing access - so
    they may be too noisy, or might be more useful.  As they might not be
    wanted, make them selectable with the "AUTH" facility in xlog().
    Add a "-l" to enable these logs.  Alternately "debug = auth" will have
    the same effect.
    The same changes are made to both rpc.mountd and nfsv4.exportd.
mountd: add --cache-use-ipaddr option to force use_ipaddr
    When logging authentication requests, it can be easier to read the logs
    if clients are always identified by IP address, not intermediate names
    like netgroups or subnets.
    To allow this, add --cache-use-ipaddr or -i which tell mountd to always
    enable use_ipaddr.
mountd: make default ttl settable by option
    The DEFAULT_TTL affects the rate at which authentication messages are
    logged.  So it is useful to make it settable.
    Add "-ttl" and "-T", and add clear statement in the documentation of
    both the benefits and the possible negative effects of choosing a larger
mountd: add logging of NFSv4 clients attaching and detaching.
    NFSv4 does not have a MOUNT request like NFSv3 does (via the MOUNT
    protocol).  So these cannot be logged.
    NFSv4 does have SETCLIENTID and EXCHANGE_ID.  These are indirectly
    visible though changes in /proc/fs/nfsd/clients.
    When a new client attaches, a directory appears.  When the client
    detaches, through a timeout (v4.0) or DESTROY_SESSION (v4.1+)
    the directory disappears.
    This patch adds tracking of these changes using inotify, with log
    messages when a client attaches or detaches.
    Unfortuantely clients are created in two steps, the second being a
    confirmation.  This results in a temporary client appearing and
    disappearing.  It is not possible (in Linux 5.10) to detect the
    unconfirmed client, so extra attach/detach messages are generated.
    This patch also moves some cache* function declarations into a header
    file, and makes a few related changes to #includes.
nfsdclnts: Ignore SIGPIPE signal
exportfs: fix unexporting of '/'
    The code that has been added to strip trailing slashes from path in
    unexportfs_parsed() forgot to account for the case of the root
    directory, which is simply '/'. In that case it accesses path[-1] and
    reduces the path to an empty string, which then fails to match any
    Fix it by stopping the stripping when the path is just a single
    character - it doesn't matter if it's a '/' or not, we want to keep it
    either way in that case.
        exportfs localhost:/
        exportfs -u localhost:/
    Without this patch, the unexport step fails with "exportfs: Could not
    find 'localhost:/' to unexport."
mountd/exportd: only log confirmed clients, and poll for updates
    It is possible (and common with the Linux NFS client) for the nfs server
    to receive multiple SET_CLIENT_ID or EXCHANGE_ID requests when starting
    a connection.  This results in some clients appearing in
    which never get confirmed.  mountd currently logs these, but they aren't
    really helpful.
    If the kernel supports the reporting of the confirmation status of
    clients, we can suppress the message until a client is confirmed.
    With this patch we:
     - record if the client is confirmed, assuming it is if the status is
        not reported
     - don't log unconfirmed clients
     - request MODIFY notification from unconfirmed clients.
     - recheck an info file when it is modified.
NFS server should enable RDMA by default
    Product is shipped with NFS/RDMA disabled by default.
    An extra step is needed when setting up an NFS server
    to support NFS/RDMA clients.
mountd/exports: Fix typo in the man page
Fix `statx()` emulation breaking exports
    Ever since commit 76c21e3f (mountd: Check the stat() return values in
    match_fsid(), 2020-05-08), it wasn't possible to export filesystems
    on my musl based system anymore.
    The root cause of this is the innocuous-looking change to decide based
    on `errno` whether `is_mountpoint()` raised a real error or whether it
    simply didn't match. The issue is that `is_mountpoint()` transitively
    calls into our `xlstat()` wrapper, which either executes `statx()` if
    the system supports it or otherwise falls back to `fstatat()`. But if
    `statx()` is not supported, then we'll always first set `errno = ENOSYS`
    before calling `fstatat()`. So effectively, all systems which do not
    have `statx()` and whose `fstatat()` doesn't reset `errno` will cause us
    to end up with errno set to `ENOSYS`.
    Fix the issue by resetting `errno` before calling `fstatat()` in both
    `xlstat()` and `xstat()`.
Replace all /var/run with /run
    FHS 3.0 deprecated /var/run in favour of /run.
    FHS 3.0 was released over 5 years ago.
    I think it is time for nfs-utils to catch up.
    Note that some places, particularly systemd unit files, already use just
nfs-utils: Factor out common structure cleanup calls
nfs-utils: Enable the retrieval of raw config settings without expansion
    Config entries sometimes contain variable expansions, this adds options
    to retrieve the config entry rather than its current expanded value.
gssd: use mutex to protect decrement of refcount
    The decrement of the "ple" refcount is not protected so it can race with
    increments or decrements from other threads.  An increment could be lost
    and then the ple would be freed early, leading to memory corruption.
    So use the mutex to protect decrements (increments are already
    As gssd_destroy_krb5_principals() calls release_ple() while holding the
    mutex, we need a "release_pte_locked()" which doesn't take the mutex.
Fix NFSv4 export of tmpfs filesystems
    Some filesystems cannot be exported without an fsid or uuid.
    tmpfs is the main example.
    When mountd (or exportd) creates nfsv4 pseudo-root exports for the path
    leading down to an export point it exports each directory without any
    fsid or uuid.  If one of these directories is on tmpfs, that will fail.
    The net result is that exporting a subdirectory of a tmpfs filesystem
    will not work over NFSv4 as the parents within the filesystem cannot be
    exported.  It will either fail, or fall-back to NFSv3 (depending on the
    version of the mount.nfs program).
    To fix this we need to provide an fsid or uuid for these pseudo-root
    exports.  This patch does that by creating an RFC-4122 V5 compatible
    UUID based on an arbitrary seed and the path to the export.
    To check if an export needs a uuid, text_export() is moved from exportfs
    to libexport.a, modified slightly and renamed to export_test().
Remove 'force' arg from cache_flush()
    Since v4.17 the timestamp written to 'flush' is ignored,
    so there isn't much point choosing too precisely.
    For kernels since v4.3-rc3-13-g778620364ef5 it is safe
    to write 1 second beyond the current time.
    For earlier kernels, nothing is really safe (even the current
    behaviour), but writing one second beyond the current time isn't too bad
    in the unlikely case the people use a new nfs-utils on a 5 year old
    This remove a dependency for libnfs.a on 'etab' being declare,
    so svcgssd no longer needs to declare it.
Move declaration of etab and rmtab into libraries
    There are two global "struct stat_paths" structures: etab and rmtab.
    They are currently needed by some library code so any program which is
    linked with that library code needs to declare the structures even if it
    doesn't use the functionality.  This is clumsy and error-prone.
    Instead: have the library declare the structure and put the definition
    in a header file.  Now programs only need to know about these structures
    if they use the functionality.
    'rmtab' is now declared in libnfs.a (rmtab.c).  'etab' is declared in
    export.a (xtab.c).
README: update git repository URL
    The old URL is no longer available. Update to the new URL that is
    mentioned on
configure: check for rpc/rpc.h presence
    Recent versions of glibc (since 2.26?) no longer supply rpc/rpc.h, and
    in previous versions, RPC was optional. Detect such cases and prompt the
    user to build with libtirpc instead.
gssd: deal with failed thread creation
    If we fail to create a thread to handle an upcall, we still need to do a
    downcall to tell the kernel about the failure, otherwise the process
    that is trying to establish gss credentials will hang.
    This patch shifts the thread creation down a level in the call chain so
    now the main thread does a little more work up front (reading & parsing
    the data from the pipefs file) so it has the info it needs to be able
    to do the error downcall.
gssd: add timeout for upcall threads
    Add a global list of active upcalls and a watchdog thread that walks the
    list, looking for threads running longer than timeout seconds.  By
    default, an error message will by logged to the syslog.
    The upcall timeout can be specified by passing the -U option or by
    setting the upcall-timeout parameter in nfs.conf.
    Passing the -C option or setting cancel-timed-out-upcalls=1 in nfs.conf
    causes the watchdog thread to also cancel timed-out upcall threads and
    report an error of -ETIMEDOUT to the kernel.
nfs(5): Fix missing mentions of "rdma6" netid
nfs(5): Correct the spelling of "kernel_source"
mount.nfs: insert 'sloppy' at beginning of the options
    Previously, the 'sloppy' option was appended to other options
    so that when kernel parses the options sequentially, the
    'sloppy' option will not work if there's a invalid option in
    front of it.
    use 'po_insert' instead 'po_append'
gssd: Cleaned up debug messages
    Added tids to a number of statements
    Broke the lifetime_rec secs into a readable format
    Printed tids out correctly
    Trim down the output of both '-v' and '-vv'

comment:3 by Douglas R. Reno, 2 years ago

Resolution: fixed
Status: assignedclosed

comment:4 by Bruce Dubbs, 22 months ago

Milestone: 10.211.0

Milestone renamed

Note: See TracTickets for help on using tickets.