From 2038fc49649e8dac952a58ccc02c1916f1c72ee7 Mon Sep 17 00:00:00 2001 From: Steve Dickson Date: Mar 25 2008 19:05:56 +0000 Subject: Upgrade to nfs-utils-1.1.2 --- diff --git a/.cvsignore b/.cvsignore index 1af22f8..4784abf 100644 --- a/.cvsignore +++ b/.cvsignore @@ -11,3 +11,4 @@ nfs-utils-1.0.11.tar.bz2 nfs-utils-1.0.12.tar.bz2 nfs-utils-1.1.0.tar.bz2 nfs-utils-1.1.1.tar.bz2 +nfs-utils-1.1.2.tar.bz2 diff --git a/nfs-utils-1.1.0-exportfs-man-update.patch b/nfs-utils-1.1.0-exportfs-man-update.patch index 90f214d..984fa46 100644 --- a/nfs-utils-1.1.0-exportfs-man-update.patch +++ b/nfs-utils-1.1.0-exportfs-man-update.patch @@ -1,6 +1,6 @@ -commit 0647ed30739b9867a4657bd69467925c868640b3 +commit fa29d7a9a3d8a72b79924d28813eef7e55a25bc9 Author: Steve Dickson -Date: Fri Sep 14 13:21:08 2007 -0400 +Date: Tue Mar 18 09:33:44 2008 -0400 Updated exportfs man to talk about /var/lib/nfs/etab instead of /var/lib/nfs/xtab @@ -8,7 +8,7 @@ Date: Fri Sep 14 13:21:08 2007 -0400 Signed-off-by: Steve Dickson diff --git a/utils/exportfs/exportfs.man b/utils/exportfs/exportfs.man -index 2bd8e31..9cfe7b8 100644 +index 59789cc..a8fdb05 100644 --- a/utils/exportfs/exportfs.man +++ b/utils/exportfs/exportfs.man @@ -22,14 +22,14 @@ The @@ -84,20 +84,11 @@ index 2bd8e31..9cfe7b8 100644 are removed from the kernel export tables, and the file is cleared. This effectively shuts down all NFS activity. .P - To remove individual export entries, one can specify a + To remove an export to a host, specify a .I host:/path pair. This deletes the specified entry from -.B xtab +.B etab and removes the corresponding kernel entry (if any). - .P - .\" -------------------- Dumping the Export Table ----------------- -@@ -186,7 +186,7 @@ option, the list of flags pertaining to each export are shown in addition. - The following adds all directories listed in - .B /etc/exports - to --.B /var/lib/nfs/xtab -+.B /var/lib/nfs/etab - and pushes the resulting export entries into the kernel: - .P - .nf + To remove one or more exports to several hosts, use + .BR "exportfs -ua" . diff --git a/nfs-utils-1.1.2-multi-auth-flavours.patch b/nfs-utils-1.1.2-multi-auth-flavours.patch new file mode 100644 index 0000000..606ffcb --- /dev/null +++ b/nfs-utils-1.1.2-multi-auth-flavours.patch @@ -0,0 +1,75 @@ +commit 3c1bb23c0379864722e79d19f74c180edcf2c36e +Author: bc Wong +Date: Tue Mar 18 09:30:44 2008 -0400 + + There were 2 things wrong with auth flavour ordering: + - Mountd used to advertise AUTH_NULL as the first flavour on + the list, which means that it prefers AUTH_NULL to anything + else (as per RFC 2623 section 2.7). + - Mount.nfs used to scan the returned list in reverse order, + and stopping at the first AUTH_NULL or AUTH_SYS encountered. + If a server advertises (AUTH_SYS, AUTH_NULL), it will by + default choose AUTH_NULL and have degraded access. + + I've fixed mount.nfs to scan from the beginning. For mountd, + it does not advertise AUTH_NULL anymore. This is necessary + to avoid backward compatibility issue. If AUTH_NULL appears + in the list, either the new or the old client will choose + that over AUTH_SYS. + + Tested the server/client combination against the previous + versions, as well as Solaris and FreeBSD. + + Signed-off-by: bc Wong + Signed-off-by: Steve Dickson + +--- nfs-utils-1.1.2/utils/mount/nfsmount.c.orig 2008-03-14 11:46:29.000000000 -0400 ++++ nfs-utils-1.1.2/utils/mount/nfsmount.c 2008-03-25 10:18:09.333839000 -0400 +@@ -738,7 +738,7 @@ nfsmount(const char *spec, const char *n + #if NFS_MOUNT_VERSION >= 4 + mountres3_ok *mountres; + fhandle3 *fhandle; +- int i, *flavor, yum = 0; ++ int i, n_flavors, *flavor, yum = 0; + if (mntres.nfsv3.fhs_status != 0) { + nfs_error(_("%s: %s:%s failed, reason given by server: %s"), + progname, hostname, dirname, +@@ -747,13 +747,16 @@ nfsmount(const char *spec, const char *n + } + #if NFS_MOUNT_VERSION >= 5 + mountres = &mntres.nfsv3.mountres3_u.mountinfo; +- i = mountres->auth_flavors.auth_flavors_len; +- if (i <= 0) ++ n_flavors = mountres->auth_flavors.auth_flavors_len; ++ if (n_flavors <= 0) + goto noauth_flavors; + + flavor = mountres->auth_flavors.auth_flavors_val; +- while (--i >= 0) { +- /* If no flavour requested, use first simple ++ for (i = 0; i < n_flavors; ++i) { ++ /* ++ * Per RFC2623, section 2.7, we should prefer the ++ * flavour listed first. ++ * If no flavour requested, use the first simple + * flavour that is offered. + */ + if (! (data.flags & NFS_MOUNT_SECFLAVOUR) && +--- nfs-utils-1.1.2/utils/mountd/mountd.c.orig 2008-03-14 11:46:29.000000000 -0400 ++++ nfs-utils-1.1.2/utils/mountd/mountd.c 2008-03-25 10:18:09.339833000 -0400 +@@ -342,7 +342,14 @@ mount_mnt_3_svc(struct svc_req *rqstp, d + #define AUTH_GSS_KRB5 390003 + #define AUTH_GSS_KRB5I 390004 + #define AUTH_GSS_KRB5P 390005 +- static int flavors[] = { AUTH_NULL, AUTH_UNIX, AUTH_GSS_KRB5, AUTH_GSS_KRB5I, AUTH_GSS_KRB5P}; ++ static int flavors[] = { AUTH_UNIX, AUTH_GSS_KRB5, AUTH_GSS_KRB5I, AUTH_GSS_KRB5P}; ++ /* ++ * We should advertise the preferred flavours first. (See RFC 2623 ++ * section 2.7.) AUTH_UNIX is arbitrarily ranked over the GSS's. ++ * AUTH_NULL is dropped from the list to avoid backward compatibility ++ * issue with older Linux clients, who inspect the list in reversed ++ * order. ++ */ + struct nfs_fh_len *fh; + + xlog(D_CALL, "MNT3(%s) called", *path); diff --git a/nfs-utils.spec b/nfs-utils.spec index 3c80f86..1d21967 100644 --- a/nfs-utils.spec +++ b/nfs-utils.spec @@ -1,8 +1,8 @@ Summary: NFS utilities and supporting clients and daemons for the kernel NFS server Name: nfs-utils URL: http://sourceforge.net/projects/nfs -Version: 1.1.1 -Release: 5%{?dist} +Version: 1.1.2 +Release: 1%{?dist} Epoch: 1 # group all 32bit related archs @@ -29,27 +29,12 @@ Patch03: nfs-utils-1.1.0-showmount-rpcerror.patch Patch04: nfs-utils-1.1.0-exp-subtree-warn-off.patch Patch05: nfs-utils-1.1.0-exportfs-open.patch Patch06: nfs-utils-1.1.0-exportfs-man-update.patch -Patch07: nfs-utils-1.1.0-nfs-man.patch -Patch08: nfs-utils-1.1.1-mountd-man.patch -Patch09: nfs-utils-1.1.1-fsloc-nohide.patch +Patch07: nfs-utils-1.1.2-multi-auth-flavours.patch %if %{enablefscache} Patch90: nfs-utils-1.1.0-mount-fsc.patch %endif -Patch100: nfs-utils-1.1.1-nfsstat-manpage.patch -Patch101: nfs-utils-1.1.1-export-manpage.patch -Patch102: nfs-utils-1.1.1-mount-rm-nfsprog.patch -Patch103: nfs-utils-1.1.1-mount-rm-mountprog.patch -Patch104: nfs-utils-1.1.1-xlog-valist.patch -Patch105: nfs-utils-1.1.1-mountd-crossmnt.patch -Patch106: nfs-utils-1.1.1-mount-relatime.patch -Patch107: nfs-utils-1.1.1-mountd-crossmnt-cleanup.patch -Patch108: nfs-utils-1.1.1-mountd-exportlist.patch -Patch109: nfs-utils-1.1.1-gssd-mcred.patch -Patch110: nfs-utils-1.1.1-nfsstat-cmdline.patch -Patch111: nfs-utils-1.1.1-idmapd-validasc.patch - Group: System Environment/Daemons Provides: exportfs = %{epoch}:%{version}-%{release} Provides: nfsstat = %{epoch}:%{version}-%{release} @@ -103,26 +88,11 @@ This package also contains the mount.nfs and umount.nfs program. %patch05 -p1 %patch06 -p1 %patch07 -p1 -%patch08 -p1 -%patch09 -p1 %if %{enablefscache} %patch90 -p1 %endif -%patch100 -p1 -%patch101 -p1 -%patch102 -p1 -%patch103 -p1 -%patch104 -p1 -%patch105 -p1 -%patch106 -p1 -%patch107 -p1 -%patch108 -p1 -%patch109 -p1 -%patch110 -p1 -%patch111 -p1 - # Remove .orig files find . -name "*.orig" | xargs rm -f @@ -285,6 +255,9 @@ fi %attr(4755,root,root) /sbin/umount.nfs4 %changelog +* Tue Mar 25 2008 Steve Dickson 1.1.2-1 +- Upgrade to nfs-utils-1.1.2 + * Mon Mar 3 2008 Steve Dickson 1.1.1-5 - Stopped mountd from incorrectly logging an error (commit 9dd9b68c4c44f0d9102eb85ee2fa36a8b7f638e3) diff --git a/sources b/sources index 078eb8b..e9bbfd2 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ ae7db9c61c5ad04f83bb99e5caed73da nfs.doc.tar.gz -d2a7815329405172b29f051fcffe3c94 nfs-utils-1.1.1.tar.bz2 +f1d53d27cc246291841e0989530dc94b nfs-utils-1.1.2.tar.bz2