diff --git a/.cvsignore b/.cvsignore index b243b2e..87cfac9 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1 +1,2 @@ tgt-0.9.5.tar.bz2 +tgt-1.0.1.tar.gz diff --git a/scsi-target-utils.spec b/scsi-target-utils.spec index df0503a..df53a4b 100644 --- a/scsi-target-utils.spec +++ b/scsi-target-utils.spec @@ -1,15 +1,18 @@ Name: scsi-target-utils -Version: 0.9.5 -Release: 1%{?dist} +Version: 1.0.1 +Release: 0%{?dist} Summary: The SCSI target daemon and utility programs Group: System Environment/Daemons License: GPLv2 -URL: http://stgt.berlios.de -Source0: http://stgt.berlios.de/releases/tgt-%{version}.tar.bz2 +URL: http://stgt.sourceforge.net/ +Source0: http://stgt.sourceforge.net/releases/tgt-%{version}.tar.gz Source1: tgtd.init +Source2: sysconfig.tgtd +Source3: targets.conf Patch0: tgt-20080805-shebang.patch -Patch1: tgt-0.9.5-makefile.patch +Patch1: tgt-snprintf-fix.patch + BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: openssl-devel pkgconfig @@ -39,14 +42,21 @@ pushd usr %{__install} -d %{buildroot}%{_sbindir} %{__install} -d %{buildroot}%{_mandir}/man8 %{__install} -d %{buildroot}%{_initrddir} +%{__install} -d %{buildroot}%{_sysconfdir}/tgt +%{__install} -d %{buildroot}%{_sysconfdir}/sysconfig +%{__install} -p -m 0755 scripts/tgt-setup-lun %{buildroot}%{_sbindir} %{__install} -p -m 0755 %{SOURCE1} %{buildroot}%{_initrddir}/tgtd %{__install} -p -m 0755 scripts/tgt-admin %{buildroot}/%{_sbindir}/tgt-admin %{__install} -p -m 0644 doc/manpages/tgtadm.8 %{buildroot}/%{_mandir}/man8 %{__install} -p -m 0644 doc/manpages/tgt-admin.8 %{buildroot}/%{_mandir}/man8 +%{__install} -p -m 0644 doc/manpages/tgt-setup-lun.8 %{buildroot}/%{_mandir}/man8 +%{__install} -p -m 0600 %{SOURCE2} %{buildroot}%{_sysconfdir}/sysconfig/tgtd +%{__install} -p -m 0600 %{SOURCE3} %{buildroot}%{_sysconfdir}/tgt pushd usr -%{__make} install DESTDIR=%{buildroot} +%{__make} install DESTDIR=%{buildroot} sbindir=%{_sbindir} + # we ship these by doc macro %{__rm} -rf %{buildroot}/usr/share/doc/tgt @@ -70,8 +80,7 @@ fi %files %defattr(-, root, root, -) -%doc README doc/README.* doc/targets.conf.example doc/tmf.txt doc/TODO -%doc scripts/tgt-core-test +%doc README doc/README.iscsi doc/README.iser doc/README.lu_configuration doc/README.mmc doc/README.ssc %{_sbindir}/tgtd %{_sbindir}/tgtadm %{_sbindir}/tgt-setup-lun @@ -79,8 +88,15 @@ fi %{_sbindir}/tgtimg %{_mandir}/man8/* %{_initrddir}/tgtd +%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/sysconfig/tgtd +%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/tgt/targets.conf + %changelog +* Thu Apr 8 2010 Mike Christie - 1.0.1 +- Fix format string vulnerability (CVE-2010-0743) +- Sync to upstream tgt-1.0.1 + * Mon Mar 16 2009 Terje Rosten - 0.9.5-1 - 0.9.5 - remove patch now upstream diff --git a/sources b/sources index 41fde2e..003cb82 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -43d95cb4163de21459ffee300764d11a tgt-0.9.5.tar.bz2 +46f5bf01f9002b32a57e5def3f5e4543 tgt-1.0.1.tar.gz diff --git a/sysconfig.tgtd b/sysconfig.tgtd new file mode 100644 index 0000000..976e94e --- /dev/null +++ b/sysconfig.tgtd @@ -0,0 +1,2 @@ +# configuration file +#TGTD_CONFIG=/etc/tgt/targets.conf diff --git a/targets.conf b/targets.conf new file mode 100644 index 0000000..89c554e --- /dev/null +++ b/targets.conf @@ -0,0 +1,238 @@ +# This is a sample config file for tgt-admin. +# By default, tgt-admin looks for its config file in /etc/tgt/targets.conf +# +# The "#" symbol disables the processing of a line. + + +# This one includes other config files: + +#include /etc/tgt/temp/*.conf + + +# Set the driver. If not specified, defaults to "iscsi". + +default-driver iscsi + + +# Continue if tgtadm exits with non-zero code (equivalent of +# --ignore-errors command line option) +#ignore-errors yes + + +# Sample target with one LUN only. Defaults to allow access for all initiators: + +# +# backing-store /dev/LVM/somedevice +# + + +# Similar, but we use "direct-store" instead of "backing-store". +# "direct-store" reads drive parameters with sg_inq command and sets them to +# the target. +# Parameters fatched with sg_inq are: +# - Vendor identification +# - Product identification +# - Product revision level +# - Unit serial number (if present) +# We also specify "incominguser". + +# +# direct-store /dev/sdd +# incominguser someuser secretpass12 +# + + +# An example with multiple LUNs, disabled write-cache (tgtd enables write-cache +# by default) and vendor identification set to "MyVendor" + +# +# backing-store /dev/LVM/somedevice1 # Becomes LUN 1 +# backing-store /dev/LVM/somedevice2 # Becomes LUN 2 +# backing-store /dev/LVM/somedevice3 # Becomes LUN 3 +# write-cache off +# vendor_id MyCompany Inc. +# + + +# Similar to the one above, but we fetch vendor_id, product_id, product_rev and +# scsi_sn from the disks. +# Vendor identification (vendor_id) is replaced in all disks by "MyVendor" + +# +# direct-store /dev/sdb # Becomes LUN 1 +# direct-store /dev/sdc # Becomes LUN 2 +# direct-store /dev/sdd # Becomes LUN 3 +# write-cache off +# vendor_id MyCompany Inc. +# + + +# Note that "first-device-first-lun numbering" will work only for simple +# scenarios above, where _only_ direct-store _or_ backing-store is used. +# If you mix backing-store and direct-store, then all backing-store entries +# are processed before direct-store-entries. + +# +# direct-store /dev/sdb # Becomes LUN 3 +# backing-store /dev/sdc # Becomes LUN 1 +# direct-store /dev/sdd # Becomes LUN 4 +# backing-store /dev/sde # Becomes LUN 2 +# + + +# Even more complicated example - each device has different parameters. +# You can use indentation to make the config file more readable. +# Note that LUNs will be assigned more or less randomly here (and still +# backing-store get LUNs assigned before drect-store). +# You can specify multiple mode_page parameters (they are commented out +# in this example). +# Note that some parameters (write-cache, scsi_sn) were specified "globally". +# "Global" parameters will be applied to all LUNs; they can be overwritten +# "locally", per LUN. +# If lun is not specified, it will be allocated automatically (first available). + +# + +# +# vendor_id VENDOR1 +# removable 1 +# device-type cd +# lun 1 +# + +# +# vendor_id VENDOR2 +# lun 2 +# + +# +# vendor_id back1 +# scsi_sn SERIAL +# write-cache on + # lun 3 # lun is commented out - will be allocated automatically +# + +# +# vendor_id back2 + #mode_page 8:0:18:0x10:0:0xff.... + #mode_page 8:0:18:0x10:0:0xff.... + #bs-type aio +# lun 15 +# + + # Some more parameters which can be specified locally or globally: + #scsi_id ... + #scsi_sn ... + #vendor_id ... + #product_id ... + #product_rev ... + #sense_format ... + #removable ... + #online ... + #path ... + #mode_page 8:0:18:0x10:0:0xff.... + #mode_page 8:0:18:0x10:0:0xff.... + #device-type ... + #bs-type ... # backing store type - default rdwr, can be aio, mmap, etc... + #allow-in-use yes # if specified globally, can't be overwritten locally + +# write-cache off +# scsi_sn multipath-10 + + # Parameters below are only global. They can't be configured per LUN. + # Only allow connections from 192.168.100.1 and 192.168.200.5 +# initiator-address 192.168.100.1 +# initiator-address 192.168.200.5 + + # Tuning parameters (global, per target) + #MaxRecvDataSegmentLength 8192 + #MaxXmitDataSegmentLength 8192 + #HeaderDigest None + #DataDigest None + #InitialR2T Yes + #MaxOutstandingR2T 1 + #ImmediateData Yes + #FirstBurstLength 65536 + #MaxBurstLength 262144 + #DataPDUInOrder Yes + #DataSequenceInOrder Yes + #ErrorRecoveryLevel 0 + #IFMarker No + #OFMarker No + #DefaultTime2Wait 2 + #DefaultTime2Retain 20 + #OFMarkInt Reject + #IFMarkInt Reject + #MaxConnections 1 + + # Allowed incoming users +# incominguser user1 secretpass12 +# incominguser user2 secretpass23 + + # Outgoing user +# outgoinguser userA secretpassA + +# + + +# The device will have lun 1 unless you specify something else +# +# backing-store /dev/LVM/somedevice +# lun 10 +# + + +# Devices which are in use (by system: mounted, for swap, part of RAID, or by +# userspace: dd, by tgtd for another target etc.) can't be used, unless you use +# --force flag or add 'allow-in-use yes' option +# +# backing-store /dev/LVM/somedevice +# allow-in-use yes +# + +# +# +# scsi_sn serial1 +# + +# +# scsi_sn serial2 +# + +# allow-in-use yes +# + + + + + +# Not supported configurations, and therefore, commented out: + +# +# backing-store /dev/LVM/somedevice1 +# backing-store /dev/LVM/somedevice2 +# lun 10 +# lun 11 +# + +# +# +# vendor_id VENDOR1 +# +# +# direct-store /dev/sdc +# + +# This one will break the parser: + +# +# +# vendor_id VENDOR1 +# +# +# direct-store /dev/sdc +# +# +# vendor_id VENDOR1 +# +# diff --git a/tgt-snprintf-fix.patch b/tgt-snprintf-fix.patch new file mode 100644 index 0000000..e77d409 --- /dev/null +++ b/tgt-snprintf-fix.patch @@ -0,0 +1,20 @@ +--- tgt-1.0.1/usr/iscsi/isns.c.org 2010-03-22 17:18:59.788314323 -0600 ++++ tgt-1.0.1/usr/iscsi/isns.c 2010-03-22 17:19:30.833004428 -0600 +@@ -316,7 +316,7 @@ static int isns_attr_query(char *name) + tlv = (struct isns_tlv *) hdr->pdu; + + if (name) +- snprintf(mgmt->name, sizeof(mgmt->name), name); ++ snprintf(mgmt->name, sizeof(mgmt->name), "%s", name); + else { + mgmt->name[0] = '\0'; + target = list_first_entry(&iscsi_targets_list, +@@ -690,7 +690,7 @@ found: + ini = malloc(sizeof(*ini)); + if (!ini) + goto free_qry_mgmt; +- snprintf(ini->name, sizeof(ini->name), name); ++ snprintf(ini->name, sizeof(ini->name), "%s", name); + list_add(&ini->ilist, &target->isns_list); + } else + name = NULL; diff --git a/tgtd.init b/tgtd.init index cd97875..2a56775 100755 --- a/tgtd.init +++ b/tgtd.init @@ -1,6 +1,6 @@ #!/bin/sh # -# chkconfig: - 39 35 +# chkconfig: - 11 89 # ### BEGIN INIT INFO # Provides: tgtd @@ -17,73 +17,200 @@ . /etc/init.d/functions PATH=/sbin:/bin:/usr/sbin:/usr/bin +TGTD_CONFIG=/etc/tgt/targets.conf -RETVAL=0 +prog="SCSI target daemon" +exec=tgtd +lockfile=/var/lock/subsys/$exec + +# Check for and source configuration file otherwise use defaults above +[ -f /etc/sysconfig/$exec ] && . /etc/sysconfig/$exec start() { - echo -n $"Starting SCSI target daemon: " - if [ -f /var/lock/subsys/tgtd ]; then + [ -x /usr/sbin/$exec ] || exit 5 + echo -n $"Starting $prog: " + # Note /dev/null redirection to silence rdma not found messages + daemon $exec >/dev/null 2>&1 + retval=$? + if [ $retval -ne 0 ] ; then + failure echo - success - return + return $retval fi - daemon tgtd + success echo - RETVAL=$? - if [ $RETVAL -eq "0" ]; then - touch /var/lock/subsys/tgtd - fi + touch $lockfile + + # Put tgtd into "offline" state until all the targets are configured. + # We don't want initiators to (re)connect and fail the connection + # if it's not ready. + tgtadm --op update --mode sys --name State -v offline + # Configure the targets. + tgt-admin -e -c $TGTD_CONFIG + # Put tgtd into "ready" state. + tgtadm --op update --mode sys --name State -v ready + + return 0 } stop() { - echo -n $"Stopping SCSI target daemon: " + if [ "$RUNLEVEL" == 0 -o "$RUNLEVEL" == 6 ] ; then + force_stop + return $? + fi + + echo -n $"Stopping $prog: " + # Remove all targets. It only removes targets which are not in use. + tgt-admin --update ALL -c /dev/null >/dev/null 2>&1 + # tgtd will exit if all targets were removed + tgtadm --op delete --mode system >/dev/null 2>&1 + retval=$? + if [ "$retval" -eq 107 ] ; then + echo -n $"not running" + failure + echo + return 7 + elif [ "$retval" -ne 0 ] ; then + echo -n $"initiators still connected" + failure + echo + return 1 + fi + + success + echo + rm -f $lockfile + return 0 +} - if [ ! -f /var/lock/subsys/tgtd ]; then +force_stop() +{ + # NOTE: Forced shutdown of the iscsi target may cause data corruption + # for initiators that are connected. + echo -n $"Force-stopping $prog: " + # Offline everything first. May be needed if we're rebooting, but + # expect the initiators to reconnect cleanly when we boot again + # (i.e. we don't want them to reconnect to a tgtd which is still + # working, but the target is gone). + tgtadm --op update --mode sys --name State -v offline >/dev/null 2>&1 + retval=$? + if [ "$retval" -eq 107 ] ; then + echo -n $"not running" + failure echo - success - return + return 7 + else + tgt-admin --offline ALL + # Remove all targets, even if they are still in use. + tgt-admin --update ALL -c /dev/null -f + # It will shut down tgtd only after all targets were removed. + tgtadm --op delete --mode system + retval=$? + if [ "$retval" -ne 0 ] ; then + failure + echo + return 1 + fi fi - if tgtadm --op show -m target | grep "Target" >/dev/null ; then - echo $"Targets still in use. Cannot shutdown service." - RETVAL=1 - return + success + echo + rm -f $lockfile + return 0 +} + +reload() { + echo -n $"Updating $prog configuration: " + # Update configuration for targets. Only targets which + # are not in use will be updated. + tgt-admin --update ALL -c $TGTD_CONFIG >/dev/null 2>&1 + retval=$? + if [ "$retval" -eq 107 ] ; then + echo -n $"not running" + failure + echo + return 7 + elif [ "$retval" -ne 0 ] ; then + failure + echo + return 1 fi - killproc tgtd + success echo - RETVAL=$? - [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/tgtd + return 0 } -restart() -{ - stop - start +force_reload() { + echo -n $"Force-updating $prog configuration: " + # Update configuration for targets, even those in use. + tgt-admin --update ALL -f -c $TGTD_CONFIG >/dev/null 2>&1 + retval=$? + if [ "$retval" -eq 107 ] ; then + echo -n $"not running" + failure + echo + return 7 + elif [ "$retval" -ne 0 ] ; then + failure + echo + return 1 + fi + + success + echo + return 0 +} + +rh_status() { + # run checks to determine if the service is running or use generic status + status $exec +} + +rh_status_q() { + rh_status >/dev/null 2>&1 } + case "$1" in start) - start + rh_status_q && exit 0 + $1 ;; stop) - stop + rh_status_q || exit 0 + $1 + ;; + force-stop) + force_stop ;; restart) - restart + stop + start + ;; + force-restart) + force_stop + start + ;; + reload) + rh_status_q || exit 7 + $1 + ;; + force-reload) + force_reload ;; status) - status tgtd - RETVAL=$? + rh_status ;; - condrestart) - [ -f /var/lock/subsys/tgtd ] && restart + condrestart|try-restart) + rh_status_q || exit 0 + restart ;; *) - echo $"Usage: $0 {start|stop|restart|status|condrestart}" - exit 1 + echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-stop|force-restart|force-reload}" + exit 2 esac -exit $RETVAL +exit $?