Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP5:GA
nfs-utils
0016-mountd-add-cache-use-ipaddr-option-to-forc...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0016-mountd-add-cache-use-ipaddr-option-to-force-use_ipad.patch of Package nfs-utils
From 4d258abf5d7c662363ab82e8aa0c3d82a0411bf7 Mon Sep 17 00:00:00 2001 From: NeilBrown <neil@brown.name> Date: Mon, 15 Mar 2021 09:54:02 -0400 Subject: [PATCH] mountd: add --cache-use-ipaddr option to force use_ipaddr When logging authentication requests, it can be easier to read the logs if clients are always identified by IP address, not intermediate names like netgroups or subnets. To allow this, add --cache-use-ipaddr or -i which tell mountd to always enable use_ipaddr. Signed-off-by: NeilBrown <neil@brown.name> Signed-off-by: Steve Dickson <steved@redhat.com> --- nfs.conf | 1 + systemd/nfs.conf.man | 1 + utils/mountd/auth.c | 4 ++++ utils/mountd/mountd.c | 10 ++++++++-- utils/mountd/mountd.man | 18 ++++++++++++++++++ 5 files changed, 32 insertions(+), 2 deletions(-) --- a/nfs.conf +++ b/nfs.conf @@ -30,6 +30,7 @@ # reverse-lookup=n # state-directory-path=/var/lib/nfs # ha-callout= +# cache-use-ipaddr=n # #[nfsdcltrack] # debug=0 --- a/systemd/nfs.conf.man +++ b/systemd/nfs.conf.man @@ -154,6 +154,7 @@ Recognized values: .BR port , .BR threads , .BR reverse-lookup , +.BR cache-use-upaddr , .BR state-directory-path , .BR ha-callout . --- a/utils/mountd/auth.c +++ b/utils/mountd/auth.c @@ -62,6 +62,10 @@ check_useipaddr(void) int old_use_ipaddr = use_ipaddr; unsigned int len = 0; + if (use_ipaddr > 1) + /* fixed - don't check */ + return; + /* add length of m_hostname + 1 for the comma */ for (clp = clientlist[MCL_NETGROUP]; clp; clp = clp->m_next) len += (strlen(clp->m_hostname) + 1); --- a/utils/mountd/mountd.c +++ b/utils/mountd/mountd.c @@ -72,9 +72,10 @@ static struct option longopts[] = { "manage-gids", 0, 0, 'g' }, { "no-udp", 0, 0, 'u' }, { "log-auth", 0, 0, 'l'}, + { "cache-use-ipaddr", 0, 0, 'i'}, { NULL, 0, 0, 0 } }; -static char shortopts[] = "o:nFd:p:P:hH:N:V:vurs:t:gl"; +static char shortopts[] = "o:nFd:p:P:hH:N:V:vurs:t:gli"; #define NFSVERSBIT(vers) (0x1 << (vers - 1)) #define NFSVERSBIT_ALL (NFSVERSBIT(2) | NFSVERSBIT(3) | NFSVERSBIT(4)) @@ -684,6 +685,8 @@ main(int argc, char **argv) num_threads = conf_get_num("mountd", "threads", num_threads); reverse_resolve = conf_get_bool("mountd", "reverse-lookup", reverse_resolve); ha_callout_prog = conf_get_str("mountd", "ha-callout"); + if (conf_get_bool("mountd", "cache-use-ipaddr", 0)) + use_ipaddr = 2; s = conf_get_str("mountd", "state-directory-path"); if (s) @@ -783,6 +786,9 @@ main(int argc, char **argv) case 'l': xlog_sconfig("auth", 1); break; + case 'i': + use_ipaddr = 2; + break; case 0: break; case '?': @@ -901,7 +907,7 @@ usage(const char *prog, int n) { fprintf(stderr, "Usage: %s [-F|--foreground] [-h|--help] [-v|--version] [-d kind|--debug kind]\n" -" [-l|--log-auth]\n" +" [-l|--log-auth] [-i|--cache-use-ipaddr]\n" " [-o num|--descriptors num]\n" " [-p|--port port] [-V version|--nfs-version version]\n" " [-N version|--no-nfs-version version] [-n|--no-tcp]\n" --- a/utils/mountd/mountd.man +++ b/utils/mountd/mountd.man @@ -112,6 +112,23 @@ section. will always log authentication responses to MOUNT requests when NFSv3 is used, but to get similar logs for NFSv4, this option is required. .TP +.BR \-i " or " \-\-cache\-use\-ipaddr +Normally each client IP address is matched against each host identifier +(name, wildcard, netgroup etc) found in +.B /etc/exports +and a combined identity is formed from all matching identifiers. +Often many clients will map to the same combined identity so performing +this mapping reduces the number of distinct access details that the +kernel needs to store. +Specifying the +.B \-i +option suppresses this mapping so that access to each filesystem is +requested and cached separately for each client IP address. Doing this +can increase the burden of updating the cache slightly, but can make the +log messages produced by the +.B -l +option easier to read. +.TP .B \-F " or " \-\-foreground Run in foreground (do not daemonize) .TP @@ -242,6 +259,7 @@ Values recognized in the .B [mountd] section include .BR manage-gids , +.BR cache\-use\-ipaddr , .BR descriptors , .BR port , .BR threads ,
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor