From patchwork Tue Apr 2 00:20:54 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Daniel McGregor X-Patchwork-Id: 41896 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 11F6DCD1288 for ; Tue, 2 Apr 2024 00:21:07 +0000 (UTC) Received: from mail-io1-f48.google.com (mail-io1-f48.google.com [209.85.166.48]) by mx.groups.io with SMTP id smtpd.web10.1045.1712017263885652555 for ; Mon, 01 Apr 2024 17:21:04 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=HNjLnzjb; spf=pass (domain: gmail.com, ip: 209.85.166.48, mailfrom: danismostlikely@gmail.com) Received: by mail-io1-f48.google.com with SMTP id ca18e2360f4ac-7cc01644f51so264025139f.2 for ; Mon, 01 Apr 2024 17:21:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1712017263; x=1712622063; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=0r3nKQ94H17sYgp+iRQ+qEjvkxEIEyXzvEY1Emk6BRA=; b=HNjLnzjbF7cpGGc/clsxij5EZeaaxmQZh/0GqU1gRww0i1VqgmKJ2d5T2JFBcG1mS1 jd8XXC+W0ePY71yNT3FOlniJj8p6e2ketoQUz9r7KdLHSglaEFHPPywTTbZajmSRhmsF TistDDOdbXx8nCdjC4BwOf8ozH87HmPsjrTUm0fZhNx5SyJf6z7jTdrmVq0xb7FzMMVj xiNDBvVPgVlSBivybmU0fmMWPFSVkx2BLkbMpX+iafK/CRDvkohhSNDfzTAKSC1Ky2Qk AlBogrTVesL6QfwGN0n3W/UoJ3JASYvCUekmmAJwaWxG+QJEyK8FyC1tn6DYbl95lh16 G3RQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712017263; x=1712622063; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=0r3nKQ94H17sYgp+iRQ+qEjvkxEIEyXzvEY1Emk6BRA=; b=V9tQ/jM016s0lLS7XHGMuyFPNVTAkTR7uiPKOKO8GSao4ORtQpTCw88ekEDPtfh82i ztkVC7KgZbDBASR/ahhA6sPOyMl9IgAOGSPtnvnsIUfWgh8TFaNLL9/x2rMXtacynUCO EYDQP9PVmbnIvMsZDPM3T4MvRRAykd3NO3/SJ9NjeJZ8zJXiB4YT8LEpCyYuPcQdmkN6 20pq2sexUwefeNdRCMRrZGFp6pBdKMHacjQJ4PmM96yDMCtIBntnDJxcRWrI5CXtWZsu MHJOnvJrAc+m21m5HFHlOZqVL6/3A+fpsqLMfvwHXnNKAdH40W+CO+xVuNXD8iy6xo7G 4iSg== X-Gm-Message-State: AOJu0YzpgACMGWbYG2Fd8h7lYVQDubfs8HkgO6KjB24Sm5UBGyJJb8JR JuwtpjO6Kvi2EkFTjRrulEIMdph4UTtIWxoa2n4B5mbo2ffTwHsbMAciUCg7sbs= X-Google-Smtp-Source: AGHT+IEfVR/8SjEJT/s/3W88aqykjS+WWNiHfg4Y3ZyQ9zuUoeVh71mgZW4UwjtbtnVE8+Dmy8XHYQ== X-Received: by 2002:a05:6602:214b:b0:7d0:89d3:bbe5 with SMTP id y11-20020a056602214b00b007d089d3bbe5mr12272494ioy.1.1712017262792; Mon, 01 Apr 2024 17:21:02 -0700 (PDT) Received: from nebuchadnezzar.home.arpa ([204.83.204.143]) by smtp.gmail.com with ESMTPSA id u18-20020a5d83d2000000b007d0648c020asm2949087ior.49.2024.04.01.17.21.01 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 01 Apr 2024 17:21:02 -0700 (PDT) From: Dan McGregor To: openembedded-core@lists.openembedded.org Cc: Daniel McGregor Subject: [PATCH v7 1/3] nfs-utils: clean up startup Date: Mon, 1 Apr 2024 18:20:54 -0600 Message-ID: <20240402002058.3910908-1-danismostlikely@gmail.com> X-Mailer: git-send-email 2.41.0 MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 02 Apr 2024 00:21:07 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/197858 From: Daniel McGregor Change the sysvinit script to start at the S runlevel, this matches Debian, and prevents systemd from generating a unit file for it. Also have the nfsd systemd service request the nfsd kernel filesystem mountpoint. This avoids startup failures in unpriviled containers or other setups that don't support the filesystem. Signed-off-by: Daniel McGregor --- meta/recipes-connectivity/nfs-utils/nfs-utils/nfscommon | 4 ++-- meta/recipes-connectivity/nfs-utils/nfs-utils_2.6.4.bb | 9 ++++----- 2 files changed, 6 insertions(+), 7 deletions(-) diff --git a/meta/recipes-connectivity/nfs-utils/nfs-utils/nfscommon b/meta/recipes-connectivity/nfs-utils/nfs-utils/nfscommon index 992267d5a16..4c1ad17c3c6 100644 --- a/meta/recipes-connectivity/nfs-utils/nfs-utils/nfscommon +++ b/meta/recipes-connectivity/nfs-utils/nfs-utils/nfscommon @@ -3,7 +3,7 @@ # Provides: nfs-common # Required-Start: $portmap hwclock # Required-Stop: $portmap hwclock -# Default-Start: 2 3 4 5 +# Default-Start: S # Default-Stop: 0 1 6 # Short-Description: NFS support for both client and server # Description: NFS is a popular protocol for file sharing across @@ -20,7 +20,7 @@ . /etc/init.d/functions test -x "$NFS_STATD" || NFS_STATD=/usr/sbin/rpc.statd -test -z "$STATD_PID" && STATD_PID=/var/run/rpc.statd.pid +test -z "$STATD_PID" && STATD_PID=/run/rpc.statd.pid # # The default state directory is /var/lib/nfs test -n "$NFS_STATEDIR" || NFS_STATEDIR=/var/lib/nfs diff --git a/meta/recipes-connectivity/nfs-utils/nfs-utils_2.6.4.bb b/meta/recipes-connectivity/nfs-utils/nfs-utils_2.6.4.bb index 2f2644f9a83..527fcd609c1 100644 --- a/meta/recipes-connectivity/nfs-utils/nfs-utils_2.6.4.bb +++ b/meta/recipes-connectivity/nfs-utils/nfs-utils_2.6.4.bb @@ -132,15 +132,14 @@ do_install:append () { install -m 0644 ${WORKDIR}/nfs-server.service ${D}${systemd_system_unitdir}/ install -m 0644 ${WORKDIR}/nfs-mountd.service ${D}${systemd_system_unitdir}/ install -m 0644 ${WORKDIR}/nfs-statd.service ${D}${systemd_system_unitdir}/ + install -m 0644 ${WORKDIR}/proc-fs-nfsd.mount ${D}${systemd_system_unitdir}/ sed -i -e 's,@SBINDIR@,${sbindir},g' \ -e 's,@SYSCONFDIR@,${sysconfdir},g' \ -e 's,@HIGH_RLIMIT_NOFILE@,${HIGH_RLIMIT_NOFILE},g' \ ${D}${systemd_system_unitdir}/*.service - if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then - install -m 0644 ${WORKDIR}/proc-fs-nfsd.mount ${D}${systemd_system_unitdir}/ - install -d ${D}${systemd_system_unitdir}/sysinit.target.wants/ - ln -sf ../proc-fs-nfsd.mount ${D}${systemd_system_unitdir}/sysinit.target.wants/proc-fs-nfsd.mount - fi + # Add compatibility symlinks for the sysvinit scripts + ln -s nfs-server.service ${D}${systemd_system_unitdir}/nfsserver.service + ln -s /dev/null ${D}${systemd_system_unitdir}/nfscommon.service # kernel code as of 3.8 hard-codes this path as a default install -d ${D}/var/lib/nfs/v4recovery From patchwork Tue Apr 2 00:20:55 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Daniel McGregor X-Patchwork-Id: 41898 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2A9BBCD1292 for ; Tue, 2 Apr 2024 00:21:07 +0000 (UTC) Received: from mail-io1-f51.google.com (mail-io1-f51.google.com [209.85.166.51]) by mx.groups.io with SMTP id smtpd.web11.1124.1712017264720919001 for ; Mon, 01 Apr 2024 17:21:04 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=E2YPQLqa; spf=pass (domain: gmail.com, ip: 209.85.166.51, mailfrom: danismostlikely@gmail.com) Received: by mail-io1-f51.google.com with SMTP id ca18e2360f4ac-7c7ee7fa1d8so149168539f.1 for ; Mon, 01 Apr 2024 17:21:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1712017264; x=1712622064; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Zn+MQHRDSrcvlTRWT5WsakaO4osFEru1a/9VxJRUD9A=; b=E2YPQLqaHHy8yB4WW2waUNF/BbLZe3axHmeibIpj2YBCAacrVGj2JUG6fjGeC49317 1YqnktarYLyydOflyfJPMukwadgtnpWtW+vu0qLCZjQtdk8V6gmQMMfgK+CZrCZAHD8H VISc/Xy3OGVVnrybBB6p8YW3pAKqVcD9ChNuhE+eZVBbvJ4ImX96XqxVrgOzrR++2u0F /WHhLJQ8UukHsdGhrjsWnFr1NHAhbZ96/edvnD6vThu6c43KlKfggmma/OrO34/Phixw jzrK4o0oPitq5upQVeaMVpYqnKg/MlLpqiy3skVc+4BHOZstK8w+HfrQ96ITgJx421p6 4W8g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712017264; x=1712622064; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Zn+MQHRDSrcvlTRWT5WsakaO4osFEru1a/9VxJRUD9A=; b=JdKW3yLbq1wZupwxjQ2mJaJCWPM3i0NiYYhkClS8j3gDjQ/VP62OOlt66ghQK61bLy CG8ft+oslwSxEwcDAxaYdzVZOiYCFS49h3MVsum8t1zIHFUN07NYD/fmbp+kApt5A+eq rp9s/TuZEtN152L08QQs3bT8BHgSwYu8Ru2D8iRKjiK5OIZWW2/MKmnFOgicrnJIrjHr 7Sprg1Dw6nScWJScOff/0xx0TRskZRM8ysB9HKBV3Z0nhpgAp4bK2tcnnaOoCn4Hjrw7 uk3+kEhKWXqlPNUdD1ytLXXrqePPauam+Tt0oXz1GUhkc5SIwmJJCVP2cR8y6oBYYIod vh8A== X-Gm-Message-State: AOJu0YxllWbGvpbZG0wXfewbS2P2NuWj2Bsl9P8gGtYJGL1/IEvz4tjJ QTbpnOB92PoVyC0yfkmuxAeEdZW0ov70+MvaAn7+DmZVCXM+BCBQegH9SI96ZO4= X-Google-Smtp-Source: AGHT+IEKFJ9/y94KL5R5sxjPrnMkYNaFzhBBU8uMmnwlarcyxvquu/Pa0yhdc8OXD2AbsfolVP9HEA== X-Received: by 2002:a6b:7c05:0:b0:7d0:c9f3:e7f5 with SMTP id m5-20020a6b7c05000000b007d0c9f3e7f5mr3976008iok.1.1712017263632; Mon, 01 Apr 2024 17:21:03 -0700 (PDT) Received: from nebuchadnezzar.home.arpa ([204.83.204.143]) by smtp.gmail.com with ESMTPSA id u18-20020a5d83d2000000b007d0648c020asm2949087ior.49.2024.04.01.17.21.02 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 01 Apr 2024 17:21:03 -0700 (PDT) From: Dan McGregor To: openembedded-core@lists.openembedded.org Cc: Daniel McGregor Subject: [PATCH v7 2/3] nfs-utils: Use upstream systemd service files Date: Mon, 1 Apr 2024 18:20:55 -0600 Message-ID: <20240402002058.3910908-2-danismostlikely@gmail.com> X-Mailer: git-send-email 2.41.0 In-Reply-To: <20240402002058.3910908-1-danismostlikely@gmail.com> References: <20240402002058.3910908-1-danismostlikely@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 02 Apr 2024 00:21:07 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/197859 From: Daniel McGregor Reduce diffs against upstream by using the service files provided by them. This reduces our dependence on patches that simply change the names of a service. This also changes the way some nfs options get set for systemd, it introduces the nfs.conf file for configuration, which all daemons already support. Signed-off-by: Daniel McGregor --- .../bugfix-adjust-statd-service-name.patch | 39 ----------------- .../nfs-utils/nfs-utils/nfs-mountd.service | 18 -------- .../nfs-utils/nfs-utils/nfs-server.service | 24 ----------- .../nfs-utils/nfs-utils/nfs-statd.service | 16 ------- .../nfs-utils-debianize-start-statd.patch | 42 ------------------- .../nfs-utils/nfs-utils/nfs-utils.conf | 35 ---------------- .../nfs-utils/nfs-utils/proc-fs-nfsd.mount | 8 ---- .../nfs-utils/nfs-utils_2.6.4.bb | 33 +++++---------- 8 files changed, 11 insertions(+), 204 deletions(-) delete mode 100644 meta/recipes-connectivity/nfs-utils/nfs-utils/bugfix-adjust-statd-service-name.patch delete mode 100644 meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-mountd.service delete mode 100644 meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-server.service delete mode 100644 meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-statd.service delete mode 100644 meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-utils-debianize-start-statd.patch delete mode 100644 meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-utils.conf delete mode 100644 meta/recipes-connectivity/nfs-utils/nfs-utils/proc-fs-nfsd.mount diff --git a/meta/recipes-connectivity/nfs-utils/nfs-utils/bugfix-adjust-statd-service-name.patch b/meta/recipes-connectivity/nfs-utils/nfs-utils/bugfix-adjust-statd-service-name.patch deleted file mode 100644 index f13d7b380ca..00000000000 --- a/meta/recipes-connectivity/nfs-utils/nfs-utils/bugfix-adjust-statd-service-name.patch +++ /dev/null @@ -1,39 +0,0 @@ -From 398fed3bb0350cb1229e54e7020ae0e044c206d1 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Ulrich=20=C3=96lmann?= -Date: Wed, 17 Feb 2016 08:33:45 +0100 -Subject: bugfix: adjust statd service name -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Upstream uses 'rpc-statd.service' and Yocto introduced 'nfs-statd.service' -instead but forgot to update the mount.nfs helper 'start-statd' accordingly. - -Upstream-Status: Inappropriate [other] - -Signed-off-by: Ulrich Ölmann - -Rebase it. - -Signed-off-by: Robert Yang ---- - utils/statd/start-statd | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/utils/statd/start-statd b/utils/statd/start-statd -index af5c950..df9b9be 100755 ---- a/utils/statd/start-statd -+++ b/utils/statd/start-statd -@@ -28,10 +28,10 @@ fi - # First try systemd if it's installed. - if [ -d /run/systemd/system ]; then - # Quit only if the call worked. -- if systemctl start rpc-statd.service; then -+ if systemctl start nfs-statd.service; then - # Ensure systemd knows not to stop rpc.statd or its dependencies - # on 'systemctl isolate ..' -- systemctl add-wants --runtime remote-fs.target rpc-statd.service -+ systemctl add-wants --runtime remote-fs.target nfs-statd.service - exit 0 - fi - fi diff --git a/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-mountd.service b/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-mountd.service deleted file mode 100644 index ebfe64b9ced..00000000000 --- a/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-mountd.service +++ /dev/null @@ -1,18 +0,0 @@ -[Unit] -Description=NFS Mount Daemon -DefaultDependencies=no -After=rpcbind.socket -Requires=proc-fs-nfsd.mount -After=proc-fs-nfsd.mount -After=network.target local-fs.target -BindsTo=nfs-server.service -ConditionPathExists=@SYSCONFDIR@/exports - -[Service] -EnvironmentFile=-@SYSCONFDIR@/nfs-utils.conf -ExecStart=@SBINDIR@/rpc.mountd -F $MOUNTD_OPTS -LimitNOFILE=@HIGH_RLIMIT_NOFILE@ -StateDirectory=nfs - -[Install] -WantedBy=multi-user.target diff --git a/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-server.service b/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-server.service deleted file mode 100644 index 15ceee04d0d..00000000000 --- a/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-server.service +++ /dev/null @@ -1,24 +0,0 @@ -[Unit] -Description=NFS server and services -DefaultDependencies=no -Requires=network.target proc-fs-nfsd.mount -Requires=nfs-mountd.service -Wants=rpcbind.service -After=local-fs.target -After=network.target proc-fs-nfsd.mount rpcbind.service nfs-mountd.service -ConditionPathExists=@SYSCONFDIR@/exports - -[Service] -Type=oneshot -EnvironmentFile=-@SYSCONFDIR@/nfs-utils.conf -ExecStartPre=@SBINDIR@/exportfs -r -ExecStart=@SBINDIR@/rpc.nfsd $NFSD_OPTS $NFSD_COUNT -ExecStop=@SBINDIR@/rpc.nfsd 0 -ExecStopPost=@SBINDIR@/exportfs -au -ExecStopPost=@SBINDIR@/exportfs -f -ExecReload=@SBINDIR@/exportfs -r -RemainAfterExit=yes -StateDirectory=nfs - -[Install] -WantedBy=multi-user.target diff --git a/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-statd.service b/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-statd.service deleted file mode 100644 index b519194121c..00000000000 --- a/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-statd.service +++ /dev/null @@ -1,16 +0,0 @@ -[Unit] -Description=NFS status monitor for NFSv2/3 locking. -DefaultDependencies=no -Conflicts=umount.target -Requires=nss-lookup.target rpcbind.service -After=network.target nss-lookup.target rpcbind.service -ConditionPathExists=@SYSCONFDIR@/exports - -[Service] -EnvironmentFile=-@SYSCONFDIR@/nfs-utils.conf -ExecStart=@SBINDIR@/rpc.statd -F $STATD_OPTS -LimitNOFILE=@HIGH_RLIMIT_NOFILE@ -StateDirectory=nfs - -[Install] -WantedBy=multi-user.target diff --git a/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-utils-debianize-start-statd.patch b/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-utils-debianize-start-statd.patch deleted file mode 100644 index ede0dcefc49..00000000000 --- a/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-utils-debianize-start-statd.patch +++ /dev/null @@ -1,42 +0,0 @@ -[PATCH] nfs-utils: debianize start-statd - -Upstream-Status: Pending - -make start-statd command to use nfscommon configure, too. - -Signed-off-by: Henrik Riomar -Signed-off-by: Li Wang -Signed-off-by: Roy Li -Signed-off-by: Wenzong Fan ---- - utils/statd/start-statd | 10 +++++++++- - 1 file changed, 9 insertions(+), 1 deletion(-) - -diff --git a/utils/statd/start-statd b/utils/statd/start-statd -index 2fd6039..f591b34 100755 ---- a/utils/statd/start-statd -+++ b/utils/statd/start-statd -@@ -17,6 +17,14 @@ then - # statd already running - must have been slow to respond. - exit 0 - fi -+ -+# Read config -+DEFAULTFILE=/etc/default/nfs-common -+NEED_IDMAPD= -+if [ -f $DEFAULTFILE ]; then -+ . $DEFAULTFILE -+fi -+ - # First try systemd if it's installed. - if [ -d /run/systemd/system ]; then - # Quit only if the call worked. -@@ -25,4 +33,4 @@ fi - - cd / - # Fall back to launching it ourselves. --exec rpc.statd --no-notify -+exec rpc.statd --no-notify $STATDOPTS --- -2.6.6 - diff --git a/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-utils.conf b/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-utils.conf deleted file mode 100644 index a1007a7fbf4..00000000000 --- a/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-utils.conf +++ /dev/null @@ -1,35 +0,0 @@ -# Parameters to be passed to nfs-utils (clients & server) service files. -# - -# Options to pass to rpc.nfsd. -NFSD_OPTS="" - -# Number of servers to start up; the default is 8 servers. -NFSD_COUNT="" - -# Where to mount nfsd filesystem; the default is "/proc/fs/nfsd". -PROCNFSD_MOUNTPOINT="" - -# Options used to mount nfsd filesystem; the default is "rw,nodev,noexec,nosuid". -PROCNFSD_MOUNTOPTS="" - -# Options for rpc.mountd. -# If you have a port-based firewall, you might want to set up -# a fixed port here using the --port option. -MOUNTD_OPTS="" - -# Parameters to be passed to nfs-common (nfs clients & server) init script. -# - -# If you do not set values for the NEED_ options, they will be attempted -# autodetected; this should be sufficient for most people. Valid alternatives -# for the NEED_ options are "yes" and "no". - -# Do you want to start the statd daemon? It is not needed for NFSv4. -NEED_STATD="" - -# Options to pass to rpc.statd. -# N.B. statd normally runs on both client and server, and run-time -# options should be specified accordingly. -# STATD_OPTS="-p 32765 -o 32766" -STATD_OPTS="" diff --git a/meta/recipes-connectivity/nfs-utils/nfs-utils/proc-fs-nfsd.mount b/meta/recipes-connectivity/nfs-utils/nfs-utils/proc-fs-nfsd.mount deleted file mode 100644 index 630801b3751..00000000000 --- a/meta/recipes-connectivity/nfs-utils/nfs-utils/proc-fs-nfsd.mount +++ /dev/null @@ -1,8 +0,0 @@ -[Unit] -Description=NFSD configuration filesystem -After=systemd-modules-load.service - -[Mount] -What=nfsd -Where=/proc/fs/nfsd -Type=nfsd diff --git a/meta/recipes-connectivity/nfs-utils/nfs-utils_2.6.4.bb b/meta/recipes-connectivity/nfs-utils/nfs-utils_2.6.4.bb index 527fcd609c1..bb155f8568e 100644 --- a/meta/recipes-connectivity/nfs-utils/nfs-utils_2.6.4.bb +++ b/meta/recipes-connectivity/nfs-utils/nfs-utils_2.6.4.bb @@ -21,13 +21,6 @@ USERADD_PARAM:${PN}-client = "--system --home-dir /var/lib/nfs \ SRC_URI = "${KERNELORG_MIRROR}/linux/utils/nfs-utils/${PV}/nfs-utils-${PV}.tar.xz \ file://nfsserver \ file://nfscommon \ - file://nfs-utils.conf \ - file://nfs-server.service \ - file://nfs-mountd.service \ - file://nfs-statd.service \ - file://proc-fs-nfsd.mount \ - file://nfs-utils-debianize-start-statd.patch \ - file://bugfix-adjust-statd-service-name.patch \ file://0001-Makefile.am-fix-undefined-function-for-libnsm.a.patch \ file://clang-warnings.patch \ file://0001-locktest-Makefile.am-Do-not-use-build-flags.patch \ @@ -48,8 +41,8 @@ INITSCRIPT_PARAMS:${PN}-client = "defaults 19 21" inherit autotools-brokensep update-rc.d systemd pkgconfig SYSTEMD_PACKAGES = "${PN} ${PN}-client" -SYSTEMD_SERVICE:${PN} = "nfs-server.service nfs-mountd.service" -SYSTEMD_SERVICE:${PN}-client = "nfs-statd.service" +SYSTEMD_SERVICE:${PN} = "nfs-server.service" +SYSTEMD_SERVICE:${PN}-client = "nfs-client.target" # --enable-uuid is need for cross-compiling EXTRA_OECONF = "--with-statduser=rpcuser \ @@ -65,7 +58,7 @@ EXTRA_OECONF = "--with-statduser=rpcuser \ LDFLAGS:append = " -lsqlite3 -levent" PACKAGECONFIG ??= "tcp-wrappers \ - ${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)} \ + ${@bb.utils.filter('DISTRO_FEATURES', 'ipv6 systemd', d)} \ " PACKAGECONFIG:remove:libc-musl = "tcp-wrappers" PACKAGECONFIG[tcp-wrappers] = "--with-tcp-wrappers,--without-tcp-wrappers,tcp-wrappers" @@ -74,6 +67,7 @@ PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6," PACKAGECONFIG[nfsv41] = "--enable-nfsv41,--disable-nfsv41,libdevmapper,libdevmapper" # keyutils is available in meta-oe PACKAGECONFIG[nfsv4] = "--enable-nfsv4,--disable-nfsv4,keyutils,python3-core" +PACKAGECONFIG[systemd] = "--with-systemd=${systemd_unitdir}/system,--without-systemd" PACKAGES =+ "${PN}-client ${PN}-mount ${PN}-stats ${PN}-rpcctl" @@ -81,14 +75,16 @@ CONFFILES:${PN}-client += "${localstatedir}/lib/nfs/etab \ ${localstatedir}/lib/nfs/rmtab \ ${localstatedir}/lib/nfs/xtab \ ${localstatedir}/lib/nfs/statd/state \ + ${sysconfdir}/nfs.conf \ ${sysconfdir}/nfsmount.conf" FILES:${PN}-client = "${sbindir}/*statd \ ${libdir}/libnfsidmap.so.* \ ${sbindir}/rpc.idmapd ${sbindir}/sm-notify \ ${sbindir}/showmount ${sbindir}/nfsstat \ + ${sbindir}/nfsconf \ ${localstatedir}/lib/nfs \ - ${sysconfdir}/nfs-utils.conf \ + ${sysconfdir}/nfs.conf \ ${sysconfdir}/nfsmount.conf \ ${sysconfdir}/init.d/nfscommon \ ${systemd_system_unitdir}/nfs-statd.service" @@ -108,7 +104,7 @@ FILES:${PN} += "${systemd_unitdir} ${libdir}/libnfsidmap/ ${nonarch_libdir}/modp do_configure:prepend() { sed -i -e 's,sbindir = /sbin,sbindir = ${base_sbindir},g' \ - ${S}/utils/mount/Makefile.am + ${S}/utils/mount/Makefile.am ${S}/utils/nfsdcltrack/Makefile.am } # Make clean needed because the package comes with @@ -125,18 +121,11 @@ do_install:append () { install -m 0755 ${WORKDIR}/nfsserver ${D}${sysconfdir}/init.d/nfsserver install -m 0755 ${WORKDIR}/nfscommon ${D}${sysconfdir}/init.d/nfscommon - install -m 0755 ${WORKDIR}/nfs-utils.conf ${D}${sysconfdir} - install -m 0755 ${S}/utils/mount/nfsmount.conf ${D}${sysconfdir} + install -m 0644 ${S}/nfs.conf ${D}${sysconfdir} install -d ${D}${systemd_system_unitdir} - install -m 0644 ${WORKDIR}/nfs-server.service ${D}${systemd_system_unitdir}/ - install -m 0644 ${WORKDIR}/nfs-mountd.service ${D}${systemd_system_unitdir}/ - install -m 0644 ${WORKDIR}/nfs-statd.service ${D}${systemd_system_unitdir}/ - install -m 0644 ${WORKDIR}/proc-fs-nfsd.mount ${D}${systemd_system_unitdir}/ - sed -i -e 's,@SBINDIR@,${sbindir},g' \ - -e 's,@SYSCONFDIR@,${sysconfdir},g' \ - -e 's,@HIGH_RLIMIT_NOFILE@,${HIGH_RLIMIT_NOFILE},g' \ - ${D}${systemd_system_unitdir}/*.service + # Retain historical service name so old scripts keep working + ln -s rpc-statd.service ${D}${systemd_system_unitdir}/nfs-statd.service # Add compatibility symlinks for the sysvinit scripts ln -s nfs-server.service ${D}${systemd_system_unitdir}/nfsserver.service ln -s /dev/null ${D}${systemd_system_unitdir}/nfscommon.service From patchwork Tue Apr 2 00:20:56 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Daniel McGregor X-Patchwork-Id: 41897 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id F1CC9CD128A for ; Tue, 2 Apr 2024 00:21:06 +0000 (UTC) Received: from mail-io1-f42.google.com (mail-io1-f42.google.com [209.85.166.42]) by mx.groups.io with SMTP id smtpd.web11.1125.1712017265634884968 for ; Mon, 01 Apr 2024 17:21:05 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=MPORBLxJ; spf=pass (domain: gmail.com, ip: 209.85.166.42, mailfrom: danismostlikely@gmail.com) Received: by mail-io1-f42.google.com with SMTP id ca18e2360f4ac-7cc0b35b75bso155573039f.3 for ; Mon, 01 Apr 2024 17:21:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1712017265; x=1712622065; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=DAErknwIpeWR8bZGY0yNoTo3N9oKxmGytZ0Gx7LiO7Q=; b=MPORBLxJ5uxGFWoyAFRLJbL2A0U5p8DET8kfSwJ/VWs/z3BnpQtjVQZPL958VLNL2Y 88iOZWxUz5SGWBS7zSid3rj8ZLekBx7DVDSiLIOfg1ONADycaavKfROCPmOGXrrEG49q be8YTJYNxFG1yNV8q0SjpbDTvE/erSMI3JKU7l9G6bPqy/vcxVNFFyMbZV4u3+A+BMxb BqOPOSqrG6oTcpj4//hxvQaqEfsGyCbWuIdVtmgOHf4A3YjXkA5c6RXWpT96IxqEfOF2 J/Hx83NaaLGyhnWFfhcZWDGdfj34rACkWOp+PFbBXZaq20nvAwdfJUAI3V8neEEdu45u NUgw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712017265; x=1712622065; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=DAErknwIpeWR8bZGY0yNoTo3N9oKxmGytZ0Gx7LiO7Q=; b=H2MgkyCtCpaWU5qYpSEn+4iL/zNJrOgruE29G/QhEoe03XamF+fr6KWRvA9g7Qe+wX SFTZwu62DDjKzZKOQS05ctqGtrBOrrQhcIgc9xi4/nFr2SdwFkdcuozSH8nMlL2gSkHe qk6DY0NUtBYeNWiAlTx6r54uk4uc5JbvWhlWvJl1CXp5nxegCOcJne9FdJ39wH5S5Ctb NFioWICAkBW1PNthYQhG0pt1SfXUovjZFexkSYDsZn8rEFTORUCppwJoITzvngOI/vSp rNrVYkahMvZvsC6TV1hBwDIQORv8Tq+18UhbR5+BDHrf4rn1/loJrQiqI5XOX83bK5zV DMxQ== X-Gm-Message-State: AOJu0YwYG5pb3cKLRUwJHXcJZpjm/zkpqVURsbmbsc1L73RiDXn1jqwt So6IuT9j5frcbVUdz0Q7pN3pdwGv0yKhl1KMnrVU348M5WWAYVQLjcmM6wHxMFk= X-Google-Smtp-Source: AGHT+IFyLU71dfciYryXwPNPkWK/ikedmYYc3HMj4+oba9qj7ygQUw6w5bOq3ur4HzDcZg0QjTlYpA== X-Received: by 2002:a5e:d808:0:b0:7d0:3e86:6ba7 with SMTP id l8-20020a5ed808000000b007d03e866ba7mr13275058iok.17.1712017264476; Mon, 01 Apr 2024 17:21:04 -0700 (PDT) Received: from nebuchadnezzar.home.arpa ([204.83.204.143]) by smtp.gmail.com with ESMTPSA id u18-20020a5d83d2000000b007d0648c020asm2949087ior.49.2024.04.01.17.21.03 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 01 Apr 2024 17:21:04 -0700 (PDT) From: Dan McGregor To: openembedded-core@lists.openembedded.org Cc: Daniel McGregor Subject: [PATCH v7 3/3] nfs-utils: Configure nfsv4 ID mapping & Kerberos Date: Mon, 1 Apr 2024 18:20:56 -0600 Message-ID: <20240402002058.3910908-3-danismostlikely@gmail.com> X-Mailer: git-send-email 2.41.0 In-Reply-To: <20240402002058.3910908-1-danismostlikely@gmail.com> References: <20240402002058.3910908-1-danismostlikely@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 02 Apr 2024 00:21:06 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/197860 From: Daniel McGregor Add support for the nfsv4 user ID mapping daemon, configured with a sensible default, and add a packageconfig for Kerberos support. This is reasonably tested in production in our environment, but only systemd support. There'll be some more work to do to get GSSAPI and NFS idmapd support integreated into that. Signed-off-by: Daniel McGregor --- ...01-gssd-use-printf-format-specifiers.patch | 181 ++++++++++++++++++ .../0002-Use-nogroup-for-nobody-group.patch | 38 ++++ .../0003-find-OE-provided-Kerberos.patch | 42 ++++ .../nfs-utils/nfs-utils/clang-warnings.patch | 81 +++++++- .../nfs-utils/nfs-utils_2.6.4.bb | 37 +++- 5 files changed, 368 insertions(+), 11 deletions(-) create mode 100644 meta/recipes-connectivity/nfs-utils/nfs-utils/0001-gssd-use-printf-format-specifiers.patch create mode 100644 meta/recipes-connectivity/nfs-utils/nfs-utils/0002-Use-nogroup-for-nobody-group.patch create mode 100644 meta/recipes-connectivity/nfs-utils/nfs-utils/0003-find-OE-provided-Kerberos.patch diff --git a/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-gssd-use-printf-format-specifiers.patch b/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-gssd-use-printf-format-specifiers.patch new file mode 100644 index 00000000000..0c0a8515e49 --- /dev/null +++ b/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-gssd-use-printf-format-specifiers.patch @@ -0,0 +1,181 @@ +From 094b965b7044e7d102542ac30e95b556ca82654b Mon Sep 17 00:00:00 2001 +From: Dan McGregor +Date: Wed, 29 Nov 2023 07:10:58 -0600 +Subject: [PATCH] gssd: use printf format specifiers + +This function takes a printf format specifier, tell the compiler about +that. This adds the ability for GCC to warn about misuses, and prevents +Clang from warning on the implementation. + +Upstream-Status: Submitted [https://marc.info/?l=linux-nfs&m=171200832214838&w=2] +Signed-off-by: Daniel McGregor +--- + utils/gssd/err_util.h | 2 +- + utils/gssd/gss_names.c | 4 ++-- + utils/gssd/gss_util.c | 2 +- + utils/gssd/gssd.c | 4 ++-- + utils/gssd/gssd_proc.c | 8 ++++---- + utils/gssd/krb5_util.c | 10 +++++----- + utils/gssd/svcgssd_proc.c | 8 ++++---- + 7 files changed, 19 insertions(+), 19 deletions(-) + +diff --git a/utils/gssd/err_util.h b/utils/gssd/err_util.h +index 6fa9d3d..61f5a31 100644 +--- a/utils/gssd/err_util.h ++++ b/utils/gssd/err_util.h +@@ -32,7 +32,7 @@ + #define _ERR_UTIL_H_ + + void initerr(char *progname, int verbosity, int fg); +-void printerr(int priority, char *format, ...); ++void printerr(int priority, char *format, ...) __attribute__ ((format (printf, 2, 3))); + int get_verbosity(void); + char * sec2time(int); + +diff --git a/utils/gssd/gss_names.c b/utils/gssd/gss_names.c +index 982b96f..0548c33 100644 +--- a/utils/gssd/gss_names.c ++++ b/utils/gssd/gss_names.c +@@ -65,7 +65,7 @@ get_krb5_hostbased_name(gss_buffer_desc *name, char **hostbased_name) + if (strchr(name->value, '@') && strchr(name->value, '/')) { + if ((sname = calloc(name->length, 1)) == NULL) { + printerr(0, "ERROR: get_krb5_hostbased_name failed " +- "to allocate %d bytes\n", name->length); ++ "to allocate %zd bytes\n", name->length); + return -1; + } + /* read in name and instance and replace '/' with '@' */ +@@ -102,7 +102,7 @@ get_hostbased_client_name(gss_name_t client_name, gss_OID mech, + } + if (name.length >= 0xffff) { /* don't overflow */ + printerr(0, "ERROR: get_hostbased_client_name: " +- "received gss_name is too long (%d bytes)\n", ++ "received gss_name is too long (%zd bytes)\n", + name.length); + goto out_rel_buf; + } +diff --git a/utils/gssd/gss_util.c b/utils/gssd/gss_util.c +index a4b2777..7d41a94 100644 +--- a/utils/gssd/gss_util.c ++++ b/utils/gssd/gss_util.c +@@ -304,7 +304,7 @@ gssd_acquire_cred(char *server_name, const gss_OID oid) + target_name, &pbuf, NULL); + if (ignore_maj_stat == GSS_S_COMPLETE) { + printerr(1, "Unable to obtain credentials for '%.*s'\n", +- pbuf.length, pbuf.value); ++ (int)pbuf.length, (char *)pbuf.value); + ignore_maj_stat = gss_release_buffer(&ignore_min_stat, + &pbuf); + } +diff --git a/utils/gssd/gssd.c b/utils/gssd/gssd.c +index 833d8e0..380116a 100644 +--- a/utils/gssd/gssd.c ++++ b/utils/gssd/gssd.c +@@ -518,9 +518,9 @@ scan_active_thread_list(void) + do_error_downcall(info->fd, info->uid, -ETIMEDOUT); + } else { + if (!(info->flags & UPCALL_THREAD_WARNED)) { +- printerr(0, "watchdog: thread id 0x%lx running for %ld seconds\n", ++ printerr(0, "watchdog: thread id 0x%lx running for %lld seconds\n", + info->tid, +- now.tv_sec - info->timeout.tv_sec + upcall_timeout); ++ (long long int)(now.tv_sec - info->timeout.tv_sec + upcall_timeout)); + info->flags |= UPCALL_THREAD_WARNED; + } + } +diff --git a/utils/gssd/gssd_proc.c b/utils/gssd/gssd_proc.c +index ae568f1..574eb4b 100644 +--- a/utils/gssd/gssd_proc.c ++++ b/utils/gssd/gssd_proc.c +@@ -168,7 +168,7 @@ do_downcall(int k5_fd, uid_t uid, struct authgss_private_data *pd, + + if (get_verbosity() > 1) + printerr(2, "do_downcall(0x%lx): lifetime_rec=%s acceptor=%.*s\n", +- tid, sec2time(lifetime_rec), acceptor->length, acceptor->value); ++ tid, sec2time(lifetime_rec), (int)acceptor->length, (char *)acceptor->value); + buf_size = sizeof(uid) + sizeof(timeout) + sizeof(pd->pd_seq_win) + + sizeof(pd->pd_ctx_hndl.length) + pd->pd_ctx_hndl.length + + sizeof(context_token->length) + context_token->length + +@@ -284,14 +284,14 @@ populate_port(struct sockaddr *sa, const socklen_t salen, + + port = nfs_getport(sa, salen, program, version, protocol); + if (!port) { +- printerr(0, "ERROR: unable to obtain port for prog %ld " +- "vers %ld\n", program, version); ++ printerr(0, "ERROR: unable to obtain port for prog %lu " ++ "vers %lu\n", (long unsigned int)program, (long unsigned int)version); + return 0; + } + + set_port: + printerr(2, "DEBUG: setting port to %hu for prog %lu vers %lu\n", port, +- program, version); ++ (long unsigned int)program, (long unsigned int)version); + + switch (sa->sa_family) { + case AF_INET: +diff --git a/utils/gssd/krb5_util.c b/utils/gssd/krb5_util.c +index e3f270e..28f7d84 100644 +--- a/utils/gssd/krb5_util.c ++++ b/utils/gssd/krb5_util.c +@@ -304,9 +304,9 @@ gssd_find_existing_krb5_ccache(uid_t uid, char *dirname, + score++; + + printerr(3, "CC '%s'(%s@%s) passed all checks and" +- " has mtime of %u\n", ++ " has mtime of %llu\n", + buf, princname, realm, +- tmp_stat.st_mtime); ++ (long long unsigned)tmp_stat.st_mtime); + /* + * if more than one match is found, return the most + * recent (the one with the latest mtime), and +@@ -341,10 +341,10 @@ gssd_find_existing_krb5_ccache(uid_t uid, char *dirname, + } + printerr(3, "CC '%s:%s/%s' is our " + "current best match " +- "with mtime of %u\n", +- cctype, dirname, ++ "with mtime of %llu\n", ++ *cctype, dirname, + best_match_dir->d_name, +- best_match_stat.st_mtime); ++ (long long unsigned)best_match_stat.st_mtime); + } + free(princname); + free(realm); +diff --git a/utils/gssd/svcgssd_proc.c b/utils/gssd/svcgssd_proc.c +index b403143..7fecd1a 100644 +--- a/utils/gssd/svcgssd_proc.c ++++ b/utils/gssd/svcgssd_proc.c +@@ -102,10 +102,10 @@ do_svc_downcall(gss_buffer_desc *out_handle, struct svc_cred *cred, + qword_addint(&bp, &blen, cred->cr_uid); + qword_addint(&bp, &blen, cred->cr_gid); + qword_addint(&bp, &blen, cred->cr_ngroups); +- printerr(2, "mech: %s, hndl len: %d, ctx len %d, timeout: %d (%d from now), " ++ printerr(2, "mech: %s, hndl len: %zd, ctx len %zd, timeout: %lld (%lld from now), " + "clnt: %s, uid: %d, gid: %d, num aux grps: %d:\n", + fname, out_handle->length, context_token->length, +- endtime, endtime - time(0), ++ (long long int)endtime, (long long int)(endtime - time(0)), + client_name ? client_name : "", + cred->cr_uid, cred->cr_gid, cred->cr_ngroups); + for (i=0; i < cred->cr_ngroups; i++) { +@@ -232,7 +232,7 @@ get_ids(gss_name_t client_name, gss_OID mech, struct svc_cred *cred) + } + if (name.length >= 0xffff || /* be certain name.length+1 doesn't overflow */ + !(sname = calloc(name.length + 1, 1))) { +- printerr(0, "WARNING: get_ids: error allocating %d bytes " ++ printerr(0, "WARNING: get_ids: error allocating %zd bytes " + "for sname\n", name.length + 1); + gss_release_buffer(&min_stat, &name); + goto out; +@@ -360,7 +360,7 @@ handle_nullreq(char *cp) { + if (in_handle.length != 0) { /* CONTINUE_INIT case */ + if (in_handle.length != sizeof(ctx)) { + printerr(0, "WARNING: handle_nullreq: " +- "input handle has unexpected length %d\n", ++ "input handle has unexpected length %zd\n", + in_handle.length); + goto out_err; + } diff --git a/meta/recipes-connectivity/nfs-utils/nfs-utils/0002-Use-nogroup-for-nobody-group.patch b/meta/recipes-connectivity/nfs-utils/nfs-utils/0002-Use-nogroup-for-nobody-group.patch new file mode 100644 index 00000000000..3c238f851ba --- /dev/null +++ b/meta/recipes-connectivity/nfs-utils/nfs-utils/0002-Use-nogroup-for-nobody-group.patch @@ -0,0 +1,38 @@ +From 6095b5a9208eac37b73e05f81c090d8183138c6a Mon Sep 17 00:00:00 2001 +From: Daniel McGregor +Date: Tue, 6 Jun 2023 16:07:53 -0600 +Subject: [PATCH] Use "nogroup" for nobody group + +Upstream-Status: Inappropriate [oe-core specific, configuration] +Signed-off-by: Daniel McGregor +--- + support/nfsidmap/idmapd.conf | 2 +- + utils/idmapd/idmapd.c | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/support/nfsidmap/idmapd.conf b/support/nfsidmap/idmapd.conf +index 2a2f79a1..e6f3724f 100644 +--- a/support/nfsidmap/idmapd.conf ++++ b/support/nfsidmap/idmapd.conf +@@ -41,7 +41,7 @@ + [Mapping] + + #Nobody-User = nobody +-#Nobody-Group = nobody ++#Nobody-Group = nogroup + + [Translation] + +diff --git a/utils/idmapd/idmapd.c b/utils/idmapd/idmapd.c +index cd9a965f..3be805e9 100644 +--- a/utils/idmapd/idmapd.c ++++ b/utils/idmapd/idmapd.c +@@ -89,7 +89,7 @@ + #endif + + #ifndef NFS4NOBODY_GROUP +-#define NFS4NOBODY_GROUP "nobody" ++#define NFS4NOBODY_GROUP "nogroup" + #endif + + /* From Niels */ diff --git a/meta/recipes-connectivity/nfs-utils/nfs-utils/0003-find-OE-provided-Kerberos.patch b/meta/recipes-connectivity/nfs-utils/nfs-utils/0003-find-OE-provided-Kerberos.patch new file mode 100644 index 00000000000..4f15aaec4ea --- /dev/null +++ b/meta/recipes-connectivity/nfs-utils/nfs-utils/0003-find-OE-provided-Kerberos.patch @@ -0,0 +1,42 @@ +From f4f4a226bfd71ddc0f53dd54159e3eaa835b18e6 Mon Sep 17 00:00:00 2001 +From: Daniel McGregor +Date: Wed, 8 Nov 2023 16:24:20 -0600 +Subject: [PATCH] find OE provided Kerberos + +Upstream-Status: Inappropriate [oe-core specific] +Signed-off-by: Daniel McGregor +--- + aclocal/kerberos5.m4 | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/aclocal/kerberos5.m4 b/aclocal/kerberos5.m4 +index f96f0fd..ad85fdf 100644 +--- a/aclocal/kerberos5.m4 ++++ b/aclocal/kerberos5.m4 +@@ -22,8 +22,8 @@ AC_DEFUN([AC_KERBEROS_V5],[ + dnl This ugly hack brought on by the split installation of + dnl MIT Kerberos on Fedora Core 1 + K5CONFIG="" +- if test -f $dir/bin/krb5-config; then +- K5CONFIG=$dir/bin/krb5-config ++ if test -f $dir/bin/crossscripts/krb5-config; then ++ K5CONFIG=$dir/bin/crossscripts/krb5-config + elif test -f "/usr/kerberos/bin/krb5-config"; then + K5CONFIG="/usr/kerberos/bin/krb5-config" + elif test -f "/usr/lib/mit/bin/krb5-config"; then +@@ -72,6 +72,7 @@ AC_DEFUN([AC_KERBEROS_V5],[ + AC_MSG_RESULT($KRBDIR) + + dnl Check if -rpath=$(KRBDIR)/lib is needed ++ if false; then + echo "The current KRBDIR is $KRBDIR" + if test "$KRBDIR/lib" = "/lib" -o "$KRBDIR/lib" = "/usr/lib" \ + -o "$KRBDIR/lib" = "//lib" -o "$KRBDIR/lib" = "/usr//lib" ; then +@@ -81,6 +82,7 @@ AC_DEFUN([AC_KERBEROS_V5],[ + else + KRBLDFLAGS="-Wl,-rpath=$KRBDIR/lib" + fi ++ fi + + dnl Now check for functions within gssapi library + AC_CHECK_LIB($gssapi_lib, gss_krb5_export_lucid_sec_context, diff --git a/meta/recipes-connectivity/nfs-utils/nfs-utils/clang-warnings.patch b/meta/recipes-connectivity/nfs-utils/nfs-utils/clang-warnings.patch index fde99b599eb..ff697477b08 100644 --- a/meta/recipes-connectivity/nfs-utils/nfs-utils/clang-warnings.patch +++ b/meta/recipes-connectivity/nfs-utils/nfs-utils/clang-warnings.patch @@ -1,4 +1,4 @@ -From 1ab0c326405c6daa06f1a7eb4b0b60bf4e0584c2 Mon Sep 17 00:00:00 2001 +From 7d04566b7b8e57114533360cc4b933a74ed6b314 Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Tue, 31 Dec 2019 08:15:34 -0800 Subject: [PATCH] Detect warning options during configure @@ -16,11 +16,14 @@ Upstream-Status: Pending Signed-off-by: Khem Raj --- - support/nfs/xcommon.c | 3 +++ - 1 file changed, 3 insertions(+) + support/nfs/xcommon.c | 6 ++++++ + support/nfs/xlog.c | 6 ++++++ + support/nfsidmap/libnfsidmap.c | 3 +++ + utils/exportfs/exportfs.c | 3 +++ + 4 files changed, 18 insertions(+) diff --git a/support/nfs/xcommon.c b/support/nfs/xcommon.c -index 3989f0b..e080423 100644 +index 3989f0bc..ff438c18 100644 --- a/support/nfs/xcommon.c +++ b/support/nfs/xcommon.c @@ -98,7 +98,10 @@ nfs_error (const char *fmt, ...) { @@ -34,3 +37,73 @@ index 3989f0b..e080423 100644 va_end (args); free (fmt2); } +@@ -132,7 +135,10 @@ die(int err, const char *fmt, ...) { + va_list args; + + va_start(args, fmt); ++#pragma GCC diagnostic push ++#pragma GCC diagnostic ignored "-Wformat-nonliteral" + vfprintf(stderr, fmt, args); ++#pragma GCC diagnostic pop + fprintf(stderr, "\n"); + va_end(args); + +diff --git a/support/nfs/xlog.c b/support/nfs/xlog.c +index fa125cef..dc4c9ea1 100644 +--- a/support/nfs/xlog.c ++++ b/support/nfs/xlog.c +@@ -178,11 +178,16 @@ xlog_backend(int kind, const char *fmt, va_list args) + fprintf(stderr, "%s: ", log_name); + #endif + va_copy(args2, args); ++#pragma GCC diagnostic push ++#pragma GCC diagnostic ignored "-Wformat-nonliteral" + vfprintf(stderr, fmt, args2); ++#pragma GCC diagnostic pop + fprintf(stderr, "\n"); + va_end(args2); + } + ++#pragma GCC diagnostic push ++#pragma GCC diagnostic ignored "-Wformat-nonliteral" + if (log_syslog) { + switch (kind) { + case L_FATAL: +@@ -203,6 +208,7 @@ xlog_backend(int kind, const char *fmt, va_list args) + break; + } + } ++#pragma GCC diagnostic pop + + if (kind == L_FATAL) + exit(1); +diff --git a/support/nfsidmap/libnfsidmap.c b/support/nfsidmap/libnfsidmap.c +index 0a912e52..95eb64d2 100644 +--- a/support/nfsidmap/libnfsidmap.c ++++ b/support/nfsidmap/libnfsidmap.c +@@ -99,7 +99,10 @@ static void default_logger(const char *fmt, ...) + va_list vp; + + va_start(vp, fmt); ++#pragma GCC diagnostic push ++#pragma GCC diagnostic ignored "-Wformat-nonliteral" + vsyslog(LOG_WARNING, fmt, vp); ++#pragma GCC diagnostic pop + va_end(vp); + } + +diff --git a/utils/exportfs/exportfs.c b/utils/exportfs/exportfs.c +index b03a047b..eac1ff2a 100644 +--- a/utils/exportfs/exportfs.c ++++ b/utils/exportfs/exportfs.c +@@ -646,7 +646,10 @@ dumpopt(char c, char *fmt, ...) + + va_start(ap, fmt); + printf("%c", c); ++#pragma GCC diagnostic push ++#pragma GCC diagnostic ignored "-Wformat-nonliteral" + vprintf(fmt, ap); ++#pragma GCC diagnostic pop + va_end(ap); + return ','; + } diff --git a/meta/recipes-connectivity/nfs-utils/nfs-utils_2.6.4.bb b/meta/recipes-connectivity/nfs-utils/nfs-utils_2.6.4.bb index bb155f8568e..4c5f9062c21 100644 --- a/meta/recipes-connectivity/nfs-utils/nfs-utils_2.6.4.bb +++ b/meta/recipes-connectivity/nfs-utils/nfs-utils_2.6.4.bb @@ -26,6 +26,9 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/utils/nfs-utils/${PV}/nfs-utils-${PV}.tar.x file://0001-locktest-Makefile.am-Do-not-use-build-flags.patch \ file://0001-tools-locktest-Use-intmax_t-to-print-off_t.patch \ file://0001-reexport.h-Include-unistd.h-to-compile-with-musl.patch \ + file://0001-gssd-use-printf-format-specifiers.patch \ + file://0002-Use-nogroup-for-nobody-group.patch \ + file://0003-find-OE-provided-Kerberos.patch \ " SRC_URI[sha256sum] = "01b3b0fb9c7d0bbabf5114c736542030748c788ec2fd9734744201e9b0a1119d" @@ -49,9 +52,8 @@ EXTRA_OECONF = "--with-statduser=rpcuser \ --enable-mountconfig \ --enable-libmount-mount \ --enable-uuid \ - --disable-gss \ - --disable-nfsdcltrack \ --with-statdpath=/var/lib/nfs/statd \ + --with-pluginpath=${libdir}/libnfsidmap \ --with-rpcgen=${HOSTTOOLS_DIR}/rpcgen \ " @@ -60,13 +62,16 @@ LDFLAGS:append = " -lsqlite3 -levent" PACKAGECONFIG ??= "tcp-wrappers \ ${@bb.utils.filter('DISTRO_FEATURES', 'ipv6 systemd', d)} \ " + PACKAGECONFIG:remove:libc-musl = "tcp-wrappers" +#krb5 is available in meta-oe +PACKAGECONFIG[gssapi] = "--with-krb5=${STAGING_EXECPREFIXDIR} --enable-gss --enable-svcgss,--disable-gss --disable-svcgss,krb5" PACKAGECONFIG[tcp-wrappers] = "--with-tcp-wrappers,--without-tcp-wrappers,tcp-wrappers" PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6," # libdevmapper is available in meta-oe PACKAGECONFIG[nfsv41] = "--enable-nfsv41,--disable-nfsv41,libdevmapper,libdevmapper" # keyutils is available in meta-oe -PACKAGECONFIG[nfsv4] = "--enable-nfsv4,--disable-nfsv4,keyutils,python3-core" +PACKAGECONFIG[nfsv4] = "--enable-nfsv4 --enable-nfsdcltrack,--disable-nfsv4 --disable-nfsdcltrack,keyutils,python3-core" PACKAGECONFIG[systemd] = "--with-systemd=${systemd_unitdir}/system,--without-systemd" PACKAGES =+ "${PN}-client ${PN}-mount ${PN}-stats ${PN}-rpcctl" @@ -75,19 +80,34 @@ CONFFILES:${PN}-client += "${localstatedir}/lib/nfs/etab \ ${localstatedir}/lib/nfs/rmtab \ ${localstatedir}/lib/nfs/xtab \ ${localstatedir}/lib/nfs/statd/state \ + ${sysconfdir}/idmapd.conf \ ${sysconfdir}/nfs.conf \ ${sysconfdir}/nfsmount.conf" FILES:${PN}-client = "${sbindir}/*statd \ - ${libdir}/libnfsidmap.so.* \ ${sbindir}/rpc.idmapd ${sbindir}/sm-notify \ ${sbindir}/showmount ${sbindir}/nfsstat \ + ${sbindir}/rpc.gssd \ ${sbindir}/nfsconf \ + ${libdir}/libnfsidmap.so.* \ + ${libdir}/libnfsidmap/*.so \ + ${libexecdir}/nfsrahead \ ${localstatedir}/lib/nfs \ + ${sysconfdir}/idmapd.conf \ + ${sysconfdir}/init.d/nfscommon \ ${sysconfdir}/nfs.conf \ ${sysconfdir}/nfsmount.conf \ - ${sysconfdir}/init.d/nfscommon \ - ${systemd_system_unitdir}/nfs-statd.service" + ${systemd_system_unitdir}/auth-rpcgss-module.service \ + ${systemd_system_unitdir}/nfs-client.target \ + ${systemd_system_unitdir}/nfs-idmapd.service \ + ${systemd_system_unitdir}/nfs-statd.service \ + ${systemd_system_unitdir}/nfscommon.service \ + ${systemd_system_unitdir}/rpc-gssd.service \ + ${systemd_system_unitdir}/rpc-statd-notify.service \ + ${systemd_system_unitdir}/rpc-statd.service \ + ${systemd_system_unitdir}/rpc_pipefs.target \ + ${systemd_system_unitdir}/var-lib-nfs-rpc_pipefs.mount \ + ${nonarch_libdir}/udev/rules.d/*" RDEPENDS:${PN}-client = "${PN}-mount rpcbind" FILES:${PN}-mount = "${base_sbindir}/*mount.nfs*" @@ -104,7 +124,9 @@ FILES:${PN} += "${systemd_unitdir} ${libdir}/libnfsidmap/ ${nonarch_libdir}/modp do_configure:prepend() { sed -i -e 's,sbindir = /sbin,sbindir = ${base_sbindir},g' \ - ${S}/utils/mount/Makefile.am ${S}/utils/nfsdcltrack/Makefile.am + -e 's,udev_rulesdir = /usr/lib/udev/rules.d/,udev_rulesdir = ${nonarch_base_libdir}/udev/rules.d/,g' \ + ${S}/utils/mount/Makefile.am ${S}/utils/nfsdcltrack/Makefile.am \ + ${S}/systemd/Makefile.am ${S}/tools/nfsrahead/Makefile.am } # Make clean needed because the package comes with @@ -121,6 +143,7 @@ do_install:append () { install -m 0755 ${WORKDIR}/nfsserver ${D}${sysconfdir}/init.d/nfsserver install -m 0755 ${WORKDIR}/nfscommon ${D}${sysconfdir}/init.d/nfscommon + install -m 0644 ${S}/support/nfsidmap/idmapd.conf ${D}${sysconfdir} install -m 0644 ${S}/nfs.conf ${D}${sysconfdir} install -d ${D}${systemd_system_unitdir}