From patchwork Sun Sep 8 16:58:39 2013 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Trond Myklebust X-Patchwork-Id: 2859001 Return-Path: X-Original-To: patchwork-linux-nfs@patchwork.kernel.org Delivered-To: patchwork-parsemail@patchwork2.web.kernel.org Received: from mail.kernel.org (mail.kernel.org [198.145.19.201]) by patchwork2.web.kernel.org (Postfix) with ESMTP id 96AE4BF43F for ; Sun, 8 Sep 2013 16:58:49 +0000 (UTC) Received: from mail.kernel.org (localhost [127.0.0.1]) by mail.kernel.org (Postfix) with ESMTP id 92B9220207 for ; Sun, 8 Sep 2013 16:58:48 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 4B90420205 for ; Sun, 8 Sep 2013 16:58:47 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1757459Ab3IHQ6q (ORCPT ); Sun, 8 Sep 2013 12:58:46 -0400 Received: from mx11.netapp.com ([216.240.18.76]:59187 "EHLO mx11.netapp.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1756937Ab3IHQ6p (ORCPT ); Sun, 8 Sep 2013 12:58:45 -0400 X-IronPort-AV: E=Sophos;i="4.90,864,1371106800"; d="scan'208";a="48032847" Received: from vmwexceht01-prd.hq.netapp.com ([10.106.76.239]) by mx11-out.netapp.com with ESMTP; 08 Sep 2013 09:58:45 -0700 Received: from smtp1.corp.netapp.com (10.57.156.124) by VMWEXCEHT01-PRD.hq.netapp.com (10.106.76.239) with Microsoft SMTP Server id 14.3.123.3; Sun, 8 Sep 2013 09:58:44 -0700 Received: from leira.trondhjem.org.com (leira.trondhjem.org.vpn.netapp.com [10.55.78.200]) by smtp1.corp.netapp.com (8.13.1/8.13.1/NTAP-1.6) with ESMTP id r88GwgPq014383; Sun, 8 Sep 2013 09:58:43 -0700 (PDT) From: Trond Myklebust To: Steve Dickson CC: , Chuck Lever Subject: [PATCH] exportfs: Fix the default authentication flavour setting Date: Sun, 8 Sep 2013 12:58:39 -0400 Message-ID: <1378659519-18924-1-git-send-email-Trond.Myklebust@netapp.com> X-Mailer: git-send-email 1.8.3.1 MIME-Version: 1.0 Sender: linux-nfs-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-nfs@vger.kernel.org X-Spam-Status: No, score=-7.6 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_HI, RP_MATCHES_RCVD, UNPARSEABLE_RELAY autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP Commit 11ba3b1e01b67b7d19f26fba94fabdb60878e809 (Add a default flavor to an export's e_secinfo list) breaks the ordering of security flavours in the secinfo list, by reordering 'sec=sys' to always be the first secinfo flavour if one fails to set a default 'sec' setting. An export of the form: /export -sync,no_subtree_check,mp \ 192.168.1.0/24(sec=krb5p:krb5i:krb5,rw,sec=sys,ro) ends up getting translated by exportfs into the following entry in /var/lib/nfs/etab: /export 192.168.1.0/24(ro,sync,wdelay,hide,nocrossmnt,\ secure,root_squash,no_all_squash,\ no_subtree_check,secure_locks,acl,\ mountpoint,anonuid=65534,anongid=65534,\ sec=sys,ro,root_squash,no_all_squash,\ sec=krb5p:krb5i:krb5,rw,root_squash,no_all_squash) Note how the 'sec=sys' is now listed first... The fix is to defer adding the default flavour until the call to secinfo_show, when we can see if it is even needed at all. With the patch, the above export is now correctly entered in /var/lib/nfs/etab as: /export 192.168.1.0/24(ro,sync,wdelay,hide,nocrossmnt,\ secure,root_squash,no_all_squash,\ no_subtree_check,secure_locks,acl,\ mountpoint,anonuid=65534,anongid=65534,\ sec=krb5p:krb5i:krb5,rw,root_squash,no_all_squash,\ sec=sys,ro,root_squash,no_all_squash) Signed-off-by: Trond Myklebust Cc: Chuck Lever --- support/nfs/exports.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/support/nfs/exports.c b/support/nfs/exports.c index dea040f..3e99de6 100644 --- a/support/nfs/exports.c +++ b/support/nfs/exports.c @@ -63,6 +63,7 @@ static int parsesquash(char *list, int **idp, int *lenp, char **ep); static int parsenum(char **cpp); static void freesquash(void); static void syntaxerr(char *msg); +static struct flav_info *find_flavor(char *name); void setexportent(char *fname, char *type) @@ -201,6 +202,8 @@ void secinfo_show(FILE *fp, struct exportent *ep) struct sec_entry *p1, *p2; int flags; + if (ep->e_secinfo[0].flav == NULL) + secinfo_addflavor(find_flavor("sys"), ep); for (p1=ep->e_secinfo; p1->flav; p1=p2) { fprintf(fp, ",sec=%s", p1->flav->flavour); @@ -643,8 +646,6 @@ bad_option: cp++; } - if (ep->e_secinfo[0].flav == NULL) - secinfo_addflavor(find_flavor("sys"), ep); fix_pseudoflavor_flags(ep); ep->e_squids = squids; ep->e_sqgids = sqgids;