From patchwork Fri Nov 7 21:09:10 2014 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sami Wagiaalla X-Patchwork-Id: 5255411 Return-Path: X-Original-To: patchwork-linux-nfs@patchwork.kernel.org Delivered-To: patchwork-parsemail@patchwork2.web.kernel.org Received: from mail.kernel.org (mail.kernel.org [198.145.19.201]) by patchwork2.web.kernel.org (Postfix) with ESMTP id 59595C11AC for ; Fri, 7 Nov 2014 21:09:23 +0000 (UTC) Received: from mail.kernel.org (localhost [127.0.0.1]) by mail.kernel.org (Postfix) with ESMTP id 692CD2011B for ; Fri, 7 Nov 2014 21:09:22 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id D64C920117 for ; Fri, 7 Nov 2014 21:09:20 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752091AbaKGVJT (ORCPT ); Fri, 7 Nov 2014 16:09:19 -0500 Received: from mx1.redhat.com ([209.132.183.28]:59170 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751766AbaKGVJT (ORCPT ); Fri, 7 Nov 2014 16:09:19 -0500 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id sA7L9Adm009974 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL); Fri, 7 Nov 2014 16:09:10 -0500 Received: from localhost.localdomain ([10.15.16.207]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id sA7L9AAr001962; Fri, 7 Nov 2014 16:09:10 -0500 Message-ID: <545D34F6.8080703@redhat.com> Date: Fri, 07 Nov 2014 16:09:10 -0500 From: Sami Wagiaalla User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.1.0 MIME-Version: 1.0 To: libtirpc-devel@lists.sourceforge.net CC: linux-nfs@vger.kernel.org Subject: [PATCH] nfs: Add '--with-nss-modules' configure option to specify nss modules. X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23 Sender: linux-nfs-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-nfs@vger.kernel.org X-Spam-Status: No, score=-7.5 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_HI, RP_MATCHES_RCVD, UNPARSEABLE_RELAY autolearn=unavailable version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP From: Sami Wagiaalla I was having trouble setting up NFS on Atomic Host. It turns out there is an issue when rpcbind is trying to find the uid of the rpc user. OSTree based operating systems store user information for system users such as the rpc user in /usr/lib/passwd and leaves /etc/passwd for humans users. This is enabled by the use of the nss module nss-altfiles which allows one to specify additional files to be added the the passwd database. rpcbind however overrides the rule added to /etc/nsswitch.conf and removes "altfiles" from the list of modules by doing the following: __nss_configure_lookup("passwd", "files"); This was added in commit 77f7556878d1fe03dc ("[...]use __nss_configure_lookup() to restrict the [rpc user] lookup") to remove "nis" form the list of modules and prevent rpcbind from having a circular dependency on itself. In an OSTree based operating system however this prevents rpcbind from finding the rpc user and the service cannot start. This patch adds an option --with-nss-modules which allows one to specify the nss modules which should be searched for user information. The default setting is "files" which preserves the current behavior, but this enables one to add other modules to the search path. Signed-off-by: Sami Wagiaalla --- Makefile.am | 1 + configure.ac | 7 +++++++ src/rpcbind.c | 10 ++++++++-- 3 files changed, 16 insertions(+), 2 deletions(-) diff --git a/Makefile.am b/Makefile.am index d10c906..e0bc4b4 100644 --- a/Makefile.am +++ b/Makefile.am @@ -6,6 +6,7 @@ AM_CPPFLAGS = \ -DINET6 \ -DRPCBIND_STATEDIR="\"$(statedir)\"" \ -DRPCBIND_USER="\"$(rpcuser)\"" \ + -DNSS_MODULES="\"$(nss_modules)\"" \ -D_GNU_SOURCE \ $(TIRPC_CFLAGS) diff --git a/configure.ac b/configure.ac index 39181f0..5a88cc7 100644 --- a/configure.ac +++ b/configure.ac @@ -27,6 +27,13 @@ AC_ARG_WITH([rpcuser], ,, [with_rpcuser=root]) AC_SUBST([rpcuser], [$with_rpcuser]) +AC_ARG_WITH([nss_modules], + AS_HELP_STRING([--with-nss-modules=NSS_MODULES] + , [Sets the nss module search list to the given space-delimited string. + For example --with-nss-modules="files altfiles" @<:@default=files@:>@]) + ,, [with_nss_modules=files]) +AC_SUBST([nss_modules], [$with_nss_modules]) + PKG_CHECK_MODULES([TIRPC], [libtirpc]) AS_IF([test x$enable_libwrap = xyes], [ diff --git a/src/rpcbind.c b/src/rpcbind.c index 924aca1..e3462e3 100644 --- a/src/rpcbind.c +++ b/src/rpcbind.c @@ -91,6 +91,12 @@ char *rpcbinduser = RPCBIND_USER; char *rpcbinduser = NULL; #endif +#ifdef NSS_MODULES +char *nss_modules = NSS_MODULES; +#else +char *nss_modules = "files"; +#endif + /* who to suid to if -s is given */ #define RUN_AS "daemon" @@ -165,7 +171,7 @@ main(int argc, char *argv[]) * Make sure we use the local service file * for service lookkups */ - __nss_configure_lookup("services", "files"); + __nss_configure_lookup("services", nss_modules); nc_handle = setnetconfig(); /* open netconfig file */ if (nc_handle == NULL) { @@ -231,7 +237,7 @@ main(int argc, char *argv[]) * Make sure we use the local password file * for these lookups. */ - __nss_configure_lookup("passwd", "files"); + __nss_configure_lookup("passwd", nss_modules); if((p = getpwnam(id)) == NULL) { syslog(LOG_ERR, "cannot get uid of '%s': %m", id);