[PATCH 0/2] Two small fixes for nfs-utils

[PATCH 0/2] Two small fixes for nfs-utils

[Neil Brown]

I've been sorting through nfs-utils patches in suse and have two that
should go upstream.

Please consider for next release.

Thanks,
NeilBrown



---

Neil Brown (1):
      Remove risk of nfs_addmntent corrupting mtab

Suresh Jayaraman (1):
      supress socket error when address family is not supported


 support/nfs/nfs_mntent.c |    9 +++++++++
 utils/nfsd/nfssvc.c      |    9 +++++++--
 2 files changed, 16 insertions(+), 2 deletions(-)

-- 
Signature

[PATCH 1/2] Remove risk of nfs_addmntent corrupting mtab

[Neil Brown]

nfs_addmntent is used to append directly to /etc/mtab.
If the write partially fail, e.g. due to RLIMIT_FSIZE,
truncate back to original size and return an error.

See also https://bugzilla.redhat.com/show_bug.cgi?id=697975
 (CVE-2011-1749) CVE-2011-1749 nfs-utils: mount.nfs fails to anticipate RLIMIT_FSIZE

Signed-off-by: NeilBrown <neilb@suse.de>
---

 support/nfs/nfs_mntent.c |    9 +++++++++
 1 files changed, 9 insertions(+), 0 deletions(-)

diff --git a/support/nfs/nfs_mntent.c b/support/nfs/nfs_mntent.c
index a5216fc..a2118a2 100644
--- a/support/nfs/nfs_mntent.c
+++ b/support/nfs/nfs_mntent.c
@@ -12,6 +12,7 @@
 #include <string.h>		/* for index */
 #include <ctype.h>		/* for isdigit */
 #include <sys/stat.h>		/* for umask */
+#include <unistd.h>		/* for ftruncate */
 
 #include "nfs_mntent.h"
 #include "nls.h"
@@ -127,9 +128,11 @@ int
 nfs_addmntent (mntFILE *mfp, struct mntent *mnt) {
 	char *m1, *m2, *m3, *m4;
 	int res;
+	off_t length;
 
 	if (fseek (mfp->mntent_fp, 0, SEEK_END))
 		return 1;			/* failure */
+	length = ftell(mfp->mntent_fp);
 
 	m1 = mangle(mnt->mnt_fsname);
 	m2 = mangle(mnt->mnt_dir);
@@ -143,6 +146,12 @@ nfs_addmntent (mntFILE *mfp, struct mntent *mnt) {
 	free(m2);
 	free(m3);
 	free(m4);
+	if (res >= 0) {
+		res = fflush(mfp->mntent_fp);
+		if (res < 0)
+			/* Avoid leaving a corrupt mtab file */
+			ftruncate(fileno(mfp->mntent_fp), length);
+	}
 	return (res < 0) ? 1 : 0;
 }
 

[PATCH 2/2] supress socket error when address family is not supported

[Neil Brown]

From: Suresh Jayaraman <sjayaraman@suse.de>

It was observed that when ipv6 module was not loaded and cannot be auto-loaded,
when starting NFS server, the following error occurs:
	"rpc.nfsd: unable to create inet6 TCP socket: errno 97 (Address
	family not supported by protocol)"

This is obviously a true message, but does not represent an "error" when ipv6
is not enabled.  Rather, it is an expected condition.  As such, it can be
confusing / misleading / distracting to display it in this scenario.

This patch instead of throwing error when a socket call fails with
EAFNOSUPPORT, makes it as a NOTICE.

Signed-off-by: Suresh Jayaraman <sjayaraman@suse.de>
Signed-off-by: Neil Brown <neilb@suse.de>
---

 utils/nfsd/nfssvc.c |    9 +++++++--
 1 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/utils/nfsd/nfssvc.c b/utils/nfsd/nfssvc.c
index ea36399..f607214 100644
--- a/utils/nfsd/nfssvc.c
+++ b/utils/nfsd/nfssvc.c
@@ -174,8 +174,13 @@ nfssvc_setfds(const struct addrinfo *hints, const char *node, const char *port)
 		sockfd = socket(addr->ai_family, addr->ai_socktype,
 				addr->ai_protocol);
 		if (sockfd < 0) {
-			xlog(L_ERROR, "unable to create %s %s socket: "
-				"errno %d (%m)", family, proto, errno);
+			if (errno == EAFNOSUPPORT)
+				xlog(L_NOTICE, "address family %s not "
+						"supported by protocol %s",
+						family, proto);
+			else
+				xlog(L_ERROR, "unable to create %s %s socket: "
+				     "errno %d (%m)", family, proto, errno);
 			rc = errno;
 			goto error;
 		}

mount.nfs4: Mounting failed, reason given by server: No such file or directory

[Taousif_Ansari-G5Y5guI6XLZWk0Htik3J/w]

SGksDQoNCkkgaGF2ZSBleHBvcnRlZCBvbmUgZGlyZWN0b3J5IGZyb20gbXkgc2VydmVyIGl0IGlz
IC9leHBvcnQgYW5kIG15IC9ldGMvZXhwb3J0IGZpbGUgbG9va3MgbGlrZQ0KDQovZXhwb3J0ICoo
cncsZnNpZD0wLHN5bmMscG5mcyxpbnNlY3VyZSxub19yb290X3NxdWFzaCxub19zdWJ0cmVlX2No
ZWNrKQ0KDQpBdCBjbGllbnQNCnRzZkBjbGllbnRdIyBtb3VudCAtdCBuZnM0IC1vIG1pbm9ydmVy
c2lvbj0xIDxzZXJ2ZXItaXA+Oi9leHBvcnQgL21udA0KTW91bnQubmZzNDogbW91bnRpbmcgPHNl
cnZlci1pcD46L2V4cG9ydCBmaWxlZCwgcmVhc29uIGdpdmVuIGJ5IHNlcnZlcjogTm8gc3VjaCBm
aWxlIG9yIGRpcmVjdG9yeS4NCg0KSW5zdGVhZCwgaWYgSSB1c2Ugc2ltcGxlIG1vdW50IHRoZW4g
aXQgaXMgc3VjY2VlZGluZw0KdHNmQGNsaWVudF0jIG1vdW50IDxzZXJ2ZXItaXA+Oi9leHBvcnQg
L21udA0KU3VjY2Vzc2Z1bGx5IG1vdW50ZWQuDQoNCg0KQ2FuIHNvbWVib2R5IHBsZWFzZSB0ZWxs
IG1lIHdoYXQgaXMgdGhlIHByb2JsZW0uLi4/DQo=

Re: mount.nfs4: Mounting failed, reason given by server: No such file or directory

[Mi Jinlong]

Taousif_Ansari@DELLTEAM.com 写道:
> Hi,
> 
> I have exported one directory from my server it is /export and my /etc/export file looks like
> 
> /export *(rw,fsid=0,sync,pnfs,insecure,no_root_squash,no_subtree_check)
> 
> At client
> tsf@client]# mount -t nfs4 -o minorversion=1 <server-ip>:/export /mnt
> Mount.nfs4: mounting <server-ip>:/export filed, reason given by server: No such file or directory.

 You should mount NFS4 as:
  # mount -t nfs4 -o minorversion=1 <server-ip>:/ /mnt

 Don't add the export dir after server-ip.

> 
> Instead, if I use simple mount then it is succeeding
> tsf@client]# mount <server-ip>:/export /mnt

 As this, you mount nfs success through NFSv3.

-- 
----
thanks
Mi Jinlong

Re: [PATCH 1/2] Remove risk of nfs_addmntent corrupting mtab

[Chuck Lever]

On May 17, 2011, at 12:52 AM, Neil Brown wrote:

> nfs_addmntent is used to append directly to /etc/mtab.
> If the write partially fail, e.g. due to RLIMIT_FSIZE,
> truncate back to original size and return an error.
> 
> See also https://bugzilla.redhat.com/show_bug.cgi?id=697975
> (CVE-2011-1749) CVE-2011-1749 nfs-utils: mount.nfs fails to anticipate RLIMIT_FSIZE

Seems reasonable.  Is there a similar fix needed for libmount?

> Signed-off-by: NeilBrown <neilb@suse.de>
> ---
> 
> support/nfs/nfs_mntent.c |    9 +++++++++
> 1 files changed, 9 insertions(+), 0 deletions(-)
> 
> diff --git a/support/nfs/nfs_mntent.c b/support/nfs/nfs_mntent.c
> index a5216fc..a2118a2 100644
> --- a/support/nfs/nfs_mntent.c
> +++ b/support/nfs/nfs_mntent.c
> @@ -12,6 +12,7 @@
> #include <string.h>		/* for index */
> #include <ctype.h>		/* for isdigit */
> #include <sys/stat.h>		/* for umask */
> +#include <unistd.h>		/* for ftruncate */
> 
> #include "nfs_mntent.h"
> #include "nls.h"
> @@ -127,9 +128,11 @@ int
> nfs_addmntent (mntFILE *mfp, struct mntent *mnt) {
> 	char *m1, *m2, *m3, *m4;
> 	int res;
> +	off_t length;
> 
> 	if (fseek (mfp->mntent_fp, 0, SEEK_END))
> 		return 1;			/* failure */
> +	length = ftell(mfp->mntent_fp);
> 
> 	m1 = mangle(mnt->mnt_fsname);
> 	m2 = mangle(mnt->mnt_dir);
> @@ -143,6 +146,12 @@ nfs_addmntent (mntFILE *mfp, struct mntent *mnt) {
> 	free(m2);
> 	free(m3);
> 	free(m4);
> +	if (res >= 0) {
> +		res = fflush(mfp->mntent_fp);
> +		if (res < 0)
> +			/* Avoid leaving a corrupt mtab file */
> +			ftruncate(fileno(mfp->mntent_fp), length);
> +	}
> 	return (res < 0) ? 1 : 0;
> }
> 
> 
> 
> --
> To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html

-- 
Chuck Lever
chuck[dot]lever[at]oracle[dot]com

Re: [PATCH 1/2] Remove risk of nfs_addmntent corrupting mtab

[Steve Dickson]

On 05/17/2011 12:52 AM, Neil Brown wrote:
> nfs_addmntent is used to append directly to /etc/mtab.
> If the write partially fail, e.g. due to RLIMIT_FSIZE,
> truncate back to original size and return an error.
> 
> See also https://bugzilla.redhat.com/show_bug.cgi?id=697975
>  (CVE-2011-1749) CVE-2011-1749 nfs-utils: mount.nfs fails to anticipate RLIMIT_FSIZE
> 
> Signed-off-by: NeilBrown <neilb@suse.de>
> ---
> 
>  support/nfs/nfs_mntent.c |    9 +++++++++
>  1 files changed, 9 insertions(+), 0 deletions(-)
> 
> diff --git a/support/nfs/nfs_mntent.c b/support/nfs/nfs_mntent.c
> index a5216fc..a2118a2 100644
> --- a/support/nfs/nfs_mntent.c
> +++ b/support/nfs/nfs_mntent.c
> @@ -12,6 +12,7 @@
>  #include <string.h>		/* for index */
>  #include <ctype.h>		/* for isdigit */
>  #include <sys/stat.h>		/* for umask */
> +#include <unistd.h>		/* for ftruncate */
>  
>  #include "nfs_mntent.h"
>  #include "nls.h"
> @@ -127,9 +128,11 @@ int
>  nfs_addmntent (mntFILE *mfp, struct mntent *mnt) {
>  	char *m1, *m2, *m3, *m4;
>  	int res;
> +	off_t length;
>  
>  	if (fseek (mfp->mntent_fp, 0, SEEK_END))
>  		return 1;			/* failure */
> +	length = ftell(mfp->mntent_fp);
>  
>  	m1 = mangle(mnt->mnt_fsname);
>  	m2 = mangle(mnt->mnt_dir);
> @@ -143,6 +146,12 @@ nfs_addmntent (mntFILE *mfp, struct mntent *mnt) {
>  	free(m2);
>  	free(m3);
>  	free(m4);
> +	if (res >= 0) {
> +		res = fflush(mfp->mntent_fp);
> +		if (res < 0)
> +			/* Avoid leaving a corrupt mtab file */
> +			ftruncate(fileno(mfp->mntent_fp), length);
> +	}
>  	return (res < 0) ? 1 : 0;
>  }
>  
> 
> 
Committed...

steved.

Re: [PATCH 2/2] supress socket error when address family is not supported

[Steve Dickson]

On 05/17/2011 12:52 AM, Neil Brown wrote:
> From: Suresh Jayaraman <sjayaraman@suse.de>
> 
> It was observed that when ipv6 module was not loaded and cannot be auto-loaded,
> when starting NFS server, the following error occurs:
> 	"rpc.nfsd: unable to create inet6 TCP socket: errno 97 (Address
> 	family not supported by protocol)"
> 
> This is obviously a true message, but does not represent an "error" when ipv6
> is not enabled.  Rather, it is an expected condition.  As such, it can be
> confusing / misleading / distracting to display it in this scenario.
> 
> This patch instead of throwing error when a socket call fails with
> EAFNOSUPPORT, makes it as a NOTICE.
> 
> Signed-off-by: Suresh Jayaraman <sjayaraman@suse.de>
> Signed-off-by: Neil Brown <neilb@suse.de>
> ---
> 
>  utils/nfsd/nfssvc.c |    9 +++++++--
>  1 files changed, 7 insertions(+), 2 deletions(-)
> 
> diff --git a/utils/nfsd/nfssvc.c b/utils/nfsd/nfssvc.c
> index ea36399..f607214 100644
> --- a/utils/nfsd/nfssvc.c
> +++ b/utils/nfsd/nfssvc.c
> @@ -174,8 +174,13 @@ nfssvc_setfds(const struct addrinfo *hints, const char *node, const char *port)
>  		sockfd = socket(addr->ai_family, addr->ai_socktype,
>  				addr->ai_protocol);
>  		if (sockfd < 0) {
> -			xlog(L_ERROR, "unable to create %s %s socket: "
> -				"errno %d (%m)", family, proto, errno);
> +			if (errno == EAFNOSUPPORT)
> +				xlog(L_NOTICE, "address family %s not "
> +						"supported by protocol %s",
> +						family, proto);
> +			else
> +				xlog(L_ERROR, "unable to create %s %s socket: "
> +				     "errno %d (%m)", family, proto, errno);
>  			rc = errno;
>  			goto error;
>  		}
> 
> 
Committed...

steved.