From 91594dcdb1c36d55a55054b3deb65ca5821fe4df Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Sep 27 2022 13:57:44 +0000 Subject: import autofs-5.1.7-31.el9 --- diff --git a/SOURCES/autofs-5.1.7-add-xdr_exports.patch b/SOURCES/autofs-5.1.7-add-xdr_exports.patch deleted file mode 100644 index 80f7c12..0000000 --- a/SOURCES/autofs-5.1.7-add-xdr_exports.patch +++ /dev/null @@ -1,335 +0,0 @@ -autofs-5.1.7 - add xdr_exports() - -From: Ian Kent - -Add an xdr_exports() function to get NFS exports from a server. - -Signed-off-by: Ian Kent ---- - CHANGELOG | 3 + - include/rpc_subs.h | 14 ++++++ - lib/rpc_subs.c | 120 +++++++++++++++++++++++++++++++++++------------- - modules/lookup_hosts.c | 25 +++------- - 4 files changed, 112 insertions(+), 50 deletions(-) - -diff --git a/CHANGELOG b/CHANGELOG -index 2c48484b..84050e91 100644 ---- a/CHANGELOG -+++ b/CHANGELOG -@@ -1,3 +1,6 @@ -+ -+- add xdr_exports(). -+ - 25/01/2021 autofs-5.1.7 - - make bind mounts propagation slave by default. - - update ldap READMEs and schema definitions. -diff --git a/include/rpc_subs.h b/include/rpc_subs.h -index 7ba4b93f..080f19d9 100644 ---- a/include/rpc_subs.h -+++ b/include/rpc_subs.h -@@ -17,6 +17,7 @@ - #define _RPC_SUBS_H - - #include -+#include - #include - #include - #include -@@ -47,6 +48,17 @@ - - #define HOST_ENT_BUF_SIZE 2048 - -+struct hostinfo { -+ char *name; -+ struct hostinfo *next; -+}; -+ -+struct exportinfo { -+ char *dir; -+ struct hostinfo *hosts; -+ struct exportinfo *next; -+}; -+ - struct conn_info { - const char *host; - struct sockaddr *addr; -@@ -71,6 +83,8 @@ int rpc_portmap_getport(struct conn_info *, struct pmap *, unsigned short *); - int rpc_ping_proto(struct conn_info *); - int rpc_ping(const char *, int, unsigned int, long, long, unsigned int); - double monotonic_elapsed(struct timespec, struct timespec); -+struct exportinfo *rpc_get_exports(const char *host, long seconds, long micros, unsigned int option); -+void rpc_exports_free(struct exportinfo *exports); - const char *get_addr_string(struct sockaddr *, char *, socklen_t); - - #endif -diff --git a/lib/rpc_subs.c b/lib/rpc_subs.c -index 643b7687..7b8162b4 100644 ---- a/lib/rpc_subs.c -+++ b/lib/rpc_subs.c -@@ -41,7 +41,6 @@ const rpcprog_t rpcb_prog = PMAPPROG; - const rpcvers_t rpcb_version = PMAPVERS; - #endif - --#include "mount.h" - #include "rpc_subs.h" - #include "replicated.h" - #include "automount.h" -@@ -58,6 +57,17 @@ const rpcvers_t rpcb_version = PMAPVERS; - - #define MAX_NETWORK_LEN 255 - -+#define EXPPATHLEN 1024 -+#define EXPNAMELEN 255 -+ -+#define MOUNTPROG 100005 -+ -+#define MOUNTVERS 1 -+#define MOUNTVERS_NFSV3 3 -+#define MOUNTVERS_POSIX 2 -+ -+#define MOUNTPROC_EXPORT 5 -+ - /* Get numeric value of the n bits starting at position p */ - #define getbits(x, p, n) ((x >> (p + 1 - n)) & ~(~0 << n)) - -@@ -1102,7 +1112,55 @@ double monotonic_elapsed(struct timespec start, struct timespec end) - return t2 - t1; - } - --static int rpc_get_exports_proto(struct conn_info *info, exports *exp) -+static bool_t xdr_host(XDR *xdrs, struct hostinfo *host) -+{ -+ if (!xdr_string(xdrs, &host->name, EXPNAMELEN)) -+ return FALSE; -+ return TRUE; -+} -+ -+static bool_t xdr_hosts(XDR *xdrs, struct hostinfo **hosts) -+{ -+ unsigned int size = sizeof(struct hostinfo); -+ char **host; -+ -+ host = (char **) hosts; -+ while (1) { -+ if (!xdr_pointer(xdrs, host, size, (xdrproc_t) xdr_host)) -+ return FALSE; -+ if (!*host) -+ break; -+ host = (char **) &((struct hostinfo *) *host)->next; -+ } -+ return TRUE; -+} -+ -+static bool_t xdr_export(XDR *xdrs, struct exportinfo *export) -+{ -+ if (!xdr_string(xdrs, &export->dir, EXPPATHLEN)) -+ return FALSE; -+ if (!xdr_hosts(xdrs, &export->hosts)) -+ return FALSE; -+ return TRUE; -+} -+ -+bool_t xdr_exports(XDR *xdrs, struct exportinfo **exports) -+{ -+ unsigned int size = sizeof(struct exportinfo); -+ char **export; -+ -+ export = (char **) exports; -+ while (1) { -+ if (!xdr_pointer(xdrs, export, size, (xdrproc_t) xdr_export)) -+ return FALSE; -+ if (!*export) -+ break; -+ export = (char **) &((struct exportinfo *) *export)->next; -+ } -+ return TRUE; -+} -+ -+static int rpc_get_exports_proto(struct conn_info *info, struct exportinfo **exports) - { - CLIENT *client; - enum clnt_stat status; -@@ -1133,7 +1191,7 @@ static int rpc_get_exports_proto(struct conn_info *info, exports *exp) - while (1) { - status = clnt_call(client, MOUNTPROC_EXPORT, - (xdrproc_t) xdr_void, NULL, -- (xdrproc_t) xdr_exports, (caddr_t) exp, -+ (xdrproc_t) xdr_exports, (caddr_t) exports, - info->timeout); - if (status == RPC_SUCCESS) - break; -@@ -1168,41 +1226,43 @@ static int rpc_get_exports_proto(struct conn_info *info, exports *exp) - return 1; - } - --static void rpc_export_free(exports item) -+static void rpc_export_free(struct exportinfo *export) - { -- groups grp; -- groups tmp; -- -- if (item->ex_dir) -- free(item->ex_dir); -- -- grp = item->ex_groups; -- while (grp) { -- if (grp->gr_name) -- free(grp->gr_name); -- tmp = grp; -- grp = grp->gr_next; -+ struct hostinfo *host, *tmp; -+ -+ if (export->dir) -+ free(export->dir); -+ -+ host = export->hosts; -+ while (host) { -+ if (host->name) -+ free(host->name); -+ tmp = host; -+ host = host->next; - free(tmp); - } -- free(item); -+ free(export); - } - --void rpc_exports_free(exports list) -+void rpc_exports_free(struct exportinfo *exports) - { -- exports tmp; -+ struct exportinfo *export, *tmp; - -- while (list) { -- tmp = list; -- list = list->ex_next; -+ export = exports; -+ while (export) { -+ tmp = export; -+ export = export->next; - rpc_export_free(tmp); - } - return; - } - --exports rpc_get_exports(const char *host, long seconds, long micros, unsigned int option) -+struct exportinfo *rpc_get_exports(const char *host, -+ long seconds, long micros, -+ unsigned int option) - { - struct conn_info info; -- exports exportlist; -+ struct exportinfo *exports = NULL; - struct pmap parms; - int status; - -@@ -1231,11 +1291,9 @@ exports rpc_get_exports(const char *host, long seconds, long micros, unsigned in - if (status < 0) - goto try_tcp; - -- memset(&exportlist, '\0', sizeof(exportlist)); -- -- status = rpc_get_exports_proto(&info, &exportlist); -+ status = rpc_get_exports_proto(&info, &exports); - if (status) -- return exportlist; -+ return exports; - - try_tcp: - info.proto = IPPROTO_TCP; -@@ -1246,13 +1304,11 @@ try_tcp: - if (status < 0) - return NULL; - -- memset(&exportlist, '\0', sizeof(exportlist)); -- -- status = rpc_get_exports_proto(&info, &exportlist); -+ status = rpc_get_exports_proto(&info, &exports); - if (!status) - return NULL; - -- return exportlist; -+ return exports; - } - - const char *get_addr_string(struct sockaddr *sa, char *name, socklen_t len) -diff --git a/modules/lookup_hosts.c b/modules/lookup_hosts.c -index 744062e2..81a4eb18 100644 ---- a/modules/lookup_hosts.c -+++ b/modules/lookup_hosts.c -@@ -20,14 +20,6 @@ - #include - #include - --/* -- * Avoid annoying compiler noise by using an alternate name for -- * typedef name in mount.h -- */ --#define name __dummy_type_name --#include "mount.h" --#undef name -- - #define MODULE_LOOKUP - #include "automount.h" - #include "nsswitch.h" -@@ -43,9 +35,6 @@ struct lookup_context { - - int lookup_version = AUTOFS_LOOKUP_VERSION; /* Required by protocol */ - --exports rpc_get_exports(const char *host, long seconds, long micros, unsigned int option); --void rpc_exports_free(exports list); -- - int lookup_init(const char *mapfmt, - int argc, const char *const *argv, void **context) - { -@@ -99,7 +88,7 @@ static char *get_exports(struct autofs_point *ap, const char *host) - { - char buf[MAX_ERR_BUF]; - char *mapent; -- exports exp, this; -+ struct exportinfo *exp, *this; - - debug(ap->logopt, MODPREFIX "fetchng export list for %s", host); - -@@ -111,7 +100,7 @@ static char *get_exports(struct autofs_point *ap, const char *host) - if (mapent) { - int len = strlen(mapent) + 1; - -- len += strlen(host) + 2*(strlen(this->ex_dir) + 2) + 3; -+ len += strlen(host) + 2*(strlen(this->dir) + 2) + 3; - mapent = realloc(mapent, len); - if (!mapent) { - char *estr; -@@ -121,10 +110,10 @@ static char *get_exports(struct autofs_point *ap, const char *host) - return NULL; - } - strcat(mapent, " \""); -- strcat(mapent, this->ex_dir); -+ strcat(mapent, this->dir); - strcat(mapent, "\""); - } else { -- int len = 2*(strlen(this->ex_dir) + 2) + strlen(host) + 3; -+ int len = 2*(strlen(this->dir) + 2) + strlen(host) + 3; - - mapent = malloc(len); - if (!mapent) { -@@ -135,16 +124,16 @@ static char *get_exports(struct autofs_point *ap, const char *host) - return NULL; - } - strcpy(mapent, "\""); -- strcat(mapent, this->ex_dir); -+ strcat(mapent, this->dir); - strcat(mapent, "\""); - } - strcat(mapent, " \""); - strcat(mapent, host); - strcat(mapent, ":"); -- strcat(mapent, this->ex_dir); -+ strcat(mapent, this->dir); - strcat(mapent, "\""); - -- this = this->ex_next; -+ this = this->next; - } - rpc_exports_free(exp); - diff --git a/SOURCES/autofs-5.1.7-also-require-TCP_REQUESTED-when-setting-NFS-port.patch b/SOURCES/autofs-5.1.7-also-require-TCP_REQUESTED-when-setting-NFS-port.patch new file mode 100644 index 0000000..0db26c4 --- /dev/null +++ b/SOURCES/autofs-5.1.7-also-require-TCP_REQUESTED-when-setting-NFS-port.patch @@ -0,0 +1,34 @@ +autofs-5.1.7 - also require TCP_REQUESTED when setting NFS port + +From: Ian Kent + +Set the NFS service port to the default (2049) only if tcp protocol is +being used and not alternate port has been given. + +Signed-off-by: Ian Kent +--- + CHANGELOG | 1 + + modules/replicated.c | 2 +- + 2 files changed, 2 insertions(+), 1 deletion(-) + +--- autofs-5.1.7.orig/CHANGELOG ++++ autofs-5.1.7/CHANGELOG +@@ -98,6 +98,7 @@ + - fix handling of incorrect return from umount_ent(). + - make NFS version check flags consistent. + - refactor get_nfs_info(). ++- also require TCP_REQUESTED when setting NFS port. + + 25/01/2021 autofs-5.1.7 + - make bind mounts propagation slave by default. +--- autofs-5.1.7.orig/modules/replicated.c ++++ autofs-5.1.7/modules/replicated.c +@@ -291,7 +291,7 @@ static unsigned int get_nfs_info(unsigne + + rpc_info->proto = proto; + if (port < 0) { +- if (version & NFS4_REQUESTED) ++ if ((version & NFS4_REQUESTED) && (version & TCP_REQUESTED)) + rpc_info->port = NFS_PORT; + else + port = 0; diff --git a/SOURCES/autofs-5.1.7-make-NFS-version-check-flags-consistent.patch b/SOURCES/autofs-5.1.7-make-NFS-version-check-flags-consistent.patch new file mode 100644 index 0000000..5c2c25e --- /dev/null +++ b/SOURCES/autofs-5.1.7-make-NFS-version-check-flags-consistent.patch @@ -0,0 +1,65 @@ +autofs-5.1.7 - make NFS version check flags consistent + +From: Ian Kent + +Several of the NFS connection macros have the same value so that they +can be used as internal code documentation of what is being done. + +Adjust the protocol macro naming to be consistent in a few places. + +Also make sure the correct flags are set for the function they indicate. + +Signed-off-by: Ian Kent +--- + CHANGELOG | 1 + + modules/mount_nfs.c | 16 +++++++++------- + 2 files changed, 10 insertions(+), 7 deletions(-) + +--- autofs-5.1.7.orig/CHANGELOG ++++ autofs-5.1.7/CHANGELOG +@@ -96,6 +96,7 @@ + - fix sysconf(3) return handling. + - remove nonstrict parameter from tree_mapent_umount_offsets(). + - fix handling of incorrect return from umount_ent(). ++- make NFS version check flags consistent. + + 25/01/2021 autofs-5.1.7 + - make bind mounts propagation slave by default. +--- autofs-5.1.7.orig/modules/mount_nfs.c ++++ autofs-5.1.7/modules/mount_nfs.c +@@ -178,18 +178,20 @@ int mount_mount(struct autofs_point *ap, + port = 0; + } else if (_strncmp("proto=udp", cp, o_len) == 0 || + _strncmp("udp", cp, o_len) == 0) { +- vers &= ~TCP_SUPPORTED; ++ vers &= ~TCP_REQUESTED; ++ vers |= UDP_REQUESTED; + } else if (_strncmp("proto=udp6", cp, o_len) == 0 || + _strncmp("udp6", cp, o_len) == 0) { +- vers &= ~TCP_SUPPORTED; +- vers |= UDP6_REQUESTED; ++ vers &= ~(TCP_REQUESTED|TCP6_REQUESTED); ++ vers |= (UDP_REQUESTED|UDP6_REQUESTED); + } else if (_strncmp("proto=tcp", cp, o_len) == 0 || + _strncmp("tcp", cp, o_len) == 0) { +- vers &= ~UDP_SUPPORTED; ++ vers &= ~UDP_REQUESTED; ++ vers |= TCP_REQUESTED; + } else if (_strncmp("proto=tcp6", cp, o_len) == 0 || + _strncmp("tcp6", cp, o_len) == 0) { +- vers &= ~UDP_SUPPORTED; +- vers |= TCP6_REQUESTED; ++ vers &= ~(UDP_REQUESTED|UDP6_REQUESTED); ++ vers |= TCP_REQUESTED|TCP6_REQUESTED; + } + /* Check for options that also make sense + with bind mounts */ +@@ -246,7 +248,7 @@ int mount_mount(struct autofs_point *ap, + mount_default_proto == 4 && + (vers & NFS_VERS_MASK) != 0 && + (vers & NFS4_VERS_MASK) != 0 && +- !(vers & UDP6_REQUESTED)) { ++ !(vers & (UDP_REQUESTED|UDP6_REQUESTED))) { + unsigned int v4_probe_ok = 0; + struct host *tmp = new_host(hosts->name, 0, + hosts->addr, hosts->addr_len, diff --git a/SOURCES/autofs-5.1.7-refactor-get_nfs_info.patch b/SOURCES/autofs-5.1.7-refactor-get_nfs_info.patch new file mode 100644 index 0000000..3418180 --- /dev/null +++ b/SOURCES/autofs-5.1.7-refactor-get_nfs_info.patch @@ -0,0 +1,202 @@ +autofs-5.1.7 - refactor get_nfs_info() + +From: Ian Kent + +Make getting a portmap client and getting a service port from portmap +helper functions and simplify the return handling. + +Signed-off-by: Ian Kent +--- + CHANGELOG | 1 + modules/replicated.c | 135 ++++++++++++++++++++++++++++----------------------- + 2 files changed, 76 insertions(+), 60 deletions(-) + +--- autofs-5.1.7.orig/CHANGELOG ++++ autofs-5.1.7/CHANGELOG +@@ -97,6 +97,7 @@ + - remove nonstrict parameter from tree_mapent_umount_offsets(). + - fix handling of incorrect return from umount_ent(). + - make NFS version check flags consistent. ++- refactor get_nfs_info(). + + 25/01/2021 autofs-5.1.7 + - make bind mounts propagation slave by default. +--- autofs-5.1.7.orig/modules/replicated.c ++++ autofs-5.1.7/modules/replicated.c +@@ -223,6 +223,49 @@ void free_host_list(struct host **list) + *list = NULL; + } + ++static unsigned int get_portmap_client(unsigned logopt, ++ struct conn_info *pm_info, struct host *host, ++ int proto) ++{ ++ unsigned int status; ++ ++ /* On success client is stored in pm_info->client */ ++ status = rpc_portmap_getclient(pm_info, ++ host->name, host->addr, host->addr_len, ++ proto, RPC_CLOSE_DEFAULT); ++ if (status == -EHOSTUNREACH) ++ debug(logopt, ++ "host not reachable getting portmap client"); ++ else if (status) ++ debug(logopt, "error 0x%d getting portmap client"); ++ ++ return status; ++} ++ ++static unsigned int get_portmap_port(unsigned logopt, ++ struct conn_info *pm_info, struct pmap *parms, ++ unsigned long vers, unsigned int version, ++ short unsigned int *port) ++{ ++ unsigned int status; ++ short unsigned int nfs_port; ++ ++ parms->pm_vers = vers; ++ status = rpc_portmap_getport(pm_info, parms, &nfs_port); ++ if (status == -EHOSTUNREACH || status == -ETIMEDOUT) { ++ debug(logopt, ++ "host not reachable or timed out getting service port"); ++ } else if (status < 0) { ++ if (!(version & NFS_VERS_MASK)) ++ debug(logopt, "error 0x%d getting service port"); ++ } ++ ++ if (!status) ++ *port = nfs_port; ++ ++ return status; ++} ++ + static unsigned int get_nfs_info(unsigned logopt, struct host *host, + struct conn_info *pm_info, struct conn_info *rpc_info, + int proto, unsigned int version, int port) +@@ -263,33 +306,20 @@ static unsigned int get_nfs_info(unsigne + goto v3_ver; + + if (!port) { +- status = rpc_portmap_getclient(pm_info, +- host->name, host->addr, host->addr_len, +- proto, RPC_CLOSE_DEFAULT); +- if (status == -EHOSTUNREACH) { +- debug(logopt, +- "host not reachable getting portmap client"); +- supported = status; +- goto done_ver; +- } else if (status) { +- debug(logopt, "error 0x%d getting portmap client"); ++ status = get_portmap_client(logopt, pm_info, host, proto); ++ if (status) { ++ if (status == -EHOSTUNREACH) ++ supported = status; + goto done_ver; + } +- parms.pm_vers = NFS4_VERSION; +- status = rpc_portmap_getport(pm_info, &parms, &rpc_info->port); +- if (status == -EHOSTUNREACH || status == -ETIMEDOUT) { +- debug(logopt, +- "host not reachable or timed out getting service port"); +- supported = status; +- goto done_ver; +- } else if (status < 0) { +- if (version & NFS_VERS_MASK) ++ status = get_portmap_port(logopt, pm_info, &parms, ++ NFS4_VERSION, version, &rpc_info->port); ++ if (status) { ++ if (status == -EHOSTUNREACH || status == -ETIMEDOUT) ++ supported = status; ++ if (status < 0 && version & NFS_VERS_MASK) + goto v3_ver; /* MOUNT_NFS_DEFAULT_PROTOCOL=4 */ +- else { +- debug(logopt, +- "error 0x%d getting service port"); +- goto done_ver; +- } ++ goto done_ver; + } + } + +@@ -334,31 +364,22 @@ v3_ver: + goto v2_ver; + + if (!port && !pm_info->client) { +- status = rpc_portmap_getclient(pm_info, +- host->name, host->addr, host->addr_len, +- proto, RPC_CLOSE_DEFAULT); +- if (status == -EHOSTUNREACH) { +- debug(logopt, +- "host not reachable getting portmap client"); +- supported = status; +- goto done_ver; +- } else if (status) { +- debug(logopt, +- "error 0x%d getting getting portmap client"); ++ status = get_portmap_client(logopt, pm_info, host, proto); ++ if (status) { ++ if (status == -EHOSTUNREACH) ++ supported = status; + goto done_ver; + } + } + + if (!port) { +- parms.pm_vers = NFS3_VERSION; +- status = rpc_portmap_getport(pm_info, &parms, &rpc_info->port); +- if (status == -EHOSTUNREACH || status == -ETIMEDOUT) { +- debug(logopt, +- "host not reachable or timed out getting service port"); +- supported = status; ++ status = get_portmap_port(logopt, pm_info, &parms, ++ NFS3_VERSION, version, &rpc_info->port); ++ if (status) { ++ if (status == -EHOSTUNREACH || status == -ETIMEDOUT) ++ supported = status; + goto done_ver; +- } else if (status < 0) +- goto v2_ver; ++ } + } + + if (rpc_info->proto == IPPROTO_UDP) +@@ -399,28 +420,22 @@ v2_ver: + goto done_ver; + + if (!port && !pm_info->client) { +- status = rpc_portmap_getclient(pm_info, +- host->name, host->addr, host->addr_len, +- proto, RPC_CLOSE_DEFAULT); +- if (status == -EHOSTUNREACH) { +- debug(logopt, +- "host not reachable getting portmap client"); +- supported = status; +- goto done_ver; +- } else if (status) ++ status = get_portmap_client(logopt, pm_info, host, proto); ++ if (status) { ++ if (status == -EHOSTUNREACH) ++ supported = status; + goto done_ver; ++ } + } + + if (!port) { +- parms.pm_vers = NFS2_VERSION; +- status = rpc_portmap_getport(pm_info, &parms, &rpc_info->port); +- if (status == -EHOSTUNREACH || status == -ETIMEDOUT) { +- debug(logopt, +- "host not reachable or timed out getting service port"); +- supported = status; +- goto done_ver; +- } else if (status < 0) ++ status = get_portmap_port(logopt, pm_info, &parms, ++ NFS2_VERSION, version, &rpc_info->port); ++ if (status) { ++ if (status == -EHOSTUNREACH || status == -ETIMEDOUT) ++ supported = status; + goto done_ver; ++ } + } + + if (rpc_info->proto == IPPROTO_UDP) diff --git a/SOURCES/autofs-5.1.7-remove-mount_x-and-rpcgen-dependencies.patch b/SOURCES/autofs-5.1.7-remove-mount_x-and-rpcgen-dependencies.patch deleted file mode 100644 index 4c837dc..0000000 --- a/SOURCES/autofs-5.1.7-remove-mount_x-and-rpcgen-dependencies.patch +++ /dev/null @@ -1,574 +0,0 @@ -autofs-5.1.7 - remove mount.x and rpcgen dependencies - -From: Ian Kent - -Adding a local implementation to get the exports list from a server -means the the rpcgen generataed code is no longer needed so remove -mount.x and the build dependencies. - -Signed-off-by: Ian Kent ---- - CHANGELOG | 1 - Makefile.conf.in | 1 - autofs.spec | 2 - configure | 58 --------- - configure.in | 1 - include/automount.h | 1 - include/config.h.in | 3 - lib/Makefile | 26 ---- - lib/mount.x | 345 --------------------------------------------------- - 9 files changed, 5 insertions(+), 433 deletions(-) - delete mode 100644 lib/mount.x - -diff --git a/CHANGELOG b/CHANGELOG -index 84050e91..19af245e 100644 ---- a/CHANGELOG -+++ b/CHANGELOG -@@ -1,5 +1,6 @@ - - - add xdr_exports(). -+- remove mount.x and rpcgen dependencies. - - 25/01/2021 autofs-5.1.7 - - make bind mounts propagation slave by default. -diff --git a/Makefile.conf.in b/Makefile.conf.in -index df678eec..12f26eb8 100644 ---- a/Makefile.conf.in -+++ b/Makefile.conf.in -@@ -65,7 +65,6 @@ FEDFS = @ENABLE_FEDFS@ - - LEX = @PATH_LEX@ - YACC = @PATH_YACC@ --RPCGEN = @PATH_RPCGEN@ - RANLIB = @PATH_RANLIB@ - - # Use libtirpc if requested and available -diff --git a/autofs.spec b/autofs.spec -index 3c2b144a..823735a3 100644 ---- a/autofs.spec -+++ b/autofs.spec -@@ -39,7 +39,7 @@ BuildRequires: libtirpc-devel - %endif - BuildRequires: autoconf, openldap-devel, bison, flex, libxml2-devel - BuildRequires: cyrus-sasl-devel, openssl-devel, util-linux --BuildRequires: libtirpc-devel, rpcgen, libnsl2-devel, krb5-devel -+BuildRequires: libtirpc-devel, libnsl2-devel, krb5-devel - Requires: chkconfig - Requires: /bin/bash sed grep /bin/ps - %if %{with_systemd} -diff --git a/configure b/configure -index de968f0e..3c5fe78b 100755 ---- a/configure -+++ b/configure -@@ -650,8 +650,6 @@ XML_CFLAGS - ENABLE_FEDFS - sssldir - HAVE_SSS_AUTOFS --PATH_RPCGEN --RPCGEN - PATH_RANLIB - RANLIB - PATH_YACC -@@ -4205,62 +4203,6 @@ else - as_fn_error $? "required program RANLIB not found" "$LINENO" 5 - fi - --for ac_prog in rpcgen --do -- # Extract the first word of "$ac_prog", so it can be a program name with args. --set dummy $ac_prog; ac_word=$2 --{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 --$as_echo_n "checking for $ac_word... " >&6; } --if ${ac_cv_path_RPCGEN+:} false; then : -- $as_echo_n "(cached) " >&6 --else -- case $RPCGEN in -- [\\/]* | ?:[\\/]*) -- ac_cv_path_RPCGEN="$RPCGEN" # Let the user override the test with a path. -- ;; -- *) -- as_save_IFS=$IFS; IFS=$PATH_SEPARATOR --for as_dir in $searchpath --do -- IFS=$as_save_IFS -- test -z "$as_dir" && as_dir=. -- for ac_exec_ext in '' $ac_executable_extensions; do -- if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then -- ac_cv_path_RPCGEN="$as_dir/$ac_word$ac_exec_ext" -- $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 -- break 2 -- fi --done -- done --IFS=$as_save_IFS -- -- ;; --esac --fi --RPCGEN=$ac_cv_path_RPCGEN --if test -n "$RPCGEN"; then -- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $RPCGEN" >&5 --$as_echo "$RPCGEN" >&6; } --else -- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 --$as_echo "no" >&6; } --fi -- -- -- test -n "$RPCGEN" && break --done -- --if test -n "$RPCGEN"; then -- --cat >>confdefs.h <<_ACEOF --#define PATH_RPCGEN "$RPCGEN" --_ACEOF -- -- PATH_RPCGEN="$RPCGEN" --else -- as_fn_error $? "required program RPCGEN not found" "$LINENO" 5 --fi -- - - if test -z "$sssldir"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for sssd autofs library" >&5 -diff --git a/configure.in b/configure.in -index a38d6655..e774b4cc 100644 ---- a/configure.in -+++ b/configure.in -@@ -164,7 +164,6 @@ AF_PATH_INCLUDE(E4FSCK, fsck.ext4 e4fsck, , $searchpath) - AF_CHECK_PROG(LEX, flex lex, , $searchpath) - AF_CHECK_PROG(YACC, bison, , $searchpath) - AF_CHECK_PROG(RANLIB, ranlib, , $searchpath) --AF_CHECK_PROG(RPCGEN, rpcgen, , $searchpath) - - AF_CHECK_SSS_LIB(SSS_AUTOFS, libsss_autofs.so) - AC_SUBST(HAVE_SSS_AUTOFS) -diff --git a/include/automount.h b/include/automount.h -index 1ae40786..2f09e8e7 100644 ---- a/include/automount.h -+++ b/include/automount.h -@@ -32,7 +32,6 @@ - #include "macros.h" - #include "log.h" - #include "rpc_subs.h" --#include "mounts.h" - #include "parse_subs.h" - #include "mounts.h" - #include "dev-ioctl-lib.h" -diff --git a/include/config.h.in b/include/config.h.in -index a4879494..4e36b390 100644 ---- a/include/config.h.in -+++ b/include/config.h.in -@@ -135,9 +135,6 @@ - /* define if you have RANLIB */ - #undef PATH_RANLIB - --/* define if you have RPCGEN */ --#undef PATH_RPCGEN -- - /* define if you have UMOUNT */ - #undef PATH_UMOUNT - -diff --git a/lib/Makefile b/lib/Makefile -index 83a80a1e..d18c67b5 100644 ---- a/lib/Makefile -+++ b/lib/Makefile -@@ -8,10 +8,9 @@ include ../Makefile.rules - SRCS = cache.c cat_path.c rpc_subs.c mounts.c log.c nsswitch.c \ - nss_tok.c nss_parse.tab.c args.c alarm.c macros.c defaults.c \ - parse_subs.c dev-ioctl-lib.c --RPCS = mount.h mount_clnt.c mount_xdr.c --OBJS = cache.o mount_clnt.o mount_xdr.o cat_path.o rpc_subs.o \ -- mounts.o log.o nsswitch.o nss_tok.o nss_parse.tab.o args.o \ -- alarm.o macros.o defaults.o parse_subs.o dev-ioctl-lib.o -+OBJS = cache.o cat_path.o rpc_subs.o mounts.o log.o nsswitch.o \ -+ nss_tok.o nss_parse.tab.o args.o alarm.o macros.o defaults.o \ -+ parse_subs.o dev-ioctl-lib.o - - YACCSRC = nss_tok.c nss_parse.tab.c nss_parse.tab.h - -@@ -33,23 +32,6 @@ libautofs.so: $(OBJS) - $(CC) $(SOLDFLAGS) $(CFLAGS) -o $*.so $^ $(LDFLAGS) $(LIBS) - $(STRIP) $*.so - --mount.h: mount.x -- $(RPCGEN) -h -o mount.h mount.x -- --mount_clnt.c: mount.h -- $(RPCGEN) -l -o mount_clnt.c mount.x -- --mount_clnt.o: mount_clnt.c -- $(CC) $(CFLAGS) -o mount_clnt.o -c mount_clnt.c -- $(STRIP) mount_clnt.o -- --mount_xdr.c: mount.h -- $(RPCGEN) -c -o mount_xdr.c mount.x -- --mount_xdr.o: mount_xdr.c -- $(CC) $(CFLAGS) -Wno-unused-variable -o mount_xdr.o -c mount_xdr.c -- $(STRIP) mount_xdr.o -- - nss_tok.c: nss_tok.l - $(LEX) -o$@ -Pnss_ $? - -@@ -60,8 +42,6 @@ nss_tok.o: nss_tok.c nss_parse.tab.h - - nss_parse.tab.o: nss_parse.tab.c nss_parse.tab.h - --rpc_subs.o: mount.h -- - install: all - install -d -m 755 $(INSTALLROOT)$(autofslibdir) - install -c $(LIB) -m 755 $(INSTALLROOT)$(sharedlibdir) -diff --git a/lib/mount.x b/lib/mount.x -deleted file mode 100644 -index f504e7cf..00000000 ---- a/lib/mount.x -+++ /dev/null -@@ -1,345 +0,0 @@ --%/* --% * Sun RPC is a product of Sun Microsystems, Inc. and is provided for --% * unrestricted use provided that this legend is included on all tape --% * media and as a part of the software program in whole or part. Users --% * may copy or modify Sun RPC without charge, but are not authorized --% * to license or distribute it to anyone else except as part of a product or --% * program developed by the user or with the express written consent of --% * Sun Microsystems, Inc. --% * --% * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE --% * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR --% * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE. --% * --% * Sun RPC is provided with no support and without any obligation on the --% * part of Sun Microsystems, Inc. to assist in its use, correction, --% * modification or enhancement. --% * --% * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE --% * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC --% * OR ANY PART THEREOF. --% * --% * In no event will Sun Microsystems, Inc. be liable for any lost revenue --% * or profits or other special, indirect and consequential damages, even if --% * Sun has been advised of the possibility of such damages. --% * --% * Sun Microsystems, Inc. --% * 2550 Garcia Avenue --% * Mountain View, California 94043 --% */ -- --%/* --% * Copyright (c) 1985, 1990 by Sun Microsystems, Inc. --% */ --% --%/* from @(#)mount.x 1.3 91/03/11 TIRPC 1.0 */ -- --/* -- * Protocol description for the mount program -- */ -- --#ifdef RPC_HDR --%#ifndef _rpcsvc_mount_h --%#define _rpcsvc_mount_h --%#include --#endif -- --const MNTPATHLEN = 1024; /* maximum bytes in a pathname argument */ --const MNTNAMLEN = 255; /* maximum bytes in a name argument */ --const FHSIZE = 32; /* size in bytes of a file handle */ -- --/* -- * The fhandle is the file handle that the server passes to the client. -- * All file operations are done using the file handles to refer to a file -- * or a directory. The file handle can contain whatever information the -- * server needs to distinguish an individual file. -- */ --typedef opaque fhandle[FHSIZE]; -- --/* -- * If a status of zero is returned, the call completed successfully, and -- * a file handle for the directory follows. A non-zero status indicates -- * some sort of error. The status corresponds with UNIX error numbers. -- */ --union fhstatus switch (unsigned fhs_status) { --case 0: -- fhandle fhs_fhandle; --default: -- void; --}; -- --/* -- * The type dirpath is the pathname of a directory -- */ --typedef string dirpath; -- --/* -- * The type name is used for arbitrary names (hostnames, groupnames) -- */ --typedef string name; -- --/* -- * A list of who has what mounted -- */ --typedef struct mountbody *mountlist; --struct mountbody { -- name ml_hostname; -- dirpath ml_directory; -- mountlist ml_next; --}; -- --/* -- * A list of netgroups -- */ --typedef struct groupnode *groups; --struct groupnode { -- name gr_name; -- groups gr_next; --}; -- --/* -- * A list of what is exported and to whom -- */ --typedef struct exportnode *exports; --struct exportnode { -- dirpath ex_dir; -- groups ex_groups; -- exports ex_next; --}; -- --/* -- * POSIX pathconf information -- */ --struct ppathcnf { -- int pc_link_max; /* max links allowed */ -- short pc_max_canon; /* max line len for a tty */ -- short pc_max_input; /* input a tty can eat all at once */ -- short pc_name_max; /* max file name length (dir entry) */ -- short pc_path_max; /* max path name length (/x/y/x/.. ) */ -- short pc_pipe_buf; /* size of a pipe (bytes) */ -- u_char pc_vdisable; /* safe char to turn off c_cc[i] */ -- char pc_xxx; /* alignment padding; cc_t == char */ -- short pc_mask[2]; /* validity and boolean bits */ --}; -- --/* -- * NFSv3 file handle -- */ --const FHSIZE3 = 64; /* max size of NFSv3 file handle in bytes */ --typedef opaque fhandle3; -- --/* -- * NFSv3 mount status -- */ --enum mountstat3 { -- MNT_OK = 0, /* no error */ -- MNT3ERR_PERM = 1, /* not owner */ -- MNT3ERR_NOENT = 2, /* no such file or directory */ -- MNT3ERR_IO = 5, /* I/O error */ -- MNT3ERR_ACCES = 13, /* Permission denied */ -- MNT3ERR_NOTDIR = 20, /* Not a directory */ -- MNT3ERR_INVAL = 22, /* Invalid argument */ -- MNT3ERR_NAMETOOLONG = 63, /* File name too long */ -- MNT3ERR_NOTSUPP = 10004,/* Operation not supported */ -- MNT3ERR_SERVERFAULT = 10006 /* A failure on the server */ --}; -- --/* -- * NFSv3 mount result -- */ --struct mountres3_ok { -- fhandle3 fhandle; -- int auth_flavors<>; --}; -- --union mountres3 switch (mountstat3 fhs_status) { --case MNT_OK: -- mountres3_ok mountinfo; /* File handle and supported flavors */ --default: -- void; --}; -- --program MOUNTPROG { -- /* -- * Version one of the mount protocol communicates with version two -- * of the NFS protocol. The only connecting point is the fhandle -- * structure, which is the same for both protocols. -- */ -- version MOUNTVERS { -- /* -- * Does no work. It is made available in all RPC services -- * to allow server reponse testing and timing -- */ -- void -- MOUNTPROC_NULL(void) = 0; -- -- /* -- * If fhs_status is 0, then fhs_fhandle contains the -- * file handle for the directory. This file handle may -- * be used in the NFS protocol. This procedure also adds -- * a new entry to the mount list for this client mounting -- * the directory. -- * Unix authentication required. -- */ -- fhstatus -- MOUNTPROC_MNT(dirpath) = 1; -- -- /* -- * Returns the list of remotely mounted filesystems. The -- * mountlist contains one entry for each hostname and -- * directory pair. -- */ -- mountlist -- MOUNTPROC_DUMP(void) = 2; -- -- /* -- * Removes the mount list entry for the directory -- * Unix authentication required. -- */ -- void -- MOUNTPROC_UMNT(dirpath) = 3; -- -- /* -- * Removes all of the mount list entries for this client -- * Unix authentication required. -- */ -- void -- MOUNTPROC_UMNTALL(void) = 4; -- -- /* -- * Returns a list of all the exported filesystems, and which -- * machines are allowed to import it. -- */ -- exports -- MOUNTPROC_EXPORT(void) = 5; -- -- /* -- * Identical to MOUNTPROC_EXPORT above -- */ -- exports -- MOUNTPROC_EXPORTALL(void) = 6; -- } = 1; -- -- /* -- * Version two of the mount protocol communicates with version two -- * of the NFS protocol. -- * The only difference from version one is the addition of a POSIX -- * pathconf call. -- */ -- version MOUNTVERS_POSIX { -- /* -- * Does no work. It is made available in all RPC services -- * to allow server reponse testing and timing -- */ -- void -- MOUNTPROC_NULL(void) = 0; -- -- /* -- * If fhs_status is 0, then fhs_fhandle contains the -- * file handle for the directory. This file handle may -- * be used in the NFS protocol. This procedure also adds -- * a new entry to the mount list for this client mounting -- * the directory. -- * Unix authentication required. -- */ -- fhstatus -- MOUNTPROC_MNT(dirpath) = 1; -- -- /* -- * Returns the list of remotely mounted filesystems. The -- * mountlist contains one entry for each hostname and -- * directory pair. -- */ -- mountlist -- MOUNTPROC_DUMP(void) = 2; -- -- /* -- * Removes the mount list entry for the directory -- * Unix authentication required. -- */ -- void -- MOUNTPROC_UMNT(dirpath) = 3; -- -- /* -- * Removes all of the mount list entries for this client -- * Unix authentication required. -- */ -- void -- MOUNTPROC_UMNTALL(void) = 4; -- -- /* -- * Returns a list of all the exported filesystems, and which -- * machines are allowed to import it. -- */ -- exports -- MOUNTPROC_EXPORT(void) = 5; -- -- /* -- * Identical to MOUNTPROC_EXPORT above -- */ -- exports -- MOUNTPROC_EXPORTALL(void) = 6; -- -- /* -- * POSIX pathconf info (Sun hack) -- */ -- ppathcnf -- MOUNTPROC_PATHCONF(dirpath) = 7; -- } = 2; -- -- /* -- * Version 3 of the protocol is for NFSv3 -- */ -- version MOUNTVERS_NFSV3 { -- /* -- * Does no work. It is made available in all RPC services -- * to allow server reponse testing and timing -- */ -- void -- MOUNTPROC3_NULL(void) = 0; -- -- /* -- * If fhs_status is 0, then fhs_fhandle contains the -- * file handle for the directory. This file handle may -- * be used in the NFS protocol. This procedure also adds -- * a new entry to the mount list for this client mounting -- * the directory. -- * Unix authentication required. -- */ -- mountres3 -- MOUNTPROC3_MNT(dirpath) = 1; -- -- /* -- * Returns the list of remotely mounted filesystems. The -- * mountlist contains one entry for each hostname and -- * directory pair. -- */ -- mountlist -- MOUNTPROC3_DUMP(void) = 2; -- -- /* -- * Removes the mount list entry for the directory -- * Unix authentication required. -- */ -- void -- MOUNTPROC3_UMNT(dirpath) = 3; -- -- /* -- * Removes all of the mount list entries for this client -- * Unix authentication required. -- */ -- void -- MOUNTPROC3_UMNTALL(void) = 4; -- -- /* -- * Returns a list of all the exported filesystems, and which -- * machines are allowed to import it. -- */ -- exports -- MOUNTPROC3_EXPORT(void) = 5; -- } = 3; --} = 100005; -- --#ifdef RPC_HDR --%#endif /*!_rpcsvc_mount_h*/ --#endif diff --git a/SOURCES/autofs-5.1.8-avoid-calling-pthread_getspecific-with-NULL-key_thread_attempt_id.patch b/SOURCES/autofs-5.1.8-avoid-calling-pthread_getspecific-with-NULL-key_thread_attempt_id.patch new file mode 100644 index 0000000..2d64307 --- /dev/null +++ b/SOURCES/autofs-5.1.8-avoid-calling-pthread_getspecific-with-NULL-key_thread_attempt_id.patch @@ -0,0 +1,35 @@ +autofs-5.1.8 - avoid calling pthread_getspecific() with NULL key_thread_attempt_id + +From: Ian Kent + +Don't call pthread_getspecific() if key_thread_attempt_id is NULL in +case the pthread_getspecific() implementation doesn't check for this. + +Signed-off-by: Ian Kent +--- + CHANGELOG | 1 + + lib/log.c | 3 +++ + 2 files changed, 4 insertions(+) + +--- autofs-5.1.7.orig/CHANGELOG ++++ autofs-5.1.7/CHANGELOG +@@ -92,6 +92,7 @@ + - simplify cache_add() a little. + - fix use after free in tree_mapent_delete_offset_tree(). + - fix memory leak in xdr_exports(). ++- avoid calling pthread_getspecific() with NULL key_thread_attempt_id. + + 25/01/2021 autofs-5.1.7 + - make bind mounts propagation slave by default. +--- autofs-5.1.7.orig/lib/log.c ++++ autofs-5.1.7/lib/log.c +@@ -38,6 +38,9 @@ static char *prepare_attempt_prefix(cons + char buffer[ATTEMPT_ID_SIZE + 1]; + char *prefixed_msg = NULL; + ++ if (!key_thread_attempt_id) ++ return NULL; ++ + attempt_id = pthread_getspecific(key_thread_attempt_id); + if (attempt_id) { + int len = sizeof(buffer) + 1 + strlen(msg) + 1; diff --git a/SOURCES/autofs-5.1.8-bailout-on-rpc-systemerror.patch b/SOURCES/autofs-5.1.8-bailout-on-rpc-systemerror.patch new file mode 100644 index 0000000..24e9f1d --- /dev/null +++ b/SOURCES/autofs-5.1.8-bailout-on-rpc-systemerror.patch @@ -0,0 +1,34 @@ +autofs-5.1.8 - bailout on rpc systemerror + +From: Ian Kent + +If there's a system error (eg. oversize packet received) just give up +since redoing the call would likely end up with the same error. + +Signed-off-by: Ian Kent +--- + CHANGELOG | 1 + + lib/rpc_subs.c | 2 ++ + 2 files changed, 3 insertions(+) + +--- autofs-5.1.7.orig/CHANGELOG ++++ autofs-5.1.7/CHANGELOG +@@ -99,6 +99,7 @@ + - make NFS version check flags consistent. + - refactor get_nfs_info(). + - also require TCP_REQUESTED when setting NFS port. ++- bailout on rpc systemerror. + + 25/01/2021 autofs-5.1.7 + - make bind mounts propagation slave by default. +--- autofs-5.1.7.orig/lib/rpc_subs.c ++++ autofs-5.1.7/lib/rpc_subs.c +@@ -1200,6 +1200,8 @@ static int rpc_get_exports_proto(struct + info->timeout); + if (status == RPC_SUCCESS) + break; ++ if (status == RPC_SYSTEMERROR) ++ break; + if (++vers_entry > 2) + break; + CLNT_CONTROL(client, CLSET_VERS, diff --git a/SOURCES/autofs-5.1.8-dont-fail-on-duplicate-host-export-entry.patch b/SOURCES/autofs-5.1.8-dont-fail-on-duplicate-host-export-entry.patch new file mode 100644 index 0000000..ea7d740 --- /dev/null +++ b/SOURCES/autofs-5.1.8-dont-fail-on-duplicate-host-export-entry.patch @@ -0,0 +1,46 @@ +autofs-5.1.8 - dont fail on duplicate host export entry + +From: Ian Kent + +If we encounter a duplicate host export entry don't fail, just ignore +it and return the duplicate. + +Signed-off-by: Ian Kent +--- + CHANGELOG | 1 + + lib/mounts.c | 6 ++++-- + 2 files changed, 5 insertions(+), 2 deletions(-) + +--- autofs-5.1.7.orig/CHANGELOG ++++ autofs-5.1.7/CHANGELOG +@@ -87,6 +87,7 @@ + - fix root offset error handling. + - fix fix root offset error handling. + - fix nonstrict fail handling of last offset mount. ++- dont fail on duplicate offset entry tree add. + + 25/01/2021 autofs-5.1.7 + - make bind mounts propagation slave by default. +--- autofs-5.1.7.orig/lib/mounts.c ++++ autofs-5.1.7/lib/mounts.c +@@ -1341,7 +1341,7 @@ static struct tree_node *tree_add_node(s + } + + if (!eq) +- error(LOGOPT_ANY, "cannot add duplicate entry to tree"); ++ return p; + else { + if (eq < 0) + return tree_add_left(p, ptr); +@@ -1515,8 +1515,10 @@ static int tree_host_cmp(struct tree_nod + int eq; + + eq = strcmp(exp->dir, n_exp->dir); +- if (!eq) ++ if (!eq) { ++ error(LOGOPT_ANY, "duplicate entry %s ignored", exp->dir); + return 0; ++ } + return (exp_len < n_exp_len) ? -1 : 1; + } + diff --git a/SOURCES/autofs-5.1.8-dont-use-initgroups-at-spawn.patch b/SOURCES/autofs-5.1.8-dont-use-initgroups-at-spawn.patch new file mode 100644 index 0000000..185e98f --- /dev/null +++ b/SOURCES/autofs-5.1.8-dont-use-initgroups-at-spawn.patch @@ -0,0 +1,131 @@ +autofs-5.1.8 - dont use initgroups() at spawn + +From: Ian Kent + +The initgroups(3) function isn't safe to use between fork() and +exec() in a threaded program. + +Using it this way often leads to a hang for even moderate work +loads. + +But the getgrouplist()/setgroups() combination can be used safely +in this case and this patch changes autofs to use these (the safety +of using of setgroups() is yet to to be documented). + +A large portion of the work on this patch has been contributed +by Roberto Bergantinos . + +Reported-by: Roberto Bergantinos +Fixes: 6343a3292020 ("autofs-5.1.3 - fix ordering of seteuid/setegid in do_spawn()") +Signed-off-by: Roberto Bergantinos +Signed-off-by: Ian Kent +--- + CHANGELOG | 1 + + daemon/spawn.c | 51 +++++++++++++++++++++++++++++++++++++++++++++++---- + 2 files changed, 48 insertions(+), 4 deletions(-) + +--- autofs-5.1.7.orig/CHANGELOG ++++ autofs-5.1.7/CHANGELOG +@@ -101,6 +101,7 @@ + - also require TCP_REQUESTED when setting NFS port. + - bailout on rpc systemerror. + - fix nfsv4 only mounts should not use rpcbind. ++- dont use initgroups() at spawn. + + 25/01/2021 autofs-5.1.7 + - make bind mounts propagation slave by default. +--- autofs-5.1.7.orig/daemon/spawn.c ++++ autofs-5.1.7/daemon/spawn.c +@@ -26,6 +26,7 @@ + #include + #include + #include ++#include + + #include "automount.h" + +@@ -335,6 +336,10 @@ static int do_spawn(unsigned logopt, uns + struct thread_stdenv_vars *tsv; + pid_t euid = 0; + gid_t egid = 0; ++ gid_t *groups = NULL; ++ gid_t *saved_groups = NULL; ++ int ngroups = 0; ++ int nsaved_groups = 0; + + if (open_pipe(pipefd)) + return -1; +@@ -357,6 +362,31 @@ static int do_spawn(unsigned logopt, uns + } + + open_mutex_lock(); ++ ++ if (euid) { ++ struct passwd *pwd; ++ ++ pwd = getpwuid(getuid()); ++ if (!pwd) ++ fprintf(stderr, ++ "warning: getpwuid: can't get current username\n"); ++ else { ++ /* get number of groups for current gid */ ++ getgrouplist(pwd->pw_name, getgid(), NULL, &nsaved_groups); ++ saved_groups = malloc(nsaved_groups * sizeof(gid_t)); ++ ++ /* get current gid groups list */ ++ getgrouplist(pwd->pw_name, getgid(), saved_groups, &nsaved_groups); ++ } ++ ++ /* get number of groups of mount triggering process */ ++ getgrouplist(tsv->user, egid, NULL, &ngroups); ++ groups = malloc(ngroups * sizeof(gid_t)); ++ ++ /* get groups list of mount triggering process */ ++ getgrouplist(tsv->user, egid, groups, &ngroups); ++ } ++ + f = fork(); + if (f == 0) { + char **pargv = (char **) argv; +@@ -398,10 +428,13 @@ static int do_spawn(unsigned logopt, uns + if (!tsv->user) + fprintf(stderr, + "warning: can't init groups\n"); +- else if (initgroups(tsv->user, egid) == -1) +- fprintf(stderr, +- "warning: initgroups: %s\n", +- strerror(errno)); ++ else if (groups) { ++ if (setgroups(ngroups, groups) == -1) ++ fprintf(stderr, ++ "warning: setgroups: %s\n", ++ strerror(errno)); ++ free(groups); ++ } + + if (setegid(egid) == -1) + fprintf(stderr, +@@ -436,6 +469,11 @@ static int do_spawn(unsigned logopt, uns + strerror(errno)); + if (pgrp >= 0) + setpgid(0, pgrp); ++ /* Reset groups for trigger of trailing mount */ ++ if (euid && saved_groups) { ++ setgroups(nsaved_groups, saved_groups); ++ free(saved_groups); ++ } + + /* + * The kernel leaves mount type autofs alone because +@@ -474,6 +512,11 @@ done: + pthread_sigmask(SIG_SETMASK, &tmpsig, NULL); + open_mutex_unlock(); + ++ if (groups) ++ free(groups); ++ if (saved_groups) ++ free(saved_groups); ++ + close(pipefd[1]); + + if (f < 0) { diff --git a/SOURCES/autofs-5.1.8-fix-fix-root-offset-error-handling.patch b/SOURCES/autofs-5.1.8-fix-fix-root-offset-error-handling.patch new file mode 100644 index 0000000..d91a7a3 --- /dev/null +++ b/SOURCES/autofs-5.1.8-fix-fix-root-offset-error-handling.patch @@ -0,0 +1,34 @@ +autofs-5.1.8 - fix fix root offset error handling + +From: Ian Kent + +The change to fix root offset error handlling is missing a cache read +lock prior to the key lookup, the following unmatched unlock then +causes a hang. + +Signed-off-by: Ian Kent +--- + CHANGELOG | 1 + + daemon/direct.c | 1 + + 2 files changed, 2 insertions(+) + +--- autofs-5.1.7.orig/CHANGELOG ++++ autofs-5.1.7/CHANGELOG +@@ -85,6 +85,7 @@ + - fix set open file limit. + - improve descriptor open error reporting. + - fix root offset error handling. ++- fix fix root offset error handling. + + 25/01/2021 autofs-5.1.7 + - make bind mounts propagation slave by default. +--- autofs-5.1.7.orig/daemon/direct.c ++++ autofs-5.1.7/daemon/direct.c +@@ -1271,6 +1271,7 @@ static void *do_mount_direct(void *arg) + /* If this is a multi-mount subtree mount failure + * ensure the tree continues to expire. + */ ++ cache_readlock(mt.mc); + me = cache_lookup_distinct(mt.mc, mt.name); + if (me && IS_MM(me) && !IS_MM_ROOT(me)) + conditional_alarm_add(ap, ap->exp_runfreq); diff --git a/SOURCES/autofs-5.1.8-fix-handling-of-incorrect-return-from-umount_ent.patch b/SOURCES/autofs-5.1.8-fix-handling-of-incorrect-return-from-umount_ent.patch new file mode 100644 index 0000000..462c2ac --- /dev/null +++ b/SOURCES/autofs-5.1.8-fix-handling-of-incorrect-return-from-umount_ent.patch @@ -0,0 +1,110 @@ +autofs-5.1.8 - fix handling of incorrect return from umount_ent() + +From: Ian Kent + +Commit 0210535df4b ("autofs-5.1.0 - gaurd against incorrect umount +return") guards against umount_ent() returning a fail when the mount +has actually been umounted. + +But we also see umount_ent() return success when in fact the mount has +not been umounted leading to incorrect handling of automounts. + +So checking the return of umount_ent() isn't always giving the correct +result in more than just one case, consequently we should ignore the +result from the spawned umount(8) and check if the mount has in fact +been umounted. + +Signed-off-by: Ian Kent +--- + CHANGELOG | 1 + + daemon/automount.c | 3 +-- + lib/mounts.c | 19 ++++++++++--------- + 3 files changed, 12 insertions(+), 11 deletions(-) + +--- autofs-5.1.7.orig/CHANGELOG ++++ autofs-5.1.7/CHANGELOG +@@ -95,6 +95,7 @@ + - avoid calling pthread_getspecific() with NULL key_thread_attempt_id. + - fix sysconf(3) return handling. + - remove nonstrict parameter from tree_mapent_umount_offsets(). ++- fix handling of incorrect return from umount_ent(). + + 25/01/2021 autofs-5.1.7 + - make bind mounts propagation slave by default. +--- autofs-5.1.7.orig/daemon/automount.c ++++ autofs-5.1.7/daemon/automount.c +@@ -605,8 +605,7 @@ static int umount_subtree_mounts(struct + struct mnt_list *mnt; + + debug(ap->logopt, "unmounting dir = %s", path); +- if (umount_ent(ap, path) && +- is_mounted(path, MNTS_REAL)) { ++ if (umount_ent(ap, path)) { + warn(ap->logopt, "could not umount dir %s", path); + left++; + goto done; +--- autofs-5.1.7.orig/lib/mounts.c ++++ autofs-5.1.7/lib/mounts.c +@@ -1869,8 +1869,7 @@ static int tree_mapent_umount_offset(str + */ + if (oe->ioctlfd != -1 || + is_mounted(oe->key, MNTS_REAL)) { +- if (umount_ent(ap, oe->key) && +- is_mounted(oe->key, MNTS_REAL)) { ++ if (umount_ent(ap, oe->key)) { + debug(ap->logopt, + "offset %s has active mount, invalidate", + oe->key); +@@ -2010,8 +2009,7 @@ int tree_mapent_umount_offsets(struct ma + */ + if (is_mounted(mp, MNTS_REAL)) { + info(ap->logopt, "unmounting dir = %s", mp); +- if (umount_ent(ap, mp) && +- is_mounted(mp, MNTS_REAL)) { ++ if (umount_ent(ap, mp)) { + if (!tree_mapent_mount_offsets(oe, 1)) + warn(ap->logopt, + "failed to remount offset triggers"); +@@ -2982,6 +2980,7 @@ void set_direct_mount_tree_catatonic(str + + int umount_ent(struct autofs_point *ap, const char *path) + { ++ unsigned int mounted; + int rv; + + if (ap->state != ST_SHUTDOWN_FORCE) +@@ -2993,6 +2992,8 @@ int umount_ent(struct autofs_point *ap, + rv = spawn_umount(ap->logopt, "-l", path, NULL); + } + ++ mounted = is_mounted(path, MNTS_REAL); ++ + if (rv && (ap->state == ST_SHUTDOWN_FORCE || ap->state == ST_SHUTDOWN)) { + /* + * Verify that we actually unmounted the thing. This is a +@@ -3004,20 +3005,20 @@ int umount_ent(struct autofs_point *ap, + * so that we do not try to call rmdir_path on the + * directory. + */ +- if (is_mounted(path, MNTS_REAL)) { ++ if (mounted) { + crit(ap->logopt, + "the umount binary reported that %s was " + "unmounted, but there is still something " + "mounted on this path.", path); +- rv = -1; ++ mounted = -1; + } + } + +- /* On success, check for mounted mount and remove it if found */ +- if (!rv) ++ /* If mount is gone remove it from mounted mounts list. */ ++ if (!mounted) + mnts_remove_mount(path, MNTS_MOUNTED); + +- return rv; ++ return mounted; + } + + int umount_amd_ext_mount(struct autofs_point *ap, const char *path) diff --git a/SOURCES/autofs-5.1.8-fix-loop-under-run-in-cache_get_offset_parent.patch b/SOURCES/autofs-5.1.8-fix-loop-under-run-in-cache_get_offset_parent.patch new file mode 100644 index 0000000..d29984b --- /dev/null +++ b/SOURCES/autofs-5.1.8-fix-loop-under-run-in-cache_get_offset_parent.patch @@ -0,0 +1,36 @@ +autofs-5.1.8 - fix loop under run in cache_get_offset_parent() + +From: Frank Sorenson + +To avoid reading memory outside of the the string +allocated for parent, tail needs to stop when it +reaches or passes parent, even if it doesn't +actually equal parent. + +Signed-off-by: Frank Sorenson +--- + CHANGELOG | 1 + + lib/cache.c | 2 +- + 2 files changed, 2 insertions(+), 1 deletion(-) + +--- autofs-5.1.7.orig/CHANGELOG ++++ autofs-5.1.7/CHANGELOG +@@ -88,6 +88,7 @@ + - fix fix root offset error handling. + - fix nonstrict fail handling of last offset mount. + - dont fail on duplicate offset entry tree add. ++- fix loop under run in cache_get_offset_parent(). + + 25/01/2021 autofs-5.1.7 + - make bind mounts propagation slave by default. +--- autofs-5.1.7.orig/lib/cache.c ++++ autofs-5.1.7/lib/cache.c +@@ -710,7 +710,7 @@ struct mapent *cache_get_offset_parent(s + *tail = 0; + + tail--; +- if (tail == parent) ++ if (tail <= parent) + break; + + me = cache_lookup_distinct(mc, parent); diff --git a/SOURCES/autofs-5.1.8-fix-memory-leak-in-xdr_exports.patch b/SOURCES/autofs-5.1.8-fix-memory-leak-in-xdr_exports.patch new file mode 100644 index 0000000..81a5e03 --- /dev/null +++ b/SOURCES/autofs-5.1.8-fix-memory-leak-in-xdr_exports.patch @@ -0,0 +1,40 @@ +autofs-5.1.8 - fix memory leak in xdr_exports() + +From: Ian Kent + +Converting xdr_exports() to not be recursive introduced a memory leak +if an error is encountered, fix it. + +Signed-off-by: Ian Kent +--- + CHANGELOG | 1 + + lib/rpc_subs.c | 7 ++++++- + 2 files changed, 7 insertions(+), 1 deletion(-) + +--- autofs-5.1.7.orig/CHANGELOG ++++ autofs-5.1.7/CHANGELOG +@@ -91,6 +91,7 @@ + - fix loop under run in cache_get_offset_parent(). + - simplify cache_add() a little. + - fix use after free in tree_mapent_delete_offset_tree(). ++- fix memory leak in xdr_exports(). + + 25/01/2021 autofs-5.1.7 + - make bind mounts propagation slave by default. +--- autofs-5.1.7.orig/lib/rpc_subs.c ++++ autofs-5.1.7/lib/rpc_subs.c +@@ -1151,8 +1151,13 @@ bool_t xdr_exports(XDR *xdrs, struct exp + + export = (char **) exports; + while (1) { +- if (!xdr_pointer(xdrs, export, size, (xdrproc_t) xdr_export)) ++ if (!xdr_pointer(xdrs, export, size, (xdrproc_t) xdr_export)) { ++ if (*exports) { ++ rpc_exports_free(*exports); ++ *exports = NULL; ++ } + return FALSE; ++ } + if (!*export) + break; + export = (char **) &((struct exportinfo *) *export)->next; diff --git a/SOURCES/autofs-5.1.8-fix-nfsv4-only-mounts-should-not-use-rpcbind.patch b/SOURCES/autofs-5.1.8-fix-nfsv4-only-mounts-should-not-use-rpcbind.patch new file mode 100644 index 0000000..64d1d91 --- /dev/null +++ b/SOURCES/autofs-5.1.8-fix-nfsv4-only-mounts-should-not-use-rpcbind.patch @@ -0,0 +1,94 @@ +autofs-5.1.8 - fix nfsv4 only mounts should not use rpcbind + +From: Ian Kent + +Commit 606795ecfaa1 ("autofs-5.1.7 - also require TCP_REQUESTED when +setting NFS port" together with commit 26fb6b5408be) caused NFSv4 only +mounts to also use rpcbind to probe availability which breaks the +requirememt that this type of mount not use rpcbind at all. + +Fix this by treating fstype=nfs4 mounts as a special case which doesn't +use rpcbind. + +Signed-off-by: Ian Kent +--- + CHANGELOG | 1 + + include/replicated.h | 2 ++ + modules/mount_nfs.c | 13 +++++++------ + modules/replicated.c | 4 ++-- + 4 files changed, 12 insertions(+), 8 deletions(-) + +--- autofs-5.1.7.orig/CHANGELOG ++++ autofs-5.1.7/CHANGELOG +@@ -100,6 +100,7 @@ + - refactor get_nfs_info(). + - also require TCP_REQUESTED when setting NFS port. + - bailout on rpc systemerror. ++- fix nfsv4 only mounts should not use rpcbind. + + 25/01/2021 autofs-5.1.7 + - make bind mounts propagation slave by default. +--- autofs-5.1.7.orig/include/replicated.h ++++ autofs-5.1.7/include/replicated.h +@@ -35,6 +35,8 @@ + #define NFS3_REQUESTED NFS3_SUPPORTED + #define NFS4_REQUESTED NFS4_SUPPORTED + ++#define NFS4_ONLY_REQUESTED 0x0800 ++ + #define TCP_SUPPORTED 0x0001 + #define UDP_SUPPORTED 0x0002 + #define TCP_REQUESTED TCP_SUPPORTED +--- autofs-5.1.7.orig/modules/mount_nfs.c ++++ autofs-5.1.7/modules/mount_nfs.c +@@ -92,7 +92,7 @@ int mount_mount(struct autofs_point *ap, + mount_default_proto = defaults_get_mount_nfs_default_proto(); + vers = NFS_VERS_DEFAULT | NFS_PROTO_DEFAULT; + if (strcmp(fstype, "nfs4") == 0) +- vers = NFS4_VERS_DEFAULT | TCP_SUPPORTED; ++ vers = NFS4_VERS_DEFAULT | TCP_SUPPORTED | NFS4_ONLY_REQUESTED; + else if (mount_default_proto == 4) + vers = vers | NFS4_VERS_DEFAULT; + +@@ -157,15 +157,16 @@ int mount_mount(struct autofs_point *ap, + } else { + /* Is any version of NFSv4 in the options */ + if (_strncmp("vers=4", cp, 6) == 0 || +- _strncmp("nfsvers=4", cp, 9) == 0) +- vers = NFS4_VERS_MASK | TCP_SUPPORTED; +- else if (_strncmp("vers=3", cp, o_len) == 0 || ++ _strncmp("nfsvers=4", cp, 9) == 0) { ++ vers &= ~(NFS_VERS_MASK); ++ vers |= NFS4_VERS_MASK | TCP_SUPPORTED | NFS4_ONLY_REQUESTED; ++ } else if (_strncmp("vers=3", cp, o_len) == 0 || + _strncmp("nfsvers=3", cp, o_len) == 0) { +- vers &= ~(NFS4_VERS_MASK | NFS_VERS_MASK); ++ vers &= ~(NFS4_VERS_MASK | NFS_VERS_MASK | NFS4_ONLY_REQUESTED); + vers |= NFS3_REQUESTED; + } else if (_strncmp("vers=2", cp, o_len) == 0 || + _strncmp("nfsvers=2", cp, o_len) == 0) { +- vers &= ~(NFS4_VERS_MASK | NFS_VERS_MASK); ++ vers &= ~(NFS4_VERS_MASK | NFS_VERS_MASK | NFS4_ONLY_REQUESTED); + vers |= NFS2_REQUESTED; + } else if (strstr(cp, "port=") == cp && + o_len - 5 < 25) { +--- autofs-5.1.7.orig/modules/replicated.c ++++ autofs-5.1.7/modules/replicated.c +@@ -291,7 +291,7 @@ static unsigned int get_nfs_info(unsigne + + rpc_info->proto = proto; + if (port < 0) { +- if ((version & NFS4_REQUESTED) && (version & TCP_REQUESTED)) ++ if (version & NFS4_REQUESTED && (version & NFS4_ONLY_REQUESTED)) + rpc_info->port = NFS_PORT; + else + port = 0; +@@ -525,7 +525,7 @@ static int get_vers_and_cost(unsigned lo + { + struct conn_info pm_info, rpc_info; + time_t timeout = RPC_TIMEOUT; +- unsigned int supported, vers = (NFS_VERS_MASK | NFS4_VERS_MASK); ++ unsigned int supported, vers = (NFS_VERS_MASK | NFS4_VERS_MASK | NFS4_ONLY_REQUESTED); + int ret = 0; + + if (!check_address_proto(logopt, host, version)) diff --git a/SOURCES/autofs-5.1.8-fix-nonstrict-fail-handling-of-last-offset-mount.patch b/SOURCES/autofs-5.1.8-fix-nonstrict-fail-handling-of-last-offset-mount.patch new file mode 100644 index 0000000..59a250e --- /dev/null +++ b/SOURCES/autofs-5.1.8-fix-nonstrict-fail-handling-of-last-offset-mount.patch @@ -0,0 +1,38 @@ +autofs-5.1.8 - fix nonstrict fail handling of last offset mount + +From: Ian Kent + +When mounting a list of multi-mount offsets the offset mount should +succeed even if there's a mount failure for the non-strict case (the +default). + +But currently if the last offset mount fails the multi-mount fails +regardless of whether the mount is non-strict or not. + +Signed-off-by: Ian Kent +--- + CHANGELOG | 1 + + lib/mounts.c | 2 +- + 2 files changed, 2 insertions(+), 1 deletion(-) + +--- autofs-5.1.7.orig/CHANGELOG ++++ autofs-5.1.7/CHANGELOG +@@ -86,6 +86,7 @@ + - improve descriptor open error reporting. + - fix root offset error handling. + - fix fix root offset error handling. ++- fix nonstrict fail handling of last offset mount. + + 25/01/2021 autofs-5.1.7 + - make bind mounts propagation slave by default. +--- autofs-5.1.7.orig/lib/mounts.c ++++ autofs-5.1.7/lib/mounts.c +@@ -1940,7 +1940,7 @@ static int tree_mapent_mount_offsets_wor + tree_mapent_mount_offsets(oe, !ctxt->strict); + } + +- return ret; ++ return (ctxt->strict ? ret : 1); + } + + int tree_mapent_mount_offsets(struct mapent *oe, int nonstrict) diff --git a/SOURCES/autofs-5.1.8-fix-root-offset-error-handling.patch b/SOURCES/autofs-5.1.8-fix-root-offset-error-handling.patch new file mode 100644 index 0000000..30c4074 --- /dev/null +++ b/SOURCES/autofs-5.1.8-fix-root-offset-error-handling.patch @@ -0,0 +1,85 @@ +autofs-5.1.8 - fix root offset error handling + +From: Ian Kent + +If mounting the root or offsets of a multi-mount root fails any mounts +done so far need to be umounted and the multi-mount offset tree deleted +so it can be created cleanly and possibly mounted the next time it's +triggered. + +Also, if a subtree that is not the multi-mount root fails the expire +alarm needs to be re-instated so other subtrees (at least the root) +will continue to expire. + +Signed-off-by: Ian Kent +--- + CHANGELOG | 1 + + daemon/direct.c | 10 +++++++++- + modules/parse_sun.c | 6 ++++++ + 3 files changed, 16 insertions(+), 1 deletion(-) + +--- autofs-5.1.7.orig/CHANGELOG ++++ autofs-5.1.7/CHANGELOG +@@ -84,6 +84,7 @@ + - fix fedfs build flags. + - fix set open file limit. + - improve descriptor open error reporting. ++- fix root offset error handling. + + 25/01/2021 autofs-5.1.7 + - make bind mounts propagation slave by default. +--- autofs-5.1.7.orig/daemon/direct.c ++++ autofs-5.1.7/daemon/direct.c +@@ -1163,6 +1163,7 @@ static void *do_mount_direct(void *arg) + struct ioctl_ops *ops = get_ioctl_ops(); + struct pending_args *args, mt; + struct autofs_point *ap; ++ struct mapent *me; + struct stat st; + int status, state; + +@@ -1226,7 +1227,6 @@ static void *do_mount_direct(void *arg) + pthread_setcancelstate(PTHREAD_CANCEL_DISABLE, &state); + if (status) { + struct mnt_list *sbmnt; +- struct mapent *me; + struct statfs fs; + unsigned int close_fd = 0; + unsigned int flags = MNTS_DIRECT|MNTS_MOUNTED; +@@ -1267,6 +1267,14 @@ static void *do_mount_direct(void *arg) + mt.ioctlfd, mt.wait_queue_token, -ENOENT); + ops->close(ap->logopt, mt.ioctlfd); + info(ap->logopt, "failed to mount %s", mt.name); ++ ++ /* If this is a multi-mount subtree mount failure ++ * ensure the tree continues to expire. ++ */ ++ me = cache_lookup_distinct(mt.mc, mt.name); ++ if (me && IS_MM(me) && !IS_MM_ROOT(me)) ++ conditional_alarm_add(ap, ap->exp_runfreq); ++ cache_unlock(mt.mc); + } + pthread_setcancelstate(state, NULL); + +--- autofs-5.1.7.orig/modules/parse_sun.c ++++ autofs-5.1.7/modules/parse_sun.c +@@ -1142,6 +1142,9 @@ static int mount_subtree(struct autofs_p + if (!len) { + warn(ap->logopt, "path loo long"); + cache_unlock(mc); ++ cache_writelock(mc); ++ tree_mapent_delete_offsets(mc, name); ++ cache_unlock(mc); + return 1; + } + key[len] = '/'; +@@ -1186,6 +1189,9 @@ static int mount_subtree(struct autofs_p + cache_unlock(mc); + error(ap->logopt, MODPREFIX + "failed to mount offset triggers"); ++ cache_writelock(mc); ++ tree_mapent_delete_offsets(mc, name); ++ cache_unlock(mc); + return 1; + } + } diff --git a/SOURCES/autofs-5.1.8-fix-sysconf-return-handling.patch b/SOURCES/autofs-5.1.8-fix-sysconf-return-handling.patch new file mode 100644 index 0000000..23f09da --- /dev/null +++ b/SOURCES/autofs-5.1.8-fix-sysconf-return-handling.patch @@ -0,0 +1,64 @@ +autofs-5.1.8 - fix sysconf(3) return handling + +From: Fabian Groffen + +The sysconf(3) return handling doesn't handle a -1 return with errno +not changed which indicated a maximum or minimum limit that's not +known. + +Add handling of this case. + +Signed-off-by: Fabian Groffen +Signed-off-by: Ian Kent +--- + CHANGELOG | 1 + + lib/mounts.c | 13 +++++++++++-- + 2 files changed, 12 insertions(+), 2 deletions(-) + +--- autofs-5.1.7.orig/CHANGELOG ++++ autofs-5.1.7/CHANGELOG +@@ -93,6 +93,7 @@ + - fix use after free in tree_mapent_delete_offset_tree(). + - fix memory leak in xdr_exports(). + - avoid calling pthread_getspecific() with NULL key_thread_attempt_id. ++- fix sysconf(3) return handling. + + 25/01/2021 autofs-5.1.7 + - make bind mounts propagation slave by default. +--- autofs-5.1.7.orig/lib/mounts.c ++++ autofs-5.1.7/lib/mounts.c +@@ -2385,11 +2385,17 @@ void set_tsd_user_vars(unsigned int logo + + /* Try to get passwd info */ + ++ /* sysconf may return -1 with unchanged errno to indicate unlimited ++ * size, same for the call for _SC_GETGR_R_SIZE_MAX below ++ */ ++ errno = 0; + tmplen = sysconf(_SC_GETPW_R_SIZE_MAX); +- if (tmplen < 0) { ++ if (tmplen < 0 && errno != 0) { + error(logopt, "failed to get buffer size for getpwuid_r"); + goto free_tsv; + } ++ if (tmplen < 0) ++ tmplen = 1024; /* assume something reasonable */ + + pw_tmp = malloc(tmplen + 1); + if (!pw_tmp) { +@@ -2422,11 +2428,14 @@ void set_tsd_user_vars(unsigned int logo + + /* Try to get group info */ + ++ errno = 0; + grplen = sysconf(_SC_GETGR_R_SIZE_MAX); +- if (grplen < 0) { ++ if (grplen < 0 && errno != 0) { + error(logopt, "failed to get buffer size for getgrgid_r"); + goto free_tsv_home; + } ++ if (grplen < 0) ++ grplen = 1024; + + gr_tmp = NULL; + status = ERANGE; diff --git a/SOURCES/autofs-5.1.8-fix-use-after-free-in-tree_mapent_delete_offset_tree.patch b/SOURCES/autofs-5.1.8-fix-use-after-free-in-tree_mapent_delete_offset_tree.patch new file mode 100644 index 0000000..fc9b288 --- /dev/null +++ b/SOURCES/autofs-5.1.8-fix-use-after-free-in-tree_mapent_delete_offset_tree.patch @@ -0,0 +1,55 @@ +autofs-5.1.8 - fix use after free in tree_mapent_delete_offset_tree() + +From: Ian Kent + +The key field of the map entry of the root of the map entry tree to be +deleted can't be used for the key parameter, fix it. + +Signed-off-by: Ian Kent +--- + CHANGELOG | 1 + + lib/mounts.c | 16 +++++++++++++--- + 2 files changed, 14 insertions(+), 3 deletions(-) + +--- autofs-5.1.7.orig/CHANGELOG ++++ autofs-5.1.7/CHANGELOG +@@ -90,6 +90,7 @@ + - dont fail on duplicate offset entry tree add. + - fix loop under run in cache_get_offset_parent(). + - simplify cache_add() a little. ++- fix use after free in tree_mapent_delete_offset_tree(). + + 25/01/2021 autofs-5.1.7 + - make bind mounts propagation slave by default. +--- autofs-5.1.7.orig/lib/mounts.c ++++ autofs-5.1.7/lib/mounts.c +@@ -1666,16 +1666,26 @@ static int tree_mapent_delete_offset_tre + */ + if (MAPENT_ROOT(me) != MAPENT_NODE(me)) { + struct tree_node *root = MAPENT_ROOT(me); ++ char *key; + +- debug(logopt, "deleting offset key %s", me->key); ++ key = strdup(me->key); ++ if (!key) { ++ char buf[MAX_ERR_BUF]; ++ char *estr = strerror_r(errno, buf, MAX_ERR_BUF); ++ error(logopt, "strdup: %s", estr); ++ return 0; ++ } ++ ++ debug(logopt, "deleting offset key %s", key); + + /* cache_delete won't delete an active offset */ + MAPENT_SET_ROOT(me, NULL); +- ret = cache_delete(me->mc, me->key); ++ ret = cache_delete(me->mc, key); + if (ret != CHE_OK) { + MAPENT_SET_ROOT(me, root); +- warn(logopt, "failed to delete offset %s", me->key); ++ warn(logopt, "failed to delete offset %s", key); + } ++ free(key); + } else { + MAPENT_SET_ROOT(me, NULL); + MAPENT_SET_PARENT(me, NULL); diff --git a/SOURCES/autofs-5.1.8-remove-nonstrict-parameter-from-tree_mapent_umount_offsets.patch b/SOURCES/autofs-5.1.8-remove-nonstrict-parameter-from-tree_mapent_umount_offsets.patch new file mode 100644 index 0000000..c1edf25 --- /dev/null +++ b/SOURCES/autofs-5.1.8-remove-nonstrict-parameter-from-tree_mapent_umount_offsets.patch @@ -0,0 +1,77 @@ +autofs-5.1.8 - remove nonstrict parameter from tree_mapent_umount_offsets() + +From: Ian Kent + +The nonstrict parameter of tree_mapent_umount_offsets() ins't useful +because if a real mount at the base of a sub-tree fails to umount all +we can do is re-instate the offset mounts under it which must succeed +for the mount tree to remain useful. + +Signed-off-by: Ian Kent +--- + CHANGELOG | 1 + + daemon/automount.c | 2 +- + include/mounts.h | 2 +- + lib/mounts.c | 6 +++--- + 4 files changed, 6 insertions(+), 5 deletions(-) + +--- autofs-5.1.7.orig/CHANGELOG ++++ autofs-5.1.7/CHANGELOG +@@ -94,6 +94,7 @@ + - fix memory leak in xdr_exports(). + - avoid calling pthread_getspecific() with NULL key_thread_attempt_id. + - fix sysconf(3) return handling. ++- remove nonstrict parameter from tree_mapent_umount_offsets(). + + 25/01/2021 autofs-5.1.7 + - make bind mounts propagation slave by default. +--- autofs-5.1.7.orig/daemon/automount.c ++++ autofs-5.1.7/daemon/automount.c +@@ -554,7 +554,7 @@ static int umount_subtree_mounts(struct + struct mapent *tmp; + int ret; + +- ret = tree_mapent_umount_offsets(me, 1); ++ ret = tree_mapent_umount_offsets(me); + if (!ret) { + warn(ap->logopt, + "some offset mounts still present under %s", path); +--- autofs-5.1.7.orig/include/mounts.h ++++ autofs-5.1.7/include/mounts.h +@@ -182,7 +182,7 @@ int tree_mapent_add_node(struct mapent_c + int tree_mapent_delete_offsets(struct mapent_cache *mc, const char *key); + void tree_mapent_cleanup_offsets(struct mapent *oe); + int tree_mapent_mount_offsets(struct mapent *oe, int nonstrict); +-int tree_mapent_umount_offsets(struct mapent *oe, int nonstrict); ++int tree_mapent_umount_offsets(struct mapent *oe); + int unlink_mount_tree(struct autofs_point *ap, const char *mp); + void free_mnt_list(struct mnt_list *list); + int is_mounted(const char *mp, unsigned int type); +--- autofs-5.1.7.orig/lib/mounts.c ++++ autofs-5.1.7/lib/mounts.c +@@ -1843,7 +1843,7 @@ static int tree_mapent_umount_offset(str + * Check for and umount subtree offsets resulting from + * nonstrict mount fail. + */ +- ret = tree_mapent_umount_offsets(oe, ctxt->strict); ++ ret = tree_mapent_umount_offsets(oe); + if (!ret) + return 0; + +@@ -1975,14 +1975,14 @@ static int tree_mapent_umount_offsets_wo + return tree_mapent_umount_offset(oe, ptr); + } + +-int tree_mapent_umount_offsets(struct mapent *oe, int nonstrict) ++int tree_mapent_umount_offsets(struct mapent *oe) + { + struct tree_node *base = MAPENT_NODE(oe); + struct autofs_point *ap = oe->mc->ap; + struct traverse_subtree_context ctxt = { + .ap = ap, + .base = base, +- .strict = !nonstrict, ++ .strict = 1, + }; + int ret; + diff --git a/SOURCES/autofs-5.1.8-simplify-cache_add-a-little.patch b/SOURCES/autofs-5.1.8-simplify-cache_add-a-little.patch new file mode 100644 index 0000000..034816d --- /dev/null +++ b/SOURCES/autofs-5.1.8-simplify-cache_add-a-little.patch @@ -0,0 +1,44 @@ +autofs-5.1.8 - simplify cache_add() a little + +From: Ian Kent + +If a map entry is being added to an existing hash chain there's an +unneccessarily complicted setting of ->next of the last entry. + +Just initialize the map entry ->next field instead and remove the +confusing assignment. + +Signed-off-by: Ian Kent +--- + CHANGELOG | 1 + + lib/cache.c | 2 +- + 2 files changed, 2 insertions(+), 1 deletion(-) + +--- autofs-5.1.7.orig/CHANGELOG ++++ autofs-5.1.7/CHANGELOG +@@ -89,6 +89,7 @@ + - fix nonstrict fail handling of last offset mount. + - dont fail on duplicate offset entry tree add. + - fix loop under run in cache_get_offset_parent(). ++- simplify cache_add() a little. + + 25/01/2021 autofs-5.1.7 + - make bind mounts propagation slave by default. +--- autofs-5.1.7.orig/lib/cache.c ++++ autofs-5.1.7/lib/cache.c +@@ -564,6 +564,7 @@ int cache_add(struct mapent_cache *mc, s + me->dev = (dev_t) -1; + me->ino = (ino_t) -1; + me->flags = 0; ++ me->next = NULL; + + /* + * We need to add to the end if values exist in order to +@@ -583,7 +584,6 @@ int cache_add(struct mapent_cache *mc, s + + existing = next; + } +- me->next = existing->next; + existing->next = me; + } + return CHE_OK; diff --git a/SPECS/autofs.spec b/SPECS/autofs.spec index b3bc052..fc83fb1 100644 --- a/SPECS/autofs.spec +++ b/SPECS/autofs.spec @@ -12,15 +12,15 @@ Summary: A tool for automatically mounting and unmounting filesystems Name: autofs Version: 5.1.7 -Release: 27%{?dist} +Release: 31%{?dist} Epoch: 1 License: GPLv2+ Source: https://www.kernel.org/pub/linux/daemons/autofs/v5/autofs-%{version}-2.tar.gz # patches 1 and 2 have been applied to the source tar to remove # lib/mount.x as it has an incompatible license. -Patch1: autofs-5.1.7-add-xdr_exports.patch -Patch2: autofs-5.1.7-remove-mount_x-and-rpcgen-dependencies.patch +#Patch1: autofs-5.1.7-add-xdr_exports.patch +#Patch2: autofs-5.1.7-remove-mount_x-and-rpcgen-dependencies.patch Patch3: autofs-5.1.7-dont-use-realloc-in-host-exports-list-processing.patch Patch4: autofs-5.1.7-use-sprintf-when-constructing-hosts-mapent.patch Patch5: autofs-5.1.7-fix-mnts_remove_amdmount-uses-wrong-list.patch @@ -107,6 +107,28 @@ Patch83: autofs-5.1.8-fix-fedfs-build-flags.patch Patch84: autofs-5.1.8-fix-set-open-file-limit.patch Patch85: autofs-5.1.8-improve-descriptor-open-error-reporting.patch +Patch86: autofs-5.1.8-fix-root-offset-error-handling.patch +Patch87: autofs-5.1.8-fix-fix-root-offset-error-handling.patch +Patch88: autofs-5.1.8-fix-nonstrict-fail-handling-of-last-offset-mount.patch +Patch89: autofs-5.1.8-dont-fail-on-duplicate-host-export-entry.patch +Patch90: autofs-5.1.8-fix-loop-under-run-in-cache_get_offset_parent.patch +Patch91: autofs-5.1.8-simplify-cache_add-a-little.patch +Patch92: autofs-5.1.8-fix-use-after-free-in-tree_mapent_delete_offset_tree.patch +Patch93: autofs-5.1.8-fix-memory-leak-in-xdr_exports.patch +Patch94: autofs-5.1.8-avoid-calling-pthread_getspecific-with-NULL-key_thread_attempt_id.patch +Patch95: autofs-5.1.8-fix-sysconf-return-handling.patch + +Patch96: autofs-5.1.8-remove-nonstrict-parameter-from-tree_mapent_umount_offsets.patch +Patch97: autofs-5.1.8-fix-handling-of-incorrect-return-from-umount_ent.patch + +Patch98: autofs-5.1.7-make-NFS-version-check-flags-consistent.patch +Patch99: autofs-5.1.7-refactor-get_nfs_info.patch +Patch100: autofs-5.1.7-also-require-TCP_REQUESTED-when-setting-NFS-port.patch +Patch101: autofs-5.1.8-bailout-on-rpc-systemerror.patch +Patch102: autofs-5.1.8-fix-nfsv4-only-mounts-should-not-use-rpcbind.patch + +Patch103: autofs-5.1.8-dont-use-initgroups-at-spawn.patch + %if %{with_systemd} BuildRequires: systemd-units BuildRequires: systemd-devel @@ -115,7 +137,7 @@ BuildRequires: gcc BuildRequires: autoconf, openldap-devel, bison, flex, libxml2-devel BuildRequires: cyrus-sasl-devel, openssl-devel module-init-tools util-linux BuildRequires: e2fsprogs libtirpc-devel libsss_autofs -BuildRequires: rpcgen pkgconfig krb5-devel +BuildRequires: pkgconfig krb5-devel BuildRequires: make Conflicts: cyrus-sasl-lib < 2.1.23-9 Requires: bash coreutils sed gawk grep module-init-tools /bin/ps @@ -259,6 +281,26 @@ echo %{version}-%{release} > .version %patch84 -p1 %patch85 -p1 +%patch86 -p1 +%patch87 -p1 +%patch88 -p1 +%patch89 -p1 +%patch90 -p1 +%patch91 -p1 +%patch92 -p1 +%patch93 -p1 +%patch94 -p1 +%patch95 -p1 +%patch96 -p1 +%patch97 -p1 +%patch98 -p1 +%patch99 -p1 +%patch100 -p1 +%patch101 -p1 +%patch102 -p1 + +%patch103 -p1 + %build LDFLAGS=-Wl,-z,now %configure \ @@ -366,6 +408,41 @@ fi %dir /etc/auto.master.d %changelog +* Mon May 30 2022 Ian Kent - 1:5.1.7-31 +- bz2087535 - libnss_sss: threads stuck at sss_nss_lock from initgroups + - dont use initgroups() at spawn. + - comment out Patch1 and Patch2 since they have been merged into + the distribution tar (and so are not applied). +- Resolves: rhbz#2087535 + +* Mon May 16 2022 Ian Kent - 1:5.1.7-30 +- bz2084108 - autofs is slow to mount when doing lookups returns multiple entries + - make NFS version check flags consistent. + - refactor get_nfs_info(). + - also require TCP_REQUESTED when setting NFS port. + - bailout on rpc systemerror. + - fix nfsv4 only mounts should not use rpcbind. + +* Fri May 13 2022 Ian Kent - 1:5.1.7-29 +- bz2056321 - autofs attempts unmount on directory in use + - remove nonstrict parameter from tree_mapent_umount_offsets(). + - fix handling of incorrect return from umount_ent(). +- Resolves: rhbz#2056321 + +* Wed May 11 2022 Ian Kent - 1:5.1.7-28 +- bz2056320 - Using -hosts option does not work in RHEL 9 + - fix root offset error handling. + - fix nonstrict fail handling of last offset mount. + - dont fail on duplicate offset entry tree add. + - fix loop under run in cache_get_offset_parent(). + - simplify cache_add() a little. + - fix use after free in tree_mapent_delete_offset_tree(). + - fix memory leak in xdr_exports(). + - avoid calling pthread_getspecific() with NULL key_thread_attempt_id. + - fix sysconf(3) return handling. + - remove rpcgen dependedncy, it hasn't been needed since rev 10. +- Related: rhbz#2056320 + * Sun Jan 09 2022 Ian Kent - 1:5.1.7-27 - bz2028746 - autofs service has not proper limits set to be able to handle many mounts