diff --git a/SOURCES/autofs-5.1.0-add-a-prefix-to-program-map-stdvars.patch b/SOURCES/autofs-5.1.0-add-a-prefix-to-program-map-stdvars.patch
new file mode 100644
index 0000000..cdccc46
--- /dev/null
+++ b/SOURCES/autofs-5.1.0-add-a-prefix-to-program-map-stdvars.patch
@@ -0,0 +1,216 @@
+autofs-5.1.0 - add a prefix to program map stdvars
+
+From: Ian Kent <ikent@redhat.com>
+
+When a program map uses an interpreted languages like python it's
+possible to load and execute arbitray code from a user home directory.
+This is because the standard environment variables are used to locate
+and load modules when using these languages.
+
+To avoid that we need to add a prefix to these environment names so
+they aren't used for this purpose. The prefix used is "AUTOFS_" and
+is not configurable.
+---
+ CHANGELOG | 1
+ include/mounts.h | 4 +-
+ lib/mounts.c | 84 +++++++++++++++++++++++++++++++++++++++--------
+ modules/lookup_program.c | 2 -
+ modules/parse_sun.c | 8 ++--
+ 5 files changed, 78 insertions(+), 21 deletions(-)
+
+--- autofs-5.0.7.orig/CHANGELOG
++++ autofs-5.0.7/CHANGELOG
+@@ -162,6 +162,7 @@
+ - make negative cache update consistent for all lookup modules.
+ - ensure negative cache isn't updated on remount.
+ - dont add wildcard to negative cache.
++- add a prefix to program map stdvars.
+
+ 25/07/2012 autofs-5.0.7
+ =======================
+--- autofs-5.0.7.orig/include/mounts.h
++++ autofs-5.0.7/include/mounts.h
+@@ -87,8 +87,8 @@ extern unsigned int nfs_mount_uses_strin
+
+ struct amd_entry;
+
+-struct substvar *addstdenv(struct substvar *sv);
+-struct substvar *removestdenv(struct substvar *sv);
++struct substvar *addstdenv(struct substvar *sv, const char *prefix);
++struct substvar *removestdenv(struct substvar *sv, const char *prefix);
+ void add_std_amd_vars(struct substvar *sv);
+ void remove_std_amd_vars(void);
+ struct amd_entry *new_amd_entry(const struct substvar *sv);
+--- autofs-5.0.7.orig/lib/mounts.c
++++ autofs-5.0.7/lib/mounts.c
+@@ -32,6 +32,7 @@
+
+ #define MAX_OPTIONS_LEN 80
+ #define MAX_MNT_NAME_LEN 30
++#define MAX_ENV_NAME 15
+
+ #define EBUFSIZ 1024
+
+@@ -328,7 +329,61 @@ int check_nfs_mount_version(struct nfs_m
+ }
+ #endif
+
+-struct substvar *addstdenv(struct substvar *sv)
++static char *set_env_name(const char *prefix, const char *name, char *buf)
++{
++ size_t len;
++
++ len = strlen(name);
++ if (prefix)
++ len += strlen(prefix);
++ len++;
++
++ if (len > MAX_ENV_NAME)
++ return NULL;
++
++ if (!prefix)
++ strcpy(buf, name);
++ else {
++ strcpy(buf, prefix);
++ strcat(buf, name);
++ }
++ return buf;
++}
++
++static struct substvar *do_macro_addvar(struct substvar *list,
++ const char *prefix,
++ const char *name,
++ const char *val)
++{
++ char buf[MAX_ENV_NAME + 1];
++ char *new;
++ size_t len;
++
++ new = set_env_name(prefix, name, buf);
++ if (new) {
++ len = strlen(new);
++ list = macro_addvar(list, new, len, val);
++ }
++ return list;
++}
++
++static struct substvar *do_macro_removevar(struct substvar *list,
++ const char *prefix,
++ const char *name)
++{
++ char buf[MAX_ENV_NAME + 1];
++ char *new;
++ size_t len;
++
++ new = set_env_name(prefix, name, buf);
++ if (new) {
++ len = strlen(new);
++ list = macro_removevar(list, new, len);
++ }
++ return list;
++}
++
++struct substvar *addstdenv(struct substvar *sv, const char *prefix)
+ {
+ struct substvar *list = sv;
+ struct thread_stdenv_vars *tsv;
+@@ -343,14 +398,14 @@ struct substvar *addstdenv(struct substv
+ num = (long) tsv->uid;
+ ret = sprintf(numbuf, "%ld", num);
+ if (ret > 0)
+- list = macro_addvar(list, "UID", 3, numbuf);
++ list = do_macro_addvar(list, prefix, "UID", numbuf);
+ num = (long) tsv->gid;
+ ret = sprintf(numbuf, "%ld", num);
+ if (ret > 0)
+- list = macro_addvar(list, "GID", 3, numbuf);
+- list = macro_addvar(list, "USER", 4, tsv->user);
+- list = macro_addvar(list, "GROUP", 5, tsv->group);
+- list = macro_addvar(list, "HOME", 4, tsv->home);
++ list = do_macro_addvar(list, prefix, "GID", numbuf);
++ list = do_macro_addvar(list, prefix, "USER", tsv->user);
++ list = do_macro_addvar(list, prefix, "GROUP", tsv->group);
++ list = do_macro_addvar(list, prefix, "HOME", tsv->home);
+ mv = macro_findvar(list, "HOST", 4);
+ if (mv) {
+ char *shost = strdup(mv->val);
+@@ -358,7 +413,8 @@ struct substvar *addstdenv(struct substv
+ char *dot = strchr(shost, '.');
+ if (dot)
+ *dot = '\0';
+- list = macro_addvar(list, "SHOST", 5, shost);
++ list = do_macro_addvar(list,
++ prefix, "SHOST", shost);
+ free(shost);
+ }
+ }
+@@ -366,16 +422,16 @@ struct substvar *addstdenv(struct substv
+ return list;
+ }
+
+-struct substvar *removestdenv(struct substvar *sv)
++struct substvar *removestdenv(struct substvar *sv, const char *prefix)
+ {
+ struct substvar *list = sv;
+
+- list = macro_removevar(list, "UID", 3);
+- list = macro_removevar(list, "USER", 4);
+- list = macro_removevar(list, "HOME", 4);
+- list = macro_removevar(list, "GID", 3);
+- list = macro_removevar(list, "GROUP", 5);
+- list = macro_removevar(list, "SHOST", 5);
++ list = do_macro_removevar(list, prefix, "UID");
++ list = do_macro_removevar(list, prefix, "USER");
++ list = do_macro_removevar(list, prefix, "HOME");
++ list = do_macro_removevar(list, prefix, "GID");
++ list = do_macro_removevar(list, prefix, "GROUP");
++ list = do_macro_removevar(list, prefix, "SHOST");
+ return list;
+ }
+
+--- autofs-5.0.7.orig/modules/lookup_program.c
++++ autofs-5.0.7/modules/lookup_program.c
+@@ -181,7 +181,7 @@ static char *lookup_one(struct autofs_po
+ if (ctxt->mapfmt && strcmp(ctxt->mapfmt, "MAPFMT_DEFAULT")) {
+ struct parse_context *pctxt = (struct parse_context *) ctxt->parse->context;
+ /* Add standard environment as seen by sun map parser */
+- pctxt->subst = addstdenv(pctxt->subst);
++ pctxt->subst = addstdenv(pctxt->subst, "AUTOFS_");
+ macro_setenv(pctxt->subst);
+ }
+ execl(ctxt->mapname, ctxt->mapname, name, NULL);
+--- autofs-5.0.7.orig/modules/parse_sun.c
++++ autofs-5.0.7/modules/parse_sun.c
+@@ -1214,12 +1214,12 @@ int parse_mount(struct autofs_point *ap,
+ pthread_setcancelstate(PTHREAD_CANCEL_DISABLE, &cur_state);
+ macro_lock();
+
+- ctxt->subst = addstdenv(ctxt->subst);
++ ctxt->subst = addstdenv(ctxt->subst, NULL);
+
+ mapent_len = expandsunent(mapent, NULL, name, ctxt->subst, slashify);
+ if (mapent_len == 0) {
+ error(ap->logopt, MODPREFIX "failed to expand map entry");
+- ctxt->subst = removestdenv(ctxt->subst);
++ ctxt->subst = removestdenv(ctxt->subst, NULL);
+ macro_unlock();
+ pthread_setcancelstate(cur_state, NULL);
+ return 1;
+@@ -1229,7 +1229,7 @@ int parse_mount(struct autofs_point *ap,
+ if (!pmapent) {
+ char *estr = strerror_r(errno, buf, MAX_ERR_BUF);
+ logerr(MODPREFIX "alloca: %s", estr);
+- ctxt->subst = removestdenv(ctxt->subst);
++ ctxt->subst = removestdenv(ctxt->subst, NULL);
+ macro_unlock();
+ pthread_setcancelstate(cur_state, NULL);
+ return 1;
+@@ -1237,7 +1237,7 @@ int parse_mount(struct autofs_point *ap,
+ pmapent[mapent_len] = '\0';
+
+ expandsunent(mapent, pmapent, name, ctxt->subst, slashify);
+- ctxt->subst = removestdenv(ctxt->subst);
++ ctxt->subst = removestdenv(ctxt->subst, NULL);
+
+ macro_unlock();
+ pthread_setcancelstate(cur_state, NULL);
diff --git a/SOURCES/autofs-5.1.0-add-config-option-to-force-use-of-program-map-stdvars.patch b/SOURCES/autofs-5.1.0-add-config-option-to-force-use-of-program-map-stdvars.patch
new file mode 100644
index 0000000..d1be23d
--- /dev/null
+++ b/SOURCES/autofs-5.1.0-add-config-option-to-force-use-of-program-map-stdvars.patch
@@ -0,0 +1,186 @@
+autofs-5.1.0 - add config option to force use of program map stdvars
+
+From: Ian Kent <ikent@redhat.com>
+
+Enabling the extended environment (including $HOME, for example) for
+program maps opens automount(8) to a privilege escalation.
+
+Rather than just removing the entended environment a configuration
+option is added to disable it by default so that those who wish to
+use it can do so if they wish.
+---
+ CHANGELOG | 1 +
+ include/defaults.h | 2 ++
+ lib/defaults.c | 12 ++++++++++++
+ man/autofs.5 | 5 +++++
+ man/autofs.conf.5.in | 9 +++++++++
+ modules/lookup_program.c | 14 +++++++++++++-
+ redhat/autofs.conf.default.in | 11 +++++++++++
+ samples/autofs.conf.default.in | 11 +++++++++++
+ 8 files changed, 64 insertions(+), 1 deletion(-)
+
+--- autofs-5.0.7.orig/CHANGELOG
++++ autofs-5.0.7/CHANGELOG
+@@ -163,6 +163,7 @@
+ - ensure negative cache isn't updated on remount.
+ - dont add wildcard to negative cache.
+ - add a prefix to program map stdvars.
++- add config option to force use of program map stdvars.
+
+ 25/07/2012 autofs-5.0.7
+ =======================
+--- autofs-5.0.7.orig/include/defaults.h
++++ autofs-5.0.7/include/defaults.h
+@@ -30,6 +30,7 @@
+ #define DEFAULT_UMOUNT_WAIT "12"
+ #define DEFAULT_BROWSE_MODE "1"
+ #define DEFAULT_LOGGING "none"
++#define DEFAULT_FORCE_STD_PROG_MAP_ENV "0"
+
+ #define DEFAULT_LDAP_TIMEOUT "-1"
+ #define DEFAULT_LDAP_NETWORK_TIMEOUT "8"
+@@ -151,6 +152,7 @@ unsigned int defaults_get_timeout(void);
+ unsigned int defaults_get_negative_timeout(void);
+ unsigned int defaults_get_browse_mode(void);
+ unsigned int defaults_get_logging(void);
++unsigned int defaults_force_std_prog_map_env(void);
+ const char *defaults_get_ldap_server(void);
+ unsigned int defaults_get_ldap_timeout(void);
+ unsigned int defaults_get_ldap_network_timeout(void);
+--- autofs-5.0.7.orig/lib/defaults.c
++++ autofs-5.0.7/lib/defaults.c
+@@ -50,6 +50,7 @@
+ #define NAME_NEGATIVE_TIMEOUT "negative_timeout"
+ #define NAME_BROWSE_MODE "browse_mode"
+ #define NAME_LOGGING "logging"
++#define NAME_FORCE_STD_PROG_MAP_ENV "force_standard_program_map_env"
+
+ #define NAME_LDAP_URI "ldap_uri"
+ #define NAME_LDAP_TIMEOUT "ldap_timeout"
+@@ -1589,6 +1590,17 @@ unsigned int defaults_get_logging(void)
+ return logging;
+ }
+
++unsigned int defaults_force_std_prog_map_env(void)
++{
++ int res;
++
++ res = conf_get_yesno(autofs_gbl_sec, NAME_FORCE_STD_PROG_MAP_ENV);
++ if (res < 0)
++ res = atoi(DEFAULT_FORCE_STD_PROG_MAP_ENV);
++
++ return res;
++}
++
+ unsigned int defaults_get_ldap_timeout(void)
+ {
+ int res;
+--- autofs-5.0.7.orig/man/autofs.5
++++ autofs-5.0.7/man/autofs.5
+@@ -190,6 +190,11 @@ SHOST Short hostname (domain part remove
+ .fi
+ .RE
+ .sp
++If a program map is used these standard environment variables will have
++a prefix of "AUTOFS_" to prevent interpreted languages like python from
++being able to load and execute arbitray code from a user home directory.
++.RE
++.sp
+ Additional entries can be defined with the -Dvariable=Value map-option to
+ .BR automount (8).
+ .SS Executable Maps
+--- autofs-5.0.7.orig/man/autofs.conf.5.in
++++ autofs-5.0.7/man/autofs.conf.5.in
+@@ -71,6 +71,15 @@ options replace the global options (prog
+ .B logging
+ .br
+ set default log level "none", "verbose" or "debug" (program default "none").
++.TP
++.B force_standard_program_map_env
++.br
++override the use of a prefix with standard environment variables when a
++program map is executed. Since program maps are run as the privileded
++user setting these standard environment variables opens automount(8) to
++potential user privilege escalation when the program map is written in a
++language that can load components from, for example, a user home directory
++(program default "no").
+ .SS LDAP Configuration
+ .P
+ Configuration settings available are:
+--- autofs-5.0.7.orig/modules/lookup_program.c
++++ autofs-5.0.7/modules/lookup_program.c
+@@ -129,6 +129,7 @@ static char *lookup_one(struct autofs_po
+ int distance;
+ int alloci = 1;
+ int status;
++ char *prefix;
+
+ mapent = (char *) malloc(MAPENT_MAX_LEN + 1);
+ if (!mapent) {
+@@ -174,6 +175,17 @@ static char *lookup_one(struct autofs_po
+ warn(ap->logopt,
+ MODPREFIX "failed to set PWD to %s for map %s",
+ ap->path, ctxt->mapname);
++
++ /*
++ * By default use a prefix with standard environment
++ * variables to prevent system subversion by interpreted
++ * languages.
++ */
++ if (defaults_force_std_prog_map_env())
++ prefix = NULL;
++ else
++ prefix = "AUTOFS_";
++
+ /*
+ * MAPFMT_DEFAULT must be "sun" for ->parse_init() to have setup
+ * the macro table.
+@@ -181,7 +193,7 @@ static char *lookup_one(struct autofs_po
+ if (ctxt->mapfmt && strcmp(ctxt->mapfmt, "MAPFMT_DEFAULT")) {
+ struct parse_context *pctxt = (struct parse_context *) ctxt->parse->context;
+ /* Add standard environment as seen by sun map parser */
+- pctxt->subst = addstdenv(pctxt->subst, "AUTOFS_");
++ pctxt->subst = addstdenv(pctxt->subst, prefix);
+ macro_setenv(pctxt->subst);
+ }
+ execl(ctxt->mapname, ctxt->mapname, name, NULL);
+--- autofs-5.0.7.orig/redhat/autofs.conf.default.in
++++ autofs-5.0.7/redhat/autofs.conf.default.in
+@@ -53,6 +53,17 @@ mount_nfs_default_protocol = 4
+ #
+ #logging = none
+ #
++# force_standard_program_map_env - disable the use of the "AUTOFS_"
++# prefix for standard environemt variables when
++# executing a program map. Since program maps
++# are run as the privileded user this opens
++# automount(8) to potential user privilege
++# escalation when the program map is written
++# in a language that can load components from,
++# for example, a user home directory.
++#
++# force_standard_program_map_env = no
++#
+ # Define base dn for map dn lookup.
+ #
+ # Define server URIs
+--- autofs-5.0.7.orig/samples/autofs.conf.default.in
++++ autofs-5.0.7/samples/autofs.conf.default.in
+@@ -52,6 +52,17 @@ browse_mode = no
+ #
+ #logging = none
+ #
++# force_standard_program_map_env - disable the use of the "AUTOFS_"
++# prefix for standard environemt variables when
++# executing a program map. Since program maps
++# are run as the privileded user this opens
++# automount(8) to potential user privilege
++# escalation when the program map is written
++# in a language that can load components from,
++# for example, a user home directory.
++#
++# force_standard_program_map_env = no
++#
+ # Define base dn for map dn lookup.
+ #
+ # Define server URIs
diff --git a/SOURCES/autofs-5.1.0-dont-add-wildcard-to-negative-cache.patch b/SOURCES/autofs-5.1.0-dont-add-wildcard-to-negative-cache.patch
new file mode 100644
index 0000000..5e9392f
--- /dev/null
+++ b/SOURCES/autofs-5.1.0-dont-add-wildcard-to-negative-cache.patch
@@ -0,0 +1,48 @@
+autofs-5.1.0 - dont add wildcard to negative cache
+
+From: Ian Kent <ikent@redhat.com>
+
+If the wilcard is added to the negative cache it prevents any
+further matching of the wildcard for the given map.
+---
+ CHANGELOG | 1 +
+ daemon/lookup.c | 4 ++++
+ lib/cache.c | 4 ++++
+ 3 files changed, 9 insertions(+)
+
+--- autofs-5.0.7.orig/CHANGELOG
++++ autofs-5.0.7/CHANGELOG
+@@ -161,6 +161,7 @@
+ - fix hosts map update on reload.
+ - make negative cache update consistent for all lookup modules.
+ - ensure negative cache isn't updated on remount.
++- dont add wildcard to negative cache.
+
+ 25/07/2012 autofs-5.0.7
+ =======================
+--- autofs-5.0.7.orig/daemon/lookup.c
++++ autofs-5.0.7/daemon/lookup.c
+@@ -1057,6 +1057,10 @@ static void update_negative_cache(struct
+ if (source && source->depth)
+ return;
+
++ /* Don't update the wildcard */
++ if (strlen(name) == 1 && *name == '*')
++ return;
++
+ /* Have we recorded the lookup fail for negative caching? */
+ me = lookup_source_mapent(ap, name, LKP_DISTINCT);
+ if (me)
+--- autofs-5.0.7.orig/lib/cache.c
++++ autofs-5.0.7/lib/cache.c
+@@ -762,6 +762,10 @@ void cache_update_negative(struct mapent
+ struct mapent *me;
+ int rv = CHE_OK;
+
++ /* Don't update the wildcard */
++ if (strlen(key) == 1 && *key == '*')
++ return;
++
+ me = cache_lookup_distinct(mc, key);
+ if (me)
+ rv = cache_push_mapent(me, NULL);
diff --git a/SOURCES/autofs-5.1.0-ensure-negative-cache-isnt-updated-on-remount.patch b/SOURCES/autofs-5.1.0-ensure-negative-cache-isnt-updated-on-remount.patch
new file mode 100644
index 0000000..baa753a
--- /dev/null
+++ b/SOURCES/autofs-5.1.0-ensure-negative-cache-isnt-updated-on-remount.patch
@@ -0,0 +1,47 @@
+autofs-5.1.0 - ensure negative cache isn't updated on remount
+
+From: Ian Kent <ikent@redhat.com>
+
+The negative cache shouldn't be updated when re-connecting at
+startup but a couple of lookup modules didn't check for this
+case.
+---
+ CHANGELOG | 1 +
+ modules/lookup_hosts.c | 3 +++
+ modules/lookup_program.c | 3 +++
+ 3 files changed, 7 insertions(+)
+
+--- autofs-5.0.7.orig/CHANGELOG
++++ autofs-5.0.7/CHANGELOG
+@@ -160,6 +160,7 @@
+ - fix typo in update_hosts_mounts().
+ - fix hosts map update on reload.
+ - make negative cache update consistent for all lookup modules.
++- ensure negative cache isn't updated on remount.
+
+ 25/07/2012 autofs-5.0.7
+ =======================
+--- autofs-5.0.7.orig/modules/lookup_hosts.c
++++ autofs-5.0.7/modules/lookup_hosts.c
+@@ -151,6 +151,9 @@ static int do_parse_mount(struct autofs_
+ if (ret) {
+ struct mapent_cache *mc = source->mc;
+
++ /* Don't update negative cache when re-connecting */
++ if (ap->flags & MOUNT_FLAG_REMOUNT)
++ return NSS_STATUS_TRYAGAIN;
+ cache_writelock(mc);
+ cache_update_negative(mc, source, name, ap->negative_timeout);
+ cache_unlock(mc);
+--- autofs-5.0.7.orig/modules/lookup_program.c
++++ autofs-5.0.7/modules/lookup_program.c
+@@ -622,6 +622,9 @@ out_free:
+ free(mapent);
+
+ if (ret) {
++ /* Don't update negative cache when re-connecting */
++ if (ap->flags & MOUNT_FLAG_REMOUNT)
++ return NSS_STATUS_TRYAGAIN;
+ cache_writelock(mc);
+ cache_update_negative(mc, source, name, ap->negative_timeout);
+ cache_unlock(mc);
diff --git a/SOURCES/autofs-5.1.0-fix-incorrect-check-in-parse_mount.patch b/SOURCES/autofs-5.1.0-fix-incorrect-check-in-parse_mount.patch
new file mode 100644
index 0000000..d1e52a4
--- /dev/null
+++ b/SOURCES/autofs-5.1.0-fix-incorrect-check-in-parse_mount.patch
@@ -0,0 +1,171 @@
+autofs-5.1.0 - fix incorrect check in parse_mount()
+
+From: Ian Kent <ikent@redhat.com>
+
+The change to allow the use of the hosts map in map entries introduced
+an invalid check into parse_mount(). The case attempts to check the
+contents of an options string that is always invalid for the return
+value case in which it is checked, not to mention the check itself is
+incorrect.
+---
+ CHANGELOG | 1
+ modules/parse_sun.c | 70 ++++++++++++++++++++++++++++++++--------------------
+ 2 files changed, 45 insertions(+), 26 deletions(-)
+
+--- autofs-5.0.7.orig/CHANGELOG
++++ autofs-5.0.7/CHANGELOG
+@@ -164,6 +164,7 @@
+ - dont add wildcard to negative cache.
+ - add a prefix to program map stdvars.
+ - add config option to force use of program map stdvars.
++- fix incorrect check in parse_mount().
+
+ 25/07/2012 autofs-5.0.7
+ =======================
+--- autofs-5.0.7.orig/modules/parse_sun.c
++++ autofs-5.0.7/modules/parse_sun.c
+@@ -756,6 +756,8 @@ update_offset_entry(struct autofs_point
+
+ mc = source->mc;
+
++ memset(m_mapent, 0, MAPENT_MAX_LEN + 1);
++
+ /* Internal hosts map may have loc == NULL */
+ if (!*path) {
+ error(ap->logopt,
+@@ -782,7 +784,7 @@ update_offset_entry(struct autofs_point
+ if (*myoptions)
+ m_options_len = strlen(myoptions) + 2;
+
+- m_mapent_len = strlen(loc);
++ m_mapent_len = loc ? strlen(loc) : 0;
+ if (m_mapent_len + m_options_len > MAPENT_MAX_LEN) {
+ error(ap->logopt, MODPREFIX "multi mount mapent too long");
+ return CHE_FAIL;
+@@ -793,10 +795,13 @@ update_offset_entry(struct autofs_point
+ strcat(m_mapent, myoptions);
+ if (loc) {
+ strcat(m_mapent, " ");
+- strcat(m_mapent, loc);
++ if (loc)
++ strcat(m_mapent, loc);
+ }
+- } else
+- strcpy(m_mapent, loc);
++ } else {
++ if (loc)
++ strcpy(m_mapent, loc);
++ }
+
+ ret = cache_update_offset(mc, name, m_key, m_mapent, age);
+ if (ret == CHE_DUPLICATE)
+@@ -923,9 +928,15 @@ static int parse_mapent(const char *ent,
+ l = chunklen(p, check_colon(p));
+ loc = dequote(p, l, logopt);
+ if (!loc) {
+- warn(logopt, MODPREFIX "possible missing location");
+- free(myoptions);
+- return 0;
++ if (strstr(myoptions, "fstype=autofs") &&
++ strstr(myoptions, "hosts")) {
++ warn(logopt, MODPREFIX "possible missing location");
++ free(myoptions);
++ return 0;
++ }
++ *options = myoptions;
++ *location = NULL;
++ return (p - ent);
+ }
+
+ /* Location can't begin with a '/' */
+@@ -953,10 +964,15 @@ static int parse_mapent(const char *ent,
+ l = chunklen(p, check_colon(p));
+ ent_chunk = dequote(p, l, logopt);
+ if (!ent_chunk) {
+- warn(logopt, MODPREFIX "null location or out of memory");
+- free(myoptions);
+- free(loc);
+- return 0;
++ if (strstr(myoptions, "fstype=autofs") &&
++ strstr(myoptions, "hosts")) {
++ warn(logopt, MODPREFIX
++ "null location or out of memory");
++ free(myoptions);
++ free(loc);
++ return 0;
++ }
++ goto next;
+ }
+
+ /* Location can't begin with a '/' */
+@@ -992,7 +1008,7 @@ static int parse_mapent(const char *ent,
+ strcat(loc, ent_chunk);
+
+ free(ent_chunk);
+-
++next:
+ p += l;
+ p = skipspace(p);
+ }
+@@ -1093,7 +1109,9 @@ static int mount_subtree(struct autofs_p
+ cache_delete_offset_list(me->mc, name);
+ return 1;
+ }
+- ro_len = strlen(ro_loc);
++ ro_len = 0;
++ if (ro_loc)
++ ro_len = strlen(ro_loc);
+
+ tmp = alloca(mnt_root_len + 2);
+ strcpy(tmp, mnt_root);
+@@ -1104,7 +1122,8 @@ static int mount_subtree(struct autofs_p
+ rv = sun_mount(ap, root, name, namelen, ro_loc, ro_len, myoptions, ctxt);
+
+ free(myoptions);
+- free(ro_loc);
++ if (ro_loc)
++ free(ro_loc);
+ }
+
+ if (ro && rv == 0) {
+@@ -1420,16 +1439,13 @@ int parse_mount(struct autofs_point *ap,
+
+ l = parse_mapent(p, options, &myoptions, &loc, ap->logopt);
+ if (!l) {
+- if (!(strstr(myoptions, "fstype=autofs") &&
+- strstr(myoptions, "hosts"))) {
+- cache_delete_offset_list(mc, name);
+- cache_multi_unlock(me);
+- cache_unlock(mc);
+- free(path);
+- free(options);
+- pthread_setcancelstate(cur_state, NULL);
+- return 1;
+- }
++ cache_delete_offset_list(mc, name);
++ cache_multi_unlock(me);
++ cache_unlock(mc);
++ free(path);
++ free(options);
++ pthread_setcancelstate(cur_state, NULL);
++ return 1;
+ }
+
+ p += l;
+@@ -1450,12 +1466,14 @@ int parse_mount(struct autofs_point *ap,
+ free(path);
+ free(options);
+ free(myoptions);
+- free(loc);
++ if (loc)
++ free(loc);
+ pthread_setcancelstate(cur_state, NULL);
+ return 1;
+ }
+
+- free(loc);
++ if (loc)
++ free(loc);
+ free(path);
+ free(myoptions);
+ } while (*p == '/' || (*p == '"' && *(p + 1) == '/'));
diff --git a/SOURCES/autofs-5.1.0-fix-macro-usage-in-lookup_program_c.patch b/SOURCES/autofs-5.1.0-fix-macro-usage-in-lookup_program_c.patch
new file mode 100644
index 0000000..7416db1
--- /dev/null
+++ b/SOURCES/autofs-5.1.0-fix-macro-usage-in-lookup_program_c.patch
@@ -0,0 +1,34 @@
+autofs-5.1.0 - fix macro usage in lookup_program.c
+
+From: Ian Kent <raven@themaw.net>
+
+The macro MAPFMT_DEFAULT is used incorrectly in a comparison in
+modules/lookup_program.c:lookup_one().
+
+Signed-off-by: Ian Kent <raven@themaw.net>
+---
+ CHANGELOG | 1 +
+ modules/lookup_program.c | 2 +-
+ 2 files changed, 2 insertions(+), 1 deletion(-)
+
+--- autofs-5.0.7.orig/CHANGELOG
++++ autofs-5.0.7/CHANGELOG
+@@ -166,6 +166,7 @@
+ - add config option to force use of program map stdvars.
+ - fix incorrect check in parse_mount().
+ - handle duplicates in multi mounts.
++- fix macro usage in lookup_program.c.
+
+ 25/07/2012 autofs-5.0.7
+ =======================
+--- autofs-5.0.7.orig/modules/lookup_program.c
++++ autofs-5.0.7/modules/lookup_program.c
+@@ -190,7 +190,7 @@ static char *lookup_one(struct autofs_po
+ * MAPFMT_DEFAULT must be "sun" for ->parse_init() to have setup
+ * the macro table.
+ */
+- if (ctxt->mapfmt && strcmp(ctxt->mapfmt, "MAPFMT_DEFAULT")) {
++ if (ctxt->mapfmt && !strcmp(ctxt->mapfmt, MAPFMT_DEFAULT)) {
+ struct parse_context *pctxt = (struct parse_context *) ctxt->parse->context;
+ /* Add standard environment as seen by sun map parser */
+ pctxt->subst = addstdenv(pctxt->subst, prefix);
diff --git a/SOURCES/autofs-5.1.0-fix-mount-as-you-go-offset-selection.patch b/SOURCES/autofs-5.1.0-fix-mount-as-you-go-offset-selection.patch
new file mode 100644
index 0000000..42989cf
--- /dev/null
+++ b/SOURCES/autofs-5.1.0-fix-mount-as-you-go-offset-selection.patch
@@ -0,0 +1,84 @@
+autofs-5.1.0 - fix mount as you go offset selection
+
+From: Ian Kent <raven@themaw.net>
+
+The function cache_get_offset() returns offsets to be mounted that
+are within the current current subtree for the mount-as-you-go
+functionality used for nested multi-mount map entries.
+
+However, the function was returning offsets from the subree below
+nesting points which prevented the mount at the containing nesting
+point from being mounted. This is because the kernel will see a
+non-empty directory and conclude it isn't a mount point.
+---
+ CHANGELOG | 1 +
+ lib/cache.c | 27 ++++++++++++++++++++++++---
+ 2 files changed, 25 insertions(+), 3 deletions(-)
+
+--- autofs-5.0.7.orig/CHANGELOG
++++ autofs-5.0.7/CHANGELOG
+@@ -168,6 +168,7 @@
+ - handle duplicates in multi mounts.
+ - fix macro usage in lookup_program.c.
+ - remove unused offset handling code.
++- fix mount as you go offset selection.
+
+ 25/07/2012 autofs-5.0.7
+ =======================
+--- autofs-5.0.7.orig/lib/cache.c
++++ autofs-5.0.7/lib/cache.c
+@@ -1183,7 +1183,6 @@ struct mapent *cache_enumerate(struct ma
+ * Get each offset from list head under prefix.
+ * Maintain traversal current position in pos for subsequent calls.
+ * Return each offset into offset.
+- * TODO: length check on offset.
+ */
+ /* cache must be read locked by caller */
+ char *cache_get_offset(const char *prefix, char *offset, int start,
+@@ -1212,6 +1211,9 @@ char *cache_get_offset(const char *prefi
+ continue;
+
+ if (!strncmp(prefix, offset_start, plen)) {
++ struct mapent *np = NULL;
++ char pe[PATH_MAX + 1];
++
+ /* "/" doesn't count for root offset */
+ if (plen == 1)
+ pstart = &offset_start[plen - 1];
+@@ -1224,7 +1226,24 @@ char *cache_get_offset(const char *prefi
+
+ /* get next offset */
+ pend = pstart;
+- while (*pend++) ;
++ while (*pend++) {
++ size_t nest_pt_offset;
++
++ if (*pend != '/')
++ continue;
++
++ nest_pt_offset = start + pend - pstart;
++ if (plen > 1)
++ nest_pt_offset += plen;
++ strcpy(pe, this->key);
++ pe[nest_pt_offset] = '\0';
++
++ np = cache_lookup_distinct(this->mc, pe);
++ if (np)
++ break;
++ }
++ if (np)
++ continue;
+ len = pend - pstart - 1;
+ strncpy(offset, pstart, len);
+ offset[len] ='\0';
+@@ -1257,7 +1276,9 @@ char *cache_get_offset(const char *prefi
+ break;
+
+ /* compare offset */
+- if (pstart[len] != '/' || strncmp(offset, pstart, len))
++ if (pstart[len] != '/' ||
++ strlen(pstart) != len ||
++ strncmp(offset, pstart, len))
+ break;
+
+ *pos = next;
diff --git a/SOURCES/autofs-5.1.0-handle-duplicates-in-multi-mounts.patch b/SOURCES/autofs-5.1.0-handle-duplicates-in-multi-mounts.patch
new file mode 100644
index 0000000..48bbd5f
--- /dev/null
+++ b/SOURCES/autofs-5.1.0-handle-duplicates-in-multi-mounts.patch
@@ -0,0 +1,76 @@
+autofs-5.1.0 - handle duplicates in multi mounts
+
+From: Ian Kent <ikent@redhat.com>
+
+Duplicate entries in multi-mounts are a syntax error however some
+other automount implementations allow them and attempt to continue
+with the mount anyway.
+
+This patch turns a detected duplicate error into a success return
+in order to continue.
+
+Since it can't be known if the first or the later entry is the
+correct one to use the later replaces the old unless a memory
+allocation error occures in which case the old entry is retained
+and the change is noted in the log.
+---
+ CHANGELOG | 1 +
+ lib/cache.c | 19 ++++++++++++++++++-
+ modules/parse_sun.c | 5 +++--
+ 3 files changed, 22 insertions(+), 3 deletions(-)
+
+--- autofs-5.0.7.orig/CHANGELOG
++++ autofs-5.0.7/CHANGELOG
+@@ -165,6 +165,7 @@
+ - add a prefix to program map stdvars.
+ - add config option to force use of program map stdvars.
+ - fix incorrect check in parse_mount().
++- handle duplicates in multi mounts.
+
+ 25/07/2012 autofs-5.0.7
+ =======================
+--- autofs-5.0.7.orig/lib/cache.c
++++ autofs-5.0.7/lib/cache.c
+@@ -733,8 +733,25 @@ int cache_update_offset(struct mapent_ca
+
+ me = cache_lookup_distinct(mc, key);
+ if (me && me->age == age) {
+- if (me == owner || strcmp(me->key, key) == 0)
++ if (me == owner || strcmp(me->key, key) == 0) {
++ char *pent;
++
++ warn(logopt,
++ "duplcate offset detected for key %s", me->key);
++
++ pent = malloc(strlen(mapent) + 1);
++ if (!pent)
++ warn(logopt,
++ "map entry not updated: %s", me->mapent);
++ else {
++ if (me->mapent)
++ free(me->mapent);
++ me->mapent = strcpy(pent, mapent);
++ warn(logopt,
++ "map entry updated with: %s", mapent);
++ }
+ return CHE_DUPLICATE;
++ }
+ }
+
+ ret = cache_update(mc, owner->source, key, mapent, age);
+--- autofs-5.0.7.orig/modules/parse_sun.c
++++ autofs-5.0.7/modules/parse_sun.c
+@@ -804,10 +804,11 @@ update_offset_entry(struct autofs_point
+ }
+
+ ret = cache_update_offset(mc, name, m_key, m_mapent, age);
+- if (ret == CHE_DUPLICATE)
++ if (ret == CHE_DUPLICATE) {
+ warn(ap->logopt, MODPREFIX
+ "syntax error or duplicate offset %s -> %s", path, loc);
+- else if (ret == CHE_FAIL)
++ ret = CHE_OK;
++ } else if (ret == CHE_FAIL)
+ debug(ap->logopt, MODPREFIX
+ "failed to update multi-mount offset %s -> %s", path, m_mapent);
+ else {
diff --git a/SOURCES/autofs-5.1.0-init-qdn-before-use.patch b/SOURCES/autofs-5.1.0-init-qdn-before-use.patch
new file mode 100644
index 0000000..ae83a4b
--- /dev/null
+++ b/SOURCES/autofs-5.1.0-init-qdn-before-use.patch
@@ -0,0 +1,31 @@
+autofs-5.1.0 - init qdn before use in get_query_dn()
+
+From: Ian Kent <ikent@redhat.com>
+
+Ensure qdn is initialized before use in case there's garbage in it.
+---
+ CHANGELOG | 1 +
+ modules/lookup_ldap.c | 2 +-
+ 2 files changed, 2 insertions(+), 1 deletion(-)
+
+--- autofs-5.0.7.orig/CHANGELOG
++++ autofs-5.0.7/CHANGELOG
+@@ -169,6 +169,7 @@
+ - fix macro usage in lookup_program.c.
+ - remove unused offset handling code.
+ - fix mount as you go offset selection.
++- init qdn before use in get_query_dn().
+
+ 25/07/2012 autofs-5.0.7
+ =======================
+--- autofs-5.0.7.orig/modules/lookup_ldap.c
++++ autofs-5.0.7/modules/lookup_ldap.c
+@@ -335,7 +335,7 @@ LDAP *init_ldap_connection(unsigned logo
+ static int get_query_dn(unsigned logopt, LDAP *ldap, struct lookup_context *ctxt, const char *class, const char *key)
+ {
+ char buf[MAX_ERR_BUF];
+- char *query, *dn, *qdn;
++ char *query, *dn, *qdn = NULL;
+ LDAPMessage *result = NULL, *e;
+ char *attrs[2];
+ struct berval **value;
diff --git a/SOURCES/autofs-5.1.0-make-negative-cache-update-consistent-for-all-lookup-modules.patch b/SOURCES/autofs-5.1.0-make-negative-cache-update-consistent-for-all-lookup-modules.patch
new file mode 100644
index 0000000..928c1ce
--- /dev/null
+++ b/SOURCES/autofs-5.1.0-make-negative-cache-update-consistent-for-all-lookup-modules.patch
@@ -0,0 +1,100 @@
+autofs-5.1.0 - make negative cache update consistent for all lookup modules
+
+From: Ian Kent <ikent@redhat.com>
+
+Use common function for negative cache update everywhere to ensure consistency.
+---
+ CHANGELOG | 1 +
+ modules/lookup_hosts.c | 14 +-------------
+ modules/lookup_nisplus.c | 13 +------------
+ modules/lookup_program.c | 14 +-------------
+ 4 files changed, 4 insertions(+), 38 deletions(-)
+
+--- autofs-5.0.7.orig/CHANGELOG
++++ autofs-5.0.7/CHANGELOG
+@@ -159,6 +159,7 @@
+ - fix fix master map type check.
+ - fix typo in update_hosts_mounts().
+ - fix hosts map update on reload.
++- make negative cache update consistent for all lookup modules.
+
+ 25/07/2012 autofs-5.0.7
+ =======================
+--- autofs-5.0.7.orig/modules/lookup_hosts.c
++++ autofs-5.0.7/modules/lookup_hosts.c
+@@ -149,22 +149,10 @@ static int do_parse_mount(struct autofs_
+ ret = ctxt->parse->parse_mount(ap, name, name_len,
+ mapent, ctxt->parse->context);
+ if (ret) {
+- time_t now = time(NULL);
+ struct mapent_cache *mc = source->mc;
+- struct mapent *me;
+- int rv = CHE_OK;
+
+ cache_writelock(mc);
+- me = cache_lookup_distinct(mc, name);
+- if (me)
+- rv = cache_push_mapent(me, NULL);
+- else
+- rv = cache_update(mc, source, name, NULL, now);
+- if (rv != CHE_FAIL) {
+- me = cache_lookup_distinct(mc, name);
+- if (me)
+- me->status = now + ap->negative_timeout;
+- }
++ cache_update_negative(mc, source, name, ap->negative_timeout);
+ cache_unlock(mc);
+ return NSS_STATUS_TRYAGAIN;
+ }
+--- autofs-5.0.7.orig/modules/lookup_nisplus.c
++++ autofs-5.0.7/modules/lookup_nisplus.c
+@@ -777,24 +777,13 @@ int lookup_mount(struct autofs_point *ap
+ ret = ctxt->parse->parse_mount(ap, key, key_len,
+ mapent, ctxt->parse->context);
+ if (ret) {
+- time_t now = time(NULL);
+- int rv = CHE_OK;
+-
+ free(mapent);
+
+ /* Don't update negative cache when re-connecting */
+ if (ap->flags & MOUNT_FLAG_REMOUNT)
+ return NSS_STATUS_TRYAGAIN;
+ cache_writelock(mc);
+- me = cache_lookup_distinct(mc, key);
+- if (me)
+- rv = cache_push_mapent(me, NULL);
+- else
+- rv = cache_update(mc, source, key, NULL, now);
+- if (rv != CHE_FAIL) {
+- me = cache_lookup_distinct(mc, key);
+- me->status = time(NULL) + ap->negative_timeout;
+- }
++ cache_update_negative(mc, source, key, ap->negative_timeout);
+ cache_unlock(mc);
+ return NSS_STATUS_TRYAGAIN;
+ }
+--- autofs-5.0.7.orig/modules/lookup_program.c
++++ autofs-5.0.7/modules/lookup_program.c
+@@ -622,20 +622,8 @@ out_free:
+ free(mapent);
+
+ if (ret) {
+- time_t now = time(NULL);
+- int rv = CHE_OK;
+-
+ cache_writelock(mc);
+- me = cache_lookup_distinct(mc, name);
+- if (me)
+- rv = cache_push_mapent(me, NULL);
+- else
+- rv = cache_update(mc, source, name, NULL, now);
+- if (rv != CHE_FAIL) {
+- me = cache_lookup_distinct(mc, name);
+- if (me)
+- me->status = now + ap->negative_timeout;
+- }
++ cache_update_negative(mc, source, name, ap->negative_timeout);
+ cache_unlock(mc);
+ return NSS_STATUS_TRYAGAIN;
+ }
diff --git a/SOURCES/autofs-5.1.0-remove-unused-offset-handling-code.patch b/SOURCES/autofs-5.1.0-remove-unused-offset-handling-code.patch
new file mode 100644
index 0000000..0af84f7
--- /dev/null
+++ b/SOURCES/autofs-5.1.0-remove-unused-offset-handling-code.patch
@@ -0,0 +1,157 @@
+autofs-5.1.0 - remove unused offset handling code
+
+From: Ian Kent <raven@themaw.net>
+
+Some offset handling functions were moved into the cache module
+a while ago and are now unused.
+---
+ CHANGELOG | 1
+ include/mounts.h | 8 ----
+ lib/mounts.c | 95 -------------------------------------------------------
+ 3 files changed, 1 insertion(+), 103 deletions(-)
+
+--- autofs-5.0.7.orig/CHANGELOG
++++ autofs-5.0.7/CHANGELOG
+@@ -167,6 +167,7 @@
+ - fix incorrect check in parse_mount().
+ - handle duplicates in multi mounts.
+ - fix macro usage in lookup_program.c.
++- remove unused offset handling code.
+
+ 25/07/2012 autofs-5.0.7
+ =======================
+--- autofs-5.0.7.orig/include/mounts.h
++++ autofs-5.0.7/include/mounts.h
+@@ -68,11 +68,6 @@ struct mnt_list {
+ struct list_head list;
+ struct list_head entries;
+ struct list_head sublist;
+- /*
+- * Offset mount handling ie. add_ordered_list
+- * and get_offset.
+- */
+- struct list_head ordered;
+ };
+
+
+@@ -109,9 +104,6 @@ void free_mnt_list(struct mnt_list *list
+ int contained_in_local_fs(const char *path);
+ int is_mounted(const char *table, const char *path, unsigned int type);
+ int has_fstab_option(const char *opt);
+-char *get_offset(const char *prefix, char *offset,
+- struct list_head *head, struct list_head **pos);
+-void add_ordered_list(struct mnt_list *ent, struct list_head *head);
+ void tree_free_mnt_tree(struct mnt_list *tree);
+ struct mnt_list *tree_make_mnt_tree(const char *table, const char *path);
+ int tree_get_mnt_list(struct mnt_list *mnts, struct list_head *list, const char *path, int include);
+--- autofs-5.0.7.orig/lib/mounts.c
++++ autofs-5.0.7/lib/mounts.c
+@@ -1090,100 +1090,6 @@ int has_fstab_option(const char *opt)
+ return ret;
+ }
+
+-char *get_offset(const char *prefix, char *offset,
+- struct list_head *head, struct list_head **pos)
+-{
+- struct list_head *next;
+- struct mnt_list *this;
+- size_t plen = strlen(prefix);
+- size_t len = 0;
+-
+- *offset = '\0';
+- next = *pos ? (*pos)->next : head->next;
+- while (next != head) {
+- char *pstart, *pend;
+-
+- this = list_entry(next, struct mnt_list, ordered);
+- *pos = next;
+- next = next->next;
+-
+- if (strlen(this->path) <= plen)
+- continue;
+-
+- if (!strncmp(prefix, this->path, plen)) {
+- pstart = &this->path[plen];
+-
+- /* not part of this sub-tree */
+- if (*pstart != '/')
+- continue;
+-
+- /* get next offset */
+- pend = pstart;
+- while (*pend++) ;
+- len = pend - pstart - 1;
+- strncpy(offset, pstart, len);
+- offset[len] ='\0';
+- break;
+- }
+- }
+-
+- while (next != head) {
+- char *pstart;
+-
+- this = list_entry(next, struct mnt_list, ordered);
+-
+- if (strlen(this->path) <= plen + len)
+- break;
+-
+- pstart = &this->path[plen];
+-
+- /* not part of this sub-tree */
+- if (*pstart != '/')
+- break;
+-
+- /* new offset */
+- if (!*(pstart + len + 1))
+- break;
+-
+- /* compare next offset */
+- if (pstart[len] != '/' || strncmp(offset, pstart, len))
+- break;
+-
+- *pos = next;
+- next = next->next;
+- }
+-
+- return *offset ? offset : NULL;
+-}
+-
+-void add_ordered_list(struct mnt_list *ent, struct list_head *head)
+-{
+- struct list_head *p;
+- struct mnt_list *this;
+-
+- list_for_each(p, head) {
+- size_t tlen;
+- int eq;
+-
+- this = list_entry(p, struct mnt_list, ordered);
+- tlen = strlen(this->path);
+-
+- eq = strncmp(this->path, ent->path, tlen);
+- if (!eq && tlen == strlen(ent->path))
+- return;
+-
+- if (eq > 0) {
+- INIT_LIST_HEAD(&ent->ordered);
+- list_add_tail(&ent->ordered, p);
+- return;
+- }
+- }
+- INIT_LIST_HEAD(&ent->ordered);
+- list_add_tail(&ent->ordered, p);
+-
+- return;
+-}
+-
+ /*
+ * Since we have to look at the entire mount tree for direct
+ * mounts (all mounts under "/") and we may have a large number
+@@ -1283,7 +1189,6 @@ struct mnt_list *tree_make_mnt_tree(cons
+ INIT_LIST_HEAD(&ent->list);
+ INIT_LIST_HEAD(&ent->entries);
+ INIT_LIST_HEAD(&ent->sublist);
+- INIT_LIST_HEAD(&ent->ordered);
+
+ ent->path = malloc(len + 1);
+ if (!ent->path) {
diff --git a/SOURCES/autofs-5.1.1-fix-direct-map-expire-not-set-for-initial-empty-map.patch b/SOURCES/autofs-5.1.1-fix-direct-map-expire-not-set-for-initial-empty-map.patch
new file mode 100644
index 0000000..392b238
--- /dev/null
+++ b/SOURCES/autofs-5.1.1-fix-direct-map-expire-not-set-for-initial-empty-map.patch
@@ -0,0 +1,52 @@
+autofs-5.1.1 - fix direct map expire not set for initial empty map
+
+From: Ian Kent <raven@themaw.net>
+
+If an empty direct map is present at startup the expire alarm can't be
+set because the expire run frequency isn't known. But if the map is
+re-read and is no longer empty the expire alarm wasn't being set.
+
+Fix suggested by xuw at redhat dot com, thanks.
+
+Signed-off-by: Ian Kent <raven@themaw.net>
+---
+ CHANGELOG | 1 +
+ daemon/state.c | 10 ++++++++++
+ 2 files changed, 11 insertions(+)
+
+--- autofs-5.0.7.orig/CHANGELOG
++++ autofs-5.0.7/CHANGELOG
+@@ -179,6 +179,7 @@
+ - make find_server() return a status.
+ - fix return handling of do_reconnect() in ldap module.
+ - fix direct mount stale instance flag reset.
++- fix direct map expire not set for initail empty map.
+
+ 25/07/2012 autofs-5.0.7
+ =======================
+--- autofs-5.0.7.orig/daemon/state.c
++++ autofs-5.0.7/daemon/state.c
+@@ -488,6 +488,7 @@ static void *do_readmap(void *arg)
+ status = lookup_ghost(ap, ap->path);
+ } else {
+ struct mapent *me;
++ unsigned int append_alarm = !ap->exp_runfreq;
+
+ mnts = tree_make_mnt_tree(_PROC_MOUNTS, "/");
+ pthread_cleanup_push(tree_mnts_cleanup, mnts);
+@@ -517,6 +518,15 @@ static void *do_readmap(void *arg)
+ map->stale = 0;
+ map = map->next;
+ }
++
++ /* If the direct mount map was empty at startup no expire
++ * alarm will have been added. So add it here if there are
++ * now map entries.
++ */
++ if (append_alarm && ap->exp_runfreq)
++ alarm_add(ap, ap->exp_runfreq +
++ rand() % ap->exp_runfreq);
++
+ pthread_cleanup_pop(1);
+ pthread_cleanup_pop(1);
+ pthread_cleanup_pop(1);
diff --git a/SOURCES/autofs-5.1.1-fix-direct-mount-stale-instance-flag-reset.patch b/SOURCES/autofs-5.1.1-fix-direct-mount-stale-instance-flag-reset.patch
new file mode 100644
index 0000000..3bcfb36
--- /dev/null
+++ b/SOURCES/autofs-5.1.1-fix-direct-mount-stale-instance-flag-reset.patch
@@ -0,0 +1,34 @@
+autofs-5.1.1 - fix direct mount stale instance flag reset
+
+From: Ian Kent <raven@themaw.net>
+
+When re-reading a direct map the stale map instance flag was not being
+reset. This caused the map to be seen as stale on subsequent lookups
+thereby triggering a map re-read.
+
+Signed-off-by: Ian Kent <raven@themaw.net>
+---
+ CHANGELOG | 1 +
+ daemon/state.c | 1 +
+ 2 files changed, 2 insertions(+)
+
+--- autofs-5.0.7.orig/CHANGELOG
++++ autofs-5.0.7/CHANGELOG
+@@ -178,6 +178,7 @@
+ - make find_dc_server() return a status.
+ - make find_server() return a status.
+ - fix return handling of do_reconnect() in ldap module.
++- fix direct mount stale instance flag reset.
+
+ 25/07/2012 autofs-5.0.7
+ =======================
+--- autofs-5.0.7.orig/daemon/state.c
++++ autofs-5.0.7/daemon/state.c
+@@ -513,6 +513,7 @@ static void *do_readmap(void *arg)
+ }
+ lookup_prune_one_cache(ap, map->mc, now);
+ pthread_cleanup_pop(1);
++ clear_stale_instances(map);
+ map->stale = 0;
+ map = map->next;
+ }
diff --git a/SOURCES/autofs-5.1.1-fix-left-mount-count-return.patch b/SOURCES/autofs-5.1.1-fix-left-mount-count-return.patch
new file mode 100644
index 0000000..0d0a01e
--- /dev/null
+++ b/SOURCES/autofs-5.1.1-fix-left-mount-count-return.patch
@@ -0,0 +1,37 @@
+autofs-5.1.1 - fix left mount count return from umount_multi_triggers()
+
+From: Xu Wang <xuw@redhat.com>
+
+If a umount of an NFS mount at the root of a multi-mount fails
+umount_multi_triggers() will return an zero (success) when it should
+return 1 (a fail). In this case do_expire_direct() will close the
+me->ioctlfd fd used for expires stopping further expires of the
+direct mount.
+
+Signed-off-by: Ian Kent <raven@themaw.net>
+---
+ CHANGELOG | 1 +
+ lib/mounts.c | 2 +-
+ 2 files changed, 2 insertions(+), 1 deletion(-)
+
+--- autofs-5.0.7.orig/CHANGELOG
++++ autofs-5.0.7/CHANGELOG
+@@ -170,6 +170,7 @@
+ - remove unused offset handling code.
+ - fix mount as you go offset selection.
+ - init qdn before use in get_query_dn().
++- fix left mount count return from umount_multi_triggers().
+
+ 25/07/2012 autofs-5.0.7
+ =======================
+--- autofs-5.0.7.orig/lib/mounts.c
++++ autofs-5.0.7/lib/mounts.c
+@@ -2130,7 +2130,7 @@ int umount_multi_triggers(struct autofs_
+ if (mount_multi_triggers(ap, me, root, strlen(root), "/") < 0)
+ warn(ap->logopt,
+ "failed to remount offset triggers");
+- return left++;
++ return ++left;
+ }
+ }
+
diff --git a/SOURCES/autofs-5.1.1-fix-out-of-order-call-in-program-map-lookup.patch b/SOURCES/autofs-5.1.1-fix-out-of-order-call-in-program-map-lookup.patch
new file mode 100644
index 0000000..b2b9a5b
--- /dev/null
+++ b/SOURCES/autofs-5.1.1-fix-out-of-order-call-in-program-map-lookup.patch
@@ -0,0 +1,65 @@
+autofs-5.1.1 - fix out of order call in program map lookup
+
+From: Ian Kent <raven@themaw.net>
+
+Commit 91e42e58b4 fixed a problem with program map environment variable
+naming and commit 743deb0e4e added a configuration option to force use
+of the old environment names for those who need it and are sure it is
+safe to continue to use them.
+
+But the call to get the configuration entry was placed after a fork()
+so the state of the mutex used when querying the configuration is
+undefined and can lead to a deadlock.
+
+Signed-off-by: Ian Kent <raven@themaw.net>
+---
+ CHANGELOG | 1 +
+ modules/lookup_program.c | 20 ++++++++++----------
+ 2 files changed, 11 insertions(+), 10 deletions(-)
+
+--- autofs-5.0.7.orig/CHANGELOG
++++ autofs-5.0.7/CHANGELOG
+@@ -181,6 +181,7 @@
+ - fix direct mount stale instance flag reset.
+ - fix direct map expire not set for initail empty map.
+ - update map_hash_table_size description.
++- fix out of order call in program map lookup.
+
+ 25/07/2012 autofs-5.0.7
+ =======================
+--- autofs-5.0.7.orig/modules/lookup_program.c
++++ autofs-5.0.7/modules/lookup_program.c
+@@ -139,6 +139,16 @@ static char *lookup_one(struct autofs_po
+ }
+
+ /*
++ * By default use a prefix with standard environment
++ * variables to prevent system subversion by interpreted
++ * languages.
++ */
++ if (defaults_force_std_prog_map_env())
++ prefix = NULL;
++ else
++ prefix = "AUTOFS_";
++
++ /*
+ * We don't use popen because we don't want to run /bin/sh plus we
+ * want to send stderr to the syslog, and we don't use spawnl()
+ * because we need the pipe hooks
+@@ -177,16 +187,6 @@ static char *lookup_one(struct autofs_po
+ ap->path, ctxt->mapname);
+
+ /*
+- * By default use a prefix with standard environment
+- * variables to prevent system subversion by interpreted
+- * languages.
+- */
+- if (defaults_force_std_prog_map_env())
+- prefix = NULL;
+- else
+- prefix = "AUTOFS_";
+-
+- /*
+ * MAPFMT_DEFAULT must be "sun" for ->parse_init() to have setup
+ * the macro table.
+ */
diff --git a/SOURCES/autofs-5.1.1-fix-return-handling-in-sss-lookup-module.patch b/SOURCES/autofs-5.1.1-fix-return-handling-in-sss-lookup-module.patch
new file mode 100644
index 0000000..fefa268
--- /dev/null
+++ b/SOURCES/autofs-5.1.1-fix-return-handling-in-sss-lookup-module.patch
@@ -0,0 +1,94 @@
+autofs-5.1.1 - fix return handling in sss lookup module
+
+From: Ian Kent <raven@themaw.net>
+
+In the sss lookup module some of the calls don't distinguish between
+no entry found and service unavailable.
+
+If service unavailable gets returned from a master map read it results
+in autofs not updating the mounts. A notfound return doesn't because it
+indicates the map doesn't exist so updating the mounts isn't a problem
+as it can be when the source is unavailable.
+
+Signed-off-by: Ian Kent <raven@themaw.net>
+---
+ CHANGELOG | 1 +
+ modules/lookup_sss.c | 24 +++++++++++++++++-------
+ 2 files changed, 18 insertions(+), 7 deletions(-)
+
+--- autofs-5.0.7.orig/CHANGELOG
++++ autofs-5.0.7/CHANGELOG
+@@ -171,6 +171,7 @@
+ - fix mount as you go offset selection.
+ - init qdn before use in get_query_dn().
+ - fix left mount count return from umount_multi_triggers().
++- fix return handling in sss lookup module.
+
+ 25/07/2012 autofs-5.0.7
+ =======================
+--- autofs-5.0.7.orig/modules/lookup_sss.c
++++ autofs-5.0.7/modules/lookup_sss.c
+@@ -148,9 +148,8 @@ static int setautomntent(unsigned int lo
+ error(logopt, MODPREFIX "setautomntent: %s", estr);
+ if (*sss_ctxt)
+ free(*sss_ctxt);
+- return 0;
+ }
+- return 1;
++ return ret;
+ }
+
+ static int endautomntent(unsigned int logopt,
+@@ -161,9 +160,8 @@ static int endautomntent(unsigned int lo
+ char buf[MAX_ERR_BUF];
+ char *estr = strerror_r(ret, buf, MAX_ERR_BUF);
+ error(logopt, MODPREFIX "endautomntent: %s", estr);
+- return 0;
+ }
+- return 1;
++ return ret;
+ }
+
+ int lookup_read_master(struct master *master, time_t age, void *context)
+@@ -180,8 +178,12 @@ int lookup_read_master(struct master *ma
+ char *value = NULL;
+ int count, ret;
+
+- if (!setautomntent(logopt, ctxt, ctxt->mapname, &sss_ctxt))
++ ret = setautomntent(logopt, ctxt, ctxt->mapname, &sss_ctxt);
++ if (ret) {
++ if (ret == ENOENT)
++ return NSS_STATUS_NOTFOUND;
+ return NSS_STATUS_UNAVAIL;
++ }
+
+ count = 0;
+ while (1) {
+@@ -280,8 +282,12 @@ int lookup_read_map(struct autofs_point
+ return NSS_STATUS_SUCCESS;
+ }
+
+- if (!setautomntent(ap->logopt, ctxt, ctxt->mapname, &sss_ctxt))
++ ret = setautomntent(ap->logopt, ctxt, ctxt->mapname, &sss_ctxt);
++ if (ret) {
++ if (ret == ENOENT)
++ return NSS_STATUS_NOTFOUND;
+ return NSS_STATUS_UNAVAIL;
++ }
+
+ count = 0;
+ while (1) {
+@@ -386,8 +392,12 @@ static int lookup_one(struct autofs_poin
+
+ mc = source->mc;
+
+- if (!setautomntent(ap->logopt, ctxt, ctxt->mapname, &sss_ctxt))
++ ret = setautomntent(ap->logopt, ctxt, ctxt->mapname, &sss_ctxt);
++ if (ret) {
++ if (ret == ENOENT)
++ return NSS_STATUS_NOTFOUND;
+ return NSS_STATUS_UNAVAIL;
++ }
+
+ ret = ctxt->getautomntbyname_r(qKey, &value, sss_ctxt);
+ if (ret && ret != ENOENT) {
diff --git a/SOURCES/autofs-5.1.1-fix-return-handling-of-do_reconnect-in-ldap-module.patch b/SOURCES/autofs-5.1.1-fix-return-handling-of-do_reconnect-in-ldap-module.patch
new file mode 100644
index 0000000..6dd78d6
--- /dev/null
+++ b/SOURCES/autofs-5.1.1-fix-return-handling-of-do_reconnect-in-ldap-module.patch
@@ -0,0 +1,204 @@
+autofs-5.1.1 - fix return handling of do_reconnect() in ldap module
+
+From: Ian Kent <raven@themaw.net>
+
+In the ldap lookup module the do_reconnect() call doesn't distinguish
+between no entry found and service unavailable.
+
+If service unavailable gets returned from a master map read it results
+in autofs not updating the mounts. A notfound return doesn't because it
+indicates the map doesn't exist so updating the mounts isn't a problem
+as it can be when the source is unavailable.
+
+Finally make do_reconnect() return a status instead of an LDAP handle
+and pass back the LDAP handle via a function parameter.
+
+Signed-off-by: Ian Kent <raven@themaw.net>
+---
+ CHANGELOG | 1
+ modules/lookup_ldap.c | 78 ++++++++++++++++++++++++++++----------------------
+ 2 files changed, 46 insertions(+), 33 deletions(-)
+
+--- autofs-5.0.7.orig/CHANGELOG
++++ autofs-5.0.7/CHANGELOG
+@@ -177,6 +177,7 @@
+ - make connect_to_server() return a status.
+ - make find_dc_server() return a status.
+ - make find_server() return a status.
++- fix return handling of do_reconnect() in ldap module.
+
+ 25/07/2012 autofs-5.0.7
+ =======================
+--- autofs-5.0.7.orig/modules/lookup_ldap.c
++++ autofs-5.0.7/modules/lookup_ldap.c
+@@ -961,31 +961,33 @@ static int find_server(unsigned logopt,
+ return ret;
+ }
+
+-static LDAP *do_reconnect(unsigned logopt, struct lookup_context *ctxt)
++static int do_reconnect(unsigned logopt,
++ LDAP **ldap, struct lookup_context *ctxt)
+ {
+- LDAP *ldap = NULL;
+- int ret;
++ int ret = NSS_STATUS_UNAVAIL;
++ int dcrv = NSS_STATUS_SUCCESS;
++ int rv = NSS_STATUS_SUCCESS;
+
+ if (ctxt->server || !ctxt->uris) {
+- ret = do_connect(logopt, &ldap, ctxt->server, ctxt);
++ ret = do_connect(logopt, ldap, ctxt->server, ctxt);
+ #ifdef WITH_SASL
+ /* Dispose of the sasl authentication connection and try again. */
+- if (ret != NSS_STATUS_SUCCESS &&
+- ctxt->auth_required & LDAP_NEED_AUTH) {
++ if (ctxt->auth_required & LDAP_NEED_AUTH &&
++ ret != NSS_STATUS_SUCCESS && ret != NSS_STATUS_NOTFOUND) {
+ ldapinit_mutex_lock();
+ autofs_sasl_dispose(ctxt);
+ ldapinit_mutex_unlock();
+- ret = connect_to_server(logopt, &ldap,
++ ret = connect_to_server(logopt, ldap,
+ ctxt->server, ctxt);
+ }
+ #endif
+- return ldap;
++ return ret;
+ }
+
+ if (ctxt->dclist) {
+- ret = find_dc_server(logopt, &ldap, ctxt->dclist->uri, ctxt);
+- if (ret == NSS_STATUS_SUCCESS)
+- return ldap;
++ dcrv = find_dc_server(logopt, ldap, ctxt->dclist->uri, ctxt);
++ if (dcrv == NSS_STATUS_SUCCESS)
++ return dcrv;
+ }
+
+ uris_mutex_lock(ctxt);
+@@ -1004,22 +1006,22 @@ static LDAP *do_reconnect(unsigned logop
+ if (!ctxt->uri)
+ goto find_server;
+
+- ret = do_connect(logopt, &ldap, ctxt->uri->uri, ctxt);
++ rv = do_connect(logopt, ldap, ctxt->uri->uri, ctxt);
+ #ifdef WITH_SASL
+ /*
+ * Dispose of the sasl authentication connection and try the
+ * current server again before trying other servers in the list.
+ */
+- if (ret != NSS_STATUS_SUCCESS &&
+- ctxt->auth_required & LDAP_NEED_AUTH) {
++ if (ctxt->auth_required & LDAP_NEED_AUTH &&
++ rv != NSS_STATUS_SUCCESS && rv != NSS_STATUS_NOTFOUND) {
+ ldapinit_mutex_lock();
+ autofs_sasl_dispose(ctxt);
+ ldapinit_mutex_unlock();
+- ret = connect_to_server(logopt, &ldap, ctxt->uri->uri, ctxt);
++ rv = connect_to_server(logopt, ldap, ctxt->uri->uri, ctxt);
+ }
+ #endif
+- if (ldap)
+- return ldap;
++ if (rv == NSS_STATUS_SUCCESS)
++ return rv;
+
+ /* Failed to connect, try to find a new server */
+
+@@ -1031,11 +1033,16 @@ find_server:
+ #endif
+
+ /* Current server failed, try the rest or dc connection */
+- ret = find_server(logopt, &ldap, ctxt);
+- if (ret != NSS_STATUS_SUCCESS)
++ ret = find_server(logopt, ldap, ctxt);
++ if (ret != NSS_STATUS_SUCCESS) {
++ if (ret == NSS_STATUS_NOTFOUND ||
++ dcrv == NSS_STATUS_NOTFOUND ||
++ rv == NSS_STATUS_NOTFOUND)
++ ret = NSS_STATUS_NOTFOUND;
+ error(logopt, MODPREFIX "failed to find available server");
++ }
+
+- return ldap;
++ return ret;
+ }
+
+ int get_property(unsigned logopt, xmlNodePtr node, const char *prop, char **value)
+@@ -1841,12 +1848,12 @@ int lookup_read_master(struct master *ma
+ char **values = NULL;
+ char *attrs[3];
+ int scope = LDAP_SCOPE_SUBTREE;
+- LDAP *ldap;
++ LDAP *ldap = NULL;
+
+ /* Initialize the LDAP context. */
+- ldap = do_reconnect(logopt, ctxt);
+- if (!ldap)
+- return NSS_STATUS_UNAVAIL;
++ rv = do_reconnect(logopt, &ldap, ctxt);
++ if (rv)
++ return rv;
+
+ class = ctxt->schema->entry_class;
+ entry = ctxt->schema->entry_attr;
+@@ -2754,9 +2761,10 @@ static int read_one_map(struct autofs_po
+ sp.age = age;
+
+ /* Initialize the LDAP context. */
+- sp.ldap = do_reconnect(ap->logopt, ctxt);
+- if (!sp.ldap)
+- return NSS_STATUS_UNAVAIL;
++ sp.ldap = NULL;
++ rv = do_reconnect(ap->logopt, &sp.ldap, ctxt);
++ if (rv)
++ return rv;
+
+ class = ctxt->schema->entry_class;
+ entry = ctxt->schema->entry_attr;
+@@ -2908,7 +2916,7 @@ static int lookup_one(struct autofs_poin
+ struct berval **bvValues;
+ char *attrs[3];
+ int scope = LDAP_SCOPE_SUBTREE;
+- LDAP *ldap;
++ LDAP *ldap = NULL;
+ struct mapent *we;
+ unsigned int wild = 0;
+ int ret = CHE_MISSING;
+@@ -2921,9 +2929,11 @@ static int lookup_one(struct autofs_poin
+ }
+
+ /* Initialize the LDAP context. */
+- ldap = do_reconnect(ap->logopt, ctxt);
+- if (!ldap)
++ rv = do_reconnect(ap->logopt, &ldap, ctxt);
++ if (rv == NSS_STATUS_UNAVAIL)
+ return CHE_UNAVAIL;
++ if (rv == NSS_STATUS_NOTFOUND)
++ return ret;
+
+ class = ctxt->schema->entry_class;
+ entry = ctxt->schema->entry_attr;
+@@ -3252,7 +3262,7 @@ static int lookup_one_amd(struct autofs_
+ struct lookup_context *ctxt)
+ {
+ struct mapent_cache *mc = source->mc;
+- LDAP *ldap;
++ LDAP *ldap = NULL;
+ LDAPMessage *result = NULL, *e;
+ char *query;
+ int scope = LDAP_SCOPE_SUBTREE;
+@@ -3271,9 +3281,11 @@ static int lookup_one_amd(struct autofs_
+ }
+
+ /* Initialize the LDAP context. */
+- ldap = do_reconnect(ap->logopt, ctxt);
+- if (!ldap)
++ rv = do_reconnect(ap->logopt, &ldap, ctxt);
++ if (rv == NSS_STATUS_UNAVAIL)
+ return CHE_UNAVAIL;
++ if (rv == NSS_STATUS_NOTFOUND)
++ return ret;
+
+ map = ctxt->schema->map_attr;
+ class = ctxt->schema->entry_class;
diff --git a/SOURCES/autofs-5.1.1-make-connect_to_server-return-a-status.patch b/SOURCES/autofs-5.1.1-make-connect_to_server-return-a-status.patch
new file mode 100644
index 0000000..786b5db
--- /dev/null
+++ b/SOURCES/autofs-5.1.1-make-connect_to_server-return-a-status.patch
@@ -0,0 +1,111 @@
+autofs-5.1.1 - make connect_to_server() return a status
+
+From: Ian Kent <raven@themaw.net>
+
+In the ldap lookup module the do_reconnect() call doesn't distinguish
+between no entry found and service unavailable.
+
+If service unavailable gets returned from a master map read it results
+in autofs not updating the mounts. A notfound return doesn't because it
+indicates the map doesn't exist so updating the mounts isn't a problem
+as it can be when the source is unavailable.
+
+Next step in the update of do_reconnect() is to make connect_to_server()
+return a status instead of an LDAP handle and pass back the LDAP handle
+via a function parameter.
+
+Signed-off-by: Ian Kent <raven@themaw.net>
+---
+ CHANGELOG | 1 +
+ modules/lookup_ldap.c | 25 ++++++++++++++-----------
+ 2 files changed, 15 insertions(+), 11 deletions(-)
+
+--- autofs-5.0.7.orig/CHANGELOG
++++ autofs-5.0.7/CHANGELOG
+@@ -174,6 +174,7 @@
+ - fix return handling in sss lookup module.
+ - move query dn calculation from do_bind() to do_connect().
+ - make do_connect() return a status.
++- make connect_to_server() return a status.
+
+ 25/07/2012 autofs-5.0.7
+ =======================
+--- autofs-5.0.7.orig/modules/lookup_ldap.c
++++ autofs-5.0.7/modules/lookup_ldap.c
+@@ -824,20 +824,19 @@ next:
+ return timestamp;
+ }
+
+-static LDAP *connect_to_server(unsigned logopt, const char *uri, struct lookup_context *ctxt)
++static int connect_to_server(unsigned logopt, LDAP **ldap,
++ const char *uri, struct lookup_context *ctxt)
+ {
+- LDAP *ldap;
+ int ret;
+
+- ret = do_connect(logopt, &ldap, uri, ctxt);
++ ret = do_connect(logopt, ldap, uri, ctxt);
+ if (ret != NSS_STATUS_SUCCESS) {
+ warn(logopt,
+ MODPREFIX "couldn't connect to server %s",
+ uri ? uri : "default");
+- return NULL;
+ }
+
+- return ldap;
++ return ret;
+ }
+
+ static LDAP *find_dc_server(unsigned logopt, const char *uri, struct lookup_context *ctxt)
+@@ -852,9 +851,11 @@ static LDAP *find_dc_server(unsigned log
+ tok = strtok_r(str, " ", &ptr);
+ while (tok) {
+ const char *this = (const char *) tok;
++ int ret;
++
+ debug(logopt, "trying server uri %s", this);
+- ldap = connect_to_server(logopt, this, ctxt);
+- if (ldap) {
++ ret = connect_to_server(logopt, &ldap, this, ctxt);
++ if (ret == NSS_STATUS_SUCCESS) {
+ info(logopt, "connected to uri %s", this);
+ free(str);
+ return ldap;
+@@ -874,6 +875,7 @@ static LDAP *find_server(unsigned logopt
+ struct list_head *p, *first;
+ struct dclist *dclist;
+ char *uri = NULL;
++ int ret;
+
+ uris_mutex_lock(ctxt);
+ dclist = ctxt->dclist;
+@@ -896,8 +898,8 @@ static LDAP *find_server(unsigned logopt
+ if (!strstr(this->uri, ":///")) {
+ uri = strdup(this->uri);
+ debug(logopt, "trying server uri %s", uri);
+- ldap = connect_to_server(logopt, uri, ctxt);
+- if (ldap) {
++ ret = connect_to_server(logopt, &ldap, uri, ctxt);
++ if (ret == NSS_STATUS_SUCCESS) {
+ info(logopt, "connected to uri %s", uri);
+ free(uri);
+ break;
+@@ -962,7 +964,8 @@ static LDAP *do_reconnect(unsigned logop
+ ldapinit_mutex_lock();
+ autofs_sasl_dispose(ctxt);
+ ldapinit_mutex_unlock();
+- ldap = connect_to_server(logopt, ctxt->server, ctxt);
++ ret = connect_to_server(logopt, &ldap,
++ ctxt->server, ctxt);
+ }
+ #endif
+ return ldap;
+@@ -1001,7 +1004,7 @@ static LDAP *do_reconnect(unsigned logop
+ ldapinit_mutex_lock();
+ autofs_sasl_dispose(ctxt);
+ ldapinit_mutex_unlock();
+- ldap = connect_to_server(logopt, ctxt->uri->uri, ctxt);
++ ret = connect_to_server(logopt, &ldap, ctxt->uri->uri, ctxt);
+ }
+ #endif
+ if (ldap)
diff --git a/SOURCES/autofs-5.1.1-make-do_connect-return-a-status.patch b/SOURCES/autofs-5.1.1-make-do_connect-return-a-status.patch
new file mode 100644
index 0000000..4eb2792
--- /dev/null
+++ b/SOURCES/autofs-5.1.1-make-do_connect-return-a-status.patch
@@ -0,0 +1,180 @@
+autofs-5.1.1 - make do_connect() return a status
+
+From: Ian Kent <raven@themaw.net>
+
+In the ldap lookup module the do_reconnect() call doesn't distinguish
+between no entry found and service unavailable.
+
+If service unavailable gets returned from a master map read it results
+in autofs not updating the mounts. A notfound return doesn't because it
+indicates the map doesn't exist so updating the mounts isn't a problem
+as it can be when the source is unavailable.
+
+The next step in the update of do_reconnect() is to make do_connect()
+return a status instead of an LDAP handle and pass back the LDAP handle
+via a function parameter.
+
+Signed-off-by: Ian Kent <raven@themaw.net>
+---
+ CHANGELOG | 1
+ modules/lookup_ldap.c | 60 ++++++++++++++++++++++++++++++--------------------
+ 2 files changed, 38 insertions(+), 23 deletions(-)
+
+--- autofs-5.0.7.orig/CHANGELOG
++++ autofs-5.0.7/CHANGELOG
+@@ -173,6 +173,7 @@
+ - fix left mount count return from umount_multi_triggers().
+ - fix return handling in sss lookup module.
+ - move query dn calculation from do_bind() to do_connect().
++- make do_connect() return a status.
+
+ 25/07/2012 autofs-5.0.7
+ =======================
+--- autofs-5.0.7.orig/modules/lookup_ldap.c
++++ autofs-5.0.7/modules/lookup_ldap.c
+@@ -631,10 +631,14 @@ static int do_bind(unsigned logopt, LDAP
+ return 1;
+ }
+
+-static LDAP *do_connect(unsigned logopt, const char *uri, struct lookup_context *ctxt)
++static int do_connect(unsigned logopt, LDAP **ldap,
++ const char *uri, struct lookup_context *ctxt)
+ {
+ char *cur_host = NULL;
+- LDAP *ldap;
++ LDAP *handle;
++ int ret = NSS_STATUS_SUCCESS;
++
++ *ldap = NULL;
+
+ #ifdef WITH_SASL
+ if (ctxt->extern_cert && ctxt->extern_key) {
+@@ -643,18 +647,20 @@ static LDAP *do_connect(unsigned logopt,
+ }
+ #endif
+
+- ldap = init_ldap_connection(logopt, uri, ctxt);
+- if (!ldap)
++ handle = init_ldap_connection(logopt, uri, ctxt);
++ if (!handle) {
++ ret = NSS_STATUS_UNAVAIL;
+ goto out;
++ }
+
+ uris_mutex_lock(ctxt);
+ if (ctxt->cur_host)
+ cur_host = ctxt->cur_host;
+ uris_mutex_unlock(ctxt);
+
+- if (!do_bind(logopt, ldap, uri, ctxt)) {
+- unbind_ldap_connection(logopt, ldap, ctxt);
+- ldap = NULL;
++ if (!do_bind(logopt, handle, uri, ctxt)) {
++ unbind_ldap_connection(logopt, handle, ctxt);
++ ret = NSS_STATUS_UNAVAIL;
+ goto out;
+ }
+
+@@ -664,7 +670,8 @@ static LDAP *do_connect(unsigned logopt,
+ uris_mutex_lock(ctxt);
+ if (ctxt->schema && ctxt->qdn && (cur_host == ctxt->cur_host)) {
+ uris_mutex_unlock(ctxt);
+- return ldap;
++ *ldap = handle;
++ goto out;
+ }
+ uris_mutex_unlock(ctxt);
+
+@@ -674,9 +681,9 @@ static LDAP *do_connect(unsigned logopt,
+ * base dn for searches.
+ */
+ if (!ctxt->schema) {
+- if (!find_query_dn(logopt, ldap, ctxt)) {
+- unbind_ldap_connection(logopt, ldap, ctxt);
+- ldap = NULL;
++ if (!find_query_dn(logopt, handle, ctxt)) {
++ unbind_ldap_connection(logopt, handle, ctxt);
++ ret = NSS_STATUS_NOTFOUND;
+ warn(logopt,
+ MODPREFIX "failed to find valid query dn");
+ goto out;
+@@ -684,14 +691,17 @@ static LDAP *do_connect(unsigned logopt,
+ } else if (!(ctxt->format & MAP_FLAG_FORMAT_AMD)) {
+ const char *class = ctxt->schema->map_class;
+ const char *key = ctxt->schema->map_attr;
+- if (!get_query_dn(logopt, ldap, ctxt, class, key)) {
+- unbind_ldap_connection(logopt, ldap, ctxt);
+- ldap = NULL;
++ if (!get_query_dn(logopt, handle, ctxt, class, key)) {
++ unbind_ldap_connection(logopt, handle, ctxt);
++ ret = NSS_STATUS_NOTFOUND;
+ error(logopt, MODPREFIX "failed to get query dn");
++ goto out;
+ }
+ }
++
++ *ldap = handle;
+ out:
+- return ldap;
++ return ret;
+ }
+
+ static unsigned long get_amd_timestamp(struct lookup_context *ctxt)
+@@ -706,8 +716,8 @@ static unsigned long get_amd_timestamp(s
+ unsigned long timestamp = 0;
+ int rv, l, ql;
+
+- ldap = do_connect(LOGOPT_ANY, ctxt->server, ctxt);
+- if (!ldap)
++ rv = do_connect(LOGOPT_ANY, &ldap, ctxt->server, ctxt);
++ if (rv != NSS_STATUS_SUCCESS)
+ return 0;
+
+ map = amd_timestamp.map_attr;
+@@ -817,9 +827,10 @@ next:
+ static LDAP *connect_to_server(unsigned logopt, const char *uri, struct lookup_context *ctxt)
+ {
+ LDAP *ldap;
++ int ret;
+
+- ldap = do_connect(logopt, uri, ctxt);
+- if (!ldap) {
++ ret = do_connect(logopt, &ldap, uri, ctxt);
++ if (ret != NSS_STATUS_SUCCESS) {
+ warn(logopt,
+ MODPREFIX "couldn't connect to server %s",
+ uri ? uri : "default");
+@@ -940,12 +951,14 @@ static LDAP *find_server(unsigned logopt
+ static LDAP *do_reconnect(unsigned logopt, struct lookup_context *ctxt)
+ {
+ LDAP *ldap = NULL;
++ int ret;
+
+ if (ctxt->server || !ctxt->uris) {
+- ldap = do_connect(logopt, ctxt->server, ctxt);
++ ret = do_connect(logopt, &ldap, ctxt->server, ctxt);
+ #ifdef WITH_SASL
+ /* Dispose of the sasl authentication connection and try again. */
+- if (!ldap && ctxt->auth_required & LDAP_NEED_AUTH) {
++ if (ret != NSS_STATUS_SUCCESS &&
++ ctxt->auth_required & LDAP_NEED_AUTH) {
+ ldapinit_mutex_lock();
+ autofs_sasl_dispose(ctxt);
+ ldapinit_mutex_unlock();
+@@ -977,13 +990,14 @@ static LDAP *do_reconnect(unsigned logop
+ if (!ctxt->uri)
+ goto find_server;
+
+- ldap = do_connect(logopt, ctxt->uri->uri, ctxt);
++ ret = do_connect(logopt, &ldap, ctxt->uri->uri, ctxt);
+ #ifdef WITH_SASL
+ /*
+ * Dispose of the sasl authentication connection and try the
+ * current server again before trying other servers in the list.
+ */
+- if (!ldap && ctxt->auth_required & LDAP_NEED_AUTH) {
++ if (ret != NSS_STATUS_SUCCESS &&
++ ctxt->auth_required & LDAP_NEED_AUTH) {
+ ldapinit_mutex_lock();
+ autofs_sasl_dispose(ctxt);
+ ldapinit_mutex_unlock();
diff --git a/SOURCES/autofs-5.1.1-make-find_dc_server-return-a-status.patch b/SOURCES/autofs-5.1.1-make-find_dc_server-return-a-status.patch
new file mode 100644
index 0000000..0dac8e4
--- /dev/null
+++ b/SOURCES/autofs-5.1.1-make-find_dc_server-return-a-status.patch
@@ -0,0 +1,101 @@
+autofs-5.1.1 - make find_dc_server() return a status
+
+From: Ian Kent <raven@themaw.net>
+
+In the ldap lookup module the do_reconnect() call doesn't distinguish
+between no entry found and service unavailable.
+
+If service unavailable gets returned from a master map read it results
+in autofs not updating the mounts. A notfound return doesn't because it
+indicates the map doesn't exist so updating the mounts isn't a problem
+as it can be when the source is unavailable.
+
+Next step in the update of do_reconnect() is to make find_dc_server()
+return a status instead of an LDAP handle and pass back the LDAP handle
+via a function parameter.
+
+Signed-off-by: Ian Kent <raven@themaw.net>
+---
+ CHANGELOG | 1 +
+ modules/lookup_ldap.c | 27 +++++++++++++++------------
+ 2 files changed, 16 insertions(+), 12 deletions(-)
+
+--- autofs-5.0.7.orig/CHANGELOG
++++ autofs-5.0.7/CHANGELOG
+@@ -175,6 +175,7 @@
+ - move query dn calculation from do_bind() to do_connect().
+ - make do_connect() return a status.
+ - make connect_to_server() return a status.
++- make find_dc_server() return a status.
+
+ 25/07/2012 autofs-5.0.7
+ =======================
+--- autofs-5.0.7.orig/modules/lookup_ldap.c
++++ autofs-5.0.7/modules/lookup_ldap.c
+@@ -839,33 +839,36 @@ static int connect_to_server(unsigned lo
+ return ret;
+ }
+
+-static LDAP *find_dc_server(unsigned logopt, const char *uri, struct lookup_context *ctxt)
++static int find_dc_server(unsigned logopt, LDAP **ldap,
++ const char *uri, struct lookup_context *ctxt)
+ {
+ char *str, *tok, *ptr = NULL;
+- LDAP *ldap = NULL;
++ int ret = NSS_STATUS_UNAVAIL;
+
+ str = strdup(uri);
+ if (!str)
+- return NULL;
++ return ret;
+
+ tok = strtok_r(str, " ", &ptr);
+ while (tok) {
+ const char *this = (const char *) tok;
+- int ret;
++ int rv;
+
+ debug(logopt, "trying server uri %s", this);
+- ret = connect_to_server(logopt, &ldap, this, ctxt);
+- if (ret == NSS_STATUS_SUCCESS) {
++ rv = connect_to_server(logopt, ldap, this, ctxt);
++ if (rv == NSS_STATUS_SUCCESS) {
+ info(logopt, "connected to uri %s", this);
+ free(str);
+- return ldap;
++ return rv;
+ }
++ if (rv == NSS_STATUS_NOTFOUND)
++ ret = NSS_STATUS_NOTFOUND;
+ tok = strtok_r(NULL, " ", &ptr);
+ }
+
+ free(str);
+
+- return NULL;
++ return ret;
+ }
+
+ static LDAP *find_server(unsigned logopt, struct lookup_context *ctxt)
+@@ -917,8 +920,8 @@ static LDAP *find_server(unsigned logopt
+ dclist = tmp;
+ uri = strdup(dclist->uri);
+ }
+- ldap = find_dc_server(logopt, uri, ctxt);
+- if (ldap) {
++ ret = find_dc_server(logopt, &ldap, uri, ctxt);
++ if (ret == NSS_STATUS_SUCCESS) {
+ free(uri);
+ break;
+ }
+@@ -972,8 +975,8 @@ static LDAP *do_reconnect(unsigned logop
+ }
+
+ if (ctxt->dclist) {
+- ldap = find_dc_server(logopt, ctxt->dclist->uri, ctxt);
+- if (ldap)
++ ret = find_dc_server(logopt, &ldap, ctxt->dclist->uri, ctxt);
++ if (ret == NSS_STATUS_SUCCESS)
+ return ldap;
+ }
+
diff --git a/SOURCES/autofs-5.1.1-make-find_server-return-a-status.patch b/SOURCES/autofs-5.1.1-make-find_server-return-a-status.patch
new file mode 100644
index 0000000..34afed1
--- /dev/null
+++ b/SOURCES/autofs-5.1.1-make-find_server-return-a-status.patch
@@ -0,0 +1,117 @@
+autofs-5.1.1 - make find_server() return a status
+
+From: Ian Kent <raven@themaw.net>
+
+In the ldap lookup module the do_reconnect() call doesn't distinguish
+between no entry found and service unavailable.
+
+If service unavailable gets returned from a master map read it results
+in autofs not updating the mounts. A notfound return doesn't because it
+indicates the map doesn't exist so updating the mounts isn't a problem
+as it can be when the source is unavailable.
+
+Next step in the update of do_reconnect() is to make find_server()
+return a status instead of an LDAP handle and pass back the LDAP handle
+via a function parameter.
+
+Signed-off-by: Ian Kent <raven@themaw.net>
+---
+ CHANGELOG | 1 +
+ modules/lookup_ldap.c | 30 +++++++++++++++++++-----------
+ 2 files changed, 20 insertions(+), 11 deletions(-)
+
+--- autofs-5.0.7.orig/CHANGELOG
++++ autofs-5.0.7/CHANGELOG
+@@ -176,6 +176,7 @@
+ - make do_connect() return a status.
+ - make connect_to_server() return a status.
+ - make find_dc_server() return a status.
++- make find_server() return a status.
+
+ 25/07/2012 autofs-5.0.7
+ =======================
+--- autofs-5.0.7.orig/modules/lookup_ldap.c
++++ autofs-5.0.7/modules/lookup_ldap.c
+@@ -871,14 +871,14 @@ static int find_dc_server(unsigned logop
+ return ret;
+ }
+
+-static LDAP *find_server(unsigned logopt, struct lookup_context *ctxt)
++static int find_server(unsigned logopt,
++ LDAP **ldap, struct lookup_context *ctxt)
+ {
+- LDAP *ldap = NULL;
+- struct ldap_uri *this;
++ struct ldap_uri *this = NULL;
+ struct list_head *p, *first;
+ struct dclist *dclist;
+ char *uri = NULL;
+- int ret;
++ int ret = NSS_STATUS_UNAVAIL;
+
+ uris_mutex_lock(ctxt);
+ dclist = ctxt->dclist;
+@@ -892,6 +892,8 @@ static LDAP *find_server(unsigned logopt
+ /* Try each uri, save point in server list upon success */
+ p = first->next;
+ while(p != first) {
++ int rv;
++
+ /* Skip list head */
+ if (p == ctxt->uris) {
+ p = p->next;
+@@ -901,12 +903,15 @@ static LDAP *find_server(unsigned logopt
+ if (!strstr(this->uri, ":///")) {
+ uri = strdup(this->uri);
+ debug(logopt, "trying server uri %s", uri);
+- ret = connect_to_server(logopt, &ldap, uri, ctxt);
+- if (ret == NSS_STATUS_SUCCESS) {
++ rv = connect_to_server(logopt, ldap, uri, ctxt);
++ if (rv == NSS_STATUS_SUCCESS) {
++ ret = NSS_STATUS_SUCCESS;
+ info(logopt, "connected to uri %s", uri);
+ free(uri);
+ break;
+ }
++ if (rv == NSS_STATUS_NOTFOUND)
++ ret = NSS_STATUS_NOTFOUND;
+ } else {
+ if (dclist)
+ uri = strdup(dclist->uri);
+@@ -920,11 +925,14 @@ static LDAP *find_server(unsigned logopt
+ dclist = tmp;
+ uri = strdup(dclist->uri);
+ }
+- ret = find_dc_server(logopt, &ldap, uri, ctxt);
+- if (ret == NSS_STATUS_SUCCESS) {
++ rv = find_dc_server(logopt, ldap, uri, ctxt);
++ if (rv == NSS_STATUS_SUCCESS) {
++ ret = NSS_STATUS_SUCCESS;
+ free(uri);
+ break;
+ }
++ if (rv == NSS_STATUS_NOTFOUND)
++ ret = NSS_STATUS_NOTFOUND;
+ }
+ free(uri);
+ uri = NULL;
+@@ -950,7 +958,7 @@ static LDAP *find_server(unsigned logopt
+ }
+ uris_mutex_unlock(ctxt);
+
+- return ldap;
++ return ret;
+ }
+
+ static LDAP *do_reconnect(unsigned logopt, struct lookup_context *ctxt)
+@@ -1023,8 +1031,8 @@ find_server:
+ #endif
+
+ /* Current server failed, try the rest or dc connection */
+- ldap = find_server(logopt, ctxt);
+- if (!ldap)
++ ret = find_server(logopt, &ldap, ctxt);
++ if (ret != NSS_STATUS_SUCCESS)
+ error(logopt, MODPREFIX "failed to find available server");
+
+ return ldap;
diff --git a/SOURCES/autofs-5.1.1-move-query-dn-calculation-from-do_bind-to-do_connect.patch b/SOURCES/autofs-5.1.1-move-query-dn-calculation-from-do_bind-to-do_connect.patch
new file mode 100644
index 0000000..51c5d0c
--- /dev/null
+++ b/SOURCES/autofs-5.1.1-move-query-dn-calculation-from-do_bind-to-do_connect.patch
@@ -0,0 +1,156 @@
+autofs-5.1.1 - move query dn calculation from do_bind() to do_connect()
+
+From: Ian Kent <raven@themaw.net>
+
+In the ldap lookup module the do_reconnect() call doesn't distinguish
+between no entry found and service unavailable.
+
+If service unavailable gets returned from a master map read it results
+in autofs not updating the mounts. A notfound return doesn't because it
+indicates the map doesn't exist so updating the mounts isn't a problem
+as it can be when the source is unavailable.
+
+Start the update of do_reconnect() by moving the query dn calculation
+from do_bind() to do_connect().
+
+Signed-off-by: Ian Kent <raven@themaw.net>
+---
+ CHANGELOG | 1
+ modules/lookup_ldap.c | 81 ++++++++++++++++++++++++++++++--------------------
+ 2 files changed, 51 insertions(+), 31 deletions(-)
+
+--- autofs-5.0.7.orig/CHANGELOG
++++ autofs-5.0.7/CHANGELOG
+@@ -172,6 +172,7 @@
+ - init qdn before use in get_query_dn().
+ - fix left mount count return from umount_multi_triggers().
+ - fix return handling in sss lookup module.
++- move query dn calculation from do_bind() to do_connect().
+
+ 25/07/2012 autofs-5.0.7
+ =======================
+--- autofs-5.0.7.orig/modules/lookup_ldap.c
++++ autofs-5.0.7/modules/lookup_ldap.c
+@@ -574,7 +574,7 @@ static int find_query_dn(unsigned logopt
+ static int do_bind(unsigned logopt, LDAP *ldap, const char *uri, struct lookup_context *ctxt)
+ {
+ char *host = NULL, *nhost;
+- int rv, need_base = 1;
++ int rv;
+
+ #ifdef WITH_SASL
+ debug(logopt, MODPREFIX "auth_required: %d, sasl_mech %s",
+@@ -610,6 +610,7 @@ static int do_bind(unsigned logopt, LDAP
+ }
+ ldap_memfree(host);
+
++ uris_mutex_lock(ctxt);
+ if (!ctxt->cur_host) {
+ ctxt->cur_host = nhost;
+ if (!(ctxt->format & MAP_FLAG_FORMAT_AMD)) {
+@@ -618,43 +619,21 @@ static int do_bind(unsigned logopt, LDAP
+ }
+ } else {
+ /* If connection host has changed update */
+- if (strcmp(ctxt->cur_host, nhost)) {
++ if (!strcmp(ctxt->cur_host, nhost))
++ free(nhost);
++ else {
+ free(ctxt->cur_host);
+ ctxt->cur_host = nhost;
+- } else {
+- free(nhost);
+- need_base = 0;
+- }
+- }
+-
+- if (ctxt->schema && ctxt->qdn && !need_base)
+- return 1;
+-
+- /*
+- * If the schema isn't defined in the configuration then check for
+- * presence of a map dn with a the common schema. Then calculate the
+- * base dn for searches.
+- */
+- if (!ctxt->schema) {
+- if (!find_query_dn(logopt, ldap, ctxt)) {
+- warn(logopt,
+- MODPREFIX "failed to find valid query dn");
+- return 0;
+- }
+- } else if (!(ctxt->format & MAP_FLAG_FORMAT_AMD)) {
+- const char *class = ctxt->schema->map_class;
+- const char *key = ctxt->schema->map_attr;
+- if (!get_query_dn(logopt, ldap, ctxt, class, key)) {
+- error(logopt, MODPREFIX "failed to get query dn");
+- return 0;
+ }
+ }
++ uris_mutex_unlock(ctxt);
+
+ return 1;
+ }
+
+ static LDAP *do_connect(unsigned logopt, const char *uri, struct lookup_context *ctxt)
+ {
++ char *cur_host = NULL;
+ LDAP *ldap;
+
+ #ifdef WITH_SASL
+@@ -665,13 +644,53 @@ static LDAP *do_connect(unsigned logopt,
+ #endif
+
+ ldap = init_ldap_connection(logopt, uri, ctxt);
+- if (ldap) {
+- if (!do_bind(logopt, ldap, uri, ctxt)) {
++ if (!ldap)
++ goto out;
++
++ uris_mutex_lock(ctxt);
++ if (ctxt->cur_host)
++ cur_host = ctxt->cur_host;
++ uris_mutex_unlock(ctxt);
++
++ if (!do_bind(logopt, ldap, uri, ctxt)) {
++ unbind_ldap_connection(logopt, ldap, ctxt);
++ ldap = NULL;
++ goto out;
++ }
++
++ /* If the lookup schema and the query dn are set and the
++ * ldap host hasn't changed return.
++ */
++ uris_mutex_lock(ctxt);
++ if (ctxt->schema && ctxt->qdn && (cur_host == ctxt->cur_host)) {
++ uris_mutex_unlock(ctxt);
++ return ldap;
++ }
++ uris_mutex_unlock(ctxt);
++
++ /*
++ * If the schema isn't defined in the configuration then check for
++ * presence of a map dn with a the common schema. Then calculate the
++ * base dn for searches.
++ */
++ if (!ctxt->schema) {
++ if (!find_query_dn(logopt, ldap, ctxt)) {
+ unbind_ldap_connection(logopt, ldap, ctxt);
+ ldap = NULL;
++ warn(logopt,
++ MODPREFIX "failed to find valid query dn");
++ goto out;
++ }
++ } else if (!(ctxt->format & MAP_FLAG_FORMAT_AMD)) {
++ const char *class = ctxt->schema->map_class;
++ const char *key = ctxt->schema->map_attr;
++ if (!get_query_dn(logopt, ldap, ctxt, class, key)) {
++ unbind_ldap_connection(logopt, ldap, ctxt);
++ ldap = NULL;
++ error(logopt, MODPREFIX "failed to get query dn");
+ }
+ }
+-
++out:
+ return ldap;
+ }
+
diff --git a/SOURCES/autofs-5.1.1-update-map_hash_table_size-description.patch b/SOURCES/autofs-5.1.1-update-map_hash_table_size-description.patch
new file mode 100644
index 0000000..bdc206b
--- /dev/null
+++ b/SOURCES/autofs-5.1.1-update-map_hash_table_size-description.patch
@@ -0,0 +1,100 @@
+autofs-5.1.1 - update map_hash_table_size description
+
+From: Ian Kent <raven@themaw.net>
+
+The configuration parameter map_hash_table_size has been ommitted
+from the autofs.conf(5) man page and it's description in the
+configuration file comments is poor.
+
+Add a description of the parameter to autofs.conf(5) and update
+the configuration file comments to direct people to the map page
+for more information.
+
+Signed-off-by: Ian Kent <raven@themaw.net>
+---
+ CHANGELOG | 1 +
+ man/autofs.conf.5.in | 31 +++++++++++++++++++++++++++++++
+ redhat/autofs.conf.default.in | 6 ++++--
+ samples/autofs.conf.default.in | 6 ++++--
+ 4 files changed, 40 insertions(+), 4 deletions(-)
+
+--- autofs-5.0.7.orig/CHANGELOG
++++ autofs-5.0.7/CHANGELOG
+@@ -180,6 +180,7 @@
+ - fix return handling of do_reconnect() in ldap module.
+ - fix direct mount stale instance flag reset.
+ - fix direct map expire not set for initail empty map.
++- update map_hash_table_size description.
+
+ 25/07/2012 autofs-5.0.7
+ =======================
+--- autofs-5.0.7.orig/man/autofs.conf.5.in
++++ autofs-5.0.7/man/autofs.conf.5.in
+@@ -80,6 +80,37 @@ user setting these standard environment
+ potential user privilege escalation when the program map is written in a
+ language that can load components from, for example, a user home directory
+ (program default "no").
++.TP
++.B map_hash_table_size
++.br
++This configuration option may be used to change the number of hash
++table slots (default 1024).
++
++This configuration option affects the overhead of searching the map
++entry cache for map entries when there are a large number of entries.
++It affects the number of entries that must be looked at to locate a
++map entry in the map entry cache. For example, the default of 1024
++and a direct map with 8000 entries would result in each slot
++containing an average of 8 entries, which should be acceptable.
++
++However, if excessive CPU usage is observed during automount lookups
++increasing this option can reduce the CPU overhead considerably becuase
++it reduces the length of the search chains.
++
++Note that the number of entries in a map doesn't necessarily relate
++to the number of entries used in the map entry cache.
++
++There are three distinct cases, direct maps and indirect maps that
++use the "browse" option must be read in their entirity at program
++start so, in these two cases the map size does retate directly to
++the map entry cache size.
++
++For indirect maps that do not use the "browse" option entries are
++added to the map entry cache at lookup so the number of active cache
++entries, in this case, is usually much less than the number of entries
++in the map. In this last case it would be unusual for the map entry
++cache to grow large enough to warrant increasing the default before
++an event that cleans stale entries, a map re-read for example.
+ .SS LDAP Configuration
+ .P
+ Configuration settings available are:
+--- autofs-5.0.7.orig/redhat/autofs.conf.default.in
++++ autofs-5.0.7/redhat/autofs.conf.default.in
+@@ -135,8 +135,10 @@ mount_nfs_default_protocol = 4
+ #auth_conf_file = @@autofsmapdir@@/autofs_ldap_auth.conf
+ #
+ # map_hash_table_size - set the map cache hash table size.
+-# Should be a power of 2 with a ratio roughly
+-# between 1:10 and 1:20 for each map.
++# Should be a power of 2 with a ratio of
++# close to 1:8 for acceptable performance
++# with maps up to around 8000 entries.
++# See autofs.conf(5) for more details.
+ #
+ #map_hash_table_size = 1024
+ #
+--- autofs-5.0.7.orig/samples/autofs.conf.default.in
++++ autofs-5.0.7/samples/autofs.conf.default.in
+@@ -134,8 +134,10 @@ browse_mode = no
+ #auth_conf_file = @@autofsmapdir@@/autofs_ldap_auth.conf
+ #
+ # map_hash_table_size - set the map cache hash table size.
+-# Should be a power of 2 with a ratio roughly
+-# between 1:10 and 1:20 for each map.
++# Should be a power of 2 with a ratio of
++# close to 1:8 for acceptable performance
++# with maps up to around 8000 entries.
++# See autofs.conf(5) for more details.
+ #
+ #map_hash_table_size = 1024
+ #
diff --git a/SPECS/autofs.spec b/SPECS/autofs.spec
index c430a86..71396d5 100644
--- a/SPECS/autofs.spec
+++ b/SPECS/autofs.spec
@@ -8,7 +8,7 @@
Summary: A tool for automatically mounting and unmounting filesystems
Name: autofs
Version: 5.0.7
-Release: 48%{?dist}
+Release: 54%{?dist}
Epoch: 1
License: GPLv2+
Group: System Environment/Daemons
@@ -272,6 +272,30 @@ Patch629: autofs-5.1.0-update-man-page-autofs-8-for-systemd.patch
Patch630: autofs-5.1.0-fix-fix-master-map-type-check.patch
Patch631: autofs-5.1.0-fix-typo-in-update_hosts_mounts.patch
Patch632: autofs-5.1.0-fix-hosts-map-update-on-reload.patch
+Patch633: autofs-5.1.0-make-negative-cache-update-consistent-for-all-lookup-modules.patch
+Patch634: autofs-5.1.0-ensure-negative-cache-isnt-updated-on-remount.patch
+Patch635: autofs-5.1.0-dont-add-wildcard-to-negative-cache.patch
+Patch636: autofs-5.1.0-add-a-prefix-to-program-map-stdvars.patch
+Patch637: autofs-5.1.0-add-config-option-to-force-use-of-program-map-stdvars.patch
+Patch638: autofs-5.1.0-fix-incorrect-check-in-parse_mount.patch
+Patch639: autofs-5.1.0-handle-duplicates-in-multi-mounts.patch
+Patch640: autofs-5.1.0-fix-macro-usage-in-lookup_program_c.patch
+Patch641: autofs-5.1.0-remove-unused-offset-handling-code.patch
+Patch642: autofs-5.1.0-fix-mount-as-you-go-offset-selection.patch
+
+Patch643: autofs-5.1.0-init-qdn-before-use.patch
+Patch644: autofs-5.1.1-fix-left-mount-count-return.patch
+Patch645: autofs-5.1.1-fix-return-handling-in-sss-lookup-module.patch
+Patch646: autofs-5.1.1-move-query-dn-calculation-from-do_bind-to-do_connect.patch
+Patch647: autofs-5.1.1-make-do_connect-return-a-status.patch
+Patch648: autofs-5.1.1-make-connect_to_server-return-a-status.patch
+Patch649: autofs-5.1.1-make-find_dc_server-return-a-status.patch
+Patch650: autofs-5.1.1-make-find_server-return-a-status.patch
+Patch651: autofs-5.1.1-fix-return-handling-of-do_reconnect-in-ldap-module.patch
+Patch652: autofs-5.1.1-fix-direct-mount-stale-instance-flag-reset.patch
+Patch653: autofs-5.1.1-fix-direct-map-expire-not-set-for-initial-empty-map.patch
+Patch654: autofs-5.1.1-update-map_hash_table_size-description.patch
+Patch655: autofs-5.1.1-fix-out-of-order-call-in-program-map-lookup.patch
Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
%if %{with_systemd}
@@ -582,6 +606,30 @@ echo %{version}-%{release} > .version
%patch630 -p1
%patch631 -p1
%patch632 -p1
+%patch633 -p1
+%patch634 -p1
+%patch635 -p1
+%patch636 -p1
+%patch637 -p1
+%patch638 -p1
+%patch639 -p1
+%patch640 -p1
+%patch641 -p1
+%patch642 -p1
+
+%patch643 -p1
+%patch644 -p1
+%patch645 -p1
+%patch646 -p1
+%patch647 -p1
+%patch648 -p1
+%patch649 -p1
+%patch650 -p1
+%patch651 -p1
+%patch652 -p1
+%patch653 -p1
+%patch654 -p1
+%patch655 -p1
%build
LDFLAGS=-Wl,-z,now
@@ -675,6 +723,64 @@ fi
%dir /etc/auto.master.d
%changelog
+* Thu Sep 17 2015 Ian Kent <ikent@redhat.com> - 1:5.0.7-54
+- bz1263508 - Heavy program map usage can lead to a hang
+ - fix out of order call in program map lookup.
+- Resolves: rhbz#1263508
+
+* Tue Jul 7 2015 Ian Kent <ikent@redhat.com> - 1:5.0.7-53
+- bz1238573 - RFE: autofs MAP_HASH_TABLE_SIZE description
+ - update map_hash_table_size description.
+- Resolves: rhbz#1238573
+
+* Thu Jul 2 2015 Ian Kent <ikent@redhat.com> - 1:5.0.7-52
+- bz1233069 - Direct map does not expire if map is initially empty
+ - update patch to fix expiry problem.
+- Related: rhbz#1233069
+
+* Tue Jun 23 2015 Ian Kent <ikent@redhat.com> - 1:5.0.7-51
+- bz1233065 - 'service autofs reload' does not reloads new mounts only
+ when 'sss' or 'ldap' is used in '/etc/nsswitch.conf' file
+ - init qdn before use in get_query_dn().
+ - fix left mount count return from umount_multi_triggers().
+ - fix return handling in sss lookup module.
+ - move query dn calculation from do_bind() to do_connect().
+ - make do_connect() return a status.
+ - make connect_to_server() return a status.
+ - make find_dc_server() return a status.
+ - make find_server() return a status.
+ - fix return handling of do_reconnect() in ldap module.
+- bz1233067 - autofs is performing excessive direct mount map re-reads
+ - fix direct mount stale instance flag reset.
+- bz1233069 - Direct map does not expire if map is initially empty
+ - fix direct map expire not set for initial empty map.
+- Resolves: rhbz#1233065 rhbz#1233067 rhbz#1233069
+
+* Tue May 26 2015 Ian Kent <ikent@redhat.com> - 1:5.0.7-50
+- bz1218045 - Similar but unrelated NFS exports block proper mounting of
+ "parent" mount point
+ - remove unused offset handling code.
+ - fix mount as you go offset selection.
+- Resolves: rhbz#1218045
+
+* Mon May 25 2015 Ian Kent <ikent@redhat.com> - 1:5.0.7-49
+- bz1166457 - Autofs unable to mount indirect after attempt to mount wildcard
+ - make negative cache update consistent for all lookup modules.
+ - ensure negative cache isn't updated on remount.
+ - dont add wildcard to negative cache.
+- bz1162041 - priv escalation via interpreter load path for program based
+ automount maps
+ - add a prefix to program map stdvars.
+ - add config option to force use of program map stdvars.
+- bz1161474 - automount segment fault in parse_sun.so for negative parser tests
+ - fix incorrect check in parse_mount().
+- bz1205600 - Autofs stopped mounting /net/hostname/mounts after seeing duplicate
+ exports in the NFS server
+ - handle duplicates in multi mounts.
+- bz1201582 - autofs: MAPFMT_DEFAULT is not macro in lookup_program.c
+ - fix macro usage in lookup_program.c.
+- Resolves: rhbz#1166457 rhbz#1162041 rhbz#1161474 rhbz#1205600 rhbz#1201582
+
* Fri Dec 19 2014 Ian Kent <ikent@redhat.com> - 1:5.0.7-48
- bz1164957 - The default installed autofs.conf doesn't have default nfs
protocol set to 4