History log of /freebsd-head/usr.sbin/mountd/mountd.c
Revision Date Author Comments (<<< Hide modified files) (Show modified files >>>)
f57373275cb0d56e6d7cf21e2b68f7f305c76128 10-Oct-2020 rmacklem <rmacklem@FreeBSD.org> Modify mountd.c so that it does not always malloc 4K for the map credentials.

r362163 upgraded mountd so that it could handle MAX_NGROUPS
groups for the anonymous user credentials (the ones provided by
-maproot and -mapall exports options).
The problem is that this resulted in every export structure growing by
about 4Kbytes, because the cr_groups field went from 16->MAX_NGROUPS.

This patch fixes this by only including a small 32 element cr_groups in the
structure and then malloc()'ng cr_groups when a larger one is needed.
The value of SMALLNGROUPS is arbitrarily set to 32, assuming most users
used by -maproot or -mapall will be in <= 32 groups.

Reviewed by: kib, freqlabs
Differential Revision: https://reviews.freebsd.org/D26521
146bc60fb0734c16a9b9073bcde7d21b27281432 30-Aug-2020 rmacklem <rmacklem@FreeBSD.org> Add support for the NFS over TLS exports to mountd.

Three new export flags are added to mountd that will restrict exported
file system mounts to use TLS. Without these flags, TLS is allowed, but not

The exports(5) man page will be updated in a future commit.
c0f74adc046ba9dc3497014e4bddf375d71f4165 22-Jul-2020 brooks <brooks@FreeBSD.org> Correct a type-mismatch between xdr_long and the variable "bad".

Way back in r28911 (August 1997, CVS rev 1.22) we imported a NetBSD
information leak fix via OpenBSD. Unfortunatly we failed to track the
followup commit that fixed the type of the error code. Apply the change
from int to long now.

Reviewed by: emaste
Found by: CHERI
Obtained from: CheriBSD
MFC after: 3 days
Sponsored by: DARPA
Differential Revision: https://reviews.freebsd.org/D25779
a90c65d63568aec317ddf5575e4009b4171fc729 22-Jul-2020 brooks <brooks@FreeBSD.org> Avoid reading one byte before the path buffer.

This happens when there's only one component (e.g. "/foo"). This
(mostly-harmless) bug has been present since June 1990 when it was
commited to mountd.c SCCS version 5.9.

Note: the bug is on the second changed line, the first line is changed
for visual consistency.

Reviewed by: cem, emaste, mckusick, rmacklem
Found with: CHERI
Obtained from: CheriBSD
MFC after: 1 week
Sponsored by: DARPA
Differential Revision: https://reviews.freebsd.org/D25759
39ad463b50fb7ca5115bd652eba2d26b7c89cb9f 16-Jun-2020 rmacklem <rmacklem@FreeBSD.org> Make use of the UID_NOBODY and GID_NOGROUP definitions in sys/conf.h.

r362214 exposed UID_NOBODY and GID_NOGROUP to userspace, so use them
instead of the numbers.

Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D25281
1bfe4e8613bda2e58677226bef6e80cda0a710ef 14-Jun-2020 rmacklem <rmacklem@FreeBSD.org> Modify mountd to use the new struct export_args committed by r362158.

r362158 modified struct export_args for make the ex_flags field 64bits
and also changed the anonymous credentials to allow more than 16 groups.
This patch fixes mountd.c to use the new structure.
It does allocate larger exportlist and grouplist structures now.
That will be fixed in a future commit.
The only visible change will be that the credentials provided for the
-maproot and -mapall exports options can now have more than 16 groups.

Reviewed by: kib, freqlabs
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D25088
e44ddca6f1111f26b5a9ce2335d072c7291f111d 09-Jun-2020 rmacklem <rmacklem@FreeBSD.org> Fix a bug where XU_NGROUPS + 1 groups might be copied.

r361780 fixed the code so that it would only remove the duplicate when
it actually existed. However, that might have resulted in XU_NGROUPS + 1
groups being copied, running off the end of the array. This patch fixes
the problem.

Spotted during code inspection for other mountd changes.

MFC after: 2 weeks
e2cdf84049946fe35a5c239d084deee69e5a6e02 06-Jun-2020 rmacklem <rmacklem@FreeBSD.org> Fix mountd so that it will not lose SIGHUPs that indicate "reload exports".

Without this patch, if a SIGHUP is handled while the process is executing
get_exportlist(), that SIGHUP is essentially ignored because the got_sighup
variable is reset to 0 after get_exportlist().
This results in the exports file(s) not being reloaded until another SIGHUP
signal is sent to mountd.
This patch fixes this by resetting got_sighup to zero before the
get_exportlist() call while SIGHUP is blocked.
It also defines a delay time of 250msec before doing another exports reload
if there are RPC request(s) to process. This prevents repeated exports reloads
from delaying handling of RPC requests significantly.

PR: 246597
Reported by: patrykkotlowski@gmail.com
Tested by: patrykkotlowski@gmail.com
Reviewed by: markj
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D25127
0b31143acc0346f80d023276c3d7c263e47b0fd0 04-Jun-2020 rmacklem <rmacklem@FreeBSD.org> Fix mountd to handle getgrouplist() not returning groups[0] == groups[1].

Prior to r174547, getgrouplist(3) always returned a groups list with
element 0 and 1 set to the basegid argument, so long as ngroups was > 1.
Post-r174547 this is not the case. r328304 disabled the deduplication that
removed the duplicate, but the duplicate still does not occur unless the
group for a user in the password database is also entered in the group
This patch fixes mountd so that it handles the case where a user specified
with the -maproot or -mapall exports option has a getgrouplist(3) groups
list where groups[0] != groups[1].
Found while testing another mountd patch.

MFC after: 2 weeks
30596480c966b8d8bc7436df3467ab2eac145751 21-May-2020 freqlabs <freqlabs@FreeBSD.org> Deduplicate fsid comparisons

Comparing fsid_t objects requires internal knowledge of the fsid structure
and yet this is duplicated across a number of places in the code.

Simplify by creating a fsidcmp function (macro).

Reviewed by: mjg, rmacklem
Approved by: mav (mentor)
MFC after: 1 week
Sponsored by: iXsystems, Inc.
Differential Revision: https://reviews.freebsd.org/D24749
1669b0172026b0a978378800ea193ff8868cf117 25-Jun-2019 mav <mav@FreeBSD.org> Fix strsep_quote() on strings without quotes.

For strings without quotes and escapes dstptr and srcptr are equal, so
zeroing *dstptr before checking *srcptr is not a good idea. In practice
it means that in -maproot=65534:65533 everything after the colon is lost.

The problem was there since r293305, but before r346976 it was covered by
improper strsep_quote() usage.

PR: 238725
MFC after: 3 days
Sponsored by: iXsystems, Inc.
05eac2f2116e006419770b91ec4b17ad2cda0075 03-Jun-2019 rmacklem <rmacklem@FreeBSD.org> r348590 had mention of "-I" in a comment that no longer applied to the patch.

Take "-I" out of the comment line, since the patch no longer uses the "-I"

MFC after: 1 month
2b3f398e4e9212c1a0862367619c58b8e9b34451 03-Jun-2019 rmacklem <rmacklem@FreeBSD.org> Modify mountd so that it incrementally updates the kernel exports upon a reload.

Without this patch, mountd would delete/load all exports from the exports
file(s) when it receives a SIGHUP. This works fine for small exports file(s),
but can take several seconds to do when there are large numbers (10000+) of
exported file systems. Most of this time is spent doing the system calls
that delete/export each of these file systems. When the "-S" option
has been specified (the default these days), the nfsd threads are suspended
for several seconds while the reload is done.

This patch changes mountd so that it only does system calls for file systems
where the exports have been changed/added/deleted as compared to the exports
done for the previous load/reload of the exports file(s).
Basically, when SIGHUP is posted to mountd, it saves the exportlist structures
from the previous load and creates a new set of structures from the current
exports file(s). Then it compares the current with the previous and only does
system calls for cases that have been changed/added/deleted.
The nfsd threads do not need to be suspended until the comparison step is
being done. This results in a suspension period of milliseconds for a server
with 10000+ exported file systems.

There is some code using a LOGDEBUG() macro that allow runtime debugging
output via syslog(LOG_DEBUG,...) that can be enabled by creating a file
called /var/log/mountd.debug. This code is expected to be replaced with
code that uses dtrace by cy@ in the near future, once issues w.r.t. dtrace
in stable/12 have been resolved.

The patch should not change the usage of the exports file(s), but improves
the performance of reloading large exports file(s) where there are only a
small number of changes done to the file(s).

Tested by: pen@lysator.liu.se
PR: 237860
Reviewed by: kib
MFC after: 1 month
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D20487
66fe452845254a482b05304fe3ebcb773a920085 31-May-2019 rmacklem <rmacklem@FreeBSD.org> Replace a single linked list with a hash table of lists.

mountd.c uses a single linked list of "struct exportlist" structures,
where there is one of these for each exported file system on the NFS server.
This list gets long if there are a large number of file systems exported and
the list must be searched for each line in the exports file(s) when
SIGHUP causes the exports file(s) to be reloaded.
A simple benchmark that traverses SLIST() elements and compares two 32bit
fields in the structure for equal (which is what the search is)
appears to take a couple of nsec. So, for a server with 72000 exported file
systems, this can take about 5sec during reload of the exports file(s).
By replacing the single linked list with a hash table with a target of
10 elements per list, the time should be reduced to less than 1msec.
Peter Errikson (who has a server with 72000+ exported file systems) ran
a test program using 5 hashes to see how they worked.
fnv_32_buf(fsid,..., 0)
fnv_32_buf(fsid,..., FNV1_32_INIT)
hash32_buf(fsid,..., 0)
hash32_buf(fsid,..., HASHINIT)
- plus simply using the low order bits of fsid.val[0].
The first three behaved about equally well, with the first one being
slightly better than the others.
It has an average variation of about 4.5% about the target list length
and that is what this patch uses.
Peter Errikson also tested this hash table version and found that the
performance wasn't measurably improved by a larger hash table, so a
load factor of 10 appears adequate.

Tested by: pen@lysator.liu.se (with other patches)
PR: 237860
MFC after: 1 month
a25b408b04599c6fce2193dbdb311213402b0efa 30-May-2019 dchagin <dchagin@FreeBSD.org> Complete LOCAL_PEERCRED support. Cache pid of the remote process in the
struct xucred. Do not bump XUCRED_VERSION as struct layout is not changed.

PR: 215202
Reviewed by: tijl
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D20415
1d91d4ba68984c18b8b5d39644edf6a7f045305d 14-May-2019 rmacklem <rmacklem@FreeBSD.org> Replace global list for grouplist with list(s) for each exportlist element.

In mountd.c, the grouplist structures are linked into a single global
linked list headed by "grphead". The only use of this linked list is
to free all list elements when the exportlist elements are also all being
free'd at the time the exports are being reloaded.
This patch replaces this one global linked list head with a list head in
each exportlist structure, where the grouplist elements for that exported
file system are linked.
The only change is that now the grouplist elements are free'd with the
associated exportlist element as they are free'd instead of all grouplist
elements being free'd after the exportlist elements are free'd. This
change should have no effect in practice.
This is being done, since a future patch that will add a "-I" option for
incrementally updating the exports in the kernel needs to know which
grouplist elements are associated with each exported file system and
having them linked into a list headed by the exportlist element does that.

MFC after: 1 month
947c94708107c0e0cb86743a7db47e705466fb2f 11-May-2019 rmacklem <rmacklem@FreeBSD.org> Factor code into two new functions in preparation for a future commit.

Factor code into two functions.
read_exportfile() a functon which reads the exports file(s) and calls
get_exportlist_one() to process each of them.
delete_export() a function which deletes the exports in the kernel for a file
The contents of these functions is just the same code as was used to do the
operations, moved into separate functions. As such, there is no semantic change.
This is being done in preparation for a future commit that will add an
option to do incremental changes of kernel exports upon receiving SIGHUP.

MFC after: 1 month
ae62693aba1e47c6257b3f61ab05eacdffc612e6 10-May-2019 rmacklem <rmacklem@FreeBSD.org> Factor out some exportlist list operations into separate functions.

This patch moves the code that removes and frees all exportlist elements
out into a separate function called free_exports().
It does the same for the insertion of a new exportlist entry into a list.
It also adds a second argument to ex_search() for the list to use.
None of these changes have any semantic effect. They are being done to
prepare the code for future patches that convert the single linked list
for the exportlist to a hash table of lists and a patch that will do
incremental changes of exports in the kernel.
And it fixes the argument for SLIST_HEAD_INITIALIZER() to be a pointer,
which doesn't really matter, since SLIST_HEAD_INITIALIZER() doesn't use
the argument.

MFC after: 1 month
b79e2c5dca289d4854f8b9291cc83b10b7a3cad9 30-Apr-2019 mav <mav@FreeBSD.org> Respect quotes and escapes when splitting exports fields.

Without this r293305 was still unable to handle names with spaces.

MFC after: 1 week
Sponsored by: iXsystems, Inc.
9840df76dd6c45b338a52356a8695450471c46af 06-Dec-2018 sef <sef@FreeBSD.org> Reduce number of DNS queries in mountd.

As reported by a FreeNAS user (see https://redmine.ixsystems.com/issues/55728),
mountd does more calls to getnameinfo() than it needs to; this changes it to
only call it for the RPC calls it needs the name information for.

Reported by: Dave Flowers
Reviewed by: imp, mav
Approved by: mav (mentor)
MFC after: 2 weeks
Sponsored by: iXsystems Inc
Differential Revision: https://reviews.freebsd.org/D18430
2ca9bd53e79a6f6a4fa604d9541e3512d62e8f91 14-Nov-2018 sef <sef@FreeBSD.org> mountd has no way to configure the listen queue depth; rather than add a new
option, we pass -1 down to listen, which causes it to use the
kern.ipc.soacceptqueue sysctl.

Approved by: mav
MFC after: 2 weeks
Sponsored by: iXsystems Inc
5c07adbdc3e2de23f67ae657ee452765f2332aba 16-Apr-2018 avg <avg@FreeBSD.org> mountd: fix a crash when getgrouplist reports too many groups

Previously the code only warned about the condition and then happily
proceeded to use the too large value resulting in the array
out-of-bounds access.

Obtained from: Panzura (Chuanbo Zheng)
MFC after: 10 days
Sponsored by: Panzura
739005fe700e4c2bb0dd61d3db2ec52b79ed7d94 21-Feb-2018 rpokala <rpokala@FreeBSD.org> mountd: Return proper errno values in a few error paths

When attempting to mount a non-directory which exists, return ENOTDIR instead
of ENOENT. If stat() or statfs() failed, don't pass part of the invalid
(struct statfs) to ex_search(). In that same case, preserve the value of "bad"
rather than overwriting with EACCES.

Submitted by: Bruce Leverett (Panasas)
Reviewed by: rmacklem
MFC after: 1 week
Sponsored by: Panasas
Differential Revision: https://reviews.freebsd.org/D14438
d0186d492468175d0d48abd7138d93be43fa176d 08-Feb-2018 cem <cem@FreeBSD.org> mountd(8): Produce vaguely meaningful error messages

Sponsored by: Dell EMC Isilon
872b698bd4a1bfc0bf008c09228e6fd238809c75 20-Nov-2017 pfg <pfg@FreeBSD.org> General further adoption of SPDX licensing ID tags.

Mainly focus on files that use BSD 3-Clause license.

The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.

Special thanks to Wind River for providing access to "The Duke of
Highlander" tool: an older (2014) run over FreeBSD tree was useful as a
starting point.
4dde44884f0066905e9ee7f2bf8f61cde9e6a2eb 04-Oct-2017 manu <manu@FreeBSD.org> mountd: Convert mountlist to SLIST

Use SLIST from sys/queue.h instead of homebrew linked list for mountlist.

Reviewed by: bapt, rmacklem
MFC after: 1 week
Sponsored by: Gandi.net
Differential Revision: https://reviews.freebsd.org/D12504
bc78dac94de6daa59b554f48d7d4bf3c5989895a 04-Oct-2017 manu <manu@FreeBSD.org> mountd: Convert exportlist to SLIST

Use SLIST from sys/queue.h instead of homebrew linked list for the exportlist.

Reviewed by: bapt, rmacklem
MFC after: 1 week
Sponsored by: Gandi.net
Differential Revision: https://reviews.freebsd.org/D12502
e41366bcde6f361c6ad8ba1633344714237d808a 26-Sep-2017 manu <manu@FreeBSD.org> mountd: Avoid memory leak by freeing dp_dirp

Introduced in r324007, the data alloced by strdup was never free'ed.
While here, remove cast to caddr_t when freeing dp.

Reported by: bde
MFC after: 1 week
X MFC With: r324007
08db33b92980cd23f97f91db2a0be97bec229e30 26-Sep-2017 manu <manu@FreeBSD.org> mountd: Remove unneeded cast

Reported by: kib
MFC after: 1 week
X MFC With: r324007
b5f772e7845131c3795c1cf3488c5f135d527309 26-Sep-2017 manu <manu@FreeBSD.org> mountd: Replace malloc+strcpy to strdup

Reviewed by: bapt
MFC after: 1 week
Sponsored by: Gandi.net
Differential Revision: https://reviews.freebsd.org/D12503
8fe18be13a45dbf29b397088f579bb57656d4680 14-May-2017 rmacklem <rmacklem@FreeBSD.org> Change the default uid/gid values for nobody/nogroup to 65534/65533.

The default values found in /etc/passwd and /etc/group are 65534, 65533.
In mountd.c, the defaults were -2, which was 65534 back when uid_t was 16bits.
Without this patch, a file created by root on an NFS exported volume without
the "-root=" export option will end up owned by uid 4**32 - 2.
When discussed on freebsd-current@, it seemed that users preferred the
values being changed to 65534/65533.
I have not added code to acquire these values from the databases, since
the mountd daemon might get "stuck" during startup waiting for a non-responsive
password database server.

Discussed on: freebsd-current
7e6cabd06e6caa6a02eeb86308dc0cb3f27e10da 28-Feb-2017 imp <imp@FreeBSD.org> Renumber copyright clause 4

Renumber cluase 4 to 3, per what everybody else did when BSD granted
them permission to remove clause 3. My insistance on keeping the same
numbering for legal reasons is too pedantic, so give up on that point.

Submitted by: Jan Schaumann <jschauma@stevens.edu>
Pull Request: https://github.com/freebsd/freebsd/pull/96
98386c04cf9ff804180a76c32bfe6328c9ea5f27 25-Oct-2016 rmacklem <rmacklem@FreeBSD.org> mountd(8) was erroneously setting the sysctl for the old NFS server
when the new/default NFS server was running, for the "-n" option.

This patch fixes the problem for head and stable/11. For stable/10 the
patch will need to be modified when MFC'd, since the stable/10 mountd.c
handles both old and new NFS servers.
Since the new NFS server uses vfs.nfsd.nfs_privport == 0 by default,
there wouldn't have been many users affected by the code not setting
it to 0 when the "-n" option was specified.

PR: 213450
Submitted by: rs@bytecamp.net
MFC after: 2 weeks
b9642c7349dd7af1833d3b2219914b1ec951d410 02-May-2016 araujo <araujo@FreeBSD.org> Use MIN macro from sys/param.h.

MFC after: 2 weeks.
26c891f0342597b83a8dc9b7e9bb67b9728d84ad 15-Apr-2016 pfg <pfg@FreeBSD.org> Cleanup unnecessary semicolons from utilities we all love.
57f950f66144ba13aa49313465c1a278e1268cbc 07-Jan-2016 jpaetzel <jpaetzel@FreeBSD.org> Allow /etc/exports to contain usernames/groups with spaces in them.

If you are getting your users/groups from a directory service such
as LDAP or AD it's possible for those usernames or groupnames to
contain spaces.

Submitted by: Sean E. Fagan
Reviewed by: rmacklem
MFC after: 1 week
Sponsored by: iXsystems
11e0dd6c90098a31b4ee84a2af39114001952d67 29-Dec-2015 uqs <uqs@FreeBSD.org> Fix type mismatches for malloc(3) and Co.

This is rather pedantic, as for most architectures it holds that
sizeof(type *) == sizeof(type **)

Found by: clang static analyzer
Reviewed by: ed
Differential Revision: https://reviews.freebsd.org/D4722
b8c5808ce8b41c551b2416a161ff58ff4e2bccd8 04-Jul-2015 trasz <trasz@FreeBSD.org> Staticize some stuff in mountd(8); no functional changes.

MFC after: 1 month
Sponsored by: The FreeBSD Foundation
8df65c37f21b6d4bbed84f9f1029a48cf07c980a 16-May-2015 rmacklem <rmacklem@FreeBSD.org> Add a warning message to mountd for exported file
systems that are automounted, since that configuration
isn't supported. This still allows the export, since
two emails I received felt that this should not be
disabled. It sends the message to syslog(LOG_ERR..), so that
it goes to the same places as the other messages related
to /etc/exports problems, even though it is a warning and not an error.

Reviewed by: trasz
MFC after: 2 weeks
3bcd59aa889452d071aee638046aa4a8772dc8f2 29-Apr-2015 trasz <trasz@FreeBSD.org> Remove oldnfs leftovers from mountd(8).

Reviewed by: rmacklem@
Sponsored by: The FreeBSD Foundation
ec156468498da600ba8b0fde444b783708e7246d 18-Apr-2015 sjg <sjg@FreeBSD.org> No need to delete export from filesystems which are not exported.
7a1bb0de5fa8e1d2cff94cca963df5c7a1e98b9f 10-Feb-2015 kib <kib@FreeBSD.org> Mountd iterating over the mount points may race with the parallel
unmount, which causes error from nmount(2) call when performing
MNT_DELEXPORT over the directory which ceased to be a mount point.

The race is legitimate and innocent, but results in the chatty mountd.
Silence it by providing an distinguished error code for the situation,
and ignoring the error in mountd loop.

Based on the patch by: Andreas Longwitz <longwitz@incore.de>
Prodded and tested by: bdrewery
Sponsored by: The FreeBSD Foundation
MFC after: 2 weeks
cb3a27ad28c1f0dde8ed5051245175152b16ce26 19-Jan-2015 rstone <rstone@FreeBSD.org> When mountd is creating sockets, it iterates over all addresses specified
in the "hosts" array and eventually looks up the network address with
getaddrinfo(). At one point it checks for a numeric address and if it
sees one, it sets a hint parameter to force getaddrinfo to interpret the
host as a numeric address. However that hint is not cleared for subsequent
iterations of the loop and if any hosts seen after this point are host names,
getaddrinfo will fail on the name. The result of this bug is that you cannot
pass a host name to the -h flag.

Unfortunately, the first iteration will either process ::1 or,
so the flag is set on the first iteration and all host names will fail
to be processed.

The same bug applies to rpc.lockd and rpc.statd, so fix them too.

Differential Revision: https://reviews.freebsd.org/D1507
Reported by: Dylan Martin
MFC after: 1 week
Sponsored by: Sandvine Inc.
805bdee05f52a9569550ff20de5454f0a1602569 19-Aug-2014 bdrewery <bdrewery@FreeBSD.org> Avoid showing stale errors when nmount(2) fails.

Sometimes nmount(2) will fail without setting errmsg. The previous (ignored)
error would then be shown as the reason for the failed call if the next
nmount(2) also fails without [ENOENT,ENOTSUP].

An example is when there is a tmpfs mounted with -o size. vfs_filteropt() adds
'size' as an error in errmsg due to 'size' not being in tmpfs_updateopts. Then
tmpfs_mount returns [ENOTSUP] from nmount(2), which is then ignored. The next
call may race with an unmount causing an invalid [EINVAL] that then does log an
error, with the tmpfs errmsg.

The race itself is a separate issue to fix as it is expected to have an
[ENOENT] returned instead.

In this example the mount being shown is actually nullfs, not tmpfs that the
error is from.

mountd[740]: can't delete exports for /poudriere/data/.m/exp-head-commit-test-devel/04/.npkg: Invalid argument mount option <size> is unknown

It should only show:

mountd[740]: can't delete exports for /poudriere/data/.m/exp-head-commit-test-devel/04/.npkg: Invalid argument

MFC after: 2 weeks
7700ebe3ffd69c6088261679e25a155d4868f305 20-Feb-2013 pluknet <pluknet@FreeBSD.org> Check if the -sec option is given without an argument.

PR: bin/170413
Submitted by: Andrey Simonenko <simon@comsys.ntu-kpi.kiev.ua>
MFC after: 1 week
804c67a4867afb8b7ef41a3ade748cab870b788c 21-Dec-2012 kevlo <kevlo@FreeBSD.org> Fix socket calls on error post-r243965.

Submitted by: Garrett Cooper
3b6779863aae43214bbd97da920155fd3c28722e 15-Oct-2012 rmacklem <rmacklem@FreeBSD.org> Add a new '-S' option to mountd, which tells it to suspend
execution of the nfsd threads while it is reloading the exports.
This avoids clients from getting intermittent access errors
when the exports are being reloaded non-atomically.
It is not an ideal solution, since requests will back up while
the nfsd threads are suspended. Also, when this option is used,
if mountd crashes while reloading exports, mountd will have to
be restarted to get the nfsd threads to resume execution.
This has been tested by Vincent Hoffman (vince at unsane.co.uk)
and John Hickey (jh at deterlab.net).
The nfse patch offers a more comprehensive solution for this issue.

PR: kern/9619, kern/131342
Reviewed by: kib
MFC after: 2 weeks
b434c519bd169a1758a9c6c6714a1a7725de3651 24-Sep-2012 rmacklem <rmacklem@FreeBSD.org> Attila Bogar reported a bug in mountd when multiple export
entries with different security flavors are in the exports(5)
file. For that case, mountd replies with the security flavors
of the last entry and not the correct one for the client host.
This patch fixes that by storing separate copies of the flavors
for each host/net case, plus a default one for the case where
no hosts/nets are specified on an entry in the exports(5) file.
Unlike the patch in the PR, it replies with the security flavors
for the entry instead of merging the security flavors for all
the entries and replying with that.

Tested by: attila.bogar at linguamatics.com
PR: kern/164933
MFC after: 2 weeks
79315336c56c4e03f82a11f9838965e4ee8d35ba 27-Aug-2012 delphij <delphij@FreeBSD.org> Show error messages if nmount() failed.

MFC after: 1 month
c33328dca54e9fddbdbf16e4195b2970183ef3d1 20-Jan-2012 eadler <eadler@FreeBSD.org> Fix warning when compiling with gcc46:
error: variable 'dirp' set but not used
error: variable 'dirplen' set but not used

Approved by: dim, cperciva (mentor, blanket for pre-mentorship already-approved commits)
MFC after: 3 days
415a3a9b966c1522657d435a1785904f41accc78 30-Dec-2011 uqs <uqs@FreeBSD.org> Spelling fixes for usr.sbin/
ab777938ae6369a3680885303b4b6a5e6dbe850e 14-Jul-2011 delphij <delphij@FreeBSD.org> Use calloc() instead of an explicit memset.

MFC after: 2 weeks
c0db2e6ab9245f3d9d32a5cc6562101f6c96b9c3 02-Jun-2011 rmacklem <rmacklem@FreeBSD.org> Fix the nfs related daemons so that they don't intermittently
fail with "bind: address already in use". This problem was reported
to the freebsd-stable@ mailing list on Feb. 19 under the subject
heading "statd/lockd startup failure" by george+freebsd at m5p dot com.
The problem is that the first combination of {udp,tcp X ipv4,ipv6}
would select a port# dynamically, but one of the other three combinations
would have that port# already in use. The patch is somewhat involved
because it was requested by dougb@ that the four combinations use the
same port# wherever possible. The patch splits the create_service()
function into two functions. The first goes as far as bind(2) in a
loop for up to GETPORT_MAXTRY - 1 times, attempting to use the same port#
for all four cases. If these attempts fail, the last attempt allows
the 4 cases to use different port #s. After this function has succeeded,
the second function, called complete_service(), does the rest of what
create_service() did.
The three daemons mountd, rpc.lockd and rpc.statd all have a
create_service() function that is patched in a similar way. However,
create_service() has non-trivial differences for the three daemons
that made it impractical to share the same functions between them.

Reviewed by: jhb
MFC after: 2 weeks
9ed5d7279c80c342d3be8d0c4665f775b0d06800 24-Apr-2011 rmacklem <rmacklem@FreeBSD.org> This patch changes the default NFS server to the new one, which was
referred to as the experimental server. It also adds a new command
line option "-o" to both mountd and nfsd that forces them to use the
old/regular NFS server. The "-e" option for these commands is now
a no-op, since the new server is the default. I will be committing rc
script and man changes soon. Discussed on freebsd-fs@.
9bdd2cd5a9bae82e8ae3ec5c085e4d4531aa22f7 01-Mar-2011 ru <ru@FreeBSD.org> Fixed conversion of prefix length to a netmask.
c30b6f1bc3875b35d4a3a4a4d64d6d8e78a95a2f 20-Dec-2010 charnier <charnier@FreeBSD.org> Add __unused. Ansi prototypes.
7ae7bc40354b7aa8abaa7fc0dd815b3eabf61548 06-May-2010 rmacklem <rmacklem@FreeBSD.org> If the "-alldirs" export option was used for the V4: line, mountd
would crash in check_options() since dp == NULL for the V4: line.
This patch moves the check for options allowed on the V4: line to
ahead of where dp is used to avoid this crash.

Reported by: mamalos AT eng.auth.gr
MFC after: 1 week
ec9ddec04ca1bcd7e7bb514dfc6970627ee47872 24-Jun-2009 dfr <dfr@FreeBSD.org> Don't use sys/nfs/rpcv2.h - it is part of the old kernel RPC implementation
and will be removed.
4a22bb75d23f761dc88e4dafb643bdbba8e34ba8 23-Jun-2009 rmacklem <rmacklem@FreeBSD.org> When mountd.c parses the nfsv4 root line(s) in /etc/exports, it
allocates data structures that are never linked into the tree or free'd.
As such, mountd would leak memory every time it parsed an nfsv4 root line.
This patch frees up those structures to plug the leak.

Approved by: kib (mentor)
f53c1c309de799bd46cd12223b6f4966838f2e7a 19-Jun-2009 brooks <brooks@FreeBSD.org> Rework the credential code to support larger values of NGROUPS and
NGROUPS_MAX, eliminate ABI dependencies on them, and raise the to 1024
and 1023 respectively. (Previously they were equal, but under a close
reading of POSIX, NGROUPS_MAX was defined to be too large by 1 since it
is the number of supplemental groups, not total number of groups.)

The bulk of the change consists of converting the struct ucred member
cr_groups from a static array to a pointer. Do the equivalent in

Introduce new interfaces crcopysafe() and crsetgroups() for duplicating
a process credential before modifying it and for setting group lists
respectively. Both interfaces take care for the details of allocating
groups array. crsetgroups() takes care of truncating the group list
to the current maximum (NGROUPS) if necessary. In the future,
crsetgroups() may be responsible for insuring invariants such as sorting
the supplemental groups to allow groupmember() to be implemented as a
binary search.

Because we can not change struct xucred without breaking application
ABIs, we leave it alone and introduce a new XU_NGROUPS value which is
always 16 and is to be used or NGRPS as appropriate for things such as
NFS which need to use no more than 16 groups. When feasible, truncate
the group list rather than generating an error.

Minor changes:
- Reduce the number of hand rolled versions of groupmember().
- Do not assign to both cr_gid and cr_groups[0].
- Modify ipfw to cache ucreds instead of part of their contents since
they are immutable once referenced by more than one entity.

Submitted by: Isilon Systems (initial implementation)
X-MFC after: never
PR: bin/113398 kern/133867
ee4de3e44a17a3ff08159350eea8f7c94dd1e5d7 18-Jun-2009 kan <kan@FreeBSD.org> Re-do r192913 in less intrusive way. Only do IP_RECVDSTADDR/IP_SENDSRCADDR
dace for UPDv4 sockets bound to INADDR_ANY. Move the code to set
IP_RECVDSTADDR/IP_SENDSRCADDR into svc_dg.c, so that both TLI and non-TLI
users will be using it.

Back out my previous commit to mountd. Turns out the problem was affecting
more than one binary so it needs to me addressed in generic rpc code in
libc in order to fix them all.

Reported by: lstewart
Tested by: lstewart
d928fef9cef4028c64c41381600621e962d11893 08-Jun-2009 kan <kan@FreeBSD.org> The change r192913 has added dependency on IP_RECVDSTADDR being
set for RPC UDP sockets. Mountd uses internal libc fuctions
directly and bypasses generic socket initialization completely,
so we need to set IP_RECVDSTADDR here to match the libc behavior.
8bb7f959a696a1faa13c049c0471f46f3e88c2fe 28-May-2009 rmacklem <rmacklem@FreeBSD.org> Change the "-4" argument for nfsd and mountd to "-e" to avoid
confusion, since it does not refer to IPv4 nor NFSv4, but to
running the experimental server instead of the regular one.

Approved by: kib (mentor)
8ca86cdf060289a39cd0d843125353b816a7f967 27-May-2009 rmacklem <rmacklem@FreeBSD.org> Modify mountd to handle the experimental nfs server as well as the
regular one. It now takes a "-4" command line argument to force it
to use the experimental server. Otherwise it will use the regular
server unless the experimental server is the only one linked into
the kernel. A third kind of line has been added to /etc/exports,
which is specific to NFSv4 and defines where the NFSv4 tree root is
and can be used to limit access to NFSv4 state handling operations
that do not use any file handle.

Approved by: kib (mentor)
2fb03513fc4b5d35a398f1ceb4b439fe4bb5fb74 03-Nov-2008 dfr <dfr@FreeBSD.org> Implement support for RPCSEC_GSS authentication to both the NFS client
and server. This replaces the RPC implementation of the NFS client and
server with the newer RPC implementation originally developed
(actually ported from the userland sunrpc code) to support the NFS
Lock Manager. I have tested this code extensively and I believe it is
stable and that performance is at least equal to the legacy RPC

The NFS code currently contains support for both the new RPC
implementation and the older legacy implementation inherited from the
original NFS codebase. The default is to use the new implementation -
add the NFS_LEGACYRPC option to fall back to the old code. When I
merge this support back to RELENG_7, I will probably change this so
that users have to 'opt in' to get the new code.

To use RPCSEC_GSS on either client or server, you must build a kernel
which includes the KGSSAPI option and the crypto device. On the
userland side, you must build at least a new libc, mountd, mount_nfs
and gssd. You must install new versions of /etc/rc.d/gssd and
/etc/rc.d/nfsd and add 'gssd_enable=YES' to /etc/rc.conf.

As long as gssd is running, you should be able to mount an NFS
filesystem from a server that requires RPCSEC_GSS authentication. The
mount itself can happen without any kerberos credentials but all
access to the filesystem will be denied unless the accessing user has
a valid ticket file in the standard place (/tmp/krb5cc_<uid>). There
is currently no support for situations where the ticket file is in a
different place, such as when the user logged in via SSH and has
delegated credentials from that login. This restriction is also
present in Solaris and Linux. In theory, we could improve this in
future, possibly using Brooks Davis' implementation of variant

Supporting RPCSEC_GSS on a server is nearly as simple. You must create
service creds for the server in the form 'nfs/<fqdn>@<REALM>' and
install them in /etc/krb5.keytab. The standard heimdal utility ktutil
makes this fairly easy. After the service creds have been created, you
can add a '-sec=krb5' option to /etc/exports and restart both mountd
and nfsd.

The only other difference an administrator should notice is that nfsd
doesn't fork to create service threads any more. In normal operation,
there will be two nfsd processes, one in userland waiting for TCP
connections and one in the kernel handling requests. The latter
process will create as many kthreads as required - these should be
visible via 'top -H'. The code has some support for varying the number
of service threads according to load but initially at least, nfsd uses
a fixed number of threads according to the value supplied to its '-n'

Sponsored by: Isilon Systems
MFC after: 1 month
7b00b88e8b33dcc92f403004881844581a9dc11e 05-Mar-2008 rodrigc <rodrigc@FreeBSD.org> Remove hacks which filter out MNT_ROOTFS.
They are no longer needed now that we filter out MNT_ROOTFS
inside the nmount() call in revision 1.267 of vfs_mount.c.

Reviewed by: rink
f96314870d270524e2168acf6a11fad873163c42 27-Oct-2007 simon <simon@FreeBSD.org> Use the correct variable to check for a malloc failing. This fixes a
case where mountd would fail to start with "out of memory" logged to
d3d824bbff6c49ea17c406f19b6a443face28515 20-Oct-2007 matteo <matteo@FreeBSD.org> Add the -h <bindip> option to mountd, similar to the one in nfsd(8)

-h bindip
Specify specific IP addresses to bind to for TCP and UDP requests.
This option may be specified multiple times. If no -h option is
specified, mountd will bind to INADDR_ANY. Note that when specifying
IP addresses with -h, mountd will automatically add and if
IPv6 is enabled, ::1 to the list.

PR: bin/114097
Reviewed by: pjd (an eariler version of the patch)
MFC after: 1 week
1a9b4ef00026ba68bc71de5107563acbe43b38bc 13-Apr-2007 pjd <pjd@FreeBSD.org> Fatal error is only when cannot open any of the given exports files.
8d0230d7615c8c86af0b5722ac7ca8a1578a0630 03-Feb-2007 pjd <pjd@FreeBSD.org> Add support for multiple exports files. This will be useful for example for
ZFS, where we have automatically generated /etc/zfs/exports file, which
should not be edited directly.

Discussed with: rwatson
6204a21149597458cd050897b5c37ed77709bcb1 26-Jan-2007 rodrigc <rodrigc@FreeBSD.org> If nmount() fails to export a directory, in the syslog() error message,
add the errmsg string returned by nmount().
7a2a030c15e461af3927da3010f9e748368094a7 18-Nov-2006 rodrigc <rodrigc@FreeBSD.org> Ignore SIGPIPE, instead of terminating process.

PR: 81230
Submitted by: Dmitrij Tejblum <tejblum yandex-team ru>
MFC after: 1 month
e1c2e84f500d629db7590cdd958c6f20f3c2ea09 19-Oct-2006 rink <rink@FreeBSD.org> My previous commit made it impossible to export / over NFS; this small
change fixes this.

Reported by: Lin Jui-Nan Eric < ericlin dot jnlin at gmail dot com >
Submitted by: Erik Trulsson < ertr1013 at student dot uu dot se > (commit is inspired by a patch from Erik)
Pointyhat to: me
Reviewed by: stable@
Approved by: imp (mentor)
MFC after: 3 days
048d5cc4aa51705f651aa63f01ccb6e2e0894cd3 09-Oct-2006 rink <rink@FreeBSD.org> Prevent mountd(8) from resetting mount options when exporting a filesystem.

Approved by: imp (mentor)
Sponsored by: Quality Service Provider BV
MFC after: 3 days
42f2307385b539be42db57548e392b25b20089d1 08-Jul-2006 rodrigc <rodrigc@FreeBSD.org> In get_exportlist(), properly loop over mounted filesystems.

PR: bin/99873
Submitted by: Danny Braniss <danny at cs dot huji dot ac dot il>
88f89f303f98a490372396329e6e2b207a3a08d3 06-Jun-2006 rodrigc <rodrigc@FreeBSD.org> For network filesystems (NFS, samba, etc.), do not pass "export" nmount()
parameter to try to delete an NFS export. It won't work, and will log
a spurious warning to syslog.

Tested by: Arno J. Klaassen <arno at heho dot snv dot jussieu dot fr>
MFC after: 3 days
f5f4b77a10dee6f7b5030f1278d65749bf03f03e 28-May-2006 rodrigc <rodrigc@FreeBSD.org> Do not log "can't delete export" messages if nmount() returns ENOTSUP.
This eliminates spurious log entries for trying to delete exports
for filesystems like devfs and procfs.
155325e141d52dfb9b4691302e725f29770b3775 24-May-2006 rodrigc <rodrigc@FreeBSD.org> Convert to nmount() and remove hardcoded checks for ufs, msdosfs, ntfs,
and cd9660.

PR: bin/97642
04be51fc90e96399fdb0fbc4352ca5b7b52e4ad6 23-May-2006 rodrigc <rodrigc@FreeBSD.org> Convert mountd to nmount(). Remove some hardcoded dependencies
on ufs, cd9660, msdosfs, and ntfs, but not all dependencies.
c71407b5890e69c4a1adc0e0936f0d7e9cd24be4 16-Sep-2005 pjd <pjd@FreeBSD.org> Pidfiles should be created with permission preventing users from opening
them for reading. When user can open file for reading, he can also
flock(2) it, which can lead to confusions.

Pointed out by: green
a834e2610e36c1ba370a2d6b444f1916e46cf280 24-Aug-2005 pjd <pjd@FreeBSD.org> Use pidfile(3) in mountd(8). There is no need to use /var/run/mountd.lock
e33ba033454acbec171e04edba1395842e412b5c 13-May-2005 ume <ume@FreeBSD.org> NI_WITHSCOPEID cleanup. Neither RFC 2553 nor RFC 3493 defines
NI_WITHSCOPEID, and our getaddrinfo(3) does nothing special
for it, now.
ce3085bbfbefdc248456fec1c710f8d1baea0d8e 09-Apr-2005 stefanf <stefanf@FreeBSD.org> Remove unused variables.
fe016ce224c283ad12f86190ade43b96eabd4ddc 11-Dec-2004 phk <phk@FreeBSD.org> Also do not send junk mount arguments when removing exports.
d00a4eaaead4ab4b18854f36695ffdd9a4a08df8 02-Oct-2004 stefanf <stefanf@FreeBSD.org> Pass an array of gid_t rather than an array of int to getgroups().

PR: 56646
9fbed704d53384df13f05c4f0b546851054b6f7b 07-Aug-2004 imp <imp@FreeBSD.org> Per letter dated July 22, 1999 remove 3rd clause of Berkeley derived software
(with permission of addtional copyright holders where appropriate)
0b0ae8e16e50fd60ad86f4f14ec05cfc50e7eae5 05-Mar-2004 markm <markm@FreeBSD.org> Make NULL a (void*)0 whereever possible, and fix the warnings(-Werror)
that this provokes. "Wherever possible" means "In the kernel OR NOT
C++" (implying C).

There are places where (void *) pointers are not valid, such as for
function pointers, but in the special case of (void *)0, agreement
settles on it being OK.

Most of the fixes were NULL where an integer zero was needed; many
of the fixes were NULL where ascii <nul> ('\0') was needed, and a
few were just "other".

Tested on: i386 sparc64
9edf7709555b649f2b72add5b6d4eaa4e3c546e0 04-Mar-2004 bms <bms@FreeBSD.org> Add a new option to mountd(8), -p <port>. This allows the user to specify
a known port for use in firewall rulesets; otherwise the port is chosen
at run-time by bindresvport().

MFC after: 1 week
446d2f7e9fce7c214100f4e8bc56ecd6274363d3 30-Oct-2003 peter <peter@FreeBSD.org> Rename the 'log' variable rather than -fno-builtin-log
18ddddadd0b53c5975d80e5064c1228aabd325b8 26-Oct-2003 peter <peter@FreeBSD.org> Use -fno-builtin-log. Fix svc_sendreply() missing required casts.
It is now WARNS=2 clean again.
003334ca8fd4b95ebd29f7cc4862495ea88067f4 17-Jul-2003 rwatson <rwatson@FreeBSD.org> When reporting errors binding IPv6 TCP sockets, don't call them UDP
sockets in the printf.

Fix two minor co-located whitespace glitches.

Product of: France
f4b7d5938511f9f869d55eaf04dbfc04edcf0989 16-Jan-2003 mbr <mbr@FreeBSD.org> Implement nonblocking tpc-connections. rpcgen -m does still
produce backcompatible code.

Reviewed by: rwatson
Obtained from: NetBSD
MFC after: 1 day
de3f4fb0c591dff2b2d0df380ab15815456c28dd 16-Oct-2002 charnier <charnier@FreeBSD.org> s/rpc.mountd/mountd/
Reorder #if/#endif around sccsid to conform style(9)
86a758e51be945d9e690ee0802a21bf9a667b4e8 25-Sep-2002 mike <mike@FreeBSD.org> Use the standardized CHAR_BIT constant instead of NBBY in userland.
9c2c51a1e61030bfe633fa01ea19069f3fd0091b 22-Jul-2002 ume <ume@FreeBSD.org> use IPV6_V6ONLY instead of non standard IPV6_BINDV6ONLY.

MFC after: 1 week
63afba9f66e6db9c328d43e463254994b758bf41 18-Jul-2002 joerg <joerg@FreeBSD.org> Try to give a more descriptive error message for the pilot error of
attempting to export the non-root of a filesystem with -alldirs. This
pilot error seems to be very common, and the "could not remount" error
message doesn't give much hints about the real reason. See the old PR
below for an example.

While i was at it, make it possible to entirely omit the often
annoying error message in that case by specifying the "quiet" exports
flag. This allows to specify something like

/cdrom -alldirs,ro,quiet <where to export to>

which will silently fail if nothing is mounted under /cdrom, but do
the rigth thing as soon as you mount something.

While doing this, i've put the embedded example in the exports(5) man
page into a subsection of its own as it ought to be.

Thanks for Paul Southworth for reminding me about this problem.

PR: bin/4448
MFC after: 1 month
b53eff381dcf8067f1d12b0735cc8599466af870 15-Jul-2002 alfred <alfred@FreeBSD.org> If an RPC fails, try a shorter reply in case the fault lies with the
size of the response.

PR: misc/26320
MFC After: 2 weeks
03ae273076386996782a5245a8dcd825add235a5 25-Jun-2002 alfred <alfred@FreeBSD.org> Remove old pre-TIRPC code for getting transport handles. The code that
follows spams over the contents of them making the removed code useless.
896f3841bf047ca93766900f8cd8c5852e6a9245 16-May-2002 trhodes <trhodes@FreeBSD.org> more file system > filesystem
36cd292d7d6aabeb37153a23e56edf19634ea118 14-May-2002 iedowse <iedowse@FreeBSD.org> Use fgetln to remove the static limit on the length of lines in
/etc/exports. Oversized lines were unlikely due to the large 10k
limit, but any found would cause mountd to exit with an error. Also
fix one or two compiler warnings.
baca1664d961625b631ee7b6c1faf55e0f926aa9 21-Mar-2002 imp <imp@FreeBSD.org> o __P removed
o main prototype removed
73c6870b18b8289171acd66d63bdd7ce8fb819b6 20-Mar-2002 obrien <obrien@FreeBSD.org> Remove 'register' keyword.
It does not help modern compilers, and some may take some hit from it.
(I also found several functions that listed *every* of its 10 local vars with
"register" -- just how many free registers do people think machines have?)
c8a6bd99227ca59b48fafa66f2a21ddb86096d9e 27-Feb-2002 dd <dd@FreeBSD.org> Introduce a version field to `struct xucred' in place of one of the
spares (the size of the field was changed from u_short to u_int to
reflect what it really ends up being). Accordingly, change users of
xucred to set and check this field as appropriate. In the kernel,
this is being done inside the new cru2x() routine which takes a
`struct ucred' and fills out a `struct xucred' according to the
former. This also has the pleasant sideaffect of removing some
duplicate code.

Reviewed by: rwatson
0bbcfd5027b99755d085fbcf82c63b6738ff9b48 20-Sep-2001 peter <peter@FreeBSD.org> Deal with module name changes and autoloading.
68a5e33921ddffccaf8bda03691dd342cec460e6 18-Sep-2001 peter <peter@FreeBSD.org> Userland part of nfs client/server split and cleanup.
5e75b336b9d01ea2b70ff9f4098ca7e54f86975a 19-Aug-2001 kris <kris@FreeBSD.org> Silence non-constant format string warnings by marking functions
as __printflike()/__printf0like(), adding const, or adding missing "%s"
format strings, as appropriate.

MFC after: 2 weeks
edba9b52a2d2c640456bef41368d64238fafd674 02-Jul-2001 dd <dd@FreeBSD.org> Correct handling of continuation lines. Instead of treating the
backslash as nothing, treat it like a space so that adjacent lines
aren't glued together.

PR: 8479
Submitted by: Adrian Filipi-Martin <adrian@ubergeeks.com>
0c44ad95b85b9c481f5dfda70664f7bc7462a0ff 01-Jun-2001 ru <ru@FreeBSD.org> - VFS_SET(msdos) -> VFS_SET(msdosfs)
- msdos.ko -> msdosfs.ko
- mount_msdos(8) -> mount_msdosfs(8)
- "msdos" -> "msdosfs" compatibility glue in mount(8)
9dfeaf738ee5fa7b38ea4495076dc6c073ca94cc 29-May-2001 phk <phk@FreeBSD.org> Remove MFS
fdb42dd4bf429f38a9ffc635d5c04d380f354ee6 29-May-2001 iedowse <iedowse@FreeBSD.org> Since the netexport struct was centralised to 'struct mount',
attempting to remove nonexistant exports with MNT_DELEXPORT returns
an error; before this change it always succeeded. This caused
mountd(8) to log "can't delete exports for /whatever" warnings.

Change the error code from EINVAL to a more specific ENOENT, and
make mountd ignore this error when deleting the export list. I
could have just restored the previous behaviour of returning success,
but I think an error return is a useful diagnostic.

Reviewed by: phk
05f3be90b2e785fbcbac9efe38dd8fb4bd6cdb7c 26-May-2001 ru <ru@FreeBSD.org> - sys/n[tw]fs moved to sys/fs/n[tw]fs
- /usr/include/n[tw]fs moved to /usr/include/fs/n[tw]fs
8094d979ca0adb982d9e0c5482a2825da1b38e11 25-May-2001 ru <ru@FreeBSD.org> - sys/msdosfs moved to sys/fs/msdosfs
- msdos.ko renamed to msdosfs.ko
- /usr/include/msdosfs moved to /usr/include/fs/msdosfs
ba96b53461e2b4ea9034c2e532e2abbf478772bf 23-Apr-2001 iedowse <iedowse@FreeBSD.org> Reinstate one more old bugfix that got lost in the tirpc commit:
always look up -network and -mask addresses numerically before
trying getnetbyname(). Without this, we may end up attempting DNS
queries on silly names such as "". See the
commit log from revisions 1.21 and 1.20 for further details.
701f37e23c0faa12fb8e068be17956b3a4ca4678 22-Apr-2001 iedowse <iedowse@FreeBSD.org> When exporting a directory that is not a mountpoint, mountd repeatedly
removes the last path component until the mount() succeeds. However,
the code never checks if it has passed the mountpoint, so in some
cases where the mount() never succeeds, it can end up applying the
flags from a mounted filesystem to the underlying one.

Add a sanity check to the code which removes the last path component:
test that the fsid associated with the new path is the same as that
of the old one.

PR: bin/7872
e293eec299cf6d1b713c8c0897fdcc936608b410 21-Apr-2001 iedowse <iedowse@FreeBSD.org> The introduction of IPv6 support from NetBSD's mountd invalidated
a number of assumptions related to the parsing of options in
/etc/exports, and missed a few necessary new error checks.

The main problems related to netmasks: an IPv6 network address
missing a netmask would result in the filesystem being exported to
the whole IPv6 world, non-continuous netmasks would be made continuous
without any warnings, and nothing prevented you specifying an IPv4
mask with an IPv6 address.

This change addresses these issues. As a side-effect we now store
netmasks in sockaddr structs (this matches the kernel interface,
and is closer to the way it used to be). Add a flag OP_HAVEMASK to
keep track of whether or not we have successfully got a mask from
any source. Replace some mask-related helper functions with versions
that use the sockaddr-based masks.

Also tidy up get_net() and fix the code that interprets IPv4 partial
networks such as "127.1" as network rather than host addresses.
Properly zero out some structures that were ending up partially
containing junk from the stack, fix a few formatting issues, and
add a comment noting some assumptions about export arguments.
439a88e5fd41053348c67e3cd4a183aceb2721ac 21-Apr-2001 iedowse <iedowse@FreeBSD.org> Fix a long-standing bug relating to the handling of SIGHUP: mountd
would call malloc, stdio and other library functions from the signal
handler which is not safe due to reentrancy problems.

Instead, add a simple handler that just sets a flag, and call the
more complex function from main() when necessary. Unfortunately to
be able to check this flag, we must expand the svc_run() call, but
the RPC library makes that relatively easy to do.
3f3a6a4168d6fc20dc75059c467c7ac113a79eaa 18-Apr-2001 iedowse <iedowse@FreeBSD.org> A few more mountd cleanups:
- Remove some horrible code that faked a "struct addrinfo" to be
later passed to freeaddrinfo(). Instead, add a new group type
"GT_DEFAULT" used to denote that the filesystem is exported to the
world, and treat this case separately.
- Don't clear the AI_CANONNAME flag in a struct addrinfo returned
by getaddrinfo. There's still a bit more struct addrinfo abuse
left in here.
- Simplify do_mount() slightly by using an addrinfo pointer to keep
track of the current address.
023d47cd6f83379d1b74c9acd77bff16f6143a50 17-Apr-2001 iedowse <iedowse@FreeBSD.org> Various bugfixes and cleanups, mainly from Martin Blapp:
- Revert del_mlist() to its pre-tirpc prototype. Unlike NetBSD's version,
ours lets the caller generate any syslog() messages, so that it
can include the service name in the message.
- Initialise a few local variables to clarify the logic and avoid some
compiler warnings.
- Remove a few unused functions and local variables, and fix some
whitespace issues.
- Reinstate the logic for avoiding duplicate host entries that got
removed accidentally in revision 1.41 (added in r1.5). This bit
was submitted in a slightly different form by Thomas Quinot.

Submitted by: Martin Blapp <mb@imp.ch>,
Thomas Quinot <quinot@inf.enst.fr>
PR: bin/26148
43f4ccfaee466169ae8841b8e98ae2a5fe0c9a56 27-Mar-2001 alfred <alfred@FreeBSD.org> give the "netgrent" functions a home in netdb.h
2009fd4382a919bf28f461c803fbd51c50c9d097 25-Mar-2001 alfred <alfred@FreeBSD.org> Replace pmap_unset() with rpcb_unset() which fixes the unregistering.

Submitted by: Martin Blapp <mb@imp.ch>
57d69411fce6e28baee6f833c31098e8b9f6b550 25-Mar-2001 alfred <alfred@FreeBSD.org> Deal with lack of IPv6 support gracefully.

Submitted by: Martin Blapp <mb@imp.ch>
f67e4a8fc7fc95c74bd6c09d3453200de47faea5 19-Mar-2001 alfred <alfred@FreeBSD.org> Bring in a hybrid of SunSoft's transport-independent RPC (TI-RPC) and
associated changes that had to happen to make this possible as well as
bugs fixed along the way.

Bring in required TLI library routines to support this.

Since we don't support TLI we've essentially copied what NetBSD
has done, adding a thin layer to emulate direct the TLI calls
into BSD socket calls.

This is mostly from Sun's tirpc release that was made in 1994,
however some fixes were backported from the 1999 release (supposedly
only made available after this porting effort was underway).

The submitter has agreed to continue on and bring us up to the
1999 release.

Several key features are introduced with this update:
Client calls are thread safe. (1999 code has server side thread
Updated, a more modern interface.

Many userland updates were done to bring the code up to par with
the recent RPC API.

There is an update to the pthreads library, a function
pthread_main_np() was added to emulate a function of Sun's threads

While we're at it, bring in NetBSD's lockd, it's been far too
long of a wait.

New rpcbind(8) replaces portmap(8) (supporting communication over
an authenticated Unix-domain socket, and by default only allowing
set and unset requests over that channel). It's much more secure
than the old portmapper.

Umount(8), mountd(8), mount_nfs(8), nfsd(8) have also been upgraded
to support TI-RPC and to support IPV6.

Umount(8) is also fixed to unmount pathnames longer than 80 chars,
which are currently truncated by the Kernel statfs structure.

Submitted by: Martin Blapp <mb@imp.ch>
Manpage review: ru
Secure RPC implemented by: wpaul
18d474781ff1acbc67429e2db4fa0cf9a0d3c51e 18-Feb-2001 green <green@FreeBSD.org> Switch to using a struct xucred instead of a struct xucred when not
actually in the kernel. This structure is a different size than
what is currently in -CURRENT, but should hopefully be the last time
any application breakage is caused there. As soon as any major
inconveniences are removed, the definition of the in-kernel struct
ucred should be conditionalized upon defined(_KERNEL).

This also changes struct export_args to remove dependency on the
constantly-changing struct ucred, as well as limiting the bounds
of the size fields to the correct size. This means: a) mountd and
friends won't break all the time, b) mountd and friends won't crash
the kernel all the time if they don't know what they're doing wrt
actual struct export_args layout.

Reviewed by: bde
1eef492aa38331a3069c0c781cfb5c2f068e97a2 03-Dec-1999 semenu <semenu@FreeBSD.org> Added ntfs filesystem to be exported.
695cb40382b9d704c0c6bd432fc8b3a0180356d5 12-Nov-1999 billf <billf@FreeBSD.org> (1) Remove ISO support, it's dead in the kernel anyway.
(2) Check for ENOENT when checking for /var/db/mountdtab
(3) Remove a signal handler that called broken functions.
(4) Remove the broken functions.

Submitted by: Martin Blapp <mb@imp.ch>
Reviewed by: bde (1), billf ([234])
f7b632b8ac0fa12163d431402e23a2f103823e68 06-Oct-1999 alfred <alfred@FreeBSD.org> Put the umount request through the same translation as the mount
Fix some uninitialized warnings and a style bug while we are here.
Problem still exists where a failed umount can be misreported as

Submitted by: Martin Blapp <mb@imp.ch>
76f0c923fe4b2a1616453876611dc76b4f6b5355 28-Aug-1999 peter <peter@FreeBSD.org> $Id$ -> $FreeBSD$
9adff9fb5ab664bc3adbcb67c2976ba6a09234ae 21-Apr-1999 alex <alex@FreeBSD.org> Typo fix in diagnostic: -alldir --> -alldirs

PR: 11049
Submitted by: Gerhard Gonter <gonter@whisky.wu-wien.ac.at>
8502ab24377b46a05e0fc7e05663f810c3702d49 29-Dec-1998 dfr <dfr@FreeBSD.org> Here is a patch to make mountd work.
It just replace u_long with u_int32_t and shouldn't affect on i386.
Without this patch,
- unaligned accesses occur
- permission denied randomly

Submitted by: Hidetoshi Shimokawa <simokawa@sat.t.u-tokyo.ac.jp>
b7b0859c3f4470d1bd2770f26c5af6f037833993 02-Aug-1998 bde <bde@FreeBSD.org> Fixed printf format errors.
118387f5a90aec1681f4c2b06acb1de5193e1c4c 15-Jul-1998 charnier <charnier@FreeBSD.org> Correct improper use of .Sm. Document -d flag. Correct use of .Nm. Remove
unused #includes. Add usage(). Use warnx(). Correct spelling. Abort when
malloc() fails.
efe4f69151d02fcb79b2344c8d53805f146630da 25-Jun-1998 wpaul <wpaul@FreeBSD.org> A long time ago I hacked mountd so that it would deal intelligently
with export lines where the same hostname was specified more than once
(this happens a lot with netgroups sometimes). Recently I discovered
that it needs to be hacked to deal with multiple instances of the
same IP address too.

I've been using this modification locally for several months with no
b90f430207e68a7630ac901d312594eab567f377 15-Jun-1998 joerg <joerg@FreeBSD.org> Oops, the previous commit missed one line of code.
ad13fe9511811b2fd55500f08cfa653b67dbef45 15-Jun-1998 joerg <joerg@FreeBSD.org> Watch out for null hostnames in netgroup entries, to avoid dumping core.
This happens if someone tries to export to a netgroup like:

mygroup (,,mynisdomain)
e6fb4ea0302f7e6a531a914441e63b24a7acd92a 20-Jan-1998 bde <bde@FreeBSD.org> Converted to Lite2 mount interface - use vfc_typenum from the
already looked up vfsconf struct for nfs instead of MOUNT_NFS.
Removed related FreeBSD ifdefs.
7f8db0dd299e62df2aa8f56158134d1af1cbbcce 13-Dec-1997 guido <guido@FreeBSD.org> Oops..The default behaviour should be *not* to log all succeeded
requests. If you want this extra loggin, add the -l option.
db8034d25a40e9c0c216d0d4a0f6a3679b6d6e42 10-Dec-1997 guido <guido@FreeBSD.org> Fix some style bugs.
Submitted by: bruce
9c59d252fe57b86fef6b8b555dcc75b12ede8e83 09-Dec-1997 guido <guido@FreeBSD.org> Log all failed mount attempts.
Also add a flag (-l) so mountd will also log all succeeded requests
to mountd.
551d6af699d053638ed88fdf543c957fe35009c1 12-Sep-1997 jlemon <jlemon@FreeBSD.org> If a host in an export line in /etc/exports (or within a netgroup on
an export line) is unresolvable, make a note of it via syslog and skip
that individual host instead of skipping the entire line.

PR: 1981, 815
Perused by: joerg
175058b2d14f3b2427bfd5337c6723835ed23736 29-Aug-1997 guido <guido@FreeBSD.org> Plug info agthering attack as pointed out on Bugtraq recently.
Obtained from: OpenBSD
4acc83b445467fe46f26270857b325af74ce72da 16-Jul-1997 dfr <dfr@FreeBSD.org> Merge WebNFS support from NetBSD.

Obtained from: NetBSD
d189b0dfd03c7b8f1ca08b8f762418be013ad7c0 30-Apr-1997 pst <pst@FreeBSD.org> Back out msmith's recent commit which breaks using symbolic names for netmasks.
Instead, reverse the order of the testing, so if a symbolic name starts with
a digit, we'll see if we can make a network address out of it first. If
that fails, then we'll call getnet...
2190adec411378f2e4ad1aa5e82989febfbfae3d 23-Apr-1997 msmith <msmith@FreeBSD.org> Don't call getnetbyname() on a netmask. On a system with a slow net
connection, a large set of network exports could take many minutes to
time out, giving the appearance of a total hang during boot.
a6bde6da85086f08d0ee2f36010aa9c2a5d354e4 22-Apr-1997 dfr <dfr@FreeBSD.org> Add a -2 flag to mountd to allow an admin to disable NFSv3 services.
This is handy for testing and possibly to work around busted v3 clients.
c0dad1ff8de1b9d4994133bc779a792853883a4d 09-Apr-1997 guido <guido@FreeBSD.org> Make a sysconfig variable controlling if teh kernel should accept
nfs requests from non-privileged ports.

Change mountd such that it does never set this variable, but only clears
it when run with -n. Also document this in the man page.
68052e6de3b1e9b5ba9a171ddf0d7375d60b6f3f 01-Apr-1997 bde <bde@FreeBSD.org> Don't fail when the vfs.nfs.nfs_privport sysctl doesn't exist
(presumably because the kernel is old). Moved the declaration of a
variable realated to this sysctl outside of an unrelated ifdef.

Not fixed:
- this sysctl is badly named (nfs occurs twice).
- it's silly to have for FreeBSD in FreeBSD code, especially when
only half of the FreeBSD-dependent code is ifdefed.
167db5291223948e17d74470feff53f15777fcaf 29-Mar-1997 imp <imp@FreeBSD.org> compare return value from getopt against -1 rather than EOF, per the final
posix standard on the topic.
8db0f5f4fd48850ac02e218a0086a7032f3ea1fe 27-Mar-1997 guido <guido@FreeBSD.org> Add code that will reject nfs requests in teh kernel from nonprivileged
ports. This option will be automatically set/cleraed when mount is run
without/with the -n option.
Reviewed by: Doug Rabson
bd986f80513b7e43c2cfa9a31d651ead5bd1524a 11-Mar-1997 peter <peter@FreeBSD.org> Merge from Lite2 (use new getvfsbyname() and mount(2) interface, cleanup)
4968036f61ba12b2d7bd7a825b0a79c67054a395 22-Feb-1997 peter <peter@FreeBSD.org> Revert $FreeBSD$ to $Id$
808a36ef658c1810327b5d329469bcf5dad24b28 14-Jan-1997 jkh <jkh@FreeBSD.org> Make the long-awaited change from $Id$ to $FreeBSD$

This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.

Boy, I'm glad we're not using sup anymore. This update would have been
insane otherwise.
b5e20236269d7e8d462bdb347fd42e919e9baa6d 29-Aug-1996 wpaul <wpaul@FreeBSD.org> Add one line fix to stop my old 'don't barf if you see the same
hostname/IP twice on same line in /etc/exports' fix from dumping core
due to bogus /etc/exports entries.

Submitted by: Toshihiro Kanda <candy@fct.kgc.co.jp>
ef36b9955894e321e23b12f4d0889153774c9e3c 17-Nov-1995 joerg <joerg@FreeBSD.org> Avoid bogus free() of a junk pointer.

Detected by: phkmalloc
Submitted by: grog@lemis.de (Greg Lehey)
666343f7f055c064375d48bb9a608730d7145beb 27-Jun-1995 dfr <dfr@FreeBSD.org> Changes to support version 3 of the NFS protocol.
The version 2 support has been tested (client+server) against FreeBSD-2.0,
IRIX 5.3 and FreeBSD-current (using a loopback mount). The version 2 support
is stable AFAIK.
The version 3 support has been tested with a loopback mount and minimally
against an IRIX 5.3 server. It needs more testing and may have problems.
I have patched amd to support the new variable length filehandles although
it will still only use version 2 of the protocol.

Before booting a kernel with these changes, nfs clients will need to at least
build and install /usr/sbin/mount_nfs. Servers will need to build and
install /usr/sbin/mountd.

NFS diskless support is untested.

Obtained from: Rick Macklem <rick@snowhite.cis.uoguelph.ca>
1b1ee5553889e207087539ddafa5dfd4e28bd585 11-Jun-1995 rgrimes <rgrimes@FreeBSD.org> Merge RELENG_2_0_5 into HEAD
f3a2b348daf9fa6063c38d2d69563f732a2f80e7 30-May-1995 rgrimes <rgrimes@FreeBSD.org> Remove trailing whitespace.
2e4f6d94509fa7b8efe7193987c360317ab4aea9 21-May-1995 phk <phk@FreeBSD.org> Add a undocumented '-d' flag to set debugging.
af8a9748972ca8e3e513f877abd670899d0e0c2e 26-Mar-1995 wpaul <wpaul@FreeBSD.org> Fixed stupid bug in mountd: it would seem that the kernel doesn't allow
you to push the same host into its NFS export lists twice, but mountd
tries to do it anyway. This means that putting:

/some_file_system -ro host1 host1

in your /etc/exports file causes an error. This is bogus: mountd should be
smart enough to ignore the second instance of host1. This can be a problem
in some configurations that use netgroups. For example, each host in my
netgroups database is has two entries:

startide (startide,-,) (startide.ctr.columbia.edu,-,)

When mountd sees this, it tries to put startide.ctr.columbia.edu into the
export list *twice*. Just listing 'startide' /etc/exports list will also
screw up because mountd will try to resolve the netgroup 'startide' instead
of the hostname 'startide.'

My solution is watch for duplicate entries in get_host() and mark them
as grouptype GT_IGNORE, which do_mount() will now cheefully throw away.
This is a bit of a kludge, but it was the least obtrusive fix I could
come up with.

Also silenced a compiler warning: arguments passwd to xdr_long() should
be u_long, not int. :)
17bb48fa11d98a1b5e3e18f74dc7f80436f95922 02-Dec-1994 wollman <wollman@FreeBSD.org> Change obnoxious ``Not root dir'' error message into one which actually
tells you what's wrong.
eeef7952c3836dd1eb5e994695d5c745b6b51784 22-Sep-1994 wollman <wollman@FreeBSD.org> Automatically load NFS and a bevy of other filesystems.
dd8c8f93200ef4393b52be8867d2058060977779 19-Sep-1994 dfr <dfr@FreeBSD.org> Added support for MSDOS file systems.
cfcc93eec947df1e540a41375912a5fa84ce75c3 26-May-1994 rgrimes <rgrimes@FreeBSD.org> BSD 4.4 Lite sbin Sources

Note: XNSrouted and routed NOT imported here, they shall be imported with