* [PATCH] nfs-utils: add nfs.upcall @ 2010-10-25 22:40 Trond Myklebust 2010-10-25 23:20 ` Chuck Lever 0 siblings, 1 reply; 6+ messages in thread From: Trond Myklebust @ 2010-10-25 22:40 UTC (permalink / raw) To: steved; +Cc: linux-nfs From: Bryan Schumaker <bjschuma@netapp.com> Add nfs.upcall This patch adds the nfs.upcall program to nfs-utils. This program is called by the nfs idmapper through request-keys to map between uid / user name and gid / group name. Signed-off-by: Bryan Schumaker <bjschuma@netapp.com> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com> --- aclocal/keyutils.m4 | 11 ++++ configure.ac | 4 ++ utils/Makefile.am | 1 + utils/nfs.upcall/Makefile.am | 7 +++ utils/nfs.upcall/nfs.upcall.c | 120 +++++++++++++++++++++++++++++++++++++++++ 5 files changed, 143 insertions(+), 0 deletions(-) create mode 100644 aclocal/keyutils.m4 create mode 100644 utils/nfs.upcall/Makefile.am create mode 100644 utils/nfs.upcall/nfs.upcall.c diff --git a/aclocal/keyutils.m4 b/aclocal/keyutils.m4 new file mode 100644 index 0000000..8aea646 --- /dev/null +++ b/aclocal/keyutils.m4 @@ -0,0 +1,11 @@ +dnl Checks for keyutils library and headers +dnl +AC_DEFUN([AC_KEYUTILS], [ + + dnl Check for libkeyutils; do not add to LIBS if found + AC_CHECK_LIB([keyutils], [keyctl_instantiate], [LIBKEYUTILS=-lkeyutils], ,) + AC_SUBST(LIBKEYUTILS) + + AC_CHECK_HEADERS([keyutils.h], , + [AC_MSG_ERROR([keyutils.h header not found.])]) +])dnl diff --git a/configure.ac b/configure.ac index 3058be6..a5e8620 100644 --- a/configure.ac +++ b/configure.ac @@ -247,6 +247,9 @@ if test "$enable_nfsv4" = yes; then dnl check for nfsidmap libraries and headers AC_LIBNFSIDMAP + dnl check for the keyutils libraries and headers + AC_KEYUTILS + dnl librpcsecgss already has a dependency on libgssapi, dnl but we need to make sure we get the right version if test "$enable_gss" = yes; then @@ -435,6 +438,7 @@ AC_CONFIG_FILES([ utils/mountd/Makefile utils/nfsd/Makefile utils/nfsstat/Makefile + utils/nfs.upcall/Makefile utils/showmount/Makefile utils/statd/Makefile tests/Makefile diff --git a/utils/Makefile.am b/utils/Makefile.am index 8665183..0104a6c 100644 --- a/utils/Makefile.am +++ b/utils/Makefile.am @@ -4,6 +4,7 @@ OPTDIRS = if CONFIG_NFSV4 OPTDIRS += idmapd +OPTDIRS += nfs.upcall endif if CONFIG_GSS diff --git a/utils/nfs.upcall/Makefile.am b/utils/nfs.upcall/Makefile.am new file mode 100644 index 0000000..52afd3d --- /dev/null +++ b/utils/nfs.upcall/Makefile.am @@ -0,0 +1,7 @@ +## Process this file with automake to produce Makefile.in + +sbin_PROGRAMS = nfs.upcall +nfs_upcall_SOURCES = nfs.upcall.c +nfs_upcall_LDADD = -lnfsidmap -lkeyutils + +MAINTAINERCLEANFILES = Makefile.in diff --git a/utils/nfs.upcall/nfs.upcall.c b/utils/nfs.upcall/nfs.upcall.c new file mode 100644 index 0000000..11b9a01 --- /dev/null +++ b/utils/nfs.upcall/nfs.upcall.c @@ -0,0 +1,120 @@ + +#include <stdarg.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> + +#include <pwd.h> +#include <grp.h> +#include <keyutils.h> +#include <nfsidmap.h> + +#include <syslog.h> + +/* gcc nfs.upcall.c -o nfs.upcall -l nfsidmap -l keyutils */ + +#define MAX_ID_LEN 11 +#define IDMAP_NAMESZ 128 +#define USER 1 +#define GROUP 0 + + +/* + * Find either a user or group id based on the name@domain string + */ +int id_lookup(char *name_at_domain, key_serial_t key, int type) +{ + char id[MAX_ID_LEN]; + uid_t uid = 0; + gid_t gid = 0; + + if (type == USER) { + nfs4_owner_to_uid(name_at_domain, &uid); + sprintf(id, "%u", uid); + } else { + nfs4_group_owner_to_gid(name_at_domain, &gid); + sprintf(id, "%u", gid); + } + + return keyctl_instantiate(key, id, strlen(id) + 1, 0); +} + +/* + * Find the name@domain string from either a user or group id + */ +int name_lookup(char *id, key_serial_t key, int type) +{ + char name[IDMAP_NAMESZ]; + char domain[NFS4_MAX_DOMAIN_LEN]; + uid_t uid; + gid_t gid; + int rc = 0; + + rc = nfs4_get_default_domain(NULL, domain, NFS4_MAX_DOMAIN_LEN); + if (rc != 0) { + rc = -1; + goto out; + } + + if (type == USER) { + uid = atoi(id); + rc = nfs4_uid_to_name(uid, domain, name, IDMAP_NAMESZ); + } else { + gid = atoi(id); + rc = nfs4_gid_to_name(gid, domain, name, IDMAP_NAMESZ); + } + + if (rc == 0) + rc = keyctl_instantiate(key, &name, strlen(name), 0); + +out: + return rc; +} + +int main(int argc, char **argv) +{ + char *arg; + char *value; + char *type; + int rc = 1; + int timeout = 600; + key_serial_t key; + + /*openlog("nfs.upcall", 0, LOG_DAEMON);*/ + + if (argc < 3) + return 1; + + arg = malloc(sizeof(char) * strlen(argv[2]) + 1); + strcpy(arg, argv[2]); + type = strtok(arg, ":"); + value = strtok(NULL, ":"); + + if (argc == 4) { + timeout = atoi(argv[3]); + if (timeout < 0) + timeout = 0; + } + + /*syslog(LOG_ERR, "type: %s", type); + syslog(LOG_ERR, "value: %s", value); + syslog(LOG_ERR, "timeout: %d", timeout);*/ + + key = strtol(argv[1], NULL, 10); + + if (strcmp(type, "uid") == 0) + rc = id_lookup(value, key, USER); + else if (strcmp(type, "gid") == 0) + rc = id_lookup(value, key, GROUP); + else if (strcmp(type, "user") == 0) + rc = name_lookup(value, key, USER); + else if (strcmp(type, "group") == 0) + rc = name_lookup(value, key, GROUP); + + /* Set timeout to 5 (600 seconds) minutes */ + keyctl_set_timeout(key, timeout); + + free(arg); + /*closelog();*/ + return rc; +} -- 1.7.2.3 ^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [PATCH] nfs-utils: add nfs.upcall 2010-10-25 22:40 [PATCH] nfs-utils: add nfs.upcall Trond Myklebust @ 2010-10-25 23:20 ` Chuck Lever 2010-10-25 23:46 ` Myklebust, Trond 0 siblings, 1 reply; 6+ messages in thread From: Chuck Lever @ 2010-10-25 23:20 UTC (permalink / raw) To: Trond Myklebust; +Cc: steved, linux-nfs I thought we were going to call this nfs.idmap ... ? On Oct 25, 2010, at 6:40 PM, Trond Myklebust wrote: > From: Bryan Schumaker <bjschuma@netapp.com> > > Add nfs.upcall > > This patch adds the nfs.upcall program to nfs-utils. This program is called by > the nfs idmapper through request-keys to map between uid / user name and > gid / group name. > > Signed-off-by: Bryan Schumaker <bjschuma@netapp.com> > Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com> > --- > aclocal/keyutils.m4 | 11 ++++ > configure.ac | 4 ++ > utils/Makefile.am | 1 + > utils/nfs.upcall/Makefile.am | 7 +++ > utils/nfs.upcall/nfs.upcall.c | 120 +++++++++++++++++++++++++++++++++++++++++ > 5 files changed, 143 insertions(+), 0 deletions(-) > create mode 100644 aclocal/keyutils.m4 > create mode 100644 utils/nfs.upcall/Makefile.am > create mode 100644 utils/nfs.upcall/nfs.upcall.c > > diff --git a/aclocal/keyutils.m4 b/aclocal/keyutils.m4 > new file mode 100644 > index 0000000..8aea646 > --- /dev/null > +++ b/aclocal/keyutils.m4 > @@ -0,0 +1,11 @@ > +dnl Checks for keyutils library and headers > +dnl > +AC_DEFUN([AC_KEYUTILS], [ > + > + dnl Check for libkeyutils; do not add to LIBS if found > + AC_CHECK_LIB([keyutils], [keyctl_instantiate], [LIBKEYUTILS=-lkeyutils], ,) > + AC_SUBST(LIBKEYUTILS) > + > + AC_CHECK_HEADERS([keyutils.h], , > + [AC_MSG_ERROR([keyutils.h header not found.])]) > +])dnl > diff --git a/configure.ac b/configure.ac > index 3058be6..a5e8620 100644 > --- a/configure.ac > +++ b/configure.ac > @@ -247,6 +247,9 @@ if test "$enable_nfsv4" = yes; then > dnl check for nfsidmap libraries and headers > AC_LIBNFSIDMAP > > + dnl check for the keyutils libraries and headers > + AC_KEYUTILS > + > dnl librpcsecgss already has a dependency on libgssapi, > dnl but we need to make sure we get the right version > if test "$enable_gss" = yes; then > @@ -435,6 +438,7 @@ AC_CONFIG_FILES([ > utils/mountd/Makefile > utils/nfsd/Makefile > utils/nfsstat/Makefile > + utils/nfs.upcall/Makefile > utils/showmount/Makefile > utils/statd/Makefile > tests/Makefile > diff --git a/utils/Makefile.am b/utils/Makefile.am > index 8665183..0104a6c 100644 > --- a/utils/Makefile.am > +++ b/utils/Makefile.am > @@ -4,6 +4,7 @@ OPTDIRS = > > if CONFIG_NFSV4 > OPTDIRS += idmapd > +OPTDIRS += nfs.upcall > endif > > if CONFIG_GSS > diff --git a/utils/nfs.upcall/Makefile.am b/utils/nfs.upcall/Makefile.am > new file mode 100644 > index 0000000..52afd3d > --- /dev/null > +++ b/utils/nfs.upcall/Makefile.am > @@ -0,0 +1,7 @@ > +## Process this file with automake to produce Makefile.in > + > +sbin_PROGRAMS = nfs.upcall > +nfs_upcall_SOURCES = nfs.upcall.c > +nfs_upcall_LDADD = -lnfsidmap -lkeyutils > + > +MAINTAINERCLEANFILES = Makefile.in > diff --git a/utils/nfs.upcall/nfs.upcall.c b/utils/nfs.upcall/nfs.upcall.c > new file mode 100644 > index 0000000..11b9a01 > --- /dev/null > +++ b/utils/nfs.upcall/nfs.upcall.c > @@ -0,0 +1,120 @@ > + > +#include <stdarg.h> > +#include <stdio.h> > +#include <stdlib.h> > +#include <string.h> > + > +#include <pwd.h> > +#include <grp.h> > +#include <keyutils.h> > +#include <nfsidmap.h> > + > +#include <syslog.h> > + > +/* gcc nfs.upcall.c -o nfs.upcall -l nfsidmap -l keyutils */ > + > +#define MAX_ID_LEN 11 > +#define IDMAP_NAMESZ 128 > +#define USER 1 > +#define GROUP 0 > + > + > +/* > + * Find either a user or group id based on the name@domain string > + */ > +int id_lookup(char *name_at_domain, key_serial_t key, int type) > +{ > + char id[MAX_ID_LEN]; > + uid_t uid = 0; > + gid_t gid = 0; > + > + if (type == USER) { > + nfs4_owner_to_uid(name_at_domain, &uid); > + sprintf(id, "%u", uid); > + } else { > + nfs4_group_owner_to_gid(name_at_domain, &gid); > + sprintf(id, "%u", gid); > + } > + > + return keyctl_instantiate(key, id, strlen(id) + 1, 0); > +} > + > +/* > + * Find the name@domain string from either a user or group id > + */ > +int name_lookup(char *id, key_serial_t key, int type) > +{ > + char name[IDMAP_NAMESZ]; > + char domain[NFS4_MAX_DOMAIN_LEN]; > + uid_t uid; > + gid_t gid; > + int rc = 0; > + > + rc = nfs4_get_default_domain(NULL, domain, NFS4_MAX_DOMAIN_LEN); > + if (rc != 0) { > + rc = -1; > + goto out; > + } > + > + if (type == USER) { > + uid = atoi(id); > + rc = nfs4_uid_to_name(uid, domain, name, IDMAP_NAMESZ); > + } else { > + gid = atoi(id); > + rc = nfs4_gid_to_name(gid, domain, name, IDMAP_NAMESZ); > + } > + > + if (rc == 0) > + rc = keyctl_instantiate(key, &name, strlen(name), 0); > + > +out: > + return rc; > +} > + > +int main(int argc, char **argv) > +{ > + char *arg; > + char *value; > + char *type; > + int rc = 1; > + int timeout = 600; > + key_serial_t key; > + > + /*openlog("nfs.upcall", 0, LOG_DAEMON);*/ > + > + if (argc < 3) > + return 1; > + > + arg = malloc(sizeof(char) * strlen(argv[2]) + 1); > + strcpy(arg, argv[2]); > + type = strtok(arg, ":"); > + value = strtok(NULL, ":"); > + > + if (argc == 4) { > + timeout = atoi(argv[3]); > + if (timeout < 0) > + timeout = 0; > + } > + > + /*syslog(LOG_ERR, "type: %s", type); > + syslog(LOG_ERR, "value: %s", value); > + syslog(LOG_ERR, "timeout: %d", timeout);*/ > + > + key = strtol(argv[1], NULL, 10); > + > + if (strcmp(type, "uid") == 0) > + rc = id_lookup(value, key, USER); > + else if (strcmp(type, "gid") == 0) > + rc = id_lookup(value, key, GROUP); > + else if (strcmp(type, "user") == 0) > + rc = name_lookup(value, key, USER); > + else if (strcmp(type, "group") == 0) > + rc = name_lookup(value, key, GROUP); > + > + /* Set timeout to 5 (600 seconds) minutes */ > + keyctl_set_timeout(key, timeout); > + > + free(arg); > + /*closelog();*/ > + return rc; > +} > -- > 1.7.2.3 > > -- > To unsubscribe from this list: send the line "unsubscribe linux-nfs" in > the body of a message to majordomo@vger.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html -- Chuck Lever chuck[dot]lever[at]oracle[dot]com ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] nfs-utils: add nfs.upcall 2010-10-25 23:20 ` Chuck Lever @ 2010-10-25 23:46 ` Myklebust, Trond 2010-10-26 12:41 ` Bryan Schumaker 0 siblings, 1 reply; 6+ messages in thread From: Myklebust, Trond @ 2010-10-25 23:46 UTC (permalink / raw) To: Chuck Lever, Schumaker Bryan; +Cc: steved, linux-nfs Ah, fsck... You're right. Bryan, can you instead resend your latest patch for nfs-utils? I've asked Linus to merge the kernel part, so it is time to get the userspace stuff in order too! Sent from my iPhone On Oct 25, 2010, at 19:21, "Chuck Lever" <chuck.lever@oracle.com> wrote: > I thought we were going to call this nfs.idmap ... ? > > On Oct 25, 2010, at 6:40 PM, Trond Myklebust wrote: > >> From: Bryan Schumaker <bjschuma@netapp.com> >> >> Add nfs.upcall >> >> This patch adds the nfs.upcall program to nfs-utils. This program is called by >> the nfs idmapper through request-keys to map between uid / user name and >> gid / group name. >> >> Signed-off-by: Bryan Schumaker <bjschuma@netapp.com> >> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com> >> --- >> aclocal/keyutils.m4 | 11 ++++ >> configure.ac | 4 ++ >> utils/Makefile.am | 1 + >> utils/nfs.upcall/Makefile.am | 7 +++ >> utils/nfs.upcall/nfs.upcall.c | 120 +++++++++++++++++++++++++++++++++++++++++ >> 5 files changed, 143 insertions(+), 0 deletions(-) >> create mode 100644 aclocal/keyutils.m4 >> create mode 100644 utils/nfs.upcall/Makefile.am >> create mode 100644 utils/nfs.upcall/nfs.upcall.c >> >> diff --git a/aclocal/keyutils.m4 b/aclocal/keyutils.m4 >> new file mode 100644 >> index 0000000..8aea646 >> --- /dev/null >> +++ b/aclocal/keyutils.m4 >> @@ -0,0 +1,11 @@ >> +dnl Checks for keyutils library and headers >> +dnl >> +AC_DEFUN([AC_KEYUTILS], [ >> + >> + dnl Check for libkeyutils; do not add to LIBS if found >> + AC_CHECK_LIB([keyutils], [keyctl_instantiate], [LIBKEYUTILS=-lkeyutils], ,) >> + AC_SUBST(LIBKEYUTILS) >> + >> + AC_CHECK_HEADERS([keyutils.h], , >> + [AC_MSG_ERROR([keyutils.h header not found.])]) >> +])dnl >> diff --git a/configure.ac b/configure.ac >> index 3058be6..a5e8620 100644 >> --- a/configure.ac >> +++ b/configure.ac >> @@ -247,6 +247,9 @@ if test "$enable_nfsv4" = yes; then >> dnl check for nfsidmap libraries and headers >> AC_LIBNFSIDMAP >> >> + dnl check for the keyutils libraries and headers >> + AC_KEYUTILS >> + >> dnl librpcsecgss already has a dependency on libgssapi, >> dnl but we need to make sure we get the right version >> if test "$enable_gss" = yes; then >> @@ -435,6 +438,7 @@ AC_CONFIG_FILES([ >> utils/mountd/Makefile >> utils/nfsd/Makefile >> utils/nfsstat/Makefile >> + utils/nfs.upcall/Makefile >> utils/showmount/Makefile >> utils/statd/Makefile >> tests/Makefile >> diff --git a/utils/Makefile.am b/utils/Makefile.am >> index 8665183..0104a6c 100644 >> --- a/utils/Makefile.am >> +++ b/utils/Makefile.am >> @@ -4,6 +4,7 @@ OPTDIRS = >> >> if CONFIG_NFSV4 >> OPTDIRS += idmapd >> +OPTDIRS += nfs.upcall >> endif >> >> if CONFIG_GSS >> diff --git a/utils/nfs.upcall/Makefile.am b/utils/nfs.upcall/Makefile.am >> new file mode 100644 >> index 0000000..52afd3d >> --- /dev/null >> +++ b/utils/nfs.upcall/Makefile.am >> @@ -0,0 +1,7 @@ >> +## Process this file with automake to produce Makefile.in >> + >> +sbin_PROGRAMS = nfs.upcall >> +nfs_upcall_SOURCES = nfs.upcall.c >> +nfs_upcall_LDADD = -lnfsidmap -lkeyutils >> + >> +MAINTAINERCLEANFILES = Makefile.in >> diff --git a/utils/nfs.upcall/nfs.upcall.c b/utils/nfs.upcall/nfs.upcall.c >> new file mode 100644 >> index 0000000..11b9a01 >> --- /dev/null >> +++ b/utils/nfs.upcall/nfs.upcall.c >> @@ -0,0 +1,120 @@ >> + >> +#include <stdarg.h> >> +#include <stdio.h> >> +#include <stdlib.h> >> +#include <string.h> >> + >> +#include <pwd.h> >> +#include <grp.h> >> +#include <keyutils.h> >> +#include <nfsidmap.h> >> + >> +#include <syslog.h> >> + >> +/* gcc nfs.upcall.c -o nfs.upcall -l nfsidmap -l keyutils */ >> + >> +#define MAX_ID_LEN 11 >> +#define IDMAP_NAMESZ 128 >> +#define USER 1 >> +#define GROUP 0 >> + >> + >> +/* >> + * Find either a user or group id based on the name@domain string >> + */ >> +int id_lookup(char *name_at_domain, key_serial_t key, int type) >> +{ >> + char id[MAX_ID_LEN]; >> + uid_t uid = 0; >> + gid_t gid = 0; >> + >> + if (type == USER) { >> + nfs4_owner_to_uid(name_at_domain, &uid); >> + sprintf(id, "%u", uid); >> + } else { >> + nfs4_group_owner_to_gid(name_at_domain, &gid); >> + sprintf(id, "%u", gid); >> + } >> + >> + return keyctl_instantiate(key, id, strlen(id) + 1, 0); >> +} >> + >> +/* >> + * Find the name@domain string from either a user or group id >> + */ >> +int name_lookup(char *id, key_serial_t key, int type) >> +{ >> + char name[IDMAP_NAMESZ]; >> + char domain[NFS4_MAX_DOMAIN_LEN]; >> + uid_t uid; >> + gid_t gid; >> + int rc = 0; >> + >> + rc = nfs4_get_default_domain(NULL, domain, NFS4_MAX_DOMAIN_LEN); >> + if (rc != 0) { >> + rc = -1; >> + goto out; >> + } >> + >> + if (type == USER) { >> + uid = atoi(id); >> + rc = nfs4_uid_to_name(uid, domain, name, IDMAP_NAMESZ); >> + } else { >> + gid = atoi(id); >> + rc = nfs4_gid_to_name(gid, domain, name, IDMAP_NAMESZ); >> + } >> + >> + if (rc == 0) >> + rc = keyctl_instantiate(key, &name, strlen(name), 0); >> + >> +out: >> + return rc; >> +} >> + >> +int main(int argc, char **argv) >> +{ >> + char *arg; >> + char *value; >> + char *type; >> + int rc = 1; >> + int timeout = 600; >> + key_serial_t key; >> + >> + /*openlog("nfs.upcall", 0, LOG_DAEMON);*/ >> + >> + if (argc < 3) >> + return 1; >> + >> + arg = malloc(sizeof(char) * strlen(argv[2]) + 1); >> + strcpy(arg, argv[2]); >> + type = strtok(arg, ":"); >> + value = strtok(NULL, ":"); >> + >> + if (argc == 4) { >> + timeout = atoi(argv[3]); >> + if (timeout < 0) >> + timeout = 0; >> + } >> + >> + /*syslog(LOG_ERR, "type: %s", type); >> + syslog(LOG_ERR, "value: %s", value); >> + syslog(LOG_ERR, "timeout: %d", timeout);*/ >> + >> + key = strtol(argv[1], NULL, 10); >> + >> + if (strcmp(type, "uid") == 0) >> + rc = id_lookup(value, key, USER); >> + else if (strcmp(type, "gid") == 0) >> + rc = id_lookup(value, key, GROUP); >> + else if (strcmp(type, "user") == 0) >> + rc = name_lookup(value, key, USER); >> + else if (strcmp(type, "group") == 0) >> + rc = name_lookup(value, key, GROUP); >> + >> + /* Set timeout to 5 (600 seconds) minutes */ >> + keyctl_set_timeout(key, timeout); >> + >> + free(arg); >> + /*closelog();*/ >> + return rc; >> +} >> -- >> 1.7.2.3 >> >> -- >> To unsubscribe from this list: send the line "unsubscribe linux-nfs" in >> the body of a message to majordomo@vger.kernel.org >> More majordomo info at http://vger.kernel.org/majordomo-info.html > > -- > Chuck Lever > chuck[dot]lever[at]oracle[dot]com > > > > ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] nfs-utils: add nfs.upcall 2010-10-25 23:46 ` Myklebust, Trond @ 2010-10-26 12:41 ` Bryan Schumaker 2010-10-26 12:42 ` Trond Myklebust 0 siblings, 1 reply; 6+ messages in thread From: Bryan Schumaker @ 2010-10-26 12:41 UTC (permalink / raw) To: Myklebust, Trond; +Cc: Chuck Lever, Schumaker Bryan, steved, linux-nfs Sure. Do you want a patch that renames it in the kernel documentation file too? Bryan On 10/25/2010 07:46 PM, Myklebust, Trond wrote: > Ah, fsck... You're right. > > Bryan, can you instead resend your latest patch for nfs-utils? I've asked Linus to merge the kernel part, so it is time to get the userspace stuff in order too! > > Sent from my iPhone > > On Oct 25, 2010, at 19:21, "Chuck Lever" <chuck.lever@oracle.com> wrote: > >> I thought we were going to call this nfs.idmap ... ? >> >> On Oct 25, 2010, at 6:40 PM, Trond Myklebust wrote: >> >>> From: Bryan Schumaker <bjschuma@netapp.com> >>> >>> Add nfs.upcall >>> >>> This patch adds the nfs.upcall program to nfs-utils. This program is called by >>> the nfs idmapper through request-keys to map between uid / user name and >>> gid / group name. >>> >>> Signed-off-by: Bryan Schumaker <bjschuma@netapp.com> >>> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com> >>> --- >>> aclocal/keyutils.m4 | 11 ++++ >>> configure.ac | 4 ++ >>> utils/Makefile.am | 1 + >>> utils/nfs.upcall/Makefile.am | 7 +++ >>> utils/nfs.upcall/nfs.upcall.c | 120 +++++++++++++++++++++++++++++++++++++++++ >>> 5 files changed, 143 insertions(+), 0 deletions(-) >>> create mode 100644 aclocal/keyutils.m4 >>> create mode 100644 utils/nfs.upcall/Makefile.am >>> create mode 100644 utils/nfs.upcall/nfs.upcall.c >>> >>> diff --git a/aclocal/keyutils.m4 b/aclocal/keyutils.m4 >>> new file mode 100644 >>> index 0000000..8aea646 >>> --- /dev/null >>> +++ b/aclocal/keyutils.m4 >>> @@ -0,0 +1,11 @@ >>> +dnl Checks for keyutils library and headers >>> +dnl >>> +AC_DEFUN([AC_KEYUTILS], [ >>> + >>> + dnl Check for libkeyutils; do not add to LIBS if found >>> + AC_CHECK_LIB([keyutils], [keyctl_instantiate], [LIBKEYUTILS=-lkeyutils], ,) >>> + AC_SUBST(LIBKEYUTILS) >>> + >>> + AC_CHECK_HEADERS([keyutils.h], , >>> + [AC_MSG_ERROR([keyutils.h header not found.])]) >>> +])dnl >>> diff --git a/configure.ac b/configure.ac >>> index 3058be6..a5e8620 100644 >>> --- a/configure.ac >>> +++ b/configure.ac >>> @@ -247,6 +247,9 @@ if test "$enable_nfsv4" = yes; then >>> dnl check for nfsidmap libraries and headers >>> AC_LIBNFSIDMAP >>> >>> + dnl check for the keyutils libraries and headers >>> + AC_KEYUTILS >>> + >>> dnl librpcsecgss already has a dependency on libgssapi, >>> dnl but we need to make sure we get the right version >>> if test "$enable_gss" = yes; then >>> @@ -435,6 +438,7 @@ AC_CONFIG_FILES([ >>> utils/mountd/Makefile >>> utils/nfsd/Makefile >>> utils/nfsstat/Makefile >>> + utils/nfs.upcall/Makefile >>> utils/showmount/Makefile >>> utils/statd/Makefile >>> tests/Makefile >>> diff --git a/utils/Makefile.am b/utils/Makefile.am >>> index 8665183..0104a6c 100644 >>> --- a/utils/Makefile.am >>> +++ b/utils/Makefile.am >>> @@ -4,6 +4,7 @@ OPTDIRS = >>> >>> if CONFIG_NFSV4 >>> OPTDIRS += idmapd >>> +OPTDIRS += nfs.upcall >>> endif >>> >>> if CONFIG_GSS >>> diff --git a/utils/nfs.upcall/Makefile.am b/utils/nfs.upcall/Makefile.am >>> new file mode 100644 >>> index 0000000..52afd3d >>> --- /dev/null >>> +++ b/utils/nfs.upcall/Makefile.am >>> @@ -0,0 +1,7 @@ >>> +## Process this file with automake to produce Makefile.in >>> + >>> +sbin_PROGRAMS = nfs.upcall >>> +nfs_upcall_SOURCES = nfs.upcall.c >>> +nfs_upcall_LDADD = -lnfsidmap -lkeyutils >>> + >>> +MAINTAINERCLEANFILES = Makefile.in >>> diff --git a/utils/nfs.upcall/nfs.upcall.c b/utils/nfs.upcall/nfs.upcall.c >>> new file mode 100644 >>> index 0000000..11b9a01 >>> --- /dev/null >>> +++ b/utils/nfs.upcall/nfs.upcall.c >>> @@ -0,0 +1,120 @@ >>> + >>> +#include <stdarg.h> >>> +#include <stdio.h> >>> +#include <stdlib.h> >>> +#include <string.h> >>> + >>> +#include <pwd.h> >>> +#include <grp.h> >>> +#include <keyutils.h> >>> +#include <nfsidmap.h> >>> + >>> +#include <syslog.h> >>> + >>> +/* gcc nfs.upcall.c -o nfs.upcall -l nfsidmap -l keyutils */ >>> + >>> +#define MAX_ID_LEN 11 >>> +#define IDMAP_NAMESZ 128 >>> +#define USER 1 >>> +#define GROUP 0 >>> + >>> + >>> +/* >>> + * Find either a user or group id based on the name@domain string >>> + */ >>> +int id_lookup(char *name_at_domain, key_serial_t key, int type) >>> +{ >>> + char id[MAX_ID_LEN]; >>> + uid_t uid = 0; >>> + gid_t gid = 0; >>> + >>> + if (type == USER) { >>> + nfs4_owner_to_uid(name_at_domain, &uid); >>> + sprintf(id, "%u", uid); >>> + } else { >>> + nfs4_group_owner_to_gid(name_at_domain, &gid); >>> + sprintf(id, "%u", gid); >>> + } >>> + >>> + return keyctl_instantiate(key, id, strlen(id) + 1, 0); >>> +} >>> + >>> +/* >>> + * Find the name@domain string from either a user or group id >>> + */ >>> +int name_lookup(char *id, key_serial_t key, int type) >>> +{ >>> + char name[IDMAP_NAMESZ]; >>> + char domain[NFS4_MAX_DOMAIN_LEN]; >>> + uid_t uid; >>> + gid_t gid; >>> + int rc = 0; >>> + >>> + rc = nfs4_get_default_domain(NULL, domain, NFS4_MAX_DOMAIN_LEN); >>> + if (rc != 0) { >>> + rc = -1; >>> + goto out; >>> + } >>> + >>> + if (type == USER) { >>> + uid = atoi(id); >>> + rc = nfs4_uid_to_name(uid, domain, name, IDMAP_NAMESZ); >>> + } else { >>> + gid = atoi(id); >>> + rc = nfs4_gid_to_name(gid, domain, name, IDMAP_NAMESZ); >>> + } >>> + >>> + if (rc == 0) >>> + rc = keyctl_instantiate(key, &name, strlen(name), 0); >>> + >>> +out: >>> + return rc; >>> +} >>> + >>> +int main(int argc, char **argv) >>> +{ >>> + char *arg; >>> + char *value; >>> + char *type; >>> + int rc = 1; >>> + int timeout = 600; >>> + key_serial_t key; >>> + >>> + /*openlog("nfs.upcall", 0, LOG_DAEMON);*/ >>> + >>> + if (argc < 3) >>> + return 1; >>> + >>> + arg = malloc(sizeof(char) * strlen(argv[2]) + 1); >>> + strcpy(arg, argv[2]); >>> + type = strtok(arg, ":"); >>> + value = strtok(NULL, ":"); >>> + >>> + if (argc == 4) { >>> + timeout = atoi(argv[3]); >>> + if (timeout < 0) >>> + timeout = 0; >>> + } >>> + >>> + /*syslog(LOG_ERR, "type: %s", type); >>> + syslog(LOG_ERR, "value: %s", value); >>> + syslog(LOG_ERR, "timeout: %d", timeout);*/ >>> + >>> + key = strtol(argv[1], NULL, 10); >>> + >>> + if (strcmp(type, "uid") == 0) >>> + rc = id_lookup(value, key, USER); >>> + else if (strcmp(type, "gid") == 0) >>> + rc = id_lookup(value, key, GROUP); >>> + else if (strcmp(type, "user") == 0) >>> + rc = name_lookup(value, key, USER); >>> + else if (strcmp(type, "group") == 0) >>> + rc = name_lookup(value, key, GROUP); >>> + >>> + /* Set timeout to 5 (600 seconds) minutes */ >>> + keyctl_set_timeout(key, timeout); >>> + >>> + free(arg); >>> + /*closelog();*/ >>> + return rc; >>> +} >>> -- >>> 1.7.2.3 >>> >>> -- >>> To unsubscribe from this list: send the line "unsubscribe linux-nfs" in >>> the body of a message to majordomo@vger.kernel.org >>> More majordomo info at http://vger.kernel.org/majordomo-info.html >> >> -- >> Chuck Lever >> chuck[dot]lever[at]oracle[dot]com >> >> >> >> ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] nfs-utils: add nfs.upcall 2010-10-26 12:41 ` Bryan Schumaker @ 2010-10-26 12:42 ` Trond Myklebust 2010-10-26 12:46 ` Bryan Schumaker 0 siblings, 1 reply; 6+ messages in thread From: Trond Myklebust @ 2010-10-26 12:42 UTC (permalink / raw) To: Bryan Schumaker; +Cc: Chuck Lever, Schumaker Bryan, steved, linux-nfs On Tue, 2010-10-26 at 08:41 -0400, Bryan Schumaker wrote: > Sure. Do you want a patch that renames it in the kernel documentation file too? Yes. The documentation definitely needs to be consistent with the implementation. > Bryan > > On 10/25/2010 07:46 PM, Myklebust, Trond wrote: > > Ah, fsck... You're right. > > > > Bryan, can you instead resend your latest patch for nfs-utils? I've asked Linus to merge the kernel part, so it is time to get the userspace stuff in order too! > > > > Sent from my iPhone > > > > On Oct 25, 2010, at 19:21, "Chuck Lever" <chuck.lever@oracle.com> wrote: > > > >> I thought we were going to call this nfs.idmap ... ? > >> > >> On Oct 25, 2010, at 6:40 PM, Trond Myklebust wrote: > >> > >>> From: Bryan Schumaker <bjschuma@netapp.com> > >>> > >>> Add nfs.upcall > >>> > >>> This patch adds the nfs.upcall program to nfs-utils. This program is called by > >>> the nfs idmapper through request-keys to map between uid / user name and > >>> gid / group name. > >>> > >>> Signed-off-by: Bryan Schumaker <bjschuma@netapp.com> > >>> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com> > >>> --- > >>> aclocal/keyutils.m4 | 11 ++++ > >>> configure.ac | 4 ++ > >>> utils/Makefile.am | 1 + > >>> utils/nfs.upcall/Makefile.am | 7 +++ > >>> utils/nfs.upcall/nfs.upcall.c | 120 +++++++++++++++++++++++++++++++++++++++++ > >>> 5 files changed, 143 insertions(+), 0 deletions(-) > >>> create mode 100644 aclocal/keyutils.m4 > >>> create mode 100644 utils/nfs.upcall/Makefile.am > >>> create mode 100644 utils/nfs.upcall/nfs.upcall.c > >>> > >>> diff --git a/aclocal/keyutils.m4 b/aclocal/keyutils.m4 > >>> new file mode 100644 > >>> index 0000000..8aea646 > >>> --- /dev/null > >>> +++ b/aclocal/keyutils.m4 > >>> @@ -0,0 +1,11 @@ > >>> +dnl Checks for keyutils library and headers > >>> +dnl > >>> +AC_DEFUN([AC_KEYUTILS], [ > >>> + > >>> + dnl Check for libkeyutils; do not add to LIBS if found > >>> + AC_CHECK_LIB([keyutils], [keyctl_instantiate], [LIBKEYUTILS=-lkeyutils], ,) > >>> + AC_SUBST(LIBKEYUTILS) > >>> + > >>> + AC_CHECK_HEADERS([keyutils.h], , > >>> + [AC_MSG_ERROR([keyutils.h header not found.])]) > >>> +])dnl > >>> diff --git a/configure.ac b/configure.ac > >>> index 3058be6..a5e8620 100644 > >>> --- a/configure.ac > >>> +++ b/configure.ac > >>> @@ -247,6 +247,9 @@ if test "$enable_nfsv4" = yes; then > >>> dnl check for nfsidmap libraries and headers > >>> AC_LIBNFSIDMAP > >>> > >>> + dnl check for the keyutils libraries and headers > >>> + AC_KEYUTILS > >>> + > >>> dnl librpcsecgss already has a dependency on libgssapi, > >>> dnl but we need to make sure we get the right version > >>> if test "$enable_gss" = yes; then > >>> @@ -435,6 +438,7 @@ AC_CONFIG_FILES([ > >>> utils/mountd/Makefile > >>> utils/nfsd/Makefile > >>> utils/nfsstat/Makefile > >>> + utils/nfs.upcall/Makefile > >>> utils/showmount/Makefile > >>> utils/statd/Makefile > >>> tests/Makefile > >>> diff --git a/utils/Makefile.am b/utils/Makefile.am > >>> index 8665183..0104a6c 100644 > >>> --- a/utils/Makefile.am > >>> +++ b/utils/Makefile.am > >>> @@ -4,6 +4,7 @@ OPTDIRS = > >>> > >>> if CONFIG_NFSV4 > >>> OPTDIRS += idmapd > >>> +OPTDIRS += nfs.upcall > >>> endif > >>> > >>> if CONFIG_GSS > >>> diff --git a/utils/nfs.upcall/Makefile.am b/utils/nfs.upcall/Makefile.am > >>> new file mode 100644 > >>> index 0000000..52afd3d > >>> --- /dev/null > >>> +++ b/utils/nfs.upcall/Makefile.am > >>> @@ -0,0 +1,7 @@ > >>> +## Process this file with automake to produce Makefile.in > >>> + > >>> +sbin_PROGRAMS = nfs.upcall > >>> +nfs_upcall_SOURCES = nfs.upcall.c > >>> +nfs_upcall_LDADD = -lnfsidmap -lkeyutils > >>> + > >>> +MAINTAINERCLEANFILES = Makefile.in > >>> diff --git a/utils/nfs.upcall/nfs.upcall.c b/utils/nfs.upcall/nfs.upcall.c > >>> new file mode 100644 > >>> index 0000000..11b9a01 > >>> --- /dev/null > >>> +++ b/utils/nfs.upcall/nfs.upcall.c > >>> @@ -0,0 +1,120 @@ > >>> + > >>> +#include <stdarg.h> > >>> +#include <stdio.h> > >>> +#include <stdlib.h> > >>> +#include <string.h> > >>> + > >>> +#include <pwd.h> > >>> +#include <grp.h> > >>> +#include <keyutils.h> > >>> +#include <nfsidmap.h> > >>> + > >>> +#include <syslog.h> > >>> + > >>> +/* gcc nfs.upcall.c -o nfs.upcall -l nfsidmap -l keyutils */ > >>> + > >>> +#define MAX_ID_LEN 11 > >>> +#define IDMAP_NAMESZ 128 > >>> +#define USER 1 > >>> +#define GROUP 0 > >>> + > >>> + > >>> +/* > >>> + * Find either a user or group id based on the name@domain string > >>> + */ > >>> +int id_lookup(char *name_at_domain, key_serial_t key, int type) > >>> +{ > >>> + char id[MAX_ID_LEN]; > >>> + uid_t uid = 0; > >>> + gid_t gid = 0; > >>> + > >>> + if (type == USER) { > >>> + nfs4_owner_to_uid(name_at_domain, &uid); > >>> + sprintf(id, "%u", uid); > >>> + } else { > >>> + nfs4_group_owner_to_gid(name_at_domain, &gid); > >>> + sprintf(id, "%u", gid); > >>> + } > >>> + > >>> + return keyctl_instantiate(key, id, strlen(id) + 1, 0); > >>> +} > >>> + > >>> +/* > >>> + * Find the name@domain string from either a user or group id > >>> + */ > >>> +int name_lookup(char *id, key_serial_t key, int type) > >>> +{ > >>> + char name[IDMAP_NAMESZ]; > >>> + char domain[NFS4_MAX_DOMAIN_LEN]; > >>> + uid_t uid; > >>> + gid_t gid; > >>> + int rc = 0; > >>> + > >>> + rc = nfs4_get_default_domain(NULL, domain, NFS4_MAX_DOMAIN_LEN); > >>> + if (rc != 0) { > >>> + rc = -1; > >>> + goto out; > >>> + } > >>> + > >>> + if (type == USER) { > >>> + uid = atoi(id); > >>> + rc = nfs4_uid_to_name(uid, domain, name, IDMAP_NAMESZ); > >>> + } else { > >>> + gid = atoi(id); > >>> + rc = nfs4_gid_to_name(gid, domain, name, IDMAP_NAMESZ); > >>> + } > >>> + > >>> + if (rc == 0) > >>> + rc = keyctl_instantiate(key, &name, strlen(name), 0); > >>> + > >>> +out: > >>> + return rc; > >>> +} > >>> + > >>> +int main(int argc, char **argv) > >>> +{ > >>> + char *arg; > >>> + char *value; > >>> + char *type; > >>> + int rc = 1; > >>> + int timeout = 600; > >>> + key_serial_t key; > >>> + > >>> + /*openlog("nfs.upcall", 0, LOG_DAEMON);*/ > >>> + > >>> + if (argc < 3) > >>> + return 1; > >>> + > >>> + arg = malloc(sizeof(char) * strlen(argv[2]) + 1); > >>> + strcpy(arg, argv[2]); > >>> + type = strtok(arg, ":"); > >>> + value = strtok(NULL, ":"); > >>> + > >>> + if (argc == 4) { > >>> + timeout = atoi(argv[3]); > >>> + if (timeout < 0) > >>> + timeout = 0; > >>> + } > >>> + > >>> + /*syslog(LOG_ERR, "type: %s", type); > >>> + syslog(LOG_ERR, "value: %s", value); > >>> + syslog(LOG_ERR, "timeout: %d", timeout);*/ > >>> + > >>> + key = strtol(argv[1], NULL, 10); > >>> + > >>> + if (strcmp(type, "uid") == 0) > >>> + rc = id_lookup(value, key, USER); > >>> + else if (strcmp(type, "gid") == 0) > >>> + rc = id_lookup(value, key, GROUP); > >>> + else if (strcmp(type, "user") == 0) > >>> + rc = name_lookup(value, key, USER); > >>> + else if (strcmp(type, "group") == 0) > >>> + rc = name_lookup(value, key, GROUP); > >>> + > >>> + /* Set timeout to 5 (600 seconds) minutes */ > >>> + keyctl_set_timeout(key, timeout); > >>> + > >>> + free(arg); > >>> + /*closelog();*/ > >>> + return rc; > >>> +} > >>> -- > >>> 1.7.2.3 > >>> > >>> -- > >>> To unsubscribe from this list: send the line "unsubscribe linux-nfs" in > >>> the body of a message to majordomo@vger.kernel.org > >>> More majordomo info at http://vger.kernel.org/majordomo-info.html > >> > >> -- > >> Chuck Lever > >> chuck[dot]lever[at]oracle[dot]com > >> > >> > >> > >> > ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] nfs-utils: add nfs.upcall 2010-10-26 12:42 ` Trond Myklebust @ 2010-10-26 12:46 ` Bryan Schumaker 0 siblings, 0 replies; 6+ messages in thread From: Bryan Schumaker @ 2010-10-26 12:46 UTC (permalink / raw) To: Trond Myklebust; +Cc: Chuck Lever, Schumaker Bryan, steved, linux-nfs Ok. While I am fixing things up, I will also take this chance to change the key type to nfs_idmap instead of id_resolver. I'll send the utils patch in a separate email, and I'll have the kernel patch out as soon as I can make it. Bryan On 10/26/2010 08:42 AM, Trond Myklebust wrote: > On Tue, 2010-10-26 at 08:41 -0400, Bryan Schumaker wrote: >> Sure. Do you want a patch that renames it in the kernel documentation file too? > > Yes. The documentation definitely needs to be consistent with the > implementation. > >> Bryan >> >> On 10/25/2010 07:46 PM, Myklebust, Trond wrote: >>> Ah, fsck... You're right. >>> >>> Bryan, can you instead resend your latest patch for nfs-utils? I've asked Linus to merge the kernel part, so it is time to get the userspace stuff in order too! >>> >>> Sent from my iPhone >>> >>> On Oct 25, 2010, at 19:21, "Chuck Lever" <chuck.lever@oracle.com> wrote: >>> >>>> I thought we were going to call this nfs.idmap ... ? >>>> >>>> On Oct 25, 2010, at 6:40 PM, Trond Myklebust wrote: >>>> >>>>> From: Bryan Schumaker <bjschuma@netapp.com> >>>>> >>>>> Add nfs.upcall >>>>> >>>>> This patch adds the nfs.upcall program to nfs-utils. This program is called by >>>>> the nfs idmapper through request-keys to map between uid / user name and >>>>> gid / group name. >>>>> >>>>> Signed-off-by: Bryan Schumaker <bjschuma@netapp.com> >>>>> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com> >>>>> --- >>>>> aclocal/keyutils.m4 | 11 ++++ >>>>> configure.ac | 4 ++ >>>>> utils/Makefile.am | 1 + >>>>> utils/nfs.upcall/Makefile.am | 7 +++ >>>>> utils/nfs.upcall/nfs.upcall.c | 120 +++++++++++++++++++++++++++++++++++++++++ >>>>> 5 files changed, 143 insertions(+), 0 deletions(-) >>>>> create mode 100644 aclocal/keyutils.m4 >>>>> create mode 100644 utils/nfs.upcall/Makefile.am >>>>> create mode 100644 utils/nfs.upcall/nfs.upcall.c >>>>> >>>>> diff --git a/aclocal/keyutils.m4 b/aclocal/keyutils.m4 >>>>> new file mode 100644 >>>>> index 0000000..8aea646 >>>>> --- /dev/null >>>>> +++ b/aclocal/keyutils.m4 >>>>> @@ -0,0 +1,11 @@ >>>>> +dnl Checks for keyutils library and headers >>>>> +dnl >>>>> +AC_DEFUN([AC_KEYUTILS], [ >>>>> + >>>>> + dnl Check for libkeyutils; do not add to LIBS if found >>>>> + AC_CHECK_LIB([keyutils], [keyctl_instantiate], [LIBKEYUTILS=-lkeyutils], ,) >>>>> + AC_SUBST(LIBKEYUTILS) >>>>> + >>>>> + AC_CHECK_HEADERS([keyutils.h], , >>>>> + [AC_MSG_ERROR([keyutils.h header not found.])]) >>>>> +])dnl >>>>> diff --git a/configure.ac b/configure.ac >>>>> index 3058be6..a5e8620 100644 >>>>> --- a/configure.ac >>>>> +++ b/configure.ac >>>>> @@ -247,6 +247,9 @@ if test "$enable_nfsv4" = yes; then >>>>> dnl check for nfsidmap libraries and headers >>>>> AC_LIBNFSIDMAP >>>>> >>>>> + dnl check for the keyutils libraries and headers >>>>> + AC_KEYUTILS >>>>> + >>>>> dnl librpcsecgss already has a dependency on libgssapi, >>>>> dnl but we need to make sure we get the right version >>>>> if test "$enable_gss" = yes; then >>>>> @@ -435,6 +438,7 @@ AC_CONFIG_FILES([ >>>>> utils/mountd/Makefile >>>>> utils/nfsd/Makefile >>>>> utils/nfsstat/Makefile >>>>> + utils/nfs.upcall/Makefile >>>>> utils/showmount/Makefile >>>>> utils/statd/Makefile >>>>> tests/Makefile >>>>> diff --git a/utils/Makefile.am b/utils/Makefile.am >>>>> index 8665183..0104a6c 100644 >>>>> --- a/utils/Makefile.am >>>>> +++ b/utils/Makefile.am >>>>> @@ -4,6 +4,7 @@ OPTDIRS = >>>>> >>>>> if CONFIG_NFSV4 >>>>> OPTDIRS += idmapd >>>>> +OPTDIRS += nfs.upcall >>>>> endif >>>>> >>>>> if CONFIG_GSS >>>>> diff --git a/utils/nfs.upcall/Makefile.am b/utils/nfs.upcall/Makefile.am >>>>> new file mode 100644 >>>>> index 0000000..52afd3d >>>>> --- /dev/null >>>>> +++ b/utils/nfs.upcall/Makefile.am >>>>> @@ -0,0 +1,7 @@ >>>>> +## Process this file with automake to produce Makefile.in >>>>> + >>>>> +sbin_PROGRAMS = nfs.upcall >>>>> +nfs_upcall_SOURCES = nfs.upcall.c >>>>> +nfs_upcall_LDADD = -lnfsidmap -lkeyutils >>>>> + >>>>> +MAINTAINERCLEANFILES = Makefile.in >>>>> diff --git a/utils/nfs.upcall/nfs.upcall.c b/utils/nfs.upcall/nfs.upcall.c >>>>> new file mode 100644 >>>>> index 0000000..11b9a01 >>>>> --- /dev/null >>>>> +++ b/utils/nfs.upcall/nfs.upcall.c >>>>> @@ -0,0 +1,120 @@ >>>>> + >>>>> +#include <stdarg.h> >>>>> +#include <stdio.h> >>>>> +#include <stdlib.h> >>>>> +#include <string.h> >>>>> + >>>>> +#include <pwd.h> >>>>> +#include <grp.h> >>>>> +#include <keyutils.h> >>>>> +#include <nfsidmap.h> >>>>> + >>>>> +#include <syslog.h> >>>>> + >>>>> +/* gcc nfs.upcall.c -o nfs.upcall -l nfsidmap -l keyutils */ >>>>> + >>>>> +#define MAX_ID_LEN 11 >>>>> +#define IDMAP_NAMESZ 128 >>>>> +#define USER 1 >>>>> +#define GROUP 0 >>>>> + >>>>> + >>>>> +/* >>>>> + * Find either a user or group id based on the name@domain string >>>>> + */ >>>>> +int id_lookup(char *name_at_domain, key_serial_t key, int type) >>>>> +{ >>>>> + char id[MAX_ID_LEN]; >>>>> + uid_t uid = 0; >>>>> + gid_t gid = 0; >>>>> + >>>>> + if (type == USER) { >>>>> + nfs4_owner_to_uid(name_at_domain, &uid); >>>>> + sprintf(id, "%u", uid); >>>>> + } else { >>>>> + nfs4_group_owner_to_gid(name_at_domain, &gid); >>>>> + sprintf(id, "%u", gid); >>>>> + } >>>>> + >>>>> + return keyctl_instantiate(key, id, strlen(id) + 1, 0); >>>>> +} >>>>> + >>>>> +/* >>>>> + * Find the name@domain string from either a user or group id >>>>> + */ >>>>> +int name_lookup(char *id, key_serial_t key, int type) >>>>> +{ >>>>> + char name[IDMAP_NAMESZ]; >>>>> + char domain[NFS4_MAX_DOMAIN_LEN]; >>>>> + uid_t uid; >>>>> + gid_t gid; >>>>> + int rc = 0; >>>>> + >>>>> + rc = nfs4_get_default_domain(NULL, domain, NFS4_MAX_DOMAIN_LEN); >>>>> + if (rc != 0) { >>>>> + rc = -1; >>>>> + goto out; >>>>> + } >>>>> + >>>>> + if (type == USER) { >>>>> + uid = atoi(id); >>>>> + rc = nfs4_uid_to_name(uid, domain, name, IDMAP_NAMESZ); >>>>> + } else { >>>>> + gid = atoi(id); >>>>> + rc = nfs4_gid_to_name(gid, domain, name, IDMAP_NAMESZ); >>>>> + } >>>>> + >>>>> + if (rc == 0) >>>>> + rc = keyctl_instantiate(key, &name, strlen(name), 0); >>>>> + >>>>> +out: >>>>> + return rc; >>>>> +} >>>>> + >>>>> +int main(int argc, char **argv) >>>>> +{ >>>>> + char *arg; >>>>> + char *value; >>>>> + char *type; >>>>> + int rc = 1; >>>>> + int timeout = 600; >>>>> + key_serial_t key; >>>>> + >>>>> + /*openlog("nfs.upcall", 0, LOG_DAEMON);*/ >>>>> + >>>>> + if (argc < 3) >>>>> + return 1; >>>>> + >>>>> + arg = malloc(sizeof(char) * strlen(argv[2]) + 1); >>>>> + strcpy(arg, argv[2]); >>>>> + type = strtok(arg, ":"); >>>>> + value = strtok(NULL, ":"); >>>>> + >>>>> + if (argc == 4) { >>>>> + timeout = atoi(argv[3]); >>>>> + if (timeout < 0) >>>>> + timeout = 0; >>>>> + } >>>>> + >>>>> + /*syslog(LOG_ERR, "type: %s", type); >>>>> + syslog(LOG_ERR, "value: %s", value); >>>>> + syslog(LOG_ERR, "timeout: %d", timeout);*/ >>>>> + >>>>> + key = strtol(argv[1], NULL, 10); >>>>> + >>>>> + if (strcmp(type, "uid") == 0) >>>>> + rc = id_lookup(value, key, USER); >>>>> + else if (strcmp(type, "gid") == 0) >>>>> + rc = id_lookup(value, key, GROUP); >>>>> + else if (strcmp(type, "user") == 0) >>>>> + rc = name_lookup(value, key, USER); >>>>> + else if (strcmp(type, "group") == 0) >>>>> + rc = name_lookup(value, key, GROUP); >>>>> + >>>>> + /* Set timeout to 5 (600 seconds) minutes */ >>>>> + keyctl_set_timeout(key, timeout); >>>>> + >>>>> + free(arg); >>>>> + /*closelog();*/ >>>>> + return rc; >>>>> +} >>>>> -- >>>>> 1.7.2.3 >>>>> >>>>> -- >>>>> To unsubscribe from this list: send the line "unsubscribe linux-nfs" in >>>>> the body of a message to majordomo@vger.kernel.org >>>>> More majordomo info at http://vger.kernel.org/majordomo-info.html >>>> >>>> -- >>>> Chuck Lever >>>> chuck[dot]lever[at]oracle[dot]com >>>> >>>> >>>> >>>> >> > > ^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2010-10-26 12:46 UTC | newest] Thread overview: 6+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2010-10-25 22:40 [PATCH] nfs-utils: add nfs.upcall Trond Myklebust 2010-10-25 23:20 ` Chuck Lever 2010-10-25 23:46 ` Myklebust, Trond 2010-10-26 12:41 ` Bryan Schumaker 2010-10-26 12:42 ` Trond Myklebust 2010-10-26 12:46 ` Bryan Schumaker
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).