[packages/nfs-utils] - updated to 1.2.7 - removed kcm patch du to problems with refreshing cache - updated heimdal patch
baggins
baggins at pld-linux.org
Thu Nov 29 15:25:51 CET 2012
commit 058a238c3896b3f1c6d00f3b0bf82add8af30557
Author: Jan Rękorajski <baggins at pld-linux.org>
Date: Thu Nov 29 15:25:13 2012 +0100
- updated to 1.2.7
- removed kcm patch du to problems with refreshing cache
- updated heimdal patch
nfs-utils-heimdal-kcm.patch | 212 --------------------------------------------
nfs-utils-heimdal.patch | 37 ++------
nfs-utils.spec | 11 +--
3 files changed, 12 insertions(+), 248 deletions(-)
---
diff --git a/nfs-utils.spec b/nfs-utils.spec
index cd2983a..cc98d37 100644
--- a/nfs-utils.spec
+++ b/nfs-utils.spec
@@ -9,13 +9,13 @@ Summary(pt_BR.UTF-8): Os utilitários para o cliente e servidor NFS do Linux
Summary(ru.UTF-8): Утилиты для NFS и демоны поддержки для NFS-сервера ядра
Summary(uk.UTF-8): Утиліти для NFS та демони підтримки для NFS-сервера ядра
Name: nfs-utils
-Version: 1.2.5
-Release: 11
+Version: 1.2.7
+Release: 1
License: GPL v2
Group: Networking/Daemons
#Source0: http://www.kernel.org/pub/linux/utils/nfs/%{name}-%{version}.tar.bz2
Source0: http://downloads.sourceforge.net/nfs/%{name}-%{version}.tar.bz2
-# Source0-md5: 8395ac770720b83c5c469f88306d7765
+# Source0-md5: 3b5ca797197765dc0c3a4122720c7716
#Source1: ftp://ftp.linuxnfs.sourceforge.org/pub/nfs/nfs.doc.tar.gz
Source1: nfs.doc.tar.gz
# Source1-md5: ae7db9c61c5ad04f83bb99e5caed73da
@@ -48,7 +48,6 @@ Patch1: %{name}-statdpath.patch
Patch2: %{name}-subsys.patch
Patch3: %{name}-union-mount.patch
Patch4: %{name}-heimdal.patch
-Patch5: %{name}-heimdal-kcm.patch
URL: http://nfs.sourceforge.net/
BuildRequires: autoconf >= 2.59
BuildRequires: automake
@@ -188,7 +187,6 @@ Wspólne programy do obsługi NFS.
%patch2 -p1
%patch3 -p1
%patch4 -p1
-%patch5 -p1
%build
%{__libtoolize}
@@ -419,6 +417,7 @@ fi
%attr(755,root,root) %{_sbindir}/rpc.nfsd
%attr(755,root,root) %{_sbindir}/rpc.svcgssd
%attr(755,root,root) %{_sbindir}/nfsstat
+%attr(755,root,root) %{_sbindir}/nfsdcltrack
%attr(754,root,root) /etc/rc.d/init.d/nfs
%attr(754,root,root) /etc/rc.d/init.d/svcgssd
@@ -436,6 +435,7 @@ fi
%{_mandir}/man8/exportfs.8*
%{_mandir}/man8/mountd.8*
%{_mandir}/man8/nfsd.8*
+%{_mandir}/man8/nfsdcltrack.8*
%{_mandir}/man8/nfsstat.8*
%{_mandir}/man8/rpc.mountd.8*
%{_mandir}/man8/rpc.nfsd.8*
@@ -464,6 +464,7 @@ fi
%attr(4755,root,root) /sbin/mount.nfs4
%attr(4755,root,root) /sbin/umount.nfs4
%attr(755,root,root) /sbin/blkmapd
+%attr(755,root,root) /sbin/osd_login
%attr(755,root,root) /sbin/rpc.gssd
%attr(755,root,root) %{_sbindir}/mountstats
%attr(755,root,root) %{_sbindir}/nfsiostat
diff --git a/nfs-utils-heimdal-kcm.patch b/nfs-utils-heimdal-kcm.patch
deleted file mode 100644
index ccf7511..0000000
--- a/nfs-utils-heimdal-kcm.patch
+++ /dev/null
@@ -1,212 +0,0 @@
-diff --git a/utils/gssd/gssd.c b/utils/gssd/gssd.c
-index ccadb07..c1339b6 100644
---- a/utils/gssd/gssd.c
-+++ b/utils/gssd/gssd.c
-@@ -60,6 +60,7 @@ char keytabfile[PATH_MAX] = GSSD_DEFAULT_KEYTAB_FILE;
- char ccachedir[PATH_MAX] = GSSD_DEFAULT_CRED_DIR;
- char *ccachesearch[GSSD_MAX_CCACHE_SEARCH + 1];
- int use_memcache = 0;
-+int use_kcmcache = 0;
- int root_uses_machine_creds = 1;
- unsigned int context_timeout = 0;
- char *preferred_realm = NULL;
-@@ -85,7 +86,7 @@ sig_hup(int signal)
- static void
- usage(char *progname)
- {
-- fprintf(stderr, "usage: %s [-f] [-M] [-n] [-v] [-r] [-p pipefsdir] [-k keytab] [-d ccachedir] [-t timeout] [-R preferred realm]\n",
-+ fprintf(stderr, "usage: %s [-f] [-K] [-M] [-n] [-v] [-r] [-p pipefsdir] [-k keytab] [-d ccachedir] [-t timeout] [-R preferred realm]\n",
- progname);
- exit(1);
- }
-@@ -102,7 +103,7 @@ main(int argc, char *argv[])
- char *progname;
-
- memset(ccachesearch, 0, sizeof(ccachesearch));
-- while ((opt = getopt(argc, argv, "fvrmnMp:k:d:t:R:")) != -1) {
-+ while ((opt = getopt(argc, argv, "fvrmnMKp:k:d:t:R:")) != -1) {
- switch (opt) {
- case 'f':
- fg = 1;
-@@ -113,6 +114,9 @@ main(int argc, char *argv[])
- case 'M':
- use_memcache = 1;
- break;
-+ case 'K':
-+ use_kcmcache = 1;
-+ break;
- case 'n':
- root_uses_machine_creds = 0;
- break;
-diff --git a/utils/gssd/gssd.h b/utils/gssd/gssd.h
-index b1b5793..82c4406 100644
---- a/utils/gssd/gssd.h
-+++ b/utils/gssd/gssd.h
-@@ -63,6 +63,7 @@ extern char pipefs_dir[PATH_MAX];
- extern char keytabfile[PATH_MAX];
- extern char *ccachesearch[];
- extern int use_memcache;
-+extern int use_kcmcache;
- extern int root_uses_machine_creds;
- extern unsigned int context_timeout;
- extern char *preferred_realm;
-diff --git a/utils/gssd/krb5_util.c b/utils/gssd/krb5_util.c
-index f071600..503cac2 100644
---- a/utils/gssd/krb5_util.c
-+++ b/utils/gssd/krb5_util.c
-@@ -125,6 +125,7 @@
- #include "err_util.h"
- #include "gss_util.h"
- #include "krb5_util.h"
-+#include "xcommon.h"
-
- /* Global list of principals/cache file names for machine credentials */
- struct gssd_k5_kt_princ *gssd_k5_kt_princ_list = NULL;
-@@ -299,6 +300,115 @@ gssd_find_existing_krb5_ccache(uid_t uid, char *dirname, struct dirent **d)
- return err;
- }
-
-+#ifdef HAVE_HEIMDAL
-+static int
-+gssd_find_existing_krb5_ccache_kcm(uid_t uid, char **cc)
-+{
-+ krb5_context context;
-+ krb5_cc_cache_cursor cursor;
-+ krb5_ccache id;
-+ char *best_match_name = NULL;
-+ krb5_timestamp best_match_mtime, mtime;
-+ char *ccname;
-+ uid_t ccuid;
-+ int i;
-+ int found = 0;
-+ char buf[1030];
-+ char *princname = NULL;
-+ char *realm = NULL;
-+ int score, best_match_score = 0, err = -EACCES;
-+
-+ *cc = NULL;
-+ if (krb5_init_context(&context))
-+ return err;
-+
-+ if (krb5_cc_cache_get_first(context, "KCM", &cursor))
-+ return err;
-+
-+ while (krb5_cc_cache_next(context, cursor, &id) == 0) {
-+ ccname = xstrdup(krb5_cc_get_name(context, id));
-+ if (ccname == NULL) {
-+ printerr(0, "Error getting CC name\n");
-+ continue;
-+ }
-+ for (i=0,ccuid=0; ccname[i] && isdigit(ccname[i]); i++) {
-+ ccuid = ccuid*10 + (ccname[i] - '0');
-+ }
-+ if (i == 0) {
-+ printerr(3, "CC '%s' not available due to"
-+ " non-standard name\n",
-+ ccname);
-+ continue;
-+ }
-+ /* Only pick caches owned by the user (uid) */
-+ if (ccuid != uid) {
-+ printerr(3, "CC '%s' owned by %u, not %u\n",
-+ ccname, ccuid, uid);
-+ continue;
-+ }
-+ snprintf(buf, sizeof(buf), "KCM:%s", ccname);
-+ if (!query_krb5_ccache(buf, &princname, &realm)) {
-+ printerr(3, "CC '%s' is expired or corrupt\n",
-+ ccname);
-+ err = -EKEYEXPIRED;
-+ continue;
-+ }
-+ krb5_cc_last_change_time(context, id, &mtime);
-+
-+ score = 0;
-+ if (preferred_realm && strcmp(realm, preferred_realm) == 0)
-+ score++;
-+
-+ printerr(3, "CC '%s'(%s@%s) passed all checks and"
-+ " has mtime of %u\n",
-+ ccname, princname, realm, mtime);
-+ /*
-+ * if more than one match is found, return the most
-+ * recent (the one with the latest mtime), and
-+ * don't free the dirent
-+ */
-+ if (!found) {
-+ best_match_name = ccname;
-+ best_match_mtime = mtime;
-+ best_match_score = score;
-+ found++;
-+ } else {
-+ /*
-+ * If current score is higher than best match
-+ * score, we use the current match. Otherwise,
-+ * if the current match has an mtime later
-+ * than the one we are looking at, then use
-+ * the current match. Otherwise, we still
-+ * have the best match.
-+ */
-+ if (best_match_score < score ||
-+ (best_match_score == score &&
-+ mtime > best_match_mtime)) {
-+ free(best_match_name);
-+ best_match_name = ccname;
-+ best_match_mtime = mtime;
-+ best_match_score = score;
-+ } else {
-+ free(ccname);
-+ }
-+ printerr(3, "CC '%s' is our current best match "
-+ "with mtime of %u\n",
-+ best_match_name, best_match_mtime);
-+ }
-+ free(princname);
-+ free(realm);
-+ }
-+ krb5_cc_cache_end_seq_get(context, cursor);
-+ krb5_free_context(context);
-+ if (found) {
-+ *cc = best_match_name;
-+ return 0;
-+ }
-+
-+ return err;
-+}
-+#endif
-+
- /*
- * Obtain credentials via a key in the keytab given
- * a keytab handle and a gssd_k5_kt_princ structure.
-@@ -1002,12 +1112,26 @@ gssd_setup_krb5_user_gss_ccache(uid_t uid, char *servername, char *dirname)
- printerr(2, "getting credentials for client with uid %u for "
- "server %s\n", uid, servername);
- memset(buf, 0, sizeof(buf));
-- err = gssd_find_existing_krb5_ccache(uid, dirname, &d);
-- if (err)
-- return err;
-+#ifdef HAVE_HEIMDAL
-+ if (use_kcmcache) {
-+ char *s;
-+ err = gssd_find_existing_krb5_ccache_kcm(uid, &s);
-+ if (err)
-+ return err;
-+
-+ snprintf(buf, sizeof(buf), "KCM:%s", s);
-+ free(s);
-+ } else {
-+#endif
-+ err = gssd_find_existing_krb5_ccache(uid, dirname, &d);
-+ if (err)
-+ return err;
-
-- snprintf(buf, sizeof(buf), "FILE:%s/%s", dirname, d->d_name);
-- free(d);
-+ snprintf(buf, sizeof(buf), "FILE:%s/%s", dirname, d->d_name);
-+ free(d);
-+#ifdef HAVE_HEIMDAL
-+ }
-+#endif
-
- printerr(2, "using %s as credentials cache for client with "
- "uid %u for server %s\n", buf, uid, servername);
diff --git a/nfs-utils-heimdal.patch b/nfs-utils-heimdal.patch
index c871fb6..3df950a 100644
--- a/nfs-utils-heimdal.patch
+++ b/nfs-utils-heimdal.patch
@@ -1,30 +1,3 @@
---- nfs-utils-1.2.3.dist/configure.ac.orig 2010-09-28 14:24:16.000000000 +0200
-+++ nfs-utils-1.2.3.dist/configure.ac 2010-10-03 14:47:50.699424847 +0200
-@@ -246,12 +246,6 @@
-
- dnl check for the keyutils libraries and headers
- AC_KEYUTILS
--
-- dnl librpcsecgss already has a dependency on libgssapi,
-- dnl but we need to make sure we get the right version
-- if test "$enable_gss" = yes; then
-- AC_RPCSEC_VERSION
-- fi
- fi
-
- if test "$knfsd_cv_glibc2" = no; then
-@@ -295,6 +289,11 @@
- dnl Invoked after AC_KERBEROS_V5; AC_LIBRPCSECGSS needs to have KRBLIBS set
- AC_LIBRPCSECGSS
-
-+ dnl Invoked after AC_KERBEROS_V5
-+ dnl AC_RPCSEC_VERSION needs to now which Kerberos implementation we're using
-+ dnl librpcsecgss already has a dependency on libgssapi,
-+ dnl but we need to make sure we get the right version
-+ AC_RPCSEC_VERSION
- fi
-
- dnl Check for IPv6 support
--- nfs-utils-1.2.3.dist/aclocal/rpcsec_vers.m4.orig 2010-09-28 14:24:16.000000000 +0200
+++ nfs-utils-1.2.3.dist/aclocal/rpcsec_vers.m4 2010-10-03 14:53:06.379424854 +0200
@@ -1,7 +1,10 @@
@@ -41,11 +14,13 @@
if test "$enable_tirpc" = no; then
--- nfs-utils-1.2.3.dist/aclocal/kerberos5.m4~ 2010-09-28 14:24:16.000000000 +0200
+++ nfs-utils-1.2.3.dist/aclocal/kerberos5.m4 2010-10-03 14:13:17.274424855 +0200
-@@ -32,13 +32,13 @@
+@@ -32,14 +32,14 @@
+ fi
if test "$K5CONFIG" != ""; then
KRBCFLAGS=`$K5CONFIG --cflags`
- KRBLIBS=`$K5CONFIG --libs gssapi`
+- KRBLIBS=`$K5CONFIG --libs`
- K5VERS=`$K5CONFIG --version | head -n 1 | awk '{split($(4),v,"."); if (v@<:@"3"@:>@ == "") v@<:@"3"@:>@ = "0"; print v@<:@"1"@:>@v@<:@"2"@:>@v@<:@"3"@:>@ }'`
++ KRBLIBS=`$K5CONFIG --libs gssapi`
AC_DEFINE_UNQUOTED(KRB5_VERSION, $K5VERS, [Define this as the Kerberos version number])
if test -f $dir/include/gssapi/gssapi_krb5.h -a \
\( -f $dir/lib/libgssapi_krb5.a -o \
@@ -170,14 +145,14 @@
* list of supported enctypes, use local default here.
*/
+#ifdef HAVE_HEIMDAL
-+ if (krb5_enctypes == NULL)
++ if (krb5_enctypes == NULL || limit_to_legacy_enctypes)
+ maj_stat = gss_krb5_set_allowable_enctypes(&min_stat, credh,
+ num_enctypes, enctypes);
+ else
+ maj_stat = gss_krb5_set_allowable_enctypes(&min_stat, credh,
+ num_krb5_enctypes, krb5_enctypes);
+#else
- if (krb5_enctypes == NULL)
+ if (krb5_enctypes == NULL || limit_to_legacy_enctypes)
maj_stat = gss_set_allowable_enctypes(&min_stat, credh,
&krb5oid, num_enctypes, enctypes);
else
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/nfs-utils.git/commitdiff/058a238c3896b3f1c6d00f3b0bf82add8af30557
More information about the pld-cvs-commit
mailing list