/*
* MNTv2 pathconf procedure
*
* The protocol doesn't include a status field, so Sun apparently considers
* it good practice to let anyone snoop on your system, even if it's
* pretty harmless data such as pathconf. We don't.
*
* Besides, many of the pathconf values don't make much sense on NFS volumes.
* FIFOs and tty device files represent devices on the *client*, so there's
* no point in getting the server's buffer sizes etc.
*/
bool_t
mount_pathconf_2_svc(struct svc_req *rqstp, dirpath *path, ppathcnf *res)
{
struct sockaddr_in *sin = nfs_getrpccaller_in(rqstp->rq_xprt);
struct stat stb;
nfs_export *exp;
char rpath[MAXPATHLEN+1];
char *p = *path;
memset(res, 0, sizeof(*res));
if (*p == '\0')
p = "/";
/* Reload /etc/xtab if necessary */
auth_reload();
/* Resolve symlinks */
if (realpath(p, rpath) != NULL) {
rpath[sizeof (rpath) - 1] = '\0';
p = rpath;
}
/* Now authenticate the intruder... */
exp = auth_authenticate("pathconf", sin, p);
if (!exp) {
return 1;
} else if (stat(p, &stb) < 0) {
xlog(L_WARNING, "can't stat exported dir %s: %s",
p, strerror(errno));
return 1;
}
res->pc_link_max = pathconf(p, _PC_LINK_MAX);
res->pc_max_canon = pathconf(p, _PC_MAX_CANON);
res->pc_max_input = pathconf(p, _PC_MAX_INPUT);
res->pc_name_max = pathconf(p, _PC_NAME_MAX);
res->pc_path_max = pathconf(p, _PC_PATH_MAX);
res->pc_pipe_buf = pathconf(p, _PC_PIPE_BUF);
res->pc_vdisable = pathconf(p, _PC_VDISABLE);
/* Can't figure out what to do with pc_mask */
res->pc_mask[0] = 0;
res->pc_mask[1] = 0;
return 1;
}
void
mountlist_del_all(const struct sockaddr *sap)
{
char *hostname;
struct rmtabent *rep;
FILE *fp;
int lockid;
if ((lockid = xflock(_PATH_RMTABLCK, "w")) < 0)
return;
hostname = host_canonname(sap);
if (hostname == NULL) {
char buf[INET6_ADDRSTRLEN];
xlog(L_ERROR, "can't get hostname of %s",
host_ntop(sap, buf, sizeof(buf)));
goto out_unlock;
}
if (!setrmtabent("r"))
goto out_free;
if (!(fp = fsetrmtabent(_PATH_RMTABTMP, "w")))
goto out_close;
while ((rep = getrmtabent(1, NULL)) != NULL) {
if (strcmp(rep->r_client, hostname) == 0 &&
auth_authenticate("umountall", sap, rep->r_path) != NULL)
continue;
fputrmtabent(fp, rep, NULL);
}
if (slink_safe_rename(_PATH_RMTABTMP, _PATH_RMTAB) < 0) {
xlog(L_ERROR, "couldn't rename %s to %s",
_PATH_RMTABTMP, _PATH_RMTAB);
}
fendrmtabent(fp);
out_close:
endrmtabent(); /* close & unlink */
out_free:
free(hostname);
out_unlock:
xfunlock(lockid);
}
bool_t
mount_umnt_1_svc(struct svc_req *rqstp, dirpath *argp, void *resp)
{
struct sockaddr_in *sin = nfs_getrpccaller_in(rqstp->rq_xprt);
nfs_export *exp;
char *p = *argp;
char rpath[MAXPATHLEN+1];
if (*p == '\0')
p = "/";
if (realpath(p, rpath) != NULL) {
rpath[sizeof (rpath) - 1] = '\0';
p = rpath;
}
if (!(exp = auth_authenticate("unmount", sin, p))) {
return 1;
}
mountlist_del(inet_ntoa(sin->sin_addr), p);
return 1;
}
static struct nfs_fh_len *
get_rootfh(struct svc_req *rqstp, dirpath *path, nfs_export **expret,
mountstat3 *error, int v3)
{
struct sockaddr_in *sin = nfs_getrpccaller_in(rqstp->rq_xprt);
struct stat stb, estb;
nfs_export *exp;
struct nfs_fh_len *fh;
char rpath[MAXPATHLEN+1];
char *p = *path;
if (*p == '\0')
p = "/";
/* Reload /var/lib/nfs/etab if necessary */
auth_reload();
/* Resolve symlinks */
if (realpath(p, rpath) != NULL) {
rpath[sizeof (rpath) - 1] = '\0';
p = rpath;
}
/* Now authenticate the intruder... */
exp = auth_authenticate("mount", sin, p);
if (!exp) {
*error = NFSERR_ACCES;
return NULL;
}
if (stat(p, &stb) < 0) {
xlog(L_WARNING, "can't stat exported dir %s: %s",
p, strerror(errno));
if (errno == ENOENT)
*error = NFSERR_NOENT;
else
*error = NFSERR_ACCES;
return NULL;
}
if (!S_ISDIR(stb.st_mode) && !S_ISREG(stb.st_mode)) {
xlog(L_WARNING, "%s is not a directory or regular file", p);
*error = NFSERR_NOTDIR;
return NULL;
}
if (stat(exp->m_export.e_path, &estb) < 0) {
xlog(L_WARNING, "can't stat export point %s: %s",
p, strerror(errno));
*error = NFSERR_NOENT;
return NULL;
}
if (estb.st_dev != stb.st_dev
&& (!new_cache
|| !(exp->m_export.e_flags & NFSEXP_CROSSMOUNT))) {
xlog(L_WARNING, "request to export directory %s below nearest filesystem %s",
p, exp->m_export.e_path);
*error = NFSERR_ACCES;
return NULL;
}
if (exp->m_export.e_mountpoint &&
!is_mountpoint(exp->m_export.e_mountpoint[0]?
exp->m_export.e_mountpoint:
exp->m_export.e_path)) {
xlog(L_WARNING, "request to export an unmounted filesystem: %s",
p);
*error = NFSERR_NOENT;
return NULL;
}
if (new_cache) {
/* This will be a static private nfs_export with just one
* address. We feed it to kernel then extract the filehandle,
*
*/
if (cache_export(exp, p)) {
*error = NFSERR_ACCES;
return NULL;
}
fh = cache_get_filehandle(exp, v3?64:32, p);
if (fh == NULL) {
*error = NFSERR_ACCES;
return NULL;
}
} else {
int did_export = 0;
retry:
if (exp->m_exported<1) {
export_export(exp);
did_export = 1;
}
if (!exp->m_xtabent)
xtab_append(exp);
if (v3)
fh = getfh_size ((struct sockaddr *) sin, p, 64);
if (!v3 || (fh == NULL && errno == EINVAL)) {
/* We first try the new nfs syscall. */
fh = getfh ((struct sockaddr *) sin, p);
if (fh == NULL && errno == EINVAL)
/* Let's try the old one. */
fh = getfh_old ((struct sockaddr *) sin,
stb.st_dev, stb.st_ino);
}
if (fh == NULL && !did_export) {
exp->m_exported = 0;
goto retry;
}
if (fh == NULL) {
xlog(L_WARNING, "getfh failed: %s", strerror(errno));
*error = NFSERR_ACCES;
return NULL;
}
}
*error = NFS_OK;
mountlist_add(inet_ntoa(sin->sin_addr), p);
if (expret)
*expret = exp;
return fh;
}
