/* * MNTv2 pathconf procedure * * The protocol doesn't include a status field, so Sun apparently considers * it good practice to let anyone snoop on your system, even if it's * pretty harmless data such as pathconf. We don't. * * Besides, many of the pathconf values don't make much sense on NFS volumes. * FIFOs and tty device files represent devices on the *client*, so there's * no point in getting the server's buffer sizes etc. */ bool_t mount_pathconf_2_svc(struct svc_req *rqstp, dirpath *path, ppathcnf *res) { struct sockaddr_in *sin = nfs_getrpccaller_in(rqstp->rq_xprt); struct stat stb; nfs_export *exp; char rpath[MAXPATHLEN+1]; char *p = *path; memset(res, 0, sizeof(*res)); if (*p == '\0') p = "/"; /* Reload /etc/xtab if necessary */ auth_reload(); /* Resolve symlinks */ if (realpath(p, rpath) != NULL) { rpath[sizeof (rpath) - 1] = '\0'; p = rpath; } /* Now authenticate the intruder... */ exp = auth_authenticate("pathconf", sin, p); if (!exp) { return 1; } else if (stat(p, &stb) < 0) { xlog(L_WARNING, "can't stat exported dir %s: %s", p, strerror(errno)); return 1; } res->pc_link_max = pathconf(p, _PC_LINK_MAX); res->pc_max_canon = pathconf(p, _PC_MAX_CANON); res->pc_max_input = pathconf(p, _PC_MAX_INPUT); res->pc_name_max = pathconf(p, _PC_NAME_MAX); res->pc_path_max = pathconf(p, _PC_PATH_MAX); res->pc_pipe_buf = pathconf(p, _PC_PIPE_BUF); res->pc_vdisable = pathconf(p, _PC_VDISABLE); /* Can't figure out what to do with pc_mask */ res->pc_mask[0] = 0; res->pc_mask[1] = 0; return 1; }
void mountlist_del_all(const struct sockaddr *sap) { char *hostname; struct rmtabent *rep; FILE *fp; int lockid; if ((lockid = xflock(_PATH_RMTABLCK, "w")) < 0) return; hostname = host_canonname(sap); if (hostname == NULL) { char buf[INET6_ADDRSTRLEN]; xlog(L_ERROR, "can't get hostname of %s", host_ntop(sap, buf, sizeof(buf))); goto out_unlock; } if (!setrmtabent("r")) goto out_free; if (!(fp = fsetrmtabent(_PATH_RMTABTMP, "w"))) goto out_close; while ((rep = getrmtabent(1, NULL)) != NULL) { if (strcmp(rep->r_client, hostname) == 0 && auth_authenticate("umountall", sap, rep->r_path) != NULL) continue; fputrmtabent(fp, rep, NULL); } if (slink_safe_rename(_PATH_RMTABTMP, _PATH_RMTAB) < 0) { xlog(L_ERROR, "couldn't rename %s to %s", _PATH_RMTABTMP, _PATH_RMTAB); } fendrmtabent(fp); out_close: endrmtabent(); /* close & unlink */ out_free: free(hostname); out_unlock: xfunlock(lockid); }
bool_t mount_umnt_1_svc(struct svc_req *rqstp, dirpath *argp, void *resp) { struct sockaddr_in *sin = nfs_getrpccaller_in(rqstp->rq_xprt); nfs_export *exp; char *p = *argp; char rpath[MAXPATHLEN+1]; if (*p == '\0') p = "/"; if (realpath(p, rpath) != NULL) { rpath[sizeof (rpath) - 1] = '\0'; p = rpath; } if (!(exp = auth_authenticate("unmount", sin, p))) { return 1; } mountlist_del(inet_ntoa(sin->sin_addr), p); return 1; }
static struct nfs_fh_len * get_rootfh(struct svc_req *rqstp, dirpath *path, nfs_export **expret, mountstat3 *error, int v3) { struct sockaddr_in *sin = nfs_getrpccaller_in(rqstp->rq_xprt); struct stat stb, estb; nfs_export *exp; struct nfs_fh_len *fh; char rpath[MAXPATHLEN+1]; char *p = *path; if (*p == '\0') p = "/"; /* Reload /var/lib/nfs/etab if necessary */ auth_reload(); /* Resolve symlinks */ if (realpath(p, rpath) != NULL) { rpath[sizeof (rpath) - 1] = '\0'; p = rpath; } /* Now authenticate the intruder... */ exp = auth_authenticate("mount", sin, p); if (!exp) { *error = NFSERR_ACCES; return NULL; } if (stat(p, &stb) < 0) { xlog(L_WARNING, "can't stat exported dir %s: %s", p, strerror(errno)); if (errno == ENOENT) *error = NFSERR_NOENT; else *error = NFSERR_ACCES; return NULL; } if (!S_ISDIR(stb.st_mode) && !S_ISREG(stb.st_mode)) { xlog(L_WARNING, "%s is not a directory or regular file", p); *error = NFSERR_NOTDIR; return NULL; } if (stat(exp->m_export.e_path, &estb) < 0) { xlog(L_WARNING, "can't stat export point %s: %s", p, strerror(errno)); *error = NFSERR_NOENT; return NULL; } if (estb.st_dev != stb.st_dev && (!new_cache || !(exp->m_export.e_flags & NFSEXP_CROSSMOUNT))) { xlog(L_WARNING, "request to export directory %s below nearest filesystem %s", p, exp->m_export.e_path); *error = NFSERR_ACCES; return NULL; } if (exp->m_export.e_mountpoint && !is_mountpoint(exp->m_export.e_mountpoint[0]? exp->m_export.e_mountpoint: exp->m_export.e_path)) { xlog(L_WARNING, "request to export an unmounted filesystem: %s", p); *error = NFSERR_NOENT; return NULL; } if (new_cache) { /* This will be a static private nfs_export with just one * address. We feed it to kernel then extract the filehandle, * */ if (cache_export(exp, p)) { *error = NFSERR_ACCES; return NULL; } fh = cache_get_filehandle(exp, v3?64:32, p); if (fh == NULL) { *error = NFSERR_ACCES; return NULL; } } else { int did_export = 0; retry: if (exp->m_exported<1) { export_export(exp); did_export = 1; } if (!exp->m_xtabent) xtab_append(exp); if (v3) fh = getfh_size ((struct sockaddr *) sin, p, 64); if (!v3 || (fh == NULL && errno == EINVAL)) { /* We first try the new nfs syscall. */ fh = getfh ((struct sockaddr *) sin, p); if (fh == NULL && errno == EINVAL) /* Let's try the old one. */ fh = getfh_old ((struct sockaddr *) sin, stb.st_dev, stb.st_ino); } if (fh == NULL && !did_export) { exp->m_exported = 0; goto retry; } if (fh == NULL) { xlog(L_WARNING, "getfh failed: %s", strerror(errno)); *error = NFSERR_ACCES; return NULL; } } *error = NFS_OK; mountlist_add(inet_ntoa(sin->sin_addr), p); if (expret) *expret = exp; return fh; }