On Linux kernels that support keyrings, when we setpag we try to add
the PAG to the session keyring and to the supplemental group list.
Currently, if we fail to add the PAG to the keyring (which may happen
due to key quotas, or possibly other reasons), we return failure but
the group list is still modified with the new PAG in it.
Therefore, if the keyring-based approach fails, the new PAG may still
be in use, but there are no keyring keys associated with that PAG, so
the PAG may never get destroyed. This can cause a large number of PAGs
to accumulate over time, causing performance problems.
So, change this so that, in the event that keyring installation fails,
we revert the group list back to what it was before we touched it.
Also mark all unixusers with the new PAG as expired, in case one got
created during processing. Thus, the new PAG never gets used.
Change-Id: I61993edf705209e1a5d8dee638a9003690017c35
Reviewed-on: http://gerrit.openafs.org/5238
Tested-by: Derrick Brashear <shadow@dementix.org>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
When we encounter any error in the StoreData fetch/store loop, we
reset the disk usage to ensure it remains correct, even in the face of
unexpected errors. However, when we do so, we use the errorCode from
VAdjustDiskUsage as our return value; if it is 0, we return success,
ignoring the error that got us in this code path in the first place.
Instead, keep track of a temporary errorCode for the disk usage
adjustment, and do not override our return value if there was no error
in the disk usage numbers.
Change-Id: Ifbe2377f2750b508d48e535215be3583d1d78e65
Reviewed-on: http://gerrit.openafs.org/5645
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Derrick Brashear <shadow@dementix.org>
Move the header which is installed as opr/queues.h out of util/ and
into the new, top level, opr/ directory. Similarly move the tests out
of the util/ test suite, and into the opr/ tests
Change-Id: I81af487f09e1f0f4b25654a1f64c5ac75fd5a95b
Reviewed-on: http://gerrit.openafs.org/5656
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Simon Wilkinson <sxw@inf.ed.ac.uk>
When DRead() fails, we DRelease the entrybuf, then break. However,
this break takes us to the end of the function, where we promptly
DRelease again, causing a double free
Change-Id: I5a0293990e01376525d8adae25477c64e2cc93ad
Reviewed-on: http://gerrit.openafs.org/5655
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Derrick Brashear <shadow@dementix.org>
We're not vm rdwr env in ukernel. Don't claim we are, otherwise we
will never push chunks out to the fileserver when our cache is full
Change-Id: I1c52ef502d42a4a2b63e786471fa487b88712e9d
Reviewed-on: http://gerrit.openafs.org/5613
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Derrick Brashear <shadow@dementix.org>
because some pthread stacks require this to be in units of page size,
guess that page sizes will be 4k or 8k, and use the larger as a divisor
Change-Id: I9f89f7e32e2a70e12f1ed7a7fb86cab171b61e07
Reviewed-on: http://gerrit.openafs.org/5606
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Reviewed-by: Simon Wilkinson <sxw@inf.ed.ac.uk>
Tested-by: Derrick Brashear <shadow@dementix.org>
Make the listener loop actually check for more packets needed,
like kernel, pthreads and lwp. Only checking for new packets every
20 seconds isn't sufficient on today's networks!
Change-Id: I80319cfd9d540c9a56b0dd8d948a380665426409
Reviewed-on: http://gerrit.openafs.org/5605
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Derrick Brashear <shadow@dementix.org>
make sure we zero the uuid if we failed
Change-Id: I9d21e003b68eff0ce9bea4634c601c4663a0c078
Reviewed-on: http://gerrit.openafs.org/5599
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Derrick Brashear <shadow@dementix.org>
if the process we are in execs a child, it doesn't get our socket
Change-Id: Iaf1831866e0dcda0449e75d89c576557c61090dd
Reviewed-on: http://gerrit.openafs.org/5598
Reviewed-by: Simon Wilkinson <sxw@inf.ed.ac.uk>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Derrick Brashear <shadow@dementix.org>
We can end up discarding a receive queue that's been soft acked,
effectively taking back soft acks we sent. Whilst the RX
documentation says that a client can drop soft acked packets at
will, our RX implementation assumes that if the final packet in
a call has been soft acked, we won't clear the queue. If a client
clears the queue in this situation, the call will hang.
What *should* happen is that we should take necessary locks,
confirm that we have not soft-acked all of the packets in a flow,
and then discard, or, if we're just going to discard, error the
call.
Change-Id: Ic8e358b8648c1a6f0154009093468531a9e3cf74
Reviewed-on: http://gerrit.openafs.org/5603
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Derrick Brashear <shadow@dementix.org>
When ktc_GetTokenEx needs to get tokens via the legacy ktc_GetToken
interface, it was not extracting the viceid. Make it set the viceid so
the caller gets the correct id.
Normally this would require parsing the given client name. To reduce
the amount of times we store and extract the viced from the "AFS ID
%d" string, create a helper GetToken function that can store the
viceid directly, without storing it in a string.
Change-Id: Ib03a419aee6eaed3b253c4d5d575d4dd8d3b8ddc
Reviewed-on: http://gerrit.openafs.org/4482
Tested-by: Simon Wilkinson <sxw@inf.ed.ac.uk>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Rxkad tokens historically have forced odd lifetimes when the given
viceid is actually an AFS ID, and even lifetimes when it is not. Force
this when the new token-handling functions are used (so the viceid is
correctly interpreted by users of the old token format), by creating
rxkad tokens with token_importRxkadViceId.
Slightly reworked by Simon Wilkinson to provide a generic token
destructor function.
Change-Id: I9f6aa518b8ae51a3772b69a0722a28bff6b47128
Reviewed-on: http://gerrit.openafs.org/4481
Tested-by: Simon Wilkinson <sxw@inf.ed.ac.uk>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
(Most of) the dafs binaries are called da(something). Update the
example in the dafileserver documentation so that we call the binaries
by the names that they are actually installed with on the system.
Change-Id: I05906758aa2b00ea7bc7f9be10414c8ad1a5a11a
Reviewed-on: http://gerrit.openafs.org/5654
Tested-by: Simon Wilkinson <sxw@inf.ed.ac.uk>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
The ptserver database building scripts would check to see if the server
was running from a bosserver with the noauth flag set before performing
a database rebuild.
This means that you can't start ptserver normally, and then configure
the database using pts -localauth, which is the preferred method for
configuring new cells.
Remove the check for noauth. This is slightly risky, as it means that a
corrupt database could be completely erased upon restart. However, we
already check that the dbheader (65k) is entirely blank - which will
protect us against any single page corruption errors.
Change-Id: I45dbb53d7f80b0b307f88941cb1e061967fcac81
Reviewed-on: http://gerrit.openafs.org/5653
Tested-by: Simon Wilkinson <sxw@inf.ed.ac.uk>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Gerrit/5572 added conditionals on __FreeBSD_version >= 900044, which
is (approximately) when a bunch of kernel API renames happened.
(There has since been a dedicated version bump to 900045 a month
or two post-facto, but 900044 should be fine for now.)
However, 900044 is not 90004.
Change-Id: I566186a7b53fd3b605a0f531e241eaf54a96bba3
Reviewed-on: http://gerrit.openafs.org/5657
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
The library support package keeps count of the number of times
the library code is active. When this goes to zero this means
that unload of the library can continue.
Although I cannot see it in the code it seems reasonable to assume
that at that stage the device object might go away so (and if it
doesn't do now it may in the future). This potentially renders it
unsafe to do anything after InflightLibraryEvent has been signalled.
This patch moves the logging up to above the decrement of the refcount.
Change-Id: I9493d970cec4a025ca9e4c5542e2d838c87f7817
Reviewed-on: http://gerrit.openafs.org/5601
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Reviewed-by: Jeffrey Altman <jaltman@openafs.org>
Tested-by: Jeffrey Altman <jaltman@openafs.org>
we enforce locking by pid. when we are ukernel, MyPidXX is stupid.
don't bother.
Change-Id: Iddefd5d63edd6cc35a3c8112cb2cfbf3d47031aa
Reviewed-on: http://gerrit.openafs.org/5597
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Derrick Brashear <shadow@dementix.org>
we need a format string; currently here we have none, which is no good
Change-Id: Ib097100383dba9d56056b96c5322734abb765f9d
Reviewed-on: http://gerrit.openafs.org/5591
Reviewed-by: Simon Wilkinson <sxw@inf.ed.ac.uk>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Derrick Brashear <shadow@dementix.org>
we could in case of multiple splits end up using a stale open
vnode for a directory; attempt to close and thus force-reopen
any fdhandles backing ihandles.
Change-Id: I50ff39873b523b05287c7a183d84e6f16eb7cd90
Reviewed-on: http://gerrit.openafs.org/5553
Reviewed-by: Hartmut Reuter <reuter@rzg.mpg.de>
Tested-by: Derrick Brashear <shadow@dementix.org>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Upstream decided to rename the kernel functions that implement
syscalls to have a sys_prefix (including afs3_syscall!).
We use a couple of them, so we need to conditionalize accordingly.
Unfortunately, __FreeBSD_version was not bumped with the change,
so we use something close to it and hope it's close enough.
Change-Id: I228805a813af70b30f94f659e4da602210a6d6df
Reviewed-on: http://gerrit.openafs.org/5572
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Derrick Brashear <shadow@dementix.org>
Add the new -pidfiles option to the man page. Add a few other missing
options as well.
Change-Id: I2d72ec9948edb4dce4c6b6d974915d4ac7560b0b
Reviewed-on: http://gerrit.openafs.org/5587
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Derrick Brashear <shadow@dementix.org>
Patchset 4251e386aa converts to
using Heimdal. The conversion undid the introduction of the
abstraction function fetch_krb5_error_message() which is
implemented in src/util. Restore the use of fetch_krb5_error_message()
and modify src/util/krb5_nt.c to use the Kerberos Compat SDK
interface.
Change-Id: I67fe7a309727f67a1da3705e1e485e64747c325c
Reviewed-on: http://gerrit.openafs.org/5571
Reviewed-by: Jeffrey Altman <jaltman@openafs.org>
Tested-by: Jeffrey Altman <jaltman@openafs.org>
we need to free this, but while the pointer is still good
Change-Id: I5afa3505b764c5bf72811f60f63e29c80a29c5af
Reviewed-on: http://gerrit.openafs.org/5562
Reviewed-by: Jeffrey Altman <jaltman@openafs.org>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Derrick Brashear <shadow@dementix.org>
Do not treat the output of NetbiosName() as a wide_t when
it is a char*.
Change-Id: Iba4f1f30f1de4a9c3ded2f1e440ca9e4bc014379
Reviewed-on: http://gerrit.openafs.org/5549
Reviewed-by: Jeffrey Altman <jaltman@openafs.org>
Tested-by: Jeffrey Altman <jaltman@openafs.org>
Add runtime options to aklog_dynamic_auth. Commit
3a541eb11d changed the behavior of
aklog_dynamic_auth to be more friendly to the CDE screenlocker, but
forced the use of UID-based PAGs.
Since some users like to use real PAGs and don't care about the CDE
screenlocker, made this behavior a runtime decision instead.
Change-Id: I28264e2e80258f962d02ed9a6a40c4d789179c06
Reviewed-on: http://gerrit.openafs.org/4484
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Make aklog_dynamic_auth use the new SetTokenEx method of storing
tokens.
Change-Id: I843ecd206ef4673ff9e5df5419daa9ee5b31f060
Reviewed-on: http://gerrit.openafs.org/4483
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Redesign the AFS Volume Tab to report:
. Volume name
. Volume ID
. Cell
. Server
. Availability
. Quota
. Partition Info
. Replica Server List
Properly handle multiple selections to report the volume info
of the parent object and not the actively selected object.
When a mount point is selected, display the volume information
for the target volume.
Remove file server from AFS tab.
Modify the AFS tab to better handle multiple selections including
mount points.
Extend many gui2fs functions to implement a poor man's "follow"
option. This really should be done with the pioctl 'literal'
capability but this is an improvement. The pioctl modifications
will require a major redesign of gui2fs.c and all of the dialogs.
Change-Id: Ib009beb81d841fb3bbbd35b1eb0faec2c40eaf4e
Reviewed-on: http://gerrit.openafs.org/5531
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@openafs.org>
Tested-by: Jeffrey Altman <jaltman@openafs.org>
In a few different places, moving libutil before libafshcrypto_lwp
caused a variable definition to have a trailing \ on the last line of
the definition. This can confuse make (at least, the HP-UX make) to
think the next following definition is also part of the current
definition. Remove the trailing "\"s.
Change-Id: I235f95813e303bc3805b5d9fc8d7861e812613e2
Reviewed-on: http://gerrit.openafs.org/5523
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
We don't care about non-vicepX partitions, so move part of the UFS
"logging" check into VCheckPartition. This API should probably redone
so the "am I a vicepX partition" check is done completely separately,
but for now, this will do.
Change-Id: Ib2df2079a392d7ed1a8c2aded34f2a7265215ecd
Reviewed-on: http://gerrit.openafs.org/5514
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Over time the FSSYNC code has collected examples where the partition
path is passed rather than the partition name. In Unix this is the
same (/vicepX), but on windows the path is the DOS device (C:).
This checkin changes FSSYNC client code to always use the partition
name.
This checkin does not address FSSYNC server or SALVSYNC.
Change-Id: I3c5b63103ab0cbd6c2c6c73b9dc737eca22b7d4c
Reviewed-on: http://gerrit.openafs.org/5521
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@openafs.org>
Add registry keys and values to enable use of the overlay
handlers for symlinks and mount points.
Add registry keys and values to enable use of the property
sheet handlers.
Correct registry keys for the Folder background context menu
handler.
Change-Id: Icac560fc6ffcec6bcc41f64adeae3ee2e5884fdb
Reviewed-on: http://gerrit.openafs.org/5530
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@openafs.org>
Tested-by: Jeffrey Altman <jaltman@openafs.org>
MIT's krb5_get_error_message() ignores the context and can
be called with a NULL context. Heimdal's version does not.
Change-Id: I31801b0e0044e5e724298404645517e4425b0f09
Reviewed-on: http://gerrit.openafs.org/5508
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@openafs.org>
Tested-by: Jeffrey Altman <jaltman@openafs.org>
Heimdal disables DES by default. Enable DES-CBC-CRC by
calling krb5_enctype_enable() so that the active profile
does not require
[libdefaults]
allow_weak_enctypes = 1
Change-Id: I75d7b6bd7269081c7b1fcaafe05074dcdcc9a7e0
Reviewed-on: http://gerrit.openafs.org/5501
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@openafs.org>
Tested-by: Jeffrey Altman <jaltman@openafs.org>
Build OpenAFS for Windows against the Secure Endpoints
Kerberos Compatibility SDK instead of the in tree
Kerberos for Windows SDK.
The compatibility layer is available from:
http://github.com/secure-endpoints/heimdal-krbcompat
The SDK location must be specified with the
KERBEROSCOMPATSDKROOT environment variable.
The benefits of building against the Kerberos Compatibility
SDK are:
* Heimdal 1.5.1 or later assemblies will be used
if available
* MIT KFW 3.2.x will be searched for if Heimdal 1.5.1
is not installed
Version 1.0 of the SDK is supported.
Change-Id: I393e20d8bfb9ee1ca749cc54ecc1341927abaf82
Reviewed-on: http://gerrit.openafs.org/2867
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Tested-by: Jeffrey Altman <jaltman@openafs.org>
Reviewed-by: Jeffrey Altman <jaltman@openafs.org>
When we serialize host information for DAFS during shutdown, we have
no guarantee that the host is in a valid state when we look at it.
This can result in a host being saved to disk when we are waiting for
the host to respond to an RPC, and so the information about the host
is invalid. For example, we can save a host that has the
HWHO_INPROGRESS flag set, and when it is restored later, this can
cause odd behavior since the flag is set but no thread is actually
waiting for the host to respond.
So instead, during state serialization, try to determine if a host may
be in an invalid state, and simply skip the host if it may.
Change-Id: I755640ea4ce607245ae98cc7455472ef781271e7
Reviewed-on: http://gerrit.openafs.org/5528
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Host entries with HWHO_INPROGRESS set or ALTADDR unset do not have
valid state, since those flags indicate that the fileserver was in the
middle of identifying the host when the host struct was serialized.
Skip entries from the on-disk host data that have such invalid flags
set when restoring state, so we do not load invalid data.
Change-Id: I26b88256679f4596598e6e3e6b68af7e8e5e387d
Reviewed-on: http://gerrit.openafs.org/5527
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
The CB, FE, and host serialization structures were just using the
relevant indices to determine whether or not an entry mapping and old
index to a new index was populated with actual data. For host
structures, this really isn't sufficient, since our index can be 0,
and the structure is calloc'd, so the index in the structure could
also be 0.
Add a flag explicitly stating whether or not the structure has been
filled in, to make this unambiguous.
Change-Id: Ia69e25fa73e10dc10cf3ddf08bb4feb2c9958674
Reviewed-on: http://gerrit.openafs.org/5526
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Make sure we are passed valid statistic index numbers, so passing in a
bad index doesn't result in writing over random memory.
Change-Id: I29ed03b59df937e6f95fba44209a03db23613a8d
Reviewed-on: http://gerrit.openafs.org/5525
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Use the xfer indices for the xfer-related data, not the op indices, so
we don't try to fill in data beyond the actual storage for the stats.
Change-Id: I075d4eb9439d9bd603489f0aa90b3c18c3959de3
Reviewed-on: http://gerrit.openafs.org/5524
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
