Remove the global variables used to setup server logging and replace
with an argument to OpenLog.
Keep the LogLevel variable as a global for use by the logging macros,
but provide an inline function for applications which check the log
level to dump more information when the log level is increased.
Provide consistency by adding syslog tags to processes that did not
previously set one (salvageserver, salvager, and volserver).
[kaduk@mit.edu: update commit message, use old-style log rotation for
kalog, minor commenting fixes]
Change-Id: I11cffbdd1418304d33f0be02dd7e600955c4a8bb
Reviewed-on: https://gerrit.openafs.org/12168
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
The lock protects global state such as the logging FD and the
syslog-related variables.
Change-Id: I5ea1b6945c10047da14d35b948a6a0ea53b55add
Reviewed-on: https://gerrit.openafs.org/12123
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
The name of the log file passed to ReOpenLog() may not match the name
given in the initial OpenLog() call. This can happen when the -logfile
option is given to the fileserver or volume server.
Since the name given to ReOpenLog() must match the original name, change
ReOpenLog() to use the name previously given to OpenLog() and update all
callers.
Change-Id: Ie6fa4cb6e3c03f853efe0207bbec5d8412c6fe59
Reviewed-on: https://gerrit.openafs.org/11723
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reopen the log file even if the filename exists. This fixes the
situation where an external program moves or deletes the log
file, then creates a new file with the same log file name.
Change-Id: I3b98d6fc0d05c7ab231f84e9a271f925506ab51f
Reviewed-on: https://gerrit.openafs.org/11725
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Non-functional changes and cleanups in preparation for fixes and
enhancements.
Move the duplicated code to redirect the stdio/stderr streams to a common
static function. Add a helper function to check for named pipes. Move the
code to rename files when opening logs to a separate static function.
Change-Id: I5b56b80a7e799b6605cfad7b58ac8249ac93acc8
Reviewed-on: https://gerrit.openafs.org/11721
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
The MR-AFS-style logs would always include the thread number in
log entries with the timestamp; now that we are trying to rebrand
this feature as "timestampped logs", having this bonus feature
is unexpected.
Thread ids are still used at higher log levels, as enabled by SIGTSTP.
Change-Id: Ie8c276e47a34d729ccce685ddf27bfa9e7a8f9f1
Reviewed-on: https://gerrit.openafs.org/12136
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
When MR-AFS style logging is in effect, the SIGHUP signal handler will rename
then create a new, empty server log file to support log rotation.
Unfortunately, the old log file descriptor is not closed, so each SIGHUP
signal will leak one file descriptor.
Be sure to close the current log file descriptor before opening the log again.
The OpenLog() routine will move the current log file to a new file, with a
timestamp string appended to the log file, then open the server log file with
truncate flag to start a new log file.
Change-Id: Ic3f29607fa50ed868b9245865e375dedde438471
Reviewed-on: https://gerrit.openafs.org/11722
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Do not make timestamped log files with an invalid number of seconds when
renaming old mrsafs-style log files, i.e., more than 59 seconds in the
seconds field.
Replace the goto used in the mrafs-style make file name retries with a
regular, bounded loop.
Change-Id: I16d032197e4b1e227b1f005fbc395a013e099561
Reviewed-on: https://gerrit.openafs.org/12220
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Remove the unused printLocks variable, which was added in commit,
86f1dc2117 "mrafs-server-log-handling-20010212"
but never used.
Change-Id: I64459cf93e86352ef16d9526e46847cbb4997f10
Reviewed-on: https://gerrit.openafs.org/11719
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Allocate the ourName buffer to save the log filename during OpenLog(),
instead of trying to copy the log filename to a fixed size buffer.
Deallocate this buffer when the log is closed with CloseLog(). Save the
log file name even when MR-AFS style logging is not effect to allow
ReOpenLog() to use the saved filename in a later commit.
Dynamically allocate a buffer when formatting a file name for log
rotation instead of using a fixed size buffer on the stack. Allocate
the buffer for both traditional Transarc-style log file renaming
(appending ".old" to the log filename) and the MR-AFS style logging
(appending a timestamp to the log filename).
Change-Id: Ie217a93b271b48ccfc7b5244ad3a8c949d55ef54
Reviewed-on: https://gerrit.openafs.org/12219
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Commit b71a041364 added the O_APPEND flag when
opening the log file to allow sites to use logrotate's "copy and truncate"
feature.
Add the O_APPEND to MR-AFS style logs as well so MR-AFS style logs can also be
handled correctly with logrotate, we have consistent open flags, and can remove
a duplicate call to open the log file descriptor.
Change-Id: I8370838e1e2c7ddaa042508d6b9cbe1299339f68
Reviewed-on: https://gerrit.openafs.org/12218
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Commit 8af5762909 "Clean up some
obsolete Autoconf code" removed the obsolete autoconf check
AC_FUNC_SETVBUF_REVERSED and one use of the results, but
overlooked another instance; remove it.
Change-Id: Id62a2a96b911c0d16d51d8cce0966ae3736bde87
Reviewed-on: https://gerrit.openafs.org/11718
Reviewed-by: Chas Williams <3chas3@gmail.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: Perry Ruiter <pruiter@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Be sure to always initialize the server log mutex. Use pthread_once to
ensure the mutex is initialized only once.
Before this change the server log mutex was not properly initialized
with pthread_mutex_init when logging to the syslog.
Change-Id: Ief2ee6b373f7309bc05061f7413b6ff623b86e31
Reviewed-on: https://gerrit.openafs.org/11717
Reviewed-by: Chas Williams <3chas3@gmail.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Do not assume the server log file descriptor cannot be zero.
Thanks to Chas Williams for spotting this bug.
Change-Id: I0d264828926bf8cd765b45db4e529233b8686404
Reviewed-on: https://gerrit.openafs.org/11797
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Remove the old util/softsig implementation, which has been replaced by
opr/softsig.
Change-Id: Ie32f04129dd0b09a8baf9f6739abf53fbf1b98eb
Reviewed-on: https://gerrit.openafs.org/11998
Reviewed-by: Perry Ruiter <pruiter@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Convert the ptserver from regular signal handling to the opr soft
signal handling when built with pthreads. This makes it safe to call
pthread functions within signal handlers.
Change-Id: I43d345517c75e275d6896154a979a908181a1f39
Reviewed-on: https://gerrit.openafs.org/11997
Reviewed-by: Perry Ruiter <pruiter@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Convert the vlserver from regular signal handling to the opr soft
signal handling when built with pthreads. This makes it safe to call
pthread functions within signal handlers.
Change-Id: Ic9bd841c4796bd64b603505541da7e767afda83e
Reviewed-on: https://gerrit.openafs.org/11996
Reviewed-by: Perry Ruiter <pruiter@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Convert the volume server from regular signal handling to the opr soft
signal handling when built with pthreads. This makes it safe to call
pthread functions within signal handlers.
Change-Id: I25b9a9184c526f4ce9b6e2abb25ae9135cc97ec6
Reviewed-on: https://gerrit.openafs.org/11995
Reviewed-by: Perry Ruiter <pruiter@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Convert the fileserver from the obsolete softsig routines to the modern opr
softsig routines for pthreaded programs.
Change-Id: I9e98e402f73ebca05fcaf0f852055b9a5ad93632
Reviewed-on: https://gerrit.openafs.org/11994
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Remove remnants of old lwp thread signal handler wrapper functions from
the fileserver. The lwp softsig handlers required a function which was
passed a void pointer argument and returned a void pointer. Tidy the
code by removing the unneeded wrappers and use the signal handler
functions directly.
Change-Id: I3d52efe659b03ee9a9484ec7a9d74404f1970278
Reviewed-on: https://gerrit.openafs.org/11921
Reviewed-by: Chas Williams <3chas3@gmail.com>
Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Provide a new routine to setup the server log signals which registers
soft signal handlers for the common log management signals (SIGTSTP and
SIGHUP). Keep the old SetupLogSignals() routine around while lwp still
exists.
Change-Id: Ic9151c7ad25528e8e4008a4567836e4196cbe8c3
Reviewed-on: https://gerrit.openafs.org/12238
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Make the opr softsig header file available in the windows builds
so it can be included unconditionally in the code base.
Change-Id: I19a75ce060e20b525d83ec5bed42d3168362d852
Reviewed-on: https://gerrit.openafs.org/12237
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Provide procmgmt wrappers for Windows environments which match the opr_softsig
functions. This allows builds of the windows servers continue to use the
existing process management signal handling functions, without introducing
additional conditional compilation in the server code.
Change-Id: I0ac287bde294996fb7f32c19370f2992a0af2a58
Reviewed-on: https://gerrit.openafs.org/12236
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Use the libutil logging facility in the salvager and DAFS salvageserver
in order to have consistent logging features and time stamp formats with
the other OpenAFS servers.
Change-Id: I8352d7e16b4a9f96b814a3b5c0b3b79a7c48e4bc
Reviewed-on: https://gerrit.openafs.org/12003
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
When building with --enable-tivoli-tsm locate the Tivoli TSM headers
if they are installed in the path used by the 64 bit Tivoli TSM
installation.
Change-Id: I4f114a4ada1babcbe1e52f451f10e78d861b7fd0
Reviewed-on: https://gerrit.openafs.org/12258
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Linux based cache managers will allocate vcaches on demand and
deallocate batches of vcaches in the background. This feature is called
dynamic vcaches.
Vcaches to be deallocated are found by traversing the vcache LRU list
(VLRU) from the oldest vcache to the newest. Up to a target number of
vcaches are attempted to be evicted. The afs_xvcache lock protecting
the VLRU may be dropped and re-acquired while attempting to evict a
vcache. When this happens, it is possible the VLRU may have changed, so
the traversal of the VLRU is restarted. This restarting of the VLRU
transversal is limited to 100 iterations to avoid looping indefinitely.
Vcaches which are busy cannot be evicted and remain in the VLRU. When a
busy cache was not evicted and the afs_xvache lock was dropped, the VLRU
traversal is restarted from the end of the VLRU. When the busy vcache is
encountered on the retry, it will trigger additional retries until the
loop limit is reached, at which point the target number of vcaches will
not be deallocated.
This can leave a very large number of unbusy vcaches which are never
deallocated. On a busy machine, tens of millions of unused vcaches can
remain in memory. When the busy vcache at the end of the VLRU is finally
evicted, the log jam is broken, and the background deamon will hold the
afs_xvcache lock for an excessively long time, hanging the system.
Fix this by moving busy vcaches to the head of the VLRU before
restarting the VLRU traversal. These busy vcaches will be skipped when
retrying the VLRU traversal, allowing the cache manager to make progress
deallocating vcaches down to the target level.
This was already done on the mac osx platform while attempting to evict
vcaches. Move the code to move busy vcaches to the head of the VLRU up
the the platform agnostic caller.
Thanks to Andrew Deason for the initial version of this patch.
Change-Id: I7768d00604e56d8d5369ac5215f7c2ab7996c4eb
Reviewed-on: https://gerrit.openafs.org/11654
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Andrew Deason <adeason@dson.org>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Hold a reference on a vcache while attempting to evict the inode from
the dcache. Since the afs_xvcache lock is dropped, it could be possible
for the vcache to be flushed during this time, making it unsafe to use
the vcache after the eviction attempt.
Change-Id: I9d91db98387b7aaa986ed915420c6cafb4f12438
Reviewed-on: https://gerrit.openafs.org/12206
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Andrew Deason <adeason@dson.org>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Commit 7edc6694e7 introduced a
misleading indentation of a line in afs_linux_prefetch. Correct
it, and once here remove trailing whitespace throughout the file.
Change-Id: Idab888bb72c782bfd25c7fc81316eb1b65c0d128
Reviewed-on: https://gerrit.openafs.org/12253
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Commit b85c5f9339 introduced a new
memset() but left out a prenthesis.
In the absence of a windows build machine, this error went unnoticed.
Reported by Mark Vitale.
Change-Id: Ie250163029132896cd70dc822c6170913e83dafe
Reviewed-on: https://gerrit.openafs.org/12241
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Tested-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
The options -logfile and -config should be enclosed
by angle brackets.
Change-Id: I9e5767b7e43753b37dbc8d86c5346c778f8bab8d
Reviewed-on: https://gerrit.openafs.org/12233
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
splice() may return -ERESTARTSYS if there are pending signals, and
it's not even clear how this should be dealt with. This potential
problem has been present for a long time, but as of Linux 4.4
(commit c725bfce7968009756ed2836a8cd7ba4dc163011) seems much more
likely to happen.
Until resources are available to fix the code to handle such errors,
avoid the riskier uses of splice().
If there is a default implementation of file_splice_{write,read},
use that; on somewhat older kernels where it is not available,
use the generic version instead.
[kaduk@mit.edu: add test for default_file_splice_write]
Change-Id: Ib4477cdfb2cd0f49f516da75edc3cb9d1a8817dc
Reviewed-on: https://gerrit.openafs.org/12217
Reviewed-by: Chas Williams <3chas3@gmail.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
The locks API was changed in Linux 4.4, introducing locks_lock_file_wait
(e55c34a66f87e78fb1fc6b623b78c5ad74b475af) and removing
flock_lock_file_wait (616fb38fa7a9599293e05ae1fa9acfaf73922434).
locks_lock_file_wait can be used as a drop-in replacement so define
flock_lock_file_wait as an alias for it.
Change-Id: Iba89a43c651737c86cbf519a933289d97c25a467
Reviewed-on: https://gerrit.openafs.org/12170
Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
In Linux 4.4 (146aa8b1453bd8f1ff2304ffb71b4ee0eb9acdcc) type-specific and
payload data have been merged. The payload is now accessed directly and has
no 'value' member anymore.
FIXES 132677
Change-Id: Id26c40c80314a0087ecc0735029412787058ef07
Reviewed-on: https://gerrit.openafs.org/12169
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
Tested-by: Mark Vitale <mvitale@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
We should let the compiler warn us when we attempt to convert types that
should not be converted.
Change-Id: Ie9f5f6ab5d5978bbe5e741b1a20bfb4d36fb314c
Reviewed-on: https://gerrit.openafs.org/12116
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
OpenAFS's XDR doesn't support size_t at this time. For now, use a
temporary stack variable to avoid 32/64-bit issues and copy back the
returned value upon success.
Change-Id: Ia3dd8abd665a19e04aa611f940728d088a8f87b7
Reviewed-on: https://gerrit.openafs.org/12115
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
This makes some future changes a bit easier to read and implement.
Change-Id: I48eafa67659739865f43a0bcfe1f8a897a7a8940
Reviewed-on: https://gerrit.openafs.org/12114
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Update the man page to reflect the current access rights required for fs
examine. Historically, fs examine required read access on the root
vnode of the volume housing the directory or file being examined. This
access check was relaxed in commit d2d591caf2,
since the information returned by the file server is already available
anonymously by other means.
Change-Id: If62b625bce8a260b98fb56a6feec49c674f2de53
Reviewed-on: https://gerrit.openafs.org/12223
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: Benjamin Kaduk <kaduk@mit.edu>
FreeBSD 10.3 is in the beta stage now; better get ready for it.
Change-Id: I2a6b6144916f13768bfad27af5eb5340e039939b
Reviewed-on: https://gerrit.openafs.org/12222
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
The ListAddrByAttributes structure is used as an input to the GetAddrsU
RPC; it contains a Mask field that controls which of the other fields
will actually be read by the server during the RPC processing.
Unfortunately, the client only wrote to the fields indicated by the
mask, leaving the other fields uninitialized for transmission on the
wire, leaking some contents of client memory.
Plug the information leak by zeroing the entire structure before use.
FIXES 132847
Change-Id: I9ccf814ceff206ddb3a74da97dc50b7e1e3c2014
The VldbListByAttributes structure is used as an input to several
RPCs; it contains a Mask field that controls
which of the other fields will actually be read by the server
during the RPC processing. Unfortunately, the client only
wrote to the fields indicated by the mask, leaving the other
fields uninitialized for transmission on the wire, leaking
some contents of client memory.
Plug the information leak by zeroing the entire structure before use.
FIXES 132847
Change-Id: I14964e98a57ba6ef060c6e392497f1ebd3afe042
The AFSStoreVolumeStatus structure is used as an input to the
RXAFS_SetVolumeStatus RPC; it contains a Mask field that controls
which of the other fields will actually be read by the server
during the RPC processing. Unfortunately, the client only
wrote to the fields indicated by the mask, leaving the other
fields uninitialized for transmission on the wire, leaking
some contents of kernel memory.
Plug the information leak by zeroing the entire structure before use.
FIXES 132847
Change-Id: Ib309e6b00b95bc4178740352899d7f940f2eb1ea
Marc Dionne reported that portions of the AFSStoreStatus structure
were not written to before being sent over the network for
operations such as create, symlink, etc., leaking the contents
of the kernel stack to observers. Which fields in the request
are used are controlled by a flags field, and so if a field was
not going to be used by the server, it was sometimes left
uninitialized.
Fix the information leak by zeroing out the structure before use.
FIXES 132847
Change-Id: I84a5a10442732ebbcb5d5067ca22030fb795168b
CVE-2016-2860:
In AFS 3.3 as part of the addition of the cross-cell support for foreign
user auto-registration a bug was introduced that permits foreign users
to create arbitrary groups as if they were system administrators. This
permits the groups to be created without any group quota checks, and
using group names that non-administrators would not normally be able to
create, such as groups with the "system:" prefix or groups with no colon
(that is, in the namespace for users).
Additionally, all entries created using the auto-registration service
were marked as being created by system:administrators. This behavior
should not be changed on the stable release branch, but for the next
release the behavior will change to show these entries as being
self-created, to better reflect reality.
FIXES 132822
[kaduk@mit.edu: reword commit message, minor style adjustments]
Change-Id: I54ddca3e4e1339f76ed320f0d6c53d8820aed89c
In commit 53ac98931a the adjustment of
owner id was moved from CreateEntry() into CreateGroupName(). This was
done for two reasons:
1. to reuse the computation of "is administrator" within
CreateGroupName() in order to permit the owner id to be set
to the invalid values 0 and ANONYMOUSID.
2. to allow the owner id to be altered in ChangeEntry().
Unfortunately, CreateEntry() needs to be able to alter the owner id
when creating users not only groups.
This change moves the computation of "is administrator" and the
owner id assignment to CreateEntry() and ChangeEntry().
Change-Id: I0d37f5a43ea5919d1bbc3ba6d82b2924ab38befc
ifconfig is deprecated and is no longer installed by default on RHEL 7 and
Centos 7. Use the replacement ip command in the init script for linux.
Fallback to ifconfig in the event the ip command is not available.
Thanks to Ben Kaduk for pointing out the hash built-in command.
Change-Id: I7ffe272eb712cd83a70a7d880d239f72b40cb5df
Reviewed-on: http://gerrit.openafs.org/12192
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Chas Williams <3chas3@gmail.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Any DAFS fileserver operation that allocates a new vnode but fails
to update the vnode index will crash:
"Fatal Rx error: assertion failed: --vp->nWaiters >= 0,
file: ../vol/volume.c, line: nnnn"
Note: This crash was exposed by other bugs (to be addressed in future
commits) in OpenAFS large volume support. However, there may
be other failure paths (unrelated to large volumes) that expose
this error as well.
When VAllocVnode() must allocate a new vnode but fails while
updating the vnode index file (e.g. an "addled bitmap" due to other
bugs in working with a vnode index larger than 2^31 bytes), it branches
to common recovery logic at label error_encountered:.
Part of this recovery is to call VFreeBitmapEntry_r(). Commit
08ffe3e81d added a VOL_FREE_BITMAP_WAIT
flag to VFreeBitmapEntry() in order to prevent races with VAllocBitmapEntry().
If the caller specifies VOL_FREE_BITMAP_WAIT, VFreeBitmapEntry_r will
call VCreateReservation_r() and VWaitExclusiveState_r(). However, the
exit from VFreeBitmapEntry_r() calls VCancelReservation_r() unconditionally.
This works correctly with the majority of callers to VFreeBitmapEntry_r,
which do specify the VOL_FREE_BITMAP_WAIT flag.
However, the VAllocVnode() error_encountered logic must specify 0 for
this flag because the thread is already in an exclusive state
(VOL_STATE_VNODE_ALLOC). This correctly causes VFreeBitmapEntry_r() to
forgo both the reservation and wait-for-exclusive-state. However, before
exit it erroneously calls VCancelReservation_r(). We now have unbalanced
reservations (nWaiters); this causes an assert when the VAllocVnode()
error_encountered recovery code later calls VCancelReservation_r()
for what it believes is its own prior reservation.
Modify VFreeBitmapEntry_r() to make its final VCancelReservation_r()
conditional on flag VOL_FREE_BITMAP_WAIT.
Change-Id: Id6cf6b1279b11e6dfc4704bba5739912f663beca
Reviewed-on: http://gerrit.openafs.org/11983
Reviewed-by: Perry Ruiter <pruiter@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Jeffrey Altman <jaltman@auristor.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
fs_create() and dafs_create() issue stat() to verify
the existence of each executable specified in the bnode.
However, commit fda2bc8747
inadvertently removed the code that stripped any command
arguments before the stat(). Therefore, any bnode that
specifies arguments (e.g. /usr/afs/bin/dafileserver -d 5),
causes the stat() to fail and the bnode will not start.
Rename function AppendExecutableExtension() to a less
"window-ish" name: PathToExecutable().
Modify the Windows version of PathToExecutable()
to properly strip arguments.
Reimplement the Unix macro as function PathToExecutable()
that properly strips arguments.
Change-Id: I04f7ce2afb8211bd12b9063db1335738bff1cc1e
Reviewed-on: http://gerrit.openafs.org/11934
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Tested-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
The audit code for object AUD_FIDS is off by one - we list the
first FID twice and skip the last FID.
Repair so all FIDs are properly audited.
Change-Id: I99f4687e25031eb26ccd7e07b732217b098005de
Reviewed-on: http://gerrit.openafs.org/12191
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Chas Williams <3chas3@gmail.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Older versions of the perl POSIX module do not define the SIGBUS symbol, which
causes the opr/softsig-t perl test to fail to compile. Instead of trying to
defined SIGBUS, which may be platform dependent, skip the buserror unit test on
these older platforms.
Change-Id: Ib8cfd77215ea43566e9d47b501d4989556b83734
Reviewed-on: http://gerrit.openafs.org/12186
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Update all remaining copies of CellServDB in the tree, and make the
Red Hat packaging use it by default too.
Change-Id: Idf9d97151b8e9075fefa7aece58fd023bfd857ff
Reviewed-on: http://gerrit.openafs.org/12187
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>