glusterfs-afrv1.git/xlators/protocol/server/src, branch v3.4.0alpha2 rpc: bring in root-squashing behavior in rpc 2013-03-05T07:44:04+00:00 Raghavendra Bhat raghavendra@redhat.com 2013-02-08T06:14:41+00:00 b24003342eb707027982599a7bac485fe3b9f465 * requests coming in as root are converted to nfsnobody * with open-behind some acl checks wont happen and nfsnobody can read the file "whose owner is root and other users do not have permission to read the file". This is becasue open-behind does not send the open to the brick and sends success to the application, thus the acl related tests on the file wont happen which would have prevented the file from being opened. Change-Id: I12a3e6b2a12884d00bb81f2779074fed09b1b2e4 BUG: 887145 Signed-off-by: Raghavendra Bhat <raghavendra@redhat.com> Reviewed-on: http://review.gluster.org/4619 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Jeff Darcy <jdarcy@redhat.com> 
* requests coming in as root are converted to nfsnobody

* with open-behind some acl checks wont happen and nfsnobody
  can read the file "whose owner is root and other users do not
  have permission to read the file". This is becasue open-behind
  does not send the open to the brick and sends success to the
  application, thus the acl related tests on the file wont happen
  which would have prevented the file from being opened.

Change-Id: I12a3e6b2a12884d00bb81f2779074fed09b1b2e4
BUG: 887145
Signed-off-by: Raghavendra Bhat <raghavendra@redhat.com>
Reviewed-on: http://review.gluster.org/4619
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Jeff Darcy <jdarcy@redhat.com>
Use proper libtool option -avoid-version instead of bogus -avoidversion 2013-02-07T23:12:56+00:00 Anand Avati avati@redhat.com 2013-02-07T22:25:03+00:00 d3e7881ecdba2124115de6666e48f34ce267d30d Change-Id: I1c9541058c7d07786539a3266ca125a6a15287d8 BUG: 859835 Signed-off-by: Anand Avati <avati@redhat.com> Original-author: Kacper Kowalik (Xarthisius) <xarthisius.kk@gmail.com> Signed-off-by: Kacper Kowalik (Xarthisius) <xarthisius.kk@gmail.com> Reviewed-on: http://review.gluster.org/3967 Tested-by: Gluster Build System <jenkins@build.gluster.com> 
Change-Id: I1c9541058c7d07786539a3266ca125a6a15287d8
BUG: 859835
Signed-off-by: Anand Avati <avati@redhat.com>
Original-author: Kacper Kowalik (Xarthisius) <xarthisius.kk@gmail.com>
Signed-off-by: Kacper Kowalik (Xarthisius) <xarthisius.kk@gmail.com>
Reviewed-on: http://review.gluster.org/3967
Tested-by: Gluster Build System <jenkins@build.gluster.com>
protocol/server: upon server_connection_put, set xl_private of the transport to 2013-02-03T22:10:02+00:00 Raghavendra Bhat raghavendra@redhat.com 2013-01-22T08:39:25+00:00 212ab59c511e13cc470e623061fcf113456841c8 NULL Suppose the get_xlator_by_name returns NULL and the connection is put back then update the xl_private of the transport by setting to NULL. Otherwise server_connection_put would have freed the connection object and xl_private of the transport would still be pointing to the same location which is freed, thus leading to a segfault when the location is accessed. Change-Id: Id47e0edde3073b09765338c730847ba3095df9e2 BUG: 901457 Signed-off-by: Raghavendra Bhat <raghavendra@redhat.com> Reviewed-on: http://review.gluster.org/4411 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Anand Avati <avati@redhat.com> 
 NULL

 Suppose the get_xlator_by_name returns NULL and the connection is put back
 then update the xl_private of the transport by setting to NULL. Otherwise
 server_connection_put would have freed the connection object and xl_private
 of the transport would still be pointing to the same location which is
 freed, thus leading to a segfault when the location is accessed.

Change-Id: Id47e0edde3073b09765338c730847ba3095df9e2
BUG: 901457
Signed-off-by: Raghavendra Bhat <raghavendra@redhat.com>
Reviewed-on: http://review.gluster.org/4411
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Anand Avati <avati@redhat.com>
protocol/client: Periodically attempt reopens 2013-02-03T19:33:31+00:00 Pranith Kumar K pkarampu@redhat.com 2012-12-31T04:33:32+00:00 04e673f14e31c60e4c9cde9072bcec610fe3884b If the brick is taken down and the hard disk is replaced and the brick is brought back up, the re-opens of the open-fds will fail because the file is not present on the brick. Re-opens are not attempted even if the files are re-created by self-heal until the brick is brought down after the files are re-created and brought back up. This is a problem with a VM-store in a replica-setup. Until the fd is re-opened the writes will never happen on the brick where the hard-disk is replaced. To handle this situation gracefully, client xlator is enhanced to perform finodelk, fxattrop, writev, readv using anonymous fds if the file is yet to be re-opened. If the fop succeeds then client xlator attempts re-open. Change-Id: I1cc6d1bbf8227cd996868ab2ed0a57fb05e00017 BUG: 821056 Signed-off-by: Pranith Kumar K <pkarampu@redhat.com> Reviewed-on: http://review.gluster.org/4358 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Jeff Darcy <jdarcy@redhat.com> 
If the brick is taken down and the hard disk is replaced
and the brick is brought back up, the re-opens of the open-fds
will fail because the file is not present on the brick.
Re-opens are not attempted even if the files are re-created by
self-heal until the brick is brought down after the files are
re-created and brought back up. This is a problem with a VM-store
in a replica-setup.  Until the fd is re-opened the writes will
never happen on the brick where the hard-disk is replaced.
To handle this situation gracefully, client xlator is enhanced
to perform finodelk, fxattrop, writev, readv using anonymous fds
if the file is yet to be re-opened. If the fop succeeds then client
xlator attempts re-open.

Change-Id: I1cc6d1bbf8227cd996868ab2ed0a57fb05e00017
BUG: 821056
Signed-off-by: Pranith Kumar K <pkarampu@redhat.com>
Reviewed-on: http://review.gluster.org/4358
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Jeff Darcy <jdarcy@redhat.com>
glusterfs : Moved option files, and statedumps from /tmp 2013-01-29T23:27:29+00:00 Avra Sengupta asengupt@redhat.com 2013-01-24T06:09:48+00:00 b8d5fd2b88db7e18a10e57a0edf1a41eda4f5314 Change-Id: Ibdede396c4d6859225937316b7a59a661bcaf9f5 BUG: 764890 Signed-off-by: Avra Sengupta <asengupt@redhat.com> Reviewed-on: http://review.gluster.org/4422 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Anand Avati <avati@redhat.com> 
Change-Id: Ibdede396c4d6859225937316b7a59a661bcaf9f5
BUG: 764890
Signed-off-by: Avra Sengupta <asengupt@redhat.com>
Reviewed-on: http://review.gluster.org/4422
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Anand Avati <avati@redhat.com>
glusterd/cli: Updated the options descriptions for "volume set help" 2013-01-22T07:03:57+00:00 Avra Sengupta asengupt@redhat.com 2013-01-17T09:16:30+00:00 2f60c8a4776a6052cfba43605263dd32c616cfa2 Change-Id: I0db00b7334bb9707ab48bd661ac03a3ad818d6e4 BUG: 893458 Signed-off-by: Avra Sengupta <asengupt@redhat.com> Reviewed-on: http://review.gluster.org/4393 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Anand Avati <avati@redhat.com> 
Change-Id: I0db00b7334bb9707ab48bd661ac03a3ad818d6e4
BUG: 893458
Signed-off-by: Avra Sengupta <asengupt@redhat.com>
Reviewed-on: http://review.gluster.org/4393
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Anand Avati <avati@redhat.com>
core: fixes for gcc's '-pedantic' flag build 2013-01-22T06:17:36+00:00 Avra Sengupta asengupt@redhat.com 2012-11-21T08:37:05+00:00 777d395feaa082a69e32d985bbc1cca3d3dad077 * warnings on 'void *' arguments * warnings on empty initializations * warnings on empty array (array[0]) Change-Id: Iae440f54cbd59580eb69f3ecaed5a9926c0edf95 BUG: 875913 Signed-off-by: Avra Sengupta <asengupt@redhat.com> Reviewed-on: http://review.gluster.org/4219 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Anand Avati <avati@redhat.com> 
* warnings on 'void *' arguments
* warnings on empty initializations
* warnings on empty array (array[0])

Change-Id: Iae440f54cbd59580eb69f3ecaed5a9926c0edf95
BUG: 875913
Signed-off-by: Avra Sengupta <asengupt@redhat.com>
Reviewed-on: http://review.gluster.org/4219
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Anand Avati <avati@redhat.com>
protocol/server: do server_connection_put only if bound_xl is NULL 2013-01-16T17:52:31+00:00 Raghavendra Bhat raghavendra@redhat.com 2013-01-10T07:36:21+00:00 fba70e641eb52c90fa29fc26d916e4607e286779 If getting bound_xl fails, then while putting the connection back we should also check for bound_xl pointer for NULL apart from the op_ret and the connection object. We were checking just op_ret and conn pointer till now and if the mount from a machine is not allowed as auth.allow did not permit it, then also we were destroying the connection object. Change-Id: Iac43e8dc078d905edafb44d6670f88989a8f82a3 BUG: 881062 Signed-off-by: Raghavendra Bhat <raghavendra@redhat.com> Reviewed-on: http://review.gluster.org/4373 Reviewed-by: Amar Tumballi <amarts@redhat.com> Tested-by: Gluster Build System <jenkins@build.gluster.com> 
If getting bound_xl fails, then while putting the connection back we
should also check for bound_xl pointer for NULL apart from the op_ret
and the connection object. We were checking just op_ret and conn pointer
till now and if the mount from a machine is not allowed as auth.allow
did not permit it, then also we were destroying the connection object.

Change-Id: Iac43e8dc078d905edafb44d6670f88989a8f82a3
BUG: 881062
Signed-off-by: Raghavendra Bhat <raghavendra@redhat.com>
Reviewed-on: http://review.gluster.org/4373
Reviewed-by: Amar Tumballi <amarts@redhat.com>
Tested-by: Gluster Build System <jenkins@build.gluster.com>
core: remove all the 'inner' functions in codebase 2012-12-20T07:35:29+00:00 Amar Tumballi amarts@redhat.com 2012-11-12T19:44:43+00:00 000e65d7af7be31236e060064fb3b4a332e78cf3 * move 'dict_keys_join()' from api/glfs_fops.c to libglusterfs/dict.c - also added an argument which is treated as a filter function if required, currently useful for fuse. * now 'make CFLAGS="-std=gnu99 -pedantic" 2>&1 | grep nested' gives no output. Change-Id: I4e18496fbd93ae1d3942026ef4931889cba015e8 Signed-off-by: Amar Tumballi <amarts@redhat.com> BUG: 875913 Reviewed-on: http://review.gluster.org/4187 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Anand Avati <avati@redhat.com> 
* move 'dict_keys_join()' from api/glfs_fops.c to libglusterfs/dict.c
  - also added an argument which is treated as a filter function if
    required, currently useful for fuse.

* now 'make CFLAGS="-std=gnu99 -pedantic" 2>&1 | grep nested' gives
  no output.

Change-Id: I4e18496fbd93ae1d3942026ef4931889cba015e8
Signed-off-by: Amar Tumballi <amarts@redhat.com>
BUG: 875913
Reviewed-on: http://review.gluster.org/4187
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Anand Avati <avati@redhat.com>
protocol/server: Do not access key after GF_FREE in _delete_auth_opt() 2012-12-19T21:18:58+00:00 Krutika Dhananjay kdhananj@redhat.com 2012-11-28T16:59:36+00:00 da7ca1efcf3a621c27f05d621715e57fdc5aa397 PROBLEMS: 1.'key' becomes a dangling pointer after the first call to dict_del() returns, in _delete_auth_opt(). Therefore, the second call to fnmatch() is made with 'key' pointing to deallocated space. 2. Also, the name _delete_auth_opt seems to suggest that the function is intended to match and delete "auth" options from the dictionary. But it winds up deleting all the options irrespective of whether the pattern match was successful or not. The same is true with _copy_auth_opt(). FIX: Changed _delete_auth_opt() to delete the key ONLY if it matches either of the two patterns (auth.addr.*.allow and auth.addr.*.reject). Similarly, changed _copy_auth_opt() along the same lines. Change-Id: Ic8664e5a0a29cefe43cb59a27e32fbdbeac154b5 BUG: 881062 Signed-off-by: Krutika Dhananjay <kdhananj@redhat.com> Reviewed-on: http://review.gluster.org/4337 Reviewed-by: Pranith Kumar Karampuri <pkarampu@redhat.com> Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Anand Avati <avati@redhat.com> 
PROBLEMS:

1.'key' becomes a dangling pointer after the first call to dict_del()
   returns, in _delete_auth_opt(). Therefore, the second call to
   fnmatch() is made with 'key' pointing to deallocated space.

2. Also, the name _delete_auth_opt seems to suggest that the function
   is intended to match and delete "auth" options from the dictionary.
   But it winds up deleting all the options irrespective of whether
   the pattern match was successful or not. The same is true with
   _copy_auth_opt().

FIX:

Changed _delete_auth_opt() to delete the key ONLY if it matches either
of the two patterns (auth.addr.*.allow and auth.addr.*.reject).
Similarly, changed _copy_auth_opt() along the same lines.

Change-Id: Ic8664e5a0a29cefe43cb59a27e32fbdbeac154b5
BUG: 881062
Signed-off-by: Krutika Dhananjay <kdhananj@redhat.com>
Reviewed-on: http://review.gluster.org/4337
Reviewed-by: Pranith Kumar Karampuri <pkarampu@redhat.com>
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Anand Avati <avati@redhat.com>