diff options
author | Niels de Vos <ndevos@redhat.com> | 2017-07-06 17:04:17 +0200 |
---|---|---|
committer | Niels de Vos <ndevos@redhat.com> | 2017-07-09 09:14:22 +0000 |
commit | e304f48fa262e5cdbe181fb3fee5dfb9c893108c (patch) | |
tree | 433aa5ca96c57789cad383f15fb34a4fc49ba657 /xlators/nfs/server/src/mount3.h | |
parent | b81997264f079983fa02bd5fa2b3715224942b00 (diff) |
nfs: add permission checking for mounting over WebNFS
Solaris 10 uses WebNFS and not the MOUNT protocol. All permission checks
for allowing/denying clients to mount are done through the MNT handlers.
These handlers will not give out a filehandle to the NFS-client when
mounting is denied. This prevents clients from successful mounting.
However, over WebNFS a well known 'root-filehandle' is used directly
with the NFSv3 protocol.
When WebNFS was used, no permission checks (the "nfs.export-dir" option)
were applied. Now the WebNFS mount-handler in Gluster/NFS calls the
mnt3_parse_dir_exports() function that takes care of the permission
checking.
BUG: 1468291
Change-Id: Ic9dfd092473ba9c1c7b5fa38401cf9c0aa8395bb
Signed-off-by: Niels de Vos <ndevos@redhat.com>
Reviewed-on: https://review.gluster.org/17718
Smoke: Gluster Build System <jenkins@build.gluster.org>
Reviewed-by: soumya k <skoduri@redhat.com>
CentOS-regression: Gluster Build System <jenkins@build.gluster.org>
Reviewed-by: Kaleb KEITHLEY <kkeithle@redhat.com>
Diffstat (limited to 'xlators/nfs/server/src/mount3.h')
-rw-r--r-- | xlators/nfs/server/src/mount3.h | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/xlators/nfs/server/src/mount3.h b/xlators/nfs/server/src/mount3.h index ce01a6c543d..8868aec787a 100644 --- a/xlators/nfs/server/src/mount3.h +++ b/xlators/nfs/server/src/mount3.h @@ -178,4 +178,11 @@ struct mount3_resolve_state { typedef struct mount3_resolve_state mnt3_resolve_t; +int +mnt3_parse_dir_exports (rpcsvc_request_t *req, struct mount3_state *ms, + char *subdir, gf_boolean_t send_reply); + +char* +mnt3_get_volume_subdir (char *path, char **volname); + #endif |