glusterfs.git/xlators/nfs/server/src/nfs-common.h, branch v3.4.2qa3 dual license: update remaining files with correct license text 2013-10-30T22:22:29+00:00 Kaleb S. KEITHLEY kkeithle@redhat.com 2013-10-23T14:20:25+00:00 31ce9bad07414764572d07ab8e69a34c9c57475d Sayan Saha has previously approved changing everthing to dual license but somehow we have missed changing these files. I am explicitly not updating the copyright dates as nothing else that's copyrightable has changed in these files with the license change Change-Id: I498eb648527a2c55a384df335b555bd5c6087e03 BUG: 951551 Signed-off-by: Kaleb S. KEITHLEY <kkeithle@redhat.com> Reviewed-on: http://review.gluster.org/6129 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Anand Avati <avati@redhat.com> 
Sayan Saha has previously approved changing everthing to dual license
but somehow we have missed changing these files.

I am explicitly not updating the copyright dates as nothing else that's
copyrightable has changed in these files with the license change

Change-Id: I498eb648527a2c55a384df335b555bd5c6087e03
BUG: 951551
Signed-off-by: Kaleb S. KEITHLEY <kkeithle@redhat.com>
Reviewed-on: http://review.gluster.org/6129
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Anand Avati <avati@redhat.com>
nfs: do lookup on getattr after brick-status change 2012-10-19T14:16:33+00:00 Jeff Darcy jdarcy@redhat.com 2012-10-10T13:12:50+00:00 09d981409f1379265ee02db9cd5f62672fba4747 By doing a lookup, we get a chance to do all of the self-heal checks that would occur if we were using native protocol, and return proper status if the self-heal fails. Best of all, we don't need to misrepresent times. Change-Id: I76477d1e5fce4d83e4029e02fcdd71e81e23110d BUG: 830134 Signed-off-by: Jeff Darcy <jdarcy@redhat.com> Reviewed-on: http://review.gluster.org/4058 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Vijay Bellur <vbellur@redhat.com> 
By doing a lookup, we get a chance to do all of the self-heal checks that
would occur if we were using native protocol, and return proper status if
the self-heal fails.  Best of all, we don't need to misrepresent times.

Change-Id: I76477d1e5fce4d83e4029e02fcdd71e81e23110d
BUG: 830134
Signed-off-by: Jeff Darcy <jdarcy@redhat.com>
Reviewed-on: http://review.gluster.org/4058
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Vijay Bellur <vbellur@redhat.com>
glusterd: auth allow enhancements 2012-02-20T08:30:54+00:00 Rajesh Amaravathi rajesh@redhat.com 2012-02-20T07:01:10+00:00 975933a25d14cbac861e809b40c6edd01acaa28d * PROBLEM: When address-based authentication is enabled on a volume, the gNfs server, self-heal daemon (shd), and other operations such as quota, rebalance, replace-brick and geo-replication either stop working or the services are not started if all the peers' ipv{4,6} addresses or hostnames are not added in the "set auth.allow" operation, breaking the functionality of several operations. E.g: volume vol in a cluster of two peers: /mnt/brick1 in 192.168.1.4 /mnt/brick2 in 192.168.1.5 option auth.allow 192.168.1.6 (allow connection requests only from 192.168.1.6) This will disrupt the nfs servers on 192.168.1.{4,5}. brick server processes reject connection requests from both nfs servers (on 4,5), because the peer addresses are not in the auth.allow list. Same holds true for local mounts (on peer machines), self-heal daemon, and other operations which perform a glusterfs mount on one of the peers. * SOLUTION: Login-based authentication (username/password pairs, henceforth referred to as "keys") for gluster services and operations. These *per-volume* keys can be used to by-pass the addr-based authentication, provided none of the peers' addresses are put in the auth.reject list, to enable gluster services like gNfs, self-heal daemon and internal operations on volumes when auth.allow option is exercised. * IMPLEMENTATION: 1. Glusterd generates keys for each volume and stores it in memory as well as in respective volfiles. A new TRUSTED-FUSE volfile is generated which is fuse volfile + keys in protocol/client, and is named trusted-<volname>-fuse.vol. This is used by all local mounts. ANY local mount (on any peer) is granted the trusted-fuse volfile instead of fuse volfile via getspec. non-local mounts are NOT granted the trusted fuse volfile. 2. The keys generated for the volume is written to each server volfile telling servers to allow users with these keys. 3. NFS, self-heal daemon and replace-brick volfiles are updated with the volume's authentication keys. 4. The keys are NOT written to fuse volfiles for obvious reasons. 5. The ownership of volfiles and logfiles is restricted to root users. 6. Merging two identical definitions of peer_info_t in auth/addr and rpc-lib, throwing away the one in auth/addr. 7. Code cleanup in numerous places as appropriate. * IMPORTANT NOTES: 1. One SHOULD NOT put any of the peer addresses in the auth.reject list if one wants any of the glusterd services and features such as gNfs, self-heal, rebalance, geo-rep and quota. 2. If one wants to use username/password based authentication to volumes, one shall append to the server, nfs and shd volfiles, the keys one wants to use for authentication, *while_retaining those_generated_by_glusterd*. See doc/authentication.txt file for details. Change-Id: Ie0331d625ad000d63090e2d622fe1728fbfcc453 BUG: 789942 Signed-off-by: Rajesh Amaravathi <rajesh@redhat.com> Reviewed-on: http://review.gluster.com/2733 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Vijay Bellur <vijay@gluster.com> 
* PROBLEM:

  When address-based authentication is enabled on a volume,
  the gNfs server, self-heal daemon (shd), and other operations
  such as quota, rebalance, replace-brick and geo-replication
  either stop working or the services are not started if all
  the peers' ipv{4,6} addresses or hostnames are not added in
  the "set auth.allow" operation, breaking the functionality
  of several operations.

  E.g:
    volume vol in a cluster of two peers:
    /mnt/brick1 in 192.168.1.4
    /mnt/brick2 in 192.168.1.5

    option auth.allow 192.168.1.6
    (allow connection requests only from 192.168.1.6)

    This will disrupt the nfs servers on 192.168.1.{4,5}.
    brick server processes reject connection requests from both
    nfs servers (on 4,5), because the peer addresses are not in
    the auth.allow list.

    Same holds true for local mounts (on peer machines),
    self-heal daemon, and other operations which perform
    a glusterfs mount on one of the peers.

* SOLUTION:

  Login-based authentication (username/password pairs,
  henceforth referred to as "keys") for gluster services and
  operations.

  These *per-volume* keys can be used to by-pass the addr-based
  authentication, provided none of the peers' addresses are put
  in the auth.reject list, to enable gluster services like gNfs,
  self-heal daemon and internal operations on volumes when
  auth.allow option is exercised.

* IMPLEMENTATION:

  1. Glusterd generates keys for each volume and stores it in
     memory as well as in respective volfiles.
     A new TRUSTED-FUSE volfile is generated which is
     fuse volfile + keys in protocol/client,
     and is named trusted-<volname>-fuse.vol.
     This is used by all local mounts. ANY local mount (on any peer)
     is granted the trusted-fuse volfile instead of fuse volfile
     via getspec. non-local mounts are NOT granted the trusted fuse
     volfile.

  2. The keys generated for the volume is written to each server
     volfile telling servers to allow users with these keys.

  3. NFS, self-heal daemon and replace-brick volfiles are updated
     with the volume's authentication keys.

  4. The keys are NOT written to fuse volfiles for obvious reasons.

  5. The ownership of volfiles and logfiles is restricted to root users.

  6. Merging two identical definitions of peer_info_t in auth/addr
     and rpc-lib, throwing away the one in auth/addr.

  7. Code cleanup in numerous places as appropriate.

* IMPORTANT NOTES:

  1. One SHOULD NOT put any of the peer addresses in the auth.reject
     list if one wants any of the glusterd services and features
     such as gNfs, self-heal, rebalance, geo-rep and quota.

  2. If one wants to use username/password based authentication
     to volumes, one shall append to the server, nfs and shd volfiles,
     the keys one wants to use for authentication, *while_retaining
     those_generated_by_glusterd*.
     See doc/authentication.txt file for details.

Change-Id: Ie0331d625ad000d63090e2d622fe1728fbfcc453
BUG: 789942
Signed-off-by: Rajesh Amaravathi <rajesh@redhat.com>
Reviewed-on: http://review.gluster.com/2733
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Vijay Bellur <vijay@gluster.com>
nfs: changes for using nameless lookup and anonymous FDs 2012-01-20T13:06:15+00:00 Anand Avati avati@gluster.com 2012-01-13T17:47:07+00:00 bb1e07b7f42e7db415527852e98fcc1cbf2e1285 - Use gfid to create filehandle instead of encoding path components - Utilize nameless lookups of GFID for deep resolution instead of crawling the namespace with component hints - Use anonymous FDs for file based operations - Do away with fdcaching code for files and dirs Change-Id: Ic48fb23370b25d183f7e1fc1cc5dffa9d5bab3fb BUG: 781318 Reviewed-on: http://review.gluster.com/2645 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Anand Avati <avati@gluster.com> 
- Use gfid to create filehandle instead of encoding path components
- Utilize nameless lookups of GFID for deep resolution instead of
  crawling the namespace with component hints
- Use anonymous FDs for file based operations
- Do away with fdcaching code for files and dirs

Change-Id: Ic48fb23370b25d183f7e1fc1cc5dffa9d5bab3fb
BUG: 781318
Reviewed-on: http://review.gluster.com/2645
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Anand Avati <avati@gluster.com>
Change Copyright current year 2011-08-10T17:57:19+00:00 Pranith Kumar K pranithk@gluster.com 2011-08-09T07:00:19+00:00 b58dc65f2ac305056a25a2177cee9a03cd1bdca2 Change-Id: I2d10f2be44f518f496427f257988f1858e888084 BUG: 3348 Reviewed-on: http://review.gluster.com/200 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Anand Avati <avati@gluster.com> 
Change-Id: I2d10f2be44f518f496427f257988f1858e888084
BUG: 3348
Reviewed-on: http://review.gluster.com/200
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Anand Avati <avati@gluster.com>
LICENSE: s/GNU Affero General Public/GNU General Public/ 2011-08-06T13:33:52+00:00 Pranith Kumar K pranithk@gluster.com 2011-08-06T08:30:03+00:00 0cf100b58c34b40eb7f35fa6913996539e0e3aa9 Change-Id: I3914467611e573cccee0d22df93920cf1b2eb79f BUG: 3348 Reviewed-on: http://review.gluster.com/182 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Anand Avati <avati@gluster.com> 
Change-Id: I3914467611e573cccee0d22df93920cf1b2eb79f
BUG: 3348
Reviewed-on: http://review.gluster.com/182
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Anand Avati <avati@gluster.com>
Change NFS_PATH_MAX value to 4096 2011-03-19T03:36:48+00:00 shishir gowda shishirng@gluster.com 2011-03-18T05:37:24+00:00 24d326a5180adaedf8d49a2d087afa0ec470a537 This is tmp fix for crash seen on solaris gnfs server is received path is longer than PATH_MAX. On solaris default PATH_MAX is 1024, and linux default PATH_MAX is 4096. Signed-off-by: shishir gowda <shishirng@gluster.com> Signed-off-by: Vijay Bellur <vijay@dev.gluster.com> BUG: 2476 () URL: http://bugs.gluster.com/cgi-bin/bugzilla3/show_bug.cgi?id=2476 
This is tmp fix for crash seen on solaris gnfs server is received path is
longer than PATH_MAX. On solaris default PATH_MAX is 1024, and linux default
PATH_MAX is 4096.

Signed-off-by: shishir gowda <shishirng@gluster.com>
Signed-off-by: Vijay Bellur <vijay@dev.gluster.com>

BUG: 2476 ()
URL: http://bugs.gluster.com/cgi-bin/bugzilla3/show_bug.cgi?id=2476
nfs: Introduce nfs.enable-ino32 to support legacy 32-bit only apps 2010-10-29T11:17:08+00:00 Shehjar Tikoo shehjart@gluster.com 2010-10-29T05:38:13+00:00 c65be2d304c67e57447d6d4a2e53fae07e31ff5c Signed-off-by: Shehjar Tikoo <shehjart@gluster.com> Signed-off-by: Anand V. Avati <avati@dev.gluster.com> BUG: 1972 (xcs get doesn't work with gNFS) URL: http://bugs.gluster.com/cgi-bin/bugzilla3/show_bug.cgi?id=1972 
Signed-off-by: Shehjar Tikoo <shehjart@gluster.com>
Signed-off-by: Anand V. Avati <avati@dev.gluster.com>

BUG: 1972 (xcs get doesn't work with gNFS)
URL: http://bugs.gluster.com/cgi-bin/bugzilla3/show_bug.cgi?id=1972
nfs: Revert downed-subvolume changes 2010-10-07T12:08:59+00:00 Shehjar Tikoo shehjart@gluster.com 2010-10-07T05:23:59+00:00 58ce5f46af7e08db3d786c597ec5144294fbd099 For the record these are the patches committed as: 1. "nfs, nfs3: Base volume access on CHILD-UP-DOWN event" http://git.gluster.com/?p=glusterfs.git;a=commit;h=f47b0c55de9941823fbefe4b3a7e37179d6d4329 2. "nfs: Fix multiple subvolume CHILD-UP support" http://git.gluster.com/?p=glusterfs.git;a=commit;h=336e2df7b74be7ad4c9ed403ca10b9f7f7ef9a58 3. "nfs,nfs3: Disable subvolume on ENOTCONN" http://git.gluster.com/?p=glusterfs.git;a=commit;h=8c6e27cdaf895e3031c3256efb9472a6c0bf61f3 Signed-off-by: Shehjar Tikoo <shehjart@gluster.com> Signed-off-by: Vijay Bellur <vijay@dev.gluster.com> BUG: 1724 (kernel untar fails during add-brick) URL: http://bugs.gluster.com/cgi-bin/bugzilla3/show_bug.cgi?id=1724 
For the record these are the patches committed as:

1. "nfs, nfs3: Base volume access on CHILD-UP-DOWN event"
http://git.gluster.com/?p=glusterfs.git;a=commit;h=f47b0c55de9941823fbefe4b3a7e37179d6d4329

2. "nfs: Fix multiple subvolume CHILD-UP support"
http://git.gluster.com/?p=glusterfs.git;a=commit;h=336e2df7b74be7ad4c9ed403ca10b9f7f7ef9a58

3. "nfs,nfs3: Disable subvolume on ENOTCONN"
http://git.gluster.com/?p=glusterfs.git;a=commit;h=8c6e27cdaf895e3031c3256efb9472a6c0bf61f3

Signed-off-by: Shehjar Tikoo <shehjart@gluster.com>
Signed-off-by: Vijay Bellur <vijay@dev.gluster.com>

BUG: 1724 (kernel untar fails during add-brick)
URL: http://bugs.gluster.com/cgi-bin/bugzilla3/show_bug.cgi?id=1724
nfs,nfs3: Disable subvolume on ENOTCONN 2010-10-04T16:26:00+00:00 Shehjar Tikoo shehjart@gluster.com 2010-10-04T10:06:07+00:00 8c6e27cdaf895e3031c3256efb9472a6c0bf61f3 ..so that nfs does not return an error to the client, instead the subvolume gets disabled till it comes back up again. The client is expected to keep retransmitting requests in the mean time. Signed-off-by: Shehjar Tikoo <shehjart@gluster.com> Signed-off-by: Vijay Bellur <vijay@dev.gluster.com> BUG: 1724 (kernel untar fails during add-brick) URL: http://bugs.gluster.com/cgi-bin/bugzilla3/show_bug.cgi?id=1724 
..so that nfs does not return an error to the client, instead
the subvolume gets disabled till it comes back up again.

The client is expected to keep retransmitting requests in the mean time.

Signed-off-by: Shehjar Tikoo <shehjart@gluster.com>
Signed-off-by: Vijay Bellur <vijay@dev.gluster.com>

BUG: 1724 (kernel untar fails during add-brick)
URL: http://bugs.gluster.com/cgi-bin/bugzilla3/show_bug.cgi?id=1724