summaryrefslogtreecommitdiffstats
path: root/xlators/nfs/server/src/mount3.h
diff options
context:
space:
mode:
authorNiels de Vos <ndevos@redhat.com>2015-01-01 13:15:45 +0100
committerVijay Bellur <vbellur@redhat.com>2015-03-15 07:01:38 -0700
commitaa66b8404f45712c45d75d6a2a37f32e2792cc83 (patch)
tree11d7a95bd6286204ec0ec33e4cdd8ba0c5b48028 /xlators/nfs/server/src/mount3.h
parentaac1ec0a61d9267b6ae7a280b368dfd357b7dcdc (diff)
gNFS: Export / Netgroup authentication on Gluster NFS mount
* Parses linux style export file/netgroups file into a structure that can be lookedup. * This parser turns each line into a structure called an "export directory". Each of these has a dictionary of hosts and netgroups which can be looked up during the mount authentication process. (See Change-Id Ic060aac and I7e6aa6bc) * A string beginning withan '@' is treated as a netgroup and a string beginning without an @ is a host. (See Change-Id Ie04800d) * This parser does not currently support all the options in the man page ('man exports'), but we can easily add them. BUG: 1143880 URL: http://www.gluster.org/community/documentation/index.php/Features/Exports_Netgroups_Authentication Change-Id: I181e8c1814d6ef3cae5b4d88353622734f0c0f0b Original-author: Shreyas Siravara <shreyas.siravara@gmail.com> CC: Richard Wareing <rwareing@fb.com> CC: Jiffin Tony Thottan <jthottan@redhat.com> Signed-off-by: Niels de Vos <ndevos@redhat.com> Reviewed-on: http://review.gluster.org/8758 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Vijay Bellur <vbellur@redhat.com>
Diffstat (limited to 'xlators/nfs/server/src/mount3.h')
-rw-r--r--xlators/nfs/server/src/mount3.h56
1 files changed, 54 insertions, 2 deletions
diff --git a/xlators/nfs/server/src/mount3.h b/xlators/nfs/server/src/mount3.h
index ed553d122ae..8ef9c62a655 100644
--- a/xlators/nfs/server/src/mount3.h
+++ b/xlators/nfs/server/src/mount3.h
@@ -26,6 +26,9 @@
#include "locking.h"
#include "nfs3-fh.h"
#include "uuid.h"
+#include "exports.h"
+#include "mount3-auth.h"
+#include "auth-cache.h"
/* Registered with portmap */
#define GF_MOUNTV3_PORT 38465
@@ -41,6 +44,9 @@ mnt3svc_init (xlator_t *nfsx);
extern rpcsvc_program_t *
mnt1svc_init (xlator_t *nfsx);
+extern void
+mnt3svc_deinit (xlator_t *nfsx);
+
extern int
mount_init_state (xlator_t *nfsx);
@@ -50,6 +56,20 @@ mount_reconfigure_state (xlator_t *nfsx, dict_t *options);
void
mount_rewrite_rmtab (struct mount3_state *ms, char *new_rmtab);
+struct mnt3_export *
+mnt3_mntpath_to_export (struct mount3_state *ms, const char *dirpath,
+ gf_boolean_t export_parsing_match);
+
+extern int
+mnt3svc_update_mountlist (struct mount3_state *ms, rpcsvc_request_t *req,
+ const char *expname, const char *fullpath);
+
+int
+mnt3_authenticate_request (struct mount3_state *ms, rpcsvc_request_t *req,
+ struct nfs3_fh *fh, const char *volname,
+ const char *path, char **authorized_path,
+ char **authorized_host, gf_boolean_t is_write_op);
+
/* Data structure used to store the list of mounts points currently
* in use by NFS clients.
*/
@@ -60,6 +80,15 @@ struct mountentry {
/* The export name */
char exname[MNTPATHLEN];
char hostname[MNTPATHLEN];
+ char fullpath[MNTPATHLEN];
+
+ gf_boolean_t has_full_path;
+
+ /* Since this is stored in a dict, we want to be able
+ * to find easily get the key we used to store
+ * the struct in our dict
+ */
+ char hashkey[MNTPATHLEN*2+2];
};
#define MNT3_EXPTYPE_VOLUME 1
@@ -87,14 +116,23 @@ struct mnt3_export {
xlator_t *vol;
int exptype;
+ /* This holds the full path that the client requested including
+ * the volume name AND the subdirectory in the volume.
+ */
+ char *fullpath;
+
/* Extracted from nfs volume options if nfs.dynamicvolumes is on.
*/
uuid_t volumeid;
+ uuid_t mountid;
};
struct mount3_state {
xlator_t *nfsx;
+ /* The NFS state that this belongs to */
+ struct nfs_state *nfs;
+
/* The buffers for all network IO are got from this pool. */
struct iobuf_pool *iobpool;
@@ -106,8 +144,17 @@ struct mount3_state {
*/
struct list_head mountlist;
- /* Used to protect the mountlist. */
- gf_lock_t mountlock;
+ /* Dict of current mount points over all the exports from this
+ * server. Mirrors the mountlist above, but can be used for
+ * faster lookup in the event that there are several mounts.
+ * Currently, each NFSOP is validated against this dict: each
+ * op is checked to see if the host that operates on the path
+ * does in fact have an entry in the mount dict.
+ */
+ dict_t *mountdict;
+
+ /* Used to protect the mountlist & the mount dict */
+ pthread_spinlock_t mountlock;
/* Used to insert additional authentication parameters */
struct mnt3_auth_params *auth_params;
@@ -115,6 +162,11 @@ struct mount3_state {
/* Set to 0 if exporting full volumes is disabled. On by default. */
gf_boolean_t export_volumes;
gf_boolean_t export_dirs;
+
+ pthread_t auth_refresh_thread;
+ gf_boolean_t stop_refresh;
+
+ struct auth_cache *authcache;
};
#define gf_mnt3_export_dirs(mst) ((mst)->export_dirs)