Package: nfs-common
Version: 1:1.2.2-1
Severity: important
Tags: patch
The fstab read while loop in /etc/init.d/nfs-common catched my eye.
There's a real danger things may go wrong there, as commented out lines
are _not_ ignored.
The lenny version of the init script suffers from the same problem.
Please find attached a series of small patches which attempt to both
correct the potentional error mentioned above and enhance the script.
-- System Information:
Debian Release: squeeze/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.32-5-686 (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/bash
Versions of packages nfs-common depends on:
ii adduser 3.112 add and remove users and groups
ii initscripts 2.88dsf-9 scripts for initializing and shutt
ii libc6 2.11.2-2 Embedded GNU C Library: Shared lib
ii libcap2 1:2.17-2 support for getting/setting POSIX.
ii libcomerr2 1.41.12-2 common error description library
ii libevent-1.4-2 1.4.13-stable-1 An asynchronous event notification
ii libgssapi-krb5-2 1.8.1+dfsg-5 MIT Kerberos runtime libraries - k
ii libgssglue1 0.1-4 mechanism-switch gssapi library
ii libk5crypto3 1.8.1+dfsg-5 MIT Kerberos runtime libraries - C
ii libkrb5-3 1.8.1+dfsg-5 MIT Kerberos runtime libraries
ii libnfsidmap2 0.23-2 An nfs idmapping library
ii librpcsecgss3 0.19-2 allows secure rpc communication us
ii libwrap0 7.6.q-19 Wietse Venema's TCP wrappers libra
ii lsb-base 3.2-23.1 Linux Standard Base 3.2 init scrip
ii netbase 4.42 Basic TCP/IP networking system
ii portmap 6.0.0-2 RPC port mapper
ii ucf 3.0025 Update Configuration File: preserv
nfs-common recommends no packages.
nfs-common suggests no packages.
-- no debconf information
Cheers,
--
Cristian
--- nfs-common.~1~ 2008-07-14 12:02:48.000000000 +0200
+++ nfs-common 2010-06-27 15:02:17.000000000 +0200
@@ -81,7 +81,7 @@
esac
case "$NEED_IDMAPD" in
- yes|no)
+ yes|no)
;;
*)
NEED_IDMAPD=$AUTO_NEED_IDMAPD
@@ -89,7 +89,7 @@
esac
case "$NEED_GSSD" in
- yes|no)
+ yes|no)
;;
*)
NEED_GSSD=$AUTO_NEED_GSSD
--- nfs-common.~2~ 2010-06-27 15:02:17.000000000 +0200
+++ nfs-common 2010-06-27 15:06:38.000000000 +0200
@@ -23,7 +23,7 @@
NEED_GSSD=
PIPEFS_MOUNTPOINT=/var/lib/nfs/rpc_pipefs
RPCGSSDOPTS=
-if [ -f $DEFAULTFILE ]; then
+if [ -r $DEFAULTFILE ]; then
. $DEFAULTFILE
fi
@@ -40,7 +40,7 @@
AUTO_NEED_IDMAPD=no
AUTO_NEED_GSSD=no
-if [ -f /etc/fstab ]; then
+if [ -r /etc/fstab ]; then
exec 9<&0 </etc/fstab
while read DEV MTPT FSTYPE OPTS REST
@@ -68,7 +68,7 @@
# condition in nfs-kernel-server's init script does, which has a value in
# itself.
#
-if [ -f /etc/exports ] && grep -q '^[[:space:]]*[^#]*/' /etc/exports; then
+if [ -r /etc/exports ] && grep -q '^[[:space:]]*[^#]*/' /etc/exports; then
AUTO_NEED_IDMAPD=yes
fi
@@ -97,7 +97,7 @@
esac
do_modprobe() {
- if [ -x /sbin/modprobe -a -f /proc/modules ]
+ if [ -x /sbin/modprobe -a -r /proc/modules ]
then
modprobe -q "$1" || true
fi
--- nfs-common.~3~ 2010-06-27 15:06:38.000000000 +0200
+++ nfs-common 2010-06-27 15:11:19.000000000 +0200
@@ -45,6 +45,11 @@
while read DEV MTPT FSTYPE OPTS REST
do
+ case $DEV in
+ ''|\#*)
+ continue
+ ;;
+ esac
if [ "$FSTYPE" = "nfs4" ]; then
AUTO_NEED_IDMAPD=yes
fi
--- nfs-common.~4~ 2010-06-27 15:11:19.000000000 +0200
+++ nfs-common 2010-06-27 15:13:39.000000000 +0200
@@ -50,15 +50,15 @@
continue
;;
esac
- if [ "$FSTYPE" = "nfs4" ]; then
- AUTO_NEED_IDMAPD=yes
- fi
- case "$OPTS" in
-
- sec=krb5|*,sec=krb5|sec=krb5,*|*,sec=krb5i,*|sec=krb5i|*,sec=krb5i|sec=krb5i,*|*,sec=krb5i,*|sec=krb5p|*,sec=krb5p|sec=krb5p,*|*,sec=krb5p,*)
- AUTO_NEED_GSSD=yes
- ;;
- esac
+ if [ "$FSTYPE" = "nfs4" ]; then
+ AUTO_NEED_IDMAPD=yes
+ fi
+ case "$OPTS" in
+
+ sec=krb5|*,sec=krb5|sec=krb5,*|*,sec=krb5i,*|sec=krb5i|*,sec=krb5i|sec=krb5i,*|*,sec=krb5i,*|sec=krb5p|*,sec=krb5p|sec=krb5p,*|*,sec=krb5p,*)
+ AUTO_NEED_GSSD=yes
+ ;;
+ esac
done
exec 0<&9 9<&-
@@ -79,32 +79,32 @@
case "$NEED_STATD" in
yes|no)
- ;;
+ ;;
*)
- NEED_STATD=yes
- ;;
+ NEED_STATD=yes
+ ;;
esac
case "$NEED_IDMAPD" in
yes|no)
- ;;
+ ;;
*)
- NEED_IDMAPD=$AUTO_NEED_IDMAPD
+ NEED_IDMAPD=$AUTO_NEED_IDMAPD
;;
esac
case "$NEED_GSSD" in
yes|no)
- ;;
+ ;;
*)
- NEED_GSSD=$AUTO_NEED_GSSD
+ NEED_GSSD=$AUTO_NEED_GSSD
;;
esac
do_modprobe() {
if [ -x /sbin/modprobe -a -r /proc/modules ]
then
- modprobe -q "$1" || true
+ modprobe -q "$1" || true
fi
}
@@ -137,11 +137,11 @@
if [ "$NEED_STATD" = yes ]; then
log_progress_msg "statd"
start-stop-daemon --start --oknodo --quiet \
- --exec $PREFIX/sbin/rpc.statd -- $STATDOPTS
+ --exec $PREFIX/sbin/rpc.statd -- $STATDOPTS
RET=$?
if [ $RET != 0 ]; then
- log_end_msg $RET
- exit $RET
+ log_end_msg $RET
+ exit $RET
fi
fi
@@ -157,36 +157,36 @@
do_modprobe nfsd
if do_mount rpc_pipefs $PIPEFS_MOUNTPOINT
then
- if [ "$NEED_IDMAPD" = yes ]
+ if [ "$NEED_IDMAPD" = yes ]
then
- log_progress_msg "idmapd"
+ log_progress_msg "idmapd"
start-stop-daemon --start --oknodo --quiet \
--exec /usr/sbin/rpc.idmapd
RET=$?
- if [ $RET != 0 ]; then
- log_end_msg $RET
- exit $RET
- fi
+ if [ $RET != 0 ]; then
+ log_end_msg $RET
+ exit $RET
+ fi
fi
if [ "$NEED_GSSD" = yes ]
then
do_modprobe rpcsec_gss_krb5
- log_progress_msg "gssd"
+ log_progress_msg "gssd"
- # we need this available; better to fail now than
+ # we need this available; better to fail now than
# mysteriously on the first mount
if ! grep -q -E '^nfs[ ]' /etc/services; then
- log_action_end_msg 1 "broken /etc/services, please see /usr/share/doc/nfs-common/README.Debian.nfsv4"
+ log_action_end_msg 1 "broken /etc/services, please see /usr/share/doc/nfs-common/README.Debian.nfsv4"
exit 1
fi
start-stop-daemon --start --oknodo --quiet \
--exec /usr/sbin/rpc.gssd -- $RPCGSSDOPTS
RET=$?
- if [ $RET != 0 ]; then
- log_end_msg $RET
- exit $RET
- fi
+ if [ $RET != 0 ]; then
+ log_end_msg $RET
+ exit $RET
+ fi
fi
fi
fi
@@ -203,31 +203,31 @@
--name rpc.gssd
RET=$?
if [ $RET != 0 ]; then
- log_end_msg $RET
- exit $RET
- fi
+ log_end_msg $RET
+ exit $RET
+ fi
fi
if [ "$NEED_IDMAPD" = yes ]
then
log_progress_msg "idmapd"
start-stop-daemon --stop --oknodo --quiet \
--name rpc.idmapd
- RET=$?
+ RET=$?
if [ $RET != 0 ]; then
- log_end_msg $RET
- exit $RET
- fi
+ log_end_msg $RET
+ exit $RET
+ fi
fi
if [ "$NEED_STATD" = yes ]
then
log_progress_msg "statd"
start-stop-daemon --stop --oknodo --quiet \
- --name rpc.statd
+ --name rpc.statd
RET=$?
if [ $RET != 0 ]; then
- log_end_msg $RET
- exit $RET
- fi
+ log_end_msg $RET
+ exit $RET
+ fi
fi
do_umount $PIPEFS_MOUNTPOINT 2>/dev/null || true
log_end_msg 0
@@ -238,14 +238,14 @@
then
if ! pidof rpc.statd >/dev/null
then
- echo "rpc.statd not running"
- exit 3
+ echo "rpc.statd not running"
+ exit 3
fi
fi
if [ "$NEED_GSSD" = yes ]
then
- if ! pidof rpc.gssd >/dev/null
+ if ! pidof rpc.gssd >/dev/null
then
echo "rpc.gssd not running"
exit 3
@@ -254,7 +254,7 @@
if [ "$NEED_IDMAPD" = yes ]
then
- if ! pidof rpc.idmapd >/dev/null
+ if ! pidof rpc.idmapd >/dev/null
then
echo "rpc.idmapd not running"
exit 3
--- nfs-common.~5~ 2010-06-27 15:13:39.000000000 +0200
+++ nfs-common 2010-06-27 15:19:35.000000000 +0200
@@ -50,10 +50,10 @@
continue
;;
esac
- if [ "$FSTYPE" = "nfs4" ]; then
+ if [ "$FSTYPE" = nfs4 ]; then
AUTO_NEED_IDMAPD=yes
fi
- case "$OPTS" in
+ case $OPTS in
sec=krb5|*,sec=krb5|sec=krb5,*|*,sec=krb5i,*|sec=krb5i|*,sec=krb5i|sec=krb5i,*|*,sec=krb5i,*|sec=krb5p|*,sec=krb5p|sec=krb5p,*|*,sec=krb5p,*)
AUTO_NEED_GSSD=yes
@@ -77,7 +77,7 @@
AUTO_NEED_IDMAPD=yes
fi
-case "$NEED_STATD" in
+case $NEED_STATD in
yes|no)
;;
*)
@@ -85,7 +85,7 @@
;;
esac
-case "$NEED_IDMAPD" in
+case $NEED_IDMAPD in
yes|no)
;;
*)
@@ -93,7 +93,7 @@
;;
esac
-case "$NEED_GSSD" in
+case $NEED_GSSD in
yes|no)
;;
*)
@@ -130,7 +130,7 @@
}
# See how we were called.
-case "$1" in
+case $1 in
start)
log_daemon_msg "Starting $DESC"
@@ -159,7 +159,7 @@
then
if [ "$NEED_IDMAPD" = yes ]
then
- log_progress_msg "idmapd"
+ log_progress_msg idmapd
start-stop-daemon --start --oknodo --quiet \
--exec /usr/sbin/rpc.idmapd
RET=$?
@@ -198,7 +198,7 @@
if [ "$NEED_GSSD" = yes ]
then
- log_progress_msg "gssd"
+ log_progress_msg gssd
start-stop-daemon --stop --oknodo --quiet \
--name rpc.gssd
RET=$?
@@ -209,7 +209,7 @@
fi
if [ "$NEED_IDMAPD" = yes ]
then
- log_progress_msg "idmapd"
+ log_progress_msg idmapd
start-stop-daemon --stop --oknodo --quiet \
--name rpc.idmapd
RET=$?
@@ -220,7 +220,7 @@
fi
if [ "$NEED_STATD" = yes ]
then
- log_progress_msg "statd"
+ log_progress_msg statd
start-stop-daemon --stop --oknodo --quiet \
--name rpc.statd
RET=$?
--- nfs-common.~6~ 2010-06-27 15:19:35.000000000 +0200
+++ nfs-common 2010-06-27 15:21:26.000000000 +0200
@@ -102,7 +102,7 @@
esac
do_modprobe() {
- if [ -x /sbin/modprobe -a -r /proc/modules ]
+ if [ -x /sbin/modprobe ] && [ -r /proc/modules ]
then
modprobe -q "$1" || true
fi
--- nfs-common.~7~ 2010-06-27 15:21:26.000000000 +0200
+++ nfs-common 2010-06-27 15:32:59.000000000 +0200
@@ -23,9 +23,7 @@
NEED_GSSD=
PIPEFS_MOUNTPOINT=/var/lib/nfs/rpc_pipefs
RPCGSSDOPTS=
-if [ -r $DEFAULTFILE ]; then
- . $DEFAULTFILE
-fi
+[ ! -r $DEFAULTFILE ] || . $DEFAULTFILE
. /lib/lsb/init-functions
@@ -50,11 +48,8 @@
continue
;;
esac
- if [ "$FSTYPE" = nfs4 ]; then
- AUTO_NEED_IDMAPD=yes
- fi
+ [ "$FSTYPE" != nfs4 ] || AUTO_NEED_IDMAPD=yes
case $OPTS in
-
sec=krb5|*,sec=krb5|sec=krb5,*|*,sec=krb5i,*|sec=krb5i|*,sec=krb5i|sec=krb5i,*|*,sec=krb5i,*|sec=krb5p|*,sec=krb5p|sec=krb5p,*|*,sec=krb5p,*)
AUTO_NEED_GSSD=yes
;;
@@ -73,9 +68,8 @@
# condition in nfs-kernel-server's init script does, which has a value in
# itself.
#
-if [ -r /etc/exports ] && grep -q '^[[:space:]]*[^#]*/' /etc/exports; then
+[ ! -r /etc/exports ] || ! grep -q '^[[:space:]]*[^#]*/' /etc/exports ||
AUTO_NEED_IDMAPD=yes
-fi
case $NEED_STATD in
yes|no)
@@ -102,31 +96,17 @@
esac
do_modprobe() {
- if [ -x /sbin/modprobe ] && [ -r /proc/modules ]
- then
- modprobe -q "$1" || true
- fi
+ [ ! -x /sbin/modprobe ] || [ ! -r /proc/modules ] ||
+ modprobe -q "$1" || :
}
do_mount() {
- if ! grep -E -qs "$1\$" /proc/filesystems
- then
- return 1
- fi
- if ! mountpoint -q "$2"
- then
- mount -t "$1" "$1" "$2"
- return
- fi
- return 0
+ grep -E -qs "$1\$" /proc/filesystems || return 1
+ mountpoint -q "$2" || mount -t "$1" "$1" "$2"
}
do_umount() {
- if mountpoint -q "$1"
- then
- umount "$1"
- fi
- return 0
+ ! mountpoint -q "$1" || umount "$1"
}
# See how we were called.
--- nfs-common.~8~ 2010-06-27 15:32:59.000000000 +0200
+++ nfs-common 2010-06-27 15:41:59.000000000 +0200
@@ -117,12 +117,11 @@
if [ "$NEED_STATD" = yes ]; then
log_progress_msg "statd"
start-stop-daemon --start --oknodo --quiet \
- --exec $PREFIX/sbin/rpc.statd -- $STATDOPTS
- RET=$?
- if [ $RET != 0 ]; then
+ --exec $PREFIX/sbin/rpc.statd -- $STATDOPTS || {
+ RET=$?
log_end_msg $RET
exit $RET
- fi
+ }
fi
# Don't start idmapd and gssd if we don't have them (say, if /usr is not
@@ -141,12 +140,11 @@
then
log_progress_msg idmapd
start-stop-daemon --start --oknodo --quiet \
- --exec /usr/sbin/rpc.idmapd
- RET=$?
- if [ $RET != 0 ]; then
+ --exec /usr/sbin/rpc.idmapd || {
+ RET=$?
log_end_msg $RET
exit $RET
- fi
+ }
fi
if [ "$NEED_GSSD" = yes ]
then
@@ -161,12 +159,11 @@
fi
start-stop-daemon --start --oknodo --quiet \
- --exec /usr/sbin/rpc.gssd -- $RPCGSSDOPTS
- RET=$?
- if [ $RET != 0 ]; then
+ --exec /usr/sbin/rpc.gssd -- $RPCGSSDOPTS || {
+ RET=$?
log_end_msg $RET
exit $RET
- fi
+ }
fi
fi
fi
@@ -179,73 +176,64 @@
if [ "$NEED_GSSD" = yes ]
then
log_progress_msg gssd
- start-stop-daemon --stop --oknodo --quiet \
- --name rpc.gssd
- RET=$?
- if [ $RET != 0 ]; then
+ start-stop-daemon --stop --oknodo --quiet --name rpc.gssd || {
+ RET=$?
log_end_msg $RET
exit $RET
- fi
+ }
fi
if [ "$NEED_IDMAPD" = yes ]
then
log_progress_msg idmapd
- start-stop-daemon --stop --oknodo --quiet \
- --name rpc.idmapd
- RET=$?
- if [ $RET != 0 ]; then
+ start-stop-daemon --stop --oknodo --quiet --name rpc.idmapd || {
+ RET=$?
log_end_msg $RET
exit $RET
- fi
+ }
fi
if [ "$NEED_STATD" = yes ]
then
log_progress_msg statd
- start-stop-daemon --stop --oknodo --quiet \
- --name rpc.statd
- RET=$?
- if [ $RET != 0 ]; then
+ start-stop-daemon --stop --oknodo --quiet --name rpc.statd || {
+ RET=$?
log_end_msg $RET
exit $RET
- fi
+ }
fi
- do_umount $PIPEFS_MOUNTPOINT 2>/dev/null || true
+ do_umount $PIPEFS_MOUNTPOINT 2>/dev/null || :
log_end_msg 0
;;
status)
if [ "$NEED_STATD" = yes ]
then
- if ! pidof rpc.statd >/dev/null
- then
+ pidof rpc.statd >/dev/null || {
echo "rpc.statd not running"
exit 3
- fi
+ }
fi
if [ "$NEED_GSSD" = yes ]
then
- if ! pidof rpc.gssd >/dev/null
- then
+ pidof rpc.gssd >/dev/null || {
echo "rpc.gssd not running"
exit 3
- fi
+ }
fi
if [ "$NEED_IDMAPD" = yes ]
then
- if ! pidof rpc.idmapd >/dev/null
- then
+ pidof rpc.idmapd >/dev/null || {
echo "rpc.idmapd not running"
exit 3
- fi
+ }
fi
echo "all daemons running"
exit 0
;;
- restart | force-reload)
+ restart|force-reload)
$0 stop
sleep 1
$0 start
--- nfs-common.~9~ 2010-06-27 15:41:59.000000000 +0200
+++ nfs-common 2010-06-27 15:45:08.000000000 +0200
@@ -43,12 +43,15 @@
while read DEV MTPT FSTYPE OPTS REST
do
+ # Ignore empty and commented out lines.
case $DEV in
''|\#*)
continue
;;
esac
+
[ "$FSTYPE" != nfs4 ] || AUTO_NEED_IDMAPD=yes
+
case $OPTS in
sec=krb5|*,sec=krb5|sec=krb5,*|*,sec=krb5i,*|sec=krb5i|*,sec=krb5i|sec=krb5i,*|*,sec=krb5i,*|sec=krb5p|*,sec=krb5p|sec=krb5p,*|*,sec=krb5p,*)
AUTO_NEED_GSSD=yes
--- nfs-common.~10~ 2010-06-27 15:45:08.000000000 +0200
+++ nfs-common 2010-06-27 15:46:58.000000000 +0200
@@ -71,7 +71,7 @@
# condition in nfs-kernel-server's init script does, which has a value in
# itself.
#
-[ ! -r /etc/exports ] || ! grep -q '^[[:space:]]*[^#]*/' /etc/exports ||
+[ ! -r /etc/exports ] || ! grep -q '^[[:blank:]]*[^#]*/' /etc/exports ||
AUTO_NEED_IDMAPD=yes
case $NEED_STATD in
--- nfs-common.~11~ 2010-06-27 15:46:58.000000000 +0200
+++ nfs-common 2010-06-27 15:59:23.000000000 +0200
@@ -112,6 +112,11 @@
! mountpoint -q "$1" || umount "$1"
}
+do_errout() {
+ log_end_msg $1
+ exit $1
+}
+
# See how we were called.
case $1 in
start)
@@ -143,11 +148,7 @@
then
log_progress_msg idmapd
start-stop-daemon --start --oknodo --quiet \
- --exec /usr/sbin/rpc.idmapd || {
- RET=$?
- log_end_msg $RET
- exit $RET
- }
+ --exec /usr/sbin/rpc.idmapd || do_errout $?
fi
if [ "$NEED_GSSD" = yes ]
then
@@ -162,11 +163,8 @@
fi
start-stop-daemon --start --oknodo --quiet \
- --exec /usr/sbin/rpc.gssd -- $RPCGSSDOPTS || {
- RET=$?
- log_end_msg $RET
- exit $RET
- }
+ --exec /usr/sbin/rpc.gssd -- $RPCGSSDOPTS ||
+ do_errout $?
fi
fi
fi
@@ -179,29 +177,20 @@
if [ "$NEED_GSSD" = yes ]
then
log_progress_msg gssd
- start-stop-daemon --stop --oknodo --quiet --name rpc.gssd || {
- RET=$?
- log_end_msg $RET
- exit $RET
- }
+ start-stop-daemon --stop --oknodo --quiet --name rpc.gssd ||
+ do_errout $?
fi
if [ "$NEED_IDMAPD" = yes ]
then
log_progress_msg idmapd
start-stop-daemon --stop --oknodo --quiet --name rpc.idmapd || {
- RET=$?
- log_end_msg $RET
- exit $RET
- }
+ do_errout $?
fi
if [ "$NEED_STATD" = yes ]
then
log_progress_msg statd
start-stop-daemon --stop --oknodo --quiet --name rpc.statd || {
- RET=$?
- log_end_msg $RET
- exit $RET
- }
+ do_errout $?
fi
do_umount $PIPEFS_MOUNTPOINT 2>/dev/null || :
log_end_msg 0
--- nfs-common.~12~ 2010-06-27 15:59:23.000000000 +0200
+++ nfs-common 2010-06-27 16:06:58.000000000 +0200
@@ -39,8 +39,6 @@
AUTO_NEED_GSSD=no
if [ -r /etc/fstab ]; then
- exec 9<&0 </etc/fstab
-
while read DEV MTPT FSTYPE OPTS REST
do
# Ignore empty and commented out lines.
@@ -57,9 +55,7 @@
AUTO_NEED_GSSD=yes
;;
esac
- done
-
- exec 0<&9 9<&-
+ done < /etc/fstab
fi
#
