diff -uNr util-linux-2.12p-orig/mount/nfs.5 util-linux-2.12p/mount/nfs.5 --- util-linux-2.12p-orig/mount/nfs.5 2005-02-21 15:21:09 +0300 +++ util-linux-2.12p/mount/nfs.5 2005-02-21 15:21:48 +0300 @@ -165,7 +165,7 @@ Use an alternate RPC version number to contact the mount daemon on the remote host. This option is useful for hosts that can run multiple NFS servers. -The default value is version 1. +The default value depends on which kernel you are using. .TP 1.5i .I nfsprog=n Use an alternate RPC program number to contact the @@ -178,7 +178,7 @@ Use an alternate RPC version number to contact the NFS daemon on the remote host. This option is useful for hosts that can run multiple NFS servers. -The default value is version 2. +The default value depends on which kernel you are using. .TP 1.5i .I nolock Disable NFS locking. Do not start lockd. @@ -230,9 +230,25 @@ .TP 1.5i .I noac Disable all forms of attribute caching entirely. This extracts a -server performance penalty but it allows two different NFS clients -to get reasonable good results when both clients are actively -writing to common filesystem on the server. +significant performance penalty but it allows two different NFS clients +to get reasonable results when both clients are actively +writing to a common export on the server. +.TP 1.5i +.I sec=mode +Set the security flavor for this mount to "mode". +The default setting is \f3sec=sys\f1, which uses local +unix uids and gids to authenticate NFS operations (AUTH_SYS). +Other currently supported settings are: +\f3sec=krb5\f1, which uses Kerberos V5 instead of local unix uids +and gids to authenticate users; +\f3sec=krb5i\f1, which uses Kerberos V5 for user authentication +and performs integrity checking of NFS operations using secure +checksums to prevent data tampering; and +\f3sec=krb5p\f1, which uses Kerberos V5 for user authentication +and integrity checking, and encrypts NFS traffic to prevent +traffic sniffing (this is the most secure setting). +Note that there is a performance penalty when using integrity +or privacy. .TP 1.5i .I tcp Mount the NFS filesystem using the TCP protocol instead of the @@ -347,15 +363,8 @@ communicating with an NFS version 4 server. This option is currently ignored. .TP 1.5i -.I sec=n -Specify an advanced security mechanism for this file system. -To use Kerberos 5 mutual authentication, specify -.IR krb5 . -Kerberos 5 integrity checking is specified with -.IR krb5i , -and Kerberos 5 privacy is specified with -.IR krb5p . -Other security mechanisms may become available in the future. +.I sec=mode +Same as \f3sec=mode\f1 for the nfs filesystem type (see above). .TP 1.5i .I bg If an NFS mount attempt times out, retry the mount diff -uNr util-linux-2.12p-orig/mount/nfs_mount4.h util-linux-2.12p/mount/nfs_mount4.h --- util-linux-2.12p-orig/mount/nfs_mount4.h 2000-10-14 18:20:51 +0400 +++ util-linux-2.12p/mount/nfs_mount4.h 2005-02-21 15:21:48 +0300 @@ -8,7 +8,7 @@ * so it is easiest to ignore the kernel altogether (at compile time). */ -#define NFS_MOUNT_VERSION 4 +#define NFS_MOUNT_VERSION 5 struct nfs2_fh { char data[32]; @@ -36,6 +36,7 @@ int namlen; /* 2 */ unsigned int bsize; /* 3 */ struct nfs3_fh root; /* 4 */ + int pseudoflavor; /* 5 */ }; /* bits in the flags field */ @@ -51,4 +52,19 @@ #define NFS_MOUNT_KERBEROS 0x0100 /* 3 */ #define NFS_MOUNT_NONLM 0x0200 /* 3 */ #define NFS_MOUNT_BROKEN_SUID 0x0400 /* 4 */ +#define NFS_MOUNT_SECFLAVOUR 0x2000 /* 5 */ + +/* security pseudoflavors */ + +#ifndef AUTH_GSS_KRB5 +#define AUTH_GSS_KRB5 390003 +#define AUTH_GSS_KRB5I 390004 +#define AUTH_GSS_KRB5P 390005 +#define AUTH_GSS_LKEY 390006 +#define AUTH_GSS_LKEYI 390007 +#define AUTH_GSS_LKEYP 390008 +#define AUTH_GSS_SPKM 390009 +#define AUTH_GSS_SPKMI 390010 +#define AUTH_GSS_SPKMP 390011 +#endif diff -uNr util-linux-2.12p-orig/mount/nfsmount.c util-linux-2.12p/mount/nfsmount.c --- util-linux-2.12p-orig/mount/nfsmount.c 2005-02-21 15:21:09 +0300 +++ util-linux-2.12p/mount/nfsmount.c 2005-02-21 15:21:48 +0300 @@ -109,6 +109,8 @@ static const struct timeval TIMEOUT = { 20, 0 }; static const struct timeval RETRY_TIMEOUT = { 3, 0 }; +static int nfs_call_umount(clnt_addr_t *mnt_server, dirpath *argp); + /* Define the order in which to probe for UDP/TCP services */ static const u_int * proto_probelist(const int use_tcp) @@ -211,8 +213,10 @@ mnt_version = 4; /* since 2.2.18pre9 */ else if (kernel_version < MAKE_VERSION(2,3,99)) mnt_version = 3; + else if (kernel_version < MAKE_VERSION(2,6,0)) + mnt_version = 4; else - mnt_version = 4; /* since 2.3.99pre4 */ + mnt_version = 5; } if (mnt_version > NFS_MOUNT_VERSION) mnt_version = NFS_MOUNT_VERSION; @@ -596,6 +600,40 @@ #endif } else if (!sloppy) goto bad_parameter; +#if NFS_MOUNT_VERSION >= 5 + } else if (!strcmp(opt, "sec")) { + char *secflavor = opteq+1; + /* see RFC 2623 */ + if (nfs_mount_version < 5) { + printf(_("Warning: ignoring sec=%s option\n"), secflavor); + continue; + } else if (!strcmp(secflavor, "sys")) + data->pseudoflavor = AUTH_SYS; + else if (!strcmp(secflavor, "krb5")) + data->pseudoflavor = AUTH_GSS_KRB5; + else if (!strcmp(secflavor, "krb5i")) + data->pseudoflavor = AUTH_GSS_KRB5I; + else if (!strcmp(secflavor, "krb5p")) + data->pseudoflavor = AUTH_GSS_KRB5P; + else if (!strcmp(secflavor, "lipkey")) + data->pseudoflavor = AUTH_GSS_LKEY; + else if (!strcmp(secflavor, "lipkey-i")) + data->pseudoflavor = AUTH_GSS_LKEYI; + else if (!strcmp(secflavor, "lipkey-p")) + data->pseudoflavor = AUTH_GSS_LKEYP; + else if (!strcmp(secflavor, "spkm3")) + data->pseudoflavor = AUTH_GSS_SPKM; + else if (!strcmp(secflavor, "spkm3i")) + data->pseudoflavor = AUTH_GSS_SPKMI; + else if (!strcmp(secflavor, "spkm3p")) + data->pseudoflavor = AUTH_GSS_SPKMP; + else if (!sloppy) { + printf(_("Warning: Unrecognized security flavor %s.\n"), + secflavor); + goto bad_parameter; + } + data->flags |= NFS_MOUNT_SECFLAVOUR; +#endif } else if (!strcmp(opt, "mounthost")) mounthost=xstrndup(opteq+1, strcspn(opteq+1," \t\n\r,")); @@ -745,7 +783,7 @@ mntres_t mntres; struct stat statbuf; - char *s, *p; + char *s; int bg, retry; int retval; time_t t; @@ -809,6 +847,7 @@ #if NFS_MOUNT_VERSION >= 2 data.namlen = NAME_MAX; #endif + data.pseudoflavor = AUTH_SYS; bg = 0; retry = 10000; /* 10000 minutes ~ 1 week */ @@ -847,6 +886,9 @@ printf("tcp = %d\n", (data.flags & NFS_MOUNT_TCP) != 0); #endif +#if NFS_MOUNT_VERSION >= 5 + printf("sec = %u\n", data.pseudoflavor); +#endif #endif data.version = nfs_mount_version; @@ -949,7 +991,9 @@ #endif } else { #if NFS_MOUNT_VERSION >= 4 + mountres3_ok *mountres; fhandle3 *fhandle; + int i, *flavor, yum = 0; if (mntres.nfsv3.fhs_status != 0) { fprintf(stderr, _("mount: %s:%s failed, reason given by server: %s\n"), @@ -957,6 +1001,32 @@ nfs_strerror(mntres.nfsv3.fhs_status)); goto fail; } +#if NFS_MOUNT_VERSION >= 5 + mountres = &mntres.nfsv3.mountres3_u.mountinfo; + i = mountres->auth_flavours.auth_flavours_len; + if (i <= 0) + goto noauth_flavours; + + flavor = mountres->auth_flavours.auth_flavours_val; + while (--i >= 0) { + if (flavor[i] == data.pseudoflavor) + yum = 1; +#ifdef NFS_MOUNT_DEBUG + printf("auth flavor %d: %d\n", + i, flavor[i]); +#endif + } + if (!yum) { + fprintf(stderr, + "mount: %s:%s failed, " + "security flavor not supported\n", + hostname, dirname); + /* server has registered us in mtab, send umount */ + nfs_call_umount(&mnt_server, &dirname); + goto fail; + } +noauth_flavours: +#endif fhandle = &mntres.nfsv3.mountres3_u.mountinfo.fhandle; memset(data.old_root.data, 0, NFS_FHSIZE); memset(&data.root, 0, sizeof(data.root));