Commit 75bc8821 authored Mar 16, 2013 by Chuck Lever Committed by Trond Myklebust Mar 29, 2013

NFS: Handle missing rpc.gssd when looking up root FH



When rpc.gssd is not running, any NFS operation that needs to use a
GSS security flavor of course does not work.

If looking up a server's root file handle results in an
NFS4ERR_WRONGSEC, nfs4_find_root_sec() is called to try a bunch of
security flavors until one works or all reasonable flavors have
been tried.  When rpc.gssd isn't running, this loop seems to fail
immediately after rpcauth_create() craps out on the first GSS
flavor.

When the rpcauth_create() call in nfs4_lookup_root_sec() fails
because rpc.gssd is not available, nfs4_lookup_root_sec()
unconditionally returns -EIO.  This prevents nfs4_find_root_sec()
from retrying any other flavors; it drops out of its loop and fails
immediately.

Having nfs4_lookup_root_sec() return -EACCES instead allows
nfs4_find_root_sec() to try all flavors in its list.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Cc: Bryan Schumaker <bjschuma@netapp.com>
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>

parent 5007220b

fs/nfs/nfs4proc.c

+1 −1

Original line number	Diff line number	Diff line
		@@ -2506,7 +2506,7 @@ static int nfs4_lookup_root_sec(struct nfs_server server, struct nfs_fh fhandl

		auth = rpcauth_create(flavor, server->client);
		if (IS_ERR(auth)) {
		ret = -EIO;
		ret = -EACCES;
		goto out;
		}
		ret = nfs4_lookup_root(server, fhandle, info);

Admin message