[SCM] Samba Shared Repository - branch v3-3-test updated - release-3-2-0pre2-3266-gc633f10

Thu Jul 17 04:22:59 GMT 2008

On Wed, 2008-07-16 at 19:28 -0500, Jeremy Allison wrote:
> The branch, v3-3-test has been updated
>        via  c633f10d9e78327664e6bca51f66756bcf0505a6 (commit)
>       from  654f8de8497aff29f9b1f1822b6a8e734ff329e0 (commit)
> 
> http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-3-test
> 
> 
> - Log -----------------------------------------------------------------
> commit c633f10d9e78327664e6bca51f66756bcf0505a6
> Author: Jeremy Allison <jra at samba.org>
^^^^
Jeremy you should use --author when you commit a patch whose author is
someone else, this way attribution will be correct.


> Date:   Wed Jul 16 17:27:05 2008 -0700
> 
>     This patchset comprises a number of cleanups for the cifs upcall
>     binary. The biggest change is that it renames it from cifs.spnego
>     to cifs.upcall since the cifs.spnego name really isn't applicable
>     anymore.
>     
>     It also fixes a segfault when the program is run without any args
>     and adds a manpage. Comments and/or suggestions appreciated.
>     
>     This set should apply cleanly to the 3.3 test branch.
>     
>     Signed-off-by: Jeff Layton <jlayton at redhat.com>
>     Jeremy.
> 
> -----------------------------------------------------------------------
> 
> Summary of changes:
>  docs-xml/manpages-3/cifs.upcall.8.xml          |  115 ++++++++++++++++++++++++
>  source/Makefile.in                             |   20 ++--
>  source/client/{cifs.spnego.c => cifs.upcall.c} |   31 ++++---
>  source/configure.in                            |   32 ++++----
>  4 files changed, 161 insertions(+), 37 deletions(-)
>  create mode 100644 docs-xml/manpages-3/cifs.upcall.8.xml
>  rename source/client/{cifs.spnego.c => cifs.upcall.c} (94%)
> 
> 
> Changeset truncated at 500 lines:
> 
> diff --git a/docs-xml/manpages-3/cifs.upcall.8.xml b/docs-xml/manpages-3/cifs.upcall.8.xml
> new file mode 100644
> index 0000000..8df776b
> --- /dev/null
> +++ b/docs-xml/manpages-3/cifs.upcall.8.xml
> @@ -0,0 +1,115 @@
> +<?xml version="1.0" encoding="iso-8859-1"?>
> +<!DOCTYPE refentry PUBLIC "-//Samba-Team//DTD DocBook V4.2-Based Variant V1.0//EN" "http://www.samba.org/samba/DTD/samba-doc">
> +<refentry id="cifs.upcall.8">
> +
> +
> +<refmeta>
> +        <refentrytitle>cifs.upcall</refentrytitle>
> +        <manvolnum>8</manvolnum>
> +        <refmiscinfo class="source">Samba</refmiscinfo>
> +        <refmiscinfo class="manual">System Administration tools</refmiscinfo>
> +        <refmiscinfo class="version">3.2</refmiscinfo>
> +</refmeta>
> +
> +<refnamediv>
> +        <refname>cifs.upcall</refname>
> +        <refpurpose>Userspace upcall helper for Common Internet File System (CIFS)</refpurpose>
> +</refnamediv>
> +
> +<refsynopsisdiv>
> +        <cmdsynopsis>
> +                <command>cifs.upcall</command>
> +                <arg choice="opt">-c</arg>
> +                <arg choice="opt">-v</arg>
> +                <arg choice="req">keyid</arg>
> +        </cmdsynopsis>
> +</refsynopsisdiv>
> +
> +
> +<refsect1>
> +        <title>DESCRIPTION</title>
> +
> +        <para>This tool is part of the <citerefentry><refentrytitle>samba</refentrytitle>
> +        <manvolnum>7</manvolnum></citerefentry> suite.</para>
> +
> +<para>cifs.upcall is a userspace helper program for the linux CIFS client
> +filesystem. There are a number of activities that the kernel cannot easily
> +do itself. This program is a callout program that does these things for the
> +kernel and then returns the result.</para>
> +
> +<para>cifs.upcall is generally intended to be run when the kernel calls
> +request-key<manvolnum>8</manvolnum> for a particular key type. While it
> +can be run directly from the command-line, it's not generally intended
> +to be run that way.</para>
> +</refsect1>
> +
> +<refsect1>
> +	<title>OPTIONS</title>
> +	<variablelist>
> +		<varlistentry>
> +		<term>-c</term>
> +		<listitem><para>When handling a kerberos upcall, use a service principal that starts with "cifs/". The default is to use the "host/" service principal.
> +		</para></listitem>
> +		</varlistentry>
> +
> +		<varlistentry>
> +		<term>-v</term>
> +		<listitem><para>Print version number and exit.
> +		</para></listitem>
> +		</varlistentry>
> +	</variablelist>
> +</refsect1>
> +
> +<refsect1>
> +	<title>CONFIGURATION FOR KEYCTL</title>
> +	<para>cifs.upcall is designed to be called from the kernel via the request-key callout program. This requres that request-key be told where and how to call this program. The current cifs.upcall program handles two different key types:</para>
> +
> +	<variablelist>
> +		<varlistentry>
> +		<term>cifs.spnego</term>
> +		<listitem><para>This keytype is for retrieving kerberos session keys
> +		</para></listitem>
> +		</varlistentry>
> +
> +		<varlistentry>
> +		<term>cifs.resolve</term>
> +		<listitem><para>This key type is for resolving hostnames into IP addresses
> +		</para></listitem>
> +		</varlistentry>
> +	</variablelist>
> +
> +	<para>To make this program useful for CIFS, you'll need to set up entries for them in request-key.conf<manvolnum>5</manvolnum>. Here's an example of an entry for each key type:</para>
> +<programlisting>
> +#OPERATION  TYPE           D C PROGRAM ARG1 ARG2...
> +#=========  =============  = = ==========================================
> +create	    cifs.spnego    * * /usr/local/sbin/cifs.upcall -c %k
> +create      cifs.resolver  * * /usr/local/sbin/cifs.upcall %k
> +</programlisting>
> +<para>
> +See <citerefentry><refentrytitle>request-key.conf<manvolnum>5</manvolnum></refentrytitle></citerefentry> for more info on each field.
> +</para>
> +</refsect1>
> +
> +<refsect1>
> +        <title>SEE ALSO</title>
> +        <para>
> +	<citerefentry><refentrytitle>request-key.conf</refentrytitle>
> +        <manvolnum>5</manvolnum></citerefentry>,
> +	<citerefentry><refentrytitle>mount.cifs</refentrytitle>
> +        <manvolnum>8</manvolnum></citerefentry>
> +	</para>
> +</refsect1>
> +
> +<refsect1>
> +        <title>AUTHOR</title>
> +
> +	<para>Igor Mammedov wrote the cifs.upcall program.</para>
> +	<para>Jeff Layton authored this manpage.</para>
> +	<para>The maintainer of the Linux CIFS VFS is Steve French.</para>
> +        <para>The <ulink url="mailto:linux-cifs-client at lists.samba.org">Linux
> +		CIFS Mailing list</ulink> is the preferred place to ask
> +		questions regarding these programs.
> +	</para>
> +</refsect1>
> +
> +</refentry>
> diff --git a/source/Makefile.in b/source/Makefile.in
> index cd70183..85837a8 100644
> --- a/source/Makefile.in
> +++ b/source/Makefile.in
> @@ -178,7 +178,7 @@ PATH_FLAGS = -DSMB_PASSWD_FILE=\"$(SMB_PASSWD_FILE)\" \
>  
>  SBIN_PROGS = bin/smbd at EXEEXT@ bin/nmbd at EXEEXT@ @SWAT_SBIN_TARGETS@ @EXTRA_SBIN_PROGS@
>  
> -ROOT_SBIN_PROGS = @CIFSMOUNT_PROGS@ @CIFSSPNEGO_PROGS@
> +ROOT_SBIN_PROGS = @CIFSMOUNT_PROGS@ @CIFSUPCALL_PROGS@
>  
>  BIN_PROGS1 = bin/smbclient at EXEEXT@ bin/net at EXEEXT@ bin/smbspool at EXEEXT@ \
>  	bin/testparm at EXEEXT@ bin/smbstatus at EXEEXT@ bin/smbget at EXEEXT@
> @@ -878,7 +878,7 @@ CIFS_MOUNT_OBJ = client/mount.cifs.o
>  
>  CIFS_UMOUNT_OBJ = client/umount.cifs.o
>  
> -CIFS_SPNEGO_OBJ = client/cifs.spnego.o
> +CIFS_UPCALL_OBJ = client/cifs.upcall.o
>  
>  NMBLOOKUP_OBJ = utils/nmblookup.o $(PARAM_OBJ) $(LIBNMB_OBJ) \
>                 $(LIB_NONSMBD_OBJ) $(POPT_LIB_OBJ) $(LIBSAMBA_OBJ)
> @@ -1340,9 +1340,9 @@ bin/umount.cifs at EXEEXT@: $(BINARY_PREREQS) $(CIFS_UMOUNT_OBJ) @BUILD_POPT@
>  	@echo Linking $@
>  	@$(CC) $(FLAGS) -o $@ $(CIFS_UMOUNT_OBJ) $(DYNEXP) $(LDFLAGS) $(POPT_LIBS)
>  
> -bin/cifs.spnego at EXEEXT@: $(BINARY_PREREQS) $(CIFS_SPNEGO_OBJ) $(LIBSMBCLIENT_OBJ1) @BUILD_POPT@ @LIBTALLOC_SHARED@ @LIBTDB_SHARED@ @LIBWBCLIENT_SHARED@
> +bin/cifs.upcall at EXEEXT@: $(BINARY_PREREQS) $(CIFS_UPCALL_OBJ) $(LIBSMBCLIENT_OBJ1) @BUILD_POPT@ @LIBTALLOC_SHARED@ @LIBTDB_SHARED@ @LIBWBCLIENT_SHARED@
>  	@echo Linking $@
> -	@$(CC) $(FLAGS) -o $@ $(CIFS_SPNEGO_OBJ) $(DYNEXP) $(LDFLAGS) \
> +	@$(CC) $(FLAGS) -o $@ $(CIFS_UPCALL_OBJ) $(DYNEXP) $(LDFLAGS) \
>  		-lkeyutils $(LIBS) $(LIBSMBCLIENT_OBJ1) $(KRB5LIBS) \
>  		$(LDAP_LIBS) $(POPT_LIBS) $(LIBTALLOC_LIBS) $(WINBIND_LIBS) \
>  		$(LIBTDB_LIBS)
> @@ -2449,7 +2449,7 @@ bin/rpc_open_tcp at EXEEXT@: $(BINARY_PREREQS) $(RPC_OPEN_TCP_OBJ) @LIBTALLOC_SHARE
>  		$(LIBS) $(LIBTALLOC_LIBS) @LIBTDB_SHARED@ $(WINBIND_LIBS) \
>  		$(LDAP_LIBS) $(KRB5LIBS) $(NSCD_LIBS)
>  
> -install:: installservers installbin @INSTALL_CIFSMOUNT@ @INSTALL_CIFSSPNEGO@ installman \
> +install:: installservers installbin @INSTALL_CIFSMOUNT@ @INSTALL_CIFSUPCALL@ installman \
>  		installscripts installdat installmodules @SWAT_INSTALL_TARGETS@ \
>  		@INSTALL_PAM_MODULES@ installlibs
>  
> @@ -2476,9 +2476,9 @@ installcifsmount:: @CIFSMOUNT_PROGS@
>  	@$(SHELL) $(srcdir)/script/installdirs.sh $(INSTALLPERMS_BIN) $(DESTDIR) $(ROOTSBINDIR)
>  	@$(SHELL) script/installbin.sh $(INSTALLPERMS_BIN) $(DESTDIR) $(prefix) $(ROOTSBINDIR) @CIFSMOUNT_PROGS@
>  
> -installcifsspnego:: @CIFSSPNEGO_PROGS@
> +installcifsupcall:: @CIFSUPCALL_PROGS@
>  	@$(SHELL) $(srcdir)/script/installdirs.sh $(INSTALLPERMS_BIN) $(DESTDIR) $(ROOTSBINDIR)
> -	@$(SHELL) script/installbin.sh $(INSTALLPERMS_BIN) $(DESTDIR) $(prefix) $(ROOTSBINDIR) @CIFSSPNEGO_PROGS@
> +	@$(SHELL) script/installbin.sh $(INSTALLPERMS_BIN) $(DESTDIR) $(prefix) $(ROOTSBINDIR) @CIFSUPCALL_PROGS@
>  
>  # Some symlinks are required for the 'probing' of modules.
>  # This mechanism should go at some point..
> @@ -2545,7 +2545,7 @@ showlayout::
>  	@echo "  swatdir:     $(SWATDIR)"
>  
> 
> -uninstall:: uninstallman uninstallservers uninstallbin @UNINSTALL_CIFSMOUNT@ @UNINSTALL_CIFSSPNEGO@ uninstallscripts uninstalldat uninstallswat uninstallmodules uninstalllibs @UNINSTALL_PAM_MODULES@
> +uninstall:: uninstallman uninstallservers uninstallbin @UNINSTALL_CIFSMOUNT@ @UNINSTALL_CIFSUPCALL@ uninstallscripts uninstalldat uninstallswat uninstallmodules uninstalllibs @UNINSTALL_PAM_MODULES@
>  
>  uninstallman::
>  	@$(SHELL) $(srcdir)/script/uninstallman.sh $(DESTDIR)$(MANDIR) $(srcdir) C
> @@ -2559,8 +2559,8 @@ uninstallbin::
>  uninstallcifsmount::
>  	@$(SHELL) script/uninstallbin.sh $(INSTALLPERMS_BIN) $(DESTDIR) $(prefix) $(ROOTSBINDIR) @CIFSMOUNT_PROGS@
>  
> -uninstallcifsspnego::
> -	@$(SHELL) script/uninstallbin.sh $(INSTALLPERMS_BIN) $(DESTDIR) $(prefix) $(ROOTSBINDIR) @CIFSSPNEGO_PROGS@
> +uninstallcifsupcall::
> +	@$(SHELL) script/uninstallbin.sh $(INSTALLPERMS_BIN) $(DESTDIR) $(prefix) $(ROOTSBINDIR) @CIFSUPCALL_PROGS@
>  
>  uninstallmodules::
>  	@$(SHELL) $(srcdir)/script/uninstallmodules.sh $(INSTALLPERMS_BIN) $(DESTDIR) $(prefix) $(VFSLIBDIR) $(VFS_MODULES)
> diff --git a/source/client/cifs.spnego.c b/source/client/cifs.upcall.c
> similarity index 94%
> rename from source/client/cifs.spnego.c
> rename to source/client/cifs.upcall.c
> index d10d19d..3860f33 100644
> --- a/source/client/cifs.spnego.c
> +++ b/source/client/cifs.upcall.c
> @@ -1,5 +1,5 @@
>  /*
> -* CIFS SPNEGO user-space helper.
> +* CIFS user-space helper.
>  * Copyright (C) Igor Mammedov (niallain at gmail.com) 2007
>  *
>  * Used by /sbin/request-key for handling
> @@ -8,8 +8,8 @@
>  * You should have keyutils installed and add following line to
>  * /etc/request-key.conf file
>  
> -create cifs.spnego * * /usr/local/sbin/cifs.spnego [-v][-c] %k
> -create cifs.resolver * * /usr/local/sbin/cifs.spnego [-v] %k
> +create cifs.spnego * * /usr/local/sbin/cifs.upcall [-v][-c] %k
> +create cifs.resolver * * /usr/local/sbin/cifs.upcall [-v] %k
>  
>  * This program is free software; you can redistribute it and/or modify
>  * it under the terms of the GNU General Public License as published by
> @@ -30,7 +30,7 @@ create cifs.resolver * * /usr/local/sbin/cifs.spnego [-v] %k
>  #include "cifs_spnego.h"
>  
>  const char *CIFSSPNEGO_VERSION = "1.1";
> -static const char *prog = "cifs.spnego";
> +static const char *prog = "cifs.upcall";
>  typedef enum _secType {
>  	KRB5,
>  	MS_KRB5
> @@ -200,6 +200,13 @@ int cifs_resolver(const key_serial_t key, const char *key_descr)
>  	return 0;
>  }
>  
> +void
> +usage(const char *prog)
> +{
> +	syslog(LOG_WARNING, "Usage: %s [-c] [-v] key_serial", prog);
> +	fprintf(stderr, "Usage: %s [-c] [-v] key_serial\n", prog);
> +}
> +
>  int main(const int argc, char *const argv[])
>  {
>  	struct cifs_spnego_msg *keydata = NULL;
> @@ -215,10 +222,6 @@ int main(const int argc, char *const argv[])
>  	char *buf, *hostname = NULL;
>  
>  	openlog(prog, 0, LOG_DAEMON);
> -	if (argc < 1) {
> -		syslog(LOG_WARNING, "Usage: %s [-c] key_serial", prog);
> -		goto out;
> -	}
>  
>  	while ((c = getopt(argc, argv, "cv")) != -1) {
>  		switch (c) {
> @@ -227,9 +230,8 @@ int main(const int argc, char *const argv[])
>  			break;
>  			}
>  		case 'v':{
> -			syslog(LOG_WARNING, "version: %s", CIFSSPNEGO_VERSION);
> -			fprintf(stderr, "version: %s", CIFSSPNEGO_VERSION);
> -			break;
> +			printf("version: %s\n", CIFSSPNEGO_VERSION);
> +			goto out;
>  			}
>  		default:{
>  			syslog(LOG_WARNING, "unknow option: %c", c);
> @@ -237,6 +239,13 @@ int main(const int argc, char *const argv[])
>  			}
>  		}
>  	}
> +
> +	/* is there a key? */
> +	if (argc <= optind) {
> +		usage(prog);
> +		goto out;
> +	}
> +
>  	/* get key and keyring values */
>  	errno = 0;
>  	key = strtol(argv[optind], NULL, 10);
> diff --git a/source/configure.in b/source/configure.in
> index 2ae5e35..cb0e37e 100644
> --- a/source/configure.in
> +++ b/source/configure.in
> @@ -109,9 +109,9 @@ AC_SUBST(EXTRA_BIN_PROGS)
>  AC_SUBST(CIFSMOUNT_PROGS)
>  AC_SUBST(INSTALL_CIFSMOUNT)
>  AC_SUBST(UNINSTALL_CIFSMOUNT)
> -AC_SUBST(CIFSSPNEGO_PROGS)
> -AC_SUBST(INSTALL_CIFSSPNEGO)
> -AC_SUBST(UNINSTALL_CIFSSPNEGO)
> +AC_SUBST(CIFSUPCALL_PROGS)
> +AC_SUBST(INSTALL_CIFSUPCALL)
> +AC_SUBST(UNINSTALL_CIFSUPCALL)
>  AC_SUBST(EXTRA_SBIN_PROGS)
>  AC_SUBST(EXTRA_ALL_TARGETS)
>  AC_SUBST(CONFIG_LIBS)
> @@ -4035,14 +4035,14 @@ AC_ARG_WITH(cifsmount,
>  )
>  
>  #################################################
> -# check for cifs.spnego support
> +# check for cifs.upcall support
>  AC_CHECK_HEADERS([keyutils.h], [HAVE_KEYUTILS_H=1], [HAVE_KEYUTILS_H=0])
> -CIFSSPNEGO_PROGS=""
> -INSTALL_CIFSSPNEGO=""
> -UNINSTALL_CIFSSPNEGO=""
> -AC_MSG_CHECKING(whether to build cifs.spnego)
> -AC_ARG_WITH(cifsspnego,
> -[AS_HELP_STRING([--with-cifsspnego], [Include cifs.spnego (Linux only) support (default=no)])],
> +CIFSUPCALL_PROGS=""
> +INSTALL_CIFSUPCALL=""
> +UNINSTALL_CIFSUPCALL=""
> +AC_MSG_CHECKING(whether to build cifs.upcall)
> +AC_ARG_WITH(cifsupcall,
> +[AS_HELP_STRING([--with-cifsupcall], [Include cifs.upcall (Linux only) support (default=no)])],
>  [ case "$withval" in
>    no)
>  	AC_MSG_RESULT(no)
> @@ -4051,15 +4051,15 @@ AC_ARG_WITH(cifsspnego,
>  	case "$host_os" in
>  	*linux*)
>  		if test x"$use_ads" != x"yes"; then
> -			AC_MSG_ERROR(ADS support should be enabled for building cifs.spnego)
> +			AC_MSG_ERROR(ADS support should be enabled for building cifs.upcall)
>  		elif test x"$HAVE_KEYUTILS_H" != "x1"; then
> -			AC_MSG_ERROR(keyutils package is required for cifs.spnego)
> +			AC_MSG_ERROR(keyutils package is required for cifs.upcall)
>  		else
>  			AC_MSG_RESULT(yes)
> -			AC_DEFINE(WITH_CIFSSPNEGO,1,[whether to build cifs.spnego])
> -			CIFSSPNEGO_PROGS="bin/cifs.spnego"
> -			INSTALL_CIFSSPNEGO="installcifsspnego"
> -			UNINSTALL_CIFSSPNEGO="uninstallcifsspnego"
> +			AC_DEFINE(WITH_CIFSUPCALL,1,[whether to build cifs.upcall])
> +			CIFSUPCALL_PROGS="bin/cifs.upcall"
> +			INSTALL_CIFSUPCALL="installcifsupcall"
> +			UNINSTALL_CIFSUPCALL="uninstallcifsupcall"
>  		fi
>  		;;
>  	*)
> 
> 
-- 
Simo Sorce
Samba Team GPL Compliance Officer <simo at samba.org>
Senior Software Engineer at Red Hat Inc. <ssorce at redhat.com>