Print this page
11083 support NFS server in zone
Portions contributed by: Dan Kruchinin <dan.kruchinin@nexenta.com>
Portions contributed by: Stepan Zastupov <stepan.zastupov@gmail.com>
Portions contributed by: Joyce McIntosh <joyce.mcintosh@nexenta.com>
Portions contributed by: Mike Zeller <mike@mikezeller.net>
Portions contributed by: Dan McDonald <danmcd@joyent.com>
Portions contributed by: Gordon Ross <gordon.w.ross@gmail.com>
Portions contributed by: Vitaliy Gusev <gusev.vitaliy@gmail.com>
Reviewed by: Rick McNeal <rick.mcneal@nexenta.com>
Reviewed by: Rob Gittins <rob.gittins@nexenta.com>
Reviewed by: Sanjay Nadkarni <sanjay.nadkarni@nexenta.com>
Reviewed by: Jason King <jbk@joyent.com>
Reviewed by: C Fraire <cfraire@me.com>
Change-Id: I22f289d357503f9b48a0bc2482cc4328a6d43d16
*** 19,41 ****
* CDDL HEADER END
*/
/*
* Copyright (c) 2006, 2010, Oracle and/or its affiliates. All rights reserved.
- * Copyright 2016 Nexenta Systems, Inc.
* Copyright (c) 2014, 2016 by Delphix. All rights reserved.
*/
/*
* NFS specific functions
*/
#include <stdio.h>
#include <string.h>
#include <ctype.h>
#include <stdlib.h>
#include <unistd.h>
- #include <zone.h>
#include <errno.h>
#include <locale.h>
#include <signal.h>
#include <strings.h>
#include "libshare.h"
--- 19,41 ----
* CDDL HEADER END
*/
/*
* Copyright (c) 2006, 2010, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2014, 2016 by Delphix. All rights reserved.
+ * Copyright 2018 Nexenta Systems, Inc.
*/
/*
* NFS specific functions
*/
+
#include <stdio.h>
#include <string.h>
#include <ctype.h>
#include <stdlib.h>
#include <unistd.h>
#include <errno.h>
#include <locale.h>
#include <signal.h>
#include <strings.h>
#include "libshare.h"
*** 1903,1994 ****
sa_free_derived_security(sec);
if (sectype != NULL)
sa_free_attr_string(sectype);
}
}
! /*
! * when we get here, we can do the exportfs system call and
! * initiate things. We probably want to enable the
! * svc:/network/nfs/server service first if it isn't running.
! */
! /* check svc:/network/nfs/server status and start if needed */
/* now add the share to the internal tables */
printarg(path, &export);
/*
* call the exportfs system call which is implemented
* via the nfssys() call as the EXPORTFS subfunction.
*/
if (iszfs) {
struct exportfs_args ea;
share_t sh;
- char *str;
- priv_set_t *priv_effective;
- int privileged;
- /*
- * If we aren't a privileged user
- * and NFS server service isn't running
- * then print out an error message
- * and return EPERM
- */
-
- priv_effective = priv_allocset();
- (void) getppriv(PRIV_EFFECTIVE, priv_effective);
-
- privileged = (priv_isfullset(priv_effective) == B_TRUE);
- priv_freeset(priv_effective);
-
- if (!privileged &&
- (str = smf_get_state(NFS_SERVER_SVC)) != NULL) {
- err = 0;
- if (strcmp(str, SCF_STATE_STRING_ONLINE) != 0) {
- (void) printf(dgettext(TEXT_DOMAIN,
- "NFS: Cannot share remote "
- "filesystem: %s\n"), path);
- (void) printf(dgettext(TEXT_DOMAIN,
- "NFS: Service needs to be enabled "
- "by a privileged user\n"));
- err = SA_SYSTEM_ERR;
- errno = EPERM;
- }
- free(str);
- }
-
- if (err == 0) {
ea.dname = path;
ea.uex = &export;
(void) sa_sharetab_fill_zfs(share, &sh, "nfs");
! err = sa_share_zfs(share, NULL, path, &sh,
! &ea, ZFS_SHARE_NFS);
if (err != SA_OK) {
errno = err;
err = -1;
}
sa_emptyshare(&sh);
- }
} else {
err = exportfs(path, &export);
}
if (err < 0) {
err = SA_SYSTEM_ERR;
switch (errno) {
- case EREMOTE:
- (void) printf(dgettext(TEXT_DOMAIN,
- "NFS: Cannot share filesystems "
- "in non-global zones: %s\n"), path);
- err = SA_NOT_SUPPORTED;
- break;
case EPERM:
- if (getzoneid() != GLOBAL_ZONEID) {
- (void) printf(dgettext(TEXT_DOMAIN,
- "NFS: Cannot share file systems "
- "in non-global zones: %s\n"), path);
- err = SA_NOT_SUPPORTED;
- break;
- }
err = SA_NO_PERMISSION;
break;
case EEXIST:
err = SA_SHARE_EXISTS;
break;
--- 1903,1941 ----
sa_free_derived_security(sec);
if (sectype != NULL)
sa_free_attr_string(sectype);
}
}
!
/* now add the share to the internal tables */
printarg(path, &export);
/*
* call the exportfs system call which is implemented
* via the nfssys() call as the EXPORTFS subfunction.
*/
if (iszfs) {
struct exportfs_args ea;
share_t sh;
ea.dname = path;
ea.uex = &export;
(void) sa_sharetab_fill_zfs(share, &sh, "nfs");
! err = sa_share_zfs(share, NULL, path, &sh, &ea, ZFS_SHARE_NFS);
if (err != SA_OK) {
errno = err;
err = -1;
}
sa_emptyshare(&sh);
} else {
err = exportfs(path, &export);
}
if (err < 0) {
err = SA_SYSTEM_ERR;
switch (errno) {
case EPERM:
err = SA_NO_PERMISSION;
break;
case EEXIST:
err = SA_SHARE_EXISTS;
break;
*** 2096,2108 ****
*/
switch (errno) {
case EPERM:
case EACCES:
ret = SA_NO_PERMISSION;
- if (getzoneid() != GLOBAL_ZONEID) {
- ret = SA_NOT_SUPPORTED;
- }
break;
case EINVAL:
case ENOENT:
ret = SA_NO_SUCH_PATH;
break;
--- 2043,2052 ----