Commits on May 14, 2011
  1. Prep for 1.0-pre28 tag

    garlick committed May 14, 2011
  2. Clean up synthetic file code, add new files

    garlick committed May 13, 2011
    Rename File to Npfile.  Add np_syn_mkdir () so an entire hierarchy
    can be externally created.  The internal synthetic namespace is
    selected (only) by nil aname.  Move the usercache onto the Npsrv
    struct so we can free it when the server is cleaned up.
    Add 'usercache' - list users in cache and ttl
    Add "connections" - includes last aname attached, active fids in the
    fidpool, and number of requests submitted and retired.
    Add "wthreads" - thread state, fsuid, fsgid, number of requests handled.
Commits on May 13, 2011
  1. Add functional synthetic files

    garlick committed May 13, 2011
    Mount with nil aname and get access to 'connections' (list of conected
    clients), and 'version' (diod version).
    Also renamed lopen argument from mode to flags.  It was a misnomer.
Commits on May 12, 2011
  1. Add beginning of npfile replacement.

    garlick committed May 12, 2011
    Use P9_QTTMP qid type flag to identify synthetic files.  Handle them
    along side a regular server so they can be used to implement utilities that
    monitor or reconfigure the server.  Identify synthetic files in an attach
    for an aname that does not begin with a "/" character.
Commits on May 11, 2011
  1. Housecleaning in libnpfs

    garlick committed May 11, 2011
    Dropped unused npfile code.
    Removed indirection through np_default_op functions and just handle
    ENOSYS in the np_op handlers.
  2. Don't setfsgid to gid outside of user's sg set

    garlick committed May 11, 2011
    Return EPERM to P9_LCREATE et al if the provided gid is not one of
    the user's supplemental groups.
    Without this check, a user could get elevated privilege in a server
    running as root by attaching as themselves from user space and
    issuing requests with arbitrary gids.  Add a testcase demonstrating
Commits on May 10, 2011
  1. Add --no-userdb option.

    garlick committed May 10, 2011
    This option tells diod to ignore the password and group db's and
    allow attaches from any user, assuming gid == uid, and no additional
    group membership.
Commits on May 9, 2011
Commits on May 6, 2011
  1. autoreconf for new version

    garlick committed May 6, 2011
  2. prep for pre27 tag

    garlick committed May 6, 2011
Commits on May 5, 2011
  1. Don't call setgroups () for root

    garlick committed May 5, 2011
    And remember whose groups are loaded so if that user runs next
    in this worker, we don't have to load them then either.
    Also, instead of always calling setfsuid and setfsgid in each
    thread's first work item, initialize to geteuid and getegid and
    only call if they're different.
  2. Add a short-lived cache for password/group data

    garlick committed May 5, 2011
    Optimize the case where many clients all mount file systems on behalf
    of the same user by adding a 60s ttl cache for Npuser data.
    This minimizes the number of password/group file lookups in that case,
    and causes the cached Npuser data to be shared rather than duplicated.
    Although Npuser's are only in the cache for 60s, as before, users
    holding a reference on them won't see updated data after 60s.
    In other words, updates to supplemental group membership won't be
    picked up by existing mounts.
    As a side effect, a usercache mutex serializes all password/group
    file lookup functions.  However there should be many many fewer of them.
  3. Protect getgrouplist with a mutex

    garlick committed May 5, 2011
    Put a lock around getgrouplist as I don't think it's thread safe.
    Change the prototype of srv->remapuser so it handles the entire
    process of remapping a fid's user.
    Pass srv into user routines to facilitate more complete logging.
  4. Don't lookup user in attach if auth already did it

    garlick committed May 5, 2011
    Avoid back to back password file lookups between auth and attach.
    Add np_afid2user () which checks if the attaching user is the same as
    the auth user and then takes another reference on that Npuser and returns it.
    Clean up log messages in auth and attach handlers in libnpfs.
    Clean up log messages in diod_auth.c and make the code more resilient
    to unexpected argument values.
Commits on May 4, 2011
  1. Reconfig and fix init script

    garlick committed May 4, 2011
  2. Perform a late term abortion on diodctl.

    garlick committed May 4, 2011
    As diodctl is no longer needed for release 1.0, it is removed.
    The init script now starts 'diod' and the service is called diod not diodctl.
    The config file 'diodctllisten' and 'diodlisten' variables are replaced
    with 'listen'.
    misc/t12, the sometimes failing valgrind test on npfile, is now gone.
    Diod no longer has a -F option.
    Diodmount no longer has a 'jobid' option, and it no longer has to
    talk to diodctl of course.
    The libnpfs srv_wait_timeout() and srv_shutdown() calls go away.
    - Diodctl had no test coverage
    - Npfile similarly had no coverage, and diodctl was the only user
    - Kludgey method of testing whether a diod server had started
    - Increased mount latency by requiring more protocol to be spoken
    - Overall simplification of diod deployment.
    - Not possible to start private servers on demand (for jobs or for users).
      Perhaps this can be addressed in the future through creative thread pool
      management within the single diod instance.
    - Automounter integration is slightly less efficient in some error cases
      as described in a previous commit.
  3. Replace diodexp with diodcat

    garlick committed May 4, 2011
    The diodcat utility can cat any arbitrary file on a diod server
    from user space, subject to the same authentication/authorization
    rules as any diod client.
    auto.diod is modified to use this utility to cat the diod server's
    /proc/mounts to construct key matches, rather than cat the diodctl
    exports pseudo-file using diodexp.  The upside of this change is
    that a special purpose utility gets replaced with a general one,
    and the only reason LLNL needs diodctl in diod 1.0 goes away.
    The downside is that the server's /proc has to be made readable, and
    requests for unexported file systems will trigger a (failing) mount
    request instead of failing in the automouter key lookup.
  4. Add diodcat utility.

    garlick committed May 4, 2011
    Also we weren't setting 'iounit' return value in diod lopen response,
    so fix that.
Commits on May 3, 2011
  1. Fail attach if diod is running as another user

    garlick committed May 3, 2011
    Fix a regression in diod attach handling which allowed any user to
    attach to a server running (exclusively) as a different user.
    Added a test for this: tests/user/t12
    Also, raised the intensity of t10 and t11 somewhat (add more ops).
  2. Give libnpclient multithreading capability

    garlick committed May 3, 2011
    With the goal of creating portable unit torture tests, brought back
    Luchos's libnpclient/fsys.c which supports multiple outstanding
    requests on one connection.  Select between single and multithreaded
    fsys implementations with a new flag to npc_start(): NPC_MULTI_RPC.
    Add a couple of new tests based on this capability:
    users/t10 - simulate 256 simultaneous mounts with one user
    users/t11 - simulate 256 simultaneous mounts with four users
  3. Drop uname from npc_auth and npc_attach

    garlick committed May 3, 2011
    The auth callback required the uid to be valid, so drop
    the uname option and convert uname->uid in diodmount.