root#nfsvmb10:~# nfsidmap -c
nfsidmap: 'id_resolver' keyring was not found.
root#nfsvmb10:~# echo $?
1
If the id_resolver keyring doesn't exist, the kernel has no cached
idmap information to expunge. AFAIK it's not an error.
If nfsidmap is run by a non-privileged user, the id_resolver keyring
is never visible. IMO that should be reported, but the error message
should report the privilege problem, not the missing keyring.
Reported-by: Amy Shi <amy.shi@xxxxxxxxxx>
Fixes: 69aa69e7de80 ('nfsidmap: Allow keys to be cleared from the ')
Signed-off-by: Chuck Lever <chuck.lever@xxxxxxxxxx>
---
utils/nfsidmap/nfsidmap.c | 13 +++++++++----
1 file changed, 9 insertions(+), 4 deletions(-)
diff --git a/utils/nfsidmap/nfsidmap.c b/utils/nfsidmap/nfsidmap.c
index 507193b..15b4a51 100644
--- a/utils/nfsidmap/nfsidmap.c
+++ b/utils/nfsidmap/nfsidmap.c
@@ -80,8 +80,9 @@ static int keyring_clear(const char *keyring)
key = find_key_by_type_and_desc("keyring", keyring, 0);
if (key == -1) {
- xlog_err("'%s' keyring was not found.", keyring);
- return EXIT_FAILURE;
+ if (verbose)
+ xlog_warn("'%s' keyring was not found.", keyring);
+ return EXIT_SUCCESS;
}
if (keyctl_clear(key) < 0) {
@@ -89,10 +90,9 @@ static int keyring_clear(const char *keyring)
(unsigned int)key);
return EXIT_FAILURE;
}
-
+
if (verbose)
xlog_warn("'%s' cleared", keyring);
-
return EXIT_SUCCESS;
}
@@ -404,6 +404,11 @@ int main(int argc, char **argv)
}
}
+ if (geteuid() != 0) {
+ xlog_err("Must be run as root.");
+ return EXIT_FAILURE;
+ }
+
if ((rc = nfs4_init_name_mapping(PATH_IDMAPDCONF))) {
xlog_errno(rc, "Unable to create name to user id mappings.");
return EXIT_FAILURE;
--
To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
