Hello,
On 7/13/23 6:25 AM, Alberto Garcia wrote:
The NFS utils store their state under /var/lib/nfs and they can
generally handle the case where that directory is missing by creating
the appropriate files and directories automatically.
This is not the case of rpc-statd: if sm and sm.bak (under $statdpath,
which also defaults to /var/lib/nfs) are missing the daemon will
refuse to start and will exit with an error.
Why are they would be missing? They are created on the
nfs-utils installation.
If nfs-utils is configured with systemd support it can take advantage
of systemd-tmpfiles to ensure that the state directories are always
present and have the appropriate ownership.
This would normally be handled with the StateDirectory directive in
rpc-statd.service, however that method would not be able to change the
ownership of the directories to $statduser because this daemon needs
to be run as root, and only later changes its uid and gid.
Just curious... how did you test this patch? When I apply it
I get this error
Failed to insert: creating /var/lib/nfs/statd/sm/<client>: Permission denied
STAT_FAIL to <server> for SM_MON of <server_ip>
Maybe this is packing issue but I'm thinking it is more
of systemd issue... the permissions on the sm directory
are
283 drwx------. 2 nobody rpcuser 6 Apr 18 20:00 /var/lib/nfs/statd/sm
instead of
283 drwx------. 2 rpcuser rpcuser 6 Apr 18 20:00 /var/lib/nfs/statd/sm
Even when I change the owner to rpcuser, I still get the
permission error...
steved.
Signed-off-by: Alberto Garcia <berto@xxxxxxxxxx>
---
configure.ac | 1 +
systemd/Makefile.am | 5 +++++
systemd/nfs-utils.conf.in | 4 ++++
3 files changed, 10 insertions(+)
create mode 100644 systemd/nfs-utils.conf.in
diff --git a/configure.ac b/configure.ac
index 6fbcb974..fe958ab3 100644
--- a/configure.ac
+++ b/configure.ac
@@ -695,6 +695,7 @@ AC_CONFIG_COMMANDS_PRE([eval eval _rpc_pipefsmount=$rpc_pipefsmount])
AC_CONFIG_FILES([
Makefile
+ systemd/nfs-utils.conf
systemd/rpc-gssd.service
systemd/rpc_pipefs.target
systemd/var-lib-nfs-rpc_pipefs.mount
diff --git a/systemd/Makefile.am b/systemd/Makefile.am
index b4483222..6127986e 100644
--- a/systemd/Makefile.am
+++ b/systemd/Makefile.am
@@ -5,6 +5,9 @@ MAINTAINERCLEANFILES = Makefile.in
udev_rulesdir = /usr/lib/udev/rules.d/
udev_files = 60-nfs.rules
+sdtmpfilesdir = /usr/lib/tmpfiles.d/
+sdtmpfiles_files = nfs-utils.conf
+
unit_files = \
nfs-client.target \
rpc_pipefs.target \
@@ -85,4 +88,6 @@ install-data-hook: $(unit_files) $(udev_files)
cp $(rpc_pipefs_mount_file) $(DESTDIR)/$(unitdir)/$(rpc_pipefsmount)
mkdir -p $(DESTDIR)/$(udev_rulesdir)
cp $(udev_files) $(DESTDIR)/$(udev_rulesdir)
+ mkdir -p $(DESTDIR)/$(sdtmpfilesdir)
+ cp $(sdtmpfiles_files) $(DESTDIR)/$(sdtmpfilesdir)
endif
diff --git a/systemd/nfs-utils.conf.in b/systemd/nfs-utils.conf.in
new file mode 100644
index 00000000..a44c337e
--- /dev/null
+++ b/systemd/nfs-utils.conf.in
@@ -0,0 +1,4 @@
+# This is a systemd-tmpfiles configuration file
+# type path mode uid gid age argument
+d @statdpath@/sm 0700 @statduser@ :root - -
+d @statdpath@/sm.bak 0700 @statduser@ :root - -
