netgroup limits on -current ... [mountd(8)]
Wilkinson, Alex
alex.wilkinson at dsto.defence.gov.au
Wed Feb 22 20:57:24 PST 2006
0n Tue, Feb 21, 2006 at 08:19:32AM -0600, Vladimir Egorin wrote:
>On Tue, Feb 21, 2006 at 12:24:35PM +1030, Wilkinson, Alex wrote:
> > OS: FreeBSD 7.0-CURRENT #24: Thu Feb 16 12:28:58 CST 2006
> >
> > Hi all,
> >
> > We are currently experiencing problems with FreeBSD -CURRENT and mountd(8).
> > When we export a filesystem via NFS to a netgroup with a 'large' number of hosts
> > in it we get all sorts of truncation. There looks like a limit on the number of
> > hosts in a netgroup FreeBSD's mountd(8) can export to. e.g.
> >
> > NFS Export
> > ----------
> >
> > /export/home/username my_netgroup
> >
> > mountd(8) In Debugging Mode
> > ---------------------------
> >
> > Feb 21 12:10:49 host mountd[83451]: can't get address info for host hostname.dsto.defence.g
> > Feb 21 12:10:49 host mountd[83451]: bad host host.dsto.defence.g in netgroup my_netgroup, skipping
> >
> > This happens as mountd(8) builds its exports list via:
> >
> > mountd: getting export list
> > mountd: got line /export/home/username my_netgroup
> > mountd: making new ep fs=0x4297314f,0x57f85ac
> > got host host.dsto.defence.gov.au
> > got host host.dsto.defence.gov.au
> > got host host.dsto.defence.gov.au
> > got host host.dsto.defence.gov.au
> > got host host.dsto.defence.gov.au
> > got host host.dsto.defence.gov.au
> > got host host.dsto.defence.gov.au
> > got host host.dsto.defence.gov.au
> > got host host.dsto.defence.gov.au
> > got host host.dsto.defence.gov.au
> > got host host.dsto.defence.gov.au
> > got host host.dsto.defence.gov.au
> > got host host.dsto.defence.gov.au
> >
> > ...
> >
> > relevant code producing this error:
> >
> > /usr/src/usr.sbin/mountd
> >
> > get_host(cp, grp, tgrp)
> > char *cp;
> > struct grouplist *grp;
> > struct grouplist *tgrp;
> > {
> > struct grouplist *checkgrp;
> > struct addrinfo *ai, *tai, hints;
> > int ecode;
> > char host[NI_MAXHOST];
> >
> > if (grp->gr_type != GT_NULL) {
> > syslog(LOG_ERR, "Bad netgroup type for ip host %s", cp);
> > return (1);
> > }
> > memset(&hints, 0, sizeof hints);
> > hints.ai_flags = AI_CANONNAME;
> > hints.ai_protocol = IPPROTO_UDP;
> > ecode = getaddrinfo(cp, NULL, &hints, &ai);
> > if (ecode != 0) {
> > syslog(LOG_ERR,"can't get address info for host %s", cp);
> > return 1;
> > }
> > grp->gr_ptr.gt_addrinfo = ai;
> > while (ai != NULL) {
> > if (ai->ai_canonname == NULL) {
> > if (getnameinfo(ai->ai_addr, ai->ai_addrlen, host,
> > sizeof host, NULL, 0, NI_NUMERICHOST) != 0)
> > strlcpy(host, "?", sizeof(host));
> > ai->ai_canonname = strdup(host);
> > ai->ai_flags |= AI_CANONNAME;
> > }
> > if (debug)
> > fprintf(stderr, "got host %s\n", ai->ai_canonname);
> > /*
> > * Sanity check: make sure we don't already have an entry
> > * for this host in the grouplist.
> > */
> > for (checkgrp = tgrp; checkgrp != NULL;
> > checkgrp = checkgrp->gr_next) {
> > if (checkgrp->gr_type != GT_HOST)
> > continue;
> > for (tai = checkgrp->gr_ptr.gt_addrinfo; tai != NULL;
> > tai = tai->ai_next) {
> > if (sacmp(tai->ai_addr, ai->ai_addr, NULL) != 0)
> > continue;
> > if (debug)
> > fprintf(stderr,
> > "ignoring duplicate host %s\n",
> > ai->ai_canonname);
> > grp->gr_type = GT_IGNORE;
> > return (0);
> > }
> > }
> > ai = ai->ai_next;
> > }
> >
> >
> > Can someone please tell me if there is a limit on the number characters or hosts
> > that mountd(8) can build an export list from ? And if so can we increase it ?
> >
> > Cheers
> >
> > - aW
>
>This reminds me of an old problem I had on a solaris 2.5.1 -- it was not possible
>to have a "large" number of hosts in the netgroup and (thus) in the export list.
>The solution was to split the large netgroup into a number of smaller netgroups,
>and then combine them into a large netgroup using the smaller netgroups' names.
>We did that with a C program, you could also do that in a script.
>
>The problem was a limit of 255 characters on the length of the
>netgroup list.
>
>I still have the program if you are interested.
Thats exactly the type of hack we are wanting to avoid. Thanks anyway.
-aW
More information about the freebsd-current
mailing list