From nobody Thu Jun 19 20:01:23 2025 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4bNWhM3xrjz5PSrC; Thu, 19 Jun 2025 20:01:23 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4bNWhM1Slrz3Clc; Thu, 19 Jun 2025 20:01:23 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1750363283; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=icANkMNJpdI9ZS1/nagUdF3+dvXeLJJwjW+T7pBNOnU=; b=yNywmgQ3hBk9PrahzjdSz3pf7RqR4ok4OlLdGFZfV4jPOjkibjgu58tk1xCT/trn1KYTSJ piWImZLKIQ3VdCwNVgXEu5wAL3r124ZDaIKoruyB3abRMduQ6H02hunj7TDB/zsOx0uW3W oXF2DQUwvXgq39pdckwHoTnSnM3MVxPyeD3JI+Fu+5LOfGLexJ4QG29pniU3Z3N6K/pAld 0ld1kx5HZvjEe1iyMduQbur2ohM7K10ZqmwbDSjVSTMLG9UdAOYX1bpqK6Xr9pT7+wWkGm 0dkIgM2x1R5lw5/tLSOonYZvjaJ3RxR8GHrFhGDmK/gXXu7MkNcmNjnjLq/5hw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1750363283; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=icANkMNJpdI9ZS1/nagUdF3+dvXeLJJwjW+T7pBNOnU=; b=Z4yESdDQy1+RZA6HuWOP0CqjbolpdQQpIiaHPXuIywZVM3WqdXJl+02gDvHXX9tiXlBQb5 zcGQDRl1MhX9G8uoCJz8/6+LA8BiCllzXt9HuM0NpEMtanTQEEKspzdICnQSBfAXDA1g2G aX8D95Jd65fVjZ3K8hZy/SohoaC6rJGHNblrsth9oUn27G4xlIIV6vlvp5hOcoy2NDbaGT DJRokXAY9zAh779jY3JFR96H8yKr6O6Sesz0srhR6dPc3V2few0ArKCkNMoNoD+MmPGvLM UVIJwQ2rdYbAPfTRQ9S8NHdu1JFXRaWs2mznb0oO0pwtw+MnoFnOEuSnQb7L8A== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1750363283; a=rsa-sha256; cv=none; b=ZrUsvaS9iqkKu7HDxFbjQTThpAuaEsGt2uzHhwyFgHcLFojZjlrx6x+jLaaajzGY26320+ KtyRCKko14DERu8iafpjqePDKrcaEvUyf4TwHpYltwQlPU0DBjqHkruGt16IRBgIcoFAYm YMjGXA91UWVG4NOhfc/oQ6P3Ow/CvHtT5GuJzunfEFvU499admhGjtzQhSYCTTIlvh5Nu9 H6Ox530BdPChF9J/4GzxVFVS77pHn1hXLkw+doHjJAdXJjXOueMzOBNXhaxoa+5InM8y/T C5nxD1FM1L74iyFyPotnhH+k9770ztrE4b5+DKQC1sHHMILLW0lQnck+X2tOSg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4bNWhM10cPz1RyV; Thu, 19 Jun 2025 20:01:23 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 55JK1NTu039146; Thu, 19 Jun 2025 20:01:23 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 55JK1Nkg039143; Thu, 19 Jun 2025 20:01:23 GMT (envelope-from git) Date: Thu, 19 Jun 2025 20:01:23 GMT Message-Id: <202506192001.55JK1Nkg039143@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Gleb Smirnoff Subject: git: 421d49371d33 - stable/14 - mount_nfs: make temporary DNS failure non-fatal with background mode List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: glebius X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: 421d49371d33aa475099d592738ecccbd1782b0e Auto-Submitted: auto-generated The branch stable/14 has been updated by glebius: URL: https://cgit.FreeBSD.org/src/commit/?id=421d49371d33aa475099d592738ecccbd1782b0e commit 421d49371d33aa475099d592738ecccbd1782b0e Author: Gleb Smirnoff AuthorDate: 2025-03-28 21:31:54 +0000 Commit: Gleb Smirnoff CommitDate: 2025-06-19 20:01:01 +0000 mount_nfs: make temporary DNS failure non-fatal with background mode Typical problem with network mounts is remote equipment not being available when our host boots up after a power failure. Even if you properly configure boot order of all local services and wait for link coming up on your NIC, you still may boot faster than some intermediate switch on the network or the DNS server itself. Let's refer to this as a "server room boot race". For NFS mounts with hostname in hosts(5) the race is addressed by a retry loop on NFS mount timeout. However, a DNS resolution timeout is treated differently to NFS mount timeout. We fail on the former and keep retrying on the latter. With feedback received on current@, I see that the problem is so old, that people got used to it and see it as a desired behavior rather than a problem. And for those who is affected by the problem, they suggest hosts(5) as a solution. Note that using hosts(5) isn't scalable, and using bare IP addresses is neither scalable, nor compatible with Kerberized mounts. A trade-off solution would be to enable the retry cycle over DNS timeouts only when background mode is specified, which is a typical use in fstab(5) and very uncommon in a command line. That would address the server room boot race problem without breaking POLA for command line. Reviewed by: rmacklem Differential Revision: https://reviews.freebsd.org/D49145 (cherry picked from commit 5fa093b6efcb7eb16a17d9830dbd4404bff5a565) --- sbin/mount_nfs/mount_nfs.c | 59 ++++++++++++++++++++++++++-------------------- 1 file changed, 34 insertions(+), 25 deletions(-) diff --git a/sbin/mount_nfs/mount_nfs.c b/sbin/mount_nfs/mount_nfs.c index 5c194a1c3676..82568a9a56de 100644 --- a/sbin/mount_nfs/mount_nfs.c +++ b/sbin/mount_nfs/mount_nfs.c @@ -599,6 +599,7 @@ getnfsargs(char **specp, char **hostpp, struct iovec **iov, int *iovlen) char *hostp, *delimp, *errstr, *spec; size_t len; static char nam[MNAMELEN + 1], pname[MAXHOSTNAMELEN + 5]; + bool resolved; spec = *specp; if (*spec == '[' && (delimp = strchr(spec + 1, ']')) != NULL && @@ -655,30 +656,7 @@ getnfsargs(char **specp, char **hostpp, struct iovec **iov, int *iovlen) else if (nfsproto == IPPROTO_UDP) hints.ai_socktype = SOCK_DGRAM; - if (getaddrinfo(hostp, portspec, &hints, &ai_nfs) != 0) { - hints.ai_flags = AI_CANONNAME; - if ((ecode = getaddrinfo(hostp, portspec, &hints, &ai_nfs)) - != 0) { - if (portspec == NULL) - errx(1, "%s: %s", hostp, gai_strerror(ecode)); - else - errx(1, "%s:%s: %s", hostp, portspec, - gai_strerror(ecode)); - return (0); - } - - /* - * For a Kerberized nfs mount where the "principal" - * argument has not been set, add it here. - */ - if (got_principal == 0 && secflavor != AUTH_SYS && - ai_nfs->ai_canonname != NULL) { - snprintf(pname, sizeof (pname), "nfs@%s", - ai_nfs->ai_canonname); - build_iovec(iov, iovlen, "principal", pname, - strlen(pname) + 1); - } - } + resolved = (getaddrinfo(hostp, portspec, &hints, &ai_nfs) == 0); if ((opflags & (BGRNDNOW | ISBGRND)) == BGRNDNOW) { warnx("Mount %s:%s, backgrounding", @@ -690,6 +668,37 @@ getnfsargs(char **specp, char **hostpp, struct iovec **iov, int *iovlen) ret = TRYRET_LOCALERR; for (;;) { + if (!resolved) { + hints.ai_flags = AI_CANONNAME; + if ((ecode = getaddrinfo(hostp, portspec, &hints, + &ai_nfs)) != 0) { + if (portspec == NULL) + warnx("%s: %s", hostp, + gai_strerror(ecode)); + else + warnx("%s:%s: %s", hostp, portspec, + gai_strerror(ecode)); + if (ecode == EAI_AGAIN && + (opflags & (BGRNDNOW | BGRND))) + goto retry; + else + exit(1); + } + resolved = true; + /* + * For a Kerberized nfs mount where the + * "principal" argument has not been set, add + * it here. + */ + if (got_principal == 0 && secflavor != AUTH_SYS && + ai_nfs->ai_canonname != NULL) { + snprintf(pname, sizeof (pname), "nfs@%s", + ai_nfs->ai_canonname); + build_iovec(iov, iovlen, "principal", pname, + strlen(pname) + 1); + } + } + /* * Try each entry returned by getaddrinfo(). Note the * occurrence of remote errors by setting `remoteerr'. @@ -717,7 +726,7 @@ getnfsargs(char **specp, char **hostpp, struct iovec **iov, int *iovlen) /* Exit if all errors were local. */ if (!remoteerr) exit(1); - +retry: /* * If retrycnt == 0, we are to keep retrying forever. * Otherwise decrement it, and exit if it hits zero.