mirrors/nixpkgs
1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-01-22 14:45:27 +00:00
Code Issues Wiki Activity

Merge pull request #22303 from abbradar/nfs4

Browse source 
NFS improvements
This commit is contained in:
Nikolay Amiantov 2017-02-03 20:04:25 +03:00 committed by GitHub
parent 500d48f547 e0e9fddf56
commit 230c97c944
14 changed files with 181 additions and 369 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
nixos/modules/misc/ids.nix
View file

@ -286,6 +286,7 @@
gogs = 268;
pdns-recursor = 269;
kresd = 270;
rpc = 271;
# When adding a uid, make sure it doesn't match an existing gid. And don't use uids above 399!
@ -541,6 +542,7 @@
couchpotato = 267;
gogs = 268;
kresd = 270;
#rpc = 271; # unused
# When adding a gid, make sure it doesn't match an existing
# uid. Users and groups with the same name should have equal

4
nixos/modules/rename.nix
View file

@ -172,6 +172,10 @@ with lib;
(mkRenamedOptionModule [ "services" "locate" "period" ] [ "services" "locate" "interval" ])
(mkRemovedOptionModule [ "services" "locate" "includeStore" ] "Use services.locate.prunePaths" )
# nfs
(mkRenamedOptionModule [ "services" "nfs" "lockdPort" ] [ "services" "nfs" "server" "lockdPort" ])
(mkRenamedOptionModule [ "services" "nfs" "statdPort" ] [ "services" "nfs" "server" "statdPort" ])
# Options that are obsolete and have no replacement.
(mkRemovedOptionModule [ "boot" "initrd" "luks" "enable" ] "")
(mkRemovedOptionModule [ "programs" "bash" "enable" ] "")

101
nixos/modules/services/network-filesystems/nfsd.nix
View file

@ -20,6 +20,7 @@ in
server = {
enable = mkOption {
type = types.bool;
default = false;
description = ''
Whether to enable the kernel's NFS server.
@ -27,6 +28,7 @@ in
};
exports = mkOption {
type = types.lines;
default = "";
description = ''
Contents of the /etc/exports file. See
@ -36,6 +38,7 @@ in
};
hostName = mkOption {
type = types.nullOr types.str;
default = null;
description = ''
Hostname or address on which NFS requests will be accepted.
@ -46,6 +49,7 @@ in
};
nproc = mkOption {
type = types.int;
default = 8;
description = ''
Number of NFS server threads. Defaults to the recommended value of 8.
@ -53,11 +57,13 @@ in
};
createMountPoints = mkOption {
type = types.bool;
default = false;
description = "Whether to create the mount points in the exports file at startup time.";
};
mountdPort = mkOption {
type = types.nullOr types.int;
default = null;
example = 4002;
description = ''
@ -66,11 +72,26 @@ in
};
lockdPort = mkOption {
default = 0;
type = types.nullOr types.int;
default = null;
example = 4001;
description = ''
Fix the lockd port number. This can help setting firewall rules for NFS.
Use a fixed port for the NFS lock manager kernel module
(<literal>lockd/nlockmgr</literal>). This is useful if the
NFS server is behind a firewall.
'';
};
statdPort = mkOption {
type = types.nullOr types.int;
default = null;
example = 4000;
description = ''
Use a fixed port for <command>rpc.statd</command>. This is
useful if the NFS server is behind a firewall.
'';
};
};
};
@ -82,61 +103,42 @@ in
config = mkIf cfg.enable {
services.nfs.extraConfig = ''
[nfsd]
threads=${toString cfg.nproc}
${optionalString (cfg.hostName != null) "host=${cfg.hostName}"}
[mountd]
${optionalString (cfg.mountdPort != null) "port=${toString cfg.mountdPort}"}
[statd]
${optionalString (cfg.statdPort != null) "port=${toString cfg.statdPort}"}
[lockd]
${optionalString (cfg.lockdPort != null) ''
port=${toString cfg.lockdPort}
udp-port=${toString cfg.lockdPort}
''}
'';
services.rpcbind.enable = true;
boot.supportedFilesystems = [ "nfs" ]; # needed for statd and idmapd
environment.systemPackages = [ pkgs.nfs-utils ];
environment.etc.exports.source = exports;
boot.kernelModules = [ "nfsd" ];
systemd.services.nfsd =
{ description = "NFS Server";
systemd.services.nfs-server =
{ enable = true;
wantedBy = [ "multi-user.target" ];
requires = [ "rpcbind.service" "mountd.service" ];
after = [ "rpcbind.service" "mountd.service" "idmapd.service" ];
before = [ "statd.service" ];
path = [ pkgs.nfs-utils ];
script =
''
# Create a state directory required by NFSv4.
mkdir -p /var/lib/nfs/v4recovery
${pkgs.procps}/sbin/sysctl -w fs.nfs.nlm_tcpport=${builtins.toString cfg.lockdPort}
${pkgs.procps}/sbin/sysctl -w fs.nfs.nlm_udpport=${builtins.toString cfg.lockdPort}
rpc.nfsd \
${if cfg.hostName != null then "-H ${cfg.hostName}" else ""} \
${builtins.toString cfg.nproc}
'';
postStop = "rpc.nfsd 0";
serviceConfig.Type = "oneshot";
serviceConfig.RemainAfterExit = true;
};
systemd.services.mountd =
{ description = "NFSv3 Mount Daemon";
requires = [ "rpcbind.service" ];
after = [ "rpcbind.service" "local-fs.target" ];
path = [ pkgs.nfs-utils pkgs.sysvtools pkgs.utillinux ];
systemd.services.nfs-mountd =
{ enable = true;
path = [ pkgs.nfs-utils ];
restartTriggers = [ exports ];
preStart =
''
mkdir -p /var/lib/nfs
touch /var/lib/nfs/rmtab
mountpoint -q /proc/fs/nfsd || mount -t nfsd none /proc/fs/nfsd
${optionalString cfg.createMountPoints
''
# create export directories:
@ -149,15 +151,6 @@ in
exportfs -rav
'';
restartTriggers = [ exports ];
serviceConfig.Type = "forking";
serviceConfig.ExecStart = ''
@${pkgs.nfs-utils}/sbin/rpc.mountd rpc.mountd \
${if cfg.mountdPort != null then "-p ${toString cfg.mountdPort}" else ""}
'';
serviceConfig.Restart = "always";
};
};

52
nixos/modules/services/networking/rpcbind.nix
View file

@ -2,35 +2,6 @@
with lib;
let
netconfigFile = {
target = "netconfig";
source = pkgs.writeText "netconfig" ''
#
# The network configuration file. This file is currently only used in
# conjunction with the TI-RPC code in the libtirpc library.
#
# Entries consist of:
#
# <network_id> <semantics> <flags> <protofamily> <protoname> \
# <device> <nametoaddr_libs>
#
# The <device> and <nametoaddr_libs> fields are always empty in this
# implementation.
#
udp tpi_clts v inet udp - -
tcp tpi_cots_ord v inet tcp - -
udp6 tpi_clts v inet6 udp - -
tcp6 tpi_cots_ord v inet6 tcp - -
rawip tpi_raw - inet - - -
local tpi_cots_ord - loopback - - -
unix tpi_cots_ord - loopback - - -
'';
};
in
{
###### interface
@ -58,25 +29,18 @@ in
###### implementation
config = mkIf config.services.rpcbind.enable {
environment.systemPackages = [ pkgs.rpcbind ];
environment.etc = [ netconfigFile ];
systemd.packages = [ pkgs.rpcbind ];
systemd.services.rpcbind =
{ description = "ONC RPC Directory Service";
wantedBy = [ "multi-user.target" ];
requires = [ "basic.target" ];
after = [ "basic.target" ];
unitConfig.DefaultDependencies = false; # don't stop during shutdown
serviceConfig.Type = "forking";
serviceConfig.ExecStart = "@${pkgs.rpcbind}/bin/rpcbind rpcbind";
};
systemd.services.rpcbind = {
wantedBy = [ "multi-user.target" ];
};
users.extraUsers.rpc = {
group = "nogroup";
uid = config.ids.uids.rpc;
};
};
}

100
nixos/modules/tasks/filesystems/nfs.nix
View file

@ -24,6 +24,8 @@ let
Method = nsswitch
'';
nfsConfFile = pkgs.writeText "nfs.conf" cfg.extraConfig;
cfg = config.services.nfs;
in
@ -32,23 +34,12 @@ in
###### interface
options = {
services.nfs = {
statdPort = mkOption {
default = null;
example = 4000;
extraConfig = mkOption {
type = types.lines;
default = "";
description = ''
Use a fixed port for <command>rpc.statd</command>. This is
useful if the NFS server is behind a firewall.
'';
};
lockdPort = mkOption {
default = null;
example = 4001;
description = ''
Use a fixed port for the NFS lock manager kernel module
(<literal>lockd/nlockmgr</literal>). This is useful if the
NFS server is behind a firewall.
Extra nfs-utils configuration.
'';
};
};
@ -62,69 +53,44 @@ in
system.fsPackages = [ pkgs.nfs-utils ];
boot.extraModprobeConfig = mkIf (cfg.lockdPort != null) ''
options lockd nlm_udpport=${toString cfg.lockdPort} nlm_tcpport=${toString cfg.lockdPort}
'';
boot.kernelModules = [ "sunrpc" ];
boot.initrd.kernelModules = mkIf inInitrd [ "nfs" ];
# FIXME: should use upstream units from nfs-utils.
systemd.packages = [ pkgs.nfs-utils ];
systemd.generator-packages = [ pkgs.nfs-utils ];
systemd.services.statd =
{ description = "NFSv3 Network Status Monitor";
environment.etc = {
"idmapd.conf".source = idmapdConfFile;
"nfs.conf".source = nfsConfFile;
};
path = [ pkgs.nfs-utils pkgs.sysvtools pkgs.utillinux ];
wants = [ "remote-fs-pre.target" ];
before = [ "remote-fs-pre.target" ];
wantedBy = [ "remote-fs.target" ];
requires = [ "basic.target" "rpcbind.service" ];
after = [ "basic.target" "rpcbind.service" ];
unitConfig.DefaultDependencies = false; # don't stop during shutdown
preStart =
''
mkdir -p ${nfsStateDir}/sm
mkdir -p ${nfsStateDir}/sm.bak
sm-notify -d
'';
serviceConfig.Type = "forking";
serviceConfig.ExecStart = ''
@${pkgs.nfs-utils}/sbin/rpc.statd rpc.statd --no-notify \
${if cfg.statdPort != null then "-p ${toString cfg.statdPort}" else ""}
'';
serviceConfig.Restart = "always";
systemd.services.nfs-blkmap =
{ restartTriggers = [ nfsConfFile ];
};
systemd.services.idmapd =
{ description = "NFSv4 ID Mapping Daemon";
systemd.targets.nfs-client =
{ wantedBy = [ "multi-user.target" "remote-fs.target" ];
};
path = [ pkgs.sysvtools pkgs.utillinux ];
systemd.services.nfs-idmapd =
{ restartTriggers = [ idmapdConfFile ];
};
wants = [ "remote-fs-pre.target" ];
before = [ "remote-fs-pre.target" ];
wantedBy = [ "remote-fs.target" ];
requires = [ "rpcbind.service" ];
after = [ "rpcbind.service" ];
systemd.services.nfs-mountd =
{ restartTriggers = [ nfsConfFile ];
enable = mkDefault false;
};
preStart =
''
mkdir -p ${rpcMountpoint}
mount -t rpc_pipefs rpc_pipefs ${rpcMountpoint}
'';
systemd.services.nfs-server =
{ restartTriggers = [ nfsConfFile ];
enable = mkDefault false;
};
postStop =
''
umount ${rpcMountpoint}
'';
systemd.services.rpc-gssd =
{ restartTriggers = [ nfsConfFile ];
};
serviceConfig.Type = "forking";
serviceConfig.ExecStart = "@${pkgs.nfs-utils}/sbin/rpc.idmapd rpc.idmapd -c ${idmapdConfFile}";
serviceConfig.Restart = "always";
systemd.services.rpc-statd =
{ restartTriggers = [ nfsConfFile ];
};
};

23
pkgs/os-specific/linux/keyutils/default.nix
View file

@ -1,23 +1,26 @@
{ stdenv, fetchurl, gnumake, file }:
stdenv.mkDerivation rec {
name = "keyutils-1.5.9";
name = "keyutils-${version}";
version = "1.5.9";
src = fetchurl {
url = "http://people.redhat.com/dhowells/keyutils/${name}.tar.bz2";
sha256 = "1bl3w03ygxhc0hz69klfdlwqn33jvzxl1zfl2jmnb2v85iawb8jd";
};
buildInputs = [ file ];
outputs = [ "out" "lib" "dev" ];
patchPhase = ''
sed -i -e "s, /usr/bin/make, ${gnumake}/bin/make," \
-e "s, /usr, ," \
-e "s,\$(LNS) \$(LIBDIR)/\$(SONAME),\$(LNS) \$(SONAME)," \
Makefile
'';
installPhase = "make install DESTDIR=$out";
installFlags = [
"ETCDIR=$(out)/etc"
"BINDIR=$(out)/bin"
"SBINDIR=$(out)/sbin"
"SHAREDIR=$(out)/share/keyutils"
"MANDIR=$(out)/share/man"
"INCLUDEDIR=$(dev)/include"
"LIBDIR=$(lib)/lib"
"USRLIBDIR=$(lib)/lib"
];
meta = with stdenv.lib; {
homepage = http://people.redhat.com/dhowells/keyutils/;

78
pkgs/os-specific/linux/nfs-utils/default.nix
View file

@ -1,48 +1,69 @@
{ fetchurl, stdenv, tcp_wrappers, utillinux, libcap, libtirpc, libevent, libnfsidmap
, lvm2, e2fsprogs, python, sqlite
{ stdenv, fetchurl, lib, pkgconfig, utillinux, libcap, libtirpc, libevent, libnfsidmap
, sqlite, kerberos, kmod, libuuid, keyutils, lvm2, systemd, coreutils, tcp_wrappers
}:
stdenv.mkDerivation rec {
name = "nfs-utils-1.3.3";
let
statdPath = lib.makeBinPath [ systemd utillinux coreutils ];
in stdenv.mkDerivation rec {
name = "nfs-utils-${version}";
version = "2.1.1";
src = fetchurl {
url = "mirror://sourceforge/nfs/${name}.tar.bz2";
sha256 = "1svn27j5c873nixm46l111g7cgyaj5zd51ahfq8mx5v9m3vh93py";
sha256 = "02dvxphndpm8vpqqnl0zvij97dq9vsq2a179pzrjcv2i91ll2a0a";
};
buildInputs =
[ tcp_wrappers utillinux libcap libtirpc libevent libnfsidmap
lvm2 e2fsprogs python sqlite
];
nativeBuildInputs = [ pkgconfig ];
buildInputs = [
libtirpc libcap libevent libnfsidmap sqlite lvm2
libuuid keyutils kerberos tcp_wrappers
];
enableParallelBuilding = true;
# FIXME: Add the dependencies needed for NFSv4 and TI-RPC.
configureFlags =
[ "--disable-gss"
[ "--enable-gss"
"--with-statedir=/var/lib/nfs"
"--with-tirpcinclude=${libtirpc}/include/tirpc"
"--with-krb5=${kerberos}"
"--with-systemd=$(out)/etc/systemd/system"
"--enable-libmount-mount"
]
++ stdenv.lib.optional (stdenv ? glibc) "--with-rpcgen=${stdenv.glibc.bin}/bin/rpcgen";
++ lib.optional (stdenv ? glibc) "--with-rpcgen=${stdenv.glibc.bin}/bin/rpcgen";
patchPhase =
postPatch =
''
for i in "tests/"*.sh
do
sed -i "$i" -e's|/bin/bash|/bin/sh|g'
chmod +x "$i"
done
sed -i s,/usr/sbin,$out/sbin, utils/statd/statd.c
patchShebangs tests
sed -i "s,/usr/sbin,$out/bin,g" utils/statd/statd.c
sed -i "s,^PATH=.*,PATH=$out/bin:${statdPath}," utils/statd/start-statd
configureFlags="--with-start-statd=$out/bin/start-statd $configureFlags"
'';
preBuild =
makeFlags = [
"sbindir=$(out)/bin"
"generator_dir=$(out)/etc/systemd/system-generators"
];
installFlags = [
"statedir=$(TMPDIR)"
"statdpath=$(TMPDIR)"
];
postInstall =
''
makeFlags="sbindir=$out/sbin"
installFlags="statedir=$TMPDIR statdpath=$TMPDIR" # hack to make `make install' work
# Not used on NixOS
sed -i \
-e "s,/sbin/modprobe,${kmod}/bin/modprobe,g" \
-e "s,/usr/sbin,$out/bin,g" \
$out/etc/systemd/system/*
'';
# One test fails on mips.
doCheck = !stdenv.isMips;
meta = {
meta = with stdenv.lib; {
description = "Linux user-space NFS utilities";
longDescription = ''
@ -51,10 +72,9 @@ stdenv.mkDerivation rec {
daemons.
'';
homepage = http://nfs.sourceforge.net/;
license = stdenv.lib.licenses.gpl2;
platforms = stdenv.lib.platforms.linux;
maintainers = [ ];
homepage = "https://sourceforge.net/projects/nfs/";
license = licenses.gpl2;
platforms = platforms.linux;
maintainers = with maintainers; [ abbradar ];
};
}

41
pkgs/os-specific/linux/tcp-wrappers/default.nix
View file

@ -1,40 +1,30 @@
{ fetchurl, stdenv }:
stdenv.mkDerivation {
name = "tcp-wrappers-7.6";
stdenv.mkDerivation rec {
name = "tcp-wrappers-${version}";
version = "7.6.q";
src = fetchurl {
url = mirror://debian/pool/main/t/tcp-wrappers/tcp-wrappers_7.6.dbs.orig.tar.gz;
sha256 = "0k68ziinx6biwar5lcb9jvv0rp6b3vmj6861n75bvrz4w1piwkdp";
url = "mirror://debian/pool/main/t/tcp-wrappers/tcp-wrappers_${version}.orig.tar.gz";
sha256 = "0p9ilj4v96q32klavx0phw9va21fjp8vpk11nbh6v2ppxnnxfhwm";
};
patches = [
(fetchurl {
url = mirror://debian/pool/main/t/tcp-wrappers/tcp-wrappers_7.6.dbs-13.diff.gz;
sha256 = "071ir20rh8ckhgrc0y99wgnlbqjgkprf0qwbv84lqw5i6qajbcnh";
})
];
debian = fetchurl {
url = "mirror://debian/pool/main/t/tcp-wrappers/tcp-wrappers_${version}-24.debian.tar.xz";
sha256 = "1kgax35rwaj5q8nf8fw60aczvxj99h2jjp7iv1f82y85yz9x0ak7";
};
prePatch = ''
cd upstream/tarballs
tar xzvf *
cd tcp_wrappers_7.6
tar -xaf $debian
shopt -s extglob
patches="$(echo debian/patches/!(series)) $patches"
'';
postPatch = ''
for patch in debian/patches/*; do
echo "applying Debian patch \`$(basename $patch)'..."
patch --batch -p1 < $patch
done
'';
buildPhase = ''
make REAL_DAEMON_DIR="$out/sbin" linux
'';
makeFlags = [ "REAL_DAEMON_DIR=$(out)/bin" "linux" ];
installPhase = ''
mkdir -p "$out/sbin"
cp -v safe_finger tcpd tcpdchk tcpdmatch try-from "$out/sbin"
mkdir -p "$out/bin"
cp -v safe_finger tcpd tcpdchk tcpdmatch try-from "$out/bin"
mkdir -p "$out/lib"
cp -v shared/lib*.so* "$out/lib"
@ -42,7 +32,6 @@ stdenv.mkDerivation {
mkdir -p "$out/include"
cp -v *.h "$out/include"
mkdir -p "$out/man"
for i in 3 5 8;
do
mkdir -p "$out/man/man$i"

45
pkgs/servers/portmap/default.nix
View file

@ -1,45 +0,0 @@
{ fetchurl, stdenv, lib, tcp_wrappers
, daemonUser ? false, daemonUID ? false, daemonGID ? false }:
assert daemonUser -> (!daemonUID && !daemonGID);
stdenv.mkDerivation rec {
name = "portmap-6.0";
src = fetchurl {
url = "http://neil.brown.name/portmap/${name}.tgz";
sha256 = "1pj13ll4mbfwjwpn3fbg03qq9im6v2i8fcpa3ffp4viykz9j1j02";
};
patches = [ ./reuse-socket.patch ];
postPatch = ''
substituteInPlace "Makefile" --replace "/usr/share" "" \
--replace "install -o root -g root" "install"
'';
makeFlags =
lib.optional (daemonUser != false) "RPCUSER=\"${daemonUser}\""
++ lib.optional (daemonUID != false) "DAEMON_UID=${toString daemonUID}"
++ lib.optional (daemonGID != false) "DAEMON_GID=${toString daemonGID}";
buildInputs = [ tcp_wrappers ];
installPhase = ''
mkdir -p "$out/sbin" "$out/man/man8"
make install BASEDIR=$out
'';
meta = {
description = "ONC RPC portmapper";
longDescription = ''
Portmap is part of the ONC RPC software collection implementing
remote procedure calls (RPCs) between computer programs. It is
widely used by NFS and NIS, among others.
'';
homepage = http://neil.brown.name/portmap/;
license = "BSD";
platforms = stdenv.lib.platforms.linux;
};
}

38
pkgs/servers/portmap/reuse-socket.patch
View file

@ -1,38 +0,0 @@
Set SO_REUSEADDR to ensure that portmap can restart properly.
https://bugs.launchpad.net/ubuntu/+source/portmap/+bug/688550
===================================================================
--- portmap-6.0.0.orig/portmap.c 2011-03-16 20:43:26.000000000 +0100
+++ portmap-6.0.0/portmap.c 2011-03-17 07:30:17.000000000 +0100
@@ -142,9 +142,9 @@
* loopback interface address.
*/
+static int on = 1;
#ifdef LOOPBACK_SETUNSET
static SVCXPRT *ludpxprt, *ltcpxprt;
-static int on = 1;
#ifndef INADDR_LOOPBACK
#define INADDR_LOOPBACK ntohl(inet_addr("127.0.0.1"))
#endif
@@ -399,9 +399,7 @@
syslog(LOG_ERR, "cannot create udp socket: %m");
exit(1);
}
-#ifdef LOOPBACK_SETUNSET
setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, &on, sizeof on);
-#endif
memset((char *) &addr, 0, sizeof(addr));
addr.sin_addr.s_addr = 0;
@@ -434,9 +432,7 @@
syslog(LOG_ERR, "cannot create tcp socket: %m");
exit(1);
}
-#ifdef LOOPBACK_SETUNSET
setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, &on, sizeof on);
-#endif
if (bind(sock, (struct sockaddr *)&addr, len) != 0) {
syslog(LOG_ERR, "cannot bind tcp: %m");
exit(1);

43
pkgs/servers/rpcbind/0001-handle_reply-Don-t-use-the-xp_auth-pointer-directly.patch
View file

@ -1,43 +0,0 @@
From 9194122389f2a56b1cd1f935e64307e2e963c2da Mon Sep 17 00:00:00 2001
From: Steve Dickson <steved@redhat.com>
Date: Mon, 2 Nov 2015 17:05:18 -0500
Subject: [PATCH] handle_reply: Don't use the xp_auth pointer directly
In the latest libtirpc version to access the xp_auth
one must use the SVC_XP_AUTH macro. To be backwards
compatible a couple ifdefs were added to use the
macro when it exists.
Upstream-Status: Backport
Signed-off-by: Steve Dickson <steved@redhat.com>
Signed-off-by: Maxin B. John <maxin.john@intel.com>
---
src/rpcb_svc_com.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c
index 4ae93f1..22d6c84 100644
--- a/src/rpcb_svc_com.c
+++ b/src/rpcb_svc_com.c
@@ -1295,10 +1295,17 @@ handle_reply(int fd, SVCXPRT *xprt)
a.rmt_localvers = fi->versnum;
xprt_set_caller(xprt, fi);
+#if defined(SVC_XP_AUTH)
+ SVC_XP_AUTH(xprt) = svc_auth_none;
+#else
xprt->xp_auth = &svc_auth_none;
+#endif
svc_sendreply(xprt, (xdrproc_t) xdr_rmtcall_result, (char *) &a);
+#if !defined(SVC_XP_AUTH)
SVCAUTH_DESTROY(xprt->xp_auth);
xprt->xp_auth = NULL;
+#endif
+
done:
if (buffer)
free(buffer);
--
2.4.0

19
pkgs/servers/rpcbind/default.nix
View file

@ -1,28 +1,27 @@
{ fetchurl, fetchpatch, stdenv, pkgconfig, libtirpc
{ fetchurl, stdenv, pkgconfig, libtirpc
, useSystemd ? true, systemd }:
let version = "0.2.3";
in stdenv.mkDerivation rec {
stdenv.mkDerivation rec {
name = "rpcbind-${version}";
version = "0.2.4";
src = fetchurl {
url = "mirror://sourceforge/rpcbind/${version}/${name}.tar.bz2";
sha256 = "0yyjzv4161rqxrgjcijkrawnk55rb96ha0pav48s03l2klx855wq";
sha256 = "0rjc867mdacag4yqvs827wqhkh27135rp9asj06ixhf71m9rljh7";
};
patches = [
./sunrpc.patch
./0001-handle_reply-Don-t-use-the-xp_auth-pointer-directly.patch
(fetchpatch {
url = "https://sources.debian.net/data/main/r/rpcbind/0.2.3-0.5/debian/patches/CVE-2015-7236.patch";
sha256 = "1wsv5j8f5djzxr11n4027x107cam1avmx9w34g6l5d9s61j763wq";
})
];
buildInputs = [ libtirpc ]
++ stdenv.lib.optional useSystemd systemd;
configureFlags = stdenv.lib.optional (!useSystemd) "--with-systemdsystemunitdir=no";
configureFlags = [
"--with-systemdsystemunitdir=${if useSystemd then "$(out)/etc/systemd/system" else "no"}"
"--enable-warmstarts"
"--with-rpcuser=rpc"
];
nativeBuildInputs = [ pkgconfig ];

2
pkgs/top-level/all-packages.nix
View file

@ -10482,8 +10482,6 @@ with pkgs;
pies = callPackage ../servers/pies { };
portmap = callPackage ../servers/portmap { };
rpcbind = callPackage ../servers/rpcbind { };
mariadb = callPackage ../servers/sql/mariadb {

2
pkgs/top-level/release-small.nix
View file

@ -127,12 +127,12 @@ with import ./release-lib.nix { inherit supportedSystems; };
perl = all;
pkgconfig = all;
pmccabe = linux;
portmap = linux;
procps = linux;
python = allBut cygwin;
readline = all;
rlwrap = all;
rpm = linux;
rpcbind = linux;
rsync = linux;
screen = linux ++ darwin;
scrot = linux;