mirror of
https://git.FreeBSD.org/src.git
synced 2024-11-28 08:02:54 +00:00
Log all failed mount attempts.
Also add a flag (-l) so mountd will also log all succeeded requests to mountd.
This commit is contained in:
parent
6aa5dc4099
commit
f51631d732
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=31656
@ -30,7 +30,7 @@
|
||||
.\" SUCH DAMAGE.
|
||||
.\"
|
||||
.\" @(#)mountd.8 8.4 (Berkeley) 4/28/95
|
||||
.\" $Id: mountd.8,v 1.9 1997/04/09 20:25:43 guido Exp $
|
||||
.\" $Id: mountd.8,v 1.10 1997/04/22 10:37:27 dfr Exp $
|
||||
.\"
|
||||
.Dd April 28, 1995
|
||||
.Dt MOUNTD 8
|
||||
@ -42,7 +42,7 @@
|
||||
mount requests
|
||||
.Sh SYNOPSIS
|
||||
.Nm /sbin/mountd
|
||||
.Op Fl 2nr
|
||||
.Op Fl 2nrl
|
||||
.Op Ar exportsfile
|
||||
.Sh DESCRIPTION
|
||||
.Xr Mountd
|
||||
@ -87,6 +87,10 @@ the entire file system in which the swapfiles resides
|
||||
will have to be exported with the
|
||||
.Fl alldirs
|
||||
flag.
|
||||
.It Fl l
|
||||
The
|
||||
.Fl l
|
||||
option will cause all succeeded mountd requests to be logged.
|
||||
.It Ar exportsfile
|
||||
The
|
||||
.Ar exportsfile
|
||||
|
@ -43,7 +43,7 @@ static char copyright[] =
|
||||
#ifndef lint
|
||||
/*static char sccsid[] = "@(#)mountd.c 8.15 (Berkeley) 5/1/95"; */
|
||||
static const char rcsid[] =
|
||||
"$Id: mountd.c,v 1.23 1997/08/29 19:22:28 guido Exp $";
|
||||
"$Id: mountd.c,v 1.24 1997/09/12 16:25:24 jlemon Exp $";
|
||||
#endif /*not lint*/
|
||||
|
||||
#include <sys/param.h>
|
||||
@ -224,6 +224,7 @@ struct ucred def_anon = {
|
||||
int force_v2 = 0;
|
||||
int resvport_only = 1;
|
||||
int dir_only = 1;
|
||||
int log = 1;
|
||||
int opt_flags;
|
||||
/* Bits for above */
|
||||
#define OP_MAPROOT 0x01
|
||||
@ -272,7 +273,7 @@ main(argc, argv)
|
||||
errx(1, "NFS support is not available in the running kernel");
|
||||
#endif /* __FreeBSD__ */
|
||||
|
||||
while ((c = getopt(argc, argv, "2dnr")) != -1)
|
||||
while ((c = getopt(argc, argv, "2dnrl")) != -1)
|
||||
switch (c) {
|
||||
case '2':
|
||||
force_v2 = 1;
|
||||
@ -286,8 +287,11 @@ main(argc, argv)
|
||||
case 'd':
|
||||
debug = debug ? 0 : 1;
|
||||
break;
|
||||
case 'l':
|
||||
log = 1;
|
||||
break;
|
||||
default:
|
||||
fprintf(stderr, "Usage: mountd [-d] [-r] [-n] [export_file]\n");
|
||||
fprintf(stderr, "Usage: mountd [-d] [-r] [-n] [-l] [export_file]\n");
|
||||
exit(1);
|
||||
};
|
||||
argc -= optind;
|
||||
@ -371,6 +375,7 @@ mntsrv(rqstp, transp)
|
||||
struct stat stb;
|
||||
struct statfs fsb;
|
||||
struct hostent *hp;
|
||||
struct in_addr saddrin;
|
||||
u_long saddr;
|
||||
u_short sport;
|
||||
char rpcpath[RPCMNT_PATHLEN + 1], dirpath[MAXPATHLEN];
|
||||
@ -380,6 +385,7 @@ mntsrv(rqstp, transp)
|
||||
sigemptyset(&sighup_mask);
|
||||
sigaddset(&sighup_mask, SIGHUP);
|
||||
saddr = transp->xp_raddr.sin_addr.s_addr;
|
||||
saddrin = transp->xp_raddr.sin_addr;
|
||||
sport = ntohs(transp->xp_raddr.sin_port);
|
||||
hp = (struct hostent *)NULL;
|
||||
switch (rqstp->rq_proc) {
|
||||
@ -389,10 +395,15 @@ mntsrv(rqstp, transp)
|
||||
return;
|
||||
case RPCMNT_MOUNT:
|
||||
if (sport >= IPPORT_RESERVED && resvport_only) {
|
||||
syslog(LOG_NOTICE,
|
||||
"mount request from %s from unprivileged port",
|
||||
inet_ntoa(saddrin));
|
||||
svcerr_weakauth(transp);
|
||||
return;
|
||||
}
|
||||
if (!svc_getargs(transp, xdr_dir, rpcpath)) {
|
||||
syslog(LOG_NOTICE, "undecodable mount request from %s",
|
||||
inet_ntoa(saddrin));
|
||||
svcerr_decode(transp);
|
||||
return;
|
||||
}
|
||||
@ -408,6 +419,9 @@ mntsrv(rqstp, transp)
|
||||
(dir_only || !S_ISREG(stb.st_mode))) ||
|
||||
statfs(dirpath, &fsb) < 0) {
|
||||
chdir("/"); /* Just in case realpath doesn't */
|
||||
syslog(LOG_NOTICE,
|
||||
"mount request from %s for non existant path %s",
|
||||
inet_ntoa(saddrin), dirpath);
|
||||
if (debug)
|
||||
fprintf(stderr, "stat failed on %s\n", dirpath);
|
||||
bad = ENOENT; /* We will send error reply later */
|
||||
@ -453,12 +467,20 @@ mntsrv(rqstp, transp)
|
||||
if (hp)
|
||||
add_mlist(hp->h_name, dirpath);
|
||||
else
|
||||
add_mlist(inet_ntoa(transp->xp_raddr.sin_addr),
|
||||
add_mlist(inet_ntoa(saddrin),
|
||||
dirpath);
|
||||
if (debug)
|
||||
fprintf(stderr,"Mount successfull.\n");
|
||||
} else
|
||||
if (log)
|
||||
syslog(LOG_NOTICE,
|
||||
"mount request succeeded from %s for %s",
|
||||
inet_ntoa(saddrin), dirpath);
|
||||
} else {
|
||||
bad = EACCES;
|
||||
syslog(LOG_NOTICE,
|
||||
"mount request denied from %s for %s",
|
||||
inet_ntoa(saddrin), dirpath);
|
||||
}
|
||||
|
||||
if (bad && !svc_sendreply(transp, xdr_long, (caddr_t)&bad))
|
||||
syslog(LOG_ERR, "Can't send reply");
|
||||
@ -467,13 +489,22 @@ mntsrv(rqstp, transp)
|
||||
case RPCMNT_DUMP:
|
||||
if (!svc_sendreply(transp, xdr_mlist, (caddr_t)NULL))
|
||||
syslog(LOG_ERR, "Can't send reply");
|
||||
else if (log)
|
||||
syslog(LOG_NOTICE,
|
||||
"dump request succeeded from %s",
|
||||
inet_ntoa(saddrin), dirpath);
|
||||
return;
|
||||
case RPCMNT_UMOUNT:
|
||||
if (sport >= IPPORT_RESERVED && resvport_only) {
|
||||
syslog(LOG_NOTICE,
|
||||
"umount request from %s from unprivileged port",
|
||||
inet_ntoa(saddrin));
|
||||
svcerr_weakauth(transp);
|
||||
return;
|
||||
}
|
||||
if (!svc_getargs(transp, xdr_dir, dirpath)) {
|
||||
syslog(LOG_NOTICE, "undecodable umount request from %s",
|
||||
inet_ntoa(saddrin));
|
||||
svcerr_decode(transp);
|
||||
return;
|
||||
}
|
||||
@ -482,10 +513,17 @@ mntsrv(rqstp, transp)
|
||||
hp = gethostbyaddr((caddr_t)&saddr, sizeof(saddr), AF_INET);
|
||||
if (hp)
|
||||
del_mlist(hp->h_name, dirpath);
|
||||
del_mlist(inet_ntoa(transp->xp_raddr.sin_addr), dirpath);
|
||||
del_mlist(inet_ntoa(saddrin), dirpath);
|
||||
if (log)
|
||||
syslog(LOG_NOTICE,
|
||||
"umount request succeeded from %s for %s",
|
||||
inet_ntoa(saddrin), dirpath);
|
||||
return;
|
||||
case RPCMNT_UMNTALL:
|
||||
if (sport >= IPPORT_RESERVED && resvport_only) {
|
||||
syslog(LOG_NOTICE,
|
||||
"umountall request from %s from unprivileged port",
|
||||
inet_ntoa(saddrin));
|
||||
svcerr_weakauth(transp);
|
||||
return;
|
||||
}
|
||||
@ -494,11 +532,19 @@ mntsrv(rqstp, transp)
|
||||
hp = gethostbyaddr((caddr_t)&saddr, sizeof(saddr), AF_INET);
|
||||
if (hp)
|
||||
del_mlist(hp->h_name, (char *)NULL);
|
||||
del_mlist(inet_ntoa(transp->xp_raddr.sin_addr), (char *)NULL);
|
||||
del_mlist(inet_ntoa(saddrin), (char *)NULL);
|
||||
if (log)
|
||||
syslog(LOG_NOTICE,
|
||||
"umountall request succeeded from %s",
|
||||
inet_ntoa(saddrin));
|
||||
return;
|
||||
case RPCMNT_EXPORT:
|
||||
if (!svc_sendreply(transp, xdr_explist, (caddr_t)NULL))
|
||||
syslog(LOG_ERR, "Can't send reply");
|
||||
if (log)
|
||||
syslog(LOG_NOTICE,
|
||||
"export request succeeded from %s",
|
||||
inet_ntoa(saddrin));
|
||||
return;
|
||||
default:
|
||||
svcerr_noproc(transp);
|
||||
|
@ -30,7 +30,7 @@
|
||||
.\" SUCH DAMAGE.
|
||||
.\"
|
||||
.\" @(#)mountd.8 8.4 (Berkeley) 4/28/95
|
||||
.\" $Id: mountd.8,v 1.9 1997/04/09 20:25:43 guido Exp $
|
||||
.\" $Id: mountd.8,v 1.10 1997/04/22 10:37:27 dfr Exp $
|
||||
.\"
|
||||
.Dd April 28, 1995
|
||||
.Dt MOUNTD 8
|
||||
@ -42,7 +42,7 @@
|
||||
mount requests
|
||||
.Sh SYNOPSIS
|
||||
.Nm /sbin/mountd
|
||||
.Op Fl 2nr
|
||||
.Op Fl 2nrl
|
||||
.Op Ar exportsfile
|
||||
.Sh DESCRIPTION
|
||||
.Xr Mountd
|
||||
@ -87,6 +87,10 @@ the entire file system in which the swapfiles resides
|
||||
will have to be exported with the
|
||||
.Fl alldirs
|
||||
flag.
|
||||
.It Fl l
|
||||
The
|
||||
.Fl l
|
||||
option will cause all succeeded mountd requests to be logged.
|
||||
.It Ar exportsfile
|
||||
The
|
||||
.Ar exportsfile
|
||||
|
@ -43,7 +43,7 @@ static char copyright[] =
|
||||
#ifndef lint
|
||||
/*static char sccsid[] = "@(#)mountd.c 8.15 (Berkeley) 5/1/95"; */
|
||||
static const char rcsid[] =
|
||||
"$Id: mountd.c,v 1.23 1997/08/29 19:22:28 guido Exp $";
|
||||
"$Id: mountd.c,v 1.24 1997/09/12 16:25:24 jlemon Exp $";
|
||||
#endif /*not lint*/
|
||||
|
||||
#include <sys/param.h>
|
||||
@ -224,6 +224,7 @@ struct ucred def_anon = {
|
||||
int force_v2 = 0;
|
||||
int resvport_only = 1;
|
||||
int dir_only = 1;
|
||||
int log = 1;
|
||||
int opt_flags;
|
||||
/* Bits for above */
|
||||
#define OP_MAPROOT 0x01
|
||||
@ -272,7 +273,7 @@ main(argc, argv)
|
||||
errx(1, "NFS support is not available in the running kernel");
|
||||
#endif /* __FreeBSD__ */
|
||||
|
||||
while ((c = getopt(argc, argv, "2dnr")) != -1)
|
||||
while ((c = getopt(argc, argv, "2dnrl")) != -1)
|
||||
switch (c) {
|
||||
case '2':
|
||||
force_v2 = 1;
|
||||
@ -286,8 +287,11 @@ main(argc, argv)
|
||||
case 'd':
|
||||
debug = debug ? 0 : 1;
|
||||
break;
|
||||
case 'l':
|
||||
log = 1;
|
||||
break;
|
||||
default:
|
||||
fprintf(stderr, "Usage: mountd [-d] [-r] [-n] [export_file]\n");
|
||||
fprintf(stderr, "Usage: mountd [-d] [-r] [-n] [-l] [export_file]\n");
|
||||
exit(1);
|
||||
};
|
||||
argc -= optind;
|
||||
@ -371,6 +375,7 @@ mntsrv(rqstp, transp)
|
||||
struct stat stb;
|
||||
struct statfs fsb;
|
||||
struct hostent *hp;
|
||||
struct in_addr saddrin;
|
||||
u_long saddr;
|
||||
u_short sport;
|
||||
char rpcpath[RPCMNT_PATHLEN + 1], dirpath[MAXPATHLEN];
|
||||
@ -380,6 +385,7 @@ mntsrv(rqstp, transp)
|
||||
sigemptyset(&sighup_mask);
|
||||
sigaddset(&sighup_mask, SIGHUP);
|
||||
saddr = transp->xp_raddr.sin_addr.s_addr;
|
||||
saddrin = transp->xp_raddr.sin_addr;
|
||||
sport = ntohs(transp->xp_raddr.sin_port);
|
||||
hp = (struct hostent *)NULL;
|
||||
switch (rqstp->rq_proc) {
|
||||
@ -389,10 +395,15 @@ mntsrv(rqstp, transp)
|
||||
return;
|
||||
case RPCMNT_MOUNT:
|
||||
if (sport >= IPPORT_RESERVED && resvport_only) {
|
||||
syslog(LOG_NOTICE,
|
||||
"mount request from %s from unprivileged port",
|
||||
inet_ntoa(saddrin));
|
||||
svcerr_weakauth(transp);
|
||||
return;
|
||||
}
|
||||
if (!svc_getargs(transp, xdr_dir, rpcpath)) {
|
||||
syslog(LOG_NOTICE, "undecodable mount request from %s",
|
||||
inet_ntoa(saddrin));
|
||||
svcerr_decode(transp);
|
||||
return;
|
||||
}
|
||||
@ -408,6 +419,9 @@ mntsrv(rqstp, transp)
|
||||
(dir_only || !S_ISREG(stb.st_mode))) ||
|
||||
statfs(dirpath, &fsb) < 0) {
|
||||
chdir("/"); /* Just in case realpath doesn't */
|
||||
syslog(LOG_NOTICE,
|
||||
"mount request from %s for non existant path %s",
|
||||
inet_ntoa(saddrin), dirpath);
|
||||
if (debug)
|
||||
fprintf(stderr, "stat failed on %s\n", dirpath);
|
||||
bad = ENOENT; /* We will send error reply later */
|
||||
@ -453,12 +467,20 @@ mntsrv(rqstp, transp)
|
||||
if (hp)
|
||||
add_mlist(hp->h_name, dirpath);
|
||||
else
|
||||
add_mlist(inet_ntoa(transp->xp_raddr.sin_addr),
|
||||
add_mlist(inet_ntoa(saddrin),
|
||||
dirpath);
|
||||
if (debug)
|
||||
fprintf(stderr,"Mount successfull.\n");
|
||||
} else
|
||||
if (log)
|
||||
syslog(LOG_NOTICE,
|
||||
"mount request succeeded from %s for %s",
|
||||
inet_ntoa(saddrin), dirpath);
|
||||
} else {
|
||||
bad = EACCES;
|
||||
syslog(LOG_NOTICE,
|
||||
"mount request denied from %s for %s",
|
||||
inet_ntoa(saddrin), dirpath);
|
||||
}
|
||||
|
||||
if (bad && !svc_sendreply(transp, xdr_long, (caddr_t)&bad))
|
||||
syslog(LOG_ERR, "Can't send reply");
|
||||
@ -467,13 +489,22 @@ mntsrv(rqstp, transp)
|
||||
case RPCMNT_DUMP:
|
||||
if (!svc_sendreply(transp, xdr_mlist, (caddr_t)NULL))
|
||||
syslog(LOG_ERR, "Can't send reply");
|
||||
else if (log)
|
||||
syslog(LOG_NOTICE,
|
||||
"dump request succeeded from %s",
|
||||
inet_ntoa(saddrin), dirpath);
|
||||
return;
|
||||
case RPCMNT_UMOUNT:
|
||||
if (sport >= IPPORT_RESERVED && resvport_only) {
|
||||
syslog(LOG_NOTICE,
|
||||
"umount request from %s from unprivileged port",
|
||||
inet_ntoa(saddrin));
|
||||
svcerr_weakauth(transp);
|
||||
return;
|
||||
}
|
||||
if (!svc_getargs(transp, xdr_dir, dirpath)) {
|
||||
syslog(LOG_NOTICE, "undecodable umount request from %s",
|
||||
inet_ntoa(saddrin));
|
||||
svcerr_decode(transp);
|
||||
return;
|
||||
}
|
||||
@ -482,10 +513,17 @@ mntsrv(rqstp, transp)
|
||||
hp = gethostbyaddr((caddr_t)&saddr, sizeof(saddr), AF_INET);
|
||||
if (hp)
|
||||
del_mlist(hp->h_name, dirpath);
|
||||
del_mlist(inet_ntoa(transp->xp_raddr.sin_addr), dirpath);
|
||||
del_mlist(inet_ntoa(saddrin), dirpath);
|
||||
if (log)
|
||||
syslog(LOG_NOTICE,
|
||||
"umount request succeeded from %s for %s",
|
||||
inet_ntoa(saddrin), dirpath);
|
||||
return;
|
||||
case RPCMNT_UMNTALL:
|
||||
if (sport >= IPPORT_RESERVED && resvport_only) {
|
||||
syslog(LOG_NOTICE,
|
||||
"umountall request from %s from unprivileged port",
|
||||
inet_ntoa(saddrin));
|
||||
svcerr_weakauth(transp);
|
||||
return;
|
||||
}
|
||||
@ -494,11 +532,19 @@ mntsrv(rqstp, transp)
|
||||
hp = gethostbyaddr((caddr_t)&saddr, sizeof(saddr), AF_INET);
|
||||
if (hp)
|
||||
del_mlist(hp->h_name, (char *)NULL);
|
||||
del_mlist(inet_ntoa(transp->xp_raddr.sin_addr), (char *)NULL);
|
||||
del_mlist(inet_ntoa(saddrin), (char *)NULL);
|
||||
if (log)
|
||||
syslog(LOG_NOTICE,
|
||||
"umountall request succeeded from %s",
|
||||
inet_ntoa(saddrin));
|
||||
return;
|
||||
case RPCMNT_EXPORT:
|
||||
if (!svc_sendreply(transp, xdr_explist, (caddr_t)NULL))
|
||||
syslog(LOG_ERR, "Can't send reply");
|
||||
if (log)
|
||||
syslog(LOG_NOTICE,
|
||||
"export request succeeded from %s",
|
||||
inet_ntoa(saddrin));
|
||||
return;
|
||||
default:
|
||||
svcerr_noproc(transp);
|
||||
|
Loading…
Reference in New Issue
Block a user