Your message dated Sat, 07 Oct 2023 12:41:28 +0100
with message-id
<84bb5ff8312f749ebe536897993782bf35aa1977.ca...@adam-barratt.org.uk>
and subject line Closing opu requests for updates included in 11.8
has caused the Debian Bug report #1040950,
regarding bullseye-pu: package autofs/5.1.7-1+deb11u1
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
1040950: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1040950
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian....@packages.debian.org
Usertags: pu
X-Debbugs-Cc: aut...@packages.debian.org
Control: affects -1 + src:autofs
Two issues have recently been addressed in autofs uploads to unstable.
[ Reason ]
Fixed issues:
* Don't let NFSv4-only mounts use rpcbind portmapper service.
* Fix missing unlock in sasl_do_kinit_ext_cc().
[ Impact ]
Fix autofs hanging for LDAP+Kerberos setups. Avoid communication to
rpcbind for NFSv4-only mounts.
[ Tests ]
Manually, on production site, by bug submitters.
[ Risks ]
Regressions in autofs.
[ Checklist ]
[x] *all* changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in (old)stable
[x] the issue is verified as fixed in unstable
[ Changes ]
+ * debian/patches:
+ + Add fix-nfs4-only-mounts-should-not-use-rpcbind.patch. Don't let NFSv4-
+ only mounts use rpcbind portmapper service. (Closes: #1034261).
+ + Add fix-missing-unlock-in-sasl-do-kinit-ext-cc.patch. Fix missing unlock
+ in sasl_do_kinit_ext_cc(). (Closes: #1039967).
[ Other info ]
Salvatore Bonnacorso (@carnil) will likely follow up this pu with another
pu. Not sure if he gets around to it before the deadline for the next
11.x point release.
diff -Nru autofs-5.1.7/debian/changelog autofs-5.1.7/debian/changelog
--- autofs-5.1.7/debian/changelog 2021-02-04 13:36:20.000000000 +0100
+++ autofs-5.1.7/debian/changelog 2023-07-10 19:01:17.000000000 +0200
@@ -1,3 +1,13 @@
+autofs (5.1.7-1+deb11u1) bullseye; urgency=medium
+
+ * debian/patches:
+ + Add fix-nfs4-only-mounts-should-not-use-rpcbind.patch. Don't let NFSv4-
+ only mounts use rpcbind portmapper service. (Closes: #1034261).
+ + Add fix-missing-unlock-in-sasl-do-kinit-ext-cc.patch. Fix missing unlock
+ in sasl_do_kinit_ext_cc(). (Closes: #1039967).
+
+ -- Mike Gabriel <sunwea...@debian.org> Mon, 10 Jul 2023 19:01:17 +0200
+
autofs (5.1.7-1) unstable; urgency=medium
* New upstream release.
diff -Nru
autofs-5.1.7/debian/patches/fix-missing-unlock-in-sasl-do-kinit-ext-cc.patch
autofs-5.1.7/debian/patches/fix-missing-unlock-in-sasl-do-kinit-ext-cc.patch
---
autofs-5.1.7/debian/patches/fix-missing-unlock-in-sasl-do-kinit-ext-cc.patch
1970-01-01 01:00:00.000000000 +0100
+++
autofs-5.1.7/debian/patches/fix-missing-unlock-in-sasl-do-kinit-ext-cc.patch
2023-07-05 12:14:29.000000000 +0200
@@ -0,0 +1,45 @@
+From b2571ed0df973a6dc6a8e661874655fa7cecdc37 Mon Sep 17 00:00:00 2001
+From: James Dingwall <james-aut...@dingwall.me.uk>
+Date: Wed, 20 Jul 2022 13:22:38 +0800
+Subject: autofs-5.1.8 - fix missing unlock in sasl_do_kinit_ext_cc()
+
+There is a missing mutex unlock in function sasl_do_kinit_ext_cc(),
+fix it.
+
+Signed-off-by: James Dingwall <james-aut...@dingwall.me.uk>
+Signed-off-by: Ian Kent <ra...@themaw.net>
+---
+# CHANGELOG | 1 +
+ modules/cyrus-sasl.c | 4 ++++
+ 2 files changed, 5 insertions(+)
+
+#diff --git a/CHANGELOG b/CHANGELOG
+#index 1f7c93a..e0b285d 100644
+#--- a/CHANGELOG
+#+++ b/CHANGELOG
+#@@ -27,6 +27,7 @@
+# - add autofs_strerror_r() helper for musl.
+# - update configure.
+# - handle innetgr() not present in musl.
+#+- fix missing unlock in sasl_do_kinit_ext_cc().
+#
+# 19/10/2021 autofs-5.1.8
+# - add xdr_exports().
+diff --git a/modules/cyrus-sasl.c b/modules/cyrus-sasl.c
+index ae046e0..738e363 100644
+--- a/modules/cyrus-sasl.c
++++ b/modules/cyrus-sasl.c
+@@ -721,6 +721,10 @@ sasl_do_kinit_ext_cc(unsigned logopt, struct
lookup_context *ctxt)
+
+ debug(logopt, "Kerberos authentication was successful!");
+
++ status = pthread_mutex_unlock(&krb5cc_mutex);
++ if (status)
++ fatal(status);
++
+ return 0;
+
+ out_cleanup_def_princ:
+--
+cgit
+
diff -Nru
autofs-5.1.7/debian/patches/fix-nfs4-only-mounts-should-not-use-rpcbind.patch
autofs-5.1.7/debian/patches/fix-nfs4-only-mounts-should-not-use-rpcbind.patch
---
autofs-5.1.7/debian/patches/fix-nfs4-only-mounts-should-not-use-rpcbind.patch
1970-01-01 01:00:00.000000000 +0100
+++
autofs-5.1.7/debian/patches/fix-nfs4-only-mounts-should-not-use-rpcbind.patch
2023-07-05 12:14:29.000000000 +0200
@@ -0,0 +1,97 @@
+From 80845bbcbc264f19c6c6a81d680e1f2b1ea6d3cc Mon Sep 17 00:00:00 2001
+From: Ian Kent <ra...@themaw.net>
+Date: Sun, 31 Oct 2021 07:36:16 +0800
+Subject: autofs-5.1.8 - fix nfsv4 only mounts should not use rpcbind
+
+Commit 606795ecfaa1 ("autofs-5.1.7 - also require TCP_REQUESTED when
+setting NFS port" together with commit 26fb6b5408be) caused NFSv4 only
+mounts to also use rpcbind to probe availability which breaks the
+requirememt that this type of mount not use rpcbind at all.
+
+Fix this by treating fstype=nfs4 mounts as a special case which doesn't
+use rpcbind.
+
+Signed-off-by: Ian Kent <ra...@themaw.net>
+---
+# CHANGELOG | 1 +
+ include/replicated.h | 2 ++
+ modules/mount_nfs.c | 13 +++++++------
+ modules/replicated.c | 4 ++--
+ 4 files changed, 12 insertions(+), 8 deletions(-)
+
+#diff --git a/CHANGELOG b/CHANGELOG
+#index 575f186..4e5e82d 100644
+#--- a/CHANGELOG
+#+++ b/CHANGELOG
+#@@ -8,6 +8,7 @@
+# - dont fail on duplicate offset entry tree add.
+# - fix loop under run in cache_get_offset_parent().
+# - bailout on rpc systemerror.
+#+- fix nfsv4 only mounts should not use rpcbind.
+#
+# 19/10/2021 autofs-5.1.8
+# - add xdr_exports().
+--- a/include/replicated.h
++++ b/include/replicated.h
+@@ -35,6 +35,8 @@
+ #define NFS3_REQUESTED NFS3_SUPPORTED
+ #define NFS4_REQUESTED NFS4_SUPPORTED
+
++#define NFS4_ONLY_REQUESTED 0x0800
++
+ #define TCP_SUPPORTED 0x0001
+ #define UDP_SUPPORTED 0x0002
+ #define TCP_REQUESTED TCP_SUPPORTED
+--- a/modules/mount_nfs.c
++++ b/modules/mount_nfs.c
+@@ -92,7 +92,7 @@
+ mount_default_proto = defaults_get_mount_nfs_default_proto();
+ vers = NFS_VERS_DEFAULT | NFS_PROTO_DEFAULT;
+ if (strcmp(fstype, "nfs4") == 0)
+- vers = NFS4_VERS_DEFAULT | TCP_SUPPORTED;
++ vers = NFS4_VERS_DEFAULT | TCP_SUPPORTED | NFS4_ONLY_REQUESTED;
+ else if (mount_default_proto == 4)
+ vers = vers | NFS4_VERS_DEFAULT;
+
+@@ -157,15 +157,16 @@
+ } else {
+ /* Is any version of NFSv4 in the options */
+ if (_strncmp("vers=4", cp, 6) == 0 ||
+- _strncmp("nfsvers=4", cp, 9) == 0)
+- vers = NFS4_VERS_MASK | TCP_SUPPORTED;
+- else if (_strncmp("vers=3", cp, o_len) == 0 ||
++ _strncmp("nfsvers=4", cp, 9) == 0) {
++ vers &= ~(NFS_VERS_MASK);
++ vers |= NFS4_VERS_MASK | TCP_SUPPORTED
| NFS4_ONLY_REQUESTED;
++ } else if (_strncmp("vers=3", cp, o_len) == 0 ||
+ _strncmp("nfsvers=3", cp, o_len) == 0)
{
+- vers &= ~(NFS4_VERS_MASK |
NFS_VERS_MASK);
++ vers &= ~(NFS4_VERS_MASK |
NFS_VERS_MASK | NFS4_ONLY_REQUESTED);
+ vers |= NFS3_REQUESTED;
+ } else if (_strncmp("vers=2", cp, o_len) == 0 ||
+ _strncmp("nfsvers=2", cp, o_len) == 0)
{
+- vers &= ~(NFS4_VERS_MASK |
NFS_VERS_MASK);
++ vers &= ~(NFS4_VERS_MASK |
NFS_VERS_MASK | NFS4_ONLY_REQUESTED);
+ vers |= NFS2_REQUESTED;
+ } else if (strstr(cp, "port=") == cp &&
+ o_len - 5 < 25) {
+--- a/modules/replicated.c
++++ b/modules/replicated.c
+@@ -248,7 +248,7 @@
+
+ rpc_info->proto = proto;
+ if (port < 0) {
+- if (version & NFS4_REQUESTED)
++ if (version & NFS4_REQUESTED && (version & NFS4_ONLY_REQUESTED))
+ rpc_info->port = NFS_PORT;
+ else
+ port = 0;
+@@ -510,7 +510,7 @@
+ {
+ struct conn_info pm_info, rpc_info;
+ time_t timeout = RPC_TIMEOUT;
+- unsigned int supported, vers = (NFS_VERS_MASK | NFS4_VERS_MASK);
++ unsigned int supported, vers = (NFS_VERS_MASK | NFS4_VERS_MASK |
NFS4_ONLY_REQUESTED);
+ int ret = 0;
+
+ if (!check_address_proto(logopt, host, version))
diff -Nru autofs-5.1.7/debian/patches/series autofs-5.1.7/debian/patches/series
--- autofs-5.1.7/debian/patches/series 2021-02-04 13:13:20.000000000 +0100
+++ autofs-5.1.7/debian/patches/series 2023-07-05 12:14:29.000000000 +0200
@@ -9,3 +9,5 @@
spelling-error-fixes.patch
fix-lookup-ldap-crash.patch
fix-nfs4-mounts-in-auto-net.patch
+fix-nfs4-only-mounts-should-not-use-rpcbind.patch
+fix-missing-unlock-in-sasl-do-kinit-ext-cc.patch
--- End Message ---
--- Begin Message ---
Package: release.debian.org
Version: 11.8
Hi,
The updates referred to by each of these requests were included in
today's 11.8 bullseye point release.
Regards,
Adam
--- End Message ---
