133 lines
5.1 KiB
Text
133 lines
5.1 KiB
Text
-----BEGIN PGP SIGNED MESSAGE-----
|
|
Hash: SHA512
|
|
|
|
=============================================================================
|
|
FreeBSD-EN-20:07.quotad Errata Notice
|
|
The FreeBSD Project
|
|
|
|
Topic: Regression in rpc.rquotad with certain NFS servers
|
|
|
|
Category: core
|
|
Module: rpc.quotad
|
|
Announced: 2020-04-21
|
|
Affects: All supported versions of FreeBSD
|
|
Corrected: 2019-09-21 14:03:41 UTC (stable/12, 12.1-STABLE)
|
|
2020-04-21 15:50:57 UTC (releng/12.1, 12.1-RELEASE-p4)
|
|
2019-09-21 14:06:16 UTC (stable/11, 11.3-STABLE)
|
|
2020-04-21 15:50:57 UTC (releng/11.3, 11.3-RELEASE-p8)
|
|
|
|
For general information regarding FreeBSD Errata Notices and Security
|
|
Advisories, including descriptions of the fields above, security
|
|
branches, and the following sections, please visit
|
|
<URL:https://security.FreeBSD.org/>.
|
|
|
|
I. Background
|
|
|
|
The Network File System (NFS) allows a system to share directories and files
|
|
with others over a network. By using this, users and programs can access
|
|
files on remote systems almost as if they were local files.
|
|
|
|
The rpc.rquotad utility is an rpc(3) server which returns quotas for a user
|
|
of a local file system which is NFS-mounted onto a remote machine.
|
|
|
|
II. Problem Description
|
|
|
|
A change in rpc.rquotad made it send RQUOTA v2 requests instead of RQUOTA v1
|
|
requests. Some vendors would send RPC_PROGNOTREGISTERED ("Program Not
|
|
Registered") response instead of the desired RPC_PROGVERSMISMATCH ("Program
|
|
Version Mismatch") response, preventing the mechanism from working.
|
|
|
|
III. Impact
|
|
|
|
The quota(8) command will not be able obtain quota information for some NFS
|
|
server vendors.
|
|
|
|
IV. Workaround
|
|
|
|
No workaround is available. Systems not using quotas on NFS mounted file
|
|
systems are unaffected.
|
|
|
|
V. Solution
|
|
|
|
Upgrade your system to a supported FreeBSD stable or release / security
|
|
branch (releng) dated after the correction date.
|
|
|
|
Perform one of the following:
|
|
|
|
1) To update your system via a binary patch:
|
|
|
|
Systems running a RELEASE version of FreeBSD on the i386 or amd64
|
|
platforms can be updated via the freebsd-update(8) utility:
|
|
|
|
# freebsd-update fetch
|
|
# freebsd-update install
|
|
|
|
2) To update your system via a source code patch:
|
|
|
|
The following patches have been verified to apply to the applicable
|
|
FreeBSD release branches.
|
|
|
|
a) Download the relevant patch from the location below, and verify the
|
|
detached PGP signature using your PGP utility.
|
|
|
|
# fetch https://security.FreeBSD.org/patches/EN-20:07/quotad.patch
|
|
# fetch https://security.FreeBSD.org/patches/EN-20:07/quotad.patch.asc
|
|
# gpg --verify quotad.patch.asc
|
|
|
|
b) Apply the patch. Execute the following commands as root:
|
|
|
|
# cd /usr/src
|
|
# patch < /path/to/patch
|
|
|
|
c) Recompile the operating system using buildworld and installworld as
|
|
described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>.
|
|
|
|
Restart the applicable daemons, or reboot the system.
|
|
|
|
VI. Correction details
|
|
|
|
The following list contains the correction revision numbers for each
|
|
affected branch.
|
|
|
|
Branch/path Revision
|
|
- -------------------------------------------------------------------------
|
|
stable/12/ r352575
|
|
releng/12.1/ r360148
|
|
stable/11/ r352576
|
|
releng/11.3/ r360148
|
|
- -------------------------------------------------------------------------
|
|
|
|
To see which files were modified by a particular revision, run the
|
|
following command, replacing NNNNNN with the revision number, on a
|
|
machine with Subversion installed:
|
|
|
|
# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
|
|
|
|
Or visit the following URL, replacing NNNNNN with the revision number:
|
|
|
|
<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
|
|
|
|
VII. References
|
|
|
|
<URL:https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=NNNNNN>
|
|
|
|
The latest revision of this advisory is available at
|
|
<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-20:07.quotad.asc>
|
|
-----BEGIN PGP SIGNATURE-----
|
|
|
|
iQKTBAEBCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAl6fHKNfFIAAAAAALgAo
|
|
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD
|
|
MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n
|
|
5cKrMg/+LLZH7D0fPM2gvxxgDi078N0yfnb4hjbJxI+xdDrbWMEqy/Y9k5hi6+AD
|
|
iEnSdQ1/Ak6n174b4Xz2L+Dpih4BEzLumfwb9oFCudUFvyuxNwQmO9tkGLCdu9ps
|
|
wRp2quYw0T/whnIS2tTsOM/TPCNZa72mym19OTZi9pgSh82Z+raUeRlfXyOS6HlL
|
|
8GkIqkMBBEXRYEQnWX7FAcN+4G1kUHCzHIsyLImCaic8YL/+rX2bqalhFGdLGbJd
|
|
epKQQ8FvT1kMns6XVkzSfL35LDoOfbOYjWYTwp3D5Fxk0I5gSK1u3LTrhVZpEV0p
|
|
EBO7l2ivee/cwtdOjkIZR1NF+Lp+gHeXxWaJFz0tE6skB2fCYdZq4EeIjXg1okqQ
|
|
piWmiesIDpmzz5P2e1OEbkrh5yKr/FeLYDOlge3D1jFZd7iBxeS/BvdGGhSVZI4F
|
|
wssveFUnGiKm47kFRzXJnSPz0Nji2R2KyKaaNSB6dqZGW0ZelgPgjh09j09FijbH
|
|
mvFPSsxWSKH3rD0CE2QeWIvwk0dbtAhti1TM0gJque8D50IZB8VlNNtOa4V+fyQ6
|
|
puH+5+haHzwfUXwSrLcYK+v0xMdQ71oYqC5G5tV/eYXJCbzIu1Y3hbgmbLzAx+xf
|
|
LwW3uCcm1cDQpzs2WxirHE+jS4DbYIMqS/K2c5+tj9kAEtXX1b0=
|
|
=mFhE
|
|
-----END PGP SIGNATURE-----
|