From 2b6dbd95e98257be4085937f38767512ddcad24b Mon Sep 17 00:00:00 2001 From: Reid Wahl Date: Fri, 28 Sep 2018 02:27:33 -0700 Subject: [PATCH] Medium: exportfs: Use canonical hostname for monitor If the hostname specified in `clientspec` does not match the canonical hostname, the monitor operation fails even though the export exists. This is caused by the exportfs command's name resolution process. It queries the hosts DB as configured in /etc/nsswitch.conf (usually /etc/hosts and/or DNS) to ensure that the given hostname resolves. If the lookup returns the FQDN and the clientspec uses the short name, the monitor operation fails. This also occurs in reverse. If the lookup returns the short name and the clientspec uses the FQDN, the monitor operation fails. This patch resolves the issue by querying the ahosts database to fetch the canonical hostname. We use the canonical hostname as the spec. If the clientspec is an IP address, the fetch simply returns the same IP address. If the clientspec is of some other format, the fetch returns nothing and we continue to use the spec as-is. Using `getent ahosts` rather than `getent hosts` eliminates the need to handle IP addresses specially, thanks to its output formatting. It uses `getaddrinfo` rather than `gethostbyname2`. --- heartbeat/exportfs | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/heartbeat/exportfs b/heartbeat/exportfs index 80ed057f21..5ec2912939 100755 --- a/heartbeat/exportfs +++ b/heartbeat/exportfs @@ -283,6 +283,15 @@ exportfs_monitor () ;; esac + # Get canonical name for hostnames + # getent ahosts returns the address for IP addresses, canonical name for + # hostnames, and nothing for other spec formats. + # Return first match only + canon_name=$(getent ahosts "$spec" | awk 'NF == 3 && $NF != "localhost" { print $NF; exit }') + if [ -n "$canon_name" ]; then + spec=$canon_name + fi + if forall is_exported "$spec"; then if [ ${OCF_RESKEY_rmtab_backup} != "none" ]; then forall backup_rmtab