From: Patrick Goetz <pgoetz@math.utexas.edu>
To: "linux-nfs@vger.kernel.org" <linux-nfs@vger.kernel.org>
Subject: Use of /etc/netgroup appears to be broken in the NFS server version which ships with Ubuntu 20.04
Date: Tue, 15 Jun 2021 12:03:51 -0500 [thread overview]
Message-ID: <2539b705-b72a-d9de-965e-7836dfd2e362@math.utexas.edu> (raw)
Sadly, it took me a couple of days to track this down. The /etc/netgroup
file I'm using works perfectly on another NFS server (Ubuntu 18.04) in
production, so this wasn't an immediate suspicion. However, if I use
this /etc/exports:
/srv/nfs @cryo_em(rw,sync,fsid=0,crossmnt,no_subtree_check)
/srv/nfs/cryosparc @cryo_em(rw,sync,fsid=2,crossmnt,no_subtree_check)
Client mounts fail:
root@javelina:~# mount -vvvt nfs4 cerebro:/cryosparc /cryosparc
mount.nfs4: timeout set for Tue Jun 15 11:53:22 2021
mount.nfs4: trying text-based options
'vers=4.2,addr=128.xx.xx.xxx,clientaddr=129.xxx.xxx.xx'
mount.nfs4: mount(2): Permission denied
mount.nfs4: access denied by server while mounting cerebro:/cryosparc
and if I switch to specifying the host explicitly:
/srv/nfs javelina.my.domain(rw,sync,fsid=0,crossmnt,no_subtree_check)
/srv/nfs/cryosparc
javelina.mydomain(rw,sync,fsid=2,crossmnt,no_subtree_check)
the mount just works. The tcpdump error message isn't terribly helpful
here:
11:14:02.856094 IP cerebro.my.domain.nfs > javelina.my.domain.741: Flags
[.], ack 281, win 507, options [nop,nop,TS val 791638255 ecr
2576087678], length 0
11:14:02.856178 IP cerebro.my.domain.nfs > javelina.my.domain.741: Flags
[P.], seq 1:25, ack 281, win 507, options [nop,nop,TS val 791638255 ecr
2576087678], length 24: NFS reply xid 2752089303 reply ERR 20: Auth
Bogus Credentials (seal broken)
but after figuring out the cause of the problem, I did find a
corroborating RHEL error report (which you'll need a RHEL account to
access):
https://access.redhat.com/solutions/3563601
I couldn't figure out how to determine the exact version of the NFS
server that ships with Ubuntu 20.04. Maybe someone could explain how to
do this. Running
/usr/sbin/rpc.nfsd --version
doesn't do it.
next reply other threads:[~2021-06-15 17:11 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-06-15 17:03 Patrick Goetz [this message]
2021-06-17 3:11 ` Use of /etc/netgroup appears to be broken in the NFS server version which ships with Ubuntu 20.04 NeilBrown
2021-06-17 14:35 ` Patrick Goetz
2021-06-17 21:24 ` NeilBrown
2021-06-17 23:17 ` Patrick Goetz
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2539b705-b72a-d9de-965e-7836dfd2e362@math.utexas.edu \
--to=pgoetz@math.utexas.edu \
--cc=linux-nfs@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox