Bug#579397: nfs-kernel-server: statd wont't work without reverse lookups, mountd won't allow ip-based exports with reverse lookups
Package: nfs-kernel-server
Version: 1:1.2.2-1
Severity: normal
This is a rather strange bug. I'll try and condense this in as few lines as possible.
statd won't work without being able to do reverse DNS lookups. The error messages look like this:
$ rpc.statd -dF
rpc.statd: Version 1.2.2 starting
rpc.statd: Flags: No-Daemon Log-STDERR
sm-notify: Version 1.2.2 starting
sm-notify: Already notifying clients; Exiting!
rpc.statd: Local NSM state number: 3
rpc.statd: Effective UID, GID: 104, 0
rpc.statd: Waiting for client connections
rpc.statd: from_local: updating local if addr list
rpc.statd: from_local: incoming address matches local interface address
rpc.statd: check_default: access by 127.0.0.1 ALLOWED
rpc.statd: Received SM_MON for 10.10.1.58 from mynfsserver
rpc.statd: get_nameinfo: failed to resolve address: Name or service not known
rpc.statd: No canonical hostname found for 10.10.1.58
rpc.statd: STAT_FAIL to mynfsserver for SM_MON of 10.10.1.58
....the kernel emits these messages in the same time ("mynfsclient" is 10.10.1.58):
[ 1853.679009] lockd: cannot monitor mynfsclient
[ 1853.679611] lockd: cannot monitor mynfsclient
[ 2148.394982] lockd: cannot monitor mynfsclient
[ 2148.395505] lockd: cannot monitor mynfsclient
Since I need file locking on the client systems for some special software, I edited /etc/hosts to enable bidirectional lookups. After doing this, however, mountd refused to accept mount requests for IP-address-based exports, i.e.:
/home 10.10.1.*(insecure,rw,no_root_squash,async,no_subtree_check)
wouldn't work anymore.
The messages looked like this:
$ rpc.mountd -gFd all
mountd: Kernel does not have pseudo root support.
mountd: NFS v4 mounts will be disabled unless fsid=0
mountd: is specfied in /etc/exports file.
mountd: from_local: updating local if addr list
mountd: from_local: checked 7 local if addrs; incoming address not found
mountd: check_default: access by 10.10.1.58 ALLOWED
mountd: check_default: access by 10.10.1.58 ALLOWED (cached)
mountd: MNT3(/home) called
mountd: refused mount request from 10.10.1.58 for /home (/home): unmatched host
So now, locks were working, but mounts were not anymore.
Luckily, this was fixed by changing the exports to be host name-based.
This is EXTREMELY strange behavior, IMHO. I'd expect IP-based mounts to always work.
-- System Information:
Debian Release: squeeze/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.32-3-amd64 (SMP w/8 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages nfs-kernel-server depends on:
ii libblkid1 2.16.2-0 block device id library
ii libc6 2.10.2-6 Embedded GNU C Library: Shared lib
ii libcomerr2 1.41.11-1 common error description library
ii libgssapi-krb5-2 1.8.1+dfsg-2 MIT Kerberos runtime libraries - k
ii libgssglue1 0.1-4 mechanism-switch gssapi library
ii libk5crypto3 1.8.1+dfsg-2 MIT Kerberos runtime libraries - C
ii libkrb5-3 1.8.1+dfsg-2 MIT Kerberos runtime libraries
ii libnfsidmap2 0.23-2 An nfs idmapping library
ii librpcsecgss3 0.19-2 allows secure rpc communication us
ii libwrap0 7.6.q-18 Wietse Venema's TCP wrappers libra
ii lsb-base 3.2-23 Linux Standard Base 3.2 init scrip
ii nfs-common 1:1.2.2-1 NFS support files common to client
ii ucf 3.0025 Update Configuration File: preserv
nfs-kernel-server recommends no packages.
nfs-kernel-server suggests no packages.
-- no debconf information
Reply to: