--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: nfs-kernel-server: statd wont't work without reverse lookups, mountd won't allow ip-based exports with reverse lookups
- From: Sebastian Hegler <sebastian.hegler@tu-dresden.de>
- Date: Tue, 27 Apr 2010 16:52:01 +0200
- Message-id: <20100427145201.28289.70086.reportbug@kuiper.hf.ifn.et.tu-dresden.de>
Package: nfs-kernel-server
Version: 1:1.2.2-1
Severity: normal
This is a rather strange bug. I'll try and condense this in as few lines as possible.
statd won't work without being able to do reverse DNS lookups. The error messages look like this:
$ rpc.statd -dF
rpc.statd: Version 1.2.2 starting
rpc.statd: Flags: No-Daemon Log-STDERR
sm-notify: Version 1.2.2 starting
sm-notify: Already notifying clients; Exiting!
rpc.statd: Local NSM state number: 3
rpc.statd: Effective UID, GID: 104, 0
rpc.statd: Waiting for client connections
rpc.statd: from_local: updating local if addr list
rpc.statd: from_local: incoming address matches local interface address
rpc.statd: check_default: access by 127.0.0.1 ALLOWED
rpc.statd: Received SM_MON for 10.10.1.58 from mynfsserver
rpc.statd: get_nameinfo: failed to resolve address: Name or service not known
rpc.statd: No canonical hostname found for 10.10.1.58
rpc.statd: STAT_FAIL to mynfsserver for SM_MON of 10.10.1.58
....the kernel emits these messages in the same time ("mynfsclient" is 10.10.1.58):
[ 1853.679009] lockd: cannot monitor mynfsclient
[ 1853.679611] lockd: cannot monitor mynfsclient
[ 2148.394982] lockd: cannot monitor mynfsclient
[ 2148.395505] lockd: cannot monitor mynfsclient
Since I need file locking on the client systems for some special software, I edited /etc/hosts to enable bidirectional lookups. After doing this, however, mountd refused to accept mount requests for IP-address-based exports, i.e.:
/home 10.10.1.*(insecure,rw,no_root_squash,async,no_subtree_check)
wouldn't work anymore.
The messages looked like this:
$ rpc.mountd -gFd all
mountd: Kernel does not have pseudo root support.
mountd: NFS v4 mounts will be disabled unless fsid=0
mountd: is specfied in /etc/exports file.
mountd: from_local: updating local if addr list
mountd: from_local: checked 7 local if addrs; incoming address not found
mountd: check_default: access by 10.10.1.58 ALLOWED
mountd: check_default: access by 10.10.1.58 ALLOWED (cached)
mountd: MNT3(/home) called
mountd: refused mount request from 10.10.1.58 for /home (/home): unmatched host
So now, locks were working, but mounts were not anymore.
Luckily, this was fixed by changing the exports to be host name-based.
This is EXTREMELY strange behavior, IMHO. I'd expect IP-based mounts to always work.
-- System Information:
Debian Release: squeeze/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.32-3-amd64 (SMP w/8 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages nfs-kernel-server depends on:
ii libblkid1 2.16.2-0 block device id library
ii libc6 2.10.2-6 Embedded GNU C Library: Shared lib
ii libcomerr2 1.41.11-1 common error description library
ii libgssapi-krb5-2 1.8.1+dfsg-2 MIT Kerberos runtime libraries - k
ii libgssglue1 0.1-4 mechanism-switch gssapi library
ii libk5crypto3 1.8.1+dfsg-2 MIT Kerberos runtime libraries - C
ii libkrb5-3 1.8.1+dfsg-2 MIT Kerberos runtime libraries
ii libnfsidmap2 0.23-2 An nfs idmapping library
ii librpcsecgss3 0.19-2 allows secure rpc communication us
ii libwrap0 7.6.q-18 Wietse Venema's TCP wrappers libra
ii lsb-base 3.2-23 Linux Standard Base 3.2 init scrip
ii nfs-common 1:1.2.2-1 NFS support files common to client
ii ucf 3.0025 Update Configuration File: preserv
nfs-kernel-server recommends no packages.
nfs-kernel-server suggests no packages.
-- no debconf information
--- End Message ---
--- Begin Message ---
Source: nfs-utils
Source-Version: 1:1.2.2-3
We believe that the bug you reported is fixed in the latest version of
nfs-utils, which is due to be installed in the Debian FTP archive:
nfs-common_1.2.2-3_i386.deb
to main/n/nfs-utils/nfs-common_1.2.2-3_i386.deb
nfs-kernel-server_1.2.2-3_i386.deb
to main/n/nfs-utils/nfs-kernel-server_1.2.2-3_i386.deb
nfs-utils_1.2.2-3.debian.tar.bz2
to main/n/nfs-utils/nfs-utils_1.2.2-3.debian.tar.bz2
nfs-utils_1.2.2-3.dsc
to main/n/nfs-utils/nfs-utils_1.2.2-3.dsc
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 579397@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Ben Hutchings <ben@decadent.org.uk> (supplier of updated nfs-utils package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 08 Aug 2010 23:43:42 +0100
Source: nfs-utils
Binary: nfs-kernel-server nfs-common
Architecture: i386 source
Version: 1:1.2.2-3
Distribution: unstable
Urgency: low
Maintainer: Debian kernel team <debian-kernel@lists.debian.org>
Changed-By: Ben Hutchings <ben@decadent.org.uk>
Closes: 579397 582003
Description:
nfs-common - NFS support files common to client and server
nfs-kernel-server - support for NFS kernel server
Changes:
nfs-utils (1:1.2.2-3) unstable; urgency=low
.
* mount.nfs: Preserve explicit port=2049 option (Closes: #582003)
* rpc.statd: Allow monitoring of addresses without names (Closes: #579397)
* Add control fields pointing to the new git repository
Checksums-Sha1:
09070f7f828b3084df6388ce4d38f1431875a62f 2076 nfs-utils_1.2.2-3.dsc
bfa845e60c615f8d47d1d1734b905434d4060abc 33694 nfs-utils_1.2.2-3.debian.tar.bz2
76d3a082ff66cdcc2d1944a79eb208153726e1c5 158822 nfs-kernel-server_1.2.2-3_i386.deb
9353c6d21702b476039c7bacb439c91cd93fc4c3 226390 nfs-common_1.2.2-3_i386.deb
Checksums-Sha256:
40d4a95efb3414279d3fad709bb345e39c2cee1eaa0910cd1d29ebf64427c1ab 2076 nfs-utils_1.2.2-3.dsc
41eb9779ffcbbee348f04c2abb245f19778abf49b7621fbec296e1e3781f3b3c 33694 nfs-utils_1.2.2-3.debian.tar.bz2
cb92bd2e8f4e7d686b952b1c84b64580f2f75977ff56c48dba67f44c0b2bc117 158822 nfs-kernel-server_1.2.2-3_i386.deb
935b6457b69f7bc91ab2bfdb57a49cb3388f1c09ada5be3c07c1f009b9651784 226390 nfs-common_1.2.2-3_i386.deb
Files:
11ad110a57b6e36ea601fbe15f26f268 2076 net standard nfs-utils_1.2.2-3.dsc
de117d46ebbdea509cd0c87d2d2efdf6 33694 net standard nfs-utils_1.2.2-3.debian.tar.bz2
660914dcbabb4fe17a773b84df0bca6d 158822 net optional nfs-kernel-server_1.2.2-3_i386.deb
c2908bcdd9082ce54ee57515390bdac7 226390 net standard nfs-common_1.2.2-3_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iQIVAwUBTF81b+e/yOyVhhEJAQo97A//cebD5QvFoew0DRbS4O4g+EntQe/COi/m
snWIvDglkqTiBrl0gng42H5ck02cQQHNFRt2eayjAwC/wKLIavA09OgfaQ5OLEkq
niJYGLx7E4/JGRLa1/yFSZvy+h8BOw9MtjXPhXnWBNPBNZ5H1uJ4diVvWY3CrhrF
e3LsJGvLOb+mP2LGlr+hzgbRJSJFy9syP18WQqkyliUPUm5okNSFgQ1fk8V5RhjW
Am2Ra9kvVejyA/HThjTf8qGm/fcRaYA7tgSSJC6xJzI4Hvlm4TkMqZatA1eVjfSm
17ax+axgvs5mx11QymkqZQbVv1wh0t8wx1+KgKwogXvuvjzkA8v/cl+vZ6vP1BZc
rzH/EAiN78Xa9KRXEqhcn74b5fG4x3HQ3+bbCCZXKgQ75c8vlkSPe+m8drOeXHvc
K/8WMI+SVhsC8KoM7vd1exlKv4CLYB8Ftilwuueulv0AvfwZhQvhQ/+/Qs59opk2
lDQigutkxLttVUJAW2BXbMTC2TWPyOE9Qgx8QrgYWQS7VE6vH7mIvqaxQ/QGm4As
wvtAPvyi0TcMTq3kotnGNdEwuWsWTyjZjOJgxNTuguB6i7wwjAm/HSIO4WrCsLJk
KqUAAQYo67FvqFwJMOYpVUxnFW+QDSBASJi3HSY59OpJJSOIBNcj5LEPBobL7zVD
yoRpR0NSH5g=
=WD/J
-----END PGP SIGNATURE-----
--- End Message ---