Bug#913473: NFSv4 with Kerberos broken on ARM because rpc.gssd truncates 32-bit [GU]IDs to 16 bits

To: submit@bugs.debian.org
Subject: Bug#913473: NFSv4 with Kerberos broken on ARM because rpc.gssd truncates 32-bit [GU]IDs to 16 bits
From: James Ettle <james@ettle.org.uk>
Date: Sun, 11 Nov 2018 13:24:54 +0000
Message-id: <[🔎] 968cbcdb-6598-10c2-12ca-7af18d9ceac0@ettle.org.uk>
Reply-to: James Ettle <james@ettle.org.uk>, 913473@bugs.debian.org

Package: nfs-common
Version: 1.3.4-2.3 

Attempting to access a Kerberised NFSv4 share with nfs-common 1:1.3.4-2.3 on ARM can result in invalid 'key has expired' errors when UIDs or GIDs are >= 2^16. This is because rpc.gssd is using the wrong setres[gu]id syscalls that truncate the [GU]IDs to 16 bits.

A Ubuntu user had already tracked down and worked out a fix for this in :

https://bugs.launchpad.net/ubuntu/+source/nfs-utils/+bug/1779962

Around the same time I reported it on Fedora against nfs-utils-2.3.2-0.fc28.armv7hl:

https://bugzilla.redhat.com/show_bug.cgi?id=1595927

The fix was eventually upstreamed to nfs-utils-2.3.3, and Ubuntu patch it in their nfs-utils 1.3.4-2.2ubuntu3. It should probably be applied in the Debian-maintained builds too.

[I'm actually using Raspbian 9 on armv7l.]

Reply to:

Prev by Date: Processed: found 912601 in 4.18.10-2
Next by Date: Processing of linux_4.9.135-1_source.changes
Previous by thread: Processed: found 912601 in 4.18.10-2
Next by thread: Processing of linux_4.9.135-1_source.changes
Index(es):
- Date
- Thread