Odd Linux NFS server behavior.

Hello.  I seem to be having trouble when mounting the root directory of a Slackware96 (08/96) machine to any other machine on our network (Linux PCs, SGIs, and HPs).  The problem is twofold: files in directories not world accessible are silently ignored, and no file is writable.

OK, for those of you experts still reading 8^), here are some specifics.

The NFS server (the Slackware96 machine) has the following /etc/exports file:

server:~/# cat /etc/exports
# See exports(5) for a description.
# This file contains a list of all directories exported to other computers.
# It is used by rpc.nfsd and rpc.mountd.
/               (rw,root_squash,secure)

The machine has been completely rebooted with this file in place, so the daemons should be fresh.

On the client (for example, a Slackware 3 machine), I run the following mount command (where /server exists and is drwxr-xr-x):

client:~/# mount server:/ /server

The command succeeds with no output.  And, if I then try something like the following:

client:~/# su - alizhan

client:~/% ls -l
total 6
drwx------   5 alizhan  pmc          1024 Apr 22 14:21 Personal/
drwxr-xr-x   6 alizhan  pmc          1024 Apr 14 16:14 Public/
drwx------   3 alizhan  pmc          1024 May  6 14:07 Rubbish/
drwx------   6 alizhan  pmc          1024 Apr 14 16:15 Temp/

everything seems to work just fine.  Then the problems start showing up.  For example:

client:~/% ls -Al Public
total 12812
-rw-r--r--   1 alizhan  pmc       4324780 Apr 14 16:12 42400.stl
drwxr-xr-x   3 alizhan  pmc          1024 Apr 14 16:14 Dev
drwxr-xr-x   2 alizhan  pmc          1024 Apr 14 16:12 Dos
drwxr-xr-x   2 alizhan  pmc          1024 Apr 14 16:12 InBox
drwxr-xr-x   9 alizhan  pmc          1024 Apr 14 16:13 Unix
-rw-r--r--   1 alizhan  pmc       8735161 Apr 14 16:12 emacs-19_34.zip

client:~/% ls -Al Personal
total 0

client:~/% ls > foo
bash: foo: No such file or directory

The first command works, the second and third don't.  The Personal/ directory is _not_ empty, and I can think of no reason the file foo cannot be created (or clobbered, for that matter) as ~alizhan/ is drwxr-xr-x.

I have made sure that the UID/GID are the same between the two machines, and both machines know the address of the other.  I have tried explicitly manipulating the rw, rsize, and wsize parameters of the mount command, as well.  No effect.

Any ideas?
alizhanAsked:
Who is Participating?
 
sherwoodConnect With a Mentor Commented:
On server:  1.  BAD idea to export /.  NFS is not great at the
best of times. Export /home instead.
Try this:
On server:
/etc/exports:
/home      clientname(rw)

On server
rerun exportfs -av

On client:
mkdir /u
mkdir /u/servername1
mount servername:/home /u/servername1

(In general any file system I export is exported as
/u/server1 with increasing numers for other servers.
Thus I have home directories on /u/vega1 /u/vega2 /u/kepler1
/u/gauss1 and so on.  Makes the name space easy to keep track of.)
Now make your test on clientname again.
0
 
ggeensCommented:
Since you have the root_squash option set, all accesses by user root are translated into something harmless (normally nobody).
You can either remove the root_squash option, or use a different UID to access the NFS partition (recomended).

0
 
alizhanAuthor Commented:
Actually, most of the commands shown were being executed as user 'alizhan', not 'root' (as indicated, somewhat indirectly, by the 'su - alizhan' command and the changed prompt).  I get the same behavior no matter which account I am logged in on (or su'd to, I've tried it both ways).

Also, I have tried it with the 'no_root_squash' option, with no options at all (the /etc/exports entry line consisting solely of the '/'), and most of the other similar permutations.  None of these changes had an effect, either.

Sorry for the confusion.  Further ideas?

0
Take Control of Web Hosting For Your Clients

As a web developer or IT admin, successfully managing multiple client accounts can be challenging. In this webinar we will look at the tools provided by Media Temple and Plesk to make managing your clients’ hosting easier.

 
ggeensCommented:
Oops, my mistake. I normally use su to go from another user to root, not the other way round.

Do you still have the problem when you log in as a user (i.e., not using su)?
Can you mount directories from other servers?
Can you use other machines as clients for this server?

0
 
alizhanAuthor Commented:
> Do you still have the problem when you log in as a user (i.e., not using su)?

Yep.  Same problem.

> Can you mount directories from other servers?

Yes.  I have directories mounted onto the problem machine from a Linux 1.2.13 box, an SGI (Irix 5.3), and an HP (HP-UX 9.x).  All of these mounted directories work just fine.

> Can you use other machines as clients for this server?

Not sure I understand the question.  If you mean "can I successfully mount the problem machine's filesystem from _any_ machine on our network?" the answer seems to be "no."  All clients of the problem machine exhibit the same problematic behavior.

0
 
ggeensCommented:
How do you start the nfs server?

0
 
alizhanAuthor Commented:
The following is an excerpt from the /etc/rc.d/rc.inet2 file.  The file is as it was configured by the setup program (I have not modified it).

# Start the SUN RPC Portmapper.
if [ -f ${NET}/rpc.portmap ]; then
   echo -n " portmap"
   ${NET}/rpc.portmap
fi

(*snip*)

# # Start the various SUN RPC servers.
if [ -f ${NET}/rpc.portmap ]; then
  # Start the NFS server daemons.
  if [ -f ${NET}/rpc.mountd ]; then
    echo -n " mountd"
    ${NET}/rpc.mountd
  fi
  if [ -f ${NET}/rpc.nfsd ]; then
    echo -n " nfsd"
    ${NET}/rpc.nfsd
  fi
#  # Fire up the PC-NFS daemon(s).
#  if [ -f ${NET}/rpc.pcnfsd ]; then
#    echo -n " pcnfsd"
#    ${NET}/rpc.pcnfsd ${LPSPOOL}
#  fi
#  if [ -f ${NET}/rpc.bwnfsd ]; then
#    echo -n " bwnfsd"
#    ${NET}/rpc.bwnfsd ${LPSPOOL}
#  fi
fi # Done starting various SUN RPC servers.

All of the above seem to launch just fine.  I can kill them and relaunch them from the command line with equal apparent success (unless I try to turn on debugging, in which case they core dump).

BTW, In looking through /var/log/syslog for messages relating to these servers, I find repeated messages along the lines of

May 13 08:03:59 pele inetd[60]: /usr/sbin/nmbd: exit status 0x1

Is this related at all?

0
 
ggeensCommented:
You should either install Samba, or comment out two lines in /etc/inetd.conf:
netbios-ssn     stream  tcp     nowait  root    /usr/sbin/tcpd  /usr/sbin/smbd
netbios-ns      dgram   udp     wait    root    /usr/sbin/tcpd  /usr/sbin/nmbd
That will get rid of the nmbd lines.
The nfs server? I don't know. Just reject my answer and let someone else try.
0
 
alizhanAuthor Commented:
> The nfs server? I don't know. Just reject my answer and let someone else try.

Okay.  Thanks for your time.

0
 
alizhanAuthor Commented:
> On server: 1. BAD idea to export /. NFS is not great at the best of times. Export /home instead.

I would if I could.  I actually need '/' exported, not just the user accounts.  And besides . . .

> Try this:
*snip*
> Now make your test on clientname again.

This setup exhibited the same problems as previously described.  That is, exporting '/home' instead of '/' didn't change anything.

0
 
sherwoodCommented:
Arg.  Hmm.  There goes one theory.
That you can read the directories that have  group and other
read & execute, but NOT read the directories that are nominally
readable only by 'alizhan' indicates that that the server
is not regarding you-client as being the same as you-server.

I'm going to run some tests on my system, and see if I can
reproduce your problem.  

What version of the nfs package are you running?

Would you consider a full re-install as an option?

(I've had various bits of grief with Slackware.)

Anyway, I just tried this with my linux box, and am
unable to reproduce it.  

I mounted linux:/tmp to client:/tmp/linux,
adjusted permissions on linux to match what you had.

Check the versions of nfsd that you are running.
I'm running 2.2Beta25.

Nfsd has some debug options.  See man page for details.
Kill the running one, and try
/usr/sbin/rpc.nfsd -F --debug auth --debug ugid
0
 
alizhanAuthor Commented:
> Arg. Hmm. There goes one theory.
> That you can read the directories that have group and other
> read & execute, but NOT read the directories that are nominally
> readable only by 'alizhan' indicates that that the server
> is not regarding you-client as being the same as you-server.

That's what I thought, too; I just have no idea how to fix it.

Also, remember that I cannot modify any files even in those directories in which I do have rwx access.

> What version of the nfs package are you running?

server:~# /usr/sbin/rpc.nfsd --version
Universal NFS Server, version 2.2beta2
server:~# /usr/sbin/rpc.mountd --version
Universal NFS Server, version 2.2beta2

> Would you consider a full re-install as an option?
> (I've had various bits of grief with Slackware.)

Possibly, assuming there is a reason to do so.  What exactly would the reinstall entail?

> Anyway, I just tried this with my linux box, and am
> unable to reproduce it. I mounted linux:/tmp to
> client:/tmp/linux, adjusted permissions on linux to match what
> you had.

Figures 8^) .

> Nfsd has some debug options. See man page for details.
> Kill the running one, and try
> /usr/sbin/rpc.nfsd -F --debug auth --debug ugid

OK.  Starting the command as above on the server, and then mounting the directory on the client as:

client:~# mount server:/ /server

yields the following server messages:

nfsd[2021] 05/15/97 09:15 auth_path(/): mount point , (all_squash secure rw)

at which point the client command:

client:~# ls /server/home/alizhan/Personal

yields the server-side messages:

nfsd[2021] 05/15/97 09:17 auth_path(/home): mount point /home, (root_squash secure rw)
nfsd[2021] 05/15/97 09:17 luid(192.1.2.39, 0) = 65534
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 0) = 100
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 0) = 100
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 1) = 1
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 2) = 2
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 3) = 3
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 4) = 4
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 12) = 12
nfsd[2021] 05/15/97 09:17 luid(192.1.2.39, 0) = 65534
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 0) = 100
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 0) = 100
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 1) = 1
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 2) = 2
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 3) = 3
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 4) = 4
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 12) = 12
nfsd[2021] 05/15/97 09:17 auth_path(/home/alizhan): mount point /home, (root_squash secure rw)
nfsd[2021] 05/15/97 09:17 luid(192.1.2.39, 0) = 65534
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 0) = 100
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 100) = 100
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 1) = 1
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 2) = 2
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 3) = 3
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 4) = 4
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 12) = 12
nfsd[2021] 05/15/97 09:17 luid(192.1.2.39, 0) = 65534
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 0) = 100
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 0) = 100
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 1) = 1
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 2) = 2
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 3) = 3
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 4) = 4
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 12) = 12
nfsd[2021] 05/15/97 09:17 auth_path(/home/alizhan/Personal): mount point /home, (root_squash secure rw)
nfsd[2021] 05/15/97 09:17 luid(192.1.2.39, 0) = 65534
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 0) = 100
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 100) = 100
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 1) = 1
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 2) = 2
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 3) = 3
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 4) = 4
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 12) = 12
nfsd[2021] 05/15/97 09:17 luid(192.1.2.39, 0) = 65534
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 0) = 100
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 0) = 100
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 1) = 1
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 2) = 2
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 3) = 3
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 4) = 4
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 12) = 12
nfsd[2021] 05/15/97 09:17 luid(192.1.2.39, 0) = 65534
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 0) = 100
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 0) = 100
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 1) = 1
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 2) = 2
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 3) = 3
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 4) = 4
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 12) = 12

0
 
sherwoodCommented:
Ok.  Note that gid 0 is getting mapped to gid 100.
Seems odd.  NOt sure of it's significance.

My version is 2.2beta25, yours is 2.2beta2.  Which
implies there have been a hoard of patches.  Run
to your nearest slackware archive, and pick up the
latest version packaged for slackware, or alternately,
go pick up the source from nearly any linux archive,
and build it yourself.

If this doesn't work, then give me an F so that others
can take a crack at it.

0
 
alizhanAuthor Commented:
> My version is 2.2beta25, yours is 2.2beta2. Which implies there
> have been a hoard of patches.

Yeah, I noticed that, too.  

> Run to your nearest slackware archive, and pick up the latest
> version packaged for slackware, or alternately, go pick up the
> source from nearly any linux archive, and build it yourself.

Either of these options would be acceptable were I able to locate the NFS utilities 8^}. I wandered all around archives like yggdrasil.com and never did find anything appropriate--where are they?

0
 
sherwoodCommented:
In the Debian distribution nfsd is in the netstd package.

You can pick this up as source at
ftp://ftp.debian.org/debian/stable/source/net/netstd_2.12.orig.tar.gz

Pick up the diff file too, and apply the diff.
0
 
alizhanAuthor Commented:
> You can pick this up as source at
ftp://ftp.debian.org/debian/stable/source/net/netstd_2.12.orig.tar.gz 

> Pick up the diff file too, and apply the diff.

This only gets me to beta 24, but it actually seems to work!  Woo, hoo!  Of course, now it just exhibits other problems, but I think those are better served as new Questions.

Now then, a logistical question about this conversation.  How do I give you a good grade for the final answer (upgrade, upgrade, upgrade) without drawing attention to the originally-proposed answer (which, while good advice, did nothing to solve the real problem)?  Can I do this, or is experts-exchange not set up this way?

0
 
sherwoodCommented:
I think that you have an option for a comment in the final
answer, or that you can edit the final answer.

Hell, grade the damn thing, and I'll fuss with them if
needbe.
0
All Courses

From novice to tech pro — start learning today.