Solved

Odd Linux NFS server behavior.

Posted on 1997-05-08
17
354 Views
Last Modified: 2006-11-17
Hello.  I seem to be having trouble when mounting the root directory of a Slackware96 (08/96) machine to any other machine on our network (Linux PCs, SGIs, and HPs).  The problem is twofold: files in directories not world accessible are silently ignored, and no file is writable.

OK, for those of you experts still reading 8^), here are some specifics.

The NFS server (the Slackware96 machine) has the following /etc/exports file:

server:~/# cat /etc/exports
# See exports(5) for a description.
# This file contains a list of all directories exported to other computers.
# It is used by rpc.nfsd and rpc.mountd.
/               (rw,root_squash,secure)

The machine has been completely rebooted with this file in place, so the daemons should be fresh.

On the client (for example, a Slackware 3 machine), I run the following mount command (where /server exists and is drwxr-xr-x):

client:~/# mount server:/ /server

The command succeeds with no output.  And, if I then try something like the following:

client:~/# su - alizhan

client:~/% ls -l
total 6
drwx------   5 alizhan  pmc          1024 Apr 22 14:21 Personal/
drwxr-xr-x   6 alizhan  pmc          1024 Apr 14 16:14 Public/
drwx------   3 alizhan  pmc          1024 May  6 14:07 Rubbish/
drwx------   6 alizhan  pmc          1024 Apr 14 16:15 Temp/

everything seems to work just fine.  Then the problems start showing up.  For example:

client:~/% ls -Al Public
total 12812
-rw-r--r--   1 alizhan  pmc       4324780 Apr 14 16:12 42400.stl
drwxr-xr-x   3 alizhan  pmc          1024 Apr 14 16:14 Dev
drwxr-xr-x   2 alizhan  pmc          1024 Apr 14 16:12 Dos
drwxr-xr-x   2 alizhan  pmc          1024 Apr 14 16:12 InBox
drwxr-xr-x   9 alizhan  pmc          1024 Apr 14 16:13 Unix
-rw-r--r--   1 alizhan  pmc       8735161 Apr 14 16:12 emacs-19_34.zip

client:~/% ls -Al Personal
total 0

client:~/% ls > foo
bash: foo: No such file or directory

The first command works, the second and third don't.  The Personal/ directory is _not_ empty, and I can think of no reason the file foo cannot be created (or clobbered, for that matter) as ~alizhan/ is drwxr-xr-x.

I have made sure that the UID/GID are the same between the two machines, and both machines know the address of the other.  I have tried explicitly manipulating the rw, rsize, and wsize parameters of the mount command, as well.  No effect.

Any ideas?
0
Comment
Question by:alizhan
  • 8
  • 5
  • 4
17 Comments
 
LVL 1

Expert Comment

by:ggeens
ID: 1584592
Since you have the root_squash option set, all accesses by user root are translated into something harmless (normally nobody).
You can either remove the root_squash option, or use a different UID to access the NFS partition (recomended).

0
 

Author Comment

by:alizhan
ID: 1584593
Actually, most of the commands shown were being executed as user 'alizhan', not 'root' (as indicated, somewhat indirectly, by the 'su - alizhan' command and the changed prompt).  I get the same behavior no matter which account I am logged in on (or su'd to, I've tried it both ways).

Also, I have tried it with the 'no_root_squash' option, with no options at all (the /etc/exports entry line consisting solely of the '/'), and most of the other similar permutations.  None of these changes had an effect, either.

Sorry for the confusion.  Further ideas?

0
 
LVL 1

Expert Comment

by:ggeens
ID: 1584594
Oops, my mistake. I normally use su to go from another user to root, not the other way round.

Do you still have the problem when you log in as a user (i.e., not using su)?
Can you mount directories from other servers?
Can you use other machines as clients for this server?

0
 

Author Comment

by:alizhan
ID: 1584595
> Do you still have the problem when you log in as a user (i.e., not using su)?

Yep.  Same problem.

> Can you mount directories from other servers?

Yes.  I have directories mounted onto the problem machine from a Linux 1.2.13 box, an SGI (Irix 5.3), and an HP (HP-UX 9.x).  All of these mounted directories work just fine.

> Can you use other machines as clients for this server?

Not sure I understand the question.  If you mean "can I successfully mount the problem machine's filesystem from _any_ machine on our network?" the answer seems to be "no."  All clients of the problem machine exhibit the same problematic behavior.

0
 
LVL 1

Expert Comment

by:ggeens
ID: 1584596
How do you start the nfs server?

0
 

Author Comment

by:alizhan
ID: 1584597
The following is an excerpt from the /etc/rc.d/rc.inet2 file.  The file is as it was configured by the setup program (I have not modified it).

# Start the SUN RPC Portmapper.
if [ -f ${NET}/rpc.portmap ]; then
   echo -n " portmap"
   ${NET}/rpc.portmap
fi

(*snip*)

# # Start the various SUN RPC servers.
if [ -f ${NET}/rpc.portmap ]; then
  # Start the NFS server daemons.
  if [ -f ${NET}/rpc.mountd ]; then
    echo -n " mountd"
    ${NET}/rpc.mountd
  fi
  if [ -f ${NET}/rpc.nfsd ]; then
    echo -n " nfsd"
    ${NET}/rpc.nfsd
  fi
#  # Fire up the PC-NFS daemon(s).
#  if [ -f ${NET}/rpc.pcnfsd ]; then
#    echo -n " pcnfsd"
#    ${NET}/rpc.pcnfsd ${LPSPOOL}
#  fi
#  if [ -f ${NET}/rpc.bwnfsd ]; then
#    echo -n " bwnfsd"
#    ${NET}/rpc.bwnfsd ${LPSPOOL}
#  fi
fi # Done starting various SUN RPC servers.

All of the above seem to launch just fine.  I can kill them and relaunch them from the command line with equal apparent success (unless I try to turn on debugging, in which case they core dump).

BTW, In looking through /var/log/syslog for messages relating to these servers, I find repeated messages along the lines of

May 13 08:03:59 pele inetd[60]: /usr/sbin/nmbd: exit status 0x1

Is this related at all?

0
 
LVL 1

Expert Comment

by:ggeens
ID: 1584598
You should either install Samba, or comment out two lines in /etc/inetd.conf:
netbios-ssn     stream  tcp     nowait  root    /usr/sbin/tcpd  /usr/sbin/smbd
netbios-ns      dgram   udp     wait    root    /usr/sbin/tcpd  /usr/sbin/nmbd
That will get rid of the nmbd lines.
The nfs server? I don't know. Just reject my answer and let someone else try.
0
 

Author Comment

by:alizhan
ID: 1584599
> The nfs server? I don't know. Just reject my answer and let someone else try.

Okay.  Thanks for your time.

0
Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

 
LVL 1

Accepted Solution

by:
sherwood earned 100 total points
ID: 1584600
On server:  1.  BAD idea to export /.  NFS is not great at the
best of times. Export /home instead.
Try this:
On server:
/etc/exports:
/home      clientname(rw)

On server
rerun exportfs -av

On client:
mkdir /u
mkdir /u/servername1
mount servername:/home /u/servername1

(In general any file system I export is exported as
/u/server1 with increasing numers for other servers.
Thus I have home directories on /u/vega1 /u/vega2 /u/kepler1
/u/gauss1 and so on.  Makes the name space easy to keep track of.)
Now make your test on clientname again.
0
 

Author Comment

by:alizhan
ID: 1584601
> On server: 1. BAD idea to export /. NFS is not great at the best of times. Export /home instead.

I would if I could.  I actually need '/' exported, not just the user accounts.  And besides . . .

> Try this:
*snip*
> Now make your test on clientname again.

This setup exhibited the same problems as previously described.  That is, exporting '/home' instead of '/' didn't change anything.

0
 
LVL 1

Expert Comment

by:sherwood
ID: 1584602
Arg.  Hmm.  There goes one theory.
That you can read the directories that have  group and other
read & execute, but NOT read the directories that are nominally
readable only by 'alizhan' indicates that that the server
is not regarding you-client as being the same as you-server.

I'm going to run some tests on my system, and see if I can
reproduce your problem.  

What version of the nfs package are you running?

Would you consider a full re-install as an option?

(I've had various bits of grief with Slackware.)

Anyway, I just tried this with my linux box, and am
unable to reproduce it.  

I mounted linux:/tmp to client:/tmp/linux,
adjusted permissions on linux to match what you had.

Check the versions of nfsd that you are running.
I'm running 2.2Beta25.

Nfsd has some debug options.  See man page for details.
Kill the running one, and try
/usr/sbin/rpc.nfsd -F --debug auth --debug ugid
0
 

Author Comment

by:alizhan
ID: 1584603
> Arg. Hmm. There goes one theory.
> That you can read the directories that have group and other
> read & execute, but NOT read the directories that are nominally
> readable only by 'alizhan' indicates that that the server
> is not regarding you-client as being the same as you-server.

That's what I thought, too; I just have no idea how to fix it.

Also, remember that I cannot modify any files even in those directories in which I do have rwx access.

> What version of the nfs package are you running?

server:~# /usr/sbin/rpc.nfsd --version
Universal NFS Server, version 2.2beta2
server:~# /usr/sbin/rpc.mountd --version
Universal NFS Server, version 2.2beta2

> Would you consider a full re-install as an option?
> (I've had various bits of grief with Slackware.)

Possibly, assuming there is a reason to do so.  What exactly would the reinstall entail?

> Anyway, I just tried this with my linux box, and am
> unable to reproduce it. I mounted linux:/tmp to
> client:/tmp/linux, adjusted permissions on linux to match what
> you had.

Figures 8^) .

> Nfsd has some debug options. See man page for details.
> Kill the running one, and try
> /usr/sbin/rpc.nfsd -F --debug auth --debug ugid

OK.  Starting the command as above on the server, and then mounting the directory on the client as:

client:~# mount server:/ /server

yields the following server messages:

nfsd[2021] 05/15/97 09:15 auth_path(/): mount point , (all_squash secure rw)

at which point the client command:

client:~# ls /server/home/alizhan/Personal

yields the server-side messages:

nfsd[2021] 05/15/97 09:17 auth_path(/home): mount point /home, (root_squash secure rw)
nfsd[2021] 05/15/97 09:17 luid(192.1.2.39, 0) = 65534
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 0) = 100
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 0) = 100
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 1) = 1
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 2) = 2
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 3) = 3
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 4) = 4
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 12) = 12
nfsd[2021] 05/15/97 09:17 luid(192.1.2.39, 0) = 65534
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 0) = 100
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 0) = 100
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 1) = 1
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 2) = 2
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 3) = 3
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 4) = 4
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 12) = 12
nfsd[2021] 05/15/97 09:17 auth_path(/home/alizhan): mount point /home, (root_squash secure rw)
nfsd[2021] 05/15/97 09:17 luid(192.1.2.39, 0) = 65534
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 0) = 100
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 100) = 100
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 1) = 1
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 2) = 2
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 3) = 3
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 4) = 4
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 12) = 12
nfsd[2021] 05/15/97 09:17 luid(192.1.2.39, 0) = 65534
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 0) = 100
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 0) = 100
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 1) = 1
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 2) = 2
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 3) = 3
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 4) = 4
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 12) = 12
nfsd[2021] 05/15/97 09:17 auth_path(/home/alizhan/Personal): mount point /home, (root_squash secure rw)
nfsd[2021] 05/15/97 09:17 luid(192.1.2.39, 0) = 65534
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 0) = 100
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 100) = 100
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 1) = 1
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 2) = 2
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 3) = 3
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 4) = 4
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 12) = 12
nfsd[2021] 05/15/97 09:17 luid(192.1.2.39, 0) = 65534
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 0) = 100
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 0) = 100
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 1) = 1
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 2) = 2
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 3) = 3
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 4) = 4
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 12) = 12
nfsd[2021] 05/15/97 09:17 luid(192.1.2.39, 0) = 65534
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 0) = 100
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 0) = 100
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 1) = 1
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 2) = 2
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 3) = 3
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 4) = 4
nfsd[2021] 05/15/97 09:17 lgid(192.1.2.39, 12) = 12

0
 
LVL 1

Expert Comment

by:sherwood
ID: 1584604
Ok.  Note that gid 0 is getting mapped to gid 100.
Seems odd.  NOt sure of it's significance.

My version is 2.2beta25, yours is 2.2beta2.  Which
implies there have been a hoard of patches.  Run
to your nearest slackware archive, and pick up the
latest version packaged for slackware, or alternately,
go pick up the source from nearly any linux archive,
and build it yourself.

If this doesn't work, then give me an F so that others
can take a crack at it.

0
 

Author Comment

by:alizhan
ID: 1584605
> My version is 2.2beta25, yours is 2.2beta2. Which implies there
> have been a hoard of patches.

Yeah, I noticed that, too.  

> Run to your nearest slackware archive, and pick up the latest
> version packaged for slackware, or alternately, go pick up the
> source from nearly any linux archive, and build it yourself.

Either of these options would be acceptable were I able to locate the NFS utilities 8^}. I wandered all around archives like yggdrasil.com and never did find anything appropriate--where are they?

0
 
LVL 1

Expert Comment

by:sherwood
ID: 1584606
In the Debian distribution nfsd is in the netstd package.

You can pick this up as source at
ftp://ftp.debian.org/debian/stable/source/net/netstd_2.12.orig.tar.gz

Pick up the diff file too, and apply the diff.
0
 

Author Comment

by:alizhan
ID: 1584607
> You can pick this up as source at
>  ftp://ftp.debian.org/debian/stable/source/net/netstd_2.12.orig.tar.gz

> Pick up the diff file too, and apply the diff.

This only gets me to beta 24, but it actually seems to work!  Woo, hoo!  Of course, now it just exhibits other problems, but I think those are better served as new Questions.

Now then, a logistical question about this conversation.  How do I give you a good grade for the final answer (upgrade, upgrade, upgrade) without drawing attention to the originally-proposed answer (which, while good advice, did nothing to solve the real problem)?  Can I do this, or is experts-exchange not set up this way?

0
 
LVL 1

Expert Comment

by:sherwood
ID: 1584608
I think that you have an option for a comment in the final
answer, or that you can edit the final answer.

Hell, grade the damn thing, and I'll fuss with them if
needbe.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now