Date: Tue, 26 Aug 2014 09:29:58 -0500 From: "William A. Mahaffey III" <wam@hiwaay.net> To: "FreeBSD Questions !!!!" <freebsd-questions@freebsd.org> Subject: NFS on unprivileged ports .... Message-ID: <53FC99E6.7080509@hiwaay.net>
next in thread | raw e-mail | index | archive | help
.... I have nfsd running on my FBSD 9.3 desktop, exporting /home (~3.6 TiB). I can mount/see/use it from all other machines on my LAN (all Linux boxen) *except* for a CentOS 5.n VM running on one of the other boxen. When the VM tries to (auto)mount the exported partition on the FBSD box ('jaguar'), I get the following (from earlier this A.M.): [root@centos-5:/etc, Tue Aug 26, 06:28 AM] 1008 # lf /net/jaguar/home/ /net/q6600/home/ /net/opty165a/work/ /net/opty165a/home/ /net/cube/home/ ls: /net/jaguar/home/: No such file or directory /net/cube/home/: Opty165A/ Q6600/ VMs/ archive/ lost+found/ makedepend* pub/ wam/ /net/opty165a/home/: FTP/ RPMs/ SGI/ archive/ lost+found/ rsync/ wam/ /net/opty165a/work/: FTP/ ISOs/ RPMs/ VMs/ archive/ lost+found/ vmware/ wam/ /net/q6600/home/: FTP/ ISOs/ VMs/ archive/ lost+found/ rsync/ wam/ work/ [root@centos-5:/etc, Tue Aug 26, 06:29 AM] 1009 # df ; w ; /sbin/swapon -s ; free -m ; uname -a ; hwclock -r; date Filesystem Type 1K-blocks Used Available Use% Mounted on /dev/mapper/VolGroup00-LogVol00 ext3 46691248 7505344 36775820 17% / /dev/hda1 ext3 101086 26854 69013 29% /boot tmpfs tmpfs 1029372 0 1029372 0% /dev/shm q6600:/home nfs 1906370560 1025951744 783581184 57% /net/q6600/home opty165a:/work nfs 480719104 410868736 45431040 91% /net/opty165a/work opty165a:/home nfs 473086208 351912192 96754944 79% /net/opty165a/home cube:/home nfs 155794432 143113728 4638976 97% /net/cube/home 06:29:20 up 121 days, 12:12, 3 users, load average: 0.04, 0.02, 0.00 USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT wam pts/0 192.168.122.1 Thu07 46:20m 1.96s 1.96s -tcsh root pts/1 192.168.122.1 Sun08 46:11m 0.09s 0.09s -bash root pts/2 192.168.122.1 Sun08 0.00s 0.09s 0.08s -bash Filename Type Size Used Priority /dev/mapper/VolGroup00-LogVol01 partition 4095992 76 -1 total used free shared buffers cached Mem: 2010 1891 118 0 327 943 -/+ buffers/cache: 620 1389 Swap: 3999 0 3999 Linux centos-5.6-vm 2.6.18-371.8.1.el5.centos.plus #1 SMP Thu Apr 24 18:32:18 EDT 2014 x86_64 x86_64 x86_64 GNU/Linux Tue Aug 26 06:29:28 2014 -1.008094 seconds Tue Aug 26 06:29:21 CDT 2014 [root@centos-5:/etc, Tue Aug 26, 06:29 AM] 1010 # i.e., it can see all other exported partitions except the FBSD (jaguar). On the FBSD box, I get the following: [root@kabini1, /etc, 6:24:31am] 708 % grep vfs LIST.sysctl-A.txt | grep nfs | grep priv vfs.nfsd.nfs_privport: 0 [root@kabini1, /etc, 6:24:50am] 709 % service mountd status Cannot 'status' mountd. Set mountd_enable to YES in /etc/rc.conf or use 'onestatus' instead of 'status'. [root@kabini1, /etc, 6:26:08am] 710 % service mountd onestatus mountd is running as pid 718. [root@kabini1, /etc, 6:26:16am] 711 % ps -aux | grep mountd root 718 0.0 0.0 16180 3836 ?? Is 15Aug14 0:00.03 /usr/sbin/mountd -r root 51859 0.0 0.0 16332 2024 10 S+ 6:26AM 0:00.00 grep mountd wam 51820 0.0 0.0 14544 2428 17 I+ 6:22AM 0:00.01 /bin/sh /usr/bin/man mountd [root@kabini1, /etc, 6:26:35am] 712 % grep -i mountd rc.d/* rc.d/mountd:# $FreeBSD: releng/9.3/etc/rc.d/mountd 231792 2012-02-15 22:59:15Z dougb $ rc.d/mountd:# PROVIDE: mountd rc.d/mountd:name="mountd" rc.d/mountd:rcvar="mountd_enable" rc.d/mountd:start_precmd="mountd_precmd" rc.d/mountd:mountd_precmd() rc.d/mountd: # mountd flags will differ depending on rc.conf settings rc.d/mountd: if checkyesno weak_mountd_authentication; then rc.d/mountd: rc_flags="${mountd_flags} -n" rc.d/mountd: if checkyesno mountd_enable; then rc.d/mountd: checkyesno weak_mountd_authentication && rc_flags="-n" rc.d/mountd: rm -f /var/db/mountdtab rc.d/mountd: ( umask 022 ; > /var/db/mountdtab ) || rc.d/mountd: err 1 'Cannot create /var/db/mountdtab' rc.d/nfsd:# REQUIRE: mountd hostname gssd nfsuserd rc.d/nfsd: force_depend mountd || return 1 [root@kabini1, /etc, 6:27:19am] 713 % (tail -10 /var/log/messages ; date) Aug 24 08:09:44 kabini1 mountd[718]: mount request from 192.168.0.9 from unprivileged port Aug 24 08:18:12 kabini1 mountd[718]: mount request from 192.168.0.9 from unprivileged port Aug 24 08:18:51 kabini1 su: wam to root on /dev/pts/19 Aug 24 08:52:04 kabini1 mountd[718]: mount request from 192.168.0.9 from unprivileged port Aug 24 09:10:23 kabini1 ntpd[804]: time reset +0.186836 s Aug 24 11:37:21 kabini1 dbus[738]: [system] Failed to activate service 'org.freedesktop.Avahi': timed out Aug 24 11:38:57 kabini1 dbus[738]: [system] Failed to activate service 'org.freedesktop.Avahi': timed out Aug 24 11:40:21 kabini1 dbus[738]: [system] Failed to activate service 'org.freedesktop.Avahi': timed out Aug 24 11:48:49 kabini1 last message repeated 7 times Aug 26 06:29:25 kabini1 mountd[718]: mount request from 192.168.0.9 from unprivileged port Tue Aug 26 06:30:14 CDT 2014 [root@kabini1, /etc, 6:30:14am] 714 % i.e., the mount request from the VM is apparently coming in on an unprivileged port & the FBSD box's mountd is dropping/ignoring it. The other boxen handle it OK. I have ipfw dropping all such traffic *not* originating on my LAN, so I don't mind using the unprivileged port (I don't think there are any security issues). How do I get FBSD's nfsd/mountd to allow/handle the mount request on unprivileged ports ? TIA .... -- William A. Mahaffey III ---------------------------------------------------------------------- "The M1 Garand is without doubt the finest implement of war ever devised by man." -- Gen. George S. Patton Jr.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?53FC99E6.7080509>