Date: Thu, 29 Jan 2009 17:20:07 +0200 From: Jaakko Heinonen <jh@saunalahti.fi> To: Sean Bruno <sean.bruno@dsl-only.net> Cc: Michiel Boland <michiel@boland.org>, current@freebsd.org Subject: Re: NFS mounts dissapearing Message-ID: <20090129152006.GA3790@a91-153-125-115.elisa-laajakaista.fi> In-Reply-To: <20090129081654.GB854@a91-153-125-115.elisa-laajakaista.fi> References: <1233098540.2494.6.camel@localhost.localdomain> <49809B45.1000703@boland.org> <1233166048.3592.1.camel@localhost.localdomain> <20090129081654.GB854@a91-153-125-115.elisa-laajakaista.fi>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2009-01-29, Jaakko Heinonen wrote: > > > It appears to me that TCP connections to remote nfsd use a > > > privileged source port initially, > > > but if the connection is severed and reestablished later the source > > > port is no longer < 1024. Client is -CURRENT, server is solaris with > > > nfssrv:nfs_portmon=1. > > Indeed it looks like the new RPC code (I didn't verify that the old > works though) doesn't honour the resvport mount option on reconnects. I think I found the bug. The new RPC code doesn't properly elevate privileges before bindresvport() call in clnt_reconnect_connect(). For initial connection bindresvport() succeeds because the process has elevated privileges at that time. Does this patch fix the problem for you? %%% Index: sys/rpc/clnt_rc.c =================================================================== --- sys/rpc/clnt_rc.c (revision 187877) +++ sys/rpc/clnt_rc.c (working copy) @@ -181,11 +181,12 @@ again: rpc_createerr.cf_error.re_errno = 0; goto out; } - if (rc->rc_privport) - bindresvport(so, NULL); oldcred = td->td_ucred; td->td_ucred = rc->rc_ucred; + if (rc->rc_privport) + bindresvport(so, NULL); + if (rc->rc_nconf->nc_semantics == NC_TPI_CLTS) rc->rc_client = clnt_dg_create(so, (struct sockaddr *) &rc->rc_addr, rc->rc_prog, rc->rc_vers, %%% -- Jaakko
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090129152006.GA3790>