|Summary:||NFS does not honor the netgroups in /etc/exports|
|Product:||[Retired] Red Hat Linux||Reporter:||miker|
|Component:||nfs-utils||Assignee:||Michael K. Johnson <johnsonm>|
|Status:||CLOSED WORKSFORME||QA Contact:|
|Version:||7.2||CC:||aleksey, thoth, zaitcev|
|Fixed In Version:||Doc Type:||Bug Fix|
|Doc Text:||Story Points:||---|
|Last Closed:||2001-11-13 00:14:29 UTC||Type:||---|
|oVirt Team:||---||RHEL 7.3 requirements from Atomic Host:|
|Cloudforms Team:||---||Target Upstream Version:|
Description miker 2000-03-24 20:49:43 UTC
Mar 24 11:31:06 maya mountd: refused mount request from aztec.incanta.net for /homes7 (/): no export entry BUT(!) [miker@aztec miker]$ cat /etc/netgroup kennedy (aztec.incanta.net,,) (maya.incanta.net,,) (llama.incanta.net,,) (euterpe.incanta.net,,) (llama.incanta.net,,) (euterpe.incanta.net,,) (lumux.incanta.net,,) (oasis.incanta.net,,) (which is nis exported from aztec) and [miker@maya miker]$ cat /etc/exports /homes2 *.field.incanta.net(ro) @kennedy(rw) nile.purplefrog.com(rw) /homes4 *.field.incanta.net(ro) @kennedy(rw) nile.purplefrog.com(ro) /homes5 *.field.incanta.net(ro) @kennedy(rw) nile.purplefrog.com(ro) /homes6 *.field.incanta.net(ro) @kennedy(rw) nile.purplefrog.com(ro) /homes7 *.field.incanta.net(ro) @kennedy(rw) nile.purplefrog.com(ro)
Comment 1 Cristian Gafton 2000-08-09 02:33:58 UTC
assigned to johnsonm
Comment 2 Aleksey Nogin 2001-11-11 16:38:41 UTC
I still see this with both client and server running 7.2 (+all updates).
Comment 3 Aleksey Nogin 2001-11-11 16:43:47 UTC
*** Bug 5202 has been marked as a duplicate of this bug. ***
Comment 4 Aleksey Nogin 2001-11-11 16:50:35 UTC
There were no activity on this bug for over a year and I still see it in 7.2. Should it be reassigned "to owner of selected component (firstname.lastname@example.org)"? P.S. I also want to mention that what I see in 7.2 is very similar to what originally reported in that it complains "... for /xyz (/): no export entry" e.g. it is looking for an export entry for *root fs* even though /xyz is a separate fs and has a separate entry in /etc/exports (and if I explicitly list the client instead of just using a netgroup entry, then the log message would say that access to "/xyz (/xyz)" was granted).
Comment 5 thoth 2001-11-12 17:02:06 UTC
How the hell do people manage /etc/exports on an honest-to-god network of machines? Maybe everyone who exports a partition to more than 3 machines runs Solaris instead of Linux. It is drastically pathetic that his hasn't been fixed yet.
Comment 6 Bob Matthews 2001-11-12 17:13:07 UTC
The netgroups issue should have been fixed back in nfs-utils-0.3.1-1. What version of nfs-utils is running on the server? Might also be a NIS problem. What happens if you copy /etc/netgroup to the server and restart nfs services?
Comment 7 Aleksey Nogin 2001-11-12 20:21:47 UTC
nfs-utils-0.3.1-126.96.36.199 I do not have admin access to the server (and it's running on Solaris), but ypcat -k netgroup seems to do the right thing. Here are the relevant parts of my setup: server% ypmatch somegroup netgroup ... client ... server% ypmatch client netgroup (client,-,) (client.cs.cornell.edu,-,) (CLIENT,-,) (CLIENT.CS.CORNELL.EDU,-,) /etc/exports on server: /some_partition @somegroup(rw) ... log gets: <date> server rpc.mountd: refused mount request from client.cs.cornell.edu for /some_partition (/): no export entry
Comment 8 Bob Matthews 2001-11-12 20:45:29 UTC
> I still see this with both client and server running 7.2 ... > I do not have admin access to the server (and it's running on Solaris) These two statements contradict one another. Nevertheless, this appears to be entirely a server side issue. The nfs-utils are not even required to be installed on the client side in order to import directories. You aren't trying to re-export an nfs-mounted directory, are you? If so, that is specifically disallowed by the NFS v2 and 3 protocols.
Comment 9 Aleksey Nogin 2001-11-13 00:14:24 UTC
The *NFS* server is running RH7.2 and is controlled by me. The *YP* server is on another machine running Solaris and not controleld by me. > You aren't trying to re-export an nfs-mounted directory, are you? No, it's a local fs. And it works fine as long as I list the client explicitly in /etc/exports. I tried this on another pair of 7.2 machines (in the same NIS domain&group), same result.
Comment 10 Aleksey Nogin 2001-11-13 00:50:55 UTC
Ah, this was so dumb of me! I didn't realize that /etc/nsswitch.conf only had nisplus and not nis for netgroup. After I've updated it, everything started working properly!
Comment 11 Michael K. Johnson 2002-01-18 18:01:01 UTC
*** Bug 8839 has been marked as a duplicate of this bug. ***
Comment 12 thoth 2002-02-06 21:10:51 UTC
We opened this ticket, and I'm pleased to say that on our boxes that run 7.1, the problem is solved. The NFS server supports netgroup-based exports. Our 6.2 boxes still do not. They have nfs-utils-0.1.7-1 . Has redhat released an erratta for 6.2 that fixes this problem, or is the solution "upgrade the whole OS" ?
Comment 13 Bob Matthews 2002-02-07 14:22:46 UTC
We actually didn't release an errata specifically for 6.2, but the netgroups fix has been in since nfs-utils-0.3.1-1. I believe this should work for 6.2 boxes, but it hasn't been tested against such.