Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.

Bug 10332

Summary: NFS does not honor the netgroups in /etc/exports
Product: [Retired] Red Hat Linux Reporter: miker
Component: nfs-utilsAssignee: Michael K. Johnson <johnsonm>
Status: CLOSED WORKSFORME QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 7.2CC: aleksey, thoth, zaitcev
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2001-11-13 00:14:29 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description miker 2000-03-24 20:49:43 UTC
Mar 24 11:31:06 maya mountd[26991]: refused mount request from
aztec.incanta.net for /homes7 (/): no export entry

BUT(!)

[miker@aztec miker]$ cat /etc/netgroup
kennedy (aztec.incanta.net,,) (maya.incanta.net,,) (llama.incanta.net,,)
(euterpe.incanta.net,,) (llama.incanta.net,,) (euterpe.incanta.net,,)
(lumux.incanta.net,,) (oasis.incanta.net,,)

(which is nis exported from aztec)

and

[miker@maya miker]$ cat /etc/exports
/homes2         *.field.incanta.net(ro) @kennedy(rw)
nile.purplefrog.com(rw)
/homes4         *.field.incanta.net(ro) @kennedy(rw)
nile.purplefrog.com(ro)
/homes5         *.field.incanta.net(ro) @kennedy(rw)
nile.purplefrog.com(ro)
/homes6         *.field.incanta.net(ro) @kennedy(rw)
nile.purplefrog.com(ro)
/homes7         *.field.incanta.net(ro) @kennedy(rw)
nile.purplefrog.com(ro)

Comment 1 Cristian Gafton 2000-08-09 02:33:58 UTC
assigned to johnsonm

Comment 2 Aleksey Nogin 2001-11-11 16:38:41 UTC
I still see this with both client and server running 7.2 (+all updates).

Comment 3 Aleksey Nogin 2001-11-11 16:43:47 UTC
*** Bug 5202 has been marked as a duplicate of this bug. ***

Comment 4 Aleksey Nogin 2001-11-11 16:50:35 UTC
There were no activity on this bug for over a year and I still see it in 7.2.
Should it be reassigned "to owner of selected component  (bmatthews@redhat.com)"?

P.S. I also want to mention that what I see in 7.2 is very similar to what
originally reported in that it complains 
"... for /xyz (/): no export entry"
e.g. it is looking for an export entry for *root fs* even though /xyz is a
separate fs and has a separate entry in /etc/exports (and if I explicitly list
the client instead of just using a netgroup entry, then the log message would
say that access to "/xyz (/xyz)" was granted).

Comment 5 thoth 2001-11-12 17:02:06 UTC
How the hell do people manage /etc/exports on an honest-to-god network of
machines?  Maybe everyone who exports a partition to more than 3 machines runs
Solaris instead of Linux.

It is drastically pathetic that his hasn't been fixed yet.


Comment 6 Bob Matthews 2001-11-12 17:13:07 UTC
The netgroups issue should have been fixed back in nfs-utils-0.3.1-1.  What
version of nfs-utils is running on the server?

Might also be a NIS problem.  What happens if you copy /etc/netgroup to the
server and restart nfs services?

Comment 7 Aleksey Nogin 2001-11-12 20:21:47 UTC
nfs-utils-0.3.1-13.7.2.1

I do not have admin access to the server (and it's running on Solaris), but
ypcat -k netgroup seems to do the right thing.

Here are the relevant parts of my setup:
server% ypmatch somegroup netgroup
... client ...
server% ypmatch client netgroup
(client,-,) (client.cs.cornell.edu,-,) (CLIENT,-,) (CLIENT.CS.CORNELL.EDU,-,)

/etc/exports on server:
/some_partition @somegroup(rw)
...

log gets:
<date> server rpc.mountd: refused mount request from client.cs.cornell.edu for
/some_partition (/): no export entry

Comment 8 Bob Matthews 2001-11-12 20:45:29 UTC
> I still see this with both client and server running 7.2
...
> I do not have admin access to the server (and it's running on Solaris)

These two statements contradict one another.  Nevertheless, this appears to be
entirely a server side issue.  The nfs-utils are not even required to be
installed on the client side in order to import directories.

You aren't trying to re-export an nfs-mounted directory, are you?  If so, that
is specifically disallowed by the NFS v2 and 3 protocols.

Comment 9 Aleksey Nogin 2001-11-13 00:14:24 UTC
The *NFS* server is running RH7.2 and is controlled by me. The *YP* server is on
another machine running Solaris and not controleld by me.

> You aren't trying to re-export an nfs-mounted directory, are you?
No, it's a local fs. And it works fine as long as I list the client explicitly
in /etc/exports.

I tried this on another pair of 7.2 machines (in the same NIS domain&group),
same result.

Comment 10 Aleksey Nogin 2001-11-13 00:50:55 UTC
Ah, this was so dumb of me! I didn't realize that /etc/nsswitch.conf only had
nisplus and not nis for netgroup. After I've updated it, everything started
working properly!

Comment 11 Michael K. Johnson 2002-01-18 18:01:01 UTC
*** Bug 8839 has been marked as a duplicate of this bug. ***

Comment 12 thoth 2002-02-06 21:10:51 UTC
We opened this ticket, and I'm pleased to say that on our boxes that run 7.1,
the problem is solved.  The NFS server supports netgroup-based exports.  

Our 6.2 boxes still do not.  They have nfs-utils-0.1.7-1 .  Has redhat released
an erratta for 6.2 that fixes this problem, or is the solution "upgrade the
whole OS" ?


Comment 13 Bob Matthews 2002-02-07 14:22:46 UTC
We actually didn't release an errata specifically for 6.2, but the netgroups fix
has been in since nfs-utils-0.3.1-1.  I believe this should work for 6.2 boxes,
but it hasn't been tested against such.