Package: nfs-common Version: 1:1.2.2-4squeeze3 Severity: important Tags: squeeze patch
Hit this on a relatively busy NFSv4 client having had a much more lightly loaded client talking to the same server for several months without issues. rpc.idmapd crashes causing a failure to lookup username/group information for files; less than ideal when that's home directories. Some investigation found: https://bugzilla.redhat.com/show_bug.cgi?id=684308 pointing to a race condition between doing an fcntl F_SETSIG and F_NOTIFY. I've applied the patch from that bug report and been running successfully for over a month (having previously had rpc.idmapd die every couple of days). debdiff of what I'm using attached. -- System Information: Debian Release: 6.0.5 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-5-amd64 (SMP w/16 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages nfs-common depends on: ii adduser 3.112+nmu2 add and remove users and groups ii initscripts 2.88dsf-13.1+squeeze1 scripts for initializing and shutt ii libc6 2.11.3-3 Embedded GNU C Library: Shared lib ii libcap2 1:2.19-3 support for getting/setting POSIX. ii libcomerr2 1.41.12-4stable1 common error description library ii libevent-1.4-2 1.4.13-stable-1 An asynchronous event notification ii libgssapi-krb5-2 1.8.3+dfsg-4squeeze5 MIT Kerberos runtime libraries - k ii libgssglue1 0.1-4 mechanism-switch gssapi library ii libk5crypto3 1.8.3+dfsg-4squeeze5 MIT Kerberos runtime libraries - C ii libkrb5-3 1.8.3+dfsg-4squeeze5 MIT Kerberos runtime libraries ii libnfsidmap2 0.23-2 An nfs idmapping library ii librpcsecgss3 0.19-2 allows secure rpc communication us ii libwrap0 7.6.q-19 Wietse Venema's TCP wrappers libra ii lsb-base 3.2-23.2squeeze1 Linux Standard Base 3.2 init scrip ii netbase 4.45 Basic TCP/IP networking system ii portmap 6.0.0-2 RPC port mapper ii ucf 3.0025+nmu1 Update Configuration File: preserv nfs-common recommends no packages. nfs-common suggests no packages. -- no debconf information
diff -Nru nfs-utils-1.2.2/debian/changelog nfs-utils-1.2.2/debian/changelog --- nfs-utils-1.2.2/debian/changelog 2011-12-30 09:59:58.000000000 -0800 +++ nfs-utils-1.2.2/debian/changelog 2012-05-17 16:19:02.000000000 -0700 @@ -1,3 +1,9 @@ +nfs-utils (1:1.2.2-4squeeze3) stable; urgency=high + + * Fix rpc.idmapd dying. + + -- Jonathan McDowell <nood...@hp.com> Mon, 16 Apr 2012 13:44:20 -0700 + nfs-utils (1:1.2.2-4squeeze2) stable; urgency=high * Fix CVE-2011-1749: Avoid leaving a corrupt mtab file (Closes: #629420) diff -Nru nfs-utils-1.2.2/debian/patches/18-fix-idmapd-crash.patch nfs-utils-1.2.2/debian/patches/18-fix-idmapd-crash.patch --- nfs-utils-1.2.2/debian/patches/18-fix-idmapd-crash.patch 1969-12-31 16:00:00.000000000 -0800 +++ nfs-utils-1.2.2/debian/patches/18-fix-idmapd-crash.patch 2012-05-17 16:18:31.000000000 -0700 @@ -0,0 +1,18 @@ + +Fix issue with rpc.idmapd dying under load conditions due to a race condition +in registering for signal notification. + +Taken from https://bugzilla.redhat.com/show_bug.cgi?id=684308 + +--- nfs-utils-1.2.2/utils/idmapd/idmapd.c.orig 2010-02-18 04:35:00.000000000 -0800 ++++ nfs-utils-1.2.2/utils/idmapd/idmapd.c 2012-04-16 13:43:47.000000000 -0700 +@@ -766,8 +766,8 @@ nfsopen(struct idmap_client *ic) + } else { + event_set(&ic->ic_event, ic->ic_fd, EV_READ, nfscb, ic); + event_add(&ic->ic_event, NULL); +- fcntl(ic->ic_dirfd, F_SETSIG, 0); + fcntl(ic->ic_dirfd, F_NOTIFY, 0); ++ fcntl(ic->ic_dirfd, F_SETSIG, 0); + if (verbose > 0) + xlog_warn("Opened %s", ic->ic_path); + } diff -Nru nfs-utils-1.2.2/debian/patches/series nfs-utils-1.2.2/debian/patches/series --- nfs-utils-1.2.2/debian/patches/series 2011-12-30 09:57:46.000000000 -0800 +++ nfs-utils-1.2.2/debian/patches/series 2012-05-17 16:18:43.000000000 -0700 @@ -9,3 +9,4 @@ 15-mountd-fix-path-comparison-for-v4-crossmnt.patch 16-negotiate-des-only.patch 17-fix-CVE-2011-1749.patch +18-fix-idmapd-crash.patch
