[jira] [Commented] (HDFS-6439) NFS should not reject NFS requests to the NULL procedure whether port monitoring is enabled or not

Mon, 16 Jun 2014 19:07:29 -0700 

    [ 
https://issues.apache.org/jira/browse/HDFS-6439?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14033329#comment-14033329
 ] 

Aaron T. Myers commented on HDFS-6439:
--------------------------------------

Latest patch looks pretty good to me, and I agree that the test failure is not 
due to this patch - it's due to a quirk of the way test-patch chooses to build 
the native libs or not.

Two small comments:

# It's fine to change the name of the config setting, but please add a 
deprecation delta for the old one so that this change will be backward 
compatible in that respect.
# The documentation addition is using the wrong name for the config setting. 
You need to remove the leading "dfs."

+1 once these are addressed.

Thanks, Brandon.

> NFS should not reject NFS requests to the NULL procedure whether port 
> monitoring is enabled or not
> --------------------------------------------------------------------------------------------------
>
>                 Key: HDFS-6439
>                 URL: https://issues.apache.org/jira/browse/HDFS-6439
>             Project: Hadoop HDFS
>          Issue Type: Bug
>          Components: nfs
>    Affects Versions: 2.4.0
>            Reporter: Brandon Li
>            Assignee: Aaron T. Myers
>         Attachments: HDFS-6439.003.patch, HDFS-6439.004.patch, 
> HDFS-6439.patch, HDFS-6439.patch, 
> linux-nfs-disallow-request-from-nonsecure-port.pcapng, 
> mount-nfs-requests.pcapng
>
>
> As discussed in HDFS-6406, this JIRA is to track the follow update:
> 1. Port monitoring is the feature name with traditional NFS server and we may 
> want to make the config property (along with related variable 
> allowInsecurePorts) something as dfs.nfs.port.monitoring. 
> 2 . According to RFC2623 (http://www.rfc-editor.org/rfc/rfc2623.txt):
> {quote}    Whether port monitoring is enabled or not, NFS servers SHOULD NOT 
> reject NFS requests to the NULL procedure (procedure number 0). See 
> subsection 2.3.1, "NULL procedure" for a complete explanation. {quote}
> I do notice that NFS clients (most time) send mount NULL and nfs NULL from 
> non-privileged port. If we deny NULL call in mountd or nfs server, the client 
> can't mount the export even as user root.
> 3. it would be nice to have the user guide updated for the port monitoring 
> feature.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Reply via email to