I don't think you need to reinstall. The snoop output shows AUTH_SYS for the good attempt and AUTH_NONE for the bad one.
Sent from my iPhone On Sep 17, 2009, at 3:36 PM, Steve Ruiz <sdr at ruizs.org> wrote: >> I suspect that your client is trying something other than AUTH_SYS, > perhaps AUTH_NONE? > > I have specified auth=sys on the client side, hopefully that is > working. Here's the entire mount string from my vm.cfg (i've tried > quite a few variations of this as well): > extra = "nfsroot=10.10.3.26:/volumes/datavol/ > nfsboottest,v3,tcp,noacl,sec=sys selinux=0" > If this is a result from your new specification on the client, then you are good to go... >> Does 10.10.3.191 need access for this test? Or is there an error >> between > it and 171? > That is another server - i believe its the one I cloned/created the > nfs root volume from, so safe to disregard. I've also tried > exporting to * with no luck. > > > Opensolaris build : I'm not sure, this is actually a NexentaStor > install (i've been working with their support but no luck yet, so I > thought I'd ask here), uname gives me SunOS nexentastor 5.11 > NexentaOS_20081207. Which brings up a good point - I will setup a > stock opensolaris VM and try to boot against that, to rule out > nexenta or opensolaris as the issue - I'll report back soon. > > > Here's snoop -v info from the end of that conversation, I've tried > to remove irrelevant info (ether info, tcp header,etc). First up is > a successful one, the fsinfo3 request and OK response. Second block > is the denied request. Thanks so much for helping out, I will get > back after I look at this against a stock install. > > > > > ****Successful conversation in snoop -v:**** > ETHER: ----- Ether Header ----- > IP: ----- IP Header ----- > IP: > IP: Version = 4 > IP: Source address = 10.10.3.147, nfstest.mycompany.com > IP: Destination address = 10.10.3.26, solarisstorage.mycompany.com > IP: No options > IP: > TCP: ----- TCP Header ----- > TCP: > TCP: Source port = 875 > TCP: Destination port = 2049 (Sun RPC) > TCP: > RPC: ----- SUN RPC Header ----- > RPC: > RPC: Record Mark: last fragment, length = 104 > RPC: Transaction id = 3782673754 > RPC: Type = 0 (Call) > RPC: RPC version = 2 > RPC: Program = 100003 (NFS), version = 3, procedure = 19 > RPC: Credentials: Flavor = 1 (Unix), len = 28 bytes Flavor is 1, which is AUTH_SYS. > RPC: Time = 17179575 > RPC: Hostname = nfstest > RPC: Uid = 0, Gid = 0 > RPC: Groups = (none) > RPC: Verifier : Flavor = 0 (None), len = 0 bytes > RPC: > NFS: ----- Sun NFS ----- > NFS: > NFS: Proc = 19 (Get filesystem information) > NFS: File handle = [92A5] > NFS: > 25724DBD0808F2620A0003000000000098435C000A0003000000000098435C00 > NFS: > > > > ETHER: ----- Ether Header ----- > IP: ----- IP Header ----- > IP: > IP: Version = 4 > IP: Source address = 10.10.3.26, solarisstorage.mycompany.com > IP: Destination address = 10.10.3.147, nfstest.mycompany.com > IP: No options > IP: > TCP: ----- TCP Header ----- > TCP: > TCP: Source port = 2049 > TCP: Destination port = 875 (Sun RPC) > TCP: > RPC: ----- SUN RPC Header ----- > RPC: > RPC: Record Mark: last fragment, length = 164 > RPC: Transaction id = 3782673754 > RPC: Type = 1 (Reply) > RPC: This is a reply to frame 44 > RPC: Status = 0 (Accepted) > RPC: Verifier : Flavor = 0 (None), len = 0 bytes > RPC: Accept status = 0 (Success) > RPC: > NFS: ----- Sun NFS ----- > NFS: > NFS: Proc = 19 (Get filesystem information) > NFS: Status = 0 (OK) > NFS: Post-operation attributes: > NFS: File type = 2 (Directory) > NFS: Mode = 0755 > NFS: Setuid = 0, Setgid = 0, Sticky = 0 > NFS: Owner's permissions = rwx > NFS: Group's permissions = r-x > NFS: Other's permissions = r-x > NFS: Link count = 16, User ID = 0, Group ID = 0 > NFS: File size = 16, Used = 2560 > NFS: Special: Major = 4294967295, Minor = 4294967295 > NFS: File system id = 781684113433, File id = 3 > NFS: Last access time = 13-Sep-09 10:15:18.093840277 GMT > NFS: Modification time = 03-Sep-09 00:37:04.241715002 GMT > NFS: Attribute change time = 03-Sep-09 00:37:04.241715002 GMT > NFS: > NFS: Read transfer sizes: > NFS: Maximum = 1048576 bytes > NFS: Preferred = 1048576 bytes > NFS: Suggested multiple = 512 bytes > NFS: Write transfer sizes: > NFS: Maximum = 1048576 bytes > NFS: Preferred = 1048576 bytes > NFS: Suggested multiple = 512 bytes > NFS: Directory read size: > NFS: Preferred = 8192 bytes > NFS: File system limits: > NFS: Max file size = 9223372036854775807 bytes > NFS: Server minimum time discrimination = 0.001000 sec > NFS: Properties = 0x1b > NFS: .... ...1 = Hard links supported > NFS: .... ..1. = Symbolic links supported > NFS: .... 1... = Pathconf cannot vary per file > NFS: ...1 .... = Server can always set file times > ****End successful conversation**** > > > ****Unsuccessful / access denied conversation****** > ETHER: ----- Ether Header ----- > IP: ----- IP Header ----- > IP: > IP: Version = 4 > IP: Source address = 10.10.3.147, nfstest.mycompany.com > IP: Destination address = 10.10.3.26, solarisstorage.mycompany.com > IP: No options > IP: > TCP: ----- TCP Header ----- > TCP: > TCP: Source port = 875 > TCP: Destination port = 2049 (Sun RPC) > RPC: ----- SUN RPC Header ----- > RPC: > RPC: Record Mark: last fragment, length = 76 > RPC: Transaction id = 3799450970 > RPC: Type = 0 (Call) > RPC: RPC version = 2 > RPC: Program = 100003 (NFS), version = 3, procedure = 20 > RPC: Credentials: Flavor = 0 (None), len = 0 bytes Flavor is 0, which is AUTH_NONE . > RPC: Verifier : Flavor = 0 (None), len = 0 bytes > RPC: > NFS: ----- Sun NFS ----- > NFS: > NFS: Proc = 20 (Get POSIX information) > NFS: File handle = [92A5] > NFS: > 25724DBD0808F2620A0003000000000098435C000A0003000000000098435C00 > NFS: > > ETHER: ----- Ether Header ----- > IP: ----- IP Header ----- > IP: > IP: Version = 4 > IP: Source address = 10.10.3.26, solarisstorage.mycompany.com > IP: Destination address = 10.10.3.147, nfstest.mycompany.com > IP: No options > IP: > TCP: ----- TCP Header ----- > TCP: > TCP: Source port = 2049 > TCP: Destination port = 875 (Sun RPC) > TCP: > RPC: ----- SUN RPC Header ----- > RPC: > RPC: Record Mark: last fragment, length = 20 > RPC: Transaction id = 3799450970 > RPC: Type = 1 (Reply) > RPC: This is a reply to frame 47 > RPC: Status = 1 (Denied) > RPC: Reject status = 1 (can't authenticate) > RPC: Why = 5 (too weak) > ****End unsuccessful conversation***** > -- > This message posted from opensolaris.org > _______________________________________________ > nfs-discuss mailing list > nfs-discuss at opensolaris.org
