Bug#984602: fai-setup: mid-export newlines in /etc/exports
On Sat, 6 Mar 2021 at 05:16, Thomas Lange wrote: > > > On Fri, 05 Mar 2021 17:58:26 +, Matthew Pounsett > > said: > > I've made a change in fai-setup to determine the IP of the first > interface, but this seems to fail with multiple interfaces > Can you please provide the output of this command: > ip -br ad show | awk '{print $3}' Sure (indenting mine): % ip -br ad show | awk '{print $3}' 127.0.0.1/8 172.16.2.2/30 64.191.0.64/24 192.168.1.64/24 192.168.0.64/24 fe80::fc54:ff:fe78:7dd0/64 fe80::fc54:ff:fe48:106e/64 fe80::fc54:ff:fece:417f/64 If you're using that, you lose information, though. For example, the only IPv6 addresses you're getting are link-local. Here's the full output of that command without restricting it to a single column: % ip -br ad show lo UNKNOWN127.0.0.1/8 ::1/128 eno1 UP eno2 UP eno3 DOWN eno4 UP 172.16.2.2/30 fe80::baca:3aff:fef3:7bac/64 enp68s0 UP br0 UP 64.191.0.64/24 64.191.0.132/24 2620:ff:c000::132/64 2620:ff:c000::64/64 fe80::baca:3aff:fef3:7ba9/64 br1 UP 192.168.1.64/24 fe80::baca:3aff:fef3:7baa/64 br2 UP 192.168.0.64/24 fe80::260:ddff:fe43:99fb/64 vnet0UNKNOWNfe80::fc54:ff:fe78:7dd0/64 vnet1UNKNOWNfe80::fc54:ff:fe48:106e/64 vnet2UNKNOWNfe80::fc54:ff:fece:417f/64 To strip that down, you probably want something more like the output of this: % ip -br ad show | tr -s '[:blank:]' ' ' | cut -d' ' -f 3- Since a server may have multiple addresses in the same subnet, you may also want to de-dupe the output before using it. > > Which is the expected interface you want to use in /etc/exports? That would be system dependent. I would suggest that what fai-setup should do by default depends on your intentions. Do you want this to just be an example, or should it be more like a functional default? If it's the former, then I'd grab the first IPv4 and IPv6 subnets you find that are not 127/8 (for v4) or link-local (for v6). If you want it to be fully functional, then I would grab all such netblocks. Keeping in mind that the main issue I'm reporting here is a problem with /etc/exports syntax, not with the netblock selection. The man page for exports(5) is a little imprecise on this point ... an export's client list *is* whitespace delimited, and newlines are ignored, but newlines in the client list seem to be fatal. This implies they are not ignored mid-export and are not included in this definition of "whitespace". But, if you're looking at improving netblock selection as well, my advice would be to grab all v4 netblocks not in 127/8 and all non-link-local v6 blocks. > A workaround is to set the variable SERVERINTERFACE in > /etc/fai/nfsroot.conf. See nfsroot.conf(5) I think if that's a thing that needs to be done to get fai-server to generate valid /etc/exports syntax you should probably mention it in the docs. My personal workaround is just to fix the syntax of the exports file after fai-setup writes it.
Bug#984602: fai-setup: mid-export newlines in /etc/exports
> On Fri, 05 Mar 2021 17:58:26 +, Matthew Pounsett > said: > Package: fai-server > Version: 5.10 > Severity: normal I've made a change in fai-setup to determine the IP of the first interface, but this seems to fail with multiple interfaces Can you please provide the output of this command: ip -br ad show | awk '{print $3}' Which is the expected interface you want to use in /etc/exports? A workaround is to set the variable SERVERINTERFACE in /etc/fai/nfsroot.conf. See nfsroot.conf(5) -- viele Grüße Thomas
Bug#984602: fai-setup: mid-export newlines in /etc/exports
Package: fai-server Version: 5.10 Severity: normal Dear Maintainer, I'm a new user of FAI. I've run a few test setups on VMs and am in the process of doing the first install on a production server, prepping to build real installs. This didn't crop up on single-interface VMs, but in production I've run into a problem with priming of the /etc/exports file, triggered by the presence of multiple interface and IP protocols on the server. At the end of the run of `fai-setup -v`, the nfs-server fails to load, and it appears the cause is that it is either failing to strip newlines when it obtains the server IP addresses, or is erroneously inserting newlines, when it constructs the exports entries. For example (indenting added by me, newlines added by fai-setup): /srv/fai/config 127.0.0.1/8 172.16.2.2/30 64.191.0.64/24 192.168.1.64/24 192.168.0.64/24 fe80::fc54:ff:fe78:7dd0/64 fe80::fc54:ff:fe48:106e/64 fe80::fc54:ff:fece:417f/64(async,ro,no_subtree_check) This causes nfs-server.service to fail to start. Correcting this is an easy problem to solve (remove the newlines) but a newbie to NFS might take a while to figure that out. -- System Information: Debian Release: 10.8 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-14-amd64 (SMP w/16 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages fai-server depends on: ii debootstrap 1.0.114 ii e2fsprogs1.44.5-1+deb10u3 ii fai-client 5.10 ii xz-utils 5.2.4-1 Versions of packages fai-server recommends: ii dosfstools4.1-2 ii isc-dhcp-server 4.4.1-2 ii libproc-daemon-perl 0.23-1 ii mtools4.0.23-1 ii nfs-kernel-server 1:1.3.4-2.5+deb10u1 ii openbsd-inetd [inet-superserver] 0.20160825-4 ii openssh-client1:7.9p1-10+deb10u2 ii openssh-server1:7.9p1-10+deb10u2 ii tftpd-hpa 5.2+20150808-1+b1 Versions of packages fai-server suggests: ii binutils 2.31.1-16 pn debmirror pn fai-setup-storage pn grub2 pn perl-tk ii qemu-utils 1:3.1+dfsg-8+deb10u8 ii reprepro 5.3.0-1 ii squashfs-tools 1:4.3-12 ii xorriso1.5.0-1 -- no debconf information