Re: review of new mountd option disabling use of rpcbind

The reason I went with an explicit "-R" is that I thought having mountd magically stop registering with rpcbind might be considered a POLA violation. --> With the explicit "-R" option, it will only happen if the "-R" flag is set or if nfsv4_server_only="YE

Re: review of new mountd option disabling use of rpcbind

Suggestion: Add a check for sysctl vfs.nfsd.server_min_nfsvers and if set to 4 or higher - automatically enable the “-R” option. - Peter > On 20 Oct 2020, at 02:56, Rick Macklem wrote: > > Hi, > > I've put a patch up on phabricator that adds a new option to mountd >

review of new mountd option disabling use of rpcbind

Hi, I've put a patch up on phabricator that adds a new option to mountd which disables use of rpcbind. This can be done for NFSv4 only servers. It appears that rpcbind is now considered a security risk by some. I listed freqlabs@ as a reviewer, but if anyone else would like to review it, p

Re: RFC w.r.t. toggling debugging on/off for mountd via a signal

On May 19, 2019 12:00:58 PM EDT, Rick Macklem wrote: > > >Cy Schubert wrote: >[lots of stuff snipped] >>Instead of syslog() calls, DTrace probes are designed for this type of >instrumentation. > >DTrace us way too obscure for me. Never used it, probably neve

Re: RFC w.r.t. toggling debugging on/off for mountd via a signal

Cy Schubert wrote: [lots of stuff snipped] >Instead of syslog() calls, DTrace probes are designed for this type of >instrumentation. DTrace us way too obscure for me. Never used it, probably never will. (Remember I'm the guy who still uses "ed" to edit a

Re: RFC w.r.t. toggling debugging on/off for mountd via a signal

On May 19, 2019 4:55:01 AM EDT, Konstantin Belousov wrote: >On Sun, May 19, 2019 at 02:47:10AM +, Rick Macklem wrote: >> Alan Somers wrote: >> >On Sat, May 18, 2019 at 7:59 PM Rick Macklem >wrote: >> >> >> >> Hi, >> >> >> >

Re: RFC w.r.t. toggling debugging on/off for mountd via a signal

On Sun, May 19, 2019 at 02:47:10AM +, Rick Macklem wrote: > Alan Somers wrote: > >On Sat, May 18, 2019 at 7:59 PM Rick Macklem wrote: > >> > >> Hi, > >> > >> I've been working with Peter Errikson on a patch for mountd that adds a > >>

Re: RFC w.r.t. toggling debugging on/off for mountd via a signal

Alan Somers wrote: >On Sat, May 18, 2019 at 7:59 PM Rick Macklem wrote: >> >> Hi, >> >> I've been working with Peter Errikson on a patch for mountd that adds a new >> option >> for incremental updating of exports. This seems to be helping a lot w.r

Re: RFC w.r.t. toggling debugging on/off for mountd via a signal

On Sat, May 18, 2019 at 7:59 PM Rick Macklem wrote: > > Hi, > > I've been working with Peter Errikson on a patch for mountd that adds a new > option > for incremental updating of exports. This seems to be helping a lot w.r.t. > performance > on an NFS server with l

RFC w.r.t. toggling debugging on/off for mountd via a signal

Hi, I've been working with Peter Errikson on a patch for mountd that adds a new option for incremental updating of exports. This seems to be helping a lot w.r.t. performance on an NFS server with lots (1+) of exported file systems. I have debug syslog() calls in the code, which I/

Re: more default uid/gid for NFS in mountd

On Sun, May 14, 2017 at 01:12:11AM +, Rick Macklem wrote: > >> It is also the case that mountd.c doesn't look "nobody" up in the password > >> database > >> to set the default. It would be nice to do this, but it could result in > >> t

Re: more default uid/gid for NFS in mountd

Thanks for the comments. >> It is also the case that mountd.c doesn't look "nobody" up in the password >> database >> to set the default. It would be nice to do this, but it could result in the >> mountd daemon >> getting "stuck" during a

Re: more default uid/gid for NFS in mountd

t; up in the password > database > to set the default. It would be nice to do this, but it could result in the > mountd daemon > getting "stuck" during a boot waiting for an unresponsive LDAP service or > similar. > Does doing this sound like a good idea? I imagine t

Re: more default uid/gid for NFS in mountd

assword > database > to set the default. It would be nice to do this, but it could result in the > mountd daemon > getting "stuck" during a boot waiting for an unresponsive LDAP service or > similar. > Does doing this sound like a good idea? This is (stuck at boot) alrea

more default uid/gid for NFS in mountd

ountd.c doesn't look "nobody" up in the password database to set the default. It would be nice to do this, but it could result in the mountd daemon getting "stuck" during a boot waiting for an unresponsive LDAP service or similar. Does doing this sound like a good idea?

issue with /etc/rc.d/mountd script

exported via ZFS properties. So, it has /etc/zfs/exports, but no /etc/exports. When mountd is started up, it emits a error, because the required_files is set to /etc/exports. I think the correct thing is to either remove the required_files setting, or build it from /etc/exports and/or /etc/zfs

Re: nmount, mountd drops high order MNT_xx flags during a mount update

> > Thanks for the suggestion Doug, rick > > > > > > > On 7 May 2015 at 02:10, Rick Macklem > > > > wrote: > > > > > > > > > David Boyd reported a problem to freebsd-current@ w.r.t. the > > > > > MNT_AUTOMOUNTED

Re: nmount, mountd drops high order MNT_xx flags during a mount update

s. (Feel free to add yourself as a > > reviewer, etc.) > > > > Also, David, if you can test this patch, it would be appreciated. > > > > Thanks for the suggestion Doug, rick > > > > > On 7 May 2015 at 02:10, Rick Macklem wrote: > > > &

Re: nmount, mountd drops high order MNT_xx flags during a mount update

d. > > Thanks for the suggestion Doug, rick > > > On 7 May 2015 at 02:10, Rick Macklem wrote: > > > > > David Boyd reported a problem to freebsd-current@ w.r.t. the > > > MNT_AUTOMOUNTED > > > flag getting cleared by mountd. > > > h

Re: nmount, mountd drops high order MNT_xx flags during a mount update

.r.t. the > > MNT_AUTOMOUNTED > > flag getting cleared by mountd. > > http://docs.FreeBSD.org/cgi/mid.cgi?1429477202.29812.38.camel > > I just took a look at this and it's kinda ugly... > > > > mountd acquires a list of mounts via getmntinfo() and then do

Re: nmount, mountd drops high order MNT_xx flags during a mount update

2015 at 02:10, Rick Macklem wrote: > > > David Boyd reported a problem to freebsd-current@ w.r.t. the > > MNT_AUTOMOUNTED > > flag getting cleared by mountd. > > http://docs.FreeBSD.org/cgi/mid.cgi?1429477202.29812.38.camel > > I just took a look at this and

Re: nmount, mountd drops high order MNT_xx flags during a mount update

You could add a single integer-valued vfsopt which holds the high-order bits of f_flags? On 7 May 2015 at 02:10, Rick Macklem wrote: > David Boyd reported a problem to freebsd-current@ w.r.t. the > MNT_AUTOMOUNTED > flag getting cleared by mountd. > http://docs.FreeBSD.org

nmount, mountd drops high order MNT_xx flags during a mount update

David Boyd reported a problem to freebsd-current@ w.r.t. the MNT_AUTOMOUNTED flag getting cleared by mountd. http://docs.FreeBSD.org/cgi/mid.cgi?1429477202.29812.38.camel I just took a look at this and it's kinda ugly... mountd acquires a list of mounts via getmntinfo() and then does an n

Comparison of the nfse compatibility mode with mountd and exports(5)

On Sat, Jun 30, 2012 at 08:53:09PM -0400, Rick Macklem wrote: > I haven't looked at Andrey's patch, but conceptually it sounds like > the best approach. As I understand it, the problem with replacing > mountd with nfse (at least in the FreeBSD source tree) is that nfse >

Re: mountd starts to early when exporting fs marked as late (patch included)

On 06/24/2012 16:07, Steven Hartland wrote: > We added some new mount points recently and on reboot they failed to > come up after investigating we found that mountd runs too early in > the boot process to be able export filesystems that are marked as > late in /etc/fstab. > >

mountd starts to early when exporting fs marked as late (patch included)

We added some new mount points recently and on reboot they failed to come up after investigating we found that mountd runs too early in the boot process to be able export filesystems that are marked as late in /etc/fstab. Our fix was simply to mark mountd as requiring mountlate and all was well

Re: mountd, rpc.lockd and rpc.statd patches for testing

On Thu, Apr 19, 2012 at 08:44:37PM -0400, Rick Macklem wrote: > Andrey Simonenko wrote: > > On Mon, May 30, 2011 at 04:56:02PM -0400, Rick Macklem wrote: > > > Hi, > > > > > > I have patches for the mountd, rpc.statd and rpc.lockd daemons > > > th

Re: mountd, rpc.lockd and rpc.statd patches for testing

work to obtain a port number before using it in tcpdump or in firewall settings. I checked rpcinfo output for mountd on Solaris and NetBSD, on both systems mountd can use different ports for different netconfigs. > > 2. What is the sense of specifying specific IP addresses for mountd > >

Re: mountd, rpc.lockd and rpc.statd patches for testing

Andrey Simonenko wrote: > On Mon, May 30, 2011 at 04:56:02PM -0400, Rick Macklem wrote: > > Hi, > > > > I have patches for the mountd, rpc.statd and rpc.lockd daemons > > that are meant to keep them from failing when a dynamically > > selected port# is not

Re: mountd, rpc.lockd and rpc.statd patches for testing

On Mon, May 30, 2011 at 04:56:02PM -0400, Rick Macklem wrote: > Hi, > > I have patches for the mountd, rpc.statd and rpc.lockd daemons > that are meant to keep them from failing when a dynamically > selected port# is not available for some combination of > udp,tcp X ipv4,i

Re: NFS mountd version 3 over TCP

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, On 08/29/11 11:47, Rick Macklem wrote: >> I think it did. Lookup of ".." was failing. I think that was because >> ni_strictrelative (added for capabilities) wasn't initialized and >> happened to be non-zero. > >> Please try this patch and let us

Re: NFS mountd version 3 over TCP

Steve Wills wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > On 08/27/11 21:23, Steve Wills wrote: > > On 08/27/11 20:55, Rick Macklem wrote: > >>> I don't know why the nfsd wouldn't be able to bind(2) to port > >>> #2049 a > >>> second time for UDP, but someone on the net side might k

Re: NFS mountd version 3 over TCP

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 08/27/11 21:23, Steve Wills wrote: > On 08/27/11 20:55, Rick Macklem wrote: >>> I don't know why the nfsd wouldn't be able to bind(2) to port #2049 a >>> second time for UDP, but someone on the net side might know? (Just in >>> case it is a problem

Re: NFS mountd version 3 over TCP

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 08/27/11 20:55, Rick Macklem wrote: >> I don't know why the nfsd wouldn't be able to bind(2) to port #2049 a >> second time for UDP, but someone on the net side might know? (Just in >> case it is a problem that has already been fixed, I'd try a newe

Re: NFS mountd version 3 over TCP

0 2 udp 0.0.0.0.0.111 rpcbind superuser > > 10 4 tcp6 ::.0.111 rpcbind superuser > > 10 3 tcp6 ::.0.111 rpcbind superuser > > 10 4 udp6 ::.0.111 rpcbind superuser > > 10 3 udp6 ::.0.111 rpcbind superuser > > 10 4 local /var

Re: NFS mountd version 3 over TCP

Steve Wills wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > On 08/27/11 09:00, Rick Macklem wrote: > >> This line indicates that mountd over tcp is registered for v3, > >> so I suspect the error message is misleading?? > > Forgot to reply to th

Re: NFS mountd version 3 over TCP

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 08/27/11 09:00, Rick Macklem wrote: >> This line indicates that mountd over tcp is registered for v3, >> so I suspect the error message is misleading?? Forgot to reply to this part, and I should have been more clear earlier. Whe

Re: NFS mountd version 3 over TCP

0 2 udp 0.0.0.0.0.111 rpcbind superuser > > 10 4 tcp6 ::.0.111 rpcbind superuser > > 10 3 tcp6 ::.0.111 rpcbind superuser > > 10 4 udp6 ::.0.111 rpcbind superuser > > 10 3 udp6 ::.0.111 rpcbind superuser > > 10 4 local /var

Re: NFS mountd version 3 over TCP

4local /var/run/rpcbind.sock rpcbindsuperuser > 103local /var/run/rpcbind.sock rpcbindsuperuser > 10 2local /var/run/rpcbind.sock rpcbindsuperuser > 151udp6 ::.2.224 mountd

Re: NFS mountd version 3 over TCP

superuser 103udp6 ::.0.111 rpcbindsuperuser 104local /var/run/rpcbind.sock rpcbindsuperuser 103local /var/run/rpcbind.sock rpcbindsuperuser 102local /var/run/rpcbind.sock rpcbindsuperuser 10

NFS mountd version 3 over TCP

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, I'm trying to use 9.0-CURRENT as an NFS server for a VMWare ESXi 4.1.0. When I attempt the mount, it logs this message: The NFS server does not support MOUNT version 3 over TCP Have I configured something wrong and if so what? Or is this somethi

mountd, rpc.lockd and rpc.statd patches for testing

Hi, I have patches for the mountd, rpc.statd and rpc.lockd daemons that are meant to keep them from failing when a dynamically selected port# is not available for some combination of udp,tcp X ipv4,ipv6 If anyone would like to test these patches, they can be found at: http

Re: mountd(8) leaving filesystems exported

gt; does not include ext2fs or hpfs, so you can successfully export >> these filesystems, but they remain exported even when the /etc/exports >> entry is removed and mountd is restarted or sent a SIGHUP, and no >> errors are logged... > >This is actually the wrong way to go

Re: mountd(8) leaving filesystems exported

ilesystem across the network. As a security thing, it cuts both ways; it really depends on your policy basis. In general, this is handled by adding an option to the mountd to only export whole FSs, to get around the cut the other direction (I think this is "-subdirs" on SunOS, but it has b

Re: mountd(8) leaving filesystems exported

On Fri, Dec 14, 2001 at 10:17:43PM -0800, Terry Lambert wrote: > The problem is that the exported FSs exports are managed in the > per FS mount code, and they really ought to be managed in higher > level code (above the VFS layer, but still in the kernel). > > This is incidently what prevents us

Re: mountd(8) leaving filesystems exported

Ian Dowse wrote: > > There are quite a few assumptions in mountd(8) about the layout of > the per-filesystem mount(2) `data' struct, which make the code quite > ugly. It uses a union to ensure that it supplies a large enough > structure to mount(2), but regardless of the

mountd(8) leaving filesystems exported

There are quite a few assumptions in mountd(8) about the layout of the per-filesystem mount(2) `data' struct, which make the code quite ugly. It uses a union to ensure that it supplies a large enough structure to mount(2), but regardless of the filesystem type, it always initialises th

Re: wierdness with mountd

I braino'd that patch (error vs. errno), but I have just committed > a working version that should stop the mountd warnings. > > Ian To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message

Re: wierdness with mountd

Thanks, Ian! To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message

Re: wierdness with mountd

In message <[EMAIL PROTECTED]>, Ian Dowse writes: >error? (untested patch below). I braino'd that patch (error vs. errno), but I have just committed a working version that should stop the mountd warnings. Ian To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe

Re: wierdness with mountd

Le 2001-05-28, Matthew Jacob écrivait : > On startup: > May 28 10:16:04 farrago mountd[216]: can't delete exports for / Same here with -CURRENT as of today. -- Thomas Quinot ** Département Informatique & Réseaux ** [EMAIL PROTECTED] ENST // 46 rue Barrault /

Re: wierdness with mountd

In message <[EMAIL PROTECTED]>, John writes: >Looking in /usr/src/sbin/mountd/mountd.c, under line 930 >shows the following: > >num = getmntinfo(&fsp, MNT_NOWAIT); > >and then runs through a loop 'num' times trying to >delete any export for eac

Re: wierdness with mountd

- Ian Dowse's Original Message - > In message <[EMAIL PROTECTED]>, John Polstra writes: > >In article <[EMAIL PROTECTED]>, > >Matthew Jacob <[EMAIL PROTECTED]> wrote: > >> May 28 10:21:43 farrago mountd[217]: can't delete exports for

Re: wierdness with mountd

In message <[EMAIL PROTECTED]>, John Polstra writes: >In article <[EMAIL PROTECTED]>, >Matthew Jacob <[EMAIL PROTECTED]> wrote: >> May 28 10:21:43 farrago mountd[217]: can't delete exports for /tmp >> May 28 10:21:43 farrago mountd[217]: can't delete

Re: wierdness with mountd

In article <[EMAIL PROTECTED]>, Matthew Jacob <[EMAIL PROTECTED]> wrote: > > Over the last couple of weeks, I've seen wierd statements coming out of > mountd: > > On startup: > > May 28 10:16:04 farrago mountd[216]: can't delete exports for / >

wierdness with mountd

Over the last couple of weeks, I've seen wierd statements coming out of mountd: On startup: May 28 10:16:04 farrago mountd[216]: can't delete exports for / On a mount of /usr/obj: May 28 10:21:43 farrago mountd[217]: can't delete exports for /tmp May 28 10:21:43 farrago mou

nfsd/mountd problems?

/etc/hosts.{allow,deny}. But my hosts.allow is up to date as of May 5th ... May 12 01:10:40 thelab nfsd:[6310]: rpcb_unset failed May 12 01:17:33 thelab nfsd:[20226]: rpcb_unset failed May 12 01:17:48 thelab mountd[21102]: can't delete exports for / May 12 01:17:48 thelab mountd[21102]: can

Re: mountd changed?

* John Baldwin <[EMAIL PROTECTED]> [010123 12:41] wrote: > > On 23-Jan-01 Julian Elischer wrote: > > Suddenly the following error messages occur: > > Jan 23 07:21:02 jules mountd[435]: can't export /unused > > Jan 23 07:21:02 jules mountd[435]: bad exports list

RE: mountd changed?

On 23-Jan-01 Julian Elischer wrote: > Suddenly the following error messages occur: > Jan 23 07:21:02 jules mountd[435]: can't export /unused > Jan 23 07:21:02 jules mountd[435]: bad exports list line /unused > -maproot > Jan 23 07:21:02 jules mountd[435]: could not remount

mountd changed?

Suddenly the following error messages occur: Jan 23 07:21:02 jules mountd[435]: can't export /unused Jan 23 07:21:02 jules mountd[435]: bad exports list line /unused -maproot Jan 23 07:21:02 jules mountd[435]: could not remount /usr: Bad address Jan 23 07:21:02 jules mountd[435]: bad ex

Re: mountd

On Thu, 21 Jan 1999, David E. Cross wrote: > I posted this awhile ago to -questions, but never received a reply. > > We have a number of FreeBSD NFS servers here. Occasionally we need to > change the exports list on the servers and send mountd a SIGHUP. This > leads to a conditi

Re: mountd

On Thu, 21-Jan-1999 at 10:54:36 -0500, David E. Cross wrote: > I posted this awhile ago to -questions, but never received a reply. > > We have a number of FreeBSD NFS servers here. Occasionally we need to > change the exports list on the servers and send mountd a SIGHUP. This

mountd

I posted this awhile ago to -questions, but never received a reply. We have a number of FreeBSD NFS servers here. Occasionally we need to change the exports list on the servers and send mountd a SIGHUP. This leads to a condition that in many ways is much worse than a server reboot. What