On Aug 21, 2009, at 2:24 PM, J. Bruce Fields wrote:
On Fri, Aug 21, 2009 at 02:16:08PM -0400, Chuck Lever wrote:
I want to understand the server bug a little more. I glanced over
RFC
2623 and didn't see anything specific.
Is it the case that only Linux NFSD does this, or do other servers do
it? In other words, is this a typical server response, and if so, is
there a specific semantic attached to it?
If no list is provided, should the client assume that only
AUTH_NONE and
AUTH_SYS are supported, or instead, perhaps that the client can try
to
use any flavor? In other words, if no list is provided, let the
mount
proceed no matter what was specified by sec= ?
I think the safest behavior on the client would be something like:
- If an explicit sec= is provided on the client, try that
flavor. Otherwise:
- If the server returned a nonempty list, pick something
off that list. Otherwise:
- Try auth_sys.
Right now, we use AUTH_SYS if the mount command didn't specify a
flavor, but the flavor we're going to use is always checked against
the server's returned list. You seem to be suggesting we should
ignore the server's list entirely if sec= was specified...?
--b.
Thanks for any clarification.
Begin forwarded message:
From: Trond Myklebust <trond.myklebust@xxxxxxxxxx>
Date: August 20, 2009 10:36:11 PM GMT-04:00
To: Wu Fengguang <fengguang.wu@xxxxxxxxx>, "Mr. Charles Edward
Lever"
<Chuck.Lever@xxxxxxxxxx>
Cc: "linux-nfs@xxxxxxxxxxxxxxx" <linux-nfs@xxxxxxxxxxxxxxx>, LKML
<linux-kernel@xxxxxxxxxxxxxxx>
Subject: Re: mount.nfs: access denied by server
On Fri, 2009-08-21 at 09:27 +0800, Wu Fengguang wrote:
On Thu, Aug 20, 2009 at 09:02:29PM +0800, Trond Myklebust wrote:
On Thu, 2009-08-20 at 15:13 +0800, Wu Fengguang wrote:
Hi,
After upgrading NFS client kernel to latest linux-next, NFS mount
failed:
# mount -t nfs pxe:/cc /cc
mount.nfs: access denied by server while mounting pxe:/cc
# uname -a
Linux hp 2.6.31-rc6-next-20090818 #61 SMP Thu Aug 20
14:46:10 CST 2009 x86_64 GNU/Linux
However server log says OK:
Aug 20 15:02:09 wu-t61 mountd[4599]: authenticated mount
request from 192.168.11.6:973 for /cc (/cc)
Aug 20 15:02:09 wu-t61 mountd[4599]: authenticated unmount
request from 192.168.11.6:974 for /cc (/cc)
However-2: nfsroot can be mounted at boot time. Server kernel has
always been 2.6.30.
Any ideas?
Thanks,
Fengguang
Can you try again after enabling mount debugging on the NFS
client?
echo 512 > /proc/sys/sunrpc/nfs_debug
I used 1024 and found the mount failed here in nfs_walk_authlist():
dfprintk(MOUNT, "NFS: server does not support requested auth
flavor\ n");
nfs_umount(request);
Thanks Fengguang!
Chuck, this looks like one of yours. Could it be that you are
hitting
the same Linux knfsd bug that Tom Haynes saw with a Solaris client?
AFAICR, the problem was that existing nfs servers do not set a
default
auth flavour, and so you just have to try with auth_sys and see if
it
succeeds...
Cheers
Trond
--
Chuck Lever
chuck[dot]lever[at]oracle[dot]com
--
Chuck Lever
chuck[dot]lever[at]oracle[dot]com
--
To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html