Ubuntu
nfs-utils package

NFS v3 fstab option sec=sys results in RPC AUTH_NULL credentials instead of expected AUTH_UNIX

Bug #1315974 reported by Eric Carroll
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
nfs-utils (Ubuntu)
New
Undecided
Unassigned

Bug Description

In a previous Ubuntu upgrade to 13.10, there was a problem with rpc.gssd timeouts on NFS v3 mount attempts slowing down NFSv3 mounting. Several workarounds existed, one of which was to explicitly list "sec=sys" as an /etc/fstab mount option.

The NFS server in this case is a NetGear ReadyNAS PRO running Debian, kernel: 2.6.37.6.RNx86_64.2.4 The NFS server is not involved in this problem, it is purely client side. changing squash settings on the server side was tested and had no impact on the problem.

On upgrade from from 13.10 to 14.04, NFSv3 mounts stop working if sec=sys is specified in /etc/fstab.

Specifically, the mount works, but access to files receive client side permission denial. Investigation showed that if the directory was mounted 777 and a test file was created, then the file had uid/gid nobody/nogroup instead of the expected client side UID/GID.

wireshark clearly showed that with sec=sys on the fstab options, the RPC credentials were AUTH_NULL. If sec=sys is removed from the fstab options, then RPC credentials are now AUTH_UNIX.

Repeat by:
- create /c/tmp directory mode 777 on NFS file server where /etc/passwd & group are coordinated with the client
- export /c/tmp as insecure,insecure_locks,rw,sync
- add directory to /etc/fstab, options auto,sec=sys,nfsvers=3:
  nas:/c/tmp /mnt nfs auto,sec=sys,nfsvers=3 0 0
- execute the following while conducting dumpcap:
  sudo mount /mnt
  touch /mnt/test
  ls -l /mnt/test
- observe file is nobody/nogroup
- observe RPC credentials are AUTH_NULL in wireshark
- remove sys=sec from fstab and repeat above.
- result will be correct uid/gid & RPC credentials of AUTH_UNIX

ProblemType: Bug
DistroRelease: Ubuntu 14.04
Package: nfs-common 1:1.2.8-6ubuntu1
ProcVersionSignature: Ubuntu 3.13.0-24.46-generic 3.13.9
Uname: Linux 3.13.0-24-generic x86_64
NonfreeKernelModules: nvidia
ApportVersion: 2.14.1-0ubuntu3
Architecture: amd64
CurrentDesktop: Unity
Date: Sun May 4 21:23:26 2014
InstallationDate: Installed on 2012-11-20 (530 days ago)
InstallationMedia: Ubuntu 12.10 "Quantal Quetzal" - Release amd64 (20121017.5)
SourcePackage: nfs-utils
UpgradeStatus: Upgraded to trusty on 2014-04-19 (15 days ago)

See original description
Revision history for this message
Eric Carroll (eric-carroll) wrote :
description: updated
Eric Carroll (eric-carroll)
description: updated
Eric Carroll (eric-carroll)
description: updated
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.