NFS4, NFS stopped working after 12.04 to 14.04 upgrade

Bug #1373490 reported by Joni-Pekka Kurronen
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
nfs-utils (Ubuntu)
Fix Committed
Undecided
Unassigned

Bug Description

NFS4 whit LDAP & KERBEROS DOSE NOT WORK,... actually
after 12.04 to 14.04 upgrade it stopped to work and I belived it was
pam/ldap realatd configuration problem,... can you kindly look at and confirm that this is the
reason and I can wait kernel update ( or upgrade kerenel? ) to get NFS4
working. I mean most likely this is dupplicate based on onset,..
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1365869

Server:
  ApacheDS: ldap and kerberos
  MIT: kerberos client
  nfs-kernel

LOG say's while mounting from client:

Sep 24 18:33:19 mpi1 rpc.gssd[1176]: ERROR: failed to read service info
Sep 24 18:33:23 mpi1 named[2378]: client 2001:14b8:100:8363:d5bc:33c:1c2c:6bc2#23423 (_kerberos-master._udp.KURROLA.FI): query (cache) '_kerberos-master._udp.KURROLA.FI/SRV/IN' denied
Sep 24 18:33:23 mpi1 rpc.gssd[1176]: ERROR: can't open /run/rpc_pipefs/gssd/clntXX/info: No such file or directory
Sep 24 18:33:23 mpi1 rpc.gssd[1176]: ERROR: failed to read service info
Sep 24 18:33:23 mpi1 rpc.gssd[1176]: ERROR: can't open /run/rpc_pipefs/gssd/clntXX/info: No such file or directory
Sep 24 18:33:23 mpi1 rpc.gssd[1176]: ERROR: failed to read service info
Sep 24 18:33:23 mpi1 rpc.gssd[1176]: ERROR: can't open /run/rpc_pipefs/gssd/clntXX/info: No such file or directory
Sep 24 18:33:23 mpi1 rpc.gssd[1176]: ERROR: failed to read service info
Sep 24 18:33:23 mpi1 rpc.gssd[1176]: ERROR: can't open /run/rpc_pipefs/gssd/clntXX/info: No such file or directory
Sep 24 18:33:23 mpi1 rpc.gssd[1176]: ERROR: failed to read service info
Sep 24 18:33:23 mpi1 rpc.gssd[1176]: ERROR: can't open /run/rpc_pipefs/gssd/clntXX/info: No such file or directory
Sep 24 18:33:23 mpi1 rpc.gssd[1176]: ERROR: failed to read service info
Sep 24 18:33:23 mpi1 rpc.gssd[1176]: ERROR: can't open /run/rpc_pipefs/gssd/clntXX/info: No such file or directory
Sep 24 18:33:23 mpi1 rpc.gssd[1176]: ERROR: failed to read service info
Sep 24 18:33:23 mpi1 rpc.gssd[1176]: ERROR: can't open /run/rpc_pipefs/gssd/clntXX/info: No such file or directory
Sep 24 18:33:23 mpi1 rpc.gssd[1176]: ERROR: failed to read service info
Sep 24 18:33:23 mpi1 rpc.gssd[1176]: ERROR: can't open /run/rpc_pipefs/gssd/clntXX/info: No such file or directory
Sep 24 18:33:23 mpi1 rpc.gssd[1176]: ERROR: failed to read service info
Sep 24 18:33:23 mpi1 rpc.gssd[1176]: ERROR: can't open /run/rpc_pipefs/gssd/clntXX/info: No such file or directory
Sep 24 18:33:23 mpi1 rpc.gssd[1176]: ERROR: failed to read service info

This is OK whit server, so principal should work,...
sudo kinit -k -t /etc/krb5.keytab <email address hidden>

Client:
  MIT: kerberos client

joni@kaak:~$ sudo mount -a
mount.nfs4: access denied by server while mounting mpi1.kurrola.dy.fi:/

and log says at client:

Sep 24 18:37:53 kaak sudo: joni : problem with defaults entries ; TTY=pts/2 ; PWD=/home/joni ;
Sep 24 18:37:53 kaak sudo: joni : TTY=pts/2 ; PWD=/home/joni ; USER=root ; COMMAND=/bin/mount -a
Sep 24 18:37:53 kaak sudo: pam_unix(sudo:session): session opened for user root by joni(uid=0)
Sep 24 18:37:54 kaak sudo: pam_unix(sudo:session): session closed for user root

This at client work's do principals should be ok.
 sudo kinit -k -t /etc/krb5.keytab <email address hidden>

ProblemType: Bug
DistroRelease: Ubuntu 14.04
Package: ubuntu-release-upgrader-core 1:0.220.5
ProcVersionSignature: Ubuntu 3.13.0-35.62-generic 3.13.11.6
Uname: Linux 3.13.0-35-generic x86_64
NonfreeKernelModules: nvidia
ApportVersion: 2.14.1-0ubuntu3.4
Architecture: amd64
CrashDB: ubuntu
CurrentDesktop: Unity
Date: Wed Sep 24 19:05:33 2014
InstallationDate: Installed on 2014-08-25 (30 days ago)
InstallationMedia: Ubuntu-Server 14.04 LTS "Trusty Tahr" - Release amd64+mac (20140416.2)
PackageArchitecture: all
SourcePackage: ubuntu-release-upgrader
Symptom: dist-upgrade
UpgradeStatus: No upgrade log present (probably fresh install)

Revision history for this message
Joni-Pekka Kurronen (joni-kurronen) wrote :
Revision history for this message
Joni-Pekka Kurronen (joni-kurronen) wrote :

hi,

Real Bug is that NFS logging dose not give clear information wgat's happening and diagnose is hard to do!

Problem solved:
1) I finaly found upgrade kernel, after installing it gssapi error
message dissapeared and NO ERROR MESSAGES at log's.

2) by useing wireshark I found _kerberos._udp DNS requests and
due DNS had not answers I configured BIND9 to publish all kerberos
service addresses.

I have NFS + MIT kerberos client and apacheDS LDAP + KERBEROS server
there is no addministration address at kerberos.

joni

Changed in ubuntu-release-upgrader (Ubuntu):
status: New → Fix Committed
affects: ubuntu-release-upgrader (Ubuntu) → nfs-utils (Ubuntu)
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.