Ubuntu
linux package

NFSv3 in Gutsy maps uids wrongly

Bug #159557 reported by gcc
6
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Invalid
Undecided
Unassigned

Bug Description

Binary package hint: linux-generic

Mounting an NFS share from a FC2 server:

  /home 10.0.156.*(rw,async,no_root_squash)

10.0.156.32 (client) is edgy (2.6.17-12-generic) and appears to work. /etc/fstab has:

  server:/home /home nfs rw,soft,intr 0 0

This machine can access NFS home dirs just fine. It appears to be using NFSv3, from nfsstat.

10.0.156.33 (client) is gutsy (2.6.22-14-generic) and NFSv3 appears to be broken. Cannot write to any files except in world-writable directories, and the uid/gid is set to -2 always, like all_squash was in effect, but this is done by the _client_.

pcap from edgy (attached):

15:53:52.761340 IP (tos 0x0, ttl 64, id 61342, offset 0, flags [DF], proto TCP (6), length 240) 10.0.156.32.2762603457 > 10.0.156.210.nfs: 188 create fh Unknown/01000001000900040180A6019CC2C601439E139000000004666F6F3400000000 "foo4"

pcap from gutsy (attached):

15:51:58.818008 IP (tos 0x0, ttl 64, id 63870, offset 0, flags [DF], proto TCP (6), length 324) 10.0.156.210.nfs > 10.0.156.33.2510850134: reply ok 272 create fh Unknown/01000002000900040180A601A8C2C601939E13909CC2C601439E139000000001 REG 100644 ids -2/-2 sz 0

In both cases it's creating a file in a world-writable directory. Gutsy uses the wrong permissions.

Forcing gutsy to use nfsv2 by mounting with nfsvers=2 option appears to work around the problem.

This may be a security issue because users can create files with uids/gids other than their own the nobody uid/gid).

I can try an alternative kernel but please post a direct HTTP link to download it.

Revision history for this message
gcc (chris+ubuntu-qwirx) wrote :
Revision history for this message
gcc (chris+ubuntu-qwirx) wrote :
Revision history for this message
barenakeddali (bd-dali) wrote :

I also have problems mounting rw using NFS3, Gutsy client mounting from CentOS 5 NFS server.

fstab:
scaleo:/filer/temp /mnt/scaleo/temp nfs rw 0 0

sudo mount -a, check /etc/mtab:
scaleo:/filer/temp /mnt/scaleo/temp nfs rw,addr=<IP manually removed> 0 0

Can't write to /mnt/scaleo/temp, try checking with nfsstat -m:
/mnt/scaleo/temp from scaleo:/filer/temp
 Flags: ro,vers=3,rsize=32768,wsize=32768,hard,proto=tcp,timeo=600,retrans=2,sec=sys,addr=scaleo

Note "Flags: ro", according to mtab it's rw.

Tried the exact same setup from a CentOS client and it worked.

Added nfsvers=2 to fstab:
scaleo:/filer/temp /mnt/scaleo/temp nfs rw,nfsvers=2 0 0

Remounted, check mtab:
scaleo:/filer/temp /mnt/scaleo/temp nfs rw,nfsvers=2,addr=<IP manually removed> 0 0

And nfsstat -m:
/mnt/scaleo/temp from scaleo:/filer/temp
 Flags: rw,vers=2,rsize=8192,wsize=8192,hard,proto=tcp,timeo=600,retrans=2,sec=sys,addr=scaleo

Hey, now it's rw. Verified that I can write to the share, works.

Looks like there is a problem with NFSv3 in the Gutsy NFS client. Tried manually mounting (skipping fstab), same result.

Revision history for this message
Leann Ogasawara (leannogasawara) wrote :

[This is an automated message. Apologies if it has reached you inappropriately.]

This bug was reported against the linux-meta package when it likely should have been reported against the linux package instead. We are automatically transitioning this to the linux kernel package so that the appropriate teams are notified and made aware of this issue. Thanks.

affects: linux-meta (Ubuntu) → linux (Ubuntu)
Revision history for this message
kernel-janitor (kernel-janitor) wrote :

Hi chris+ubuntu-qwirx,

Please be sure to confirm this issue exists with the latest development release of Ubuntu. ISO CD images are available from http://cdimage.ubuntu.com/releases/ . Please then run following command from a Terminal (Applications->Accessories->Terminal). It will automatically gather and attach updated debug information to this report.

apport-collect -p linux-image-`uname -r` 159557

Also, if you could test the latest upstream kernel available that would be great. It will allow additional upstream developers to examine the issue. Refer to https://wiki.ubuntu.com/KernelMainlineBuilds . Once you've tested the upstream kernel, please remove the 'needs-upstream-testing' tag. This can be done by clicking on the yellow pencil icon next to the tag located at the bottom of the bug description and deleting the 'needs-upstream-testing' text. Please let us know your results.

Thanks in advance.

[This is an automated message. Apologies if it has reached you inappropriately; please just reply to this message indicating so.]

tags: added: needs-kernel-logs
tags: added: needs-upstream-testing
tags: added: kj-triage
Changed in linux (Ubuntu):
status: New → Incomplete
Revision history for this message
Jeremy Foshee (jeremyfoshee) wrote :

This bug report was marked as Incomplete and has not had any updated comments for quite some time. As a result this bug is being closed. Please reopen if this is still an issue in the current Ubuntu release http://www.ubuntu.com/getubuntu/download . Also, please be sure to provide any requested information that may have been missing. To reopen the bug, click on the current status under the Status column and change the status back to "New". Thanks.

[This is an automated message. Apologies if it has reached you inappropriately; please just reply to this message indicating so.]

tags: added: kj-expired
Changed in linux (Ubuntu):
status: Incomplete → Invalid
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.