NFS mounting hangs instead of returning with permission denied
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Debian |
Fix Released
|
Unknown
|
|||
Fedora |
Won't Fix
|
Low
|
|||
nfs-utils (Ubuntu) |
Fix Released
|
High
|
Steve Langasek | ||
Hardy |
Fix Released
|
High
|
Unassigned | ||
Intrepid |
Fix Released
|
High
|
Steve Langasek |
Bug Description
Binary package hint: nfs-common
Hardy does not properly return Permission denied correctly when attempting to mount NFS shares that are denied. Instead it hangs for 2 minutes as if the error was a connection timeout.
This error is hardy specific as gutsy properly returned Permission denied. Following, you will find output from two different machines: one running Hardy 8.04, the other running Gutsy 7.10. Both are attempting to mount the very same NFS share on a Solaris 10 server. Neither machine actually has permission to mount this share. Both machines *can* mount shares they do have permission for on the same server.
This is critical as it severely impacts the usefulness of autofs.
------------ Hardy test case ------------------
$ cat /etc/*-release
DISTRIB_ID=Ubuntu
DISTRIB_
DISTRIB_
DISTRIB_
$ uname -a
Linux fungus 2.6.24-15-generic #1 SMP Fri Apr 4 03:48:31 UTC 2008 i686 GNU/Linux
$ dpkg -l | grep nfs-common
ii nfs-common 1:1.1.2-2ubuntu2 NFS support files common to client and serve
$ time sudo mount.nfs platinum:
mount.nfs: Connection timed out
real 2m5.071s
user 0m0.000s
sys 0m0.004s
-------
$ cat /etc/*-release
DISTRIB_ID=Ubuntu
DISTRIB_
DISTRIB_
DISTRIB_
$ uname -a
Linux campaigndialer 2.6.22-14-server #1 SMP Tue Dec 18 08:31:40 UTC 2007 i686 GNU/Linux
$ dpkg -l | grep nfs-common
ii nfs-common 1:1.1.1~
$ time sudo mount.nfs platinum:
mount.nfs: platinum:
real 0m0.016s
user 0m0.000s
sys 0m0.010s
Changed in nfs-utils: | |
milestone: | none → ubuntu-8.04.1 |
Changed in fedora: | |
status: | Fix Committed → Won't Fix |
Changed in fedora: | |
importance: | Unknown → Low |
mount server:/export /import/ -o system_ u:object_ r:httpd_ sys_content_ t:s0,fscontext= system_ u:object_ r:lib_t: s0
context=
With selinux enforcing this will give you an selinux denial and the actual mount
syscall returns -EACCES. mount.nfs sleeps (increasingly longer up to 10
seconds) and keeps retrying. One permission denied should be enough to cause
mount.nfs to give up.
A bit of an strace is below: paris.rdu. redhat. com:/export/ storage" , "/storage", "nfs"..., 0, \"system_ u:object_ r:httpd_ sys_content_ t:s0\", fscontext= \"system_ u:object_ r:lib_t: s0\",addr= 10.11.231. 241"... ) {1206974842, 167191}, NULL) = 0 SIG_BLOCK, [CHLD], [], 8) = 0 SIGCHLD, NULL, {SIG_DFL}, 8) = 0 SIG_SETMASK, [], NULL, 8) = 0 paris.rdu. redhat. com:/export/ storage" , "/storage", "nfs"..., 0, \"system_ u:object_ r:httpd_ sys_content_ t:s0\", fscontext= \"system_ u:object_ r:lib_t: s0\",addr= 10.11.231. 241"... ) {1206974843, 206725}, NULL) = 0 SIG_BLOCK, [CHLD], [], 8) = 0 SIGCHLD, NULL, {SIG_DFL}, 8) = 0 SIG_SETMASK, [], NULL, 8) = 0 paris.rdu. redhat. com:/export/ storage" , "/storage", "nfs"..., 0, \"system_ u:object_ r:httpd_ sys_content_ t:s0\", fscontext= \"system_ u:object_ r:lib_t: s0\",addr= 10.11.231. 241"... )
2262 mount("
"context=
= -1 EACCES (Permission denied)
2262 gettimeofday(
2262 rt_sigprocmask(
2262 rt_sigaction(
2262 rt_sigprocmask(
2262 nanosleep({1, 0}, {1, 0}) = 0
2262 mount("
"context=
= -1 EACCES (Permission denied)
2262 gettimeofday(
2262 rt_sigprocmask(
2262 rt_sigaction(
2262 rt_sigprocmask(
2262 nanosleep({2, 0}, {2, 0}) = 0
2262 mount("
"context=
= -1 EACCES (Permission denied)