Ubuntu
nfs-utils package

nfsv4 mounts with kerberos authentication fail to 10.04 LTS server

Lucid (10.04)
Bug #875854

Bug #875854 reported by Ian Morris on 2011-10-16

32

This bug affects 6 people

Affects		Status	Importance	Assigned to	Milestone
	nfs-utils (Debian)	Fix Released	Unknown	debbugs #622146
	nfs-utils (Ubuntu)	Fix Released	Undecided	Unassigned
	Lucid	Won't Fix	High	Unassigned

Bug Description

After upgrading an 11.04 client system to 11.10; kerberos authorised nfsv4 mounts to a 10.04 LTS server fail. In the servers syslog, the error message ERROR: prepare_krb5_rfc_cfx_buffer: not implemented appears.

suspect this could be the same issue as :
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=622146

ProblemType: Bug
DistroRelease: Ubuntu 11.10
Package: nfs-common 1:1.2.4-1ubuntu2
ProcVersionSignature: Ubuntu 3.0.0-12.20-generic 3.0.4
Uname: Linux 3.0.0-12-generic x86_64
ApportVersion: 1.23-0ubuntu3
Architecture: amd64
Date: Sun Oct 16 18:10:34 2011
InstallationMedia: Ubuntu 11.04 "Natty Narwhal" - Release amd64 (20110426)
ProcEnviron:
LANGUAGE=en_GB:en
PATH=(custom, no user)
LANG=en_GB.UTF-8
SHELL=/bin/bash
SourcePackage: nfs-utils
UpgradeStatus: Upgraded to oneiric on 2011-10-15 (1 days ago)

Tags:

Revision history for this message

Ian Morris (ipm) wrote on 2011-10-16:

#1

Dependencies.txt Edit (2.3 KiB, text/plain; charset="utf-8")

Revision history for this message

Steve Langasek (vorlon) wrote on 2011-10-16:

#2

Yes, that's the same issue. This is not a bug that can be fixed in 11.10, but rather one that needs to be fixed in 10.04 by making that release's version of nfs-utils correctly negotiate. Marking as such.

Changed in nfs-utils (Ubuntu):
status:	New → Fix Released
Changed in nfs-utils (Ubuntu Lucid):
status:	New → Triaged
importance:	Undecided → High

Bug Watch Updater (bug-watch-updater) on 2011-10-16

Changed in nfs-utils (Debian):
status:	Unknown → Fix Released

Revision history for this message

Ian Morris (ipm) wrote on 2011-10-18:

#3

Just for the record, the workaround mentioned in the debian bug works here.

Specifically adding

permitted_enctypes = des-cbc-crc
default_tgs_enctypes = des-cbc-crc

to the server's krb5.conf file permits the mounts to proceed.

Revision history for this message

Sergio Gelato (sergio-gelato) wrote on 2012-05-01:

#4

patch against nfs-utils 1.2.0-4ubuntu4.2 Edit (14.3 KiB, text/plain)

I've backported the relevant patches to the versions of krb5 and nfs-utils currently in lucid(-security). The krb5 one (upstream svn r24603) applied cleanly, while nfs-utils required a bit more work but not much. I'm attaching the latter; to see what I had to change, simply compare it to the corresponding git commit.

My initial tests have been successful: the problem goes away as soon as I update both packages.

Revision history for this message

Rolf Leggewie (r0lf) wrote on 2015-06-17:

#5

lucid has seen the end of its life and is no longer receiving any updates. Marking the lucid task for this ticket as "Won't Fix".

Changed in nfs-utils (Ubuntu Lucid):
status:	Triaged → Won't Fix

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Patches

patch against nfs-utils 1.2.0-4ubuntu4.2 Edit

Add patch

Bug attachments

Dependencies.txt Edit

Add attachment

Remote bug watches

debbugs #622146
[done normal patch] Edit

Bug watches keep track of this bug in other bug trackers.