Bug 1202700
Summary: | mount.nfs permission denied on IPv6 address with mount option "user" in configure file "/etc/fstab" | ||||||
---|---|---|---|---|---|---|---|
Product: | Red Hat Enterprise Linux 6 | Reporter: | Yongcheng Yang <yoyang> | ||||
Component: | nfs-utils | Assignee: | Steve Dickson <steved> | ||||
Status: | CLOSED ERRATA | QA Contact: | Yongcheng Yang <yoyang> | ||||
Severity: | unspecified | Docs Contact: | |||||
Priority: | unspecified | ||||||
Version: | 6.6 | CC: | eguan, steved, swhiteho | ||||
Target Milestone: | rc | Keywords: | Reopened | ||||
Target Release: | --- | ||||||
Hardware: | Unspecified | ||||||
OS: | Unspecified | ||||||
Whiteboard: | |||||||
Fixed In Version: | nfs-utils-1.2.3-64.el6 | Doc Type: | Bug Fix | ||||
Doc Text: |
Not needed
a customer was never affected by the issue
|
Story Points: | --- | ||||
Clone Of: | Environment: | ||||||
Last Closed: | 2015-07-22 06:50:19 UTC | Type: | Bug | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Attachments: |
|
Description
Yongcheng Yang
2015-03-17 09:09:39 UTC
This is more of a bug in the mount or fstab man pages because only only root can do NFS mounts. For non-root mount autofs should be used. The same option can work with IPv4 address as Description said, maybe they should be consistency: Not allow non-root mount by fstab, or allow non-root mount for both IPv4 and IPv6 (In reply to Yongcheng Yang from comment #3) > The same option can work with IPv4 address as Description said, maybe they > should be consistency: > Not allow non-root mount by fstab, or allow non-root mount for both IPv4 and > IPv6 So you are saying non-root IPv4 NFS mounts work from the /etc/fstab? That is very hard to believe. (In reply to Steve Dickson from comment #4) > (In reply to Yongcheng Yang from comment #3) > > The same option can work with IPv4 address as Description said, maybe they > > should be consistency: > > Not allow non-root mount by fstab, or allow non-root mount for both IPv4 and > > IPv6 > > So you are saying non-root IPv4 NFS mounts work from the /etc/fstab? > That is very hard to believe. Test it against RHEL-7, seems that both IPv4 and IPv6 can works. But in RHEL-6, only IPv4 can works. ################################################ RHEL7 non-root with IPv4 from /etc/fstab ################################################ [root@ibm-x3550m3-06 ~]# exportfs -v /export_test <world>(rw,wdelay,root_squash,no_subtree_check,sec=sys,rw,secure,root_squash,no_all_squash) [root@ibm-x3550m3-06 ~]# tail /etc/fstab -n 1 127.0.0.1:/export_test /mnt/mnt_test nfs user [root@ibm-x3550m3-06 ~]# su test --session-command="mount /mnt/mnt_test" [root@ibm-x3550m3-06 ~]# echo $? 0 <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< success [root@ibm-x3550m3-06 ~]# nfsstat -m /mnt/mnt_test from 127.0.0.1:/export_test Flags: rw,nosuid,nodev,noexec,relatime,vers=4.0,rsize=1048576,wsize=1048576,namlen=255,hard,proto=tcp,port=0,timeo=600,retrans=2,sec=sys,clientaddr=127.0.0.1,local_lock=none,addr=127.0.0.1 [root@ibm-x3550m3-06 ~]# lsb_release -d Description: Red Hat Enterprise Linux Server release 7.1 (Maipo) [root@ibm-x3550m3-06 ~]# ################################################ RHEL7 non-root with IPv6 from /etc/fstab ################################################ [root@ibm-x3550m3-06 ~]# tail /etc/fstab -n 1 [::1]:/export_test /mnt/mnt_test nfs user [root@ibm-x3550m3-06 ~]# su test --session-command="mount /mnt/mnt_test" [root@ibm-x3550m3-06 ~]# echo $? 0 <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< success [root@ibm-x3550m3-06 ~]# nfsstat -m /mnt/mnt_test from [::1]:/export_test Flags: rw,nosuid,nodev,noexec,relatime,vers=4.0,rsize=1048576,wsize=1048576,namlen=255,hard,proto=tcp6,port=0,timeo=600,retrans=2,sec=sys,clientaddr=::1,local_lock=none,addr=::1 [root@ibm-x3550m3-06 ~]# lsb_release -d Description: Red Hat Enterprise Linux Server release 7.1 (Maipo) [root@ibm-x3550m3-06 ~]# ################################################ RHEL6 non-root with IPv4 from /etc/fstab ################################################ [root@intel-s3e3144-02 ~]# tail /etc/fstab -n 1 127.0.0.1:/export_test /mnt/mnt_test nfs user [root@intel-s3e3144-02 ~]# su test --session-command="mount /mnt/mnt_test" [root@intel-s3e3144-02 ~]# echo $? 0 <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< success [root@intel-s3e3144-02 ~]# nfsstat -m /mnt/mnt_test from 127.0.0.1:/export_test/ Flags: rw,relatime,vers=4,rsize=1048576,wsize=1048576,namlen=255,hard,proto=tcp,port=0,timeo=600,retrans=2,sec=sys,clientaddr=127.0.0.1,minorversion=0,local_lock=none,addr=127.0.0.1 [root@intel-s3e3144-02 ~]# lsb_release -d Description: Red Hat Enterprise Linux Server release 6.7 Beta (Santiago) [root@intel-s3e3144-02 ~]# ################################################ RHEL6 non-root with IPv6 from /etc/fstab ################################################ [root@intel-s3e3144-02 ~]# tail /etc/fstab -n 1 [::1]:/export_test /mnt/mnt_test nfs user [root@intel-s3e3144-02 ~]# su test --session-command="mount /mnt/mnt_test" mount.nfs: permission denied: no match for /mnt/mnt_test found in /etc/fstab [root@intel-s3e3144-02 ~]# echo $? 1 [root@intel-s3e3144-02 ~]# nfsstat -m [root@intel-s3e3144-02 ~]# lsb_release -d Description: Red Hat Enterprise Linux Server release 6.7 Beta (Santiago) [root@intel-s3e3144-02 ~]# Created attachment 1020153 [details]
Patch that fixes the problem
Verified with nfs-utils-1.2.3-64.el6 on both x86_64 and ppc64 ############################################################ Beaker jobs: https://beaker.engineering.redhat.com/jobs/963161 https://beaker.engineering.redhat.com/jobs/963390 Detailed logs: For ppc64: :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: do--Test-user-rhel6bz1202700 :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: [18:58:34 root@ ~~]# echo ${MNT_ITEM} >> /etc/fstab && tail /etc/fstab -n 1 [2620:52:0:4257:f476:e5ff:fee5:d403]:/exportdir-nfs-mount-options-common /mnt/nfs-mount-options-common nfs user MARK-LWD-LOOP -- 2015-05-22 18:58:34 -- :: [ PASS ] :: Running 'echo ${MNT_ITEM} >> /etc/fstab && tail /etc/fstab -n 1' (Expected 0, got 0) -------------------------------------------------------------------------------- [18:58:35 root@ ~~]# su test --session-command="mount $nfsmp" :: [ PASS ] :: Running 'su test --session-command="mount $nfsmp"' (Expected 0, got 0) -------------------------------------------------------------------------------- [18:58:36 root@ ~~]# mount | grep ${TESTNAME} [2620:52:0:4257:f476:e5ff:fee5:d403]:/exportdir-nfs-mount-options-common on /mnt/nfs-mount-options-common type nfs (rw,user=test,vers=4,addr=2620:52:0:4257:f476:e5ff:fee5:d403,clientaddr=2620:52:0:4257:f476:e5ff:fee5:d403) :: [ PASS ] :: Running 'mount | grep ${TESTNAME}' (Expected 0, got 0) -------------------------------------------------------------------------------- [18:58:36 root@ ~~]# mountpoint $nfsmp && umount $nfsmp /mnt/nfs-mount-options-common is a mountpoint :: [ PASS ] :: Running 'mountpoint $nfsmp && umount $nfsmp' (Expected 0, got 0) -------------------------------------------------------------------------------- For x86_64: :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: do--Test-user-rhel6bz1202700 :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: [08:38:12 root@ ~~]# echo ${MNT_ITEM} >> /etc/fstab && tail /etc/fstab -n 1 [2620:52:0:13b0:2e27:d7ff:fe19:fbbf]:/exportdir-nfs-mount-options-common /mnt/nfs-mount-options-common nfs user :: [ PASS ] :: Running 'echo ${MNT_ITEM} >> /etc/fstab && tail /etc/fstab -n 1' (Expected 0, got 0) -------------------------------------------------------------------------------- [08:38:12 root@ ~~]# su test --session-command="mount $nfsmp" :: [ PASS ] :: Running 'su test --session-command="mount $nfsmp"' (Expected 0, got 0) -------------------------------------------------------------------------------- [08:38:13 root@ ~~]# mount | grep ${TESTNAME} [2620:52:0:13b0:2e27:d7ff:fe19:fbbf]:/exportdir-nfs-mount-options-common on /mnt/nfs-mount-options-common type nfs (rw,user=test,vers=4,addr=2620:52:0:13b0:2e27:d7ff:fe19:fbbf,clientaddr=2620:52:0:13b0:2e27:d7ff:fe19:fbbf) :: [ PASS ] :: Running 'mount | grep ${TESTNAME}' (Expected 0, got 0) -------------------------------------------------------------------------------- [08:38:13 root@ ~~]# mountpoint $nfsmp && umount $nfsmp /mnt/nfs-mount-options-common is a mountpoint :: [ PASS ] :: Running 'mountpoint $nfsmp && umount $nfsmp' (Expected 0, got 0) -------------------------------------------------------------------------------- ############################################################ Move to VERIFIED Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHBA-2015-1342.html |