Bug 227602

Summary: gssd requires server to be running portmapper
Product: Red Hat Enterprise Linux 4 Reporter: Jeff Layton <jlayton>
Component: nfs-utilsAssignee: Jeff Layton <jlayton>
Status: CLOSED ERRATA QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 4.4CC: racedo, staubach, steved
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: RHBA-2007-0750 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2007-11-15 15:59:29 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
patch 1 -- Increase size of rpc send/receive buffers (and skip portmap call)
none
patch -- Use service portion of clp->servicename rather than hard-coding "nfs" none

Description Jeff Layton 2007-02-07 00:39:55 UTC 
RHEL4's gssd requires that the server run the portmapper. On a NFSv4 only host
that isn't running it, v4 krb5 mounts fail with an error message similar to:

Feb  6 19:07:40 redhat-22 rpc.gssd[2856]: WARNING: can't create rpc_clnt for
server foo.bar.baz for user with uid 0: RPC: Remote system error - No route to
host  

There were some patches that went upstream from Bruce Fields that should fix
this but they need to be backported:

http://linux-nfs.org/pipermail/nfsv4/2005-December/003120.html
Comment 1 Jeff Layton 2007-02-08 15:47:49 UTC 
Link to different archive that wont munge the patch.

http://marc.10east.com/?t=113466497100012&r=1&w=2
Comment 2 Jeff Layton 2007-04-13 18:08:33 UTC 
Created attachment 152566 [details]
patch 1 -- Increase size of rpc send/receive buffers (and skip portmap call)

Actually, this was Kevin Coffman's patch, I think. Description:

Change the clnt_create() to use routines which allow us to set the
send and receive buffer size.  This is needed for larger spkm3
exchanges including certificate chains.

This has the side-effect of skipping the portmap call since
we specify the port (by specifying the service) when getting
the server's address information.
Comment 3 Jeff Layton 2007-04-13 18:10:53 UTC 
Created attachment 152568 [details]
patch -- Use service portion of clp->servicename rather than hard-coding "nfs"

A follow on patch that removes the hardcoded "nfs" in the service name.
Comment 4 Jeff Layton 2007-04-13 18:14:45 UTC 
To test:

Set up a krb5 nfs server (I used a RHEL5 xen guest).

On server:
# service nfs restart
# service portmap stop

On client, mount the filesystem using -o sec=krb5. Without the 2 patches above,
the mount will fail, and gssd will throw an error that it can't create the rpc_clnt.
Comment 5 Jeff Layton 2007-05-09 00:36:15 UTC 
*** Bug 225154 has been marked as a duplicate of this bug. ***
Comment 7 RHEL Program Management 2007-05-09 07:54:45 UTC 
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux maintenance release.  Product Management has requested
further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for currently deployed
products.  This request is not yet committed for inclusion in an Update
release.
Comment 9 Jeff Layton 2007-07-16 14:45:26 UTC 
Committed in nfs-utils-1.0.6-81.EL4
Comment 13 errata-xmlrpc 2007-11-15 15:59:29 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2007-0750.html