Bug 442320
| Summary: | vsftpd active mode download fails on NFS mounted filesystewm | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 5 | Reporter: | R Gillman <r.gillman> |
| Component: | vsftpd | Assignee: | Jiri Skala <jskala> |
| Status: | CLOSED NOTABUG | QA Contact: | |
| Severity: | low | Docs Contact: | |
| Priority: | low | ||
| Version: | 5.1 | CC: | aglotov, tsmetana |
| Target Milestone: | rc | ||
| Target Release: | --- | ||
| Hardware: | i386 | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2010-04-12 16:06:18 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
R Gillman
2008-04-14 10:30:03 UTC
Works for me. Could you try this with a local file system? Also, could you provide the output of grep -v ^# /etc/vsftpd/vsftpd.conf ? Thanks. The ID used, tssftptest, has a local home directory; a subdirectory is NFS-mounted, and a GET of a file in the subdirectory fails. Curiously, the GET of the same file succeeds when done from the system, but with a 60 second pause. tolka ~ $ ssh news Last login: Mon Apr 28 09:50:33 2008 from tolka.nerc-wallingford.ac.uk news ~ $ ftp news Connected to news.nerc-wallingford.ac.uk. 220 Welcome to the iTSS FTP service 530 Please login with USER and PASS. 530 Please login with USER and PASS. KERBEROS_V4 rejected as an authentication type Name (news:susa): tssftptest 331 Please specify the password. Password: 230 Login successful. Remote system type is UNIX. Using binary mode to transfer files. ftp> passive Passive mode off. ftp> ls 200 PORT command successful. Consider using PASV. 150 Here comes the directory listing. -rw-r--r-- 1 0 0 6 Apr 09 13:12 hello drwxr-xr-x 3 0 0 4096 Apr 09 13:22 www 226 Directory send OK. ftp> get hello local: hello remote: hello 200 PORT command successful. Consider using PASV. 150 Opening BINARY mode data connection for hello (6 bytes). 226 File send OK. 6 bytes received in 0.0088 seconds (0.67 Kbytes/s) ftp> cd www 250 Directory successfully changed. ftp> ls 200 PORT command successful. Consider using PASV. 150 Here comes the directory listing. -rw-r--r-- 1 0 0 6 Apr 09 13:22 hello drwxr-xr-x 9 23209 1000 15 Apr 14 15:05 itss 226 Directory send OK. ftp> get hello local: hello remote: hello 200 PORT command successful. Consider using PASV. 150 Opening BINARY mode data connection for hello (6 bytes). 226 File send OK. 6 bytes received in 0.007 seconds (0.84 Kbytes/s) ftp> cd itss 250 Directory successfully changed. ftp> ls 200 PORT command successful. Consider using PASV. 150 Here comes the directory listing. -rw-r--r-- 1 23209 1000 66818 Jul 19 2007 awstats.html drwxr-xr-x 2 23209 1000 4 Jul 27 2007 downloads -rw-r--r-- 1 0 0 6 Apr 14 15:05 hello drwxr-xr-x 2 25008 1000 53 Apr 01 15:36 hw drwxr-xr-x 2 23209 1000 27 Oct 05 2007 images -rw-r--r-- 1 23209 1000 9205 Oct 05 2007 index.html drwxr-xr-x 4 23209 1000 10 Aug 29 2007 info drwxr-xr-x 5 23209 1000 5 Mar 22 2007 logwatch drwxr-xr-x 10 142115 100 15 Nov 01 21:19 phpldapadmin drwxr-xr-x 2 23209 1000 4 Jul 25 2007 product -rw-r--r-- 1 23209 1000 26 Aug 02 2007 robots.txt -rw-r--r-- 1 23209 1000 2219 Jul 25 2007 support.html -rw-r--r-- 1 23209 1000 6426 Jul 27 2007 systems.html 226 Directory send OK. ftp> get hello local: hello remote: hello 200 PORT command successful. Consider using PASV. 150 Opening BINARY mode data connection for hello (6 bytes). 226 File send OK. 6 bytes received in 0.0086 seconds (0.68 Kbytes/s) ftp> There was a 60 second pause between typing het hello return and the system responding File send OK [root@news vsftpd]# grep -v ^# vsftpd.conf anonymous_enable=NO local_enable=YES local_umask=022 dirmessage_enable=YES xferlog_enable=YES connect_from_port_20=YES xferlog_std_format=YES nopriv_user=ftp listen=YES pam_service_name=vsftpd userlist_enable=YES tcp_wrappers=YES chroot_local_user=YES user_config_dir=/etc/vsftpd/vsftpd_user_conf ftpd_banner=Welcome to the iTSS FTP service [root@news vsftpd]# I tested it but I was not successful to reproduce it. Is there some non-described circumstance what could be a trigger of the issue (e.g. load)? The problem still exists. It is not load, top reports 97% idle. I'm not able to reproduce the issue therefore I'm convinced that source of the issue is not in vsftpd. There is more possible sources responsible for this difficulty. Please try following things: - check for SE linux state. Swich SE linux to permissive mode (setenforce 0). Chceck for/provide me /var/log/messages both servers (ftp and nfs) - check for firewall of both servers - check for nfs configuration - check output of netstat - if it's no SE linux, firewall and nfs configuration issue it would be helpful to get traffic on the ftp server. selinux is off. NFS client log Apr 7 11:46:35 news automount[1974]: 1 remaining in /nerc Apr 7 11:46:48 news automount[1974]: 1 remaining in /users Apr 7 11:46:50 news kernel: lockd: server 192.171.172.11 not responding, timed out Apr 7 11:47:50 news kernel: lockd: server 192.171.172.11 not responding, timed out Apr 7 11:47:50 news automount[1974]: 1 remaining in /nerc Apr 7 11:48:03 news automount[1974]: 1 remaining in /users Apr 7 11:48:50 news kernel: lockd: server 192.171.172.11 not responding, timed out Apr 7 11:49:05 news automount[1974]: expiring path /nerc/etc Apr 7 11:49:05 news automount[1974]: unmounting dir = /nerc/etc Apr 7 11:49:05 news automount[1974]: expired /nerc/etc Apr 7 11:49:18 news automount[1974]: expiring path /users/susa Apr 7 11:49:18 news automount[1974]: unmounting dir = /users/susa Apr 7 11:49:18 news automount[1974]: expired /users/susa Apr 7 11:49:50 news kernel: lockd: server 192.171.172.11 not responding, timed out Apr 7 11:50:50 news kernel: lockd: server 192.171.172.11 not responding, timed out Apr 7 11:51:50 news kernel: lockd: server 192.171.172.11 not responding, timed out Apr 7 11:52:20 news susa: timestamp Apr 7 11:52:50 news kernel: lockd: server 192.171.172.11 not responding, timed out Apr 7 11:53:50 news kernel: lockd: server 192.171.172.11 not responding, timed out Apr 7 11:55:50 news last message repeated 3 times Apr 7 11:57:50 news last message repeated 2 times Apr 7 11:58:45 news susa: timestamp Apr 7 11:58:50 news kernel: lockd: server 192.171.172.11 not responding, timed out Apr 7 11:59:50 news kernel: lockd: server 192.171.172.11 not responding, timed out Apr 7 12:01:50 news last message repeated 3 times Apr 7 12:03:50 news last message repeated 2 times Apr 7 12:05:50 news last message repeated 2 times Apr 7 12:07:50 news last message repeated 2 times Apr 7 12:09:50 news last message repeated 2 times Apr 7 12:11:50 news last message repeated 2 times Apr 7 12:13:50 news last message repeated 2 times Apr 7 12:15:50 news last message repeated 2 times Apr 7 12:17:50 news last message repeated 2 times Apr 7 12:19:50 news last message repeated 2 times Apr 7 12:21:50 news last message repeated 2 times Apr 7 12:23:50 news last message repeated 2 times Apr 7 12:25:50 news last message repeated 2 times Apr 7 12:27:50 news last message repeated 2 times Apr 7 12:29:50 news last message repeated 2 times Apr 7 12:31:50 news last message repeated 2 times Apr 7 12:33:50 news last message repeated 2 times Apr 7 12:35:50 news last message repeated 2 times Apr 7 12:37:50 news last message repeated 2 times Apr 7 12:38:50 news kernel: lockd: server 192.171.172.11 not responding, timed out Apr 7 12:38:51 news susa: timestamp Apr 7 12:39:50 news kernel: lockd: server 192.171.172.11 not responding, timed out Apr 7 12:40:50 news kernel: lockd: server 192.171.172.11 not responding, timed out Apr 7 12:42:50 news last message repeated 2 times Apr 7 12:44:50 news last message repeated 2 times Apr 7 12:46:50 news last message repeated 2 times news sysconfig $ NFS server log Apr 7 11:36:30 orwell named[24360]: [ID 873579 daemon.notice] client 192.171.170.1#57441: received notify for zone '0/25.84.219.212.in-addr.arpa': not authoritative Apr 7 11:36:48 orwell named[24360]: [ID 873579 daemon.notice] client 192.171.170.1#57441: received notify for zone 'nerc-temp.ac.uk': not authoritative Apr 7 11:36:58 orwell named[24360]: [ID 873579 daemon.notice] client 192.171.170.1#57441: received notify for zone 'researchconcordat.org.uk': not authoritative orwell adm $ NFS configuration is out of the box. The directory is nounted in /etc/fstab with orwell:/itsspool/users/ftp/pub /local/users/tssftp/pub nfs ro,bg (I've also tried nfsvers=3) extract netstat output... tcp 0 137 news.nerc-wallingford:44684 orwell.nerc-wallingf:sunrpc LAST_ACK tcp 0 137 news.nerc-wallingford:44687 orwell.nerc-wallingf:sunrpc LAST_ACK tcp 0 137 news.nerc-wallingford:44686 orwell.nerc-wallingf:sunrpc LAST_ACK tcp 0 137 news.nerc-wallingford:44681 orwell.nerc-wallingf:sunrpc LAST_ACK tcp 0 137 news.nerc-wallingford:44680 orwell.nerc-wallingf:sunrpc LAST_ACK tcp 0 137 news.nerc-wallingford:44683 orwell.nerc-wallingf:sunrpc LAST_ACK tcp 0 137 news.nerc-wallingford:44682 orwell.nerc-wallingf:sunrpc LAST_ACK tcp 0 137 news.nerc-wallingford:44677 orwell.nerc-wallingf:sunrpc LAST_ACK tcp 0 137 news.nerc-wallingford:44676 orwell.nerc-wallingf:sunrpc LAST_ACK tcp 0 137 news.nerc-wallingford:44679 orwell.nerc-wallingf:sunrpc LAST_ACK tcp 0 137 news.nerc-wallingford:44678 orwell.nerc-wallingf:sunrpc LAST_ACK tcp 0 137 news.nerc-wallingford:44673 orwell.nerc-wallingf:sunrpc LAST_ACK tcp 0 137 news.nerc-wallingford:44672 orwell.nerc-wallingf:sunrpc LAST_ACK tcp 0 137 news.nerc-wallingford:44675 orwell.nerc-wallingf:sunrpc LAST_ACK tcp 0 137 news.nerc-wallingford:44674 orwell.nerc-wallingf:sunrpc LAST_ACK tcp 0 137 news.nerc-wallingford:44542 orwell.nerc-wallingf:sunrpc LAST_ACK tcp 0 137 news.nerc-wallingford:44543 orwell.nerc-wallingf:sunrpc LAST_ACK tcp 0 137 news.nerc-wallingford:44540 orwell.nerc-wallingf:sunrpc LAST_ACK tcp 0 137 news.nerc-wallingford:44541 orwell.nerc-wallingf:sunrpc LAST_ACK tcp 0 137 news.nerc-wallingford:44538 orwell.nerc-wallingf:sunrpc LAST_ACK tcp 0 137 news.nerc-wallingford:44539 orwell.nerc-wallingf:sunrpc LAST_ACK tcp 0 137 news.nerc-wallingford:44536 orwell.nerc-wallingf:sunrpc LAST_ACK tcp 0 137 news.nerc-wallingford:44537 orwell.nerc-wallingf:sunrpc LAST_ACK tcp 0 137 news.nerc-wallingford:44534 orwell.nerc-wallingf:sunrpc LAST_ACK tcp 0 137 news.nerc-wallingford:44535 orwell.nerc-wallingf:sunrpc LAST_ACK tcp 0 137 news.nerc-wallingford:44532 orwell.nerc-wallingf:sunrpc LAST_ACK tcp 0 137 news.nerc-wallingford:44533 orwell.nerc-wallingf:sunrpc LAST_ACK tcp 0 137 news.nerc-wallingford:44530 orwell.nerc-wallingf:sunrpc LAST_ACK tcp 0 137 news.nerc-wallingford:44531 orwell.nerc-wallingf:sunrpc LAST_ACK tcp 0 137 news.nerc-wallingford:44529 orwell.nerc-wallingf:sunrpc LAST_ACK tcp 0 0 news.nerc-wallingfor:sun-dr orwell.nerc-wallingford:nfs ESTABLISHED tcp 0 128 news.nerc-wallingford.a:ssh tolka.nerc-wallingfor:38300 ESTABLISHED tcp 0 0 news.nerc-wallingford.a:ssh tolka.nerc-wallingfor:38280 ESTABLISHED tcp 0 0 news.nerc-wallingford.a:ssh capri.nerc-wallingfor:41042 ESTABLISHED Active UNIX domain sockets (w/o servers) Proto RefCnt Flags Type State I-Node Path unix 23 [ ] DGRAM 5413 /dev/log unix 2 [ ] DGRAM 1452 @/org/kernel/udev/udevd unix 2 [ ] DGRAM 7527 @/org/freedesktop/hal/udev_event unix 2 [ ] DGRAM 4787304 unix 3 [ ] STREAM CONNECTED 4778802 unix 3 [ ] STREAM CONNECTED 4778801 unix 2 [ ] DGRAM 4778800 unix 2 [ ] DGRAM 4745941 unix 2 [ ] DGRAM 4727097 unix 2 [ ] DGRAM 4727072 unix 2 [ ] DGRAM 4616646 unix 2 [ ] DGRAM 65363 unix 3 [ ] STREAM CONNECTED 9143 /tmp/.X11-unix/X0 unix 3 [ ] STREAM CONNECTED 9142 unix 3 [ ] STREAM CONNECTED 9129 /tmp/.X11-unix/X0 unix 3 [ ] STREAM CONNECTED 9128 unix 3 [ ] STREAM CONNECTED 9064 /tmp/.font-unix/fs7100 unix 3 [ ] STREAM CONNECTED 9063 unix 3 [ ] STREAM CONNECTED 9006 /var/run/pcscd.comm unix 3 [ ] STREAM CONNECTED 9005 unix 3 [ ] STREAM CONNECTED 9067 /tmp/.X11-unix/X0 unix 3 [ ] STREAM CONNECTED 8994 unix 3 [ ] STREAM CONNECTED 8980 /var/run/acpid.socket unix 3 [ ] STREAM CONNECTED 8979 unix 2 [ ] DGRAM 8960 unix 3 [ ] STREAM CONNECTED 8774 @/tmp/fam-root- unix 3 [ ] STREAM CONNECTED 8773 unix 3 [ ] STREAM CONNECTED 8695 /var/run/dbus/system_bus_socket unix 3 [ ] STREAM CONNECTED 8694 unix 3 [ ] STREAM CONNECTED 8468 /var/run/dbus/system_bus_socket unix 3 [ ] STREAM CONNECTED 8467 unix 3 [ ] STREAM CONNECTED 8454 @/var/run/hald/dbus-R77Uhyut8g unix 3 [ ] STREAM CONNECTED 8447 unix 3 [ ] STREAM CONNECTED 8444 @/var/run/hald/dbus-R77Uhyut8g unix 3 [ ] STREAM CONNECTED 8440 unix 3 [ ] STREAM CONNECTED 8309 @/var/run/hald/dbus-R77Uhyut8g unix 3 [ ] STREAM CONNECTED 8304 unix 3 [ ] STREAM CONNECTED 8287 /var/run/acpid.socket unix 3 [ ] STREAM CONNECTED 8286 unix 3 [ ] STREAM CONNECTED 8281 @/var/run/hald/dbus-R77Uhyut8g unix 3 [ ] STREAM CONNECTED 8280 unix 3 [ ] STREAM CONNECTED 7522 @/var/run/hald/dbus-u0mEP0x8Xy unix 3 [ ] STREAM CONNECTED 7521 unix 3 [ ] STREAM CONNECTED 7489 /var/run/dbus/system_bus_socket unix 3 [ ] STREAM CONNECTED 7488 unix 3 [ ] STREAM CONNECTED 7483 unix 3 [ ] STREAM CONNECTED 7482 unix 2 [ ] DGRAM 7480 unix 2 [ ] DGRAM 7446 unix 2 [ ] DGRAM 6644 unix 2 [ ] DGRAM 6529 unix 2 [ ] DGRAM 6237 unix 2 [ ] DGRAM 6217 unix 2 [ ] DGRAM 6075 unix 2 [ ] DGRAM 6017 unix 2 [ ] DGRAM 5952 unix 2 [ ] DGRAM 5801 unix 3 [ ] STREAM CONNECTED 5800 /var/run/dbus/system_bus_socket unix 3 [ ] STREAM CONNECTED 5799 unix 2 [ ] DGRAM 5767 unix 3 [ ] STREAM CONNECTED 5732 unix 3 [ ] STREAM CONNECTED 5731 unix 3 [ ] STREAM CONNECTED 5688 unix 3 [ ] STREAM CONNECTED 5687 unix 2 [ ] DGRAM 5584 unix 2 [ ] DGRAM 5421 unix 3 [ ] STREAM CONNECTED 5374 unix 3 [ ] STREAM CONNECTED 5373 [root@news ~]# There is a firewall between the client and the fileserver. It is configured to allow NFS. I can ls the directory from the client. Network traffic is light. [root@news ~]# netstat -ic Kernel Interface table Iface MTU Met RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg eth1 1500 0 84717107 0 0 0 143421234 0 0 0 BMRU eth1:1 1500 0 - no statistics available - BMRU eth1:2 1500 0 - no statistics available - BMRU eth1:3 1500 0 - no statistics available - BMRU eth1:4 1500 0 - no statistics available - BMRU eth1:5 1500 0 - no statistics available - BMRU lo 16436 0 42391 0 0 0 42391 0 0 0 LRU eth1 1500 0 84717403 0 0 0 143422415 0 0 0 BMRU eth1:1 1500 0 - no statistics available - BMRU eth1:2 1500 0 - no statistics available - BMRU eth1:3 1500 0 - no statistics available - BMRU eth1:4 1500 0 - no statistics available - BMRU eth1:5 1500 0 - no statistics available - BMRU lo 16436 0 42391 0 0 0 42391 0 0 0 LRU eth1 1500 0 84717744 0 0 0 143423802 0 0 0 BMRU eth1:1 1500 0 - no statistics available - BMRU eth1:2 1500 0 - no statistics available - BMRU eth1:3 1500 0 - no statistics available - BMRU eth1:4 1500 0 - no statistics available - BMRU eth1:5 1500 0 - no statistics available - BMRU lo 16436 0 42391 0 0 0 42391 0 0 0 LRU eth1 1500 0 84717970 0 0 0 143424869 0 0 0 BMRU eth1:1 1500 0 - no statistics available - BMRU eth1:2 1500 0 - no statistics available - BMRU eth1:3 1500 0 - no statistics available - BMRU eth1:4 1500 0 - no statistics available - BMRU eth1:5 1500 0 - no statistics available - BMRU lo 16436 0 42391 0 0 0 42391 0 0 0 LRU eth1 1500 0 84718264 0 0 0 143426064 0 0 0 BMRU eth1:1 1500 0 - no statistics available - BMRU eth1:2 1500 0 - no statistics available - BMRU eth1:3 1500 0 - no statistics available - BMRU eth1:4 1500 0 - no statistics available - BMRU eth1:5 1500 0 - no statistics available - BMRU lo 16436 0 42391 0 0 0 42391 0 0 0 LRU eth1 1500 0 84718604 0 0 0 143427430 0 0 0 BMRU eth1:1 1500 0 - no statistics available - BMRU eth1:2 1500 0 - no statistics available - BMRU eth1:3 1500 0 - no statistics available - BMRU eth1:4 1500 0 - no statistics available - BMRU eth1:5 1500 0 - no statistics available - BMRU lo 16436 0 42391 0 0 0 42391 0 0 0 LRU [root@news ~]# There is currently no info leading to fix your issue. I've seen only one info that seems to be important - 60 seconds delay when the getting file is successful. Well, I think you should try following steps in sequence: - try mounting with nolock option - if no progress try disable iptables (both servers) - if it don't fix it send me NFS server info (OS, NFS ver.) and NFS configuration Thank you. When I added the nolock option to the entry in /etc/fstab, both the need to use passive mode and the 60 second wait disappeared. The system is now behaving as expected. Good! Thanks for info. Now it can be closed with status 'notabug'. |