Bug 519184

Summary: nfsnobody == 4294967294 causes idmapd to stop responding
Product: Red Hat Enterprise Linux 5 Reporter: Sachin Prabhu <sprabhu>
Component: kernelAssignee: Jeff Layton <jlayton>
Status: CLOSED ERRATA QA Contact: Red Hat Kernel QE team <kernel-qe>
Severity: high Docs Contact:
Priority: high    
Version: 5.4CC: branto, cward, dzickus, jlayton, libbe, pamadio, rwheeler, steved, tao, yanwang
Target Milestone: rc   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 523285 (view as bug list) Environment:
Last Closed: 2010-03-30 07:18:19 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 523285, 526775, 526950, 533192    

Description Sachin Prabhu 2009-08-25 15:04:29 UTC 
This is a RHEL 5 report for bz 225507. The report is based on the upstream thread
http://linux-nfs.org/pipermail/nfsv4/2007-December/007321.html

To recreate:

1) On the server, set anonuid/anongid as 4294967294
# cat /etc/exports 
/export *(rw,insecure,fsid=0) 
/export/data *(rw,anonuid=4294967294,anongid=4294967294)
Restart nfs to export the filesystem
2) On the server create a file with uid set to 4294967294
mkdir /export/data/test
touch /export/data/test/a
chown 4294967294 /export/data/test/a
3) Mount the nfs4 export on a client
mount -r nfs4 server:/data /mnt
4) cd /mnt/test/
5) ls -l 

The system will hang.

The upcall by the nfs module uses a signed number. Thus the uid 4294967294 gets translated to -2 which confuses rpc.idmapd.
Comment 1 Sachin Prabhu 2009-08-25 15:05:50 UTC 
Patch available at
http://linux-nfs.org/pipermail/nfsv4/2007-December/007321.html
Comment 3 Sachin Prabhu 2009-08-25 15:09:39 UTC 
A test kernel with the patch from c#1 was tested successfully by the user.
Comment 6 Jeff Layton 2009-09-10 17:46:37 UTC 
Patch looks straightforward and obviously correct. I've added it to my test kernels here to get some soak time:

http://people.redhat.com/jlayton/

...I'd also think I see the problem with idmapd that causes it to stop responding. For most error conditions, the nfsdcb() function does not requeue the event (i.e. call event_add() again). That means that once we hit an error condition idmapd stops watching that file descriptor.

I've got a patch that should help fix that, but it needs to be tested a little more and I want to get some upstream feedback on it.
Comment 7 Jeff Layton 2009-09-10 19:46:44 UTC 
Patch for idmapd sent upstream. If it gets accepted I'll plan to clone this bug and we'll get this patch into RHEL too:

http://marc.info/?l=linux-nfs&m=125261173214324&w=2
Comment 9 RHEL Program Management 2009-09-25 17:40:35 UTC 
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux maintenance release.  Product Management has requested
further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for currently deployed
products.  This request is not yet committed for inclusion in an Update
release.
Comment 10 Don Zickus 2009-10-06 19:39:02 UTC 
in kernel-2.6.18-168.el5
You can download this test kernel from http://people.redhat.com/dzickus/el5

Please do NOT transition this bugzilla state to VERIFIED until our QE team
has sent specific instructions indicating when to do so.  However feel free
to provide a comment indicating that this fix has been verified.
Comment 12 Chris Ward 2010-02-11 10:13:48 UTC 
~~ Attention Customers and Partners - RHEL 5.5 Beta is now available on RHN ~~

RHEL 5.5 Beta has been released! There should be a fix present in this 
release that addresses your request. Please test and report back results 
here, by March 3rd 2010 (2010-03-03) or sooner.

Upon successful verification of this request, post your results and update 
the Verified field in Bugzilla with the appropriate value.

If you encounter any issues while testing, please describe them and set 
this bug into NEED_INFO. If you encounter new defects or have additional 
patch(es) to request for inclusion, please clone this bug per each request
and escalate through your support representative.
Comment 14 yanfu,wang 2010-02-26 07:39:46 UTC 
who is Pierre? seems he isn't in CC list.
if he could provides test result?
Comment 16 yanfu,wang 2010-03-10 10:53:53 UTC 
can reproduce on 5.4:
1) On the server, set anonuid/anongid as 4294967294
# cat /etc/exports 
/export *(rw,insecure,fsid=0) 
/export/data *(rw,anonuid=4294967294,anongid=4294967294)
Restart nfs to export the filesystem
2) On the server create a file with uid set to 4294967294
mkdir /export/data/test
touch /export/data/test/a
chown 4294967294 /export/data/test/a
3) Mount the nfs4 export on a client
mount -t nfs4 server:/data /mnt
or:
mount -t nfs4 localhost:/data /mnt
4) cd /mnt/test/
5) ls -l 

check error:
# vim /var/log/messages
Mar  2 02:53:40 amd-chipotle-01 rpc.idmapd[7117]: nfsdcb: id '-2' too big!

verify on 5.5 kernel 2.6.18-190.el5 and no problem.
Comment 18 errata-xmlrpc 2010-03-30 07:18:19 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2010-0178.html
Comment 20 Jeff Layton 2011-05-02 18:45:01 UTC 
*** Bug 533835 has been marked as a duplicate of this bug. ***