Bug 615144
Summary: | iptable rules generated by libvirt will deny nfs access from guest with NAT network. | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 6 | Reporter: | Johnny Liu <jialiu> |
Component: | libvirt | Assignee: | Daniel Veillard <veillard> |
Status: | CLOSED NOTABUG | QA Contact: | Virtualization Bugs <virt-bugs> |
Severity: | high | Docs Contact: | |
Priority: | low | ||
Version: | 6.0 | CC: | berrange, eblake, llim, tyan, xen-maint, yoyzhang |
Target Milestone: | rc | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2010-07-19 10:03:50 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Johnny Liu
2010-07-16 02:26:17 UTC
This issue has been proposed when we are only considering blocker issues in the current Red Hat Enterprise Linux release. It has been denied for the current Red Hat Enterprise Linux release. ** If you would still like this issue considered for the current release, ask your support representative to file as a blocker on your behalf. Otherwise ask that it be considered for the next Red Hat Enterprise Linux release. ** This restriction is *intentional* because allowing guests access to the NFS server was a security flaw: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-2242 If you want the guests to have access to your NFS server, you should be able to enable it on your NFS server by editing /etc/exports and adding the 'insecure' flag (see 'man exports' for more details). Daniel, u are right. After I add the 'insecure' flag in /etc/exports for my nfs server, the guest access the nfs server successfully. |