Bug 771845

Summary: nfs:mount allowed even with *auth.reject is set
Product: [Community] GlusterFS Reporter: Saurabh <saujain>
Component: nfsAssignee: Vivek Agarwal <vagarwal>
Status: CLOSED CURRENTRELEASE QA Contact:
Severity: high Docs Contact:
Priority: high    
Version: pre-releaseCC: gluster-bugs, mzywusko, sankarshan, shwetha.h.panduranga
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: glusterfs-3.4.0 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-07-24 13:41:13 EDT Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: 3.3.0qa29 Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
Bug Depends On:    
Bug Blocks: 817967    

Description Saurabh 2012-01-05 03:47:58 EST
Description of problem:

The problem is that the mount is allowed even if options auth.reject and nfs.rpc-auth-reject are set.


Version-Release number of selected component (if applicable):

glusterfs 3.3.0qa18 built on Dec 29 2011 01:49:17

How reproducible:


Steps to Reproduce:
1.create a volume
2.set options auth.reject and nfs.rpc-auth-reject, for a certain IP 
3. try mounting that volume from the node with the rejected IP
  
Actual results:
Mount happens.


Expected results:
Mount should not happen.

Additional info:

[root@RHEL6 nfs-regression]# gluster volume info dist-rep
 
Volume Name: dist-rep
Type: Distributed-Replicate
Status: Started
Number of Bricks: 3 x 2 = 6
Transport-type: tcp
Bricks:
Brick1: 10.1.11.101:/export-xfs/dr
Brick2: 10.1.11.102:/export-xfs/drr
Brick3: 10.1.11.101:/export-xfs/ddr
Brick4: 10.1.11.102:/export-xfs/ddrr
Brick5: 10.1.11.101:/export-xfs/dist-rep.1325653831
Brick6: 10.1.11.102:/export-xfs/dist-rep.1325653834
Options Reconfigured:
auth.reject: 10.1.11.160
nfs.rpc-auth-reject: 10.1.11.160

from node 10.1.11.160,

[root@RHSSA1 ~]# mount -t nfs -o vers=3,nolock 10.1.11.101:/dist-rep /mnt/nfs-test
[root@RHSSA1 ~]# ls /mnt/nfs-test/
f.1  f.2  f.3  f.n  run7165
Comment 1 Rajesh 2012-03-13 05:31:04 EDT
*** Bug 799228 has been marked as a duplicate of this bug. ***
Comment 2 Anand Avati 2012-03-14 06:11:05 EDT
CHANGE: http://review.gluster.com/2929 (rpc-lib/rpcsvc: nfs auth corrections) merged in master by Vijay Bellur (vijay@gluster.com)