RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 1463004 - Server availability probe broke tunneling nfs via localhost
Summary: Server availability probe broke tunneling nfs via localhost
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: autofs
Version: 6.9
Hardware: Unspecified
OS: Unspecified
high
medium
Target Milestone: rc
: ---
Assignee: Ian Kent
QA Contact: xiaoli feng
URL:
Whiteboard:
: 1476343 (view as bug list)
Depends On:
Blocks: 1461138 1507140 1598640
TreeView+ depends on / blocked
 
Reported: 2017-06-19 21:36 UTC by Frank Sorenson
Modified: 2021-09-09 12:22 UTC (History)
9 users (show)

Fixed In Version: autofs-5.0.5-135.el6
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
: 1598640 (view as bug list)
Environment:
Last Closed: 2018-06-19 05:22:12 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)
Patch - remove some redundant rpc library code (2.37 KB, patch)
2017-06-21 06:24 UTC, Ian Kent
no flags Details | Diff
Patch - add port parameter to rpc_ping() (5.13 KB, patch)
2017-06-21 06:25 UTC, Ian Kent
no flags Details | Diff
Patch - remove some redundant rpc library code (updated) (3.63 KB, patch)
2017-06-26 11:32 UTC, Ian Kent
no flags Details | Diff
Patch - add port parameter to rpc_ping() (updated) (4.40 KB, patch)
2017-06-26 11:33 UTC, Ian Kent
no flags Details | Diff
Patch - dont probe NFSv2 by default (1.03 KB, patch)
2017-06-26 11:34 UTC, Ian Kent
no flags Details | Diff
Patch - add version parameter to rpc_ping() (4.58 KB, patch)
2017-06-26 11:35 UTC, Ian Kent
no flags Details | Diff


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2018:1917 0 None None None 2018-06-19 05:22:41 UTC

Description Frank Sorenson 2017-06-19 21:36:06 UTC
Description of problem:

The nfs server availability probe to avoid lengthy mount timeouts broke tunneling of nfs mounts through localhost.

This also broke mounts when 'port' is specified, but rpcbind is not running.

Also, the test will get a false positive if the nfs server and rpcbind are running on the localhost, but the tunneled system is not available.


Version-Release number of selected component (if applicable):

autofs-5.0.5-131.el6 and newer
upstream beginning with commit 4914be9


How reproducible:
easy

Steps to Reproduce:

several options to reproduce the mount failure
 1) run nfs server on localhost
    create automount map entry to mount localhost, specifying a 'port=#' option
    stop rpcbind

 2) create ssh tunnel to another system
    specify 'port=#' option in automount map
    (rpcbind not running, or rpcbind running without local nfs server)

false positive can be tested by having rpcbind on the local system, but the ssh tunnel not available.


Actual results:

if map entry gives localhost for an nfs mount and specifies a 'port=#' option, bind mount will not be attempted, but the local system's rpcbind will be probed

If the local system is not running rpcbind, this results in a failed mount:
ls: cannot access /home/user02: No such file or directory


If the local system is running rpcbind, the ping only probes the local system, and not the system through the tunnel.


Expected results:

if a port number is specified for an nfs mount referring to localhost, the rpc probe will take the requested port into consideration.

Comment 2 Ian Kent 2017-06-20 02:00:33 UTC
Right, I see, I'll sort this out.

Thanks for the comprehensive problem description.
Ian

Comment 3 Ian Kent 2017-06-20 02:48:20 UTC
I see from the case the customer has had some difficulty getting us
to understand the problem.

Please offer my apologies to them and let them know I do understand
the problem (thanks to your description Frank) and I'll try to resolve
it as soon as I can.

Checking availability in this case does introduce some additional
difficulties which I need to work out how to deal with because we do
need this functionality.

I'm not sure how it happened but mount.nfs(8) changed at some point
which is what lead to the check being introduced so there may have
been problems without the autofs change also.

And regarding the autofs_use_lofs configuration option.

In the comments in the configuration file that is installed, and
above a rather lengthy set of descriptions there is this:

# Otions for the amd parser within autofs.

Apart from the spelling mistake, I understand it's easy to miss
that autofs_use_lofs is an amd format map configuration option
not an autofs (Sun) map format option. It's also listed as an
amd option in autofs.conf(5).

So it doesn't relate to what we're looking at here at all.

Ian

Comment 5 Ian Kent 2017-06-20 04:09:46 UTC
(In reply to Ian Kent from comment #3)
> 
> Checking availability in this case does introduce some additional
> difficulties which I need to work out how to deal with because we do
> need this functionality.
> 

It looks like fixing the failure to cater for the port option will
resolve all the observed problems.

Testing will tell for sure.

Ian

Comment 6 Ian Kent 2017-06-21 06:24:49 UTC
Created attachment 1289937 [details]
Patch - remove some redundant rpc library code

Comment 7 Ian Kent 2017-06-21 06:25:40 UTC
Created attachment 1289938 [details]
Patch - add port parameter to rpc_ping()

Comment 8 Ian Kent 2017-06-21 07:03:51 UTC
(In reply to Frank Sorenson from comment #0)
> Description of problem:
> 
> The nfs server availability probe to avoid lengthy mount timeouts broke
> tunneling of nfs mounts through localhost.
> 
> This also broke mounts when 'port' is specified, but rpcbind is not running.

Making the autofs NFS ping handle accept a port parameter should
deal with that.

When the port option is used rpcbind isn't consulted and a local
bind mount isn't attempted.

> 
> Also, the test will get a false positive if the nfs server and rpcbind are
> running on the localhost, but the tunneled system is not available.
> 

Using the port option is needed when tunnelling like this.

Given that rpcbind isn't consulted when the port option is used
and a different local port can be mapped to the NFS port on the
remote machine conflicts with what's running on the local machine
are avoided. So the added support of a port number parameter for
the autofs NFS ping should be enough.

Ian

Comment 9 Ian Kent 2017-06-21 07:06:13 UTC
A build with the above changes is available at:
http://people.redhat.com/~ikent/autofs-5.0.5-132.bz1463004.1.el6_9/

This should fix the ssh tunnelling problem, please have the client
test this and report back.

Comment 14 Ian Kent 2017-06-22 23:12:05 UTC
Can I have some logs please?

One thing that probably should be done (and ins't yet) is to
use mount options to reduce the number of things that are being
checked for.

Comment 15 Ian Kent 2017-06-26 11:32:21 UTC
Created attachment 1291946 [details]
Patch - remove some redundant rpc library code (updated)

Comment 16 Ian Kent 2017-06-26 11:33:20 UTC
Created attachment 1291947 [details]
Patch - add port parameter to rpc_ping() (updated)

Comment 17 Ian Kent 2017-06-26 11:34:16 UTC
Created attachment 1291948 [details]
Patch - dont probe NFSv2 by default

Comment 18 Ian Kent 2017-06-26 11:35:15 UTC
Created attachment 1291949 [details]
Patch - add version parameter to rpc_ping()

Comment 19 Ian Kent 2017-06-26 11:44:37 UTC
A build with updated changes is available at:
http://people.redhat.com/~ikent/autofs-5.0.5-132.bz1463004.2.el6_9/

This should reduce the time taken during automounting for the ssh
tunnelling problem, please have the client test this and report back.

Comment 23 Ian Kent 2017-08-02 00:03:01 UTC
*** Bug 1476343 has been marked as a duplicate of this bug. ***

Comment 45 errata-xmlrpc 2018-06-19 05:22:12 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2018:1917


Note You need to log in before you can comment on or make changes to this bug.