Bug 221713 – nfsroot and sec=null

Bug 221713 - nfsroot and sec=null

Summary:	nfsroot and sec=null

Status:	CLOSED CURRENTRELEASE

Aliases:	None

Product:	Fedora
Classification:	Fedora
Component:	kernel (Show other bugs)
Sub Component:
Version:	6
Hardware:	i686 Linux

Priority	medium Severity medium
Target Milestone:	---
Target Release:	---
Assigned To:	Kernel Maintainer List
QA Contact:	Brian Brock
Docs Contact:

URL:
Whiteboard:
Keywords:

Depends On:
Blocks:
	Show dependency tree / graph

Reported:	2007-01-06 10:37 EST by Herbert Sasshofer
Modified:	2007-11-30 17:11 EST (History)
CC List:	1 user (show)

See Also:
Fixed In Version:	2.6.20-1.2933.fc6
Doc Type:	Bug Fix
Doc Text:
Story Points:	---
Clone Of:
Environment:
Last Closed:	2007-04-16 19:29:49 EDT
Type:	---
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Groups: None (edit)

Description Herbert Sasshofer 2007-01-06 10:37:26 EST

From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; de; rv:1.8.1.1) Gecko/20060601 Firefox/2.0.0.1 (Ubuntu-edgy)

Description of problem:
I am using a self compiled XEN kernel with DHCP autoconfig and nfsroot enabled.

When exporting the rootfs with 
/nfsroot/ 172.16.0.0/255.255.254.0(ro,no_root_squash,no_all_squash,asyn c)
teh client shown in /proc/mounts
/dev/root / nfs ro,vers=2,rsize=4096,wsize=4096,hard,nolock,proto= udp,timeo=11,retrans=2,sec=null,addr=172.16.0.1 0 0
and inhibits access to non-public files (sec=null!!!) .

This did not happen with older kernel (2.6.17 and earlier).

Version-Release number of selected component (if applicable):
kernel-2.6.18-1.2869.fc6

How reproducible:
Always


Steps to Reproduce:
Boot via pxegrub to nfs rootfs. 
Stop immediately at the beginning of rc.sysinit to a sh.
Perform cat /etc/mounts
Access any file not world readable, which fails.

Actual Results:


Expected Results:


Additional info:
The problem can be solved by the following patch:
Von:  	 Trond Myklebust <Trond.Mykleb...@netapp.com>
In: 	
Datum: 	Thu, 03 Aug 2006 10:33:52 -0400
Lokal: 	Do 3 Aug. 2006 15:33
Betreff: 	No Subject
Signed-off-by: Trond Myklebust <Trond.Mykleb...@netapp.com>
---

 fs/nfs/super.c |    6 ++++--
 1 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/fs/nfs/super.c b/fs/nfs/super.c
index 867b5dc..97cfb14 100644
--- a/fs/nfs/super.c
+++ b/fs/nfs/super.c
@@ -471,12 +471,14 @@ static int nfs_validate_mount_data(struc
                                                data->version);
                                return -EINVAL;
                        }
-                       /* Fill in pseudoflavor for mount version < 5 */
-                       data->pseudoflavor = RPC_AUTH_UNIX;
                case 5:
                        memset(data->context, 0, sizeof(data->context));
        }

+       /* Set the pseudoflavor */
+       if (!(data->flags & NFS_MOUNT_SECFLAVOUR))
+               data->pseudoflavor = RPC_AUTH_UNIX;
+
 #ifndef CONFIG_NFS_V3
        /* If NFSv3 is not compiled in, return -EPROTONOSUPPORT */
        if (data->flags & NFS_MOUNT_VER3) {

Note You need to log in before you can comment on or make changes to this bug.