Bug 221713 - nfsroot and sec=null
Summary: nfsroot and sec=null
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Fedora
Classification: Fedora
Component: kernel
Version: 6
Hardware: i686
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Kernel Maintainer List
QA Contact: Brian Brock
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2007-01-06 15:37 UTC by Herbert Sasshofer
Modified: 2007-11-30 22:11 UTC (History)
1 user (show)

Fixed In Version: 2.6.20-1.2933.fc6
Clone Of:
Environment:
Last Closed: 2007-04-16 23:29:49 UTC
Type: ---
Embargoed:


Attachments (Terms of Use)

Description Herbert Sasshofer 2007-01-06 15:37:26 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; de; rv:1.8.1.1) Gecko/20060601 Firefox/2.0.0.1 (Ubuntu-edgy)

Description of problem:
I am using a self compiled XEN kernel with DHCP autoconfig and nfsroot enabled.

When exporting the rootfs with 
/nfsroot/ 172.16.0.0/255.255.254.0(ro,no_root_squash,no_all_squash,asyn c)
teh client shown in /proc/mounts
/dev/root / nfs ro,vers=2,rsize=4096,wsize=4096,hard,nolock,proto= udp,timeo=11,retrans=2,sec=null,addr=172.16.0.1 0 0
and inhibits access to non-public files (sec=null!!!) .

This did not happen with older kernel (2.6.17 and earlier).

Version-Release number of selected component (if applicable):
kernel-2.6.18-1.2869.fc6

How reproducible:
Always


Steps to Reproduce:
Boot via pxegrub to nfs rootfs. 
Stop immediately at the beginning of rc.sysinit to a sh.
Perform cat /etc/mounts
Access any file not world readable, which fails.

Actual Results:


Expected Results:


Additional info:
The problem can be solved by the following patch:
Von:  	 Trond Myklebust <Trond.Mykleb...>
In: 	
Datum: 	Thu, 03 Aug 2006 10:33:52 -0400
Lokal: 	Do 3 Aug. 2006 15:33
Betreff: 	No Subject
Signed-off-by: Trond Myklebust <Trond.Mykleb...>
---

 fs/nfs/super.c |    6 ++++--
 1 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/fs/nfs/super.c b/fs/nfs/super.c
index 867b5dc..97cfb14 100644
--- a/fs/nfs/super.c
+++ b/fs/nfs/super.c
@@ -471,12 +471,14 @@ static int nfs_validate_mount_data(struc
                                                data->version);
                                return -EINVAL;
                        }
-                       /* Fill in pseudoflavor for mount version < 5 */
-                       data->pseudoflavor = RPC_AUTH_UNIX;
                case 5:
                        memset(data->context, 0, sizeof(data->context));
        }

+       /* Set the pseudoflavor */
+       if (!(data->flags & NFS_MOUNT_SECFLAVOUR))
+               data->pseudoflavor = RPC_AUTH_UNIX;
+
 #ifndef CONFIG_NFS_V3
        /* If NFSv3 is not compiled in, return -EPROTONOSUPPORT */
        if (data->flags & NFS_MOUNT_VER3) {


Note You need to log in before you can comment on or make changes to this bug.