Red Hat Bugzilla – Bug 294881
Kernel panic when mounting with insecure ports
Last modified: 2015-01-07 19:15:58 EST
Description of problem:
Problem with "mount". Client is without any free insecure/local port. Server
shares a folder with ack insecure. When client try to mount mount-point then
Version-Release number of selected component (if applicable):
I tried kernels: 2.6.18-8.1.8.el5, 2.6.18-47.el5 and 2.6.18-48.el5;
nfs-utils-1.0.9-23.el5 or ..-16, util-linux-2.13-0.45.el5 or ..-30
Steps to Reproduce:
[root@vepro ~]# cat /etc/exports
# there is insecure ... I am using ports like "1024 to 61000"
[root@vepro ~] service nfs restart
# just to be sure
1.[root@nec-em14 ~]# echo 32768 32768 > /proc/sys/net/ipv4/ip_local_port_range
# two same numbers, for ex "32769 32768" etc.
2.[root@nec-em14 ~]# cat /proc/sys/net/ipv4/ip_local_port_range
3.[root@nec-em14 ~]# mount server:/export /import
always kernel panic
mount error like: "There is now free ports"
Created attachment 198471 [details]
Detailed steps and output
Created attachment 221251 [details]
I'm going to send it to netdev/lkml for the further upstream commit
patch has been posted:
NetDev guys decided rework completely port assignment via sysctl/proc
interfaces. Robustness and locking has been added. I'm going to test the patches
Patches does not support the situation when we want to use the same
minimal/maximal port numbers. I've triggered conversation of this issue.
I've posted justifying patch to netdev:
Justification has been accepted and committed.
Created attachment 232411 [details]
based on four-patches intersection:
upstream commit# 06393009000779b00a558fd2f280882cc7dc2008
upstream commit# 227b60f5102cda4e4ab792b526a59c8cb20cd9f8
upstream commit# 3f196eb519a419bf83ecc22753943fd0a0de4f8f
User firstname.lastname@example.org's account has been closed
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux maintenance release. Product Management has requested
further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for currently deployed
products. This request is not yet committed for inclusion in an Update
Created attachment 269831 [details]
kabi breakage eliminated.
actual change: EXPORT_SYMBOL(sysctl_local_port_range) and
sysctl_local_port_range definition leaved untouched. This is safe for us and
good for customers, since we promised to keep the kabi.
You can download this test kernel from http://people.redhat.com/dzickus/el5
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.