Bugzilla (bugzilla.redhat.com) will be under maintenance for infrastructure upgrades and will not be available on July 31st between 12:30 AM - 05:30 AM UTC. We appreciate your understanding and patience. You can follow status.redhat.com for details.
Bug 595420 - mounting subdirectory of non-root user account fails
Summary: mounting subdirectory of non-root user account fails
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: nfs-utils
Version: 16
Hardware: All
OS: Linux
low
medium
Target Milestone: ---
Assignee: Steve Dickson
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks: 599198
TreeView+ depends on / blocked
 
Reported: 2010-05-24 15:11 UTC by Kamil Páral
Modified: 2012-07-02 22:27 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
: 599198 (view as bug list)
Environment:
Last Closed: 2012-07-02 22:27:52 UTC
Type: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Bugzilla 826505 0 unspecified NEW mounting subdirectory of non-root user account fails with all_squash and anonuid/anongid 2021-02-22 00:41:40 UTC

Internal Links: 826505

Description Kamil Páral 2010-05-24 15:11:50 UTC 
Description of problem:
Use case 1:
Server:
# cat /etc/exports
/home/kparal/devel     192.168.1.0/24(rw,no_root_squash)

Client:
# mount.nfs 192.168.1.1:/home/kparal/devel /mnt -v
mount.nfs: timeout set for Mon May 24 16:46:36 2010
mount.nfs: trying text-based options 'vers=4,addr=192.168.1.1,clientaddr=192.168.1.2'
mount.nfs: mount(2): Permission denied
mount.nfs: access denied by server while mounting 192.168.1.1:/home/kparal/devel

# mount.nfs 192.168.1.1:/home/kparal /mnt -v
mount.nfs: timeout set for Mon May 24 17:09:51 2010
mount.nfs: trying text-based options 'vers=4,addr=192.168.1.1,clientaddr=192.168.1.2'
192.168.1.1:/home/kparal on /mnt type nfs
# ll -d /mnt/
drwx------. 94 kparal kparal 4096 May 24 12:43 /mnt/
# ll /mnt
ls: cannot open directory /mnt: Permission denied
# (ignores no_root_squash option)

Use case 2:
Server:
# cat /etc/exports
/home/kparal     192.168.1.0/24(rw,no_root_squash)

Client:
everything works perfect

Simply, for non-root owned directories, only the top-level directory can be exported. If you export a subdirectory, presented problems occur.

Version-Release number of selected component (if applicable):
Server:
2.6.33.4-95.fc13.x86_64
nfs-utils-1.2.2-2.fc13.x86_64
Client:
2.6.33.4-95.fc13.x86_64
nfs-utils-1.2.2-2.fc13.x86_64

How reproducible:
Always for my machines. Also reproduced by steved @ #fedora-devel.

Steps to Reproduce:
1. Share a subdirectory of non-root owned directory.
2. Try to mount it from a client.
3. Access denied by server.
Comment 1 Steve Dickson 2010-06-02 16:11:31 UTC 
Your home directory '/home/kparal/' has a permission 
mode of 0700 (owner only), correct?
Comment 2 Steve Dickson 2010-06-02 20:18:39 UTC 
It appears the no_root_squash export option is broken on
v4 mounts..
Comment 3 Kamil Páral 2010-06-03 08:22:37 UTC 
(In reply to comment #1)
> Your home directory '/home/kparal/' has a permission 
> mode of 0700 (owner only), correct?    

Correct.
Comment 4 Kamil Páral 2011-11-23 11:53:47 UTC 
I have completely the same problem on Fedora 16. It has appeared again.

nfs-utils-1.2.5-3.fc16.x86_64
Comment 5 Kamil Páral 2012-04-16 15:11:25 UTC 
The problem also appears with:

/home/kparal/devel/     192.168.1.0/24(rw,all_squash,anonuid=500,anongid=500)

Steve, could you please have a look at that?
Comment 6 Steve Dickson 2012-05-29 13:11:57 UTC 
The proposed upstream patch

Author: Steve Dickson <steved@redhat.com>
Date:   Tue May 29 08:57:04 2012 -0400

    Honor the no_root_squash flag on pseudo roots.
    
    If root squashing is turned off on a export that
    has multiple directories, the parent directories
    of the pseudo exports that's built, also needs to
    have root squashing turned off.
    
    Signed-off-by: Steve Dickson <steved@redhat.com>

diff --git a/utils/mountd/v4root.c b/utils/mountd/v4root.c
index 708eb61..ad8a3e7 100644
--- a/utils/mountd/v4root.c
+++ b/utils/mountd/v4root.c
@@ -92,7 +92,14 @@ v4root_create(char *path, nfs_export *export)
        exp = export_create(&eep, 0);
        if (exp == NULL)
                return NULL;
-       xlog(D_CALL, "v4root_create: path '%s'", exp->m_export.e_path);
+       /*
+        * Honor the no_root_squash flag 
+        */
+       if ((curexp->e_flags & NFSEXP_ROOTSQUASH) == 0)
+               exp->m_export.e_flags &= ~NFSEXP_ROOTSQUASH;
+       xlog(D_CALL, "v4root_create: path '%s' flags 0x%x", 
+               exp->m_export.e_path, exp->m_export.e_flags);
+
        return &exp->m_export;
 }
Comment 7 Steve Dickson 2012-05-29 19:57:52 UTC 
The koji build:

http://koji.fedoraproject.org/koji/taskinfo?taskID=4112989
Comment 8 Fedora Update System 2012-05-29 20:11:37 UTC 
nfs-utils-1.2.5-8.fc16 has been submitted as an update for Fedora 16.
https://admin.fedoraproject.org/updates/nfs-utils-1.2.5-8.fc16
Comment 9 Kamil Páral 2012-05-30 11:09:54 UTC 
This fixes the problem only partially.

Now works:
/home/kparal/devel     192.168.1.0/24(rw,no_root_squash)

Still doesn't work:
/home/kparal/devel     192.168.1.0/24(rw,all_squash,anonuid=500,anongid=500)
Comment 10 Steve Dickson 2012-05-30 11:24:14 UTC 
(In reply to comment #9)
> This fixes the problem only partially.
> 
> Now works:
> /home/kparal/devel     192.168.1.0/24(rw,no_root_squash)
> 
> Still doesn't work:
> /home/kparal/devel     192.168.1.0/24(rw,all_squash,anonuid=500,anongid=500)
Ok... Lets open up another bz about anonuid/anongid not working so we can move the no_root_squash fix along... OK?
Comment 11 Kamil Páral 2012-05-30 11:33:29 UTC 
Okey dokey. Opened bug 826505.
Comment 12 Fedora Update System 2012-06-15 12:25:53 UTC 
Package nfs-utils-1.2.5-8.fc16:
* should fix your issue,
* was pushed to the Fedora 16 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing nfs-utils-1.2.5-8.fc16'
as soon as you are able to.
Please go to the following url:
https://admin.fedoraproject.org/updates/FEDORA-2012-9466/nfs-utils-1.2.5-8.fc16
then log in and leave karma (feedback).
Comment 13 Fedora Update System 2012-07-02 22:27:52 UTC 
nfs-utils-1.2.5-8.fc16 has been pushed to the Fedora 16 stable repository.  If problems still persist, please make note of it in this bug report.
Note You need to log in before you can comment on or make changes to this bug.