Bug 839215 - nfs-server.service bound to nfs-idmap.service, cannot start independently
nfs-server.service bound to nfs-idmap.service, cannot start independently
Status: CLOSED NOTABUG
Product: Fedora
Classification: Fedora
Component: nfs-utils (Show other bugs)
17
Unspecified Unspecified
unspecified Severity unspecified
: ---
: ---
Assigned To: Steve Dickson
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2012-07-11 05:05 EDT by Rudd-O DragonFear
Modified: 2012-11-09 18:56 EST (History)
6 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2012-11-08 11:21:51 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Rudd-O DragonFear 2012-07-11 05:05:44 EDT
Description of problem:


Starting nfs-idmap.service on an nfs client automatically activates nfs-server.service which is wholly unneeded.  i could understand activating nfs-idmap.service when nfs-server.service is started, but not the other way around.

Version-Release number of selected component (if applicable):

latest nfs-utils
nfs-utils-1.2.6-0.fc17.x86_64


How reproducible:

always


Steps to Reproduce:
1. systemctl start nfs-idmap.service
2. ps ax | grep nfsd
  
Actual results:

nfsd is active and listening

Expected results:

no nfs server please

Additional info:

idmap is a program that runs in the client, it does not require nfs server to be started, which is also a security risk.

masking nfs-server.service leads to nfs-idmap.service not being startable.
Comment 1 Josh Trutwin 2012-08-09 11:36:03 EDT
I'm unsure on the recent changes to NFS idmaping and finding some issues.  I'm not sure if the nfs-idmap.service is needed for clients as there is now an nfsidmap program provided to do idmapping?  Do you have anything in /etc/request-key.d/id_resolver.conf?
Comment 2 J. Bruce Fields 2012-08-09 13:12:35 EDT
Yeah, idmapd shouldn't be necessary any more.  (On the client side, that is.  On the server side, idmapd is still used.)
Comment 3 Rudd-O DragonFear 2012-08-10 16:18:27 EDT
cat /etc/request-key.d/id_resolver.conf 
#
# nfsidmap(5) - The NFS idmapper upcall program
# Summary: Used by NFSv4 to map user/group ids into 
#          user/group names and names into in ids
# Options:
# -v         Increases the verbosity of the output to syslog
# -t timeout Set the expiration timer, in seconds, on the key
#
create    id_resolver    *         *    /usr/sbin/nfsidmap %k %d
Comment 4 Steve Dickson 2012-10-13 11:59:15 EDT
(In reply to comment #0)
> Description of problem:
> 
> 
> Starting nfs-idmap.service on an nfs client automatically activates
> nfs-server.service which is wholly unneeded.  i could understand activating
> nfs-idmap.service when nfs-server.service is started, but not the other way
> around.

I have a feeling this is happening because of the "BindTo=nfs-server.service"
in the nfs-idmap.service which was a suggestion from the systemd 
guys (see bz 769879). Any suggestions to what I should change that
to?
Comment 5 Rudd-O DragonFear 2012-11-09 18:56:58 EST
I was going to say "how can you close this as notabug, who here doesn't understand that the idmapper and the NFS server can and many do use them independently?" but then I remembered I don't care anymore since I no longer use Fedora. LOL.

Note You need to log in before you can comment on or make changes to this bug.