Hello,

I am having some trouble accessing my NFS share that was previously working. I ran the Red Hat security update today that supposedly updated the NFS server on my machine. I am running Red Hat Fedora 9 (2.6.27.9-73). I am mounting this share as a root file system for an embedded device.

The error I am getting according to /var/log/messages is:

Jan 16 06:46:20 localhost mountd[2679]: Warning: Client IP address '192.168.1.129' not found in host lookup
Jan 16 06:46:20 localhost mountd[3661]: connect from 192.168.1.129 to proc (0) in mountd: request from unauthorized host

My exports file looks like this:

/nfs/share1 192.168.1.0/255.255.255.0(rw,no_root_squash,sync)

I tried adding mountd: ALL to my /etc/hosts.allow file which got rid of the authentication error but the host then fails with:

Root-NFS: Unable to get nfsd port number from server, using default

The operation eventually times out.

Is there something else I am missing? Is there a place can I get more detailed information on NFS authentication? Is there anyway to go go back to the previous version before the security update was applied?

Have you checked the release notes on the security update? there might be something helpfull in there ...

Try mounting on localhost, and ofcource check if all necessary services are running/and just to make sure/ restarted

If the host 192.168.1.129 uses a static IP, then all you have to do is add the host to your hosts.allow file:

Take a look at this:

http://www.userlocal.com/security/securinginetdetc.php

So far as I understand it, once you add the host 192.168.1.129 to your hosts.allow file with the line:
you're sorted. Looking at what you said about the nfs port moving to default, perhaps you have a firewall issue which came about as a result of the security update!

I daresay, often a complete reboot helps, looking at what the previous poster said about daemons / services running. A complete reboot will often catch such things.

I did not recieve any release notes for the latest security update. Where can I find these? I am able to mount the nfs share from the same machine.

I tried this and rebooted, and I am still getting the 'Client IP address not found in host lookup' message.

I have IPtables currently disabled.

Thanks

Apparently the client IP address MUST exist in the /etc/hosts file in order for it to work with the hosts.allow file. The hosts.allow man page mentions nothing about this.

Actually, you need to check/update the /etc/nsswitch.conf file. It determines which options are used to authenticate services, and in which order.