Slackware-current rpcbind issue
I have been following -current and the latest update to rpcbind seems to have broken my nfs automounts via autofs. Before the latest update, I had no issues with rpcbind and automount but since the update, /var/log/messages is flooded with this:
Code:
Jul 11 15:52:53 shakal rpcbind[26286]: connect from 127.0.0.1 to getport/addr(status) Also wanted to mention that I've been doing slackpkg install-new with every update so I'm pretty sure I'm not missing any new packages. Cursory Google search brings up issues that are 5-6 years old. Not sure what broke here. Any thoughts? Thanks, [EDIT] I've also rebooted a few times and tried to manually restart rc.rpc and rc.autofs [/EDIT] |
Interesting. I've also noticed the new log messages but nothing broke here. The more worrisome ones are in syslog:
Code:
Jul 12 08:51:08 darkstar rpcbind[14685]: connect from 127.0.0.1 to getport/addr(status): request from unauthorized host |
Thanks Robby. I don't see any issue in syslog, only /var/log/messages complains. Anyway, your suggestion to add "rpcbind: 127.0.0.1" to /etc/hosts.allow on my stable server seems to have done the trick. I had added the same line to hosts.allow on my client machine but apparently I also needed the same line added to the server for NFS to work again. Now the NFS clients can access mounts via autofs. The curious thing is that I never had to add rpcbind line to /etc/hosts.allow before latest current update.
Anyhow, this is how my /etc/hosts.allow looks now: Code:
# rpcbind line added post -stable and -current update on 7/10/2017 |
I still think there's a problem though, but I don't know why. hosts_access(5) says this:
Code:
The access control software consults two files. The search stops at the first match: I've looked through all of the git commits since 0.2.3 of rpcbind and I don't see anything obvious that should be causing a problem. Have you ever done a git bisection, or are you interested in doing one? I'd just do it myself, but everything is still working for me. As an aside, I'm happy to see that other folks still depend on NFS heavily :-) |
Quote:
|
Quote:
Code:
portmap:ALL Quote:
Quote:
Thanks, |
Quote:
Quote:
Code:
https://mirrors.slackware.com/slackware/slackware-14.2/source/n/libtirpc/ |
I'm downgrading all my systems to rpcbind 0.2.3 right now. I've got IPv6 everywhere and rpcbind 0.2.4 just dumps core.
|
Slackware-current rpcbind issue
I'm also having an issue with the most recent rpcbind update. I'll check hosts.allow asap
|
After many tests; the main problem is user nis authentication with rpcbind-0.2.4 (both server and client sides run the same version); but nfs network share works if you don't needs nis users.
From client side rpcbind-0.2.4 connects to server side rpcbind-0.2.3; need to modify rc.rpc script with "/sbin/rpcbind -h 0.0.0.0 -l" on the client side. (client sides are all x86_64, server side is 32bit) On my server, only downgrade rpcbind package back to 0.2.3 with vanilla script, rest of library and package are the latest. |
This will take a bit of time, but I'd appreciate it if you'd figure out exactly where things went wrong. There's no guarantee that this will find it, but it *should*, I think.
Code:
Removed URL because the contents will go away now that they're not needed any more Code:
These packages are for testing this issue: |
rworkman: I tested; all worked, but need "-h 0.0.0.0" parameter to works with userid, otherwise nis user has no username on client side.
Client side used 64bit versions, server side used i586 version. (nfs mounts works). And just to make sure; I reinstalled 0.2.4 from current on server, the problem still remain; client 0.2.4 can not work with server 0.2.4 for user authentication. |
Unless you had to add that "-h 0.0.0.0" parameter before (the patch hit 14.2 | the new package hit -current), then I'm not satisfied with the "Solved" nature of this thread. Maybe I'm misunderstanding though, as I've never used NIS, but from what I can tell, everything was fine until those new packages hit the tree. What I want to find out is *exactly* what changed in the rpcinfo source to cause the problem. In other words, put the system back just like it was before the new packages, try out the stuff I posted, and report back. It's okay if you don't want to do that - I understand that it's a lot of time/effort involved - but that's the only way to get meaningful results.
|
so you used 0.2.3 patches into current tree (0.2.4), try to figure out which one helped; eve though nocve works too. I am baffled as well.
I tried rebuild 0.2.4 with --enable-debug, but not much info from it. so back rpcbind server with 0.2.3 from 14.2 tree. |
Quote:
|
All times are GMT -5. The time now is 01:48 AM. |