| View previous topic :: View next topic |
| Author |
Message |
krunk
Guru
Joined: 27 Jul 2003
Posts: 316
|
 Posted: Mon May 03, 2004 5:12 pm Post subject: NFS problems |
 |
|
NFS starts fine at boot on the server but the client gives the following error:
| Code: |
root@james krunk # /etc/init.d/nfsmount start
* Mounting NFS filesystems...
mount: RPC: Remote system error - Connection refused
* Error mounting NFS filesystems |
No relevant ouput in client or server logs pertainging to the error.
On the server side if I stop than restart nfs I it hangs at:
| Code: |
tuxmac root # /etc/init.d/nfs start
* Starting NFS statd... [ ok ] * Exporting NFS directories... [ ok ] * Starting NFS daemon...
|
and I get the following in my logs:
| Code: | May 3 11:54:30 tuxmac rpc.statd[11642]: Version 1.0.6 Starting
May 3 11:54:30 tuxmac rpc.statd[11642]: gethostbyname error for tuxmac
May 3 11:54:30 tuxmac rpc.statd[11642]: unable to register (statd, 1, udp) |
Than if I CTRL+Z the process I get:
| Code: |
[1]+ Stopped /etc/init.d/nfs start
tuxmac root # ps aux | grep nfs
root 11264 0.0 0.0 0 0 pts/3 Z 11:43 0:00 [rpc.nfsd] <defunct>
root 11444 0.0 0.2 2732 1488 pts/3 T 11:46 0:00 /bin/bash /sbin/runscript.sh /etc/init.d/nfs start
root 11649 0.1 0.0 1704 516 pts/4 D 11:54 0:00 /usr/sbin/rpc.nfsd 8
root 11653 0.0 0.0 1684 544 pts/4 S 11:55 0:00 grep nfs
|
and in the logs:
| Code: |
May 3 11:56:20 tuxmac portmap: server localhost not responding, timed out |
Relevant information:
| Code: | tuxmac root # cat /etc/hosts.allow
portmap: 192.168.1.77 , 127.0.0.1
lockd: 192.168.l.77 , 127.0.0.1
mountd: 192.168.1.77 , 127.0.0.1
rquotad: 192.168.1.77 , 127.0.0.1
statd: 192.168.1.77 , 127.0.0.1
sshd: 192.168.1.77 , 127.0.0.1
# Bastille: default deny
# no safe_finger for in.fingerd (prevent loops)
in.fingerd : ALL : DENY
# but everything else is denied & reported with safe_finger
ALL : ALL : spawn (/usr/sbin/safe_finger -l @%h | /bin/mail -s "Port Denial noted %d-%h" root) & : DENY
tuxmac root # cat /etc/hosts.deny
portmap:ALL
lockd:ALL
mountd:ALL
rquotad:ALL
statd:ALL
ALL:ALL
tuxmac root # cat /etc/hosts
127.0.0.1 localhost
192.168.1.77 james
192.168.2.77 teresa
192.168.1.78 tuxmac
192.168.2.78 tuxmac
# IPV6 versions of localhost and co
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts
tuxmac root # hostname
tuxmac
|
relevant iptable rules (this is a minimal testing set):
| Code: | NFS="2049 32764 32765 32766 32767 32769 32770 111"
echo "Enabling local network NFS"
for i in $NFS
do
$IPT -A INPUT -s $INTNET1 -p tcp --dport $i -j ACCEPT
$IPT -A INPUT -s $INTNET1 -p udp --dport $i -j ACCEPT
$IPT -A OUTPUT -s $INTNET1 -p tcp --dport $i -j ACCEPT
$IPT -A OUTPUT -s $INTNET1 -p udp --dport $i -j ACCEPT
done
echo ""
for i in $NFS
do
$IPT -A INPUT -s $INTNET2 -p tcp --dport $i -j ACCEPT
$IPT -A INPUT -s $INTNET2 -p udp --dport $i -j ACCEPT
$IPT -A OUTPUT -s $INTNET2 -p tcp --dport $i -j ACCEPT
$IPT -A OUTPUT -s $INTNET2 -p udp --dport $i -j ACCEPT
done
echo ""
|
INPORTANT NOTES
1. NFS was working before with this iptable ruleset and I have not changed it, so I REALLY do not think this is the problem.
a. it is worth mentioning, however, that I must manually change the lockd port number everytime I boot...the kernel argument does not work and it grabs a new one every time...the other ports are properly bound (append="lockd.udpport=32768 lockd.tcpport=32768")
2. NFS was previously working without a hitch. What have I changed? I don't know or I'd change it back.  The only thing I worked on was this tutorial: Email System For The Home Network...which didn't work for me so I don't even currently have any of those services running.
Thanks in advance.
_________________
G4 1ghz iBook
PowerMac G3 (B&W) [Powered by Gentoo and Gentoo alone ]
Dual G5
iPod 3rd generation |
|
| Back to top |
|
 |
tam1138
Tux's lil' helper
Joined: 28 Oct 2003
Posts: 103
|
| Posted: Mon May 03, 2004 7:07 pm Post subject: |
|
|
| Code: | # emerge portmap
# rc-update add portmap default
# /etc/init.d/portmap start |
Also, make sure that "tuxmac" is a resolvable address, either by DNS or in /etc/hosts. The portmap suggestion was more off-the-cuff; looking closely at your logs, it appears that name resolution is the culprit. |
|
| Back to top |
|
|
krunk
Guru
Joined: 27 Jul 2003
Posts: 316
|
| Posted: Mon May 03, 2004 9:48 pm Post subject: |
|
|
Thank you for the reply. This is where the confusion comes in, I too noticed the name resolution problem. This is why I made sure to include the output of 'hostname' on the server as well as the content of my /etc/hosts file. Both appear to be in order.
*edit 1* I also know that the name is resolvable from my client, since I frequently ssh into the server using it's hostname: ssh user@tuxmac
*edit 2* | Code: | #emerge portmap;
#tuxmac root # /etc/init.d/portmap start
* WARNING: "portmap" has already been started.
tuxmac root # /etc/init.d/portmap stop
* Stopping NFS mountd... [ ok ]
* Stopping NFS daemon... [ ok ]
* Unexporting NFS directories... [ ok ]
* Stopping portmap... [ !! ]
tuxmac root # /etc/init.d/portmap stop
* Stopping portmap... [ !! ]
tuxmac root # /etc/init.d/portmap zap
* Manually resetting portmap to stopped state.
tuxmac root # /etc/init.d/nfs start
* Starting NFS statd... [ ok ]
* Exporting NFS directories... [ ok ]
* Starting NFS daemon... [ ok ]
* Starting NFS mountd...
|
However I still get this on the client end:
| Code: |
root@james krunk # /etc/init.d/nfsmount start
* Starting NFS statd... [ ok ]
* Mounting NFS filesystems...
pmap_getmaps rpc problem: RPC: Unable to receive; errno = Connection reset by peer
mount: RPC: Remote system error - Connection refused
* Error mounting NFS filesystems [ !! ]
|
So, I'm halfway there...but still no go. Also my logs still don't show any relevant ports being dropped.[/quote]
_________________
G4 1ghz iBook
PowerMac G3 (B&W) [Powered by Gentoo and Gentoo alone ]
Dual G5
iPod 3rd generation |
|
| Back to top |
|
|
tam1138
Tux's lil' helper
Joined: 28 Oct 2003
Posts: 103
|
| Posted: Tue May 04, 2004 8:10 am Post subject: |
|
|
| Why are there two tuxmac entries in /etc/hosts? That seems really fishy to me. |
|
| Back to top |
|
|
krunk
Guru
Joined: 27 Jul 2003
Posts: 316
|
| Posted: Tue May 04, 2004 3:03 pm Post subject: |
|
|
My server (tuxmac) has one NIC facing outward (connected to ppp), and two facing inward. Each on it's own subnet.
I'm beginning to suspect that it is a file permission problem actually. The hostname, iptables, etc config was working a few days ago. But I believe I had hardened my /etc/ files in the interim.
Here's the only ones I know that are important:
| Code: |
drwxr-xr-x 46 root users 4096 May 3 21:57 /etc
-rw-r--r-- 1 root root 465 May 3 11:07 /etc/hosts.allow
-rw-r--r-- 1 root root 63 May 3 11:08 /etc/hosts.deny
|
I did make a back up of the default perms before applying though, they look like this:
| Code: |
0:0:644:/etc/conf.d/iptables
0:0:755:/etc/skel
0:0:644:/etc/skel/.bashrc
0:0:644:/etc/skel/.bash_profile
0:0:755:/etc/runlevels
0:0:755:/etc/runlevels/default
0:0:777:/etc/runlevels/default/local
0:0:777:/etc/runlevels/default/netmount
0:0:755:/etc/runlevels/default/net.eth0
|
But of course, there are well over a thousand of them. . .Is there a way I can restore the perms using this file?
[/list]
_________________
G4 1ghz iBook
PowerMac G3 (B&W) [Powered by Gentoo and Gentoo alone ]
Dual G5
iPod 3rd generation |
|
| Back to top |
|
|
Janne Pikkarainen
Veteran
Joined: 29 Jul 2003
Posts: 1143
Location: Helsinki, Finland
|
| Posted: Tue May 04, 2004 4:54 pm Post subject: |
|
|
| krunk wrote: |
I did make a back up of the default perms before applying though, they look like this:
| Code: |
0:0:644:/etc/conf.d/iptables
0:0:755:/etc/skel
0:0:644:/etc/skel/.bashrc
0:0:644:/etc/skel/.bash_profile
0:0:755:/etc/runlevels
0:0:755:/etc/runlevels/default
0:0:777:/etc/runlevels/default/local
0:0:777:/etc/runlevels/default/netmount
0:0:755:/etc/runlevels/default/net.eth0
|
|
(Warning: Some very kludgy and ugly shell voodoo ahead; please proceed with extreme caution)
Try something like this:
| Code: | | while read each; chmod `echo $each | cut -d ':' -f3` `echo $each | cut -d ':' -f4`; done < your_permissions_file |
_________________
Yes, I'm the man. Now it's your turn to decide if I meant "Yes, I'm the male." or "Yes, I am the Unix Manual Page.". |
|
| Back to top |
|
|
krunk
Guru
Joined: 27 Jul 2003
Posts: 316
|
| Posted: Tue May 04, 2004 5:07 pm Post subject: |
|
|
while read each; chmod `echo $each | cut -d ':' -f3` `echo $each | cut -d ':' -f4`; done < perm.orig
-bash: syntax error near unexpected token `done'
And Thanks!
*EDIT* FIXED---> while read each; do ******;done < file
_________________
G4 1ghz iBook
PowerMac G3 (B&W) [Powered by Gentoo and Gentoo alone ]
Dual G5
iPod 3rd generation
Last edited by krunk on Tue May 04, 2004 5:26 pm; edited 1 time in total |
|
| Back to top |
|
|
Janne Pikkarainen
Veteran
Joined: 29 Jul 2003
Posts: 1143
Location: Helsinki, Finland
|
| Posted: Tue May 04, 2004 5:11 pm Post subject: |
|
|
| krunk wrote: | while read each; chmod `echo $each | cut -d ':' -f3` `echo $each | cut -d ':' -f4`; done < perm.orig
-bash: syntax error near unexpected token `done'
And Thanks! |
Aww, of course there's a missing do command... the moral of the story: always test whatever you post here.  This one should work:
| Code: | | while read each; do chmod `echo $each | cut -d ':' -f3` `echo $each | cut -d ':' -f4`; done < perm.orig |
_________________
Yes, I'm the man. Now it's your turn to decide if I meant "Yes, I'm the male." or "Yes, I am the Unix Manual Page.". |
|
| Back to top |
|
|
krunk
Guru
Joined: 27 Jul 2003
Posts: 316
|
| Posted: Tue May 04, 2004 5:26 pm Post subject: |
|
|
LOL we posted at the same time.
_________________
G4 1ghz iBook
PowerMac G3 (B&W) [Powered by Gentoo and Gentoo alone ]
Dual G5
iPod 3rd generation |
|
| Back to top |
|
|
|
Networking & Security
