Bug 26235

Summary: Showmount command not working (anymore)
Product: Mageia Reporter: Herman Viaene <herman.viaene>
Component: RPM PackagesAssignee: Mageia Bug Squad <bugsquad>
Status: RESOLVED FIXED QA Contact:
Severity: normal    
Priority: Normal CC: lewyssmith
Version: 7   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Source RPM: CVE:
Status comment:

Description Herman Viaene 2020-02-21 15:09:42 CET 
Description of problem:
The showmount command to a remote machine just hangs and gives an RPC timeout

Version-Release number of selected component (if applicable):
nfs-utils-2.3.4-3.mga7


How reproducible:
Always

Steps to Reproduce:
1. Installation of M7 done somewhere july-august 2019. Use that one as an NFS client, configured in MCC - Access NFS shares: worked OK at that time. This program uses the showmount command (see below) and writes to fstab.
Access to NFS shares works since then impeccably.
2. Second installation done in january 2020 and immediately fully updated. After the updates tried to use MCC for NFS access to the same NFS server as above: the server is seen, but never shows the shares, so nothing is written to fstab and the acccess is simply not given.
3. Found while googling that on the second machine the command "showmount -e <server>" does not respond, gives RPC timeout.
4. In the journal of the second system found after using MCC and failing:
showmount -e --no-headers <server>
and a little later:
kill runaway process showmount
Editing the required entries for the NFS shares (copied from first system) makes NFS access OK.
The first system on which NFS access never failed, has been fully updated. Giving now the showmount command fails the same, and trying MCC - NFS access gives the same journal messages.

My guess is that sometime between the july- august 2019 and jan. 2020 there has been an nfs-utils update which blows up the showmount command.
Comment 1 David Walser 2020-02-21 16:29:38 CET 
Except that there has not been an nfs-utils (or rpcbind) update.

So the way showmount works is, first it sends a request to port 111 of the server (rpcbind) and asks it what port rpc.mountd is running on, and the server responds with the port number.  Then it queries rpc.mountd on that port number, which returns the list of NFS shares.

You should check your firewall rules and check this communication with tcpdump or wireshark and see what's going wrong.
Comment 2 Herman Viaene 2020-02-21 16:43:58 CET 
On the client the firewall is completely open, and on the server, is NFS server allowed. I don't know what you expect there since the actual NFS sharing works.
Comment 3 David Walser 2020-02-21 17:03:43 CET 
On the server, if the port 111 (rpcbind) and the port rpc.mountd is using (you can see with netstat -ntlp | grep mountd) isn't open, showmount won't work.
Comment 4 Herman Viaene 2020-02-21 17:23:01 CET 
# netstat -ntlp | grep mountd
tcp        0      0 0.0.0.0:20048           0.0.0.0:*               LISTEN      5196/rpc.mountd   
and
# netstat -ntlp | grep 111
tcp        0      0 0.0.0.0:111             0.0.0.0:*               LISTEN      1/init   
Is that normal????
I have in /etc/shorewall/rules0drakx:
ACCEPT	net	fw	udp	53,111,2049,4002,4001,4003,4004,137,138,139,445,1024:1100,631,2048	-
ACCEPT	net	fw	icmp	8	-
ACCEPT	net	fw	tcp	80,443,53,22,20,21,111,2049,4002,4001,4003,4004,137,138,139,445,1024:1100,631,5900:5902,6566,2048
Comment 5 David Walser 2020-02-21 17:33:35 CET 
Yeah the 111 from 1/init comes from rpcbind.socket, that's normal.

You don't have 20048 open, which is why showmount doesn't work.  I'm not sure why you have 2048 open.  Maybe it was a typo for 20048.  Anyway, I think we've solved this one (unless some Mageia tool was responsible for the typo'd port number).
Comment 6 Lewis Smith 2020-02-21 21:00:46 CET 
Gosh, thank you DavidW for the rapid & informed replies.
Herman, imagine that you will try the correction from the previous comment, and report back.

CC: (none) => lewyssmith

Comment 7 Herman Viaene 2020-02-22 16:30:55 CET 
That did it, although I cann't imagine or remember I had to open up that port in the past. Glad it is OK.

Status: NEW => RESOLVED
Resolution: (none) => FIXED