14550 – Drakfirewall fails to open mountd ports for NFS

Bug 14550 - Drakfirewall fails to open mountd ports for NFS

Summary: Drakfirewall fails to open mountd ports for NFS

Status:	RESOLVED FIXED

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	RPM Packages (show other bugs)
Version:	5
Hardware:	x86_64 Linux

Priority:	High Severity: major
Target Milestone:	---
Assignee:	papoteur
QA Contact:

URL:
Whiteboard:	IN_ERRATA
Keywords:	PATCH

Depends on:	18796
Blocks:
	Show dependency tree / graph

Reported:	2014-11-14 12:22 CET by André DESMOTTES
Modified:	2016-07-08 20:46 CEST (History)
CC List:	7 users (show)

See Also:
Source RPM:	drakx-net
CVE:
Status comment:

Attachments
Patch to use correct config file for NFS (4.18 KB, patch) 2015-08-30 15:53 CEST, Derek Jennings	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Description André DESMOTTES 2014-11-14 12:22:48 CET

Hello,

If I configure drakfirewall with "No firewall" on the server, NFS is working fine. If I configure drakfirewall checking the "NFS server" box, NFS doesn't work anymore. The client MCC displays the server IP address without the ">". If, on the server, I go into "Advanced" and manually add "30000:60000/tcp 30000:60000/udp" NFS works again. So, drakfirewall fails to open the mountd ports.

FWIW, I tried to add a line in /etc/sysconfig/nfs-server to set a fixed port number for mountd, but it didn't work either.

Manuel Hiebel 2014-11-14 22:31:24 CET

CC: (none) => mageia, thierry.vignaud
Source RPM: (none) => drakx-net

Comment 1 Thierry Vignaud 2015-03-11 15:52:57 CET

NFS ports are defined there:
http://gitweb.mageia.org/software/drakx-net/tree/lib/network/drakfirewall.pm#n55
Listed from:
http://gitweb.mageia.org/software/drakx-net/tree/lib/network/nfs.pm#n7

So it looks like we failed to read the right mountd port (which we assume is 4003 by default, else defined by "RPCMOUNTD_OPTIONS=..." in /etc/sysconfig/nfs-server

Keywords: (none) => NEEDINFO

Angelo Naselli 2015-03-11 16:44:33 CET

CC: (none) => anaselli, matteo.pasotti

Comment 2 Samuel Verschelde 2015-05-19 14:20:55 CEST

Removing the NEEDINFO keyword as I see no question to the bug reporter. Maybe you meant NEEDHELP?

Keywords: NEEDINFO => (none)

Comment 3 André DESMOTTES 2015-05-19 17:10:16 CEST

FYI, I have with Mageia 4:
[root@localhost ~]# cat /etc/sysconfig/nfs-server 
RPCMOUNTD_OPTIONS="--port 4002"
[root@localhost ~]# 

Bug still valid.

Samuel Verschelde 2015-05-19 17:11:47 CEST

Whiteboard: (none) => MGA4TOO

Samuel Verschelde 2015-05-21 11:01:46 CEST

Whiteboard: MGA4TOO => MGA4TOO MGA5TOO FOR_ERRATA

Comment 4 papoteur 2015-05-31 19:00:54 CEST

Added in errata.
https://wiki.mageia.org/en/Mageia_5_Errata#Drakfirewall_fails_to_open_mountd_ports_for_NFS

CC: (none) => yves.brungard_mageia
Whiteboard: MGA4TOO MGA5TOO FOR_ERRATA => MGA4TOO MGA5TOO IN_ERRATA

Comment 5 Derek Jennings 2015-08-30 15:53:36 CEST

Created attachment 6982 [details]
Patch to use correct config file for NFS

The problem is because systemd starts mountd with the configuration file /etc/sysconfig/nfs while nfs.pm is looking at  nfs-common and nfs-server.

In addition the names of the parameters are changed in /etc/sysconfig/nfs so RPCMOUNTD_OPTIONS is now RPCMOUNTDARGS.

A quick workaround the problem is to edit /etc/sysconfig/nfs and set

RPCMOUNTDARGS="--port 4003" and restart nfs-mountd service.

For a more complete fix see attached patch. It works for me.

CC: (none) => derekjenn

Comment 6 André DESMOTTES 2015-08-30 19:31:33 CEST

Hi,
The patch works for me too.
Thanks

Comment 7 André DESMOTTES 2015-11-24 23:14:27 CET

Hi
Why this patch isn't in Mageia 6?

Samuel Verschelde 2015-11-25 10:29:07 CET

Keywords: (none) => PATCH
Priority: Normal => High
Severity: normal => major

Comment 8 Samuel Verschelde 2015-11-25 10:33:47 CET

Assigning to drakx-net maintainer Olivier Blin. Patch attached (see comment #5).

Assignee: bugsquad => mageia

Comment 9 Olivier Blin 2016-01-30 16:32:20 CET

Applied by Papoteur in git, thanks for the patch!

Comment 10 Thierry Vignaud 2016-06-27 11:20:24 CEST

Closing

Resolution: (none) => FIXED
Status: NEW => RESOLVED

Comment 11 papoteur 2016-07-04 08:45:47 CEST

Reopened because of Mageia 5

Status: RESOLVED => REOPENED
Whiteboard: MGA4TOO MGA5TOO IN_ERRATA => MGA5TOO IN_ERRATA
Version: Cauldron => 5
Resolution: FIXED => (none)

Comment 12 papoteur 2016-07-04 22:25:11 CEST

drakx-net 2.24.2 is ready in testing.

Assignee: mageia => qa-bugs

Comment 13 David Walser 2016-07-05 17:21:32 CEST

Drakx-net update is already assigned to QA in another bug.

Depends on: (none) => 18796
Assignee: qa-bugs => yves.brungard_mageia
Whiteboard: MGA5TOO IN_ERRATA => IN_ERRATA

Comment 14 Alain Choucroot 2016-07-06 10:58:18 CEST

As a mg5 user, I downloaded drakx-net 2.24.2 from "Core Update Testing (distrib5)". And I tested it ok !( opened drakfirewall and re-applyed the "NFS" configuration. This time the nfs serveur is visible throught the firewall.

CC: (none) => choucroot

Comment 15 David Walser 2016-07-06 21:42:46 CEST

Alain, please report your successful test on Bug 18796.  Also mention which architecture you tested on.

Comment 16 papoteur 2016-07-08 20:46:44 CEST

Followed in Bug 18796

Status: REOPENED => RESOLVED
Resolution: (none) => FIXED

Note You need to log in before you can comment on or make changes to this bug.