commit e725def62c73b4aa269fefc4c0d96abb41927fcb Author: Steve Dickson steved@redhat.com Date: Mon Nov 17 13:17:20 2014 -0500
exportfs: Do not fail on empty exports file.
Commit 076dd80 introduced a regression that causes
exportfs to fail when there is an empty /etc/exports
file. A empty /etc/exports file is valid and should
not cause exportfs to fail.
Signed-off-by: Steve Dickson <steved@redhat.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
commit e4569a0961ff9f059b9ae71327d291cf95399597 Author: Bodo Stroesser bstroesser@ts.fujitsu.com Date: Wed Nov 12 09:43:29 2014 -0500
rpc.mountd: set libtirpc nonblocking mode to avoid DOS
This patch is experimental. In works fine in that it
removes the vulnerability against a DOS attack. rpc.mountd
can be blocked by a bad client, that sends many RPC requests
but never reads the responses. This might happen
intentionally or caused by a wrong network config (MTU). The
patch switches on the nonblocking mode of libtirpc. In that
mode writes can block for a max of 2 seconds. Attackers are
forced to send requests slower, as libtirpc will close
a connection if it finds two requests to read at the same
time.
Reviewed-by: NeilBrown <neilb@suse.de>
Signed-off-by: Bodo Stroesser <bstroesser@ts.fujitsu.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
1170354 - Typos in nfs-utils sysconfig files and associated script
1165322 - nfs-utils pre scriptlet fails to add rpcuser properly
1115225 - clean up and clarify lockd port configuration
1173564 - Cannot properly enable the nfs-secure service
1175773 - nfs-utils_env.sh: line 21: [: : integer expression expected
Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:
sudo dnf upgrade --refresh --advisory=FEDORA-2014-15315
Please login to add feedback.
This update has been submitted for testing by steved.
Taskotron: depcheck test PASSED on i386. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/13729/steps/runtask/logs/stdio (results are informative only)
Taskotron: depcheck test PASSED on x86_64. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/13729/steps/runtask/logs/stdio (results are informative only)
This update is currently being pushed to the Fedora 21 testing updates repository.
This update is currently being pushed to the Fedora 21 testing updates repository.
This update has been pushed to testing
Seems OK
Just an FYI. Upgraded an F-20 box (that does not even run NFS) to F-21 and now nfs-idmapd.service refuses to start (not that I need it, but still). Apparently: rpc.idmapd[10913]: main: open(/var/lib/nfs/rpc_pipefs//nfs): No such file or directory. I can see there is a whole bunch of stuff in rpc_pipefs on my F-20 machine (now owned by any RPM), but F-21 has nothing in there. The -2.0 version of this package also does the same thing.
I meant to say "not owned by any RPM".
This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes
This is main: open(/var/lib/nfs/rpc_pipefs//nfs): No such file or directory is happening because the sunrpc kernel module is not loaded which means /var/lib/nfs/rpc_pipefs is not mounted. So the question is why is rpc.idmapd even being started if you not running the NFS server. I'm guess this is a problem with the upgrade not so much a bug in the code.
OK, thanks. I guess I'll just disable it. On another note, you may want to look at things like RPCMOUNTDOPTS in /etc/sysconfig/nfs, which is part of this package. The actual service takes RPCMOUNTDARGS. I think I saw one or two more like that, because the ports I defined on the machine that does run NFS would not be taken into account.
See bug #1170354.
This build has fixed for me "Bug 1164477 - nfs server does not start with empty /etc/exports (and exports in /etc/exports.d)". But unaware of the other Bug/regression so not +1ing it.
steved has edited this update. New build(s): nfs-utils-1.3.1-4.0.fc21. Removed build(s): nfs-utils-1.3.1-2.2.fc21.
This update has been submitted for testing by steved.
Taskotron: depcheck test PASSED on x86_64. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/21169/steps/runtask/logs/stdio (results are informative only)
Taskotron: depcheck test PASSED on i386. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/21169/steps/runtask/logs/stdio (results are informative only)
This update is currently being pushed to the Fedora 21 testing updates repository.
This update has been pushed to testing
Upon restart of nfs-config.service, followed by restart of other impacted NFS services, fixes #1170354.
System fails to boot after this update. Needed to remove nfs-client.target by hand to be able to get to the gdm login prompt. Have empty /etc/exportfs and no NFS entries in /etc/fstab
karma: -1
"System fails to boot" what exactly does this mean? Did the system hang, if so where? Did the system panic, if so where. Are you sure nfs-utils was causing the problem?
steved has edited this update. New build(s): nfs-utils-1.3.1-4.1.fc21. Removed build(s): nfs-utils-1.3.1-4.0.fc21.
This update has been submitted for testing by steved.
Taskotron: depcheck test PASSED on i386. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/24903/steps/runtask/logs/stdio (results are informative only)
Taskotron: depcheck test PASSED on x86_64. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/24903/steps/runtask/logs/stdio (results are informative only)
This update is currently being pushed to the Fedora 21 testing updates repository.
This update has been pushed to testing
This update has been submitted for stable by steved.
Taskotron: upgradepath test PASSED on noarch. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/27602/steps/runtask/logs/stdio (results are informative only)
Taskotron: depcheck test PASSED on i386. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/27603/steps/runtask/logs/stdio (results are informative only)
Taskotron: depcheck test PASSED on x86_64. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/27603/steps/runtask/logs/stdio (results are informative only)
This update is currently being pushed to the Fedora 21 stable updates repository.
This update has been pushed to stable
had 2 systems that refused to start after the upgrade. It hangs on "a start job is running for notify nfs peers of a restart". This would be the rpc-statd-notify.service. Booting with a live CD and manually symlinking /etc/systemd/system/rpc-statd-notify.service to /dev/null works. On both systems the yum update initially hung as well (on restart nfs-client-target).
Same problem as freddyw, system boot hangs with "starting notify nfs users of a restart"
nfs-utils-1.3.1-5.0.fc21 bugfix update is now available that fixes the boot hang. https://admin.fedoraproject.org/updates/nfs-utils?_csrf_token=e31ce8ffefe1390f57bca7dd4055bc5fccabca0c