current-users: Re: two nfs questions

Subject: Re: two nfs questions
To: Dave McGuire <mcguire@rocinante.digex.net>
From: Ken Hornstein <kenh@entropic.com>
List: current-users
Date: 10/14/1994 11:40:22
>  First, at home.  I have 2 NetBSD/i386 boxes, spasmodica and boombox,
>both running 1.0_BETA.  I'm trying to mount spasmodica:/usr/src on
>boombox:/usr/src.  My exports line reads:
>
>/usr/src   -maproot=root boombox.neurotica.com
>
>  I execute this command:
>
>boombox% mount spasmodica:/usr/src /usr/src
>
>  which returns just fine.  However, if I try to do an `ls' of that
>directory, my session locks up.  It echoes ^C's but I can't interrupt
>the `ls'.  I can establish other sessions just fine.  A `df' does the
>same thing; just hangs.

Do you get any "nfs server not responding" messages?  I hate to sound dumb, but
are you running nfsd's (no doubt you are, but I had to ask)?  This puzzles me,
as I did this for a while at home without any problems.  I assume the kernels
are built with NFSSERVER & NFSCLIENT?

>  The other one is at the office.  There's a NetBSD/sparc 1.0_BETA
>machine there, hairball.  My system, rocinante, is running SunOS4.1.3.
>I have /usr/local exported from rocinante to hairball with root
>enabled.  I do:
>
>hairball% mount rocinante:/usr/local /mnt
>
>  which comes back just fine.  rocinante's filesystem doesn't show up
>in a `df' display, but it *does* show up properly in a `mount'
>display.  If I try an `ls' or anything else to access that directory
>on hairball, I get `permission denied' on hairball and this message in
>/var/adm/messages on rocinante:
>
>Oct 14 04:35:34 rocinante vmunix: NFS request from unprivileged port.
>Oct 14 04:35:34 rocinante vmunix: nfs_server: weak authentication, source IP a
>ddress=164.109.20.27
>
>  The 164.109.20.27 machine is hairball.  Here's the wierd part:
>another machine on the same network, ss1, has filesystems exported to
>hairball that I can mount, umount, and *access* all day with no
>problem at all.  I've gone over EVERYTHING.  As far as I can tell,
>their configurations are identical.  I see what I expect to see in a
>`showmount -e rocinante' from hairball, as well.  The same exact thing
>happens with a 486 running BSDI.

Is it possible that rocinante has NFS port checking turned on?  From the
standard Sun rc.local:

if [ -f /etc/exports ]; then
        > /etc/xtab
        exportfs -a
        nfsd 8 &                echo -n ' nfsd'
        if [ -f /etc/security/passwd.adjunct ]; then
                # Warning! Turning on port checking may deny access to
                # older versions (pre-3.0) of NFS clients.
                rpc.mountd
                echo "nfs_portmon/W1" | adb -w /vmunix /dev/kmem >/dev/null 2>&1
        else
                rpc.mountd -n
        fi
fi

So perhaps you are running rpc.mountd without the -n?  I believe there is an
option to the NetBSD mount command that makes it use a priviledged port.

--Ken