kern/147940: mounting >1k TCP-NFS mounts fails
Robert Schulze
rs at bytecamp.net
Thu Jun 17 12:50:03 UTC 2010
>Number: 147940
>Category: kern
>Synopsis: mounting >1k TCP-NFS mounts fails
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Thu Jun 17 12:50:03 UTC 2010
>Closed-Date:
>Last-Modified:
>Originator: Robert Schulze
>Release: 7.1-RELEASE-p11
>Organization:
>Environment:
FreeBSD XXXXX 7.1-RELEASE-p11 FreeBSD 7.1-RELEASE-p11 #5: Tue Mar 2 12:44:28 CET 2010 root at XXXXX:/usr/obj/usr/src/sys/XXXXX amd64
>Description:
Having >1k mountpoints in fstab, mount -a fails after the 212th mountpoint with the following message:
"RPCPROG_MNT: RPC: Authentication error; why = Client credential too weak"
All mountpoints are mounted with:
rw,soft,noatime,-N,-T,noinet6,-r=8192,-w=8192
Ommitting the -T flag and so using UDP mounts, everything is OK as long as -N is given, otherwise even UDP mounts fail.
The Server is FreeBSD-8.0, exporting >1k ZFS mountpoints.
In /var/log/messages, there is the following hint
"mount request from XXXXX from unprivileged port"
As mountd(8) says, one may set vfs.nfsrv.nfs_privport to 0, but could that expose a security risk?
>How-To-Repeat:
create /etc/fstab with a large number of NFS mounts
$ mount -a
>Fix:
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list