NFS mounts dissapearing
Sean Bruno
sean.bruno at dsl-only.net
Thu Jan 29 13:53:45 PST 2009
On Thu, 2009-01-29 at 17:20 +0200, Jaakko Heinonen wrote:
> On 2009-01-29, Jaakko Heinonen wrote:
> > > > It appears to me that TCP connections to remote nfsd use a
> > > > privileged source port initially,
> > > > but if the connection is severed and reestablished later the source
> > > > port is no longer < 1024. Client is -CURRENT, server is solaris with
> > > > nfssrv:nfs_portmon=1.
> >
> > Indeed it looks like the new RPC code (I didn't verify that the old
> > works though) doesn't honour the resvport mount option on reconnects.
>
> I think I found the bug. The new RPC code doesn't properly elevate
> privileges before bindresvport() call in clnt_reconnect_connect(). For
> initial connection bindresvport() succeeds because the process has
> elevated privileges at that time.
>
> Does this patch fix the problem for you?
>
> %%%
> Index: sys/rpc/clnt_rc.c
> ===================================================================
> --- sys/rpc/clnt_rc.c (revision 187877)
> +++ sys/rpc/clnt_rc.c (working copy)
> @@ -181,11 +181,12 @@ again:
> rpc_createerr.cf_error.re_errno = 0;
> goto out;
> }
> - if (rc->rc_privport)
> - bindresvport(so, NULL);
>
> oldcred = td->td_ucred;
> td->td_ucred = rc->rc_ucred;
> + if (rc->rc_privport)
> + bindresvport(so, NULL);
> +
> if (rc->rc_nconf->nc_semantics == NC_TPI_CLTS)
> rc->rc_client = clnt_dg_create(so,
> (struct sockaddr *) &rc->rc_addr, rc->rc_prog, rc->rc_vers,
> %%%
>
Yes. This patch resolves my issues. Thanks for the quick fix!
Commit!
Sean Bruno
More information about the freebsd-current
mailing list