[Bug 234106] nfsv4 server ignores nfs_reserved_port_only="YES"
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Mon Dec 17 20:21:16 UTC 2018
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=234106
Bug ID: 234106
Summary: nfsv4 server ignores nfs_reserved_port_only="YES"
Product: Base System
Version: 11.2-RELEASE
Hardware: amd64
OS: Any
Status: New
Severity: Affects Many People
Priority: ---
Component: misc
Assignee: bugs at FreeBSD.org
Reporter: chaz.newton58 at gmail.com
The NFSv4 server seems to be ignoring the vfs.nfsd.nfs_privport sysctl setting.
When I set either vfs.nfsd.nfs_privport=1 sysctl and/or
nfs_reserved_port_only="YES" in rc.conf, I am not denied when using an
unprivileged port from a NAT'ed VM, but AM successfully denied when using the
NFSv3 export.
The pertinent section of /etc/rc.conf on the server looks like this:
-----------
zfs_enable="YES"
rpcbind_enable="YES"
rpc_lockd_enable="YES"
rpc_lockd_flags="-d 1"
rpc_statd_enable="YES"
rpc_statd_flags="-d"
mountd_enable="YES"
mountd_flags="-S -r -p 619"
nfs_client_enable="YES"
nfs_access_cache="60"
nfs_server_enable="YES"
nfs_server_flags="-u -t -n 256"
nfs_server_managegids="YES"
nfs_reserved_port_only="YES"
nfs_bufpackets="5"
nfsv4_server_enable="YES"
nfsuserd_enable="YES"
------------
/etc/exports:
------------
V4: /data moo.cow.com
/data/test -alldirs -maproot=nobody moo.cow.com
------------
Output in /var/log/messages from unsuccessful nfs3 mount:
------------
Dec 17 18:40:55 meow mountd[56740]: mount request from 10.10.10.18 from
unprivileged port
------------
I happened to stumble on this inconsistency while evaluating the use of NAT'ed
virtual machines on our Linux clients.
Is this a bug, or a mis-configuration on my part? I'm leaning toward bug, as
it DOES work with the NFS3 mounts.
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-bugs
mailing list