My nfs-server not working since last update

Support Network
,
1

Without having modified anything, I can’t mount the shares. On the clients:

[wibol@escritorio ~]$ showmount -e 192.168.1.2
rpc mount export: RPC: Unable to receive; errno = Connection refused

[wibol@escritorio ~]$ sudo mount -t nfs -o vers=4 192.168.1.2:/srv/nfs/Archivo /mnt/nfs/nas/archivo/
mount.nfs: access denied by server while mounting 192.168.1.2:/srv/nfs/Archivo

[wibol@escritorio ~]$ sudo mount -t nfs -o vers=3 192.168.1.2:/srv/nfs/Archivo /mnt/nfs/nas/archivo/
mount.nfs: Connection refused

On the server:


[wibol@servidor ~]$ sudo systemctl status rpc-gssd
○ rpc-gssd.service - RPC security service for NFS client and server
     Loaded: loaded (/usr/lib/systemd/system/rpc-gssd.service; static)
     Active: inactive (dead)
  Condition: start condition failed at Sat 2021-08-07 16:39:09 CEST; 44min ago
             └─ ConditionPathExists=/etc/krb5.keytab was not met

ago 07 09:29:53 sub.domain.tld systemd[1]: Condition check resulted in RPC security service for NFS client and server being skipped.
ago 07 16:25:05 sub.domain.tld systemd[1]: Condition check resulted in RPC security service for NFS client and server being skipped.
ago 07 16:25:17 sub.domain.tld systemd[1]: Condition check resulted in RPC security service for NFS client and server being skipped.
ago 07 16:26:25 sub.domain.tld systemd[1]: Condition check resulted in RPC security service for NFS client and server being skipped.
ago 07 16:27:30 sub.domain.tld systemd[1]: Condition check resulted in RPC security service for NFS client and server being skipped.
ago 07 16:30:35 sub.domain.tld systemd[1]: Condition check resulted in RPC security service for NFS client and server being skipped.
ago 07 16:37:13 sub.domain.tld systemd[1]: Condition check resulted in RPC security service for NFS client and server being skipped.
ago 07 16:37:39 sub.domain.tld systemd[1]: Condition check resulted in RPC security service for NFS client and server being skipped.
ago 07 16:39:01 sub.domain.tld systemd[1]: Condition check resulted in RPC security service for NFS client and server being skipped.
ago 07 16:39:09 sub.domain.tld systemd[1]: Condition check resulted in RPC security service for NFS client and server being skipped.

[wibol@servidor ~]$ sudo systemctl status nfs-server
● nfs-server.service - NFS server and services
     Loaded: loaded (/usr/lib/systemd/system/nfs-server.service; enabled; vendor preset: disabled)
    Drop-In: /run/systemd/generator/nfs-server.service.d
             └─order-with-mounts.conf
     Active: active (exited) since Sat 2021-08-07 16:39:01 CEST; 44min ago
    Process: 52623 ExecStartPre=/usr/sbin/exportfs -r (code=exited, status=0/SUCCESS)
    Process: 52624 ExecStart=/usr/sbin/rpc.nfsd (code=exited, status=0/SUCCESS)
   Main PID: 52624 (code=exited, status=0/SUCCESS)
        CPU: 9ms

ago 07 16:39:01 sub.domain.tld systemd[1]: Starting NFS server and services...
ago 07 16:39:01 sub.domain.tld systemd[1]: Finished NFS server and services.

I have never used Kerberos but now it looks for the “/etc/krb5.keymap” file. This is my server information:


[wibol@servidor ~]$ inxi --admin --verbosity=7 --filter --no-host --width
System:
  Kernel: 4.19.198-1-MANJARO x86_64 bits: 64 compiler: gcc v: 11.1.0 
  parameters: BOOT_IMAGE=/boot/vmlinuz-4.19-x86_64 
  root=UUID=ba620412-4d59-4f0f-bfba-af855ee197bb rw quiet apparmor=1 
  security=apparmor udev.log_priority=3 
  Desktop: Xfce 4.16.0 tk: Gtk 3.24.29 info: xfce4-panel wm: xfwm 4.16.1 vt: 7 
  dm: LightDM 1.30.0 Distro: Manjaro Linux base: Arch Linux 
Machine:
  Type: Desktop Mobo: ASRock model: G31M-GS serial: <filter> 
  BIOS: American Megatrends v: P1.40 date: 02/05/2009 
Battery:
  Message: No system battery data found. Is one present? 
Memory:
  RAM: total: 7.79 GiB used: 1.64 GiB (21.0%) 
  RAM Report: permissions: Unable to run dmidecode. Root privileges required. 
CPU:
  Info: Dual Core model: Intel Core2 Duo E8600 bits: 64 type: MCP arch: Penryn 
  family: 6 model-id: 17 (23) stepping: A (10) microcode: A0B cache: L2: 6 MiB 
  bogomips: 13109 
  Speed: 1966 MHz min/max: 2003/3336 MHz Core speeds (MHz): 1: 1966 2: 1966 
  Flags: acpi aperfmperf apic arch_perfmon bts clflush cmov constant_tsc cpuid 
  cx16 cx8 de ds_cpl dtes64 dtherm dts est flexpriority fpu fxsr ht lahf_lm lm 
  mca mce mmx monitor msr mtrr nopl nx pae pat pbe pdcm pebs pge pni pse pse36 
  pti rep_good sep smx ss sse sse2 sse4_1 ssse3 syscall tm tm2 tpr_shadow tsc 
  vme vmx vnmi xsave xtpr 
  Vulnerabilities: Type: itlb_multihit status: KVM: Split huge pages 
  Type: l1tf mitigation: PTE Inversion; VMX: EPT disabled 
  Type: mds 
  status: Vulnerable: Clear CPU buffers attempted, no microcode; SMT disabled 
  Type: meltdown mitigation: PTI 
  Type: spec_store_bypass status: Vulnerable 
  Type: spectre_v1 
  mitigation: usercopy/swapgs barriers and __user pointer sanitization 
  Type: spectre_v2 
  mitigation: Full generic retpoline, STIBP: disabled, RSB filling 
  Type: srbds status: Not affected 
  Type: tsx_async_abort status: Not affected 
Graphics:
  Device-1: NVIDIA GK208B [GeForce GT 710] vendor: ASUSTeK GT710-SL-1GD5 
  driver: nvidia v: 470.57.02 alternate: nouveau,nvidia_drm bus-ID: 04:00.0 
  chip-ID: 10de:128b class-ID: 0300 
  Display: x11 server: X.Org 1.20.11 compositor: xfwm4 v: 4.16.1 driver: 
  loaded: nvidia display-ID: :0.0 screens: 1 
  Screen-1: 0 s-res: 1280x720 s-dpi: 96 s-size: 339x191mm (13.3x7.5") 
  s-diag: 389mm (15.3") 
  Monitor-1: HDMI-0 res: 1280x720 hz: 60 dpi: 52 size: 621x341mm (24.4x13.4") 
  diag: 708mm (27.9") 
  OpenGL: renderer: NVIDIA GeForce GT 710/PCIe/SSE2 v: 4.6.0 NVIDIA 470.57.02 
  direct render: Yes 
Audio:
  Device-1: Intel NM10/ICH7 Family High Definition Audio vendor: ASRock 
  driver: snd_hda_intel v: kernel bus-ID: 00:1b.0 chip-ID: 8086:27d8 
  class-ID: 0403 
  Device-2: NVIDIA GK208 HDMI/DP Audio vendor: ASUSTeK driver: snd_hda_intel 
  v: kernel bus-ID: 04:00.1 chip-ID: 10de:0e0f class-ID: 0403 
  Sound Server-1: ALSA v: k4.19.198-1-MANJARO running: yes 
  Sound Server-2: JACK v: 1.9.19 running: no 
  Sound Server-3: PulseAudio v: 14.2 running: yes 
  Sound Server-4: PipeWire v: 0.3.32 running: no 
Network:
  Device-1: Realtek RTL8111/8168/8411 PCI Express Gigabit Ethernet 
  vendor: ASRock driver: r8169 v: kernel port: d800 bus-ID: 01:00.0 
  chip-ID: 10ec:8168 class-ID: 0200 
  IF: enp1s0 state: up speed: 1000 Mbps duplex: full mac: <filter> 
  IP v4: <filter> type: noprefixroute scope: global broadcast: <filter> 
  IP v6: <filter> type: noprefixroute scope: link 
  IF-ID-1: docker0 state: down mac: <filter> 
  IP v4: <filter> scope: global broadcast: <filter> 
  WAN IP: <filter> 
Bluetooth:
  Message: No bluetooth data found. 
Logical:
  Message: No logical block device data found. 
RAID:
  Message: No RAID data found. 
Drives:
  Local Storage: total: 2.05 TiB used: 277.44 GiB (13.2%) 
  SMART Message: Required tool smartctl not installed. Check --recommends 
  ID-1: /dev/sda maj-min: 8:0 vendor: Samsung model: SSD 850 EVO 250GB 
  size: 232.88 GiB block-size: physical: 512 B logical: 512 B speed: <unknown> 
  type: SSD serial: <filter> rev: 2B6Q scheme: GPT 
  ID-2: /dev/sdb maj-min: 8:16 vendor: Western Digital model: WD20EZRZ-00Z5HB0 
  size: 1.82 TiB block-size: physical: 4096 B logical: 512 B speed: <unknown> 
  type: HDD rpm: 5400 serial: <filter> rev: 0A80 scheme: GPT 
  Optical-1: /dev/sr0 vendor: HL-DT-ST model: DVD-ROM GDR8164B rev: 0L06 
  dev-links: cdrom 
  Features: speed: 52 multisession: yes audio: yes dvd: yes rw: none 
  state: running 
Partition:
  ID-1: / raw-size: 30 GiB size: 29.4 GiB (98.01%) used: 18.6 GiB (63.3%) 
  fs: ext4 dev: /dev/sda2 maj-min: 8:2 label: Manjaro 
  uuid: ba620412-4d59-4f0f-bfba-af855ee197bb 
  ID-2: /home raw-size: 40 GiB size: 39.12 GiB (97.81%) 
  used: 21.25 GiB (54.3%) fs: ext4 dev: /dev/sda3 maj-min: 8:3 
  label: Manjaro Home uuid: 46b679f6-fb65-47a1-aa54-004640321dfd 
  ID-3: /mnt/Archivo raw-size: 1.82 TiB size: 1.79 TiB (98.42%) 
  used: 237.59 GiB (13.0%) fs: ext4 dev: /dev/sdb1 maj-min: 8:17 
  label: Archivo uuid: 18170d19-0e7b-44de-ac37-4e40dca255d5 
Swap:
  Alert: No swap data was found. 
Unmounted:
  Message: No unmounted partitions found. 
USB:
  Hub-1: 1-0:1 info: Full speed (or root) Hub ports: 8 rev: 2.0 
  speed: 480 Mb/s chip-ID: 1d6b:0002 class-ID: 0900 
  Hub-2: 2-0:1 info: Full speed (or root) Hub ports: 2 rev: 1.1 speed: 12 Mb/s 
  chip-ID: 1d6b:0001 class-ID: 0900 
  Device-1: 2-1:2 info: Logitech MK260 Wireless Combo Receiver 
  type: Keyboard,Mouse driver: hid-generic,usbhid interfaces: 2 rev: 2.0 
  speed: 12 Mb/s power: 98mA chip-ID: 046d:c52e class-ID: 0301 
  Hub-3: 3-0:1 info: Full speed (or root) Hub ports: 2 rev: 1.1 speed: 12 Mb/s 
  chip-ID: 1d6b:0001 class-ID: 0900 
  Hub-4: 4-0:1 info: Full speed (or root) Hub ports: 2 rev: 1.1 speed: 12 Mb/s 
  chip-ID: 1d6b:0001 class-ID: 0900 
  Hub-5: 5-0:1 info: Full speed (or root) Hub ports: 2 rev: 1.1 speed: 12 Mb/s 
  chip-ID: 1d6b:0001 class-ID: 0900 
Sensors:
  System Temperatures: cpu: 47.0 C mobo: N/A gpu: nvidia temp: 54 C 
  Fan Speeds (RPM): N/A 
Info:
  Processes: 182 Uptime: 18h 27m wakeups: 0 Init: systemd v: 248 
  tool: systemctl Compilers: gcc: 11.1.0 Packages: pacman: 1262 lib: 395 
  flatpak: 0 Shell: Bash v: 5.1.8 running-in: xfce4-terminal inxi: 3.3.06

Creating an empty file “/etc/krb5.keytab” doesn’t work either, but the “rpc-gssd” service stops giving error.

Thanks.

2

  1. Have you integrated any .pacnew NFS config files?

  2. What are the contents of:

    /etc/exports
    /etc/sysconfig/nfs

:thinking:

3

Thank you for replying:

I didn’t know about .pacnew files until this moment, so the answer is no. This is the list of .pacnew and .pacsave files in my /etc directory:

[wibol@servidor ~]$ find /etc -regextype posix-extended -regex ".+\.pac(new|save)" 2> /dev/null
/etc/fonts/fonts.conf.pacnew
/etc/shadow.pacnew
/etc/security/limits.d/10-gcr.conf.pacnew
/etc/default/grub.pacnew
/etc/systemd/homed.conf.pacnew
/etc/pamac.conf.pacnew
/etc/mkinitcpio.d/linux54.preset.pacsave
/etc/mkinitcpio.d/linux510.preset.pacsave
/etc/mkinitcpio.d/linux49.preset.pacsave
/etc/mkinitcpio.d/linux44.preset.pacsave
/etc/locale.gen.pacnew
/etc/pacman.conf.pacnew
/etc/sane.d/canon_lide70.conf.pacnew
/etc/sane.d/dll.conf.pacnew
/etc/sane.d/escl.conf.pacnew
/etc/xinetd.d/sane.pacsave
/etc/mkinitcpio.conf.pacnew
/etc/cups/cupsd.conf.pacnew

The contents of /etc/exports:


[wibol@servidor ~]$ cat /etc/exports
# /etc/exports - exports(5) - directories exported to NFS clients
#
# Example for NFSv2 and NFSv3:
#  /srv/home        hostname1(rw,sync) hostname2(ro,sync)
# Example for NFSv4:
#  /srv/nfs4	    hostname1(rw,sync,fsid=0)
#  /srv/nfs4/home   hostname1(rw,sync,nohide)
# Using Kerberos and integrity checking:
#  /srv/nfs4        *(rw,sync,sec=krb5i,fsid=0)
#  /srv/nfs4/home   *(rw,sync,sec=krb5i,nohide)
#
# Use `exportfs -arv` to reload.
/srv/nfs/Archivo 192.168.1.0/24(rw,sync,no_subtree_check)

The /etc/sysconfig directory does not exist on my system.

4

Firewall is disabled on server and this is the ports list for NFS:


[wibol@servidor ~]$ sudo rpcinfo -p
   program vers proto   port  service
    100000    4   tcp    111  portmapper
    100000    3   tcp    111  portmapper
    100000    2   tcp    111  portmapper
    100000    4   udp    111  portmapper
    100000    3   udp    111  portmapper
    100000    2   udp    111  portmapper
    100005    1   udp  20048  mountd
    100005    1   tcp  20048  mountd
    100024    1   udp  48292  status
    100024    1   tcp  58609  status
    100005    2   udp  20048  mountd
    100005    2   tcp  20048  mountd
    100005    3   udp  20048  mountd
    100005    3   tcp  20048  mountd
    100003    3   tcp   2049  nfs
    100003    4   tcp   2049  nfs
    100227    3   tcp   2049  nfs_acl
    100021    1   udp  34054  nlockmgr
    100021    3   udp  34054  nlockmgr
    100021    4   udp  34054  nlockmgr
    100021    1   tcp  36985  nlockmgr
    100021    3   tcp  36985  nlockmgr
    100021    4   tcp  36985  nlockmgr

It seems to be an access list:

100227 3 tcp 2049 nfs_acl

It seems that “/etc/sysconfig” has been deprecated in favor of “/etc/nfs.conf”. This may be what you were looking for:

#
# This is a general configuration for the
# NFS daemons and tools
#
[general]
# pipefs-directory=/var/lib/nfs/rpc_pipefs
#
[exports]
# rootdir=/export
#
[exportfs]
# debug=0
#
[gssd]
# verbosity=0
# rpc-verbosity=0
# use-memcache=0
# use-machine-creds=1
# use-gss-proxy=0
# avoid-dns=1
# limit-to-legacy-enctypes=0
# context-timeout=0
# rpc-timeout=5
# keytab-file=/etc/krb5.keytab
# cred-cache-directory=
# preferred-realm=
# set-home=1
# upcall-timeout=30
# cancel-timed-out-upcalls=0
#
[lockd]
# port=0
# udp-port=0
#
[exportd]
# debug="all|auth|call|general|parse"
# manage-gids=n
# state-directory-path=/var/lib/nfs
# threads=1
# cache-use-ipaddr=n
# ttl=1800
[mountd]
# debug="all|auth|call|general|parse"
# manage-gids=n
# descriptors=0
# port=0
# threads=1
# reverse-lookup=n
# state-directory-path=/var/lib/nfs
# ha-callout=
# cache-use-ipaddr=n
# ttl=1800
#
[nfsdcld]
# debug=0
# storagedir=/var/lib/nfs/nfsdcld
#
[nfsdcltrack]
# debug=0
# storagedir=/var/lib/nfs/nfsdcltrack
#
[nfsd]
# debug=0
# threads=8
# host=
# port=0
# grace-time=90
# lease-time=90
# udp=n
# tcp=y
# vers2=n
# vers3=y
# vers4=y
# vers4.0=y
# vers4.1=y
# vers4.2=y
rdma=y
rdma-port=20049

[statd]
# debug=0
# port=0
# outgoing-port=0
# name=
# state-directory-path=/var/lib/nfs/statd
# ha-callout=
# no-notify=0
#
[sm-notify]
# debug=0
# force=0
# retry-time=900
# outgoing-port=
# outgoing-addr=
# lift-grace=y
#
[svcgssd]
# principal=
5

Please integrate them.

That was going to be my next question, and the answer is the same as the above:

Please integrate etc/sysconfig into /etc/nfs.conf

:crossed_fingers:

6

A titanic task for a Sunday! I have integrated most of the .pacnew files, but I have left a few for another day that don’t seem to be related to the problem (maybe I’m wrong):

$ sudo find /etc -regextype posix-extended -regex ".+\.pac(new|save)" 2> /dev/null
/etc/fonts/fonts.conf.pacnew
/etc/sane.d/canon_lide70.conf.pacnew
/etc/sane.d/dll.conf.pacnew
/etc/sane.d/escl.conf.pacnew

I have restarted the server and the clients and I still can’t mount the shares and the rpc-gssd service error regarding the non-existence of “/etc/krb5.keytab”.


$ sudo systemctl status rpc-gssd
○ rpc-gssd.service - RPC security service for NFS client and server
     Loaded: loaded (/usr/lib/systemd/system/rpc-gssd.service; static)
     Active: inactive (dead)
  Condition: start condition failed at Sun 2021-08-08 19:18:55 CEST; 15min ago
             └─ ConditionPathExists=/etc/krb5.keytab was not met

ago 08 19:18:55 servidor.wibol.eu systemd[1]: Condition check resulted in RPC security service for NFS client and server being skipped.

Please integrate etc/sysconfig into /etc/nfs.conf

The directory “/etc/sysconfig” does not exist on my system.

7

This is not a problem unless you use Kerberos. The rpc-gssd is completely useless and can be ignored for normal NFS without Kerberos.

Since I use only NFSv4 I can’t really help you with your NFSv3 problem.

Did you changed any options in /etc/nfs.conf and in /etc/nfsmount.conf on the clients?

1 Like
8

No. I just installed the pending updates on the server. Mounting on the clients was done on demand from “fstab”.

1 Like
9

I finally found the solution! It was enough to install a new kernel (5.4.135-1-MANJARO x86_64) to get everything automatically working again.

In /var/log/pacman.log I found:

[2021-08-06T18:30:08+0200] [ALPM] upgraded linux419 (4.19.192-1 -> 4.19.198-1)

So I guess the latter is guilty of everything.

Thanks.

1 Like
10

The problem also affects kernel 4.14. The only one that works is 5.4 even though I updated all kernels today.

11

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.